From a1fae1cc1fd2670269e8ee94e89e3c6c0e05b580 Mon Sep 17 00:00:00 2001
From: David Rutqvist <david.rutqvist@bnearit.se>
Date: Sun, 9 Oct 2016 15:29:03 +0200
Subject: [PATCH 001/863] Made autocomplete for new job case-insensitive

---
 .../main/java/hudson/model/AutoCompletionCandidates.java  | 8 +++++---
 core/src/main/java/hudson/model/ComputerSet.java          | 2 +-
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/core/src/main/java/hudson/model/AutoCompletionCandidates.java b/core/src/main/java/hudson/model/AutoCompletionCandidates.java
index 0373b552bb..719b050a76 100644
--- a/core/src/main/java/hudson/model/AutoCompletionCandidates.java
+++ b/core/src/main/java/hudson/model/AutoCompletionCandidates.java
@@ -118,16 +118,18 @@ public class AutoCompletionCandidates implements HttpResponse {
             @Override
             public void onItem(Item i) {
                 String n = contextualNameOf(i);
-                if ((n.startsWith(value) || value.startsWith(n))
+                String lowerCaseN = n.toLowerCase();
+                String lowerCaseValue = value.toLowerCase();
+                if ((lowerCaseN.startsWith(lowerCaseValue) || lowerCaseValue.startsWith(lowerCaseN))
                     // 'foobar' is a valid candidate if the current value is 'foo'.
                     // Also, we need to visit 'foo' if the current value is 'foo/bar'
-                 && (value.length()>n.length() || !n.substring(value.length()).contains("/"))
+                 && (lowerCaseValue.length()>lowerCaseN.length() || !lowerCaseN.substring(lowerCaseValue.length()).contains("/"))
                     // but 'foobar/zot' isn't if the current value is 'foo'
                     // we'll first show 'foobar' and then wait for the user to type '/' to show the rest
                  && i.hasPermission(Item.READ)
                     // and read permission required
                 ) {
-                    if (type.isInstance(i) && n.startsWith(value))
+                    if (type.isInstance(i) && lowerCaseN.startsWith(lowerCaseValue))
                         candidates.add(n);
 
                     // recurse
diff --git a/core/src/main/java/hudson/model/ComputerSet.java b/core/src/main/java/hudson/model/ComputerSet.java
index 89ed31f289..6e7e0af9df 100644
--- a/core/src/main/java/hudson/model/ComputerSet.java
+++ b/core/src/main/java/hudson/model/ComputerSet.java
@@ -388,7 +388,7 @@ public final class ComputerSet extends AbstractModelObject implements Describabl
             final AutoCompletionCandidates r = new AutoCompletionCandidates();
 
             for (Node n : Jenkins.getInstance().getNodes()) {
-                if (n.getNodeName().startsWith(value))
+                if (n.getNodeName().toLowerCase().contains(value.toLowerCase()))
                     r.add(n.getNodeName());
             }
 
-- 
GitLab


From c8f5dcf21feae1bc6b1b9f6364480c90bf73a08e Mon Sep 17 00:00:00 2001
From: David Rutqvist <david.rutqvist@bnearit.se>
Date: Tue, 11 Oct 2016 16:03:10 +0200
Subject: [PATCH 002/863] Revert "Made autocomplete for new job
 case-insensitive"

This reverts commit a1fae1cc1fd2670269e8ee94e89e3c6c0e05b580.
---
 .../main/java/hudson/model/AutoCompletionCandidates.java  | 8 +++-----
 core/src/main/java/hudson/model/ComputerSet.java          | 2 +-
 2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/core/src/main/java/hudson/model/AutoCompletionCandidates.java b/core/src/main/java/hudson/model/AutoCompletionCandidates.java
index 719b050a76..0373b552bb 100644
--- a/core/src/main/java/hudson/model/AutoCompletionCandidates.java
+++ b/core/src/main/java/hudson/model/AutoCompletionCandidates.java
@@ -118,18 +118,16 @@ public class AutoCompletionCandidates implements HttpResponse {
             @Override
             public void onItem(Item i) {
                 String n = contextualNameOf(i);
-                String lowerCaseN = n.toLowerCase();
-                String lowerCaseValue = value.toLowerCase();
-                if ((lowerCaseN.startsWith(lowerCaseValue) || lowerCaseValue.startsWith(lowerCaseN))
+                if ((n.startsWith(value) || value.startsWith(n))
                     // 'foobar' is a valid candidate if the current value is 'foo'.
                     // Also, we need to visit 'foo' if the current value is 'foo/bar'
-                 && (lowerCaseValue.length()>lowerCaseN.length() || !lowerCaseN.substring(lowerCaseValue.length()).contains("/"))
+                 && (value.length()>n.length() || !n.substring(value.length()).contains("/"))
                     // but 'foobar/zot' isn't if the current value is 'foo'
                     // we'll first show 'foobar' and then wait for the user to type '/' to show the rest
                  && i.hasPermission(Item.READ)
                     // and read permission required
                 ) {
-                    if (type.isInstance(i) && lowerCaseN.startsWith(lowerCaseValue))
+                    if (type.isInstance(i) && n.startsWith(value))
                         candidates.add(n);
 
                     // recurse
diff --git a/core/src/main/java/hudson/model/ComputerSet.java b/core/src/main/java/hudson/model/ComputerSet.java
index 6e7e0af9df..89ed31f289 100644
--- a/core/src/main/java/hudson/model/ComputerSet.java
+++ b/core/src/main/java/hudson/model/ComputerSet.java
@@ -388,7 +388,7 @@ public final class ComputerSet extends AbstractModelObject implements Describabl
             final AutoCompletionCandidates r = new AutoCompletionCandidates();
 
             for (Node n : Jenkins.getInstance().getNodes()) {
-                if (n.getNodeName().toLowerCase().contains(value.toLowerCase()))
+                if (n.getNodeName().startsWith(value))
                     r.add(n.getNodeName());
             }
 
-- 
GitLab


From 6b933bd383824e94f672b8e3bd66ed36f111a7a0 Mon Sep 17 00:00:00 2001
From: David Rutqvist <david.rutqvist@bnearit.se>
Date: Tue, 11 Oct 2016 16:38:23 +0200
Subject: [PATCH 003/863] Redid fix so it uses the user setting used by global
 search instead of defaulting to case-insensitive

---
 .../hudson/model/AutoCompletionCandidates.java  | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/hudson/model/AutoCompletionCandidates.java b/core/src/main/java/hudson/model/AutoCompletionCandidates.java
index 0373b552bb..57f79eae99 100644
--- a/core/src/main/java/hudson/model/AutoCompletionCandidates.java
+++ b/core/src/main/java/hudson/model/AutoCompletionCandidates.java
@@ -25,6 +25,7 @@
 package hudson.model;
 
 import hudson.search.Search;
+import hudson.search.UserSearchProperty;
 import jenkins.model.Jenkins;
 import org.kohsuke.stapler.HttpResponse;
 import org.kohsuke.stapler.StaplerRequest;
@@ -118,16 +119,26 @@ public class AutoCompletionCandidates implements HttpResponse {
             @Override
             public void onItem(Item i) {
                 String n = contextualNameOf(i);
-                if ((n.startsWith(value) || value.startsWith(n))
+                boolean caseInsensitive = UserSearchProperty.isCaseInsensitive();
+                
+                String hay = n;
+                String needle = value;
+                
+                if(caseInsensitive) {
+                	hay = hay.toLowerCase();
+                	needle = needle.toLowerCase();
+                }
+                
+                if ((hay.startsWith(needle) || needle.startsWith(hay))
                     // 'foobar' is a valid candidate if the current value is 'foo'.
                     // Also, we need to visit 'foo' if the current value is 'foo/bar'
-                 && (value.length()>n.length() || !n.substring(value.length()).contains("/"))
+                 && (needle.length()>hay.length() || !hay.substring(needle.length()).contains("/"))
                     // but 'foobar/zot' isn't if the current value is 'foo'
                     // we'll first show 'foobar' and then wait for the user to type '/' to show the rest
                  && i.hasPermission(Item.READ)
                     // and read permission required
                 ) {
-                    if (type.isInstance(i) && n.startsWith(value))
+                    if (type.isInstance(i) && hay.startsWith(needle))
                         candidates.add(n);
 
                     // recurse
-- 
GitLab


From 9fee6cc3f0d2240b8e23b447318fde36b5e0eb8e Mon Sep 17 00:00:00 2001
From: David Rutqvist <david.rutqvist@bnearit.se>
Date: Tue, 11 Oct 2016 16:54:29 +0200
Subject: [PATCH 004/863] [FIXED JENKINS-38812] Commented on the
 implementation. Uses the same setting as used globally

---
 .../main/java/hudson/model/AutoCompletionCandidates.java    | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/model/AutoCompletionCandidates.java b/core/src/main/java/hudson/model/AutoCompletionCandidates.java
index 57f79eae99..f410633441 100644
--- a/core/src/main/java/hudson/model/AutoCompletionCandidates.java
+++ b/core/src/main/java/hudson/model/AutoCompletionCandidates.java
@@ -119,7 +119,11 @@ public class AutoCompletionCandidates implements HttpResponse {
             @Override
             public void onItem(Item i) {
                 String n = contextualNameOf(i);
-                boolean caseInsensitive = UserSearchProperty.isCaseInsensitive();
+                
+                //Check user's setting on whether to do case sensitive comparison, configured in user -> configure
+                //This is the same setting that is used by the global search field, should be consistent throughout
+                //the whole application.
+                boolean caseInsensitive = UserSearchProperty.isCaseInsensitive(); 
                 
                 String hay = n;
                 String needle = value;
-- 
GitLab


From 9585f94cfc13cbc0289d6d7f4bfc9baf60f1333f Mon Sep 17 00:00:00 2001
From: mike cirioli <mcirioli@cloudbees.com>
Date: Fri, 8 Dec 2017 14:33:12 -0500
Subject: [PATCH 005/863] [oss-2590] updated dependencies to support move to
 xml 1.1

---
 core/pom.xml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/core/pom.xml b/core/pom.xml
index a4b053eee5..cdd4e104ff 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -240,6 +240,11 @@ THE SOFTWARE.
         </exclusion>
       </exclusions>
     </dependency>
+    <dependency>
+        <groupId>net.sf.kxml</groupId>
+        <artifactId>kxml2</artifactId>
+        <version>2.3.0</version>
+    </dependency>
     <dependency>
       <groupId>jfree</groupId>
       <artifactId>jfreechart</artifactId>
@@ -446,11 +451,6 @@ THE SOFTWARE.
       <artifactId>spring-aop</artifactId>
       <version>${spring.version}</version>
     </dependency>
-    <dependency>
-      <groupId>xpp3</groupId>
-      <artifactId>xpp3</artifactId>
-      <version>1.1.4c</version>
-    </dependency>
     <dependency>
       <groupId>junit</groupId>
       <artifactId>junit</artifactId>
-- 
GitLab


From 065b874a4784c5d0bcfd9731c0ad4139c5e61c78 Mon Sep 17 00:00:00 2001
From: t-hall <ithall@comcast.net>
Date: Thu, 16 Nov 2017 08:18:43 -0800
Subject: [PATCH 006/863] [JENKINS-34138] Fix maven installs from stepping on
 each other (#3042)

* [JENKINS-34138] Adding equals/hashCode methods so that installs don't step on each other

* [JENKINS-34138] Added issue reference to unit tests

* [JENKINS-34138] - changed the order of equals / hashcode

(cherry picked from commit d688c154907d17e75ea31067c8fc2525aa679584)
---
 core/src/main/java/hudson/tasks/Maven.java    | 21 +++++++
 .../src/test/java/hudson/tasks/MavenTest.java | 62 ++++++++++++-------
 2 files changed, 59 insertions(+), 24 deletions(-)

diff --git a/core/src/main/java/hudson/tasks/Maven.java b/core/src/main/java/hudson/tasks/Maven.java
index 61354ed1c1..c1e4a610fe 100644
--- a/core/src/main/java/hudson/tasks/Maven.java
+++ b/core/src/main/java/hudson/tasks/Maven.java
@@ -709,6 +709,27 @@ public class Maven extends Builder {
                 return ((MavenInstallation)obj).mavenHome;
             }
         }
+
+        @Override
+        public boolean equals(final Object o) {
+            if (this == o) return true;
+            if (o == null || getClass() != o.getClass()) return false;
+
+            final MavenInstallation that = (MavenInstallation) o;
+
+            if (getHome() != null ? !getHome().equals(that.getHome()) : that.getHome() != null) return false;
+            if (getName() != null ? !getName().equals(that.getName()) : that.getName() != null) return false;
+            return true;
+        }
+
+        @Override
+        public int hashCode() {
+            int result = getHome() != null ? getHome().hashCode() : 0;
+            result = 31 * result + (getName() != null ? getName().hashCode() : 0);
+            //result = 31 * result + (getProperties() != null ? getProperties().hashCode() : 0);
+            return result;
+        }
+
     }
 
     /**
diff --git a/test/src/test/java/hudson/tasks/MavenTest.java b/test/src/test/java/hudson/tasks/MavenTest.java
index 5b1c933a23..411f3d3434 100644
--- a/test/src/test/java/hudson/tasks/MavenTest.java
+++ b/test/src/test/java/hudson/tasks/MavenTest.java
@@ -23,50 +23,48 @@
  */
 package hudson.tasks;
 
+import com.gargoylesoftware.htmlunit.html.HtmlButton;
+import com.gargoylesoftware.htmlunit.html.HtmlForm;
+import com.gargoylesoftware.htmlunit.html.HtmlPage;
+import hudson.EnvVars;
 import hudson.model.Build;
+import hudson.model.Cause.LegacyCodeCause;
+import hudson.model.FreeStyleBuild;
 import hudson.model.FreeStyleProject;
-import jenkins.mvn.DefaultGlobalSettingsProvider;
-import jenkins.mvn.DefaultSettingsProvider;
-import jenkins.mvn.FilePathGlobalSettingsProvider;
-import jenkins.mvn.FilePathSettingsProvider;
-import jenkins.mvn.GlobalMavenConfig;
 import hudson.model.JDK;
+import hudson.model.ParametersAction;
 import hudson.model.ParametersDefinitionProperty;
+import hudson.model.PasswordParameterDefinition;
 import hudson.model.Result;
 import hudson.model.StringParameterDefinition;
-import hudson.model.ParametersAction;
 import hudson.model.StringParameterValue;
-import hudson.model.Cause.LegacyCodeCause;
 import hudson.slaves.EnvironmentVariablesNodeProperty;
 import hudson.slaves.EnvironmentVariablesNodeProperty.Entry;
 import hudson.tasks.Maven.MavenInstallation;
-import hudson.tasks.Maven.MavenInstaller;
 import hudson.tasks.Maven.MavenInstallation.DescriptorImpl;
+import hudson.tasks.Maven.MavenInstaller;
+import hudson.tools.InstallSourceProperty;
 import hudson.tools.ToolProperty;
 import hudson.tools.ToolPropertyDescriptor;
-import hudson.tools.InstallSourceProperty;
 import hudson.util.DescribableList;
-
-import java.util.Collections;
-
-import javax.xml.transform.Source;
-import javax.xml.transform.stream.StreamSource;
-
-import com.gargoylesoftware.htmlunit.html.HtmlForm;
-import com.gargoylesoftware.htmlunit.html.HtmlPage;
-import com.gargoylesoftware.htmlunit.html.HtmlButton;
-import hudson.EnvVars;
-import hudson.model.FreeStyleBuild;
-import hudson.model.PasswordParameterDefinition;
-import org.jvnet.hudson.test.Issue;
-import static org.junit.Assert.*;
-
+import jenkins.mvn.DefaultGlobalSettingsProvider;
+import jenkins.mvn.DefaultSettingsProvider;
+import jenkins.mvn.FilePathGlobalSettingsProvider;
+import jenkins.mvn.FilePathSettingsProvider;
+import jenkins.mvn.GlobalMavenConfig;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.ExtractResourceSCM;
+import org.jvnet.hudson.test.Issue;
 import org.jvnet.hudson.test.JenkinsRule;
 import org.jvnet.hudson.test.ToolInstallations;
 
+import javax.xml.transform.Source;
+import javax.xml.transform.stream.StreamSource;
+import java.util.Collections;
+
+import static org.junit.Assert.*;
+
 /**
  * @author Kohsuke Kawaguchi
  */
@@ -356,4 +354,20 @@ public class MavenTest {
         assertTrue("Properties should always be injected, even when build variables injection is enabled",
                 log.contains("-DTEST_PROP1=VAL1") && log.contains("-DTEST_PROP2=VAL2"));
     }
+
+    @Issue("JENKINS-34138")
+    @Test public void checkMavenInstallationEquals() throws Exception {
+        MavenInstallation maven = ToolInstallations.configureMaven3();
+        MavenInstallation maven2 = ToolInstallations.configureMaven3();
+        assertEquals(maven.hashCode(), maven2.hashCode());
+        assertTrue(maven.equals(maven2));
+    }
+
+    @Issue("JENKINS-34138")
+    @Test public void checkMavenInstallationNotEquals() throws Exception {
+        MavenInstallation maven3 = ToolInstallations.configureMaven3();
+        MavenInstallation maven2 = ToolInstallations.configureDefaultMaven();
+        assertNotEquals(maven3.hashCode(), maven2.hashCode());
+        assertFalse(maven3.equals(maven2));
+    }
 }
-- 
GitLab


From 6be05b801454820caf3c6159185669f4392f25de Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sun, 26 Nov 2017 15:51:46 +0300
Subject: [PATCH 007/863] [JENKINS-48157] - Risk of NPE when migrating
 MyViewProperty without PrimaryView (#3156)

* [JENKINS-48157] - Reproduce the issue in test

* [JENKINS-48157] - Annotate and document nullness conditions in MyViewsProperty and ViewGroupMixIn

* [FIXED JENKINS-48157] - Prevent NPEs when using public API and when using null primaryViewName

* [JENKINS-48157] - Fix typo in Javadoc

(cherry picked from commit 211b57e8b002b4da92743dfac3a1b902835e7652)
---
 .../java/hudson/model/MyViewsProperty.java    | 25 ++++++++++++++---
 .../java/hudson/model/ViewGroupMixIn.java     | 27 +++++++++++++++----
 .../hudson/model/MyViewsPropertyTest.java     | 16 +++++++++++
 3 files changed, 59 insertions(+), 9 deletions(-)

diff --git a/core/src/main/java/hudson/model/MyViewsProperty.java b/core/src/main/java/hudson/model/MyViewsProperty.java
index 68ff6e2513..379b37d15d 100644
--- a/core/src/main/java/hudson/model/MyViewsProperty.java
+++ b/core/src/main/java/hudson/model/MyViewsProperty.java
@@ -39,6 +39,7 @@ import java.util.Collections;
 import java.util.List;
 import java.util.concurrent.CopyOnWriteArrayList;
 
+import javax.annotation.CheckForNull;
 import javax.servlet.ServletException;
 
 import jenkins.model.Jenkins;
@@ -61,6 +62,12 @@ import org.kohsuke.stapler.interceptor.RequirePOST;
  * @author Tom Huybrechts
  */
 public class MyViewsProperty extends UserProperty implements ModifiableViewGroup, Action, StaplerFallback {
+
+    /**
+     * Name of the primary view defined by the user.
+     * {@code null} means that the View is not defined.
+     */
+    @CheckForNull
     private String primaryViewName;
 
     /**
@@ -71,12 +78,13 @@ public class MyViewsProperty extends UserProperty implements ModifiableViewGroup
     private transient ViewGroupMixIn viewGroupMixIn;
 
     @DataBoundConstructor
-    public MyViewsProperty(String primaryViewName) {
+    public MyViewsProperty(@CheckForNull String primaryViewName) {
         this.primaryViewName = primaryViewName;
+        readResolve(); // initialize fields
     }
 
     private MyViewsProperty() {
-        readResolve();
+        this(null);
     }
 
     public Object readResolve() {
@@ -88,7 +96,10 @@ public class MyViewsProperty extends UserProperty implements ModifiableViewGroup
             // preserve the non-empty invariant
             views.add(new AllView(AllView.DEFAULT_VIEW_NAME, this));
         }
-        primaryViewName = AllView.migrateLegacyPrimaryAllViewLocalizedName(views, primaryViewName);
+        if (primaryViewName != null) {
+            // It may happen when the default constructor is invoked
+            primaryViewName = AllView.migrateLegacyPrimaryAllViewLocalizedName(views, primaryViewName);
+        }
 
         viewGroupMixIn = new ViewGroupMixIn(this) {
             protected List<View> views() { return views; }
@@ -99,11 +110,17 @@ public class MyViewsProperty extends UserProperty implements ModifiableViewGroup
         return this;
     }
 
+    @CheckForNull
     public String getPrimaryViewName() {
         return primaryViewName;
     }
 
-    public void setPrimaryViewName(String primaryViewName) {
+    /**
+     * Sets the primary view.
+     * @param primaryViewName Name of the primary view to be set.
+     *                        {@code null} to make the primary view undefined.
+     */
+    public void setPrimaryViewName(@CheckForNull String primaryViewName) {
         this.primaryViewName = primaryViewName;
     }
 
diff --git a/core/src/main/java/hudson/model/ViewGroupMixIn.java b/core/src/main/java/hudson/model/ViewGroupMixIn.java
index 359f68f1c5..313e07eceb 100644
--- a/core/src/main/java/hudson/model/ViewGroupMixIn.java
+++ b/core/src/main/java/hudson/model/ViewGroupMixIn.java
@@ -36,6 +36,7 @@ import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
 import javax.annotation.CheckForNull;
+import javax.annotation.Nonnull;
 
 /**
  * Implements {@link ViewGroup} to be used as a "mix-in".
@@ -66,27 +67,40 @@ public abstract class ViewGroupMixIn {
     private final ViewGroup owner;
 
     /**
-     * Returns all the views. This list must be concurrently iterable.
+     * Returns all views in the group. This list must be modifiable and concurrently iterable.
      */
+    @Nonnull
     protected abstract List<View> views();
+
+    /**
+     * Gets primary view of the mix-in.
+     * @return Name of the primary view, {@code null} if there is no primary one defined.
+     */
+    @CheckForNull
     protected abstract String primaryView();
+
+    /**
+     * Sets the primary view.
+     * @param newName Name of the primary view to be set.
+     *                {@code null} to make the primary view undefined.
+     */
     protected abstract void primaryView(String newName);
 
     protected ViewGroupMixIn(ViewGroup owner) {
         this.owner = owner;
     }
 
-    public void addView(View v) throws IOException {
+    public void addView(@Nonnull View v) throws IOException {
         v.owner = owner;
         views().add(v);
         owner.save();
     }
 
-    public boolean canDelete(View view) {
+    public boolean canDelete(@Nonnull View view) {
         return !view.isDefault();  // Cannot delete primary view
     }
 
-    public synchronized void deleteView(View view) throws IOException {
+    public synchronized void deleteView(@Nonnull View view) throws IOException {
         if (views().size() <= 1)
             throw new IllegalStateException("Cannot delete last view");
         views().remove(view);
@@ -101,11 +115,14 @@ public abstract class ViewGroupMixIn {
      */
     @CheckForNull
     public View getView(@CheckForNull String name) {
+        if (name == null) {
+            return null;
+        }
         for (View v : views()) {
             if(v.getViewName().equals(name))
                 return v;
         }
-        if (name != null && !name.equals(primaryView())) {
+        if (!name.equals(primaryView())) {
             // Fallback to subview of primary view if it is a ViewGroup
             View pv = getPrimaryView();
             if (pv instanceof ViewGroup)
diff --git a/test/src/test/java/hudson/model/MyViewsPropertyTest.java b/test/src/test/java/hudson/model/MyViewsPropertyTest.java
index 84d798aa67..eab0579941 100644
--- a/test/src/test/java/hudson/model/MyViewsPropertyTest.java
+++ b/test/src/test/java/hudson/model/MyViewsPropertyTest.java
@@ -33,6 +33,7 @@ import java.io.IOException;
 import jenkins.model.Jenkins;
 import org.acegisecurity.AccessDeniedException;
 import org.acegisecurity.context.SecurityContextHolder;
+import org.jvnet.hudson.test.Issue;
 import org.jvnet.hudson.test.JenkinsRule;
 import static org.junit.Assert.*;
 /**
@@ -288,5 +289,20 @@ public class MyViewsPropertyTest {
         auth.add(Jenkins.ADMINISTER, "User2");
         assertTrue("User User2 should configure permission for user User",property.hasPermission(Permission.CONFIGURE));
     }
+
+    @Test
+    @Issue("JENKINS-48157")
+    public void shouldNotFailWhenMigratingLegacyViewsWithoutPrimaryOne() throws IOException {
+        rule.jenkins.setSecurityRealm(rule.createDummySecurityRealm());
+        User user = User.get("User");
+
+        // Emulates creation of a new object with Reflection in User#load() does.
+        MyViewsProperty property = new MyViewsProperty(null);
+        user.addProperty(property);
+
+        // At AllView with non-default to invoke NPE path in AllView.migrateLegacyPrimaryAllViewLocalizedName()
+        property.addView(new AllView("foobar"));
+        property.readResolve();
+    }
     
 }
-- 
GitLab


From b450e9bdb60f6b3a0d492219a026438bf7b3b9d6 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Thu, 16 Nov 2017 22:10:57 -0500
Subject: [PATCH 008/863] [JENKINS-47429] User.getLegacyConfigFilesFor no
 longer seems to be necessary.

(cherry picked from commit 3853b3813967bd3d46e4dde7741eb97fa628345c)
---
 core/src/main/java/hudson/model/User.java | 55 ++++-------------------
 1 file changed, 9 insertions(+), 46 deletions(-)

diff --git a/core/src/main/java/hudson/model/User.java b/core/src/main/java/hudson/model/User.java
index 6b6bc612eb..ce6d49bdd0 100644
--- a/core/src/main/java/hudson/model/User.java
+++ b/core/src/main/java/hudson/model/User.java
@@ -432,6 +432,10 @@ public class User extends AbstractModelObject implements AccessControlled, Descr
      *      {@code create} is false.
      */
     private static @Nullable User getOrCreate(@Nonnull String id, @Nonnull String fullName, boolean create) {
+        return getOrCreate(id, fullName, create, getUnsanitizedLegacyConfigFileFor(id));
+    }
+
+    private static @Nullable User getOrCreate(@Nonnull String id, @Nonnull String fullName, boolean create, File unsanitizedLegacyConfigFile) {
         String idkey = idStrategy().keyFor(id);
 
         byNameLock.readLock().lock();
@@ -442,49 +446,17 @@ public class User extends AbstractModelObject implements AccessControlled, Descr
             byNameLock.readLock().unlock();
         }
         final File configFile = getConfigFileFor(id);
-        if (u == null && !configFile.isFile() && !configFile.getParentFile().isDirectory()) {
-            // check for legacy users and migrate if safe to do so.
-            File[] legacy = getLegacyConfigFilesFor(id);
-            if (legacy != null && legacy.length > 0) {
-                for (File legacyUserDir : legacy) {
-                    final XmlFile legacyXml = new XmlFile(XSTREAM, new File(legacyUserDir, "config.xml"));
-                    try {
-                        Object o = legacyXml.read();
-                        if (o instanceof User) {
-                            if (idStrategy().equals(id, legacyUserDir.getName()) && !idStrategy().filenameOf(legacyUserDir.getName())
-                                    .equals(legacyUserDir.getName())) {
-                                if (legacyUserDir.renameTo(configFile.getParentFile())) {
-                                    LOGGER.log(Level.INFO, "Migrated user record from {0} to {1}", new Object[] {legacyUserDir, configFile.getParentFile()});
-                                } else {
-                                    LOGGER.log(Level.WARNING, "Failed to migrate user record from {0} to {1}",
-                                            new Object[]{legacyUserDir, configFile.getParentFile()});
-                                }
-                                break;
-                            }
-                        } else {
-                            LOGGER.log(Level.FINE, "Unexpected object loaded from {0}: {1}",
-                                    new Object[]{ legacyUserDir, o });
-                        }
-                    } catch (IOException e) {
-                        LOGGER.log(Level.FINE, String.format("Exception trying to load user from %s: %s",
-                                new Object[]{ legacyUserDir, e.getMessage() }), e);
-                    }
-                }
-            }
-        }
-
-        File unsanitizedLegacyConfigFile = getUnsanitizedLegacyConfigFileFor(id);
         if (unsanitizedLegacyConfigFile.exists() && !unsanitizedLegacyConfigFile.equals(configFile)) {
             File ancestor = unsanitizedLegacyConfigFile.getParentFile();
             if (!configFile.exists()) {
                 try {
                     Files.createDirectory(configFile.getParentFile().toPath());
                     Files.move(unsanitizedLegacyConfigFile.toPath(), configFile.toPath());
-                    LOGGER.log(Level.INFO, "Migrated unsafe user record from {0} to {1}", new Object[] {unsanitizedLegacyConfigFile, configFile});
+                    LOGGER.log(Level.INFO, "Migrated user record from {0} to {1}", new Object[] {unsanitizedLegacyConfigFile, configFile});
                 } catch (IOException | InvalidPathException e) {
                     LOGGER.log(
                             Level.WARNING,
-                            String.format("Failed to migrate user record from %s to %s, see SECURITY-499 for more information", idStrategy().legacyFilenameOf(id), idStrategy().filenameOf(id)),
+                            String.format("Failed to migrate user record from %s to %s", unsanitizedLegacyConfigFile, configFile),
                             e);
                 }
             }
@@ -726,16 +698,6 @@ public class User extends AbstractModelObject implements AccessControlled, Descr
         return new File(getRootDir(), idStrategy().filenameOf(id) +"/config.xml");
     }
 
-    private static final File[] getLegacyConfigFilesFor(final String id) {
-        return getRootDir().listFiles(new FileFilter() {
-            @Override
-            public boolean accept(File pathname) {
-                return pathname.isDirectory() && new File(pathname, "config.xml").isFile() && idStrategy().equals(
-                        pathname.getName(), id);
-            }
-        });
-    }
-
     private static File getUnsanitizedLegacyConfigFileFor(String id) {
         return new File(getRootDir(), idStrategy().legacyFilenameOf(id) + "/config.xml");
     }
@@ -1056,9 +1018,10 @@ public class User extends AbstractModelObject implements AccessControlled, Descr
             File[] subdirs = getRootDir().listFiles((FileFilter) DirectoryFileFilter.INSTANCE);
             if (subdirs != null) {
                 for (File subdir : subdirs) {
-                    if (new File(subdir, "config.xml").exists()) {
+                    File configFile = new File(subdir, "config.xml");
+                    if (configFile.exists()) {
                         String name = strategy.idFromFilename(subdir.getName());
-                        getOrCreate(name, /* <init> calls load(), probably clobbering this anyway */name, true);
+                        getOrCreate(name, /* <init> calls load(), probably clobbering this anyway */name, true, configFile);
                     }
                 }
             }
-- 
GitLab


From b6443aacbbc3fffec1f8f45ce1fb9fb322f5030f Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Wed, 13 Dec 2017 16:41:56 -0800
Subject: [PATCH 009/863] [maven-release-plugin] prepare release jenkins-2.89.2

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 1fc896f74f..8d2ebc729a 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.2-SNAPSHOT</version>
+    <version>2.89.2</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 6278a3fead..8fbad1e747 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.2-SNAPSHOT</version>
+    <version>2.89.2</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 4e57abc3bf..d08c38ad14 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.89.2-SNAPSHOT</version>
+  <version>2.89.2</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.89.2</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 839aed6dbd..9474fc02e0 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.2-SNAPSHOT</version>
+    <version>2.89.2</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index a7f48bb18a..13f910f9f6 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.2-SNAPSHOT</version>
+    <version>2.89.2</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 8ae7df076e15cf6961902e2e632a9da9a8341ea8 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Wed, 13 Dec 2017 16:41:56 -0800
Subject: [PATCH 010/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 8d2ebc729a..a6f850b032 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.2</version>
+    <version>2.89.3-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 8fbad1e747..77438d3623 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.2</version>
+    <version>2.89.3-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index d08c38ad14..803856390a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.89.2</version>
+  <version>2.89.3-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.89.2</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 9474fc02e0..40e66224ae 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.2</version>
+    <version>2.89.3-SNAPSHOT</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 13f910f9f6..4405af0e96 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.2</version>
+    <version>2.89.3-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 8fa79061bb0beaf93be4e05620463fd363ac5b30 Mon Sep 17 00:00:00 2001
From: Alexander Akbashev <mr.akbashev@gmail.com>
Date: Tue, 21 Nov 2017 14:18:01 +0100
Subject: [PATCH 011/863] [FIX JENKINS-48349] Cache permission id to avoid
 allocating of new strings

Every request that comes from Jelly is checked against Permissions.
As result it leads to a call of `getId` method that produces the new string.
Usually it's not a problem, but in case of stop-the-world pause user requests are accumulated.
So, once pause is finished, we forcibly allocated tons of strings for
every request. That leads to new stop-the-world pause. (And this cycle
can repeat multiple times)

(cherry picked from commit b2c40cb9e0db72c978b3a50be0d4c467cb33eb20)
---
 core/src/main/java/hudson/security/Permission.java | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/security/Permission.java b/core/src/main/java/hudson/security/Permission.java
index 431ad0fd1d..31f6a944e2 100644
--- a/core/src/main/java/hudson/security/Permission.java
+++ b/core/src/main/java/hudson/security/Permission.java
@@ -68,6 +68,9 @@ public final class Permission {
 
     public final @Nonnull PermissionGroup group;
 
+    // if some plugin serialized old version of this class using XStream, `id` can be null
+    private final @CheckForNull String id;
+
     /**
      * Human readable ID of the permission.
      *
@@ -158,6 +161,7 @@ public final class Permission {
         this.impliedBy = impliedBy;
         this.enabled = enable;
         this.scopes = ImmutableSet.copyOf(scopes);
+        this.id = owner.getName() + '.' + name;
 
         group.add(this);
         ALL.add(this);
@@ -222,7 +226,10 @@ public final class Permission {
      * @see #fromId(String)
      */
     public @Nonnull String getId() {
-        return owner.getName()+'.'+name;
+        if (id == null) {
+            return owner.getName() + '.' + name;
+        }
+        return id;
     }
 
     @Override public boolean equals(Object o) {
-- 
GitLab


From 08444b29c608e759673d60be295bfe2858e1171a Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sat, 2 Dec 2017 12:36:06 +0300
Subject: [PATCH 012/863] Merge pull request #3164 from
 fcojfernandez/JENKINS-48080

[JENKINS-48080] Setup Wizard hangs if confirm password is incorrect while creating admin user

(cherry picked from commit b3ebef20ece11cd8cfed0eb32558065150a18c9d)
---
 war/src/main/js/pluginSetupWizardGui.js | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/war/src/main/js/pluginSetupWizardGui.js b/war/src/main/js/pluginSetupWizardGui.js
index 923f6a3f27..2aac81ed33 100644
--- a/war/src/main/js/pluginSetupWizardGui.js
+++ b/war/src/main/js/pluginSetupWizardGui.js
@@ -889,16 +889,17 @@ var createPluginSetupWizard = function(appendTarget) {
 			// ignore JSON parsing issues, this may be HTML
 		}
 		// we get 200 OK
-		var $page = $(data);
+		var responseText = data.responseText;
+		var $page = $(responseText);
 		var $errors = $page.find('.error');
 		if($errors.length > 0) {
 			var $main = $page.find('#main-panel').detach();
 			if($main.length > 0) {
-				data = data.replace(/body([^>]*)[>](.|[\r\n])+[<][/]body/,'body$1>'+$main.html()+'</body');
+				responseText = responseText.replace(/body([^>]*)[>](.|[\r\n])+[<][/]body/,'body$1>'+$main.html()+'</body');
 			}
 			var doc = $('iframe[src]').contents()[0];
 			doc.open();
-			doc.write(data);
+			doc.write(responseText);
 			doc.close();
 		}
 		else {
-- 
GitLab


From 49ee85a1e7d63fd7e1fb63f78bbe12c26b91bce0 Mon Sep 17 00:00:00 2001
From: Jan Zuchhold <Jan@Zuchhold.com>
Date: Fri, 22 Dec 2017 14:36:34 +0100
Subject: [PATCH 013/863] [JENKINS-48593] - Add getSystemProperty(key) to fix
 hudson.consoleTailKB system property (#3200)

* Add getSystemProperty(key) to fix hudson.consoleTailKB system property

* Add Javadoc, @Restricted and delegate to SystemProperties

These changes were requested by @daniel-beck.

* PR was not merged in time for 2.96

* Changes as requested by @oleg-nenashev

(cherry picked from commit 006c51256e58d9b691956962d9fd624fb0c1e08b)
---
 core/src/main/java/hudson/Functions.java | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/core/src/main/java/hudson/Functions.java b/core/src/main/java/hudson/Functions.java
index 99e76891f0..abdd3c490b 100644
--- a/core/src/main/java/hudson/Functions.java
+++ b/core/src/main/java/hudson/Functions.java
@@ -471,6 +471,16 @@ public class Functions {
         return new TreeMap<Object,Object>(System.getProperties());
     }
 
+    /**
+     * Gets the system property indicated by the specified key.
+     * 
+     * Delegates to {@link SystemProperties#getString(java.lang.String)}.
+     */
+    @Restricted(DoNotUse.class)
+    public static String getSystemProperty(String key) {
+        return SystemProperties.getString(key);
+    }
+
     public static Map getEnvVars() {
         return new TreeMap<String,String>(EnvVars.masterEnvVars);
     }
-- 
GitLab


From 065d3c830361471651a6c59ff78a33f0f4aa0900 Mon Sep 17 00:00:00 2001
From: Johno Crawford <johno.crawford@gmail.com>
Date: Fri, 15 Dec 2017 15:04:55 +0100
Subject: [PATCH 014/863] [JENKINS-48505] Invoke optimistic before
 computeIfAbsent to avoid contention.

(cherry picked from commit dce450e1b4565b682f321329caea080293ef0b9b)
---
 core/src/main/java/jenkins/model/Jenkins.java | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index 10deb6e003..5bcd97f138 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -2628,7 +2628,8 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
      */
     @SuppressWarnings({"unchecked"})
     public <T> ExtensionList<T> getExtensionList(Class<T> extensionType) {
-        return extensionLists.computeIfAbsent(extensionType, key -> ExtensionList.create(this, key));
+        ExtensionList<T> extensionList = extensionLists.get(extensionType);
+        return extensionList != null ? extensionList : extensionLists.computeIfAbsent(extensionType, key -> ExtensionList.create(this, key));
     }
 
     /**
-- 
GitLab


From 0319362666bb9e742c46a8fb28e70a660e53d4f3 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sun, 17 Dec 2017 14:26:51 +0100
Subject: [PATCH 015/863] Merge pull request #3193 from dwnusbaum/JENKINS-48365

[JENKINS-48365] Install detached plugins when upgrading Jenkins past the version the plugins were detached

(cherry picked from commit 968b6adf007523ca7726e8161be65c9753c4df43)
---
 core/src/main/java/hudson/PluginManager.java  |   5 +-
 .../java/jenkins/install/InstallUtil.java     |   3 +-
 .../test/java/hudson/PluginManagerUtil.java   |  11 ++
 .../install/LoadDetachedPluginsTest.java      | 121 ++++++++++++++++++
 .../upgradeFromJenkins1/config.xml            |  34 +++++
 ...enkins.install.InstallUtil.lastExecVersion |   1 +
 6 files changed, 171 insertions(+), 4 deletions(-)
 create mode 100644 test/src/test/java/jenkins/install/LoadDetachedPluginsTest.java
 create mode 100644 test/src/test/resources/jenkins/install/LoadDetachedPluginsTest/upgradeFromJenkins1/config.xml
 create mode 100644 test/src/test/resources/jenkins/install/LoadDetachedPluginsTest/upgradeFromJenkins2/jenkins.install.InstallUtil.lastExecVersion

diff --git a/core/src/main/java/hudson/PluginManager.java b/core/src/main/java/hudson/PluginManager.java
index c816805ba6..7fb2ed8712 100644
--- a/core/src/main/java/hudson/PluginManager.java
+++ b/core/src/main/java/hudson/PluginManager.java
@@ -679,9 +679,8 @@ public abstract class PluginManager extends AbstractModelObject implements OnMas
      * </ul>
      */
     protected void loadDetachedPlugins() {
-        InstallState installState = Jenkins.getActiveInstance().getInstallState();
-        if (InstallState.UPGRADE.equals(installState)) {
-            VersionNumber lastExecVersion = new VersionNumber(InstallUtil.getLastExecVersion());
+        VersionNumber lastExecVersion = new VersionNumber(InstallUtil.getLastExecVersion());
+        if (lastExecVersion.isNewerThan(InstallUtil.NEW_INSTALL_VERSION) && lastExecVersion.isOlderThan(Jenkins.getVersion())) {
 
             LOGGER.log(INFO, "Upgrading Jenkins. The last running version was {0}. This Jenkins is version {1}.",
                     new Object[] {lastExecVersion, Jenkins.VERSION});
diff --git a/core/src/main/java/jenkins/install/InstallUtil.java b/core/src/main/java/jenkins/install/InstallUtil.java
index e4868e95c1..5b3f95555b 100644
--- a/core/src/main/java/jenkins/install/InstallUtil.java
+++ b/core/src/main/java/jenkins/install/InstallUtil.java
@@ -70,7 +70,8 @@ public class InstallUtil {
     private static final Logger LOGGER = Logger.getLogger(InstallUtil.class.getName());
 
     // tests need this to be 1.0
-    private static final VersionNumber NEW_INSTALL_VERSION = new VersionNumber("1.0");
+    @Restricted(NoExternalUse.class)
+    public static final VersionNumber NEW_INSTALL_VERSION = new VersionNumber("1.0");
     private static final VersionNumber FORCE_NEW_INSTALL_VERSION = new VersionNumber("0.0");
 
     /**
diff --git a/test/src/test/java/hudson/PluginManagerUtil.java b/test/src/test/java/hudson/PluginManagerUtil.java
index 2263622b4c..423213b7d6 100644
--- a/test/src/test/java/hudson/PluginManagerUtil.java
+++ b/test/src/test/java/hudson/PluginManagerUtil.java
@@ -26,6 +26,8 @@ package hudson;
 import jenkins.RestartRequiredException;
 import jenkins.model.Jenkins;
 import org.apache.commons.io.FileUtils;
+import org.junit.runner.Description;
+import org.jvnet.hudson.test.RestartableJenkinsRule;
 import org.jvnet.hudson.test.JenkinsRule;
 
 import java.io.File;
@@ -47,6 +49,15 @@ public class PluginManagerUtil {
         };
     }
 
+    public static RestartableJenkinsRule newRestartableJenkinsRule() {
+        return new RestartableJenkinsRule() {
+            @Override
+            public JenkinsRule createJenkinsRule(Description description) {
+                return newJenkinsRule();
+            }
+        };
+    }
+
     public static void dynamicLoad(String plugin, Jenkins jenkins) throws IOException, InterruptedException, RestartRequiredException {
         dynamicLoad(plugin, jenkins, false);
     }
diff --git a/test/src/test/java/jenkins/install/LoadDetachedPluginsTest.java b/test/src/test/java/jenkins/install/LoadDetachedPluginsTest.java
new file mode 100644
index 0000000000..eecc1e2b49
--- /dev/null
+++ b/test/src/test/java/jenkins/install/LoadDetachedPluginsTest.java
@@ -0,0 +1,121 @@
+/*
+ * The MIT License
+ *
+ * Copyright 2017 CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+package jenkins.install;
+
+import hudson.ClassicPluginStrategy;
+import hudson.ClassicPluginStrategy.DetachedPlugin;
+import hudson.PluginManager;
+import hudson.PluginManagerUtil;
+import hudson.PluginWrapper;
+import hudson.util.VersionNumber;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.List;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.RestartableJenkinsRule;
+import org.jvnet.hudson.test.recipes.LocalData;
+
+import static org.hamcrest.Matchers.empty;
+import static org.hamcrest.Matchers.equalTo;
+import static org.hamcrest.Matchers.greaterThan;
+import static org.hamcrest.Matchers.not;
+import static org.junit.Assert.assertThat;
+import static org.junit.Assert.assertTrue;
+
+public class LoadDetachedPluginsTest {
+
+    @Rule public RestartableJenkinsRule rr = PluginManagerUtil.newRestartableJenkinsRule();
+
+    @Issue("JENKINS-48365")
+    @Test
+    @LocalData
+    public void upgradeFromJenkins1() throws IOException {
+        VersionNumber since = new VersionNumber("1.550");
+        rr.then(r -> {
+            List<DetachedPlugin> detachedPlugins = ClassicPluginStrategy.getDetachedPlugins(since);
+            assertThat("Plugins have been detached since the pre-upgrade version",
+                    detachedPlugins.size(), greaterThan(4));
+            assertThat("Plugins detached between the pre-upgrade version and the current version should be installed",
+                    getInstalledDetachedPlugins(r, detachedPlugins).size(), equalTo(detachedPlugins.size()));
+            assertNoFailedPlugins(r);
+        });
+    }
+
+    @Issue("JENKINS-48365")
+    @Test
+    @LocalData
+    public void upgradeFromJenkins2() {
+        VersionNumber since = new VersionNumber("2.0");
+        rr.then(r -> {
+            List<DetachedPlugin> detachedPlugins = ClassicPluginStrategy.getDetachedPlugins(since);
+            assertThat("Plugins have been detached since the pre-upgrade version",
+                    detachedPlugins.size(), greaterThan(1));
+            assertThat("Plugins detached between the pre-upgrade version and the current version should be installed",
+                    getInstalledDetachedPlugins(r, detachedPlugins).size(), equalTo(detachedPlugins.size()));
+            assertNoFailedPlugins(r);
+        });
+    }
+
+    @Test
+    public void newInstallation() {
+        rr.then(r -> {
+            List<DetachedPlugin> detachedPlugins = ClassicPluginStrategy.getDetachedPlugins();
+            assertThat("Detached plugins should exist", detachedPlugins, not(empty()));
+            assertThat("Detached plugins should not be installed on a new instance",
+                    getInstalledDetachedPlugins(r, detachedPlugins), empty());
+            assertNoFailedPlugins(r);
+        });
+        rr.then(r -> {
+            List<DetachedPlugin> detachedPlugins = ClassicPluginStrategy.getDetachedPlugins();
+            assertThat("Detached plugins should exist", detachedPlugins, not(empty()));
+            assertThat("Detached plugins should not be installed after restarting",
+                    getInstalledDetachedPlugins(r, detachedPlugins), empty());
+            assertNoFailedPlugins(r);
+        });
+    }
+
+    private List<PluginWrapper> getInstalledDetachedPlugins(JenkinsRule r, List<DetachedPlugin> detachedPlugins) {
+        PluginManager pluginManager = r.jenkins.getPluginManager();
+        List<PluginWrapper> installedPlugins = new ArrayList<>();
+        for (DetachedPlugin plugin : detachedPlugins) {
+            PluginWrapper wrapper = pluginManager.getPlugin(plugin.getShortName());
+            if (wrapper != null) {
+                installedPlugins.add(wrapper);
+                assertTrue("Detached plugins should be active if installed", wrapper.isActive());
+                assertThat("Detached plugins should not have dependency errors", wrapper.getDependencyErrors(), empty());
+            }
+        }
+        return installedPlugins;
+    }
+
+    private void assertNoFailedPlugins(JenkinsRule r) {
+        assertThat("Detached plugins and their dependencies should not fail to install",
+                r.jenkins.getPluginManager().getFailedPlugins(), empty());
+    }
+
+}
diff --git a/test/src/test/resources/jenkins/install/LoadDetachedPluginsTest/upgradeFromJenkins1/config.xml b/test/src/test/resources/jenkins/install/LoadDetachedPluginsTest/upgradeFromJenkins1/config.xml
new file mode 100644
index 0000000000..6fcea351c2
--- /dev/null
+++ b/test/src/test/resources/jenkins/install/LoadDetachedPluginsTest/upgradeFromJenkins1/config.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<hudson>
+  <disabledAdministrativeMonitors/>
+  <version>1.550</version>
+  <numExecutors>2</numExecutors>
+  <mode>NORMAL</mode>
+  <useSecurity>true</useSecurity>
+  <authorizationStrategy class="hudson.security.AuthorizationStrategy$Unsecured"/>
+  <securityRealm class="hudson.security.SecurityRealm$None"/>
+  <disableRememberMe>false</disableRememberMe>
+  <projectNamingStrategy class="jenkins.model.ProjectNamingStrategy$DefaultProjectNamingStrategy"/>
+  <workspaceDir>${JENKINS_HOME}/workspace/${ITEM_FULLNAME}</workspaceDir>
+  <buildsDir>${ITEM_ROOTDIR}/builds</buildsDir>
+  <jdks/>
+  <viewsTabBar class="hudson.views.DefaultViewsTabBar"/>
+  <myViewsTabBar class="hudson.views.DefaultMyViewsTabBar"/>
+  <clouds/>
+  <quietPeriod>5</quietPeriod>
+  <scmCheckoutRetryCount>0</scmCheckoutRetryCount>
+  <views>
+    <hudson.model.AllView>
+      <owner class="hudson" reference="../../.."/>
+      <name>All</name>
+      <filterExecutors>false</filterExecutors>
+      <filterQueue>false</filterQueue>
+      <properties class="hudson.model.View$PropertyList"/>
+    </hudson.model.AllView>
+  </views>
+  <primaryView>All</primaryView>
+  <slaveAgentPort>0</slaveAgentPort>
+  <label></label>
+  <nodeProperties/>
+  <globalNodeProperties/>
+</hudson>
\ No newline at end of file
diff --git a/test/src/test/resources/jenkins/install/LoadDetachedPluginsTest/upgradeFromJenkins2/jenkins.install.InstallUtil.lastExecVersion b/test/src/test/resources/jenkins/install/LoadDetachedPluginsTest/upgradeFromJenkins2/jenkins.install.InstallUtil.lastExecVersion
new file mode 100644
index 0000000000..415b19fc36
--- /dev/null
+++ b/test/src/test/resources/jenkins/install/LoadDetachedPluginsTest/upgradeFromJenkins2/jenkins.install.InstallUtil.lastExecVersion
@@ -0,0 +1 @@
+2.0
\ No newline at end of file
-- 
GitLab


From e9ecbb326c0e8974c9624fc623be2497299c377f Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Tue, 19 Dec 2017 19:53:38 +0100
Subject: [PATCH 016/863] Merge pull request #3201 from dwnusbaum/JENKINS-48604

[JENKINS-48604] Do not downgrade plugins that are dependencies of detached plugins when upgrading Jenkins

(cherry picked from commit 1dc2c6d5ff666d60a0eb54125ce7694986d1025b)
---
 core/src/main/java/hudson/PluginManager.java  |  12 +++++-
 .../install/LoadDetachedPluginsTest.java      |  39 ++++++++++++++++++
 ...upgradeFromJenkins2WithNewerDependency.zip | Bin 0 -> 150149 bytes
 ...upgradeFromJenkins2WithOlderDependency.zip | Bin 0 -> 168835 bytes
 4 files changed, 50 insertions(+), 1 deletion(-)
 create mode 100644 test/src/test/resources/jenkins/install/LoadDetachedPluginsTest/upgradeFromJenkins2WithNewerDependency.zip
 create mode 100644 test/src/test/resources/jenkins/install/LoadDetachedPluginsTest/upgradeFromJenkins2WithOlderDependency.zip

diff --git a/core/src/main/java/hudson/PluginManager.java b/core/src/main/java/hudson/PluginManager.java
index 7fb2ed8712..b35149190b 100644
--- a/core/src/main/java/hudson/PluginManager.java
+++ b/core/src/main/java/hudson/PluginManager.java
@@ -650,7 +650,17 @@ public abstract class PluginManager extends AbstractModelObject implements OnMas
                     continue;
                 }
 
-                String artifactId = dependencyToken.split(":")[0];
+                String[] artifactIdVersionPair = dependencyToken.split(":");
+                String artifactId = artifactIdVersionPair[0];
+                VersionNumber dependencyVersion = new VersionNumber(artifactIdVersionPair[1]);
+
+                PluginManager manager = Jenkins.getActiveInstance().getPluginManager();
+                VersionNumber installedVersion = manager.getPluginVersion(manager.rootDir, artifactId);
+                if (installedVersion != null && !installedVersion.isOlderThan(dependencyVersion)) {
+                    // Do not downgrade dependencies that are already installed.
+                    continue;
+                }
+
                 URL dependencyURL = context.getResource(fromPath + "/" + artifactId + ".hpi");
 
                 if (dependencyURL == null) {
diff --git a/test/src/test/java/jenkins/install/LoadDetachedPluginsTest.java b/test/src/test/java/jenkins/install/LoadDetachedPluginsTest.java
index eecc1e2b49..856e5263ba 100644
--- a/test/src/test/java/jenkins/install/LoadDetachedPluginsTest.java
+++ b/test/src/test/java/jenkins/install/LoadDetachedPluginsTest.java
@@ -26,6 +26,7 @@ package jenkins.install;
 
 import hudson.ClassicPluginStrategy;
 import hudson.ClassicPluginStrategy.DetachedPlugin;
+import hudson.Plugin;
 import hudson.PluginManager;
 import hudson.PluginManagerUtil;
 import hudson.PluginWrapper;
@@ -44,6 +45,7 @@ import static org.hamcrest.Matchers.empty;
 import static org.hamcrest.Matchers.equalTo;
 import static org.hamcrest.Matchers.greaterThan;
 import static org.hamcrest.Matchers.not;
+import static org.hamcrest.Matchers.notNullValue;
 import static org.junit.Assert.assertThat;
 import static org.junit.Assert.assertTrue;
 
@@ -81,6 +83,43 @@ public class LoadDetachedPluginsTest {
         });
     }
 
+    @Issue("JENKINS-48604")
+    @Test
+    @LocalData
+    public void upgradeFromJenkins2WithNewerDependency() {
+        VersionNumber since = new VersionNumber("2.0");
+        rr.then(r -> {
+            List<DetachedPlugin> detachedPlugins = ClassicPluginStrategy.getDetachedPlugins(since);
+            assertThat("Plugins have been detached since the pre-upgrade version",
+                    detachedPlugins.size(), greaterThan(1));
+            assertThat("Plugins detached between the pre-upgrade version and the current version should be installed",
+                    getInstalledDetachedPlugins(r, detachedPlugins).size(), equalTo(detachedPlugins.size()));
+            Plugin scriptSecurity = r.jenkins.getPlugin("script-security");
+            assertThat("Script-security should be installed", scriptSecurity, notNullValue());
+            assertThat("Dependencies of detached plugins should not be downgraded",
+                    scriptSecurity.getWrapper().getVersionNumber(), equalTo(new VersionNumber("1.34")));
+            assertNoFailedPlugins(r);
+        });
+    }
+
+    @Test
+    @LocalData
+    public void upgradeFromJenkins2WithOlderDependency() {
+        VersionNumber since = new VersionNumber("2.0");
+        rr.then(r -> {
+            List<DetachedPlugin> detachedPlugins = ClassicPluginStrategy.getDetachedPlugins(since);
+            assertThat("Plugins have been detached since the pre-upgrade version",
+                    detachedPlugins.size(), greaterThan(1));
+            assertThat("Plugins detached between the pre-upgrade version and the current version should be installed",
+                    getInstalledDetachedPlugins(r, detachedPlugins).size(), equalTo(detachedPlugins.size()));
+            Plugin scriptSecurity = r.jenkins.getPlugin("script-security");
+            assertThat("Script-security should be installed", scriptSecurity, notNullValue());
+            assertThat("Dependencies of detached plugins should be upgraded to the required version",
+                    scriptSecurity.getWrapper().getVersionNumber(), equalTo(new VersionNumber("1.18.1")));
+            assertNoFailedPlugins(r);
+        });
+    }
+
     @Test
     public void newInstallation() {
         rr.then(r -> {
diff --git a/test/src/test/resources/jenkins/install/LoadDetachedPluginsTest/upgradeFromJenkins2WithNewerDependency.zip b/test/src/test/resources/jenkins/install/LoadDetachedPluginsTest/upgradeFromJenkins2WithNewerDependency.zip
new file mode 100644
index 0000000000000000000000000000000000000000..557841273ad6240326625333b6bda5b61586225b
GIT binary patch
literal 150149
zcmZs>Q;;xB(52b7ZQHhO+kD%$ZQHhO+qP}n-TVEs5wjC9n^75ARTs~R%)6>M3evzJ
zPyqiE9kPki)(iG8!2j+4C#eB&04z;ytt@Pv=>AJ*Lu+d~$^W;iI$K!NSsOYzi@KW{
ztC>1FS=iaCsz3q&=Pa{p9UZZ2xwu0E0D`;#0sw%Z{D)$qV^H|tI$5fT(*NE4?|}GE
z$KKk->^}|q{{?Y9WY_xozajra_#YSq!2b{|0m5w>|2u(T001EV9|SrPWqoC5J4e(1
zjhg$vQ8($_aDxm8B4#nr(kyh8JN5v!2BH&??Es+a`ELt^n~04lN(!Wb9*Hk%k$x69
z@&N1i?fU*O1OqY5e2MF5!L@9&guw_x;XcN-&fBioLgBbfdGH~%&Q92Q;9Rc8OuFY%
z>}?JD`NTQrGU%O)Gc&?d7<|#x*vOHLAsPi&>UA{3d-nDxA7A{2tbfpiz8FzQE;#pa
zAX9L4u2+|#FVX_{c_C%C)&<l%+no>)4XE<}U-PPR6w+k&xUb)0KmbuvKmgePNApg`
zju!ULv`(hRE{+z?9(0!W7XNDuO!<wP|370eX%ntyfT_3fu-<C5`9IbR?$HnXg|ltn
zt|V+_BUs8c*0oYR7+3(%J3gjof)wyKz2L8UV<A;wbE2csGt?hE7@)yDe>!)6JRAXl
zKPUnKz~tYk3FryQh)9a+xygtQs>@9S2BP<-{4drm@*T8Dwa$%vu%R>vGHq@P$Ctqt
zIQydKfZONM!GV(CujcAMy4h(TDMv5ZIGq42<Q-+hd}QTR+Q#PS-l4A+mv!PZ0fkLO
z?HG%j&iqM`rU5w8J5*Bqlmxk;t7rX{nm(!J+@CAUKjr9;7-II)Zm*~cC-tyf++e9l
zkp%+N2GS1d1ps3YL}aJZzvLE+*2c;m@)?R%xm3FL(39jr!=Fir{gL*w`@mZ?V>tyi
zr0{j-cqB9+s?i%lEW@a<CQ9W9bHbR?TFT@bXF{A7!O{k8cbdQ0(wn^WprdOUZYIA5
zRr6b*L3R8e$7Z$~fAb|?*0wG0y!Ru#;y!g?+cO9A{)>0ATUe0?`bt`c;Hu)x(VCuP
zLRfiYT2_12ye{!LJ3O1ifyJ4aiX>$0KXY7!RXV@b&A3i{)CjI`Q9pKjs5RRIW(%M~
z8V_)VcRyL?_dc1R_qt`#kYE1XpFhg<KhX^htRMYbD$84{ueR^C86W_JKmFp4q@JEE
z@|vcCoQQ-Ta9UzqV(Off0%bY$@}OF0WLi;YGP0TtQ;<?v;wQgNp&>())!YQcybpX#
zoZIahW^TV9lhdD!m^B+#w5o`V%+={-mHBWZAqjT|b8~Z+{)Q@p*L5)NaV7=^lsDs?
zi>b+p?;$$5iv#mr!?$8*6A@L?Bk$u|Z<FO=6zU<80hFsu@9JkJ-2Dw-Sd(4cgZ7w(
zRTy7Ocg=`)PEHsTIokn9xedv%{-%J!NU%$$IxbA4)lCcA1#NhyUUV(A_31`y<$R~C
zFUVa`R|ABR;q~*pI={3$Tn3Eqn&IvBv8(eo-xvJd&yi4%N`CHok74ofcjV3e`SZ*5
z>32YK%qR5K!~N6q`(HqCm``SK5%O0xHn6-uV)wr>_?ni9j*;iJJXlvx{nhd7;oWa=
zJA~)3&mKPFC-s@nE!q03xL4V{$d5DaFZKF?zJH`nQ;}d$;AmiA&}^^ieR?m&b#<0<
z*D<#+wzD(Va3Nx$)w0pKbS06nSjKsPBE!!{zXTOSNX}fG=bbSRg36BP`5@W%c+F&1
zI~S}u-p0n%0q{W%<`Rh#j!(03Ch}tv<C2P|Bh#%t4|r{@vchb6y87r$1PBndar3)f
z96D6{6yY6!PP*TUYJ&vZ*hsgtM7x_3<~Z@0J!?(_o!lWN{+Zm%<=Pjosz%M5lD*}H
zk5#p^eIs;LqN^%U1>YX9+Q3X^d}b<9!sg!K#FMuI#paP<XwW7-O01Ai$e>pHO<i6H
z-aF#)BnDh&P6Q;qI%8-<&gsdb2ePKDd~l|vcKR0LY+EmJRg&Rk&_o$4A)AB1TYY|)
zE+L%HBAM^_CGXCMa}76r02UbW)lm6dLFJ{R6_5vhsR4>Hy9B95Ec2oocu&$EdQ`a?
z27(pYh|CYU{Fc?$5(T>6%;|B_?UmP!AM44bmP&~ijFb)b>yt(br7<WnsVe(MDlAOs
z^Fo+wd!AV}NXf*Er;omoMUgEf@mw?QqKV%y$_3+^MKpeA?I$>kU)4ZQM2Em9s<9Om
zZ!y2PXif#o#s_n9Z%gm01DBS}aZ8YFix4yQUwVw>b)Kn||Ilph0@QIta@tEiZOrUO
zll+7B(*?I=^_xj1k7o2;A+xVv-)OW*oqSR=Y=90k+bpP~^ap5Q^T$mHVIhwcAA8sv
z67+)=`+QD3v5tkUug%Z%ZrH3BHCy6W7cs#Uzq*qET#I94H`e<mlx*}vSHei29X|LL
ziAXl3^RqH{kWU=JwBM-Yh*xn5n1e}^>qL&80q${p_NHZK$t^gf#;JP}gR~drw`ttd
z$`N}hj)tg<EjtG!#nr&IOP%HB*O93@e^Aq9?I~PG6iKz(XR`8WtY@9z>f;`O|F&0t
z+uxR?8Ep=J>v8yN1o1xM+aeaH$Jc*h_`awgrK%z`#*O)aJPIs~dqCs}Q{HfZu0ILK
zEICpN&Y9Q(H<Y7SJNhjGE0;oOenWMyuw6nz&n)(ujyY8{F&0@mF^<8KvT){hl(}$s
z@H+wn<{}xE3UR~V?pTSi#gZimhBX6=C+KF#_Ei&gG((o*l_i^kouFK*4fQ~T37TQm
z-YIKa33tQZOj%&bQ`2)hu_N8^St?PlRvz^!X}p^zgrTB5x*>~?$gXfGN}93351PC$
z|2&B4a<$;!O-ulLJfEW<9#e@rVaaSsx5jPG=F&~;fZUKRPciB{%OP8R@U-YKWq8>w
zy1_5Zo~c#*Rws}H-P&|M8aBHPX1E94GXv3?qI{kndhW`j3?f%=wa%A($YX<(Zf7I#
z&951)-}4X5Jythn%aPfeqY-dlEaw&B?#k-Rsb|WCmoZb&9lLOa@5X+<>x<Enwg(Mq
zOM$u-!0V0%ilPI@7GH;v8vR0{OJ;wyfNfg~g8L;PT1{SK?6|xo*$tnZkc-b#w^4|g
zzp*-*jjv}xK&rp&N%ss|;u2UYUbRB3Y?mn>RE>bB641uqs-ZB+4Lspyayfad#hTR*
zpp=i+ww+c$))^QVxo6Wz+^+MJhw85XG|wYpFJg@(xDszE?<wT^!(T0%+;S67U3$Mm
z)uzr~34sdtpAhJAPBRw~Y^2h9@`(yaRQ^me<UW}RO_Sn!Jk7qrqM&4j(MF(Z2WCfy
z>K^aK00wFO>O+X(*Q?B6y=1zT0_)-KU)EG1X>dGgcZ|*f>;FZWjQ$Av%Cvt+ko++}
zamZe5*@aI2rGrYCZ48*15cfrKM7J>+-=5xCyO{H|hv@~N0m9b<0om<aGD_@I38Hvr
z@UV9;+RI2v(vQ0M=_F%;y9tvfFP3YF18A2)T%7P8`L6NW3a)#A4@QW#477oykzYjz
zrHNXpE|@`t(;$RRtn8e&J!A!x1E9={yQB$WIT0;L2oL~d4)1fbhI||TzHh1i?!dkg
z>0iS$!@+&OOPcn-dp-4>k5woP=Nh}wc$=X0$!Sw5j0%V=L(m9^ptmi8)diCwBYzFI
zeigfB#Var<_8aZlf{(}AK$UcwqQ=_zV6HqL&}}FxVc=01#UQuw!sWnYcju<|)`n}*
zr^%zs^=AKt+--)Q1kF*q%7(>>MU8wYg9n;Gc#*GUzd<XAkz83dR!guJtXR-(&9h}j
z3m8c##gbg++nZ?mup@hbRr|RaY*Z|WGLK8WA>;20Q6Wm;7Aq+mV%I1WY0`CukTAlY
z%46upm;I*IiL46kGnV;8lA{XQQ9Wp9u&R|{jC#UkGTU}yqiPKY|2=5uS2D0HaN@_C
z7iuFQSM~Pl|C#1L%SUA4SvmJxLqkqKzv6cCmutv&pdYK?EO)(D22WMNSfVZ1kXz{z
zw1r4Bv=NVN>KuXB8wZ}R1QrmMtHo&3c_OwBW?o6PS=#HggcD47Zq`y&Y-VbUEw)%4
zOtv;hLUf-rld)D(zJ50YaTm6VQ1R=I8g%bDn+q}*E`pOp^^pPN=|-@==$V}~Hjuh*
zTLtigzq6)2<OpGz<b279U^$I!j3YTQB3q#9i%G&;Ssc6vCS=h9pf%k)fK;qGvr+#0
zB$kM@tk$GTXpyG9V7n9|^{wc5fE==l;9m;64N<hP7QOAnp;WGcN=7X(GInEsUm+XS
z5lQ-K0NLJoS)ndikJpMq^GKSNHc6CBNXV3MR?-Rc_tn60s`rjqNd~QFI~Nivqs!Se
zRul)6PrU_?0udVUWE<E5+TA>Y9oYm?k%|IQ+)367j;WyY5&HaAaF3pIy$NKW;qc&k
zb98rN{6!jz@#5sIl@IWA1&mYR8rZ}-7O|j;l8W>L0biqn8V>L|k%>ruwy+}osoBGb
z38>X^lp7`v^ago674Y00-tC=kFOScdbq~Z{4a}yYG9^EviL{&{u9}28J;fg)V=j2T
z9+6>)HcthB*ex3ofl|wIkt6Y-KrC4a9tRafKD>o9+u}_zVGSj7K*~$PmpT)m0bfob
za4I`f(Rb|usf_H-ha_P1W_p3G198(t3BNhiRmt%VnhaLE`o)<9R0}cx(ROb8P6B!{
zz8M(V2*QY_w-T?&JzCko>{R~R;*hYD_e8WKH-7lG+~Ea9Sm8Rwf^DU^;3i?gQY;Sf
zrH?}_;z0aRE_chNK73%lUqeD5cD3c{sr9F$h!F?zbRGF<bOEukC(Z)7F@kg|>cE|r
zp6y&+koAj0N3YzE5GM~D)7htsSZqr0zRz(I#7x;Xw!k=mhW+?JH5nGJ<=sb`dPpwR
z=a~^<m)4#Mslv%cu@|+b+i4_X%z#`MZZ|cQRFf<A$kxNdi`*RdJ*yQqS@5w+O~O45
z=A?n(eE$mMhCQ@G@-DUHdGhF&iVpu?syBv93%%)21b!I7i&7Oof!Hm5Kr>Koc7RVo
zAMP?V1{J3-y}xj48CvX8%JxRBtpH#NV5WQ0C?>QxmVEqhy+$QeH#TakV+W&9Z}S+#
zUs+Ya?X^W^?P8;VVO4i8gHe2nDO8}n8&Ri3bH2n8o@e7!_w7CjHx_qg>^-bYje7TX
zh!aPXLoCmApqwIy^yNbfCDKq6uzqn#$U+L3a@L7dm`|q$I81Hk{a8R4Sc|Xc)8oxq
zEP$-FNs@fzX5`^#%F~AN(E<iE6Ewq05Qwa%XL+PRfU>HDKsiiWh;)Hc>o3U_XhjB=
z^Kx8igI+PocB4i;AqhI)^$3mH=oy#?6pzaM^z_u1tDdHMQ4!MZ<RS76%WGJ3*vg#n
zprrIt@$=nMakv#2m)lhzn={TGCd#d^_P_w!3;fi11yIaJy)^_G3UqS_IStucj{SiL
z^oQfa{U*!f^-99m0YUD$LT)FP?UDTPs3WPD%|64$H8EF+g;EL?1a6sO$%q6MDw1+}
z$zob2{Lt!X=Da$GNF#Pyts#qNwmfS{EW;m0VuUqWF=hT%*20ojEU6k%>EWd6DsfAk
z#R^*pWn>OSx1LT_zGeym0K5;&T(?-{`iFK^yu}P1vwkuGy(zW-g2jmMF8922+!FoS
zR|lzerZ?!)5K}p!U7t_L6mjY+B}pPmZ8*1?j^#ku4k<$~Lz|RLs~*2;KTo2sJioOb
zz(xVZn$|>85{eR=+AL%N<=W*Nh=6&Efj>0@CvRS;IR*PNt5(8Zp}y>ra{~r5TjP7N
zhR-gydUnz-^jPeh1_$*x*NR^)aw#w|+(pFxTf|br5X&;#5Qg=vMfia#;G$Rg`)z-X
z=UPzMBr=et(Ho$A2B4bA?J*OosJ0JZvy9btw&!}xp-(D9yoQ_Josrh<MqLA|L9u^+
zkK>u88Z^wPKp=33QBl=fST1{l219?^$iXnO4HEZ{<q+v{!v)OiRPU|(mjg-jByt9M
z9Vz+7=+U^qdc`o8#cnHcOP=l8!A^x_kDkp6T~vJb+dYkE%5USP(~B|L3U*PxS6}>x
z+%0-`C0JX;9&)^a1-*e9?aCt3*^aRa%9zo(sB?`HuuI&C3q;|$?nSl3DM)YaUw>T*
znNISDx+hhu{bIIcZ>`{xi(!Q#ZmI0p3vG8ehnS!%GMUaoGk*FFZe1Li>;w|cYhfQ~
zzMhmnyXfoB<47TtU9<#z(@GiN^;&fGe1&qxKcnRSCDBL>j!sO_OLcOgQ=sT2ma~VG
zgmlJl=&k6#;@^LL_TivA(H4nLxMFm_6R+5(^qNTxA#_qx&)mNbLq(gU1LP5fIbW5a
zCNc>gZQ9i-#uh}p*OZZ=e`(uylB0W4YV8!p?cr~%;1{A3WG^Fm4Y}cod)W&nq{ZfK
z9ca%D+cXrswvdnsCu>?Dl2<HPF}*oy(f|eiv|}fAu34-%?RH8shj+{2SN%=giNNBu
zSqKZ%Z}Zly!5eih|56rTHp=%1c|jbIncX#U*OYUmZaunGQ_I;)G}9`v^aDW|^G{;f
z@{8IEuK-B>^0t`AL2>{k<6{rU%pdjD-pJ~j?`b$S`&j}NJ(>*#!;n=!-yV~NuWsx5
zjb|dNTCa6Z1vy1vd-?d5XY^L!q=|`ik@DL=i&9dFV<*oO7AAP2=H;M(4Ks#Vo#@I2
zI`~AuxXW1}{ZN#vT(+xT-N{<*K-pt6O|2cf6v^;7XQxPg1O|BW&QZkLeJYj}wBTz(
zRVDHB*Soa?@bJP};`<o_m;~wYFAk+qFE#W^cEi+_)IQ~0iVIxw9cIg}!h>=+Iy0;8
zU-LXSrp!xOD@>S1@W0!`l$rg})P@SJ2uM;gVevc%c*eu~i<y?pGm!)dcWH;iQL4IX
z#w{W$t_8Pgs<T_Hiwt*4ip$FPF35T(T{4D;*0xBhjpLZs(ww1Ii_qYQ+`Rllr#iq6
z`qx{w_pnh_zhC>vXG{zdQ%ZsmX$x#>m2cjkm@V<P!l&&o7>I&v5jaOHW^-b-u~8Ml
ziggFBn&PU>I!#^hiaaDHkIQ)<&6u}i({W_lPqycuCS_YhHjDCG1IuFai<WZzaoW&f
z+?|_(VW@M6Ko#1Y3i$Nmdm3T=sD3o^T5b>GETS6Rn|_0H6aaS%XR}jME4-Kj(lOf!
z9{|S_vYS}Ijow%noM{axqKPBto;fKLq^4*4hi@Uf+mrtlz#>1k3f$0nECy86JU}7!
zJfQF~tqwc<Aj}N8yR}(DaKy7Uvn!cHv$`1of{3kBx;D)1Jc)ssRfsP3f&yO1s{0)M
zo6TXc-S_fX<$l8?wzucY@(|J`f$Ie)p;#un5AWuUb>9m8j0tg_KD0pt%MDR|`y%vA
zRdpwOG<f_5lZPNcZx8M|9njQm;EWyr9j98ZT2RsEIVzpx&f^_8pi|8m&K)_$V0*!H
z6}z@V<PDs^VF}M2KI0!*diT_!&?#2ud$w~)>$p4{Qp+CK+MA2A)5@aKXyk)?LEAx=
zSgx9oF<BZ~&?;xB&z4>B@Z}X$j%NXR&5i=>zI0?d?Td%%8mhf?lHKpBCkhjkXHNFR
zIk2Ol&Fo>M<gO;MP=MhSg>(Oo!>^dzHpycqcsGj`^&*lUkpDn3MC&DPj>Fbv&TkKR
zUN*RV;`;ouF5zHW+tOaUv~|Z`qStIX7KR7)FH8NIj5jHnI)e~5QKz#S1RKM-=fg@0
zi1}CEgF7mTk7a<5?c|3hiDN=D-XqQU1+oXv1Sj?JK-pFluIW3TN>q1~Eo-tJaUGJ(
z+6jv;c)}2-Gwe?!M&A*@$sZ2;J22HUMRD&V_86g-JIIw4O;t7QYUo~|D_9&g(^(j~
zgQ2Zf(%30#$<9G6c!&Y6@YN7ZW>BrIgN@4NgL2^E_ub5n`ldK<%Tl`bY>L<V?6-Xc
zb9(YEJpNu?O^@5YQthp(>4ZA*y-W5mUs)&H@N9RQdfm2q5@ajs(1p-?Y@c_}@y+Ei
zKzgEkf_U6x`4lLzT;wABj&*f|*+Xt}M}q}O<aTwmZ#SwOqPuN)Oe|)-NS;<Ker%6?
zfNH<i_y*tW9;WFT7>j}LE!WY}2VLr<RrP_(0lql8?uiq$pCwK+lu)-0;Cg<>N)W(o
z28i{2e;XU_%@+Fz@eB92(je=*iRRe8q-W3^pK;%k`%F8mGNJ2>^`bC?Sbg~Q{h>k|
zi|Z;s-^AHQ*SQz9<H=6IagkBpDZ)-$sk81!7PnebPe&ib6lgFS64jU_iMs#@+Wok`
zB51agcF}`vgWqnBL3FKLJ}4(+(Y-{_wTbT@;{wx?V%>iB&82W4J=32@O4~Y@F=GLz
z?Mvx7ytdU!88_t8xGhPTN;c$j2yzaET(#vnbEe7K-DZaA=$iFxZ*eOor_d_tDaoAz
z!@2S>ML$^dgrfJidc_kM>^ZY$Ip?GREL7Cl&#Ci6VD&ojnPx`0)xbw;J}1d9J7-~{
z%{ZT6rvyWP<XF`8<6cUW<9LX>N}JGY;49{{?-_?q@}-!Q$37zzUb6z>C1^IfSP2$-
z5fqIWBdS0N4^-F_tL8e{uF{wM<{Epa2KE>^>bEaNY3Qjxc<G?4+Q{;K-NaNA%6U31
zQ~Q2T1KNIq8HG$s4$HwaJV(%lesM<};ZG%6=BoZ%dTZY>df?4U-Af*U!B_~Ym=U$v
zZ7H|lzvApXvs)X;xKk7GDDRLy+h+W0T6RQ%kPR;u-&M82Dtss(ope6R#)Qn21ddI@
z;7A^$5WA?_FElgPdd&P<c9Onndm80wMilN#mjQhlpZZFt{IrMG{}W?B=T-Y%fe`%F
z<1mhHt#;ySy71FD9AJ39Ob_=;iF^pxbtr6auHDB_hD12yMLnp*L)E7_nPwe|%EoFf
z9)<9M1jZMd$KlCC*R}xzHk+6So=}!1*uS9PD7huQ;;RIrXShBfiy^PJsmVal{84W4
z8Qs478HGCHNIQDGf6m;|n;5S%X&eBIa~Mu^jN61wme_YBh-#W6|Aj4V{A8@caxWM;
z0xGusA?7Vc_GY=92$qTNm3x`5Dl0}28?gTQxVal;d3ZmKrn=DLCE59Mk%=}P?{f2o
z6HH+XulYA~K7i}RObCzXbgX2P_zEQU$FK9{HGW@xayB)q#VNeAR02eeT_tl0BzhI?
z45$EC*Swbx2l#W*w2bIjPa0|~yB@(9O_=_u0fTB2u%cp0AbmcsKPi=gMsNq<3gqwF
z0ZV%>(9R{1fTuB5ZevxqaFj>M9Gd|GM{RliVG`vb&2=E5CD9~E2)b=UK+<^)Pw%>6
z*iWjL=ok>)XdXrh3=>FofG~;3F}k16`<Ucd>DvhflQL<*8eM0oseHB%v}|Tb3Phh_
z*Fe_uuVWl{0Gd%e#f`}WSA~Gc$g1F|Eeet&p6}TV1A@Wh*o=j5)B1SlTvke^hL_lT
zmtu|Sh~nOJ0X3<%#9rRrGDdr(&)=0k>~xVa_dqC}Ty0W|`kmLjUjm#v)~Je$g6^@>
zH2$j_a*4*mzu~hM1jD9YV0!6%%c*##2v|PS;bT@5GrM<NHx6Gy3(qljO8B+~^`;Io
zt}w+@ifIW1tGKH{XP`MR<_#d?Rdyr*BX+-zt;{qMc3N{pinl{7@yGON|9qd&$9tLA
z5!VBz`yG0OAO2}WWe?J~wIiOpQD3Ny?*P(j5kV8oF4R;(LksU2p_Z2veZ~YcDGG_^
z408p(o{nM%=trM3|Ld06)1ZvX@t9qNZqc015$;8y{)%`9D3kwsz`4Kh2)1=|T(kR1
zv2wNPmcq9~{`O`XwOsj+bkx`dx9H)Yfu^^_B=rg3tZ75(!@)EYm<6W9dbZ>XD|f~A
z(m@K8?AF!#x4dkzB`3$9V7A%uHodCQWyA%X_Bh^`0VlBu4RIr4U+q!-6EWxnQf56`
zcIj2y0u^2deFqo!0g&frRbW4tC5Lkz@sKDGQh~gN+($H=|AqZRckBz=R965KQV+pm
z16P(#tFx4(-UKK;OP<Iz9+n;346~%)0IUW-=9|^_(gx8oJGZLVsGQcDpNKv)cNJ5l
z^V(&{U~!BZIpTg>(Kt}|4m$HAD#lG~vy<Z0cS9=FZ!FN<QhDSR%PLh^)`qQphGUXt
zAlw>>R@SEYt$8Z(-K2ZkexK0Wr*eA=rJAR9=}o=rzGVqjK>^(``Mmu#p9G!jU+J)3
zo{qJZfJK8Hu{V$KPrXuVwSzAB6|Ne8h=0_xh;{$M_>urWed#|y58JPDuY?qDPi8~;
z*bMl0jZ8Zu4a$M6C8NXFsLqcEWGH4FhO0{2D+k(3d)mvZk4UihA5cwW9>KJ;Ttn<5
z3YUF|E&l1HM^d}ohl3mS4E!cnYmtH`Tu&koAN|#<=dS`5;*AO6?J+E6&s}Ns+O9Ha
z#xl8&U?){PSx^Zmr0CJjUDhL@Q?`6aFGM2Gj89jPgVkxfjs{KTkO{Udju11yJV_e}
zn^O~s*E25q9-Z17({&CzY!}DPFVu;!PJ*>SYu($1j8#aMzY(Ic>|f_juCQh-Evgmr
zzQ+CjztH1{DaavcSx@V%dbvflFSFi3W5tZF^bA9?KL(;cm!Dt?tF3#71E05tY^zCS
z=<Qj4wzO}ni?#)0+6pj4+*@Y0ms3RmiGqtzH9XrK7kIbx0n$>T0JGX3!1Z9TSo<fU
z_KxzYeBFR4k0oV}5hcNxb7QB%7BRHh>H-;I8HBP?X~?RkWv^v|eV?IgGbylNHcYBV
zcp;jSg0?iT7NwfVd43^`epD^Z0bF+rL^u^cy<)z_fhEKxPpk&Y+{M!|f<?+odkG;p
zH-+)q{J@%+=E3S6UMvphOQ{8ZB=CVA=$*%oZOzal-ALE|2K){erojx2;alHj2*<WX
znGZHvytP`guwQ|zym70egKoWKWo;fc-tUk1iDLtL7*1RnGg2VkFnqrZq-$woFrd3M
zQ#L$;q)K)sPj2^mufi@$4yqeTxgsl?OFoM!7Mn@Fd$?gr{#z=NHMatj8e||pOmWRx
zE_zw`f8P2e2LHWK|IBOGfYhnnXw^GZyVi^lVOFlK1xzcLEphcnh3&5mY2b8i3CUh{
zD^29GPiV{=IU;i(W4~BGddAa4)=tk|bZE0y^&vGZ(BYO+8)5Oy2o>G+C!~!awdCV5
z;|{EO%368at<pjnxVg*8Oe^8pjmx{%=6}s&Xl9E9!r(?+YT~g*$iiAyySZIv4+PaQ
zWk;$)eH(Msj@AY5uw-khRy(Wa{*E|4ew4g##@vMR#L67uA>g7>pkS=OU&RrZVp1A3
zBW5aMA{ug3GZsFw=sU*`A%&@yyrwV6R-mgRk48!^`j0t*5t0iVm<u~2*s$U~b`y$4
zqf=f7J6o`|g0h@i!3QLTfTFhTat3TOt|#8S!LKJPIPGZC>330h)iyI#0;5C_8Ya!2
zwY=i13m0JWuM|2u_mP_#@oP`2)g8f0<obS(6MToQqUtH#^w!O3R~pnB)!|&^CsYHI
z-_50Roo7v%SI+d^s2p~zX>_BD%7VYEhEqaE`FgB7CKut&^skRuU4VOK6Dc258~Mka
zyRCkQvW}>uWnWQLI-ZBM`A@!wE!}Fmr=zF0ZPG?$i%Jsm!mK$%G+fRcD!*zkNXEi6
z3Bcfri3U`t3+L9o$?fE_1pf(1$Z838lX}$U2*d3<PVNOu1pze?E)0Q5T~u;{U)Y!)
zR3iyw2^Z-Z=oTrbD>L5euS_ZvIf)R={+x+t?nTnXqLsB5tF`jWpmvR?$)32gmM9^s
z#f-Hsu}HwvX3GM!G-QkyP}$Hz5C#N4kp+)S>0HIdc$PY^as%OA5=tl(f*!%MZ-i?l
zy-s(tQd~OiB^-dyn%K;X|48*MK>@0K$JH_*QrV=7O044U&Ngb0jN+q3G=Di=VKRPg
z*GNjd`)h5sn}um*zI(_ya-K>d0yz_z)K05sUV9elazYYG7i(jz;bT?7cQAr-z8Nm}
z-(NXkdaQeK-iW;)@KT-Se$!s=+c+p6%G-^{dWgJXzsM_MIy@9a^rcfZ9QAG0OT1za
zGSY$xXhsa<3rQ)|j=FF6A@2Hsz{)i3?e)`|5WXj8vuRihQ^sccFY!BxFu<a*SdX)9
z^y7&>c8%$URKX?69N7e8QX{K1Ik#&FKFSPp&;uj%EtzK{HIR)wK|VhNdUrH`SG|#R
zb)a7Ws*wt_a$T(%wVXJv_nF~9u!!Szl82eCbLQ<zPZQI!E&qCj-@M_S|3OiM*$-eY
zlgr7zKa~a9yw}K8S~5l9!xS>@=aE6c-yTi&dZfDQG<9(s0JkF^6@wV9T0~65L6T!w
zSIKTc$JJJm@t5K0&$Uj~gJm@LYRv~Kp2TPD0-QqPrCt<d=UMT;-8Mi!JL9z!eH3@D
zaM23%|Jx=d5iAfafDTsLA}M1R#fH?~Duy)Q%t0I;oN(*HS!)D5x)n1O1FD9d#PHm2
zSw{Cc4?(dq**FcvxipGEz_ruO@^dwdZ+%&~&7AN_^R}rdXIg0Oxjrn`RN-j5uEbp)
zMK(|45oZkd<u}Mz9X>UIe^7vBuJ$naY`3l(M{QRMC;g-BpH{Yk>6p@u%$QPJ8cHfu
zW!FVQc5Hx%`*WlYc(4m*bRqv)G^jBuD{K*OzB4MXpC>D{EoQ61^Ygd5yWl3zV?RWv
zMw6U@M0Hix5vC+srFi0jZ{R=v{n-S#_y=~h0;1q(?meOg2raP60gp`Avpc0$2%|97
ze=bueFSEsPmdM^RQDl?=yXWO#18u;+i14j&#P8%Q#nzM?o9zZ$w{????d}jGc-!T-
zZ*pNPS}ubr-{nQBUquqc<XHR=GdQwUUa;s;%=1?pbQzj}3ngWRe7@xO<1vI}0+7(9
z@K7K74mr+I9EC0#2Bb)~0sbv&O*70S@(=OP+9Vl_xb{zW&MxSpM1w}fF2AH4hRf>$
z5g?B+hMq<2AU1hCDS~|f^GtzX2=R^(&+(nD<_-GAuDx&U!_jXh=iL(Z9uy?kw@uFD
z$S#$C@=o2ehB=FvIjSlsOIXpfC+JJL%(T!}`6>wB|C5feEJr8@S+x%UxfdQ)f)MdD
z5VpvQsZ&5wL6EU&b#h=gItW&$5cM&#Dj;9)(1u&*@A-23PmU5u1Uj&m;T+}<$#|@D
zuN@ms=W4ztT!TCXe<cvbP$5P4Ur+Bp404W~lFN*dmKwy|fN-UJv)Q`KrXQo~$DB$B
zJ}UEBA^EwQsYlg#hG{gldzGpRldsQH=iPo#TZEX_A@}S77cKd$i6;Qo>5xpTdfrOt
z8Wqw-jA^Uckd*k_VvJoe#mz5b0qk#fZtVnY$@QG|huOpIXP*^QY=jh4;FsbybAaU+
z$K;r>{e_5KB8$=C8{TxGxg8KA=C4D^y}z~Y*OT1utsM@DHPY4(a8LwSLj#2;a_et(
z9|c|aX%W0P#&ip1lx}R0oNV={vTwTP-*ws%QMoHxi6tTA0a!&v>qS(1GNp8gq4Tu9
zpQ^@?Nu*RpwzSbsP5b+e<A+3vfx1XbVPcBYu)({su}jVk@5%IvF2C2cvd*tNlqE=n
z31nPjq}bgRUm%mwd=%imcc3zZvZxn3=ao{MI?j1*B&VO=pG0m^lZ&}8QDV>#qH3Rp
zIg!v0-Y(ZYaWl1QtR%dJ-P^Wu(b_LbP&VPA-Kp!;lf%kLO`JWpnS)ne2kogC;i~8q
z=!cf>wgXduL?dYq%^I1Ay^Ei+s8X;M(!s8LZ6}J)c$aBXLGh)*)@;_5;I3;lUH!T1
z*b@$RW(M~4lCf>Z3QW!}58}AZVKQWngI5e?jI;!|@J@d=-IHc?4%yh&$@VYf!^{K`
zK|*tDuC1!8kqg+TgA`q?9Yz<JC);qmCeUf1Etgcc4mFx#OrbeGg1M=xxa6A)U}rBa
z|JSZqc6SmSA+Cf#xba;~Ef2G{YAVh8tLP(K0jzY<`dXzKo2%f8H1SpQ;$IE?RI_bd
z!)&PP+%14rZc-tW$$GlX9e|KVx+U72TPU0|?Ig4~6Js#mlj3n0?;A(X*5JWKlrMW$
zsdXM@eZ)_Fog`?kjp0bFMZr^-F!>tgVYOu-Aprdz@oGKlBqv(jM(d&G+^fhNZ5E3`
zfgf`2DnjM5q6Y{m9`u@h7r$?3=@!haT84aO_;VXHT_xk>*m?+pTzYf#^emT;Iz?Rd
zN1%6R%(^qzD;CpKYlg$6dr;T(9s?3>cMha%!_|~1%!Ib@MDA8ohYf4=KI?Bb%S>KY
z%A(7Q4HT}lF74?g#hU3(I|~ia*Oa&jje}(hv(us8-LI>bI|ODaA0xY?)CM5n#usv1
z8WUJ|N*3lL2~2RI`@U&%bx+9cV!f2Yb;Lfw1<V#KSiqs(JnmkcfLm{so9}rJX(%(y
z*UA9`0#;Q@bpu)xC<^>4EnF%jE+NEGD4+KRzl1~7ETpnt{*IA>e#pE)Olb~^?N&Z^
z>=_>gL%pf+*wQ4@OgPoBVll5{J4nEoCQ)&0Wwj=G%PV5`^5r*Gv-a*@+adfN^%IGZ
zEdBcI2^o#mV1*R4*VrG!cO=`%{<!F3Tbv%uDCM#_oGsial@Cl`?l0xQ8-Zs$)B-^s
z0Jq#cB{|uSayCXtaM+A<t70Tc*1q7;AQ)m@LHC4PuFxnXH1jBtg7hYyYIiu%z{IDt
zZmG}$2v{LTUsQ)z)=)1`!x$te;|GMX_h&j3l?Q-nigLCj994n*lfW1m>S?>FYy?3p
zHgw2B>IIUwz0VYK@LL<-_Tbb9z?`!<|11PRqF>beK@9D1%`WG8IHd>7#b<-D_Bo^>
z*_G%9SbN}p@_*cPWnF<2^n^rD9s^4mgETN)2Wk_iYX#P-Bu74Rda(oiodLj(>Ry1h
zEaNWZcw2sb%}a*Vgu1;Shk`W}Za#Z@lfbekjVecDNN1*M*1*G|O%sbu`<>%{i>eTi
zCaOaF?}s!U6HG5Z!NS#tQ>EjcVs-;EkFX*K;Ee?zp`efWFRox0ylY1m$A9mK`hvqv
z;Aclb>tDNj>Eh}({HRd$un+-!I6Y3*;W-ZpjCf@G<%tidT<NX!Ce|BnDzk~*sGgHS
z?6^<_Wm{Qxiyx|PDno_J$G-W5(0;Wj%+>of7)#J?@VlFzF2+cDOx>K5@_DneE_{!w
zrwQ*xA0&9cj2I<TBmenelOr0lIS-I6-5$Eel+PZ1JVN(&$$M|G**_>pe626(eT{$y
zhQHs<0KZ#&6)UQJYRYDF1y6`DQ?-D70%h}*U^4MvVg0#9IU%v6Zs%n5n=i9qIm}EB
z!)8fd0AVWa?iNcX7PT@rKR=gS@*5UJ<wsHZ`$E#Hida<ivba{$ZNzsHPev?b(xAY8
znW<-2@S6kk@9hyOX_G`_wW3nqC|;2~5c+{{2g#^){%On-@auW2>~)Qx!N3Yhd%%Y>
z3Agx%ZXYVh_fkTYcXmKA!hGAi5hs5jCEV_b-H1Gm%foAuYca$WW0v$K>8x$58{-fj
zmh;`Yq)gyBg}rYD{lIQm{&V*7^sY`!uh=Ft;6S!6x3IrIjh$F2DR;L1$ta@JYX91Y
z$M_iYMvb?>XQi||VgucgPU50@rQ%g9ARe1=;FCXekTKQ-78k~jwm&jDq?u-y2S^*B
z;hlf*^1NR)hX-ORkZPqAJELmuk}=p^1y`ydhzNe17hKky=rML2y;B}`MzJ_NS4CA;
zF+&H+;D2%4*wfZ6w!&Pr=lv>`Okq{Rw4&a$g&V>eY6-812v5g*OQo8^*qJ!_3;47Q
zS7}4(xhkIc^~c8W;_K*jDG@nb`6@u~M%Iu*{kYm-_qRSp385#jz<sd2-)D`gQz>2l
zd?q<b5YmR0bjxs@S-b%m60A|A%{?`AR~3?$e-N+lmjCd!BVzfXUZ;l#026}-7JD7+
zW7n<Osd!+P5}ly!y|KHDnIi1Ng3{CYF4qN3JR&S?C(Z;_ye=s87WHEuhM(%#Aa`8V
z6hi@D*e2mN9T`=~(ALyT&@cDN8Jt8z>gBPgn7*8Y&&jt?Y_`TtFsN`cMpgMeS>!an
zA9R0X`CD%}S&AwQm@a6s1I>6kj(UKi%c)#xra%T*qjWv|F_pbb6iA}bS~SPe&fU)Q
zE;Z{0S{G_4f|Zb7{-Lo6i1Ykf2Y-Kf(8zJ|Qw&+p_(uoQVCZE_o4SvgcJrV8y#Q^<
zzZOrrpObGjT|(jL-Zc7LhS=mJ{hAKN1Jr=Zl?wqFHvi=tgncrFIz3x!cJGZ_A3N1*
z-*(LSw9v&>DZ?=`hP&^XqHSXhf>%qxs|cdY@C8yw4@uOGTVsU~_fDISbipeb`nNSu
z(am$_b<~$7D|m`?jZWOT37Ye4bvzB4_tQT0oD%#wWKgf25wj<wRyi<^DJ}1WdNJ0H
z!f}OmQOE1#D#%!$3P9gxcJ<BhYN9Pu8#5YKN$Pf{Z4!E2L{belYp1Liqla%e40kU)
zu%O3(9;M6BT1VaoM{XG7Wv=72SB7m*TO6V9g8i=}cv0QY*`8;G4Q>VQ`^y4HI=CKk
zD2b$^7%9jTum-YW&;F1L%|l<;9&$DEW2ni%Jdg`LXV1NEJ3{9HBEXU1`=orEmVcRu
z(0MIm+R$<uGs&qL#3FG&#nBwyC$`^d;XaOrypYNFw}ts%VgK&u-s;2Jwxg_PF6A3(
zx~Cz}h_N>sol;weYQ#625Z(U$1|6@2EtHAt^XD`!V4bMD6y8n?r>+7|HDq3+bLcj*
zn794wj6=Ilgf}Dp<ZFjqgtv>nn4sm(X@$Fz)oV8^jO2j^o$eFe???C8UDe&#P8)#5
zMd#ra&B2EJ>wFVqbr-(o`j3X$$hZ?>s{#_VB^P^;F^FW5{lsZv<e@|C6^q+c4XGag
zittTP=ioPEw9RI>v@q^P;0|d#_Bu&yiu$IN4I;3a00Dg?t6*Z_fZ%xO1%B9C;5Npa
zS~q#(bM5Ioh(<s!!~oJNDs_FtxYP18M=u!6?=r)XQE&vdFS59L_l_sZKU7~$r<{Dq
zSbS6~X(w7n@G=OmK`)k}Yp@!k+%*<4L+v1dT0V!HO<hv;bzVV#d(i6Xv4YR5$W6Ch
zYQS4CX<6^zN{edDTbZ=>)YpfJLqosMjZ`k;Tnh+r8{>ySOln2^@f|o!7vyu$M}|G^
z^iK#7%7^8OWg=|YdL7u?kv2^fn1VD8^_^suXvvCgBB{EIqjoz6pt}w1tjKRb4JAa4
z15qJyHML!XODJblI2`sCX4^~Q@VN$s@}QGM@$W|*wzhJkXwX4SB%vs@7X=4ok0s_z
z=d{%1v}2()2yUWsQ*HYcX*4op?zM*+8{osn-zTAljnfxZ7B=`Ze95Q0lkXt&MMFNZ
z9*0x2H0*8nZQDejaJa(Xyy9Dk^?RPN<pO5fgtB+SqvL}yFr5%Pg$wf04v9Hi5&@W}
zH5Uu{^A3IC<Zz>JZ<P`=-D9``XJM)|Fj61NbeUN`$@V2eG$zA1jl){lJin<ksykZW
zVe7gT;0oU?H1vSVnv%rgjwrDvGWZo~4JFz*szYcRl<F`Xkq%rELP}>m{5pJBvJTf<
zh3D~!uPcWSIi!EypB?v-?Hd369hNILfw$)M16|g%QJ>G&W(?M?vYHwz&lPJ@=!Ywc
zGGJ%JD<}Txob_gUFveK+F)u%i-8Q>w@ELuW*?#T6#vLo{8+YqQJFBlLX$@_4nMXEh
z;p85F0`OszvJ8G!2>aYnNsr&c)R@4o6XgP>g70l|(Gu7iRdmZHGe@mOkdbI0#VjHn
zeBQqDyZ^$)P{W9NV^3QIV}A`M?rxZswaK<Tz+<>Di>Yo_OpdWnmI);k$lfUhR=uOb
ze7v0bGKYU|F@n?SQsVx?DpJ`Y%Q@!__I@U(%`=}c!TdNsW;v^AsCim`fa~2Q<ukvK
zJS(Ug!mZznZn>hNUFfl@*nF7a;l>)%Pd%!=bBWs<&I)0#OI;lEi-xw4jM7qvTfzXR
zkS0Q0U2=H>`mKy9rkuW%Sxw?Z*?`Gv>jM{93!)UzZmGeJFy|yUd}QY8Ug$tzF7Qa>
znJP{j^$;UwE%M-p5F5a$KcTDhHQ{BFM`(99e0&42*^idWAX_Xlhhqwt!!>NSjn={o
zMIqS2;UK!8oomwDi{QLdcpCE~QTK)E6`=-S5Z9Z{RD1#1cy%sT-A8L2G2Y6o;4Ndo
z&ttrl<vF1E;i`(iczn*8-6kKJ+Fra2Lz?O{js%z>N^SD8C*4=;JzkfwDlS}Q7$eFh
zHBP>Lu4l!+v%$<CI#ep&X88!-KXd|*H2RatRX?3Ld5+wZHi*3{=<nE+<BiO&x`~>#
z*p=B}_a2CaBI(-TBypmfN})~0<-SpU`U{^FXYYNpQ6!~2()=0-@6<xkJ-JVoLe*)I
z&n7|~=kTmJ%;YaAn$FI6j#=IH7PHK@YtD?U#&R?poRb~2wHY66lNk-(qTqezf`};F
zf6q2rINy|-CqIr_Bzq<j%>gftW;eE}hptgIpMhDS+^Nc(_Yw|GA}rh@atOa&ftPas
z8|^B{71~RCj=s-NqEPLCz2l^s5RFYMUlup=Pedc-?ewdfo-HS9vMF1{38O2Egs+2h
zkRMg^<lsV$IN$^%!#(AT3J5^jv5h_HXZMT)FL=jvl_~jZ8iIVuBLp(Fqe9@wOp>l2
z>;1)>5Qjm+H!1cbg2fEW2+lA(eL&sPE4e~%bm8U<$OZZdq#m~3J+s5{j{SHl44GU$
z)RVmX&;gER$cD-jsp|U|RW*9$RGFIV9^sRSlx_Q$?7kwUyb`6jZ8u{krc%Cn>FRYR
zJ|X8qzs>OwL->%_L_bB|*z53Dm_^+BJ*DC}wEmENCa#&m{rZnpvgFGiBK^{ZbLgxI
zF&Viy4y+RxZON^;3#7DBawY@%__nk@g9}zkHK<dY3sS!hB{$+i2G8a(DC0<5gXqM{
zAzyB{4V4;I+i)3snatr8$hmyD*_Ev*a{I*&45^3RnszVY-#;p^O8EvChoOFza(kgb
zAYxwt&q1#!QUzT*7Cqd`!OX1`We*VIly{Z2=AeY@p-SB>Ywu=PMfMBak!OnfdVu5$
zS+7tu01_<*g)*a!380P+w{-%@+4}cZoO_X1MKQ~X5wNd{BCScp0Qa79+;Rvu8SBvU
zw+lhoxjyas1Tz8QSsB`vKGvq;!!MM|?OvH%nT8GN=fWIZjd_JS(ASX=FwgJ9RI$eO
z8e_0f(6gOZAQkW0a;n|#p;9Z&C4vVVfgQl{CiFMY6?eJ4CoE0Ws*jS5Z!;~;tgM{<
zTAP-V&^8@V*5_zMKZSSIn4`e83)yU6(N4{t;hFVkhdP#o{mR?EzEBQ;)(-2-qoroo
zc@mOKwMfRzo7uLnDl>>gK6X}X;Kg2a%TpCO7J4M~(rDx)m(OL$<BFnf_%|5t8_FRk
z3W$;WrDt4v%}YossNPa!N~1PBOZdg0jRVCC4L}Qzgr2)E7^A#2_Ab<p8A{BoI^7H0
z5;a)*$tyyIlsv9W5i7~Lqq_h`OGQ}uq!~lie1SCgfB*XX++_lbX?!I4g}sjKH1vo2
z_HR@X&hP{&k$Lo<_`v+#HGXpn4&ybV8N#TXo`N3nNQ{I-4?aaP{??xv!FQt!x7Y`I
z!j-lZ>}+Ov5xbG-W;AU?3)*CA!i7)%#jZ2Hvr-jUZ2)&<cdcXa(dFHBx1W$xLVC>C
zg1NTzWq(YEjreEE^UVQi45nfXz+M36SXeu^MR3<o0;iIfotl-{o_f`{1&z&2L%t0;
zG`{<B%eKw=51vk#h=u@k9biSZJ-|y|@H|6~jycZ>nk7eHXmVyZthuMQtX`{lisX&*
z7*(s*m{#!E52vDn;Pi%t;Y`;Hx7gE&rImd((-+Z<hwxQ}*ZlkQDJ!K$=F%4P>@q?d
zi{QNTsMtn`zO1N|E_Akcukg}a=JyB$JAbiV30U_jcXb1m1fN{#lQ`JG(&^fhf}A%0
znLi`#f<gvPwN^CkVEiq~S2~FvQiTm<0;Q%pPuKua5j6-^ihJt@BbLZ_=0>LTt}iEN
z+IC3bZ2ZrgnLFY32L02IIvrpxVc;K->I6+S2Us$P25lM15Nq9n`D<>iFS1qmV+lE1
zbyZjY4qJKt`{mK5@phs{;PCwL#?IP|m&pc%2#iICwTC!P<<cj1e%)IL17~+2QF<kX
z(iy&NPtj^=3l!Fj(PQtz@Xi+krUU&oz-~?w)xQD@CBK^f*E^Gr>RMQ>79c^SZev+#
zD@+;fYb}Psy_*9IIR(Lwqxc@Xi=yYA#Ep|~5v|P>LSnH}T>qeWxC-c{EK~8?p2v}c
z_x!OfO(%%(l?s9Xy`pZ)K-y@Zo{qqSL<Dkd+hNZgKer@S$saMpo2cq&qc8O;5Qp!+
z#kqPyH<ED!H5BELuQZV@l6K<bn#_IDJ`EX*O@>>TDDZ2ezUbX8*R;H$5xt3$vl?IN
zv_oUrElGrAI$@K!VJE_EDM)3<PV35A(-Jfa8Ni%0+z`aBZ&ak?Qw$l&QKV6(r9G0!
z5^XVg%J+%LsChom1GW!GQB!*<4UR<enNe53X@~MnIMUhG#;5KT(iT|7F$%V8^<tiQ
z#cCj0Jl|7oOW)cQ#Y?MKZ<momhRCVk<!0mC--Pq8G%#_xq|b+*-R`tFONgfMPL9L7
z3(<8+ZbIF6ZSU>lroq?wpIl(f8X<a8q1CaDYljM`;|<9*9>(^$`_=UpMqjn`(as6a
zBekp_&z?K(Uk@Y$WS2c?zE4BijbL|N19A5RJdy0cKdL^UAJ2^s-3MrKawe#n?<l1P
z_>9)v@DWNb>lS6<Yl{y+MdYmNy?p=5ybBK7eOp^WxEnqXB7DcZ1Q3Ho5)T(GK$tD;
zA9j10T&*Z&ZEB$YdvRQ{KzZZ$t7S2aYi4dC{je@XBzpU;`Ni1Z<y?0!01B9ghz8sU
zzxmTqtt9#}Ea_&`7A6}wL85v&d!vsGwL<(AS2syVvIWY5#OJ^PTJ~$AEJX(6$A9N_
z#3TVXwkqSGMYDlnaV(B2`mWGdS>f_#lW*9R6pUtij-Y%zR=$8C+Z)~UrT$#1Kf|7)
z3SVW7r$tPe{r)-Q!C0+n5@Xq_nvJ!y)dWYR2+R;%YlAj;yA-L2F6O^5XFQW5v%O4m
zf;2z>n&b6a#i{*@&y3U9@Z^5J7T0wZg<xOoYU|Vr)t*fK4+F8;1ZoVtDRMLaNI-@P
z^7zPm*iGe>kNeiFIvxdaZAckau?M<#Brc`u;tDLZoOq9(c_=z6&#rcIE?2P)`2^a{
zdjW)djUFy@L-B%LM|F$21JslT^2X#}*iR!~YMVs2qw5y~bNvuaa3L5VJO;I^=?xF2
z2H`)A#XV!ynx$cg?cA!5xaajlVoPXox@le$qK21wU*&oEL7R=xVnr>i&E*7wRx04y
z4k#F0g(l%~q5N~@!sc3y|0(5akJa3$BrQXd31|8!8AgtU%wCFNm0`N4wf!J6+ebc_
zsG-ghTaM|&7^Q&fySC8YQXkL^E98AzQ+9)Ywh2@Z=TZc0!u#9_-%ya+LSpTJ*B7iu
z2V|A}C0@mQOim-B{n2%u$T*Odm1e^QdDrw7d9Z2+fvVqr*eS&WVz5U<0|+>o1!(pl
z=1{Gsiog*vwRlmv+DYK<&cl6cQk6;RIEoF|)%~*8tWs>1J<-KQnRc{!ADGcFS<1m&
zT<DxLnngpINZBG9OR|zz*;BmVm*7BA6&eOz(rig*GhLf9BcPGJOG8?l%V?-rd`%<$
zKL9~MzQ5RF)?$Qjv_wVD4xUs;Hagxg-dwGnN|(3Rs-Qw|$7FWl%DeBesMPjQ!`A-u
z6<`P>$xkh|$-ObWL8FB66jQ5l3Wx=}>)N)8XDyW<Jf>P_T#v*lGV6z|=|}uyQ=YX5
z%ht8^438-})MaiZ@TsXa_c7YmJWpASqs26zQcY2ur%m!Bw~eesk>tHNEN_XOf2<K-
zRqVx4P6RXP3=s~+jhm*e1R1`j<mlLX!8l?}!i|-GxMxWz^OTx^<I9qx!h(~+@~>iH
zhedUgGA&bbe=%E<`*E|5I2#3r=Iz=Ap^<2$-c-4<rnTL$C10Ou?@TD58Wg{4xNVQ<
zp+JRmbt#*;huRFK2QG1r7@yOzHoM-<eI+0TI^szUZuqB6J#a>jUuVVXn080P)GHx=
zGaSw#dRen?RdkAbB%Ogd1YC6Bjui&p7(IG%MP3AW2FL1=2qU;wbcB*a_F2}(YPN!R
zmXG6*heBK<niGzmnIYTLt=!OK#?EA>xjn&gjxajP6AKv76r&e@(6cgY9kY!;Q7{g#
zx8Q}hse@Tm*I6)`YlNJ+lR_-U<qy@2`c+VFb9GR-x@skK71uZ(ZcLJqTgpqlQg6t>
zSbDZl)c_<dNsTDHe}qe99pJIC*=|!n`X_XftTlHd$C!&G8#az}U#_2rV(DZ-^P%(^
zC`DYQ^>0s8OvM!6Xt;Y892kFIfv3O}hw)5BveP*=@geaidjQza1z0vXsTr_z>MVv?
z5pJ;fYb|+fB&Q}pC}~wT6i_B@G^BlsFl2zk)0g*3=wUNYCMW#*`vR}mFY8@1-yWCU
zka3lpa9(6;>s^R$@P3Ql3(83(&eFojF`2NftPg>(vL8L(GD1<rnqzJ^jKE2~iS`nD
zC_b%XUUi7I&o*Nl`mMJ$deAIsyB0&J(4wD}c$lb2M%4f1^XO+R2p&EvwpUX5gI}$g
zNc~at0?duWyKp0I5OKaJx6oq1Et~*X$Gip)3!(38pe%kpJK4M|8CNStTk`yk{;dbr
z=7Gg5BsQV0>*0enBG|j8vhXF$WzzSe%K_Y871$+<5p4(~dLI$3e^DI}5hu~*tA5Jf
zBpuu)&rW~$9g-~^r;9WWe8aXIbIpHh`*jExJ~ilI%<AF7x`0JSA@l3Lu9di*+7aAI
z$H$?`*vJhkpYkPerW<^o!9FJ!5o;UiIzM5x1mc(QJTFEO*j&v;*DLQta@(m&pbi8G
zTq#A?veWfTkVt(go}dh{&v@?@<f|`dlSV!#7NPJP?pJ)EY-goyfcM>WZz;BqeMpsW
zs`U@LXgp`R3-dZo0ujr?vVY$f&SzJMn~BV~$y=grr}8=^VgJERy_DjrGmwo*#O+qA
znBoY_{_e2zF64@KDyn|j<Da@K*Hc~a&I+6$;)nBMByN8r`&9WU^afhBet@vpOI={i
zVBKKIhjtkH-ME<9!JptJx2Sp--Oo1ew%T}`?RJ}OcQNL6+hSw#-A0?OcJ9e_>zm(x
zqnFPy?q4t58IQ-6&Dwocch#Mjm7Xcgtrxx(pL;u@Kh_!yfs6?M^1dhEdTZe$^V!&$
z*}|JoneTlzmiaz6*T}wN&-Mex{mA>^0De(^Vz)8=mfL+IkKY8J%_;h%)41(WjQ$kS
zY^#v8Oy^;UPm)uTNd}*pOqNL%WmD49NE08mkc=^hRyna?ouV>Ae$et&G}5k5-grh5
z_b?;cNR#KZLjfp1H51w-lM^)E_BVBxNN_zx;wy8$`3&Q5m1SB96LweD2Gg-%NR?jQ
zgGu5t=}@Y3k(;C1SQa~*_C_bvcvG0_RUMS^+<A=ZXc@IuRn*@D@pkEvp!~F%uuhkh
zpV+00*60oHy=66pXXEL}X^i&h18-H4RfSHpCTA9{gD+~c(cB~xr)XbOWV2#SS4Jmf
zmyxBTmUC-tIk!1dEUD96K=|0h_v$aEAg<dy!YDY;I;L$`|G!+LNzvH3VR$PGY%(yS
z?XD!h@GJu#?`6k^Tp1h2w1@*X*wHx41wak*mi#nNNN!gBCZH|w&6})n&-Z6eMx@@w
zOBqU9B=6RLfF3^UMQ9|xPtYQf&l!=*^(#JHQeH5_#!$v3q#;tE#=_W58+gL9?9;ho
zn~AHiwzgt2^sXW!Q@oX4ZU^MIg<ta*sJM$UsqFocCP|FXuZHMd8Mb4ecYP(CU=gN5
zsS^@<S}-qtD!3CNx88A!#VG;WHLXGn%smUK9fL+h2>2Z~HyNVg6akOW{>&O@Ehe7{
zgf*b{mb6;eu;)&v(oXIueE*(N!zCBWY<)p<0o-^O$Lt|kV-M?p#?Wz_Dw;m@5*EWd
z^JK+vmzA1w43x{>2cpBD+!&L;1Mf5(ZaE9LKf4080Vpa?YSv3MRl`^TocIgC;=R#0
zJZ;QX%AR!&jrcc4F-2uw3vuBb)(U&XXGnSw<c|e+2r6f{9dLuA^aAn-y>)X>*K>!=
zpEGPOwoG+?X(?U^y=MHZB5k#RBRTSBm`%WgjjZ}xY9klgdhAy`<ktn2-REsXtxOp8
z(TO4lr&ez;$UKFaoG%as!^^;HAhb5~fY0XAtwm~ZNCqEP7O;Q^3KeG&(irA|U91D9
zt+!s)1@k6KY5=0r`{3RytvBI*`=arL-9R7kfZ%r1-p|7{m1h)B19iq4>PIRyJB}Em
zGvvrfN*zP3K=@IqEm8c|7{PAjl!%11^k6Os4DiKF%BMAl=dA8VWz7KcRV1ZK*seZT
z_1!_Cj<p}|#tAcK1D!>T&cn?SBtB^4`?jfl3#myK5=m`j^I?Y6#bzn%`pT@XLLC4<
zQ#BJp1=u-`fk@l$<tnfdJZVaaOZ$jd;pBXm4h7Gn1Dt8rG7Z+Foxjfln;G%AWUrr{
zd4UekGVfUfsyrnjvgs7SZh^7=_59{R_VTl239z?XpESe8kH9Fa2^2)5dz2)_r<tJ%
zlpPzgO#lXNLpq61Z|VsxdDOYyNxiQkN$IwVGtLNv!CUjKM?%)dMh0)qve<{ViDf=O
zuFNQIerZpX%3%GmJ|ID~>*6O+N&Ux1;jSZBrY-PSV>I8BMgwo0i`+}&xP{v0x|5uC
z_VB`qy<9^dvPI2A*{o&TyiI4DlN90%?e9(rtDuEc3fq}<bs-}q!5I98VV$bR^tNE_
z*0x0NJw8<=+Kn13QLwJnG%D>P@507K1ESH3GLqO?dOZ!OoVm;=l19ur$ie>%OvmmM
zI$|i>ZgS71>mEr6>OxMr2ynDR-dRHfz}cQov5`w!2aW;UpoU>JsDm}kk-FWYB1LRx
z;syg#I{l_GAFb*T*c%DhB~GSP{fl-6au)f#dSQ@TZJx5?TDd=hAzeI)EjXh!Y$&uo
z1W*dybI?o?RlSMUnM67htvx4h-|WS%82N@xSA<b^dVL{dYRBQ@I1{SkRQ!lkU}ObX
zYNhE5cy2wcaFBB=?YCWRu%;Du%1Zz>OFnnNepT&y9F<c{em?Q$<4Q*fIKd#+3Quy(
zd#cp&ZVCMIfVSazztGcS)ESmxI|`Hmos@@cJj@F51WcBfU>3aqX1#G@2bB;T=qz~Y
zIc|>0M|j+X2pvuSbuh~GAL3o-hFR<24rqK9hlu45VAoy)$K5a)jsV(-_i%bNF{gFy
zMg{a4Agm|tEG{O(f;T@-T5N$(a$FL^){PvV9*YYL(U+vSpa2;wR&id_cOuN`32o?k
z7r=k_)1mzN*}k8L9>JD{6`)U~(+?!*_bvPd!&1}ybqc7gw&WuVd>c6Lni|`p1W0-n
z8#IP+mMEy>iE4?aVZ_oST5O+J-Q?F3>lO1v{5>L{BWH+^f)(XsVq&D=2Q9?(f}l$U
zGQg~E?acfzEa&m7?eE`%eUu+~$q+`gUp3Z>b=;3S(M;484+Q|hA%ah?FZ4FxLh3k*
zXJHH%>CWU~w^!^QM2Jvvj`=ZW5n3?TxTT=p4bFYD20YRHyr0Es=A_^-hnh|^psD*x
z;di<=ot4t40cV$Ib>8XNQtqHMZ8u68`~WtCt}VpvQDw{95t-*$s{`#TPJL0`CArLP
zo~-5A<DZ&v%XC|PRH=WxgPflN`!JTF)#oO=#<>S#Kxl>*RMH;Ey+;2nLWs->CM_wI
zO#{W6CL$`YVi;_Om_dkiWEQlS@@Nr*47HqQc2uGDg;yePs#(`XK$IvLLF+qvR2ua<
z1b?y(I6M(l4Uu$`#U|8m9;{6j(4KwKO-Gqe8+OfeIi<1|*0)z!dXpY26x-De0!9L6
zk>+p;OY%vPmSNMv031*#k10xGoW$@-@{B#?WJWM?&jG%GR3$|9%q!SUT#pt#FQd#N
z%VieP*e(Lf=&G8>1-^g7Y};kaY*>a)Bpi3OR9nbs#yi>f42Mdj$C9<2IoJx2Wxh?y
zwePvdnAvPOsi;1(F@{z=mq9<xT#&XBQ4PE5zYPYot%a#$pq1zIiRA7=Tle{i|FWHE
z^I7_!71FKWG@?ke9w}!#C4N=wIc1IwvD7$>W6lbn(tQF3l~juFIJ*JDUBJw#XS)AW
zr28Ak1f0SKbRnwH=l4$UL))J+;mAhA`_z9?bporn^9b!-YEePc5F=lh3IgUE36S{a
z6z%+0E4}HILB40!;pUP<p{^lO+{Wp%>B(9*FVl{@le52E;F&8)3%oHpc^*C-iPUVG
zV$px=7dioXD%)vzO>@u*zTUgGum{~xB{jmt<fQyQGG->gLzuKw#1Iq!T_-lF>N-cq
zaV`rGt*E|>GrXcHIKmaB+|E6;Vij+S-E|l0Vr(CX_e5d*C$MCNsy4$27l|Nmg?hUh
zMN=$ze_ZDEH8sk9>!*$}L)jV$vICRqsjwW~1G_`>xLg5gI~#&MV+P@e(v47sS}I-0
z*3`U3z+UgfnN^RMO3fIruB4QO-!p-?h>cV<L$5&;GS2#|MqV_DenDUJ2X~*Zv5gLn
z0SoN^!36#ak510`J%3c<A3qF#nMwl4dgUUfMRHw=d@8vEGDK<uLX_~t(`<Uq0+pTx
zU#`7$WFM{Fuv5Ump!8^X)~9@Ps<B64F2a)EaUpM|rOzr`x^4gX1-$BqEOcvq3SG8w
zYYjWG!=i>v5+xubKt&~i{4zAcB#2#}Gj>x;W4PfFEDMugyQyQ6I%d$@z#==^cx-(w
zT%xI#YocHbwB2M>y4J`o98FRs-N36CQ<$9F1q9u+?J$@_FR&t5zUgpcAuV6fx^`84
zSO=!xlx3^uJxvkQg4NN&;GCBg>egy(8Joq`6)K7q*lcarogN{GOnTXFcEYLH*BD=4
zo~DZ9%~d(TZjHNXvF<Bh6MP|Pf+XuUj)Gm=Xl&?xv2>l`8FA^klqnn!IpWKBOAz{{
z(I?;VsW%si5MC7w$Z!f~%d1!>qwF3MSf~_9wR|BDp;O$&vVgNt8`TVisM)<o;b74n
zUPl{u&=@f>?xw#aDBPiTF&R-%Vn~rxeR!R{D<n?~9{J5zRJvi&U8UuwW)$!t*>zUd
z&9w^1lZc$&IDetMNe4l$=r<}8oZy^l4jIv;EV9XfX<S;Hw!lRxM9YRp6_UE-YX6GC
z6iOnQ!6g^8C6(U64y(OOs|*y~>X04|96#=&85>%>t)oq6D`YsV8328hb}UKTBPfiQ
z)s$a~Kli+*xs<1ZQcJ#SiDB4lbVP$`4K&7N8f4;?JU%G$N5i_ee^+&xQ{<Cd__HKl
zDA{|DdoS=W&LuB5+W(vxYh~41Q-4eD7NBpOJR~wnZA6))j`M0#FkV9hpL~;5g$^dF
z(p<$5HgHuog~W7D{vfzwMm&SzV>RLkI|A+ZU(^QVFK6`>@%xVFKb5h|yY9)6Ua))2
zyA$l{O5p&+ggM`DCTLwAr9_J>iFG<|XP44^*moo%##RkoOdvCORrOI-iHiOHG1I@f
zq5KpX7hb5*@3x6QWhsqc_udVCV@-TgNw*XRG+UHxV3koWtBBW%L((8;taX9jp*~Ev
z6YNpr25RgJzIEPCZhpU4?VUHB{BfpJlkLE{!0_$1=dv<=M|{WR{#{z$L;nw}0W1&_
zU~z<5T$UbV_kAn72C4z{6ZSaCz)UkL#a%w=_7F~w^qOwZ3?`GU^U|KMv$DiiBZ|bL
zqG^QEBH_uh+u1H-|8zn;d*ZI9zP9Dq=c9>$QPa0&f>MlCdlUHt1CH*bqi{lNCMjdF
z`qgHY<uo#dD`7D8W3Tjk6jbwiTo!-n>bS@eZTha<SLURWuA&Hq^Yy;wdW%j(Hp1N%
z4q)1z>T(0jYKo80^53c83?kzDgBqD?g2gbjl`p$FL3LpfvS^4l*Y{hcgM;v4ZK)RR
zix+H^wBS`2A|O%o+t?n92;%@@H!yGFf)oc0hs}S5K>$l44{q7IL-mi8XGru)xMdm(
z-zq?l`w^4)a=6PpMGFAE^a#DJZ~I?Zf|vf0mTbkBN=|j;$ut7HEcdElqYX2-x7kK)
zY?Vv<2pJX*Pg?d8E1tyk8mzdQJ-QQ;SmxOZ-4AM02HaGkvvoR3Ah$Z$6vsr}S6`_T
zg9t2)<vOtpD7Wbj3NeT`^F_hR886(7Fn>!t+eWqvkCobb9giw+K9Bru8X3L#u*bn(
zxt=f*l66Aev?&z^9>U!6IU)$B+!5srQrz(QAyHd&2+0I7DmefCA~_`@8<#2b7HAcm
zV^Qt=ZN72XkdkeO2+!=_BQ$@7<`J4>QheFOm)-HV=X22JsD!hOcWFQzLkeWg(KJCz
znYUZ+15z)ZPzcRRcBn|x0P3Z`SM1uM?cBR$y7?f~^y8^)f09Yfv%c1rtg?UTYyWf?
z{jGS>6A@KT+Cgz&{y4FI{~MaW=xq!wEZyx}$*cXoAs7iK;rcUIrLtil8JRL`fUh=3
zG$0h&5HSSAhS2|nOfs#^@j4H$ZSea|QC)FdaBqT-4xiM3COOdWzjM@o8K*t3zSp0p
zgXh>g@GOA@0K=tMHQ{m}Os%OP7LcRF+ZXB}>L}?HH#l1rE)|AseS;6VJq)B}$^zl>
z!0EOCz#p3R)Hm?(uJ^yUQtPDGFuQ8MB5Zlv_E>i~E`RKtw$QcS%P^uls@D#8N3KnZ
zEqCv&lBeC&l665f!@DPhU{^jg*krsB#}#busKdj~tFU;j$Spx!&pRD`Z(Tm%V8&$!
zrN3G-ADggcY59(OPP=0=7Iv7;PP@RF;OVOdW$1Ewt*abDykMTPh8ze>@m}b|kZ1(n
z>g4l$oO9kn?yF|cUGGgpXE4!f30C9@sl32VYE%-Pfi@5i&K_wTfuw{*2revj^c{JC
zq&YPXZoOn#d`CQj*1R7xZeQSP3Sc`2_RGhnISvWa*7JwHv!hCV4eV_a<?i>hvR8c*
zC?iRh$q*JRuld$q7>)^W)sF2N0ewRak{363l-ToYn+g{%!;0?GY6u}j6V#&@kpsZb
z5ZBBkG{a3nf)^CcOHaKRBX>fufW#9sqFSJMwfzh=bsng331plx^NeQm8lYXWO+Z}u
zTCs$V4fRP=8>Wyh%3z2)2`AdY4l<TdQzZn3tGwZuV!?vgF4?c-7=PzU=*4fDOCuXc
zTNS2VLo`r$3r=OQPO=+gmJ9n#*TE9kW=#i$EMhMheGGg^7yGLp<zv~R)l3@w+75o#
z>dpNL6>F8ry#~ph{rOj#k=t$j&`ArGO;{<cML&_Y7FeQwJD33v4ir#KCs2a~1d5hU
ziMoN|t{O3Y)!H_r^npp*18t`UQnliq60?nPP+>!*EqZ0av*I{9Yy1DIQ6I_EQ8}RJ
zItHTxUZ`kf;*vYKmaQ%F_<`%ang+K_eUw-ED6?--j-|oeyLwQ&vCoKYX6kMvyf$OU
z5cG~PZcn8eWpZ(4Pr(^W{)-$UdKrW5>#KY1$UrTLj_={qbhHq|{}SK2hpw<EwRXo1
zcd6|DpyR|FV&;~EZL{@S3|X;7#tx}e!iU%)dHQkjbuQSCT^@ySDW8&@pCnDKw|lZ^
z4I4TZOtg?+o5kqUtEnZvxZz=FhtuN+8&2LuPwg~5n~3t*J4EkjKn3>(^og*ZC(j)>
zIy9#p0>aXdSv6fuJe^ZY5Qhl1_!K*Cuk3%;|3V6~soQH~t%|v|OWV(LG=mj->lJb(
z2Fm)b?tFRa$jD+>a$~2tktfo#u0J_n4?e9KyAzZ{Q5xOQ?H@?fVuAjw7LRak_4f6Y
zp%)1KH^k-wTv5n4G51Xse71uwHoYg3%piAYl-4Jul`>{FYPS*f{Pg4YS3;;wl^QNt
zN;RidK2lav5}|^VPLXwI!ijej&Km4SvfQt9;~|y*59$1-ZYYL?4l3Bnawnc(C^-0}
zR;eP{>Tk9FZ*OmG^&e1~BA+DR3!m;G$T}i%Pi(2@>}3x?d$3W2UCSbkUm~4IRM<X^
z!+3cs?AdrfQ)vJ7y}YT>6}v_2cN@abvS`W7ALhZYJfE#xU^yvUaGe9N!bG`j?EFZ?
zLdJA+iKp5-wQ54L{_Op*sZpID+4ODY${!k^GtNr!9RHTrN(4zDu@NWtCU2in?(T~V
zXKDW`Y!TrAnjoVDju->-S6bOX#AvcaX$b}n{JnY+k#eRP#D^~N*#S2)4dqPM#!ic^
z{>SB8W9vWfGbgQppd2Xie1Z7o<_yQn_b{8nSf)rUqsT&DHQ24^(7^}y*?K|ByN>j5
zHeYufTW14qEBIT}yhR=9RMrUOyW2CI$$!(%tD9Y0%Fwl0;%;JYA->Dva*<n2=?5Sl
zq6vd=Z2+#iGdm0_`=sSjE^fP7p;plG3+!s5aviBygB$^Fjwb%$QI6G9ygI_|yPnM!
z8ndEZ^GebWdY)L9@K85dh`z9bq}IObY*2}>SaV2Pc!aYn=2Yk$AYn^B-!K8>vYBH(
zwhk9Rq{hxkTKJ6cnb#;s%8k>yGb>~5AmD0wc@P4YdQz7wXjliQ;^{I+|GfSgx=G?W
zYKIY;FCrc9iGckxd-mmm=gfV8pR%f)w8kG0B+{X3fn3ibQg!+=o=%D-YJ;VeYro7i
z9|8y@0^QR@QO301-)dvO5G#^t0%f^_q|pRV6t(X=V5Mz-*ZZJTYx6aoXU#t+YKewE
zh0(`4*SsemZ<}yeBc5a1V~250&$YSLe?N%zkf;}A@LA|fYXVw9ik6`dBGKfmABc|%
ze?jm8|4<a$pL0iZ)B;|vLKt-jPHGD~8XMI4cw&I)ojG%Q_7Oq+3{aB#hS2F7txhey
zQ}8)PX?ox?$-B?qCe(1j52HtqW;IL@oQ_9Q!4pvuPb&~xR8W;tuz~l4P_@Y`sHokv
z+@Hq@h*qkYV}YEd-m)ew1+6J`L)`W@L}BVA#AuhQ6vZU8TpJ}5L@XZp2Ks}J>X-hL
zr%*z%JDKv=jvDyYypK4(-()7Emw42I+PKF;4wI6|!Xje;Qf)%BKzrfh$1rO4lwJA>
zv9$9^x<J1o$Jjj3T9}3EyQF8gWjQP`&}=V{dn~sxbLR5n?{{|qE|97r8uMVZ2wBG-
z*$ApE3LvcU7Oo<g_TBL9a0Ekg&C5kr9hmtv3aF2CW2b#JI-^SHhCYoi<cMOVbDmk%
zUZAA_vCfTFUDGK--AX=<&$*gAq*h2-1vhvABT{f(ru8u3<QBe!8W2jtCDPsw3R+sX
zi3QkFR+Gn`SJ<MhigT4FUt>chhMbZPuWpc<;MIB31B%rdcFMp#dxvVpi7wfOts|nX
zJX_Ozk|#o^lzE6!ZI5AXmpYqzT<_w$T@@h$0}aAg83JE-cu~UiNQaFYnNaJ(*=;ao
zwvlF4<v_v23(TU>c*|^sIRnf7nPRcT`k4vPZBWe?<W`KvA~Gm-iO*1ZK-nzW+UvlN
zWo=-{=fG8-<eFMU#DS!evTJ*SX~>^EldfuS+j1md>Xy=_*n)3jm8K!zVyJ<Bxy!=6
zzjxtiwJwLxX;T|PCo}EQMs*ajAs-??r|)+@TgCJE72T+7)AvCSk=PlrWla#2(ga`I
zwx}B)?*);=XcM1XvY}34>B_@RK7xDj7?OSv)W%b(sNVUqf{yZ9;(s^uXt-X{YUzwv
zs>SJY!||7)a!~62NbpT(?kzOJ8(KweL`f9Ca0*1n08+{PovX{0sw<rHZGIT`TTiyl
zAlXyx85pY7-zAM8f)zh^gH6ssaYih>GykcD6YS}FR&sv;Q{M%0@6ewu05>9ax(c<+
zC{AfqcX%}zRhjQk(8M+kHQqwE$sw?*5?EM==K>+zg6G>fXoHca$Z2Zr#NO@VUK+Q7
zaa<W8N4HkkBz+xf@h&IJx%d+u+;9CQ2ZdxtG=?P5?+X$B9xe{N^k;O?Ll*qekh#2~
zyLQiYEzkp^DNEC+Es~<3rX*!k?gVrWpgN`58&ioc1xYr!8$X}B_-m2dSCoQ=Q1}aY
zf_JepX@Wg!r4d}1a`RjH81#O*HoW?RPgtvfn}5tl@f=Kyk)`@6;bLqoV_fM_4`26s
zP@hw+a0ISmgdSk!795C%+w>k{tP604gv-dO%x4l~rDpY5jXA!;l>b4>V1(NXwi4%z
z1+9X;_4TaDWhJvrt7g6Kc+ioVzVIj{0Vh3EI6Eq^J8mS@dZryZz^3ccpy`kZ2s!1}
z{4}Pq=k?o>o)m(KpFPe`Ahbruvj^C-?itEl8O70fLFuw8^EHr`v`-?4Gel%vInbrk
zcuOkMmlX9dn6=*8d_Hw@zqG5DM6&}4-Iea?xH~tb3&av9+L?&<TAD{CBP?GKcIfT=
zXmx!}`u^8*^Mw|n9UlOo^rb4+w!UVV!DUUD-bbe6l|-u5Qo?J*le6~3o1{p`EPhG2
z&7$Luo?nrK;lfs-c+@dx6x(TmEb@#?!f*be2n~<myMTBGycKA;tx=8Q8-j3{Z~`AP
zfuWT@sI{^%#+0E>JOdA7HuLJS$I-}Yf&J?yK7t5)OlOrJF_}5qbwMe|j-C(TMN>`q
zMGtUANy?29je!eNk94<v7=;;QcHd<Gg`8p5X*g>SDBmQ7Z#!n@3)d_~bt9ns(6az5
z(?-QeZB|M;9Xv(p3ONxDX&y$l10V@$L9a+=<w;2c|8pQi{u?w%m0GPCyB6^xm3cvB
z->vD)aZ}IO_3u4Yc)bnWRA3V=mC%)2k{YukbKiJqe0jE8OzFh4mnw!kf+Njd5doPf
zh6lXr#6e9CwY%f;HA~kgtHu`WjAtYpz2P$OUXCEekWO!B-2T2#RFn-*lKppyM!XfA
zUZE?WAxPa&SqCaT|EqBDN3KTkXRxM4RQG0bRRN_2NH%`v3zuyP`06Vig1%)bIR|%5
zj`OW64F6HkDBlVlLG%|e815Z@Fd3#F$foKapQ7I*CvHtQJo#?zmU2$ILCxbi|G6q@
zl4p3KL84k~2Rkeel)Ik)Fs<Tg7q;5LP@lRWKJ|GeWuO_yAiZij*jf4)-ca4q=(|8$
zCCif2EF04_p-((7_H{rUF9^>_thFCeQe(OB384~_*DA+}oRA{H$as-T;sY^o2i2Ke
z6(`IXac_*}h)ihQvbe+`z3~z98U5a$+`s&u<N7Y7fIm82H^Sfi`{$o*cWiHSb#i4>
zb#QR+@;@8wNwrp0J!IjRZF79gZ?z51?i3NEUR1zMj2;Q`>kM)LbtJakJ&Ndq83<i}
z1pA=x%zJm4xfEN=LEa`7zxjQZ_0$O38w0b!u8z(|PtU~#M%JUh$KSJW)4NPW7`Xly
zEGa1p%9Bje5H48LcED8o3g)0}rBT6LFx}9yBTWend5v0nKm#c8*j?WG1_f<H32Y&b
z{DytaW@*^htXtkT2FHaLx3J|G1SDQZfU+IqM}Y}jg0>Z-<@S4WN{;OeL+^_^?dD#t
zrbCtOicQ1JHQU`3%^6SXM3r4122o72vl>|25VJh2OpVzx|FxU7Eyg1=X73uUEoV9J
z3eymA)9*xQflRegQ}*_o-wn^n@jS)maBq0*?UTDaRuByiT{LWmV?Z|7<1uV0v<F@j
z>u#-gsl_Zk*aP9U#s$35>t*|+O-j4#n@X_G606e;G<2P}9C3f|TIa?yu?G~tUZ*J&
z`Sg6a)LBzsm30()#49D0gQ3VyUP%;Ek}!HRsgv8M6(ceW2<J4oVvyor9%${)wYhd(
zXqIG&?vAwk_BEW2p`9(sv_i9XnT$#mrt_#{=HQv3OZ~sNrD@DvCuC&ASt4WQBMN-6
z>ttRCC~1wNt7M9>c2U-yNLuEDu-?|^v7@(U#)ZvwK`)=!4zf2atB$b(tAlE{R$SM-
zYf<?0X0wxRE=rG@>F~N);&m>lEjaztCyzpNa;23ByOU?csdGnz>#k?c2ptM3H?aGP
zF|UdAokM7T8)NvxJik9Un^Y=-ouW<6Wv7P6yAH^XU2&0FSAEGZ8`hkAA<>mxrkm1F
zR>U!Dk&)7tX75!-Z3^@f`Ez|G89ip6bQw>3Qp^intz-6gg)@Mjazf<3Qjht?vQ)us
zNx3ac(Z)`r&nuaUQBn3Lt)lgdZkmZbBzG6&h7F4iZ~9UwPNc|G5(=qH-aQg$K!M=6
z#b6Rv?}ID_acwlk=32;ni$|5iah1bqWzk-iz!M{N9NjFvlP_`3_yypRABaSQkR+0a
zM4^tL9#L#lA{ZC$Ptw{eN0If&0=<ABlnPEfp;;o7hF2+qgSicv6W{~nbAwp@sIRn(
zAi%d!!+gRdi=uj9Z&xg=MTlWVRwm2jkpYemSIb|4re2k0k{1*D-Y0Gr{06Na%o}sp
zz`Q}S_g0swP0s-hnod!rr=)!);7n3v<UtB|WdYVB94J!DMxbS67^x7<64+Qk1w|E=
zA?B%jv=JF}4aB_6g_=FpDBpP~BNe2rB8I1Y!(%hA*}hC27S7`L4Ae77Wk=Q{_%J1<
z_ZaiIzGu~wH^r<g_&KvK=Q>!<q;c^i)OrI*Ouwiv{EA9HUhoshvcBfy$J~~oWc)ub
z`}h0BlX(tf<}e}6Z|>vw5ANfG5Bj4S|GhUB)<jm<#s>Be`Hc_xYq?P^KRLi<c)ai|
zw3ry)AGnSi90qw^fFLD%!KS8taLivFKeBZl{bKG((KpB+V*4_iYhA~O$x&BxwtBOZ
z5$`4E=LvV^&r3VXe^=6Rfes2Y*lilPl2#}IW00R{SXkJa!naxk=iQ*gtwQjO8Z>B6
zn$7>V-DS#Bx9#MCZ!(bEDxy{U()7D8BT--2XrqqNWqy{tHfNY5+ba3zvT9uCmNkS=
zC&rv)I=Q5*;NLxp_Ds0PtXA<vKWTW#Z~EXxfa|z}W1wrd@tJmH)98(2RQDWS`nbP2
zG!x=9y8@P&2Yo`;ONl+nVJSWX)7e`=8MrL_WYRFB^dD_`=i^A2D4%$6@Dr3@Axwp=
z)zfl0?X0+!(UioX!dTUItyYAr1sD_Y8RWB3uvK1eHip~d0o+SabI-F=YhI36dkpRC
znhveli}F(Ohj3g*;~qwm`x7rKBRH1`^aQ2MYp{4%GW2OQIlnj}Iqk0ZIB;Yh_w1}<
zi}AbLbD#dPc19X9N)83!My5F7lGE(b#Sv<u_<gsWqxO|7jZ~0^b+`BjA&}Y%#9?}H
ziUN@L8K={bSuaX8WQNy0J;fIaP3h@g59}_|x0Vhcwse`^8F*Eaw%cb%lM7j26u`WW
z_>OZCWwArN2e@Ibji)9CSBhEcAV+;tF$5(J;U7pJ!BAF?UZJXhYB2*d{hDN~)e|XL
z1kBP1snk{q-xVPfQ#7(2JjnhE<RP*;fn{%r->5IrYP};@jX*0|!$g5O7y;1c?Y5YV
z5p#za6b(T_?=_I<*i)7mlZ5LUy{5CWf;)+T`B*@a@YYuh+6@=ce9{o^wRNx_An<PN
zJ&yYfp@WfdE&PChizT^ARDj|w1>Fc)F0ds_hB_tKR3(!r7pvvmR=@e9X8WW6<a4ZC
z1g$jxwIzJFIeepYRA6%b;MWeaUvq-46ynp`_OYazZQ&+EU-jK#)8NPpw#J~0fwKBw
z8H=JIVR|{MrpYuHy7T806aw=H@S(VG(}e#E*eG0UZt5Y=&!Oks^!NGo0^1hDDpe{<
zAcYt&EHcfvmc{Ea=rl=aynfwixcId*ug`<rURx@$wsFE~F8-(0sWA+o2&p~SwFcq{
zw(Y>s4mJ#Xy=)E(tY^E{=&jHla<gte*qN_)r`hBjw<-H2oPo1{no}=tbrjcjJ@c=%
z-Ym=QT8`$e&%0dHyLtQW5|RC@t?0`TXI|NTd=J#Eb|a!Pn=k~uQ=2r63Dk6J0a*P5
zMRL#GySA(nchQ>{e7W>_@iCWBz`;1z*Wmg5xC_6HTTPA*<w|GziEbxt{ox-e|8+`%
zS)`6^7f!es<E+A_k$Rsmh^O<~&F3Vke@<Fi%m9dD3k;X@HA1lU(7aZDJR(_^`xP>L
zy!1%x@%e0FcC0GhDKRm(e5O$RL%hj~JD`T5eD7z-?e_W4OVNED$+&>jB(ORd0$GXU
zXq7`QMv9iN!M_D>ly)>Au%<9f8q!n1oa#uer=+Y$+eu*mTPBFE)0|Ybl0t=MDLj=J
z`N6iNlDJiz(uiyf!!eGvaKDYLu%ip3T;8MmNgUs|AX*`mg01W@8U)c2*tCYZN6gSA
z!<#qK1<8$<8&cFY$(*iZ24j|r$Sq>FV`i@JA5$XNv62tyB=(3dRO~(wS9}O+6D|Hc
zV59@W#FGvb3DsxF*L03Qx<UTYO3#SH;h+35!Z&~9YTDZwTbaN5wN{)cf~$pdoLw#N
zB!tpLi@$1;)3%MC(4+=Mj7U`{5=9QauPp6eyRR^_OD&NbxGClqbVrWN@l=Mj6;CNg
zevh8rn&(5#^Z0HZvpamh-*0^!1_{9qt0)wWBfqL3jP|k@zJe`Aobe+$L0Ti(GBuY9
zTgJ;cRvDH4rOjY6^y9#7sAh-POqv~@_{&r|JeKM%Wv0ub!C2cBR8%^!(?WK$#eblx
zBdqlW>f65g39DgwA1w~WKXs9Zx=ilH+YT3tJYn=dYJDMw(&KfhP32LX*#moA?j<9i
zG_ey|>B8&l;U=h3D<lEm#d)Me^Sj1ao<{fS1PTkWlW%!%`4V0?gqaQMPSE2&n!aI-
z*Ni3TJC9jocz&p6ula&aXOHiX$}mw3sz&yN;1CbVriYwt>rF>3;YOUvZG^-igfzb0
z677@H==8ge0<UiLTv}>&>=9M<s|}>B!*Kab+6BJF{Bp)p@kY@$+EICk^cSqD5BFFZ
z&TzweH6q)i9cQP|!qNeNbFo^bJCq=)m6h_myO5RpApD~Y&Cpa1;Nnch*T-HWBxXn8
z5*WEjNYJ~)StOezn|p#o>3bx6MKql<ftirgjPRe)cm1fYT6gK#iIoy%Pbjj3_}lQ~
zCeRDu``*-YLY+7lXO<|a5GM_@`vo0tPB{GM7A6S3e^!ap7wtPso0|EB&tQIl%cQUY
zb>uCxl1qfo<SL3$jZ9>)iwPtu%Ab+a<sOH`hAl!87^McNAjg08Xs`RJ@8x3MQm~9)
ze%crVf12%a|NOZ&sNI}_Dteqn<1lNts+*;vo0m<<#m0N1n+KwTB+~Mbsz@RrD9$8n
z<IvI02SwO>&(<+OTod#W%l!la_6b5Y;W0Ut3lv4(`8f4Uo&9zAbsYR7ZE_)xGD5rd
z>xj}xO=IG`u*$H=L~o*@RzRG?{*|^;PqHE7-Qf&Ev)0(+F0UEdDeFFD2BWoUR)o67
zvz2s7`y@T9@b{$@9b8`s=V%CDXRetSR%&aMhgoK05HG7Bt@3e&$b+T`!K7I-3tKH(
zRmg@Tb);#;s8+OUOtUVqs<G(NAj#iUpl<7E!e9NH-ETUh51m+`9_Lc(!e9g2XNH(0
z3Vt&gXd^f|xt0E>x>7?dkl|D;sxQ!*QTY`*phcKeQe}pb4%rOEhCGI+H+duID7k^B
zYmRfUmZLC^{O^i6m0{zsY-$jhyjOS#?XYCiRv2}|$9I5<D2G+$=)cv7Bo@cCp4*^_
zO0=up3JG!X`yDp>HU4pg?zFF?iC3sGW)r*z4Gq1Eqf!4ARD)ErsG?otg+$}{A?7$F
z>xybHCk~3sF{*e{rC}|ylVnMy&HAajN6dW|`jWO<9vXHM7#mLKJ{xhoKn7`yvs-s8
zM>1>g0)<+xCu$m7fT|@_&#39_RD<d9WXNi}kCF_v9PL^pJmIe8M9=xObhb;Cr&NJQ
z1)5`|j}8R+s4ZN0uK2Q#$($?yqB5TrXY}K4J^sU+7&|ZrM~b|T>7)2@On9eRhfG56
zbO!c~M}B_G40jD#R(h@&uy4%p6qoppISgtL*ridFX#WmTMxoCYYm^v$hq>GX9OfX>
z;1pABxtqy7VmVsK+%q8T32ilmXcqVW1?BV^8~EgF<-$F_YbDknLk7n^yOm9R;~3cr
z+bgvRm?RxaDI-li(a&g>0&=D^7?dJym^@v-WDMuIzC_Smr4`R+Df@L5{B?)=Jpq2*
zJc~lUm`*?5$G`d`3+v|ko;T~V0M+y~5EI!?0Jh$RZNPu^q5>Kl<5A0X#1qluKjxXc
zJWx=!kiQcBRw9UT^L}VI&OBK`9J!b=TTUnA-aOaK^X(zT5ei|HuuW@&4clTbz^_c3
z#Z6f@jOKAAlMLzZSTyvCIX2{-T%_$KL(#}Ys)0BRd0WwkbR4HS(X%TqJ@YTUL1~4(
z@@@AYn2P$S8u%_o+GJK&drzrT7oJ9^?@8sW`lVFg$&rt2npfgYW_Z(J6ix%d@5U15
zA|C>IT<Iw*A-t{R%MB&9v!&zp;qTrH+wHGj+Z-Nr<mRU$N|}OkyHK74c{(O$@ZUTe
zR9wn78-oOEilX`>Z)u8z#NBRak9HRXNxX=6zYyiS{kG)$`923ReMNMGoG{SAE`fFW
zwk*i7lSVG!IAR?bWWYu>nnhG)`O(Mw_`3fs7oYLbw(a%jpZ&b0U-U<4{5{1q^yW54
zCs#K{_a=8G7Y_gXr`mWFgVI1iWq)WGS!>yqMiyj%<5nzGgOP*~2tt2#{Gvnc<Gp?Q
z;5pmGhgC%oR6me5BvTd94I@cE*ho0w9rb3}Gs_$PXMLCMEWGD1<3*9^ai&EaY%(Oc
z%IFOFGl~_jW7|buD>}_vX*%dKbVm)(8J_Rh!eokJ{_OSG#0&E|#}hYU$04-o4sdBm
zyt(?%>O9yOe_?RI>~JG^at{ZzB{?170y+>X1MuD;jAgZQD1uSncO;vMX|-|r(9Ea(
z0F<<J{Jy1g4;erQwlj^m_T)^<j&M632+|Bu8ZbbnPYo^lu!oeVOpK|JJhQ>Fq>%%z
z+JoEuOTa<EoWqn~2bK7494G3*l5(l`=w<8Enh<)MG3L?NvG_yO1ds%8LWcnoR6P>z
zae^iy>~wqmomI$bl6(i;;PXSi()HCbG{wER&krxGLX1kwK`M(PjnQaRC|v=vpPV_X
z=^@|#CS;6-%#oJ{dIW2uedaBfvh>hZF^k0K4@>jATmJ8*&0w8+?e4yO>F>eE=r=!Y
ztG`@XAgWb-5xZa129os4cQLF`3850Wt;F-Ui8w>MiEOjbfXyk=kJtDP{{b>asRLUi
z<MA7NeAcG*eGIQsrn|b(ajsbQt~35T9X-Q7iKXzv+wMjWt`s5E(7tgnfG7Z}jE)S3
z@QL80fE_rYp+PO5&VV~QWsPq<LD1f_-?(>1GMN@UnD=A^1r(f(KpGu$4PA!I$Z%CQ
z@wi60Sfgl>pt-ph-2Mi#{5;z$7mkD8w=p>R%GCRyODcZ*!XT=yxYdmw)ZKY~yFwTn
zb}Q6=|H_QhO&dg5nnCJ}Lz$tDu%(p?Jl}(8lWveoRUg>vz+5EN9OiOEipn+=72}nw
zYY#xzEio35sPd~Ks)HW}+JM8@q6n+j`%YtF*bzFFdt60J7vmwi^_XGS;)HFn+5ruU
z-=;O!sOSjDlg7wBvTz6Eb5hi#%PIc8T6BxZIDsthjKf&v^(NwS(2$X{?w4J&!})G>
zD(RbdsNNilU-5wB@#H$}n5Ku*VELyy`rfKN`7S3->S3!uTOx~&<+B&;Do@U~(H2>G
zB&LEY8OpflgiIyLl;875rF9*PE^}^cP+pvAMzz>eqgW9m3Yr{cu-cnl<+=_-7fkUY
zUX%pR;Hx!L#Ad4k&t6igG?kVmqAzmNIP2SrC)@0Doq^2{#~+|YQ;1#^eO?pDg-gFL
zksOg^$upFu)?U=abVq#?i;rHG<q_i!-WmZM5yn?5*aZ5y8}oy4d2PczVA2fzOL}Gz
zeaN2<;;8)^`65e(L?;qFZYFxYOZh{dPm$>0?%`o+z8YBsAe7)08OGr17IBeM4$c$I
z_Yx|h^Yk<*AG1>o-R<-jQd25-j`ZXKx`c7!2&0sDlXoT%XHTft<*jGKFZ=TZePBV{
z*Ei%E<xh#sq89X^K$5c!R+qWk5*8P(eLNJj<P@nTPgAi3){BQEjAEv~65~<e5&7}q
z#96%Y7513k=NE1=|6S!1355B(4d5sJUt`qQA1hb$KlLBR_hF`0HFYX{)QYVGT(EyG
z4=f@`bU6%#GOA+IOjgQg>{7AV)J(Jn@4hGN7H>uqP3zf(GMv=Wqk{*4*kt0zmvesN
znf=%C^ZGag>j^6tOf151&O!xQ3>38%zUUe0FqTgq((E@HtgMvrc%9a5={Dz^<(#JU
zz_MKjV@uHnzI4QKz?oj9DpZ75)?b$`#2c^ba^U0i%W3mXrN-;EBvrm{#AdY86Lv#M
z)cIt0wp;t+f@^X-Hr!X2&ePzAS{JRMHk#Y73yp52XTj$TC1)qokev%Q8J-Ohx?idI
z$!{A(HE#s7Bl)JRAL0*_7%XK7HD31*ayv2F<8}6~LSXl{)jU=Whz&1I#QJUlsB*i#
zCLW(EYH?X;we*JwVHIOeR719-r;Ddf{y{Pl2ml<PVwm+!>vTNMDqYicJRvyjPS&WM
zewTpE?Q)bYeCN#D-$ne4j~=TE^mO}w3=H{-zV$EHJMJ@eI!Mx$kzrorJ?c{5mk35_
zmr7D2NsF%pI@b0?Rt(J`yOTL7JJLm-=puqc0c8ZjLloGdTnZ+H+Y2_BtkEBseBWd=
zNBBcY5-1C=w2<}u9T%K+6<W;^OBr&4OsUlNP=_OXNv2Hkc;9}x2MBGwn7$am_1|<q
zDPX@ho&I!EXTwJ5VK>UIHCulD3?<5sn11nDYCINhBLSJYLoDCl0FYF=f)O;7a8WBG
zfOe5dxTJE!k|1Fm*3PD{`su~~>wEcCDM<9Kw4b(=zv09{HvVxC5Yp`nLmDlDs3(ZK
z$%7zag;Hx!b7-fMLWJ*in~C}}S!pHq6}-xR0}~>x0ynG=@qGF$$bbWdO!M@+%k>?z
z<gVX*dialiLhScpm`#8beM5H0e!i2ZA<?_scu#|&i492&-@aZ=n^<1f!&vb*WAzP#
zu!T)`lXxMP*NdHS#By<pnZ`@CV0x`13fBjvg`r5H=qyt>vehj5o#2>$?biYSkV0xY
zV>vD7wbB)9CNd(OZ8bO0l2dgKjaL=b3j1#BV`pO`|L$})n;Ys-g*6tr90tqg*d?gY
zX*8hs&qEiY1x2X(l@f@49HK0wTbuZ&e&Q1Acc%*+sg*U&=hhYx98*gdJ)4SFqGnt2
zt%zzrsxO1S1MehXz>!pt8Dl-ZdPHm5tIvdXhF~p7*6Ge#3Ik2_ePt@gWOPF~Z=hU{
zp?16uT(4<UL>d`!c%x?@8w`mGt83}fw!pogJ)XL>lnX*xRwt5b*o0T=Pl|i8e&R5I
zGD`iF_OJ3$)8*9BZO1u!C|SAEUGw!?y!g>zHq}V8J=ZV_C67q#Q9E!r#h=kkcAcGh
z4W4DGOj<|<$Z4-8y`L2r<7#<G4!5W=hF(>f_053EbqsSh*{jFin?!`IZ?o1vc&Q{j
z_m&(aO4Uv3(Wb)p64z9)<@6*7Y8c=yT#`CClQw3tdyvFqhHs%5{8PuS90kufq3MJA
z-xEn>J_Gs*?}Xpa_OJ>JkUZU)fZtk=Iztda2x8}UvBWq(PK(}z=H8!si9fE0F+E52
zMh-H0!F@UsdId+B%VXX_J0cOGfn~=o;S)~T72?+Od>ZZZxCdMB<9L?#q=_%i(N1P>
z2nU%`l49S?$PeOQ(Rj|8og-?1a48UGN+vS7FW#|!@7qrIO@GM&ws{CTsQYQj{urta
zKll4d6|$5CR$*lU(?5keVckj<YU)H}OG%W_D`dWE00JITvy9VPCkzr+x)Nu7!GA&6
z)FHzlSkLiYd8|Uxj^U(pO*AE4{Z^j(Cc3;ez6Rch^ul@GOAm0J?Egu}K34hjOY&1n
z-ZxSxr<fpm>=>X_R3HR2ED8WGFwH!qZq*5?r7E^I1%+?zSsK{{;4&{X7o$TXKw@YN
z`58Fr>r|x2q-SWVIHI|Q?ly%(Of_1Ex?WY<%bKX`a&3@D+o-9vTJ@PUFHxRb?LAQ1
z)hd+gXh$pT7)jmb*bKSRYYd{!-5R$VTW&MEIT8fHnv70462A~Cc8%UvbF4UXRxacz
zPQ2Q!`wCXC!xAabrar|wQR9EZhDy0Qhw36zll1ns&SNysYBUKi)Q7-=r`Z*oPqxJ-
zQ~WR>@0z7?vQsFp+Fl+irV+~0kU1>>)6=GKPkzkJqL3GfRhCim$v^|1|A$>+nsjR|
z<SWKOlcDy>TY!R;SMpA1G~n!Ep}+GLwsyUqLQ{=by()Hep9-+()dLbs+QY7VnS`98
zS4I)N7u7MD^Bo-crL%Km7Y*$*pk}J9A)^emgCfl2;He2jKshD~6D_jtdfDj-!DvI^
z9=8KAm1Bk|+t8`?j>tK>q@Rt^pwf;`%vYk|fw=oBNm$T0;Izp{3|s;ET4|-QpqRm5
zmZb;K1ByDg`h+4^<O|gT9Jb)+LSS6U&>MXm0(zva{mM+^Xh*`v+}mi480dqy_w~G&
z&L#i=aSbn?7x65b!!Xw!hPd|*2V}%4Qhrvo$lyISh2YHyPRS1_bA}==owr2$>X=Ra
zgYb49!e4)=Xweyt+h-fK<2R}9DM~q&$KLP1_$=fB&Xr&H@rv9Y(5v>DGmr5Jo8et{
zgc|B?`_R}G7|b)9!gx^kNZC-+KSIbC70{-8vgBfhCJSCGmjsobpjA<qX2iLoJ(BMD
zi+oRS^*c9~zamrT<cs?^yF@vYPM`7z%K8L1_t$x$w5leCD*p2@q`|gK8U_m!9br(8
z9XntK`v3rx#Yqqxn3lutqCX}*zvjX&zGdo*^np?%;i2R?NgbG0o1`QaCgAv*LV@u(
z*D32<j>pO9JS<Zg_n_0~bKjT4eMFbb_4xfSq!7LbrxF$fS}&Z)$6)a|z+!3<L<R?J
zF5pM`SlV)d?Tilmv5>e}W@8QrupzuAwx7-nZl?{7=ms%DNI}ycC)^R}kzi?&MH~{G
zsgA_w74HE-+Cu)D4wzgPW;($Frp7~R|FGe>BN(m)aGPBYfPhw0Dm!^Ip41s|R3_@9
z$fl5Id1@xEa7)G1Hl>hCNPN&|&(Mi+>rgx_mlM?QS48wR1C&POzeE!oz(73(x4%Qw
zq$Y`8Vx6Jm88>H_=_g!-HLr17?#~vU*a^){2sFFdas#IS*VYT$#yBeZV<)!rHlqs2
zwdS-Ov`jQeal%y$HHO5T4$$-I*SYMAfBUPLw8zO>HZwE2_du~6`Iry}RkI`3%tueP
zZ4kjZtG&8;TI%^!HLRKZX#5E_69oaS3@cYW#U*XA_!`u_bc%>CFOq&((Seo?P;Jll
z#)i>_L7ZGpX^ZzQR9rB$$=Or%aOO+^H$ce0-;~`msb?crLbtH@=<N~Xo0O5r{0jMD
zmS%=xbF#xLu~K=M)^n@hlu}lykztddPK4r&RC_TeRYQ)Au4aW<24E@?PuR+^8j=fW
zEWo9}t-|^UT6PI4_XZc>qm;@E-Q<C?imI2>so9ngxrGFFXEPVefN^dB&hz?f%`EYS
zyPex^GcpTkKQ#7z@*QNEc2JHj*ej8>#!Jm6>DIEhpf>5Gi6d7Pu}RV$@uEa7;7Yk;
zxn@&bee(R1V9lNUX94ou9I@36#X4;=at;_U%aV2y$dpWJ3uYQ34%k~BlO&zTp)4py
zZ@rk_h@xEzir4;%lTkC!Vpt|oB`f?!4i2YvaT+2TT0{Ax99xF7zNO*D6k0VbowQp(
zsrT)dw5kB~{X|=5k1MIKKqN+d2H=)u<bsABej%iM%t)`}y9igxuEJsi-Hp-G)7qPs
zbEI}ENv!GXURr#P8O!Tjxz`YEkDD7eXXu<9@P7arfaQN;0ZwGIwJT%j{k_9R<B-Vm
zEp5S2{&+^jXlg-YoxEEme|8}v0y@-9Ti~GCE6aJ&R1|`1LEAA1Qi=up4jaOzFg^;I
zSKJ^*IMkd>cHr#c+x14W_T!ue*$6c5w_~C<Acz~}i368kV=*_ZNz;A?TfEO_U-R~z
zlU}b`M~P@-6+RIIZbG;Bo)l|9kLn8SzUF&Yb;e?JTcr<GteG68cI)L~X~=F?NXkXu
zYc@F0t<Dg-+6+*0i0C1p>>5lV!f!)bTJ|Z5kC}=~ukosQG^%`*rf`D^EhcurkrZtb
z7fqnmV`U#xAv#3`yA%!~)rZoE^m^!;N`8V+w7?{+Zc9?RPtuCpE57XzJ+4Kr;?rC4
zYxH-wh4G5(cN6_G90eXYKl2Tvl3G5U+IIg`ofgftsp+3e+LrR6p3}J)vMlh6pLf?g
zRhQ&_RFWro=t}jXD#!1fw@-MTk$$Hu&*ec~BcM<_D?TM{T9md;Qprx`qAo8><svUv
zq<7U*GNu!CMYGg|)GF7^(?SPUTWnPTt(<RHI96S3SLm;vZ&Ls*s~Qugl+e5qA{1NM
z79tcWch85^UO5&*s;?gjA<{8z0HLOXnU5210Ja?|qz1N~D69mw9V@g3ww)?G1HNz=
z*g~vj{J}w}p!_u)lzIZ@xMoc+*8n0q8PbT>_04WxNxMm*?Q6l2McOF6+<|+z+h!5)
zd)j6O_x+@gFxYF7*QfmI18nFDl}kO9OC30_vF)*$_;erm%-G~Ehjf0dZV!|j4Ec(9
zSgrib)K`OVyuFCtfrgI|a&<o#dOrl`TaXL8T`})i_oA){27P(c9M-xPmm*N^O#)Tx
zx;QBDr-l=nHZE7czW6+jq2oONtKR+lLGb4h;Uvs>H1hlKc>0Hx1?Qiy?g8|glSCWW
zJ0l}zsi~o<P+28@&ZGKJ>;$x2xXse(x@E3dhOp=QFk<`O>l+w#@?z$`D-JTRRbXOU
zEEjD!r*m$(cc(Y-`}@AZZ^M5bn2D`?58L@GwNiTDn08=}fh^gTASx!TChSAhZPeA~
zGr^QaZ<$E3<S5Z*%}H))BfTq^1zgvw@4yO+t{t3BWHVvln62bX6dY@oG+07wzhoO|
zEZXD>(znuKjK!S1{Vp$NP*e*q7k-&#<EZX<R`d3;Z%D1Iv7ToGjA@oyRga9E_@)q1
z)_2_^VL}|kPz({P`mP&cc0l42P@A<U+$}4#Cp3gT;OO=@Khv^_VB=FxSjvC&B(PM!
zW~?0F<LIw6c?hrOoLLVi=-+1a?p8KSoo3gRs0t=H3^d_Rl?GbtEOtf!vSKVT|0**a
zVVJS)&Ro12xDFjs3B7}@<bhkZrRY$B<d0iJ!QedcB0YY_ooYG)+V&Px!W#NgMVhvo
zc~<|w*3JT|j%8cd3r%nj4uRnAF2UV3xCVFk;O?++2=4Cg?iyT!J3#}4mwn`t&E5CB
zmwg`$7%<kT@9$OJvscyZs(;pKFj^$&-e$;RGjDKPNifX5V>qq{EtcQ36^ohL&dYf;
z6Ui_mt*TYpJ2!r(oN_G6xe!;Uk1EO%E0}G+X&uK`ob-cZE&k_Z!!)!k6`SqdVA<<@
zt{WW~EaTLg2t`=h7?G790=sMr3-h_VC~GH}LLFJ`Wl2&`2w;=;xvkydF~mm!?k%K^
zYL$xg*z%JRcN%4j%Y`_cCY^~lf+`*|A7uz3;Y7mPj1Ts+@ke2dTL#qLY71rUj~G=T
z@OjGK#l3R#S1^dIRnd8E<O3~7L?`LOArmGqJ?kQd-$&P~upha1AA;EJ7FK^u*Nq@J
zm1KT`l6BAi$E*Xml;4{PpvYvY`ZBSAEm={YsCNoFZ{NJGJ+Jsm`GY<Nf@rQaP>&!L
zrl=AsmGqrtC{2_b{oW2T&8tev#EyMHS!9i@4D3ztm3z(8KOSoQ8Vi4plB*;a+Ww!f
zaQ^1>gZ|&s4|SPo9Slz%R^>XS36RYX6Xcvz-p-#0LST}6z0u!ktSf!-_%K`tbU!B1
zvfa?8Lw*7$5$=WAs{J_y_gvvJgdwaHTe>-G9sh>+{ra$8CIe(ykih44nLm;+SIA)l
z0loq>G7{`t%uXVCxtwUZC?&d4M70|8VRbzWiMYDUx-w?_<~;6FbDQpA(x0;ri2NbU
z014pe7qwAn^h4KNKA`F#{bgSO4OO92INx}U24t=Ak_IYP)1j^WG_lA`O_P38DaRMn
zE}KPKCYAbPG$WDf<R!RL9oy_NA$O8-I<kh&QWo@>Y*NzAw~LV7u{=;uAIaUis?6?;
zJc<rpVVT;F+ZTDsJJJWqqca!j=OAEp4_4)4UnzMsFZm7(MReA44_9hJVC@^`6T|)(
zh>@;U->(7Bsw<lp?zRawoZVH4QlR(!fF@T!5pE~lNsU%-Bhsrm!e{`$|5aa`dJzwu
z0Ys!gwSyZ?qM>}<JA|H!ktmW2I$)taEq9+bRBh6d6IG7RVK|TE(R8wjJasoMPZBp8
zNML#^U%M{jQac{U${NYL3z8kXZQQ?bQ4*k>6R<x+W83dq3L8?`Z06pt|C%T!<&t^6
zjUjn&_%ny25wHpXfk582^fq9nM>l1HvE7-K?uobkGRP8R*<q_uBO)_u4?_GqJ66qg
z-m0w^5xH8O5pyF+!gwuL+2F+x5u(9$1}MhPJ?vG%{y1*F_rT;69jHs%=M+bnntCGY
zC>rXYa|W<^^)+51hYPTBI>~XyG!!=f#7M-h*TRGC5-`Lb$h*Xkn!cA~Ijb8zAfT{r
z7^ee#0kjyRxr_@puaAv*_{EG6=rB5X(hzRV1uh}A6qMZ(JFqjDXFKl)llQB{O>m4J
zQyJI-zoEKyis+#<i1J6lYZ6{nX^)_R#?^^w^qR!z8Nl3s@*Pl^3e7xo`Xfeujf6kP
z2*pOIb;r+FZh!NWg!R8ZNff5vqy7K_^WxsBS*{8R?Z*fCkO|=)eOAc-r1sUjo@vE|
zUtnq>2W{2;g7=ozy6^mY{q`u*mMcZLCld^pA@-|=<G9n9)AdpL+L{-jA&?XbcKthG
zvw=P+B{3#L9omv~B61&GUX*fxY=EH$NY#IV&lr|FwB)M(#eAjE>~Pk?^49;7M4)DG
zj;-5z!S+_oEPtpsK&y5zhN?Nh((0fq#??6Nd)_vE0dfCEmhoYFzt|{HQ|=2^*?ujS
zMlsA6i&K;IlbNEEvX9417Ny3v*`2*J{N4mK{|FD{Ezv*HR4m=0G*I|eitf7XSNsWC
zO}$~P{!3rG*6#5cVY?>Q=8oUYvMQcCWLFlkcDtfbHbYu{2Oc^@+vcb&1L<xVB{*g)
ziZC&w$TVzVm#)axDQ=|d^WK*0K_-WQLn<wImiRPNI9N&da-A@KjnF-I`3%I#fJyp9
zsYs<G$H&);j7Oj2_AyoWM@}u;(8A7emX_@zjRi$=(>7h$!#mS%)RQH6;%RO|lxg9&
zvlPo-F7KZX&Mn}m)zx$HIG3#KV{nhz)Y}Zri1nmM#|F~4ObulvSJbzfc?5{!SF=!d
z!H0~CD7&H#af;r9z{MgX_ny%>EHCg*^%h#|C&b8j)EOCqLP}K@*0;1{1_8I!IW>wg
zx=g>z+_=-IP<^?~qn*aPgunUfCkM0Bk{`D1&)|f`W6ZH>pF5ZzsfC3x;T~Nh+EmlS
zut2MW5B3x_Gl)<Z@iW$)lyxw6eO}WO(eryAko66aZnfm6(2GCW@1T5dBj`E<LBVAo
zIzxF(GN*aMtbF7e-f80>Je}SY1;oc;FHja7F_ZlK45=OkuuMZa15)61bD1K7-xe~B
z#Zvpg@G-FjhY|^zOcKk}zM9qOob7Ogi)F*^xI#j|2;KrQe57MJd-X?f{2Bs(4vwUU
z(AF9d0Ko3=RIj1`cl8=68B{(*k5=vKh~m)KWS?y}I*_ZvT@3`XC^2F{;1OZ_R~N?2
zyC+)r_X$qgr$UL6Z^0xbAB6f2KtOdH%~NxVn^s#~m1bAke|SDYty2T}XXx;C2n3<N
z5frJyo)LCP1gMFaY_nhvQI@_75dU&XEWjwQcCu~6ZGs>~OKiZwP$?Ser^M3+N@@9-
zA)qf}Zpu+1+AyZ;YGB?kBbg7FA)c<PKPJM3(zM2yao10{JSn}X3ZGUvT+S-m$(q^X
znS8HDS-K~f3X{$me<5lZ!G-{@nB_lAjkFqx#DRjgGEdZ*WEQQs=XZJ|ZE$pmvj&Rr
zN;$-n-gVat=6lSB_aM}Q@{h}%K2-~CA89X%{=&gHX~$gbM9)tuaNq@uHI}YH;SqLb
zxsEMn0ofjpgA}A|A1H;}S|O7Y^^9d4(O|1@;KwUif)VHTgJ;*<8K_Nh?Y(NYzGB`T
z96-#gEXE<ml%lO$aS<&w5Jh=Owr%#m1<H5|tUeV#z2CnD-KKTAcv>DR*WTtOXPZ{Q
z7v0@gMOl+=q_p)yNnl`1q<+9jN87WjiZu4`DSI<L_w<ivwZESGKVKEEyuQqcBLe{6
zr~m-Q-z`J)uc3t+l)K_=<C7O-?DF8~C=1lE4mN}wKQc0eP|`ZGUPmE8W)dQ<dFSBQ
z7}%tdu<G|65QlA-wR3QlbxP{Fp-SG#An#C@Z#?R2)zp`6wCcY+p1)tcS>cQ|sDcfq
z=CwO%-1Xe$T)W|2a~!)}&W}8TsQAP))SYq0OHtO5@y(k32jQr8?p+F#SHccH1?yAX
zj+YYC#(SP02(P}`yv`7}Qza-6G}y2*P#Va~^0WO)tU@5vHor|QgB8CZ*LGRsPVt%F
zKO_+ojZ!fyN<fG`zKAVkNHLjT!QVWYe_9DgLK-uj09=Ipk{!*iK#{~#E7KM&-oA#v
zzn~y5X=)^fwqKl4T`My7E*BcNysGXYHCxs{#Ggr}cTllVHa@KgEjeE{Jfv5VQjxSk
zRge@q@UH3v)L&Y@(ocF!KlshiX8!9f1;cG2{&nQegPeNR%xP2(%}hqY@2;HGayIbH
z1@>>4F9dNEjSDN(KIT`W*%n_yaEJ(TG8djr*lw(q$cBb|+eiK2>CdmNSedNmUoWC;
z61yrMU9NeXN;#ZL8m^M51f5nsm9RHV!6Q?Qrj|VcaZyJ8wOS!C?SaA}rYtKk6}nWZ
zU|4#ELJu{{;zPb{B$qGr)exgWf0`roZY32`^a($wkRex|tVSj{K|41hOi#C*lNFKZ
z#Byd7p2h3$di31FWN?0)t~2E#o5NSmP7T$a=mvypLS)zvQ;6`ro0EPSE{NigfhvOC
zNZeR!qGUKY#gW1uT<aKELH*g@5rP^<0T!hvj!qua$pOHRGU|sz0d+uSgv<hyG^^Hf
z79<34Gj7+Gh^SpCdw=(H!8lUflskvYJFH9pCR6Sa_8BE7j&ZVr8|UTW<OEih`cjh*
ze2KHD5stIpyVG3jX_1PLLjt-FS?Bs#0yf*)7VE4d@ixVh+tqJwaw?+Y`;xapd(Gf{
zKK|&4{pkEK`JSlFKwkrW>btZy5zhd>nX&14iMfTwv}0Wga|$PoNGmOJsl`{}$X-xg
zBoZf^x2QoG(iO@h7Nql7&OjZM*ZZTvtMJ^5JBP0?g0jhvZXlLCCO@_0Lt31l0BE(%
zO1_|+L=d}P^5uGDjzw5&m-f5Y33+7BFIv~AL|zoJv{$YqD29<2^5TSubceaIb-Fdi
zY!_pvNY|WB3DgeTvryxwK&eY=oMH!Zp~z1HU7@P`bD7~7{dp_X^(82CDxIxTkGs&n
zxLrjhBA1TVRZ4)l(v7mQel%vsyP>amOXjIC&UA_LDj<A0BjD3r2`hJ;wW(uI4@JNT
zi5)GBs+HHct#%I`wErAsjrSubGTgmG68m0v*!saa0aq6X%8Hy9%Qt)yN$5w0^HED~
zyfY(kY;}=_*lw}&inkM}K~V0>?MJh>)|hxKVF^98uz}g4EW@fBq2FDv8bC_8f$MB4
z_{Ydz^w*TM++DJB2I!g8NKgluFiX83MjH>3b;E`r?**Klkaysw(?&-#f`k`p%oY+|
z!G0{dZcP@I&$`UeiWY4ce;!86a2ezA;>X$%mcJAqY43~+_<lPsH4u%PC{uCUC<lk6
z&{<ZZV1yEJkd~Ck%*^=SA}q%@&a8)oCcOY%;!}Cb+1KbyrH>h`n6RY%uA4sLOy8#u
z!$5N)%_wR58q_uy2SgY8DV=>*7Vu{=y|3*J_7bf%hBlo<LI@5%aCn`4Ych8kn-e6%
z+hZ17$1Oqd?`k3C>Yv}v<l<rqWY@SV&y7Kf{#tDo(_PnSg5vhx>T@w?o1iw*N1UV~
zbc1{8AWcK?<k&uhpuV#FW0(1p@olU^0}R*zQHL$!D#Jc~v8-ZxEV$55z^fw^QfXHu
zvFjrRVWh$6$+mfXNi_I3_<{Ej3z+b;&X`n6cIrUL9+~{`GE`GR34az7dnC;gT^P-*
z4O5Nm4K<Up*d13B%cva>_ks-q^DleyizC;ilZKaQV?tP((kjOG#G1WV3(<Dmq;%nB
zd1g#aKo*pU4AqK>J&q==Y;1#}k#~6>;ceninUi1k4zX55Q<&Y+9=^jhiDjlRH~Cu<
zk0gEOG_%Ln?A+dn;ugHB<y#r2@aF_G1LMH{prnio1n>TlP9RhPQ4cetj@qP|U1}dF
zyq3eso{7+lojniy{LX%DYH#ThH~a*7wwN?FmZ>S_gdjCasfpl1SJf+_O+@u}LB2xx
zCWL*Nbd=?Ln=tQZeACN!8>-B~#!{-urF&Q3ko@5m*1AdkkLZ2P8pM>wt7TAUPQUE+
zUjlR|zwUfY9mq@CjgpRx)(8~IwF$QpB;l9}z)nW+O^5K3b$p}<$0Kx{!L=_I=G-SG
zhb2LZ^qcL*y4w1<Pn^3zJZc$^mkF}ZT{MZen9_^=3MQJ02~ME)0`o%@JY9M%+)kn8
zwJ6(o_;*624~C0u+JcK2w(e=8LQ$7D<Tcva{d+bM)3FgnU7xBOW=Re89Tnlk+%s<{
z4E)n)_Q+k;61m=uR%3Aorm(jd8ODv7BO?cJF2cKdPR(&^13mb%(f5h>Td77Vr&@|8
z&5&ue(fd7oS8+%ajdnO`HUdHQCHgrcLQ~tATqSUxEL;N__oK!$jzb;3$?@t(xXkTt
zS%tK+8{_n{Yu$FYGXKzFn_S2|ti+1V>BA46b+%`j*U^c^ut-+Z$o-gxw;6@_?UgBE
zry%-`DT`k=x0&w-TwhCo=m?R@o@V%J_6<}&&c5)*YogSe+!7usx`(6y?DOzAFPRP?
z^D<F0ZyuWPC}FANh#M4K{ea*sIwvbu5DYZdV=B+Y9{ME#I)bKai=lw%fMu_R`%Ge7
zFrxIZ^8OtPeeg`mrEwT_3oG(#tXlo<b!*^=O^)a>2E!YtWiC||Xhs+t{>h-lu*mBL
za2Ed=75jTVoR1;c2Px{wD{xm*CrVcqC%}*VhI2!XxAruJJBH=Hj0M{rB^O$WHh$ao
ziX*rlo3*bXmC};Wx#7GuMCsZ;Zt-`i5nL5g8??mb?g!rCE9_!_f!`@I58F!U=(f}m
zoU^UO_6<&vkm>Hc+|&8caj}aLc4yATBf-csfR}HZ*~uQsjy;=%69Grkhn?WHWrx+&
zg9HyT(#d!f=c>_*1dmh*6J)}5T0)Od1MOw91IvuuH*@ulHpxa{5SuvV2xfrZM7-B{
z*-$&~eMu!Np-TQN+DUM_uTU$wfElx&ue^5hZlw>#F!IdSMwH2Yb-$W(jTG8<4o*gj
zhyyBgfp=r&gb~$QCRE;GRz4{%p&ybA5rkLfF|pZ3fF+tf`*F}Wi6m4r-G`rxs3gMM
z?3KVO>rUQ}w0s*w=#lKEUp1#^G3^dtwxy2QqqCtdwr=k4kkhB1T1YVTtkR2Nt&DBj
zx~tb-33rh*1kZ)@c6Q?6nUNynfnCb^dDkN%@7Ia%^=7n!4|Vn6Zc4h5=M}bB3cGGP
zKdlu$xiC2D96HfioY9fPLYdr^KEgU~ICqd#84Czu`L^pl6%rjlgs)BlI@42YHGVLy
zAB|r9-NYvR8;Y*woARNzhKO8fTfWR)3#0?nuSqKH=?at2j@w5li!mGo-gW0ozy2zx
zY}CPMZm%DfuvxMl>&rIWB&WBsN4JfqKVTvFjh;%qPa;5gC9`3bm^rd)6<u<V+Kl+#
zsHY26XoYPdZ^im^Fjj}L3yC2odwM)2mO30#|C{YRF_Av6SzrVr>NK-}e#V2E3CVN`
zJa3D!b@;`)SfYJP7k6|81CkiY7E;24y5l<I>Tcc;C_5~sknF*(9yK$tXhEFupyaZ(
z2r>6`N>BKt>~!6yXLq;8Tt7iI{(3aCnVw|$s&{0>1E)VXI8JbyQId5VJg@l;GmZA-
zj;6v|lX>pL)Cj@D*P~VXYwuKa@=a@!1YQuYx2qo?9L<VVnd@;GZP?2IpD)&C8z3)E
z7iYdT&3yYl^9^!~UEqX@?-uKZ`j#VacrfOEdV9c_%Sw#<E~sC|-=u!s(X##`C1V$n
z*GTyUK&)F>!wp-^#A0HbGZ-(tU|G@byJY(j#C(SZ0EZO!HllE^Tdo14f1SZSw%wFO
zVL909Joe1Oy<a2By#ni-Rmu&M`4VOE&Q<qGl@f==^57P)1M9^?xos+YbLJpw{w4J5
zd)d7qhsD&!N3uo7TYVC0yo?$@v7`ok_}ChI_o*tTFXWOGYHD!Qnq*(E#pkWjY@K1C
zF|HW`9t;B9=)pW8!8}2_S9-0>^*gL|8X(TpF)jH%qdDd&S)-o_(<o3hyjt5{g<HPI
zJNbFWqq;;~Z*)_<7c6dhJUc`sP6J2AhbXlJ@i#nyU;82R#K#EO(6~OYcY?8fe>;PO
z`|%rMU5fQC-l%C@rL@rOW8&h-C{u#Pt2{=cv6Vz!-DIqM3nI4ZSDoxb@#^vX4=PJk
zw6FJf{q(K@5f_V)vL{lTdqfe@gUxi)hQ*FMm-=%osPOBm<<r0(^8||-P#|Rh?c0Y)
zJ9245-l6)e`NAUs7v2b`g?c^*imq9nPwXwS{*>b;tl$k`eEBO)*ml(Okwc}bX`V}g
zL!OGqB3H`p1a{{5MVdtl$Nep(6H^?TWMItdawj!Qeh$>StkM--h6xCyC*3$I>0~iI
z?&+z!L--w_p6r9U^zE@}jbN&KrS=TX4@A=Y{e{x;{pjo(>~6BVweUKXPFl$ME-fti
zbCJ_GnPbzDjE-B9Fk@&?2bvILpemWw)~8*Bhh3ZGy$T^GosvcyahrE#$oU+fh_#Hw
zkl}X1C__z_HV_OZZObhX#0|W~PXR@(oYug%Uln7GCG|{@hq=0b91$%)h6!|PEkU?h
zM^N=BjBSuhY4u+aCF4?ym7KA`l#KCXEBqXxP7j5!jkS2zRN)Yl7Z=2)SDHA`1XddZ
z@XAHWBo}cgUrn5($&WCcbTx{lCis1cb6whaG|3w=O&lnOv~K(IA+9GuGTLctSb2aX
zsE{o+Vy1{xly-YM*JMV8@gP@8tORL9A~knER|~Ov#O6)NHTrAmhe`0R1i`>zxnuhv
z2fRfxPfNy!2X3mb*EHAX&C%mL9KNmgNN#(WN7>;=vD8PA=oKQ4m8{oQ_`>rjv|V6a
zH+<=pY3)bvc|Co&mwEh&euQbp`K~B_5-C6hV?v9RXTO%EzMdjH$|rUX18&-wcB15L
zu{R-&Prqq-zjRK>-8XJ@#(>*F`3767cBI1$xOLu?`^HLjXG=-~X0_^a!(v#-x!;y}
zwRSo1hDv7BW4QTt;DX-M<PIEP-R{iHjEAT4&1StY4##WK!`NZ@6Q)gBkm07-+LgiR
zZC&8P*i?Ft?WxZYLtMopuMe`82@ND0D0`w;BT}QdO}!y5-u54ExgYIl(yN%NcHE*x
zB=$Z$#PutxiOXDA9&dY?XNoNF;%|j7^V@Jmkjm;*M*EO9stl+-h9T+m8mz4LPCG;P
zmdr9c1N+5QBQ?1C<vFYax4Yslar&l^V%?BY2KU5LYu@%3ZMwYE+flc0_HLX%BaBTS
zMNV04>p@PbvZEzFAEv4#-=&<8XJ{Q^NQ!Cc2})enlIqpQyF=}#aF*&k6mFreS1fv^
zyZeJ6wO}0%!U|82#*5qU8){4L`Y~9dL!zBwu#Zz%#pB|-dF=9Dd%WeE(iz^9NXa5E
z{XHFas=hqRT|9v&BHO3$0;*AO>^5{q_{LsK3tM_-IMiYFzQ^Sy{zewB)YE)Fp))kj
zEI)k;>ziyE1Di)f9N*+=+2RqE^+PD+DzK2Fdz8dzn^a^%XmzOQfau}f!qcFRSC|;f
z0FM_P<IdJQ{fuvC67H#b_u%bIU!Nkj5!V(JXAwLompUJpKQy~z+oqJ>sPOum%toBJ
z$#o6VR=^yde9~KjOi>EUj~aEQXs%1TFsgLvxN!Tb`lBQ7OoU~!{qxL)lVt4!+BB7y
z@AL(NKu@e{f_(ZnB+uSqnXUHxb2EV>h+FXX4I_Bd`A5qgv{W2fNe=pS@&WcB{yxtn
zpC_)@p*~N^jwI(*Pu!|et;ziQ-vF*HLwMk=$|6p@uI#~V{C$l5NY~DGxJctP8i|7T
zq<IK$cc@S7iKu`?bEiF!?>cU5KCK0Z3wy;*wj0wKXj2i~$KW=^bzic_Ymis~W#S`-
zM>5lHhh!U7x;uO+g~NrY^pT8g+J|fb4nSYkkL=))@i2VFxCD;v66}{b!|edGd(MZ|
z^>44TAKxX&`&5O4O>JwaffVchP)~HF5y4LjZh87g0`u2|)SpvTdCNEs!QcRZ6a4?x
z_wt_!Ol4hj2SZ^KbNhd1s%n)r6_$iixhb(>Bluw(WSeWCMn%G58>B=R*WKmX4(6hm
z^5R&;6c!4EJ4M5&P%h?1E)y<u%SU0-_XYCC?`ZG9(xjJ~&0OC3N=or3Zk)`Tp0e+z
zYbv+g?ndqcXfiQ+-vYBRIv5b@T^hQ(zdZD6rlS$6ZXm3kRSb34bCsN*;UcVkQ@U|>
z%m{pi^nlnY5O89aXV}Dw!CzRZ6mVA3YDt$mlme{OSfaoh3(+c>7<s=+vmdXtLVs7y
zis{HYLeXuo>Nu1n<(93s#Kd6OU+0u=P}EebRpZ1Mx@n_SJ`)B}y@@3a%seHHUSSpw
zXw+weMVG%5`5uv8xTnl+_w#N-*0@mVs{qR#QG)r}b!|=1(JX>k6jPe*2Wg~RANiL$
z*x}qhhkVIUtZ8<$m3hNG25fyNeW3S(fw&nlbGrBn%mgl-2!P~qXMjO3d#JNRh!mzw
zYf)pWp4&@lNsVC{&do!)T#@iLnjogy@kpvnbo2voV?_DVboOmWe&N%aU#ifBL|>g5
z=Pp<35g%q-lFwnHGCTH+LDWOg0;<#YRZrB0de++9%9R0~;I5O4zlr+nYx@lZ_MK$n
z6NK(@s}t|DZ*Ww5yq|=cP1T3{wo;WG9Et^-O>q-Oq=lkC33az_%`XLP@vy%Eu^1OW
z(>|{IN<t0M4%DBou2bWv$v5k7#`Ke7q(MVBqmjBiD8JyzT)JUcR6S<<zGQnzH#!-R
z3VE-7eiq~k?HInkA3$mr0Ka?}+af50b6UU_iG-HT)zaTBB3hW(BZQVu&!2GACQ!CX
zk*B25?SRH=t<Ve0qe9<b4UwL<jS+gwF9fg65Qe`kF*9hJVFjyDuFt4>UGA#3V13m8
zU`zT6a*uPwOHXGRGeqDrE;D*^K6kb=T`o%}QLjGnsJj_;whxpjDks_ozjf0@t@LbG
z%@twj^uFko(3PydzshL!&AInm?iB**D!4IB1fv>()JYaLd{;Ij&K|MaPWIi6)C4va
z<FCbWm!4r^2m;X<&@``M{qYqLvc<;&8(=aI-|g?V>(Oy%<%-ap5GdXX>9#-K%j*P!
zUjw=}c^mK~<vfGgXkgMAFSQ72=#72o$uVO^^-~i`$WHw)SW&Oh)57x~WCY^?*g;X?
z$i*fm7VZceP}E3e*~Jkj+=ADvEYz>_vCv{Z2K7h=-w5d4qeW|y`0^8O5q90iUC@<&
z54$Z7ky?L9!Sl)*d?Izt@mmEzv3ejQ%k%S#i$?jCL`6j*BZDCCA)gU(5gD8uRmk|T
z5P%DUfsa6esAUU6V*o(|azE+vVP8x#cpf{~n9YFp2Z`+-vLSUOd^_(Y(w4mF&Do`2
zMuxk;+Y8_{&)@$%n+aJ#gRh%!HJFy3+h`5*w4C{v4y!|hleu;W_DEwtVWkZ?Ttxbw
z#+#%4-PQTwrd1!!>cR}gjZH~}>eHil`EG+jq{Q{lU!kD|wMO4nT~g7?cMV{Ss!x9a
zcCyN?o_Z$@q{Vk~`bVlCJt%L**LTjL!sU{OCthuCovc3nV}I|jx3fRr=vFK85mcc8
z0O5B4faL!rC$Dd1ZK!Cgt8ZpvX(aH+Jx;*Nz);B9+Sbs{&cw>{za{HO6ZhQ|`qBE<
zLV;$(=+%pF-yVgkgnhs<e+vbI4OaKz=zVO3BCwo#p~}GC(EPInG%>ib*k?F`8owG7
z6r)TNF%*TEH=^kEQa2t__m}!lzSk~`Q%=I6#Oh5dC*7~SCNw{eCE4vbjV&`~BmB5O
zp#~J6v7!UlC28JlmB2W<tMwZ7Jf_0PY+<6OjKg@tWF1#i@a+1)jPGm^rlX7|^lZD>
zG#+*Bo<p453u$N}CKPX8WHq=?`qK)zX(K1lh7PM}IAfL<V91^q!PuRt;c4|_yEFup
zhYY7sv;hOlx0)&*fFV`|&gy()x-tz5*awqnajbq_xM-RL8Iw!7D)xQ?ncX53urd{;
z%rn}PIOopI*Unv@GG_0s=H4BmvVFPt{V@OrZ7$U7hC0vczsNR}1L-Aeb#QDs+fB`{
z+&L2v^#vv9un+4PDPv7m*2+}jb{08L*Q-Kbp+g^|OVGkgMwJ!Ti)^6m^CTX$)1ht?
z<DgXzhP<ro%)~zXQQ>Q6AKcXUiP<HTo?&&q>6ZIn3bY_x0v`i-rwT;eGg%;pLvp;d
zlCNA`!yA0@-pM1Ondpsk(7WY|bY_KhadPV>hl%py3ZvF@letij_4)V&GXTQV@djmt
zPjNrKK@si!462gByBX@%N<&#5`?0;56$7<f*a%sfj$1Q71e=NIZszU^07pG)E-Fs6
zXF$S8mA{z+oj16F5AWBanQAR~I_HZ7LCLU0Pq-2tqUd5WIZ3g&DVA267m@-^B7x5m
zc>VnWq?G_w&p<_u4G~4!p%X8v2~A&7>AVb-I)oiHVo}>tH^Zl}ZuYvtbRUCBsRdmd
zM19E&EZ~+*RdsbS-E@9Gk{oDIp1-MXQ$0GOUoOL!>%UN-QM9k2&!!KIl+x_2M;i%o
zwI<rT@)zKHl53?Vhd8abB}-Fdf`fG=SABfiD{koRC3`f5!e98BIqmS{GbtilmQK9C
zh>gFZm2#MpSnu&|mE>`y7SLowovL51?v!jGp)U4KcKia9#AMe|0orYwPuE@?7(q5`
zs-m4_;~{D>MlK<@^}d*Z0X%;IlA?Ry)lh#E#sur(DqvX5?>N9jYp60NN5nbDI{Hlt
zC8-HnBI4xeT)d+3{xQ@Zxf)Ad3UPaIEUd?St4P>-Yq0Lp@Q~B0`Fb%lkA`{LL0Cc>
zqWsngwXjK3_^W_c*EH?07CqSesO>CEQ!@U_fLztQ4L8+Jt1}E1W&XQ+suQe$GcY*P
z^PE1ZZBsa2L3;E}Yfa0I-7Fb0lUpPn9h<o`ecie@4p?=1DFGx$>*$)@GG_{KqsEhG
zNL)p_yzs`x{we~m+%@#Dnh+-t`6D60kkELi&+Hz2;)j`xZ8BoN2rsBs33St*Q=+xc
zonb!!<z~+~AGEsh&qOR+szxNxyr#~K9)!9BZ;O4J+^SO)W#b3i;y3vZ)6j3+BaLbm
zQaM~v@^rknr73_`A5L6uZE&W4_~D0_u%beTRIPv~ewA(t8KqvBA13G3)~EDTCh8~Q
zj?ou3nnL$>=D8Gp@D3>*L6jlt@vFY$q5@kAJ(=YbcYjCfxEC!*h^3dIovPW#(Q=s#
z#Wp!TH@Cd>uK$aRY+{l-vV?m>4z+qig2Hfi?^i3Aovt`@8hv<!G79Lt2}J>MP2F`#
z*oZQ}I~?5xZ}&WT4>lG!PXV0BZwl(pGuNa(%86Ns2qf`}!qsA@kplv?Tt!0(`!+66
z)*@#4Cuk%)>hTQlqS`56ZCD+`dc0M_m8M|(x4EzHRKth?s6SMvoYT7SDRI=rZxuV6
z_w3@9KiQ@spvVptE3l05VV0{Y0=89YUKMqOBwj#@%dB(Pf3=V#!}U8}3<7yG3<90a
zUkTEqK&&j@Ocg$v8JAtr+1pl4Jj9uJhIbS>MIe$r)uWrn>{$P(9N(?HO=bOtO^ZKs
zNo!r>LpHEsmal*`ZKz|#D=u#Jz4QWNT>?VpXLH0xFz13kt&=(gLMwn-7WHtisFdaX
zF&2UATE*T>^0KW{8LE;{DCh3AgLES>x53*}YDW>F=j8aZ>J`%E`6IynVufT^gV0D;
zvK3hzXnSIqYD7L~yNVrj3|Lxn;T8B~D8D+^jAAAWfp*6haF0pQd0_4{`@vKtRt_%X
zro#c<F0*JIXxkbBM}a4M{+WO3$*(!ds*FRc?#w9x{wv9FaAl7al6+k=q4lJt$u@y`
zSntM%G2%#SbotGRoSAvUw>Xylr4;$4;?%M*sf36Tpbmyo(!rb};QVObWX(|Fh9<8$
zSFQ<Aff8*gg(gm%MC-MadE)dKTN@2h*8+(NMBJr)LMAFqI9Y>fl-+XUI!AB6k~>GK
zf8J{i9mDIBb5A`j-2<KuZm0^i&c<m7<S4nT3#6JAsz~k6#+CKCbfImiQrmH1Mc@Q%
z`N0NCb%^?H@l)Y!?(3Qp3L_=@64HH(LV4BZVqlK9p`IQj)fzU6+8`W65=bf&&<~7?
z3XQn$QuXtbpjf&lrACf^K&h7T>>v2*1Z++d8$6AwF|vIef7i{mBX4-5CDol$0kL$e
z73^@qE$;Sa(3^4K-O`|BfjE!Kx3<Va;=Qqa4Vs(EbJVpAou&-Q`X2e8lSpu}=2Ul&
zuy6*3>NN6|{i!A`{w<zGP_-Y<pOhsEIfg8Bt*G7V5!G6WYmPNwO+GUx3z#u^&yi)G
zFYAI>OgVp=dtWF##9UeL-74i**Nwa=eI)+MqMp5Gg=E4}!k8<g_j73o-?YMKI6Vg5
zDA3h7H#ix^TSMeUNxh&|)+z7fp30Qd*`5Y^5UVo#vLyMm#J=%0NpP}B$zZ_Z?Hvx}
ztuyH7bU?utl5!@|r(r$7O)}WB8K`wR_&{~3(3})5!Uv}ydEFt*Bkmq8-w)`OBTfCU
z8Kvfq83XIa!54X;EO_ftcP8?}Ul~8faqu^09~~Q=$~Ae7ATRQ{GvP8tvNJ_OF-7{#
zL6<|+>~DcAqQreC+K#Bcfx5;ctw8}!EH(&Ezc*tIoU;Ti)#N{17yg2y*6IAoF+^TQ
z?u5xrrt*d<Gi{J?`eFaGL$bi(&%PngbU05j)k1~V7t-x>CWGE3yJ8CMVvOUK3AT%4
z8xL#J`G5*vWt~F~&1d(C59Jdd6kU%m&}D8E=jVHgmLHcpL3X39x<Rf!xudEh44g95
zoX1g{2Uk<&XH<<E$!zQgtD%f@^|n=6aPx0ffjSnFFmB~K%=Ml#f-fBhSIfX@%z&Wy
zp3xV0g!JQh^CERt^_u6Swy>wz0`AC;8g7Sc-AJRPtP@>+u*meir5+6~VR=eo{yM|Q
z(EK~-6CJ+r?4IKw^3})tEAUUbsd#4$ovom7V2R!;jo{kdge_y!tJuqPTKbMHNo;YJ
zc@J{RlCOw|&gt<SdNb`+K!<7EeTeyWy}%^;D(5rpIn1B>VA1-YeEHEx72OZCRXeU@
zof%kWo95S8?=DVLQdA3c5JLl=z-<Rt4-<pxV}A4x%FK`EuP9u2rRL|1?f-L?$*<$q
z=Ming&k=2O;Q_TN7yyt23jomn9MMV%De_T^Nek0j=sFr&(*7La()@XVOa1QwuC<i~
zjkAS$t+Kk=5*@1NcsZS6d0mXw{OfegI7?VH<vo_`qWSzfHFbuV)V#3A8(hsJwur5d
z-rN`^c9V@ByL&ygs4`IpItuX`9$b_)WeI+Y_HbNT%u+Bxej|gA^_;etquF;!u^N`B
zhdJ6>T3HD&lukSuv;*bMORp45j0YN~;_^SKg;2*6uZF~#lH4No`3N9m$Fu7hZxeE5
z5LdqqqKxLdL&@O>3*PQE2xMWDXO8cvmFp0o5mN9PMQ&kredBMMPC!CE87y14@J@;u
z*;KAK$H@`Y%<F#BLvqopKU!9=#;hT~>2=Umbj^-Yvr4v9r6(NP_JX*1fN~v6R<F`{
zh^~zq-$ifHD}>S}Vk}EYiue*1b{R{SC>AWm32SQXTmqPu^jIiV55Eg$5)a}8Msm~l
zk?-#YxNNhOx`(Lbv!cnD&lC;9b_XL*GrAEl_T$2ag-+E3Dq>3gs|JzyPG-`Uwm#eA
z;lfjB*~#|nQser_%gvU6V{+s^9;nqSo{0ciV-Cvd(zmj@s&tMYy)sG*NBB7Fp4L{y
zh0A+Ojs!Vy**>B`FBXv1pSK`Yqa;T-gw_<FLESQbWN5(vEJ6DSp-jz458yV+Fl)i6
z6=^2tldxNN5Op}oe&=JQRNxT6M-zTHFjJ|erx#gr2oAfQc~_)QVL{OT5p&=b8PY6`
z5d1dSg*sZD<_ECxPx+c6aG2%Ym$)>pM3osIm~k}H4tM}9{KjAy0^YNnZ=gsf=-b_9
zv=W~JPGhm}gWD#jEilk;rBk1@-LVI-0wa2g2gUf%h%oLMM=Q%toS}1^s#ntEu-iSC
z$Am%HL3_d8*2oNK$z9{uSMu8%vPIHlx8B$xC@V;FGpFv0v9|R1p(jl0;loslpC?r*
z^$=J+$ykqnEjiALllpFQ&d-j%I0nbOf1wB7+V9GBG?AoK+Cm3Udm@5`oWMT4bML1;
zSyJ%>?fg6^tmS^C?OI*sNw87O=`@)|%#3Wb+pE>;eIckyo5D!g%E1wHmE;2rd)X;E
zZ?i^UPY|b&)VEHpH%*Vjbmrg9tIVJ1a*5R!cAB$sn(G#6l0x>&-1GyEbp&9{;<^^A
zETqCs46yEE<y#%nYFOy$UumQ)K-9i*4qoby_|PQ0bCmp%FfFk*_Fcj5`+7Q(>h?bZ
z`PXoL4&>H9swenSM63P`U^T!$y$OCVkgaWh&Q@*hO$_be1}mXIy+s5}tdt`r#}eV-
zW))^evRzHRZef!;IJNVzQpL>Fi#mxNhU3Xx&eR1~GngX7HKxXuDlY~NTrR6u^vG$(
z4cTP^%638898aW<v0=Wh@1gPj!{+{%W0aKu0YwEv{jcN4T-Ofy<2Bu%Kd6A`uN-f{
zukS{RPg+b^NI{WCO8B3IpLey_fPWBvX#{}!ufGrh$9&1Z5`Jyg{Gu87FU=nLI{!7p
z|4%Jo|I}jZMNZ&9wM6+-OE{3f%qILN0QR2%Jbw-N_euUwptpYlIsIqQKbB|zr>;l%
zQ`gsm{I^T-KQ+ewQ{&D5-uTz+_&<Rt{sh7X{hfgL_0s&Kuk=V=hQognkRSm7=3g{w
zy!AnUb6w`Ym+QWim=~uu+xZEz`B&|eX9)#}-`G*|KhV3zkl%*90RTLH9zFG+=n1d?
zpXq;%&X>-WZ~b}Tf)M{4KRlz|@&9w**z4+>DeKyr=<1mpDj3@THQt&VGWw5`R|@{J
z>k|oox9b`HT4G<?qY>igg_iPDhT~5XZ-{?$E%v{hUjAAKaNIt`^s|?AkpKCR<XOj;
z<o9&`ny(dK@$vBI`?&qrD)MJOI@NE!kN=^keywoJ`zHkhn%_Mc$|iOuKc&QeUSNMM
z_OfX1vskV8Z<o-034d9-^BEo{{riPHU(#QeJbb2C$^Cu-#FzA!MdqIA>56}+<lIaC
z%K~A~e14VxMY*t-GB2w=J<BYA`2E^XFX=DK<~-BSHGaE@&P({qY9!C_8|~k(P4bfd
zvi89<eOLeQRYG{F@Y41CSwY75f9HYzQt73k^s|zd+26O9eyQ@(8TeV{-r|4d6Z}%>
zrM>I3P=@tyo4vk-zx2j@hPT`OmQ&_S@JoxwXRw^Z|0l!8my$1i2A?H)oqpSO@Fo1E
z3)?f?)AjFrvb|J!>8katg6i?x9$PQrFCB}X;b@<J+rQ`~{H3wWGhD*=H*8*BVqcm8
zJYy|`f7=@1CH&<c>SuUd*l+KsehGiM`Scmy5c%6%QD4GeZr*!_&&K?{t$Z&PUTy??
zRyd6NTie233cOst^DF?&|2vC$Uh-c)HGk%NmHhvGhW@MaUu8Fcx%Jimja=u;oW;wW
z%QGIU`R`|7WF;UV|De$Q{Ki580Op(j`0xJ!P)h>@3IG5A2moMuB}=Jbhssci0RY3;
z0RSHW0037-LM=&7MlWn>VlQ)Ja%pgMEpugKb#iHRc`j;Ua;&@sR2+%cu8q696WraM
z;O@b#ad&qDG!Wd~2@U~*69~cGEw}{<?hY3+Gv}N+|M$&*&$-iU6>D{`>Z-1)r}lpL
z`*x!w3l0GX^7;UHQOJV)%LDdhkr!8c%OI^F!KC#2YA_&%udBI(bn1eFfLMTmfMERV
zYVvOtq$R{v)fnX^T$T0g@mNrN8n>RSkK>MW#jITIw?q*O-^N*-YxA@tHh!B=Zi8O>
z8iS0K1aWCunKm&zdMC~2)z$qI(wOv^76+S*rf7n_uIC2Xuc65vJrjn;j?Ai8d)Wn3
zE{GGcGhrn^VWWs*2wL~+&#JjAsmkrkmd0o0$fsy3W16Gu$SQXY__l9w@!=Sn6zsO-
zM}?YD>=zOe&P;dmHlMAmDpx5|3v?1>bN3N>WC%F!Qv(EWj=8<yTP4_HRaJz;Rt#lC
zMZgLOzmRrw#vs`gsfE>1M9@{_$v3-@^w^-&+l`+VKSVHm?H@(rX-?iSzpz#M+yX|d
z(R1%;ZCV1;p!dVv?)y#uGv7C+V|DOGeurv;rU$aNKn(x<%3J_aDeVwp<sLspXfnq~
zLsyN_W9*pEJ+=IJdRdWG3KD&{^&O%*#pl|qAC7y(KCC}s-xxZD>eLCE)Pm6z-he3m
z<D%*Q+eO3t*Q)`rv$J;rxLDfTIWzt9Ejs`97KoR{-pTwg)<F7w4J%VSYfC$4W6Qr-
z7wiACu7i!Mx#eGe0*e3jJ<i5XmJTk?rpB&LmM)%5|NC(>{NHZE8DM8(Wbg48n_~Y@
zH)ZZ*Z}0Y3A5QYW+@k91>!y;wo~Zs>^DlOy{`c)f%=EXn*gHwvI@tWhh5K(0OwH8U
z<+nYmm>SzVnV35L#es4Er#o@CuyirCv2=EE{#$_g?de~f1%dx`Q*Rv{ob25IHlp@+
zE~XxTby4~M(@l%o0Gyp204^5db}mkT#iZ>2<CgzdM*e+AT>t5gYyfuVt^jk>zdGgr
z@p<`;>_1NYzqGU0Ezd!Gf$)2Imj1H9zbuw^CZ-;YR;D&Ko`g|+NS(|mkoTDzuBBku
z{gQP{oi*5+ng<r{S=5bv8yu>`Quewl<WBGDfl<Iq0yF^;%p9*dnMYQ4;|<@VaW{0D
z&~=5|uJ0(5DQp?mC;3oJVHB-c-%jC>M!SkA;&JI|?d`%yj43Q^xk=>fgWa*bR75yb
zT3t3T{cphk`7vM5YTuDbPU1_~ZGrr)Wd4tJ-on+y+1`#(+{4Ax&iUn)k7}|CUCb!1
zx3ILF0o|~|MnT>IGH=vqb7j6`Kp2@%DsRlzL<!KyV`qlRI^eq5Xc==cl&OjDQDw{*
zoO;{0=LnfB;yF=*TE-ya)H6?7iFxKj9tJeWtB{E9azc{7iQ6(T4YFyA)w5d+sQC$H
z!h|ur;GGN--_=1j1CgLy83Y_EA&RvE8=%8EK9vxZqIkmxPN`BY747tl(Oe>c6Tmrj
znMWz5Jt$TOT|4#>k!OZ9YAJkS+#w39bJ}6JNaN?N3Rd7pE{W2&v*B;U42`B4`-2<<
zvVjT~S6}^@MisqRGxQZX)WXexd8|^==Ik6#hYHDlt7ot{+Qg8Kr1o=Yx0%CI7qN@Z
z5OZ{Bb-FiNxE{u)CxFtEJC*sY(`Om$0$pPaK*L-I{{Zs1?+2duYgiGQSQRu0%NiVo
z$Ew^KYO#hMnldL%7;o9_Fu9^fkrK9vyt8#hpTyGmxT?i%Qmn}t)@luc7j?@ohZfAg
z?d33aK9ABebUDEnt!reO;c!u;+k9L4v?NpcAg_#Yhy3Tusz0%`&iOmj^#4DX)zZ$=
zg;DzDk0rpy(#zCoh)HH{NM>YcbeK+IbegW8MjpEM;zL3NE4<7H)dblHR#{qruE0)a
z_r}Ki?s$Z`FY);@j39sBKYpOjdiKjR7jO^|*8gq)FE<;bwY`P2tF<X3z}VQ<-h@%*
zrHDIO8oQX9RK~o817krDzs@$EZR>hN8U_!5n5#$3;-+AbmdIM<(-a73$k^KH^53FD
z+J<5$2^US+Bv3c)W--HbU@Kshpue^DO79DULly725R<Na|JA2W{tmq!8cae1nKw~R
zz(O<Q@kxni<YdKnH1mja)})oR!@dA>K)sKUhDknFe$bWbO$-L!(=`cJBP=YqRu-;y
z$LJ=nm9S)?<vG}&k2a3$NXO#kNK;?rt-^oVzJ8TLIeWlM-_rP_*DxBtzF3*0qdKL8
z()V1<&^;~8zy--fO)H|D@6i}Q4Hx#V@7p)!oXHDKBw%4eVWba<?`aP%6Pw@-=z~(U
zcRWa*ys&xZXrcGj!IRtd!NB(1F|iP+t~doUW}_NG=OO=5Ze}05*;!rY$YxdIHgmyR
z_WOH;bn}+{bq#`oUOiwzlB@C5I73&}{(17c=ek5%p0oCRXO1Zjo@@=SfocB;AIGRt
z2~38Nt({u)eP@Yw;a(|s5ug&UDt2Eg?R+k{uUgk}sil4N(7p3YE|06iEQ?$~Ze-JJ
z3iB!X2-mIh=a;$ts!bca9?`G5=z@*GJF3|-L9O_mR5k`W`9DtQ5SBUYv=c-1kX;aZ
zIN5-KZF_bc4XQ`h9NCN`@xF5(>{E}kaiaR=^iW+FPcj$>Bp1(O1zD4-sOPAb44kbH
zt~Zkz{jD9R=DJ3lY<9F<vp5Is7v7;QG^0)cCjkhdx^_-AG~O#yqj|G9c3GoETqH1_
zVxD7s4Lhy!Q|>U%0yMX&;@a(@BiyDpATVA1PgnpUJHpt=I+=lDF4}0`pYYDD94Xh9
z@^B?6fmjfYRuN0)sdDcj7GV#Q!lE0U5&+CIpD2buAh2BkP(ZK0GXYe<?D5nSj_jVZ
zyXGsm#Jphkve&Rok_{Zws|K)xeI%h0R@S7$XL14hqC}yX{NpDm@Nifh^y_gz{R<jR
z^^;V<o_`b~5dS&&1CLqX);wL^mo;|NpGz?z`Br_ss^<GOb>-q+;oQjDQ0n%4AKp-1
zx1F#9Rq%jx7p6*kU2l);`JLj`;yGL<K4+-I_m3m@r?dwpQMQwwr>Wy&?0%1;7l`PO
z`y|uGBT^nXo?a&){6?CVjNvjmJ6<a)wI|%ZKe_$QIjGDLnbUX0!ePi=1*f=bJrhT0
zEis|J63Y1c4h5^|ICd!~Xx0#(bpN->ebSy_R0Z1E36xZH^vY{X?k+wHG!&6s7~OOs
z5`3p>nVk;RpElS>A-<R3eAA-MStl5kG;Pa&KHzL;>ohmMQ3ZW+vB2nx*$@d%8JDYI
zZsr0WTJ=iP0!YiuScn)))8i5yT4#dSaTqsL(A1;@qKky7@{V~(@zPxy(MAPewPkp&
z)k_kKq~dq{Fy}}g<Xo~;P7`XZr=yEw=2laLTn%qkm2bJg#xnf>t%6}{pu)=`gMf^a
zfPg6dm-qB<a#R#xW25?VN2{9Jm>R!mo8RwhEqD)t8P}&zS1jc-nu?ze>nX@=aHU)0
z8{@)3wXirlp#sT?YQ<T)E!yw~j6b>c91S8%!ANJuQu<=Y_w!r7mq#nc41@_p2Zd#^
zwSbq#Ul3U+^kff=XSbAf2&*|;<@;Qa<Yr6v1m|%z+PstPJ?8)9e1v;GqN=C}s!7)A
zXVYPDuN>ug>oFX|wC+gbEz*_3At$w-(BqRceUeD*$A8$z;v+8DUIrM9F+ZsQ?y&pF
zcg;PPbev~fJ~>lGdEY=2Z$+?QN1+k)!BgDeKUDhosCGrDJh)Fjt=^v^dq@lFC)e5!
z^fhuk6lC603AG1lJe+Lg{Me<q_0Upyh#-Fcpuzs-r=%uP8OEmp*VQEFXG-E{{rAV~
z_jpgDUC0lbLB+l|c@K|qJ`eMu&xv1!P75G~E;n7jkjy=#)SaU@FJ?Gh)B$s(Psbq3
ze&+Ah#SNwoh}}7{5iX;0K|yqLg4%MYhaa*}f<+;6xgLHv3YXZJ=vFEu8^zprqL@3F
zH|=KKZ{ToBY9-?_gh_NwgDo(3@d%AuAhm^4bE7bx@GxLE9dy^BmV4U6pe772%I}f@
zF5F9QB`4kT!QButSgB!hgCe(u(w35pGNrc>k1TjYoyj$ZEHt~kwWq{eTqY!}x%}Wg
zk|)N_mcG$MLk!xy>++_e$&WpbB{WKq&31CO{=2cg9C>_NNvF19srDBpG}qv`Y!gxz
zyqI%lcyrz5Ou0+bEUPR7ay)pW&F~_XiAPp6NJ?2VP8-w{#Ps{fKt{5+nnnZbaVDKo
zCgeacOh_=*e0o)1>dy)0Oc0po?=2~+{Z^!~-0}zI+$ks1EJ)3CGgw1MBAY`)TXIQ`
z)gTdAS>F>S?Z~-Opo`Z19Hn0MDYDgeY9D8T$G=2t%#tpWw-;>}i7w<yU~SeTF>n^6
zF=kfKD%8RKvHrn$qC0>GWduiSGE+jidsk#I47Zz{gKzX|_CgI!y2~FP!aTtRi)(CX
z$E;6*tRX}9paw=8t-y$q18<1Dd8WwcVQ0^@FEY*byYE<G-p;{L(CmuKEGFG(1%Tpt
z@bi2P^-{q)C*oI>rj|E+e(ouiBbRmE+_ScyckkHZZwaL9E^T}SC0mn%%#3n%Rxot4
zE`<@wWv^23o<dE{$JsY9^m#vRQP+JpvlKq_j;#<l`~rNYU|^u;($Q%cgC1ZzY;w#l
z$r=Ds8S7ahLOzV?%?&Kj*%R$qsI25#S+N`UlC=Tpeap>c7vKoxCrf>^@v~+F{E=lv
zdfUS_IEQ(phzg^8`B|)GQiOH7zKm*0(N-p=?;V*8?h>*XZRZYHxmk;X8glg-Nodc|
zFE&5$IWF=rCd_>CNR?F5;Oui`tm(6(!7j;&u{7G%Bmq*Kg{0g_xQ4fWRJP)7_z3iI
zWWUPJSVZe}KG&^O)6mLDV`e)9tAfHsaW^X-ICpWSP!)~SlQ809>QBYR4Ua)`#E|Y&
z*_NWT?UqnAGxH}O@wSq5GBBY|k~{iN+${3wBDQ&|&t`mqcSc`EdcR=g=#B4h@5GMD
z#+gyOsjcqOW96wy$hCIu`arxgc}n-Cay>ZOV3Uv#d~NWo8FxV9n_vi<K0w;_0gB31
z7l;%{!6wUT#<wP4s>b?pQ`twMtCd#)piNcZLw}DIoK8I%BHLsxul2}i$=~|ba4a#w
zCp?nHq|jv@RiDrwC^Q#b1fN5_omBxZw2V&izBPFyJT@BqrkW8eOhsR~g&O@wOG&Ju
zZnQk_QP<<aw3$kbUIinqIHvW>8Xp1}vDR(%=&@wkQ86_63kC#z8(ADo+1nEK$|63Z
z<tT2lwP^Onm0<lyFPZ3Z`Z6-a(-+~fg!7^IJBxXw{Jl|cm>82a7ZpNERQf3>thAO~
zJz9NjT4YhAwq7RH^rlaI1!uyR2V_jRWRHye^qvu>C><lpWs3z$6qv^2^Qj^>$(J5)
zYbdaH$nWq~oqLD8u*}U2g17AQpgNl=Qn1oT^ie3xc#D%vH&~D#*=!lVYQkZ<+@_Hz
zhewOuCSj3Ockx>x88=LF-BNJG*SAr4iqi73l6EPl__J_sOZOj=kWI0)K7O*IE^KNN
zo~RMzltJrV!BvF2*vpE#9YqbPi=*)|b;Ih&w|9e_&l$z3^(g-oujv%r2QxCJVqRSL
zj=+5ON_?|Gox5tV)^zre<|`J#2K`_@YlPC7w~IOZvhhIy(^2r9*1XdAYR^m6B*QYd
zLvR`X>7c>Rp54}0xpro~<0Hb9*~W}tX5_q`T{`@IW`j0_BZSMPslrhi**$$f;yiqv
z!;UaY=I6VuR1K5jik9k28%B&b@ykQE<k%mP>0Jn}qT~B((%iK)RD&i`FZhd5u4M3<
z^TFBIl9m)5#+PFKfBHxsOxD{)`vv-0RkbrE4C{*ois-}vF6HL>l~{Q&#?0)xrKeoF
zOQCAD=7%yV+D6#zX>PI63Rkw(oHX-ua=L1LYh(|Sw=5fu$@QQk>jrYUv2*CR3M{9M
zz-2(g&M3~}w@NVlJi9tVMlc#r=H&NmXN;+lLa0buI#u&Zq1PP=UF%;^M9LG=ojL=P
z5#?Y&r^f4=sVX1<{>ZRKSRu0*8Ko~c;Rf@`3g)BFA^M0?SUBm8W11)cEk9uK6d+5G
z=GX6=*xKp{nIllL@j1la+N1Y6AIzGj8E41=c2ts1L^G7qrm!%mK;EJldbtUWD<7U~
z6AxjNH_{MZWqLkTa5TVr3FZw@L04RHkE*JObGjsh500Y+h!x?$(AUDyoZb+ye_Kq@
z<F_h(g%BZQUEa-ilAAI~dh|Kzt0^PnZURU-m4|~HM`rRGl8RQrLG*Z{x1n!II`gep
zd+<gOwY488Mc>-jQ|Uy0^z1Ss&3&Y%V{wCyLq8bIX#@?O8?VmI5zuS$3-uW5O0G4;
zCS-u}IQj{&9DK!3<jYz>3Uj;u;n6d#j7}RsV|>3XTTE+Qhw$P8s%>-K5qfQC7vV%O
z+lr5{4RUBAhF5GNj1a;FWS>P!GZdyz0gP8{kMXG$-?F<V=cGO7M8DMV^whl+Y-R`(
zn+0Og!WEm=5&i9@Ob%i0adqI;c<+d=a(A05e~%kfVf4OT-f(4yK{t=}4_8_YmGT^I
zRs`8~Pwb%(;I8!37x=G0!bpkO=kK85sNN0HST(1lwu1rgA)Q#UM+NIUN`k-!CDR_j
zu1~4jq>||m!1Q^&5kmdCx$?v^dth0JrpI*~bt5q1sNKM-#jFHxL;uZy&&7bEF6{|u
zz9;n5p#uA+DEVn<__*Zm_dZOcdVX2>WRz8sAI8|ID^=rr@1+sMkZ!khzsd_D>plq=
z9Ii3;G(n1g#?ctQ>9)=BA2kT~HMc;M%?4ZS%-$}pRx?DP<JP1+p)b=}e(T<3iN;Zx
zox8*R<?Yx_+}@lBEejoOn^jryEjRzjrjbu{m;YO;V+nyH0FfUYst-^hiiHoEmF}1V
z^{C(|XmH()s4)8kf$S|+GI}mKp_}Shxd|(KR^b#UqzF}3(>tEkf!yn@t^E4h96AaD
z_%%TqvYaY!XmR+synfk_%1<&DWoA^ySh)i8Lzk>1LW-`$rpTd`)n9Zj*rl0^W*16-
z@B~Na@~zog&b(iM7=<4)KO`R|?xF>&<+lh=s%uUwFym-@56Mt+S;GJD0aDlFgQbt<
ze2-J36N2@5L+Q}6+0QpJNh3j%qfNEv+DI3N)CrQ5kvXOup251jk=JW5BwmT#9>LA-
ziJoWT+Y_4*SFlSVOl-{P2>s|cvINeZ%0sp3<mMb!^mUSxM`0t~p_mt}io|cq?Tt~`
zp<GhE7%`*ad5pg|E!Q}<8W$MUysPs0`uWU_&wZ|gYh*H)#goHFxQh@^u%GH{rvuvl
zZKp+cK%X<*TMEJFU{%xOVR$E^XQ6Ig)pgS!t~5rLBt1s3d9rVJ-z|CdN{g3q+gT%B
z*YPZUt}8U2)e>YC>b(8op5+TpUkz&>Mx;_@$B0}tu>Os9wiI3pi>Jyyehk<=U9O=b
z-F9cjktN%9x{W(XuK~E_MLy;4TQzhP8kO@7WcSQAJrfV<3ZZ3U>XDSjE4Aeg!$Bei
zMupK=sn3oY8qd%7gBXBZvmay8br7qvw99t&Rf4#m^}tmJ8M8cr<Wxt@vQwbt>la(N
za(x%KHdbx0xEx>YZQjjF3DWNu8I#UEX2b5$71kF))HiFs!;+n8gzX%1IpX_bt?#HE
zBAaTR(@m_>3gk&vb5BI@Z&12CTWj1_vzDdvmPA!4=a)|~g)j~UBdb)pC4-f?tgF}^
zg%H*qRX7pq&6$S~5_8pB(@2nuT9#KmWc<!GP0)E(6woS;bwNPRzX`o0wgJt<Ot11>
zeEyEU*IG0DnAPr6ZM^^3KtxZ&y^3{xSLlp$X2W)E4O7TIhD>6Rthv!cvAOdQ({oXG
zk?_}i93@W#fSZ`S9^h_{KYV6A4TJGr+zm<T85!$g-_L&auSx^f(h_~eHY-`qO0rJK
zlCyb&ACdB5cVKeN^6H{bT4=R}@h2i&xCld;rpb|+16TJgv$gl#DlZ}UYj5G$q4^mq
zSCqzw_P~k29wewAFjiE9@rj%r^z(2YRr61IH?N_PpDFFTa%wm{5_(Rshx-h86U(V&
zvc$A|>*aYsIO4YwdTvN5JKb7oM|Q9I?ykA-9;4eK)Ow5HsuHLvp4Ebp;2hrzgoX69
zg#<YfA2rI(IUc=}`)&;CcG@!oZ3>NXLa^l^=XShKL%A7LA_Ppvj{zWdxdDE7Q&lI&
zwU(S2A*I$}%df>#P25Ee&NB;9Gz6zrCusI%x-OCt%VyYv*$!HaQ#m)wUz)y^zqEXt
zb1=4*NeO+HWi(pO{tVWrGnO^0nEME7aYW|Oy6va*MV!ko1ntWR{yqfHIlg*O!a;~)
z%~X1?`q?ekb`i~oYMmx#+NF8AFE`XWBdx*6*I`DJTNp>?3@Ie7X|oMZm*5B=dik!6
zIQbWGkK_;TD*aMp*GX2sC>4k<iI+@t{Uj5O797$_!4v4zYQ!VluIPiUtrz|JS@bJu
zVx3!-?ICJ(MNtV91;x{eG)4`b{zohMy267w>dj)A9w7Z?%*j~64FR@ngXEh;T*X~!
z-Mds3hbn31s)stX<)E=mc-qEj-Uuc&Hp9<N05E*yg%Y9Y4IW@q#7rmF9{!e_f!dV+
zrOuxxcUzY?(e<DpAd281AkzO&le_9~FOswTKC-LmC{7DwJOTBn86amrkb>!71GLb~
zCxW3PVZY~+(8N|lWSh4p996gihwIAszp|dj-*h0KNa89kB6_TcSR`Z*&9Rxc`|bEV
zpB^G~u(9h+I}UZRtMf1QmIZM@?;{;Cdyr*w+S+Vc_Euw1NbFB=%Qee%+J)P(41bB0
zF=N6_)=9y%Az+*4Yhl8{A}j6odupH>Mm_!*3=tRY=`|che+H{L1~tig(<%cyCEZ;A
zelklcgPZ{FQi2wL=!AU){X^%6EKEl`6HX)sjmK<1VujQ%jCze=8H(X{BU>MA%GZ9l
zy4o3?$|URhmHYB<ktrm)t7Tfzy{o0F4Lss&+TSEPx_4mS?-E~I3yiV$=pVmDhQP(^
z=}CGI-If<7eX|C}JDgOew(zvGC}lKhq>)t&oq}{?)sll?LaAa|{tepyx<J6nR?Pot
z3oCmZO(AF&wqk;M`r~qD{#=OUE`j(M4HL?z$6Yqfd%7aQWDY?sUhyl!?SVVf0{|%E
zStJl$j@KrhslEA7(a=DNui0WPsj|=IFw`KuDS?thmx(ULA;^c2t0uDN45O0ngZUNJ
zpV<iI%8aUj0s)~w{qKXuKe6#U85-X;@aG7hs!$O6I}2Bs$rYI0bRrSaxnxy?m(ir%
zru&6aLkx>4x-3w@CnI^`W#f-@(x<7AeGk12vIK>76w<GsKp&kK{I0F)3{89joRC@;
z?eF~-+s;2dKWyfJ=yw?-%EH3%PoGG2-NSaDDpmOxuJ^%OXwIIz1ruOK(+u>464!KU
z@PeYKu&hSk?eYR+G7=Tl5)}_h=#X_lFWI1i)$MQs+gYPnBa4NeMz@;BklH5bJDW7^
zx@Is~E8EkOFvO&1yQrwsDP1tlZW%4pgA*XD){|U|io^GuquVReshf=)pOekrw>xq;
zgvi#JU99~Gv0=#ybMeErFCB@FE}6@|BC*+-@i<+=^V^9{b2O)M5zWa$I0oWyh=QR;
z1>|BQjrE}8l5iI4nxWtFJbQy{K~1S*YczWDkja5ifc_o%F`oDkx`(US>7Hp9%^m|)
zDgM|z)e>eGRrHfN+83O(G-u95oI9@-TA-IE&CjAwpB5AxDd=w*%<jEND%1sru8-T=
zEIgtQ6Mf(gm)HkMW}?l^Ql^~0m);&Y@d~}8-ZC#@{oedz$%Q0kfYID6*?h+dzS-x>
zkCSY?mFO<8%_>7VI26v>PLmO-Qd1POi$w;jm{0UuI!8D6#QNqiK9h@+!na(#qlON-
za{sWQxVLhpyOlblz{8uON{t~vINLIpKr7zO<d9o+!954b-9|d0rs*QG3KtdxM4Mk;
zmQrALCGW=$9jY0U+*{ZEzNA=0_Yq{S3a{iDt)p_&QCRx1y0Snz(K#I$1n12_<#z*R
z0NJFa1|VUen48Yz0E*>}lHrXZ=O|vbat-x?a2*%vb4Z|G@~!-5fg#un_D5e{jfN%%
zGt*^O3a4+AUO#x?AQ=hihqA2N*gp}E@bY|(ZONECi37&qR=n49iVT3HsOD&9cAU>{
z9s8!A;BEvRtMkJgL;YiOZj(Y%jvfbXTA?jD8zL)Kc><;>=101Wl8pPppN6=wJ}1xh
zReJpf^JkG(GiP`vcz!Y{2@S^3?v{OF-5AKTHk8J99_eIL)~;x-5PJdd@oSBazL)h7
za}%aO!7T~8IV<J|cn0!GvZNoF+Vwn*pFK#08Od`sK=wvcU-x%=jyXKMn=9AUM-%EA
zOB11Tlp(hrJzGAb)NvU?d{grvvbI9g-M~&kbC_cDR{8<%+(t@z*ibOsVCY3vJwSam
z)m0>%-EaJuy-MMTzsg&+7gcn)|2ez0?eo0NhJ7~u6yypIY<@BhyBNi(w@>~$vb4{K
zG4fuaTERl(y@pcN)~FxXF4DE+NUOGBjnU4iu$lIQsRrjumFcm=H3-?C3kB322ib2^
zEp+w4G@=g%p%WV&viOz;Zb;ca^fc7>+o4DE^PVMLFL^0s9q{np3{w&E0j##z-9;PC
zlekkVDN%Vx#B~L8Jd7jjY$qOV?LjF%nLrMT@cM3zM<i7ED%!$kR(_r~s0I(k#b=rr
zpoXA&A5s2r-~oH4xQRVD<N?Wo;K&ig==Tjo<BBBt3dP%<{fUA%nfD5Hr}lGoL{-lO
z6?vF4gaa1gLtBvD(#MWtqttS8NS960s&!rsgPpG!w}{aKH<S|nEQNwOyoveQz810t
z-n({im0GdZFbR=d%y)^^84p5Zw+v2E0`E^)ke2(($;}EP>K@XJGdE8Jy^`&YNKV&g
z8Al_Z2&Gw%@~@es<c1s%%9*IkQox|4m-B`_(yBoHq&(sIJ!8y~Ct@TEJ^IhDlRQP?
zo|z}URAur+a-C38TpEI`_Uf=7@-4Lm&-)L|<^e>&iM0|?@Qz$2%yV7e``r_nx7EOC
zEo(Kh^ccf#eo~tnI9-@x9)+7e@MlF$*%W@D`+4xAv7no!9|f6~P-CVn;wvZQr-Xbt
zJm?f2BqtlAW?*BSx@HweHG+gDYgB+#8NFoq5vf@4kv@D2RMWkOq&Vj_ee5a~J1nd0
zBa3uxj9?ln)6xTe`;|Bu9okQa2q>S5;Wjn0-qwCPXKym+3<clZt9>4}k(x?Kw$!NF
zAFIPUdj-RSqYSQo;peQ!O!QGl8yk#_hk0MCF}`Zecm057MQX$e-DANG)kBc$?n}JS
zk#i}NE{^Qt{!A+FNz+0$(_ap-0{v7a=+k*wEO#&_b(>n3Gc^<=ecKGiUB=2a1(F&L
zqW|&Qze6h$qrTszgj+Y+QHrDrpwP4KK)tZ7B_}w>oq{yZGkD@Q`4}WWHwSm7$N>3$
zphZ(@C*tR|fUYu$k%nr6+w;E##YtkTPqJVjAc#=^eRTPIE0nf#F?BLFef|2zKNORi
zj{Oufj(}aO867UeCM!-ODCB}2{pJ~zh{zNt5Ka^$YKNVpa?VhrL8pPs4-H-J4bctg
z19kUK;S42|l&Cz$ed~PRQ?%m4=1$`=$dR!p9D37kx-8_DV{-sq(@(%k7YFhju1pX!
zBfcHO+*tEr309Y`FCRhhTY^Ei+}p)eNlqzeWZbg`GC9w*bxXZHx9Sm74Jq{ST<q&b
z6G+O*d~?K@JMH=9j^NrEHNLkxbR6@Dc%`i*mTh6z6_ZHkaj~6(W@|}~flqD0Ke0sZ
z#Ot|5YZ%G>C;aEO?p)_1X;@V?lyU4sw7LCphMVJY9}sDp^}|Jtxtqs&>t@dM`U18W
z>m-fpRRoBR%1ub^1;R<~hJQwbW6GeJ<>lSg^`<*;3=`>j3@D3{R}50COZ2<R#D><!
zWR%=cuLZ|Q%iW$RUn-r~1c)zeH2tJJCCr>OW1}#1mfNLal3|l0O10huHBVKq{dOo@
z>7~1<hb)V*0wgG5EZz!L>(QHGd1NI17O6Ccetn`IijHi}X}al92;d-`AnsL*0piqR
zQk`EKC*8M`(Z__;0I}dJ!&V}}3Ln*S3h?u_Zu_1&h#tLQaEKm|V-O<x(tw^V_~*Ic
zVnu3BUeF~}r&Et<d1HO-ri$_PB7VttMz#RriiV~bxkLC`?|}}|dL*cM(eMT5fh|&n
zb@o_Ir1%MMDD%*OYc%523SWtBIwxX((YwSqw|l81D#@|SC0d!qf}!xKT?ksviD|-j
z9vE$LOlw$2Yi@o&vHy(i44SvL{0p{skS{v_Z^V}QcWx7P6w%*e^gT}{GbZ+6eR<;{
zTDgE_a(YJI-Hp=GODlmOXy0he=aOY<R)pD}M2QxK><1#0csgtcE7l2K)cQTkd35;p
zFmq`1SV+hp)Z={;Y~*^nw;t1*7<|a3ZU$s{B0KM<E@lCk&Dz*rAnQiP`#uI>bFV%(
zOb~bCq40SOON>pdTqWz4tz_yMT-OkA^3X75h|yD$bhqb`Q#vrbZda?TpdIV#4Rf9i
z$Bf_jtPCR3`z*Ce*&)|%Z*|K)U38WC9fZokl3a5MrDfCp%5p4oYR=#-`@5WU-LJ?Q
zELvuGv~ZitO7O+VQ9RfzK?W)D`<LA8z=S(1F+K(%ZAaX3pO`BttxB~qXulNhv)Ksh
zjb57rzA~lw)DXg%xvC<@u<ug_`ffD&^fvvk;9gnV@s<6^JJ=+m6@*K@V2Oq$7AzyO
z62z+MRwC9~L-@GKYRff+U=stALn&biJT-Q7W_JM6P&79AmcNU!_Fe;|eJdXd{OOdQ
zXo>IsuJ5At0mfNuS!OyxhmbehW`P}_ih)mEHA=m_7@Ng}uBx(e6mw}Ox|$!W7f&Qq
zU5q#y0U^PX4=E<7+UaVQJ>BdQg_-{`CzFLfs}B+01!enfkH`zTBZ%WtSqh=1Kq6vQ
zcJIJK*U8W9Sk@7thV>ssO{`Yq9@FXRCl>)7*?D4TN!`t1mbwsV10=Z1DGr`6KAF26
z9*6j>Lb3N}$d(Kww|nU%G_od*R#+OA!vLi7R1(W<v))*JBCX?X_@<apkJy|W_&<|t
z;<Ts$`ZAfeL;t<x{!ww??W;_^%&5u9Mbj3j7!b$W^@*|__j+-%rKG(1+)oI5+E^kD
zpQY*e-`f|kHE{E8g5M}bn<uE}mXIm%O$m4_jNZCk5BX88`up5Mt-)cnIKXHLAncJ8
zhpuBx;;=BMi-3_W;L3jMY;vQDZ>l&<!l>Fv58Q{c!)Y3DsIzKKLqpD{)7qw;_ZbYr
z)H1=zG^j6c__3frpz=^Tl-2Pedl|s&8n=Oj{jLhf%WX?gNB`rrnL=}53!gcQQYW3V
z0;wjdpIIirPQNU^ez1*W{WiLK(C(uc+mL%AHMF2Rtqep)vb}eYX)_=xF>yxTn#BoT
zzayz@C{PXWyy`^EA!psUK`+<8$msanHIcJLIEf%dL?(#<6MwssmcjPVk8KA|@)0gJ
z?gQ!~_fdwrQz8gh{4wP;b636!M+uySRBSAHmMXf(DJ5e_hsZbLn*9+8(Otg&W}*df
zd#Gks%IX$zT6xG5U)_JOj3Cx9Z}L=KglB|_gEz`Aee*?s<Tl%2_L95U2n#RRWn&3|
zhL|1vS@6LjLO0DLOd32!P7bipjbMg5pBm0zggBf=y~ZM%XZwZ4rLo-sXm0yH#v`e)
zc<aigL0}C5`eVwfdh^R@SFrZ(M><wDwzR2y)lCw|O0Z@Awy67#I)2Er+oS&+fst0_
z2lC6T6EC(4GxzO~w=%Mg!4_j`wT7Rj9(ilajaom>|6si?35+s(Zcov>4ueYwj1)n*
z^^JS76NgyB^jkwOB81s-WfMk=R-3gcdwZ3mJ@9F{K|BR2n^pHQ=X!{_HitDcFGdNE
z9Id;xwLTiOmi)(fe7dMCX|bXv^dmI0)b~Ei24O#{@86aj5b3#8L?!L&fSPu1^hNm_
zLq=l&Bd~brYT%rq3GB!4j!=#tW+k|%cBjD|uy*j~KcP%v;*9!=^l6Z<*nG>itcW%t
z)N?KLLK+v2<4)rp9^<~rGp*@cH!_2m(xeBT1Jt3g`+FTxQyh4gL?SK1{FX7=lBCud
zv)A<V_y29)r)_yYQ+nwWuuy;R-NyQdzR`Q_69O-7V!B6NP3b}8wN0S<cBSHg&1?3A
zee1rdU5-8+cP&awQ@_zjmtq&Z0e?{L<!iNlgD20tJaV)&#^yY>ltwJ{)fd`<m`*jd
zgW|eXSC~ixuIYm{5f;DhwL=iV4W-xASd=cG;Z@@_y=ojEW2QeePV1}2@wG<qTtqGU
z(s@#t=fXF?SxZ+KE;b%<ZyOJWZaMK8DCx^^@YYb|yH(j^Ze<c40R&&Eb_%<}YpV#o
zRgwY_vz!bz2|w$LxTcUaR%vJE&7;H%9e=fVdZe}KHA%B9p^kJHWylm{-_{*K@Y9p2
zn%f-5QTRE<!cgyHKck#`OT-XwQK_Z~^}s5<RoSQ99rb<Qy+lO1lm4JYP`;K%7uDH+
z^veM^DHf**1|69RpJ~77_dW(S9}I`VKJp@;n-Z^*Tg`4XQD2)7w#4Ww%hoj3Y5~fd
zM4XSflrh~SrvYqobkfD!A?gBEhk>D{P@fo~%Z3JMrUZ}5qW9cyVa$SCl1lngc;)z4
z>S^%%UK+&|QRTa51fza+T^;+Zk|tzAfG2$<2gIRW;2arvR!|+G>iw?1h5D0YS?^RG
z5f~8qxr?xCQhKsl_}Yl5&ayvIrfL8buXJ<oXn1_bIQ>hpv^JH1tZ_|)2aLK7uUOF)
z<ab4B!?-6Tr~^b9@-fN*@yu^pZ{i5Z3$6)9kwG=k3I8c_yfWV0S`MSo$o4Z@Az@n#
zuaj=Gh)(i*QpO4rY1zNDim2A6gq%CbKf^n6rf#JA0x!zn3@_Us@E$7s6W#~mQ}}u-
zomlZx;$AUWLt{)bD1ZA#(cd-BiVS*qFR@?%vgw!4i%_H!5L3$sqmTS-*TY%2xBK_V
zAat79oe)(mtMy=KP5K>(OBc+?>&c;u2y@T?T~5wAQm-ntVbSJ+${%-_jf68ssn!P}
zLCj&I-;vl?qdZN5rW*%i8wmk}LkLWGGL1n3jIAQ+QV?xTtCTd%aaaP@9@BH3L=cpT
zl|>843)-dM-d1Ooxk{gle=$#TOH~ZUxS|376bXNEOrhqE<78ddgZlxI<aYlllydI4
z(@ZWo4fvtcgKD~SPt<rcX?Sh!<CYf#Qq+23JHeF75V8gVWcu+0Y51(nrAvo>g4l`|
zmiSWYrEe&0BKdG<!_O&l{7y_3Z>MdFKGd3O#sW=Tl0_O(qCvr<{EdPDHbF|3A6=3&
zq9c7^Shzop=`!<N>J)WG5(6t)z7=;<k1%_Z+eJcW0<@b|&n3!<=B_%r(1J8lz-NAJ
zC0Y{y5;{H*Y$D5Y)0?t{ltjl1iBX%$w&j*F>g7~HFA{xjHlvvK$XHU72;La+ZR^n5
zW54ju8{58V!4~ZFB>&8^Q})Wxfc4X7hrVi$boSw?%T#DvJl2o#)=mKuKRsGR*e-5U
zDUY?{XQjp_H7ghh-p^nm$CdhuUpb>`7Jdx^T@(-Bl9hHs-Ekn2B8MK>Z3~DH?T`#d
zlACRRbB@@o=>NtQja(=Sm(&#YyZFckYZQ;}Hv%)Mbh0ss$v(3EEFaM86Oik3)vus`
z=GSaqJLXlSKmE-jo&67yZu?SvQTm=`Ws!dZ;052@1Z&qb^yi%+85_a80Bnrd-mX9A
zw%5FPU`OXeCr^%N@cOOT-tVnwc(6>&Z9|8n!$%Kx=5B8O&$qYm9jX=b#%ObT&SWtJ
zcH55djRN$ZO`GeCq5za$ir4CE`)w1eOT<^`kHXvcT6lq+I8HCarDfE*>FaPg_K)F`
z{GY>R*RSCc`gOSEM!+l8PDtK=9WJA9<)i>PY;}X1@3V2=n#Pc{mTG5$eS#lYy%6GP
z_9Nyrt{t9vhtcbuhowM__nFZM>MJG1T!y0s0@dYAs=Bt<mm}8PTfxe>TJ5S#<OfE_
ztxD|I!prNRmPgKVjyO}CV*`)f{jewWsRctBtKnDSz2|tj{mzum9EnYdJ#|l5LM({|
zX^F}NlWRJa@O9P@dJ=3GY>RN`3DE`RBPS75sWz@W))3fajvVgQU)de+q7BkWcwv{F
zdW!Y8+RL(?+LBOGAWO&_jb)o2r7YWJwNMZ>xF?N}R!g^^<qUb<{M&dresto`&B;7m
z^kW{U4WskyySWuV#XgCl=5x+4OGRcMqO1$<wy+K`+-M?+TUcO*PcIey1>L-f2y)x_
z?7Vg*JwdSYDgr?M9bww1fo`yRB=90-@>{D7-41$2(D1F;$d#ccRtQ097sIkUM0BCp
z$1~&sN^+qrHgeOj1GAA$yh|;5LsVyShRJ^NS905QiI7iVke#Re|BYNxJFZ%&7m+>+
z{kOUzf2f9czoyG4;H+I~`5S7u70mj?p^Znd{3RwQmV6xIltWFZ*(@_R?H?l=&ry``
zCD1oM3k`ahHDVT~23RJHra50_+MBg!9UqJttTuowb^DM-lUf5A*|vtqv)-b6(O;Ow
zio`hHu{w;~FYQ|{F<+TMH99PI62iMPEE#hvyFHG^?ib5oHBat4>wfCz7wtPJ({UqQ
zMTCpq_~d(JN#)1cVVFVMBfvPQ%TjmHuc!H<(XA9}-ru>8=BtxZD=El)3akE{1F%vr
zd;fVbhyyh^+u?&>sW2PWMI!ajSZ@l7ix%{jw|-jf&Tuk=XDy#`TBicH2RFqTlD-jO
z1dfX$5Z7LUJ#t~zLw^!5n?n<IQrqScovMJj@!1<;)fihg&B50$+_{sjLhJnmkpRRp
za^Qt&!n<5%-r5?S-s8^VLXiECafo*Qy((y3FaplgZ~oi^C;BT}t_W0cnpPr(wy{Vm
zTV{n`)0mPdc_ef;lW0CA<wPeqJ~&RTBU-TyfoMdOIzgi&m@VhRX;_C_0<Q|1Up5_n
z42un*yO+AxCerwQ;N|z!?$i(({HfGD^w|hb;P&#T3_za3E=y(nbmB_3!ZdW|dKdy$
zBZnOz`CB^DpwmeIwJ&`lM>AUTtOsV%2VUG}zD8}DrMVxUM)nrUwa9BFDE7eSCS1)e
zMvjIf-Y3r1(TNr3#(Q2P>NRcpzq4t?Y1G^T<)~XZAeyXzeaDD}SyUe>ijV;9g=nu4
zyxk7tDwSG=wK8NCKu$PRwP51vW>EQK%x<4l4c-}{@o6WD?Sh~X0eiP#8X_Jseq=;q
z9z<)>%|v=7j$&qtsxt8Da5wj0iamqs8RdJl?lqKVl{q+K^9mxl)8POjxwC=8uBw_d
zuoq(nM2B0}SSNTY(7BE?KkaRCQ9wkK+Bd&IF|~=T`$*uiRNEa`L{YeWA=gAxxZDr`
zk2;?GGweNGw9iuge2fJPAFz}@x#I_QIl4war6cB?gW!V5dy6pt5sbE+K|>V96Xuy4
z{6F7u<Ui8A<X(CO+~4a%{zK|4zDOOMry>SD>Ieo8;gesT0_{}crBl2q`cMP)sd2G}
zuw|5;Z3@m^FrE@E3R@85G%fP^AX!+9=|!iHKJ?i?O^vR9Iu-({Ffs)*ZrVsLhum_k
z4A^g42Yl<2M{dL^dXYL<lk-XvKB6a0J<J-bh|mC(&{{%^C&ukKM6?+);Fm)fRegYm
zx<(7(fzx-2<KGkx?LQRG5%e#G1OKXU{KloeGgvl9dyLT@G84no9H0Z$P1SOrhjUxH
zVs%s*MwKey2Mn%OxtjgZIgR6or(Ze+UmjL8F`P4_F_gdTi$vdek?05KsN&lCu8`wC
zDI$gW>Sg9#zFFL7vs2U?y%oniN_pe}EWEN$da`;*pNo<8-7xb>D~5iVIq<)mIY|F*
z=7^C*)7k?k9TOTdEI}J2gR^JFU(FmRWA-%!RT<7E-;eKNtXq!(Y2Oy(U;0GhLn@M^
zhO6Ayp%}wxB`)+UlM>Os1hNeE&B8(eNBu4n=gbr-(55Hqb~|nIaU3<duTxVrG(=s@
zJ_Z6IVb2HYQ)u<s@mFj1sh3XSaU=B3M3XlHA8XfWIA|eMu5_!2FgHsghj9$SSFlLR
zJGz8p<8vLhbp*6w{YP*UD}%VlOdKprSLO~9nL2%$%!t%p&o_Cm8Xb%g36z+epIQI@
z{V>;-;A7wg+uJkMj8`KvYlfb2D!Yr|MWaviTlT(abZPq?_@;>arj(o;#6NQjvTMDl
z_QEah-^(rgKe)9+XF(BAn6$xfAjh!CTY`g-nw+f6wSPmdR{xP&NleLe#YS$!tcGk6
z_7Fb@0u3_^S}=fE_yNJ_OGXJMS1GktPj-YazcYXKCm}(9PzUVS5fhS2m;OzRETnEP
zCNexxl~+?QGat-mZA~7ga*)o@CHl*y?_oChC%?2W{Hm-9{K2o<Z~S6Tiv61#=_d5c
zjnsd2Bd>xa%Iu_hnKlH<>$<)$6;>nTc$n(u`YY!B3%@y61~2@gzAByH`F&A3&Wxu2
z<oD+$OUMhq2o~+KENJCPKTjQUsPH}a0T_<Pv)2SAO7YC_FG7cnGk6GabRCpJC@$97
z5@}=_Y*P&3NqyfG_#p;N;U={^5t;ZMG6!*lW<E+^5|`-SNpeF54d|k=h@z)*I^axc
z2?v?Gt1kY+EZcHsbK%Ha)9j>SOW2i%XSL|v(mTSb<1^G@7*{ss7$EPGN1d4}XS6n+
z`V{6PK>pGlU9@3i(C1upuYC_@$QV$O*QKlB!NWS<Dz(p6A9E-6`7B0*Gn@7bg}LGh
zIRinq?>i9kXM*QA2dOG;a~ZTn5tVQoyQn|$)RutsB;KA@dPIE>c=f_0C~JL8f4d?U
zmZb}G2Uns+raULMBV2Kym{V+II~zA2#FvEK4wFN0)|^=HYxv1)hylepgt*$^1ND)0
zf)Sp~KK>VtPW7VEb0lZ?Z^7&~IPHEE`~BNb*J?#{C6r(IMf!XB<@iVb^GoTx)ZLPo
zy8HG7s9ld?5}ra86;2Y6O52O)vtrlhw#z#;EJyd{Hi13P!si6~hAYy)>qYGZOKgF@
zjG4pDe$Jz5pLhC>?N>pUx&|S79VQr3;QBY6Ks6j@y1s;36IHQc-2XOaYGd=;u@29=
zb^76S=h;A}e|;S;#V%t>>=!!|HE^<L6YU`Rblrm4<6v4GKZ&auk}|Z+o|F`aEW^uD
zXCT(&*VU;!w&iBmW=uK}o>skE00^R~%=aOT43-GTj2HqkNE*x1GtoZ54j5dla5VW5
zavH_U&8cDZF20stm|vw=Ri;Yg)g3wb{8D=T*5Gn)kwT=zE9o;4uHS9+XDH@};eT$}
z7Y>OJ)+#9{%Bo@1MPifuz4i{g*4|lXyT!7-m)cADQhT|77!#li`p|on+-Y{Bg>aXB
z!IcS3shg34ujU}VsAH62izJTUF90=9RjVC6l&x&hT@*kbLRcv}C`Y3D5n30{S7z%)
z=m+8)&=ObOm4`$Ss>4~?TU}_!p*JC9gBAVZb;8`nr;@q$)%i7H5^e*(Wq^ZrsV(GO
zu9KjuM?d#TOmz`~0q>txWq}_PngH2AV<MOESA%2+bYTxV7c@O@tdHDM5xri<C;7_A
z)seWOr7lM9623MEt&6l03F;;st#Su_hqTB6N{aerz!ZpZ2JdKvMUK=EB0I-yj`1gX
zl!<+qHVa6kFfr!{g0I_Qj^L3)=a5WiDU6Yv#D9Tz9m#Ho>gnHpqXqB=m6Lvf_a5?Z
zg_rXm{)pWaGsYj`r7?3m6oy4>ja<MDTX1lZtqm=LGP_@Ksbw2fYwdDv8>W=p8^03}
zevA!X%lZ$ng?W@8e1#5-S2xk0A1)uE10*%GzF}0gY-@vh>N2fC*?DPRI1F{!0w>=@
z4%yl<%rX56FaKq}y#Ezm{%-6Ip5#}#@Xhc1!`Q3+r?Ch4W$Xq0GWMXNrk9iJ^nWw<
z)L!OGmXpE4U&da{Z^oV`cKp|${uWM;oHo4}Y31eAk=G&&nL-G!#@<syqVA`@JeJI*
zELhw6hi;aa@$xWEvr<hl^qw-UUuUe~1zpFrU+7wt2v*k6=pvp|Ve30$pu*y_en>*C
z%|hFH;g<20+f8FUHbEaXfoUIlKw1NLX^XT^Uvb@{9PE4+iq~MoB*IkR_O?j}u36I3
z##Q~Rua_5!31zQ?q?V$pQbhYNzFyO&4xs|UoXudb$FJ;C`*Q2ei(&}(+E?rGJ@{2~
zNp{CS>@HIa%P7upw;-n{`9H`fD3||oMXGzNebOy83p1FJc^OS)D2nX@yyAJ6lX35S
zhE=ZUwf48nOPOYqqdTmIB>Sh^N$+`ZH4A6I1(+(6-m9=ShdFa2lP3q6T<CZ7kgRoe
zLl;>a#NGmziiKi}(8z@d*~A9XYVkQ@hNgEMAmLNVtOHq9rHEtl-OnJGy1<vl#vY*l
z3~kEdk3+>5Xu<y8ip%wfDe_A(0R5>f8(?+N2J@5@Ai>Bjchv*B#Zl497A9$x#FU%=
zsTp(v#UMA{L$BqbY%YscmI%|zsB4Wy9*$+Net!C8?8Q{;cD!IaS5JD@q~DFWbWy$b
z%h+@7Vy>!7{NPE=)l{$hb*rI#0pWb4%>f6>k(w`X``DQ1`<p`@K>uPDbCM|#TmB>8
zH=+~)5_$6Xe*C+!n5j|`?Hv4g764>0^g%b-LukUv>616}(#!JF`{G~hliY@jMd0ou
z12w21AHCt~^?*xdR?a{bRjDVdlf0hG#cE7dlZMiK<`u+xhbQV(XBxJf3>Bv~ywF|;
zr$)-UnL+g8fNk$ONtJqSKEi8x*0{zTNmMQ~+ts%r@!j-CC7_kBW!L$IT_?0S80%l`
zCctgwZEP}@34VBG7m`@eis+{x)<iCY!i(NLo1n36Q~_<E5>s@2Q4Dwex;Y4$0EuS%
z?Rs_JS4)}#%3c-eU5sk6TzOM*i`n?5@o;KOTvJ~oZ@R}9GgXdgNw<n3GVRhVg6`PL
zmi!g&cTU8uooAXj)-Z(HsBQSrC6iND1gp@MKZV+h2Go9Ix1@KRdxV{SJR}vG5S#T!
zZMj{5Hmz$5JKM!Ii)fqqfHsAYtZiw#2aLKs0jcWqhl3px!|)X(aCM2a1KEKsw9$3`
zSWTpX-R6J@vR~}(|IV(|XV?M7zDOx8(pF{XCOKOq4dxiF+U-(vxV^E0-7Fu}UyfeL
z>YveF4IJ)!HS{3<UUa$tr!YlH`2nQHN+*`$XAo>}H;S+nCK*)DuPJT#bxM1FHKd{a
z1B3=W%o`EK@?l>?_j^yXqcpzr^SNtc5F+E(DQ(@43%-9-9kh{U2e8sbhzyS~^~lV~
zr30O@q+Mm;xTr1<{C?**j~v9ESSfst{F=JospFnCFvxj^ygGX7)nlfTuZ|x6we~MZ
z&l)ktOMAYcBe?dvQs`S*x)~ujH&s{JNgvc>?T>`pY$PGRqaAbwV2|FgGXlV+bSo#I
zk)G63i~IQ6o!)%d0P8yqWt`&>ZEjz~UtbqtplQ~R5H;p5T_n@Cx-B&pKKIootI;ma
zM!vR<@6TX*6$^g5zbfwhJArg#(Iz~zQH3uD)TC&$rmuz`9mQ*sBJi4|eCy+;{6~_)
z;Hc)xmZ;!nSsaH}%|?2Wi2V__SFt;4B7jYfR@!_!N?ot&FfP;-%3k*BU1)-8k=~NB
z?bQAW$uP=`&Q)Y`jrC|TSLIaDajPt1(5}ozd`(hR?X%09Vr+j)QeLqo#@odxTuxmG
zZ4@aui(%tP&wdTvZ;6j^l1CGOo-JtSx$>e#YEA-3<5Gx<b7nw6;)Ja>saKhc_abwR
zUt}%|YyGEwKLxOe3wLHiXX-c~4r#^>w4z@!_tnn>@kx9Q-QihRWA87ZCq>?G6|;aB
z(v!57;OZ8zgzl&IU`T)7!WF&qFlozRS`#GNc<Z;p^=EM3U=&-t#(?mDFStB^5v0({
zP76U9=R=^V^n`s|T|Ase(lbj>vkYmR6w5yiMP3udJw9j%lw$wp!qw_5G&U^YZ0`4T
z_XOTSMlTNl(^x+KhfYYn{-qO|-{Pd`9JXQ0^zbL{|3<GegA=D)*V|XA3!UyC_A5sj
z{*|N1A~500GzRJY-{dIx@!Ju<T!tJtngcc{eO&C_RoRjw<}G!#2sR9Sk+ZqSw*NUt
zv6mXSlp(<Dl3sqzQ4|Tl(~l?d!e?YIU7CKyC`95*sWZONf5a#R)}1rV-cB3hlBjXj
zw7<nDZ~vzl<!4>D<IIQ>@50AQGntOr)Nxh)M6*<Ww7FjJQRd2}G|z(HzAqB@Z87$@
z7zO(uF^Znz?=i~v-(!@B<lkeI>HU9+Q9{+ljwPXZAuYLzt|ltSD;_rGqKeH0AP{1n
zL-~MrmXpkiT*kl0fPJ8NrR#fFzr}#&(%K}yVn7EN^>SiT)%%yCOI|JI4-Kv^`9H)c
zq5m4AK*Gl7^!^&r^35F6dI_owk=V#b;>^MJHsdZ8+5@~j0`6~1|E=h9qaLY(fr5Yx
zye#kjK6X`1t^W1D5hw}Bg1<%aEk9+<J}p46WT<n5mo0w-gm@naaln<aKHoG-)at!{
zHb?&e`b6!>1g)(JtH5Fq!)0$KD7d-;y7Yf&d+Xpjnw)Rc%*>3(%#N9vnVFe6$IQpf
z%*>22Gses@Gjoiw6Z?Di-Q8Pv_q%`Hcekc{sx;G6rP4@h^~_JLeGciQLmje*R%&AC
zu{Cb>Q~6Hn05+o5q_n!J)XBo$Dl;-eU(9dpv_?#Zl&Aa@bs#-;xP-WJdV=v62;7J4
z67Mo=%<09&#C6FPGtoV_E-k_pnWybk<@nBaF7%l2n%?rHCV)%dSr|3Z<hS9xe#cH;
zB`B*vy|%|$$M&Bu12s2rr_gW0=O#l6AA{9sv~_-~)p9i*sV$Z-wF{pU)<FX#dYFR2
z{*P+@iPemwP}GdOzl31uaH<$wB1>vt|7}@3Jy;i8i4O**ECvRq@E;TU-(}sa2XBIP
z{1oW?oVmU}*@kAqbA%<HOa%}LgQkFjh{908367-AnE~kjxB>}6*tAJ5*g0y}u7tF=
z0asS-pcF%}5;tIO?F5@v?N&BcG265lCO-WiW|X{A6bWp8`(F7y5a0Tq-uB++2;4sn
zzk{1pyF?@LyW~Q)?*Z{?_Npk9ELbXd*-&Ykn*7iaEf^)ZFY~8QuqJt+V=Ng5tJr0D
z6o<|!(xZW0Nb5Y}<+iO>)V@9vxl{)Z_@D!#_DTg1k$`xZAjNE&DIh+@l_b4o)ej!G
z(HdI6J+Td^37LLf8GG|l0evpnr3tCRl#{Y8?7lq}xqxY(_sTLW(g;379?0ygPrfgQ
zuWcF^c{<5TtSt}hi?p}M48~>k!DXkgmwcRLCH(6=r2?v1mmwxxkf_ZlBC^kOLF8gB
zC$OX)3W~jS5iB9aYLXp7!{lW&ZHXkbsI=;qu!uFA4t8}wcP&Aha%qdqvCx^#&#}}Q
z^vVjsjRH0yaq2Maf0O8u06pA8ptGdyLvY=0vezCz^idw*;Qw~mv2@s-qT2eNug$v9
zU{QA)4aD{}V%mQJ^nj`!-!VQ!hU|53Ju!?}_POAlP2~O*K{}7%;I|(n<N`5w7!MM%
zbieVt!0u4&*I|4}j1?TrS@a+WG9M^W?_6IUqoChn-7}-#;@sm>>`)%CNd8WXe35&#
zhrdm^3xL<B@)H>{#JEYn6NM*DZd4rdg69WpQ63I=XpihhcA$#tmDer(ZgPPVtwIQI
zo%mhILa<T{_dF_(%T%ocV)eV{GmdGXB|(IW3E2mML@JAH*aX`q7@@|;#zYhlVT#$p
z@MDIPK*gSVHvVK-Pq5M1p|06POwn(Y!6!Nz595@<KTe7(Sv0f>cQjhro02DZa2c!n
zTs{uGjhw@A2ivlp@gEno_{1G(oD0d1Vn!(m#GDe~TOOutlxCCNYo-{|4Rr*ay^q7?
zPc*-n>B?UDa<;F(F6Xbyw)Ql^MRCV0G|!=gK{T<4>3Y*Jtd(NJt^V5Qi*rSXvz0$k
zY}2#oY~Yd+tRFS)XXzNig>U>?vP58ylz79S>@W_J;n`~LoR~7M5o2RISj(QQ1b{G5
zH0_(lT(<p;6Co^xLv*n1;2YK^4)i-LE{Ee5UVWHEsYN}LKC&eoLz-N)l84e)*<Z3&
z)Wd6hm9m#xVy5-h=11^31QiR=7A`_LN+J^$B%-J<%BjCpxT4ZkLtmas64(G$vU}0l
zFNg0{wnOT-kEoeW<a?0x9b_6<s=1_XituF4Y95c4C8s4h`f+SbISkH$E!_AH9X|BQ
zxkD8(;fiqLYI#=f?nACH6{wL&&eNyH#@F_%6;Z&Tps?JapK!-;=uT@XqYCJx<enN1
zW`3|kMU|1TwzfR25}P{M(PMt(!q;eTyLsW8)&2Rw0bvWa0%k(4crhb?w))4P1VgJt
zM|Lk<MY<xPe>0+>^?gxU%<VZ%34!;YjStIdlW}+mYFxJGcut|x*3d?8lH3G{4Nvmp
z!nBh0R@pw*p|Wv1bA>mxy@t3d05(9$zrOsI2;j925^)rxuxuiJa-_YY0~PbFS)AJ-
zyz|1BYvHNm2T62e6=Y_hvl<v?fRg_bm|9WErmbpo9t;_pPn-Ii$d52qHtYh31zJVr
zI}0gh#aW6>gVf?6@?~`r6j)AUTF-$-FT0BG{7cM@9Goe#*F~&r#l7T3_n=f;{I<y$
z_yqeUba(2jVttm1qHakE&{w7CBp%P7g}wWPa2ubz!IP>?8q&J{UzQY=1dgovp)Mfx
z^3d4^dp>kO!iq!3gS5EkZr6$zEMO;=w>^zwCsxPIM^c8@R@ztG^VvPGWU~Penn{tj
zIY00EJZ#8usZJnDClvWuj8Zb3p|F)>`L(|QD1g_0=tjQUMsnL0;eFxY{j~M|92K2@
zbi8MS9pBKnIvPH{7fH;GP+K<8DoTW?PKi!-e>>*2{dLxsJqY&4IGmN-5@GGI8Ayv`
zvzXjFiDQ1SxE|KQ4bp}x2B)V!2^TYk!A`Zu^!8Ctn!94m-mUz##)2fBJ`yULUZJjC
za2@kndA2}7X90Qvv;c?@ToD!>0_SNbnY?RT(|h-UVf&m6L7-;^tQ34U=$pX>ge@2k
z&|4k^?EMSex*@_LRVTz(@Vs(9Y=N)@x_N|db!ykT=+}-A<-HVytFTRMKZF9Ddwl56
zpt<PR+>pSLQ*1wQV*t+)wE0l9?)E%QILEi55SIO^(osO)&`w8xQVQ#J(H<F5tP39^
zoG>v1f&aY?1qFpcuViiI3V9?KqV#!d>XpjjA|UC;H?hx1^^Uc#davM)P0fKth~dB<
z;RD}T`;O%m=GQXbDo}k8X<Fm1;Wa(P`H=rAV)-YxAFk=32$%tPBr)b9SG+0Xr{Q4W
zo-j6$#7N~%(67Lc&XQ!#&Ol4g1<$CgLunPHZ5>+uM-M?PIoTzpO6^-FL}19;#AT%&
z+C3z+@JPa0ESJcN0-O1#xt0|bE<U7WZ<wlZaUrs>>Ye&;hdo+l%hXR!m&bCtJHCMW
zz5e@{U`js2L6&=A1PTO%fN*I^f%3gIph56ofjPwB2bQMB8C08!c&#eBh=>~`y(Ucj
zuo@J(2$-)3I+UL(7GtzY_;YYc;M+h_Hk(VS6@5tDdZ%4shz$a?intpXGT!k4c&R3P
zP-{7Th#?wm;$ACB<|O^?q$2$EZ-RJrrUG{H25R_Mrn@2vnGkVNe#q~+^{IniHib|z
z6mlAh9F4^-??OJOnIl54)}rMe&DkHuC54#SdaFdrEef{^j3u;sUn1BO_pqQP(b>Zk
zR43HJ9LOv5SLKb*Y46luvuHc8OcO=$pRodYltNU|*+DB74wwZ^s{TA;Ir|o>6PC8|
z?fAuT;^C%nh_GX5j8%PQaMi3trgFwv0l`|gF|g(aWcllr?X(y6@XCAJS_(JrqhtAq
z2=4}s<UoogZBEYuqph{aXtcP;qlxW`d_T6j&EG;#a(F{>@lNu!7Ro+9vLVQyQ?q5B
zf=~9WynyhnDs6kH+??+e8$Ve)DY|bO6D`lbV%l$>|1O+s=4fJ{Mqj=#-x(7T{MAYX
z&%r@$WMIg03Mvi;C2G+iP-2;uvVNa851bQ)lZSn6hc?}qBpN{jJ$Y5dumb+Dg`1Sy
z&-@&d0aErK5v`nR8p~B>yK#oQoJ`V&PL0%)^aN*~tb~9_dT0U}FAoFwDUVB_yfcM~
zqJKeL>7?dZ4a=UE<x_G=o9kinU$vOG2yZFGXBAlKYG&8ddu6I6GgyRKdixt@=axp6
z(Yz3cZv|ths*~Y7mEZADHN4C$Hc1iadx#Nb?zR_8`keyO4St(_Nh{e9;vr~6B#HW2
z=9);9%3T$aH34fQ7E;pb?Vl6ZaK2>sWhwD&txU*U6J*)}#eeKiTS*gc6l=4_HR3Od
z@j1egZ7~zA(jyy_cr1o2ON}k-EKfT}nY*#{zGQU$!+&OmAk_OS0r8VTQpfc<SO3~n
zN&PQ1#_4V}nA0*#$^DN^6_47$Xp*xj=?Y=|1O}h#rh>$zw>TQ^JTL9W7~UI0I$0AR
zzR8sHrvput`T?p9sW8x|l=%Qw`Ziue3`krOv8t7mdC;Q2ffwxo8WJ~&M(HZU9G(0c
zs$cEpW2OTYjxx{q&u61@|IJiX#+NtmmYsLp8ph$!$FG9dvx?R}LcPYg6GyV1yQR@Q
z3<__}AEjq~VRMR;)rRz$eiZcc;8_tUVwO8W&>#g9gZz$Y!t4y65=W%@R#DroUz#EZ
zl)nNK$RCQ0ktE_8P|^jcwPBKU%SR8A67M}L?BnkJV`rhK>}TuGPGn*-ah7bfZ%Nm?
zz1H)U>g7wEo}Spe3poUvj5}>`4*dd*dFfm1Z6tYA#)T2JXl_){5f*Qj{y-(tnz=2Z
zBpP$T{=UT2t*<RuQEV_42YF#{pA>M}GU+8=bv4?_hX0x@KaJIm`l(O4xJ{kSb6NUJ
zoz9K!LL{?bjbTuzhVcQbG(xE64#R`y<!1Z*)54x2Pa}q4XdhH4WxZEU{axt8MdhWo
zy1X11dtH1OgjO%zQQ;g*yqDj4Ec*GH2d!>`cm)Q=fMmVKyX@9<EA&V-E3^(aM7)f%
zr{vR*c*C_D2(J6s0~;VK*k8OVc7b_Dclr(T1XloR2=cAR_naG(@sYpaSqBWIGRSyo
z6HSQlCiETr5oZ%SDo5*wqPc`R5En23HlP^pw6Xz?lc3l}95RQ18sf=c**$Qw1L+0c
zE-n=Sp0kKzR%5sAY}kzoNHA>EN9e6yDc-1CUI#~cjO-S9mZ@&-UpA#nb3Zm1SIVrB
z>vW46uj1RT?uE=Hk<{cf75fM!tBkgDhNMdC1HwsY-bd<N_PoD>YhFP`(0hrD1rKpe
zcv!AKi+aV4rXAKbbpf0SJG2({diATDI;ynW)NTv45=O$mTmB{rBd5!`3NPYxl1k`B
z;V*nJW6-E`EG(aP?{3~OdG*p!g4l2hwM%Y4B0F-3_*K0kSBJi7T5h+ANNK-eidC`(
zUeP*evxfI(>b_~hnDYu3TlmRmLge{v@D(M~MWoGhpbB<^<m(XWzBisiyLoyKoKn$l
zn#HK5#R>r)VoebkbJ%$!j=&xzOJz8HWl10>oT#8gQ842M+?ohjeT1hAW!zN|@{u)q
zaS!_QAa!vczEPO`o@WQv2h1)gVc(4hMV}3`e!$d)Y8G^B235b>TaKSA@s&aV4mDV;
zwOoX-Reje32*DTB6YS+28eyve@G&=K`3>@m6rkO=UfzIxmt|h%1503KDP0wPWqMGx
z6O_}aJz_9@C01=3ytPddd-!FP*Sbc2Q3Z3VN{hDNbeM>$gieCH509RYwNHmGrSkRQ
z#kMprevkt_zvzWU^bNwnEd?%+2Z2%&_>4F~^o(6~&npO)q|qDhAA5MC%*4P3*4Qz>
z4UQ>z#2Z28%#y2Rj<=j9{Y-yE?U}P`A0fMCT6@Dav5TT~!hEeV|GlT~E~sy**9W+H
z{-US0><QR=QbF1*L~<g-+^MYbA=uqSnjeK9RlNkGGo05~FvKZV6{YrzqNQ0L^))Id
zDQAX-lP=N;(}t;t^uaUYl<-gEGQX-l5#2vZGD>Ew?UvWs4&3fSeZkrs8v^iJ(R^dK
zo;69<PX_EN8C;Xm^kJV2DDN>s^t;1{WFA@OVypjLDL<-FoYbZ<0O^6I2H1x!6{1cP
zXCkO&W3N(ZGk&n=b4>ygHl=K|TJuI+6^m4Mz{R)f&3a9L8ZSnZ<Y<ng4xuCn7A00~
zT`hI|CTUW^#t+iPEA$A_*9K`!pfTce$mwNSwLA|!X8UQ{MW`h(LFWj>i>;kkhb|;(
zc49_*@VOOT$Vk&zvrLomu|G6skr29TpoT7vd?*pOT9s`Ea@D!F4-@HmqBVaLm*1yM
zoRMT@?O+vz$-(*_8M26CjRvhJr$6^(QHdYriSKageZHEu)D`QMIhR|D$*!?Uq7#(5
z0T>IA%qX}bD+CXrOT*X&$^kLy*0EFWt8JF$^P8guN`w6@Aj@iTfMCp&a2ry6E{Nds
zj!=Rxn6Fn0{?@_*l1cXhgX0WG#J5A{E>I*9bNldEd%PY4q^@uR36y)#xlk+z8bEmK
zfvFBKqj9P`+{YopvrukV!Qa?9`%J%adMe(}+Y)6jFZSn<kZeyZLVEho;N5fJziujY
zY+4O%a{-5gx*hMRpL9(rN|2qCZgCFvfH{zKT0{IC%1|un=&ZsLB3*HCz49d}$@lKB
z{7;jBm4H{+>#1N@Hj7wcrMokkQHi%d74cEa0Z3%;c&ToY9>n4B6g?UKSmpDCg4Bzf
z8HstFB4ID;VyBR=i4pPsXs+Cm-$Pjz%#RnoL=zQOBI96CGwMy=*EgqSt(kjv&n~N5
zFv|xzx}?KLrZLts`jjO`R*w2hX^7fMWLY3JRG-|pj-*U{t1qiMBEk~S%_Y$(tKNdK
zz727|VW*wyRW%x;s3q=!$D)1o$*oN+B3n1kHl>@H{_FSwuU#YOWEDjtKSR-;#~9tb
za-}q}7G+(dBpBVbWTe#Evbk@driIf~!7`=l&S%<{onn%pK5-sCgixHggu)=$UYDhT
z-sXZd4++FTHCg;!oquTue9X^C{C@ppfz_o|gRdZ-WoHE;#*VlWn{P+H$6Ekr(VWi-
z1-7Nuso>L_$xh?$;?0V0ptfwL%&-h?z=Z2&v+s3j$aZd9dmMdFHJBpr=_!`q_k9JX
zO>phiHm-*FVuEN@sj+4i@|-+6-h(yTu8BT>x+zr*Wsef!BEj|uv$|fmY+=p>={F+v
z0Imz4-(TvWt%4$5l#GzvcE_n{K2ELx?oYQutBrwX7>d(@Z`nbb*9eOZB>J+4T|Klj
zzzBqG*@x3KH!g}6cj1X2Mdv}6KHwk<Z@I_HjVNg%P#)IIjELib*JmYV8HMN}LcHhG
zd!WpX|7J$_L8LtX?gG=kudo$EA`o``N;Eqzybs|A$#6$$5cxSK3B+Q6#?L?qy>~DL
z<WnjP9E*YHGfWR)4-pyA<%ZWlv8=+?+zAw+_z%I<Vz(C>cc5H`<)~shjr#24{s3GJ
zCC<m2?yEZB<c}Z^wcw!}4abCW-<$0__DDo5^be~nrlhsLu>EjhT*;7z`_b%*ZF`Mr
zcZ@dSw0b$sXbO`TAY@rG1f!$;R;Fr-n-+uwG(<|q7?5Xz1Xfvsv9$5r>4nWrGLtUl
zAB%N^_oR6ky&1snv<-Q^enaWG47;50LIU36&H@lW(u2Mxu;PA{K;CM<wi!L}$+p;g
zz-h^3cv~C`CW;aWhCBR0vp@)iAJZkyO{1Mf^5(0G5PiNi8F6*P(Wf^fg)AlAygSrD
z^MZUZ7aZtG{??L^a%lO)#(U2{R2y6I^ZSp1PZqKqgrgExP+6F{ip2?BTJ&)VYt|g&
zeu67U6i(!}`Y6t`G_I84FQIew(ux9lFfC}kA5C{?snodX1T56*b5d91t1TU^-I_Tl
zQo23WDvsAGyWi*cmz|!dj9}P}P;@)6zuzP9z&3<&0@H3>(sHR<`W|zh$_fI2{^x6X
zW5wTe%4}EkYZqIS&g~!NmUc94(^KR?H0L5#fjySF(=3HTQtZOIXD}Fy!kT9g>Z@80
zM^0<<5u|{;9}k{mBF=2iQa@?rDL99f4kr#ybVY=ld3dbuzsSll+bqukf^V|B;U#*q
za(|8QiB-qC!sdd$QRm5Sm7n~rMUg>r>phWSR#i8tssQpt435|)Y0xYJz0F;A>~ck-
zc~9SdQD(X8C&+o_1=ODn{+Ww<&l~x3J@SW`73Ve#qKE(7K-Iy`_#e$>?hWWjE!M{z
z!K4{)O6L|y>&n|0`es4E>#)kt{35F3d?E0|u3X=~sAjT9`#g-TY7ObcF96%*i(CQ$
zgZ|`q)acSbWyNJ0-_zVi^H}xUPUWabA};nc@^UZEQpI%<7GfdwsjBfv6rZQigpb3s
z)VUtsWSyPQ5F{R;y3yQZ_I%+B1Ci->P!F5ZYCpkJ_n0#yx~oF`;nI`ER`*DLgrN=}
zci`3!?G7k*paw+4?x9?KQVH3O9Z}Pk>h<J#C|rE0^Z3!aXu2d9L8sV!Mx@O8T{+O{
z;LPNEIC#aX>~iMzSV(1dkkvZ@=n@X7G2Z_f6sN*6ny>V|e=GmW;;J->vRn|>-8VY`
z&sI@zU>(6w74wqMlnAz746-9R-StN^4SxGrIi|@fwx(-fl?9#W5uaOGo=SOiXFP^h
zr`v&&k{=_@tPO*pO^QFU#ct^2bKH~JZij0&>WiIq^{+cNykKP&0Ri}>JG#s$WpOGY
z$f-MBo$$F~AHQIPEZp<dpBU?}md&>eE~IpKq8EX9#%tF-vB~FYth(R6Af`~3=Otu%
z37KvDiZr!e9WP-ksGU>=63hr!mbeTZ<T}wTa54%F37jO3N)zG~<j)?kzazRpHr$ri
z;j2uudbIQOcew;+l`Uu66SrZGVV&s73$%wggj}VkK~Li-STlUnlU;E}10^_L!^i|e
z!|#S9y>dZM@MDoV4{G>nYmeb&b0;rnOBS=4<Q2uhlor!v#_^7zVp`C`jg#lBz*0&8
z&hQ7>UvOFDGfBciqoCZE+5m9oKH~cy{)xR3r>nhzG_j{wUG8;!g*PE_8YApqCm%0}
z`qOv8a}c(CO<JJ!@aqkF5c|?x(&b|TD=_AU83g#zL?@eD(s-qQ5n?2!2-6|!E=l{$
zn7Uwxz9!=@RnhNYpuLDA_S+N%X%nsh2+LQxmEM9ZQ(-6=LIM|+;>og$2{{!(Y@wkd
zpN(x3s~%(@da2$~j?t^u{OW^ES$KGwJ;ASPs7r>}KjNEyp4$q{)+TvKzH+2#D~Ak3
z)Y^g=d+w(*OoZi2F?@KG$9Y1+2xYHDaeVMcXJ2LeF;)&rkcBtu`FRGc*3!8;Y9X0-
zk#Vi%fBX0_bm#Yl9Bg}*eH*)ZtN$kDVR&4ZWT5S9-+WzvyU=jfHP%gNvG!sp>|%J?
zHS5`HuixH*>SptV?C^xTenGf?LE5y!{a3rJ3B0-vy6zqv69O|?gbn%vH$iWT!UzjK
z-iQ$zeO)mB!2YvdztW+5g;_mr_*2(jfQ2>xlyHvVuyY8=%$+|KYu$Fw$enLF=H7mv
zYbsDdI0tJ2d)3VU@oyVtjAJS;)&C8)0}BSG{lEJoq-N>v?BHeVWc~lz^Z%baX0-hi
zF`3G|Dv1ycgzeO=M}*jk27pA&7^(DzbJ&)yI~X0TvwP8iPjj!)EOLKCOqRr2mvd5R
zs;K8&<$tNz{nh7gH8-8nP#^@UBSId-yfsOY5XDH%W@)OonZ?LBt>?lxt($2*!T7$I
zppD1(6H_1QTvHPpNl?-_T1~Ac@{Xzj3hSJKJ_A-?;PI&oUtxSRV8lc?O)abjJb^-V
z%1t#qzlHLso`rJl>xJk+(y4^g+1jB@hwRxntkQ^OTk$h7i-z6p03CNai$rONps^3A
zz7nVzR`LK1Go{()gOOs#X1ulUy9M9zm}}lR)a1g85>>*gTFN-C{v9z)+(}WkVu*6z
zVb$DNmIRH>9p6Wp{o++<_-+y?J9<f<w9@9UjfViS;Yosk&mC=o_p0dGYM8t>t<}Cf
zId2%>+1)*OX=Q(I&z8&Zo`2+up*DNT_1v?yc!hv{_v(xl5XQy8KNRN)S+li`a~b8)
zhA`Z%rLuW?Kr?w9c&`67pQ#4mG1}E2?Q@3JtDC1BVXoK}9DUZ0jP6`h9p25=%;Ri2
zI7X4qxYgoHiW+%Ud){=9mf-NXPci(^UO)iansgqxyXX&q0?lwee0ltIV?OtTI?99_
z*7<m3`x8(JJC}(LO7$6TOm)uN5$=>{@4;Bm9AHfrCXDCpis=@Kn~&QTMV&#bbNETr
z9P4m;B;ELOR64JC8w+nV4DGXt4CXU0pMH){k*X9R&!x!4&G`qsYH=E!4@F-3On?Jl
z51{Cl-7vT3gmKFhjiUCPxNij5K@!ZESC+|9$zU^)o929K{R*v(Y#vYFrIgK0fGyM#
zd7ob8&H56?0m@dK!3;fVr1mt;8dl$E&SpQSUSO4qB_7R;iYL_F7Kv_rTa)bOiQmk+
z`Ztut3Jx~B=3gd)3-jMG5%zzY$hHy|8`cNH6be652<-t2SqP)BTHwJ7MHIQ2f>dO!
zTN&>5Iv<wxrecNok-r~Uuj*m=-vAeL)Ai`00P0IgUnS+am%R4VN5A)vV}>B#J)!TJ
zKiT3gg{)kL$HA-wr@cGQP4kO-s$1Rck^ZcN6N47JY~?^nDz=?jZ3K%#xN%{O=0#Bw
z&6Ks@*9^@kud7qZfyHgDmr*k6vQs`b4%08C0VN&;bURATnH>32T5X2(CDZg@2h@vl
zkRQ^=S2O=W8r?E}v$RY0FFOoj<|wASzS<@T#m&;<cgNza1^Jp8-$|ThlDgFpv#;e*
z#czno(2@{h(j=#BuxE2i(Erlfq$`mW8xhslsWOZRH9dfG>#D=4JD`dWH?3UOtPP)H
z<n6iI|E0x`$3z_1M7+96yBr!=^l7<acQrYI9so3y=ys!AQY8u5-*&CYr@8x<So7(3
z{(B=}+kz{Zke;RIydO$`a!_L^!6P*@^*LYen|(G(H8_mweIuF)x;#lb<kpZ}kZP_a
zaP=YE5>N205vk$ha*EyIDYL-zcf#lxE0%l)<<C;qX$|Gtz5-i|Og^gHM_gn5rH$$2
z(k0^??S!?Hb7O*URpV)*Ord-x!pPtG>iiaYWTo6p?lFJBs=cvFxOcM7k{9xx@tELI
z0(6atkJ3U(Q>M@9<)=s&Uhx0iCZJ8@LM;(jFpJj5?He>14|>O99*70!;Q7lO;daw>
zi&qkzGM!wNl`Kchop@Hs8x~J>s7=&#Xz9?{3W=M?IzW!1!@z%ulDGVX{Z~z<2u;uW
z4h{zP2lBt8$^T4CQdd;o6hZUP$?O0)!DGqw%Tj4j(GAILAzVNQV@;OX5g*TQjv3{K
zTXO4d+P-SLRMJ1qlg^WBdR|G;(`zd80>4`AY;rq~Zxr<ReS$S6tg=@F4I)BmnDe`U
zV=7Zp?Atr$uXuPlucu<hGI>&qq%{IX6Uvkf<GS?4Ti>s~D|g06SY6PpW=^J&&Mqob
zaN1FLx|IU6VL;<UB#Ey@%j~}6E~`czJ}$E~TiOOR0hziGsC<wxrxPO~rc{Y~xhEOo
zrtf~0mCZPrku~7onkP;rD>?*1*Ov5ts2QjbFmGHw3(XX>Z!;Kdxz5ZBq{uyaWZs_@
zJ9|rvac$=5Pk&5gvxJ*dtcj;=%H&QA1zrj(evNtHh%zUpOTl<HvY^E52HxyL8~Nyn
z&4k7<y*(lJv*^B?_e&@#dYQQqlPXiP&6X}8k>YHno9e2nXyF-syPbV|xUNbU$UYkr
zj?4qsd(<HE;jCR}l#)~p7s7oJ@u$5|H7e^}@PELr?S4Q`%SqO#Xp;i$F%h)3TX6t^
zV5tj>M9wDAihTD7H99#{H}gg&X*W;Cb`fRS+~TKpngWb1o(}Ujd+1!Q1;u<#)t21<
z4)HB#eg94Z4F>jt2nMG6Ur-;8|0i0|y41(g#QQ|<zFH@SC6~O@a*S$k+$+>A--Dhc
zWQu7vkWeQC4YRWHTjyj+MolzNN%t>5Jl6FO%AwCN7rdvuq4iqBM2(jH4tfwcWxxI7
zwd4Nr`+d?GY-fy{?rQMejjzUxWwweZ0nx2%V!nccoE+XSQ9`Ny4@QbMTaY|msjD|4
zjA~{0?~A$Ic&-6sdJt>w5S&y>#}I4z0eyYdE7}^qQ)THT^{_M&C<LTCY)gkv@-;M<
zmAa#%keAzWnxM<PBYo!*uaA_x3kwiJx9NOtfu~()=wWyh4!mKYJqoivU)suRGTd!_
zN>*>Tsdz89&VVS$v7AFW@z`~t85?!n{u!2;w}iNGOZF1}#lCx$z>`V3bjWG5Ei?ro
zIxB-L5K>rQ8f(ON6iQpApv5qs1$VrY+ai`9YCRpZd_NX1pXpOO$Q2(KdN{|~e2P3;
zY^z8Z8kXH2i5ZGy!K<wv9646m{R`P!HU)mkBYKHFmUvFVA*G*66khhv4mQ!q(mMwR
zQufui;C*yMLvq&Xtbh`%H^TH;WSA6$m|!G%Y=<e%kY;JdnUz=~f(t$CkLWth8SS|p
zE^oTV@XIfW6F0eZ(Opzw$1Zv8lKU6srb@28+Ow*aT?N|mddhOH(5lZ00ki2@a-Y(z
zsB-YB4=wfQa0M=Z1Trx&2{u@(_C0&5_BDITO-UKujE1oske4#aE7mTB)Z2-ZD+fiB
z4pP$L0WNx>G5E+3RG<V-;2kGare#OjKGzAJ&;o0MGCmH6ABZ1;Js9oF`LEgV;sO*2
zTIsKnXikd{5jcw}`LyMys4VlcMx=6}IZnUeZX{#7R|I42L<ujs-DVG<vDh~Kj~57A
zbr<g?PwiLyw6>6IY%*5{z7G4s8p(=14XcvbMpLSjVyK9G)tOQD=BVYQ`{pL0mLj$#
zz3TzC7}y2x8i0;qHGGN20W<vBYXORis^3pqSPF<FjL)oO;+3#i4V>{@QWyHIQu_|G
ziFAV_bWSYA9h?-)wO9yE+&5pRr_Yme?g0eoqlKr8>YyPBU8Xchx7QIV$-59mph*f-
znUqx~^~?Fk^_52Bi*8ja<mLjgX_80G_xa|bX>RSod)=GFh!VljUopQP5WF-o$)X|y
zFZ)T3C3J*Sf3cHhmVQY&*S~C(z#N{9i!E9t4+_bj23_PQoVC$wkHYnSeV#{zue7yE
z%)={8+h7+p<9IHDMtEMT$K@n1?PGdJlhc0}Uv3o?yON%ahUB1$M4LEd%Fcn4DxE0g
z^pOguI1fmzOL76Ic!vNuh6D}8diwp*+kQP8C*t`+tu{p-wPPvj62z$BHd(@NEC4ql
zX;D?A<rSaV+Q(c37Ix6da}IjYpGHe+qc{)JZUY8Bs2o1w<2Jnj0g_8PwNXq(ovb)>
zIAeBHfu`vEU#V_LmFsW|xvEy6D>b1?189u(78KVIZ5YGs8Dqy}f8uw9@i0?L-cI6R
zMY?6$NH2skoQ>o40vZ;fITZ{_I^-LDq2BXN63!LrN`T<8XU#U!u-7+rR~q;&D-%Ma
zqGwoZJn8dM;ugvX!iTJbW)k;Iz2W?DU&CnM(e$Z3;Xz;Vb}V`1+;jH@O|m-d7zR}E
z;+YPi)Y426iN|e(NUVBmiXwil6CbB=tc2+*w^@D;)JtCV8Mkq?x)kWS?m;0hO6^BC
zzzK#g?QevBA!k-hdx5$3N)bPwKL%(zJR&c~^yI31{##D}AM6xntiR@S0r>yUoc@oL
z%{EO(^(7Is02G8GHWBC%?U9V=GFsKaHHt_bsEVMCkVDvU*`*eu@(iV9ig@9H{*u|q
z_*tHSXKCJ>GU7U$rZ4FhZtL5dzWKe|Qzx4*%En*{CT!780MADgg>l~8Tal-WI5VPh
zcEfoWRcTyiI!m$PQY8jv`;Ov$`p_m?s+SX@sh3XWi}K@<0?krlIBmO*v3Wu3^-I4#
zD>GoWYj1Jq;ITWozka4=g&JV;(NQ@SvS1Ti8Hz=5H#xkg+Y(1`ZQIY*s^&ucrhB$L
zaWs+jP!IZMG>}q;%|i*EF2ok(XO_?@wT4IG?iBpx(JJg{DorilmzUu-v5e(#BfZ7S
zTkM?E9H4`nTJA6fnNu1kO_Yppg^`79zr;=~k2AwpuxvBtC2zIh8H2(t%h<Wtx&l%-
zE(A*x6Omf~*@09&g@?j5U><2Dsj4SBT2fc{hxA%w`@&%_i8pPktUSu1lmtlCKX@I)
z`pL?6cFvTOp=s%dyoPVY2|&TG*;nL@eCrR<GQHIOcChYe^p_j`QRa1s5UQl2w-JB2
zw1t7Xx*Y-{gi*_6M-%T42H#p{bu@wb#xYIM5yuPpHL-kn`DY7Of92~5^42KCaBx5M
z#DFT1IdI<14YZ_~8n-{0AFzq^r@#Hrg8^G@Yi8PoQFH#o`#vnL)WDt3+`CpwT%ll*
zo`K(*&sIGg%~mAyub2WkiiOP50Q@AR@ThvIA#!e6U-c?h_u>)ls)R2#@-b62ogV3?
zJS{a0rlYS~x<J2Y-GN@|RKWKWv4b7qbWUR1s;BTQ1<s4?)Ytf)Vk;dvj-|<LCI;qt
z)Sifsdqy1f-tbZ{9~c)fq)>ojah#Kga(pkWe1OQN{^Ev9;+WD;aCRPv67=tUD2I_^
z>d3)8SVI_mVqwFi3qnB?{2or?@3HmclTE0RPU3+rkS@GXM77M-;Pkd|<F)}jk3#4<
zRM9D%(NTJd3r9b+uQowVn9V|CHpoA*1ksyw%bO4g#<T7OLt6F?AWF`t&f$(r`H_la
zZZ6sitls&aNdMIki#y2};Qk7(asOH>n*SFJQQXwr#!|}D$^36sCjSv=C-y20vtorO
z$jjQ;6eSD{sHFRtP!6b7sg=p4$!Ni>wZ)1zQhsVYuHXT|ND%hh<u%YSFpO>lwS{&&
zpT|!(`Gf3{)N{*uC}ldmZ9{OOzLt28uEwq^$n#ZYxw{W*4V~1v?$<4{_uIwcOv$+v
zU_K&HaXt)6t-hkxHpiYUIC?)2`+TY^X=R#pW>)jT7-A_jq@O&A@~AgZHehq@WUJ?5
z3J@^ZQa!dT#xrazi;l(fIcXl|?G4iR7da&qFA}uu%o|T+V2%}xaM;|WEkK1rZWq`x
zUCoja4c^^hL&XH{(1OG9{UBMS;t}J%IIQH8Dc<->r{vWZAzG{3gC2<a2k`!HAZHlm
zX1MCV!qjWD|24Aw|LaBkUGy_L`s!HHSRdJ&jKh(UAt8WD(Uu_AN&s6kxhj^q0W*Xd
z8Jm?CUWREz*32}coYRRD^GQI}PnJ@8%}UJ}c+Dtf?+N=41roKY+#7r@M8+_UCQZ{C
zFQu1Up;Lb20-=hG-H*3(Yq0S<Ln;DRdUN41iVj+Hq6`ax1bF<F%%de1mvCImw=RQl
z`X0c3bXbNZ?K}X`0b(|llR`$S_tq3s8{<&;;G`s{Dj~rkotA6t)RdMYXpnKS<QO~z
z`NQMm&)fl~Wjn?i>y(!&;yz;Q-pkFu(4IPMy1X;aJRl_$Q3!cFUuB_##$IE&Dyr~z
zTQ#O+sTKLF#?Ea!1d%vxXE+^<YcZbjP)0qiwG{c37TGm0tcmqkelh5kDK6L*N!v3>
z&y?2v!q33@(^w_h1QuO}4z-`$4<P#VzOTGp^eFO#pZT&}#8Dy9vif>?j!g>66WyW&
zomv=d!-;=>d=iB_zFv$b0hz<1Gi`GMSR7qEh(+oSku3dZu_W6Coi@fythh`&%=Lzf
zvo<<P>{mNZvi*pZ(tj;cAJ2w&98#~~4=ZK0SLE1jd{@~3R#$XeZM+}}9%g^^T-ZKq
z40YC18;)n?XiJBZpDt$~-k*q)cYq%vb+3ua!&@c+%4rcx?4z<B3|k726s&)!n)FSt
zT1jTwPqWI@56CpE1H}KxQJ*YLIb7*Ea;=U<?Q&h%``C%dBXaWXBK^#|>>_WEi9huO
zttu9wPHR%d8IZ6O(Ka@FT0+b_&DznK^YC<vp6tXrJ*BtR(z1k^rf8D8acU>kW8q^C
zYq$!IjE#+`zEg5}Q8?>^Fus6pULJ9>9tPe|B6lyc0R|8AmWpf0bN1&K7iKom?M}-I
z6l~iF_G-4NxTM}17M}f+%1eF75VuEK*hC}b(8OmJKjf#q%5!a5QrP(*5BS7M_^GBD
zfY=SPK*K>op!y(kPuZSpPu-rX1a{AG#O;9~D19buZvHn5w$9-DYf$_)eLVKoNQ4H{
zH$KF8R}3Mw`FPs4r{66s`{vLEd+8y{t~GG^-JPd%Sbp&=c%b$lT_G&@X<-f6exc4W
zU>|U>!nJ#h`Ai{CB}ksob9lqY#p&RDyfwd3_yYP<nkw8BBW_%4lv#;|=GF{$yDi?9
zpn6sGvkaP;EA2d@t4PBYf!3`m<8?+_I`RFcb$ay`qz3&3b*y@_QW3+1A!0uzb7<$)
z$Cj&WM09-h*OV5phh1U6q)W!}>)rKYwEto4GPJ)@JQ(xvoSO1c21gj<rd2X~SGH7;
zZ)DgUYuh3tFzhEiVmVxS%`PgNC49iLEk64OiBKUhX!r$5f?KM?k9YejT&&mu59@1Z
z+Gck5%(ZR<6|`;}<JbCvsPGN^=Y@p&KaUR$SaCgUNy`(Ph-Y5XZtxp6Tlw5Vu?RkD
zFU9z2rAFBdMb?t~?-X)3aCyvc>7!SssVO(;$rq4JL}jGeXlmRfl!Q#n3;ATXTdTLU
zC8(_PM*7*3>y8f2Q^f)?(a(&f;oXt*jX$L)sDMG$&nha-Kc2x>LW%o}yUw}JJs8b=
z$A>WNsCi0>`x6J*!Oy`c9=F5gAT*>|yUyKnMMmI;WRu@q#6%n^|2P#N^W+0eplD!y
zf;fEOI5NzD(P9@=x<y$cpSFvEQc%WvFEkrexfVQBzrQq-paHXwzMP?+6C$76_r+{H
zm27q<9=3^f2<MI4x}zAm!zrK41n;=Qh7R$n_>y)vSL%!Xk=Ug0vTm{#y?PVoIvgs;
zusI~k$L!7#cF)fjMZ3?2Q)R`2Spaa*PIsGZ(NDGLNtdFU@+@EBMh1(wA?tGNjPLlG
z$lGM=jEKM7-w8^j&ntxbo2mHHSl8$|j5ukia@`aOFbzTnn}_|3aMs~<bb=(Q+WR!!
z3q)TABc~bcpaXs&|7-p7W&yV+c_=Wj5?C-W_5Z(<!{4r3{-a*T|BPfYcXqO}wf=h@
zbbn1#=L0FUKR3o~)@|SOEUx4|>*%4Ph*$@;8<QNFXDaNP)_^Ia_Sf|(g%=;b)^Wil
zs)Ujud3oNqGt;xIUH+S{z#=s^)r4#NmlovKS;@hR>mNqeErYku*KwS0tav)QlBW1p
zjV8Qx*lo2@HqXh949NX{eIF3URccr_yi)~+Q+leM=HCY()KyevxqW}gsoCrCsL08Q
zrY34jI8{OFfmOZC7os7d5i07$VFZc918{sU5KL2PpBR#`@({`7qH@tkLdA}*<5#n7
zhPBz1u>F=R*OcDj-qoemREC(eLOc151{s#pY&d1ATP->VU4mA4ofYww)^e|P=1hjV
zr_;g<>xPhGm0-PeIv4#Gnd{28UCQZU5v&Ti>!eE9$Lho4Cx<aHu#UIHpg>*S26GpD
zq?EmE&@28?sZBjvW?!@5)wR~Y6VTb>s>3nrj=xH{J2H;-V&%qYr|2<Xgk;4o&tJUB
za~*_xbrKQiBgUzrVkkgnyKBEQXrj-Wiob`Dv(zw|^OaK~_b&bbO7U=rdHH=RVHzuN
zp_0W}uZI>up_Mnv9XRiEWQJT<0NaUya4p_FvtWW4!rw{A^MgqRhe%C1Jjq_&)1Yh-
zT+PC#Rw$6>aimg4eF&spTq0amV;i_fxMK@-kwA?R2%*bCOraL+<0XN(%tKcTO;)Bj
z_|v+%L8uJElS7j}`!tPuG&MZPi2>1#s(3RP7Vzn!shtziTyTB+;ESF8I(YO`#wBkf
zXQ8q^J_<wc-Y^e9HspCAZXx@p6FN~PYt`fsY6gnJpRzzw4^_5eK)Ne`WoU%Ai2`VD
z{8JWZEJ@ZJLs~aP8n#8DS^Z2r69(l~HZwb9IvIGbQ=W^5{*??57aA5z-LB&dt}F9_
z4_PUQ75O)`nW=Aa%yZ|eiHo^z$tI2858pz18f0RJ=g^S!(qkXLGE4b}X)A965<eHz
zeFi^*&286A#N72Aop{HDmN;#M&K76Jfqqrq5!VdgT+i<@O?7UQ1dgFr*-K4-mUe}A
z<;jhn6TNVE-y4~+zT&T15)8|nlhfsI5J;B<_S!ihc6t`r{F$~(`|@r78mGS#7DDnt
zi@o<Nw$g}HPv>U*=pO=!SD2;2r-pw24>MnGlf^(~9oy~7qEkoLl2$@)Tz*v8l6?&l
zVc6b$@OqOjb2WtX{hl@r@3jsMI25Hg@z~K&A<-2st8!-isiJacf^mcwYsrUGs!?o^
zrCr#f)Q;|AmUU1!qI`z?b8On@V7z>>#jCvw)dl~~_Zsq}Zdu6-rY>S#X`|i5Pn)?S
zgXi!OC49X=n+?6ZpK_?=yN*14_#Uq+o!F|U1?dT;wp$j&f6|naUDC=5=C|JiC9T=}
zd9H-E<aozPQ$S}3hrW|EOJz2)gmN6~E?vnG-->o1>7pq~Jc!`bRMk}0vuLCXmyY>C
zFUitI!noY4!v7lBdSGO*p#DW6|JCjPbG}Q$^6!s0yU9AbIIvhai`!V5+yDJ0v%80>
zi-V;bgZwm|;tHM8w7l&11~9OH^{L(EA22e1QHp<cz5g6vHkJ-9O#c&XyO?^|Fxz-I
zI#5k7zz>iiK@S8D67N7=L#Vl=a+KpW(o=hU;P^lq(7zF}?WM@8t}Rpr6J{y?L^$u$
zKpJ7R^5Gh68$)h@I4oQGhPU{^!t$^D=gT8|B>qLM{?&E<!~Fka*#B^^IVXw|B7y`x
zFIe#kO9li#SUqDxP!}7XPtJmH^OY{9_S)Rd*yWn=s#7@;DkSYJ;8~Wb8IqptplZ1m
zxk+I}QAK07J-doB^pi-{&4sK?p=Hj^X=uApW`N~!fTjXv;~oz3MOmq2N>ce!eA6f>
zGBgWwW7}>_;enA4f1T^gXl0z_VwU`+-dMFU^=l6CU!@?ZF9VbI7u5>(zxa^!e@j75
zQb}G`Nu7y}lZ%yu+0I=swh1MK6-)AKUoj*+RgxB_=fDC_C47vr%4UVequ`RZ3G44}
zxTvq)G`!OGs^hOGYW8zm5H+wShe?Q+*x}uMFc<ib=PG##D`h&4?Ne=MbR5(wG4%>g
zOdDtL;r`e5p<fgC{7M_qyt+DH0cKkY*f}T`eK{)G-xWMh&hw)7nhk=R+J3_x&p}J_
zL`d1=jgtTRw*@5HPJ{6UBp4VpJQ$e%e@qg9f3>rJ{^@YkCX~bq06}rdX5i4J!Zd9}
zXJeh?7&l^<nvrpGk~wb7A6zzOr6{zlZ?~`z-4(ndUPuf0Eaqx$-u_V~xplySBCM_B
zJhd>o*~&N-`g%gG`~kd!8+d;e3e|RD3&%&kwY2#RCJ<6E$04;$9H8PfSiN(Fv7NSL
zO;BELOdQ1a%O0c<Qm+XCSt3h<g1v30OoGXirnK>sp)08Ilv2x>w1!v9@0@-r#sG#b
z$B(qqeATYaP1$W^3ie-<?-Z50f)CU5>PHJR9Q1+EG4Fka4^Pd9D{<XJPI8;vW&3)j
zd0J9y6S!7qlP2SLoraqp?QvbFJo@}nl9Qt=HtJCvG^pcQB@>?LjIz6Jue0>d=*39}
zeSR6vuEPgj+m%rHt(T?TI_?O_rd-_tcvf!8_KrtWag8VZ?dULz?9uUS)o${uKr-SS
zzeY!pyec)d>+)Vvf5fuK)qp!=$zH30t>l{|Gn1<R4p%r~&Wp1vLu}+#uyTxh1ubD%
zJBCY3=g@Yf6@3|~2I<r(%!^FFnBHIZfb&LmEcgz`aTC6{P~yn~s_~rTcOxB=@LoNY
zz@ZOqPo6(ybVmI|*9_!A#^9EGx1_D^m@&~@e`)g!lgfy~D7>ILR#_LfxiW*HN-e7e
zDvdYow|&9Fsm<U<f61D7(_9O%&e&n;p0Rksp=J)h`jRkvzCID%;plixzpCj~4})=J
z&^m5SWjq3PB{QGXL3%v>D(BX!D=Z;FpW4G3U*F(2f<E((r+$OL@4q64*kVcjQ}CtC
zX`8m&ZsPax1j~~Zzm9QLN$EZ%`_QSeMaZ}_eK!l=>|v%oIN$ns;PnvOpzJ+bHXoYl
zkWM8wQcrGzR6ZO4@5GxUb}jYM>YoxUKs)sjxbXY6*Bg0DIV>wjW@qygR#hLpPdRZS
z=}usDXEZ<lqlx#CR}u83)7oa{Pj}4x_LvQ>;hKBpSCt6rc_eMxi9i=|+Vp}cgCsNz
z!GPb@-|zGHe?CyGf1yI6Q*Se;NH5w6y~cffM|z84IVCoO5r4$26@tGISPr%!D#{c6
z!b$m9(2x53h3Sn|?ob5q8@j?~xf=m*m`7vN2OG2L-oqgm?`HE)j_rGpt=aA)XD&ID
z<r}7K3dfv~#DNm*B-dNu=zzbCx?}0;t*CLH6Xnui({>bT(v3)e#2^Yx1s~7OSk(5!
zEv?ehXSf8`6BalW$>JNjY@j$!{~;rZH0`W<DWe*Y*g27FH1@u7MK?FbZ{|Qz0i*pJ
z#q#7P!H!ayJi(4=JRsD+G&Mm@#XQ-d+N0vmi9`8NEVo0{J-rWK57jiP(Bc#7UtJ6}
zZw_e(A{bZ}$^Rk||Nn9^|478wf%n5&!T;=^xlwAy4}nKRqLq?Fj_Fv1<RrsLhAxpG
zU_=9FQu2zp8nCj;%aSzHzg*C}u6wGqaZICMjULr<izIMla;$r9ujsXJt7~t!(Wgrf
z*qy$z;$DX%|NSP<emj%%()aL5%rf`!(nJHE%Ulj}!Eve|Fz|~e{dRY_iYDlUxbNkc
zZT&T@5&G-Th;Ff0q#Km|mRF*=oBf6tEi(oo<EVERVc~XJU{Jq5c^K@yBs{9789#}Y
zp7FspKkyk&xQ}t4;TXsfX8U6j;6wFz|ATZ035hjoT&!}8*~r&m2ood!=)5qjLM$_?
zLj0A!k9r@Uq@P3#ulv`199mzL^ZiCk&*dgYzPZ}m!?)YJt8Rh!{IFa3*WfTx1dX;z
zt)XT1cGGq*>qQ8+n)(_mcfBUY6%4p8V`w`w!c;{$K;4;PQir3R&zeAR*K@6t{q_a@
z%p%{CT}nM+yO}*miKc=VmP<PIw^`}T{F4KpA}p2sLQ3A46?l_WA;sVodvqQK&(Lv7
zTbl=<T$jtSKGNQ>%gkC)(`3DI?!g?ij=f%ZLCCo+XOpDBw<*~Y$<SU#-CS<<a%4m~
z!z-n_&E<Q-M0PPAo7%!#M$N^{HO-~{<033ssb<nj+_=HhQrEM2%1?3a3L1ijE0$wA
zd!KJwk801EE4g%FB(uE6as5VV#h@s0=0`IOn@(9KLBDTI0DoB$`kb)LlYzZdm%{Lm
zWz49DuC5X9D1Ls~m<=;7!7L(%Co&GahOBik(}*!CN=r-bYV;{BcH5QMR@(OFiHQpb
zqbaTycrglDUjw%0bcXW9x{YdGsHP3I<S#WUG1+V@VP-Y5T7EW5^L+P}9GX<?^?Fi1
zm|3Q7!?huCQ+(W&@UVV{)x<Amg+O^B1bPmJ{7`q@VMd5ng^273R>Ks2?Z^vwSAAIr
zgK7&RZkgAl0ZGc|IMSW8D6t<q^Q>GUidnI?4r+@>MEctbB0_#Zq)Nt;fzCs<BsJNg
zG)0raSC5oCh#Us{Y=CY}ofo14c|>WmY>b;2x1=-Q(9}rFv<3@qrY^?3>sJSDmbq#i
z^*?NB;9{o1q<kFwo<$pnKRXKdSqa*l@NmC(cuO7A)8$ZIAu=)|5seqKiOW`>^khnJ
z{c4n1N{PKob|tr*;h;=q=NSyR|Dj={ofVz!AP3Nxigr?}#7D7}3Qtp8(g0mV1MXXo
zlv`;sy~40F`J!<Eh7}C_osFe(BauhSJh4OsU3Su1?c>o^uNe5jZ|LN@z#y~fs&e6^
zJM{_$Vak1L4KJ$Sxr-`BU*v~apvrw^>oj*YicRv-)l=4G+WGNib&{R{HrDM^^tAF?
zfPAWn<Ut&k3l)XD$3`9WXZl|pTg`rk?!K+Ik{*WcwR9v2O!jtB?G5&hG2hxH*4h~L
zzxDKbYT7e)0XD=Yt;JWH+n)4>iWJffs?X#yvTJXzs#sW`=^(NWz-%r`0d)X}Z;oe2
z%cK6ogC|vxVwvh%v`!W?VO=_h7aX2P<?27c+0*wV@gG=?$GmlDOW<RG*M9K*srL-O
z^~Nk!0KcWioL!@0M|EiTzp@7;2+IJY#)W^zXIR#bQl<J^_JjzlA|&2h*CyTLs^DjF
z$4`%p7^mH3$MzpMFN?>@P^RKp^u+g1y}}}HhNs2~0>#I2fT3N<<QCu59u~?<=^B36
zk*K6{`@}l*)+f(7l;rcLzJ>f~;GXs=+tFAuxVWftD@XcS*R{jC@>V-ah=Bav>%Ag2
zFj#J_l)RNYt9)@dG2`C3XEf*e|IqeMQNA?Wns=?Tt5(^oYL#u<wr$(CZQHh8tNvx%
zwr%#iyLW%5_j~%L&)MHaj*%HxnIq@?MZ^<N%ouw?cp7!X{!XsX75Jqn8je@tAFOLc
z5EPq{+dTM3kV!b5=%WEL4F4xK@sTk>xWkqvL1bK6QV>-nRDlE<^5D;gvY|*|>QKV(
zkpdAZ1D-^2S$bg+kp%@CPOg~}4|}?JqPn}An@sku##)Lg!-W)BYD9eLU>Ajb=ba1@
z@n)kf;+v$A=7l)~+F$HR?2?oUCHBGV;b>K8K-n4;5reP$<(Eo~NDCM3#n*b{mt@ug
zGM>XWli*;c{gOMV7Oq2A_ST#&3%edv!{JILU-CO$^${9UAw<zJr)=0flFEH|2DC@r
zFj<T$;trzXA)Jy-r=en2UEP-9TisgYguN|g?^D8{tjOep7LIZU%h|gX^e(dik0tvG
z{y%h|xB*EPaN9f^EG)n3Nj>nm_*x~z{W)VvvhRMA=fW%_i#$XYXZDAy%1xiv>zLP5
zA-e^SYbOdvm+^Jw3kh;xg;7o0@1}ScWv&_}m<Y3TjfSVV6rU9(t9Y239oGIRCF6*`
zb>kW@3NZ4nuugh%a2r$R+$$$a1PDD?4Y!JnvScMt&dk)c45T1g0ykoXEH21<7@$?3
z%27nBDmtKVl-vAvK9`oi<8^M59ITRGe=v*;!`#HQc%9hzR_|JRkV0sO>X(!l)nIRb
zSu@4T3XsGhT+24>*vA2efndcPY*KPjgIYkPAJd&ZiW!B%C6|yhFD*(U_oBDJId`U)
z{nOrRGFp(zoRn}OSDqpT>MyjW*QrD<6PkS93Yx>Y0>s%Tef#}p8#P;78DFnm1Vx{U
z*W;kpkeB@CYXpV9tDP3v2=pQkNF}p4oGxy~kA^X;+T~1UoNI>WVVd6vP5H<ni(bCV
zju?{gDD^~_w<vC{G|SB$8r|gyySd1|365P0Z@9_IzTp)(H*WLGX@;C}gu3MVh3Zrj
zp+dSV@b;ts%6*^?#m=P0i_5UwYbxrHLJ)h>_*xTrRP{)_gNpXl0gJYvH{3YK;%2}!
zf1Nv@Hm^Qv=<epCQ0NzMESr$pOdOyF4k_Mf_iWSKeRu4>KiRW?F#8eb9To2#S~sT~
zfwDegEA4jmhCNhp*9X*-z&Xej)^JlMXdm8EbvkZXBM$_99=-(0->wI&KenG$2>*o2
z1qBD*EfhwZx(>^d%N`mknVTtUW(_F_bUSC1$g6FUQ%f-Pvs0WHtA$`C_72y*w=-!8
zRj%TeOk2Vi$xAtssB7JEuS4Hq&U-7-k@Gc@9|`W=wICpPGa$n!w7B+Ha-%1KYmg_s
zK9Dl7q%2;akUys#k#r2A8}y=elPmmX#cIoU@lBi)qZly0@R~W%Cb*Pn2G@eL&7wFF
zA%b7yC~3ABn_SpYKB6!Z1(aKPq2}s?cUfGW4{Z!d?(F5({o-KGaO}l!5e%SH9=9f)
z%a5D~$?}fnWiXDZ=9^k!VQPI`mTg&#!A;BSU5-+JUm%=_I!c;f;XJ3F<~N6wIW#|&
zh{W=fp#^PBRIoV>Tz>JGd}*kfR(QBuETCbD`=tCtw7IkZ->{4EwPWs}mgM&`;;SVB
zA5Y-8w$dvezO7Q7z`=S1by^+FyvnlFH9$VFAX<9>Q$Vc0<D~W;VaLp$dd5Y6$ijzH
zBoE;+`bQ2j5LTcwKLRl6?ZhBop%8vqqKCbewqNKzxLp?l?)p=29So!Dyhb0v1E>r}
zU-(5%qRDf<zO$y43$Mu_hNG+A7EO@qG*A1lhf|}yV^BTXqlf(@A0ezjM;F12`AEg{
z08XsH37V6jSM$KDcAhLA&^4W`*+@ogkXJ^3+~~vC)I0u$X%(&r{;>_#xwcR$mN3;U
zdxR|~kzT`7xHOUJOvrK8L}A<fE)U8xJM5U@OSWvQ8JQA|Ku)Mc*V(Pk@HOriwyR=o
z&C_F^f^OVTH;mYMFU044b1T5TTb!HqaAngM$K><O2X#gxIxWF>QzAP1Z=$_AXp+Mt
zpzK7bZWet9%EJdL7W*mE6VF?LM#{Q$h(C3m33YT(wLfpRBy(y3<8Hs?Z#gk@?Dyun
zBh1>iHBPXH``{pzuSwq$f}SPYH2Rs5YKn38K58JI45oA@+^|c<+hqD7o{-CT!m5|~
z#a?!Fq*g-ryQKZ~Gu?(C-^CXrc7L(iYRgU|u;U>T%|<h23N<1iXUA3r*WJi_P5dT2
z9-Ak<5jX9Eik8WPksx=phd=xJn^(6<!ca;0uO~sE|3+=U|2#wZr=F(>PcE$tDMKws
zN2g53)XdOS$H1%%X$K`w$3Vw)EHO1rNkdK{O*2Z{KrKTvMnyLJPw8()d`g^(hDMBP
zbO-ovDxmFayj<8{Pvt=W^_3MRV@Id|^|}hihPDny#t#3ovO*oj58scEDEyoiFi}z&
zaRp26bPV+XL=77f0*qN!--_Ps`|P8$Mc1?3rz<vCTDIfB0Wxfs@OWFkW8eFziouLM
z1SYt`j>c$waopW{QbMh?sJvG9P7(RRNsSSyh4LYnAp|*miW0VCx{FkuhiQwQHIc-i
zu-Sf(Q59e?atvL-Jot0*0_0!+)VWxLxey2tPz*Q_ki`G%hySm7b;d^ghK9zDj>2yL
zsHpZI{tiWLTVzobZe-3DLryOY0SP!`GTj!zhM6WgF*3Ly{DMA^5V4yXiv~QF#41<S
z&PMCIv0k!Xe+Y^n@exXR@o$9`S5d7o$!rSB$|<H-8=Q_)>5Q)5Z|||ZKPL8uf0vBw
zrIG)kzfVT0$#~6Vh|zO_4ZXF7+D^8c3|fwS=?TI%R-)G&nEZW&F@$soCQw>$R90;j
zrW>>$+2^>%q2h1K;$%j?PbZDB;uzB31)cQezpG&Q{q&iBL?QTPvqJC!prnY4ox942
z$_-=QMhdC9Q5CM5;E+6e?D$<%oJ{wW1&3)>fp4FT{8}y=pV(F(;q-fxNyTGbTxdoe
zrZsEWL9j!^1x-tpWVD-FRYW8BPu8FH7|52Dcnz}LINJ}(T?j2<Fj|3-a00{<tqY{~
zo3NTQ@y)H~C$~cOiH*eAdA`aTE#>fnaavIRvfx>1hUpa$&6pF??9TJKO)cns(ems0
z(+CMP*I%T|W^?yS$mI|TuS1T7mR;4sov(62>BEOEX+t$y3MTevK-VU)ynq9pO;?3O
zS0k-K&?8KlR!@X}apG8`4dslyHhA|8F`Yqbxmr4CoBb?yfm!(l3=y}$yGe?eT{ggS
zClP{|u1CLaSa%a8$Yv_Q&XQBA-STrs`=_nLJbBl4?uTmeGC=8`D51uqURt4j2jsK+
z#n%Z%(7P}0Vumj{#~+q9j4XjaRNq6b^g_}&WiB(tX+?6E!n<Ddgzy*tB%2B0UBnTv
z_YN`}|2|Q*&Tmm(y`IM(7pw3h7VXa?va`J`5&+}3UQvCBLEke^$!oc{%>rNkeS*kC
zzkTQ<F@U(nEgnyg5N_Qp`5eH?DWl+L<#DCdH04@$sr#!QcQZX!iL~4o?b#8X-~>Wh
zb5w^)Y;~<od#w$-qG<sm%3+mE&S{q{s$ykR2`o3ZKvS6fh9IV7%88JzXKq<QV@g;D
z`f(YHd9-1QN7Ex(F{^i5fHY4N-QrdV?2(sBHy<NFSZizn4p>>|`iBPxXjs0#iA$T{
zS@cqe{4JE|d9VHlNX4|pJ}28ly|Qm;M7zb5z*3bj@2s;Ai7V)zYB;UdtzMf=mtTav
zlj1D=yGe`AuZ({)X+0l?5B`;_Pmn-BT>r1Rs%mELWNc;b_)ncBTg6%tTN%a2CZPc_
zph-`&+ze(h1Ks#s@@FOndA&J|WSEG)MQ@u`&1mqXjmdLO|Mx9K69?f^Ow2aNzU>(s
zw`*fi5D~|r;MEp4?KJl>`|-vk@Aua&x?k+AGLoX2%${PE*^3n5l4x&47T>?0h(}c3
zyhpA<`O!lZpn;UAwj?)qLo7JfblD7WzPf-JHcexBn)oHn9oN6aI_Z+5UqFHtLk<$l
z=(Sx-jp2#Q+kLpyUM))I4tT`!C~64WY6%QsxTBVBDxR+HL%x%HmM-l%$2;MaCTOSj
zN~fK(Hw4>-R5uDMWn701M<S@K3j$E`Tc&z$r**Q3o4_tJTw2c~pK&9R7%9pjQJTW}
z=~qm4r^J1cq)N9=)umh&S!K!yKEEKav=(j2A9*rqc6t_#@M57D_ZX^uaM%@@-CFO$
zL^N7>m_$lmZQA3gW+=2pyi(?0``fq#dki{f^|g>!rIS@5rAyG(6`j*>V4-Qo4wl)e
zd=1yeQO7uBNAH!DLslCm*nB~V6Z(}9<~8iNeB!0TN&@%<9uW&5@GYPX9+mM!0(Ee!
z1j<LNKO4@KIf~m>ME{6?+!rFK_6ctEr|mQO!nV$*H$GFX8@6#7pp+M$3R&isFlYUQ
zb3KjFOFOq6?UBKuRdZnq8qL6VL!*UZ)~<C%&{jw<p^IFGq77!aqEFH#|H_TY_v$`t
zhX~a+3ps53ncv@@+s`y*=@!?|!J<G{S3Z!8(jr%km9?S6xv|k}`zE~?y!&ygf<JE}
z_gwzsia_M*wO4!wEjk)HH({6m=MW?Vf4=@jWrbpZ9@SY%8TwSzl)9}0t@Q0m|EwV7
ztQh;0K$@GZAZWBJGyP{n&gmodYRPrtxj9ml3}CX@vj>EDS*2QLjjq9sGp@8IZ5D);
zOoD1A)Dn8Z>Y=lsLVOzLAwN<dTzpM&de$SJh=UuGd)hd*FDHm3)eILVm|d%cd6B*k
zI}HR0`bIioBGHOPCbQLSzA@p?dYc4Y_I*uoh+@4W35;449k|l+?G)K!XB++5!LvXh
z6GOcJP>0T{zMqk73wxI=Jq4Z*$&kT=)+cU#^o64oui%INhb&Qy-PJ8E#yC$f8em%t
zqy0Edb?icFk2UI-e!tw=h9c4a$|yHUl$+S@?;&$-(hayZ%mKIHxvc`CiZcX=h_c`Z
zodU;GTX3E}q;6_NSN7i-^2U6Rk==63fJyWbvlql)!o~9JQOINVsI{T>Ac@m-uQ!n8
zy7W&(QujqE+jDQ?Y6+UOe=}3FG5B9v0s{eo|5r{icKzRYaHQooaCCCeH+1?NF{+cc
zZISp9hfQBs4Jg+%nwmArReogZAUB%>o6nFiQ&{{iA$e=U(NyEQ8ri~I`yNHlmGZhl
zxQS($!h_-7saX-ib1^k_;knP=)b#ns;eJ4Pe_X)#<fH`2;SivTC^nAn{P?=$xJcsI
zoHC;LT86BjhR#{i++?xQJW?!T#H$S{+B7Up1zOrAca$f8QWpX)rZ-%qZ62s<gHv`h
z0-lS;rDW~gE!q}rSh8w|Qdv?b_G+A>OW{<ZEyfT8Rnz+nV#8@tuPjN{WfJ=u1*!$#
z7wXD389+Jf)5xRw>u|!ltexoOzL+j4d<IxLGg{E#2<b@EM%{9u7Oznt-ir%@KWRcy
z{=inh&(znGPba|}<OGEyT!hVej>0OinD9X!4AmYtv33<q-YZfTgG}Vq-ls?xlhWz?
zh8QIOB=Atr<<nLeo!tGr%yIPnnO6mlYj47QE`?MU!vA46!ioqlol|xRszNB<Rw_#!
zD-G#Z1A3t)<VVrU;DTYA9rW@Ed_D_?LZj%)rQbkUL&MDaXyc-E1x$o5zBB0S84dbG
zGk`@*a)$`;#eB>JDKOei>reJ){KKyP_TzvPi(YI$?Jirh4O36Q?#B^9AR`ahc430<
z8`(s-Z{`TqOL{TCk|~AdPn!2z45MA>n6VCMNiw)zm9`MdLGRGYmoRJuyH@Y3Y<{Lb
zZU3wz3JutrSf|PrxF!{EPq^yLx|&DT;WN<3Ymo)^dEPR?9kh)ccdS@K8AA|CsT>hJ
zYG<rWJJ*u2Psrp%E#T)bf0cCcamzKdjpZipEW`Y!3fb|~8WM9*yqC&;-G7a1@8y~t
z2v8s(H|YOnTpL>PyXrd_|2?jiwKcJYF}M>!=d4l$5=qw9u7@yyjWtn=?g+>QBr}_q
z<S0Cvtx87cjFF!MHEKVw4-wq<qj}KY-F6XfL|<Q~jF3~}P{s{uNE)v>uh~tv85!T7
zd40dYc95+oFaTb_g=&ZZ17KY}aegRQ6smp6cx`#IdI}TQK|5JkOM^Dr5C{XZVfpZV
zg21zNcvtRWCN3SrG-}rDj+V*G<C06PlBI?Zj!C9vyNQ%z2Y{>8b@9=ei*@B|;8T;n
z#|DG8Z45uuKJ0X6%PBQOTX5p<oF*HuK!TQyD*KSx2J`#SuPHRwrAO+>-{lVTGu3dL
z^n;FwQSNZ_#%?z@QM4RUH7X2Mb1<8`yDm{DJ<B^SrdS;pVoh{k)WVfHHe9tQ)qWmD
zgW0(Aj+7ggOy-N(0`8jIi_DU(=NW)p^^Kb*7YCXo_oim)@b>GN5YW*Z89x^vIt&1L
zDE7w2Va&<cPn@%etA%pPQywCvpC>vtYepTmZqfniSEM{m260<OKSkQTU?Byc>cVL?
zaS3a?yPbO4#1_LV)LWgWUCZ>IFa`?@{7#%^elR3)UA?&8Q-8q$VZr&SNZTx4ImGH$
z{0ftLUIhU*I7t^{$ih}z7F0xKlDrmR^m9{f^*S>=l4FG5I_TGfmftFsqEM`m-ll)4
zAeWlNW7k#$Rvc94Qm_XnM>Q|ndyyD4^uiTY9^}XwsL$Uc?~%8MN>%pqgQ2*45gSBd
zLS?m=94t*!xy3Y5-WZ||Y5u-^V4TRhxJqaR)z&=?(RIvhS<+V5pqa0)u~Au8r7*~Z
zaogN+zSkT4V{OP{eaDGBW69}+s<HO@gbYaMc!sAn89^QThB;8X#>1EX@YHREWKle6
z6|_t45i)$(jKC+ZDo~eb6aI#xbD$G6Ovzy}7f$*Tjr8?HCDkER$nuIlscm@RR!2+B
z?ZsG4>0^>H1iw~1km!Uxw!@2K<Odu`AqwX~-h*VAd!Y3$*oJlgnc)d}MvVQ8QhP|H
znXjwriH>A~Ctzq9Amhs<^LvRWf+T<4yAG3*+FB9yLRe*GdxSP6N3jmo3DzqlSOFvN
zSP?min3}iLN`B?4+3i3{7lr?&a4D>g-HnvYVFsh9a`F=Hu(#-Fjr%TkK|p9+w9Y_=
zr1BG{oGe%)^}J#v-_JgMTKo#~6m$V!p$~Ktm^n2lLwvOX8>N^L)oJ)jxfn;j81`&(
z3`jY9%SkDina(~5<jV6$>)fu)Q$`1xfm{bHG*3zN;6c@<H_259P&3v`_QhNEQ@@Hp
z2}x(&D2-KvrA30vrE`Jl-WC)j8X2Jjlz3fiyw1xo63@EMLa;38jnsxtActKC`uS)*
zZW<KFO?y?=JNmyeXN}f*WcIJ2wl?&C!G`~TGRMZo)=B@bDf0gZ9isp6PgE;!|6>gP
zWrNg!D8OG=U2KtD5bS5Qh-MiG30GVUt|1MP{pPf~5hBUjnZDWC<b7*<JBhB7CC~Y`
z^Rk5bO)`ADkx9JDvMPW}(zx1rymjxr{aSDO{q_9U6xl1n;zytwRzNT<6&3mou}Vn%
zpoKpbD^-<x+o&9*P#N$knY^hU0>+)>T%tuf0qeb<OQsEKFAauB<s7o6yrU@S^J|P`
z%5BB9oogn90`Krp)><;bCQAl&YJS_U`|q+gE?6-2-kLXlz!vfr;c0M8lcvo=UNSC+
zzg4*$n>_xaBIkjQ_pq-4?^d!z8-r4Q_nCXoUeWEk;Chn@8Kc^U^XIU}M{)WY-u7|J
zcy|bHSZIx1Qui6#Z&+gU&dx^BkUOg25wDQbeH@b!hiSvM*WO^)hX{`R=miv4JnOrZ
zQ8d(G{j<yw#Rl@0VuGGwkS!DmQ2T+oXEOUlkqhKZ*QlqIYxnp{M!Gp9e#Htq#WL;O
zJG(+%ytT~30U4aV=Wdeh0xw39OeqLM4A>yTgC0mH)`uNA?3+CPJJPqfIMJ$30fGvA
zha_1#)%S4OEU|gc3nF<MoFDymM}tS+YaCWP<*J=D$tk0rWhB^ms`7mB%Q13Q+zLXn
z1DIu}862UHogWcz#X!+ReCG;nkD3DXR1YBZ>)sxGg0Nf*nXtzSpE?EQ<{8P$`Qijy
z$2LOlT%Q6A9r0b+GWnbDZJ5Tv8Na|{)KWXjOg)c>1Hh>bFwTWx^ZVr3{Z%*mtAE=V
z3JPwK?@4F1+@JzBk?}lXBWr_KZcE%*3QgY@W*cLVBm~Q@Pz>4<sDjc@4_AYT=`%ZY
zi~(ZC9gYs<ea3G-aC7J}B4ISR)gdQXBJos&O&X#hK79EPuvJc9szyE~rLZ!y-{fyV
zXSRm$sw3wVBB!TP?@U8<Khly#jE#zc=X!@e{IAyT_cq*~SP#AgTpYjH!5bj%dky{a
zA7B`G`^P?mw4VH8jNw+<W`UL=FC0C3WI!cDZn{~NLT`SHvq=VlWdSsujOomQ$G!sT
zVUCAYPN?w%g>`AV41s;o(f9OPPnt|dQ;%{8d}pATWZ(NDb}5@>onG#WcDx&Nhf(TH
zCoHgj#nFTy*ptJ1aKd*)W=reU5*vscOzW`>Ernqkgpx~p+Qz8diyVqJY53s|*DnE*
zqxM~(Ras+L(4}R)yr>2&p!Y}@a7HKOwiPpRNSB`#96lKebg1Vfj^7y1VpyIY+sxk$
zw`G|uXjuxsICK`aaWNkYX443`*BYg`Vec8#%68zS{w{*Hi-6lS`~U*V|BEAX|5k?l
z6CVoNvMBT@+{O@S!>9+6ph`MkYLGLCc*G<|g`*j8BxRNhr8cGd<1Xvc>*_bAuR_33
zynVlf+q9R>e$yhE%z4__PIEuY9DjB7v;o(JqAOD!>$znZB2g+=snid}F~5TV<SaER
zy#Qf|N_uH)%PPamu*q*CnPPCNWFf05EoXHXu1Viy93j8&sY!#)VQS}na3%~?6GbWy
zKj?YoTS~3tG7zNPrSK5u&iP>_Qgnu|xga&2HZXZF&&s0U>2E+RwNd0zbA5+(=nsBr
zofdmkDuy5Wl5>(8kYT9ANMJkbHapKOOs17)!<DbwsDqlmW;T{t<>8;!L?dUoxJiz^
zoe+A|V2|bO35@knzQjY%T8b}{`#O+GiBsRMr}<1s8GOtXcWgo5laq~k`T9QJGkgwW
zmE2OLAH!Z>$!6xeo6?)Z%LJ?Xnj1gXnimLsewXY|6Kyct7Dj6uF}<DYKgjI=Sj}>Q
zi(u$4o|LSkO?H$bnt+^^f8~cjb`xVE1#PJdvtAgf{FLY?oIo^5!=?Xa7-JVPbp(ZO
zHW}9|W_gO8Hh`=os!<*s<yOi1ubOi-084P~uh?it1_I*$Z^VazmA;|nKW+!rCT-T)
z5PROq)gIPP6j0PIj59edZ6b=`vx<b}ANUjvGwBC^z8KcpzB75(c_-kWmDUrh8z7Z>
zLRFdd*oFXhCq%oAmam6f=kGIXNo{q$SsG$E$!Y#j(;LGCwr!EPqB-Bie@S(XcN@Y3
z1V2^myTyi}t66UlUvPErk+{+~{p|{8C0T;o3vwOcqF{b3CD6Y&=IJwV;RA3UpiWTc
zg0hd=`5T0*TPBY1540l2dWejdri1o`l2GYajgl_GR6*-P)%*%yUfJ>tqH1A-jW%3N
z`Io1}x-mc{yN6JfMlA}~Uoi_BIsLEI2Wf|&s7f6HJdT9zF0jWJgeS=hEcr=UmK7k>
zJE%W_GyVIe8+5TGb3-ad=)jUcl)36~_40Zq0Y{cbFar<UzCI6#8ya*{ZialF1dMlc
zTjip9E3ooEmSz8>&~_zKv>&*G&X+3;((hukq(b-W(*^Ncr}Nb+j4|J%&Bd|%V`j%l
zY3SKNJwDY%X+o6L;|k*-B_jAMVeG)$;EzWR=Wv{iZ6%gH%@D$6dUvE8^GB+Mfv3tL
zU#LeUEJ^>&wx-XrJhK>p=fZYTed;Sz`>yIEv4G|(_P{jyHYoB8&@TO^^gwRz;sHP!
zNnLn{e2$PWlbe(dLPk_ka-`(OrCa#r`^dAddyZEy24c_qI}gExmb|{LKeJ_B(sP1f
zxr5IQcbxVOx4q-@Hy^7}(G3A^%A$0&Mi-AC|D0oL4b$)ait&U->;8#*>44#Afsnlk
zqQ=48DfpgY+IOU63k{|k1umDrw_}UQlNC|Zu2?7C?UGPOkaB05$9X><7<Nt#*AP`^
zET<5R)eh8CuzkS0-@Qd~(e06_S7^<dw6&ify93-E!*F&Xzh5Giw<%M(37xQ~gMU3S
z7+LY!mRI|xi?HAT2T75G*m02zAw6b5<#GO6MC{IBE8f6igR?HyYLumI-}=!_$e!Wh
z!AJV1&&9Igh?nfntw4h}C<CrwkzP%Zz<eAizgq8_qFaliOCyI_=!O`}EVn>)5%+kY
zqdH(HV3rDrKTGmTJStUUJ4uv+J&^r*Ecv7&QK<>{a?jn26RDf_J!jrJznNBS>=Qb5
z5}M=p?RV0^+W39xZE2_}!DsTRB^!5K2OTGZPpG>c&~8Or=g66d?*X!oH+i|~x@is9
z%9CjTDQA1`>@Z2`xUy6Z2e0>r)D#JoaLW%QekMtF&vzO7dT8{)n=*4~l)$rCkFMaG
ziW*v@1j=5>Pv1ZjW&~Zas%b|i8Ui<)#Pn1OxQ3I+U3VRw@6)Ysnh(#1zirlaTYt5;
z00sgAf%q@1uKge25U|p>u{8eAI?w;Cb~ZfyAdnxRT&IjEe6xfGFbgwN2mnQ5DzY$u
zBY9)mguhI>v|;4bJmh@cOAJTw0pd-%op8}?8K=QUdarXl((*axZT)(EKW7E9>QCe<
z%1;QifM0@=vWAf?!v#KdI1J-6*|xC<4(_OX;cQ(#xFfX8I7zQv2WN~;L-DxcWUL^>
z0S<N6Y%x#OB<**A<$o_(7m4HuLGeDc10)M%D}<_7mwZP1TtW^??~;XHrB86|p3RRa
z64EUnH;^XXr&Pvl{;pH4ab5M3pRiIKjg__`<A7ZPj(?t{0k_bd>ZHiEPv*{TK|vs-
zqi+8*=qK5|;fSL}lW47VB_M=cb>n=!o>Ew3Nrp{7T{r;2u=k)tACQy`3h6(0aGLcb
zO4{UNf9m24QE7@*U`>B0LFJa7r=~g(rgP((m!F0-bn=m-W9LJk7l6QlxM9WI_PY)n
z?6&`>D?U~R_tGgSnxS|aqh86lAh3?*5A4*RdF!a8Ec;f(KYeQdICz0XkF#2-Vtw$P
z2vUdSPKMBA2g4dcb-n7^#`i51%k2xefs=nk&i0z)YoPj++KJc`v6)oz`hV~dg0X+d
zxKBZ(!P0R``C*RihavpAKiLyR2xd;d&L11rF?Pmyq-<t}Q0;buhPH$2UF(3qCxg4D
z*yu|?^669en2?5OJI8z8qQlxj%Rg{rrUqjj?r^?9(}>LJ4qCESdwRT<d4M`ArT3nC
zKzK)N193%mHDoklRjCtnV^x`*>#PTVMpo_#lgB(l;u<y5ppI`jo5$-X%xwuaq)2!g
zEBuSY!RDa0VL8cvuLUsx3sn03S9iz=1q7u3--v2q8)s`{2Yn}V8`J-obcvW7TNx>u
zo7(6*IXf8tZ~MBoDzYldCMzZe13VFEB41>@N&pdl;Acybl5kne&+2-)rnN088hyKe
zlo~<vjp)sz<!Q1sw`;b1gm@{`;&x>y@&~;P^xm0jH=SDb%ypd3zPVe>^#yrB6cB_?
zHDHULK5Qt;52IyjNMZI0A9wH+)=*`x+R2DehQp#6HI}B)9X)(Qv>8dNJ-mw!L9(e(
zQ?-{Iv<4sa-9UsLoul~<#%6J~5LtDlE^Qg0tFwmc9HUcf!Wq{!VdGuLUOFGOMZA#c
zmZ-Z;I1GC{(h+WRbsvNeJ0odjZL=KpK2iF>9XG^KPxLabJhJOOP0;P#W$V|jZ$F0e
z_|8*uwH&Ik!&8qj)er&LER8U5%{OE9kWQ3XzQ)4EaxO}EZ@)MX-vwK{_n203Omgo!
z<Q`b#d6dRB$agbt9)eYoDzUC156AInU^p{VT|M0H80e?(8EQKpd4?HF`Pw+gz8}R{
z4I8<pP_|g>zlq2#D1708ted2<(Ff?aT{zy)N^e0r!+VAX*f=heZZ^L92+|)cud_@B
zucU4ohfRS8y~8SMlb=62%x^%Qs60#0-c)xq3Kb6LIX~q@*qZCsuxcw-sVfW%^#U~F
z>NrU3L`AVMarZ~c$j;j$uZ!MsQL!Bw^9+%<&sX}nQJ<YZ{2*Y{_l>ozHC&Y2IPmsF
z+dql`eZZ(Fupdb=Fi2!@H3bC#&`tk~^K*l?Z{8^qz>uc!H89?LYfX*837`4G)|qqR
zXf>2?_VrKmn&*PY?B)rmc}Zk|w4&SA!{FfH_lJ7HPh4WC<sfs%Q>d_V5YeNL8xGQ#
z<8k}%_EGCGG3Wcuii?CAAn!O<tbPJ#^f$;eYPzg`V)sN<oo9|`@HWB8TSJ<TDka;M
zdRB9eH}^iz2gCS+?L0`NyZ-p(IM<k*K)t*E**BWY7P8+G({8&!Rdmld@%<l;Lf?=I
zq~_8BKhnU1vjw6~G4ug!f?wq>SPeqKeF;odbwu(+dG5J62}cCN<8IY-&%k3JKfs9u
zne=AJz^P<T!fA}E1FL@CwF9Zc#FvgP3Cd!zH<$o-ADd?j^H5bw;0cJ-+`!JZqk-%4
zc?Z}xgouH#6H*W4@G1KQB6+XH6TX9_z!nv)1L2ahqtJ<7ACKbk9c&nv`}436>_6sN
z;J>3cRfA+%IG%);qlFYhHfUnJcF(V~C{yHFEGNR1r+wrFm#GRYNQGrYA<N_k3;DL)
z(zHp5zW$~O5!Da27DrvX6ImZi$Q+wTYUVGAo-2<HzBJ4ICPKP^O`wXTcWIf=pnrS!
z`<jerFORe6p+1O-h`pg-h3@_g+T(#U@)0Seq$gy`5zZ2hx{FAYH~9YBvDJ?kdk%`=
zKtNRRKtKlnZu&?YJDJ)3C;X^tx*{v1e33{qSf`Z~&j?s13zQR)6K_N{>shyJSdSA!
zDj;Udgt|y@KrtpNbQQV*V78jwM76ta@Fm44J7x|w-u!4D`Mqyr+q9^huG5KvjM}(%
z1gDI1y?eTQyPw%j9lrKf9f4GK?twDutASzcezC5DtoXkR2e~yc`u(`rGja7RK>)3T
zK)8D#z#IJmE3i8&2So7{fdQX~wLV7Q-#w%$;@%XS3Ce0nHQz4okO-~E3u_~lqroM?
zxZ?%{K}WEc7Zxha^_!1DNqBKc*>L?&5=CB#s}f#nA(Z;Bm?3Jx`A}7;o7nOtF$Xce
zVk_9vVWmw2W5vEI?V7VnX6;4}FsC4iR7qkQjNMD%F3Uv013Bf|lFHB1dj2~(JgF5L
z5>)njZ5E~+(_kG-A;Qp#H!IowwK^J2^FXvBJZ;tJW~f!B)qU=6aYHtainDj7O{FF?
zig>&d`2{6dYUA{Z1Qw=qy@jO5{67am4}D=K<xrDN6DJ<oY1j?IUza1|=xFJLcbCCg
z){V<~7bkT4>BI`ZH7h9cuI?b^Xd2|xw5z%}=EUEciSc8)3h-sJiG3QUoZF@>F1p!B
zG{+!^UycOG1UEC~P$|!ZER@~&{OCyXcE>1`Ozb69o*qZbsj3|)Pt{06^6NB5l{45$
zGK~QRNJ^w^=D=eDR`hi~0`iI}DGSm+V-@%$5}EWoOJ;2a`aS{<zl^x5qu6>5^+$^G
zAaBxBtYvn(K|j;NlAT&WC!C{8tO*fiOW=ez^XMBrS}QdAHHm|6+k%44;_WCkPPXE1
zKy#AnAPIhk5^)8W65|XpR$=_SrIPF*;tD+`?(!r2t&?<vq?2+39TVY}Oj-+-rijzU
zY)(yIgq6jcX^<GSd>ayE1Kt^#Nw;ORs)@8U#EG;uSQNy(!e>Q{1NaGby;~OaeCr>C
za2p>KdmA3MkHj-*3VftZ7zga~oeQDR_k<0t3&eGf)CkO?ENtFN87C7eD^BFx+~&gy
z7o)JNNWVFw8ScPdrSW-(v1&<P?X(Pn5{D|xJQ*yRN`qQQcHqF@uJh<v>l8stK;wv5
zdrZ8uPoJozTS@_yPP~dZ)j?&}u36XN#{292)0|x&4fn<>$??QVP|l3%c#!cjsZF~9
z-fL|RY1Rf1hmc_M($Hq4uPtOXN?WQ>A!Bdmn6Hx&a6zx7eBklNa|J`gv)TI3Y*ESe
zOjW#_gi6}dkU~~g%X*|Is#&eEFIJOQpcsu^GRnRiM=@4JB6rU73CeYMj3Li>`1_%9
z3W$^BU~z_AsKepn;a;@lqRwS{JY)+kd(q{h5`evo`+=_AYUFH2uqge3NgYf3b4yOv
z4e0)KzaqWoY3u|!s>T9K`QF<4*-2iJR$vDvV@)Lk^QKSIThItvpy&~nD}K;a4$XYL
z?;Y36bca{C5|65+1)j&Em*{i8tPc}3o}as9Mr1B5Fo0MMe1))u=CA9zUi5+=6F&a)
zkVyZ1zbV!goUnQx5xrHq&<h&1)C$~+QSbT#I+;yVk2I|nnTV6pit|rbHvX!*_`7YR
z_mfexfqJ!YTlUhLwTi3Uy1(+OT9J7FTK$N5QnLwS+EA2ukU3GjEzyIK9D8^>5oAIx
z(T!}O1yaE?XqPeRJ<q$f<o3!J$CIJEuc2Brr+Ihc5RaRR%Pi+)t;SNYjl%JyV~@z=
z6!}C|`KX=>QQ+!=vD~{b4|+_rtu=N+Be88EC&IGm>|XN`<UV~M`GPX5F<mG*1C#xT
zUJcB{GuX_e`w6pJrnDAkd@~4EI9q)AvrPW3(a$jiFtYZd>cU^0%{fe`t0Xx6$SrYI
zS&4kJ-Q~TPq6@-nW03Yp$<f0O1SQQw@V4F0S`(^h_segV-oy2ETbk#(TLdC!gGiqM
zpWT68-)4r@Fu}(oSesG3EvAe+3EV8sADZz6-$eJL(St78U}fC0>~B!aFPPCU!DQbO
z@ZTXiShj=LMV}B-ALfb|ME#d((a}oLzs0%Ru(@5TOYZ+j?&nxlm)O(hyFqdbvungx
zFOqc9U=oU8#PFzA7orv_*JL1?Xz>Mx`A}p>mZ8*(Bhu*QP`^ODVD}8s<Vy}51@Lh$
z_5}NAUdrQ0me=Ob0>4F~7te1<d3Uz%{cXoJ9Ovh+T2LUM$G@6%|J_}hjIrx~8czSy
zQG}$X##(&Xth7D{%>*hjv-AdRKpw0CrU4g#(oB<S-B7nG?P?4Ca`z{9R(B`WX9g1+
zBisJtBKFqUDa(Gyp39VVAgJn4@-wdUILCX+eTw~gqw)3j+O`+M4l1{jEjZofVLu~6
zT}#z2gw>Ja$UZQYRe5bo=@xBErQT0CB}HkY-x}<?Ol(gZ+(=#H$hZXV`qnXcv9hac
zdORb7Q%&{8KL7#MizqIxlUOm&QD4zF&(vyj)U;u)G3%p<PvQCQu;6sWxc>!M`&_<k
ziF~~Npox!S@q?q^z$jSFbQ7oEg-R`^U5UmfZL6V2AHu#Z#HRKnXYjp(fdB?=)>87w
zWoeAFgUYjL(S{@DbaJiZ+R^SDrY3dTDq||;@FgUfeD#n^9CQ1oD&ax8@Iu{zb^lz(
z2CzA5g-&I@mO}eEktHbZ(NVOcg3uKBsFieJ=WX-DRL~+ngpqT$sJJL2AGkX@T_Lz~
z)#VqsY;h^n_WS|SLhEv}Q5CtwkPwzbm4tk%h<~JO&(;j%^=b(LV`I&}WUZChawbkY
zAwH~sqv%eVd4mFL3)-Usb9Rw0;<oi>Vv>#pQAOlh5%$=E+!1_kBp(;*%oSu-C8N4S
zqj6!K*;qhk<~sdELX(zhf`$fP^`$qMt9h>Tc#i&*CXSfz0()$uE}ZFYeTeBTjy5M8
z2Mbfy5GGhi2#yrobDZgfUqApjOeS;-(+Zh|-3|rW?NJZk_HI{AGBu~Ehm~X`Liw(-
zR(^=f#N`h-W3HJSq#C-%mJr+viWeb3=}Q!}w@^Q@<+o-pOcj^%wsTD9mvki!Du<cH
zFdD!G_uejaV{N5~q!8Y{;yE*e*LIA!Tg*#v(v`D8Sb399YWr7KS{h<oTtwS<{Qd0%
zvMsDMEc8K#`3lEAh^SIY2og?I)P899y>`3ql6Aw0IP-FpErMrhq-eMVR>Lk%DX^$?
z(TumchKtG2{e!kZ43m+%Gj_f~Nlw`9^stB3d~=qvBw7RUrrsO&WZ#)^_=na9X<Eaw
zB=P(xlvdQ9Pr&ZX&zHc2rja^>=u&SzMCE}PK?<yg=6hyGI0#?zir|>ES~q{5z0wm}
zLD+1rI<d0@b>V3h$Q=2moWf0Qfq~Q2#H~QFSRN57ZWaCy2qL_~!}GpBuYGL%=dw*-
zQ7#_=HXjkk;*5w`hKT5Xd<G0Z#iY;y=t3z4q>0u)Gj2y8PIxqipYkvAqs8}rgiFxv
zu$sMePq{Z7afwff0w0Sz<d8g&jduH^_F`9dcZzk~;=jOFBP&JIt#g@UWMft5WebS;
z2C9Lb31$%uGNK@mYdqz12PM29g})SPSXKL9^9HmD3@K69py(9!ngFMY+wfbxPzajq
zsEV7GSyY`$`i350DPHYjAS=(v|GBNT5Qb;}f@N!(DH<bq@sx8!huN-g<<2^}sLG?%
z=4a*pz43{<3-1P2t1?|A2Iau<d0L0TeM;A~1^uRi9E(;4zH9%qXVi?w&luOBDYqPf
z@g~%zlFIYe9WvTi(ktQ04r?O(2StZ8eVkspjWs~7)`0B>lkkHpB%mjI*sb96Z;~2|
zMJiGGU#yJ#t4ZtM&C36*JNyMo3?KN{l{g!7PytC8W|X)%zCxvPYLxZg)k=Aba%FqV
zBo}>ib>W@Z#jP^exT2+uK2eM=BK7d-ZpgT%MqPLP+q>1zF@=lARw+zG^-lsc4m?};
zInVA>?>xs=KJDKCct6D%K-i7~M(S;VRSCfCPcog(Korj8*dqJtgv7e?sus*XaaR>S
zHSQ5A)rgP$A2_gDNYG)pc{>tNuiHOhKfaB8)X~|P4Ab7U?70gy?=?t7CC{aJDi6_^
z#^W5PPh3^tH1pW4tI{$Qo6HnSr4?IA95bxXwL0h%TU8V+JKX2#F00}x4k9RViZ7~+
zQE)V;(Wn9K$qmeo?1|fA-JKR}9#eI=oXo~(%g&OHu#U#|%WJAXu#h3yUz-f=)$_P{
z*cwZ^3yU2x+7l==PiGraSSN%5>eA><RYs2NI>#>cW(O(GmR99FeBKk<rtWu|V62pI
zdcq=k_XM6G4z#OH%zY?qX)a9{lj_wwM{4}Pq@S+pYt2&tUZ(fwV3Tvl_rQ|3pJO*W
zOtAu>`nSXOa=x8qha;RC*@Kno%-rWua6J-Whm4k<ihI-zDwP@C8YyVbN8symI2+`x
zA*C!09)IZXN~-<tzup8c$wMn?)xi}tO($Lo+hR#c+6?ix%H|~D3}6C_6K+Qvn&SnB
zw<!M<cr5?cIHs;g%|aIA!tzSD1PC#@UoU1>g0$_$New+qVkKy?Wz%Y?e<l#fZmgOC
z#7D)2Dc4Y_%H7~<$B*DpK~5BIN+Q^{6zpNODVU6uVE2n6O6dylDXB|eVHb;p2lv^k
z_0;wBePu}4;h=>q?#D?><OAG8f2C0(p|O3?rsj4mLxXJ|{OH(AMDWxN`4*gQ{)%5K
z#(KO6$@37P?ASL+yx5PXS%ga0jFvsB$k~%@oRU;OwA-XVAiU|77~clSDu4pV-eSA@
zaWey2vKvu6|M0}U!0&0oXCNA5J4Ig?23Bjh^y%Y(eF#uQ+(UNQZ@}FBa3#M$7IXw~
z7W!<P;bVopUGJ^fG0{1&q(u!#n4Q6<>}Yo3B4+x2XKa+TP77NE=U#>iy+M+$4BHP2
zOV4cmC?COC9choej`27l-;k$$3)`H&<!9OyZ44j{dchsWbnGi8FWTeE0PA>L8Ac+0
zN&HAgWLtiuPpXk_nn5dyCIZn!b<n>8;vtBZ)mEs#`+`o!AjdIwO1@3RxGM{qc_3XI
zL`_%M;XvR9C}UQ$zA_pJDTI}I1(!kKP~@j8ePrIe;~|nQ?>eG)6?Sz4Z;kJ9k3Rae
za!7L@6XRXChO+J{vn1KcqHa}?U!f}x!nqG7fBWT>9Ab`y_mPcHkop@L4KOx|LHi#(
zv(;%MUyW15_(Kl^<rpVafZ*9bXY23iWIY1=itv^Ps5u;qmNoW-UmZ+oH^DiRCTtQC
z`!v|Tmt|~+v}}^eqm%YMSsH8?HudT+cq;9y2(uH!45`JfIYcYcdJ(h9?%}vgxsj7;
z=G;S<6`axrp=6=^B37ro2akY7oE4-VDe9<aB9G?IDD>yAajEJSn8Zd*!!U;*Z~8!I
z*Q~wdLND77Y=8Xiu$7Cru<`95KtMQuVbb*9j!37!8VvuhDy^cn?K~X{w@had^(wfr
z+>q(;(AytTJU1MHfN=3diXbJXAU6j^+WV2LF&Dp2O1D#@xR)OvWCPA?{tHj`L=soG
zkGI^<I_teYzTZ$g<Q>dP_KbbiSX>)5J28!}mSsCRf|EecAXW@7(?tnS?1Gh>oJYBC
zNe;<E-j&4?E=SziAR%`)EGV#*+~ou3A4d2Onml5oir2>UvIuP{HeAjrm+?%nmfqvl
zQO`wUq2B3aHjdJbyFCg5*CiVm{8eqKr$iiRXN5{6DYImg$O7@<%{c0Wds>p7SeP{-
zfftewuVNbU5{A+b5{IM$i9r%u*`BRv=2vY=GNQsAj)(MAxEw5kgC@woinp$)43^&1
zYYgj2wUf^yA9CB22`t(MX40Z>7*bE=%veAD-t@kT*I?_TRl-=X2x<y{<^lS?Jq<B<
zw91C89+K5X%P(aTr$q_#%l2c@ar$0|WY<MLby<${x9qGjX&z4U#951>pWPm2(E?b)
zXLuwYfcc+y3mNNd!Svhn5aX=@rqoq4ZS48_sE@y;{3_K7@!_=z4}O+RW`}soNBIvS
zxLr@nRiqB9oyF`XViLZ*sSdd^Es+!Tk0z7{g<=o-;;N1;K`Gbyj|<~suLwN;Eyldg
z6|d<)fPfGnfPl>Y|B12xyB4QpEsM;L=z~U~dPbn2<OP9JjB?}U`(yhjs`XE52^2$z
z?i%CAwn|UUpzi?)X({H67myDGEZ#C+0Gp>OMZW1rfwhgRi;GK6`l|cW{Pgp$A6b1`
z(B@HCYzYD|RYWmouWHcRY&FHmmqghM<BA#_)uD_Y?kvHM7?S!p$BJ!!k>E6#Z3a6O
zg6r<PP|orCREeG@w5utWp2n4VMK@#nlNqlji!&f013|ibu-WXpx2I<Y@#E^9CkZ6k
z_qglcdXo9e&c*`NVSf6a{Hqdd?lov13j9gjn##o1nTk2Xhe4JQKS&!Drc#a1F`si_
zXzhZO?JJEFs`}y!3V^SaisdL(^gN3Tdab&(5F<K&%lR{(Dx<d(!PauMmf(hg;gTwi
z;?ks$-6cz4xG5GWRSn)?2!>LRAFL~`r5Rkrl*0%ryv9$|Q8S{P$I+gPVQMf6#$v26
z2!3;Pn)k{%qZO!;rsC?z_dlPgK@jh9O|K`{<vC@-mJj*p?O;{I_$YIHbj*NlqpF4z
zVhsziw$MLVMO|7bw-M7kJ`wGLokuL0?s3?pwS|L_ygk;Tze`E&ri6cLoPniph)nTq
z4KQ6{q|w`>Kf|I(P3-XqUh66_@o_7Ed@oPkyyONjwO?D!Iep7?$J@AlCfR3dm)pgz
zSu%x0PJSx(5^f^=!Rm{mP9{-X0fc_-krZLzZWk5M;7tt7dh#3z9fP9^s-{<3ZrEFo
zO1^SP(hTpgdTRcPKakbFBBQ+H<Kz5p5)C3A=+Z@!1xx)ISc2g)ys~T^7W+GF&5t4}
zeJ<#|R2Js#q+D9?TjP|_z#or2!6ZJ9H*NwxHmV2AQ`!N>Wu{EmdWR9#iyuLJbp)QX
zp7bGcVdFQg#&4V8C2?sw0lf?_=OD_a!fFqmyu)41rV?aktFfgS5k<J6N^m_*vnOUy
z#zI24x<Cwk%F8RT;Qaiz##L6ar5PDTiSbNJI?IzX{c%pGnj;NWLG*XBmTHuE@D-$^
zuV|)i@~K}0Gw=>elG_A0@R#rBae?xDvam*ULJk2gjYh0EA)Eo5Or_#y{l*ssUGq$`
zd7pnXOZqf^W1&F;0ga*q0V({Ov-Y3)nfmUCt%^F_YdNl=zV(92YgdO$N)%1aYeXuI
zeZfRT?|iNzFM*piAfvH#H>4w~Ltd%8Cx-_%H<!XkK3&oUQ=JcL2g7F0Y4j3}`2`iS
z>-yy<lkatXC81-kIvNztT-bf>$n%`#IKB1x?z`OyruS<r)_}8z3U69uHn28qP4)bS
zS*sl2=%&NfL$e=D_S;Q9s+(vZTYh1;!puvNtA}|1kPPd_de)6N;(DiZ@0J^LJGNjj
z{slz-T_3bI;!Xp!R`{0iLv2X*_lr47_DgzH?)Xb^)G~3ClzK&RDTxy`H*Ya5Mny6!
zGt^j-zS)tR#^hmBR*=WGn?k3O)!0jMkc#LG{iMc(n<-1u<H$>Lkj8Y-4gcm$wIEW3
z=X(ip&=BLjfw}-|laY_R45MtBqxlmPDFZn(cXdXGS!XtZr97!FLp(kDo@9o-4yyw>
zcaHQix?1G1LP<`ug9e4|+0vn#4D-=31Ldt`WJhuFV^(q`uhl^+bK=2J|ER!qTF}s;
zg2kEH)ukj=Ir^g8*4+GU5aaZNGhSCIS?5?4t4o+fD+b<vB30umqK@f0sC7HODRS|y
zmUv#>alZ*5Iiw_dIRggLqQPp^;;6yq5XS~e)DyR<$%1M?`cg|nQr+IvZi3Ol%O)Je
zu<@&=2NMbjjJLU6=9oa;CB9XeBn6SaIjKZ<LCRjktB#AhqMdK8`Uhvey_=unacsHz
zyV<B)pn#TVv}sh9@sXlRNWwD&<|JcbLbeGjJqhtbaaYv(wciLN%_K=`V{lZ%{gWiZ
zkdPm4TOiy(6|~99+1f%T4KeIC2@)lwg&o+c{8yNXI0iJ50Rn_jBci>FqHIAB7ALmY
zN!f^UOEh_XG{ChndMA2OOKIMnqp^8l1v}-es!D(gLCqv_6ec5CDV5x<Rn_k^1Lyqy
zK}wy38n7u&4kg`Feo-2ga_94tnPDqw<~)%m1Q^wcE1i|fTRn5hkz@ZkOy3BUNw7YS
zQf1Ggo-t<vLxd;$s6V?HCRa|{W@2sv3F`R~e1+967gL88`nX1D|D_;>gEyW&F=mZg
ziXRpifFv4&_4F|HM$L|0CUESVAU@igM^%iP+Vob!K{6!~_WHQS0-vN<yk7K0;2R5>
z>tRoxo^?#(jOW*2q=kaD$jw+_K~a3@&>0dMT5e<PR%kkKim5-XL}FXg1f^Y69+QX6
zMzlay7pH26XAbs>A@>)JjjAYKn0)|MH9OQFDu0|mWct%5y)4OJxWDrBc%Q`Cy3NaV
z&D0fd@Sn)p@RcTQ3?z`pOi-er1AEGMth)+#V86)nyEl48?>#(p7zc0E!F>C3PXX#n
zOM@42Yyk{5WNqQDZp&1<6Kt{MZs^zIZKY5e{UENyQ;l-nr7Cb=M``PzxINSHr=FEY
zf_C>q#IAEl$b;NP`BZ~+tVvtJ?xypRjq4IMV_@V`sCNY!k`|OHpV3T&z#}$I4^OZ2
zjHa}eDi-oY%Qfp86hT?pt{r3H;?Z8G(WWVln1IQ(i5B7r81^=l(zN4#3zkaEE-+Yd
zBDrtq=Yz2Is$}x4(4jkP2PHjr7C1}vJBy6urM%@uDKm)Pa8G<6O@i>Okz;&K`xK<{
zj1@Sg-bo46kQdnXY;PQJ6jR_3df*^|->D6xCez)ym!COLAXdC;EIxhnUqtJLTPzuL
zA%Qd#*cVWZIN{ZV4>T4;Q6U^^P?BvSH1dhWAE@!O88I1O&I>w%(kE|cqTgjbQ^JcZ
zZrJ?%$(&>yBFZ2rc*BBEB3H*N@C)_MBRR}_R--lE(4m*sF*}ekNP-JPx8@SwD=hqv
zp=F8mv-dxSGj1U9jLGA+4akk)ezIE-l0s<jO!23-%3K6=MU218X0jgaatGL0Yzjtu
zFR=PSWwH*jZ?aqySuV&Q;PxB3Z5-h?kXQZ>*4{B#lxA(yT()i7wry)K+qP}nwr$(C
zZQE<@c~6|_?)lC{M@;lLKdLG!Bl1^eU3upn58^4fq@r<+YQ}L%-P-nDWpYXWI`AB1
zeyhU&O@;bKOzUe6-m|(J8~@<=Kt7gF{OgYSmk{4?U>DSv-v*g4h#Z*WiduoKJvj!I
zvP{A$FgcI(L{cf2swn$WF?U}(Y%wB|VA5jpG0e{A<le@9sI9^9J=Y*Tmvmh@_#20C
zrSU%JF~kmV8N0Vk0~&5`DcvEVu923FSKyco`(xc7y4xndKMUu1{&z~essQ?|9vhma
zM(&a{t2NB26QRYTDkPNX#$Q^?a9S?Rnr;3>_HWx1Y$uy=Esc(?lG81nwr^$Nl+{Q`
z=oQGxlr^-~9hr$!;a|J(`bL)<pXTh|fYskDb1iYNr?Gbp@iEPZW%eygdPIkiL%Jfo
zxpjS;SO%_N3+|KG`5$>?az&<6v@w;nXhaG8Lfz49uTkZ6x1{#bN1VTn$7~=!KsF@j
z_%2C)%F+8XTWW};KVy(RYAi)hMDD9kMCOA;u)tb%(UqH!8M^Q)ZNpM3+JigVA5d<z
zLIz&ft9tVp<-X<2u2(KBZ*HSpZ%P--DO46OMSgE~=@SnJs8YVMWS)38G+p;XjJ-tW
zBTPOtFikm;Ol+dyKbbBurvy<A&~%M~m469{hLZUNqO59h7(WK~#damv%5EA?Yh9fC
zLOXpkOTMs<=c$Bp5uB`@R*pJcwTsma*3>kdx{<|PlwS-g7=`4^eC~F#$~A{>cDwS>
zzYY)0B7=+Q3^+z1l4`+gUHu2OZva9bK(WiA^qSB7AoKJ)(tZvt>yuio^*f>-6vrId
zYuxdtc(3E?uTA{$r!>l6{r+n>ZEOmbJQ+LyfOQoBfaHHeg_xPxnmAe*(f-e&8J(%r
zBMPLQHTCoC%pGSh#-6G_oIm4^ZTK$MW-HEf8A)Nu4YDP=v<jx3>Oa^|UQeXJ5{<Ng
ziP>cKc9#aAZ%7Cri2n29c4?yzQwQSw1-o&&D9rSO?m_IkY%#)jta5p6g5Om5e~aFh
z<o*5%U>XkR8MMZ+=i-O)@`pFgAdfbu3BR;k+r`fl?iSMMzdep==Xzp%c-?V(3id=N
z<g*)ah|<VKX+8s?+;|2Nl>Uk2_kKS=3E@|jgx<JgiS^`v;zz@jW;!LMG`+qjB}JUV
zBw3Gqz<137(4hHsQhTL~1&%I!L&dvRjP$PE`-+@vy1(c#*{g60{&Q!*+0&kVJpl-1
z-z=E6rjd$A6uPJG_|N8w>g}Em!!Po#N?8xp$Z{ZyfB6tOrW>dfx%Mt=WZhEOL7QMc
zl;`0k(pQ+AUj~rnX)R-4zYqgq$B`L(`*pQ&<ld-V(-lR3x}>L7g1&cJWFmg7-HLqe
z`OuCfJJ!iYDe8>^Viwcj{u%24N<g*0<LVIL_qVJ;BDFMZN}`!G^N(vftb@PXV0P9>
zYWnB^^eOI~iCY-i1x20YN?prZUx7vw(sS{!Xt2tHRQ#3H_Sx$#si4@3Vm@X4qjDm{
zg6#+gQqoX&dincv!W{B0R+wae1||M29vtM8A?GK5N_t|{FfXUHw=^U&FsF^>1|8|7
z!QTb1eD^HS?p(yYHK4dg>#iS?9+`-wDLTeYdje3Qlxa$N_*noVfZc!cQna+XN$I?o
z-9dVa@q5E7-V0OFruGW2D&`ZYzqtqFXGO7p%jRZb#|XyDvT(Pof`LRT>XSL49EOfi
z4_X6Zg&fASq(05{ev#{pR)i{jm?9e$6xHg&P-2>=9~HA5k;Mf^T5?6m5b-s)-A#Y|
zczti=@x``pzd4SW%$q2)e!$~^&ANJ?4LJ-40{-@gokKqO`TeF%YRE^YkYD%Qb`*dH
zGj)Fmeus@&1WyVXOoO`#<T8R!l;8KFWO?>gXE!%XT9K5ZUE8uTxuWQZL=q^WP6Sch
zUG(3p2UsPq4`Yg3rXDyj7|sxNw`G9_a%{3n&--L&3OIH>x%cB{<UKwF099&MN#??X
za*{;@(XhP;7##WHFp3aaVpNPe^5_=tL2S95Uo{3V+cZYCi^8>|y0+F9^5jto6>k>X
z`d-746irx68zHsu!7|s4s#@P`kx$V>&nu?a2R(4!sj_vTBv+l>HF&70K^3RVcZ3|J
z`ZY^o;e3XyD(AmYC*&_)?ojcQQQELXp<!f#h#XzgA+OD$njnTMxgMAoY#`tGd(*8@
zOdMK#M=CSkcaBpO6&1`2CpH7&o6rHsNv<;`u6&f<r<EFl^9hHZG<T8_<|g>dXIbK|
zezEwbAfvc7Fw0PG9w<)}B;H^`1rrZo=eor0dS^2fP90I3w40;XsfWWg;718K5&yl_
zKM*TcOeQ`kCtmdMV#p<X8||1=@wVs9OdRxZCQAh!_0020ObeZtS9VTE^1Mv~cR;W=
z-Yvyykt;cO2xXoFHe=K<X&Jhj!|R*g3=ZW1w@dqYabWb#rairy!!_xP5$n??_~gjY
z1NnPZ-e--fQ`2$o&Z^la8JqgUmhfQAg3AYo2LGhiJQo$V+6jqS0Ipsp>&%uRM_#p{
z&xqd|HH*LL)uhbrMx3m(w!$QJK<Be2dfGPPt>S90fzK;WdAoN!Y=B{M=9m-?y;AnF
zX`bRCWAt4~X&()IDco0)P3CyhUmDeQ$wUcvg#KMCrT7>|*Hamx822c0;7wJ{&7UzC
z*<5}}d7@PHnIt1?+2<$b+&7px%0ahvhnVB!wnKnufj>2=HdAUFBr3vtKKCV@bX7ji
z6Ps4_(a$0xwJ?|TVQzxe7cy_|JGUbUz39G?2e0YhxqR;1oc(g9V=QA^jgVRWwIqq1
zh+sMJ(ebwgRy4Ai?T9|=q`c&;SOR*(v4LR*JY?9C>5D1n{vv1&Pv_IE=Ng{;YQk_g
z&z1UKKhtdLjCy6*jN%}JtM){=Og!Z312jv$q>9wNJp-?KNRbCMr~-SInXM>1Cy`4^
zTtm0{@^*MOT1|<I;|3WsTKT4_FDCd?NOsqd7U|<LVj$#{OX0S_Z%!ie%z<Ujc?*6G
z)h<dsjbd}S;B{;pnHmcXK7^n4jTGAi&Ja_(+IuAx=Q2>Z<9UUG35{AW2I-BWD7jh1
z0*N(9hULRd#}vyd35Aj@v0?8};#6zQukCq=YeXX&47hlm<XK6Q{tY^%^1(p6IFM)>
z@{!c&7e1(u0~wvwI~*d(;qnsbg9m8EJsaij9vdHWdXJuQ28gUxp;2V7)NGKaidxNQ
za~Nw?n+t8Ft~ouEKkPjaBaV!y14Z6>s}$_AQCmahKt-;tpX5=yllIj^J&F_l$=K7}
zn{Fq4{W&Az#o<OWgk$GLq_g{MsE7wQ!4&aGhcc-4as$Fd(LrM;V5tQaB*;`kN0{nW
z<RcD9YC!$%2fM+ATuQ;2F944n)EQig1~KPU`wK^9CueC!93A+Jf)ECD+qjOAg4QuN
zv79;oXSG6MWr=LenY{`)`ryK2n~L&~U1`IUBi2;>vWk^r4bX1T1G>g;Y3p?1MB`}`
zIAT7Ved!a-Id<G^b}$G{s4b{U4ceWatx8PX)}{Mqo5u+eBeP?hihJzPfBpvcyBp6B
zQpt=JGEXA-5f?z*w`QHVB9s(OIVmxpLjz)hAZ@6Bf8+vP;Qc!uiy(mK04!XdNW!_n
z8VZ6Q{&e6VinS%_%zuA^s*F*PSFDuR={6Cn_C@>MofxxTGk-%q1&T`MQ2s7k^xK8W
zT)NK*!)Way-{uI8FMJo_lb0;UsLEI2h-+|ZD|WtB!w5(#u%@RE(lRKmo7yskl0OG%
z2FU1$H4)V{e<D&`%pF*ql{DdDx!p_bKp?vwt;>Y2W8e8JaEZZa+@zMqd?do-11^}G
zy}AhGWsFq_eO5^v@|@Mh+5T2}4D4*X**YHX1+**{=$M(xzNlJpKw~Ub<Z{9|-u~|}
z$Q`+rw!Q4yT5k)y>}e@rm9s#v0;%KtAOBzZ`*J&qK-tt7XNH2g1f^U_Rksg2L66S@
z_cM%AIOUtGvV2Q+r9l^aht0);HVZ@N<y9%veeHzQ$%@QbxUqA}fJ`<7aO0d3Bkt+X
z%(mRQ2r@*i$39#Jz(oqX!3`iVjeH&>t`S-_REAjfDU_9^Q#BQYD!$ApgxX<L@kgB-
z1(x^<hjtgbet^CJ7&S(4+s26507nL=m|SqNoWuSC;2McyAHi9|rJHiW(Uy#<hQj-!
z?uZ+-Ni}&wZZbENd1TElez03}&;n6M8%|$>Qrk`>b?ay=`Tai?F0s1&K4$QmoF4z&
zoGxea+C2|v@mznJb9j$O?U4e-n4vXF8NGlZh+^tm#EY_nn!#&w1DXSA=_;G>p>q}D
zDsEcB-KW&N8gJ}_@^#4eJEX>3JLSMq#XZm={EbSwu#dPh5jeRN6-a?#dg4Ux3+&4C
zg!3Z^u;*Cf*2^L*)n~7Ik?k2xO~{n?1lD}P4-6AQY)acV+%y$KpJ*m*@BGi5iz7C3
z%(3DDX)0ZzyAG7psBN3XN+9v4^7<nPo&zL5EJ-r;F-jNmbxY5soLoTGC5+vOMZZXa
z_d};7ZyRsW7Eh-e%3P{|;heO>^I-}b8^CtGv52mUB!!J_PM6|2ESNO3uH2a)T3AZo
z1_=Mu%5PZSuUNyDP609rAp@JMXTw1SwWWtb7VlK@q-x1;%lhrAjEIXT>(M-gYe5f4
zChsrFB{~^GB5u9ij@yR&AQb{A6(mAc2Pu6E8OmP!(%OoppifxGq0jJE5g3s!;ll>b
zm$^{SGnqZzYy(ibMvh4T%0cScYi?Z9yy08}#5vz(1=7?|2FFVidNQRC5g-1}FU3}&
z)_=F^K}&r2R>BrLel3HkHE3A^OWDS50yO5DD*AJCwWNOx2EZPBk1c>HH4M1ZE<a2`
zsBw$MRsO{*v~h;`yEN#|r;OW23MhOb$Ei?q4W=)qJ%4JciPf~C|5;b^2iRp^o0Tcw
zyjTwS2`TseQ;TRf)AC2NOw}CP?3wf%ri9z@r(X`a*`;<e%!n|jFjr!t6(EDQO9HrB
z7*@L(Zw~j09$hcyecQQjqUGG7%}%BdSVIS)5rjsky~esaxG5nHRYQ%b5ok(DPAz|9
zViJl0+v5+QiI1rEKufX)MLU};R{s^%_+inBp#vnq=3=F4fEB4CZT)p|B@Ni-rTznR
zEI=w!bbHGM$j9~NNC=&_TJj{(AUS`ytwKDl%x+!qO%(V&XLv4*si=y*>;gWx*<?=#
z$9wx^qDb+YZzSRnHBur#Nq(68?vT6BdYMVjVRb)==fM&GPjpZ)xOX^~p28Je$D@ZD
zIe!c}$tQNQz06%iy}Hl?&RwP6P-D<7@#N~mXMFkm86C4gvaT$ty7~S28w{&&!hE73
z=T^`4t#i+sck?7*nU)E;A!X1z9A;U%QkjhwQm4(j$8<Jw=iRi+wZBv>tVf?D_r^&U
zy658eW@gUqtn}7rPTvsp1oG+LLUT<LjCz$~`0JK;ioA+0_*~8Q`^ywHT)*}lXp!wr
z5<n={I`Ofth_@PY^<OrN?DXdj3UlTFzb*B?O3OQ66WpTqCl%eLrQDSca{ex<@^8=T
zAFgiFa>tl*US*5m-dzpH_tdV2x}x%(dMG}3`m-iGgc=uxnng~+_EmNI>+Zav3fq34
zi_MIRwa;B^h!)i&wwZ(F)9GcpWb#8|HJ)_+bTWu>J!G!rEOmi>qlPrl;2K+<O_91D
zLw$HI62#%FfxDu{8{Q!reG*8xo6n8$Sp6rEmmg07RXUO&rS{)K{_0WmhJf<yLz4a4
z7kY*x*XoEU4{<G2vnN~Xt|2mvq-5RpSBIg_?Ro=kEpg<&EK?3I+;L4$Qn`eaDDgAY
z-Z0B4<Q!^cQ`}Uhfi#Ln2>X$8(C<&soWy*amGdESyZ92ySd6&Qe~wY^Lw<Yl$>J&B
zX*O74yE<ZluyS6>N4z6;z#<#`ynb8AThs*{MlwWpDg4xIack*~c-$oJ2uI804$qP+
zr<}V>*O+OODEqufWPo*KuX!V-k>6g-<+>{5>^3o8R4;w}-~SO$V?|iEhXe!wU;^^r
zOHmX5_hI}$Q`D4o{*|J}yOe6HLnYBbQCRriLb?#a_yB5Xh=8z^Z&4C@-@FsMRj`#|
zYSx;XcM^q#`~&z)akPU5jihV7J#(Go^_uH-yUYD`_4bwrkZZ6qP#A;_O4HFEp+#qF
zv=I`-4R_0QyjGI<3M#x>#e(68-ARgJTBQ`RQ@n-p;MIqTs8o5`ABW{jqx=_RdZU#E
z#;%eJ?xR2fw?c-%gI-E#(*b$7(JTfcQDc+X)_cYB67cVGs+!26#!y=bQUeU%x9BRy
z_KYBbr<$b+PIbKAnj}s*Z3a~898xaMr%#?iLn;MzS0Q0c@uV(QNe%yWg4(W}rWkcE
zXT1<6kfg~)dVSI7nL=t9{_=uNk~7F#P=1wGH(4~P1-0gI-sP8~5a`1b(b3U33+CQR
zg>Ch>`5c5HU!OwVDE{RArypyE0UeHD+?XQVEvf@PJPr@dA!0WXR5^pSY~=^tYEY4K
z<kLlV`?B}hjeD>2bg21pRlJ=@Z^5j5*q~BT7_phgLnS$)%Vh=B8Wphw<kXv`s^$4>
zG3)A*N1m<ptx<Is%-3!oQc6VJ8zv}~>kfCjMk}&oNkG~7d|Z}p^eqrw!d>DUl*eO0
z$jUZ+{f{-J@}#feEq3XpUcz4)JEru~GHEoHT_zqB3w4|ZdrW3yGm8_5jzF5z&}^jB
ziPDa`MB1gyf*+t7D{y_l+W%)N*}tqHtd8MjPe1?wAJG4v74(14`CnF0O45|v5Cekf
z+Ygj<{VaIB6S6wUVi-~wtz(jf;XQFAuEH-~mqNLe3On}HWA;_X!^?KTV!r{xIpi|8
zI@p0uB+0tk+NnXoK5~n&O><=Ur@KMVAMY`_GNm;FqHgw9vlJaT?d5X7EB#$7Qo%n>
z45@!~Ysj6=Fe*Lu(QGGDHRJgvVqfGqBC3BnclrcPcr)ymAlYowgYzuaaE3$3z?mVU
z?j5s~6G1vq<(int1#O#3>ZX`x%;RY$Imkp2k0)gXADD=fa?XMtaqGYcXS;HRavpvn
zV1+Dv5ZO|q4^u0^n08R?z0K~XOU#tFnbilb+6fz*inhSUy}UU%@(Oev0LSLkoutQZ
z8}ssQ$E>jz5lp@ohRzNZrv9q(t-!48xBr^*tSUX$8~6pbSe({tP~P-XOiKyKjC5im
zO_H_?#_t^3^Fip^KcXLybRfw}h*5L^#gmjEzkHACpduR?w4jj{+RCO-D?qSUe{wj*
zd4hR&e?b3Nyp*>)G9mo`fETHM&-vfsh0gl_jTe-~|ACjA`5T!gX055YN70ywUjV=4
z2V1TG4PItO5~Hv=X}tcy3!bgfNKh0v-7S-hodoF(bZE6+B_l^xCn3h^q*6pru`>F@
zS3Vx162%omxTPSCvL6UnD=F-d?VmAOUlJ89DrBkMm_)Lhc1WX*7O`MSnj1#;0Lx{U
zJU>fGY9fp3gD&COu)cAwptcow(KV@>=qT04Dy|6O23qBT!#{&bMfvCqG^$7@CgRJ*
z2`U@XCC#v4oQsoMl0)VrZJ%ls!UPpGaS+^<Zg3_h_kuP%Op;pn1Tfs41Jr}-8lh?|
z;ruJmg~3pVXQHD;|ANcXKX3^&-}_&1IsF%0e3MTfI3`DWcy5mZqQX3Q0`tV-NJDQV
zS@%Xd{k)|d2y>9rGVi)^=h9*~0Ahevj<Xc?%b%EK4JsCb5}2z$Pm;o^UQ}4uq=o+l
z7itsB^D9ZK>e44TdDIK<XqT{q{=e#lEDsNSMFJzX?_uauu0nJx_b8a34oguBIYXq6
zypOsDncn&iGarDi@wCQJ8}#<Q29=+vOL-TvV9d|Y<AI}E!Ern{kHTnlMyc00v|;ho
z<A%Qdl==bInO{^JL^Xdl=@&a)A<zy#|6^;LSiV(``)BPnL;UyFo`R#DyT|{EPGS5X
z!J%79$btyGzya~?=@=xD>dWPl3T%MgfT3Y1l*#dnfrF2ajT_Mu`=)4bMEB~NB_$_8
z`1|62UabWZ6%GcZT&+Ai&AjCDa&K}r_WXQ*ff(XaAV%XOhytxq+!%|7c}Z`n8LNWv
z#OR`VhRW9vY^lcT)mn2pdxuWI33ZguyHfSYW!+@OuRZD5eZ<|tJFUhwS9aIlum+D(
z?RnMx4%WZG>te4-2er|Z+(AQMocjcrw_pkib&g;f8sobU*{ilUm@3g?NG4k?G`2#C
zlYKZalp+|-=ZcTz7MQftl0LfSgOxlcnRkzMhiYviJ6U-46yGD9OS_G{nVk2KQ*~`?
z#E<jDF`Sb7#m-p3&W5W`{+@PF{gAoA$d7+AZq<fMgBr5Zee5#6Fq~R6P}vB>yyjc9
zgh6wV>cnYJ#~@!}dC|A4T9tM6+qW(=j^8`X2Xh01C6j9<bLSx(otNHllhH$}MkD8}
zFjq+^DOD{tTc;5<Bf%X7goe2n6Gk#)vGA<kgG6DaCTpl2Rv>}WEWT~l37MW>VKH`N
z8(%PW<7q%Lb>r%{FeHCIO=5_Z4|2RHU$i>XZ>EmO%C9r6(}pcciNP)%)7ji}ZXWJE
z+i~-COyG)6R!NADYIia2+0q<4rk5H~36Y~kjj4_#u}R4eahz|F)%X*32AI2^Vr#r|
zhxW#^25an3NTec=XIOh2;E?$XD4RQj?DLRaWDI5!Yt3Lx`GS509L(uRSOF%kK5~jk
zf$=E^J5`{|m1CRrkk6_PcC1316=Rn<QsrIs*o$>J=)MkjNOH7!9t3wew8{-&ic!tm
z9>Kj3e)dQZ3uZ<#gs!>->^_THrd8+^;FMPM1&sekCB7g`@A?l&0DxJX|AWRq|J$Yi
zKhhyT+>%!?eQ%A)^q4-zfsmp%!y!mB{2}+nkdz6lvFrno0Nd!3;*NtRWU@hpu9VVN
zODwepNL#21*~;4${zSJDMYt|(;$Pe8#GXB;<t{mWf+rU(p7rcq%R!I@IJG<NeeHbp
z&OO<_ohH@oeF5|%eV3rLw9AKnnYast;!oWp^H)CP2ZVhy+~-&GSnnh9f7jkC^M{F>
zylP<Ljm^P)Z^ub}3k8!;)`NRZ-IL@d9#{a+VPHHPq4`qg<)v)Y8N17co|(80^!GA#
zhyOGh)J^MB4Na|6tLZ)*tzjf?01iA?!qiRNcfx?1xC@7}o4894Xk)`|Exg8~Mr|;L
zR7xygI1H+phu}7PRkv5Gx>>imYQ{vgBU@U>1q-<{+=>j+LX}`==hmaji`ax<L)lu|
zoQI2eVYO`?;L35JIb(eZLsrJIjs_~0@#8fGMU*4&?O-$w?&u^0jLzzk+lFOpbeG6J
zyO{~7m|on)!$Pec)3(Tss+r{B-o-eVVUECb*C;g5xv3WTIf}WJM2}*rha&s9E=O`7
z<gz4pc)YSSTNrq$v(*YmZ+=#jhV(W;Q*EV-so+LANi)FH6sa`KGzfFbea8rWRA!5Y
zjBkWwS;+zCUI5Mh2z8To6{`95;i8`Z$zT2R!*hIGD}!_LvM}C%E7RFwDXi9B=Ab-$
zu?i5Sl~a#wr(9k^t!?v?h0=YKV5=3+W#HvgST_}G+uSLnow17usaYVawv5QxaUS!=
zb=+cFsV_}D&e+t&Z(?a=FrQT6dvIkGecdjkm?MGbl{WZEDU0ez6-C;qWFvMk839Dr
z?K?<4QJ&dKXbbAbVAmW6(`~e0e|z%<gQI9(v&E&Tbr@ZO%qMFs^Ug<(=QO2m;Gv@?
zCU#?k)Fbw0<XWq{){=v-+3M?5;R}u2PG51;-H@`tugGoA&3#jTe9ivMU{+%e@8l{5
zNX(Nkyn_chcDNwIfLD+?1r;#2$%wYwsNb3jJ*HU5aQ4it39K}t9t$ky8WUh9mbe{S
zJzF{NoH-v|P)<}K@z%Mb#FvJmRLGAGQCEI{K{u<*a@xVej6FQPvNt-75$dK{0Agik
z8q3TiLx-^yj6-iPL;R#QkdGTRV`FKlw64Ui3fu6TC66>Gpgg)=SW08y&{|KT)vf}K
zO%!21uX`fFos(d7j>KqW$eEgMo^(KknL25o0aInqJ7-)^6D3x&12jHtNK>H2l*eUb
zHHJmKI@M}ih)XS_9kxP7Cs-6vL>3!S%Bp;n+Ytq_(M1;ekQ?wO`;FFT1kLgQ7@PHu
zK#oF}rva^;z9=ow&0%PWf*+wQKHNimc#i1s5k6R1@emdeC;N@($M7KjJ<(5o_<05E
zZFxBNE~7odu^qZ4`<%Zff<H(`q@Qd^FqpG$VhHd9#hy2FRyugv^lGoN?un-7;oX1c
zhN6p+F|3D;4!U@0X8dY%9V6!2L7)D(tz=3K6>1%|RhQH0I$+f`erc+g^GCh?Cr9}l
zaYTAaGN`V0%9e{#$(l#34pqwzzCDh#@-ei<Ue3~QS5{L!-whRct5M;cMPA`DC-sS>
zwB=WX=WZ9fYY071se5R*Cd*kBj*PD5SYyeH>M2uOMqzB*f2NAsnecRJSoC|UJ=1SG
zt)JKizT1e>qaI?ZM62{fno=*7R8P{wB6VBpqq6(X=FcP3<kXWf+jetzqTgTY3eVX!
z`xB5z4qz_eF$ElV{Lxb*3eLdA>E*NxPv)h<>E)yhD!HHRRNMeebB;)hu<}j_D^9Te
zGk4Bzjc};WeI70YJVDk4P+I2!Dy2R^b$w(?ouQl+IvVXLIDt7dtG1e>?c=(xMhaPL
z-oH&vifEeZ3W>ZW0sRKa<N@w12z_eXgA&b_!nKWy#RXIy8QOa&ACRpm3U<ok7pE@7
z0inbcX&($!C>#$ZWV_476s!-$WF>b+j?6h)tkD;E&TKG7V1KhUIHH|Uz*el~OsRCG
zS7vsx?jWbJhGkiI;Tfwo$Um*T#T{-LEZr5V!`*c?X^<Yio6iv+0-MW4zGJE34#Fww
zaEGG`yIV6N;hBXjG0@QpltCObYv#4Jm9L3}d!`fTqp^gAsqwg8=nGVg+KofyepW;)
zbP@zBa1#Y9cK*3?k_0CRLmGvs-^fz@e&i!h8R(R{r_PMCLobt;EJrNH>>uVU{OB=o
z1N%CR2h3$B9)zR+IpipUV{`#u=6^FKB7K#mJNCcn?^}-gV460nS^mL)`a>vN9aADR
zWR;<@Wsf|#9u3mE4`@Atw;lb{4jN`pJ+m7s@4(F$7D7K?f)ZGXvNJi%=0fMW{Bf=d
z$YDv@TE)6vz=f!^HD87ktQx3(0dT7@M^yPrSgI?e-6Kk!7-khtC3wZYFZN#Ug2tv#
zyv8@C>z&teQS=LyIwt1sv0Jv*otRUBbU;%l@*J5gL9VW8;2VMsyKSuhly=Tue?mRY
zUauO}MEMJULf&voGATFsL^|2wi*#1UVE-hEQWkZs>v^7PoIraNDUSYUs4LwI=IJrY
z+F!JlyDC$9X+>K~zfDOtrJFbL@>iIP^!sN1Wc3;svUn+xGBx@KCxdh;abmMx|3J~(
z4S`f9cp*r*>~}PeFqzS)r-*g*p)ly0kMx>is=|#Dn7(i7&;HbsPem#n*zIv`mqJ|E
zM#$~Ktk*^DSNOMY%&$^sS8j}QwjK?{5)W58h)!pKGeNlROd~KGa=8R|4_0p-!;s4-
z&!<a?YnkA#w=JpGy<dkqL-lI+n%Tmu6s`GYlSyi^tQiXpN90EkLpOBDGe6qpF}*H_
zrt-BCn|oOEh3i(K-<Cu>tqv&N2{<QTFc;6X0?%MhT;i)yb-)<w3BcQGfwuB1WIM~r
zihaF~vTjX;XQO7L_g2C*yR1*A^pBy^+)OcoPXCxG)3aY*I`k#ke&BUE|9}I$#cc_6
z?(uBdMWESv;DCcpe5B_jXc@6KDg5OGVoe^&!WjpjJQIEVIp6KJd?9_p`P30o5AXts
zB72X#e6k;lOlvxD68$Og_6rsCD=XUV)%FKi)Q2pSkJYxJT*D0ADTvt-D)V1CsmI^w
zG7&4U%bEDXoZcQwr&@2mL@bha=-_+wTiVkj+EZyzH^j^eTSh&W$F1pkwzCDFup<Lq
zYw`C=uF0G`Cc@B-?7bytGp9Qq87F!;z|_*M+~TZKwG*YR9OT7-iPPIa$<teKoH%BF
zev%gCZO+MX-{I|_cdcVv!|v^x<fuz<$wJ4lNzNY-FK(YQ)T<GJ)uM$k{76Q;-llzn
zyA0gks{MmPW^Qk{fuY=g9`XZ2moRWoUvbaw^m|YJIH3hdw|!F|&K-g5-pqbl3PVCU
zBWG$C|5*hn?9qn&93B8*jq2Ymng35E=D&me|3hQ`tGOi3ipO7m3-u<=82Ue9q}~V6
zlGGjzfLrT>1XD;5(v1n;6QgWJI|(eWmTo=FR@Rw|Yz3T|MHWh%n>I<QYz}cO4FM9a
z*_*-52#NE=Hkql393{y(ph!}gr4dn&e#}i}Vr-B~eqUcb9(P`MK6`(C?z(n;A7bXT
zLF|(_(1roE)$V5qr0hFztnTd^Jp|eQ(q*BWJmEv>LKWidCC;=36?==b?bY=A9iBjS
z2dbMq@q+HbAF_U@Wqa|4d%Oo&|8o1|Pu~3nxhMYk*#q#U>El<lCk+pI=LfYLw?T&5
z#UC~d@JEQGfHdr&fQ85-`WCECR1rlCAixs!5CB0{L=<VFD5GGk5}HPH3N)-uFAJ9v
zorVvuBv_5Kj5yK~R3x_afM_6~xD@Fjs#P8yBw%}7HcTKw19!lto2npH3DKA=XxD{H
zn=tJ-?h{&616#NZ*CO>|2N4B!tN(+C5>u$lCT-j#LuU)MpOFs{aq4fbIDAR)Y2P6f
zJc1K(B-Y^<gHxN*lXX0pMS7%#(m)sfW7tE)1~HAhQj;LkyoV8MrN&i~MdE_L8f$UT
zY%)B!6KY|DL@_rDJ$*sBO_=XGa^zXbTbfb2okz2|x0xdW8wP*%KrFT$jd5U1!#l0J
z9$g$=Y;u|4JXtRnEK7@rD}w{S$8V_N8T~bFFV4eTS;jII4u3bHppFu;*PQWgI`Z=M
z6qo;c8Ure3hNjrdfGrne;UHOTmS}kfgXvlA&(ziAPZXd2r#j@&x_Jd|bJo!OM5}Xa
zv(3fr<&NZ@N9CuJCE_F`S<MV%>2T=4ms&J~?e2rRSh1Lf7?HgVtCS66sR+n0PvB1#
zB760W_Ts)ZE7Ad<PSj<EY)luZ_f14OORFt$?OUlh_{*|f$DjO0Zo~z{u9jrNF}ek_
z7z~l^7pJSrJvBi!SrNSGOJO9!1T!5XaK(IM2GV*0>AgfetVLx{7Vf(!#ExKYNqQFb
z$S9nPg+w-Q?#%7U^|5}j4%{(f&qcL#0UhDo)Gg$Obi4%S*3fSyfVE|J`UGUqOs<4!
zbL!)cBGzM<kjV9N2qvwYm|?G^VD+VXzsKb4^gF>aP8du^=`tyGR(I>CO$Qx4E?dkZ
zPxbF~11ug5EuP%?HFGOlmo_}vu%)5}`(c<TqN1P+1Lo?J)Zi`g=kbJDkxF*lsDvG+
zv>n^94LI5oMwZJ8pxPI<_#+SR!JY{B?Sp-JOUk6S4Jw2up5bOL$Jwxw5As+9oeH!P
zCsnVB(p^yX>l{j$*9sruisABpe`tbQtpgpO9lL}5q#j3CLaWY#=da6ZY}b(_i>R>G
z7DdBOS;Q<<2kxHw0tZJWX<4FQe&fnv8R(qk=-An2k+|f-(&r%<gjgUDuqRoj68MRI
zL{~CDwX5?c%&Ub~2@&=g>*`_|#>@wKc}}2JRfTR7w;Zgrxo~*WbXnY#dry$ip7>_w
zL5&LMVX5L$MM}f~(lvz9b+;GP8rerVcs<}|ZC0ChYFwL_vlT@kRJes!cEB0vI9~Rc
zOKd~9T&3v#Ztrxu+DVd|F-vLKCDp@JnXb}l%a1>EbSXVeo86LA7|)3r#>b9T+0)S)
z;Lr_RG;PH(>B{jcsCN#vEuKj9lIr#macBXf6YV)(ua%aDkhGnoqmyExpm-$&_Z+H5
zANr=ch;9(oG`dWpm>y58O&)$+8OAG?uC^ORC5PMOs)zigBa1ZdrgnGy%|7DdcLl#W
zKDai#!JZs8nxpZE3)!Ew9>a}^r=#}kGR4Y>KH;ZDb*YkM8A+z>SM1f$(BAn5o-o#*
z*U#+&XU>dSCg~em%Vks)8Utxr9qLm^TJH(N;Te2|VJ#BIEQlo#qhP{NglqL{k;z?y
zy@R_VV-B0{+EF)5CaTEhF~i&JLKZ>Q`j3m>uQ>X>cYj#lw$Rrs#y?vt%WXAi+bTFB
z&oq2ar)y|a7Ujmh%MS_QD#9mCHQ0z7IRk~O4STM<CTL0`*&0Mg!0)f9e8I{8P*xS{
zSetZIN5U;sL~@Vlcypm#$sy`gwrg1@@!%<mvU`N%Elfyj*GB4kr{t7WuG6{JQ@G-t
zRkn*io8+VC>N0Us+TY2n(pH|Mb5lxOABql}{9>gyM2bcp$X1yO?&D|gR<2w*$X#Uy
z-r_qRe*R+8WF9xXF$`pUM2KVsD5L+~QaBM+d&qjH6}>L`6UC>tP>B&w|H@rf5p9<F
zNU?@HR@muwb8WprfZCY1(nWPU;zWfcL3QX)1qbzM+#`;f7S5D8bp!2~WRu~C$E8#O
zQr0Rb?u}BOLo`x($X8G?J&33(5<=(od`-w$eF(%?6^V#RlRL0CRfHMIQ5{a~Xdr`F
zR2dGP8XlnYLu>PMqoXsO)4|}9W*W=D%%oQt9$=M}c&E5f7MaYTYQVU>Z{Z!V!4gIj
z)fUA+#MGSr;Gf%wN_bKRTKWRpkD~Ps4oN$8bqAD6$LW|xx-p)$!OL8yG@9_eX6Oqt
zv!N4eS!Hu3LFLf*L_Sd+*cqHQG_qj(#h+6NHup)cZw#-ZtgvPbH_18~Zu)vTM$28Y
zQ0DF6r7-UBmCw>6o3WiBtw!@R$<nl?_C6UnIlXiEF!_Rr2Va3<I%dAeHJ~y<kkmNM
z8_FtV$DG6%v~7Do`LOG^d@jDEIZZ<a&GhI|94SHMVfdwhKe4Qugg#wcD+XWLF9wg2
zM5+8;x4hrr5m};J_M*$#rI5F*OH?t&oT{AF(OT$-cig~B-W~Ez+z?!WK3qF^MhWYo
z(Z(b=+Z-bf28q;mnUGG#xzW<`&EB$bWRq`iLZ64QXuZ45T`VL0n4i4;So#|`#mh`m
zjw^bHn%TA%MXFDly#v(NTY>$cwpUoiCk+kcI`Ac{Zy@}&63bKu!PGJ})KJ-CHN(bi
z1Qw%QWu9m-9yJZE5FkNhYZ3Zwr^xD&wP>Lf!4lRR>hro+uDHXZ;bxkYAyew;E7&`4
zy<I3&AKC{DfHIvDLJM+xR1Sg|TjX&>7#kLKD*iYc#>uC|P@4ux!5urNLx9Zu)l%F*
zKsIxH&YC<pc2`j95MByRfr%l0QFbup^3!4ar?%?2GXR<bA0mc$eTgSDGGMn%VZ{;7
z(r!u_xsJ6Z+GzD6;x4-+TuH-vO~}NHJ7hPKb6p}ms~)MQ9kH#!4ZPJ5+H*dZ@71*^
zNU8(c;?~?z{}AIA{Cd|Rdtb5jkc-D(Z{OiojCD6uuQ(f=vk!n2Ih#iHUK+~x&p;i3
zx<c9hjXSuR&vwVW+OV)TJ?cYbRd|q{AY#E&I_><DH=YxSTw!KT2avqJZe3NFU0#cc
z)~iRL^<AzI{8l~m&bqiPjzFEyZ^>{QwC`K+aK_58;5XIoL{oQ^Pl{gHqwQ-kUS$bh
zYrCg=T%aDXuZ#gFDaY%BF4Z~3?wO`2b|2|?DtpLmfg{e-+-4NXZ9cC9JWw}bMAhh@
zbWvrwjXUzAY=3`mmkv$5eandYS_>G}t#y^Wz)h7u%%Ph}_fgEUW{sgr7J6fRcpm)l
z4)iy#`Ly$#hB-A5>*CJ^#hUv;*C`IS?C(GE&lJ5g_Xe&&jY6()WPBpxN$z@fmD&uU
zowo`Xo0Ff6+HOd)1yLq(0zLjAz|H=mX>|Gz0^@CL$9mXQ&^kO}r1JU~9JTz!ZZu79
z+X$WK^xF;F8wpyygSx$rP=HlDAlv$P=JjqgC$Vv8*XGV{(M1!w=$VE(POdsr88n<#
z8$R7E`tg<F3R8-mk+D~pI<_Vv8&E-F9vDB-c*N28WQWd8AUmfNa*USV(aHSeX=5G-
z@{f~wCD^~f>OAu3-*k2)W=M5i?8W;g->o)CkF}?S?x1Vb8k$<_s_I(oRkmumCCTGu
z9ae$#Pt-Ttg`l;!7QZ-ZIU=e{M-*1RKvlEE+JU@fi~^sAVYkFS4xzhZo=w8=@w?dt
z?1{VQ^Qep1%+DSq?~)p~2#yPutW@j0Ib!c{Si8a+B3HVCc3mO6t5Wz^177t>d?iaR
zGMgTw$`RaGh^aLYYH%t?l;3o7FZnj3ztkGV`)`(3R!=Spv3q0U+PK|WV6-{<ptvWa
zx6m5Q_JCI4LMiMqN2d<ki$hm>Yu=^mzM6C!NR|-{K|P^H^SIy7ftozi93KX=eA#ZI
z)b1YmCu?z}@4(*$UZN=o$l4l(`-q@^AO-tzPxl|^q4-V@A%xau&(c466QSWuS?*MG
zT0gZ+*&0s{Oc9<;59rJv<H<5|NfY(tNsWeNaoVU8;pE6A=@VmR#*gI2j>Ack`RNmR
zIw6vrzsXN<Np6m6wHv<_t9e4Kb$&zJ{Xyi44uIGhR%{C+THsVy^!seFY)+rAPVGi8
zHcaI$4(%f!&3Qv=ucPyfv9nI?%;?%V6u*+4zh#dEHf2_RgRqq)2+&afpyC~!PQXGn
zaVYizX#Del4n8;z@!-e<t!qe>!Yi-2rxL)*BO*$*@CRkK{g2tYs@b?$3r$$%l;Ftj
zj&kK>M~9P#CDZ{8-pQK|X!2O2+lPC@E}u_K6t8M=TZ-L_A-{CX&&iy9gAs-sVDAj*
zdID(s%#k6sBS054;Hx(5>KVk<1dj%;%GF0z|K~KTKI#?i^V5K5WPPshQhnefJ`wur
z*$3^BTM%`7S4G*!;pw7FujO8$cztunW}9mfKa1N1hUZ)G<u_a@FZ{>wMT8xbrCYXO
zDNc3Uhj+xtWE!S%-iYHjtmb+jq+gmW6?6vg+@r3E#-4vvJSJ~{-~%MpD&^neB#x@w
z>Dte3uSCs15VIkA1A3J2R;__%KZvOvVqYlmuPnU+9F20CLL5l(Y8|DHUl^{|Nvypx
ze6lHT>l5VT&dX!OZ&M`3=s#7O8jCNj<B7J1D`;)S)ZDxeLQYd2*U1*HhgLJ#KHbqS
zF1^gyKdxhb5rx1s<Znvrx@u%zO;`?iP<lt#eG1%ji04nwO?6M*d;81>OnDIW^(?*#
zUV4TG-$ZV`$vzazMom8y2-_`ibM>*5g1~NEBToJ%<uY!Z@UChjJImcLz3lbT9dUJF
zpnBbbCEjcx<mT~%#DrXzUx_+?v*agJIJ{l>gU7JHH4|6Rll(}Wgs`W0ZND`hC|%|L
zJ7*1L!KCu}6YQZq9wT?wU7_wd^g;OfQ2f)(vsm6Cpz5m}RpFQT52|Z;cCH)Xq+VHX
z<dIDC@{byz5Av=duYy|n`L!W2Jb`|#Ex*~&pMaF%d#EW^qYU;?k#Q4k&y3alVLovN
zYZlXm9@lB2r#)%2jwjlI)kUUKPc&Y<74%8JytCaxn^n#CcV-RCPbhi=eVt=agJrvf
zt(5M)+3S6_dHdMa>Ls$t28?+kSZnlW>f~)=zOb?Qr*C|EoN5RD6vV%#zN#R;Q2*6Z
z;DjcrkpTn%fC2jNMT7iLGr`38-*!TXqO3d+BSKDNKh-;+?`Y6My2P^~JRUEm1`%Z7
zA2iu}l~f1XRJsjU#otVDKY#v74lf0sc=z+?ndvO{nX9w4FK__u!Cq)?y6evRvHaxx
zh6otiSPTxcGhnb4s~RKf>S!0>Jdw(3VIzTU-E1;Kwh|$*lrS?3MM>c#bR$M&7`Sg0
zEzSWii(`cYp-~17YcrhM;Mn$en|lEg#7%0jkPHRNiCmg94=D0-8-_fhgs3)M`z0F&
zinXpB-Tk*K!8P(2(<v+E7x#|PxKt8|1fd)JNu6qA4)VgQH*UeJRU?JCr0_V!J_#G4
zi887f2nS>`M@!gH3!<BB>;mzj_n5xlcB6OvqVd*|-CO(U0u%e@XG-Wd%joX8g^AvP
z6U^fRfj<dMW&m_8Y7nRTs8Y^(NL0#RH;6dFF6-lirf5_OGnWur^*^xxHGn5!rnlM!
z7ytkc3;;ml|MMsN_ba`iy}hHItAVw!ovpKpyEDCot+9#wzkBeysOZ@pav=D<m8HkX
zZE8{W-(KL!sam8UDObZnN)5h#Vjz{Zn;9B&-xMhKea(VMt#siD0mYg5`k7km>Hh6m
zx+keoF3kel8`T4j*RjD`;gtz;;l%$z)Yfa5k}pD}ZbM2f3>H~wbV_W<*uby$T=#sx
zxoX=pD3#sYmbef?(BU<;CcTm46aqWZr>@z?*&k5LNt1=BNkNi<eraulX9BUyzl5t7
zr`6DB>s7+7^oO!MHb}o{gE*48%A=-c><F0TRIY-0$Y*rvOUkL^d1#T62JiDs#z85I
z+@BIy9G7BV0lew49cX&gTJox2^r*5Ngb;LTxvfAxv#D{t92PhU@)$#Cc02cX4y_+L
zZF!~!*ZT4;O4$mXrwH7A#tVuK6h;?*WMo9kUd|*86xs<|V|NjTliX7l{;3d+C7RP}
z^12h@Tzzd7mf~Dy0n=h*;G5i34qntMYVjbmYPrA?jok*t7SpzwPQvNNG26n7Q;I_}
z2l#5M$Zg$jUBqI0TxK{{#Vwkz!j*oWJ=#|-F|fPtf3wSSH=G0wBg#s1Q=An<sh@1Z
zCpu*WQ4F{u2<BF#YjlB3PY}28fZxC=e8%gIVu1_z+cD{(D3HqBpiLTRBvagEj2rcg
zW?N4;a}NN`GYX+;DiBOgF#rvu_2}K&Z{kdhq_`VqO*fg$aP|idvAVDurO5^9q+au^
zs(N1npV*pe(Ib||dt%8kx*7xc7Z_cErjUe?3av)bNA6QUwdU5zp^L&Gfs}D<A6DFC
zL3S`s#oRJg#1K;mhqg$IPsJoWky(nnGN=o*4B<iaJtu`odSaADdI~3vuycCK=^}^1
z9YT=~%5t1%E|svz)lihpUtec3j$+x;ogGo8;H7ilOd#ANnE)-8+=soF5j*Dopxt-a
z$p_%#(vn_0Yp6WIX2pvC=h}vze`)K{-C=ql4Fdk)hy^1Ry=8#fYXpElz3{$ze<vHP
z@4M(5qb@5%UisX!Mo&&sn5b9ToMZM}Xb`Jul(w{ZMGk1fW5$YBH){&2Rjn1oBIe<W
z$0Gyb{#fP#NucH-CIig9q6E)k<p))}$3{=CGN~Vuk|)Y#aY)&uEa1@*eP3^9D#<aj
z8zd>tXJSXZ^uFd(;<7=1TkGd9lSAJ3*yN3iOFrATI`a=4Zl59le;B;*uiUc5AOHXv
z{|pKJH-GJaW4J`+e-@rhq@hKC5Q{gIrX``=(ri(yPaHM0Nb(0M--o7~l50d@Yu~6D
zS$JsTAJChxTc>PZ!Q@}X^h<WX-N`}_%H|r9Io<Y>pXHr<%67W_{h7P-18N6k4%FR-
zDgwrLU>=!i4vZsi-i13to)$?M$bo2lX9?^|KRIn;xHX6k+m1T~bVTGj?VzMcH-qqC
zT{1YIvbl(Jt|{CitvTmP)yXuJpz&<Ax=E*2o7pT+$K0yz?6gw7!5RW}IA|zk&(>_U
z#@cF9E!$V6a^^PfIE53o-`X}h&u+Dz>Y1^(`es@D`yf-TFlz0xWXzG*WZkrXW1T*m
zDA&#LRau~}<~(+2b^+625*5BXtD2M8YO=YNs>4iU({`9*UbX@=w&`M3dcc|5rOt1e
zv7=M=DN$!!)oR7(DmgZiq^dEG>oevodnUrk1v|E^Bb0-g$3d;X_Li!pi)Qo3TDgY#
z?2fLpvms~AO|-z=7llSamD6(731`XG$NrRY*wMtUNo;1PU{RgrcPu$@4l_BCa_Cdi
zA?pB<>U0<aWlY}mV7F;1yhZZz=}{3peC+}PGzw+7gBQU`^1yIOr!1=?g1HHkXr%HC
z<FtBYtfDVufMl)u5Ee!CnXr^-c80(ZX30!(RGAEgrb1&hGBAv)S0IzC*bvo9#S>NU
zkQ!Cb>5QFfwW08kh%SK+b&se<Xe<;8I17e%%qC-RoeB0Wc<K&C_^tx3?ep6cZ0rL&
zdcqHjiD?5TrJ-F@yECh7jHt5`+jN2}_I{fQHpL`-Oo$iDM<;r36sU(;%EtHXA_eQt
ztX6eyc^E4M>vz8Oq8&p$6pjyBB@S={`Qy&#?=ZqF$|-c!$HxhgaI&G<1@LLm(^9sM
zlgn1Va-h6t7fSE~_1W$0?!yhWjo#fw#<0sL*V`gFpG1;K6G$c-m&+oTfE7M|jdJgR
zaxVmsx9fPXWEoTqq2^c8+(2RlFi7GBFi4U*Ji=$pHy}(x3^J2_3K2PCXsA=Wm`9ya
zdbi|XzTH6x0#`ov-lJ$B!!ZvKhk)0He3C`$A&il&=CfovNCtvWa4t1Wqq&6+dZ4gk
zsC}|OnWhy7=$-wFqwgVQ3c7_+gf8Ltbqedq!AcWm#pjqpOv?3?OVRTPZ+Gl0(UP!6
z&GLlyBG153bky$P0d)Sp;@xbEsLwjyQ=nAUgf~*c%X7i~jG=l2iPELIghC)i@(4aq
zs`tDiZ;Wl>;XUFhIaY`4G#?@5en;u?-*isCyooYM(W}IVO8je*N}}<ppiBM1?{HL7
z`h5!~eMHbeiZ8$<hELxNnL&~n<~nM=!62{?mrubJX&hq&SF$Jat*hS#Nu>#5Gveb#
zlCmOx?xEprt4~-n*>TxrDQA&SyS+kl(Aj5Q!p{gqR-)Q=izsQ~NM(8UyEcgKMU0wO
zO8S8yqgOzj3YYxNDOt^=Ser<XxKh&tuA947Te%8WUX^t=b6+v9>nMoDE)*~5q+4&;
zNp({aW%Au&d=Ig2<G%tEz9Q_tND4*1k)f%C8)deiP~HT)Z|UO$Tw16*D9ilc|4}ff
zV?qVn^dCj)`i~+N{y$})%)gYVt%>9R4MD{&IbcQvoFw9adx$!Le4qsYP&x_^$O45N
z0K|MZI<?t@dihrPgt<bY!hPU(is4-ygu{h}>)U9vv98yxuPJJO-s%;_0Y_MB)@Dl$
zlX5(Ynr}p56RWROLJn5miFt^W)UypA^-Ze<+3-IQvLuOG2CA{*#`{Jm7_q`eU)}^S
zIg4~kJhF{^s@tM!CA$+8O_T8ag#41qR(K*vRA(iru6YHv&J&Y(!cNpU;ot+v1z+7q
zHH$w#-mR-?=PZb`C4*x&H#hMHPjRV<3yV)#RrL%Ih6jh<DSDck{7sNU*KcH4)kaL%
z6U-@fTi=`?wzavV9F;I(e?5UiJL(GPI)O1gI_YOUXU%tgNn(`6^sq{N>H`=*MKr^F
zS>~L1N3aOxG8FOlJixpP4PlT`sz5seBqNtf09<4M0f~8p)7iw0j2*St58DQ84eE9A
zQo%%7!#)nPb<v`h2kKRv+4uqet4dwOP8d@9N2R8N{vW7R;eUNKdjn^4QCnw64|*dz
zTT=_Of2&jz6$861HiVy9JqKjAX3*ny+}8q#Ymi3KF>8~F_+!&w3CZM<Xf)UaDMOgA
zJKo94DCbaspfRtzoi1X|E<au>ceI>@&K$2iTRu;MO(pe4-sv8l-c0Y;+q?1Wwu#{5
z7=PF)!o(8u7y{!8`7=2@Ea<x_`1`Xlc|X7}sUd*Z?dP*!e93V&XK@Q0P6^<ca}kG7
z;V~_0D*Q`1h<Vmz*gLpE@T!0|GY$hzi20C{#t|WZ;Rq!VW}6@uv9;F_H=rcy{n2wJ
z$KxQWv>(OhRIM^~X;PT(HjS3F7>K(e0wu`WaO;7apY=d=3+x@O^WcUY8r(4WMq1Uo
zOott{M+$LJaQtuVz~UZ3@LD<i*!8~6pQwS=3i@Q082A+DWl=jub8UO`;yZ5{7jQ8O
z(Re|_|BJPE46LNv_I_io*zVZ2ZQHhuj&0kvjgD>GNykPf9Vc(^v(LHrKF{6nhkefZ
zu-2+s^`&Z!-}u)Uqh`(VCs55>hU2V#NU|=+(>BpLESVo|lPe~4-EE<ugpes|Fb(>d
zL{Ssf{-8x&qMzNO)Ry8BJ4K6CItBYd13{m5*ScX;k%qhlB*$OIWtS034IYAt6Z)f(
zl<r|r?&L6LxL>+<ueek2Mm>wYytg!-wCbHvg0ddaYIz?M!U9G==5Y0LJ9h8dI0?+W
z@NMQPzWQ7E({0Ld0m8$LtyB{rF}Z%4%?Q<)Mo+9Wei)%%Kqq?-%giG&fknO#I#wmx
zEY?PN@d!JuKTwor_swMZe$BBq5fx+&!g40HlS0C<Q@Tx3Op#AyBYn6ERrNG<<OQzM
z2yn`-BhU(8I3}535Vl-a%cnuM=`(@9!daa}QH-ghP)(yD@<0?)nyT2x#uwaA=8+Fd
zC77Dr-Yo5U+g?g{_yF>r$|-GRZk#dnJyM!LxAX<=b&Tm;IKFX;)g*-sC$HU&hzLsp
z5n~ZH%9^z+1FE$Bk*-Kx2+9(X5F?h{m$?UrDPs$Xsnc&D$Opnu$`?85Cr^dQw3q40
zjm>J5`?b&aAKiz0*1=`Bme+8Tn@R^cctMX_SyY-b*4ud9+#t_c%WWRpoy<F~1(hA{
zKU?qmq^gFt-adBud-lS&n1SpDbNY3$KiG}LyU^-d=js^nu*!&!=s}22(73A(nH@+G
zo-N?r4{5E*<pQ<!D3D-Ct2G{0ewt?J?JEy`$vd*)Z90hefc{l}Sv1`7Apea1xGj+0
z|IlwmO#gYn-svBGUFl8ig)K~ttrh+pr*n2Obg(gXqL!Yblm-8rbd>HZ#MS>9ef{}J
z{SQyU!qmor_8&t!3m01((YSe-0S18RF8J5Jum34R_%}XEBBqn3AzI^r_0(dycdtcg
zn2=_6@^1DEwUKG>R?)&OVyfC@B+fvGHMLWdy(4e6CnNp7*JoU<tv_MhNW#Y_1h~Rm
z{I}GUM!%n7w=8O1LuF30<+Wv-rs`L-tjHI_QzW6Hgwm_nDarE*faB0NJEbTeLMhhx
zS7H{w3(<g`q}&uruXKGXd`^S#>Eg%}*m=X8R)?U+^UkNg^~{8AVMh-CBdN)d|4z@$
zfBC<V{M9u7)pFNX8CMk1H<WwrKm)m>D+4o;RghQ6;6U1YoDeBiI06!xt{~bs^HKms
zK)S#7nyihzla)KGkAJ>S?M1Lk<sBrs;vVw3h{h|GSO}~J)oxjC_Tgc2aeK4d@BL--
z254v43W-z(Z4bi{)E?tjE+PE}%@O5>`#B#9l3-&{9Nvzz9F@@|q>T1sjgDFEy){T4
zcZvxhBTYID5U%Cv8HukGlkInCq)X9|>qH3Y86^lEqFgTW53|;h_PS>LRZ5Ezit>vH
zx;a|57^Bm1Y>$qL)P?m>lIXNYFV1Dsk48njk|f?2x0H6{rBf;bN{M!QWM_W%!N_id
z)%0OxP4EECX%*Q_kIZq5J@tE<K{j37D#0)EErbrM7r3GltAs5D=E_#lIZZ-k0Q<yO
zGFDyNq8TzJKP%G%2GO?eL4l1EF|jDb8dp$TRY~w&n#Xgvh{&%`tL|3(@OJW*ui!At
z)Iwna06PGIOPXg!NsQF6y)l!DxYJ0MEYX8nM;TS@RI`LA>7_I~#+36y<cj19il31O
zKIHdJsgOO7`nO*}aO+B2#hLGZ9T>7{R+z7TC$_H~FLhJ#Sw_TCuHVp$YhEjYK$O|6
zLVrOPaUsfBB52xfL#3=WcW{I(s!Rs8;!bsx8|6;TYg)v4#f_DjgLg@ICBINYvSPrt
zU+yVm<QXOuI7Q#m#B$T|iRbJu^rmI*Z$*LUN}H~sW*Qb_ml!S<r9)TA4bjdHBd6+m
z2Pk4tw@*5pd|87CIf+zY)oQWx91Chc3oczL0skiMk=N%^9ZDF-b>s$^!(T+zVbbAl
zV;6rWTZ<;rXT6DunIC9~FR`$=l&4_XDSzP)${dA%v&cpR;Ra&L*H4RE2LEEDg7CnF
zT{cPQahbxs+m1Kt7wM$QBo?yP?%(i5dD`Iev=SFTA|1uh8-@BHzf1yc+7`RO;(8Im
zn*X%kH0WI@MKHI-8%y8a$E~@p1=1U~7Qv!3YA)khSDs0EWz$#q@XfQj?l>paA)~B%
zg}Wbuw3EC1_CyOI{et&ke{Habl?{oqNnvB?;C%MV4B%Z0)yCc#h=BHNb8v#Jvq`Kl
zWcrRI%4C$2OX}T+@X+>_VCP$yl?Q!9j|CNHA_g5OE_vES=jCvD4O5#~!??kHilgUt
z3$fD-iL<KRJYJLy&K7HpmDBgA7oH?SKc`*%0cDvty7#yD3Nraympq|>fbtRloldC#
z((C^-8diI8M_EPt9N8Q*Vi3D*mn=<2HpVF>lvGYFW^4sQnuIVx4=bIK@N6B$pQdO6
zDwUK@ZIx^bHnWt$$*grLsF4iHFSww8Dfpnjcc07kwP#^#takE*A04&Ndb|F(c26tw
z`#dS?1@XZ2lN{)Sm9!aD-{kbBjezw~9F~Ue$`+y4Q@nd5L3a8SLze6!3bUWsUnbET
zY*X>(j!^X=47eG4>4f%{pQ)SVwkL5=sqCa+ubbfBRlh4`c}(5vqK(r}t8za)hlK8;
zE;&JNCpjUI>L(cA=S539dN;OYRB}_S-ASu@+Pp(~X9>t7y>osS8m3p(QJiC>cn>sB
z0bQL;o@fQ3J>VF?sh8cw=m|WYJ1`ubYyLjMf{TPX8V7f!T7RZ-3Z^ERUGGh8ALTph
z2+CZq6Q<54K5znXzMI2z!y|9D)w9_&=Ty554s_jC&1pT8!S3j5${z3Dl&7%3a)=V@
zuOysA8Z@M&?@~-cM=cKB3bf2);FZ2U7)&*oC>$RR`;%>@qt8SiJ%dkDZ0?h&i!HP2
zqYBN!m|?Vv9qO(FN*Cnzrjb>nwj@v{zfnq*&Z3EM{;nZsVmXj|*^g#;@1xlqV1}6P
z+qwyrbMzMqz(5}(v$xZfT0mN4mL@{nL2lhBIa5q)z84~vJFieDLq9O=7y+I{zrW1}
z`G_@HX(rdHBZ=&4gvv9bb`H=?AJ04r=R2lzPC>*xP*k^4a`1an^4d((GE$=(BZ#2b
zT+r~P4539yZT?LSZcW2a<TrO8Y+}iF@8#N^SazmZp5LUG`LagKUztQyzM;RlJ!gai
zPPCk}JqcCqJ4y4Fy5B}7NOYs^l$qrU@=J#{3V}xcHh@wwopaA~aG6FP%nl8vCgMbB
z@%II?FA2YF9Fcg|_WQ%aQWXEaa)C;$)LbQXKLFHGbGQ!8WtcP7afXFrSUgmOk!3(>
zp5l2V_z3maezAVgCcBei$0hVGfBjeS8K=nQqTL17B76owH)wt8`LiG)pp0n{a<u7e
zUYIzj<1S(UE_@?pv4B7WMU7CY#DIZ1kg~13Ny^q|;^DCiG4?vKCDBz6_3gnM^VB?K
zMjF*2nBsit;3Apj5n6A8nSC6uPEIuoC}^6YC9~D^bw2jPaB)sW<3Y0Hl2|M>X!zzN
zgr>c<%V0x#Z!)-XN`T)1Pm{)au}o}nuw!b>!LIA;x!=aqgN1jjc}6oS7AsgOKtn-+
z2yydtwyAnrNWnJsyCzSg_H}1j>#txNI!^Wnm_jWt>r|M_WZ>0XOb|Fw%%x{A-T|V8
zTbyi@f}QR)v`emRe6uYlZhYU%`R&f9(?S(^v&VrzXx+I`QtzCO{3P$EY6>Z1{XG-~
zZ3fuQc2J9FS~;usNb_`GY~Qd&7`7#hz0bMEsDY|S3MTd{Kc{_NxZY6$)XTTSfowe&
zW1!ZHnbTHQVi!Yj<pE={xz=l^{Zq3Y_bUd(A2!54mP-4F(nG&<9xBGS*D;>EQ)<Hr
zk6Aqn>^v7e><LFVjALTg77f6&+Io7iYzc@8!xv$TIf(S{ctO>L((hxz&GsuhDi7w}
zA~ACk2@cc3@qJbsTzn;&z`*Z<M%O&vc$xdur;cPjmTLKG9m6y&-oF`NL-RQl&CX9X
zTQE<W?xUhzKJV78+-Doi)WuJ4I)k?DZ9I1KqkKSUh(>@9F0=IxRQiB%fw23;B2*Y}
zTy~KD27uhjYbiDE-@vr4lMq<bhleOhhtGl)4t*waq~P$TUe8`D)%zB_3;(7%KwXAv
zYL;$|6+3}xWo6KEMh*$i-6#BHV}3SHgfd}u_D$|&o5?%rN@Rvbq+OfVg^+zeu$+aX
z;O%Cgcfp%p^_UCh#pRxxYM`pVGog3CsKTg6hy$HJhxSg8$~*iK;(Srq;XCv8Qb*Nr
z6>P)UMMwJ;HK6ppwk$A}v$`u}r9ovAuH3IPWC(M=c@|+?NU2uM<c(_XxIS=k0*33j
z<dU`;yE9;B=^RE$B|)lYU!h;CBH&of7=;Z*+WBx4Jrm-ta_C29I~$5RM!yYdwqCL1
zV*eO>&b_vz9yTOYQ&cX&5TO<E)R?p+=3K<_a+nJ4Cp(*y%AHEgjpRCr5e9j=tkbfn
z_l430^%_Ii%vc!=+fHBU3!!Ol8jDSzm{6sVtRfP_)FLqtuM~T%_*^rTm^$h_6#z}P
zOhszNd8&4x1&m=v6GUUxIjK(dW>n(0+HD230`y+bci-|%88IPakuMk7;ML($t+N}&
z`vMU$R+eosavyvJ$LNu@Q6u}^LmE&k8q7tD%TLbcR-KX#$VMN^?m+pZfS#pP7(Qoc
zt4XwG7Jc2|hTKx1e#byE^6?=+Mgs<@@N!hVr;$Wr#{ocQQOLlKSk$4dA>%ezB~__t
z4@_=k=`s)*Df9FNahkp1@!V*pP4q+%?ks|16)l@cS~lj|&#mYBvjgJEdQyRKwai#o
zth!3|yi)zaJEm|2A~N$31(BKyZ`3P9We7J4MW$5Bh_Szt^@B)WPl#JjFWQ6qs~5Kf
zfHoA$q$(U{l1Yo{!zMIa)_|1csJF~@t0heKl0TA9@0d#2+w?@R<_29et?u;|Ypc2P
z5j4onCpH?(S4(x;69{ivK;PKd&1bulABS-^sQo8}uI}efSkA3H9@c9?5hcU);zqFw
zG?z`jG^&(UR4<*7^-@_*jXWEKK|xGbNDr2!NYEvK*C8;)znhN1^I$XcDGKgVFy&Q`
zuSQ<*g0yOx+acbYWDRL$3|*B{MwV)sOLQ!dC1{6@cH_Gf1RV5J)JAVZo=RUy*j5>w
zw1l5?r`9>wiUcIr35<O)gP3PjO{d2cy5Z|b9G_sRewXY&c~0jE{{02=*T6>kl#i0}
z&xjuAzftJ>TVV5_>7+6|rK~EH9IXNagDL|{3sZAF6RRqe1GFLo69dbM)XXe39VL}4
z-8g+Ctpv^Z9?0MNT-wq})p-L00r`Od0dfDkXCz~2XYOif{-2BH=P2^Z4>BO~hRq4Q
zgrZZx21XDCLk43CNR-b}f`OHH;#5CKS*gbc?dkUi5A`AJi4)REYAdX3Tzk*D-)uMW
z_wMim?EzVtru$byR^eBFub;_x352<#42sC{j0)JCdrIsNjFW<}tfQUIu^0`edE-KL
zl*XJo2R_|^Cj-QK+Y;@hoCB*O6Wxqjije09L%gvi7+THoAxK}tqLmOOjsm(QHUu8R
zD;t%cI)5tOrrW*Lu$B{9m2VeM7|FLX2qy9<OKBS_QYUVYLFTq&2Jp;Dl{m@-{TlL)
zmE=dC4e3J$&ghV45zCs~IzHA96%!9dkhKjAEcLEZMwuWpb2|ymx-mCyVt^)v2>ZI9
zF}NGOQthM`p3L8nyg}L6|2Zy|GRO8OD|T(`E08Z*EhTWFOrjBuqms)|%-!+<{VfFv
zSxS-W<bYF3IfD+T5Q>#)rZS7f#DA(a)-dcC{S(<xj;@g%(Q$1uePEv+yi5VJf#!sU
z`bG8#=dVV^P_txR`(xCLKbf=iziU*R|1_#Iy||OTz1#P{8o5SE)*gis(MN8<23tr<
z_?cq28E%3oMKy#Y{~L*l6x}A#Je9k-wQY{w<=AhvL;V!kZ}8#F{4k82x*|}VKm%cS
zQ;S{f1ix49^Y}nLqUG>NtG~A^j>>M`J8*a2EIG7=dI6Trl_a0C3$`910V#MsB$#SK
z6+^yU_%P06VbFv%3gSFi4#Z9EK-AY7TA{w>vbfQ~TnQ6mOz9++GI|EY#N;!P6s!xf
ze!+qRs@eA%Yx(xgd^w?_TSa6>`<S_IAHB-iinkJmd2tmTY!%VZl(QG$kTVi!%0fxV
zdQ#ky&ksEIDgHL+yq3{yUN7&DpgEZmU5V?-X@0i96v-y)f0L=o#SRN-NltncB)e@%
z*4VUGA3Tg%p<VX43Tc9P!7bHK-5%y0-#hdMxY{sWex}K?*9XdazHx|;pJB*(_1q|E
zdB$56K1y;K-gYumZ%ekf@P4&vGQ-pUXrg!`zxU)oPPj0{L3_<x*94hN6={`I6kwm6
z3nS>;Nl+dDZ(PRJ5f8FC-~q;%FZRj^{h<<1fSNe1c1Ao=GvP(!BX|~#$X2vK*cqwT
zzfJ{{s=eIQ;q)of;iMS*ISf+CF2AiMVf!Vyd<DLQTzmMNsuu10YQW830s0wxgS+tu
zpnlN*M%m@>04ZCT+SvU6DOwaj^tmW@M3#Xm6__-qKpmFo7YYZ35fVBQ7E())NO>F4
z&6dsC9_y?f>!rdFz(q9oMK#LCL<-RncxGr~_Pv>&Y3luYzDMg5-m)C%Z;i?!tKF-N
zvKH;p8;#+zV_M3UAiYu!l_JMvP<eVxFj$K&MuvPbp=cE5lc_im=Q=*~H*YMTG+T}>
zHVh}qA>G#~H?EMO8MMqKcY%@39<N{}nqjsy@10;cq8k5BB=bzQ_-e935Wx~NVHRhX
z2sL@zj`E&!nHVSy1L-ZqzD1P6$iM%qz;M@0i4@ENX|IE2F?klf-Aw;PlSXgCsOF0G
z>4$zf!)4cWN(u^NyjUXmZ1O^?c0~#$4fc_^Sk>*Y7j<%h*{m=gT&Vb0b9hv1nD&~f
z$H&+EV|~OXAjagg(ps!}5oCoA6@_Ui@;7%*%L&Q7y=#dC_A5t=%Ef{A1fomo<+gkW
zWA`2c4h(!oPaFJO=Pxr3^oFZ_;L3+Vba}Mu+c=}7%6O)tF2@^`HApTF4&eqi`|E+C
zQ(7R7DD)$U8qZpiU0PD@o?lpKy{||(yL;J6VYC&OiaZFthc1%=XuWPfnCLXH)hS0A
zbu@%s)ho7HRUoy0c_5`pZJF+o|CJ*XNkW3BKO7<dTkEp?UpUgR{TCGdQ;SI82uli@
zlV=q&6TgN0rxx`Dvxyd}E?t;i*yUVrBwW>G`l-_Sb9|e5rx?04LsHCy4d;#KoxPd%
z$bA}}t=k3S83}@MYF8YXhOygsgLY4Rw8M&Fx=v~6SMVk)uAjxauW`#Os4s%&989Dp
z*^MazUVYp7MpArDwF~=}i!PZP0PaNt801zz>%(&TPE>ps!VGiZ?-qO4f~h(9p#jVN
znZs2;9<&DA?zm%7A~y=DcxtAQc8%mPdE31F*;%NJCZ%Gy8g=SRtzvqb<7p{vK5In?
zO0*PytCX&I8bjV?3X<6GC1hRVRRNyDi)NkIi$0!Tg<<zfQ88KnNtmi8(nTNrO<GT)
zqS`zpk*wj8gO5dut8RuSEws-LEvlS>=cR03s$GAWEE8b=mA0#@(~mxlT@0DiL}8+l
zRge9~Llj11k4w4DaoX{~a`rNDsZz`EU^J{yk>oKnXD9o;2gP&5WfLP?g5?2u`ui6D
z*js=6TWgdp>M6Ti4|x5MP-Gf~vxO=2>n-z|_{O0^iH1x+oKC4m4x+*!a!nM=jT70<
zgw)D;2mRP8Y+n5>UWc>Lno0`UFjuWvrrZjHK7H<Nv$cH7r1{lYHRr-Ybu+WNr)_LA
z5A}8~@w6dpjCFhN-AcgUYDJpI0HL8jh^2x4H!A1<FJe;vc+mEL5h)HwY#A6b?__%z
zQAQ<e!XaRA!h%$MswxT8qaH`~>(Uv!LtWzgx``4M-v6MBgOMosKSb&m%gyvuQm+sH
z7swtKe#_ooXjlun-OtppP1Bymp>48jMixCO(ktpvE%r<1_RUuXhUyWehz}zc#1}8V
zF(_!GoZISIXU!F~(+y%vOgH14vU!Dnh!jzgqgwGpq)g&u11k}wlO;L-B*g(0tp}A%
zGkK#8vbt%Un?#7I$2{DZoP%6HaflCJ;Wk$>(;>mLi;jzdbA^(Xh4Nr5%R#ifnNJO<
z?qS4Q$|AMjrbX2ub9Fa$atiT$n%Kg6UCKY@$(EA}K1OXmD^86<*kD#1g&HvXbq0p;
z<ipd)H8}HiyEICL&$JXqD)HSul{-p$bRqsOM&{zcXbREoq<V9vow55iPFNZq>qkTN
z6UMz818T(8KBdkp+~h1cHD2LbAywfN#cG~6#G42LBnAar=^mGN<Y)DtyIX0O5V>yU
zSRD1Z+g^47dV5*9Ux>31RF?93z6X}z@Om}GO5n)&K)ZvTP7U^`gDLc~cCj5@0oSR_
zfvQf`Yb_}M--6u$dT!8>KddBz{yQ^2{{<@^|F`>D`yW&`GVc|8EGZ)sB0~@%QG<hp
zI8@XUEYKXc+o|1^&Drm372oP6z!4#bG6+I2%fvJYF%bEtJaUh_Grs?RBGB&v@d$jg
z<!C=PEQ+~k-`_XOuy1kb4B-Y$pD0Pb1s2T1g#qmJ31C7~G^iTXWyFa1_llz9zpX&e
zhVrDD>IT&ECWaa!Uhu?>2;oVaB4f!m5tX!!k#uBh5hoI*{eDo#GSw*omk)_>8<s>@
zSB+Eq2P!LnP^l~3OBle<o3pwoW;(ukvC(R_{|73k3WL;^rC9vDH`X^7MDjz{nmbKu
z`lpJL=4&3>6x8HK6fwm``cx&fZA#S2nNBLW*foXy5oi;LYrp0Pm<AX9e)J9M5<Jz9
z&wU}pzH0QN`xG-8Cc8o27~Pxt9%x`Qb!S-m=*VCV*iE<kj>MdW_~~dmjZIyNcK0T*
z7d1%OAjIu25NPnxX;>l*v#BDPihV!ZC$C3%__+r%d<@tMmY?Uh?-O;QpkEZMLVFP;
zU5Cz|wE(*or|}7L7K5s)uu;|#R&aEy42a49&c;qx9b>I>fJsN2@A+#f2V4d6qR9hG
zy|SmOPyVm499<w|tNh7|cESG}nUSoiv-3Y#`OnNq#o8WO5S14e6&-BT$Vc_fUkkjs
zIu3JDLDs6|4wP>pldP0rtTCFQeVeoiR?9DCc?dh^KUNT%NfnoNSN>_k<a~0R>t#06
z-Q@TA`3$!Qd`*tnZ-fhNqGDpKA+-mQYTTY7fZC>VsB&mbA#r01K3{6PlA)kbzE)V!
z@&nzOb&<^_$<Ih=(<pWu3Bqfm;hfCtdN>uTWrX&cPZ4qE$Q@OL?UGBGL31D7Ykj?n
z@lLER<4{uFq!drrq2q>=*e;111|JWJ>4LWnH^|zyY4Mx1GoXL7b}%}2@7mX|s@ov8
zh&^5S(ix}pn!|S6HkDTWQoTgA#is2&ft$`Wcl?N&w!6x@)Q+{;R^6dWu>R#7tDSV<
zB|?F-@$igtT1X)E(M@|zS53VhQ-lRD{w&UOFrdjU`xX>E4pGdBR9uT?R)-#8Tc?tx
z6PbN}p_(j3;)tIlNs_=-qNk`eY)mBsSK_5=%{UmdFNaJ`v9LU=AiiKxhKkJqrq@g0
z_|pvGtBN<VJ<1El>41&-@t#}z@~k#+dF!lpy(YR+@&2l&X6t#@oCn=gZ6Bh@n3vC&
zM!qf4FY7gt5cGu~2z6@WHK`;~_DbLv>J^I?nie@sm;(G5lwsy^`H9RTWZ-w;c7H6b
zgZ6M~-dm=Dc;ZL!0vC>V*aZ9Z=gS7TBok;SEOpO#9@0ePSMox8$a>)+F+*yw&hyz~
z2!<MD6Sj0oI0Gt_%S?V{9{)2|!CFY>VbF9p$@h+c2dr7~$WoMD$7^aKNaB5_uP*h(
zkiRv%P=E2%Ncb}X`J-+E|7}<uoa`M;om?zUon2$+;RYB0B46Ag<YN#Y<x&_x=nNHA
zT9H2y%M@BiEhiBI`7f?tu3!Btp(lBU67_5K=%ldJRtm336HX#5gRS}~iVf%#TCzT$
z?9-G|A!Dvw&A`6`{HegZ$oGIbITn5PW&H0D8T(?$7$el~r41vl<yRw`+z7`OH`qYL
zqV7eRHkF#gYpltEdRH+IGui)oxvuaH1l6!WK(8D?K;r-I<tqQj?|)63`u|P`U)DZz
z-jG25n$e%1FBS6$9n9T8PzIAQq#3Pj=?C{{tXQw0C1fqfD_E%{MVUDI^4Yb<!{q`Z
z7zd;{DOBx#ygt?;Y!LL);@%7R^tW#+&S00p6x5E>9?x)3Y#%m$X5BYvTlQA1Qln%g
z;`j*FW=QG^Qm61esqtlP0>3;yT;>(u+|F^8sVs$GXU0e!rM|+F#WNcQt}T@<qGh~=
z;wV&!nemkb&xTv#d}gmm^hNB~hC}`U0?vbga2A9$LPR-K$u~Cu#pyTiU$~`oX$>a?
zW6uD74<DX(5ZvyAQrL;+REf6&qM|-X7vfA1qOsyYJ4W_S>mrgyU*iFU%Zu(YqkLb2
za+W0*kuR>pYc*&9BS{;Hf?<FI*YNjT83V~?AN;CdnS?EaM{$eM0BFh&0%3!*Nzt#&
z#gaWm<i{!l!vh{tTWedAd=y*}@UVyIkk=ZUUyL@9$*7v<+yzNeSkNKUBqN@d0QKOV
zv+W1Bq?u+;t40<H7OE!UF_eD!3#k;XbO-{=65s&;wpgooskP99c*+<&2&W9~{?Z{_
zg5fA2kXb;O$5z_C+jMYrhK{8PPgl10bqq^k-1wEnbEj{CE@BCLsCkJP-$hc@{&uiH
zoT5F$i%@7<G5fR7X9)tGmB`!El>|=QxP!{Py<MFv+{T08*Xy+qfj7~K06V4-$VL1}
zp9>QS1%p|MwXum?QOv9Q?Hc!L-Q#$g){#;kApYdYLB#X0l|A$Hqw``Xd}}AhF3cEi
zNFQi3fUg}l0QE`?M+W;F+D7<qZl3r%)tgsrQB_a({12!{;*b5Sw1m$yE1}xZRSayF
zT<d(zn|G}!kpRVyi(Fr2VvO#r9dcPExPZy>z-^+du@h>zECoG;&qwlC2Y<7Nu%K}$
zd~1Uvi^N3Vl~Jvj2eDU7JSR@<oh7PMxqM71G6D8EBDzznMl__;z*%==T2l$S<{j4C
zz*|7;z-sx@g#riPj<8-G6k6&2{Hu#<+vyZkPJR)DuY_tf?Nd!Tf(ntuz*{U4fi_tf
zAr5=wH_H&3d)#w!`s~;Rm$l|IOlr(L$qO3097n$b7ius*+cLCALSR_j4Mmr>>zA!!
zq4<U~X8Lcu2-x@l@pXy2*!$1<+pdvQyW3qyzv5lF5qU=OaaFJyj<X2!sel>-^hZD%
z7hFZ1kOtx}52Z|;U^#2x#~QlM+AQK+rJO6VcOFbW%_*OS1fwzl1c?QX(%~$K$rqt8
zGpw%WR5+ZcsGFLt@EZ9c<01zCO;siNIn_(Zm>ygnT|Tyod}DTAq$$=yLRdJcGd5>;
z)52|&^?)Lm=8`U6`JCM<`<xhZQ-?KJf&3G=2{S&C24^#{as=c$AS3_BR>`?yqws7X
zG_#bORf$%3rG7Ce*-kPf+t@Ec;$X<(Echeu#5Ami4KcAm&xLqsSnv34f-*n0Yfk5?
zb3dJy;J7oBlx<U2H$>`5hm)m~g0<P(Ri{u$6F+Rd1n;T@;ZY%cTcUgpxo64<yB_V_
ziF+?@(Ku&e?ADX-h1u`+#{f;G+=Eb%0d}QDm-79S_9~e{qRbo2f@;xWve%`Saz9u<
z;P>Bn8Uh|-2G(=}&hh6*Z5Wz;X2s#f`wH%{q)ozdleqpUc6?z!Xs#6QZF^{_nvQV&
z*P1hoE#Ze#kcJur;THA6LUVZ*Tq5ZwKDwD0E+SFAiI$KaM1Q9>eChpW_oMR$&+CyV
zj4&*Kf#ua9_ARMtye_^%GIK?peK@}%*tZ82KPRiEAqieK{x(X9xuN)TU5F6(8wGQ3
zDXn&_hUzjL<$1(HOqg~jR>MW&aYJGQ4dq&{)JQ6?5q<uo*0Ej!&QdWp@3)(>B&S`r
zZe;#X9UIGej-BcBM4geiAt`wFUXXZ)v&5keNY2WYF=EAxlGgCZ0&xZL5}%O88L~x=
z<`YF+w{&s27?Lr>g7|b0E!AWY*@SkVg;o+)Oaop5ks(Rt;M)6$7u0Y=hYBX?rI_zt
zc?9epSH);{LVfwH)q03GWh%sPa=**n!qXUI;v5*=_&0j3u_~M$EiQjuLaa}2WiqSm
zPL(-PkeJyWjW7mVFUA!p`8ow6kcE|eZ$4B{c?^FGp|E226r<l`{%vRURNE*nbvC(h
zMzJDOsY!IWuIz}VHda`C;HV6;#MC!V;h`9s9cdBkFDFV9+xO>74~-`UiW6uDRg1FW
ziTYc;kDYfwte+#mOafrWLlC67RM1ZbHmH@tEprcqw15vD5iKiW(#1$Zg`0057!iHI
zsCf8ZbZkxHF%sRK+Qeustv4FqW3w}oY3bxX@-C{1rwIBqMf`idUk16Bg7v6bjPZsq
zF}IWG0S5r!xs7N|1BV9ZYw)MZIPkwIJSe0LQMw7U^WG6AMxRS{um>XJ5Lh4kJy39K
z(-)9;+12v+o5Q35es&i`J9%k+6&QmQM2{h>RC!sOI9bJE+}G^|U%@TvEpCw?mSra>
z(n%xdsDW!_>Rog`0B4d@CG5K7xc!Ng+eKTuNE};P;9kAHIDZSzND=xhuGPjmjy>rJ
z@&?|V!Y^Dk1L6w!xZTB0k7@PiB(@^1oyNp5s;<pZHbjLdaYfDb%(FYAeOb-+6gRKk
zZktS&vtSbkq8_d7d7^*hH!cagp~=Zp2W6J@Idr{x5C=W~*iF(~r@o|^7EJe{$4Lhf
z;yg`!4O@0%TIb~xf2DWQNoKlh#)BS+a5O?=@jI~G@x_p_mR1|^xz;t|W=Cp=U9}<U
zP!m!_=1Ot5YfZ_%dt$<%j)YF&kJdPmM7(xjTmqRYYt~;+KEIw^+g6xfs#~9&j<`o1
zP6`<1<;x&P0{Mm&ckS0kL?cf}z#O7KK<Hwx)%wPYcYk`JO<(6e>Yf!sa!+ZEZ2=)h
zp050?Z91nIXAh^!Zvp@1bG?dj%c@4nimbmow#t5cWm(k=cIMm{JZ2ldr6scCM#!fh
zm^Lfd&<VQh8)Scm2X8>|-TI<bVue9sFi^$5v?G^46ebj=XQB#W9GjCfCn{6|?8qtc
z5f&lB5=h7qjC?*acaN4~whSRUj7S-{5lLo&ak?*&6`@g16Rp~@Q9A1@ge6#9XZy0&
zvau`!2}ASc^_i%fh-6`F*YQwpp~bfM1-pcU7sIF9D!cxDAG{+Uzl@APC9#1hD(JVv
z#Cy{3b=kqGZUEYF37_`>UWiJ-34X(N+qcc6z1~fOT||Xakh=_UH`N@*a}6uQ=clYh
z=Z2pG*0(=w+xsrp+d-{1mfk&+b7WZ_umsn7U>oF5uCS=Co})8PO;HjKDbqeTVcLp5
z{D~KZSQfZtAkBd=59LBuF9+E3I)B-DLHynW4Ebc=Rg?5#uAj!bYT=@fL^23mY{A^Y
zGaxMie9)`MgiqU-*h{AZ%G?`&PfD+^fCAo6e=>pr@vK>}E9zjxTatXJA{V=Oe$^_Q
zxa(FJNDW~5rCblSG@=Mm9<OEEDz{4E+l<w8X}c~P(rwe#Xs*Ny-w-q$pqN4L#Kz2z
z$$xQhe*kspp4PcBHymPyp{mE5cTnA!?OlAQj(fx5xa=XdK%`W3;#XYny4a*RO9zhQ
z{sohATM#UGz0^ovEu9rW9CZPkinQsGf1zcBhMu(TDOkzJ`eFp!{%s@N|ABM7bkdMg
z`FuYJ`NaQ_GG@m4R~bu~6O|eM%zE5hQ~9m9|HI+CV70OxMm2_>s<&)4{_Y}GM_y{u
zH=J)?C*Mk;tjtv<-LdaQPb9AFBL?)hNu)@GaEd+Uj^u-%WgrL!oY{Y%vo;=ns^^D5
z>wVf(hVrj5ZlMVPe@iPH4X_0>A@qYc*+}0$qc2qBc{tbwW|ecRo|qblPtxQ?NM~tV
zEf5DQ+>-#zG9W|?Bq*4&XE{aFuD-5Mo(@!dz7=5SU}57>p(5;%^pp^@cV=YA?z)x^
z-N0jxUYY%NXI(@8cqr5E7os%uYP<LQYqEY;+2-y4Cs{v)_-{N|{cA$-|E#>MBK?n=
z&L<nRqp=S50%Y7h1)_!Cl5GIG1f_~%0#!&@=EB>GW{0*8cO!d>=RQJz2q?ItK=zAb
zxF)x#k0VUP(dCrK?<{*W^OMz^8-5@j0p2jeEye`lc@cDX*{#9m2;>O}Dl(rc>~gGj
zdxKEIs#a5#Y*UXFfY9m=(x=y%cx*Gb-YV&MY_@`%3Q4vd#qwu?RohS3l11ns-s@#(
z3&~d{TIMc_#}JhrlQEXSRs&2+DgCbNYr6=CAp7qolq{fOURgZJS~pnCT;LGa(@&yn
zw;rg_N_kI%g&g8oSaS87`-GzD5|@Q|MegkzdXK8@v$qX(I#K3>E06)2dd3pq&H$Vs
zfz`ENfW?wy_}zonQJ+=crWRscResxf6(`!WR~=VZSN?ZvWp&9}yP>c?RYW?tz!xS*
zc5Oj+mm%qjPRobq9<1qLEyrc|u5XDwZ&Kw~`L=zn3{jl0Cx)7sBVD5GHw6LW=;-wp
zdkrDv9uxJSU!2;QqohCTeID6`KTVdgMrNqEg}dV<07<n9=43>VthC7!;_#i6#G;Ui
zbZ3+XPNPVQDmv*UcT4zVvKPa@LmGE$*eM%bRm?G!1f#-V>6VY<Ep!@&wD{GAg=cl_
z?QFmR2PKPH6V~a4l-ZyqP^q&Q=!N|`rS6y*V_ZTDOiB+xW+kuS)%R!>v&ALxWnVNe
z-*o#$6UmY3Q5hhH62*)k6p|k5cM{{o=v8_Nef(u;HQ^nu7on%LqB&DMzJ_V`m}*aN
zNOValQ}hWR#_?Z?zK?EEFXxS|obviRB6AR04}Tlv-2>DP>#aHx>)9(A*mj3(V#WlO
zl*^3MORqp5e*Ud=>4kS19QX(Dt^WnUnf^84&0R2HnHa9x6u?R_sw%}&z%Z2Eo!1lF
zKWmA-lq(>85s@+A!G?exkHrbia!?<KDM?bBm=D(NdvbCz^m}{1fE)-~0HF?>A`stE
zEVmdPF__6<D6lCq9%^jzjrMW_G((#=kQ9Am_brK`c)ijlpM=C}>$QD1iN|BN6q;3r
zw%sU}`U|Ys4_r%@VS;={>yYLW<ArFMdFUTPRJKecmV<0(7#0u{d#!G4?;Hl#@5d9Z
z!D<iexeDeyXVVwN4eD2l4-L273&WFMs|nCwz_}9kA-rhGi=hrKbnIZyhWBX2ud1cc
z@EN=>FUnt-6|F)2X=)is0>6hI1NE^!fDFnMG+bPAx86w1`gXTW>Z)?v&dV^#?n{cd
zxSIWgac$_`+EI+X@^3oWKzF8vc5Fdzr}r2_7z?L&woRE(s{55LAKwZ;=sPx`TjAEw
zj~VRud1zn<HR{XH@G&)-ZxK~N<7jwBP(s<iavDP%bqdw4sv5Bx$(?5y+|(AZtb9a_
z((l{3E^vjO%xe{RoEG7bD1XG72)6Z}wbR8Fdb`FRCvu15UxcLUtl#XgQPlqv@gxta
zI40*Y<{9->E$-Ao;aM4bJsU6<Mwl{ov{eS#MRrgwLJhX6i!cbc#2rJOZx>LKlM-{F
z=_U6V^$Y4Gd`YPSsh^97L5D<ii9GX<Lh!}{G?px42q_W>);ZoRp0)3A<M2u;*9-j}
z^5hIvjK?mkZ}evHX^a)UNi3pDM4dvX>Yk^n_pu#m6Z{FabDIH<$nDZAk%FOKeUv&e
z-L?CkT|4=G8=fd_4A_v;3YkB8Sv1KRUj8=MUlGY*BoY(|C>sh0NaKHq_&+yHP5#wn
z;1-oxdmK^J&yfoc+a}qqVp?!1EeoJ8ifw`XcLykFOQ{&4grCjfMDSUUW4R{G)^6rS
z$3X0K5)wLZ7!LbD$h6_0fz*B~%j`{?2KF%`q)r*^zm9!&y?%9Pyu9___yK7Qh@&On
znxU!c%r~`Fdf?os+|g~Y?JT;9BHXB3+Aoh}#vouug3{wNOxay~LgwOlG~T$Wl9=>P
z8;~mYG33}u)^25KXC2bf!cs253=Y2@l;7=*&`#9j|K=E+Dvf^^YwR5?vb87Q<1#<>
z>Zheg_RQgovifEe%4|Joh>Cx^<GD9{H>Vr~S5YVoQASJ}7oDcO_1g^daa)(}DLC3^
zA3ms9o|*kOF{29OQ<6mapty9Kwavs8IBZhV9MTn^`f3bA*?ElQLNbLv{Fs7Q^H&@n
zD-zB?717Tg7}sUBZpW;G>K3`>Z{lGZ&uI}DbBuCvR4?N*bo(3Fh9TUY2h-zhSaL2Y
zCpSKqaLoHuzU}-EL_K&+-dg<dnl8gM?`cMsb>}a9aR(vPQBi>I14_a=*M0b-N*7Um
zPpSxs&^m%T+o2{qmW4oC0`c$EDvB*QWC^o%(A&u!j$5X>(1Xs}5h_M`?uP;4;Al-`
zrsX`OLXz(LT@^O;xI^Rk?vjfi^(S_B>9x6a9&t)CNUB1Y*TrKLQA;M*F%Ac@KNB7T
zvl#8U(?_C%uvhRnI1CRegWz<U?h1l_wHq984X%9AM+ITr76zrw&ks^R2;9>anzL1i
zA7{)VEcg~?-t&*>d~#;Gdo||1RoKNXr|><H%kt8RUzeEpi5CewC7;HbdBA{Aoy*PL
z@K$*Vw+ek?%Pnw7SItrk5OFWQqlK7V;8!1)cp2~~Rrzy*QZHaGmP2JCjswdjoCv`T
zT4sY!$&?wIm7<_od;)T(7uro8cT|31Xz=4Dq(%RlL*%j)5R-7nJR$Sf#D8A~W4Prx
zX1=|^YOn6^EqFGD|C)yC@lMXBy8!EQB~bqU-iC7LLcsivfvWqBd-oN#q?2Rw6@}DD
zYW=daK8ioz!cxsT_>p_ilS~vp#|j^#LEw!(qX~Vc=6vCFz`R1ONhOxdJ_GE?yJI&F
zkz0HS{+z|Qh1JN~#6}uRyQD(8Cr&C?DmJ?-QE7R?qVQ3F13k9oDzTy{TwQj_G|;Lu
ze05AtIofVu;lzM%r*H9a(Y-U+luP`G@UQ+4H}(6j;gA12{qcY0|0VzbdnXq)TlGJ#
z?@MMcy;wqPP_JRTTu3I+xzzIv;v)#d!WJ-5>frR;Y%^kFkTJc!4*tr$bg-E>N8i_=
zHrufKu6Uj!+t+*u%66Q+&F$=b<DBPpG9&x>ev!5dq%&FxOdTaCW5(!jt?3<p0bz&P
zUXj+;IJQUJ{mK!=!Z-d?S;lhE611)5HP&}~xy}p14B$NypMkCv?2eiEG5{lNwNmF8
z+C)nDV$|F+6BOBWonTgf*csdQ6HMr4b3$beG1AbWbRF<+tEX)n9`7X-0x(mQ!k_Yt
zRmzr0mGV_+V{6|+Rq7b9@>I-GOLYRB2cWqZ2?Wc-x257uqE{cp;1A{*jm=#B=)!{0
zrvhyPl!0Eq-b*XSff%u6(^uD|uw~nh-s5VvT{0jx%Gvp#vbq#Yv$c8cizs}!owjG0
zmSL$A)1CT&Izt>s<XnjdOrC_$EzU*Ns<YCDCLBqG8b#GXk&gL^N%6b<^mb{%QIvgI
z$lQeMP$@3<z}SEn?bseZQp%n#-Bp+;Yr|dLzPDasQcrHjxyODfqjVE-skTcM+*AtE
zjOvNSkr?%==J>wDrCEThsr}?$Q>4tq7z~br;TS<>{1Z45F#HA9;tW+%jkTJ!?g+9o
zZwy-(X?juFfycu?DlFS-Qn;l>i><+Q2c@5`Ar=u^FU_1$ugG|((W|ClNbyz2JHzl*
z`N9kHzD<rNAk65#uRUB+q&>*645}OI{Iz0i=@Zl`ZfK-hg7nN?L&%t;&%H0|)!|qA
zAR@KGDY!e0;n`KAY2{M8bQ&`*8G7U`ZxN!#EK+b=E!EdC{V0Mx?p|*0Gkb978rj4V
z?W-)VP9Ec1{jD37X*C8HE><}*bN!&eE@JX!VRH0UsIf+5k%i`=;PBJ}escxg^(>gh
z3z|`Uux;~_x9;i;+ugB4LVugw82>qe%g*2Wftn5KL((4`t}bC}{#vgKaweKIFW`!p
zu{G@Qe70e`euY?avTiQz8T%u`{+8=(Diw0(0A!r~Ofun^Hj$-bqrG?F8?6GLKqZSF
z?HA*3)U$JClga}~hTrq6dbx#1e2tJC-H^<`03XYT&-gQI%cv1eZmhCDvw82{%Z4LP
z)P2cs`Do_8f$<_3XGB}VFV3<e?-Hdv$CmrXMGPT$#6L5Za?9w66w9)Q5bca`i#+RY
z9QA#Yr56WGLWse2L7MG-#AYi!f2$S62T#OWh)KYW`(>V<e=>oc9#!QL<f6HOFxMM|
z6#f3U7d4$S@4bS+fq)|6fq>NihYF!!YG-0;XZ|k(1T}4U6jjtuxkR%>hGs%r;^Zp-
z^wK`m%EIQA5e*B{W>U#P*`c$;beXJ~;Ev?Iqp(|8k2^sDI_VXsvnqa=ZF45uB!*KX
zK?0{*FTc0Ro}8Drqd##$df%+0h@&WA7;J%p)IwFx01FLzb;w&6z#iNu%jiuEW*4!)
z31)Y|4Q&OWhJFxEQjp!F^1$6KLKo%*#;ZbJAz{HJa$T-vE{3T(53OWTDJo6Im1eg}
z0vN6mMST8F>Blqe(8xb{l4|NO^1XJmv#e;>7)P@^!N8bkTActaf-hE5R&8l4!f7w2
zm<`s<OEs`c+jFt4>PWj^+uEh*G+AcgSP|P}!`pL$@vgzjqGJ^*|0v*I1XvxbW^P~Z
z#P(T);3l$HWgF(_<9PS$>hG&*>RLMN6Dcd>pe-*9@9;-+xNe(a>irZ;Sv$n3v}IQ<
z<Fn>i;f46V!_a<|<AhAzjn$pVZlB15ZxNJDW@-Bh5Ra<eKfUNG+~k_qR-$#y;oh3S
z3Oy^2wZj%M8v3Ont=I;i0=~$wB_?dJ+|GPrI;3F6LP7r9HS1I;Hn9<-{;>4gZDB|x
zw?!9cCVD1`q4%H?ZohLTpRTsrDF(zbXlN>B`FiMq9?LBaS5>>Sn(c#Ph}F5fLaWP$
zNrj1f&qOdCsolnTdEq?mxf`~0SOIoybRI9lk-(l@CBG?LM`)SFZgZ4;WRzEndoM8G
z2C8MG%{C9EwFR$vJ3&@iYw!j-SyrVby3wFL$gsmM!(G%#M(L>tjPi_C*i|QL$YfWn
zLk@H>$-RGdF!QoL?+IB6F?|ErPbLW#nRKy*#a9pmoMElTO$*U*?Pm47s{u)&CXCm}
z+HBixwOxo&hrLQFVG~t*dS5lc1?&j<2QrD}OCm@#_Lxo7Yjgoysx2R-G1!~w<uD&s
zSOc9gfSeSQX~a<sBxOFu{Tdm|oRRPVH<Jk-`T){F0h6C-hA+iIJQVzO(aD^M5x1IK
z?pIggDForg^5VlDrK&O^J!S1QIFRddzkhS$zLD^NE*7nVCOj=p*Ye?jy|{<;f$Tmy
zH2>H$5<lZqcNHqJv>@k5yw_kOtmjK&H~0+03;K{(=CYYru^H<lo66bI98E3PLzy{~
z{hE#b#~xI%#`?9Txu`sM{Y!R7?2ZDqS&Yq6IfWIgUBpd+KX*_6IPk)<j-#RPJ`r!0
zAdpb_!&47@RwfP}!y$9svhVhjf;<Xt%^tu9yHwByNl<Eu%*U)$q+o%EXd>h|xEwFj
zeLl_#lCVp@ifS4uGihCU7I7w)SCGQ%9(qlf3wFOeO!$c=f{!g23}*yL`T#S>eAAO7
z76I6v^peS*lqRf8HPj}IQR<?fLD$T3o>%GZwt}J=<=kg|7xC3~(pLqy(I;27gLZF|
z=V-SzKn|s^N}w9!bngp9k+?_^DCaT2XuT|)M|78-S3{hu-iQw!WqM+@S9D<jE^Ope
z=z;Hd>_-FzVat5+TRag0A~fuh1LQd)0_*n5meUQPcW~U<CrX_AX<u}{*wrjM>p@mx
z$gh#pC)5VLALLyAN3;f5dGnFEirJ$iNJtjH2EeAh^uBrWzCqoIOYjWV4y?7ZqX_w%
zQsT+E^<Cd3+55XG<J*+ki(*SucS|0Jf1L2WLFf7KY`P_E3FFao^WfPl%a1U`(0luT
zP2jyRqTOTZbB57_CVTxNmB=v48CCDOhe!!%=l+e`NkDuD^0BH6IvejD{R~P%&nte8
z1feX9`fERo1hd2wn~c2$luyX3o}rK?6g7!)>Ze4LF2{tMeTM8JM-*%`N<kW;R;q&{
zS(P*XVx8l77HqqWGe0HGoc$eHdMIi3EewZ<S?y2INSVyz7m4@3&G8drfZO5*0Rjs6
zqy38iJG%eRz5i9~t4Y?iMiE2}-IX+A+qT<aQM3M#S}K>c>XfX)*g&4EM3f0ar1T(N
zoUYILv99~OXwI)BzlP!&v<tbvmpE6l)kxWXss3^*Bf~w{*=)wJ=l%H^s}K8HPEcHO
zlx2eJzP)t+M=W51b4$U8G%TyKw`9LHluDRwBgL?!pkOB6k8Z2S<ti6Vg5QW?qn0{Q
zHY}_F3M<#OtB>s|_)Y6a0jcb6gl*%L0|i0|8YB}J2Yx2;gzzpxm(R6|T>a|!U8sxc
zlF_Le`B;rDvk6;wk3ssCgu2T?e=L;VEnb*eB;M@L88(DsZ1N;5S73m45^Ui@@quM)
z_z!OZ_~WXU8T{Ro(m~zLOHp8GNe1D-QKknxUxtM<UV3<%JC(}vnOv9pLLir7^4cR0
zLf}@B=8H!-n*CT{P;gLZ4YqoaBtyfk%_0phA0$Lq<8Q((-PLNwc2SU~pl~c$8k2og
z=#-NvU67$(exes7ik2G27V<QRp_V@`jX4H=CdT-OMJ=V(RU^)}8bvVGGGibHt0K^E
z^Q=fGeezTQlgo>fW$q*|r7<02II@h@U*gde!rc@=)Tk;g2`Qz1@S+Ne3Clu}d;)d!
z-H=rTgpa9WlvB!Cq;R)rC*{2SN{YQe09w(a^FeSLvg+l1%(3O&03U(ZY0R_Dc#~)r
z=!pHFbsx4$RV@qTCVKe$GK^kOw1x?)Q;N>v6^@rryY(etStBI{=S;N<c?C}oRA%E;
z3p)6$Q}N0^9*FN?e<ihynPXWM3<xOj&o24@O;Z1BxdLrvTv61|%x(Y;ibh8UY^H?5
zIyjSoj8LOQVES05X%LNIl1GK%=>{IA=Sqjd^LY_M&o9{f#4wGN_;OY3Noh?zsl1v6
z0wc}yvkXJi@g4!Us@6A`C(aXY{k%nU-}jSW^uXC8Ubd%0A~2TOX$v8!iDM-U5$dQi
zB@RewhYZ`X>Wsu;t4i(B)G&JTg2UB1hiF{|dsKr3-|5t36zQ;HH6JmTx)8TA8eCS7
z=!6$yes{uDy@u9m{-CfXoh6LI6|T~G^~^~6SxhNoAGv=}Fv<$ss=T7sp}`ztovyWf
zKS^R)V4sH5W9&(AP17QD=#po)xLj#$f4UM)%hPjq#3T*4!}1CVyr4-B#Q1nLy{0*z
zL{D?E5pGL$8BM;hV7^wB`RVQI*S<e}m5;EpO};(f0h(y85FHOaxRkUFHrN+P&*Pj!
zpHVBRa^fnke}eB`8dA@@&1@^!6$cTqx%9A6s@5EGODhebe7sYAt%m6t$`oT&kb?@-
z;=~~@1$i`0Lp7OLhGXsQ$tn>O$Vt@-(;xN{4QG0<;`9!x-$rq}vrX!5`#l9G`6H{?
zjJ|F~-Ogn!egQ71^Lp=j4Ri2KSa!-|aME&}Bwc0vH(roFqiK!nDmN!-3}&q8_lc+&
z24z=hF8tsQGj$!m80#T}ZM}K)c4>;xQFSPC!CLS8TGj;@BH6QOCa>>FFaoD5u4yMK
z4~62Q1d&ufN?hQ`(Wa_AP+$S(@X3<kq-as?wMNkPiV&(@F*sCqKT`wURRG4pxmt_Y
zJ`OseU$v2dM!-wyi)p%TVBIhb+>*{knyz5UbFQW3_lc0}b@;&tzNiMp&7`;%3Hofp
zC$RpnFR773>I{peHG)k`jZa=Qzu^)$B5ApH6+iIBk}O%R*6w3<ET&Ff$X)#V#W68o
z=cx_V$19h@AJoayky@gRr`b!C<w!%K_2oA@Eqd`gIRB@%vjD4VY5z7-(%s!9-6@T9
zBMlOpF6okPknU2tK^mmH1SABcI~Amn{I-A3`+CGU?@>Q-bFtR7*K_}7)-%t{nl-^B
zTwZ{$2fcC>Cp(tc03p|RDyo>^{+N|=YauXiYn4#~ki5d`Wc+~eIXRCzVfnjW_T|&I
z`|z(Kz;hMXaLGQ<DV~K-EUZwyHxyRF6Xr(}M+t#YWJo7Ar{)V?30m@tHLyR!gFapX
zksYPV;*z2m)f$}7;@tJ-6Ir&R3p2Di5e6v<a7AYAAWDyLcNcoZluY?D8ZpBntD5l=
zdm5|8#>Wq>gOqH8Omxc=_r0cg*lg3)9-*#4Q`8eLVH5_8#bac>MM|Nwr2K0i<VzU%
z7KpPaXiEHZA7GIOgQ=o1ee?A_vt-&{x9Z*@G(%Fbz$Ec7?X$+k*Mq_*oO|1`f2xf)
z#uh%_O2Y3`MPA5$$;Mq9iS6MhYpY^l&p8|9&sdewX-!Jdpp=EteyN@%RBEO^&KRO(
zPhUXxn%OltN7K}fwtd1Rz8gBYhJ#D@Jq)j)=oBGQGnz?S_W-NY>$lkF&zc~N7V+Mo
z^iqheaZBX5`dM`7CQtY~&)j;GwmhS3cMPm+oghI#6#q~JGc~r-vv;ul&tPd~2{|-D
zv}-e?=Sdk+dg#c4$PO485VOQ0Lafq0;#jL*`|?N1MmWja<(NMF{<@1@z7#&)z9U7R
zo#aeR`&RC6_}*#3;k}$Ms&%(6xjsK#p#;gok|Pe*LcuxMu1n7}VDu-(qMmJi9)K+R
zfNj=L-1VWlEx!$f@Xjk3-Hm`jz+0;GQt|-<L;1`io3vJgM^bRdEAdsA&;kCh6b^H+
zd+2cQ36*M$ve0Fj-32Ve4cnI#?m@HI07*c$ztG*R4ZTS$eyDAnHlq}N)D^%VuWcwU
z%|+gy<I)|i&#tD4u?wnO)A0^3W+rsDdc283`V2i3MQRvYJrg{{t!opdwgZqaytgI#
zYvZ)7)3*DxZQFMDY1_7K+qP}nwrzL6Z{ECl_x|s_Gc`4nN~)4n*4jz-&R+3f&w<cm
zjWi#1+)E3j{rvMcPkF|Tb5TsnUznq5m3a5Pp!ZFvUIW#}RR12ji`KjW);PNBqx!Ea
z%jpChl?Anna)Rn+cq}u?++uC^nDr?T**uxk;^p{$E8OLo7Y3>RM1EEB)lJE32L;4+
zlZiu@j5a36sZGR0$*>Gu+f1H>tLa}T<=8NdlnYBWeC7ofAlWNSTeT=)iwRK&e7!fJ
zn`(0n$iEDcHskK~NDu8l0WB0$O3+=KJoIu7nSuo*=S-1*zkc6tm{pKT*z0R%b~A2<
zlOABIBXJ{${&iBPdh956GTx>;#8JD9NfzUXF2$Rpvf)ARy2*T|e7ZM#;(Rp+5?*m@
zEt#TryiEIsPKVBnMlA3Huz^TWK1LHcjLElo0AW}fO<*0A@uOsLb&C|N^}WO@=U-Lv
z+?LI?yjCP(4P39(pYfPrzn~1;i2N4jYE9H5?f*;#$|0TA>=o}Q&#YR`APsMueCyq!
zWp<_=P#Rn`7Gjf~@1@&Wu3w3F{D}@|G8{45^{dWi(-rpX$y*b7Rgb6zySBsJAIbPY
zo>~31VxthDyq>}Hr}HmfScjhnmbd~cz9CX2<#w3$u}te1Oj-Jo-m*fVAJ4&>ynt<*
z?cHz|DLNak=~Xi;9qleDD}-yGTD}mTRF(dinqC(k9U=A{jLy+dd+gpkxlRuNt-d3+
zho0{IBS>lu^!0)lOiBbw8R1Mk60Zsm5oI}@zMi}@m!rMOlRDj~wukNBpyMo&sg2&l
zxNmbK7aOYG6U9vkxLcMAQ+{9I$t6f^^s;TE<<fn!?$(2+jn6fZe)6-w__F%UQmBM(
zli#3KOtXXD5;Qp<H_n4k^C{tNC><!N<?(NO5JYGH#rGTfl_XZ3n!#m1J0Q)a3%KLy
z9cj_t+0pYfvSMLqAX(0;xszRcTf|%=Bn4F(W}GspN<P}*7Njysj~fc^RW4DK9rqX3
zg2D*h%j!AS-wN^vR23DCm8gLo&Qa7(=T!qs!f<T(poDieM~bcxA)Z{KK364Dex5mo
ztna*JWMA~Aac0hzMI4qo8{#sFVg&XOC2|GhGQ#h5l_2-9JU?`3uBx|o7G5JS(!qKJ
zUiS8}Y8)^Z=Kz|49mW9avi&E(R$oIDS9WHy_~bC9`K-R=+Z>#&NmhVHOT_c;>O-ti
zHY-jPs58T2HKqsu>8c~pqljgzje39kd-$)8v7Gv|rj+(!MAU)8+fle}j|lL+Sl;Jr
zur7F*N3DiOHBfAd182|vt?APvZPENEiAt4Ukz`JD`8d^$iszkM<{0*P!y9)T;nqs2
zz@2Zu9*0&MjF?#)%7$YQXN8mCj-Tr#X%qyo6Rc^;GaG4n2^YgABAqcJQ%87COyc#Q
zw=xq6gM7praKVXO+42T{h=Wn*Nv$F08%2JyS{{)!7z(u2OqAGZ!z5RVLjW)YkFe&x
zW|?hk(9x*LPV-6-i}=4q1{{<j1MKNH5#LuRP4u%QSECouKv!$16GJ;_2v<AtX8v~g
zs)|R2wpRO&=(t<Z^if9R_*oRNyB;KzJJfrla6bqeHpB%>3a%Fgvz6m!I(oMt^BQCd
ziy$u3CyZio{iUs~m&`eptQtbBG`)qa*Ku2Yzo_>cTu!7GfCe_mfBF^i<EhQUgC4>U
zYie@DI`WBKkFq=&<sEGPdvgeA=thb!6pXKH%ycO%v>8)-wAUb>O<!>8M8;yW@yG>5
z*pL~2I4*l1ML#toMar~O*Sl0*Te~Wcy`az4u;s$pbP+-_dcHHHlyj$%wUB#|wKm1P
z#bvI9a^x3$|9sg5_3ZG&9Rul4^}%U4_T;BT$;N?3&cetO{5tLJOs8C$6-MTChCB$G
zR}*cgycI8k2ba8shrN0oV5;FJDEt8k)8AG)MUR5Z-`#x0=FF3CcHld}Xt0YBQEcQ0
zL)|6S<l<pn53iOk>}^4r$5vjV#oANLgWdxXs@S3dBhFdGe(P+i2d$(b^VZS_Y}bw*
zTdP?O)PZJ^C2bt?M!mL`$Rlh!vo00bfg4u4ZH6G@bf<o~!KE25roDE1z(HijHX-^P
zv(BZ}-_`9e;A~IWl=vrm@qiNii8S)|_FJ-XLQW|i-Z;g?I~_E*d8IAFt=@dw+RSA2
z<wZmDlE+^C28qSp1J{*_*PsX5slC42<1066?_hYU&mO<q!KAiYrz$>$kH8UI6MF1a
zUDYg>+t}O|v?NC^dI~~8S71&1S;fFuUeG$uRVhja2nkgX7cnrI1DT~*$3QGwrcnEO
z)iW|0pRrioe1n#Ju2y+NZBfcg1uWj0(rX=*YL320#$<eP7IK=_ws=G*%saH8UtiLX
zaS)}nJqwATt5BR^k)R8^BzIv*>6xE6Q3Hj*jHORW@(xUcVhd3dQtJ1tdY`@MB!gc~
zG9u-|bSH9yzrmu5PVu^towK~8vza{LTx_}QDMP+W?jcnZ0iGXv;aXqr%p~_ZA7C^w
zWQOOQFE<_kTtIR8J{4BWiNalO%14D4A|lkT)+pH4;Nnp7iOLYg0i?ccTSC(ZK`6w`
zpJNQVIMt!(8017UrU@pw5btK5zrkbQXCttv@@d3Ce7gT9B(&v@aU+zhm9q^*`Z6F|
zu(*>jiIkLHuW~q^%zRob9-V$5?Eav$i=Jsa>)pvz@9b%Qwo50-_&20p%Ea`Zu)jCm
z`~;8Hx6y4h4(2pDQiI>5rxB+1-`P|s2NnJ@UZBL<KAGuQ`8W~o^z2dWNPTB^sO6)9
zK*pUu{^iX}1aS_P$>#fcEGkU&C&Q1!O@VteCeYD>$KQ+!`+W@8jSj8Il>@*3tPAo=
zn+WM9J|U?oMj=H;5?G#Inj9o?cS?JC3=)$fr1@?EFM9*H|6J!j`aPfm4!j_C1|kl;
z+CGF&yD=~39I;};F=Az=NlNHYAHgn0P1)thutW(lDb-|{{=A?#lBr~;!I+D!axea~
z{d(Su73ITg?R-BC3Nx-+o|`_0AN+M4H3n;H9>rLVhzl9hnSs;aLJ#9BXp0ngD|fOE
zyCh=N;C9>7?@S6WwYTuYi?%Xht@k3N$K8l?hxAjsxW&6Q)l`pjVWwt++^aSiYo0oM
z>DNhet{D0)kLDbuC3)`dk%Tb@YVPgnz+|UV1y~9$=YAx;n!a}IuahGi$I2y&l@Ary
zr-!0KVk03MPiJjy4`T1h4}Em~WqX{u;UOY&%I!=V0_<|<1p)r~s|=7*B{KQxfs%Xe
z(Y3M}z1_kL=wWOk;Y!nNKy=Ak{gycr=<``qj%8kuw3E;FO(FHCs8L!sYI&wfo{zLR
zM|Z_O^q#V~-$KeoSBs77U2{<}xl>(WqGQ~$7oK5`tbZ^UQ7))9L6oOp#p3g?H=qS`
zD8!gN5$@bpg8#yH)EH+|bUd)6;&^zKlHS!Rvo9m#(a`_A$Clw|K>L8gF5vteSw_c<
zS?;wOaMFw^j~`3Y-7hkWb2$uXmuiysO*I@Jq;X#nIx#WJX|wHAYw!^CH!y|3;?K$1
zn+-7&le#2kAI3hPqaiXM^|P49CE>WI>4<d$$AFZ_WnB>z^!su~v8<HBN#cOwg+ErS
z^D&}<Q1O?RwF%v80LASPYkE-U$tsNOi0x<#@XW~)1S(>$t%8S`imic{SFjv{AfDtt
zo8Dx-iN;V)wA$vU4b$MMSdOq!8nRl~bc!7o3;GhL!ND7FK1GOuPNEPVRCi3E$c*8|
z5slq%iSi$J)yE%$3^*GWk<?K45HOx*m{~OM(RjTlCvot=MXp9vkPtG=LFAPH;JN;e
ziiF#3wBN28jL<k04jfsL+Wms!bm~|Xg}WRE{lp)L@J&jKTD26!qY-x4$>x3lp(aj-
zTE<K@X&0U~VB#SHmT>h}nl&(=E;Fh$_j7S%*6!Dh$2vd~O}x)zb~$_2byuRU4Jgjn
zO+)a5KuRQOZP`-`uIBZc+qTr@@&IH{!tJ4KP@wIc)N4)FI5bCzBZ2Pb5z?(udrWNV
z$dHCxGDHlQ0fnOTj5fK>;i8a;6#8=;2YwP0%B(?m57S9DV3BBye+t(^J*J9V^SNP=
zVYwkIzp=11T=?yoPxvCwJBV#xIEd^ZS4w%D;zmb`R-)yj%KjdrofM1)^DzF9g)ziT
zvwu(3SN^gG8395rE&)CPo4e*$Hm5h5-3)0QwahCf`({izGpqhgv^?-jIZ;57ZoDgk
zN=yqQ9#9^FBf(VxZ};6^4B$zphRqwElf3scjFu8ju70~X@yjY^B-+51y)SI=cWsg1
z2WyTdH%*WWvD2-(mtWR<j=M{{e^5?o<eD4r3Q(X~hF+~7*%Kn1qVGcfh8f7Z$xlr)
zn48fRQ)7Tiq$)27z1mOmPtEZ?#@6}@A&Gz@h~&-^g_?7?q`_da@#~|HPQE{?E2?)>
z;)-)qECRjkpqG?%vwO&73iqO0-p&%&F(|_Pa;{X$KiRz%EmNa4GHbV$D?X}<s|1vD
z@*EN?b}}Maz{?i$JweJ9bcB$<^_L0Lg`EbIV20<}&AqA@xe6OF252A@EpPD=;mSc`
zz%=ZZi3AL+wFnzPz*VY_zNkcJsiT!?@jVD-*g#DSTBL{3V-Sf<m^P9}YuT2q-`y-_
z4};NXJQ2%|JIqoT%I-z+0<F<&VG*wk+RLU=(=2oT4z#}B4U96D%1NdNu~5tT)1)A%
z<FG?*KE^B&o+sE?;&rN~lZq}g``ie%b5cg_!1rGI<vc88;-`>Zg$A{^dcUjI6=Bbm
zMx|ps^EPYV;Px7g)oZS9x^wLaT|AGOAJSs!r}%IOYJ_H|PAl7>mxJ`47uvz?tBB?Y
zuSCZszlJF#Y9{_PkGWCM=tU$i7y9H$wWS^`&jrF1OFJmkr#me`KL-o1Y8F<*Mca@|
zd$*k=I<}Eik7GxXOkHidM0fxj&i}chj3Q%{0a;9u_QGw*<V4e{kJ~Btast_`+fSWm
zc3BGEwkU#*l33}}2B7n|#=#L^*k%jzM9asM0+hD~z5#`t3HxU;wnL~zj3Z@T<g2yo
z7@;c?LW%3kg&L14nL&2Ta^?IrSD9T9kXc&nj2)m2wT!BO9O-8iW0y5}$(-a<lxFT1
zR$w9O&JIygO>w-Dp|;oDfmzN))L*PXo|e--)+2_Ws)~Q!<+Cvaj5p%(7$xzu&}xyo
zO)fIAm-#2F;1DjQDXNiGF{9YYuJIh=z8|oqD@2MDBXnZ&OZ}k75SZ$LRK%GdfCR0_
z662bRH+hkdJQV3PtJ<mB_oQIY36&x+BakYRWq+?Kfwv#wW3FD?lUFXJdEwTtl%G#a
zSQl-Q6sVxZ6S~jz>?`LM+q;pkB;<2o9<Jvf1sj7Vsh?{PRks<ptVZS=`|m@%-I&KE
z&dCZM7n)?F$i!Xq<gR05&jiDm;_*iQ0o~Fk<4GWG@fx<D)Wl|xp$xway{m72u8f<O
zpdI!9by2r*^ptNX-k12S$wiJb+4h$XH!_yzD1YVk_PFEbriFU668VqlL)k4-mJ($9
zMYsVWweH=s2*NQPa>~F(Sz&&wkfPPo9foWNd0d&J;bd`7>4<rKp;QA675Txq{if`-
zs$J=}aS8TLu(AG#-2FhRCt^xGWPwAKsvkAm)Tr6{9FR!CPvr4nZWt(m52hP$PH?YY
z8OtL2<|`0hr2naQ8JT%dNP1Qn_w4quRG<q9LgjE^I)q!{F?3dw>jt5bvg?PltN6S)
zmJvO%0)e|JQbvnYBWOy19NRGd@!WZlzD$7K{>un7t2|bzv<~%3&jx(K-RY8^QTEI^
z7Bc&cf2?;!U`fZcH@<p?D#C~)l$z5FO>4=UIp~G?beFxAzaa2Zyuiku|6qA!{gRZw
zNIm7MT9-$v*-cs<9my7|y=mJuK|3_A_<=*(@d-g-lB$RsQy&wD>F40`yV;^S;RS&S
z7!$`8IW0!qX+7D%#P9^h-#>z=l+y?t`S+!E=BF@uGvVj^SqgX(FLrs}fqN_RZjm!O
zt&vbBx+>EN+l4GOnzCDy&@b&26e;6%FyQ_~=a_dRxQO~yQI5BSX-jPI=L$*HS;org
z>7{5=7x-|8P6Emm`v}?!PgWL3UQ=G#lLqXD?5AL=M~V(Zo?f?=s<2HbbeaYU_s?UM
zH#7$oOxqbJnCBBwnDXeH`Ez&tzx)&04E!Ul`ZgovJ@1-LF%doI-@0Wi!b<LuBwt6p
z@(Zs0yfEZnK4U|tP2}!LUW!1GS$8eyH>=mB<m#@@7oQVpwvEfd4hQ@Mbe!Z<PO_D=
z_0POEeTD`bMKYcgQV1Ol6;q>kuB~*p`S2?3vPb;%gx}aBZ2<m4qx+(ueQ2InP=g$T
zFC`Tlw3epbE`IQlQc*W`c%>H{jxG^`sA+<Ni`TDN^E6=~?pUg=&V!30P!GeO_aCKh
zB=2zU@=xz++0sr)jy>xflo%c6nwhy8>rq#ZD{S~Lr=bS0yH|u%=Cpd@hr*00miq>G
zYU29(2`V*ZV6Q7m@1>2bWMP6Qu~~^XJe8OF*+Vkg20myMArcna8ro^%yJO;4{r0DS
z)9SzZya~Gtb92?W-;gw<8EU#a>m1g$eq8`@DV^p~eJ9unnVNO13=qiL@AOXCj)d!C
z89V1Ci=>^wV?-JWu9iG0W3{i)&l;#E=nD~1{f;tw+p;V1KD6uSa7AeAE}IxNL&6^y
zOb_>yo9d`0`Ge1qFd0!fm#$NR?(`OKo@(xd0aIN@JY%nvP$}b13St*9u}CKqaV>qB
zU0$P$mB0o!9Pav~EmqIJ4J2>^c!Ki&WE0Ya>ugc89$K5bMhYYA<UDpLpNs1|I<d>^
zhQ2BsG=jnjro|M%)lMx6J(e;eGDiAJlgFSRkaZ;NSC-4suo0z_TQYnegb1a6(9i9j
z$S}%D4OJw8J%~B+C)QjF8mCm6TmU}Al6Xj6XLVQ2WcvFXyJYNWDvA2fY+?4t2w`Eb
zP9{7LRx~~h_X}5HGC<R;pB}0P37r=EB=?}fE|FGO9iyO2>Kox96k_SgyzM5Qai`<*
zuE~6D+&>|hoG(~XO#7v<d`kIDoWw`eZpW3iO%qr$s{kX84HfPyH7gy@KA}XR;`-|g
z_|e&z!npfE@e%3)1rC=yp2Ly*>@7pc&?9(Ywd<ryhb*jKis>obJMBT91{+hmp>73(
z<8z6okX(PTn)Zy{gOeIjM0MFxIZFRe33+`I^;n!tqr*)^z*L@*`Bva2rml=$I$Gu{
zCZQ7%v$)45tE8=f0Fh!WQvZR?kWouF|8{ZFygFYcKf5?~Cn<l}(D1_1tk^x`kQH9n
z%?^hlK0k!M>)TvRz-p#JO}&fF4yBBf%<+*~E%|U4^CXh>(SUhv%YCl*svD#;6?xy1
zxk9i3$0_^YL;1Uy^7ApO*V<yc(;dQ*3Hy-?xUoWB$hp6DJ+k43_LnO%qI~lkna=YC
z*i62uF5Ra=1uBXLWr&BAaI<0@R&Mc_Ef3#bJ{)TCy_c0rtrO-$4l(o6Y~$^;UmhFP
z>0>xh6mn5{-MBOtvYcxtWG_0D*G;>&(5l4u-IRj?$lBKlZILH%GTC}D_`W<!aOydW
zkk<j@M6LD<B2yI6db|btee9`$a!zR)p}gnM^ZE$Tm+BFc(}J<drVM%2w~Cx`IY;bs
zY6uy@!G{YQdu|EYg&=6);C@8AK{r6rQ>TWo-efz!1;|VqC&U*n0+a|U9o9QdHW9xt
zxfhm~a(BwA=cfcJo_5drM}tTov!7Oh;UAa$d&<N@HXvI1(b(G)RqB#C^<#GK5vGom
z-m3K`c(ts6#3dqd)*4A}I|{z;2ze2{(@XhCscx);#91tfh+r--&762DP=fVGw%`Y)
zWres9H8?Ryy52Ujt>%i{HubV-PHB@VY?KTM2R_8GbWONNN|AJOy2H^H&hnlsWf|He
zWS=H;M7!{uOkcL&L7wo>)|5)e#z*qB;5J)P7mf|^Kr1N%TLysZ;UovU9&h;Q&r+r6
zOY~%)-nn@&48V?>4CVxEVTLXj@yNP3uCG^LeM|MFK~E0WqSaBge{#_tgWnz}(~m_~
zkx4OMu#VO{J;RzIw*ecr42mIJ+zj5*-1*8+n_d!)2_)hl2in}&@Dgl_I^_BSx?NxW
zCmSq57cT_jDLX<@9?{5pW$eCco6Kp5XR1Vg%TJU%39Quk71JrsN{Qhu#B9tR7l*Zt
z{h_%bn8_PAmnNTLp`z~3Q>cmw)MEvO>zxs8rNOzBBZI>osKO(5>xriY1?a`X67DE9
zouWE=NUvHHClZGm2s<4GBt}zy_4-#)lb9xn{<%tU=7qA~<uoI~Y1=Ioa7^0(uT20C
z^R5nfb2<H}QH7;l?p6e6k<}7QYf(4s(P+nS!x)TtL<Gj`>`J{2Uzm@hs7=XsJVQI9
zP_REHp};|FK(q!JL9&ib)6oQRd^lDwknZV-xMyCyPt!{npEziQ&swN$1eE}x&EK@N
z)e!qp^qW)OA0S})hnTo~t3b_B^J&5Eg3cCjRdpLzxv3unMiS;>>kE+i-*_uquCtk-
z@98bZ$YhI|arRm5lLZ@wp@h@#%a_PcEWB7Mu}xTEFM5yRi2Y7;#y6%&L^=!trssBo
zJpO@+c{9=c5(keOvWSFMa-(U%ig=;SK1=+XcC7X59*J+?rdnC18=T^h9m~yQde`5=
zEX&k8%urK8PCu;8d6s68!bhbdI2f+pTKO(1DlLlYS)!=%c%;Qr_=jM32)uEeLnz!W
z@$NROV1{cb6~m(pYg%Zw<x6KGbjWt78GmXNRyz<xYw~ure+ZKrV10GxGbwY(hXf^o
zy7!etE`0e!?Lj#_M&ekDUX?0Z9%@sZLhr=`RI`5HS5*6nx;Pr?a@5ZqXI8T_qP9qI
z!{=lxnL}pE*iQ(q87^DsNQabQuv;8F8ah4Oc=&QEh$FO4uC54<gqeua1|V-^fr*nt
zBqt!zM@6SJm;%oU4!z067VK8(+z4XRL?dyd$qpEPJ%)B^-K&`-SFTL!s2IFT+ga~%
z&x+P+I-c9GD+U<s)}DY~nnr^k^FOU%Ar9V*#ZDtQsuH_zXJoY}s4nakOszr&^Y1D%
zj9}#Z&8DA~E<<YS_m2E&ySNI!XVI9edW5D>e&;@O6d|I*8_}}J73wl9Q<Ccz*PC|r
z*ZBg=L3MjxTty|`Z`KuSiIIEM2{P<fkxx#w?86bOLzB%=+xR+zbHz?pZ!q?Ghs$2p
zD>?NAldl}Xsgv|HGPcH~mnnTQxxu1Ck_yUke$7Fgawl+x;RsNR6J5Q%1lPHwl5?pw
zPQjUg7<$Z#Ig{r-`qi8xTsm}QIb@plsA+>W6r1C_C>ygiC;s#%_E&~oa{2|I9pk7I
z(LafQJSmA%E{0Go4Stc8*Iw}(<gNTqyl-A1r9+Lpw&MvnnH8D%$aW^6Z3C-je@UZC
zc7aISjF)8{6v^Drd@+PBJ@NM}X9imCAFpG7&tUn~H-s~~xB+rDj5;U7Ee|r*)y()P
z7xj=5Xo0)gmtcxagX`GW;w^ZSu!h?l)M?b2OrQ0l;vTk}ZGNjkHHD)OM20tS6rQPl
zz$3FE1g2Yvw2fUyJO~GPL?G+qJE6IKH5Dn2LphVDVwrI6xUd()Q}ap&j$+Glt3lc?
zTy6pos>~76KVW8NY)$09I+g<JJ-l64`ox%-$2HyM0H**E3iYR`ehqKP*AnKmg)QX<
z<%MW-kRocRG-0@7aOdHoKNMzDF7PlKFfLxH?W`RmqQh5%ZD+MqeYk;Z;Ivyl2urcV
z^FBgAdrf4z2<L$x;6{E%J?h7Au)tcyG|G&YBOzpJ-+^(Xxbr9_gJs^?#CX<f@!*b6
zq1=JZHSCN2Il?;~{@CZ%XKXwN66bq2POTy&r;jL|9#Itw&I{(z&Py1T8_f{g(~Mv}
z=%|j;jOkl!TOUlB@thy{$2z=Jo8Y=3c-y}cw^SCC{TNQS=2H=0qxHwNc)bl0l-^rk
zN{i>CK-wd0c@$co-V*i2Q^TvOFlU;~(5|d@o$V_`JzPu&f3FF29qQ0J3WcY83B`1c
zr0sjp##0p#so5XUc-=tL%|?eCd@?AST5~C?m)#@yulN7nOt5!PN<2k-RM%L7+DA}X
zO5NNqHQOU?OLF@}k8v`-E^hu!W-@L+Osy!AN_EHfLQyRB>)I7oCzTkg8qJ{5hJn!F
zQG||ID9_6?UWohbIv^U9H1v}tUMoT#hn7zp?;O>9q##nq=P&8(>n^#Qc^z?Jacw&$
zW}kv9R#&@PY)30710!fRWB1Gu+#<r0RoJOB#$2pC!%bON<Wb~EhG8(aX8}4>#)36S
zI5~4)s73LN<W!_p2G8OWy54wqLM2gl<pSm(c<GnKY}+G_ZWR4+5lvhoVRTI3{#ipM
z4WwveUij)`$e<KQSNn7=<jO~RpKoPloNm~z<pOAB)x*+`XeorUG<<_R;xHuw_adcj
z_V>;4zSW39x@{zEr$xGgC8*B(;H&cn3h~YfMCdyLg()Ez6vi}sszCI%P&1Rp0E6II
zukr9dga!6+?Lequuy#zH%61iHCk!QKpifXsXjO58o6OLRzt-}vIB9WUg#i|NOmI7!
zk*Kcmza0O>5Sp$bDLNB3B$ISYch(Q5hVSu|05|fNRCT9@%QbReoQ05gLN3OapuJpR
zE=aU_ohhfC#ZNj=l6Vjai@^%U<V9fVbj|7P6tmi5AS8LD6PYOD4dGA3VQNB3PzG1|
zgHq|H3h@bulV;X?xF>cy3g=<!NlGq`mX5BI5*%LWL}y`JGJ(57M@P4jH!h_{WK2~G
zDcj+}>0fxwh>_-2yVNlX5JJWrqt@BpvSD?@hX-d76hT^>@&M3178!^khqUDc-TzAE
zP(Y^u8`pJ=gH;#AGB$?)+JsJX9gA1^6CuCo|M-+hVM?Y^%$+dvN{=2iFLDUwmFSr6
zw-V7fNuo*O4HW>cNa}gvVf3)auxX<&dFDWEgvP=jXL%A<@w&ma)1#J`?H-{w3Ew=I
zCTIh=Z(S==1x$LUosZ`V2}v$L;BtmiJ^k+NWxdG#T${s58Y&e$bn-NgZ#Oy%+LLvF
zc55wV<7U_^E!9$ts2dWkVjx1??CbOs)o-;OE0}O+a8h%fAP*CIJj85|HPk-M5_~ZN
zSLE+4t*Ze}(gonV-KsVzr~LXdK&@P&`Ks<+$N5sBU9D$OP45#0r=L92a_6;2=7QDQ
zMJ2*dlS`$QL7dt3`s}2M^AN#qM_TV?gzOHv<1@h@_oSC-)Z{WIbKp8iM5@Np#OOyJ
zdL4ic=Sez#<P2<Y?-vgJZbA-mzAte>7d5^JFW9zPb;c3Bv4Db;=7@cG(m{AdC1~u)
zn?}~?#un%26PTo{dKguN4D%3)x}d1S%|R`|JF1nXlydLn2DjkoVH5pUOKnY9Z_?AY
z-Xn}BC_g={mc<|+6A6Da!@Yu4i3gJ%&csK9^~+2bHE=UbpQ`4jJ3ENMq(2j{d!Vgp
zHy1T=Yg2Y=nt#dGSmRwIu(yHCvdk03lbq4<I0k8%IgerAG;gp0g4UJ=y82KH!(3<8
z5a6rx^;e2chw{`rV-s@=<U=YmqLmNf<8~lq+AiM^8;D^th#0kX0==2Fv=2BS=y{_w
zkAEYe7U1O4^8dO0;Dk3yz7(3%I~u83n51_oZ`s};9~0X0yN2{buAz!Stsi!?PwkEn
zL)C=mo1C$u*3PnK!>kYk&f#ZHLRiS1K?ZIZZ6=W>NtTEhL)3?N5B4vU6mSZI^#ZW*
z9l%rTirDDNEm1iJ(_I>jx~_%-dSGgX>2F??)}RZ5zG^2gy^D4kd!UIH0~1R`hnXZH
zFdF_kEiA@8{HahhVw0GTfSP56a_zSrr&H1?CV!2p-W5!sk0}UXKFeTm&ajUjqod$T
z-kO{5+pO(MR8g3!W^Su}PBI6*IJGQo=Md&+jH;TEV}oZyPj&2W_FBMN2Go=r%Dcoy
z7g3Q{2m|&H(`3o(JWP(Uqz}PiKKx@}{W^Rv{c30J1|95Pl!zS~6YXF&U1aWqYJmI1
zuOsE)aLyd_PiJ7q<JREfFd}=Zh@evAYHJ}EuRCx&I!(9M2qC;)x@|V@alw;EICCwX
zGLv+S116-DLD;0#*BKS0>5<(Dy_(7ys@4Nau96`PBrk!uTwZKsvMtA&?6{3bs!HI@
zxUEazm3cZ0)C}PhYvE!tTS_)Pht5ATS>`N;hocT*WX6tx#-Bc>C0<|oe4`$ND)qh8
z5F>>v&2A#Df)|z4Jkjikd(=u~Xy;p7MEq>iH}z3!DbSpOryL8n>Ese$iDAEn8Gu0j
zutm+rJDI@F2{(X=Eh+W`2E*4?4K|)oK+z`mU$dXXt^Y11t3l(Gy@7nkSj6TTjy0Wc
z?R|uZtqqqkS0N+2<)?0tlXKKJW#DSgM^}QWP1+h@{uB2a`S}tpQ<x$9&(s(P22$sS
zPJ%(ay9RCWM~?_w-P#{zVlz13A*4BK5kL(4?i~HTnBs|y$<ITO7*C9^A|m^*cGB+%
zR|iGaq;4Kzf0zI)>sk=&nQf<`j>S;H{`ZgEbA+mHAHZRVd<zeA%qBl0K#_h*6GX6F
z?l{`TC6w}EWSx*Dg<<?JXTU6Nt3u6v!&4K^v_d;Ru7eJ1?vaH8wHHr9YaF-GRV71m
z8tUMvyhzMtYXhfCg*Zu*+$smg%T`9TkK({-i@)VT-osP4l@hNT1zl-j-_zwF(^uzF
z9eL;(-`|uSw{6TV^NP*Tv`tVhM9g)%%8U7e<*Y`Gj?l>LiCs#}+G`Es*b7$fRE4wL
z$RlfrCRtKYo<n_9?*fKZVi@vV%GZ@E{Z^Wu?5$F#lJkE-luAcZL~E@3uM<>lK#bV3
zg7!IXvzY}X=k4_pf=JMYI)vTYTFW!B)0VyD4?y3KPs`n9KvVu{44MG5<-l$ZkQ=%=
z{~f}Ee{Jp7_y~>~vn*ON88OV}t(T4@2cnBScc5_HQncW&kmTYwOPC_Dp>GI7X~gJh
zCp$BN^t-y87{4HRs<u3RGAHAFC<9JMntr_;Nf%3cem^|E_dLB$6gIiAY?<rzQQ2%3
zYN3+_!7jlDdnEz<$OBn~#B+!DCJQT8IO6IA=IT}=4$gfI0t|fZ9h_s9T*UVmiZkq6
znTf61gsIR){yK?f6v77sd+BXaL1Tk7(0#JwD6~vzWVF?h1qQ(Cg)m4m{;Twfz+N48
zz9HQ?A4Q<91<NYA7G*b+p=RDF^#u!<#HrpSOD15(xiF=VgCxIjt7zh|Wv6q|+gqsE
zA-srh-!Eb_5sfM5aA*d7k~V|o1Juz2VtpoC1hphFk*Jl|E;UZ#9MU%oR1M$#ITfQ?
zgwr{$@7W+D4|r#7B}i?e(!u?L2-Mq%OQP5xd_EY^A}Xt$Dg|$igmF<D=|HkTzqDbZ
zl!<?NhEO_;dDay1s6PBYuQZfe`7VGJcWKbQyyRLo7LtC8QtK4ZNdRjf6j&v)l56n+
zIXy8-hZ9K7xIH4&cs$t5R7iJGTw_6u(sc4r6}YPu(mnsQDdo+SJ?-3Q;<?X)N2cW^
z?1wpTQqv6yZj46mi+6lOnHKf{S-<*nU_nlCZp-YtIfcEj`q#pC)6KoRMdlCEgTF;>
zmERVmlPunEBJo?WXJktK6P(cb&554C=z|&d(K3HY6gBK?uu1={7A72;olT9%e7_BS
zJ6s%4P%u}C$Cuz!u?&s0ACs7BOi>c~$_roLElO7oCM>yjdKiOHBUe0fmG(_$rdD%j
zNynfOI$5H<<L&(Hze+nV;<I+!{=JI?MetjTyH8lt#XW9>a7prosOnQVr)!=EwBBA_
zterrA8uLeDYV$+mZ0|4x%!KZecw9{9iyJ^7^@H~cu=>fIOdXxiHS)+f&l~v3C`NB^
z4Jy+bZ{38+A5HR2Z?OJwU*vn{FQ-F<0o6oaVXfE9gOgF8<lV?l#+$5-lvc{6hlgr1
zm4_(=<|5eIU>TDi2Gn<H+0H*Gya0sdS(^u7KE_smPkH~c?kcHoTc!<KH7TI?JVj$J
z60v+x2xxOl`0gJ=Zrca{6ALH<k5-$9mDlC%*I_sIM}XkIevU6>t&&iY?W*o=l2PbW
zA4Hz~sA_wn@(PnPCdS?!44lb$=zydaqX7f%g32RxxbfREWOx6Cn-)E*I{hNTH?=7q
zcw|(MS_BfVLE}u2%X>U{0$K92=zGJz(^xS!#Iyk;5aBS`F@Lp^6kHMb+o~M=o_`2D
zQ(29!Ys!6Y<vOZ-!~6i^DgOZvp{uUV9KltcUQ&YQQ^kWoPnw1~P5PrTU<&1L@1&6k
z)$_NgMW}rEMVqB}eX8mWk&{6GXFOb+sLT1rlI(IKA}+neHUWr|Tn{o9Ri6s>e1L27
z-+&fibhcW_=Q%Z?MYpuR^oymCPi2{vXxJREwJX3XcpuK4L)?icC~1cm+#yb8jCuto
z^#U0}NY&9*8Gj@FB)&uw*YL1b&gz?5%t)E#sbzj->2f8s`HJJx{9n_xvvqN>VEA(T
z!q?Qqz^e)Oe*3l%Rz8*&T0|z35)NV*&BFt;cKf!E6jU{KQFc{}Vo<>>1D6>-dqAUO
zQ~e2pV5IHLUdL7JIk=@KE%b_D=&0Cl*rhL^Dv_{?yMAPx{Cn(zLk5oDi61&&?8zb@
z+tGRi-Rjbs4C4Wb#d3`w(IYbE5|xD+w%>7+0``I;Of&ffoK3(L+M2&+Gn*oc(#`B?
z11Y<h5pYU@!z<Y-Jm@NV@7Wz-j^oZMetRh%Im-Ng@PBOHOA<Y5s3NEOWsVNIySlv{
zQyn>3Y&({onkCh|>=CUh4zm2cO`-;{6mZh-P4k+x<vekN$t?VM!VXHfGC1=~y}W$_
z!sRinZHtAn0nJXU;!=n2b9`uBJGeAPPA^`9_}&Z)hMbzm#H-s~!P6LyvbKq06y~j{
z$a)}(9hI0lYGNARgZ<6MMN|Jv`+<yiWH^hFTXR?tBaV@C-5*kWgq)$)gn_wwy~8K+
zStjX2`vVfobro7goSRLoH6g6dp`Y|IPydHn@?hF<GD|No%<(zP>pAOvmDNPgGrj9M
zX{H&^PO4|4Vbb1ipMGTlr*M(n8zQZb(EhHl8tn*Il;aLSw8K7;cKvq%Y+YH0hRDzy
ztrvHhX7_se*IY)&JKix_m&|WZ;GDCqQCj~Z8WF2n4AYk7biEMwEoF_(a|+e)awTJw
zownMOF#Kinr`dC*6(j+f)pczC5i``H`04xMZj?|GCDRni%lhhp){e5s{SnIElS|}<
z3KW!Epk#vupa;8EXp8g;X+XT~jj<^S@z4fwGB%;W4;t~3K69twpHE_m6L8#qjq3pN
z1w!1-$~<!VQ|;}S)C{hD?9dGB574mhP}Y`Y4g$`U@?~H!AUB}zUkiasm5<%(TZ3x=
zJwqFFtEUx!9*GsZ5<gQn1AEl0D8eT&;E-HY@oCrVM)cZWcE~I5fSlt2u*#_Io8BUR
z2w_~gJww5Q&DCLz%UrMKUFhDvgT|(6!#df*aHC>p=c>^GAuv1Fa>?JjkMjn|i~nU!
zF<^+mL&Q?^XNk8eqJ_wZ*&H4zo6jGQrpOe-W1LHmLPp0E_Bbla#vnU01gxZ*%$wrZ
z8uU^DM-*m=;uQpo1)9pi-D<dFIkOsp*>wa#n?$)h%$T?D<Ad{(e&wUuJDilydlK{L
z?jPQ4rLIe-)xZAS69ZH6;GP-m??lKWpwB1PIO5@s?UO?`>klp4Yu7FM(YVFzgm!Wp
ze+|7GiEBnYXD7SLvPc`07z^ZBFCP(<ntF=G0`|Hs48`f(6-U4h8h^WoJSNi)Ay{yW
zUvjp$M#Ot3CVX==L(vC6wAS~IRD3{9J&2qvcRP|^T56TjCP{;M+U2wB%#PPO?S1DO
zL}FE0ny!M<dfw*Mp1ztV6)**Sp&kkVJh6N0D%_PZ+m$HXS(gVg5<y#2qe40+2QbxD
zfg&4kP0$`}rn4L&Syra`D$l!wX9z4~vg4kPZj;@OAs782$Rjl=OrszoiH*VMdEnh}
z1cs&hfH9^MEULnyIepYh?G6^kP_A0Rg|~LkU5up8SLZt1dV>U-2Df!x&{G1|d&g!;
z8~yD-KVccqmw%&#%PZ9L$ELP%BJ;aZYr%$z8@m=-BQq`UQ!b!cDbuxnJ)Bw&Atemz
zQ<SB9VK+Vj8|NH%qEC0{pcxQbaRLYR!RFDBFXO|?Cc4a#fi0u!#(H{Lh<I;}@KJYh
z;^Y6#?WtXuMHf|hYy5t+B2$Tt12z<JSLoiAt6~sDR(jDAYmiJ#5h3&79BAuh?)PMI
z+1Gx=9~Q>M(#W9mp(1#TMdh7$4aeKeoAWe`AN>0G_29CN87q1iOMg-z99{=zjt|po
zHAlqKTg5JdzZ_-txM3F|UbV-FMR+V!17U2sNvv*0ahc)~Zy>IL=GeaKG5?#t@iMp^
zmc4B=Fx9Yz>u;mynB}OM8-vveB@>z7w>`=`*Ev7Oxg@L@G*iVTj^)~kGuX5kX||Bc
zV}C~<a`y|Lcupv8_1!tF@XZeAb#t)r!QJSxw^Y5o!L|5THz%Am8CB=;E(M;3i~FI6
z^cE%<<+^eZdR+b<<_OFSMg+I5cGD{O6H#?pkP{w^A!nQ>#O%N?k+@cjk1EivyecKH
zA&m;`Gs-d*vsOgmd3=nNebo=hw%apx12h`w0nlC@1=xyEY^-><S+)%PnP(bxZK)b8
zvknbk+you137-u|e0=v_PN@49pU~cz$kKZJtiVc)fTC=o-tfH<-Qw5h2|l{qpNU_m
zFj8kf2jINTec!wrua}&TKTkz;*QL;n6!Yx3yZ}dGVsZq8Zrx@xLo4wcOEdYZdOhyp
z(8Ict3bF-qMV<qIG9Un^=_miwj9&a?l9F}E`(A1B;}WS58+Q^sOkE`(*)Q`#rz9%k
zZ#LK!>KNex!TK4fkBSAj<^!Rlf&E1Lbh*?zY*Q7zPR!qN@snHFNw*I3=*fk*m+0xH
zXWa4-Jg-en4JOX@{GmYG!ckSr_kev|y5h5#f!H0_0qrNJP5IgmgC{8+vv|GG;b-|J
z%E%$DQbW;wAE`>4i-W4NBKp*Ulx<CAwZ#7OET3d1K2g-{)$)A3Pro2St7+-6`d@W9
zXhzwI`_tzMM)Rzv9J$uiV%>j2a+{Y;3YWBq>u)tH%B0lV@&WU3Pe?x9l0J+#f#M)o
z<zcQl&g<PCM5xb*4~@lM3`^j^oP~PTofj4Q4=@%S2CXKtDEAAX78ykW_6~#_OGXkR
z1WRAY1$bzF-7U-!;X;3hw9ZHgEy<9Ga+=3jcn`ecD7(b`3vLOh>2kP{h_wVfB^^JD
zULOTTCdPM>$S(vY_>KnqPh70%o>PXwIpb%r&aipDa*j8Zh{*H!*>tX&LFz(&K?OR!
zNbB`qw;m65V}ov}j8Ja6LXiDAI879EA&w%tb!DyMUe?4B9rENZ3Q7bmGYm*#z-szw
z_nZ`h&1e|lC%g;KO0P>*x1j|)yIg|nl;7)sHq04zNKtn@nS$FQ7oca8@Jf`?vKxAX
zPjj>ZCNa<KC2bjNN_>no+-~LmTWsVZ!Mgf8;Aw6sb9!7<b7-~v4i})+e!$F;^F?X~
zS#cH$Y#t-#oS@Wg;^BYKP^iq+TIgrRi$w>Yu;l$E?_f@j`|LEp=ENweERcS6EM1Ah
zxo91ntFCQB13O~pDKvGKOe7SEDWC-Yp!K~Zs>$<IKRZ@wm>M!QobNy^nN<?Q7D8T9
zM|-zYzFMNkKEft>N$kW-rJl~;EGX2m(~Dn5x!j$;jLd4@_E40_1)LmT$^<6@u^ad6
zmgruy=x`z!==SS~{wh)ozvj&mucw+!1yXsV5CQ(t?NB_?V$zMSPXzdQyeiKu40aAd
zdTICrh2Sr#LXhwhe1bosPkCdrGwy`jb}I6QG??n2mX((&5ptMtb{XKhLyN5?w&``p
zj|Wzkd#y#$m<&HuwcvY4HAbn-XH<H17rwdPZajtDpAU4T(GS@Nv2Nmr3FDjxkU^+I
z?O$qPX#gUK^&KfA55@1VKbZXLPz>@U#_pJPJpoPDesev*sylBPVBAzx79L%)%9+0h
zcBD<W{{Vd_g-vnhTrA~i``s>~(&x5V?B{4l+$}X-?r43Gc>b({zp1iJdYc}oNbZ`v
ziM=F^#s4f7W@RVkbvHf8N;h~LzhCa8vwZhlje1MC-lFm&U9Lb%<V=HnuM6M&biXN{
z4%Flt`@m5Gzj}r>RRtDB4axrAy9iA1|49co_Rab-0SgC!SZE6RUdbX)zo9an?g(Uk
zH;83!_1KQS{iNNiTD+LF4ZkFrnTPtAz4K<7^)IVD15R={p>9;kdwe3^-McDt;tRV8
zr+!G!$aq|_C+|>Sfez_x9-kUCpPhJ$zcojzq)oqdNW2K8{aO7z05S1?c&k0~4PCOn
zg*{g44==xXj|69`_Zrmng6@#^Z}{I9g3Mfe<dD<YFxG+a+J&;NfK;4&8C#^!BPVI=
zev%B<Yoyi%e>MxtlFGQdKyOpZvV+Q~dY_w(wQQz}9Czcm>6I9KjNeX0lX;nCCaa_`
zaVCKt-NC_=mxCX}d-e1!%=O^uJFR%b4OJIFO*s+YADAxwdA9oAH1uCNiV~U^Kt%IZ
zMI<&2bINi0MSk!KHDSCqdGA5m0k;;HGeGicGyMWkVk*FD02tq*y$?r8kNjI%Y52At
z=k^bQ7J}E`?eixIKkBS!EG)4^Pi73W{9|!HI>?^=!H8c#moIsCguhl4dO2`#@1M10
z3O<J@Zy)kN>C@M}&l75!zvTUQa$C(t0c$4+Ih^<1wMk~*I2m^zwt^d&Yn;8<o1QN$
zIDXeNeLk`F=_#xb_q~aNg4@9zjNj~R4=;NG5b#e)JlrQfASVWI4z|fR15w3Hggjdh
z7dF>#qRqSzCSN>StKkK}NUk#>*W1p|64SikKm64RRU{n}AjohJ()>gxUxt@>MjWHX
zZ<8fk7<E1RGh09Z%pAG}#U`f$$41>+`67NAS~lM_JZ)Z!Ndnf;5n9%;2z?@_zP+6L
zC)YjL@v$E>9Eo^d4K1T@8qhm+pFAmzc6Vw&NWL*L9zHAy8@Uo>^I)H`n`<8N3?003
zrouWa9?g(Pcy>jPs91V7@eHYeC%xyLU6)jll4D>atpxD#=XJ$P<9`&9x@E8VlQ5~i
z4sBg{Yi>S*Hm#mDjr5S`*8A^xC%(L`d%kKVM)*QhfWmtNJ829i?q?!i`AbReqGZn@
z+Ivw~tq_w~d~^ok4XkMogn5DJuQP#j_!fJR?DRfPgloS~gSGNTW($BG{LtT>bwD|O
zd}8ms5YwK7UUGd|L6J`}!F9v<?0+5z1D{}|00wX>;JP{?TWFvZszAz+o$NPp))3)^
zWIkH6El51vg(|n}xRQPWzD8SLoq9j$P|V#vl{aI(>*J$~uOILo&*V@rIory8AiT%A
zP_?k{KTB`MrZkqo^z=U#$}*fD+}IH{c$U0JQi9jag>1KC;IDJ95*Sjqc*uW&Yisiu
zUuEf_y284OhOB;{DcnBC^%g+I&S;i<&dvRVIDI}f-IVVxpoBz%;41rV()QK}ey2i<
z%d1mBsgrP!vN(&VxHs60|C;wqyJn#e=K~ak9;*@-3;rZR*4KC)eSoF-Qw7z+VaO*y
zTC3K0#`#E$zKkiygOBF~UwEzao?kdeS)bz({p1R%`9#J;B#Xxa$8OXCQ(VP7A^uRS
zT!yNqh68SV*lIOWJ|zH-?>#8DZEv9TC`|N#)wM0G=3D6@yLPlqu)}P=udbO}<Q9$t
zUHhNBk+6idk1qCFcmK~~PCc%Z6^}u%r>je=Cz#70pl_pkrZ3uBTHD|@Si0#S*jB%w
z+=OhJUA)}|7`QH?UasZfHf?mIq)+fqhn9mKmN<eByRvHZfW~q_GyI=kYnK<y<R5XU
zotm&5=Uqrykg=uGoR!HBftQL;r}plkY`?b>UK_Gyx8s8Y*_+qi?z2GC@-L^%*r4nr
z_T3zuDr7j~8}L*mG(DV^kMQ3Q_bY4pDsagFO>PgphLedcG)6ErjBSn1=jO}<mx*SH
z-dKSM0C4_K63$^VFSRJRo{hnmtoyE8HROcv(Jh9n#0wR7g|?4c40Z1r-e7G8Nh~U0
zNC;Tg%<K0f#CL6~kK8@&A5%RbHLg2f^T-~B{`+@Xs<+4T{#~ED-!H$5xJ7cQh=3#F
z##Hl>M1Fcg-*dP|3+}-oK-AQq^u2We?-7(~VZ0URA9d7RaH7$`tK}`^?O*2xmftIH
z!vHGZsxqK0AK5LLW_G(ZU}*YcpkAAiM$wL*Xs=t$4|wt6vKt&1F!vMW&<*kIpWBPe
zpUAy8{rHCq%e1)ejKkyr-4O}z?qj@u*PYjD1<+V+FsF<uhfnO98>^};?QYjEcn%cL
zx-DH#P!&8u*A~s)OB0{)uYearh~&f!zMbsCw@=I0piEHrla#TXUoX75ZF*x8g?>EX
z5bhfz+j*ZH?>%z9doS9Y=Cy6BK$i|XZLg}UCZ<1B&kzMT-uGxYcY&g$*r!Y4y@~?5
z^4fLYG4BD(x;cNU5$PR%^Yij*d+oXH{t(K(D;8^fm0lR5u$BwnEo4}QZmdyCywdr#
z46A=$VumYELE)*X`T_FrIdtV~#QtIVl0kcu{lemP&7IVak8uU!Y6oij;yMw2_t5yR
z;XUZkrp&nqG^c}*K&C#_x!ABiB9D1TeDFHq5<jd&b^r?=I}~ofe%Y4q<on>2G`i)a
zL%9wD>^Ewn(!AkcvO3;<4$w|XCN}-R#*o!wUAuw3KU?_DdV=pfd5u%yrPqpmbAQ+N
zz$?9jVi~-p<kB4k@wkY7;&kG4hp@tews<|{hK_z`=#k`}XnbZ`lk-ctLKhZzDjrqX
zf0JrY-Q%sEU)Ty{@i_ypULk$Nf26F%=j<=ev~9z1>22{@Ke8I?FT42!TztZhX>aiN
zy*&=Q1MN3c72N+wR>JgNFMwip+^m3=<7qGD`-<l1U_*O?nWKIx&!+fowV1&{9t957
z;^UuWwuHPULVZcDS25V~md&(4TWodty0t;Oal$o?f1^E$N(-@mO7r63+dgCK1^3?o
z`P}y3JRhIv`g)J|Kzy#LobEj0Zm#>k*-$QiM~3^D7Hx0uJw^CxRqY_(CVc7GM6`Bo
z?V=-|z556a>e~GB-t}mCiT&_Lhxp|GgfB1A+~D={8%X`ae4X*Yv%ZOZ2(qzy6MgmB
zAUnxW6>4$Ded~v7dZT%Mv1?J4fAuej`J&lOVMgu7>~pf%zT2^9J<}!paYMVedcA7P
z*WJx5>w)>%o}9~({w45vqni_K6;QnM=A3^JLs$HIZV+rk_q{hbg12GxGhV#)WBK5q
z^65o*n6ml3tu#v4w)HR(*+VL_oz3gy!Lx?G_z}6o|J8*E4D>dZPjqV%0Sj8lh<qxF
z{{t^42?7cY001BXdhR5W>$=J2i9i5=9|!<|^3SZQumFv?j0l~jnW3?@gRujxtCeMy
z;)L}EJwoRT6<YT#f>>o73OS4<KfKvqBP=xA7a-W+u*xicH$M64WlPLn{{-l8Hi6vU
z#MzCSdo<K}AIE<)W?Z5fw>BO3QdVIHg-Ior$Y`mFE>p{x#x27%7n68gA{phf$p~3u
z<XW>vE|JD9Ww9=yVP!VraY;(ljJf=F?DOn%_Bqda&e_lRe9q_c$Lsz6e*gZWPh*t&
zw=Lyrcb}&(2!ml-C7pYUnieAZk0H;dcmIra|G`$vtm|isU0<Q>o4YEL#;3@7kj#-C
z(Zr_C#Za!-+as|F@y7Q{>vZ7)Z~vPvM^#1-6dTRVnISq}#v)J(`sdR!UtQVk!lYUa
z!PQ^DwcU|IS-)bk6mOskzmv=#H^?&&%r7KX^C+i+PW|e}Xr4`y3=KHe4IIEOQ-mK?
zUbkb0SvHgX6QaGoP9dJdV5VTlP9Aa8Lxq3b{-jdAdLooNDDy>v%U?<+api1MFNIK3
zsGZ}En_@m%KRk7FaI#nPi)k_@a#)l%bFdj*avR59F-$nl2>5Z@ftp?*$w5xcTnZE}
z;}+PJ`j3}Zl~(9RqBAbd!nXcvD9bIQ2bF8J)*EECYU+cHujY8>o~eqKY~SRcYTkSH
z9WtxzcdF!Ch_+5!<See=euj=S7gw;J8=SZu+bX-h6#_`(o+t|$a9QCli|S4gY#Q_s
zjPdi{$34BX>iA84jorO{cJ=kB+Q=fSy(M*ZG;2|rnD?8%NH9xAJ+iB%voE1+X<R!h
ztwh}5eNuWI8%(x}g6aT=<6%G}n1Lpds%5xdTeD@px%@-2U~U1!@OVYCcVap1aGo3)
zb-kv62-l-zPL^`I&TsKGmXM1XDG}Ch96xROM@G}#7#j6`u%Y|OJDylh8O&;IU<`M%
zNHg<v9l~}NTUcJ;N{M1*J!m{qSQO!~w`P_X=7(;sx4%+#=!q!$^J*|+_1O(&|D(6`
z`03YojV%RkGk4CC2-{-PHUr%bF;*hBA&vR+8DYIDG~2Xz`4QLX!?=bHUn~v@?e^Mo
zDJa91b?O32l>PMnv4Kptvd_DF@+Yis1(Kq^KD)Us1FKNabWcFE3^7^W^!S518c?=j
z{1WMVW*%RK=--d9*@jBJmc~>ZuDaUjnAj^l;j3oWos%UMS3EDDUC<}gSM+sh=BbG+
zQw~o&PDk!&m`|s<{N&g27E>$4HI+KwxDg;8VOPzzjU=9!_SqfJdDk}`ppiR(O#b+B
z{iCb<C`r}gdo(4XG*YGJZNv_Y$C&`g;8Z|R`;Dc5#oepEoAExGwlluQ9u+f>)ju0D
zqE)d9^PGZ5`rw0ywFQ-Le2=#u)JHe~dieHlW1|$=D1Sr@74MuRTewKnd<Sb!?Te1V
zj}-I-Y>sOBWx;DztK&qy{V#LI+g)_*@x>W#2H-;+%BSOkE?Lt{8gQ?OBPro!Cw$l+
z1raw$xRaf{Pp?T@BWtw7b_gUaxfcjg$9dw#wuOOaE>Fhb7iR9dV2%q+@ZBBnk=v-+
zeZypESAIS`t&UgEWztQvt;&a6&389Un;o~$8oPU7CB++`bD_d3E_Fz&k#1d{bWdu(
zX{%}C+WB7zj6fJ-mhpVMs~v&h!II8<6`QEOr5o^~7K2rHE@CO3pL%j_PG3czJ2zSQ
zV2EQE9ln;Al6}=QI6GYHjYWG)+t!2iAzb>+et}z>c@>ZU6~9u?gtkvtry26kH|-sm
z0p-d~7Fmny0ddjsvVHjH#F`-osSQP3rXuxg(ZogT;t0`hHUuU9$Nh7$S75E?4G&+3
z=_bS^jhj`RPT~ECjIB}8^+|nTznbIb_R7HKiAHMW1A*$f_9NBSC80+9&7{jC3oI5%
z?G;JO))Pq#V@?gmmu4vko2XW6Lz!n@cbL?(!k&NGi9<)Gx;2OEZO=GRy7nS`&SZ%b
zmkx*Bgs%9NX_te%>p<g_l0;09>AvF$lv?2foVASjTqwwZhz&~zGTsR~*dk)5YtokN
z;8Isv3%&*P*IDsXvx7+Ujbt2e6nJ$USpQ-j`k^q=ob$AF?xnClcoSf>o}-@#0rw1b
zPIh&TrFA(8#$U8{WhW=F5^_h+31p6%tods<d#*tsioOZJWzgAvSi(sHjn!m(xS-Hj
zXlD&S^c%Pm{eed@k?<zel7SC#totDP&Z=K)JGf2am|Y2?O?!CcWN8Fd7Bs)!a8b<Z
zTogPcErR?m(3A)cehXSDNb=3pe*kr{APf1{q^%W<KGy+Q%b1C4ahD<SpprKR0yR+B
z1Z>3PW4AD2gXA>@dB2f+0G*9B0Ffs<VWSHrhF=T`r&`LBh7Sv~Jo>NdLkkJB48v1t
zu9t}fUm}GX5)tlm5)LR74BMThUseSmur)aZrY%SORWRS@7G?wcXDI($5CGJHC8uEd
znjA(Cl8b%w2Q6~y|IjwL%D@IK6i6X)<r7TqT;o5q4f~aUp;@|M{jjtM3i0n?eZKn|
zvx}_%S#ksl-0*+`y8neOli%x4lT-pFgiN!b5(#ul2rbGolpOMhfOQe~%>TRsTv2Wa
OfXNR-ju5&-<<sw-i!r7E

literal 0
HcmV?d00001

diff --git a/test/src/test/resources/jenkins/install/LoadDetachedPluginsTest/upgradeFromJenkins2WithOlderDependency.zip b/test/src/test/resources/jenkins/install/LoadDetachedPluginsTest/upgradeFromJenkins2WithOlderDependency.zip
new file mode 100644
index 0000000000000000000000000000000000000000..b85561cf0dd5f0bed6182727cd246cc1404263bb
GIT binary patch
literal 168835
zcmZUaV~j3L(5A=s8QbPFwr$(CamKc7+qP}nw$GURe!IzLldV*xE1k}D|Lo-MY6WRf
zFc_f!i4NIBX`2OyXVCxp|0x<ETp%k`J8MfjXZruj#n8rvUh@B}sxFo`^frdhE}|Z$
z#%iWc&X)Fesw&Vxpt;NJT9i;6TCN_jK)_(nz(7D?sQ;k=^o$DsS4Yq~QTo5V{~J*M
z={VT9n*XQ4@V_CP{{amDf5`t3{s#sHME4(IVi7b)E&&ASG8qI2=l>x%8#`G#xX?M9
z8oN4Ky8NZLaIpN}P_+Mm-2Xq+rCYh0QD(lT!*;9n|IM48y?;3w6UTWOG9}bL|44IY
zrOK>!k^@;7p-}sO5kQ#bp#6W5<9}1C%OeSEinB3$27f~Yf%bpGE@146t${#*G(drY
z^1tL|)D+~DWK=Xm<kY5F9kmeBk;R^PAE15Zd6!Uf!b(1&3q%Q3MhLYmY)XaMG7cL~
zPV^p?O2l~=%T_mDQ$Jro&^j`C$Q#Qx1;9&Dg}whmU#)*R-$`(P`wI*r%P0K3nH2Mi
zA2Q0YI7>{4a*D0G5Le72vmKS}b7~R2yDjj3I`}6{VwI^|&D+kUJcs0>1Xc+_6@@U-
z%L1BxA}V#=aSL!bs;+HVVb~y?luM+qm-`MLbUYcwJfF!wdkb6@vsM$3Ly4cKNq<B`
z0F2%cK^1(Cna#@pR0caOhk(@FssCgqR&Vw*vDE(l(_c+`bK|nl){zufA!trX{0L|O
z%wz#t>MeroocPNwSReXc2yZ@Vdu;q*LqFB>z;pu29bv7aWDY8+C=4&^sz^63XiFd%
zY&kuhUyf&Ta|{^oLqPp&e0>e@+}9YouV67^(i34n!tP59xWd+39I#yj6_UL|e)R_k
ze`s743x31&e)VBa{S??z#eRi1er27yTZv2`K|nOFKtYgx`y`wxyu8@uwakUN|B!eg
zYKd`)L2%Ism!UG8fq{IptPNhYUeagXux<TvcU5)P)v`0Yv%lDHHe@jIXM{)G`9;Jz
z=iTwlO*u*6?~{RiIEGylM*{uqKzK8z1(*7&#AZfnWd9Ha4j^~OkJ*%l%Jj_8FdRev
zTqCA=XU2wy=9g+EhaaY-CZ!~*XysxhswicqWEd9d6&rSs9VjKI$Y-A^nHNN7WXNhI
zXF$M<&HWP@0U={pU<zerJUFnS6_cbEmHaMtpcauD7g4^Jq!gWyr(OJgP3^-+R$^15
zl4@9ZBeXg8Y&2>SKlVLCa0iMHzWeYBj(hx!6aNQa8(q@pH5}rH3{O`*OK(f-_azeH
zmn=;aWNls4_e%=V`;*|TV{2?+=kk3h{`lL4;n;dw`!gnX!C!Mmmq&~Wfe<eU2BmNx
zwhP9E11gOZWeu$S85or{qg9`jpSxvWTt$+ki`)Eo58thfq=<$!`ue8j1;oeZ;Ag=D
z^^2eMo*iJ<viiuS-DYaAJj{8>lbNn|qot)4RBN?(4+ZT!10jXs20CXL(5nZ*JK4({
zR6AKN*>0|{CqDQQa1`>}IvrDS7kw7H71suTyh%WD2jh`a*z)>?LQmR$MBI91!PNH*
zq0+8U-{iHq!%ciU=?5TP>ykg1i?V@^8rVU+U04!n9eYa*q$x2kx_&AI^=!UuQ$828
z^qFyP>p8Pq9P;p92s6K5Z={*IvnLBNK5kbgYTj(y+E|O)$KJeMxw=53dQ!&Nn7H!8
zdtdM3`Qg*_F0Xt}2==?olH)Dv0QdPQ0Qb8TOmnJOlhkR{mcV)@h2<aaIs8c5d`Ch~
zyj^zu7LIY+`d+H1*R4{}YWe-4eJ$5xhS1&qvUPm?S(etJ`8Ah7%c~S-iNTP<2!u;!
zFBLIasTN9}4<)aIv%09H^F*<9VA}=Ntg_Y;YB(`_VB6$gq8WZ>;j+Lyf+B@&Fs=<x
z2!TkcOQTh!teCaUC=Nhd)Sn2|I0ddM!SjT%ZN#k*J?RKBJ7Ie9^lMYt$lbXpN_y>a
z!+c9}J{!_&mtPBToAzZSr{jjxOCFGjrdeRnqK9+r(`sWU#{~?eGFN~;`_Gof`tGWc
z*bIA9NS-W=OBN9gPYnSx32_;l4vA)LCAg&u95ZtB6GJ#6Xjb;PJ|xi$=P@>T?ePZ%
zh!y=svVxIW3I_osgo@EjfNx1*_Hk_WHb(d>^fV`%Ika(OG#Chtd(NiB{;Sb#8gW}k
zr-@dXth3LaoND7sg8q~c0ODNrWGjnkPj5CGh;zB7EoKE-EWioec21Bakc!eH4faN!
zs<i5YZfGXgR}XF1RijoRDvI$HFfx9gY#Z)Zn_z$6c>c(_5nn&+B<#RG0U;Vf<{_pF
zbRJzl2x0W3FGsG-hD&oC5Fs2baiRy}*F&E`B>8QXKP3A(D58oOwWGE39GNx^(w+dx
z=^DrSy;xw>--a3)`)Kg*+Ic07RT8>F(h$j<QZ;gLQDz#<Kk6*h8#`&`d2%4{d0_zC
z!KXrDPhDJmaj_SsoPdm4?j_vDgk)}}ah^20K@&AKnG1k}hSbgSXi|-<8L5(A%x1BB
zl~=n<4?4P~)uvM+QF(AOZ$@UZJqn(c+;|B$s9XuBkvyakQelx6eT%fq)m#`QjSAH8
zxK=b5r?}V-4koF+F}KH~;2>jT<MAk)Y&dj_2&jXa-1{e-`85BoCr=-v8^ydH$6{jC
z#S!}5#{772QdUT<9{xSW*qnq`|DsH`Ym`2ub1Ei1O2yrNO(Ez^M`@d}KQ>4pHg0+{
z6;LmK^9J(Zzwjf(_WcO#z*E;i1gn(_Y;t)uKy2W~zsj^&5wRD?@G`GT3IS-!ao5g7
z-!Kb!xw^18Gg+@K%20GDZHQE*gREsV{O5EobJJ2rtbzHhT~Z~)W5)&)te8ZFYNda4
zbL)RGx^!|7EK(XSI*i=i3O#f}Xoh45lp@}Ig<Uu?F49IF`vtc=;4C3z7;ZGKAEQ6|
zXerbt`Bwgf$rfGK6o#q9F%OqOg8>ITRKE!-X)Oq5LCSp(MWW$Q0j8MWiOi^Ze?mGQ
ze<Sw_l|N{n2%6V7Q7G{vDxXovs13+Usw6KL6~U>Bf<&zd%7HA23Y*ibSC4@H)Gs5X
ztAq)vh$dvWXvk-=sLS845WC^2IOk<mSJL}euK!?TIC~Hq|KABlp??suU`ds$-<SrF
z+}c_CfQAA@WoWdc#^c(o7<HtvvLVD8N!NZA4<1T+g#ylxN&(YbI6#O_#dNB631nUN
zT0T%W!KO1Um=r>R-b;&QXU%5eW!H;HiIyqjWpnjOt!N9%d3`n74{H@LxoM5_#CM>r
z;P(`sT!M<@q6JZ6FQ8=B>7f-3w_qKXDc>biVzo3-h-OBMU9GQ5?!0%WS>@HAmHQ&z
zSxNk#v+$m?`o)%FgBt1r&LKmv_Fe4^q8e#O((zNKANjlEZYoq(r$UcMwxId@Vl%6n
zS=R%>Rc2cPTDu3bDIltVGEW0T?5flwB~1e`rBLX^v#vy;-;0G30}PZZmD%98D-^g|
zTa+3kTvCmg)F6e?boV-8x^6vr_aLsel4(~xhtnoOZhfFbfj?<%6Hd~6OtjBws=Sn`
z4|bemr2_$azB!h*ynylk;)(Gzqlr`H;WOR<vx8iE7vntQfr40?&h+fPK4-3IX|1!q
z8L{lFYN*?8Fz&;3YbBv5>cASQGd<tr3g+b}p^lNQY{aZf{Ly#>?fhK((6qYn#AuKy
z;)65w{`S{{u<o8+&Yj$*$13O}8%T3;Wg1dLOI&oG{U5V|O-&=Y?XkXPFN<I^yMKw3
z0!02$MW(!2_;!Y&eRfcsy~qLmo2$*))rPjlSM3O`_1|?D>uc*WIXpWDtlbh_6l8hM
z#k0rxzmTy;7G@Cd?$H}cqB#dm*Is+_hHqI6{#x#Uj$On^xrQ6*CQ;7I1}99!1?D8<
z63?QgmgUE7dMEm)+!dytzD{LV+4|#A#})z<@BOsoj2EG{YBC2lF4x&o;y!l4<Wo<(
zrK({s3Uz^IGfQEXrmmjUA1rsZooxR{3U)M5A?>4NVji3+E)N!(3CMlKTV5A3do;Vj
zm^VMa>`z=W2Nvi1RZZfaQ-ceb?;5Ntjr|Q^d+d&UQc6@XHm|CE!+JR~RMcP{mQM<<
zS6<L<HUAx&Kw*{WfPW#kLNi7I(`h}Ya6<l@qj&1>DL$vGb7_E1T>Y}`tNi{I3*>~p
z@Yf+4%&V}YjL}SrE6+MXr-KpO+|6ePYoKuyE(m`}j{~qKi^BDvFa{UDeXGMA>wX+X
z9uyY<P3NKkzDWi(#GEP#6e3xLG1OwoA&xHNU(Or);-`Zs(!Sp-f!6(%ljyPP!e)a}
zY6ut4Q-e_WC=1T%uJng39qmFJVUI1RLc#Z+r1Xg<3yQaiZ$bs`r3f_r{H<w_a5gD(
zQ%3-eiCj#a$s%DwSH<l7MpT?F9hFZ?<I3V$*H}Y*5!qft#B<PXa%6-0=H?bCWjQAw
z+$EJ*`lWF@!h|bS&sgI1hC4^Gwt;U>$?;Ia^{|Cci_Bd8)L~RBadZ<%urijI(zB@W
ztL#{~b?^k!+8td7qV@j6Pz$%i@8vr^X$Q1BeIzS;r0Q<9I;S~KcFz)OjXF{h2_w2y
zax<WBc`84<VrS7NsPSwRr_(w3?uGNPR~>p8gtG;E$Rc{s1V-3Zj)iK8OUWz24^`hE
zxD9BpUyn~3s=!fKf|cJbN~?$i*4$V$;H^CgR%9T?WggY-nNACiL!RMp*{F0NjpLoB
zxjE8Sxu29Pi1~ctuozG2QN!iTJpEVYC5*4HSJb1@)4Qot6G~3yjmz9Gk*1Wgy8}Sw
z1RwLl*d$G|(OiK$mpaCPrR4@?tcLFl0>x-&G$emV&ivxWbFvO~$XtMTztyeO6dgQa
z=JC%@a(LY0xu(np@bWmkxs=%KTlDm%5e;X%`AUmN@FDx)F`|KPH|8eMPM|`mM$_t5
zUOdDC6Of5SG)Z}n&JW5ft?)&Lc3f_U+EV4LI6bnT#A$8dgbK3LR_pK6!M^fHPA`2*
z6FzQ7VQoy>H)dUn>U6uCUQi$e^r>THL%<y#$lO0fVcS#OtEqYul=(n}^I$=qdZ7wA
z3FICdFik!(?{Jso??4&&F)l4>vR|Ihxrlb$r7halspRDxV8%hwWEldO_n_21EJUx4
z2^Q!C4zqftgQs@N4d5zd^jaG!{8v*P?D;Hz2}d<|KVr2eK8oLwj`PWA!ajvcc@~Y#
z#Dx)rPz<uj9x&Ml!Yg%MctOFO+(;j({Es=r$0Hd3i$XB8bbGq|A|3%W&t<II4VL^(
z7!+4^x|P$S4HQO`?qAm0TJH&P`mPUgI-)S2A9tUiWZ&nlxzHxw;dPK;^RWeV42KJa
zP(v&5?4-T;MtpJ$KHuX?!)`BL1(^0$H9FBedpaZUElLX`3FumQTni(Mq)#ir;Y4!N
zW@^wDrmfRlf)KiN)QO^DFDD=6bfv{dQX^;zVBB16be4hbaAjOg;7@3<R`Ol!p-%nH
z!asZD^c+<*te~}eszMoQs&P_3d}+<fCzbZoh61Te@ZJ=*4_h><bh<x>B-F{9%I!nU
zKJXK`BRDjjxX%}k%sjGJ$Lx%zY2<Yg(hTPh4^rULnG4Dmj4m2vE{}nD#VkTIlDnHi
z)Qb5#!sOr%OKT+?S=GVKc+vg-apAdrL{5GNg6V!hr%^70%$8fUg#mccZ}+?3$8e4V
zi}ARL=Edi;t{ogC$^r=6l!_qU3KJgCi)FNb`Wv&8uV^0nh$h}Pbo^-w(^0BpC>Iex
zK9n6BVt`@S#vs(<q}~ajOgJrey^C;5)&oyuVQdD&tEH+qIVk?x=h}u9fk;Oi`pg;+
zDhir@le>QW*$y~Nhwvlx)pkd*PdyCA-7gjM_upH!g+QZFRQv*Bz(vqHW;+=PZZ{E;
z)iY)!mirLEmmFM<#bwI|VZxF9K$_!zFC02IC2!Pg7^s{jpA1qfcccTcsr~$n=QwP0
zX7<MSg70_=euCz=;}DJ1=YwsPm9T}@6j3^fS~FrOxLl3SHJ#-G6;Sfz#jOKrkXL$#
zT@<Rli6Z-VRIn&K9YiOSrGM}^H207GUYfp90D!mWmpNCl@_t6a_E3m+XPIaCZ#6<2
zfgh}p(N?i9vXeNpx8l&MmYcpHF?E2}<;UFEWI<`(cao)`q`$JXf{qD7i}I!Kapcbv
z`QJ78C)r9xYO7+|&XTvYw5vjMn(uk4Gqm?f>P~S%+=)lJ3o^J)CMxfhB^<*+C;u<U
zyc6-k6xie>En&8anG1**3x2qmJQhVy`a03rwJga{50V)!0z1;G;0O2+dY+x*ipP2l
zMln)?gah99`MjKB3bDBggvK&F@xX$#1(i^y(CS!t6Zm|b6U*2SPV%ZUQj!;?lvnFH
zIg<Wvy?|yn&b+i<;<;`SWjPcTz>o_W%(8Y<1;_c4lM=;AkwUVGz!P|N2E3)e)3PsW
z@gy2b3@mt17^qElQ^hT*ICu<QlMUJKkc-E*WpUYd9Ysxcm8!v<u6^?PDEjdRZt(zG
zxJAo|dW<Ehev+E?F(_}8JJec}W?hF6ZvapoVqHk@n7?o}{B^&VMl`CFlInDZu!gPM
z;?v5@Q$=2G_@%kj{f5|F`G}{(sNM;)4xj703o*%`LzWF0u_oyHF^k74=DBCA@~tQb
z9SlwF4z$|{$?W;RjsDOz09G#N_Ds`=S0|ukazVc~3c~t{zILoMY;e1_f<q&q_np{L
zH|ww0w5Hsoq_<bbq;p3zUA*}q;Dd0%59B)d^7(E&IrV)SLEpHrzx}ps3i{kjmCh?;
zQCCySeyVc1v+zaA_R2g{-BUiw_8R>1n|06j!kn)WS^xQUK>7dqc5UBoPf$_6Zt&F0
zsY)Vo!@v2Yu<TcuP0Y6j$$OZC?LfrP$?!$}5PcNdTMVH*C(-g9Uus$DLc0oBhrb3P
z;pqn3Y~<~TbCHyvMD;HlZ;4?y?Y*zL@9FaT{Q3uSGiM4zCnQitR@H3t;kV@zP#a(4
zm6&;fps$o~C`W)7PNQ-wdFMu`BHHBS5VSu%os%w$!O3-sSq|f3*B@?BlIXnn(&???
zoT*%GP>(93;&eUH7xdnX*;A()Mgxo<RFG|`pTu<f{Ini~BhT21GZ?L<*vx{R`YvV6
z+$mwtks;n&-_)=_wq^mG#EHq_S%G`QPy$FY$H%&9->|Nxuxb@b_$_#9=LZl%S6J3A
z!<-B6#!PE{%e@9sI`L1L(F@Z3a!$>XhaY-Xc$NZY)s}q-1<gQ33<zmBS_`^x?B^Rj
zMqH|l$HS-&H2GjisbVMANdEG&E%CX*RYI&Ohmd>bxdmo8_wQ6aA+U+?{pJFmTqJ~X
z{gjsVrcpF}!LwT4=5}-lc~F-gs|m~xNkvM%<Im^7r+K~uFk4G0`D6jAZ96RWMPnlD
z%yGHoex9=|uA2-kM`vj8^y6iuE?n!d#@gxa&^TH{C!2YMR=8qCj@xM-IPPz(UgEo%
zua+)j5AKo#itW8~h3t`D9PNJ2EWJ8DNpc{5aXCz+daqO`pE@X`X0r<Fo?pkEI72)=
zbw1KcEGzD5<hS0%E6kUbEcT&4-mA-s*EDXsR1Yg%42VAPnSV$7BGW4N{w9+kHq4&9
zW;188TqEEZqME+?$Rj}z3()$*haO3p1Z%k^VAvG-9;692@vpJ*ftl0IR`!7@&!i3N
z*b_i43^_fH9llV(^zK3~V)C)|5-U~EM6!b#)$8BA0YWAqOD*%d7QAIq&#W?SXkzh-
z7lo^-Ae9F!nXl!yp|%ai29V(oVf4J3w?l+{fIcKcm{AEP|K0aFcz{AcwXZNh$yJu#
zAl6=o$MlY<2ab16@BU1P?j>KFJ-!;~G|o0vrjUv7!>xUUNv-sI>8Z&Z1Q41LQ!1hs
zGA+1vu+(oDRjma_%;WunxKV`@xgU$+4OrZ4MgRr3OiZM8pFNoBwstxheSEBjDmiG0
z%lH4|xf`<>lFxhqU69y<NBmiQBUv+SV_j=;^#R@Z{!-R1&H2zB(B#*o_p?W1o<@lh
zUHQ>dqb8l<luh>NDQ}p9k^ybS<Uwf5&I6e~DOG8w=@jUeJ)M_P^Em&&VAIZ(Z9Z+m
zc)ApAR<{M=rO8#Z@`^s2iJO$RSoY*zdVM$onFz}Plai53akmMOcDFq9!IZJS=Z^nf
zeDa^IbGX;pOQrmb1J%FC%MM9JQNc=lsXx#ureo~V9Dn->FLUW?EWztN-F;q$vybFy
zoHXn588;)1??*N?-0;!vt5E9#jA-k%l}0w?NPGkq#fjdVbxjvX%^??w={u1J{e$ql
z^l^gBfq&sk!dVg~n5`w%U14IOr45fV@bVlMom%QNTl#0zP>q<~7i+ZQ#L7T(9E;5M
z(dfcE8l;f;Y#`(`8d!`;LhD)kw-v!h@I#6J-qT$vz0Sjo7_5HZ(CJ%4!-du%nN@$=
zgjNLRqF?Q)WZ~;Zr}X6LL_zPjO@=V6^zrTSk0?E|?K6|^={?II94Mbn?~J;V#n1oV
zJ_-zuV;jy7Reaz1%+Tfx%K2^@9AsHcKqtZ}0jH;q!l;A9_MyGg0}PeYoLJl3G{8Xq
zH6TF!6a4wGN!r<dj<V!st%anO6t8V>qtcOJX#7ILLv%dlNKF<n|3JTpfQ5a*UZ_!Q
zpeoJWrk{UZ8ujqp`A?(0b~W^>vVpbF)@NM>QvEz1Q`mjvc&|RpZ#dN9nFWi__a0h*
z<>ENQeEMpK+!XKj?shamjCz_L*60z0sCE(K^=<wH(qs3QAPDiXV7&(cN6X(zhZ#xH
z>?0}fM$+?8;*bfZMeY)J;`CD?QJ^FI%{pM4vGWr=N;?p9C}aafn?*B=1PdOwjoF0`
z?2S33Vxxvk*{2bW#3A-U<@L@bHr6*Q(JKx=xN}*XGS7>vYqysjp9EV`mvE{^=Q8@p
zWy%|Zi?SF7lyCJS;*l6GQ5-P``%CP&((wrZ7V3N!W*0Q8^S?MJxs|7Dpc~0KGpJF`
zTJ89sGhH1yuu?KtoGi(1vQ8jd*x><*E?bl`#PnI~vjyCwCh_Ng2BPBIkjootO#TJv
zHb_mJC4PEoOOza?Qcw2SPrw#GCbKl5OHm)6OJc=XZfruqY5fgfUeVfHsO>VjdN6gy
z*obT<b08HQcRdz0YAAA`bR=A!b6*sg{rS7im@F#<l4E=<?_73ysnKb2$X>O2|4>P*
z<PU>&C!NW_R3Xhz8QNZwF^$Fmhpbc%H+jX!>7N0mUmFi~Q0FT4K=~xj1XNxqCDH`G
zT&V>GN?rMuX?$j(&XO#hBIM*QRotdYn3=r7P{Uc7n^|Q9M_Ox~u~H-c0MaaGrLn{X
zre3%js2}y8cRc7q4BPskR*$E_QLN}0wp9|*`VcE&h6&NB<5+PMRWgGfIl_*>RbX)e
z3xh3T<(w@{m3$N&vIgpK$vhL~b2xzMHp=uDFc5X>cwYvKEK+9zo3S8Ll7$jN;=Wl;
z0q%|u1zB~9gQDW}F)&QQsX}?6EhJ9<cAsfE6ELO4RynT5amhb5Lkn5@+(_yPrZi18
z(_jcpKRa(U-j7efSyED^G96<b&t!acj$4w`t#V$K5=&o>wmkYU=HTgRpG`+eiLJB3
z-dx~OeUkD}?-aa|QZxcbE_&|B{zM4@8)93{3Ef=kuRuQFvVfUtBBc>J`qm&{E6pY$
zMsLXTX)-=SfB?l*U_n)G8OD)3h4p^g8*C3kX;%yhD?<*$BLAF+z+VE)44xF!Zy$N!
z|NMH}<;RDLwzTDroJdSQi!!ct1M*WKgGbmh7_Zs_#B8Ae5^@ibeYD~IZAEK5O%K$~
zs(98sM?zsTl~<`8rmb(>2wYK;lhe=?w;nl{uhb-)44BXZs<hWCbCR>QS!wj4*&}3v
zjo^FNc$_xU;{}b@7*$C+6tBb*8;s#vbc%6jYp--Ssm8LeOlzjl6D(v|xB%~l!Kenj
zb`AbZ$J*%Fc1#bahyd}3oHC6Y+;nd&#O@JNNF`(TI{%B<s;uLXgr`--1H9BTTk`k4
z>w-+rdQl%O1jyE4X<<s#p%iDkD~leb*|Jw`p45qJ>KCd%7O3@pIWIVIhdYaK_phH8
zT+G;f`!B8PT$q~A_AB*CT(Z@%phi}<OhufY|1dpG0k7D*?QVE7h}~{=a_jZ*NnS5&
zAb@DKR;F62iKB)Jsd(B|2Ck_1CcR(2;4VF1S#gh3HhogYn;J{E<(G$g@CPDLAUXsa
zPM73;36CU+gK$umzN!4MkV84pKq);JyODT&7Q2ypycW9=Z~PX!k!&1-;zIf3gtRpo
zDZjzryIpAL1Nu%#qIOMqUeK5hUx6RC<@cIVz;e3Oui!=~|3*&7)+h0bwNaES+kG2?
zZf|ZnRobBO6|<<###=TsXeK?0ZiCU7ACfsx4G_#`2SK8M@O+FSR(VI)&c&1bH<;57
zgZ~&ytfCJ|vu%s^3O4H)2lu0p3PmC8f`erA2V4_>JV?;G{phoCLU;~e0es1i&5<)z
z;gWo}#W+q`rwz3t>h<HQx7`W+TJ}eAc=w+)IRBM(cmC|=<nrj(r@2UX`AI3%*?VKo
zWimW?#S{`AD0f^Q&}14~q6CrB9|u-S2jl*Fo!09m6YpKY7u?S_gt$0|IeQlySiUsH
z7#KS~Wa4?Ab`BfQmzSOwpU?N~ZuUIr6P+>jvbdB1&<WEL#LdJ_iz%eO-i#YAZABW)
z4Igpu$|dd}QwT1MEhOiZR>~zC|35m5CZ#X8oY{X@waBI)H<(F{wef2oa<F)rpX`BA
zHF8>p60MtSF}Yn?rOyht3SOCc6KCjTUbf?}HX=WGeZa3<@#Ee<XWG%EU(=WXY3$nK
zkLB7U=A?cV51&ws+*T-2e(SC)s7AG;j(@DgH;f;i2QLJT#ShuWd%ku+q6yOK%YBVo
zcw}z4I;WV{70RLA+p~TZis+vnHa7626CtmpyI8Z(-P1pRnkawXgx^oxJj&$K+BV*x
z`d9VLX=q}|qBSyS=zjp=ee>%8aRbE`24(fGD}c1L-P3J?vjsiCeQo4f3{ep;<dNs|
zYa^+^o$dM4Y+TcLmc=TOo*wIQlbZALc^XDh)GBrGJXHr`5^!rq;%Rq5a|pr@FWJeT
zkcyQGEoKiiGWu2?2TYeX%K#ckEXYsViO&I(#b=4G21s)WAo+N*I8B}Ge{<xFrf{+1
z8`m`p5eo1E(OpEY;ZOGP3E#&g5#BCQ9%1gKaOncg(%$g#TQ4oXMdMn0w&bEX;2O`y
zZK>sR>c|orPWIr`iJM5E|6`Td`}&T^YLJZ<U@=V44~hg~upfZGKkyqar|gJBhs@uE
zgB<MY0xPZ{CnuS-*n3)DCmlEzkVMbtd=)0pfRWtz5<eNcCH&F@;`m;mOyHXMy(k|o
zvDp4V%z3+z;`zF8{rvHQ;jHCr`ZAdfdZVno#T?mDpvan_9^wg6^IH&TTkFX=gHqI;
z54Uxqow~Nup2Dmg!(y2}JNmE-44HivFd7Qzb<)nBU3NwPO9C@=+Rq$RePA~nWo$)L
zJ0`cwS!=X77{48A$K22AP;<58{=~ICvbg#6b6#DoB#d<c=w~(B+2G1g?jC4<(JPT{
zbHOe;OFnie7ke)#v@1RIdC_9+6#>n3iJj)%_(n|0k`5teWcV{1Q56Nj9K`lWJd?^o
zL@^Uo>n$tV<@OnRkoU1nBomZXUQQ1a^jZXx9bWYIB(|(1D@`2RSO)}<05!*LQra*x
zYsEJhmka@3@KDwx*D9VBQT8!3Y-LnGRw8|jYTsGFVDMbHz4E@xGaQepXG{{~-ddN&
z$)`Y|VIQZ$uD+gvO9ic1q9#YGxK5i@63T}a9#NS37THX2p=31hRur$VH|9p-W|Yln
zK7!;Mnn}i$EA@`gKwDVAU1xX}wivJiqfIbGqEp<h;S1IBMlkIRJHuymiN*A+IM|Il
z&2##8Zl9zMxZijjLN1c%-d|-zxMENAD6DWS2DVtvt34j~G1|5t<nokRDk^YAR7mcG
z(MUpaAMPR@cj&xe&YHhCUP`3Y_vg2$?O^e}NB!|PU?l7xWN5>=r}x9gsHkR(Ie_L>
z^3)C0z)EfJ&%?n!qlaP(_(NfllvHFBRS1MlrLq%p8Sl2)9K+;^5KhcjX!qHGMN$(S
zE?mnUG!)lX90q7Su}OnI^l|5zS$BGiX@2?P?ZWKi^vUtZ!6HqnKR8du#0fj(vqDR;
z`P3Y;5}{FlMFbYS#bzfSW@BUwez~K}M-FLShwf{PrxHnv7e)r^Ucx1{J&RkoapIzX
zPq|rDJt@h`Su|A=@p~Ds_2y1y5$4%vD+sFNb;K4tIN7JR)}7_f_5OGz<Ok|kBSoG8
zk_}~y^baq&B{+I?mKy7Q;3gs|3>LxY>18qTq~qXIbr#tIFm;uglAF+lu8<o0<4*2#
z@QNvvPqo)e`hYD&y`ty2Gm3WE<HF8_{zSjtHR8DD2IcEHP93w$B3xsJklOMVm^IUz
za$f(N2|?dgmL|V5TW%r*zQem)&sF6=P`la{7c!Z@2+xBUFUhpOq0GIgM17h*1sAV&
zcri*wNf0-f3GS!05hRz3&ZWNf4rdjPenF^1)RuS}*%5!8#2SPtzbhw?*?LGh>=SIE
zl%pB&dTgU6{$**mO9-o|QPi*LZ<?v0gMg!cH{B&{iFk->O5EusK+>RGC2vyXM#>ba
zHGAO-#xTk*qC2Aa=$vrYf*NSReu`3-q)aA8`q0S)yp&{O4MDNIosf3H-UzsKP6ErF
z$*;9G!Aw#b&WA{vijUxsHl8VKlr)+m?x9g85^dCvgO!VG?(V@~iWcp=<-cuKM@`K-
zjNbOwN8a$4lvGNsi8>#$lKyI0fg`Pma^9(cP#09uHCrUO)IM$IMk}<^3aqLUBw*-B
zyJNj{5J_Km{hs1v;CY!@bxtEP46AlbmSiSLdcYz!3G=>I%873hpEKUIz2#Kly{1&^
zxZx@8U>A|Rq2<n4-n<~0ksP!}kl97)kvF`cZl`AtJUo(Sd4=WQKkAl!18*XXGHLY{
z5RqYi^$~2FeFr~53`^cqORJea@Z~#Gw_f-P+vvWln@G_cN?sIRv%3Rm?0U4hx^m?z
zrcrwWuz8_pSTO`w<PLWrQv{<%)X4F{U`JWPO2bu!9~C;@KQt`Tq}7|uH`C#~yQlw%
z76ZiM=IxSvZiJ$L{F3^!IXXmI_a-r&K>WHFq3ga;_1`QZ5+`g8m2m$coTg{q4thN%
z>;YlXF#+L<x$aoDW;mcFt{XY4kNJgo^?CUOUq9;n{U?k%WkIQDnxh-H!I_kDm;N-B
zardP~=l~kk?1}WJJiM2DJy7lIY;?84WfMuC6FHPwjG2!q7Pb7;#@C|5lt^-ld?Il*
zN}|hJaCSKqU!f8{4ZWflmW{x#kwn&x9FMpwmM28Kxs2PS7sPASqB|!)!TI6cdi=Zr
zzgz>wq;M6p-WZ{#8lk|jd=|2HZj$)lSoY|J_sR~5Op>y>c7RW26Do5OVac;M68D4C
zHhI-fz!o@{*k`jg*m+vEWQS@i?nZtCaxwlL3Z(hE+qE2}m&}xjoJr@JR?7m%>A7Nj
zCae8`*6$;W=G(325DYTm3s=T0zdy2woi2iWLaI37Ut7*^N|R}}h@1EKF{e5+3o;J5
zdEw-B`D}l>E=RFONNT8zbam+lNg-I0=l=dmqseL9rR{y-DO`K~7}6k(fjflyOW-2?
z?_1rX!-0PoLpC_UyW+TlC?t~F{IgXSM*OzHTN~Fdf<CfyT5WaR!A3GE9K}(LFm<9W
z8DDYQPcY>eunxmfy0w}rxt>Wk=+Q@Y37pf1(MXr+dUg@id!4X3YeM?UaYRvf3O!km
z1lMKewH_@PfzfzrtQIn48}vH^u0u0{G4%_vn&1#B#jLAkDf4>Triihni8#-7(LSo^
zy6;OUxykRsQfLV&Vk*h*EKgup2B*Bm&Skp_1MUfQPOAEUN*M&P4KT=fr#j|}_q+0a
zF^YW1-l5`bFbrRPL#uI&Uc=N_lWDy~zvT2ey;je_f`rOYHpVXIGRBB6^)WRIE?IEy
z5L!SZ5LP5H9EznVL8}fk1z8e^k2+`W;Taxew_t2h*rH*HBtgpN<QcN%8>AnEe#o39
zbGmHOe_=q8$=>FK%4s|O&fC0G^KRQbHnrWGs#3)=bLLo7TlAaA>I%)C&~9Z&Robt_
zT;KL7+q#9wv?)A$JJ`_<z6kHm7jajbaRst0x~}^?ywwZ$v`6s>^mljXp+%l0p1~Z*
zy^F#BdiF`y(@lwetUkf#aiz+lVz6Z8h0$5H=QSpxp(}K0;H=KIMoR8VABU^<<*Zy7
zcI=MKn0{YmfH%Gv@nx|N&BXVm#yfQ=<^N&-moqW_<pZ2X0lSuT=pvefkZsiaufHW-
ze&(InrAOFOCV9fGyKiREDUO}1X9!i9B2rq{nYBtQ#>GP1#|bYJH{gd2h{V5Z88xsQ
z);DvmMNU{1dN*Bn&6w%6+$p|0S!*Y5G*bW5F1Xd!?TY5F)+2&?^M-9K@~XDP6=pR2
z;dbMJx0mdoU9gcR80(ai))3K1%IPgmK}-+WH0fl&4wV-qm^1-27|C85Y1iayWT@XB
zL`6s`0b9t~Y!Hnt`EG0<ZD8EKy5Iz2w@maN9tkjcn0Tt-<06MAHm0oV)4L;w+=qhF
zOuKVJCX)(w5oIWL7{u2MT&|#YB6@rlYr#!)G<<@xs>)+vw=<zSb_-mOr&f-fDJr~S
zK}Kx#WqeNX$9yu2_1~8miC3}|k11sw*IU@;0*>N74iMmMYKRa_wXbnL|LWa=yySLx
z{$>77yn_@H75Z+v2bM5xgwLHrMmDWo9KDYv&fMzK$eyrqhI-$l4Gkeq>~LA2XYhc3
z41@gHk!|ow_BVJxf)Nj!<bF?&IOSi)b7mdyYeL00k)^TN0{gKNC-C!Z2OsUyH43HB
zf8<EXu(kSf@*(Gl6IKFGcdKSNu)o!*Wp!c~1e`yUO|530rdhqt9)hWK;bje}1K1U=
zrCv$CGG)}=sxC=LKnpPhMM94L7>#8u{xQbXfFgzyU|m#<lJYi+Uzk|gV<tY#cu!o=
zJiW#d99GDf6xr#cXV%`K`C%uH9~h<;Tu_l(okGP`kD+HXX$4=CM$D5OSyssj%1R|(
zpsFa?=&58G-Ki<QnCm_{*`P3O);2RyQhH=AB>m1s5$KFeFpfx{{T1S)%;S8#x&^Ia
zz>HWCMa!9eBWKVTH&j_kwJhj&QuHbRgLU=ikH5pE7j&H(c_?R<V2E4p8Bdbi_V{Cw
zdbekMg;7BXI8_~eW>%aG0#~La&eIyQy0jV@Ia>i-ER}!)Pl4*RzoKx#*T}PSK|P@&
z>FUp#UV&1@{Bawg0KOYd&`T9#45od+*CyMjDZS5OJoEYrMc*qcQFM&7L;y`j$}vvT
ztc7tNmKByvP(G!$M8iGV<)b?d27GqZr9Soj`-^7^9Wb6)Oq3I19FNAKegmLmoJ6Jm
zx+bS#I!zD7s>+@~SuXxpyME7^`{xZm7+8pVYfu!faZ=6bjdzvbl!+Z&dB;^YWDCCx
zalj^ogbz0+_ouOs=GC?{EM9tQthlf!PjDJ-Y<)d(%+_tgij1A@@6$Ww20ttmf}Ly|
z`W?*@#XAqoDDMW@yJf=OdM7p8EbRdT3|A_>W6fIM5gFoa%<adiev;ity(rWRH~<sh
zpB}<2Ulsdm@qFABC)pkU`P+f>oU*&mWGWJ=7dcr*FjNEscr{`$4fr&j_gKoC4dnnk
zm<tR3!kX|HoNYxvekGPfr4sswhw%ry_idERy{NMtY!rNSOMh!1*5JKMsE82Xd*BRp
z$P^iw8v>C-*>iH6Uw@r8oHc7T=R>+?LbOh2@HtK4qdQN?{z#r0kBB0MG^M&!k9eKs
zj4b>t0eKzC<@hQr-m$H5E~Ny;I;jirxNEU@_!v0oys+U%9Xo<BU0g6vK4r4k-Fg>e
zyc>LQyVWKBR%rm!2Nmh;ur&*$r#yMaO~ug$&4liz0w&%5jp+yc9pUr=Fc|=eEo&r<
zMbY2lm94TB91|0(D_FowsRQcdO=|^a>kM6ob)CVEi!z$QXHUEaDy+%jZmOdhEms#p
zhlLuB1d@T!9kHb{tkh*6Edg({0VR>i;_lN#*T}`!lFdsIEV8bZBP}TCQZ-U^R7{uM
z|1NmMdKf4M4!!f(WngcK3XLbY8Bd4QXEE{;X2r)Ezsl=HLvahoGwN;u)3-)*7%M~F
zAWuhY+GR{{$kTK?G$U}v%X2WRB!*iu4OoA;l*vooj*V=K7f#p=k93_EH_`8S!7JCe
z58i&9HsB?c?p&ILZI7XjJc#}%v^Jg)zrm~mNz7*nVshKBi5nn1tFmVZcA1e@?ZHh&
zFeFcHBtil>%bL#lPx`h!CrH<b43Hs6DCgbh^dsUT91>Wy{RzfBiErJE10E_Zfr*jI
z1I$=uZcW9<cQ!RBV>6S+IPsR?z35TSh~r&`uL)oQ8QLe|!=aB<)wRtMt*p%dDUim;
znFID~vnmuxr=v=2+#^DUvlyPw^lV~^6k&5vzOft0LLIy8)*=)@=7_%W+iWKM%nFtE
z@ZtTm_Eg1(>mUvXCr!U{sLI%X#g6@ovR_BvjvBtHdGwL6H&lMRd<}Sm_@#wY-9F)5
z((DDH<p*-Va4-Zld7BXov@N=xy)PGOLVUobg^GKqEcHWrYZ$PcL?R9zB^Lbw@38at
zlw9%&Uo~K2JZS*unPu29@G(J_L4!-JQFbBtH*%DZe4c6no8$tr?EFeYM4OCbh{v`6
z=Zyk98;WxIVPdZEe#j1<?RxGbH1a27zOI;5;Bsy8`&KSRT8^Gts9xteL+>U53ic(~
zDTgnZSR!!rBli&T7dRL!6cXfBJmRNTj;24^Sfhd#eauNYcg{O0t1nl714iJIOYnGr
z9I-IH!~BAz<WcBe%;7xnvmL3`ak2;u^+e(X@a2!yguZijmDo_2$=8NPlUCJf-H45`
zEh7^G?4jI>*~D0oyrC4sH8^X<mspM>qHx{K)xyg>4zD~f&*T37sW@9(5maT<wxq)Z
z23MACN(r7<+EG$?M7Y8bm^P)1mzNMQ!pqzxTVBzz!iYZAKf(y>K@R|9^hf9_dQpy(
zaH`dw+}Te0!L<bpZdo}8neGZPBu>{+D%WM!4FVUg##a0{zUlzo`T69jf0(On{797z
z84_rH&MHjGrW(S4d^k7yy;_YFRmv9Sf?!mT+-L|-E?3a(+yrB!FyB-hNxFy{+f;5Z
zTk5#9REWDQgZ1h3whgAU-h=^v<z0@Nwh51or1U2fj(ySkca|;PddR2gP=KX2H;wwg
z3%y>d$54-<Y`Pm*7x@E-t_0Y1haw~!^>`}JD=OorZ@Vi5Wh5rEYBwu3FpvIrnAr}t
zLLJXP^p@z%ZR$&0k;q<pSqv@CMMMbsJG{+XGS=`la>4YgooIw_TZD-8Jq8y3I;?|*
zAxn1Ndq8~S&jhh>V3A|A-kZ0hw?U(&N)PE+vCX|I<|c}8a#}3_@;l<%!~w>%+@XcG
z!pz&`9id|!lq84p+tzY@YJPf|{y;iCpr8Z7cEB5Era#WYp1aUE+ik-~AHM)<f%$<c
zKwJ3&Cx}nO82{G0{wvX;=17J~AV1*oi-RE@gZ<h;AL-C!isiF?0uBUr$B;rGW+{q(
znW6@>nytMvS2etWymY8)ItEtez-B;+)GPs<$0$7Ncr~0twAuQx^BG6oj0x->C$Yah
z@DP7)=C07)QSYwLRp-T1bL7pMvKImoNa2kC^7D?novEROiL;5Vfv}~uo%3zMuWCP!
zyeKh52x(Frt#~SXAo8ZfB(!*WgA!X)z(E3WX-~v;vsxCgO?!9S6g+O)K^NzklWq$y
zE_P_^Xc{xMe%l$7?&Ryk<BgDql(S*)kQfC1(xk!0h^=K>lXnyF0bY}7UuThLo;Nhd
zcmFy1BQamq{QfCjgZ`O)$)=jby4MK+m|uxmt3-xHNpM|Hii$!QL$eDKmMHh$a<BkY
zkXm12*&mtns!P1-n+{%ek*JScPF|9lz*QF(;OA%(+_Y-muHHb1u54zq6mBK^RAaQR
z$PFKtMP0TNOd8|UelhO|Z4m0VG+JsxyOqOK+hsaxuf^IZjc&73?I<#sZ704=!zY&q
z_uobIJ1CY!tRd}k57@F#b$5hHz6v;#nIamk;E!hQWuma}DQV2V^QjR3gx>R%b%k=N
zI}$z`Gk|NP(oo)tLH3#kTq{_w70eDvYcEgp6tNo8|MmftMF{@Iz^a8RXUA-`(6WPg
zO&mZ$n8>gF8KnTjQbZl|8kiNaPH?Xy4RjyK(W<RCdq|Jt3a)C*r5Tpg#!Ye03AADI
zkjYL*j;6Gc9EEA%MWe58tu`#`_*@9Q0hCs1Sg+@e*}nJYFkM5M$Y4|s&k#6N<v>v!
z@KSR^6I?R**U|!~f14~b-o;}IKra%i;K}X0;n}CqhXAbzJRlFt5%&CcgLj_LuI=id
z2@8acY&H<2b<$kUHB%}*j~JlYStp{PpPS`+nE7T0pK{!0{v1L8`op({yYUCz{roYj
z9pCzvUXGDBY!rLrz`Ue4OIq^?AUD<}2(mU5fRy2p734@3{obO;6(mWZS!L=Sn#DVp
zhoO!bS`TS<gC)K;K60Szt-#oj&_Fj5Ub^t!dcRNA_<s82@<R596I4p7XU@Z!n3S4p
zPW^S2VQof^2DJNq6hkG2@=~YQSR-ebTyxl4`m3|l6~psKd=>gUV(+|Dr?O)>MpC<<
zDjp$HM{`tJVCN4dIuHK&*B_=px{Ul0j%gHEE@b0d$3y>Z4Pjcc2A-rU>Y5{@XYN(c
zg7;yOMG~8E{7kdxh+kHXD>zCd+a}b(${n_bj-7dnKCCiov<W8fBmP7vq~*XA02>pY
zgmXQ(O|1Vb$5j#1@_RE$ydy(N<E!K>s|{7V<?KB=2?Tnm={QxGr*)pt-$of#%wTLP
z_yeT^AIf(xdlzAZ$^m?ODOVqmCl7SSmp0YC0;NYbP16vdBeNqsp<#E>J<i46b9BKT
zBR6{XYErC6Y%{8ojnV7f3f5Qvs>8@_e)N<k2S_bS;;m*tD$tpk2{tM!C65pfHTa}C
zvSU-CJ=V@+DlTPQdXTj0DwxY=_#h}@2@}N|wIVYB3KA<@oC{580wpBCkO^l~TV+li
zmE2E7(R7%DXYmBc{s?5mu*7_F9XL2KivI!hdx#Ht1=Y*8YqESFn<SR`8cI@A>m7Q+
zT`j~b1sl?R{{@^py;2Uw>7hSJV^yJ#u1s8LQSNe$_EZpz&%S%D{s0}uyebnLeu0{>
zr=X)fxJ=BA%e#nr6&G5wb+F2^;D8r-Psg{j?Vl&m<8@(4xEA&9I-M5WvfeeSMRukV
zrTIOlr<(sR=_+`;EOc8>9MSHXUYuM_u{pfc{4%!GAh-~LuzeYv2@rA+Lw(1?Dl;AX
z0`)jR!3cezfh9vf8s!qsSh{sc*fHmANwGqr?T9Km!|I{ej-Klm;G6FcCHWSOmwp?T
zo%n#LVml6vlN>b~I=M~lTMy-SeMJF9yfu}wskBXqP|bp8MT-JN<5CN9JVlvy(maEV
zwF)LXiU;|~s@y6vDn|N6d;^3bS00j%Nv?||1r0hN8in0h+wjSNw_@ptR|t*q3F4W?
z(0if^TQYfZ3tCNJ^;*!GuwMuEQA~dHj&nwwLN%UfJX57wWULV##RR*>w1#@gK*lnW
zKzwQZ5yAb8fS*qfDCr<KSx}3!jUK)-%l#dSK;1f+E7RawqBRmmz%@7@m-!b8ejpF@
zMwamv!Smr-9!1|8X2@L*s_iK_XIH9F5R$(w1#c=-9S*mb9U#nXYeF?-NTFbFeuv^{
z&(}F5jG0`TKe-zGSGFy=u22j(%}O<=-Srt0ou=^3yV*$$R+YEd86s$reMIp-7jc2x
z&yHEff|aFqdl<_)5X~Q1YJ;ea@(&<p<}U+5bh)XL)S?8xLArK|NI_;Y#JI{Lz6%2&
z9i=~XG_#Oy66rQvs39+SEeE5ig(BaY(pB$5Uvr{8p?!5xC3SWip*uHi7>UD(GUb{~
z_qx}-Wjmp@o}-<I2g3OY_nP%<n>Kz+mS{r|VZ||>m;#WHn$R}OnslH1`<g6Y>23eo
zEP@uEu4~_WB)A<@;AV42Fmh;IGX(F*JYld3Z1IoAtuT-CeOxb>a5$@A^OAYRJNr(j
z4Py-*h-#V&%cKuFFUEK9ia&-N;ZHS@9TK0)X`{LmJ<2EA2}a-zEAA7xaXc-YaP?Wo
zU~#H>djS#pF9QJyj1pKa$I+vMuf3d-V~pMX-Azm^0!Wy(644Q%|7sS1Ym<hga*N}Y
zh*GX2?RoP#(gsLVL2m9t1(C&2PVLKceZTRRkvnEvtg$BCW?Rfv{JSbTfP|O1Hhs?7
z{@}Xxe!0>3dU~Pf6<7;?fud;3?&J1JDL^Tgl+*?vkB~#b=+i-UQ^E-1X{V@sy)~2&
zQWe4qbPSDk=8n5NFi;6B#i|&e$~V}Gp{BBwYWj#pqiSA$s!esfsD#08UN!;gPoGc%
z%vwA1MA~8m&{vFMt3KMi<D#3ta&osS)7dm;)2R1QKV^!D{vDE3&1^tViYfwVNr^_n
z$Hv89KVww3xQ1Xmz1UzmM=si5!!0%+b=YY)yV=O~O9wMzkCe{br1D%y%B(uHyo=0Q
z*IIMQ!KhXmp-;3FDlE-cGvl}cU2NJaz2Y@94r-l4=b8bn`eILM`{UnpmlwAe5MJ@*
zQ@z?Ri3udN@7uIK85N_o>Wzcv{TR{AJM#e3@7P+D8)Kxqj0<f6$`doqY(SvH-5(XR
zl<VGmfxRG-o(Kg(i)LS<a$M<CpHZiF1CCkN|0xdED3Kem<F*p6&`L}=joxx%{UyJ5
z%|W`)8B$w=42Uxv6_Y5c5BSqa<(l}4tVap?wE+v(9bS8%JmjXI36IdnW8bZV{IMn%
zRt2_5`?#Kb(J}y!j$gZ3ldkw}52Y3n;~RxlYs9^dw7+SR+0-`6Du}yV59zvVd`Nva
ze7eTvYhW_#Bo0$jKlI7Oc88)Nk`+<ntKGHd1aXf@XDV$0(cFVC7hUL>KD*Ux43J9^
zqlx#xUvq~GwW;i6t*Ly_1avD{dGx&TJk7@Lk6-Mq|J!yN!^f-uk5yCNB0tph5a)IP
zw|5clBh`AmqFYe1e9wt^>Y?U@a#QMruN}m=VuVpLcf;7YWVlLdh@Lu&H9lga6c$_%
zX&ZMsIDiefWcg}E(lr-pvTq)0vex8ZkU+B87Jlp2Jk6;qLR2BKI;wt%W`eB^X*@HJ
z4PyoXf>V<KJV3g8p!cW-`oZ4n4SQ2xNPR?Jni8iTE)@e{ov_G@QT8|o5oDF1EZO<+
zCY;jCSGfg^uLY34M-VPt_B;PH9e~=P$>|#_^f#N<aU@OztC{w?-%s5c@+XkdioRF{
z|6QOxt0}A)jSF#i#E-(Q{ZY@chrW+`IjDMPm(y8irs8Bqe}N(w3Ov;qXM;tSUq%U)
zq;<P9sy+M>7cZ+w(Kcpych^ZVeh|lOrFb$Vk0%&EZr2M<FB>jKhJ0>9$18Ge(vx~W
zg94x7NlBF#5bcdWVTeDbC45yFdhFsKi8G(8>b7O9`~9$j<EOkj;gj|q&HL}Wj0&tK
z;b>5o1@bxF=+P6Ur$2IG@qcp@=CwEaZ)Z?p_LLYU?mjK=gBCWs?yb9$LrwZClt7sO
z3mHJ>zZmoIrRsHvv-_@_85JvfJUWBzO9I5o9yXp4w6B2Hl}`$mha!$vJV{O@U<=?1
z;1{0gnr%Kq$>R@U*|u79_?OY?BhZ?wzyJxdK53+9nB4K{c->~K)3=x~X?#P_<L8#T
zH0ye+wZQKVGXjM!7NZ~bXgG9_?#N=ukW=d$=S54~tdr9cc}A38NthFKs_kuGnFE!1
zc^V5V)mM0!@mOBgLB7%ya|MF+vSdQ$KY|rp_qv$;eYTBTU1l@Uwm$K}*ECI33nI1U
zm|oyHSvZiJzX7Y7iNETe6!*`l$m*qh3%cPsXy89MU^(sFMLXw+C@4uBE?(P)>HK7n
z*14O2v#>u2w7rOJ!K4F;pjUIJk8-SN99>@l3YRZ-tD?WYI?~d$jwUACj&={7z*6&o
zKUJDGGg+Y9GqQ7IJ9S0MB(G*>J9z9O?{AA(CeU}uSu1#$?bn%!vyRElZmExWFh`xp
zB@9KF3sns?cBx`!O=T!DJD~7HQM;IgBj#w;0Go*+p$UOTow7egv}!1WDjN7q<ujYX
zh0U`WKkYozlb^LkD@(=qi*Coi#`B2N7+Z&PkwNopw@F)Y#ij3Z+p3&o;b&+P@(^d;
zp8a$Fd7|Iy82p?_r?T!qUdK4$Y}4I$3emZZbJw5KXeff);+JN;oRrYbR&minfBw^%
zmxucxUPd=q2-~p*@7RaNk}t8oLwUS=xF$zjgOKUlwAc<Q+z7bNzsy<&?HOetyz3i9
z1VCIOxkQi2GH~!x=?SbvFULR~AE`sHLITX*hiuq}Z@=CCA)eII`RYgb8To&*8O;CY
z(HO7%TOtPAT~|)-K<<DIn3#Yh{`QFXAlT?+_w_s%xHo#g<x8gH8SKOgjI(S}ZMn;w
z@0;$*nxDVC{D-apr^upiGXY@R7{N2_D?gZwvPi-X&A~s#e<}Sog7k*pHN9VgZ{_Za
z(XvR>?&jjB<_fcaeyza_D~1+h6el?v+hplcwb-zxDnU+RU03RoAsONGe$AZS^a@<e
zN1DT7&9Qi!Paszmu4?Lrg4@>NVp#^w+B12_r%^$}aPpR_RcLH?lgH(u{yv~Ds{o1*
zAOOB_7h3XNcOp*t(eCJjJUQr9a944dIBPA(YDv!GG1mGPy;O`J)wS9b>M^&~uXZtS
zgXCz(kz5fgX7S~X5kBo}V@(zO^6DLIiyjIpa-X2-7-e&p7uS)(h)vu%qT#HLMXG2w
zhI@^E__y{LyVmUH-(;JTY7EBy&lL%0QUAv=7G+CL-F2_s?Y67dJ=eP`$L-2D!?tZR
zzs@&q|Kojc%oAsFBp))T)a5%G@*&E|KRLU4eov4l68o~usASUG0%2zHnv{>ErihPv
z1<T<8uKx<7(TLJLr{$yj8H=iJP|X_bzcz$>`P7Q;7SG$Q^^zK+vs4$p%~sH`Zh=6j
zOfN#4f=>~kj@@JEO1KCdRcy;q>ndLwy$4xbU^ixv+4(H!@wDiVKJB;{=hk4~zdl>$
z(_g)u7~Ej@4^Ff1Us-%{VY9#8as|EKf0M-TN}XE$TE<!acyF{XpUjfbYVVtPJ&J|L
z>GR4wqbfKje13Fk>`)0~nPd%VPqLqx7If)(^#dKZF_a0@TyN#2usREb8NMOH!+;BG
zg6>;_kWoSlv6nzZy(qg&JZ}9UqvxwS`E1S)=|>>{_JSO{`#*QC9}xml6EM9ZxNV78
zc7rWIFmnK6TqX9!Lv%@jN8;2RR*NN#m?7Garlo_4Dp>cDk-zXv1*DLX{YwVN;gj8j
zUH>(I5ZEotJN+;DpZyj7Yk%D{#XsZB@OXL(qqBL1x3}(G>t3h-yoCF#Mti{__TMSK
z-+RsdFHIPuwXCVdUwlx=J7oIu<I48#Feo-cOIHpdmyU$bJ^|3Xz%n{JweJx^k7W@@
zB4QuvA4Sg|aD+~~p|%w4Th{E^uWFv4J7-)k2GlWk0bk(^WeFe9Et|I}p;uD*Ge@Eb
zDB;<anX}=dGn#HCSnOhb{uj9e)g)X^f=yK0ghmAPr&{i`hAV_qV7zNXwU4dG3?f{#
z{AuB_<j%<^;sil|CY@563Wmr=QRbKC5$c$UY|tG}=OaF%<D>QWmSvIyW)#eARPdgo
z{Bwfv@*;0$v4hVU2NQm4S<#@{on7kK$~KLIsQ(&%u?5J0mz+2v?w?7?_}Ar8n6U6p
z1%O@J7XwnsW>;m$9?#FLhpfhliktxu=G`LHzW|3cy5mN8b}*Qg`?Iu2qbEp3IOmH1
zl3Q7em&ALL;>{D^Y;^bL`;irG&7;#bH>oM8<}0I!z1ZZ|DAT=*)$H8_8f|G3TxQC6
zyi}wLS5uzxCCu9Xbx(G8Mlb=$<S0|RKBCJY_^^ry-s(Mg^DYWq+?N1xM7;a!Mx^?_
zKqETzKvB4J`CGY^`r{ERKlsL4*z_V*)0)Ky=#;}aTT@WVwzk-BHeTi@9V~TokglCb
zP-Jz@%pIP%A{~Qy=AC7?KhUXW*pW?Ry?=Kb@U3JTcyp*=litSc4T&8PLxf=%6W^mn
z5cYE!8ZHmaeIxSx{#-7`?+cGuHpS~1KGs|IA>1V?llp{kamX^LP^t)#Y+s0MMSJwQ
zk4^SvZ#>`8&<xrm;Vh71W4BBy>_e~X-(6#wA@Nj@QDaI&<pot|(!7Qa`~Q$gCTKTp
z2!2an<NCu0!v6W!QgdQsXjWozXklPzWm9Bw{9DGqRo6)oKPyZgoB=4ufP)w)nIkR)
z)Guv!8xuno6dv5WqifvGFm{uW$V%@H-m7v(fK_BzzUxT+3h=tp+zp5dB9oo*>9q5o
zbXt-gxW0Y-bA+xBg)*hrE#+*FmciectiY+{+W;IO>Xoz4j{Rnh2r&R!$TH)9{;`n`
z^~LWXaDDj8NPN<0!f3r#!~OgrN&x<Zr6w|+0Y$+5lC(%N3-va4fnARHM?sYre<YIv
z9K51`9@QOdOdN8JGzX&Tz#Dw+bb%(p_ZG8fRC=ay&zLrjK1kXDDCl86Ylr8FffK^W
z*z4BR?tEXsaSfR>H^mCDK3Ahxx2$C1carB2!GY-R_&$-Y8y#p@AQdXTbsR^*$4l4*
zY@UN1YXRw@;q#E8F*0l3nzvPvY+l!nfwGDAdx-P|PD)0SpLtq39loLcG_llZxI0N#
zQE1(m>(?bC5O!&xVn~wUld&3(e<KghTzu2mDHUbY-y1V2sZ)q~B8)V8)Va@02EWQG
zw#7XqM!H;R<9D8n#FaN?0&vI!T5FU}(}dErivz1H%0&wrnPr3&+6elpn^o%glxiPv
z=dPkIQI%Ag0=Swq4VqW69^iQtG~<xn0<{S7@Pq-}rhSh)XTl<6`-umCz+7Q^LhTYh
z9|=RL2ZGz_WTRNOIUm~KmY>RM*&eivPZ}7vG!*kdRfS=!*%WfU-k<Tvk@98mgCHOf
zHsSC4haHN!xtUGD{YT0St<7B6ze;LiZbNircW-fYVq$3iy-uu6uFNf--H)cts}4;L
zeeRF(<|XzIWBT9khE=;(2ig<lSi5|#V^y@nngRi3a77l}6&4J$u&X8u(T)f}wMw4n
z7|Sm=!{SLwH6@ks`|McvEfL~8kh8nVm>uXe7;}t_SY&q6`W*e@Y`P5hI<bqBogUWR
zW~KCfHv0ZvdU{TH?H(rI1W$_naoc8?Lg`Q{1L;k%Q}ApUVkgnfB_)Pz$rFV(%KO$;
z^AJK@?T6~k(qJSvK1qX29Y*jAnXz0UN?szh>pHEsfVCNUB9-kaq-^EqFck0Cf%3dm
zI;9Qec_GOclY!ShPd4Y6PRUBQXt?G$MHR{#pChyJ5+!Chr~&h2ehNq^p#+wkJ}E2r
z2|#%J{M6Z#w;0~Mq<7Y+rd)l>a7LiVp#QBZ-+2%lccYQb;dGuVRC6%2FD&875Nfl@
z{gw-?IGnv>$mp@VU%#R<@q8VO?<j=*gj4TeYxQULd&DpH-Px3eR`mB^PakVN?zsn1
zqPM7eZyZ2;RR)ko)1Vm;?=-XMCP9plLT&|sg|l-qI^3`(4A;%U`DXhhicep(*lDHl
zIgukh57@yDH<Z9C0MawzqKlC207C~*NC@gjPcWs9$Br6bh9d4Q01!Wu5oaI@7_3|V
zU_Dxlfr=Q_cmpW>INe^o6|N;jFML5}&$?JRjN+z0P~Vs>r26*B<ovKj?UDEr&M<Qd
zV#1AOG#dnrv~s$bH5RC>LcV!teYz^O6oX<>E+UUDJgC(sHQ7lkEAu+wMRc1OxJw_1
zEExQ$N#$OX{mcM;c>9%FAH=tLXU+|C!q6Z>es+g9K{w{#$;Oh<rYch>YX^<eSl0Z|
zDe8h6_GlETezaQkRq-y7<-}5{R&>iII5$&HN*Qjol779EaT!u9vyfu37ICsh@$?d6
zCb?xd(LM*uQBRd;?a|rhY2ow{GKS-(JYK>Qphqc~#y&0O%;F92vO40n3%T_4b~U)A
z;0lsaCSFybkqQSlCkXcfs5<tD1*(<&0RvN{03*GL*c_h?Nkn{WBieW0eDV(cNR?pv
z&?2=l45RX*_ORL}I~5h_C5ua(lCGtqN`Wnc3NaU3Vhb_;y598u7p65vE$`icAVlFS
zw5fiohev|;ILR{uGW#%9X#Lj2l+JpmOl~_{Fu}~2rG=kjc}hImauTj$qRD^(G2=MZ
z(7-*@RUDG8S<2Yice8n}tvtb8G0{hav+`;n-_sar6dre8BPb);H&o~)2jt|n^s4}l
z<eYWp>86k(|9f{*GPc$Bwly??GUPOBn8B4M+7NCB0Ld~TrvyE-6J+70<Sg!~{a`l+
zks7=S3hn?Ekk)rX;jMy;kq{9)%QJdrY&!J!vxT&obAgR>0I)HMY!!swT;;QS^RDux
zej7Y_6R*Gd6rua!&Vc%B3D$;0_>HP1f~}O$J}Mu9<zaZ?ch$%Z7?r;uJ}W13-x9y7
zVfxyt=Sh~4?ZtV-?woML)VZ)z7*<bkj_VaRFCV+Om9V_J2EkSFuwuva<B@nTut^E|
zs)LwZTrml{)^F@E${Zd_NAbl)`_@ncm>z1P@uRg{qF(e@-lS;)=o=kPPwBW%^0O#%
zW4kurls%oEsO8tc1hIDkYGkzsK>D}Vy+Z;8@+UUwm2y%;#HMMIGK%<>#DllUPuQ3}
z(A7@S9ehKxD=7%4NJa=nvWx<s)KjG582D<4?QiO@JjmB*j~g;BE1-^R2*)qk0sel}
zLuceGuZs^iq&^Utlzx!0T8~NKhl@;0XjhZcmd~U*jAJXRcf^iSo0%_Il`ni0c4L0r
z3rZ!V=45cZ1d7aDAd4cW^VUzv{G*Zteh@+b`8`QPu~i}7>hl~s@9g&~2JT*MYuVD5
zth&Z%%Mm=uFk!P|$oxUP21<PwNWDh;g>$FfKIN0!w!SNZ>fJtPfhRRAe+H3)-9%Fh
zM_0m#DGO3qJkT2DMXYPP1@8$?jd5E))2w&}JBPcC&_l^IshgO?D!prD%7OrtWK^EY
z8}y-+QL%`qUXrPG+Ma2XcULM>k6x0WE8gA7-hR!WuNMc5R-FYXRmZ=OzZ;2D*lNlb
zq#&K%K!VAM4Az#+m`R991i!GFCTi|u;!DY1)oX%Kftuk^M|l5OYKl=OfhsuqSsv>A
z2ceaEo^GK1t#Ri8-<vdN=~zxyS=WXn>l=#twT(R~$MHUjT<7rAiVs6QSqNX*ynmAy
zUZ8_WEXDxr6fI)8&bC`8TjilGkn2K4oWcdjzpP)U$~Yt_a*e7VI6~S6>FtGSf{pBA
zIgv5oA>ZU*?pAei0lR{l7VuQ^*gCd<PWL}#=HeF{LIlrm(uNOHu^Up?fHy#mt!)|B
zi{(iqU&Q|w3x$9_84@L5>PvWrXS9UrqR^d1reIF@DZfY*B^~J%FI&Y{rJ+24FP6ND
z)q50gF!He@w2dH;Bwt|gG8{-VNnewA``~~40Xo(&fwKjhq^l7jeyd#x*Msy}KFh<*
z-rgmPj|$jN4W)(j2b1nPYm>Z%*sQ&_zws;qOFrA8d?b-fGp8G!<vsl|xN!2}mhKhj
zjr){LTso0O=cFy)(OrY|uovy@1K&=X!WJid_INHiqLc53^=O-V2C3&cf-hgB99+;&
zOZ7<A2Rkr7TfIc>#~0lwYM*f0)ULl`2~JPp(!MfO^QmV^Hal+yrOC0{K(XYa=y#*&
z_p#`_AJ$7z@_SM8QCZatkbPLlJtAeCEXh3&BloM5_>Pl(v?|yYBlm%m_@<M6K*&Tw
zo%3b25RpMyCC&UAOWr>Ue@V*!n#6xsohJ%tUuxGzf7UL+oCD5rx)TO}kH7VafKt#f
zo827<3JgIA2$ug{{zhkYhPFnw<mUeR+ZbN_>kRjF)>abxTM{)M0+d7wkWvF|Foy?t
zAV&Rs7F07K#>~!!HlU5mHf)lNMWT4xa`OgitlRfqIKv>v*&{K#GrHe>b&<{?^sIue
z<KS6>_uv2M^6Yu>>8YK23#u4DGa9g)xYB&n?H2tz(Bsqe&dZjsTCp1UMK5R30{-rG
z=Q=Wf9C12ovRXbm`9;EKsA%32IksHd+Z|#F6CO6*QEck6aldI?1gaG@S*JwOs#d=m
zX8=WiUuev+%2bN3nb8P!fFbs1#j@<)D_$A7MN$8{!I)fSyi$qigc)GEEiM5VtLVUo
zVrO_LiTk~gI^8mI5l5=xd%Iy6K3R>`X)_|yo7i`1pB^02O^?WvxRA^cLs>EUTEy%`
zH&iw{nhd?;YQgxDC}?i%yh0hvq0B&DvGBCYQTsYksAlvYQenCp!zAW5#vKcTbqwNS
ziM=O;q)U%Us_ZeTh>k%TE0`4}hEA6C?BN#FQyixUni^7C!4>y-dvX7KlDCINTk%v&
zoipApDh#6K<SX#Y!5&@#i8-NFWN2sfKvke@F@<gH5GK+vMQqZ>t1p{WOg*G&tsqYC
z1eEpsuCl95M_d3dLd#UQ&LJC~;$&JMjo>Cg!YLB!(C7SfI!B13ryi;#AVDx7F!&Rx
z<D;N2tP+B8tI`bVBPt&XVw?c@?Jh$=hfSQGT;6X`%O}q(%^H}lUoCVqKdVY~#2B#!
z9)6SyVrzS9_`ZHduv)@((==J!Ka#N7FopHS*x71`$s0nvqP^Ulr5r-|#rTW3nqXFN
zCsJcS$ppP;5dEP%t&wP+c@hvE<>JicsFD#t7<YBS136_V{UHS;&@5}yq(8Y6B5?tD
zNUOJ&IWQ5Hk90!ZYz11B_9<<VeRNa)nhc=rUhKm2lB5<3r`fU5B05twoD|gUFNGnI
z^k$V|R*1n`nsK3nF0~9q<K&`6!b;3Ks6DC8oT+KrOSup3Y9Ko+MG^5_xDvB$_(e+2
zS2k2b<*iS1K``5EtfwY|+6o8&_JGD0bGmcw0oqNwF4;>%rp#Ru_YN{mz$<JA*3rCw
zP05YBKv4QsK{HD*>U$R2*Pm$%vjWg?GT>U;I&;%qq*TB{p#mE}Nf?G3c}1nF-q0^v
z^o){7)$*uXX061ItBQp|Hb*tWiMgX=V2Gzw#_IJb3QZG(C>++OPYBm!-t~X1o*Slw
zB)3nc#fvLwwq&Q%&AtCeVp<K887QGh08D{d=NUfD6;Iy7V+vE5g=gc!l6tcy+H)_I
zg7KF(x_0v~5M+<GR>#bYV?3O1W`I}a94}GqQVz$FK+lglz9&?>BfJD_vOAvSg9g#4
zlG&(_msOh9Jt0o>K_s?Wl-plx4Hu`?*9o2B4Uy6yufx7bg3>0R0XPuDv|va!M*2Y9
zJ)p^5x$@`HH!rn4U*%<{69$1GFXSHGATa=+o}9o%ey0D^mC%BG)tMO#-KIvLbXF{X
zNt9RU0?+z06PhEC7%!Z=C@iotBRNVlc83+pQe3KHPxXi;MBnW-vf5{r?9b@wuD+XQ
z;l3y8hxhcgiA-p<>(XFW@{C!>9HMB?lN3=7L=JsSyDfTj@?RD6_0!0-cX(`G3c927
zb#RaI1s_1%sudHp&p1;vLLF~OCaP^SVal$d%iQr}cEFp0d-3G%bRk_zHUFYdNE))w
zI0eu=lah#huKKOlU=gPQS$QOQUk{ev410WP6G)F&n*YXEcCF^AdgF|vt>wUS>L0nk
zY8FcO^0?^DF=!1FQEAWKfOxCa2gG!wPjz)_bUgGSH{w-OmiF5-4Rc~M3{M8%P^U1{
z_vKC-p=;lEAMI${RJC>h8)UrPgd*W(rTUQ6X-5Ov2~}f7udM1HCsuPcR;9f@pwOy`
zQm#0bOp#B6?&yp>t)8@WT-th4=BIoL*($G5?v^6PKL<=BF0+*o2Xp?|Ks1qUevaG`
z*LWa#`xXR0gJh}!;W7ewo`;9U*Kvk~Dqzltw)})zs<4=%O<~hjV0CMcuQh<@!bd~8
z$u@9OLy;s}Jo|@qBpR+?tos`1&7H$Liz4NcmL{tZAud1HKdC=0pp`3WD~HZ^ddA<2
z2+~3NRFltbTv26cA%^bc_rH9}Ayu65GGv083WC4MJ`jj~YiE}m=p_7gpGL85;TpIG
z2M7Lpd{d5jWWi#mZ}-Qg5jDh)e-4@~mrv@Tu~xHq9nGoFQ5ecQ^JK(1Wrl~!{1|~S
zvo}!v0kXQ{F4XWEw%MF03hqc!{KE=8<s_ddO7=zxed{Ej7qTxFr8dS%edFZ5Q1Ty0
z*$9|pfov*q*oX%xb)L>9k7H|YN){<|ccFJa5!Cd4?O$o-J}O`*S>p5#nm-?}$Nb0Z
zi~rO~FZ4fr0|0@Le(WE<<M028Xc7ZkU;8(`?t9a&R-su<7)|UBQwLk8C;~oAK183t
ze2APWLTtf_065<q@GOlWMe&3yFWKfX#ad2N>J*>L7v>2my(NwiliD%yNi}W3&37CL
zc#FI(N!35!y<g9jJEzW<qj%{UJo|ABs6s2FwQJgFcO$cppKd)bI4G8?9mJm-7|&ub
z<=BoZST|G9%_eq^y;gjj-PR1MLHP=hO4z2-!eFi&sstE9P&UkJ6|_ItaA&Y)W{xv<
z;oRX>WjoX4)TkpJFUj0sy^?z&oe)9Kmj!wmfsNr(?D5%9AG}BS_<7H{c2#6lZMW5|
zW>k747L3{Qv0}d)Ne>xK8`d%!FYLJa=hG-FIh##wrVe5y>AY|%iKk?@`XRlS70{P#
zKJAqFaK<Rx8YHQZ-Oa&rpDz-X;c_p*#P)D>!i)tw`uD~_V3-ni8l(&g19DFrhj#sI
z5>m=5fw)*)G<28vLqH3TBY92Ev!bg|^XWyd!zP~<ato5&c#+h{WnCQT&<UExp#lqL
zO%drEOy6m63iZQOY0~OPFzASId)VQvVI*SFFTulrE)LZi0;5q5vRSAZo*ZOg*@)Xm
zFy7zE$YI>!sJ!tMLRdBa(+r+bvOp|ANCIR5zbdD)Z`DzKHI!&lv5h-mVrN_@sJCF8
zVA%Qvjtx)y!o2$_ki@MLl>|X<bJ@0qZvVvH9_O}h6i=e7=CJCP^XDR0-AzM`C<(e=
z!{JoRr`g2sOS~|#6BvB(?N4-tI@}&NI@V%vt|QgPOl&x5_BPKl?^b!Ds-Q$3o=|S0
zEZW7r$`tg7KnG1lLL>SiU1;{_%a!ujt>QPy>i}KF`mF+&cF8E%WkVq*ePTB*NL{R?
z4AH#h<1}~Bv@y*v{MsTCov0>Ma|59BaMtN`H98k8nbX{r`Q-DK+u-Y}`KS{GEv+%M
z#p0F(N0`1E#(!5rQWFHXJwr@^36rbJ(g_q0Od37sXy00iT2_qyu!fn1QZI@|XGXzy
zA8q2F5t=PQ&#P)(mUSM&R}L61OKwT+%7v+vCr$$Jk9clcC}1y}X5hL#506>MMsCjn
ziZxooSGj<42QUYmC)o@zBCKk}gi9EXF;I%aAgF=}<DApN_0w(8T;%-~s=x^PyGU`G
zqO!^-lmM>BStvD9tX0{E$t5f&K7@v!3%x(HPenM_Yv~4g3RuBM%N!nyoipsF$N?L<
z2qwNW^k=Mbn<xDPgARD+o!pX!-4s@;W`m`%&$j`*PIm;3-RXxc;L23)EL~N^yG9)5
zF8GOUYhnICK6nCpXxj4}89#2}tGq&wVpQ7tft!90RgLdWiU<K47oJ|Z!S9Xd=C7*^
z@wUKk9ifj%=x!Cz>(!kXl2LbDLv|Bb)GpXSKp^Y@GpE(7J)t^`<tD<0(@BsL@5PJ{
zYb5t3owRU_x(uJ*LGQBSn&oumD&kGo5V{GFo2sWmSZ8~VreJ<IUwe(`_%iYi`cNJ5
zVCS;b7%`kIqhr+eb_>J-gj8d*ZP7_4uxXJfwrQ^`s!U~kLriUKTyTC=^$9qYl#-*t
zub7Orm;TrY@-n2`R@L2-`k+M?S1fXOtcI7TXi|PKmgKwX64@P}vdFiQ+%i}U!yKg$
zBs=m_uer%AEJ~5sq(HKlpH8l8z)MLZXU4aY3B#m9Bc*_j$|o7`xSBsjO32|Y{bu!3
z4a`>p6^?3^!F8Wr+|8OLt@Rb-2=WE><i8_@@r70r(8th><n^UN#5Ww$C|u?B2v=&+
z?mbdpYu#yU*amDO$Dlk7k)WdS3FUmcTvQM|d0Y4jy$1tgkB%jJ$kqzlkg#i%R)iT_
znZh3(g;5$N2P?W^Kq?++27pQ1;=2~$y&^%pR&Qm=E&Qg<sUR;&Cd{JXd@w&>%E7!0
zMC{(3-f1dAKB4Vv9D>#ojvtP@?qhCJwK#M+*8lYTseKjrWVSjm-1Z&S&%Nqj?9njV
z+`D~4{mwsKu2Z1dGtTOQw2gqW7|>!GUb;3yF?ckQu5+jTB-z`y=*j0Y-%jeY+Rwvl
z?oYM%EINNSk+=UljiMvmnS-n7$9R78pTijQH-x!9z&ZRkok8eQ)aI-B!s$i<h^d6h
zd0;`<)@&Vki4=R`T3nf@Z)_)BP<#iwhe#f7Bpyyh=KwqR&_qDKL}#~)%g(FCzKhzc
zuP<&Rz*hhF84YU`VYUioVn=CGw3dvi>-aV!BQv(?B&zE!xO&O#O4cZ+#e|+!lSv&*
z85xVGhoA^H*_)DjDRS82Rw5WiSTV4wh0%j5u1P?<DZ?eEY0@C)k3B6TqmqPiZjrYp
zPYokj!chFik_pBXM_UZOXPK=njmICFG{4PMBj?IehRan3O9bfzF!oy*yJg3ayrgUm
z?SH~)O3>vBkUk-VRSK4|-bT3n8g5y0il@)mu=tG3=;!jQis{clm4;ZSdyGp77Qa{9
z3bo4~V<H8-y<b2OO$p;XQAvM#8az)(bRfId6=7=1S4eTq35<|FK?v2|q+$&_fjeR#
zBv{g?)IRw|iLPoMr=v~Em2w5}Jh*X@0u8)Lp9EXB0s#?B>i2+I(U(FxWgx`lsSC0r
z{Iql)qsnNoQq}$<jZpI?5==>U$^l#kja0d0x5AYELC<7p^+8xh7!r6?WSG`lX&lm$
z(n%L$Geu>AW~v}SC17eWTeW<cRHE|PMwDqBSVu@Z447n23*)`s+Z_k?>JrN2TsG*s
z7!y^CL&XiFrkvqAdzjEfH<`7Q)NB_GilfII92e1Z0=3Op9CA0IbHX5K$%T_y!$^>=
zkty|3C=UNFyM5U3$!2moGPHDz%`VPbavG%rqF#1yc^R=9*3*TchXD-QG&l&DAN0-V
z+4VLy-vAYl>h*$JxavOu<==iqY|PK6KL{^0Yn{opF`yKF!7n^|Vj21i2^CO)l14bp
zkkaHx=3znrk9KcnTW+N}6~;Rs6t#&R9<gcvJxN=#1n(IcAVL<D=6*w&?Kwpy6u?7e
zqf+{_Qg{3y8S5#5xsT9vyIQ*wPmgU!-(GR$RM(gn4YW}@!EX-4qFz$R<+<e|l8lv>
zg_vSxzZ8wBy*d&rM0mi)j0F&M{@EN!7zEo>a}W1=1_IBy?oAvQ*(~P~j51&bnwTag
z-?{3UOSs1C_tnnzc`gp}CVFYiZmU&D=m3(7u(nDK5WjXCWmZK%YD&mOQFn@wNbfA(
zzThYA{*@~eRxiN4?yFs>I+*vhe49BUT==PB0gJ8Pb|hYzYqtAZ*c=zYBLv_%ydu_h
zf06&U82w>`&|TUosloT}F)XbxO8sqR*nWXk_dKE-_Fwl0kk#+#kwEu9-h=q{YW+XG
zI6=Bdn4R0agsT}8w`5t9v33lCufluyS1V%gTi}u*u)ufHIH~tEVPv5D_TS`)Ct4Ew
z7dkR~Gpa)6Ay*QS**=tV6>`o|1R4LqTl}=y&V;b|g7u&6kc3C~ap1z*b3H@R)y!0O
zphCJQ+a+5Sq}J;m55p`U8o-#ysE9(Nho%Sy#YbQiC)c1{r_#m`(8G)sL&tK`^DdD6
zy`(h}C#4gfJq=X4%3sSYwNE)@W@voqJNdF_=gNH6<kVuDcny=vAC7Z(Kifv<=q%Mx
z9CukxPQ>uY52+<DjdoA=5F~d0Kr+53_o&Xqb@0ukn8c-ES>z_g5Sb5FzWF4R6)-TJ
zXDq___LUk)=O`aW;p7A5o-|G-R8o?0&BAi-x<rZKBzAXy&s^ekz$tCDp_iTp^|i%Z
z4!fH<30R3sE-rgZ(4$ibx;#WQK#`O#_Op5KH~6AJZo7G;ZJst)dzPxZ&8I)%OmVeN
zA>Q90s9SOAo*x87e_c(hdDhGtw=KbqVCEPRsds%6JW=r#brHIyek~VL(;fz6P0{?6
zPUayQ)WHlISMRmK<;q0S9Qf4*&#*gs$D#uSc|FUL(*3+#Z0DhJpyKxLrB4(SFZA2~
zCk2lkgtADrTtB|!<%bDUNuFXsVUA>80s}P0C;p)2p&z`s2macZiz5edsZgs=ObgxX
zJ*VTnqOo30bGlV$Q7Z{8)d(JpDwes`G0MJ!Yv|f{$>_wchuI{$cIH0dedVbJf1uCL
zPx@t;9#y{m8U2#TP;elokA3pktNpyf+~Sbf-qyU(+S<rtf1Y3Xzn|%b=l1xBlBf3g
z3<Mw=Om&&-@w)s(BAr8Ur2;q`Qj#K+$RQ$aE$g6s+_{hx_uoC|=RIZUHIOO6Y4*9m
zZ&|Ewresc$?_!tE1-~-up6Tj$-*1cW-+6DkeRKhQakQf)Q|o)A4I1@W^nS;NGXQMw
zE#{DLUv%#?56@$u=Fr=QSPMhUE%MPDTC-%)M5I(N=Fzn>ReaR)Hz%SqAEyk!A^ng6
zpFX-4#_c4Uk>&l?(JbZ#M)kwaB9rbzspyDCWynTL`zC(jmIVJLO@!hMnLU}M{tjNB
z5jHss!p_hj*sM>Y@jF&i-Qdh_H>7n$mqJ~fk;WJuv+>6zEwa-^3XG70CmhT?STCzx
z2i{V3(fz0<*YMq(9c$FHBpWX*!Fqw>Ps}7Q$`+4tAkHOYCRb%|RQ*`x#;xiG-i~}h
zqH@4~MN<zf=Hk4){A7$6Ht0f^Q1r7wK~xa2-Y9~y5EsF8C%gBu#BKfQ%WVPiyl)WN
z>Oi|}Hs`^GOCG~SAgib_ylcwFfcF+VgpsI(ZLaTXo^hma;&>%&Ze9RgR3}MD92YSq
zkbR%Jyk-0@IhB7^QHY8XO86h^_EGb<SfwFYeNaIbDCM6JYX0!YXKTkb31-(!1~HKQ
zFmCb9m7p$({2{7hDjahuD{-rjN=pZH6j)V+<YwaDkXk&O+2&k%9UKEmza=eCTsHPA
z<)W)rvvi}Yk+jU%{u#C$`^dly%@a^sh)THAu9DYvrI=;R)+%?_jQJ8JHH{ghsh5}s
z(!nGmy-oh}#9l1>vYZrANU&VaEeUIZm4X=AMWqGp92PXfW{!*wTF_a9o=qv$ij%E$
zP7Rk5I-2clcQyD1NeX{2|1zYeOA%m2<s?H9G3saRpfCC8HE>|`mK<pHsluxg(;88Z
zpnNp-)eN0i)UHYD`(2KCX|HLTfK}<vm9Gf4DViNW5|IPhK0uBHsFRt{-HZBe%dh*@
z<$~6d>^X64i2ru2i0M+e8Kb8$n_0!z+5)=lG!l9_(6c8UZ$^b=@}peUV3qRdvZLTY
zizb2WC##Z^4Fw5sWI=)9;x@vRfs~3HV)XMT(U#V_2xd%kRt$Y(A4C#~zYdOE<mW8G
zfrc}9W=UUKpM|{^(6#q#b<8_hZ8h?DoNmoc3QK5Td#1W@%6uE7m4Cp{8OCMJq2S+E
z4kQfJ@VVbz4+>G=5WS<4)ME&avV6s&uEpTrC^d}w>Wg4VQHIqX@ochR*y~KSj4fvL
z;6anRAa{f0<nVDCdGYC(z99$r&FtY(+VPReQVflt+ZXUvN#Q;4BfoMvJOuL!hkrO(
zdtT(QEccj4)jD5h%q;T~o__~-{hjPH`XG<rQ9K#C?I2BL@hhw-5BY!|s7vb>>3LaR
z)cg2<GZFW-&a*TV)CKL7m(EP!-PDEM8GZfz7^$0FQj^|S!Ya~KEbt=L4JzcMsYUT2
zTt}pZxd0x}+LdSW7b8)?r5o!{?Uujqya#)lKJaNdv%o0XfZ1Kuo-z4?zR4(FJdLa(
z4Vkgw{JD0O4eKC&I?maY(r?)y;q-e$FB3OgpUkN1h=wJJf?nY0b%aiF*e?r@RqWm&
z8;3p!oA@BlCCuCQ6sBe;{L9P2FBH8p4>7oA)<w99cgv3|=?o2ELxhYtZjXL}d4Mge
z=ZC;So-u0LeGp=(He2h!i_gyFnkr|85HiZ!RpM<2#~|CXz(T!@Dd*Or=)*>$VoO6i
zL9*oag|7(0C$Nn%?i9Heh46)!^IXLrZ=krPr>=)l+r2So<hqE;!`)bn>?F<@o0(P9
zR$4P<W?Lg|-o$>?YbFJ^X)ne^aq2dhDQssgu)YA(OZs9%^sPfHVWDVER9}v`+sM{#
z<?~dD37wJi9>)+z!$2-Pt5{F}PWF7I8mekJ6Cx!DeV5?o3RwSm{7D9UrcO&eNK&es
zeo;?~pE_m|ya0W{(s<*nDZH!@nvV{ZSf<v9PyR4dXu;G+%8F$zar@!#PHE-}VrK!n
zDp{DfaS>2}u8u}3XA}a_-VQW;_SwHp!#I|e>>*N2_-Q4pDEzg_4Keg_J=@&Aj)yl7
zw>=JyOIhwhv>Z4!F9b{j$P4v?w$&BP%|ArhGl%K<z&Lvp35$L1=8aatIsYwT3=6Ye
z6(PIr%$uCSaRSBu1=}`pJN7y0B@#kiXrhKF%fbj*b^PLwG=7ijOIg;M*e4md#d`!R
zQC;(%T-Q#f=O)doqoxy|Tsugn8zs&2OEk!tHIQ3DT&!@C_W5`!cMM(bQ8L7c;nFF8
zbBX@*>7Ede0m}kZU`fo9s&)T&dg|GIPHlnjKj;Dq2r+Tv&y|VX_D#Quv;2=MOWDwL
z(>2WK2|5`B&Q9T6h^?^&X;3q#Y3N8MCW+#48~%g6VkwYSl+)^)jKdej>7SfzX@^l?
z)5e}dmpRV;-e*r=|C=Xw#_TI-o$!G%hpnO1unpv{RzZ63q0OOV2_Khw?dIWZhJbsl
z`|*`Q!x~J_(}vq-&(NNu6<4diX=CKdYR6l*kR3G(VzQpE%kB*t(=27{rHpZ>{i2hP
zXrK`O4){^cDin>oFEVNY<_XKjpg!>hpGv3!d8SFwnO)rKR@V9CpcXB&w((yjB_JnR
zz7!c`f|khB0N+nzYx+`uWZYy^*F>|2_qZl#jwAxSH_Owr-?f{}niBUZ<0cpAUuSBi
z9CWbTtV(kU>w-Ycwm7bRU&r^jd4&k^Y$1rZDU@Br1lZs7STcKkV!8X};N_u8<hMy*
zZ|wjYLE*}mnr4ZfSO|ow2qA*+LxrQiW#Ixs23r+?nv|x8U7Wvg6w#sk4kq!}rh7WC
zC#XyC^+%vh#e|0+#;*cok)#%t)LNlV$UICHtupG2E^*{b{Yt|ZQcM7oqIUEN+cYQ_
zCOaOsa$8d%aETXwbOe9eRtRVxO7I@+Gtb}np!-8h%8V)mh?f!t7KbImcf4$t5fC64
z(%AsYRq>Nj9o2|IdY<S-4fE6uMleibzje$X;_N8;$`$f#vkI|C>2A(X-1ONJdm>7w
zn;FNB`qY$Sp4UGQdUVOo;j$PzM5~;L=z^-_hy+XN34BVeVh)w9jm+Vq2!;Sv48<D7
zZdH^I0~@RNhjpSIy<DPQw3P}K)mn8<xfFT;c=yd6yjTS}#q2vOwl(yV&6q(<i<Tjc
zOx$qb<0dM2SQZatH)x<_#e8ZY;Y$+E59?t#2w9&vKeh{<+;|j43psu930n48#Bwv?
zM`;DG_WQPah9Mf-M#Z3`7K3P<ULwd;8ReJ7M>Ss~wXSXy?Nd6Z2XDGy1<X!Q1-$Ey
zK|~|1JmfL13etR$jCahtxQHNzva5jrEihrbtMng`)<l2z?TP3CS^R}o5|)~zx$oG{
zM*f6a2K*}0B1mmKvkYUur70GZG1mZ_m`0LGKa7^q>nEae5mSN^6r5*KKU|Rmel5Mm
zX}LORh;Q2K7nCw@O?DO~Y~0Mfv3U_F_K+YGJoP%BAa8Eu>HwrEfnL=dxPCjY4^Dkk
z2t_2ZO+I~=yjcTAQ!T$SCKz((Qo-S11yz(FJth_NB*Y;b=HEL@V~KT&#@gaa6MCK+
zWB96(2R9(?-fU$=`S1{@ytuzNqN{-4p@LajlGq_wei+S?8#y>jXm<F3DwM%)VFC|w
z^s6#fE2a)QS=?UaKgRn^1mpgT8BaU$hX<oU*^v)h*nY*6ygZQ50a|n@Fis`$sAvr6
z{cyK*hi@aH&(~>9{lB`R3(V(xn>eUG{=a)0y4-*T-i3pgZK(-4qX9c6wh@hfuYg**
z)8SgFlQg%7j`Ugw^3-g4yTq7Ixdh2#tYUo_0NqNB=I9Yi@P6U#|Jsmj*Msb!b=h5^
zHv1>d(c8iPEf=5TX+SO{b@8}{DzMYyfbd~M3pEpb@DZ&r*yi_=-Y~ZsCN_<L!edky
zu@gA4)@G9)%B?7-qIEu@w^T>BzF9AYH(z|Q3-h<ZwZKD@0@Ds9=8ZQjm3qLUXT+VZ
z^r3cG@YV4{*)APwSJWhCqX3nH3jGx<5K8U9fax8ukmt{y_TFFkRM=@ceDoLG%G9)j
zh=YQ${yn;XeJzD7-$V=KtNpBsGcLPBX7n0rn`%>7Kg7+6Gx4MC97z{c6+lW-d?4B%
zKzA*&>kCD<YVLaECoQ(RrjC@VeJAKuar*&eW?vb*5z>Dx$6EC-PVsgb$4}WFcEE_G
zag2eIMD4#DdhXR@=T>0qUeuVle}NWzI9Bmn%qs&^*3vrAS&Agk|7DsP$+|8yDwBf}
zg_h@dCj*q|mB)_Q%M$cI1AE{tTaiodpCp|TfXoj@l#L{45?O^fQ&S*#oNUOmNOxEB
zN=2&&Xc&%^HLU2>97AHe8nyJEFB)0rF^dfF`+(#CUWg+|BCim49R76J6#foD<42^r
zArAT4%Bl>yLlvhWhkBo5;n?Ff9-;zgBMI%{@r1l_Vjbz)yojq9zAenU5`Wt>T9Yt;
z+dKPo<~9NAMfRyfnd~bL#bxyV;XV$5+Xy4y(ZZ`V@gK><geX1sQvrQQw+F&RJtjQp
z7MkTZf%E&-3ue2}b{Ni8VN{34y)R_lkg%>)VS2-2+>fyDNYr#IvRS}lJ(IE?NY)Oc
zYD0^YK6Nj7D4=5!nlDAtW$jiTB<kQ8dHAazg?j&e;uUJ!eUv&$tJEGynmyM8__e%I
zA$&rDl*B@Sn0)fX8V~}T6FZZd1DhjbBWs`gGi4m-!-TmE;fZ}N{cKiZS|20Af~$ce
zv)W2J2}9gqp|8eo6)mIy35(*M*bnt&G8A#z+FDr&p^n1~<$y(D2=}}mF+V=zEl2c4
zG@0qk6kc<Qp9A&wP)IZo5uZ=JKVOoLy_;dh&A&sA#lI4#9F*BU$PC&<P<{P1-Ua;v
zOd7S_5jvFZd5&@xS*Mvw86v%BA@Q2OUOdo_OOUKmpIg*UZb(yvS&M{+&#n=hj-R}0
z_=L`8yN`s;!=QG*J@6$<;46F{GY$aMwKz*6wO}gXA`mc&k#Ol*+S9KZq5Hm1SYM}j
zdH2UWgLEV<$t%794_ts1!@9|EGI#AF>TuiPnE@AZA7GafvfCVR030u!0QF3DlR6cS
zrozhlKqf-~>$e=#xdfBxtYp92#iTEdF<yWZ=CJ#ALttNH#7Hos+CK!R@L5LUEexuP
z!*j8!ITooOjt6^d6M$ciICXiOBNI0<EM8FvF?<K8W<ivK17T2k!v{or5ekYxe2BTr
z{K4q)x=Z|_-~#nOVnK;t7AjwpUApH0ef24G6Tgy_oN;P$?Zb|+h)FAKg0*XlM$v94
z90WwmVB#8TOZY{(_4k4kRtOl(umro2zzR^mG5`Z13b6i6c*mae*y#_a%Ol|Na-xS;
zQ7E4#)zp%CStG|S?h~vtdozpZ7oo;;m?JjHZk+YR#&jd>)mSU&PM+|5JfQqgz8#?s
zDUZZ7BOFB;OpD3uPQ8>HneFi<>S30f`hoeW-po}IS1AhH)cMzu%9S^cK%F{cN20?v
zKI^gY1+V~|C)gpa%f8IMbEW;>hFeE7T)8q@Xl)gg3r)S?YcZrJ^CHU7Gi_h+uGAuW
z7Js;#i7lFo>P?PR2a*lVDdp)aJ2lTV82IOfZ<o}j&)TG4kMP7?hLlA-drIFzji}S^
zfv<hCN~C6Yo>`>q8-|b}<_<qZ+OQgeC8Mh%=y89kRpQ`$-g}I2p5<`XdB`{7{#~F{
z5mT338R&yT<E6vy&;ul=a~HEhpgoICJnWEVQs5O4kDZ14H#|hBOW>BJN7CP3!#sg_
zBn1|Wv)C15$cwgsiKO~#8&kkyWwi9=<AozLiGNFEHUp`Rg89b?S~;d8hGZc04KgAX
zTM;6}s$QK}O>LHX<Kl2nREN_qgWnc5M-y$6tA`-u773!G0h}m$&?a)*;;hjoLIGKw
zl`Y5PQPE_`Pv@vJ++8ZT7#I+Pw7Vmf>?{qijA{IRkyj<ru(}Jx8bvtNL<xn%bMb;)
zt~1Ul0a$*=Z7yT1zM?io*WuD!zlve~aZr`7!!>$RKs^V<Z4f0d^+YAr1t4_NLOTwK
zWqv@c!_cE4b^F#1q52rByk($&9Y7Fvi$WI)mA(VvvO0w?8T}3Xg7&|XX3fae$~MiD
zeE0x+Kv`z^CpAIOV!8z(_B}vku6MhtmW0yD|KVMs-hHn)aZ<e_=Ur0+3ewESqKTC$
zN6<(y=}rfAEC*qzch`30wrC;c&Dv}v#$OC!EG3rEX)=klDFgZ6u7(757XEl}s)iyc
z4VKFg!f0a!s6U*Uf843&#p-5_SF?yb+h|G8ZsfhC>HMY+3A|*j2BVSbPcsY=!LnX_
zuh)c&LVwOweq2m#w@5YqjVU`5&Yz(eHc04}b616NP}N4u45A3A^D#hroiPgKck6=7
zbsNF^h3FaGcM&CB9x!p+#8;NLNQlc;TB3W^N+A8B{5A8m?tQhRk*yWd@-C5(PhJ(G
z&*m<OPG_dn93#?M^UQ$$)2rxIe6a>aC{q;N&*5e>n>vw8`j^O&r4WOAA!z>3n#apG
zsP{_a(puD=?CiRvleIK4IzvwQ5!qn$t!k!D=&r;3LVhxzz9eXGaZTJ(guyp2M!V{B
zeN;B3EhM#2HdS1;2zSA4HpaI9!Vg4m$eSuSpX0TchWC``I-?ht2QLG?^lckUmb!a|
zwUwx!VM9Xt+QTQejW@?IeL!#xQ`Z!W<ZORbu{MswK}ErF&4Q)nS#K!=9Xa<NmuU{H
zE&!N$)|H-h6d-1x4dWiU{MIjDVe8ZsiH^FUJLqtEK)8m0QbECx^3F{UauUuA!%k^k
z4u(3#Ul2$8Aw54Bkv}ou)V?-x9y<u;YLLZFqD)jAr0SF`jRUSh44I;#AF+<$hd3hi
zb02|^VtZcL02sd}%n0$NJgF){!}dq6lh%OKE3o!{XG423n}Jyh{#;!{?p@b{I7$$-
z@gFVpaihl-_2T3%#ob>%E1VtJU!_R%wy?1eXD?%_yve)oQLVi&O5W18>P6WQ@{lj`
zoh`WrXGUkL{sY`Q@B&3a+Ae`019Z<1{z%t`t)Y0ndu8$+U-v|ps&NNGB%jhTZ|E2|
zsxj^0F>mXb&lD`X)fm0taUbZIj}&a@$+fAm`Cobk^wm-EagB+I4EbB0-v<3OhUR`%
z7AU8F=~#K6NhidfOR%JYS+~hQ%(JnyoKt##+2v4(f9P|U5*bk%+?hYfM>PMW?X?ul
zVYBtZ00uP(gLo`Gg!$+u6-c}sb)up<xpOEHNsf4ds>xy)ifEOfGQ<eYl;#-E)R!*4
z8)HtwYSzaNew@?9jlTN7m&e)refS-}X!yzOo@MkT_NzUm*UgZ-wPg$(NI967>aPqZ
z(YRIInzg0$8f0#3TymRKD#^4TE!Nv`0Fp(mNF!s@2ij6Efr4SQX|?BdgJtsiafvlv
z|FeEea!~P_Set8<?m;Kz*C@+s1lOk(9I|Y>=efm!&TV6+HnkS!#xv;{)k}lW!2+?%
zFgwu;iqRCy^zj@vxhZlM0P?8dX{?`mhHPcbVTPpy*X~=K=q*@DjK+|CCy^k6T&n@n
z24iiGUKs3UgT}AVJZnsl^>XwZAj*|}BEG7axB<&ecdpT=+3#V$*jHy$8f?<OlktDG
z@r}$zolm=uV8ast^OYAo6rl*UNrg{Nm44Q?EPxrtR1rg28DuP9rEK{LgWBKEdsH$N
z%hMF7=Wn*kqPk8l13$QIVU?5=bJ|A&a?T4B0Z<~_SXPGNP6bUx#_cqMGfBl2Lz+gI
z+O*!+;HR-%lF*qj4SE8Mhj%1hmOd{qDq~j+64;$Sy=@KX8R1YuM7@PhZHo;G7|SR)
zu4Fw_#ZE;a7$yGLDIyb2MolSa`{wp}LuA3>N>wV)UqaVROAPVPY392)TIS?+n&{zz
zTAd5nSGavf6z@&`{(W>3ZcRlH@?Xjc5wF`7#;?X|n5m3O+TA!*rf*}_ltLg@=p4xh
z9j}uuIJ7LMeSnRTCN)z@GSE}1^OUQUDI<W0PEs7!X3>I}-tc%vk-^CGs7|Za9o)r`
zn(8`GwUkpP#y}e?oRD8C0oEk9gKUxO^=TP7%*gqU^iNstY6Sx*Q1er`PE{p_q!p8M
zK*%2*I7ar;#jt7Fe-r{bl=!#Y8nfvtDEfb6lPV!8ilx^%#sWnhG=qf*GJazxI(3|H
z7`e#kicJh$B7}zJdlgp7(Za9oXr#znn${iO>z3_5545YUSE^aWmNv7u5Mtwkl~X^5
zrHbL;tB&XFY+x{9452d5dGMB!#(2m$<^=qR_~kC#&gZAd0}zpzprbz&KG26Sle85;
zJXPM}5@~~cyu>A${INZoqmo`f+ghOU=ZkGb@&zP=L02N^<d{%x0`;<1S@qIJYu5s@
z0Pq0?M;a6fIhGwFe6;wMsA0i<$@z<n1#~{5<al-ukX*KG2Om!roFi6R7n^$_Tmk@S
z+yPX)H#yVSFo@XEj)N5k`N(?zNMWel#Caf+IYw|)q)y=I0L8Eo8!ks~5DYl!PiPs|
zn91}x<N9VlBUu<H>!{XBvh7;{sgR2+SJTgdm9aTjyV0kl3Z%72BJA1~=I{puaG}{m
zKwPYsMPCk+r3M^P?+G#v3f*@JYZ&Ly1*zl&6G9@0EDvV;Ju?}D;Yq0%Bg+qntZ&XR
z#OAHJ-gB$2$*w*sZ>}Y8XibzBlle!2KwSq=h74N*SOd;#<kn!UkHuf9G+)H0yu0pN
zg!o@5cHRnb#a;cT+E&S!#4N%Sv5v>11iO#?c41rwg&zPtK*GOh<=CXq?;*R%aP!uu
zgiCDrcc_I2V1b(}RbIppu?W2_N}l<u>`#PiCCnpLh-FweY1SPc(on!IVL5M#f6wSe
zAZZb6k?96<6F`?S*G2|G;LLljezbw8F9wpQ`Z#uyHWbwMkhz{#dh3xEldr<A?B@Y_
zJKLdSyo5J;E6=g|Mz!*plumoT2;ga|e=VuHe1cCCV-sQDjhU^kt8VrCJHG&<X__Yd
z2G4}$zpsSsY`Tl`OxD{#b5q#;Wfw_H6J76w3;1CE7XTZ8<bMktNz#{;d&jTzw&ASH
zA0fxr=dW_=>`_{aBvp8ZLd42P>6W*BsIh69Q7}2>QqFvVE0~98o?O?rGF3z#`SpI%
zMcz}0tjYE-xoedE#c&a$Zar|+>a;HeD@bK0{(j~$Ej8hdh^|TYH*{-C(Rb)Dh=o1i
zF9x--^(&<aL})L`_TOj_qf+knryxGgEPDOeZ|s}d9buuFq4QMq3VLKA*|GGws{XoS
z)Eny}fUK7fxIt`$^3ab;iu~Q~;;99|{m#ro09?@i{7P9OE%Y4zEm(?2u<%D=VDFwi
z*PYiTV~i`(<|_#|%i-iA+ew%lBE2i{k6#9~I-z%$xkdB7VDpGMcD+$%9THC@e-F{k
zQT(Brcn0xkNcf(>qn)+-D_^HtBwedM2&0n?Sb@fJl7CIgm*WkW3Ha-aiqA+CULDk%
zD8yc>6TY-2vy$s|=r}!>Q1|NMVic@9fMVJMZ8nmN50a0^P_%H(Ki|KpmJ{4y_Rutm
z9%VQB{^d<k%sr}Wm%u<k??3+A8>qzo?WcsTvx%dTiM_Mke_ZEUtf=$%jRQPFQmxcl
zRS+sea@1>t25NfVd3*hT5E4}I@QHb4-A1qa7>%9-PkR^8h<VZRq@_O;hPb38BqyZ~
zh#y>>PO`kNvwF?=d_mkJV6arS>g%IAkDX@+e6Zkd=R$%}pkt|-F(`4$ja#PWEt_93
zCUkJ1Lacg}_jP=ikj8OuhLO`>T>1`ta>SkRKqocyN&x!yu1SazY{wRq<oj=&;afu6
zat}g#qTwr}dRs}Ab)|frb`cjb6T*mLa_O=evn>$)O9U_?Sy(-)n|!;YThmM!ojuY_
z6Y1;8@%tJ%@&l3eK{LWdTAQG4_P~fvDD5|1KMCo%@j?Q;K80`V<agfm1cfYa&a((>
zi!JnxsI3;|=YDo63REeT7qk*yT+9tr1Y)eguH3E(K*NNzPcEyQbE%Ia{d{Qauj5#U
zqo>v_Pd6|^#9tT<<S(*VeBcf#miojAC>Bj3jMu3{CG6mgDgRcaa+K#$6XQ(6gYLxe
z08mvch(&3D;(ByKF-bC)8yrq+aJDxkDll|^;ap<jl<dxFQUvrW6fSef^<md6>ayw-
zQ9r!C?K)f`E0K|Z3cevP>WT4x0sNQ1@u5X#3_nTySw<*11Wb?*&n0IJZ1+{`>GoU^
zbV{0K7sZ>P#+QHnXZ1wCFRDZS&otK<{!2Uh|FgL^E&X?M&GjYEl%<lvD{B1(?ky%`
z7hNtz?k?-2EUWAMTp$H@Kw>wm=DJ+1_3w7H>c6+62jKw!4=ZmOTerJ!>xLR;W@c`f
znK=#f40F;jGc!}e%*+fk&@@cV3^Q}mFrEI_+Gp*vb?%p|d!?UbS+Zo=^6TMeXbk73
z3!)3##_@GF3kaF${oWtxD9+9zI};P2Tf=B`-~*-$PTMo3{cc`S=d<PI&Hh(9`b|}5
zgD}ctocPNKA`=9kz4=o`o(nw4ecCn7iCB12(cz4FW-^x6yuygbw3=|NKmk8~N0$ru
zWB42|;qLGCvQP2jR&k6i8BlDbEfJNk5w_u)M2TSg@=Pq$8E4&OY2(+Id<&gj8yQgg
zn(Fpny=cYQla#KUtK(VRxO3Pis!R<vVewY3p$+D5%+?*g`Sxe2%04Y8uB_ZfWQ82&
zlY3!7MD$fEL{ezvh}ju`zr2hjsWc;0gYmJ*QZp8gIT5KYD|S>&qCT5mD7DRh{pwu5
z<dXG}ODAhegcO&QQ=k!+{T)liW&*-Y6k8a|kFHc7RKcLF501c%mNf`pnhPAHCl1FR
zg|;&TH8Hkg*-_`t6E6_SWAIzOP!H3iO0tV5iBbY3T8*%qe#W%T@Tn5~NXIs>fCEzm
zv-&5wHvWr2Q*0xeOBLn<(LRPMO<`>`wEMGYLUOn-R!B6a6hNS1wtCp|8n0veJFr$+
z;rpuA_(*fA3pbN)^AS}##-nJ|sk;F7Xfa6CoOJm7*GkLxRM6&e4w4JV$0)Cje~zr>
zf-)^MQr7Y6(OK)UA~`qFz4<8f1YPqhiSnRfcp|8rTx`Uj>_#XNhcK&GEVcL05m(W~
z_9J}mvfEglF!jtm(m3ooT}M9~l3SeB2TOXENy1M|5*N!vnFhB=o|Es3AEFJJnsrKd
zk-WhP>5;k<qH?$s<`~sAq6QXCgS2Z7CbP()w_*M<*N7BtJiKYm;=Iehl4~3q0@g^~
zk3H%mq)Jh)$_wAz%9`_pt8oX^#Fi{^Z8&w7U3$2dq=@DgniEs%>@z9yIJG?gom?YB
z44V~ELJu8k5bW~2VQD~h%sDcWbb(h=st2f#G|zsy|H_Awj#5j?e?^+efRkCp13Sq&
zDq7v^j+TU#g8&?r!Xg9)6EJBisyKN^rjS1fh*vUmu6Dh#Uy$c9(CE%A41UxzYZGk;
zvFuW*!n3^2w?$8D@{)#X9p@wg5DALGy`jMR!j~oc99do8S+d`oD4)`M%vxVWKEleD
zU~GC>RA3$1YjUKu2D@Di3ZI1ha;iOzR02>)SUJ`a&YOE?A$^|`)7aTz?AOTeJ|hdA
zh_&+%enlc!3z4<81t%P+E=>?glkD7~Xc<Xh<!>*r*6lQVQL&XD_rdPb_mwoa#6*j&
zqcY0X8?__((M~8w!jxvPDr{yDknFa7%JWzsoO1}9MWVE>m8=zwrSV%)s>&Zrsf0IG
zkvmm_R}BrpR`x<*G4wb(!`GLx-K<U&l?t&D)s!49|8YYf358fZYP7MGt?4|#wrM|S
ztYwKS^_Md6I~j1hI=w*>H07XDiSQO6y`=ajAzh*TuY~l~zY@{}*9F3o!F^$ni*uO0
zOi7~;Amxhe(XzueE4oq4Z1l_RDU~zh#py|v7^Y3ct$823Rw^Fp8BHr8XM|Q02`Vxg
zU-c*&ylP_pr7?^gc#3um&7>K+Il`#+F>T_6{hKHIbNcT;;&xoB=m#CnZ@#vn1rJ1y
zmN}6o0ENjhCyFgkp}jGt{uPlXR9KgAyyJNJLS6MMOzRbva}oZJv&kILVRzDv<pMP?
z53Vx!jbWVP;C`Mj+4QCNK5wz5tWn04GB;LoH%XxhRqF5{!u~ostSK_~4Zb)+JFhq7
zMs%03J1mM$IM3lXdzLKd7%Ar&W9d&$_#I5#ac7JSac3TX1B~_Ymm-Cxeie}d{;Y)A
zZ8}H^hwb@ogBsk(o*!e`A>2-ts6MQ;57DuH(xZk+jbz61{^!&t)I}7jzzDUd{|>HQ
zeq}EGv^5m;I}*h5RkjD!W4ye={7<2&B=Q5@{1qBhbTBZ7|KF|te=E>`AMzhf`uhLm
z6a<PHfH@6tgoPFrv_*=2sX_W8%Y?niliSm_U`{=)08h)@an%t+9^JuWwIY|ecbk&4
zM{;n}=arJ!CazpfyykMKXmR;^>5<`al`H)D@~j1>_>@(+)%2PiqS>E9vOg}g)+B{Y
zO*A$6pbe93z47ZtNpArLskz=w=HEsE@z0h2G71)KSAgr9>=faq9kt@=DeV&yY+b(d
zi<l6m+S|6c^OJogEQDfIKpRnUnm_(bSD0QPuLaI<FK2%4&e~1^y;aqz1_$VKbo4~B
zA^Cbd?DAhL=ZC%Phh@`xxHcMNOZwuEDr=L5F=To0W<Px*Ixf-mn<(X9#j_B}&aKP=
zK6n=P916gV;Rd>N{8=fEN=M5XunRjlPxQ&E!WiSe)v*mtdn;P|4&P>bTeJBtZD1e3
zq3_W(xqSB8%*iw+Sa&j^075l9yKJPgP<~LKF}46c1~XJuO}rb2UA^-?9LSpZ(%%%B
z!_RGcVBpZ6g-PLzDDKK;6uyEds`ycYYQ|(N2&@8gAqakOM61)(Fu2wj=W9JS)c8?u
z6JM=lk5uYYL%5bgeZ(?`H1y1XdzctM&GrMq6kH#(LYq#YKe~_^By2oPYfW>BNH*O-
z%bG2wJ*6VMibV<agine0qwH5vivt0#$AoAGLe!KFlk`{E!YCPn!${7b9^c!yeqC}b
zJQM!QD3C2nm^i=KeBY0i@8&v?o#?Y3ksX}spbB==o>4LGm@n3wnC8ii9{`HZ$w%uZ
z=IqNy``x*ku((&JxHDL#&rxMYDmmwB9t{#woz$x3v!4`*AY2Vl8}H;IMrG-s4;{+U
z-vK)6)=3M+u;|q*#RfN$Z#C&zyQV5<FPori1l!Ulq9~P=6Q0$_n~h9(Wl2(NR^xp_
zHS7^>E!2C&tjd8*#O;Unzs#eb4H~Vfeyi)WKoT`44Jq+84QW`{zo<#s=D8u>r%E00
z$<@<N8mp#^^ai(lH>2RgTaTjK#~Cw$ejZVMSB@zTX2u&AbVZezp=&Pq+Hn14t)zg!
zN7D6yE)vjIagXwKxNHqf{3k1|Wc|+vud#ib?`f%UrxpL(A<!?X3N&r^oMWID;@o)G
zt((FOD`2C>Kh)PC*<z|^DHg3twys|8oj1io1gK=n=aToRlH9(u1^eR;RhvoW(xd$B
zAkHZy*Tz}n?hNO24Qot=H=CsnN7ABG)Kc_wG>YMwx6^OUSQP`+Z>xfWD{&Dlkco!&
zFb=`-DnurR1+FEaBCaWct!hvISOh$=B@j4XgBLodvZ9^GWI`-vMu3XnB?-T$eOtWX
zSe8+1wXFKO<pzt{aAwntfM?{lj!$)pkr{BEWU<`Vp@{%Q22=14STJ9LD_Ebc()~{@
z)6n2Ys#X+QOIUK%(ChM5C{fC?aM(TZ@cYk(LZXya;q-SJm2S`v*i1Pg<A#q%d{434
zcLo17O5ak+uD<!<fGUpI8N5S9nIP1^YZpBDcs9H<xL%UaH_Q<?-4N}(L13=i>xzrP
z(V~5|O;UWx195^T&`rB8m8ak?=Zy1_#A@i;rf|>7&v*Cwn5Hb4<VFpuoRx0}6vzM5
zlKhF-(mDr62o<tblBW6}kH9k0BN`zqgH2&GiR5yp?UORO?Y3>Y9d9>c-eO+*$6rC^
z*wvgJkc)ucS%tsp1zVJoU@5#er_J1ZFEcr-b^X(G?-w9=SWhz??G?(t+?`i$^jMs%
z67&Lr&7n0ypk*Yo@#FCH<<#>~AbnBmiuXcMz|=Jk;|l=p)F}=(<oHroU;1iz<K9(k
zX9LbT?T;&6dYbwy4P7mFVl>g0bzBml;#_!@(JaUSPdI|gR6Cm)0Hh_LDuh?o$c1UE
zDY3zGxK}qQc-3jq+=1-c3}5rZI+Ha#*H)naCS(ClfY5Q~VV5*84?VKi{SyY8QR@Yj
z0CuriM1(_1Z+S!qd=0+ik=*@1C0IYuh3We4LS$0ZBhK|e2J9Gu=l4H|#7dloqXPeU
z1bi_O1Y@%_tg3nx_(cf~k(xn<;*6^+I*9oX=O{qNsDDbZSc!L=-^?nNpB-^Lr(wiy
ztZWx$alTaOJV7w@NRWTbB^iA$$bAxYhl}WnvVVif!@oZ`328G+fr`x?ye7$1Uj8a@
z$A4kfA8Q3Z(`q!d<FNWdo<ud%uPaeN29nl3eTIt68%(;K$ZV#0(FDJ8%O6Q9I=>}d
zDgO3ALFdy#yGBUqqyNjF-aG-vygT?G>wu-?T$YXi`(h-+KoT3_g!cJxZElgucS~`Q
z&ky{_|4u+v@w2=~oyl_<m3bb&(Bm7-2lW3GUrA}*=zl2h>Hj<Bar|$}d(~Q$!tDhz
z$j8D~ld6|4N*Q3Ah3VRU$)}amneBp?v~MTl7x^x0l`MH7|Jw3kV7qli^1^QuV=L(Q
zrap5*vb5ls%y=t<ri5^0mYnN&xqdax?QvM&AMlJM!r%`$Za7aG*0Eh2&pn7jTWg|b
zp(LD|MASLLpz9Yjwk>0~TiILJT<A)lD!Z>a*thF5_^X&ivA=8%Wr`NAl2j&V84KJP
zfYPlwY6ER9Wwx<*!^RHIdM;iT77}#g8$)<{Z%&BwB|Erv=Ik|!(|I>MB!~b0_f;id
z-66iWrKU@cgA2$cl15zTdWUh@0LX^H-pFAnR}NR$o)VO6LVL#gS2%$UH0gv3)SLl*
z#p0$MO@jLw-!<dj5j9R>J@{oiQ+ICP+iF#X>>EcHcGe-nLg!PzDq}*oF;qyT#ga?l
zwJ}Dinf3?6*CeS1+k8R$hw@tgi}J?*MR}5||4n&aiIBkPmdxo-N*(s}pOMBcGVpN-
z0rX|xzKFY3^q>=)&{DhM{T>#BX7I$Vij4yeH@NB8$b-cAPKXzB|5Bdai`1|dX*l&i
z{iI(Kty?T+NjUcT_eEUl8aU?v=_k$noASanRblKAYyVQ-yuIm=;P=4;a+3h5?1GWx
zhFtn@?YtL#roS^e0k#+zIS(2(H;nI{1UR)TE<))kup&{X$O6=Rs^=was3z`*cDg)r
zc1Cv7;k@U)EXr#JRyeEfiE?7YsqK$Goz-6I<4Q8!D=w3+aMhU!G{z+266b1Yh1-FN
zp29y7;wKHsei<Th#h#j04~DB=bsJ+6-Y(b17?=Kw^2E5sd3?V7oAQEU|DilQlfRS)
z=Z7dqrnW`xF_zvnZ#-SOjhmPHm-76!@v7jJ0QJW_bozml_c>g1_R(=FgczgRg{OZh
z5BLw|k(>XE@&^Am<sIwH{HLG9S!MJO<!#6jHU6bMwSQCI#Af5X`L!K&a3SpJxXh3U
zuKO@{{reZ>-MG8+YAdDQ=Vp0ajcZ1ZLEqT;kOOh~pVRy>Z(#^i>N${Qu}-rl^?DMf
za5Li#jk5o$C)sKcX=W4emP87UsZ>4V+v|NKxr5JSVASFq>wjut)WA0mWL!5@gvJE5
zFcmeAkf07SxK2I+5VK9lyhHy(c^@o3?@h|rOrP;f=wM$Sv(mvT4*EpUdZrp|hz;Pb
z=Iz6FUt65&w*5rk1$_rp0$3VmZpBb;cbFM0Es$5*BsV|N#DM}0LKF8C(`UY7=XP);
zuQVDg9)$LxGs1e1Xjs0%%I5k&%R4zUr8z&ce<-iGB_&!+|6i2XjAZ{`l*jRJ%5%St
z$!T(Ko9;%uDRj+t)%nxm41+{z17`sHOGQ(M@{&WOl+ibFmEoVCGEo;_>(XP?_cH39
zQp^m}d;2RI(WolWiWm@Ad!!9#|8Oj{IIElQn)iIMT>PDetpDghyfw?Nqz2Ji0fgM;
z6LUOk$a@)HgZ5^)-Gs_Ad1)m^fmWkD(c=+eQk+{Ow6}`+3|+OhbLfgYG*M`z+d<w$
z<Rq5*`(oh)oladd^=7E*L1g4HsX*>q*o;KNizz`@2<6Ra-+<`A^S0G-J3|_xA(Y0;
ztcsYXZ#^j!#vDyOf)?yz1J%so9srJkjk%~$Qj9`zAzp+ZXi1*Lf@<8e*>+tq8Xx~v
zPg4A+p46nT?G~t_SS!LpgDrSYJ+1#ZAHRK)l_>Z0Pd%yEP*>V{vY>rB<;QOhV*AL`
zN>2{7sS<c&Gec33RJ}HB%<<29R`1Az6@FY2%IO=u%uM**6BEIdEEIz7AohTw=)8aG
zNofCFPeS@nJ&6hd^;FP2@EA!Szb7UQa!%{c)8(3)8OsDEY{c-!bnC{n{;3hoSYGtp
z;xFYDr~c1+(*HquRKCi!gp2=oJxTtsO16aq46H333{3d{wb1+@?WF%w89^9d%#r0g
z_ao<QvjqpZ?|;xaOHg4Y;UrIjQ4^sk3U-qScS!el4a6D&SG_U4rYsex!w}f#y&3(z
zkDC*Zo0I3}R}L&+g#8bvE_%4@rzY39o14#4KG$EtOzk=>g#o5RNiR)UJLYrgSc6S3
zGCVyt_BtH1+U=A*Wi@i?OGzT8uGTzFY`AnF7EC102nu#hE>2H8u<YN4cdOskPzjdn
zU^#y)JHSd5rvTjsD{X&}4_a|xI=Einvk_$q>ujowqiaiXtfN;VO*<lTLNeq?ezQ$l
zX%dlN#MUElu!|2R_*G?+Y8s?dEn`e3OlThkMH6<GNWch{{=0_}lL;5P#!fRsKTyF1
zp=c`TP^GrPT54~ewSinKjeM{aX>iq|rIk@C=At(ShazGnMK#KaY|#axAuP;bv8b6D
zH`p&nONGQPkI>4h0-h6wMv5HVRn%)IQSy?nor5bv6MDiXiP!*#v6&#AQ-}D@oHb5o
zK(4!_Hsc_hF~q#gbdPx8&k)&b7GuOSJFaDK;KeGhUQZ3msbU)@=3+8GLW4ojMx96-
zgUSVb6(Qs(Jt3Q|7eJ$+hHO@wr5mF5Wb7q{6EYCVaRyDJHAzM7uB3HJv?x;>$I6B}
z270HU21z2j8n|Se9X#O9;u@LRY{vWW3Zg6&PqtRj9B>~8gsjw2%bOZHtCF!Q6=Q%v
zb#d@Ve}<jPa5%8Q*her`_DC#sc7}AKlfEgCelIx2#lUSSyx;}817oFJhvr4>zoW1K
zdH0bdk0iwI5hS;mIdpglk_N+@lc*;wPR!=5F!gbwq0>2_&Z>T>-iVYqxHs^UuA4Lo
zQoiG+;3fOl;G5(U=NfVm_ew4C<mq<}E#3Jv^|Gx%aiQrk+ruuJHcAXf_-dgPI_-q>
z0s1V~_An^!nHWOira)>-m!fbmGCHUfhB|s6aSc9sI7U6Ijd?;F+H9=oUCd1Inv#vf
zB_>6rc+xZTSCxJUa3pPHFDvf`F9#@7mlChq@k1Gs$uDh2%cH9%V*tIJ^W>4%d3#{5
z9dX0PYCe%WO;m$Q?qC(j7vSSs7w0qfJ5lu&^6VfMM?yzrnvvA<hh1STSPW|k4cko<
z<hZ$~-Y?1wMTaPfS$cpE)@WSZ$*#w8Du3n|nNBK95%NJ1m&8=?Hu;^RR74X<u<YeV
z(y*A)5@MQdaIU`Mib!B_V7N56QkVG--w#fE(_yoTQVLDfZjM;<TnlMFUOY}YDPzug
z>Ij13sibsWLTYM$33oXtprniTdN|^51@zv5hw~N*pFk=(Lnf+vGF}r268Q5#rMQAz
zV)KXwpzJK#z@eM9x~q2%q3n4A1Xt0*rjz$R?n#oV(}Nq^w&%)CCgF}^5d#@K>+T^n
zvfBA)S`gOY_(X6kL$FB)c(wC`l!gmbb5moydkPSVUguOSv}DH=EPLG=Mk8u+$`3n-
zjL4n(tK!%qPf}%c9G5Z{0Yb8A@%VI7%`}xJ9#=J3+%vPs-k0R1uuLZCqEy>VyWUA$
z=Fy%7!6+A(v<!pj%7R!P7vKbtGf4zv6B7M}%I$D|^TM-rAB#y%!Re3TbR8*C{cyI8
zDS#@T&dB)+QXZvcL#(?S1)4H?!{BFb7N*`1LpDSbz`Vojl#D4TTxrXQm9sNwL&kd}
z^ii|3ER&!NORQrK&<<!wXxktNnmUiQT%}SCpO3rXa_5KZgIs_;$Is!$rEC_DiyM@&
z+b@ynGwH2lLpuuXh0&HQhY9%RlVYD<T#c1NYzdW(qmMsKV90c+@ksuQsSy3~^py>y
z=`QRR6Qz1BOo@6E-;fgF%(4b;Cw4T{QT-t|6Tt>@fA}7)Abe=l-mq<+knE*1;2pC*
zj<&jYTQPQEa0CZPS<R-K;t9$qWWoQgovH}OjMT!xu}~79MQnvFmOnJ?C(E;ripVkT
zC^1%g3`ICQ(_qOCS~%yOXUi5r4$_D4g7QrrY8f#O>6L564sw9Hg>$8u4G~d>@Q3Jy
z{X;z)Az}pa4*Q3OHE=)#A_NwZT15na1JR8RiUVV|aCcljsibJi@DnEtN2M(SQPn0Q
zl`sjT*5SI0Fi(P0I!y=WA0R%3@uZ>Bj<{(Zt*C}$SjEaqek2lpQd)?^rJ~_V0eFI(
zAt+#DDOsZjtRT8EK#-uHO0n~uJE*mTgqsi{KN1EBTVqxL=nNQaVQ>KSF?hmxgS&{y
zCv=DUL<+CyB-yj>>1)hhjVM?Q#+9Dz7%n=8NisynhYeosa;Z#2MrzlL^WjVqX@Ecw
z91-+8b6MmpOff`cXERMuFRTJ3Yt(=lgj!&ngYad!a~008UA7zmKj_3Wzm>*Ej{-6p
zwv#&u56S`^6#=LNWr0ya$r>@B5AljVkha#~&Y2C0<?f(jnws`Ok2KboEWpn!T^t19
zQE-V+I^4lU+DG6+ykcmJ0LX$Qp^!;QHBDg9v=z1i5a1B<u#4yw6sVL9nA$qs^lM~m
zm5r?3c>_&cFnmMZ;6pj6K?hL7a+N`WKV|XZLg6^jctS-&MN$K`_ghf4B>|j4oJ5tK
zMx^LP7wF|bh6Y*<;FQPp6|||P`&bWEAR^Fs)(dcLt0v`2G^j%*o1lhh^$$IZn2wPl
zS#`3PSN1#ZvInSJWTrIn&b<K}VsX_&48hK;)7CZQb7=#o@G0yK(>1;7)al-FMBGls
zOoVdj2+K8R(PJqQ8E|JM2GZ#4;NKO?tFvFkv~I?RoIKTF^y3d&jcLYx2M}mXq*cEo
zEQSB5&Il`l&QZ`$p#F{+WC}+pz3mA>gUXXMAPWU`LkFcq^&P+A);(f3m2{N|Eh@@|
z!%!wpS-DXa$5w!D5jS#Ju`Q-@18+c%@7CJY-qZ!42wp0!iou+s)RUtdL$#^{HI2R2
zfP}<G2gU_7_dGYd4!7Obh2LCG%5i~>JXrUFnx^><4!#o>16xD$-AQk_Iy%PF1N9-f
z?fBb4EVBpN?Kg-FG*m7_(QP>hEwqjw1DsHGRHUh0c?03`?oj1n!ANe?$RMRD2h#5p
zLD{hD3ftJax~+69ZC2Y(L+f(eToCOTsH5w$01EKJj}53xvIaP9(fKxl&NhGvM>O;T
zPqf4k&yG>L--}!{6Fk3l9y3k7=P6WuQsk7Ao;&(Q7<Uj-&Q_$9>F1X-=*iV?8xhZw
zK#@JLMRN5mnX}1gaOfVS7VB%|1~LadhnV#YN8W2g=pN)N)6ce@>I})DYPvq}9r16~
zX#?00kLVz|?LMw@r3Bu4grP{c1xP4j%7(bW<Ln4n0flX}9z|EGwXB6u_5+%erTnNM
z?VfYeYh3WTEM-*B<N-CPJnC!2AWOK&u;IIbd9k_iAgkF~*DBATffy)5@@uvrE!fDV
z(BqV4xE|4MMF>YU&+LIu*dFn11Bfd$&-?)xsL(wj^6Rfb%B$$_<GY5K(Yveq7-xyf
zaK2L8E)YXeM(9t`1Itju(K~Bg857s+<>Rx%$@}~eTNtPe5hQSL5+Xcj8S&WLF2K3N
z(n8Mo@sg<Z4=sp(v?roWEmgc#89?>N-t_kL6|qh6S5ND156t`{sbDzlI5Pf^zYB{s
zU`HiUB0T)0QIi1bH^qnv0Vwj}v3Nb*3q;S<WA?1Rig`no4PmG7Dxk(fdXh9H=gq_2
z#jZ=m6w<(JMD<`3-o7QoJ5f}om}~tbhdFT`X@Yg+mp!_nBZ14n<@uXh*{2k(W3TyA
zW*}$Rg{7Ny$b%yx=g3GnSH=TGi0uy~q-8AV<Qn)ey`peUMTt+;C#`atM5yB+EGsD2
z990`Of>rR$&|j!kbHQN8;IN*sC1}^^1?H?J7(Yo9WdpIB5+wuMWd6>u80KwYsdSj?
z(4d;ZLj^x8mlq76rjpaf7;zAvYI>VO<dx~)GrM8#!)q>=l_{3>!xvOoOQzWp{AINj
z{NEFuF4E04+m7Ic?bcRF#N?$$4EG*5NG{HwhrWb&8CB&@PF=Ms>l8&VNK}U+)w4=B
zfd9FbH|Xj<UYjcwbmcmq?_L%7KWBIq@3;-DMeR!%lvT5AO?qJ_m_4j09r)@`aQFui
z0^a|7OuiucpcVk&v7oHz!7e!d&Hxld3l-RZCdJ8Nm`yyci9S;-5c^pq#y3+b5c^If
z#;agNVAh1#>MKf1CXDW6j0V%c_jpbOsxx-bA<B&lcze)~G&*Em`5Hutq`~c4(QkM%
zfIO-_)#6hV7GYoakjvs_F{-Pquc+M^o8Z1Ff6a!_{zR7PS!KuND?(GZ2GD>+*;xb5
z2ZIR(?bQ?n_|I*&FTbf{^23W1qF9kY{T~w=Pv>Qgp&eS5)S`ZFLrKouk^}+c+On0n
z4yx{raL|>^DyX2wvN+FyhaoS<<EgV<I;{3QPK{Qzo2du>B<N3Lpd?zHv!N|a(t3q(
z1Ab-iz<5av92sb0&EreJ!NTfdIQ1r<qM6QJ3S;e<K#C7mg_9=QC604Py}XWZT~MaW
zEe}(;kj8rmfcQP;cR{_x)@nq#Q$H}-1;BjAtw@2v9rbAW(Nt}L=v2wsy45Po1_E3t
z12*>B{TFv)<kVjE&VN~bszAjon#QLt98S^F3)1h%0&KJ{VQL84z8~(H<TB<Rc<dG$
z;k4y^zppsslOAzH3E$QT3Qq^*9NvGsGca&L$zZ<HysCQY`?R;5ys)UUJkBa<j|%ZG
zJ&s!;%i)T<ci8g`tvs?4Hfy-_X8y5UvTIr+DyBu&T52n?fdqV@_m0foMlU%oEXR;k
z)^}CYU|h&J8a-xROXR^YrTvpE8bLgA!`6#}v=ZVv8P;^%QyL=Lc&7T*BfV_Xh(u%)
z*NQF0yp&y$1hJ-}8AiDGg_+0Pu5`a~?q=K|eOI)5P4=7GmLkjKtjAJ>%&0xg=^v9`
zZZf$*^LgWirJyoAa&>c@#nF7oi!&9lFhGs&>Uvuq`#qZ<E*>A@J8xZ^XpSc5eW9zX
z+JcjpZ4@(s!M1>@Rns@F)a#CiNv)@+v2N<_><dLqtd3N5%%~V5wd`6A^eN9p-MNY!
z;9}l<9`&N(05q-oFaFNT-ils{;Y_W2wAbY?2j2{Kz>k;$JYm}3LZQhcF-v=F0lDxE
z8cd3cJ2K5$`SC8xiY=8hv*qT;K4<Jf_bGhwD$FB#G8K(fG8Doc-*Q9<l5{7m?&Q#O
zW+jfZZVyS;Qk2!((Dxd;k;{a%@^cGk<{slJtMzq>Vux8YRyDNpv=r>f7cVZSrx%aT
zmiB2WPe^EZd2b3_ODD$R$1jtD3oBU`aT2d3qlQwJKZy`LR@kjDE^k3nMl~c7LnzR{
z`5ht^hWM}H$DVM14?abf<A^cgNR=6uFMp$1a8JPGsVYzsfP-B<1t-YW%~ag?N12cX
zn4gmQ=|JzjI4f-J<?!c+57-d~s+Rk#p)szX{gwlrDvvKN65OZl?=}E;pY-N`mSiu=
zs3puQMxUwvqE)Z9n)OOK(a7A57kkN^>lo<OHIkhC-BE?A_>GKSgD3W~L|<5di}m8#
zSlQtRFi3@h=#l;s;5&>GM@;vW`J(!g#32wrI%1lmuv{*=>+8Er!Ul)sU20)_I(9ae
zgiSMS5r)rsGbX;4izVhO&}*tmnZv%MJf~dt)!An9T=g4ZX?1kfJn6gXv5J?N<kYD9
zWcsGN?IG(LmgA}AsijIpej09I3ReX`@_?)&Avh15<>}GMQS$o{4WF-bfh}@Exd)E`
zvGM8IeT>ZZNapGooI>vff}K9h(Ao+cwd9Kj>A)h(G7Cj%oy;U1dS0trjv6ILA_4}t
zW|@DSKj(N4*Wq*0X_-7qVb^!azc(CRjac|(yOrr3x_fyy>&J`YOE}`Y)Vl?s)7=$z
zaVcudpWKtCevWUQLQD`TJEC%{Zc7T|6Iq?qpV%Z>ySv6<Y$A&0cy}Z5WE*hmapo~c
z*bTGHH!iBdxXjlW5~R<*s+;wK-J7=9hjY|k+s1>8>pIMBb}3)SasT@DccB={Fmx_k
zCts7hGnhsmw#~3{SKA)uoCB((A2+u}*+*huZi&$OERXdG_q@Ge<YOsO3-SJo>DRcW
z#9SOZhbRudQ9J40wAq0|M~KnI{Q3Nnq(@h~AF)l4sSCUD<xw#ajDH`fkDd=gyl1gp
znbailbD0u!N?8*Ms)f1fMWZ<*>b`mt*7!ZWX2wO-9IP?}P`n*#$qkp;*d6OV_dU1F
zq+VkdUrzxqBMsFH&*fAnsL>u+#(M8@?_p*Co(FuXxYIwkXXAWE&G_Mz#CB5%-J1;Z
zuTZcfn;iErw>Zr|%~xr7Lp-v+<r}=9C2DBQ)nV@7#ESl7o8Ma*P#PeM?{^`CVV;8`
zZDxslQNW(W+Q*=1>7({(_!%$o4tbDTMWF>_H8)eqdY^B-<e&H<zbj}<>~7z{@K_TH
zJw1+_@bzB!&(`>{Fp(5LH@(ajx^xvm^zN<D>}*@#PmeVWy-2$65T)Zm?E9mw+L_;e
zPa$*g+B2LDwDC9_XR&0(jW2Y-T<jV~7)%Sw^W`6OaCn8oh6*fvl|RjO#5d!sQ^;e|
z#1w$h7VTlWoT&_oJNa3KiPACNCv?%s)j8s4X5Fq`#!K(eT+WbX@eM<|EbGk%;%eL{
z5$7$+$!&DL5=oVipp<Ab15bYA^0KLQ{Pk97xYuac-sGEjN1Ob_36J-YGas_?t*9?4
z93i6JcVFUeMnb1Go|6jYaxTCf?@!vmLF&Qs-nAXO+l{BX#nP}SvQ9a>Lk}uSnzrwu
z`x2?+@}6I#nA|4uR%d~9jL1<CXF8d?Q)W3zN^&VEN5G#M2l3M`D<oX^hTe`v1YtdU
zd|q-OCk*>BnK@uIPhWxy#&f1G;#Nqg#&#leV!h5tuS>rt4>`Pnat5BAGT%PwmKPh3
zp&7Jkd<?#CQK4YiS4YC$b%!lOcxqf<cp?y%GzIw(AVirRv;i$Go1Xczb+GKP?Mv*S
z<vfG*9Nu(su`f1TmVm9&(wmnWj@Ff6@vrSPD?=V*f~9R2B=@Sq-njM@D}eRv_R=2>
z=(%x?UHsf+>U=a@-+&NBZrnQcd0@5mo`*dKI$<DEFmgD|POF^?o_5qz$Viq^Y3tn|
zJ|i)L$GNI9fIaOjDN|*!$NrbKQrsfbsa0hCTl3x6DDU{`49JNX)e++QJ7{sAxotp0
z^<2N%`)=jyOfGk8mCb05TnLHD@#DfyN$Gr`MU%7wPvIy1pIeEN97A3o8}s{JUYGLe
zY;8fyyusyy41!?!y&jK>LSy(;47eqhm}+5&tjQmIwcbukeRnh_C<;Hgoo<EHs*(Il
zJozWN<O#iYq#^GXf5i)7*KS&#2LIr_D`U)4)zJ`abiQ5WT|iW#2|wA?CK>83CL%)g
zCx7XRTi>Q3z*o95EIjT32tLTJ$#%C<m*cIL%j~{9LvpT850Cdr5H+Ms?E}OYS0dph
z?fb}R_FRzcx$cQ`p>}Zq%cHz=+c<^!Wz%_jy?~oxuZ1Hu&Ujh<kMh4)Z2GW!>UCF+
z|Msm#T3;!fry9PVWvp?J>%^*d<)b=A)(9Q-Vz_uSL{TU{VFrNTPd$Qm@{r~E>;^YO
zanNQ|g;C}!4&9%(m)zySKV#POMh)PD?jGJ>_qP~x+-bMC&VIJ1?oT$7T-^%FK!j<c
zAvIvDnK1g;_PFU@P;K`)HrTK0Hw!amdwwPGWp`ARzG(YN^B`_-ahlB{p0uK3!o?Ak
zHQ2tJlPWi>cXuH?-V(MkLqe)0AanKWvwS)8$-VMH+<Cc#s8y|z^@)Oqk<W)X<|^^_
zJCfjlVjd+ieI(Kcluc{ORoHcTNkRDmuxK%ys-5$xnP+1|xM?6i!_G*Bq#0MPqA-;0
zNj~$XoX>K=DCxpbgQhnE-MK;n|IN+&!tJOZdtfVd(rJ#r$Utvnjo>XH_fPYL8s$e_
z>bs$|zmkLPHA<l3Q$l^`T|&uQ!a+<{<w5zO@wM_v+C=XAI@G7W&2^YB33n^>WmA8V
z2Tb=ZIB7}%#TS2ue$G@%6;8a>-^1Hm3+>@uA72nZiZSmo8g||7<q1_g81vshU-_^;
z6{~K$-xQWrM%b`<C?^UH0M^&SdwWMpJ)YyA>ALU5yO!{^ks~S|*x?c245vc~XvB(<
ze~vr;oXSwn6A+^`B=O&Gz$9qNvF%sBrZOwrSbMSsV!6MVYbVehn1K^y+N6$DASoj^
zd=T}<?2V@|`gLg9#I)Z?gqQ0bUFz?~F)4eDH%h~JFq3l$e0b)2e6Y5Zw_`3yKMNeh
z%G+6czRbn=eeQ5t&w$Z+7x<cY7mK714_qUbwYPqrtq9IAe~U9XIC|p~KF!fbR3>XE
zG<f5QDwmOCPG|XE>K?doIIpzHZ?IYNCso!9$k*jT-Oed+0Fvjwhr^zcp>s=p?@gNq
z@&3L(N48s>_Dct{OUczFvQV~W5YTXN3haG<PEGvu7Q_hjYMikywD*1((g!t{Taq{U
z+lQtZi}F!*xaxM4stTFkc~kGLD*`m}9MUmut<2@5tpwGaIH}v*iswWG;WO*{Q+Bcr
zSNKOhm}=bw*x3ct1YW@=Tw_J`v6Qf-C;gnVyO*3<cq}z5zG|;DIm@yZ+00jq-Nyx4
z+!%Db<-T{#b|~e~=gpQXw`#;!*BxJz9froEOlWB(5CsPuf6IzjKuD@QMC22t;UmR0
zhs+w~F|`A`o0EpT$&fOdHf6*)=8w^~m_?IhR4!w=p5x5jFHTN3C|a-kMO5W0mo`&<
zi>1+5`O8D&If-6a>wvrJO*O5*^43vjeo8CVP~%6{q?);h#)IYon8sz%FLI6aO6L;#
zF_m#m6XryqGoB~?4Slq~4A5Df;Y?GfC(f;Y+dp1%Zr4X!S-75Vb<#V-&eV@Vz+ahx
z0QAcph#-c1<70D4$?bgz+de-bL!pDlV4?6vFIpb_BzgH;z~#mR|Mwq@qr#uxxYX&c
znGFkHSBy&n>+LvBd29sl?9IB3CMPvDoxaMi4b&8MuXN1i`OaA7T~)3OIFGpL`r{jx
zFa06Dn0icB+Pm%LEbVK$O=hx79!*r5IVz6x72l1;Zv(%OAM1*JL)6Jo-BS*@R#La+
z%bqzkJ;aP^bhetz5nnMQ#31!oG*%k{MKxG!kA)fc&bIWOqjQ|0YYs9?I%Mo@9sInL
z8}xBBKhFRK_xR!A^Aof+W~G&Kj;yWJ+}lY+Il6mA)i?EcBCKhd>gg;6lmB`5*E@bi
zUZkl#2itkeN(2499bo>#{8mARyL$SDp^7$cnoGY<D>LXDP33$i8oGvY=pD_GsQS{h
zIno>o9T}c<<$SBJoiDK6Ge_GR+=!v1U4H+H$2eE+fV`ABUXnL)=m^dIsU#LMzruTN
z<_^CQcC(QMv*E`6u*<~L>0q7$y0H7Y7U^2vw2+8_=TFWTtIwC_-MQ$&XY*aN^2&~J
z8sh;w<7JwrR!(<Cvi3aLexK~kDQ#BAY9&56#S~u2LaW(ULRisax#?`NVFJ}90OM?&
z%jW^h{)lYqzR}PNw{ejnLZv?Si3>y=7d33?Opq2LAEUQ2b*7`7!%d??B3gO%ThqP#
zn3U+17CFJdbk7?0taLm))HFPFE@0nUcr9Tgtp5*)b?;n=D|Tb%0f5rbsePGnAlHVZ
z*t5n}Ax#Y3^bxDWQEsvKwAzw~B(Bj0Ys+PCu7|_CIY}&1E$54pj$?1W=2VmBV37b@
zEz6B#TS&mR+L(7wdn2f6*b*jKSs0LKG}Ge?x%cAz010n}3gMo}U=xTa1<o=XnO73o
zY`xjmdSbBa^OXyVe*VoGM2&QS!g$lGZm7QN)44wLMTu5(=iVo2AV$H6j^(!3A`)-=
zQJra<s&6^!BaY{#>PsH_R<`=5rkI~@)RleJr;%81`|u<3Qa^!F0tSO|yvn1P;Uw9W
z+deALu|RzO{iNdc^@4vtge$`AiM>HF-1TQf2}t_DAGnjK5I~J?M!t|hge;4L{2Y2L
z99R5z8+$6OTp=CdD|&B4y;v;XSM*Z9cV<Ae%OzeXf#b)Z|0g#)=67MtG&*5lE$ch=
z>W$#)jp+|~d*MO`f2Nyv%}egIYg)Rn(f9bwemUO&8o+E%fXqg~+Ns(jNw*UHa`Q06
zVcEtF@<r2|4yOzZ@;&2hs6Y1c!AFhf7p847aRdQ49+cmuh4I*)Ype#hCr%@4WCm5a
zJ7w+#9av3~UrMyhUYlhv&Tln;0_P*l{TcpXc5SyBh3X@Cr@c0Z(LZ&!zxyEk*+Zv%
zx;W<g^5Rh<5-%KqiCch)n^`bGS~{@p91veC67<d=2H_yo3Huj=t6H+N<(MLA?Xo>^
z#!wMZzn1j;3^qyFsHUpYl3%I?%~gs^j-`#DULZ2RUA=LYhL?V`@uV;PwU>rpn2MiO
zvq)RGc&tQsaM-P<G9_5@!*qR701pkTWQwQ0cFL2?Su97Ua3T+)QA;2={7oV#6Ei^u
zSTzpuwUm8z3siQzs2;5pqvhJQ-RIF%#13U*(Ny#bJ6vNXX^9|VJ{H~e{A8o<SEuf0
z#J!XtF)Z+{m#^&QP1}$Lb5l98URKjHAV@p0=2|RBdl7HOaIS0<ymFDB)vz~YcS(;i
zlqjdhP=qv{vRaD))s6o^`8WZdB@KSLo9+!Kyx@QwimCSJ{n0mAU9x@7)K`}^sAwH&
z1<lnZY>u`eGA@d!*cP&EqM!G6DhxGJ<uyr_o=zGJgqMpwcx%K#;8(Pa38T)PL_6_O
zbY#H<gj5{4dPzq!)jP$0&wZMIKaX>uJ_Hby27SM7NkivE6F(loea;?OA4s|$D5#n1
z&X-SdmwW6JOgN&|vxhoPGd}7u_wi2Dx!+B#*#BgHJtREHcFFDIWhs;BaqN2TE_A%T
zyR+YNRqGq4ft;q<a*cUDg!rS_Znjlm%B(xXNU80Zu!*nZH|~8UuI)!><NPIEE1jZ)
zo{OW@LJQ+trMn=G(30}l3sN*QbyZP!zfW9$_i>of+s0bY25>8+rCZeVb<{Zk1;=sA
zOsm`L^^nUfqo)^rZL_GyuX<sveIzyV(Oo$}`A?hhmZML1`E6VO=vHx2MnBH)pQQ@*
z_yIG~n;)C=mz(>_Y<`#Cv|-UgA3{TDxUC+N*6sWe#WTVD3@<OQ<f=xU`uMSw1Q;@x
zb;n0n5tQ#xdqSi&mjk-+%8%Qy$0-C8i(EVA9?~7F`brsA?TFuMi=^8?Y4Nmf^#gW_
z1D=hSLP4GRQokUllZs>zYXVdf?apY22QhEw#EDkE_(h#3-=8a*y|9k^l_)Z;<R*-U
zS6pKtWf3`$ZTm_HNZq_eX$u5=JAP3QF5Is!|8kfGh1hwa6XX@I?zK7cWxpQ>YCI;l
z6HZZNC}TEIt9|GUp`&)0pfT@u9mSDpmg$M4%6za}BYOuj>5F|x0&!~Y$5-oH*`bzq
zj!hbdhEw)(Wh*IvrM@S&bUQz))DJ#h+b1c~zKc*!Zwz#Q=@;Mpf*F*XmzJ%g7gW0&
zingaO6Gl-RjyLg!1@a85mc@R7OabMG0hCsEmOWg{#!E&@S2=N50qwO+H>V^!Apt2l
z#XI<N89PPxkyeS?Q6XXrvm5x1+44UkJZ-FVudBmNb?@XNte|yEO1t^@i6usu66%Jc
z6?FSn#0}ZQ7HdG>YsT_zA_ug*os={zvhhHL{DSu6Cc@fmk$sOLwt<^^H!XCZ#NoWl
z^xPoY{)Hy-#v+`~mIR`!mOe4N{(YrW7F5W{caaP_`8Gs!$`F2bb7je)U<nO(G7a~b
z%5StFBw5W;8PaIkv}DYxRQTk=T-{Yn$K~)^%i=_T9(zAs-A<cuVd;webS|5iHfdcG
z%>s>|;il$5Cwru^G5pJ{^@d)$Bhc#FDC1~N>%(v2k7PZccWo4V7JKrA75oR{HMQ(v
z9=);6MQU5MOc*6iH|U(o)A?3CZOGq>=4C=Dk|Xtu$ae8uirLdm&tFfql)57P3NLD>
z0G%i8&AlyIt3r${rUg~aY<b_@HrTYzBCMKKGA^?$n^3;AMev5lp@H%aRaFM+q&oeq
z&QyH@H{xFehuBt-xdH`8Et+vuvb9!>&)wWPd_oMyHzlrm;yAAwW<Wjzpx4<HKQJID
z;ybDjcs!tf$okxkC!!bJqltS5?t#nq*JjYxijOX_j}gI;kcg3Q1<{nyQk~hBO?&fI
z%PZ({wfY?9g8!j-Gr_M)8L)NQyyEdf{?Oa^<Gmn1=Dxnc=sthNF{gQ}bNpl550vjK
z{J>xo<~C-!aiZ;k_uFs!<Guv)4iRFCozQiLaXZgV+k^MF{b(1F_M^~si@|_GHoT7Y
zQeti!y7RnJ;Cc%KDa(aU%_sEPXSkiC$IqK|(K-*upLcnP&zl5=-R)T3o+Kf8n~wum
z??m2sVTq3CNE>nZ$Ht6dd80|&+{{BS+y(hJ{C||W0U|FZxT$@}?uuKm-KE0dVJG##
z#6S6kMp8n5W@rP!@gfEbVq=V#V=ax_V-pHl_h@jFvye)&o>@6uaB%Z<ASl=%S-I|1
za5KCRV`l_lsLlM5eX^hxzK#v5H^Y}@xiz$}K)hy34=~<oXWHk%ryZ8Ej`bitaFT?2
z9X6}j_d(xH85K}ZK)zaH4Gh)5HPG4y@Q|Ld^03-M66Uz^FPaM?$Tu5?y`1MYF#2%A
znk$DMti%8$ANZ_(_F?^K>JOEP|1y^YVKt2h&cxdc(3m!E;5x$R;W#4W5jaBNA?GHF
zpCm#a+gA!UbvYVx>LlY4@*v7d^kL4)^kK?LeMQenf2GOEvmC<n>fN5~QT?uIh&ny3
z2XnN)0e^JV3xTum2Z3|=j)?QzWZdh>qkqni%lt?Lq4gXeT<v$ZgTLkXz4l7JW9|`h
z-3)7hN%QNv4N+vXYH@<;&x@NsLX$JMxOaW)zq&L$0R%l7Nr!DVEcZT)_DWur@Zhh}
zdS+dv8ukF|bS|TF>GJ2^%pcfj2mY0GNc};n;b&^0kMa_lT1t#IQ0w``fR&v@dhFq?
z(hH7h<&H21xJ|lH9d*OSbh+owToG%SZxE$SWl;2r_Jw+@g9k(5A_^_B3+n9>MK*h?
z#8uVe>bl)d&x#RlqTm_Sx>{TDZWHS@{6VaRb=vLvKN^Ncx}c+Uv#f~j%6A4pB}DVj
z22mt(R#PzfX#J691a3`K6o5jKB?2l&zXaMJRK^IkfJS|d&8pf`l8AYB{<LIz4HOD}
zxOYB*^p@ErG|%i3=UmU#Bjw^P>0g$<uYCD8QAYEGli5+HwELcn?>x-EVba~jF8ga&
z$JbiaE}UcBrGAhKr*O5pY2f*=m3z|Ev;h~l8Lih>es#E*K<5xx4tV_vyd#3vPy7Yu
z;iR~DD5kqNpAcgbqu-_L=ppt-o<TeoDLwc=&TYWt%x)uR#hZOHGtAdHIaPC0zCZzA
zlYhZI;*Hhk=K44?KP%67eko72WB!XGV{OAv(%HiZ@9wvT(`J{h*BO39d)<Y)hmobn
z<9+VwC6d9#B|(W3H~pSNG~RcY9PoBpNC!9E?`uk~j~DJ9TWHH09$g;Xf<rsS&3DZg
zm($-ia+$jM$MQqmnz~(V-gH`=XuJ5iM=(?$6rw;}SV1<$dIeoctRAfd6_<q~=ED$6
z)UI*teD<1c6`pJKL_JhO+Hf$N461s2s)kkF^+4KQpz-*-L%P0nCQO&fcnDm&T}-=K
zxB4R)jy!RCg)}<T2`M=a&Hlz+X3*mk&PC7KYtci+&+e0D<hRl&qXg@Og<_Ald#G+`
z_H~6T)76wG2F1?|jYtKajk~y)G%DhuexSQ0<hBDB#-~!?ROUomFizV5X$Q_IP_rUr
zN_zpG1c)6s*sJRZs+tP3*F~~h*4-w%p!HPmhIO~%2JWo_uR|ZW1xhmp7G8p`d;AG|
z07pQ$zY2tr>Yb1bkNiDDG6wW~l|iHBgYJefC^xJEzm!9X-b_4m97AcIw60Ujxdq}@
z&hPSQd$w2L>%ICSmKP8`DQdZU(%Nu(^05a9cJQu^S8K1GR`;%DS0k<~xgj?nv4Jp~
z?>pjGHcucQWZ&Ihth4+emal5waz465Yud5IH-HtbJmmR2ta3uRb2Vft?G)eWLXUGy
zamNeZ3oj?a;`RrK4`;%$KoV__Csm@c3b8^K8<z1uh*AYAAwsdt$m1nEK2BhD(}oU@
zvR$RU^AEH{OX)`z&?fKICOXeQTy(5Sa#lo8wpy0?0dG?4g<*1T7K8Jfn6X>Yrm?an
zRELqJ7db{=Oot82ASpu2fq4*u$rMe3A7T-Z{Tk*BA)x8z8Ydg&vq9tO72?g0;KLvP
z!@Quk_FXyG60RsD>gu~Qz_D?!wpYASzoIqhVE4Ye(Uwv6>xEyr$%eIeLsO=S`6`Sn
z7`=ORj4faEo64(9R7sE+dCUkJzWi$@=rO$=xsEGvKV?02D10~+X-;TXC<^0H(m3BH
zpU(JB1rzS9Jk(DKMLK4L2tEMz!-)Fs3S)0e`c>|gFFt_!)^Tx&?kPZg6!fNcdbR%v
zo-5{jJu}$v=tRWud==!jNKWuPGc?C(MsRkvZy8NzD(8>Pyx}bRYWOPZq$6EE(~u+S
z(yZ~if|ea)nq7L;W}n_>(;vmZqsKR2@xDawZ!`*FkiSs%zEt(j;08AKGY7BP+Tz@7
zNg;RV=c2PHjDcDg$8Jd(&)0ZYI<&E+t^$?nyl|JhX{Z%b)26XevxKEyxwgV`h837X
zl1P7!d(Gux3tp!5-eZ9w+LEH0^UN8VLdsh&=9MVH<>n5vl)Q}d_H*2f^UTYYul>&^
z{@E2z2RzRQTUp2O9_|~a=XP4>b<{$Q*-Rk&`S)=yixH4H9RY9eV{K-v1bz`c<7&yH
zc!1$pY>}qlED^zdu+B(ABcW<74pXLEhGF2Fd=&qLV!5(DJ@Rt}X=P@-%{ipU$$<yF
zakvn<RPw~W@Mcv4x^|1H>$yTjDRn`6g~zysA4)br;e0qx`6N?Qy+?<{Ct@g}S?g(6
zhCJ@?d3KY(32)UXH&{Om`{)%VnqaccQD>TMMeK$tG~TG)TRS}Y*-=@ZG;dtr+4-g!
zUWC^--n^b6tY5=`o*?f-)~~?{`X%b!fGn*y_b+VRZ}4k<(0-)^ed7)RGIlK^JJ}Zx
zOfU4@Z@S&@g^hzGTj0_lsIxy58@Pm~dkISkF2H=NJ>_|2cVNE7p7Qd{cVNE#-pt&L
z8_)=_$Fj)c3^X#?V_9Nx0UBBF)z8<v1C1>A>c@Q7zXZg@^=tG`Ed_b3LJ{0|ujAS^
z-DEp`-3#8b*}HP_xDMg+&+gkm`izVV;J{|y!}47xCRaXI?)vIEYH?ljkwfqyN${Ec
z(M0gUN$}bA5l--7Pw*-HP82qymh?-lMJHfO^C|?B;txgl``8PO!<%sXjnT1D*G_-q
z&DQBw=T1P&jqu1&iCVvr{U67dD~GAirkj8<vCiga;Wn>N=fnA&vvwJQqxHRTZcLxN
z%gx?(bqLRN+tBS!E}?|i_3P)hz{{Qpg1(HntEtzHo!7M|aNh!gzJbxJArChoO5=@W
z4+u$kaWvz`*x?C{%fBT1^Vw?cZR45PVQTExA>JSGFHtj|1idj+?0GD=X*#}Q8cB|A
zBacHx^Sdbx+IEBZjOjYQY}jNm$|EMFjGE)St~xpPHz(RTEcIO4zK)E<El-Gy#LZ7a
z+C6}q7406Y8(!@mN}YbY8^1=+k=?rn&y8IT?H=QsXYC%k`pqU!By7hC=+EXS2*%CE
zCo#tVMcX?C>DF!SmdTa2ZQHhO+qUgDZQHhOYo%7&wz-mLe^s^rIRCDjI#s74X3U#$
zIY*4%=jczgw$u7XOuLheypxX1pMcDt0>__(%%6tLpU5kaip-y^kuL*fF!9Sk8p=Ql
z%0LEcR|;xZhF(C5C7}5&Nb{4v{yXjZJMsD(?V8rGs1Te`Te|?t7{+yB1*EQyuc#H=
zs;CoOf0<vTbxz%tU+rCOefl7}^2+WWDD?~N3n+}BVoInAx8@86^~)Z;zO-rnK!`e=
zl1~QJuX6OV61VD!TE!bq<r+}!eq6N;xolrz%^}^2Q@at{=ov8uEheDPxg88uluf&)
z;u;C=6N%qsSk#qA`aTgn8RZ`}s-eiGcAs7LCa3Y%i`I`-^(8y%K;XtFbDv#%MuXPx
zN7t7$<rTH-8_l8InQyI8{B~7ehe62?gO)EAH3u9u7Zf!o6g6kOd}BCDQBapo$=@2K
zkb9s~|5nrBnKAV%nnS5mITc9_zwpz)Wt2n}zxYA{&1E%s33Yb~t)B(8p9O7OtBO}A
z^_0^8l-mEa^8FF59|pDm89iRvt8!GQqDT4pLk-<P?sys9K!ywuI$Y5sG})_k-z}BO
zQT>2U_Nq?y%B~jBeQ_Eq{o|8jz(Lh-ul{YV_Ptf~=~LgeQ}yYSKZ;QP;9q(QDm@30
z%C|||7dI7-_Kg%4@aI56sdM;XT=8#4(oc!?Yf96tmD^X$!DCI*YtF%I&%tYOk&n_s
zZ^_lzng?zw0nNJt>Q}k+w}tfgsr0u-)ZD7{H^;@h&gd)8=&8@>DMWO>;Bh><K;)DG
z+BZkokDlI7Vck#58<pyJ>A}>l^o@Y@?|$XDv66f?MY6F@mC7ecZaTS(awA=yTxpT1
zg~d`_xlt}Um4{W?=zJlww9&aDW}W-##y2k2ld2c5s$PZ3#*`fU3vPq+)$M~*rFD_k
z%gT+vsayKe_6Ey!`3Fk|FZt|(|7wCZ;FMiM(0)KhEigvQ75Bp_`Ng6X8V^*8-cqQ$
z3ZoFlmL4l<)19<&3eU!>-kqxad#dtH?qMpo6jIrue!ijm1><n+3UN6$h)Z_|rR@dJ
z+eP(OsrfEa`a`02l}GFK?{&)F!chB<tG=K|>xJ~{RX>THcWjin@>|Wr91`zElg~p-
z@v5eVRlPb!S5>@1i*(8_;#=OxRPjse;#ItJE9>TzKj+l1Re6_wt9|}fc|NUv|JP@S
zS$-B{{<geK?Zcq?Vo+L5r~Xc-;!m%3*Qj`qR?{y%(yKkIQ+i&d_FApHyiEPZ`ST1H
z^%GmQEm!qzK6;C;7EoQ)FL&Rqr?*@9)UR@0eNg6}e!+mo!S>&u){j4)9R~Mag7;pE
z_v>YEwi?&?%D(vOtMQcl4AHo=i~2}XS*5*ISH5yP^{uOD-*908D*L<2p0c0x#mFrE
zG!>tk>mQxe{e_FaUF(lDDrG$x4~dn=&I6vm?pFB4YCkt>Ki|Pya@#X^DOFBkXUeZr
zhb1$yn}=e(|H7w*JEHXa;k2!tGM(5Qd)zdq?)Cs>+xN&YFmz=*G;w{-ywkvciCx4-
zXT*N)fX6r5=48IMKG?zB9K2E+PdJhIYa$6yM-r%yJP82HlKbl-2~b56v~w}Ikob!u
z2~b4lH@fMciGLOm`)eWhTUOsk<J{Xsy}?O+X3cuF;@odWz2QlHw#j{l<J^Bly@^PD
z_R0AIaPBFh-dLnQBjtLwV&7!MK3hq@7s+o<#Xob2zlD$kEKoSQkbY_+0#Zi=Hggvb
z#6QD{zh#hrj8Hs0NWL|YeFTwzY*2oVgs=9aIOPz1I%*%e>_^U{I8~6#H*@GX4s6A8
zXd;{K4$`+H=)`guBI&Z<m^lveqB_z^Z>-|E+k=kIt0O*S4*J+nWjPLnqB;bT5t_Ju
z&cu7NiSdaeJ(~4AVsM-yiSel;Wo+42I*|}GMo38S9kU<7?MI5y?(vg6TjYAyV?Aq#
z@fjkQ%UXr<*HuQkjb%xk4V0=a7V(<fyvt}QcaAa}*I6!wI->`8^Q>a<k=0N}s{h99
zK&@(_CI7TlE1PWdHDi7LhZzv|i_l*R0tko{83@Sae>e6*+`;*O)=RMdn{^TGfvbk~
zv(1|^>%LK@^By6nW2nuZ?V3K)W~oeVXDK~HUTbR!iL^R-CC5B#Zl0SdhvW4o3Vs|L
zg&>HkC`#y;U|*S9b-MPCYQq0@XPqowO5WL<mCM51{l+6;_tt0Y_Tyyt=kJpP5ciz|
zU|i3EnB`dh{g^5*^G?^poc%Cc-e`s|eNxLl62YsC&5Q?yPi*PcXA4BYzwXFsw_Pth
z4L4xxxvbOT$ij9P-dm61va7U5&GoBk9Kq5MR!3y5=v>y+`%e_W8{l5JNjxFde5H}<
zV@A<X?sWp@(P8ncM{#puV!jhz+6sK4AeKfQmZu4(l6Pjja~v<)gM}5x-|$x(8PP|M
zQ#w&<Y{~d|^cJ+FS{b>_N2_lh;xBK^H51r&+%`NO&LKzAOg@v}8PdCxjVvwAJO^^D
z)hkP|Ix$fAPZ^`ezv17M=2#~4ew$uevbN8=p--wXdX{xH>PWD(jVOhK4fEL?{PETv
zC*Q)B0Bt*uD6EWhzcsXkB)7{a%Kyqgf%9@z*`b5jx^$srJc0v^I48m4JOszTOZhW&
z44DG_kl5Sk1Jo4CfewVVy6Bi8v2Tnk$}t(YvSI}1jSL-dJxmCOzuiVfMUsq~J^g|q
z%6T6$FlH_!jb4AX6vfJ-*zlRfdnUX<Bt<tJh5G7qc`M1jlF${fz>bTmV*$v7O%QF0
zr#2M1VV4kMmO&-Py%PmWSgFnh%O{!{m~Bb%L|XUGI4N<L14Urphcd?R$hiGw&aKak
z&opNXxu%<C1{>D{VIqscn?=`)_8Gya+|9SB_y<Cy+8q}sQzu(PV8f1>yKJ1T=<g_F
zyCqi7j!E96abFLC0o>UK=oAc3>X&o=&RQvQM>jD9vJhBFGfH>|OQ<eWHz78W$!nIh
zTNQ^L(83Ir?UJSwcv*A{P+bns$@RX-R)0j!P{jRG3*BZv*-S?ls!Tfk3b8=85zoZg
znB=M3$}2Xs@XNQ$w^(i(EYhTjXPs?GdbO)^)HMCc!N@}J#pN+sMXhKjj!o~&W0=VB
zMPS6Njhz3aQBpH0C5<-6Nq|4w$1twRh@h>ES(glLSZ?{+{b8!YeR1P9DVn1#*hbfS
zErMIPhdT;G>8m7(gDdKbXChtQcw$98Bh}C=)IRx|j$eaLjJzn~9%Dj+7%%xp|K#**
z*w{!K)z`YkVpchyL|(&BnRQYQ(Apug(-`=xa_VU7e($lbYFJDv<AW~h*r=M)r!~%s
zbErDBYg^H)qvH02$C8MvtA`QtS2j!z@$LOmnMJmV82&KVP+sNNyE|-m1*6zLGp=?a
zb<G<05&wG61xBj8nB=gB+ss}K<H-jrT@8WuFhY6^6m?qSSTxhVgcENF0n1if)FvA*
z&bZ53`5_fAUB_39x4mkY^aw`iRWxjD*~3EbWxl8W7>%6hrP@Z%4zzSCWl`%FZa<>d
zql_BZl3I!5Z&?&&ZNgFv;?X-AY?%~qK<^|Zg1F^7oIefk(=WLi8ui(B)a>0btOWFE
zt5(e6+jH6-RiD-SxS@db2NyCMjqr&5_&=^c0%-SsVlQ(SKIC}TRnBm1r4ITkumOd`
zeWZri{K^DaAt$V>OccSdOut#K-gO=4Q;QHD?)BTRP~&{^WQM220DLk7zqSRXa+*D*
zP$l8=E2xYEC9_a`&k3>1662;TMwsGhWa5^KLcH1HWZr1x?uQ(il)GJ>tHf+1btigi
zuI~mPo-kjBIPP<FUTAl0q6xh7MF`B3XkHt`dv<`Nokp@QM=U_*aWSq#Z{~!@#s6ks
z)b=bvCB3!}eempm`8kc753Q5dA6z~mVb3@e`pAImbYm;qU8gtt1!$Pam{9*fxwo;x
z=VQ3=@E6-eQ3CNS1T#bg<>lEAU$>Cw-4v8_|0SJRUfR@K!>fWUm^}Ysti-fbxH^|@
zrMS70)f@WlwdDeS?bZ?ObIGJT81#qtM#i^uAG=H9LL^8RT;g;s2h)i(`dV2*BUTI}
zP6~bXoQr;2m2fs^=V@;+VNl4M!Tp->*E(W*Fbdj}!FV8u2KmKejvY}4qp<^|Q$%2C
z5J(Xn(^{r6ns05e1nKKB<|dlB3#hya=Ljd_qGVELyxQGccSI>Q<0<{XRNMA|`SS+;
zq<-i!dwkJ=s7tbCCeaXk7t9m6@xmPa5D$YNVu%5X72w^bqJUO|>h4e3(DF7j`@o8-
zv4Sysy7X42XK-CeB!!Eb(FIQ7ogVY)MB0c)-M-J)$TNh-{R||Ng5H?IiLlrEQSEy9
zKr+VO7mUsscYMBnIo=mXLdD+S?`lu`(6&C&5i00<H6+V8cqDhJAD~DWPrsvI?C=!+
zdV|>{828?4FQzG1o6;``{|KUNB~q?@q+b-IU;fpLS*Bb;NWX}XeFP=NM)o01-H=3w
zxd!{X7}5KnrHfNK=If8O&XrJLp9kod-RvH#4GWlNH7P=T!~FM3p6NJF`Sc42Xb<WC
z2Umr#t%Hfp|IJmw{GYxk3vMt<P*mzE^T2ad^MWQyvCy>9jY3M5C^R=&mU_E0R;*-M
z;8#D5EshcJS8%#$v%uni!>f8^&y!wSrV9Be7?QU>wr}ZgchdWRI^Q4y-8v=`TCeg<
z^OrAC-#weg+iHS}r6gFI^;Qy1wc8(hwpX6`hp()DTg5Hen*IGv;+4%4XO#Ig<=REp
zoxf>qKHv!3PGxcKXQkodCBU&Alh>RRJc}c22<zhalw<xvnthy&IEAGS1I<nJY7JgK
zGDx3Mw=kF7-8pGDG!1W~%FHSoq9qK%tm+Qs3=5-75_xsF{SUzk2dhdgyaJ~SV$IlH
z2lif-kZULRuuBGzG~84|Fl7p9q`(5&oxcyD16XzFV6}}YhqnOBZESA3MX=(4=7BX=
zT^eQ-zc{vQO&>1;rrS5$#CKRnF5rK;Jc5=d^O}WH$VA0LSN-d>VHU+wmy1-<3lG-H
zzz_oehjd*P)q=sO+R+Obp3m*V9~BA8O>KmxZ`YBXLI4jV;?AQPj)^HC3s8P*PP@x7
zG7GGB6MB~;o~f#WsiXEPOB1e^UR9lSTAt)9q>hgrc`2c~lWCL%^XD3tZCc<DKIzc}
z!T_gMkEp089SB?tMJl$&t40^jG4eOW3TwzJ%#o#$ggj!CWUk4s@m=h)JK8QQrpG|u
zY}U?0MjYZcw#@)lC)gd{)~D%SmBo12vM&}##yNehNZPsHj%R3Xu~7+P#m`YrLfwjb
zMq)Jt70DFZhe=kDb2gx$N)p0XT1krAyd{?yPeAUoqK3k#y0BCO&o<+SA}LB%>|XX~
zRWR$cde9>)Mm}4?Tch6UN-p%r<_~S?&B5lvw8uV=8qfgmqrOMGO7QhiW>~P3-+0vw
zuK{gKn~TnpQ;2;rJ$BaoKL}R38?oJ?GIX#uWy|HlmZiP4_#7CvRr*s8ZEGpgR!v>&
zA#GTaMhte8NL4MXXO#f9IUay^RbC=Hz<_Ov`0)m<M2zrq;dcUo4zE7}?Q+~M#Inr_
z1e)svEq(z#vG_FP%X1JP{TcyyZij*CNkK5Ac|_Vbp@?mj3w<bTh;md!PLfB=?gvVW
z%>15eK_N|Wc%jUmQ57`jOC-j2QRk8^U(K<OY~%H`i81|e<>v*F`x7MA2~}o0w{8uI
z%HV&sAUBJOkPZtjJD%$EFe0L<TNO&jCzx#3EPo!XjUmQ8YP#YW(N%b0m5tXpg*dVr
zuK0Sz8*|qycIa!v95n|?8o*VUzRD5shD=Px`eaoLER3%NkOmJulZ+Nfnc()%A@hWk
zgQA1?UU20K3bdaP4G^0c7Num9nY4MnP-dn*OQS4%rN=v<vhZ3v0)aodcMvlJmJsZO
zdt@cU7<Y=6g27BQkzgVufcAJiHQqk(j}Q7`6A(!A5zP7(Ql37Ct%IMCg&COKZvteq
zuLE)wQE}7D1WK`UC!UTFjeN)EJ@j~XF_IqBAAHF6acGrZ;K=JT2O0Z}Gx*5QiF`#Q
ze3c!R-aCVDMS*>zZ?Vt~&}^G|7w~#~($yH7dF(ceM3&-VWyS+rwdzthiynK<!ihd*
z!=dUwxZ+lZ$MaynlvVFw{A2e}e~sI=DCxY)f(h)?<}QW(9JJUj=wHm+id;_JyE_rR
zDg!1rp}+LDUh+j3)dyGp(u;g5YRkUgJ#;vS|E@Q4#V)lAc67^pLj<ZKG4`H+hen-w
z@>lVBR^PDQc@OHxe_dr5iCPb3neP4;?|&)IQ4HE3KC!QhSgq%e&tl7_v7tH4+-+!R
zdl;~~^<@!V<x~PfFGA;t5<%Fe8<KmH-`bY-Fx$x`)R0%eFqv$CdY>tA!^&J!8KJu;
zs)<@r`;2@4{qV*`i#xR8ii88PP6(CiRc6iGKsH>KW|(Yo!MnXHXanB1@XWq-lf5SR
zAZ!AhDfu@;%$CY{(~MQh@I2(;KKB+BCXL27A{Okzi;(c5coxn{eWZ@~rZ3QEiV441
z+*nm(PygzXY2|~}_~_u9_~zr+z9$j_Y~G+q<vUFV9f1Xpip9O+7os;9c~$iY<P*}#
z67_s_gcuD^^!HNUk5R@j@p3`{n%Gfqdx}<;?DuA;{#}qF?*^{hA{j6?Lf?RMeL_Tl
z>z)U$6`6m${?K9W2)jSN0^Iw<Qz`e=Km018AA<~$RU%%WOjhlBLhX^q+VneFipoAw
zQ>ushRK&B1OA^`_V-V4~J<U_J8D2!c?ub{OxdTlpcb9}KiGR4(A4*d0RtZ;7R3Duw
zd`d~zkV$-0X8mbR6s5MBu&4&^WL~r-#i-c?zf{uiR4B+UpS*HDmZC+;zVaWWThH`F
zIs|P(ccgIMF#db(^)5kLZ3YGca{qtBxMun{<9b>ihY6MMx6Ke@Do1IG1cn}BD5I-P
z=$|rFBDrZ0(b2_BO_X6nl6Z*3erlWq!P>4H3AJAQiYUnJ3X=6ze*V`SpYiYKj~9qQ
zxgIE`Vc)=2BIyhSrBUI)Q6L%E*0jYbJC+oUED6}uwsUDfqombeGJ#7;A4+a2qU6L#
zF>lhEhYyH`18-^*AQ2M<8>`LA31+DYaZ}qN1v!Rk1u}&iCJetksO{?vnLZuc*Op}V
zwA0^f?b$jddzXqk#IwD-(k$Fa7{RCVrM$|SB)=zuq+1+2$%ev#g>5L8YVDA7zG;%6
zbML->N5=Hd-ILrkSd^ZjZ?}K1&g%dm$SIDJ9|RoT16yzC&OqE<bFyU5kD6Wimf#w;
z1OvH69u43c7o6;C|HQS=dIcB+v`$UFu0-`Q)CW1qGS(n?puw`tvClQI#~`wwr7rLF
zGs98m>Q6$}a*BB~SJdqU>Maz7CY)#k`;Sx3#`=JaGDV^7{%Z7n;EDRK@eg0Thnw2X
zJNofWF$kE*r{z>RB#^T3E{L#E&5PnS80npXHIIHnb^(8nI>BHSHr9x?zYGBS@0(!B
zZ2CDG83@SkUps*1f0ZrsfAM6ry$p5LmIW-BlQU)YH(irj<TMIIvgH>`<fax=%g)o-
zWzI|BtOoD6y`;)=XF@p`^b*7rg+#X$!O|6|P|=jS1X&7Er;MlRp(%?Z2q7thBW#KH
zxNdhiGD#hhq&|-0J8!o?cuw=K^L%dnypEE)Z-4_k<0c`SO}u^nwrNWA_++c^)QuZ&
zdZdmoTVAHE{eCF0#BpQ8c8EUD&ARy|syRbis9C*I=sr%DrATXi)+p&!!DBzdJ&a-P
z-P6OpvW^y4A<l_jEAQS-1Y;Cj5>>JA@}PF&GMrYcJ>eJvQ)qcNVipWUB!J7t%J;8B
z%q?pH$);AF1PN>_R51a!GEVFeu!F~J%ssSb`pV6>QhNT22`l%ideJSF+t&{dP#E6s
zii15=QDxX*uI9HL^*)vcaDy!Wvq6Qwi^ldR_c*rEPTQ3z82Msec$2l4yJ+liq{F?s
zOApN(8V-tu33G8+Z>&iVFt$~ty-ZIcRj9hk4#rVqu&~(CMIOO8?XJvbpJKz){q%tL
zR6KfUYIKl&8joXooiJHRzJV?Rxt4UPtrIFrRP{ibcD7ANH&R%KO;oPJqDnRYwxMdV
ztOXi6XJ^GUl&d|j$kROmVI#Sbl9!eiHT9QH$*#MsUcI}k<!s9<_3>0APhDy|)djH$
zBdplS1WH)_z9#mFBB0y6fg{97B-y@_GOu-AKj?;XP6eOXH|OpceP0;7Y*0$yabQvl
z^&pTj{_p!2QQEpf&nG%V|K4$W;w8pHRqdtX;nC;kffiLA3O3DNxJu?LY^Oal`ZU}q
zq)CTQY8rAlOB6)-c+H?5G*|&ChPe>c&{p9|Yb*^%3X!J>Dsyb(n4VtACKme=yz+{A
z92es%%(3FXj%ih7Nw!j)lf>32yKT#G15TS_5S2Yw2F`t0aNdMu5%m1}Kn>nR)XoE|
zMvy2^ZkZsZgUTr0ad?C*n8G@SsOX9O7pEFQHd>4NIz>YeRHk$_NcmzCS<~ZIlBxI>
z${ZpV5<T9Qu|Z9a(rmaEAoPtx%@%h$?LO&f>n`ccn53-2Ygy1!UqfpZ1yEC=IKQbs
zowPD;?R7Rvphi|sc3myqjKiEY;lJWUqyb@-H7hoD*t1B)7WL&s-4*P)8)spJwubw-
zpCULy-+^pMs++9fSz;Y3$_A{&j~_Z2dNP#A(H@r@x*R#t4W?&??cTP_iN*nAFsDK=
z!Qq|Fp^z5lBg-oQYFndYVOwB|pALE1S!j+HpF&XW3=Q_54uu$_QXFFaGgMf<&tw;4
z*wfB^5Qa0`p{ow8w-f<pJ^U8BFwrxeYNp3lVH~XqZ8XRw7ENx}%@@W}`#RjQawzC3
zSmCZR><w|4PBIg_MTgTe*k#uF_R?~4boUSpqtStF*{+d|nG%^#cKXD{6<2pL)DBf!
z)BNOa<^CuuIddBFX3KtD{<(#3@KCd1yAf0HpLun~J!qoWRLF9Ie4=efG`b_P!U$S^
z=gyP$LigqQY7m2<%9(HMB=-uxl>)n#5L#K;jp=k7J8O@Ty;?S|c&*2-eH+!S1Po5H
zy2jSu9DCXNZ``^vWLCSDcC;He00)&j@iVJp?DLfwVyjq?-Jr`}N4%|q0n>~Tp5<5F
zlrx+(z9nX*pva=ja9rw6$kO3;9o0JjW@k0S_J%7t+1i-EtUqxyj?o3*OsPT9e0M4<
z9ptfN0w%Ez#liIsEr2u|o{tj@$c4k0K9q?0UfjYDM0xDGK96BwaPeVG_Qzb?3MJJI
zQ{0stLsUsfnP*~E^NzIP7UQqw1I@w#BB1~d7<+rtSIPtk6Ri>w+C@w50yv7K7?Xax
z-iiTG<0uHUJE$><%=-*j%;q{@`ukVB-|y;$AP6vH@r>QPp<!6fn-v#EZZe`WW-lFv
zFQE|D6@6-la^7o(F%bT<pX0<isZ2lAy}jMZQ6(FWTavklR!rk8kf-1MVP;u`pLib+
zTKb&Xi?lhXp8KDLyF*&&(PFHr2M=D{oX$C+B1XlD)EWpqf}M1E-fNiTwb90&l9CB=
zV+-!hl-@}C2O$FnYm5BS6{cqZyp|8|z51<G2b68A*nI1|)v&=I03*w=OFhnxA|U}Z
zr~Iy{V+GIIpV`sw{?wdv1c~;gsb>v%%JmXzEH4P7Z>QTX=pGW*cMt5?8alJoga{7{
zjvfh%zd^<w`yu|lAh&=YLNu#818yG-2YlKObDvkaAcdYge%~lYE;Y8XcdSbc&9L8y
zw0zu@J=(3D>$-NwY{Hd>9qTo9Sz7G9(A*1Rz@h7qhoRA;W0nz9hthn)HurmXGe<xq
z&n=lN_C|#eE}F>Hbva6{DwhEkBwh;{Rqab&j<N=(3kL@cS(#dzcA}JoQL335fL2MG
zq4$`TV@OmAh(pb%M&%ZGy-hLTL}IV*1YbbxQQN-3ygkj^I>iZrj)m+1ahgw&Bo(;|
zIE4$Me}qcK-ANVQv8sWwPf*fHPW;jxskwg>NEl<>1Gv0`OT3YXz{!}36_TcK<Ywz=
z2%Vw9-ll#B6(>q`FDIx4)R>eK8g0-quc9=l6P?<A<fv84A&`o)1~S9uBJk-G=~gV-
zustM+R3h~6L9b5D$nu4{rM#|7SQkZnYV_X&ESbl?Q~l#KRJW=f37xb>$eRQg0ll1L
zVZpqjr!DNow;APo$h^_Trc}q2i<M(H2boh3a;8U)Tkfv9yl|Px>|V}mZ>nuyzYPzS
zIbU!v2^1uh6Q*kBfd5kEynDkOwCy!k@|L7NC}U34HQo<44EdM%wV#1k9{FvDIr(_v
zH)1*7-Y~QosDj$>jNffsdHmH^w9WoqcK5Z1$Z<zr?4N!|W<}c2570Q+HkJR;{efqb
z<ta_Z0q1yJco5-DS8W-K&4}0vN+RdLiw{%0^R+c{PDS><&%&0!&t@9oONo%sfh}et
z*%I%YKu3UXi<aV1CU0fN^l2o}LW3}uf6y9?AiR+!vWJmamV6U_NFMiAZIIccmpqtR
zRM;s_FJsERUap^bKWPr$w)7l~+~hiuYeW04C~N&?(pA{HBHG<G*+v7fu)`nydo$WE
zkKj@DUU#HbQyA?K-4QC<w4MPxgZ4?Q?sG5P6On$2ZFDcAxgeuLTc<Z)D}G>g!%M|t
z3KJNdKR%uL0@D(%)k4I*lN_dNUcHyvk%(j<&BTFKRJ_sCUBoL=jvK#RxTkSvEp8xE
zImBRJ{O-qNl_>){+O|w^Utd?{P*Go5S5>>Nx~#dRcsuCe8TkC?k777PzZmd(m6BA2
zO)V7_`OV-Z;#RIXesTIG68WgC+TRCKTk(+J7`NC2rI2@ei~X@S;NIW-TAoM&HjN#B
z(>?EgAPLdCAp%4L(cCVvvvsOg>Nf_W1<nSyNh5Q;A<N4nt6TC7Ww{@*YXt}E_gB3F
zKAD6^Co((k%R#638^Oz~TkkFOd(a$6Y~UKVJMJ-#%%c3kUzG{>t~(S4vz-v4y#n=(
zK*ge{UGrHE;*C8KeVipDz@YN>V-b(T2MGr5=y^wU4z>@PN@k1+1?JMAewmSjBJ7CV
zpd~Lb8D|(TW$i)kj8pH<5!}R`_JkooLj_RrFQiIMl>`PC*)o<w#4D-dotlC1)0+E%
z6>j~e7u6YSF$=Ncd&5*K#M&j;M=>rlAj-+HFC*Ou=`Xv=d~tkDF??>})kwQH%*1@!
zb3j7R8CZtmr^)!iFLaiSUR(0HLr~?xe?>#*XE6Uselz5@beGaIm$@DkuxOK=saEin
zl6_7$N&^ewdxJJ8%AH5!?4v&Mk<$$-M+j`8<$Y@}wBvcA!|x*kdy~N4B<Hh{xE^dr
zoD%mujdX~{`XRefT&%S!qe^DQ|Ky+>Me={vxZ`75_&Ctzlw^}qO_M$vL_kW*yTicx
zl$8B4;J%KbbSQPc-=p}d&7RE72A#>oqpZzd$*0nHHC?dhBlPOVqpyOOtnhACQNgvB
zK8mvqhcL1xXy7*&{#Ws&G1*>NLF>X_+J<MK%LSgfFaZc&9X$fCTEc@5+T<l2I<@AK
zW6Gg5nxvS_1Rl`1ow~(5b35bl8!aOF_R2C<ZYl{%Y^1<fC5cL%RL3sJ+mJnpe-jn|
z0TgTdd7PrlrSs|EKRcLZ7^Gxbs^+n@aOS|mJA&9HF^1*wCJYmd{r$n6Vb^GjvX#iZ
z7XAJ<Z1ZAVvGr@34F?J2W!SY-^g)ZU@ZCB76oC74a(7D9oNL>r&%d2TXLoM?QD94u
zc8${HC*3wT_2RYON4lwD_5rZnO}qAK`jTwHH77k)Ui5&L1$T`pZ?_?ee)<JTv6r$T
z80p|G24em)WDB8~9XLhesEv?wuFK0c?@U3Pv2~=&9F~tRXXTuCL+kqRm?TWm+X1cj
z+0-&G#;_i?{@GN+*iGe#s7~*Q(fQZUEwS5*AbXK1sNX4(5C~5Z)TW|3qCZz99;I#Z
zR=WZXqzGo~4}v2KRL6kU(bKXTn6&r)6)h*&pd1}vgHurT#Ih);9NLqM{OFbb+Eu~e
zV-{!-u?9lUE=;Y~08lKjos?iWSZH!!E$mtvn5(oPD^vti0S(kV86iE8U)3xq#@7vc
zRi?r(*X)ZMz;#22ab&*x5Pj1(X$LZW=v?qL>mX;5t5D3R3vdoNcMgJ6M@$70eQ<Q?
z+)8p{M@*hHc_q!Wo-loPjNOA61=qDq*-~E*#w&R#mc?%lE~;5mBDttZ4`o<gyHT)T
zmFdPHFerD+Ibgn*kh<+@TW{N-cVB`kz@LJy%V`;U0@PN-OuigRh#Zf@_}*`kSb}{z
zkNk22bMXV$>YFeh&4qP;M3WLca05e1$=wi;wo?O#dmSCn|IG0Nz0R_K++uw7vwp09
zK<sHIF5!Ad0Pv5)$ItdP`Y7ZgZaKCdQJ+6oPzy2qZ$Vi2XEJ052;v9w8zzoFTtM{8
z_Dr8>W+J-ukJDFwB`EKa@7<QQ{BQy}z(wtbQ_BBHO&f4J5M$Ys$6CcjIyRah>)vvr
z;k(TQV&IK>K{^cgmw+-9jqH`U!^vso2YP^p?|qq{8of1eRg<1^!xFGr{N;yd=Q%Hj
zAPUkd10pa(5-yMq`Q6<+tEB}8<x0V*!HFYRDbFlo;<mV6tu&})epWlSKw3$H-~@Xj
zB}JTa#i@$XKw4_MKQk(22>jQ0H!$;*!Xhs}$BQ3*Dsz0_lk2h56m)FvkPv^eBw4u?
ztxzv9r&)L=^YkcyDw$=L1hzN|6e2NgrrT!#MRJeI=e4-M?Fci5sheqD*9Yi}48n=s
z1tO`Hbkc}>p&9=W)MMb{q<C*@6V<Y;M;t5Ghc=j*HXV$g%gntXl=0)}EyolHbrOv?
z>Ld?`lInVNDc7)(i^QrJ3e1>2D)9Lrm=*?{f!vQXW8Ih{g3IOYhl;c&LDi7VQY^m-
z9l<aa3V6g!la9!QY(z|(u0sx<fxz1nybibIiFAXS_NLl)5<}~#Ivl^Q@w9K^pl>YA
zH&U$6{cK;`=SGJ1#;xs0hVJ3LFdXNqlcBYvzM0IxJTaf|>CW5dW*Y337}mHLca9|z
zIOk)3PoJv`m;)ZacMjXG35U--HZNp0L}It8$U}vB?|tNE@Ue#N4$HO?YbU8>ECKg-
zdBq9tIlOH4Vn~+QuK6^-Eu2G`iXEU_`>K6iS%U5&<GR5fZhWBuYsZLb*XpnVzvr#3
z#5$c6FU^d8?P{O}|1)Rwi@C?w@#SogLHkLAG&gDLo7(1u;c%IK*Z}R1exF0~Fvt8B
zudmzy2OmK{7VO)_!@ah3*2DegpPc0Q-9m8`2fM$Xplmv$n{B?I_-st~E2;4U1t&?q
zpG0gNQRWK#JCbtop4|ql2$3gD3%sfE97>N-o<6a=FH%enV|<f2m#ADE1P+DUhIFM@
z`M5(m*<RIWgZVJ6y`TLjldKF+)I0HN5=OLN_#<Bu5ysa{cVu^Qt>Jes=ES|p$_9Jz
zSFM~^@_-rEr3+N=k9)^QCQP|sog6_3tONtY=x=yDcS=zHl7aEsd*jyw@zQsPAfFZB
z@@ql)DSNw+cge^zKd6kDpD|!R@`3q{oC0<b{_?>;lml~Gdk|Lx43c-zAfLhDeWUQ7
zO<+H2fd*{@8f!rY>3jV!cbDjIMm%@f$e#+p{!1VPO`!cGgSXIkJm_l<5Z{8qKO_SL
zntL+W0|YX6<shGp;Qrgct{fp7hOL6};DKN6=&Hfy60&<35*&}NYWa>P?C819CN7<h
zc4^X>(9(+oqkl(!!q`*O0)za~k@P!+bit44hhKM}QpcG6`H#D;7sl$?VsIcJCO9A<
z-T!q!|NjI|HgNs-f{?R?+dtDpm;Vs7wW|MhSrSM6W`}Uc1;+&qN-3s-bi6W5PAP+s
zfC9|3$`@q(f(6$|T#XAR=}ekY)Am-9zP&U!i_e9c2X2>*&!3Y0sgU2TGhLOE{RJ4z
zTc~s2_5bL7?ep6R`2M;^01A0aG@5FPo_t)1QQ?|P7Tav1*Olka%FJ)0Cu7m~8CsDo
zH(YnwQg=}Sm~^D^v1`yDZ*7c3=+(?PEx9>+PdZbx6Tk*C)x6wGXKBfn^<)BRWBnQ_
z>q<Rk(H^b5w$_kc%{ZJS**a=FdGPfU;}N-4riXIC6VY_jon?Dcm2$~pYBppVS(NkG
z3q$^g+@I{W$p;&x8;3})412{o9Muc3>iEEN7hP)J0G~ApaP>}8ztQ4e6d0YaMeodB
zlrD|ge?Zz?iTI<~@+0el+?UP0u0rY6)aDo;oT`Z?3^N3c>KZl=fE3B*G2w(QUsRw_
zI{KN)QFH3#Ggrox%ViNw>zbU;L=o-Lh*I7`?!ju~h*bVrEL2~_!F1<W7X?|9{D|6D
z9c_zb9}cqYQc{&L{n?+?;w~{{$-5pQe`0FE4DBF)N9-cqizRNXs)A{(7?MO2x2A)v
z#-L42BL1{nqfhDxF>>T`VCk|;*$zq9qo);r(9U#56cm`0YUeut$zZd|ZE1DR+=R_M
z9zDC>?yuRS_tunOgdnSOf(=C+mUkBO%t{=$4DQYvDOQnyX9slii+MvboS+O4iYVrQ
z85Qn%A%zoNnP=F;k|?SAVO8U|T}*5Gfnd>Kz6^a6i==Z7!0C@<OSg0yK<kgu5R?Cb
zDJl*@d}R_PXw3q<qYhDy4$_Ez5hGwznw?4xM#6>N2U5m&%&iI@ULzwHA6+kjc2}Z_
z&lFy$RZ>b(uX-PfYN-tRWtTdm3I58-;K;4nMaf@pqT7*OMtZX>(*#NF31>oFC4uFw
zs*nbAp&O^XgTl8InB!zOOgq)IrZlI4m`Uh;Uc)wQh#5y;zeN@%RF@pyVitthI}18N
z?Fl*#e$S#BNkG6I*c^S)pWa>;7iF9avyZ!DzSbZc0h&>^r3j67)W`;gr#px$51l0j
zXq{E19)vUEnVzrn+TVD7BS=F&;f^SrY`7_0uIZMdqdCMYgxZXE7M3ON0T+sx3xpVJ
zpxYp2l>=hfE4q6{9$qikMX2-qv-@1f2^9eIvzTz#F3CHHF4QyLV4WBZtXm8NPM7iL
zgtC_a+CyMK0yg`HBd4Y0oJb$DmD>Ef!A?i@O~B|(2aMgSGjEhEH(g8*a!&=2Py-TI
zjQ01SKApf5Jb&LDlH=|#u@>F@RXUOGxQ6SXWMaaI#4ho%tW{f~T>2Z-J>lyjV3LBy
zWohe0LKv&s_|o?eBEwXMln2{nD$iN5WBY=HKlsKlkrH3fom}X=l$~S>#(GkTsgGET
zXh>u?JYRodyPqW)SV42t&7`L99=`f+(ksB>d>z7RPee1M^?+HZ7r&;MYe7e$7yaV(
z0E@snr6$ZTw1E5<F%H1^-r!!B=48Ex5(l|4T>C&-0@fs2^fT_ArowJ`4%wwTo=cX*
zc+`7HcAVrwF-8rkmUtoX%1Mp19v^{g3qb1r7qc5m$WYY8<6anz;VaazCaU+by-@%!
zAW&`RuF&=!{$>33V4{a~g$TMaz9CIJXh(>4Y#mQ_E9odCqb56a|7)X)liY%8M-}mF
zT^~9I=qyT%T~yxG7>Vt{yv$r2e3E06I9W<xRQ@Y&>2Tzs_JcE>?02Kj{E44WSJMjL
zqhWD7(>+Jmxfe!Qzvbu~Xku9A{l|QB%M-6s+!shSK=74}z^FL}_V|iD=L*y{H%7Ip
zBc~U%+?;1?=B3KwqtC);xfw1>`Eb*o!hDEZnBSK-zc2n$3;G)4_3k-8$%*I7K~l|^
zAs_gYP;K;+@9sY`q|ByRB6eUvK$`GCK+OM7reEqtwr*zPR<^GHo_n;a>1p7op>BI1
zLzbvu6C$H5pnn);05#IpO1~5Ric*rc35jTHl^?<^3&mP76+X|_n>ILzu76LeITlHu
z`(pTlx#;9b-ju>*Y)NV5e4Ux)^SN!l&E;YE{(H$47(HK%IqHl`(lI*>jo{(gF&*#*
zuy`e=d<a*=?>jb%4Zro&Jl*%{yMV~sKHV1rLm+ueEd0r`%DjOCD0(}`66LgWzyegJ
z%gk#2w95dRtJ14jS(<FqpD(g*GCtR{VY{=<V~xz$-Kp2<e45pFnVZnY+dT5kZMs^O
znqHe^4xHrbS7LR{m)UY~hv(;ryDd`STvi=1=}XcHF1x+ks&rDXau-dCuTIEc6_{W-
zo6JeiUiaCXbUbK<rW}Xv1-!N%<xBhQH0jyuc+j-}WYKHljNyyquVa7cG{er2t8mj)
z-n+j02i^p7fiRx;3#K9AsKx!FSGK!s+qd7q@#@u%-9r*7F}&W;(GAjWpdFsnc-EdJ
z4751^;pjC?+-hn(-1yCfK+&GR!lB}dw^Vf$oCTeP!?bx&*O!OM?5Xp#*_oXO3phK#
zuV=KYMjuod$}g(!HqZPRzMIbWA^h|Og#o-8G3B(>q8&;NR&{o%m7!SRrO)V#B?giW
z_g=2?01o;2(19WHQuo?jC7hGfiVUWiuGWLJy<5s1R=c4><sRwL(l6-cU@z()hzd7f
zO<GzvoSxc`&y2E)>A2`#+7I@To>8y42bW^yS7NTa4=p?+qd0ezobV5+$vr*e!{Zaw
znPQ`<<xO(vm+M684pe;0h{J8D>ka`?b4>NbbIoFTxyP984J8LM^KRU3DGUk>(|&zS
zGktNhuATiCR&Gm;`FHVTT#UlIdfynJhrbnZi_2+aW5)Pvp<XD+ppj8OMvoA8N-NsX
z2_sQsV?NH%<`%5O>Q|WIC<9#8;-fAaSD@>&EN%}$g}l2Ya{d5wTJYvX;yaPU5B!}U
z=Gr8Ye+SBO!T;?Q>5?kmCq3zEV(Nz(HKOP!WJvj$;f;xN<QvhA*u|gc^^GIWa;R<o
zsSH|pP!Ij_wVTd=g%nDqKL%t@)h~;y0XByvtO#j`oMk90HHONZL0o3>nTu!>C?^_`
z{KraLJlmR(x0Y;J?ul(-SFofznQM@7vnrv(q(k&m*3`EjEpav}FJXeyCgT%W44@E^
zzrzzBFny@d_V;HjFohA5aKB7JSXo+98cHgOk%E-8G}JT@%=?lLDjqUZC-Y8fzAP-z
zGB6OFNYEx#5*Uh#kO-U<%x*$r`i<{!p-u$`mxMgm;Xo9~U~n8G*_UY&BROw;B8NuL
z*R>R{ZOOGMOA%C4Bd%eI<5)gG$Yme?`?K&X57v+#zi>Cq?~DFr{#Fs_@*U}2kF&(!
zUDxvyp~nQx;n8LZF2|Y}ec*e3)kU{yoXqE6uhH41br!!|-rrTLE>$7T+pms5E|aV6
zKV_CI<)kiCCMQ}RyU=~e9R`Oc*u|_IA_k$hKYRZn7)C@Vj{f`w1oVXj1Z4BSJ2t24
z>?LC4YGNsFWp89_>-FzOm-9cRkI4XF=>%atAh!Y5Fi}NC9Z^Es6+lr5DvflGy#8k4
zxol1*>O~xneaAu6LEoNo8}fd^C+X>%gjbKl4yh}axAyZ|9*aYg$F4_zcaM+5_vhu7
z1CaVYE@=Bz-%;T5Eh>a((_C9k;eJVRW+(ooAak(}_>Ps$d!W%v=|k3GNe%9<bAh4D
zI1_Dhn{4@N6GUgNc{uF2BhU4I%E`r-4xGyLX?U~uj&l@yKMB|v<8Jtzjky6cnTK$N
zxh4_k8Q69`S}rqGw`JEDp@RJ(c{^MBDK&*Pmik<vwlE0uA1?ZRSmz}(%?x}QbBf#J
ze?(SOiuKS;BCmq~r~MJ0bi(IR*F#FHiCE@TWSy4CR)MJj0;^8jA_LH!XXHoQtAMju
z(uc?Qab{{Wz%f{p)rEOd>9-}9sKEl5=GbTxN3V@zyM{VB;ZdOQf`(B@LujL}81I3s
zLNx2}($2~1LY*00M*3qI6wG*WarPt(z;54l#C%`;k@=NqacWvyG=0sU3?iy;6d_MO
z%}7JzIT?TSlS3wJp^0y3qcZ<jZfNdbeQpzVW?7nFwe;pc;kin=Le==#(U+3RM;WJ(
zyU$qIW+{nN%q)#@kPb@4M%fNOE+{ZAiWtn}%Mll%5iE2ta%D&w%qpq&;Lt$*NYde|
zN@U97P4U5P)+=YCMy7H!N)VzNVsQYMDcs%l)^)ox&x~y2z%@KT*EVVYFv&anm7i;!
zxlWF1vCBeRN!gLcKH89Ng;5pjNFdC1O1E#@l>ww4JdFOlBgDSxYGMit+IQL&gh9SK
zS)Rr+vGCspNXH=Nr<Y2Hj3<SHAP=Kn#yfk!$P6u%kqH}`2cs^>%6}Ok&856xQqi|h
zT;KU^@>@4opurOdGtZgwsXbm~XerJ^lGHXG;~T1CjgDic)FH23n@3kGi|l-ub`Z1G
z_2p7UHy4;-tgZ?^s@|bY&r;^IEbv4~N*6ToQt6;wG*wOR>j+73*JI=X5)@?#2I$jR
zN9khE{WQ_gU8a~GDoRMT=CEHU14$UR3BmTfl)}vtLSW6JkpUS*?Av`9!s_}%OnQ%X
zlc{^qf06%4qFJ6r?jfBacL=KikIOeM&{*?5Z+vMN&Z3GHaFf3u;i?hrlGYQ5gs76S
zsMq^+wo<Q!0~^slN8EAq-L~3*e=&w?Ove0D+lh0k<&XhyAZoL4{<6M+Heo^=FA#yX
zsaH&|%Xr=CRCmf>?~rC_4QntMEdD1x2RDPu9Xd`C1I(-#lorXfHwl?HpaQ!pzrTc-
z7r9561g(n--hNs^0DfE){uZ3zmsqHt%->~pf-*bJsVdQ;Z#40f?-37eA($KhS0C-_
zEfTi^l^-S$O74pu`4cCG>9CkVGHb4h4iljZG~Iq57ctY#3T4nJgqxVwb8De5Y)gJ*
zj!Ccx{-Yt16dX_XP2tKAT0Vtnrhz1CY#qVKZ>IT(!1KaX`Q@^12-+H594RF+{FY>N
z1C|cBV~hP3tro#Kg6>1R`TDiXMB7KZX5>|r?RBeOZF$nR)+Sc`2LV>*zx<EE712bW
zk|ALl;CK?3hbR!@0`t)RV+=^2p@~o!_FHKDSc6VEMSu0))L<9Tw=3yq*<12>Z&4AL
z8SFB8iaFPY?S8T)$EY{Bcda83q_d?2rg-bN3LD#^0IJf$p_kPo2w(;L#9ffJ;RS|m
zubERd?TcS`D<t3Vjs5s2G$+Wvac{i<{MW*4g&?tHGY*xJ9QB;hfK<BH*w*_iEL!WD
zZNDKLSMhT!3g`i1)&p#&uldc^j<}bR&F3fe<6bD|<)>?7+RBQ8{DPJpLF%@2M-^XG
z4vB1Q`hw1GZh!1(aVMFw&{h)L(9kMgH8}jWq^K&gj%^jUw4M5*Rsb~iFkZ)!MkC;8
zG%~D&_}V0`p)M2-qfrV(1_w3%7KA{vLH9(YhD>n|1b6{gt~Rb2xh>7{w!WhtJDCZa
zRNN2lW?Y`&kUd{KMs`bW2-JWCmtns!F?lW9zAv=%;ZoP*9rcAhzDU8as87B{n7|0Q
z7Nj>$v!z)DlXrie0HB3b8U9&KRk(MpY+5PuxBHRr6tvKj70r#=4A>f_Zy;8m80qJ1
z9vs(_!aqKD9A$fi-5*^c{_Wujrp@@D{M^VML59Sf60c99e2al_OX%t5+@T={o?qld
z(y0L*$^85g3GIt7h^WGW<15+B4xV3i=xdk4zN6MZ`8kMx{Er_(TL0wdl&C&3Q~0#g
z?4Xjqgs1$;%=#0WjFjs9){jja6XKE_`Us@*$M5Z-S0bA^zq(H&wcmdxWtNj(VfQt(
zNm?k}_8k6u5k6j+x736L0-{F!*I&f{x9cS<dwVnI|62Wzq<X7Hq>kz;+K(P4^YEK0
z=Am$M#X=-J=!__`9E^4GNLbSdw`f#bVf;Qw$Z*fOj{|C!{dro6O&7;@`yYC%=&S)k
zxnQ|!a(26{I;*Uk4}yi49FN@?S_J+(nf;F)060L$zrV+uPK&>}&-{=1E($<vfB+a=
z_L=WDCzF9Gy!3njB}Vy}5jwu5O%vF06zglo=a^-S43R}x4+1GIs!hi1@TT({RdSNq
z1A7l<J54T?l@B5?_0FC}?=pd%68BF^v<kBzsbUQP8i3`0_%p6*!i5>Lt3L@b1PLQb
z?Pd=5qM3rrx_rhLIf7Ek&^30s^j8g6$z?O7X2pVHYfWxEskYLWY0Ek1EMP^odC(Jm
zEwUR_Bq$7vi(Ua998Q)t$cPf)b?cc^C0E-Z-6XXk?@)S^-OUyW^6cKe_bXNJ5rSqN
z1{-qT+_{qL&hb_krqX^T?-}j(^qf*f6nADljtxp8;M5_MLXw7;MXpu+MMmIta6{qC
z*dUY)<x4i;zAu7P$Y+**e}{t%br<Z8Y^~TWCUCG`G%f4QL8iO3pq`TlZrIl3gXr)9
zYCgIB3oyLfO^4yGDg;R-fdn`*RCj|2Q47m?@DC)kiqhXm9qb20lEdh>a0ld~U>9je
z3<5<UG=Cp~tq7Q7Ygn(5;9A!jVA(2281C`_9q*3K1Kx4Tj+~Q3Smts=Ts*1p9Gf|0
z04XbW5fKVksX_0pAtk5kfwnMIS<+e6l^q^qnX<K|Y74v=cSx}0P@V7vrX(_p?KVeK
zs=_?MUgUb{19sMg;aoj+etpHA_}mmj(5_|raHz{g$!8_F?)wX~wXjX7Xjs3M1`M6Q
zpk{{KuCx<1j)OG~%rvsp;n8&~4GKXG`MG++3!`i7$FdJhQr&#aBs>V5w~rRF=}xnr
za6Xk`e^vB0yAc=Jfw=_FljV`Zc}(;3WHw>#nRHy~`TSc@;8ToIvl5H*gc0^zg|;Gx
zRfX%WZrEa4{+xS;4>YC=1i>)0zX_GvaCsFLXOv^>k5BH2V63L53b`I&vZaz0c3bxB
z4tVa$i3y0|qiO}s<~=)$PpRlp9%|F%g77f(;{MJGV{eV$DK$$JIddE~E{anKKh0So
zRD*nh8c8ExiwB0M$sc%jp#~~OrY{K4l`3G?%48*T`z<n7uwZqeRYeC9Icjzzoam!`
z-*iB);w<{>mj&B?e^jarCtjP}M%QrsJKH|*_SYz#{Y3NgeTXlXAp%nv0L4}jo&x+P
zFSZ9~8GLWM0^Yz()do{(tvAy+>*Jjj#+p|ru3Zj$C%By%-(d-Hg!!iY7BPa>ed6vg
z7esr|pRMRBigraxUnLsgamXjs19Phu6J2H9L4fYSJJ6f<D?8b{jVoEXHJ#Z<jFZcS
zxYH;Lo0K|_@%@U%B?f?SAYywHJ{iQ5Y-Pc|c<1jMsPt7akktS^iRB{y%DxeSn?1&5
zl&y-E+en$<>>~n{UqYTjN7{%sP+sZsA`SgZ1%F{SWhXfe*cU*{J6PwALK!#*-jMg+
zmTnq^_lO$kh12Fzm&np+D}F|u`t=qCh(AQJy;-g3q0Mb2Fvw@?pmOjT8U}yC5y~0j
z0I$;-VDk6niI6~CxD)e@bo-!hPyQ=Ds8q%$C#I}{x!v=G^+bzLN70Ipa`xVDMzhQj
z&t-w@1wR1g78}_~yge;6gND^Dod_(uh*|}U+(C7)kAjejKaLXfH`$dYv)wXZ!}@0+
zwi44}?2kE+K*>Sl8_{X7v73@ye<O$+Fi24xS|zBbw&90bThp}ke7qXXBkG8RiA&tC
zI}~fE$G8UUJe8b)6ZlA`oj5iOn87)!dyB!VaRw`AQj6APBW(ZKgdgbsLZ`pbM&0`f
zi#4sg6K3A8ndAyN{b*~P(OTU`G*SB{GgVYq9;!Y$LsnYe{W*Scj=A;wuWurV4EyoT
zi#Fmz-&_$G_ZV5`*^rEVub3%9VIV7m2+Z|tsfpK}h4@jz&tw^l&gRND3ik-LnTJaY
zYT9d(ihl)zA|IlV`v!o~gzR}+_<`W2b9YrUb5oH=wC1`m!99Af>gMjH(<KLoarl13
z`)`Ua7uZ_Vj~lB7F={LE#<RKrO;t^nuO^xrYAaq@4hnBPe8nZu4e)B7;0D!a*W9`a
zKA-NOy{ViIHKtU4dhu{|5sy!`F)KcjqW`0}w}6T>%lf?w65I){!QFy;aCZwH+&#Fv
zyF+jb4#C|axVsnbZXv+O+@5*UNvCIe?%Ve(R@JIv)%orJv!7#iWS`We&hVp}EUBxS
ztl_J1kxEP0=~qE=YI^EWdv)BAy%dM0r%HFE6(VZ{=G%3gFOP7ouWxTVz8WvTRFfEY
z-fyFu3Ru|BY2`vzs5e7S(;VN$h<I~g)9eAd%o7$O*NVy}Z2qClmq>_6_*A$r$hKNQ
z1mWn>x3w&DI#7ZwsKBJRMe<(kvT@s-Oxk>3?M=aS&Fe@Hk-9kKyweFBbLFONjObF@
zP~7e%zEIUEKk$Pb!pJPHmCZS(#6GN^oKA>W34<HTD&df-oFDtR5r`0nH;!_QtgXz3
zg-R4NP7X}DLtV{!PkFY3Lu`-dXalFK-`v<vWD9-l@h!j=1iclF&IR3%9D7Krl8_VR
z9$PN8!GSXm3SjZ)iGO|##LM347&F?NNBhdf4I!W{iUKe1Yl~oM>yvT_?S5zDR^xx^
z;e=e!_$6eQt(AFyLM8LFaWOIqyDtP?W=y)??FdSmaYK+S-l|!0H<9LtOIS=kJWML<
z%;eFnij@v%$h3}zve0)cm|s2c6f})&%HFyzg<ew#-4hAjD|$O*pdXP4-G^njC}zfM
zRgY3GWKb>`!Bk&8zo%NzCSTY=weV7plxXrF)7eK{zwI<WAl5o0416-d@pPZyD-C<p
zwnbjc7@3UpWMFQwZ#-7|e9HS{Z$@#Ks4Dp-0I-Gd7so??w;SMJ{S*s@S1KqT3Dm^%
zCC!4~{6{beGpAS;#-*|)dEz-p<FeGP)5F^=C4QQQRZwh`2v-@GWS`jVqf83$zZT+u
zjpg9JF>E5%*Kt77*=|j@OW*nEdcBm|_T+v6;U!kmJ06S;-54eHIykjib#0htg_^QH
zoKtQSIY=j%b=B@}i~N{UHaZ*#0d~}^9Sqb$xgil`G@Mq`t9{9=mok)2WwP~#O2W%8
zx5|{UG>QS&@W8yQ(p>Fim}k65tuZ&b=Q3t)RIO1tB>{01Q%J#%k|nkRNXM+8UdAR&
zk;XhQB02LpbdTArMnhF^FWW+Ox?u0KA=>$jvWu4F!B~OOo;JS>W2u3!g}8AlgJf57
zJfavJjYQN=38>uO7c5fsPbE9aExB6~)iEd<3CxRYc8+om%5b(;TsTC~sRk?hBSlI{
zlj0;$qw-m>u#M{(WuddB-(KZ&UQx04u?zt(9}Kgywn;b?Hl7$;teM^*>#|HH%Wbj5
zcpzFFbnf(OCX)8ZSB0Vs#`5@)kgL?Oebh<bBF75?Y~u_wT&e*)o$mo5I3A(5_RRA!
z)}3$A=L~zPIa3N18k72j7|AIJ=|?{bEiSyTy|{b_iIZg9`cfAgkHw~c+KxSdkuyr7
z{j^%SM&5rUPt$KNL}1`9L;%Ld!fJ`uY1V?0*<^8MMM)50%RC9JmgL<g7upGN!n)IV
zpLQ;Ah}R=e_gLy{NVlzCj{a`5K8qGi|I}FPf^<Nui5jftX|PZJL5T+5$E2j!(1k9&
z;Wsko!gLMjUNKda`Wq=7RIW0y%Qlw$LI^HO&5@Ioct9j8kIiAd6=S(grQJ;E*_B;y
z=zt7G6z9oEtwsiZ+*$p1{&vX1UF4#>OP;yN`4KVlitX6^78Z@Hd9=`1;Zrs%s^~9N
zFO*vFM44YlLWnS-jk(oXolk`N^Uy#Q$hV3kmA-YJJL)pu#nbFzQLihK#LG<7Lgz+S
zC#RvP+IzT8Pr4d!Zqr%e(-U_!<;{#AEiBl<Qw!A2+44uci&FD<i4wzX0}^2sG84Fk
zf$V3j!}1V7S*{WESIcK$VB#LcIwD4&Eiq1#PBr=m7p5ec`9y-B70$`5F@8k#g36`$
z3&McY^OKC6ct={u0E#QZ!M6JrFcu8RjAh&LS;=Bf?laU^#JcE_gc@2;i3==rN(u=q
zgv=GijS&=K*dkoc$F(GqK0bOI!2}{T4bsD%Sr377Lx|Pqysp7L2Igk-7DqkR{VPlN
zdfE-pDSBoTe2mW5wGN}RNkVExD)8*s2J(a!7q|@DdOnJbKP2x(&3<6mPaTf6+!R)>
znJdzra-qzQd{bUp19h;&@uY|#aaHmBVqbatX}*n0tD|0WLZj+{BzG0@;Z@~2ZnwI%
zqvzRN{`px^nbU`c(@T1`r6i!<Aspu76$4ryj)5@^o>4cvNwZ+K;bDW<VrVa~B~tSO
zW*75N6R~uY%bV!A@^P`Y?6!+tX=qx-F^8<O=H6fn(I(>pxjq(TI<9G~t<}P(P+?3E
zXWW8MCj|hq{@wmswg==LPX=4j%O{W@D>`r<*zF5&0H6g40MPxr$4(U-O+M%u|LX@F
z%ddt^z4$ffa9&FhfG8@4kjM2b$i~I#@`X?Kn{jFy0*7+F?#t@eTg&TD^5R(rZ0^KH
z&LYp9R-45{CrxCcbB@?Aw6>S;m#>yxcgov5@8H@EzjazC8r+aTlzNcyeu;IjH3<JG
z%8`<MR2e}w*%-f(R-2E2WvG1+war$loN&UPUe&OHksv0LKWR4KwWQ2Q6rfkXrx#Fs
zV{}O{*uUsz1{tPP8Of2G?B1{JjLgs61x}zw*6l%af?}}fJjop3Y>Us@P};zy4*X;=
zXN!bILi}1FZ3B6Po>eozpwQL;{#?t_PGN@z_NwSL;|GN5;lmmXVBuRZ=M%(PP2>dX
zab!>OSOUL?QrJVtE`vq5Noz;?!=OCyY9y%v&N0TfA8A0Wd}>Vhb>HP)+tevxV~Jza
zu9_@jsaBKBd|-OVy6Vg^uE6B<`O92(CSEAvC;m8{hmRjj_vI@95`>>R<iT{Nrjc&m
z{5Dj2EcTEXEC8<=Re4TZw<s9`!|qGKp(zsJjF}bjP0Vssty4F^9)y$y?Cb>jSV>89
z_fw3J>3Cidlh`zlO4>5$!09{oS`jIDZU5=cbu*0Z*szf|%!%EgALKH1OHZ#kJ{Jv<
z>2#BGQuPZ2F;c@xrXsS?E5?d~L3!6Bi3JQ-<w>a3g@0^1@EZi{87WC1>I<w$W?~*f
zGK)Idv22UyexHBAZs|y`uQz#^7Snm({BSuX-o!#8I5^G@Cep!N&*DQ<ACWcix{g9$
z;cKVnil7$k=Mch#4@)|%6b~xEOygDhL}M7O8XuJo7ECG7;9bFK6Z`Zpa`IZd_nI-S
zP)x_9hlst)TmrZs`$G^NlogJ^yW+QcAwh}|GsQum9VGm3WTD0_q?hW{U(D#J4{iw#
z<nQF)n5)`J{-3?Z<_m%9{!$jO*mOl){$tW&bXs-W7K@?BG?nZIQ|5bB__!BQogj^w
zMHw6c(uF0?GYm}fpz(v`xN=cl+4~_aKGoLxj2xI>sV4jAJbMn$1~Xjxw`BMd!&Y=C
z@v>v%OqOxpE%+SCj)fBu5{jS-(#t5GHeu@8S(p*%Z<bP-g|JGsePzrQlg&`f%p&t~
z&5~G)DS~E$5AoHKn=FjSo3ypaufLjR7zaoH^mPi)Nh$gHS5b1U%Q8%wLI(iczhMfd
zbMcCx9Ghx4kf2%Ikm=L8yyRX9W|0$IWzHmwvVsZ*)h8@)1_txAEX3iYV?6E9`d)K!
zlf(&rw){1oIevxlLpnSTKM2akW?02cgX}?Gln!5~r1cP0H>}PaB(8v5P;}?4#aB~a
zKDOfmZsKD+!?ML<_!f<~-dn04ONeUH^~Rn8sYDFkWCpf*p$nn45btdI(JkTAylOq|
zCV@fNFu>BvjfOST1F?aYJyvQa1)g$**DyMGv*v+V-8m;920}Sw^m2YkqcgdbJ5BHQ
z%&_#fmPN|mCGZg)f=B8Ngq{6XobatO?jiUv)B7`+UbYWIm<%SGay_Hps7U}>JV&)o
z*_y=q0^KQUR|t$BZh}Z->dkS@xuHX(g*p?7dsjsfXi1kXNsmq1jvyH9I%f)Yv&#;f
z8h$wr$ir)@TM%C1Q*L3ZvYEI+4z!Lsi~>H5Tg9**wB_{wGg3;hLV>5RH9+qy;!z*C
z_?RlXFtEt6Y8Heqo+_rTl3uoy#a9#3D=q%^A0wr?2vZ`0ZJAfZC_^_M3Vc_}jmRrs
z^V?c?%JD-{VW5n>Z@47d;ImR>y?a5?tcrtKt&#-0dM*AjQaYqcZB@eU)|;wNx{FDM
z>a}Iuy`|fnwTxOHGtzxbxuE3CnWe$pqUjw^f^<nEc3_HJ+2&Qe@#-DEMbRDV@bdIo
zMui(_>I9fMu0f8V;#RQfX}fZQU}^VN`X{jkZDBJw9G4X@Y<Hwtq?WaJ!i4fXh9HYD
z^;-ysG3^uJJ(G@w2-MXY2Lk5*94NI|Mm7RFq*<%YuyJM1*JBb5`--*X?aR|!(~8CL
z=1dmE(IdjT*{eyoZ&$tKjtgyIcK&#Z?bsy!ZAQDGdz!HePp7;Zm<z7S_((5<TW=LF
zY?Yuq!kvo3+Y!#ZFY<KfGU%=&5d3GxW>aG5P@f2HUz#-w5<cV*wE>+t_Z*+tx#px6
zddbede3FsL$R<f8es2!j<*AFrO?G;V-#zYuHx8O^&Kua*7<`2(pTPCxhUDE#gs<bj
z^XfH6fWq<)!;|%8Jm|_UUSA>M(edkrI+CNNnCm0LqoUUf2*gJsG1tC?N42jPCS$G{
z#az`U0)z^$O=hEed^p5g?_8Md;a43LDn=xM1*_aLQxi`&T19BhMv%OdSXqn|FMeK#
zXV<4$@$lT_QXvBXHh+7Q>ujlKY-?p{;$ooxhhQJ9zqP<U{}b$k5f?O$58582+iQ|y
z2tY|L^m0J=NH(tU`NHy(XIZLa!^HAsHEdRGgqBp65NXsg*FODo(vpr&p(&SJh<hPD
zR{#9?{@5|m@nrbKQ{xt_ol@idZdF>kV#e|T+PzazU*(Z^M_jRb1MU4=O1(L-mE&FE
z43jISn}f1N^PSt77hr)+WhUy?`VGsqu{#k7xb&KngRpAC<$CJdeCdNujeQqO=bwe!
zj?i#hl|l59u*vskOVbsrG~{IaD>UdCMET0KJ`5^;%-%|NPG1<IIY!j7)E8my+NXM*
z6z2u2L~Em;lz}&_hkmjRUkAI=EnD2sy~O0!j8?p8D4HwKaCYor>6A;xOek?5Z=QhY
zz{FU=4XaYhN;A3GUO|w)Qh=~4zdBOpUR_18DaBSC03X1vhH#T|_4pXJcP15)6U$J%
z0q5G)0Or9cnhxw#*b0}TG-V(Qf$qkzOhGFMfJd#ewntG)Dj@Vp!CK(X;M%)Np%vhH
zz|Tj#b5x$8by+g0B$wR84ww@hfMxvbllDza?#p~92<#v~wI$?Yo2rxgBrKmQ(TkeT
zfy^dZ`Az98HGFXgXXA6NOn06PmWYqqo%FFEsw1<V?YaCyq2VO_FA^Cv7#l(fgA|S<
zR!d)Z(9<y$qEH)sA_k|7;qQRX#ZZ=tm&EL1fLYn*i-ZZ5VsCkCBU=#?lse<J+~;Ur
zK09(${iX-haRI~j3~D=4?DXjIqPu(02|iC^a>b-ayl1$cBxJfiKC6?Mj#6Ktmv__b
zONI`(+@X9~;*ES(dhV`OlJq5*4_Zj3Zdw=vpAcM(McpC<Ok9y!0gv^BP!`LIH(X~g
z=iZQZgAg=}l6(h5mwgW0D^sQ{;aF2e^XTe2`5Fcs>86v)oB1Z(7Foo-kI8uVh4RL2
z-L?uK<f^r}j!=VY7|I%QBno5VeHzV{v>b8cD0ks!CV8`p4b?9!7^8ZnIhs3_FxyaN
zwGLYCVXxxkbL_*Y<vtN*zYR4)#a#a)T+MihpCQhdM{Oi8OHt$5Bww@})v+XHFMOFP
zC(IO}++kg%_(3-ka!d<VZV0jFi7(*x19r9#wXd2(n0bMtBsEN|zSO%wrK}vPkU$;L
zHKZa+Hiuw;OS#8FsFPV3nuJe~@iyacjZAvyj-4OKv2rQnE1O!{T*^Y+cVBJGF9wyc
zetqC6%SO*XrA(G9=x2PBPi9nzHPdq=O>GE=i$t9(j#+DRF3xOneSe?QU1+E`&^nd>
zzAZ##4Km+1HZH6%3zdt*k|)X=x<+ycB2wfGBmI5719S$Z6J>~iXyK_W%2ImPHcCP$
z573VP+Bv{f^Q-Yzd?W`QFb^yH>P^>?XH${_4Xg>U9LOAvT`sXhIvCZFluZ03*Gp1*
zqIfkkSrA$G9TviwNzg#uY3=DeCsVVuT6?6Z+6fqYG)kyg14hUFhs(!t!5pAK@Dq~3
zp}wIE98w1v?8uWGJa6n2Z{jLf|68kM=S<c+tAp@0iGcYHpTaeaa0<VP{GEmnE5Y||
zy>+lKPsrv~?&CDguBn>Uw(7Wj`Kkx50X-Y-3+6K7IP^|@Q{rH}V{_{&!n4z^x3>*%
zL>W+dfd%B!?~RuTaO_HCglupMOy<xn5vyvYc1i>sC0mL!>Ox_X6Ip0hl!qK`$edmc
z&k6OdElQpVSXAzA4DSqRrg%^pC*)m<<ks@LNdao)##MJ8krjt7Jr(w@PCg8MyN_Ob
z)Uke&Tw+MIHoTjyx;)@fM5dJ0?p(503hv$7k*(9!w0E~BbVY;NFLunh6v@<SBn<+s
z09@4z4+&j<pef5?KKsDUt#m8nqe0T586-qRxvLO=%o-JfOR|)N(JNIMP?Rw~r<%;>
z3)b~6nL=k65t}dzT3aa%q1IS%ny}<bDJ^HGcvs8c_d^R@9R#H%iF2hMPoXG85=jZ2
z&IXBj!gFIhy~9ZdK%-6sM>K<+s(bsEsW(N1>>bpic>O)sabdS$7)P+2y1#2BReL>2
zCKB1J6RPz`y&z(7r}w)kc;c*Dz2<iuv&lT+fmng#MD%j%L<@Re^pVG)EdlSUKTm$i
zxIBt%$3iOf|5i+ywN@^#UuXtaZ0El7LY#00$Bxke#1z-N9ho;e$kTky2*;Sj1A-1%
zDXp8z7DyHd>il&Hw^9tWSBBsTdwa|tLq<Crw=@xnYJGktlx<2(UHkRt%{!F=NTwkO
zNEr7FK&1lPk~1cwW8Vt(`trymn?}MiGO4TLfX8ct$OHrQz<v*E1K#-0_=yIbo%(H2
zpS8v2>2l2lnL^$=V5(B*>TRZ;1WcgYG{^ebpW}>t+jq@Qd6c;=R68$+9+~78H<O2W
zeEDNrj67|i4F&=Lq=Etf9RF?94>3yzE3<#Ce@u(2l<uNO40xg<$j^G4g)Gw!K<?z%
zeY+n70E@yH01tgt!X%|n#0h7xS%cvOz=PIt^y0?=)jB?&Ty`XDYiVl+W$X6R3D1&&
zl$T5J+gL6R{scznKX7aRCfbBq<8{u!CMEVUb1LNc9(6o|Qdzvg9I-~VJhQ7u{OW_k
zjJ)T(xaZ;oTKMHu?m0CbiO&6!u_kX%QB3bsBnyOxpH8TCu2e4!ckLwqx%o<8sq9T~
z`dROsbcv~^sKEOSRXSzylvw$9R5V#n7Z{yuFw0@#9w@=QrcZRC0-#who_xG2{Mx4n
zTWuLWzM6SWwfd!sXjus87Cp%Mt|uTA>01QeOxH2QkIwDbjyM#+0sv%H007Cqt)uhL
zFdG_BZi>^>ygMU)$*_?$Ixv~9VKGPvyb%)s*@$mJb>R4YC2(RA_20jFWkgDSY&@-Y
z(}-%ZysuXCnH&n}Q)_RbX?kQ>QxjUFR%~B5-RQQ{dVf6VYIQuM|8@OjXQ}@_;~~B2
z<NfjJk_rMZIAD@12Qi`hl|{Td@Tk9x#>GIL5O1|H=M82=jd_Swxw&zK<Ng8i`Zi7U
zJ9P`DkCHRJ>X$u>oUdHoU<UU=hLEUl1jBQ$zYt97H(-7x=2}lh;qM<?IH1vt=NC=t
z%!FfB%(ZgcYC37y!oKAT>Q}@iS%?^e_)WbF$`?UL+?|D0f!M*F4GGFBWFOAOl(uv2
z{Tozip%geN`^p(M{!dz4n*3JbG12;bc|sE3TJuR`Dzec)SP4-ab_**&h{8VAaW?XU
zc2BkyQlRdQ^`}Hg1JwiQ=dW`M3r$_56eL%R$PxlLIj`ob_xG5YCygY_i_$stSoqtV
zqu&uT<98@<IJbcJ&@%zFFaqd_=kg0oyT*+Li1X+~i91n}izfQXikA06Y{KJ*1v7}h
ziubdr_#)B20l<nQhBSNuCwfce!c9ey_OXK%PPhwW#MKY{g^nzNJ9g-rRE<cGg~?3W
zo@<@LO9-KuE1Nf(*Cd@46JLkdOLcT)1t|ICx20Ehvo;~%zR7-(N*3IUR-ty26`#52
zgRDA&7VI36@_fVo5DiX1et;00g`=axa#e_%cF8q^OtMIYzE`?lW^B3)Pej>yML)`e
zulU+H6?pauFCq;wXRhI6VuJb9drC=|w<L<uuPUt}gbK;IMdL*B!#MKJ7<JGR`GQ$<
z(Mv<~E?IcecVt<t!ez(EAr>}hAVm@>C&NeKeDp~O?8wT={I5~eitF~FxMw5@GBP^w
ziDn~V+AAvnI%qOO?<<nY#G_EahpVBXv-lWGeU6c2C^StS74j`;sDUO;7&>aTw5G<=
zf*cAkj=3MCD>F%!l7Vt;cm!jTv}K_ekAw%GcS2-~!W?j^VcO;2MaU-fac%pea!s1(
z^6Z_$R=$rdRY*<AIn!6+&)D{zhP=3Eg5Qr%Gjjkg07|^U2XJ^kn>Hc)$@Sr=sAZTK
z>>j-31ev+;uJzvGY}iisbv=3uc}*f^l4%i|yD+O>JSbWaUPDN~iH5+N<J^Brjwg|i
ztT|lh#P3VWa4oa-viep^-k{cH#CY3{=HsXtG>?`{sdN->@Dx1U!b?6*vP}EQCW;mQ
ziwF8V_qZ!zPuj5F)Vk9>jT3r)9_EYpQu!S6@zO4n!yb?{fy{#+)%0tX?lKtx1!r6o
zbKMl13o9ySCKjySbRky8k%CuWotk6I1LqBrx-B!@A=kV1tA@$<PCwwABecUGSFoC5
zs3#Yc#+3zFFYG~CQQ104_*u$4K$77r%Sh?vCQkFPu>v?75?hr`j8yRq2fzx->}{C(
zS>4#(O3dt=-Z|A5i0On}S_dGsqI!ik1U?YvNAJ_*O$hI4zZm8kKB~ssI+Yn~aEHaQ
z#P`SA+mOW9!1OAvkM!?fxyvQwRX`Gkn&;FVJ_>fCwryO|O-(c0I@jni{JM&-Gq`@G
zohKQfmw?cU?WNf}CWTDEfAyrx(J3o1+t?kkKrdt}Ml4*#GrT`(C&>S%J|~l4H;@^c
zb};v;%H3K5V7c`uGdwHbz`~Bdqm>#5kHEHM7ON0?S=S5U2)1T<Y!$&wF+A@b@NO|A
zZct{+g$Z$es%zh9!Ia6O2*Crz3*zgV-U20)hMzR#{&Wg+q&;D=q#naEuHTr4Q`2<m
z7u!^p1_ZG8ypEiii;|-sXECV@bO*_|FNHXiD4=p2Bn;E0VEI_~tLb6$Y50^4Rgo`k
zzplxRu={zU5DeKTO3BBSq>3s=g+k|tPOL%65p#>>y|?2pc+|pO#aWG73q*nP3ur~<
zo*yW-;8*@Ufg*mtmeDTb%y)^x@2osKYj4l-;1M8x&Et9ioLOUE-@i~CGgLC0y|u&J
z)O}<?Sr=`x#PffzLWvAFBiDk#0_~gVAD}Ipj==}C&hv9Wl~};935=z>I-=Of4J^9T
z?kK<SDn7;5TE>VBOrVqqT<tLXcznaO@)ZZrbYcZL_}I>kDLfGTdeJ9=!~*G^_-HMS
ztUay`0Yf395R#Jz&Xn$_S=UHkLqj~n7*Qoho5aA2NF>M&JBiHJ4H5N@1jrr+<VCF2
zY=~k_5ut4ciHrdrzZ!S$+1>lNf{y!a0p2fBL$;T=bdse9yJ26~1Sm6>uJ6|L`V{z1
zd_9S#;ZE`Qt0rDerg6yG&>P{raKrP8Tx)~Wn+Sj|fP+?pYekvy6q=R_O(%xvqPaq`
z^3$_5iH+PRrAnVzfsD>a%l+(Lzso6iS00iqf=p$?D3`+Gd$kwUd8v@4%&a>e3buq?
zRMN68s6OE=ZM4;!xuPK<-(D2nRohCu;F3Za)Ma@X6NG1x_2FRfV_Ib2RMn?-z%ksB
z9CU3!j%H)mIg8F6@w83pz+RSxc-QQ=Cl29xm>#ycMJa{!4E$WXEUbvN`5UMRL5%ju
zWs8C}gMplnusc9DXc4=0JtoMvPyFwli1|&lR~c`uaSYm+#GCWjNV!2V(Nv~GVc_~U
z`~Z0Vd<1iEl)A*|173){ikdotkE9%4!<C^Q=J7LbwtdtQx5by{dzZj{cAm_{Ox-o`
z_|99Q@Pp+6H{qbOeg+MCku?XpSn>j|3A*Y<+k(`FF6jvHjS)7TmruXN`UuAWIVF_O
z@JJ$y$lPt=4J9_Pv~Z<L0&WM$mCn~En>}I{fo0{(^s#I81p`+^Mmn8B#^y#RKv9>*
z<WT5fgUNS8w`e2h(xL^Uyn6Lr{`y%xlb1w=v@an>Cn_x+pj`<@+oF-rw*xp%nbI1o
ziSqHi(%76THtpQaH`NikF#n~V_rwb18wWxzwduvdWLS+HoEyP$2-y1bhcUV9Q1vWc
z2T?EK(O9Hm@`2f*OQ~cB20_~L#`Q?pcVoQKEOtKbjn<Vc(gy}55_PD>4bYcNXkEi$
zsm^A6j`s`ts4AA;SOI5ofb@`5a!(xY&rzmVemN4KaeS~ef!m1XW^tWN=0a%@$%Gs;
zSu<>42z~MnJ<|>QZA^FqS3$6#%u7D04d<Vxh4RnsT{@3Glr1oZ_sDW<&`5VlhuIAm
zjLRn+*Rp-vu|hgR8#)TTp;YdQA*u?Ut$<Nj$}V-QWTh^GUqE=z%my<8?}cvSgSj_i
zL=jt5G9<jPTaxJHyNt}l1v9$o>{Qz%bDM9WWLDlI_DEaST6eu(PqS^ZiIpD6*$}wX
zM3Ra<>*m54-jmM`H+f3f9A);Hz}Y`pytyQnKB6aKD>NUT2qe+CGl0y&eW;D9?R0J#
zwi&|~4@LE1YKAV~<i5o%x-cNk)93cCpbhkNXgmM34o!oKr4=}PF4=;&PA*a}vzB8G
zHtZ_q+Fmu~5`cx8xb7|{oQ1U##Cn?PIf_NSZLEeE+M{qzPZp<IC00;Z9}p6*-KBnN
zc)U|;$=gFa!0owtuFzv}p#Wy)1hF#m&>VYmJ;ZFQo^&GK+&q4Y*IIh}(sNg9XLh1!
zPxM~npgELJk%UqX>k;x~hlTrXXav!9%VI@;a=aKJ)$t3QW~}3`7Oq_c!Z170lbUvx
ze8Wu)1!z)%y)Tl4%!eJ8WlvtNw5mwQ8aNW{=%pHVVjPhcv|<p<ZYcQcS?)u%Bryj5
z29X+Qo1}gx%$?B~yc<-5SK_@$en^;`#<zNIF{AXnd>AKVg<Qfh<-u{80Ww{Dv<H}G
zF4d*14g{+CB18$&E{m7DFPXk!@{H=;+I^-fePQvH@_x)w+Foc+m&pxN8@S-Hu63#0
z7h5><<=PFcg$ZpjJ2AlImdY*O?6GEAZ2PTTYxBgKT7AUM)yWcPwtw_gt*E?qVO`#p
zSsAXJu<~LAIZ=3k)!M<5H*ZvA1a(#TiT4Nu)}xsIcE<9&BK8Pf>c`7kb6ZfXN4Qm>
zaH|D&^wGM$YpIQ=KXfHWk=W)7xF_$E^SxVcakL#$8Jtkb0rPl19jOp+En2uIfBe(*
zd&G6)z|ol=-X2{hy1=JoXSfGFJMyv9)mx~@!Gam`;#!VQEoTEvgKe1l+~R#oarB&Z
z&oetbA3Aa(eY!CYT$8+-{EXY|_1RweFYPTTSaL%~6dxGo68O=x8R#x#QQmpipvF4T
ztT`gXl%8N+z#Kp$iR1Ru4tRP@AVP_le7V-j6Ez%0*ITGPH_)I}#lmi9!eTeiWVRiG
zR~NDCspYCIeD?Df8&E7NU4c)d?<#Ae2CJDzf;6ja68tqb%{XE$2vjn$usZ@SS}{#f
zH4M8CIGifehdj{VtW2Ozm!6tB2#1I3<T#T@T3gAP+s_pFHQT5z6ksP}yQayBj?c-N
z;~;E1`DN--HFDqu=Uw`7XEM7lgy%D09Y^$&s_Dhf3F6J=EK6uDNGQWyck)PMeKs83
z>#&v>1Pc1her8na+rVT!ggYoXK9#`4Dt@ovq@t+ys?6Pyct_60cA%&mGD#ZhK!ZNq
zl@3b-Jn;f!w3-xAA>lyTAAB`1wLTN;hOoLmhp~nzGHWxp4vvH@vr=!43$ORia<FHZ
z6pq#lreO=Fq|~cQWJ$eLgRUXoJis~UP3ZKTZf%fyL$`Zp4M$d!1Al{b{Sr>?D_Yjv
zN`sP!V$F1APtId((=iZ+6*H>ki;jKkiv;V`bo<;CrZT7wx1!1#b2#+nx6@%7;LlxL
zjDBi*weZrw+1txD5FH=8H|7NtLN+)FX1BBv$oECkXB-QtpT<>*%?<@?qXQ3!9qEGE
znKHC&?dDwi;Y<z{XS$~YD2Ve0_ivr=xl57*b9-8}npRkMw91$1KDo}C-L!zrj4afn
zB1sgmN6qXPmie_*4B3~C_PnP{ObhDeco&B-lElfI<`~ITk9)i(_93OoQWet?c16QJ
z)OV>i$ChjM9r{LJw0UvUP`tkrkAWpeWNE7;1hWIjVn=+2&Z1)7d4K#hHB-}IITok7
zdCG{56#-hVan0ORylt*n8I7M$f33f4CKhK#THn#PeAhg6a*vg08JomjU8>^=`f&G9
z&2DDx!|NqBICWh6^or;1W{3WThPUbA8wZM6Pj;WW56Kv%D(7YO18H>UeQ54q&^N&O
zQt^r<cPh6eI6hUH%`-2h9F$yHHM-yAba1f+Af#y?PrhAbwuEbZPlX@2S~VaQ`$gE6
zZmCbqvNj&`tBK}1`4REgU^=X(@F(M)SJy9YstwHFoF~_6z}8Z9`x_t9I*{EwS>9CF
zyiU%|itnr5(yiG0K!DX0xjd+6)8^Wv7G-<@M3I}#*L4^{5B8C%EXGI^s_4D0SYEno
znX=-uDIY!~YRorz8AoYVDeEnr*N|~^^Mc0FcN;9#wQi>4&cmS{p_=h%7IS-6?AsyI
z{`IF7Q-x!r$UARwPtWe=+btuR*O#-dt1h?mkw|Xa52U>Jh4@7j*_51j9<29Qjn%7l
zm~Op!1<_cpQQRni-t+={c25GHYr9!{6dUH(lUw-Lx?U~qTG?g&=S7Qs9(+ialN72R
zVvE?<(5^~)qZLLC$!+<(cL*KOot-y@&QC+p4-qZOqQV$Ao9AsrqNvVaPrl4yA0qhc
zFXQ*v_drt&eakZigDPI@q}1sAb|@1^)(Pns%ud@UYT&8kxs~M<>O%db-Dz@Yp>wd>
zV>L`E$zxK~ud=><QRPT6`PfI5d&r%2kpbLt+`i4d_&N^(iR!#!ppOsjjvriXm3%dS
z<;G7Xl)q?vs6cSayDd}?4X+G2Hp(ON&c^BFxRTDVm9FQcj?qDWRp{&dEF?)XUB1iM
z*sjiY&lEJgis;<QI<K%@UiRpu%(oOHgL;8kE)Q{u$WaB+)D*4GcpKjj(JPI_E2yug
zYepwCYVm1xs>4xG7E`aJHz3N>K@^R!9phrewBVe<b@bX9#~9hV%02GB0V$xJm}D4^
zXuJ7Lqc?Us54uUl`L3dqT0a--#ir9|yu<=(1{=DI`8{P#_vpHG(u>QuM1q2AWy(Rn
z*h|HS1_6h-HJ~-61BU~bb;WxcXRPu6<`OoJhH2rYJ-<$qfgg5lQRO~r&danYGkgs*
zem;^p&o1N=szaV>gz=yx^))=SD9aLK<wefE!2S9c)UB-i!1o$=0o>mLGt<|5PtyC{
zCp=NYc1GWWzLbJG2+okekXfP{2qjha$Mee>gl|VdxNN_?4<WsNJ4}!?*mkkXj5QGu
ztNcijduBCF@4Fek#tX&7B$X+%K%UGo@)93Kmb2jSHBM7yAvRjsYYQryh`R2@7ZNU+
zkBB9kEclwhW%@j0C8gchB_^=`15G;1Ah!V!urhwfHUTxv31n4SNGw>_uiZJvt9@3H
zaUt_IxAZ@66SK`%Z?Xfg<y_NGuj44?M{#)oItV2nflP)20q5CLN+>XC9RW@43R+WY
zBtb;5akX8Vh$#xPTGjKyv*o!Np=GN9F+P1aQ7y6Lme`td%O*nhWai$V_GFNp*YhxB
ze3CDpsDZ@<kMKds9u|b<%~RlMNa^w@JC$5g-EXoYwq8;tY!I0Ayy<5g-XHh2rgonw
zV@Yha&{&1fI=Ni>I#O|&#;2+~Tj$3!>QiO6#~FCANO75#sJ?oa(0Z|+3hz#}djVQc
zpV%5&-x})QYPB=t7@T*4TtAg%1>>#-p13pN2sY~&KX#M0^tG(^QWI{L?UH2oLam-Q
zvGt&#Rg-@euHkCgc&`bmb!V*3m!}PZb!)<ran`YT%u(Ir@u5BIMB{5S?(vtr6X~)O
z%dC_1Z<h~aSto>FbCI7B_YJKOeyz)Q;ep)n?kZzDT62jKtG*hm9$Dp_b**?3+6Xw-
zyE&5Hf$N!LfiJ|=c{{H|oG*}gs3tbAUvkyL@NWr4s*Lv$T<9Qtn@c*vV{GN33CrB8
zI)rj^Kqnq>Su+BEJRG3FK1FP%?^D;h)KzjGmrzoG_0VfQ@>YS(R@p&`L&5P{B|P*o
zeLS+a+{cF-T63$S>?YHVA1KctC~a8@3=2A{+@9q=CA(#GZUF5(MZcx$*?y_Ux8l?0
zJsZ?Tem)1oI;rLgGvvScp1@#<a-fpRDWPNW)Uk?g1{pQ-AexZn1jEkLdA!MxEiCT?
z>#@V|g&s9$Zxrs6bxHcogu^!XZ9$C-8dd_`2KUm7r)>DgPviIGZWFr{X5>yNJQkNI
z?lWV%d6Aa4*$}NP{AY!M<S&(+eQ%=Q=JZt+L2z^LzN*cnAxcoIrADP<e+ux(ZCQQa
z4Y+2d37%*)E!kL#v8@EXp8kl3BM7sJm$;23VHcj)01lCw68Jv4@QyeHq@aA8VMJul
zx~Y!vTq$9MGRv+a@kxQX78kXE67HxEdEx`atpK-E_i+nbZR?>4hCWwsaQM}|wfVdU
z^|FO1zlYLF96d<VdLQI~uT8j&x8qHKERn^au|#i%Xh1*48_W>N_y>Li!K%LQ!IGEc
z46n=qd$b7g@%Zf~T2Z=1B^cqvgtWr1^dYPR`m$3@u5=nJu;?&2Akfc4H%RB{ZM`|=
zL_xG8?yXzt2P6A9uG58cU99<Z5NJ94BoboB4DKs<s&&ZA5F_^o!$gV)Ss+P*%&aXM
zH<pdpSKEbO;p<|_A@29aI;5WVJB5U_sD7@?EbCk(!Rr{NY!(1AgcYCqb;l;juP+j}
zE-zHGolcT?fTtIBjz-@$)GPRVDge>f{3*Zb276-D$*m_!e1mS5_t&O5Gdop7ebmH!
z(sc5LernxpgR)XyuM_(Q;nW1(CINI*hcY~QbR}`aUn$pJr8(oSSMld1K6{ue?Zi*G
z<#QAC=cPRps1ViB3Jx22b(<UVP!RJ#(U8k=W<>Ic!&Ba=9d#Re8w2er1Z?Y8QM$Dv
zepEMu*=^U3y*)XzM|~6tZY#V#p+kP6YR&6>qCImw)fBpYbk2Zki^Tsl#~X8qzd=U%
zjTiX|mRDt6Tl^c9k}U(1PH&P($H-T)r2>5f(R$uV#Y10Wo+LQAbpaBdFgTTU5@h@y
z;o?&w5}t%`#xvcjq8tB#-Vaq!F|WUn7QKuUcl%t^@nOvXna)UI0yWODsxan#3J2&k
za)yo)7ra|Sw~;!k?~4qgvj+2YXkKMtpSP*4J`9Q0AX?$+21#q&bm6H>aCrr#B}A(@
zuy`H|wN)BO)@~N^@@oLQYlU#FT#v_ReO`a&!c(c4rT&!C$1|){VQu3>q-DuOP&L(5
z@pi*tD;+shyhNu0B^`F_2DZ<{3N#Utv=Qc<i&>qcakr`iAP!}Ij-M|S579-x@jFCA
zKh<{A=_D4NQn_r*HnD_!J4VM^9Bw7LD>t0|bX%Ty>sU%e2jSt{ZB-2~i&L+`IWMKm
zx7ThJeOpQ|<-ckvopA{7PypQ~a{d&xT-@nNd<HRRiP|c&2J)!&r5itc_w=}dOp&QF
z$)43OL>aXT&s3Vi5J91;FbOv|zb1)WeAsZj8?2vY{3B6HsGyy{aT)sXaCU<N(@p3$
z-#C~25MIIdnXW@niU6=2J#;>Hs#$T!gMT;`)U_aqTWGkc=Wq{vuaogm)hy!}_5M=#
z8b=9nP=Nc;2x1;4yt#STkS>$~bL|N<zh)hkC-J!FPNoC#>(Z!)eGpp$FPsqfA?qN*
zXBDjAtGa4Uc<wJ+iOA_ywXk~ONfWzEgDd84Sm2iAhMvbdo@PsZD{<X5lt4#GpeH2I
zk@)NtCGbWH=m`b9AvwdQ1V%o;hXF>CoF!5MM<szz(7;jRvwKQl`O8X(muD(5w+3L9
zeR{~~7~Oc0udgp=)kx2Xs~Rbwube=e4iH?bdp|#<6D+4^MTR<qLUX<Fo}DAQBfI4y
znX>eItN`!!EJ!|ruUa;#MNd6aGHe<&w_;vw8omapTBb{RdhxHxDgZ#p30Va2y9dJa
zQ%XpYk48*dn9f4S!N8L4&%ccQ$1hvi8qxl1qU+BSQvUmdzs-=*{A-5n`_vleGp9>J
z>=gY40C4d9FNXh$V{K(Y>ttbGs;q9dNRQ$%T260JUK>;6i_FDHzKl_A9%Xr`R4Id-
zSF2CVE{1u3!r91nMq{aR{k|fi)$S=Gw?0M}rVt+9pkul(G<;?{CMxFGOQbq`51f#|
z?)+hqyCGzI{97kMB1BKb?t=&Z5gpC(gInwCw&N4!Pwyt8Z1N~%Kx$CbDXE%YQA|so
zs<6R~5WrK~b&dfEHMEJVUI$4;^PRoQ<%bAf4iyt&Vf+*#zP3QVMwpmg)@lf~5T4#G
zJS~G5E4=$!(ezqWA>2nij=`i9_x(;OU77C0H*AsIGo}MIz6;$O9Lj;J8n#Qg^dX^8
z=fTW*V71?7s1ky5cq3}cGOQw{s=+|&65i`l=1-a1YBS;jXinULP$=$xKz33K5*0iO
z%J!hQcb8mZ+4jRB)biO06ierd`e8f$k%6P@%!VBPHZ{h{%%Gv>TqyPt`ZmQIjjGp;
ze!@BeW~f^UFIp_GIJe(sRk0mv)_INxO22qunUl|!O!Kp_Q8(2^t(MhHP9$Zwj#BIr
zpEdLM#-1mqM>XhyPV!-@#e2JlenfzDIqaM&JtGwvwmFMj+ipX7OEhRE1~E;)G+zn3
z2@RbaNcA~KLT2gQrWa?T2{au<CUWY~it9$*CY>d^yW_oq=Uilw0JO9J7%6=(Q8DW<
zN$kqIY8n$N_7Vjn#QdF3{3u#ZUO770KnZh+txLCWZ6NeqOpjV({ITZ&l%n)CWGQ-8
zOXoCPM`%^56pn0nUB)Z}pOHM$bP~AVLonmxJ?Pn6GVHjtrxBRt`z*|S-0P?3(j^R$
z2-9VFZ(SnK)nkFJ2YeLSIJj^&RFXjG1=;a9l&c>~W?3cs#&U%<sEX|QD%P<rHFOJQ
zKZBgLvM!7XY@Sc&I4L#DIgjNw>ei7=k0q^64K3I+BkaKS;JO3()eFavl<gLXx4X11
zRXP$zFb0KR;u6d)oZV#D;omyD)RX5&`XVywCrDA3Ao}Z#O5-w@*-Wmj%5E#H<(>r@
zu)j*0kCTOB0+v0@E*%l=j7Jy}rm@A68a1G{pJ~PnJ%WBOW&bFxd#JF}=Fgujo}X<0
zbt$v9wX!y_{a|8Xr{EwnEI}hqEhZ%=TBLX?MJ+MBArDU>rDRPlr9xjVOV3pEhW_)L
z3Pnh3C^`B!^h{fn5;T+}L!(v9Q;bY&;&cOaG^di4!*t@agCnElw8PR{;?$J=k`j`%
zAkZ)JE(R&>LtkCU$DC8u17syYKv7=&y2gR}pLd9WBR;_IujqR+NPysTGG<3oYOCi@
ze$P*o-yw3n$$p<qiceZhSV%#UR!aEyhWURo{PK5(ANaofb1lHXO9A^siv6Ef5B$57
zuYO300`kjs2mcO${R2Sg*MRTU@}GlV{{Zs%_aGAsYx5uO!arzpcd?QvhycJ4DF8t8
zJ94#m^IxC|7#ryQ&-#>~(PN&Q#+{(gtq?c>K=%V08~HDz|8?-q&+wp4Ay@oo`0mT!
z3eI;pCF*~MD>_>7*&6+Gb&Y_rj)~>3t?U@uo|S<C0QE2c0L2ehGSL6C6&Y*0Ut_fz
zLGQ?)#XmiZ=llU1hx?zg3MQ6D<_3RB|5h24Fv+u_{TIJ&GW>1`_4R)?^q={zwe4?|
zpV_bw008|D{1C$b;uh2Yn!eFDL{|T-ejDuP3`9%%*XgXkh9`5{uCqSFiNSu(K#Uas
z8Lq5j`<HIOdriaWwP!1;e<%a(RDb;v*nbUgI!KUge1<pu!9Pc|e;v;DYq)SH5yJR0
zT;UJOFB$$i{LQc7N$uM2n4aMup9=uj4{&7Wzfb^v`(U6iW$?k+N?+i&rRTr4)anDu
zPWaEF#{Pq)OxFKwNzK6auT>O-<Bx7L|5)Mo2XA3={B>_J{u(|yP_?!6T*~qxemgkq
zJDiLAFTj6ukAl6mwUzCMUt3u7cAQOlmLK<roMg)P*X1+)8lK3~?pE~--}wVvPVle8
znSTurp+Voxc!tOR5iauA;Vi#~%S>4;yn2Q=zWD7o(04eu_`hFl_(4a{?75CG(a|+G
zP%!utuj5j_2YU+%0O+FpwlnfOK11?v-n8*sN%<*;^3QruYo(0tpEGa|5&&TMgC1?A
zzgdrpv5C3C?~i@|vo^ri+q3xPv!)BU=ibi`npQOa>kvSCI_Bp8GWaKDO#rW{5&GHQ
z-5>1n>;13n{Yg!TXqLr0@@y~ixeuoEgS`@y{}&;S{=?<3?a!e9BhcZ@a~3fALC&4^
z-<$;mt^SY+{zTNJxofu2bKR$b{M(_$-$l7N{mr8OPawuW>}vXx_E+DOqwwb0Svg2Q
zmtPUDzgd@<p^&+q!N2tUNnOa)syui2+-tvo@pC)T8u(u>JpYs28h$_d4(gYs<6H3m
zs&xEGjZ}#1K6mzP5ApfVTmE3rAnNbF^S=rC{+0ic_9xneMASn5;fvcp_yU;tzw*VO
zG@}yRMPk*@x3x9_0O0+>o<#b8Ywvdz#jlOQKD_o2doFUs&yLso!I;M6-|To{E8E}K
z0e^D!KObEFT@dNw|DVU0|E%lhLtVe?$_D=59r60Jg`ZCh{cfRP^Z)An(4P(bd~Cya
z1HL!^Zx3<!S;@~a!oMrYeE7eK82*RG_NOqu-}#!LApd^`_5H)|^q)c-{;n>8`uD>A
zH-Qd+R`GL4qVFmykpHcUKM7FuGymsEAm91P=zp{Oe;F6#XFWe}lm4y;7XR<o^A|Qv
z|19t4onznSC6WGjx8uisWIx;ac@x!lJ6B|Xmm7Yz{OcL9-yVp7r>AUwkU!3k{dr>S
z9}<uLG4YS{Wq%H$`~d_h@NYqXm_PgO*I&(`efO*Ef5rXheA@5vznVJuj;|H|Z}HzJ
z5@aR7!2dzvc>Y^P2LPNzo^v4J{{v7<0|W{H000O8AZ9s8t8@>~nn?iw<&psa9{>OV
zS4BcCNlr#DY-wUIb7OL8aC9wmWn*=6X>@rmYGHD$yajY5O_C<45-Y{bQi++FnVFfH
znN?DWnVFfHnVFfH8A~d$bk);+xAV{K^lr~gyyuzEJS{$VPy5W=EHWbHr9eOdKz}>F
zn{tQ){ksF|Pm>W*7NC)k6{VB^hZ-ah?jJQBfz=fCZ$Lm+z(7DK{{TNgz`tHiMnG0V
zR76RcRz}n%ZbBA>0Y>C0?jC+yEzJU*o4Mm2p^-mGSwBK>c(PR{f&8xV;YQ+2xl=97
zyUOXu71z}%Dslx`WLRf~zA{V^hS<V9)`8i}_P$oi?sstqJO!rZb8D?WcJl?o%`+BG
zifPXJcLhD><Vi=pvZY4d>)Vo{+m~nc@Ci22mVk;hT?4Q&VL&BPIxUi2Q7Q!UgQV!M
z>NCI9<LbI5p9KAITM1gfYPCahhs8@H;NSY42d6aFnp6C;65j|s11KKhpdwvw{Si9e
zt@}(Rg2b)rSM_0a#?zoFNGtRmf}(p~zS8f-Hd1(^WeZ!wyP+)=)pm`PsDCR_35nF|
zB=m5YTo8S=_-oyy>t^_x)890C$KvvbkC;=LrwNshI|@m?p2y2fq$}2XYRS@>u_df^
zZU%ru%<clM_wa#eyScpLU7R|rM;4ya-G<Bu(Aq~Whfu414??+-|Njg&Yw}lvq5gYI
z7}(m{IU6`z*x5SK{pY8E{%LlOX8%M3?jIVKCbm`<woXPC|3nw<|EFtj?P6x}PiH{#
zpPu7n<Y-~<>||o(;%MRQ@$Vq!{sRQf|1HEn#D6jyo_`fez~0``&egzL$j;W;#NGLy
zKy&}A&_dP*PEPg)&gLSv&W;}c1X=38i7agL_YdqGC2Z`i|0kEA^l$I~?|1Z1Ovv`H
zB3m2Snz<O5nK=EA@WQ~>*wD`XpFpwyt59y{7S1Nt7EaFpY=X@HDyo^Iot^7Hqk`Cf
z5mD)H{U&1nCj8xK|6~x=|G7c_uc`N6U6`_olk?w4R5UTNb2K(_{C8W~-v&WeE&EFS
zBT<6@0WkvoCjs=&$h1~==1wkFCbR}dMmBcFw2FU#9W9KUO^mB%rU3o)FhIL+*+wUw
z0|<zN0lB+v&3RE&78Z;yb~m-JK<&Es5HI42clJVfVM9oV>@P*YbwTxj^|ILM@4;Iv
zJbQ@Z4DqGCy_t*T?GtXxMSNwrjA->2c|W#ZP|ImDw>?JN3OmBAT;DWvH-w4eqk?Iy
z(lTOYvM*vrqgUBFZ-|yHki)pKvjEM#(*{shxgd9|T|j?brxz@TU*exFyB+NBG53GF
zPIDJyCp%kO5qD=3Tc<xgManX=zzis~0MRgPmOIeY);gS@!a_ewjqL+O52|74gz^@a
zf5ZAh%N>$*Msl@OU(t()22KJsoOgEm@ZFT)?-c68wk7^-oC%K9OtoYw;$HM`?o%#O
z9z|$}{YD^8JeIOS^rGfCY6D$c(vHV*57zM8FX-ptVnp1y|5)y(=zxj*oj5~aEePqf
zJJAjCNn8K{GNL-MnS@WEb|OA3f5h3iIx?}_IA|lhV{g$T#}Xl6GfZ>GJ__x9)IL*w
z!nmbi*m>~)(qF6b0gV{rn(s@bvB90O0X<=sW9;r^=5a~n%Zg7`=|QD5&7c$}{uhZz
zlgMV+e1W&MueA~UpoFz)LhAc`D={K;F9owCEZG$v<la<(C%C41p82J4TyS>Xu+^+y
zzw(P5HVZ>)U;CJoLn^vOvPQX(qez+;TgJuexz@TxyJ+DurBQ?0i9?-;6mlE#khU+4
zF6UJ3N~}34rc~pjDoX-a86G9JhxoeI(mMIm_sRk5tDhQ@aG2$K8=juSWnT6T0U$9G
zeSF#<(0?_n?%d`c>pwy>_5Z=F7Pc17v=V<_EDWqIJWU)Y=p<JrB&Q~(C#hto7pX=m
zWFYDv!V@AGp(VqW5~Ly+r6>)wc}_A1_xJq=<6%}h<MSnH{{yY!rn)O#{<sbtI1rHd
zzZ%5<<K}5$Yi#09YiVL_?ct)VXSdIe;QLgP8YR1~MbUeGh9|3Hk%XjF2@56J|N9jK
zsif7+(3tBgPpRi^8dP$r15Xe*#>~gp)LKvXt83wwxJs!w1AJ##4<uH{25X5&I>3bk
z{{vB5uWmxF0FkN%DLFq-c&XkgzAkMIztVHn^ZDwcWyhdcW@l6UOb|hb$JCnSN|r+q
z{79dwY7=L-Pc<t=2C^y%NgDdGxgMSo)GqfNu2zgjU7xjE5x4v&!1B-_^{fT*K>8ww
zii)AlZ=6G^0&thh;L?+jRl|MPBq;^a<C%zqQWCy9!9PDL$+YzCs>`;o;a+ROt9IU_
z!m=Myz@_QB4Ee;S%JqDZ|0uv?1fkLG^rv%h?Z9!<0~LhUn@>T~M(`}T|Mml3K(xOQ
zy3joX16t-{I)T67R=^6Iix8Z|j*`$vnMgF@j8=o!jWEaZ?`9!Mjzwm0EmnHo@pYxZ
zd98vb4^pe9Gc1wlO)zXxZJWsioK76G4a^wD7$kF`x0bT(=FR4LEY|x)`a>1mg4qgO
zsfX!<U6mpOyUX4uy9{^3aj+1=j1)J8X#tel@dkXtV+K$Kzl-mITne=HE>Nj)Viq3o
zYdHB2c-;}qaDHEH;~on9$xL<HB>qOyg$>5I5f5m#wX{>WK+xR7kea6afn?-;(7;;v
z-p#!x&O}HG+acDp<B9Yq8gPh}`JE^YE=WhUnkN;NyW;pn)|B%e(bV2!3yzVM7$Bb@
z=<?M0!~~RRRSG|3U-gr#uALk@$PMC17)Ews#Z2a8`eT&MEt7=}F$HmG3bc5YO+w?D
zB)Q51I>1U0?nIumk_e^7hN-0{a8d}`CnucFvdG;b6=(sLqueve1O={!BCJ34b;e`J
z7cJe{5T)}T+jq_QLp>6|qeYYbVC!bUj=J4z^%->f0d#h5Nhg*uP#R~mWX1P!X+y`i
zuyOD1Fxi&^3BPy1jFF7q)JNqt1jLt`e_Oe`l?mSSUhs}llMy7Rbn029Co3UD*sWyF
zK7A_KkJT_tQ(U+t3q0mAWksW#F#%{+Z3eZ7y1U@^NJF?il)gjaueys$19vYg!n0WV
zK-KQD(UUDt=!K%-j&PYDP%<g;yLUw2)!Uj#a18GRO^Eq1wk1}4TlFe_UZ=mQ_3_2%
zkn=t=e&ynl%lfXy^Z|$4W61aIf4TPGGL`nHU%>=_3OtxUMS|SF>e?!{2LI;VCdU6O
z*>pEDvHx2@qBZ(kSC!(1?E*gnPllI}xsZ9Akd9<&7ATB3cP^nWaOixgIBb~mU86(F
zV4sfIwu{Iopiou2u%D}^pYQvyEU*pM-QdLaS{jF$Y4q=rnwlLTZho4OBkD+QRePow
z9MzN9p{i4IGY75+mf(COzlpA9$i$0@<zXf8-|>6aTPc!GWgDB&BCn@!%^yc6eP}|A
zFx<f}qB%ECS^%4tX6y@?GCVb&;Cb?Ehqa~*PJ5FS$Fz}Z=SSpVm0!eH&UH(qW$isw
z7-(44C|Y~EVxTo1Bgk>BH?xJA$3;)<sq;K)4A!jgxmHg>-Y1ert-pJrI|8kbK(G0!
z_5%GXLJ~^0;=So1-+$C;J+&%=RC~>Aa~bB21(@$w&oX~+GtykhFr|1R)OB@;=Wes@
zJ`3?9%I=tRr}{c~W;0~kbRxwR632y!s%M<6uZKCaG9qteP@vy_^+TkLr}?~kD_=m5
zp6;ja6)gIRR1P+2l=qWxn!);=O%J0QZ^LzxJDEn-OMrL2*Grp;n^BJIv6!K2@Ku^G
z#nirv^?HGBdX7$RA8;HCF@Whwg22IlflMm`H;9VJD~B2p_&Pd>SfFTlMnvoyzjQ2H
zzWg3}NLEO>BveS%BxKAxY$?USCUSyhkl?AIE((TD7!(IbyN`rWP)Zk}u*f0s%*Y`6
z!=}AJyWR2ULkQn~8oN6g8g(RK*#D5Ndg{Ab@ff^We9edon-9oe+1TwMpGx+JjbMNB
z7p{MmjWQ-qPJb&F{?5ECB^xVb0R*3Bi3BNWYizBZ1$3(iBpWzTL<!VJ<@Z?1Mnwd^
zzzLHs>(1?<E}7a-$_jmvIsDxiB(oX`rF+4EHv>1<G_!0EQ`4{ak2~yMki>;hq8vfM
z1h{Ivx{MKQOT4-qk>3V5Kw@)F&J7c3s@KYXOuig^zDZLjhiU>EX9GE>wb9iB!?|!E
z$L&3ML{GFERnP{YS6TwY(9k-Aumix#G^nQZ{w#NrKe><6c{(LgTZ;Q_L-Ek{grO#b
z$jHq}aQF$a7ZP2&t~)|90l=kLr#zGu1GudAXmWAG*rbFEX7Aiz(pztow_Q<rs4u8a
z!7u(6L!=DvG)JqT>9EquzUo-cj_-GaYS!k0XpwDo5Gl=8=kx+JFcOS6xN3pxZ0oCM
z2{YR>u;SLJ^*`t;@1YB>kZz=CECVx+?i+%m$6_MtEUUgq-~R#`s=1)KE+w9X2`5(=
zJ_(&?ei9ALVuY#pdDg?7*yUx#n6x;F7{2)N9o~BAb`{6wu;aXTetgySCVfHf!I_%*
zj3GryQ*OE#Ri%p2$8k7*ZbWMC3lyXJVmm(RdxoaW8_pIrCuUYdkx?xXqbdE46L1@y
zu-D;F9NM|Ge!^tWU0}mmsy8sEHuX#N{T=!@4nu5E4Z=|q?K6RJ6!Ds%9Pv(`AY392
zm<i;|b9YiBU?sorE2K=A$f>OQ@(!<H8WG##X0(sEXEmuDSdJ^vZ25v)?+}0GA8}2=
zq0FBoClCe*NZ?=P-(L&vzq7DNMZ;-B8RaukrmmvUCO)~?z#*?uV;#^h+a60Qdtt~`
z<hn2qERbwxNK$Xy7}$8pMRyD5`x6}x7$n#a6I|DQm+jkt8wp8Mf^<k)^hmqfN%j%f
ziTBfKjj!(uY%ejd+`%{MVurvKC2tH$N(<*cWd#+2d3l5J5k;(t(lO);bSjI={$x6-
z`$}5;Xn>j|*8CDSC3oBFJf&je5p8V8_aFqTE_bFVmrX?ntsyPIt67kprz(+smv)x{
z)vRMQQ77ic?T<aGQy3n=+b^o&^gJ%Y*&5w3ISPz!Bu+mSbm(L|6>Ekoc3XYW<crxu
z`@+s@Y%RgAQ%+g)4dzP@8xB=_)jq$u)e;-_2~Ub!YBLW@YXO0kNG(*r?_(M<lmSl>
zcas1_6qrMug<5o&nfRNqTB=eF7!T4L&xzM?dsUhdHkvMjkcrJR2g`1Hp&5X!P4~Hi
zD=bl|Nmg%%h_cSTNbu@62?5Ry+i=nN4R;jtrK*>`^4X7G^VR+Zv#4J7n_yX&U`app
z^h#11d|SGClL4l4LIho{CPhZ)H4_bsS}mF86kQFq*ft_+jNkDWOCm`nTH<BPY5*9g
zCVl37$v735A>HJy35D{EJl2ost4L`>3i%Wf1TC1T>->RWMFQX+J7<W+XX=&%>X8Px
zK5jhogk)O|zq;-8K_RX(W+mj~^UMoWBi=`FTbQ7^LF_z(w~bO3Jq<)tdKT9JZC5I)
zD;Zfh594KQ#I-6L<C!{`?C=)UNaC$Y4y%sX&#}(ZU{Cd$^Wqvh4cR6n+BcfkA6+P{
zSlPE9ZNFAvW(W*(96DBDxQJuKOrhI`e!aY;p*syhM+8~F?7v%EICQsSBsJTSJb+k@
zF%qc(OrZ%&+m>K%0<y|5eToSK6C5;}+Fi7i<%}r}Vm*|M&4t0lLM?-R-eFjxCXu2j
z3&E|#7Bs!LIK@U*i){y*VfZ``WN@Ze`pakHC$K9{o@?EGw8Sl+ltDGf{BGna)thfY
zRuGl3$93t<B8oP>>l)dAJPHzMQJa}b48}KIVhE7qhRQ&=0M|X90q9~4!0*({#jnTP
zoL{qPpEW$9q-;;q45#CbjB0iE60KW<#p-hR9HcGT{X;mQwAQHQVkq2iub*reMjc%+
z#Rs_9#qQ1B(ao4UAvi3PsXcIaR_G%tA71@};g9-8b*lY?F{Lfs!DlE_+e0MH*(02=
zB*`nD#Ro>717*<fg@;P8s`r_|#J=SCP_)}2FvQ%voi&}v3VXX6;=jBO5$-p8S#&6G
zHh6<jF7a)88sfXXEQBAbalr|*^+9aXj(`=&R=jFb#?|T<f+WBo*vc^Ow@+8jv@sqf
zBo4L?0nt~C)mp>~(}9ALuy<PU2!6(BD`L;f1CQh@%xaDidZ!286L|rAxpwbl<Oj%n
z1qWizK4Jn8qA!<XWH~d6FC6CXct+k_7})wa$o!35ehJQ=;cv9nJX(9s)iHN9loFS^
z5^m`eqi8x(Vgo(-7bc=N+oN9qm21xoahAC4+&E^5IW;rr^oGPtBP=@WJP9MZ?B0a9
zPy0Y{cgo>dr8{TndfhRLYhoa-Z}!HWVLTw3$UpQ9=>2DfzvNao2D_uUpFog8g9kAB
zK0!x;w!Udd(#d-wJ`v&j%@IP1<(H2jC_8T|YjERn$CMF2N{~C)9`NP<GJ~<TUg{u=
z*Ryq4&RA?~3IfO;NbgI@dAmsIZQv$p;kexFmkMpq49>}n8*}^?7pv?Q)eYmyMH={Q
zhU=6bgLU0IR)tV}@A-Kq?kk5xe%33J_Gvo%3(*rUr4Yg<DO7SR`)8dL2@1y;(yX3S
zQWZPP9Yk=qsM|>ka*t6dKN2o^_B-+inVkK~V4vMA9Z_az{^k=6&AvBWJvDz6hvsCT
zsgDaxe^`F>NOp_655UQqt!HJl_6RwWd-V9kKCC-C+$!M}B1E~fl+af~z^`859KDQV
z=KS^YLW;Lqe$X$K_|{YLQ3%P=XJ4+6ES>!UcHTiC_=aCb%#+|-O_TP35LBmaaJ+mX
zB*5isn72Q*13D7r<VFzqz<p8e_q7)e9tI|c<^JbQzT!^UJJ<?cf#`1qpQx`3f9Y0%
zi427m-M)&sSF8)<m^28EP&~nNzQ68OE<v+c;eU$qL<k@t`TyQtMf}$*bpJ@*Rcw@S
zL=b#}xmJxdklH%aFydJRcm(y0n7a>SAx99yAdqPDB7M>?Wv)qES~^&`GJdM~%u+tm
zo%Zz7@sp^00{JGI%s2|ueyc*UU6P%7c$iq&+UWBAe7uAQTB)-v2rUEV#$LJg`L<%?
z{S)41vsVm_x7lD1+39()Uk2I)TS(M>eRgJ&(P+?4<9V~6dZ4!vrYPHBG--GR<36dB
z03&+Em^^u5S}5=OF65g-c+==fAC}sDX2)cw?O5R6YNxn2i4ktukSq>8dxQbGGRdw4
z;c2&Ogz|zHb$>GqvYw|yEUU%I6(vc(T+$-8ml)kbM4PROP!;R2XH?3Vj?$?|+Tgbx
z^<!Lrhk9mRugM&Hx?O{X3M-NU(lJ<;d`YS2D^$iI`>KcXN%yKG)_C#<MH&!00>vyA
zyixEKM!*=5mYKa<lVDyK2_82g;#_NwW<~WI;dS^U-=08v(J2tZfXmd!Z={%pL<I>9
z+N$EbWZXJZWQk7HYH|S0qBVvn=Pwx!><P!^XibTAG~Ij;9LS?BnV@y|JpN;di+W7Q
zEXw<@M_p#za)aHEgqE{{!yaxS+e^<xN<C_ErAOp0U?oz^;D#=RM^L3rAyu6fLTTxB
zoXlQ{a+4YwXeT(zR5B-LwDF^BqWd$fZ)}RRCO+eWOMSq!nypv6(A12HF$mdx4kLXj
zr3~87Pl`;L9&No&WiVKR43WzD%;v2qOa>}pt!JF-{q+Gg^ym6uZkX5azB2sca1<;9
zCI`VIn|4q$F`T%Ry*`6aXHq5M>Wpbbwi$bi0zd9x2igX-0v2-|QR5FUj=Qtx*4R}M
zSzuvtElq;87JJ0#m3WCEvCP1BV1B}!wiFS$^!Y}Hf5RIgw5FHFV>g9+u@$e&Ezm)m
zLd;7n(|73!^P)lJVJRqhPd|XRGYb4fJ|6Q+vn_Z;$>PqBH2+Gnsok+y2w7-^GoHM$
z4^}l(1G3wv$%i>%SXaruq&x}#kwI7H(<8_7B=`tS8=t7~f$Fgj!ba*E`vw~@^bYsR
z=0<;uvm6j+gVIdj+UESo5sYU&KmljBw+h;&#oisj#yYl0pT-TJ5s6V!0)>AI@^R%;
zn2~dOY$o_31>R4Rrr^J;i1ZpcL5tJS5jbIN75N+OH8_Q)Gr(=CZ}1V%=APWdFX}*2
zl+3;fd!KmD>0!MQpWvzi;~o32elIWUuBY{<S_gvy0uuS}{Z=DwVQck|JXQ5V6<Y=6
zQx-(}`!_(*GFoLxKFcO!qlnE!Q4znDCBHOKRnzjoq{bLULYf2Z_v#~%(|gSKIkM8v
zT-BBPZ{B1&*J;x82<p!u%lq2D*LJ#ZcwXLi_&$N{aq}V2=@W(_c%BjPMJA@0ZHpYZ
zIHyhNLp)%ic}|C=8#g5mY#Zr{9q86m2%C?XRr5c5z~Sk0hDWx@ck_bfm{Bm>j}xo>
z!Ge`-tt0Y`#u!M1d==IlX)0}`?1ZefgfXc(gKL`uOY*%0FCojv&D5zmbwzwhuW(J?
zg6DOpDrY60VCCBU=%Qwo`g{(`Qx1O2x$u~&sTW$9B{QoU%hTh$b=M!Jm&V=ZZK~g;
zt)jM*T!!nyahs@x)`eiO@l;GNh^3eubtJFa5sbEz9<9P?%Di@$4&vbu(HsQ&;X`f|
zQh`v>KO}<~Tvh_uek%-64tOAG#_t4=CmgpwSdKp#t)-0hTbjQ{SFvSzf8ecYx(d$3
z#>v5;N55vpP#d<Y1Fra&4wLUu&$JtD$PnUQe2iW44URha*TXjVK;>)QV*EOBON>U!
zUiYFGgA5jNl;|XKyjg)Qkh&8dLX6{ma7t3_Mf)FE$mTEB`qv+htkLZD3BjTgCDc+q
zR;ta_C-#*p%^bio_Z0iG3BO<foHcI~*l<kTdX3a(GbjFhl`8;r)2Q*7hp^r|_g#Cr
zYs$6}s6EbZW)DRs?iR7RA|U&;n!~pG7myhT*Qb$ZT@_4~>mXLdA10D`$|g$Q14!d^
zPq?=1c_#N)KhzMa;uyBi?RX<*<mct54M8#z8-B;Pp;JyI>Y`~qXXa(hATHNYK_l)#
z2hSDvRYzKdM-0BbXKow+0L>msA!pD&>Mma;gd7V+CWyI93MPY5+N>S*R0CC^wP8FH
z&J3<;a1Xb`xX!E>Dm#wnEJTV+?xwW1EXPWd_vP8ZBM)9vDlK#n<`FYh3ds_LNqPku
z)2M+c{S<{|oK2-R$ffS02HC&h5zd`EuDCJbMztVyRxp<U58`uk4#mk*l!%L6jMLsL
zJaOJ-&SzOPG;1I(&CyLr!3xtWJIOK~Am9sM6eDi9p${rnL+T`UlCYCUPhnljPEL^w
zdW>S!@SG<eVCfXV&p)k!rp5wp)XmS3<tpfMdM8<}ab^$L3xvWLf~;EO1ljI4S-0Ty
zBik(l&BWsVl@IIL1eR_oSi_vRf>ipOOA+GKJS3*2w~6#U%ZS;nS?Je@C7unxMtG}|
z@S8_%1qRiMF2NK%-#zqm&Z*A>5)U%OD2%BECI|nGK0YqoX#f^e&IkUnpXza+8oL|P
zFZq7%JHloc_GVt>FI(|F@K=Tar-!YaVVTz~duTTYY`N1y`WP&<TVw@7J&&!N!4(vr
z!4CJB&Z`ml#E_@49h^BP@s9utSR-r4c)SsYxIxC8!TJNXOgs2vM=5%)bO5PQHHF~v
zi}QNPSx?Ngf?*9GIFtRsf5=+C-#j-30s{eU{;9Hs{(I4jnDOtit4UePZh;@+a~amb
zNE>S&qOlVInl4thacfRcBrhUTj*=TY-*HjBNpsCv&z9u53qjzp$1i|`VCI9k|1;G^
zaS^>FR(*Op(yZsj)YaAJ{qq%;A8ZNc)nP#p+ymNTv)&#%0S!Q&POkA#Wo<Y<h>N@c
zW6?yi{|+;7;EC}v&6;8t6v?y49FQy*kL(p^UY_bzC0^PEvSdMgq1b>K)L|=6k_$!<
zq-pG~c?u|NosKOJ%E&aRr6u;ATVLCqOYcC8B~gRtVN-V_%6p7vC{og|RVzGHps_zl
zO?WNDMtcF67<=x?E<};{k5Z;&2);tOFQ{luD2jN&+;m8?_)=OnLBtNBf)iz$m_Gn%
z3#nm{LO<HLt+)WIy-rU=*<6>MOGKE)TR`fymlsjJUF&6NN`lJLZ~&<V%?ZMX(jmE2
zAT|@m@FBOy1xMRvEDM)Hrxc+FGF<siFR8X#^w%*2XkeQeY+&#Y4eM+&IqVFBOs1u_
z+#$qZ=zh43vx?gLRa>fMO~vx)ItA}7gip&~5h4w=&MaAYK>px!3fj+0sE$ydb9g{~
zcx=(0IdI6#$;oRweB6(A5tORVWUIMAS>>%{dZ?%s;4YF&;@C}FtgxxVE8FukD`uiw
z7EH$oO2`POO3gjX_+|o`Jazt==eH$x12i4y5?d&O@c^V+_6}9~fH^ES4`Y1BC&Nqc
zv(G(NU_*CE4?`R;YV;r<;asaaCRT7Vt~c8fv#9K~Hj)NELhnnGifnV!lggnznEEL@
z&n_YA8a7MkGJ7)0wWmwzE9M!#{Ude6Z^QTs)HoL;v;S!D0#HqQ!2+nPT5$jolAsS5
zU;Hc@;|#C+4<u&}$Ip)@00N>{|1Vrd`YXx*PVp%&D0k(hwl81PwuB69@nDw90a600
zj9dd)2LA6*sbHb4GNdWS`iu$F{rO9@)h>Dpwc%CJ&C39FA!g0WH`R*AM-8p33Z3lV
zOTU}eS2S}HpT17E+ZqnR!+M{1y6N0Fo-%*kTwv;ct{m`z{#@H{!@1o>^=^x&+mSzW
zMAfTSy~RSU8M;8})E&aU6$P`q-<_f?b%&nmR0)b}O~|oT>WgUkbwLZ}_G<!{()oZ*
zMLoie(jDEmErIM>;no%v5S3zgceDX>h6i>t)%SMmgZi`&g7+RBzBBYEG2q!gBJg?P
z)x$fU;6;5p_y&fra0@|+a!>&HUFweDh3YNcH=<J7%ZoaG2i46zmV#gI9!e*-7lRR3
zl2&Z?d~XfM8!~e;y8!+EnjcQLHxao_)%HyJnMzkf@r;a`ynpe256<_INOoylxnq3!
zDbtrzRts#WaJO?ugZJ6yZ&y)^<=f}|Op@>z4Y8wgt0ukaOAp@jd)JHd6Wq6A|K|3|
z`$Z0H=Ohju<vjpU<z52u6>;NxI1%Fgf-LvOWc0j)_a5QztC9!Hx4*^rdv^!p<LhpB
z$77xkV?qvN!ngdH;<Ls-=kB8xK=6(pz?To1+rcja8Dmf0FX4|sE7EF#oreJ1e}KqA
zX^mPAaEO~A!s0u+GYJ)gQ855kkfwWiull*-@nVr0J`=VVj?wpe9}Y-~h%3h+5oKES
zWt8ku70x3ZF14@1s0ekS)TSGzGV}+qg@={jhDn5{R`$~v<`Wi|)*{~=>XaOZTRevo
z$|@MJ)q(TsPa_3&3^~V;@29kcz8Qkk>5qjP9)FQ}6NFu&kZ`MxuO{9pwTUU08j@Oo
zT%$IiFlYsZm}@bFTpL!4Wu7Dc;x_CS%RELb@e(c~MEj1S?BXUyr1kjwF{`f?4=}tB
zscFMrDOMr$sV*Hu5UE}fvJtQc$1!^q<F*`lFoz5Ia_p{DOLQ4Smd`1u>qw3O>pFs3
z7t6{NlFoJJPtOQN=fx(rm5vH&bk6$L@=Aqtr(a5la(0@_g6iVDQV>{SCZyzKB%|_S
zy<S|+G=~=v7?p;dzOS&g!;*0f^OW(1O<wsh!kHFqVDZK(=F%k*vv8Qnyjb#-Q#XqN
zc!7fQ=WnG}m#*kU3q7<njpsusugAo{YAIkF&GC0dAexH~pYn8<qQ`*-rD_*~G8CvJ
zBn=BY^Al#q*opJ5qBm#meHBu=(x7s{o6n-f0M<<f@1(`p&TnC=fN8eII^DR-OUc7V
zs_?(2h8^D@mjKERB;JcTZ=SQJ$e2c^!Pdf#7iZ^mu5Tj|VTv~MT_4fFwIJiclayY-
zM$)nIY+Tzx%SW`+A>M_r`Xv_dZVN|A`rS}4>qUJ|1UryY71Pez&N<?3;9Gk4DSO<6
zRrni-*7?U4QYRsr!X*ibwRGS?AMFnvdbGm5a(i~9r;z|e(TQ8o4XXELeGwsI9N9qk
z4nbe9H~whjA9G{$`Ir}>19#Kk4UTUi+7Z*`z)|ke3t>T?H=^@DKTlf|O@WGt1-Zr!
z)g4~@g!t!!ixYs7kf;O0K7w?&${?DlV}!9`#^k1z)0#d@d!%A6=3urkWzHFZkXLYX
zTvrdK$M;T6tL*7uf&=b`9yA97TC)fP`iAri^Ic`8e*fH_5=Ux#BFr=;QsBbe2<_X#
zyPV}vk74W93|+aXOYITj6Y?nz6VcegCX@-|H&ZDk60FJ6p@>9~t)sVr8bR9HiZj=?
ztAT<bly-a-Zt26lM~GDR?;Y!G3Q-PbA<H;PkiqHq?94B!vjy^BN6KJ5Qvj`V!1SlW
zxRyouDWS27ZM<|ZMs&O&nPU4BGaf3))zC`D$akGmgj#hFNw#W85sX3&R79De6fLQd
zkqrUL4&X|h&*;!LAgdanSj3s27NDKH*mW+>UTqh%;UotdrZKSKuS&BP$cMMrI94Y@
zc0Kv!KdM*?i4lv4hL3-o*=!P+kGnNyf7l}MF=&b%uHPg%SV%v^;n3fRIx-aSz^L(g
z$c`F_6N7aTNi29J^I0{h&22UNty53jo;aUCM44(Ih7x4#7UVLSgpLglzlw>G(ZlgU
z=i)t2zhlRl1)1iT4j#-IY~1s`IN@gYwb+iBx@RVNWdnS*o;p#qWZb$8-YDc(B6^W-
zxgbIPfvqEVg<S4_g4P2BFbXo(<CN#mcaHvwk#QQ|)-Ia*F2c5Y$?F8ekGu9dWPi{)
zYp$h$3AsgEjymI@+)%7=yu|3WBp0G^Q|m^i_c~KgMeJ?Mgaz3|b=xrKVI-{wKs>a`
zW}sB0DibTtM5qwdd<38)O~HxOPSl~(l#64$mTwVhVQR2$yc-->GRJZ(ObR;RIgC&w
zu4)5I5P1f2xLxQIcbGc~Tr;2GfFwq@+(i5^ihLPeBfUG1YS1W?Gnmk4o?+xS?fmik
z<xRN#d}8W@q~&*;8h_<=tE5se3F0DL%%ZclH6yZi;wh%8y0J-n(N&VI3-(`7!~348
z$jKynlL+UNu&EY_5piTRao8^)o?^3_Cd0afOBmwmG5$S@gZGE&h57Pr%eeCes5X7}
zUPF}q8{Z3bW86g5yB1w}I*BCKYfHC95>0P^Dia~hf6SFf(gL82+|z%~D^K`39>ysY
zosfydTP~xlNthH=iNHy*n9gIX#3PnHDWoZvD6rR?|BM<bZVUc|1+@b=QeW2Q5~=c5
zhEo$M_{2SKp>aJRtHNJggYQZJx10n*tuj{f@g+SYL#gw7qs1jl1p^Vn8jEJ)*c4xQ
zFt>468nhqKt{!Anu{LFEE4PpV5o4|<<}tOCbTzLhlK|T@Pr9TXMqvobh#j_a{pK2O
zbJ7c5pE5=0^@xFoQ@X*(J7E6`ok}!XZd_3otHI0PFczwJx2w8^Q_++zS02|VoyFlq
z8sg=VmV}i(G%%LJ@y<vq)cEl_I@VTlzd3wh2}vyuk!VRxMlfjvnH}U8yM`*CK^SJv
z&t|w?J6SdEL1f#W%8)SN#XhVN22R)Kgw;8kQnD+Cb=`Y~<qh=peTkk7d(%2nm>8bO
zK!kdJ5KxC?(B~ju5~>NijZ#7GBylEZLtg0iEF_b-bgFtR96o!rGgti9-@bhvA?B^n
zMS}>_^akTD#rzD3&Fr2gj!+?z1#Wk%#M4<523`lgH;HWPk*-cPy(mls@&?IU?3|yI
z%j}MpO@s$GYrnj!@>~bbmj|8Q#|6`1aY&vofjpHjf_TAPr)!;yQf*<PvPLaJy(C<b
zJ3g^A-`RP|EMtvgX0?ywK&v;su#4=_P57Q}j{J>r*63m`HmUGX9yQ`j0k0}dlt_V4
zQGT1{QJs@LT)h%X$67MnW%n8&(smd;VeBPpC-*i^&-FZC7M8nO8Afx<;HDxhj;zxv
zjBH@o9U5vY<1HbKint)GP0U=UV!bfvS{D#5A*0=kOoyUZ{Hl$NezzGhq=sNAr><EN
zRuf)hv43&PP~aIBOm!xqO-U<Miir}NY(KxzY#%}sm9>=Ks;!-;@Kel@oQyY`abNBJ
z2s^!1vhjOmQ}>(kuL-xk$p~)|^yzl<U^<LnBy$fhM%~8n5!=miv@cj%SkqSJwv{>?
zn}-+61v-5g9jT7tgA`Mm3&Tr@6~C4S*%ZY5D2;rX7%BF#WV9oQZ!VY}x>^O0*}^kM
z5pkOIR|cnAi7lKg?#wa0pr?zwmNr{&6_yS+%EbaQT$Nv$9U@wj=(t!Muq!4W_g!T!
zk@N~e%|g^)^q0s;)=+k60>iF4SR5c4epmxEOM13eiZ2Wz){L(<uXL1-m=02AcD6-q
zb0k@9O%b1j2qw7FBfPzHcbRH)w^&8;+vzZ#z}^i!e~}n^dbN>uk7afxjCDs$Rfr;c
zr3R2O&nypa8G8tywJ_h=G)KN$znJgiIncH7Zz#KqQyY0<jaI%fyJKYw%+9k2AwPw^
zu~ZsrW*#ZiGCp^Cd+-mKh?73zx`OW<ozmB6;z2%>i_oL4w}ds5KUGDEuD{#l;TEAS
zgynE2Y$|aD{e%$d2;Lyq48I8rVb+#o5ck&Oj;uXxm1LE<8~_)&Tp9d!2bsrKx-GOW
z;Pnw^kGkxW{`@UFCsHxZ1+?LDu1_%w%nr?Nz92Lp{S-9@_r$be%-JSE6PBx11~Eoy
zIrD?(Ecta1xscJiFx?$VL5Q#U?i8NoSx%N5F0N*fM%<Epdmg})GAR!)!d(=GA67Ef
zwf2z;WMJ@pUIh<Q1nJ87tj^I$u}#9fO}cG$Bb7MWEWR|%Y_I{cBHApbOry!;18R+0
z<uSVP!=WF}R>~B3dWN@@>~1Y9YhfM{6O)21Hwx}+9C^29awj&jwu&JBbBOy(LT=@i
zjQRJ7$r#Ig2aB61(Z(e5!)FL`fJ|k>TH~#IdI_XiW~eJ!f25HudmLQsQ<G&p=UI<w
z;Yw0`zw$3GqjUenC=(loDcguk<-i&I_p2+7E%sj<FynPi7^r!E(@U?>N7Ps=#qxnS
zC95(m8$22{Q%9av2ZcC@8`&P`dXmpVb&*Je<*JWWoNe?bKU9o_YzD$7^)8L2HDjrv
zt;=-`abUkIqr<komWs_LBaRlE(Xz!?)q5w~sO_DW%;BvYtVOrZsW)8g(GXP=w{Mg+
z6EmRMXp{Q7DHv}bo@gt@X@;VBMu@4NZ$uq+l2z3nG*<23a%co@s?W1TN;bpR!$pMk
zh&1E7hbUd~;U>YyV?_&)Mm0H;wcrt@%Y6u%$rh3gsu#%I7(oA)3Q0weY#MwhB$>b`
z$uxObuRyw!EywZy*0Tp$oX*EL{s5NN(3)m>&&yJfj#Jf9)>PJ3jAw9PcNv$V>i<2m
zVq)8|N+rpjt9t=o3Rb>P)4B0QIxC}8YYJjJJNKwu%=95(K6)5+y<5PO%}jlp5nfdB
zvyc6i9%pa9?^C(ri=%bJyo*Tt@#|O(tT6sM7VkRLO_HaKg`EP#!Y7`hEJsxu^EQQQ
zIfi@r?yUD@iqoesYr+cK5}_RYV3&2BE1+*J+hX3kGUe=I=Ah&k`INNjDWnlNFXHh|
zjXem2L2(ry&$&i@sI@?<`~yeBF#J!wDOW&WU{A(8KR^@G1jOs%v*^{o@`d$|#jBeP
zPr~y&op6Jk$sDc~<WP)5U3%;_F7Bf)E260=&U=^DmsvXCBH(V?)7M!lf5SeH>Ii;E
zyS_}u0xYVqsI#qa6|*r1FN!$SYKnD|^8)nLiQ4_!+b?(FWg+inlagvyqu`8vyj#pZ
z^Yo>3Ft_w2Qn5=9=91Fr^T=>_Gvc{9%pJ5a+b|XDn6cVq>S#3MYoe?WTT3Nb!p)<Y
zVa_)A-F4B2`xwQe84>WkQI0i8SC<Qgbb_Id;?rM75jv3Ar|*eEzU(Hss3V<@CWEI+
zWp$0Q^0pyc{JA6!3R~xscWvV7zsjQn1wFrK8xQFFZp8oKt&6@O$(S;#w2U*?M9bj}
zoaimC*su$f+O`xwmY!GQDRhg2K|sU*7>P{ws-?Slp{GKGWf5C`<p5TJ8I1cD(=S>w
zn5JU|J5^2(iGnG~C_sz9dbWm--!}U7Z1lUt@*^V6g&vB#77es@@B3jd25<kj+_!~W
zn5`~v$ZwD{3k^TfPd|nt-TFfKFmLEex_ShE=>_3y-PFvz$<1%;mGrR9AAg~kBEs4A
z_ssp8F*oL7KZVklq+?e@_uAsgb?4!U{e|LwE~)#olUH7=s|`YcOSwL#m}7V6j1x)Q
znFl{}H^g8Tyx=>(@cC`>JE^%h;XBTDaf?ALe9uokq-VEN8uVLwX~kU~Fdwil0TA2Q
zTdQ5)n?AeKGzLvkY<f}4JNWN4g%H7&J9G?Yz2)zY*b4R?V3A_JQs4P`Kj3`i-XLv3
z5$ij5z#fis-;CGo%q8d!pZNQfcB|-q;N44k8DRKfbVF+wz0r&0ricSo{>)=XCf%jJ
z-NS*JF}pPG%Yeb}#fRLMCw%DHjR6fCdjRqQ=LO?!G=E3l`jYkqXo7yRy$=QN=DC6%
zSi}aD!1LegK~dklB6?e2hO`B8&$Q=0e~%=;4v4FQFjy?0=X@kTt&7DQ;RYBf#T=M_
zK6lYKUIVei^$HU!dj}$Q0|_Zg#TCUf#E+PpMZ#>!rA`L6(c_b*!sv*40=536??_K|
z!Hw)YqlY!?mDUDza-f(T8M4Qs^|RCluc*b+tOcJQKAQETB8Y6N1yR#_$Px8?V0*^*
z@9Sq_zl&aESwRF2tJHRW@v;>V_{MMw@*FaDx&n!ryd!v1sGF*-r@5as52ECyuW8|9
z0-vd<Y2EeI`=Cp{uC@a)R8<6#cPM`@QSZu$(g)*_16xEIRuZcUT>Xu$I>?(FS=5l|
zOa>XnfN8Q9Ej8*wAFevZc#;IfG2yp2@K@o7>Fjt<U&#Zr81F|-U>yQ4(H8KFv%2LP
zSFoTn<!y~7SoF{F6PaM#gQUiSkZwELYrlHV$`oSO2LTT&eC5VuoWL{_2m{q0e#qIk
z%A8WrSv>Swm*1YYiG1mpN~@gXM976-agg3O1y{Pki`ybCs-4OBP}|{EDDOKQL%&nj
z0;wW?dfSnnR_JGScI2jOgY-ZgZtcz*BJu2U?Dqc}MS717u`$;9rWokDFAG84OH&If
zR0z6N2%1%k6)-DpWHy(YGrS$|)k*-5CNa&Sk5z?w`n^fh=6+V7H8V)oSpv^il+6P8
zpr8Q4Ng6L3b{tXjTv1+yUQIxzj~grm$UH}&+g~UK0Vd=z&L!+Q>O~APFdoa)inNHg
zf7vQ>UV3r__;sIH99bX9(;<~2r>l`{;v^5r@Sv<~x7;~?<j)fCB25h@H(=S&+dcI^
zX)%_dOK^WK+yvAGRfF)Sx9OuFlAXY6^q^~s8$wfU1zn%)F=OFxfJ9Ix2_7-1N7h0Y
zqqe_zKq+Qwtb?d9r|@jXJ-It$_HPr}-R1MDuWKqw?pIy=F)b%7FJ1=uOSV|N1))HC
zAKoFl_S?25ggQtf(n1iz(-ACnBxW9%(4*0jZFB)o_u9pdR{OKKvsm|9<-*nkLEmz=
zqS*Ooxl>&ZZ|uo#LV4Y?x+AzrDP+sMZvqvu<A}x1stVvn6SKGt;LR5P=t$E^F7Xmi
z2N^FJV3!PkBEX3XB6dW*j*DKE0Jx?^a?|1n?MS$i2G)V@;hyy-4bbNpOACl|!3;b@
zjr;(R<OudT-eY>q%fLIO+H!tyLX8}NG8J#aR5}5P7y~BU0xFF46f0q=OBpHTs^C>?
zKPsi+vy4)yJ7b(rzB!)nfYI?n9^4VIgW)GjQ?UMS8l|ltrDYuZ9gl2mh#Q}agTRr~
z$DTi+*ohh+%pDihg-(XmPELx%q>Sa2!d&Y|{)c;L@vPP5&R1Y|#emD3fTgOSYQYnM
z(hBE>n-c@V>p$LJ1mAg&{WA0_DVL_a9Vc<5qnW(8<>5F0euK4=P}{tuaB6Mog4Uky
zxhoxw6O?GfTrGFaZQSLQU5_pquNQpjA9j3S>@#6;4rzi8#;WAu6rXxRf86_p*$Nb#
zaNW&sF>j?xy$%{Qn8a(pk6btsk_(g*wD*ki1#g)eIn#^coxMK~U5lVcOyvo6erFOc
zRMV?=r_u`Wg=yKfDx9eq_;?1#>Cfq3cxH0{w&SmMi++psiK9ExvWM%f7XAx(z7N=c
z0@x{T_g;F+XKV2eM_tf$Z$N@L-m_I#)X5e3MiX#L+g3ZK_-#9BeR^$aLvcjoW@nJ%
zFgueT43EuVlK5?xc$8+zh_<7B@9=zA4Iryxk42_eI{y5O2}98Ig04*E4(Re__j<L&
z`XD=8yO?pNX8fUn=eGxH4{|2Qb0H^GMsTskXfSG&MM3m~aH}R^JpZ?#6J6uwMUcze
z>W$4Vx@tSGc~RmX_02FId&a{_CLVhW`t*hv=n+2{K~MH*8qv*rcc}2_O$4<97Q+(=
z(h>e>`lq<VZy}_u9Ezf6=*fYee!}-q;paM3j$_1(FHwt-gjHQ~u-@h7KEvPO32U<9
zhLeT@Z#8k$uBjBk2lSK7?&8)|x)LxG(wD1Ji5R;6idZ6?brY##kBL^*mbI%&>4!2(
zbeVc*#y`xQD5*@8DpJDr3@E#I<lhzN-xw`eirYKl&t(k;Rv>JuE~h|34$V8%W;BO5
zG(eaIBZfLXh%I`Fb_vzW0pAXSkV&D@C(&)q5%A1W+GYtI^}FN=zTf9c9S#)b_Zl91
zDuw7Ij#ehOk4<(?8XlXFGU*s|ObRxSKrd*o2;1WjI8$#a7cpg%x-i`+#hdv}W`hxI
zCQlunsavAaZ%h_em!h+hG}%*g?G=h8Yfs;~J_wd5^G~3{@3|PlNFx{-lw;&1@8VB=
zbQ7%{D0>l66d)MvE?Ms%O%0lidSb%N*Lx|zyyO$Zwy*eKH|2WCoHp}MB$V-K8!U4+
zOf}|K4@v`ulZcu8J%>YPp~kiMN4<t8r``w(T9KU$D%nwsBRu4(j|Zq7(vy5*z+kCL
zY4?G+xoAG7!R|2KjhVBA#i#n$NXc}G3F<pi<xFdf@-96}zo#C&eqYoSCDJj5GLRIQ
ze{W?fTb(vW+7Bp8v?4=w171T7H7RUe+C^p|?o0|ib4(>r?JYA*N-~)FE`5^9%DZED
z?tKsBM51((0k<Twc2btCIX{XBe4J>>5u-y2$KpJn{r0Pjn+Z|}Sn!(5{}lOs1tg9v
zuLGj{0Yz9z@x&it5G$<Ml$t)a04t^msV@E#%^DPDR}i>%6b%U7(484*Y6KF<fdN%F
z_%m@_F&@q6w{6C}D>5k^VhY~C_*64hMP-u7v1ABaau;)E^P&MQ>ifp`1pE}mN@JEx
zvF4dA0Q&VsfcwQa@rS-;RmEx>)1L%W>#_vH9Rai`MsWRL5PSWVj(UT=6#Kh~Q1`(b
z^W|3_q{d`rTo7Q=s4tX3{*i>fj9>DLgR*QFuL{a)zHQZq9;0NDwCi9TB!SaI7f)t>
zJ+Tij6Ndm=|G0fBi(Rp_U7bX#WqFBAaGyedD#r7uB(z%^Q@xT|AX+XCWX&!;4oE$o
z!P}l>n_E4y+Z6ujR+Qkd34_K~M%W-h=%79IjIjP%X%qxCg(6$xG1OxHwqeW+nsuvr
z;S0u=6kN(mY<{VWI=`Rx+Bz~^4l3wpK{YGbWg{d*Rj_hWauc>yspnf#YZ-|=4d{!K
zW@}7Avf&XWPyHsaMcWfz{AYet>|gX<2j)KU*LU}lYIzaATODuWb`$`=qPlWb+F$$t
zJ0JDkse%#^WOzgOyy(*;91WFRhdfoYsBH1PTcB<GrWlmA1ku})h^}PPNG$?st+>bG
zTPQj=Kcn_D?5kU$*GsWh&hXIOwBRbiHe110ByTY5aMTB_IXNUoMdKM$Bu|*?=A8A5
zc6kLyG2yIBrB&07EnX>F;f4JCr{*Q()MbUTnb*=hBWXZ9^Iaqm`CBl}Ned%-^?i-P
zKgxKMsl5if2IJmBiJk`R>(Bv1AcJu?g(BThXi>=2SR)wBaKJNT?@W9PZQc`u4Vy5b
zk443!WXZ*nhq>0@@H~1JOJn-#^!g?DK6vf{@B)6%yg}(96yL9jpm^hh-P(fO+QM2w
z0G!oUK`J3wL`G9Egk+f1B}iIqu}fIiTdB^NgUjvlC|X{-<<dS_tX{FtYf|stFrE7j
zj@Um~Z3iSIDjqZgcE1}|RH4R9H17+6Xx?dnl+KEBZxlX)U)R^x8JEXO!${&JqE2+~
zTGGM>87vL@Dc-Pb=5?#OmY#X)0EmQ?XON__iITbDk%yq=iFE@N?-bKZ(X{e4sf~Cm
z)Q@sitdX*RiJbNtl^n3-ACL);TnLX~3y;W!MYG8P<DO`e;<B8jzIr&XlJCzzZL~mb
z=pi)s1XAp0F-w<drph+aKmPb8Ju~o2M!F?URWZ(j#J@_IRAgRVk~e1P264WJpwL%p
z`4`u{Xb+j)gHJk`iaMGyqd9c?V2=a~P3gkrNX%Klg;pC7HzeC)(nDWV6-tKPc~FK_
zy;VHC0J3j>=$!%<tC6%dGln3-I+W^s0|t@jeJBJQ>`#S}pBS(#4DCS-?MrY4z6hc@
z2%;engQX4lq5{wbQy}hXG#HFhM=ybhVr_4)`eY>5ElY8rcD^vK1nPKRs`Ex(*pN$G
z%olJsY!jZl(|D~D9U*wv*Fko3PVn9t=jm!wQRfx~UWcNvCdZ;q6O&P@YMfG4S*@$B
zYPLgiPenJ6@onfDHy_FzTRDc&mwfCvyAJFI=>uRBxVEJ(<o3k_Ac$gcn}_mys$$is
zvn6pD?Yl9JoWM$_XHWI4Z8OG&5Z8nBqM<fsf=sRp35e9gKY!7?qrS&SZu~NaVat}|
z16RWvN=;+CVwi#aU8up%iqfLWnR6W5mEx3hk|+LqTN`Ke#j|Cpft=x$BN&9rS<x~{
z>#UfoNK|>Tius<(uq;V`&Xsfm`ejVIb~ET2DSjEmE9O19BRbLW=ubLcCeI<P<r}iW
zr>hRv6lh7qJo?6APr{+;+RQfA(f28eAsYj>>+DXj!T@uRGthT|@hvDij=qlp5ROxj
zx2XUrg=3Vv&JaDwh^L8zyo(b8PwOh}KY^35Cpn_ry37D;oBL)v;!IJVl&Fg)Scj4X
zO$#n!YGB)M7&qCVZtg|h(mXP*a!voMj=Pnj%0d|wz_w<*5UN;*l@>-3!r{fnSQkch
zC_kM`=*&%_+N$##)DPZ4F*@UDtcevL2Zkm=15;v3-!A?~eY9&L;@f!G4^;WxR45{x
zhESIVgL)%dO+L?dkxS=@RSMENF#7pLi;GaVdhY!Xd-(@qYEN2%Y_9q<iSzH0xYnCs
zlD?kC)Q-wXJkX)pLBb=1`9>0&)SOtjsuBaM@Z(E%By6U+KG~RQ!=|Fe+)TtIb289b
z(O80R9C;o7%x)x+&Wpt!t97cNSS+WIh4;Q*3?Coh*XnaW*q6pCA`+T*-P+Kor_23u
ztsrxn4rix{z0)fnrlDSr!@7q^YiKfzm4uJJayjX(Rr;4-2e$cZwV-}$fWBQC1y>ah
z6o(%JU-Y)jql9#{7NTowj8QEXIjl#ar-xM8zB5vRUpXPp>7y(h9D4gNL(6W1Ex1YS
z30Tn%*QC}~u|V|B*}+b|Q~FG0rezyIdl65;WW>G~5#L=jM>J^BxkmH_q^Mu@zZEF}
zS?}j~bFV`0c!A>lxJ4Lhzu^N81Bt!moz(k%x8QT5`0MN^n=$WDWlfB`T8127?J<w#
z)Wx0WnMKbKm?N9BP40yz#y1&y#B>92l@2F;9%{lUjc-*bz%%)d=0qw>W&t2{CgZn^
zQWtb3Z$`a6RJXlN4=Yli>rzi6XL$Ku_**ISA5iUl5>NP?PWmic@Cv=%V3EFTSS?>5
ze|<Q*cuzj2_5f8ts=tr)^`}Yx_wK`{GdHoe02+Yhf2aAINNetFV=WRh_qYEX5ZM9y
z+VlB&3LpBNmx7S-q+yW8$ZsvVQ1;zx0SXY*$VS%1cA+{v<=rfjzez+{y@bf&Z@;Q~
zYP@^ot@>oB*Zca6qq&Kh7(X2M@d*wl{}%f_IjP=vKjfBK_5We*t-|W+mV9r52Nv$`
z?he6%ySux?!X>ya+#Lc0cXtTx!QCB#yZe{!-n+Zs_dDm}?Cy&>pJ&X=Iew!?)fn}!
z`q^LXG+9zrylSR#Hpzi{A~Hq}5+jjW#7$0`jtBe(y#SRXeMqD^;-1Oa{Z7OJHWIUw
zX}r=5XbE`?!^R6D4&bMavYH%%?vC3ZVE+1FX7J+slp(;t(xCnY(fHr~i-|qZ+{)rV
zMB`?vM)s?m$Zrz{j%b_>P<t%|_qnjAkac21wq_%7d*<(wQb_|*m<aLG#(<X#{$FL0
zE+DX=A+L+|b~2uJKYm&d%&hpfEUz4(fG6>avPK>MSchI`hWGvX#qeqKNbp{?Kf)+U
zLZM|ev1zHofjl8D{KY8J<-w4G-=`PpKCt_>+k<x^sbO^&2`hXaNr>n}QAd!-kPaO!
z(Xl-26h{)m1!6Buc|fxTw-FEQRLFkafUv(vxH2T0T@btY;(dracp}}_;Gwe9UXXO^
zn^HrHPO*jz1>k41W@BnJ>_s23^5?2B+n%$xr9dnzymg(!;My#Df>5M72DOU}$945<
zY6&P9qF21Yf({{=DtV%qrLL8?$ex8#rX==gq-2*lF?$wET?fm83vXFh7;$Q`I3eTp
zpv9bd1fHtfM4J)<9aG)C!s(%A`2rHx%|>b(XxYMAv!I<s>dMHLTWz{RgYS*X&B-n?
zV+=S&WAJbE&`haUO)JKwsi<pU@`A-*faxGQs1R&CP+J`Z<87b(!Cv%0k4)88LA%g}
zMkZHDS5X{A`74VgO%0&Q>N+}v9g=C-;q2*h_}aB@^b^|*@x()11##HJW%58S((Q$v
zbUh#;sb-wh7~O<kU%WkT0IBAy?)NPmbB~00c7^WGF{)AKF}5PJ`?#q+fnxNVFQx<6
zOO90u=-^AxRud`h)RIQ+GR;!rN&=!QX#?fxYKNe~CxkL%z#*6J*CxcgVX1h-(D~vj
z0ZqzPpI?LvJQa!51=zZZ74({-x1=FODN5a(0>M3$9zP&xg;J7Q8f08ATZ$O>Zoywu
zcw~$%Ow#+mMaU586+K}*53?SN#MO;)m?l%=<+QkwlHy1rW6i=x+Hm|#hb?NkW6akO
zhP6T_!HS{sW$VOaO<zM{ZTIU9@_{yz_C-zH;VTs#_cA-Uuw9IFKll08*0Hx`6I^_0
zb&fE)s=S*;5OlYeNvkDmvrf>#3;vin-|Vs8&bHy2Th{8n({$A>UEaU;^0q11xfQm?
z1_tcQ>e0h}<1&``iBa7&Rn1I*Q%ttc1WtB<!CSt^=0Jh;Xo={)$6!MxAE={GjRHqe
zp?SNoW0tPJt<wLY;K)g^>LAhiH+#me=}rLiXY^;;g6aPc*X`dbznI#KSelvGDE^y)
zb9OOuur+g{lNqCtg97_&{v2{YyN}@~FfeQIf1&Qte~Hr7{!I@2cR{+6oD2jDvQO=%
zYoqomZCJ|>VVwc7>Ike-Pip<Lja}U4QjT`h`hj;kD6z{eq)UnL`c)*zJ4%wipXpro
z<_WQr&F)|?nj<EqVE|gF0;TcXls;CGw$VODk=FHHi1XXl>+dns%HLoB%Oa%(JjNvp
zenog1s@|uYupng}T1Ucl19+dF>KD?K8@-LL9qmC6eA&z@0FL}>=l%C=MR(<pDwjat
zz4(LRs+54wA$V3+AhbhWT0+PbqOi=-IIq0Bt%z<(gK2Lbg|vFpSLu$cRq%lrA}fvW
z!!2(s2GZ@06n)Pn`IX)#NFlXUrY{SNZs>6E-_Yqz<4r8zM&SVEn;=3Bx%#Dizh6^}
z)6Ro>Bbm7}B8ml)8#vqC#vG%k7;NKbSOwXr3-rt13WkA-`;^-Zn!(m&0>7yv`y*X(
zvQRMx%j5$CWN&avhe~xhKcADcE`%|s7-`CC?lb*$B7Kmx3}PX{z_8%|h3W!-%l1_?
z1DaX^E&k){KPFRMM+ILE`5m!-w41qGxCJtga;NMR9OtWv@E?XmIqC5r11Xhunep9W
zKsevwL#hRykvy7dnZAXo1*}!5=B21V{SJzKM=Ae#n~tNNQh|irWIcJyGrMl!x9;Ql
zu-HY!|A{%um|wZ&#}6p15cZ<4gY9sGEF>uprn0miM5*YygD?nb!t(SQ=(1!?CgMV5
zaK_GRgB4LoIJg$A9kwe2-}*QfeV{okR@br`Tqbu3MJlm!ntyBDBIwn-w3m#(Flt4y
z&V}3kz~Z6NXSSOqGI=a|_%{A?7qbxqSe?;ik+#x?fi5*ex=F|dzIfZUvTpsfbo6PQ
za$!-=LZq3JVD%vL-O@asgyo1{#bNy0?C%gmyYP1S=Y#<$f}yEOv2~6C0Rh=ZibQS&
zA^_K~HAc@i(wwCH`cU#oVmuTyP%YLdq{yVM;mdDa19twzl8NK0&Ox7Z`K6}alg^{1
z{&rsawW6X_q{cv#)c~__!-%z<nGRGD9s43}CiXbt&NW1`0vFAVG18W$xLh`($Q9iA
znVBk4-Wi+k53VMz;s!{gR3`d^;CH6sc~QR@@64U%(qBivHV>=3Y)t%YYv@I=PQWYp
zO<$?X>G7H%G>s7CrSIwC5Vx&<fx;<1kH27x8pV16S=GaonMV<;_JxNb3R}K^e{2~~
zNr>*)gB9RBPxGyZb}{S|g?#2NVJ^0S0p)k{R=DAIb-CGSju19$f0@iVswSY`&0|Rf
zVng|1KL>`Lu(qi7paiYJpeqKKL*n*WZkham%GGCq<g4@uoyYIArNToAa1f)cEpP})
z8AoKJex8z3kHQ0B@@#uCV@!Q>D399I)57&FPOJKNq>2ZiEcC~s!u=BUwu=@38jS6N
z^{mR;6F34KXc~+7Zj%8Qz4=hLaWnKlzDz$>Pf(;+Ar)KXgAGR+z2#76HJ@@KlQ5a0
z9*gt!8(EZc&FOSfxgy0)ll1|+)|itUubYLT*up?s!I28A1t$Vg2E%9GHPwl+YY(Y2
zsu4x*8It-ilIO%J;SYRk%R)LC<?@#P+loSas+ieK#)ODl*{K^%w=DtdI-k|Jx;I`)
z+aMpT4EN9?;eC<>4@jt3s}FwpDJf3Y0T~Y*Sc*>r!le+^agA~EJLu#;X-&iR@8c9(
zJ3;J~q#5qRqG{#JUg$&oH87GJ453PRonENI<?;G}@yjn8VLsk6hNKmdNQ#*kHp%Xa
z%|XxU@1cs=O%4&k(4gWtc!+)#|I@GQ!cJS~XMXP<QG+MTFP5l3lwns0C{J-(Ujw*b
zB_WQeq|YZk@VbHnMAwu(5+9|(IT2|BP;N;@gv_iK0Y^;iBZrC8n>QB236zTXS5IlK
z(lr}G&gd#Pi|+R<A9hGLs_8s(!%MMpE2R6{n`{M5aYtSe=&iIWe1rs&C;)=t@Ks4k
z_g}hXX`3QxF~e%DO}Mp$G0WsiY|InNt{#yy$VN7|=z~%LO<ks|Uf>ElvWH4}#_*N(
z+!B+No?OD4H(Wh{DCNblF&R<k?`@Tl@15c~m@AVM#~)CCwS8${pT-*hY+x|ZU|{n9
zJGM{N^3UrZrcZTU0Zj<`!%oN3AqnYIxi@uQNg;LdAzrX#nJ9oXw;Ntz)OD7z<DA3Y
z3*&=;<4PzxEew~)`?g2$7q@$du#&#4UA^-Q%S~qb=Ggh9!Dc5!+K>+#bkzfKG+u6t
z6=`U?;vT{pt3xIU#$&Guw)W})0+2^Hxias*fR>3l4M}VrjdL-tpScZ(n!(0c;@N2u
zWmLK~!{&%Khh){<$5;dwbVkd7$lf=Tagto=lUt_z)YNb+uUM46znWcPW3UuJbr-oX
zqg}Pg-`tZWJe&Pvkdz1pQ_#(}vRxV~MkMq|th7MiSaZVlw}p8qHBAde4|5G=vL=$X
zSMTahlA~mTjk86l7pv}2CXHUasF1lx3F>r{8i~-TT4At;L(2vH7oTf;C5(J~x~3yH
zOX>ULBWYWQ*u`MXjnafPvs`$FYoa~#FNIx;Xg?chycew$XUHHul&>wkUV0IepCd9>
z=Zk+5I-6jwch?U@0I>Rs>oefba0Yix)zx;R1~a01tJ*LGOW-0`-NqTT(4kyQ)=z5~
z1L0uTzsSr+a)>Y=r%1r`C+ti#F=4V|_v=FY98Uhg<A<&QoE!25wWo18#BN`GlwtR6
z<*2fdI~x@<xGAF_duB%D(L9|WC~Gw3NB&HId7*UIeGNfuk(8V6GnukU`XR_7HzWFZ
zQWy`dmwXrnCv>y00p^p)4(%8-0kUjDU4}4!hu8GIhYgR7UuPb9mwcd5_7HolW)Uv8
zRlz%OWVtpUBowy-)+|AF&|=3DXu`S&RJ~G>BgWRwPXEq?Wt&wEV_7wkGXzhyBm_TG
zX3yP#{6yhLocR%<%Ka9_81ZE?CT@&K{3+y71fAnD1=~}i<$~r1l3gdIu|X=C52v^>
ztCKsFiqg(4?o>+?ytxT3R-R}n3v;Ax*#XyI7s#AMKe+gx0CD1vx2gF*Tp&XKzdA(!
zRfD5Zby*%=2%Vn;zJ3Wj@CBT)q`oA&g*S|NS~4($*<Wc_WLhQN%Cc<e+?o^#7Y*&B
zhv{+vMot%%D5~>WX;5dKVIs=JIPd3NWvA<8Yq7lAUGqhb00eelBmNBbC|M|*ryFOi
zGj~pp7y;AKwo~>@GGLIcr8mynp{s|PxqWQ0<;X#ctNd5JSx0XifG;$cOFKb09p1S<
z=^UrIu#yrx2HjVp5eo~ew68%24d7GXgx(x9Pq96ILm_dPT{Vy;cE0?~D_^AAcaP&H
z&yktkPH8=h`0z%l5q+Zk?F29wmDCGgA9(!RLa!Rg2;XWfvspJ@gf?eo{+wdLmCRJp
zT|fUksZftQ7?#OPww^hK$>y311P$6Up|@+zia<38f!=dYx?V@DW%A{y;0JJMF=N5c
z<5mbNLF-!Dm?>rG7b@xP4Qsy8SEPLlWjhPM7&fBbMzqeY6TOT#%vyAoqSkE&#@>Q7
zwMU&tQ9A{lj9ij(n|M&aFv#&0>9>~YrRqWvE??fd+cBgcO_A9xJ(>?^5{o^R;d!LA
z7@dgV*bZgQNMqlRLn$wp8;e&hcgh(T6}Vt%G|?R~0z!YOuYrgvU=#WDTy1`TzdQnI
zNzavtWt4y$bG55^Iu=s0*|#qe(QQke(?8}J8`60q+#2<EV`Agza?}vPu%?-&y?nS~
zWB1kskfqJ^!SaVs<mYP4o!Ryt)GnzLbufW`2@apOv|c4LOl%>)JvjZy7XgP@!Fe`7
zw5+B!r`Zhk#ciHm<S&y{KBe;!%~SP_H9hM0s%cJ|QACiLKAbHHV<nE@04V=9gzR%W
z1@BD<_WgO1emntB!&lSL@3h-)5l6W2_V|sQ_{pQXkJ93dnC@La)yrQdRvETIvUt!#
zTeuz|Np_rf3)=Kpa9z4gu)LF~QBfl%cagrKwvQUbQ5J<&9#F8BYDiLW*wlsGeH(6L
z69#&)i&hcj-Sy=z^uJ3nL^CR{S+fGoEU%rGh-YaY#Ncadg>1K|$2C9DYY8HkC;Dw$
z6H;D3Ez8p`*WKuf&gTp`qQ4KiHILsLmym@hYpM-~GiUeHM0BX;mx>elYjMl12t6ch
z@G%;~I0^nOLQ8%!yEFe2p}B$o3o^d{k{>&}m;ue4{vknDYM1{Lnc*jr1zf^bfBgYI
z4F;8B`R#MAVip+64|hiOiR~JNCZzbuJmI`8h)3%F4L#(Y>FLw+D2t)?`_-3GI)DC(
zd8HmF1UileYfZBfLh8y_6cIC<mlP6i4*roT*yNOhWgm?dn`yZ)Em%471RW!_7zxuY
zlYQ(M5tA2h;=8OFMrA&^IsvscG4;ZY5$gJ1NP;ASQYtotqNub7g(+@1xj>hZUxXsg
zbogN~J!rWvKX)r<-rl^M7E%w{Q6>s|hwRSI;*4%$Qxc|UZZgYjm|=~#cf6Agw6z86
zKlhzJP~ujYu;PudC0DP$@;m{nvIn`#0HGhA5TMrTT*fvCoNsMR6P^>68@}YxD&hvX
zg+4U_EYG6ap}y>sF8l+yB=YG>gqz=>z4D9!Xz1lotpQRIvxQ);vY$SY@rk5yN|=~B
z=`QUw_W+G*^a)d-#W+HrcE0OlM$YxrsJd|eeH!bRux-8nOrsz8zff;W_8--G|50yC
ziC>|Q8JRzH>gy8-lNvrSoHUq%ydO+hI7FU=`0M(*VWEa{yAwX-2OK3iv@e(-oTJoA
z;IBca1Fuf6i|n_jyZ29EFp6}2kgEKecZTCZuF!>Os+I~kvZr%8fHhEODge`4l~vNq
z&gxv0m(p~3F*i)7*H9hl>!KU8k;9%1+EtY*Qb_{xH$i!_FIVL3OU>Z`m7x1?nob5K
z)EM!6=38Pj(0LN7$ysfi7_osvE~EC9LKsRSXOwD~UUea#6ZX=TSKuPG<4?r}F8c>y
z_X5;uqfKzXQ~h?9eXjLjgiL`Q9@EQXS<(H?$@Rg?{)N@s(i#n&eP1UlLy?oEo|kLQ
zTM#cZM2eb)`!&@aI#Li=y`qPs4LvXKnKOlmrJ!CG+|;^IQqc~D=!4tA`SwF5-IT^t
z)$v!<_1-yNjm8&lX0h6&pjBo$$0kdE*0Cw}e9xG;C!s~*7={=V^i)`9r}&P5us;1k
zbVNTI?vUOvGad`A5qsLrzfP*kQ}s&Fp9$UjUy#_c{BsM{`tK6kpnQBN@NuQ%CVVJm
z?Xoh-<lfw(Tc4APHHIpJ<xFXxZKNJ}B=mlWo%D~uN0=}zUa<}jxbXecF^~I9dvl9}
zp^NHGu(7-p5ka8VaIPgu<SOR5VXyFKGc=6IPBl5%j20W?2$J$9Q{C_89@<D`lgpSr
zIyn7RF514UWFz70l1-}gYi{K88v)1c39hB{5xsini?EjZ(8>(Vd~~iMsvCyG^r3P+
z%$lhI9?Kic=+j>|Z%33%LKz>pJjfe2Sj=7E0Qc6&VV27Wj`Wgxrywy$5G(7tL-7Dv
z1aroU7@Ls2V`C#~iDm4zk47t|LTKe3c>T{`hQVxrla8;8OZ5P>!e`FS{g_FJ$#0FV
z47zH(R@16Z2uD!5jjpbnZ#F7AQkz=xhymry85dADP&+`5Ubnr717-Kwsc9dTjL(fb
z(p%3)^bi*ziaJKK!6qiSY@8FlO)UOecn=Pn{SbIaEEYTQ(L)}+HTNGptJpnIZ8ds#
zTq5rt^Ee;{I$n{=NJ)T6wqh|Q=^Y0{(yvg&c19C1m>G>3mF}G?x}6qoF1g*(<;2W|
za01x<pIYTArY|)UQ`NoDC<uII<DaGrj7uBc3L;>#TPM~uk#NMNsko9gSmaf>VWd&$
za~2sygW6*^K7A)UA(nz?KKxW6eTSyG&lVM1fHOSnm*Q>s+W##<LWK$ap9<SVmm2-V
zSaBxRt{?V9=_4-xsj%HGeJ~gUXWU76m!C09h<ZiMjs1thw$xX`E#co4wkmaQ;H*=h
zCbpz^Trn0C?!G`REa0_-=aQ!hnMwO;)y0th{c_<%)Rl)99t@0%^Z%u4^#8eF`F|@&
zJCA4Mydrtc+m)9uQ+dgVbZ{(Si{b!h!c#N>jkPsic;8eN%-+o{oIfu~sru{VtxZCh
z?-uM;(oKy9W?Z(*tIdnh+V}B``&PhH0(^5}M|qZYx30|6T2@m-`?T4e##x_M=~Iz5
zL$o;n*hbd!8`GJBF8NEZ&a?Ly_^q7ci+3mjiQs!4lR9v{#j<4S=CK@Ssk8u@G?tv`
zROUN5E<-mcN&ypMO2ctkzhAV-u*~Ze9>eh9VUC7QSgl}a^aU!t@jZZPNtVx;MUxIS
z2t`S~JCr*RI-1+xTLW;AJ3hOo1v~lE+w@@z^D2qjnt!1<2fwRqGwcaUhlRLI2Y3Tf
zV&EJWorGsZXU;BpVrh_DQ1w%gt*Dj2ck02NRX2j)Eu`t0@OgD7Xbqi(`4J&(ljceq
zG)Z`ldtpZKi-WPbuPaUUoQnsMPY7w)!_>%2%~;TG?4(-g<%BoI5@dUpz}1SVH`wTY
zVB!j(#E@Z<XHe*7CW_W6DN}L|?F7(hk*>CpepM&K90uE1DRWHyo*n~Xf=LHBa%vWp
zqjU5oWrASm<07~Wu0A}A2q$D~V>Mjr!uPR80vsZ4yG?ymdKu~ZFA(mus|P5oPpf?Z
zA-RpG&Z7lHK2TRWCND357kS`=en6N(2iP~EQZHw(b&i_K)f3%KJr^&cZTxLdAD1o0
zHWpHXy8zh1lD5IPxOMEH35?FB$@azd=>zGbI^JWHiP3kk6^B*AsJ5*3lY21W1$6UU
zZonQBvR(CRJ3cYS?%-jxwIs%B_alOVp~rk@C#7=XJ%N)T@%xY2t~b6z-=DZWY9G(N
z-Gj~$JT^H7cqlaJWzOs88>(A*KC|zZ)FlGOI7yb8{RG}^tR>-xjaLR1b7v2dQSx0}
zxLY<*h4@jZQwr<3N&)vjc*#R_5udq|QA^QCp5Z?C-bKN}m*O_j2Z|iN0WHa4w|gxO
z$Qaob>_@#Dl^Y`hcKi6B?@-ekWMkEaM$5)2%?}|N_%B6@RBT)AMNODdbI~@M+3!|r
zAmx`^l%UJiZ%HSO-pl%|tXxB5Phwj8pIWW6`YX}4CmZWgw`N^%r?Fu@wrWxqT+6eW
z=qV`x3^`t(8u)EJm<jCq26R?d?TZfPq1`(^5O{;m&nzFYO;k0_royra`J5vxDVozQ
z+Qv$0d^xs+qIQ+a?ZLi8^9(kZ;kE%|9BAE|@Q%JQ`=lxOSkly)#Gs+JBH(Nve9HC9
z2}}>Jf-`3p=_KVDWmB1u-_o(B=eHkiqbmRM3T~|`2Q3pi&+PK8gukGoz1Pe$W5Pth
zOr`V=d52n;!Nes4m%kmHU?6dPZ9f2ThUfzYL}$)vGe>^5&H1Lk^d;BA<T*+=XZbT$
z-RZ&AS0FcL58&vD1OLc~+QKJU?-$RCP}4X%)LTK(8rBtZ+or-t$vXUb%H2ns=O@BZ
zDYo{=V?CBKi0>S=Al<jJ?%b+OsCLr0YIRSzsQAjbAyW6X`;y(cILjxi3~K0)Od1g}
z|Kbu7n9Jm)27L2poMYM@W~AS|+SCk6onZpbcE2}w3@UVa5!FAkamD~xC)NeWX3Ymu
z-BfWf%Fb!Lg|Lf(v!qapO=E+KYVp`)x3cutdB!ZzkWJ=mwFsfpb<k&;CPf@NnV>9h
z6KubOl9y|#?2C&+A^p^$Eiz__I*Sp5;CHVPgAbl&_?(!@sc^^S@N#zTEgz%kyzQx5
z|5b+Z`k%+E_K(ftY_9c`V^IBt20wn&z^%;e*yaXwKga7BB&0Bi(T_euW4wv-Mi%ST
z6Xx;;J=Z4D&|A%AD;A~jn=&~JXZ+Srz?)Kx(T9E5m8u1v=m!w`O{B8h6JB`A1~AR$
zOXEps8q~x&EQ1?wiV)4yT_U&uPY|X?ZdHR=C=7rr%c8iM_k4AIh}V*(C{Sjkq^Kf>
z<?^aEG^EY3E0~42Lo;I%sI{|u^J>f8#!=netuFf%&*B>!#X|_Xyg)HtSZ*u1c7py)
zl6}d}ME(kbJTs?VGF92W*oBJ>@jTrO+!yxtPxpL{=Cbn|v!xkubS%x@yV%{0heKbj
z1bKSAWVYJAXjh-Ccn-dSXZT`vBw`+Bi7#3`rZ<I38(A2AiQrMO#YFz*M9Wx)F{3tf
z<vLrYD1#wyE-#_9p9JG9dXyBp6ShKwG!TiY040h@ZSPd5+V}vkYWOnu2q65};YcgB
zX1+P%NE^q;v`sNYFJ~>5QWp}fkw_N(Z7yZn=_HlJD`Zee$r@W7PP$K&T>W|LGme*>
z1(^k%?vTF#lfBAVLoo05`_BrbG%36dl;=ZLGqb8;4mE9)J$IrXXN&<p1K~o&9Mc;$
z!HP3@NQONGFs@ixcTqSXPeGU6K3vS)?k0?T+yzJ&X1tMXUW{yAhpEH~9i5ILHB6hE
zR|f0IK<*dT0kKa37N)c0Y8`GN3CN5~zKk0X(if5+zRwbfLtbTh0M&~+MFKMO`@F;M
z=zTzm$b&N5+{<@@w#v$BvXGHaPjr$AXy=IWC1AG_GEI#`nb+4r?x8Aif}&-rL0A4f
zj3eXl=PSlapT<#&D(#96y=jW+C71B1f$is_-dI;|D;akc`J2Ce`Z7L~Xtg2sR}Dn9
zA~WNN7I!y#e8b5S`-Pi2xCWo1`Tan3Xgu(`j!GTR#&I2Gh-o&y(biOJz`CB$F@2=7
zn|8q9l74#!1#KHovsQUzX@*Y<=Gc~zt&l<c6T96zvfY~WN^|m6f>9%C7>XJh&qD>d
z!&5DI-x~Frzt1{MUiZ$x&^gH78(2}j{A=Stj%<lLb0c75qe{&u=15+|IpaIl!x)cO
z6heE>Lv$qKbTo87c4Ulp)VaXco{7P(7t&olzf4Q7D*{3qJ8WyXD<wuvlS7u7jLw^I
zpOFyfK_}DeF}~j*J%zCHL-cWHk3p=?t{Q>BKwWIj-De$$IXm>r0r1M_^CS@O<B7&=
z@>=cJ+xVs?pi=>qh{EXAZ_k~H<ymqIPDKrM*x`)!95L9G@MI7flqj9^k8;iINx~Lb
zGi%D?@g%4Ez()97dByz-wHcWtK@rRyx=LlYMam<U5!lEGLxN+;^P}PZ9`}aE{FL8g
z)m@^JauZwzjAd1d@0Z;fXc}noNN|<tTKhs?EMm`6gL@&Pdr`VnPT`0|Ru;rYTcr|a
z4+yvS$yb}UKdPmo!~$OXgS51A9DXl(Ry{pLCO8W1e6>29u;He<SZ)ck8c)01r{*~!
zKSYbF@hLVUnq0M_#(4~Ox%p|E?@&hZ%Goz=spnUqGn^4^1$x4kN4f_?A108g_62o$
zZ_7_+pe2RQL|xKUF4I9In&n4MNI9fs%4})6!t)kHwh*UdJo9PxiX66#aSg5YG;`73
zmuF7jL&(1#-ZSBXacJ5sgs<VKr=i?oImY$kzx&*5eNi@&&THtDb(_OI3RcwAEXmrR
z%fe(R=NyjuspB}m&A5tKX*G8!V&660Epd(7mWP{)FZi~*e&ls~rt8CTLMIiYB<TzJ
zEupNAaj)ZhQ(aA0L~pjDRAK!?EOn9kONW!))p{Q7gY}Zkg6dUATHwo99KsqUz?rT0
zL9(codP1@u=MkVRi$VD|yf-2oV;VPUGW|JQST^Zun$JDRMk^rXvWu7=+W0P7Dx?$m
z#~lROLTVJd_KX1xt2(o4%#)}SCM8lxZ+BxUt*LmG3-c(RO*1AT0yCR2dSaMGCr}`>
za0n~|`0`e&xXfU6#u~4;08J0_GrHBDZ>6|d(`k70dkP!LKJXSm&l|?{E*pjL7sRxo
zanENmNbAVXL~c4IbhZ6?t)q{>#-LZ)km?{PFt7+jFffh(oy(8^<I%3Vjyu}Fm90xK
zPhf5!=>XgJRhmUlBQ24%v5N{(7uLyOUlaW<A2ZT$B%3DlS>HFT%O8sfa<9&mA+___
z@3sfVH7DIFGgt@<{yENh{bkkQ{%q{R@8cET-~CDt)lnCv&lpaGy3kTh-sm&N=f!?+
zJpfm5w;YQ%BP1|<I}#nZEA!bJe3a%^I8jk<o7Mx>AUEYJKNJBSsyYQbwz2Dc6`N@U
z-EmtPyJ~(>621(V^)5hZku+TY<JVS9U4v%9?t0<TtFh5<H(w(o$Ib+%4aTv_<l^dN
z9LmTdH5K)i+A_SRBD!&qPJXhnP0EIgZB=W^`P%9d?UVT|>*Bn44?F&b6Kq=-UIsmD
zKb4D!J0;HCX(T)EatC2RJRDDfp*oL<ffCo__x7f-%DT3-tzNOBB2L<}!bl$nZ0F;)
zapsopXxdsDcGXp2nY_=6LxmUMy28j|ly{$8-IK$U!hVDJ8{Zr>kKBy+Ge81MuWx$M
zL#){~ula}eF|K<{G8bT0iC~>QtiR@<HYE>8Nb6i=)DjKqE_1XP91RONmDH3!J!78^
zz^5`}GCV?9uPl%X<Gazr8;==FVD8#2L)dP=|1rT-?GO#_7}P(upFGhIV8n4t!B^Ai
zsNf8uCg*UjEY<#L%c@$px@9VqhSFl|JU?@s`q%+qG@uASG8AtY?uhh&Mmwh^%2;TP
z+kCcbF*L}hy}A`xV;j~m*kqf7*3@X%u%04^rcHMEIY~~nF{;k6CfcYKnC>p-6s7Wz
z4@q;xA>yhV*}vB<-YO5#x69SD*oSLhZ*YmKjGVRv?I)W6uS_x9$nGnI1vRx<>L!hB
zw1hQxTv1D?Tp7w|TyDPZrqL?QqRUqPi?o@hDWk8P^a%DBg$sr33>-NWHb>kM<{gfR
z9sRPm?jZC1$Wl-TE25FyAho<CvuV_J10-!eo&6dGD}TC$skeVoR8a4uFFx`hQe?d|
z>iKZZS3hl_0yzl6b;v4P1AU#?w8Jxkkgw31c8_A9u@&q`)e2F9I;(DlObcB;6zymL
zMNo5w?&BG=z12^eHPUSxoXssAP&!w#u_+Dx5cYMorkfFyL0fw_&Y(e%herL1W$au9
zrG6-F2Y$wYTIl<&>ODs0StJpDE;^kK|5?<b)eBcP+u}5ybYDe$G%ki%<sicqKf2S<
zA`j2kwhV*snOW_Uljhj|$fR%lOnpVa#bE#;r!tKO_xyA7kP@`qaycLo;-)YXGV4SE
zHnu!PD?-eDVQ1+%#Btt3iN+w<n5i;p=cwN<=X)xm&iSz@BUv7Rd;bYi?&Iw#{=}(1
zH{t=)+uAH{@dF+Mq@gRst;%4%-<84pVa>l1&ZxyL*NF;8@fp5ISQCB12yqkcpn5<f
z6$GxtMvA1|+y3hOYItMnZ~~D<>W>wm$u-se0j@-re--vncn(3~q=4)dm`&7H<JN3M
z0Zvbuq4vWsvLFNxG3Fig_^`zGOt%xfmoK#`60t5pPpg=3SJFp#99P|Xv=PJ|`EdB|
z6YFmJk@Q3SjER{8BP}81M*QdjG91_jv*N!mXNW^I6Opa-eTW+c#j?H^a=bm8%$NTG
zc_dVle;{V(FojD+*q<QRg?j<Iolde-U`5WO=ByLLikQVOaRTin7X01<{C?#71!-&K
zmv_q>mzm;hc|%kp7_g6I-p6{fJ(U0_!kl1g_XC+U)`2#E1&DoDS_nt?Qyez|;bR`p
zYK!M=(l^+V7fAz8(3r@r1vK^VAS6j<`8#$=;5CGRtk)J3?uQUaj73sXBx<aFsc4x5
zx7abjjr10kR0fstm#OQZ$ukb)H)oVot8<DFp6BsR$k`hI<__?fxPWqxNK!V@8(aFP
zzvcWi6Zo$cK!Sm#|M?{RKWrBCkDCEiI~6=NbYCE<W&%9}GOT!<u?zz_&FVs`c8@e}
zWT6~5>W@IC7JA+h;iWC}W=x5p$#+OUp)TX%DRqliO^a8homO{yVOYmw09(5A1wYRN
z-=y<I>&t^+*T?5A=rLGNN4h9P@BVRgu30#Nm?=-*C<SITF=%(v;hkC7bK{iE$=;Sw
z9zrL<2$*59!?c5<ABNc^d-JlPxlGN4f-{W~z|@Ak6HPa(2$I^v<*G)LDoqZXd}DLl
z_T%F!wMH8NR)5G)#)gCSa-Eg!q<U7MM(Na9+<pcxpvTTRHrIKjj^Tl`ukvbE@?(gt
zRv4##UM_Lld!lYUu({soi_Dj+ozrrVzScBBWKJR5UJ3)LC$EO9^h%1Ay^h;>O~ZPG
zMqZXW8@|nAWjg3U^IZR}#LUe->zJ$~p>n0_X^DaWOF`X8$o-aJmLm&o|BxMD#r?CZ
zx%W<mzuu+}@S9eHS*={-#P_cD!{b3W{Y{LJyeFlauWI`xT9b~lt9L!=L&&4a9pkth
z?xE5K(~m?dZ~_*J(nWw1ssTHYL`fPNnIgVmdWhE~BiRCF>Ex&c0kM8D89Kc(^1=Pr
zF^Z5#Irl7J5#_{~c^G<mwn<t&CQ<P_CUl~1eFT@H>U3yY1UFYu7>jI<7>+`^VoiZD
z4jmj}*(12saa@F2h0>9lcX+j`_juN3iRMs5L}ZI-o2qwY0~`S!Ex?xb7Qfld*JPA^
z4UMr&1<+CaW$pOp1PA}Xo|*E)YIxYxS#@y7+VKdOO&EDt227(k;qG-FWmiohA%wrP
zyme*q#e=_{pl*E1D%P<6nbWGyuYzWSZv7~-TC{7di}U4CR*@gtRAH~{;SEiMTP2OD
z;`c#nBtR)5s}Ly-X+pu-ZG7G?NdB|H(U~%`c=h*oUaz6%>IR>VVhhy8qmwn6oJV3g
z)NxeHmBTry6R=7j?*{oNXoV+I*vn;-7s@Q!29V{Mf&h$65hAi=5fZYjKL6K4u4@=(
zQBL{cZncQ-qS&|-+qnB3F-F&vZ!aG3Wd2J}YmYH(aA5=oDE&|?LxBmB^#~^D_Osb4
zZRFklheU^(W>NeS2c59^3AFy1rdAn+AcI4237lQ5Y~gR=jG#G^-Y#Jy1!QT8ocKHo
z*b&*DB3U+Jk+rVPDP~HJsA++aZj@;x>XwQv0?0P7XM(F0NsTG@D+a8R8c+irf|4K_
z_z<>lfFxtOX9z4xlz`AJjcU&W^7_ykDd|0-np;))X3ZW}-g~r(@OAsx)14%%6ti}0
zn9Q3ll@x}MHl{2D+753Cb-<f=>RSXotmr&aT-f+cpCuxtS)Qxb6ACJOfB7U@k^T;T
zPz6`A;Ij5js9c6PE(Z}wEF}lZ+cpmAhW4ZlyR(2(wt6<*gx3okKa)fD1>&?wSOtb-
zhm?vgsq}Z>-qvZ-%k@FaN~wU)sMyu;dtXaGrqqEmDVCNp!|v29FsoKx)plOOm1m`$
zP5c*JD<&$UaSOR~21&M?_OhLfWLW}NgwOrF8)PpK6fY?2k5XTwpJ{NlL8duvM|76~
z9-AhlFekQZE-H#2mj-`5o(`esK4SSZVgmaYu3-M==>8*7R^@(tQsq*5Oof?MjhVfU
zm8G7QQ`rFlQHhzAnSED!Vv>%LhE|SogsF}}l73_h{BJjX`OkIosSsdbUtz((RQ{Ke
zEj0ew{_?*H#;=Ma`%W;0QInG77Uf!HHsw|#kmp&67!Wfd2K1K(%;lNtDi{QNHzM_q
z<R|*Smfwp6SWzCy-c$;fon_mWpuGn4-$ng&=WU-9Xm4(QSlsLqgm6G8hpx)thFR@r
zE|T*Ow1F1jxJ=jA=VI~4>3Cif#WYBJL^ZJL(}Hl;_7VA5XLlIwwgUz5kchb?l4LPe
zu$cZ1`eMPYgPFiIq;tZj>$>PO^PLGM`=q)xcj_gE6^$drm|MfPvDYwjk%&XA-zS$8
zx}2N>>A**WMxK&xpV)Q@PZtPR%4gL4+9E`!^DWm>EW*o?I&UacXI07+Z{cnzc6*XF
z4ZfYwUW_#E*Vp)Mm*I}D@ASBil4IgGA=;Hcw}I_V7r#JfqPcMhPIv_+@pSxkt<y+U
zfw)eji>ta$I#L`7fg3E$_FIg#&Vk&wk9kvOxZkGl%8CY<)x*umn;tV1179PRq2n|6
z^2^twPH5xqdx8Chq!a_~OODhdXM~KY3AUU;MG;)BXPz7Cip_MoN;~@fCwn=CODxm1
zURodm83c1Cm@hzTy$_v%5$E5gAx>sK{7a3o@*}<9=ruiHE|ksa>30Z4j*@@4A?7CO
z-M;R`;9XY{wm-CK##Ci24%`SxXPiR78#HT}LC9dH)EaM-5Kf`oTT;Sr{xI$l3NbqJ
zv$F>cEXti3VV??|gX2nBMs_n+;_G39mIV%30UsI>$#)3n1R+wY<>SmtR+FKv-e<w?
zr~3=(^L^CoTaZ3<28TC!8FRb3rB^4jvw&o81IrLMqW<{Hv-vpZ&=Vu}lndoan9j+>
z%p_AsY#(t64XSA03gS0(*2PHt@hFvu=cR*qVEE|M_2|&EaNU_`Jv-HH?%ts#;_3nl
z!jU+;+h-OD=jO$wjvr@7&_vF;&6a7|tZy;_&_v>rokH!aBZS;+@xE|Pv2*=|GqJvM
zr%u|j><s1DvOb}?stEZ7^(%xPX!h|xB@ICA_K5{Jb3Jbe&{hEh5T?Hp=L-d?vWazk
z0t1fsK1KNe+)|1yTaj+SiXRNka*Rtdve)`>iZe(Y7t%f7N3Z8@==_k6i5(eGjZxgu
z(&ZncXLcj!9)=5iiDLwfY46Y?Xt=g{r1krM^sxo;wgf+f9lbP+2E2(dTR{+Ex7Zru
zk9CLYjhJ34DF?^KQ~mM7!AHW$9YIphMb?IdRfbV6lxLx(!&uDsfAh{R-3d>4z`?)*
z{siYr|C<@v|GX-$OwzNTWkv@XG#4J#xt#nmjH<?@o^rE2g469Tl4b^}POC|ZCAJ9b
zTbmJDp;8<bywSxOiV!<Seto6vcg!GJaD-4*IyHH@bB^(ec|98%ngq*e;esNdAef~-
z8Q#qRoqS=XK5!7ZOU4J5y{CXyamxV9mKvaB5a^4@d#l6COrw`N@mpArWqTDYCq5yF
z)YN0)3Vd}9?cC-Fl)~;~VVP(Ks^vppV2+#axthXPB7E}QI&&^|3hWS%SuCW>#}sM)
zA_TO{B&pxNgX*)DXv^cpKMmW0+H|xmTDqb?x4rpV=E$0^gw<Wc(Mn8P?!q^Ysg#N|
z+~eK2u)O=S=F(!5*+ETA^4VPSQWVtLha~=`;{X9dhA)}6te%RXf*Op#YPJ!diM%@{
z%&ns{fMSis@Q0xx;wZGbAuD~9mlt1>yaA-B9?`I(9aH%{N%KHoT>!K?j^^l(W32*u
zg-b&0^AC*5MA5=+MiDRL0A|@)Gon5mLPha+8b)cIwlZnigA|J1ni*SmY<;-~{|{9<
zt@D=xW6i2;eSr?L5iYwiu?@=zqccHcQJiD3Pnx+u%AzaS-<+ufBO)p=m2W?J`W*3V
zzQL9@vr8Lguh3ihGjU6tJ;g^nLlHNjN0%XC)uh#ATwxE-ZwB~$eICa?vXNyK&j{{!
zxLSPYES=XrLSto$btp>X4^F8Wru|*Q(?7?3|6;$S94NP|T+tRqH)nCk-w~lz7r~w?
zfxxz>8jBQ|^H)wUxMjY9|KU^u@?VgE{8!)T|L6+**G!d4Wx0P#X7ItIa?HqRlF}je
zPHuwS$uq_Xhkz3nE)@OIAc?-;>B!(7R3G#6B;vK)i6#tUXDn8Dj1pS->JzfS*g0R<
zxB45mF7LO;&)q(2mA$>mv{gG9(I@5|MkbXJnVQvx`GInvYci4$-!a3+H9`?bE&(`f
z%ywaDn4=mZ^6GDbqy-z%K7@B3q_WuoVm|cfBE@)Axm>V&cqGY8Kb4X|4L3<SVe#q#
zIh4Y&UB&wSW@*>ViuzRHyNQlmqpL1q%u@g)o%2na3F@T+hwf0977S&aOEiI_1A=4G
z;W$`$Q4iWV>YZJhYH|N`PXltP@23jCs|g3Kc3>uh)196cO*Yu_0MQzybH>=W!KkK#
zXf!6{jbVkX<^;tOv?&`KIs}qphO0gJWt>1B%N@?XAis>s9)bq!`}fFoPF)z8r93WV
zdEcp`L_2jhS9?h}(Tzx}L1qPg{#0q_qeK>jT?fK=TYb{su}AH~(~WJF=`TysEy{Ke
zT={_HUmDjAAoJ{gg*`Jr<j1yXf~3Rk%xXyUsA6t~bO}1P!v(Jz_Xe8oT+M8Myq2%i
z>8LgSV%i78KeW|PQCI&s57cv&Z0IM2Y)OKBUnt_nVL50PYQHDjS@2i3`FK|4^UhBH
z`Z9CKQ<!{HxY}A+?l<E~RovhondtF3l}#Vw5&EyFnZL^WL;OLF0P<gGr1N*wR4mPG
zZU4rb%75~fkl`DQi7OyNf~*0DDT%L$j7m$C7oi=l+G@Wxu)I}4cF{)qQKk#G<IjDQ
zkG$LeRn_}bZD@Md0T&yu{o-b)-#hpgiJMK$RLM46)k;gs^9d(#&H-&44yabsr|3(X
z%&ve_(Zp*=eJ(Z>XjDm+%q>YNf<km<Bq`Z}^~8sNsafO*jX5r94bo?dfUu{Z<1KAq
z>aa?KY`AG48ZDjfRWP<P7ZhRIqm}d^Zg`-L$xGDoBk!$A4bb}{MGWZMZF+GxOQl^>
z-S$^F49-+F8&i1vS-QwotNIB=J^WJl*lO4UUcZuvqLxYjmrKRjcjtA5a%T1o@?XQ@
z*pduVffmwYAUqtJENOP>7}tWISQpWX8QoPuwAP$J-j*QDzI;F2;U2v;lcf(o(p5`d
z&CpRrgx?0do}%>(Y2#!pBt}t|ozXkL`C^UeY)<74eS$aMNsTp0NDS!gTCSy9#LL_W
z<H-%Eelr<)D$ioHpB1(*!?!NzJs=^d&=%VN-Ud|uMD2?2+tz$6iiDw_&WWoc)%2t?
z)u6r}X1gw2k2NH+RPh&S;)8K_2&kwhHpH;mD<@wSPdP>9)x*nCEYY!`UXZb%_6u>9
zCf1>yBh?uips!54YdF3?YK=KpmY_S4%s(hlpD1>7Qifm3Se0q{e$^B}^jF}{7Gflc
z{s0Gr{1=n~e+N#}?*E3{LAjM>CbD*~#vk0U0@cV7sbN1SPtww$R_5swxI1z!oeZ~E
zW%#KvLOFi@{-hM<XiO~a^9Q%(tb+%0x6R>AKkp~FEs_-q>=x}_4qc`#@t@ULQ`Fm(
zoDnT*{b!^ZfF~+pxVNMp%XA;mshh(vPD;D*_4+W;rNbtnN3d#pfQgq6FS=v4zm^X<
zdY?QOte(yAJ`71RSw%cnt4m!HT1341TDWlTP?z#(eIed5qsBrxGi=NdOy{E955)Dp
z{fuqL(bx7oHVimbqs99pUyd@?hS)PH85@OA;WklC(q89W@ofI=Yg)*Dq>FH7K<`F>
z;EX<U2%;a&PH0tj`%zE}qsW^cdE@0b18SiZzC_lkCd>fUS~H31T)2X}9Z}~}*wZAX
zUgJ;hzgi;yjXqCf97;|c{ST&D_!bRusE4ER^F5uH{s-)ZqW(dFhY^}_yo;b3$ElN<
zFv?9PiVlXH*XxQbtHByc^Uiqb)ftk5<15&iF!oRk<M;a_I`r{%+i`&HYJKu?+JS9U
zDS36_HekE~)i16&h{W9mMrU~X1Em^YlMge(>=*rtRus?|{6#Vpz^FK;(2YQ^M6d8!
za}e$feov1BC9^+9W1o#xZ5Oa?eGYiCXO{nL$`+D=&XkujydtHLug#rxVmaZ$o)EL=
z6VbrUWLGS$p;7>UGgFCf1#Oe)fpZt^4)yr?uPCPWx8R?B0s}k$6B<hW>nKW_dHkKi
z|Jr1aGn!Z!kUME0cccfv|9y`okyKTWr;ca=t|hnkXi02vSbwOsqW6Dt{4GH;SQ=3B
z2;Te0=oSB=aN~LPVbTDMuRjF>o&YA*abR$s)S%vRy$4~<c3T}j6EIGtEOnFAbNoaG
zdL~}S0+i>f8gu2uh~0x?(S(08M|-gDq|+axR%Aky;(&}Y26{wG+?9_cq3g+GkI)aP
z6WQ{`k}PKM-{^ya%efC~r+Q+zWqa$6XEBV8un8YtyH1*?dWsO+y`?pDiW$+~vnPw8
zyeJcCDSP2ivSs*X9;az0mt}6~QJG9@6}+y5AK-aJ4qU6EzDLB*C8YQksam(hm(GOH
zz&v%zt1<Jj3tNG|Fs5uRwVdrBwgF<_t<bRC9b=6yiEJCEook_U2yKL!3$wOY<Bal8
z@nnyB&=SVzKxV9mg)^Y?Fu)NyqdLmSFAn4P72c$b?1>8o4*|)R1)mS3NI2S&#c~G_
zP%UzExco{~v?vzFa;jR-+qI_GDPmL=DhX$Qa6zI5$)%*HaOrzcCbz^iKZPMwc~a`|
zcQ=~*a6Rucg_3UzpO5u-A;+t0Vm_O~N4KH#e`hjV-IpD$kDZjg#iG>S7uD_%Uim_|
zUKO`c!xD?-P`jrG?)$f+hO1smpW{DF-9Y>c1rh!`Q?|DMchBuO!#52Rb~6e3KcQks
zE~y|@N_rX8Yt8)f$Fzy>86?a6dz%+@<L}t816Y3?w^P0juKJq=gD#(Ez!pjqzNRH_
zON0$)71k3dIujAN?FR3zy<})9kSv{H0Z?DOV4HKFA?vBZm!?3xp8jfT|42;I4?i15
z<&!;<$Jo=xlagV?BwNpo4d+Ul9AnBXf1M^D5W~vDsV(}Aa(qt$hg^4nCpHA}UM%4c
zRHxGff1t{CdF!&_Ui<?UjJK$}PClc^dy2vkROr7$g^J=<NJ!<)y2}%4l`UqhAm99Y
zCXNKhFY@w-Dg5xxxr7DZs(&!WF!U5JuXeeUg(8i%<Xj6jG^mG_dC1K7UaY3O*5?CS
z|1heEu8PEX1VkGJsBGly-_^M?=V>TNa#UhtjufOy<5iKe7V2?piIMYaggrUmDO!69
zbnza%$oDp$Kl!z&DoS;#hp@SnX}=2VBY;R*`T0bH-Y<5_gD|R8bPH&Ij8Stn3HWyu
ziy$x#{6=5vhKe|k@~5Cz(I@s&m#I}a-O+gq%dp7GJ?EI1dIdj8`pUUjA~M}KpxmT4
z(ZKg|yC&)f%u|yun5QeKyqP(JvqCtT{o|p@Y+!8h{*|b`3H<AaKO3eyG#Hrj|5DIu
zWdSsDadrA9S*kh;XhP`kMGW)|@JZ!iun{G8DC(Dt!IEJh%CKNkBy6IhRjKxxv4sxg
zSDIIF1Mex(sYk=xd7^C!7M3ds?8%7~UM6Tlw~2J;rwP~llg-#1uqY$a5OOCeOKiAU
z8=5a573_fcURQt(HvAC+0vAp~wpz*>l5WowXM68rtC6!7CtRn^$Tc@k(jl!b)g|^4
ztH@h01%qFL5sUMj_qPSd(ZPtg@|0WI(UKLRbnZSjz4BwPUV!eXU#l}mQJLDJ*1>%P
znNRI@tVJp|>a2XYlT~_SK^pu*M6ceSn2y;&+M51O6~=~5Z?Hivb?xoXI11?>H5yUb
zsmd+0oDY0Ln9d)mT0+xVuh2++DhBLq(iukArebUWddQjPh5m$nE!BBG_os}@5MGMH
zUFS_Fa*V0`whp69y<C<9Nt`9OG+C`jwzYC*7t^{Sx!PRem6G}^SxyBLbS7{h8t~wq
zMS!LXHu3jY=NR6B<RCgF6;^f(Z(x<c@A(yEWhg2KxvOC~rZX5FF4SkX@8!v9sV7SD
zFxDp;1iG%Y`ZcrwV1|wSh$b?jnf-H~D9H&dEwRfkw@kA+PN0$sAyDyxygA3ySXY7#
zcp{mr6dFTGa4=oG9TU^uQoP*>-77FZJ~bT+4`3_yZ`I5V!hG6trFFjMT4>{%<C8l2
z#>W0U5w#SCNx2sBTI-c0KyQLAC{&7FXrPkdtIg5?5+SYP_>MLW=`(IgBA3yEI<1&6
zfzSmrieN{Qa<VS`YB!E$sq$=J(&sMxER-!M1-(Zq*pLsesEZv+!x)9GvWDYA7E|Bf
z+%L79FH0sp8ma$f_IUGGl8p!uFC3}Fs~)dYf5fje&eK!{exx^xcjp7K)^4s#VDIBa
z({H6D<HNZQ5$zoB8QczST_h(LMLBq(<}<?;T)0OV?q=w-M6R1yc6;<;pBNzS9remJ
z>`veZSFBL-l$oy5x<!k$!Ec<jaQZK5sV3~TN-m1k38MBC2_Im8J+*F!a&~t7Gb;J>
zeEpZZum4$R4rWd+R%Xt2Q9_78%mB!XpS?`ONZhJnNazAvl#w;TJM5eoZ$9DD_8paO
z=I%>N6*bi+_s@t7Ar%6I#=tjKWHS_UYyX7a!-8N?`}W7Zy7WAjvS76_x*uw;7WpOs
zLO{L0OlQGYcRu%0;t7orJpP(Pt?jRCdhDU+e`_Ycj531u4F(KM7xVwcY8U}cjqN>{
z-2ZvD?aU+wbhR^cGIIH2HU4(u-I(^`jHiJy)MYcGt+nx(`xp?Eg(XEcinMHnCVW~%
zQY5ub3siwA4$n-v^CYt;txTH#<>=ppuALpCoGs^pCH*5f{W4O=aQG6B?G+8sck%iu
zOZaJHJ^ANMRl;X93rere1MhR5gKV$;u8#+W=1-?X7iieMWska2hP(@+XV$y|k&}(P
zHy%RX`bk&H;EvuxQ62QVk)IoOW%8~f9)HsAj(&F8q076PhwKDZM^18?{!IBAOLvu-
zcVEe^kG0=y_7i2u9d!wG@#`@=>SFXUAUOM*P9wruOYTAHLG<_16%3iwA7dFs!129#
zCoLwKL)fUvBMoag9Koci6Syy>t8`)?V-p}k9D8ZY8@Vt!ydoo_cw{LACdse~^wfd6
z3ZrA^<lY2emU`;-sg!wSMuveRgGfWiL`jEnoIRsXgHw8B+qV(s(TsSSeL9{6R<m(d
zX*aD!+7u&$@&AvuZw~UL+qNv*c6HgVE~CpfyVzyhwr$&X)vs*Zwry*^J8uy8yKf@q
z#oYNXV@GC0M&^#S&e?nIbrMw^+{ysSt@ZjV?pu`WhZ6<HMY)=!><%X7ok}QeFpmoh
zankT64CNK(#rn9f(o0z;;9MowG-KHi=Q8+tb9BYiFQhcqY=PUW2m-pC6RX0f9rBoz
z7p)zuwvTzIJCDgi{^_)ul5HxC7xm+GyXs>i;}ypA2B(;JZN?@Wy;R#H2~wDxj7?Y<
zID8ZW`8&sK%cne~;D~OT4*Jk`Qp=78DlG$M&^>pJrK-`5nnKQk`!_%qDYE5c$EKqI
zQKIZl<8b5EX6kh9!UIq}(fdhL<B~y{ND1i6^c=fkZ6xg8$JGP#vUCOKZMRcL4X~BG
z_LW}~=K8@^*)pG}ihTq4#C2i0vU0JghZK&QeXglUCLE;cL812<?kHr9T&utOekoN4
zTTMh*;dQ211=>_PsZ6S!Ol)x(*r=P=w!+l$7^Vr4A3J);(#hZGbORlyXW~3PPOM|l
z^>0d~2VV6kKPidI8FYu@U@wyug3Jxdm-^H3%sB>`MIarmZl!3z#nT1nV}J0E3lV6|
z#1flJxq~WcA7lppg&_TS)Fp$q;sHXv1iR4)cB9ku4hayT<wUKEf#h)8k%8rA?yVgr
z`uhH7OXO_s<eS+NPZO9l$;E{119gN@5hr$eqP=7X=(GY#jFFB0(9&ZsasGt+6ch0<
z-r+e^FPz>)yQ`BO;AkB|y40>n!u;)KWy+?nN&cXz%C_>Q8XE&>M2WlwJF$!>PT)5C
z%P>>B!GT|*-vkv{uST0F{Sh$U0o!vS5y$8qB*rd3r;Pv1%XRn5KtKQNm*8-f+w+87
zd^aDu5qqB_KY{8v#=NSDhwmMYQroMfBM*=0Xdo(K#9rVhe?4I`Z+Ji3N>`zpfWHgZ
z$ev%eJQjmskz8=Z;Vs+U`RrW<UtCfZX2WmmZ=yZ8=vvnlmp<F8Vp5__3@=V8PSZI@
zQ%kVsm8Gj2Tu_u?cZ-S+GMw0fxh@So&eg8W4oUTH%|B`_*iv4J!rmOriC8E4A|nc8
z9lnOr#7;&TUwUW{{qRe|h`hsf;3Dk7>JH}y-p`CQRW1~JD$HzsU-h0@_71%Sh2Mwt
zx{PV?8rc?Q=kx0)m{`9EtIL$GA$b#Pl;ps}|3gN;ixVs?lYFB#fY^f27+qO#iK9`#
zZsYk9Ga^GD&avYK29E5kV3ocnM#U!tu1|t!XNl=!D5tlU_Vd(ww2U{BWQvXA7AhJ=
zXn`-xAdzc7^~W9XnvtjZ@jKr6Pyxr3;*air#St6|`#yne+<RZhVV*7LI@mjEf@^;K
zt<sohD6e~{Cxv@Pr)b5J9T|ry=a6SGiv@*!{9%JsC)Z*8F$^9ZheRw7|0Wz4|BZF<
z7K=ODS2_JDme&lvFFKi*eF7g%{O;{7ijh~WSCi3iu=fV|k9pv)^3IA6fi-KMuo6K^
z?sR!)_e5<OsvP1;Dn&k-vH6Q{N6^DEpu_ppXUfe|r~)1t&fc3#Q-ZE6ofqey@Y@Y=
z^A2E|hTCp^Jj+O3B_O++;Ey5KAQrp39uU*6BQ<q&Y`l^O){w6UrH~y~jbq&GM+Kj1
zzRqD~BK<nF^NpC|Sq`Qy_EShG2v)+TrL)oQjZQ;&j-yk-Z5{95&aY%`Y;x5g+B$|l
zrvzGEGXsZKdr^D%-^;&YEUw9nn7QxR2Y#=*pHH7~zSFylZ3%62y(JLtn&5-Bn3wRK
zmNtc{=K)k4|4ag(I|S|iZqqK@$a4I2+vCw;fAX}taGQ>_6DQ0S8Zzl%sh+#>oOX}3
zk<YO0jefZ7{-eouck}1%NmD!;t{Cz;!S*W&<8&zGn_#ua!Ri?#;8i5QGtfI($hGxo
znZy0mY7=-(Km;=r*TDB_!mZYt8pVKyRvWkZ1JVvV_<_%zXCh+YV151m1$#RA^YlP$
znaLIZl7#hW=jX^QZs?oVxsGhj8|{)DWJWaT`>FAKgCtzs)rdkFjckjB-}@DB<3?ZB
zRr|QUu9oE@6rx999V;)*CY<&q$RJ=1JUs6LsA*<X-#f@e{UeA&^c-$B-OjOoW0KL-
z<dsRo4spEmBBsI9_w!x7IN$2~Z$uBIfuINl1_a~^^Ivfp`d6YCFt8MG(X%)DdtX~s
zTN70b&6@&xz!IZ(pm6ccDm~b@QZ-MVPf}Q(b$0DX@{{>$<mg^~-n(Cu+9&QEr2Blv
zQ`tfZ<|pu{f)@|VY9JY@qFZ`I1IzJ*+qTPeTG}N4_tzu4?{r=DAFu{!I0M<#SFo-=
ze}9xKO7#J4WNk&tT3XTPz*dHda7M&HH%e*FXi2;nEah!yz&U5}?k!HgW9#WclZ<sY
zqt!BFlht_5yto7W@Wzvt^-J_==bYANwH2$+LiSJT7|r7INk&S&%--MgY@KcpEw)+%
z`$tjLOamAhKc^VA*sQ)rw%2y1%DeR9C{(O*+M0^Fi&G(|QkNOEgF^_1Ug{@L%*pzx
zI~VW?=!avkJm9T8iu1<9g<%V}<66#6ha$qe@Z}M$98AU^HejA{WHg*g<hK@F94F^4
z+m3FIG1z&k&@-V$2y84B{~W#d(+e;I&~vjc5r=I1b|KhZ03_x1P$A{{+)m|^ZIIAL
zU~QNgY(F>IJIH&bpHK)jX60<=pbE5jKmv(8YQt)p*P}Y_z7|&Zc#J5@jW?HgxAOu|
zNzfu9`SRxlz)SNM_MN}0yGwk$e1k!AjS@7QJT?qcPr!-$d7pfJv0Ul>;Y{9+oMx55
zC;LKX9*DMP>2l6eIprfi**TYU1Ph<V6UGwF=Uw2sEW?Y95wohH{mS-O2`V^(62n;)
z?L4dYpu55f%JtFZ_SKbc;kL^Gz7f=Xy`1Q7p2hkg>EY*qygdwZ6;D4i^cK4Sy+a@F
zPdKIF_Vxohfn~L}-Q|tqDks%sjB&@xiu1+AqVSa?5FK{c%?;f;pY>FkjJGW4lP0=0
z7`jUViy_<csm_21Z2O?uZxGJ8PDpXo@7`rP|4B6WOC+sghFK`D7Gm)*)mciiHj!yC
zEGI@GHmL?D4dkL@+grKXy%k*H@O>MkPnlwG(s_MDoA^$VvILGWDo^QbsVdgL(&1M$
z7<>YW0Gc0hI^m4;oYse8H^~zQs0Y@D2+tF&{;V#ybO7@^+f)MnFGEAWxBxZ<pj%W4
zB*nWyek5$%?&gpe`g$9?y`QoPG;8*q2)&|0wGN7obwM-8StZK=+I=^zUKJ|l7(BkB
zjeBNxcPeV98I0o6nOl~@fr?`duBX@)5z#U67Q<MIN@5H}1(+oIWra8)-~#6Cgbn05
z=u*EDUnU%Ib9$(s`}Ky)BT^>RrO}&JlAMK-r)n8ReC2CRW)(0NfA%OLH=aSQizc%!
ztj{Dv1x^_$A8O8uBWVO4(*U?23+6M|h9%qP?3QE;3x<$vt9~-h>FI^q9!V!@02dH{
z&hSumL6i%<Qrxew!0BcTryW#a9@G}KZkWuAA$NB}@M3=$PbwCZE#QCNEa9qlCmsU*
zhezH2{TZ+S3Of3hdIlE%xQvRMHShn2+vh#HKi~2<BLpsPVpOD;uK`V&#xP8Be0+Be
z%XOZ%-e?BxRHxSKRqha5u2MQur2{3%*iCwB3AU*l<BhLf%xnSs4J%w2%Q(}-4^S@i
z(a$@=Nh)r?$S7Dg+{aR}C;f8fU(Z5me+*2n(D2WI7x@^<>26HM;^L=l>l5fkQpm$M
z%TxCTOnA`FYTk?$ZdABip}obd_{F|BkD26~0@ieLi+rW%Myc)4Y<VCM;rl30Qb6#Z
zTT8OR1Y)4Bv8EGSx5D+ARR*MP$=Mhpmixu3Q8dYr7d@A47SaD1xVhr3y@CGvel~xB
zx9PumheoR8_*cL{#>mms#_(^|o+hRLu2JB%mP$yD6l_r#TZX}%amI~vHH3mDkBx;9
zJYx;q8I-A7AaSA|#=g+)m7?$)K-@v}ePIecZxjlBup^c9wD<I!etev4(aq@w0fbah
zQv=R+G|<7dT<VO6Rnh6K)g9-1g99|-4j~mK?qheo+g*APTM6yZ-@FQnU|jAdGI$nO
zO(-vignH%ACCGFN_x)x(Jdu!<t_Oi*o?4TiJY<t6#L3|*y!xZyvSC@mL%gu5trcbF
zw^)h-x1wC*q2l2^>JUCb^R^_Cz~*v<&BRCKK<FsQkp;?&IPXxag9BayzP(AKLJjp%
zzQZJk1rtJGbhB!4VP#xKR3d(j2#tN1#*<~QQ=(gB(iy1laTTtNsWTk{I&$gZs>4iD
z^@=us7nVNlD?{#;H5!@Gk3CmwALfNOz(x6x@W>jmqOHkp=M~0xH!t1Ihz<*3${?o9
zIM$9bzI-Pcx_Xq8x85}2DOs*#(B6*<Q*vcof=6XCe04Z-H(OHV>DXIg$u@1y<nvd9
zc%Yx;8Gtq6<nbn+Kx|wcEj=-<lt|YlnpNI$<9+mS3T~z${9I_@piiz7RG`%$Qy!TS
zVU;IMj&{Gg2{o=PzXcCk9;RH9Qp!A)RVdbjIo>Diw<mv3OLJ==b7%meH@T(({4&Uj
zjd04GZf=ZTFa7vi|F>fLOGg0#2q=L92uSAtAq)Q_;r_OG=v0Sx#S=^Vl1f*I(V){L
zIIqQn)wSnIkK>6(<*qB@NG79EARdiAkaE_?iqf#>F2FAG5VnL`wS=mr9Y?m#;O;Re
z!gEF#jqZ{C!(=J#y!sOuqn>tLhc?in-#*ayrNYCyDf3t1=h1t4n@*?uW4Bt(md8)I
zkFVJVAhyuZ@Bl#WP6c(iZ64bBZK36t4%_#SjGECSLiCS>a7C@e$z>JgJ*rjD{t%n7
zFHLH<uU5G2A(ycm)-MsZZIzoE>aGx<1c&YC-EFdcpO>4Q`fmpC@2WlKk6*pt;>Cp2
zt_k5>A0r_qXdmi>)E@&OIn*y{;XmWwx?!?akb4+BU--ehm67`x3U_o<cG+EJ2W@UU
z{I{uIIuYlotC3<8Fja_zk#8gPRa^trkjcX3l`V_=`bt6-(dhs`N|ZGO6748iIcZZS
zLBf$>$*KfJ8alJo2N-tM2KB4|H2gwO>Z8F`VLOa(mAq1;do>>$KvAISPA=bLuA2xM
zHqt#tWl$QhNB6Mv!*i8Ircr)~ND5aclV{4OK%{_pkKA=7<upFSkkA$*u89mBju)lf
zFj5~i_M4mN=;^!qKnKw<;i=BBstYw5eJlV!*K9*MvV939=$;JKR3PEO!NomNTM17e
zGM$?%Fer}W!DuGF?e!a&y}=KODkRwFqUj*vW6RHoD?}#TN-18#wA}7UdKue)!*8WF
z<>fT+i+dGGY)^wPS(A(>TjT9-gbjh?O&0q-6DNi&KEbf`acSA8g0L1XXj-)1uCZ=?
zc6PBYv%^{X=6H%yaZg1z#fTAx81f!Z{@iH9P@N*HM;;}-Va{GT@=KZ!4G9uVQX>)&
zw;`GA+pr)W=<zs`Yt6=ffqv6S22s@Dgl*SpVrlq`-DP|b<f~ek6=fZl37%6HnRm1w
z0@>wjwE3(-CYA{`t|H(qR#^NXjV3OLQl9k>4DIMlOAI{xX)#}F+VeoDR$rDLW*bdQ
z#MTl%cGK?oFJe`eJtlv<ZG5qUw^A!czqMb{N$V(esRT(Z%|RXZpm)mc4I^PZQuw$s
znluM(`D6#qf#IcU12}$8SK=F(60VDW0W2j41NxX;P1sSX$<?9b;QGKRK@J|U^_aij
zWcS$8>o}Ojrz`E(GjhQ>pQbS(G%coM)3A_F<bXrZM{lyXs#9`bq*HWa8PfS^8Dvz3
zLb&$}3?!(l#6&~Qs)#|tO><!(ag2?@93XDLi6$tHJm#_EKAv8;X2}RFioF9{#+iJ3
zepO4Qzr}XA>6zTcJVxti*7B|3M4crkL9=cs%{(Sgb;b0QZ`HZZVa-0{B=`QPr_mQx
z=R7gC;K`1SHV&Z?>zlPD6@q&v-Mg(*k3@-2nb{}PeOdi^k9C^|mXKzkOi<fXiyO~o
z9?LqMKN`pxVjKlS>*F_Rx-R9=2v($q=LS3zZ!u;2j&JdJn8*ZTgfRQ0?iY$n;9-q0
z$v%L_an1%3VXs$g`zm(IKdS1GnnIVI_&X-r%}s~7o@Vg~qJ_256au&Z$aHO0Y3_q1
z2>JXMpQ_lw6BEhN0%%f@MW#VjI+4^IdgiW!K&~FS^>L<lZVJMHy7EXa@lA5i243$*
z)`5awbSuh{Mc9zypn=^l<Ks-UW|r|0cEa(pu7OnSMQ*s?FUlAP15Wm7!C+Gjw4=eV
zs`HU}33WRCbO4opUrWbTxY41WDq5QjSbi!?WmEy=IpG4!^Z_pOZVgnuziwN%C4{Ax
z(IR52EuR}m($6BVM#259hml=M%x1P{ZWop4iYQV!Ghkd7<kWEgXI{9$RH9%?O{*Fp
zx0C!TJ)90uwLBEv<H{D$f>``=lNzwku#%2Y)nUa+UDuzu>=hkO54ys)_n+)_s{}7x
ztBPz>wRVh{2v`bYn2}_!5AN>MM61i<qt#HyGtZZ4gw^5~Tck25kwQP)pi1|czKSMy
zLmfcCC`v!+af2rbrP*_r+4#Zr+YOM25hf5YOsZ?PI=b{=;TU2@&audcNhFbLoD8T5
z!yS}KKS9|{KSAa`#5Cxmw`&L%W6TTFLAd4U`k`{JG+-@q5f|z46R+1QeT70We5EGL
zdp7@e(o-I}#dJ><n*|{(g$3d2)WZDI;=J%HqJH)~IMgW>(cbUpZ+Yy}tdCn6+%W8#
zIhl0``*Ss@2{V=P%(QQvVx`tjf;7p7gQ-F^5=5ixkB$Z`LHlj~)?Su#d$V$@=FO1F
z0sN_q)#1@z`gaLkY}?6h0&m+^eRXb8(S+fP4M$(-(C1}ojrYid-QU?MhIiQ5hZXla
zcxDCiUG^OMk0)YgT5=m#cXk(ev0bZ~Q>3fHL;gji`cA9E_2f0#;&gUyn{HLJsRCb3
z)~?#y*JN*(263q>x%%#q<?0wRkp%0U3sTHhSdO4`tE)SL=qr2v`s7B*-MAq15hi+0
z^GjI{0$qcyV_^!s*-yFY54~s|WkqY%s8<=T1$BW%$3Zn8CaC!C>T<>VnMNL&k>I4w
z=d<d<lJyp%uN0aAQj_Je4IxEUj**yZgek(JWt1+~_MZvHPj_nmYbx?$^M0GuX1dI~
zl^81@`LY9>o=z#A^oN5N9WFsV^}p7Ol;cFFp{Wnuz5`IaS&`*L;a&-rXtM(yU0Ilh
z@+fS7foQ7dGGBk>T4Prdv8+lMi?!-AwVW-|wFg=?&3!F0wqKgKZp3SCN%Iu=*@7?a
z{{R9<ub&9&A&L%1+I9V5!ZT8*!^oe=!Z%SD$F4)&pk|C$p-$}Zvztc3z)gDX()T7G
zi$HO|S0Z!=E&Po_;RA|iRnF$Af%Lu1kl#y*@)A)-@X|W-*KeO`w@T}D-=+TIkAVld
z^bc6_+8YkZp^|Pw%XHzvmxmTPyJ7uQOZL3XOALJg3~XIoDZ3tgb+Jmd0E^Eh0Aq6{
zTt`dH!?FOrSt-U@T?^eYmL!a+=gXb!D%bfklQZ04;YM^}U&Zz3b6diF6J_?1VV(an
zB|xe-2YA{b$iE%^gR_KJ%RS91(*xi;)ElET#QA^{iOLlq0<sxpvV+MHP3=vK;R=_;
zOJ(q}li1l}MpIaSnL3EIY=CIp1MGO0YSRc`>;Ll9lc5;L!BWf-xV)!xcE{yyae+T}
z{z?X~5R`AWHp?`Ci}nG2gU3FO(|eo79v|PM%a!e~`Xq886_7VynlAiEl_9aGdKqT@
zGGnk`?u^A^D%tv+LCMkXCx=l_h3UzirF+MZ`>-tiM?$UCHK5xWL@I^^i%Zj<zmZC7
zX&P1C*&4>_lW00P)<vk4)bWW`=LsuWPJd9MRllfH-|D22-Di;6L?qd(X;O!O9Ku42
z4X~k8x1>|&Ps5kkLL95X6b6yOzyYgE*}v?{EHt$d0LqGE%OW!i%l}pj)?SC=QHTA0
zQvdF@^I1r6(AgD4-j%fF6>9wkllh1Ag~MhDG;~jIE1H3knkP(8i}ZLt5{O@z_E<c-
zNn1oT!{kQwUA&N+*8h!1m0Dd#N%Oa+lBSMkwu7R`U2CSjpUH|8ztkLPdK)g`aQc2J
z9A9Mo&~WV$+!DIpHpiPpjl&7S-1*#t>YNb5rkFdWjLi?;of-5wP_s8;ln&BLd#Kge
zIs_w2o09E}2P;^ohX!}|HBp^!3<zIqov%&SSXmXi4sr*jQ11OWiFKrjE61Cbef))U
z+4o}C9I-5am!*Y;gSA|=>%Mj+HUKV}vvlb(XGnW-ZI=&>+C#_(&oT{#or;So2rjPN
z(@6DcW~UH5a&a9)t=)#q8E@fsh6C%P@HfGe4(+f9Hf3hPt&p^XTbw^C%ob$c&L<~;
z$1xbO&^AaS?s<de(wo`gr<CO$?qyWwuN@ie-qwA>!dPH6qAfupn{1Vl5K3VebVWtV
zgDxpzY<u*4G#Iz#N<ltpqTmW7-MrZS6ePv)n4Pc0*kuRRy9-aG4B6c9VQ;6P>*{^V
zj6UO`7rKtM$<MDfszzH!x{{XcAt%%o@_<z~1kEh#ceBP@3y{l%6+0Y!3KqUy;c3L1
zF&{?AIayCMLIa<YNs8o~<ohj2udlV}Qo>$Wm>n-LO0tV|8sCY-<@O&PIZ*uR`*rP#
zP>0LgD=k!r7G?@C6~gb(p3F%~AxcMZtEH;O3Y$B*duqp(#rCq+Jj2pNqFr)zKH3C_
z^Jxtq(s`SF?;wyK`90Q;43B>Zb65Eu#qcg9G9`gKSio(?Aa<hYA=}wtZ;CyAwNw0^
z;%j9Od)E9QZ)eE<@P2^Q!dzl}%>UsPR7YjNNv8hpk?4IRen)v)E@Zocac0ln)aV#h
zIxK4^q`|4+!EJUGLZ>00>10qocVfJ3UncnrRfbJBy-`k?Ez9VR6)>oj)Ptw>e)7eT
zd+UZdq#4#n{=Ns6o<rL}F0l*lj0svRIB*!Fcay-Yo;CvT<;)d|V*EkBq2{RA!P6Ab
z_K8xVD)EX8=bcifw;Z$<jk5|rgPaw*zvKzf7Kzm9$~6IDhirgwv>$g-=j59t{%+?K
ztt__tVzU^KB>qI1;@%T+pw8Po)aCcvLY3#)zd_><l=*u6>Vm%Ll1P4L9tQvPxWFr6
zKEEsqdgcX7I~sdypC;*<(@l8nu6)6Dp!U``9&Fb&emE@&_1@=DE(1^4=NO}E*ToQo
zoRT=!=#w@?k^tAGz?jb{SaOc`gSYG!j%H{O|AHCcr+A?U^t9I0>$t~@+$;m0i0_A&
zsdkB%eG*Wz^_9ONV0~?jbYKOt{XMavx;Q|bp?|n++E8fyMoXNN*OkRK|0&sIwdVrJ
z3`?;AKQ6k#HN~Ikoz63C_peE`f8AcCcmk7Rg02r7efyy!D^Rf__IdzSOL+7$d4cFA
z`FomhVA>6c=&9TP8u6d^uHHWu)xSW2fLNe`fb{;|6%<i3Bg=m&ov2u;{i7I84o&+T
z^UhzQuqjd1pY%t>(_*k9dfpnbhC!ZbQ<i0LEx>YaQzn9cP<MvG+jM$%$87o(@x-V6
zGHWy*0;Q4gB4ne};d$zw=Xok?GKazY9kd4=3Ljf5a-WnhuDH+uIOptu?(79F<>0RV
zq54F<PX&IQ%TX)QSR{SAsFf}7+<qK$&a=z_ot?GP3{bX<Aw=uCfCP8Ci2p^xj(@c@
zVZXC#T{Xa1YXn;|#t8V+?p!-!>)gg(#jdDMu~Ouo^ar(~nPw@y9esCm7hMc_k?yL}
zVLJJo5ev52Do4*y<SywleLSF8%x=H!9L8pJw~OKA^K-FHjm0JKea6{qoDEmDK{WeR
zGkX)tQ|~7)x2xgXMwRNB$C2E+^AEgrL{EoRt1FloNK%{qA6#y!QD<3a^m26sO4{WV
zF+?5!#xryEjnRTp*g=u87?;K0Cq&7dpRG;W1nTSc_$BQwZu;ZMs(;G!C4<`GEF<(T
zR^Wnn?R%<1*j-5$I4=mH+6Fs)9py0J;0NX9ZQfZi_2ryXh`6etp0UW=nkyH_Wh^vj
z>8^k0Bd<8M2p0_Jx-4}C*O+Qov-3(-t|$(xclW0!)Ito|uK&W|1TBf3muItu)E&RU
z#aTMkpX!0=VyX>m$GO6O!Fa~D7aIr6HD;CH!146B%z4`M4B(*`LU{M}a6%`7FUvFi
z@w@7I89&ztJo8VH_rF<)T!RpNwp3T^pZqdg&^dQ17_AEX6LpPZ*7cnKnANnwG%tnP
zPbc;Ab@2N7`u*|OJIcfbR`l5eA}RIHdh$5=0aK#|?}vcznFEB&5y$(@%8OX~Aifb?
z_}%z62QRQk3@lkaiLHa8l+LMckgHz~d*Y$=G>f>-7b@upJ_I)ipT7-H_$mDhJ8Tcg
z4zmi5f24NU8g3UZk{b!1rcqu6pqpe9DQ0>FpVXM2o7I~QjC_eaf$zQGlEAq}5TjmN
zVNp<1%FQtzO5}&;yQO5u9|0SUdv<c%<JGNt!HEZ#>d#O?()x2mI1`=Y8)n5$QyTIL
zXOnJ2k^DXw%}{ioj?WS$qOFod78LDzL7Pp(fXET@h*Ua&kAr{_)d=Me#(2lBJ4uMf
zTP3UoCL>#iI1wK$2*q~im-+%CHlde*f2f1Tt|=?`yWP&Sx!M=b=ogo5WTX{|-R>J<
z$l7Wy3r16E&%TWfA4Sv%b>|eG3@SYZ+eOn9e+uEA1y4Dr%o%>Yp}eT2OViiXDX*gK
zME0ncw2EC<bUZ82<6d}e0E?#$W0lfNEaI-hF4_j~D0wmzEMIMoUB}rPhCCQPxeQ5s
zj*EX~%BmiSoN=Y!u}Uw6<1Nv@_4%976ZYGsRvH)x2oB`GA|C!%@cCbeV`TUrAQPk@
zBL~8SlvUqD{Q~Sg6fm1A{-BRqlMP232i8j)LGDUD4#1E~v23UGnGE3XAvDV5r6dsN
zaeOmAn#?$Qyg&a01)|s64#LND)?P7?mz-G<4#p6J%WSv@4mfLCszX;DYV(sLR$0np
z`eDr=n}C#|NE9&E-_TfEm^T_xmkJF5>0MrxxzovNUusKafQ8r0f}kcSruD(*`Xe6d
z5<Q?#x-`*HF8Q7(2z7xiRW5F1P?G_0%7&GAzA4La^ZuB7o*>$A*i`1;q17)Yg%T*9
z_k?&zugaW>I{WyZmFslQR5~m%FkGrz$d-4Ylq4DmfJWtPg6L<BbDoNtDbV{E()HP3
z`iN05T-Ud8;TW1>=FoUc4D$FXx^;YFxZQIHcPF1)DW1jxl%hcc=1>bm)+Ps?RMz<f
zh0w=kX{g5ni(YE%6iB!7^|xB*i#V`O%wNB&5$eA(dhoBmOy1tc)$M;X#s9R4Rb5v^
z6+q$@5)|AMB!&uCTPT%~XM=VHjYNz~H2oz-OUuBJF^L7i-T=V#>z<>gqa*wP;vcIw
z0gaamf}~lkIz7$4<n(fHb}{z(etm`g1&nBbB|sjHRd2V^Q;EW!1SlHFL~%!JrM!bf
zwvhsq;q~u_UoJda(ep!{rVDP@eQ=qzS#aqOJG7p1_pL8$3oVsDWp}lc@mNDIJ3Jmo
zceZ?=&FBzM7!d`j8M>xlVVW8z5NXw0WD+SL$Je|^QM>5is6>bk(KMT>X9SZZdNE?D
zhB28|DB718Vporkdd^V@mhl{>S=!o+S6hX)vGQyyyzHM!8?C<>o^(;rcFt+VtnkNB
z!X)-+yt6`-SS;Q7+-t>o2XF^d7=DIYi47DH*Wo02K8L!a-8ZVA(+R;n<(f4G!*a;9
z611jTXrHIMG5}O8irRY^RjqLiUpP$rE`dSE5@g0M<wET|`=9U=Qi7<5!k*63lt`({
z(9JZOrI6F1#q2cu@i!KchN0ncuFL>2BJfg@v^2NB!iX_WJucOVSRS0Bu(sgq9kF!~
zE5We05Nb8B#y;JQ;QE#IGT%-erCL)g$M=dUEU_<=^BUvr`dM40a6O}&U)Vp_qubeA
z`^DYRPiH6_aqg>z1nEPtxr+52_3I23Rd~#h&2dBpw%N=?;AY_m8XC5H>bIF5f+~qf
zLF7d5kmE^9(sek(pnuGu;ot*v1WCBFVPuBWrZUBU!aRZIP2-Cn0!diB;r);S=bI07
zXvUNUpqeyMOo8{cuE3fAP)qD-bEG<LiL*GS-S@PJGAlZ5^RqY@qI;o<&`p<Zv)&j#
zbqbke)5974kDSuC9<a@iOS4Mwj7z&CS9Je5^(QX<5$pd#t31&E%9z)Gq7tySwsF*R
z{MYe!MQu4WCNy3nNQ`0h11T_N9Zz+rnVyP)Kugx&4ZUDaQEv;Etd^_R?PlDtU$i;m
zKXxHs3ZPofabyle`lQ{bFE3k<w@x>5mNC_Uo^JBP5AopS9HjM&!WXHRu<DI{{$QEQ
zSR~nCA^XF?DZQ_qy`<+UZkwW(?ZON)uFt9BCx1rY5sD1U8+IKQGFt6At;GcVzA&FN
zZOY_7q8NK>gjc-xqly{b7jWkd6&Rg6f60Q>i-_jlFVV(Nnk9np{!<k}T)uaIy+RZG
z5kS+aY~w^-_rYLvEDQ(UKc-+-a8=Qaklu!U-`GIpv`!bXL+j&!kpz!My4hqWIFDc>
z@te>~c-l#5RY^;H)dieik;t8{jO$PiA&9Ds%o}$;CQTxeuuXYcQ;!c^B<=e8+FPf%
zTfLt(o9sSwck|PXh4q@2e6qLf=8U1L^6RIJa_RTB<40Ox`;k>+T|}fPKX2rg8PAW5
z`Dy_LQ9z>`^iz?2bXXwvE+;kr$sZ8J(WAf~42-%c9JeN23D-dEKDY*wBZCQK+1XW|
zU63m5J4`b=FVF;6|1)u#rdVW~$G<_Np4?kK3Iq^P7d#M<{=a)E{hzlX)qX3XsiA$j
zHwV{YBZ2wFh61BO*u^60_xuQ#k_Lh|=%FK*nMa5cnqJuqh}{%!NcBQIqGRZa6;5E3
zuN#w8c~UlVn<kVfqD^pUGa1q|)*_e?+CJQH=yvFGnCf&nTCUjEf|&7>`%sVA)n6c)
znDpi+7z_<{;=z902STuS7?GRr_r~ir;NcxB82)qxVU8L4kY}V9d@O+L7vUK43T%<S
z5#KkC&)BDpuxA;Jx)Ou4vzEPC*omX+Ly1FTqWi_HEV5XvV(@LLg)Yy>NF_I(S6V41
zs5d_IARYs>ooFsIFa(}BB1+0sbcR8b0YZ&{sl1(kn!ZSr+s^63sjCQ7U?l8Y!p|m)
zkc42`#+8_gLxOl%S9+;09alh7pLfec_Mnc6!>P<=>VdOF+-6AzrxE*f(q{f3W;AaY
z6N4}iDQ>E`7-P{^W}4^9ikzn~q6|l8omL*t$ZEl6IQI6UZb|NFFW9h9YOG;wS|U3E
zze@ZqIzKmr=OFCuz-F?3Aw$W{HQ{QMoj7t-0aL0$06Zo_4O3yC)B@%q(anrF5Qk|p
zSjIkWv(yT{{5z@>v&2v;Z3k;R4c@49IKNy!C{z5g5f9~uG<0ca7fjOcmH4Fn0DB&h
ziji>6r7%4Qsl0d^rg`b7(O?m>(ka_HFhIs?zRz)F{tz8qvC?Tyq3;33Y3ya1=ys%U
z)9-PiI$OasThH;HSP22-ou72;nLQrR?xMnwS#-dQ;00#uHz5YlLJBTs6P3mCDpm(o
zC`$&aeVeASGocV|bfi3CC8Vr+S)nClJOL(TJR!%w>wXVVB|k{I0y9W*M6nR-#NROM
z#NAL&g}X*k)WE7|;dWd?({WYfWb$X|cLuWG6bDwpJpr+w-(rk!CEp-yCEXBgrObrj
z52*G*a**r_WhUJq^CdHeIDjl|kUE1zf8?0R_l#HtO@mYehG-*X%w&r%^9w+CRq~m%
zC+Su@4HA^kmHAs9iSr*slr6-wi9KXq2eoe|UW`N(WE$!^JGFb>jzC-#d)GVP+##QF
z_Q)Y`Rq1{BkZDFA@yk(?e#gV;4c6xtF?7{$e0t8wksg$$ITR}?$QH~O{mQG$6q{;P
zQasUd+CfdmfVX0Sb4zB`Odccy*Zeh*>}k(aeTEj&46<;q6wBqt%UNy0>*qB2$-ah>
z8fo@cYAh4DU*Fg0e7s-S1j}2`?)#+vRO45ifg}N09jK2dJD?(DS3i8u%Qg6(x}Umi
zzt`0<Hs>3ps2~k>T7O2fBjRV?`4u79-F0>fy7BNHYORcubX#Qp?3km-Ah_d^xQ3CA
zZQCp4Wo3&jSnC8_y%P)$2(XfH?Fw=M?uuwU6O3J>b}h@I_?(uHoJQ`!EbRqvjAuQ`
z{R1lK%d3Cx&#V7V?=e6CunWIvNeH}@o9ElYhH9o4*qCV!%ojn^ZN#pX>F&IjO5CZS
z<@Srr0$N=)T!%Ki02`5oyzCx+T1}celQ#RgtD|vV|9eyH(s&~$T*RNWaufXn=W2=c
zLrR?~1OrFn02f+YB5@)w9Sry`0j!HGaZ2DJGh~=I=XTXZQ=|6N>B7b6<5G~_-P8*<
zs?*l#Y1UyZMs6&~s&FbpO;>QWSEQ1bK`x&-b%6RTzO*BDG|0eUw3&!glbNmAcn5+?
zqhkrlkjJ<-w7mX}RFy>}m>fYu8Pm5b5qvY&@2Y{<vabKg83YH8E3WL8Hs6^K^3Wbb
zlFMxU)S%@}B0)#3kBCPPb2Qvkq~K(WY2k^a+~3MtFjGikv(+)wtg3olX}@*j(8=YM
z+AC>GZdQH2?7_(~q8Eor?z>Tr<NI2-N}BCNzLO=aU6l8JGm`<hA1fsMr(wGGRw(*{
zx0u^2!Ql(A(@U7?mo&n+KQIpBKKq-=9rxu6DDsDy(m7dvMjZ@y8H`ALTP<w+CC(zV
z!2Hdha?zg`y+VciWbKFv6J@jRXZVq_eYOv+8u(SR8i(d)g16`k;aIuxt>Gxh0sgk&
z7M8vIJ=-@35m;m4)k=FFr|Tv$1VsKn^y!&hfvg+@mld}UslNVJ+>zK~AFc%h0=oPw
zr2Fq?Bv~VuzthqGI8D*`Hx`zOP~T7Cgjgs;Y^VtGA=pqNFnu&}M`Y4cyVR@;go!Cj
z<0-J4yPfF~h8r?O4I>Q63fi1cOdZK_>I%=BJJVI(hRXH}ES<gnY^j`@_w%dy5|i%F
z_wgEFo`@Lq%pOPFH(QZjxau*E!HnPF4uGNl3K**z8dvxln$%&C8VvM}9vN&KO7UG8
z2t&7~fqqAttv$E2K^mTp$^LSGP4$G^=tvi%4hkYFXUXEg=vVm9?Cd%xikwlHY5O}=
z6veg_#PDL0WT<_q6RilLCTWdmvSQN0`KVzgoc{3vuKlCXCa*2~iNRcewY$_?8~)oa
zPFrWC2gWr`Um>Nsa1DLB=5Lzo6XF~3avc}E`HVWJZIk1rBW;G9RmLot@mqKrrTPG#
zD(0@;-(<TPqC3C!DfZ80tv5HPEYWH8){+@MCMtyl+}nN}t3DNhHff<9$Xi(wnP{8F
z1(I+t{V2-C$wP5JBPoJY%fIA;%3dgj+TQ#_8sD;5XxP{*H8en7Ut_O;De9Nt(yThm
za=lVa#LQB?56i$9crF9C9sdIxMV8RNAb%8Qb46=LD#=#ytILPoNlxDNbQeHvj&9vp
z?9bftszb_JB(!D)ZDOvBv1$1S4MSSN)}diN_%}-OxwO25lzh2|?vT}*$z~7B1ZM>P
zX+--mQ**^0>z3LrX?DIziQsTscmfAmzkFOk*&f1O<Y|h6yq=!WP%#Xy2s(lmHrduj
z(u@aVHI1Lqv2=`+*$t60PmGlEOmypF4RH@I`t&Y}l1<slP;?}svS(-v<!lHTt=^+g
zg$wj}%%XGD?vzh|Idl+x`dHm+t@bdFIuZL4d+A82Ai?>2@!oWXz5)Zv_MiRrXgUQE
zcDVUx$f4n3vP`Mrj_;K(*Sk1|U@izw`$bmEtlK;yNhNKVC(WVRfTh=}4S2^4*0%X5
z&i&>7rPE!7T>o^-g<+~*JA5i;La6a6X^-qKp^@D-N*ZGW;fV$O`L9=v7)wBMgMOG`
zb0My@PZhGd8)aQi#5b7IgL|1F7bo=bK7cTf!xhS#pKOwNO#Rd9nr48k?$bAPuLQTW
z{RY;q$U$6pkmcc)PrwHq<zz=xqyphefwkq=-j?t__Sz=7FzV#y8a=7i0TIfYDYne^
zk5{D0oDhhq;4ulD?t)v7#$8CqT`?Y+_%Cs6P!7mI8uElb^m(!y=(r*?<9ZoE7QUjW
zi##Jo#5;P8v_dLU1t^FQFm(Q9EIE~^l93l%Qy!6_pMo(nZ4?W84YOyfZt+n;QzoW(
zC6>aoM-qJ}58~KX2mVjsC`Odec9~#uvHYZ_TLJEb_IFC883f8+7SLATC~xRY#TDK~
zr--ZIT;1a5#-zdYEQxQ9L5}J5L-9J7G=-{Z_LyR+rIAm}(cY>u_5-&TBYC3K=m=rm
zpehbwCy`Z`d+K6h*jXCb+N^`A?{q_WHy}Ed8xnCK2exmGl-QdZ2O4tNoiwA6_lW@~
zTpqR^@e!q1-X+8@0fj#CtKH>pr$yURsZdUD)Q*@WCdo$9dqx@#T*Xk&k|$?Ia6xRS
zfjRwu)LR^|q?$kfCIbJ`Y57t97g)yr71H{*YYG33lrl=1Dp=kKuK=RXB4j8!x&`@P
zf*?_fMa`Zo7-mHvRf2ipy6n5M0M?BG51T~mEPAaIj_4^4u4tA$$_#p2RD2Udt=1bC
zfYUXHhS$_28N5WL_6YIuKJT?#&T+@J!_*|hv-b)(BM5IK6n%&t`1GhTc_fAw{Jz`7
z*lea&R?1{%qjtjNBco1F1Pn%Df4)E2DgzCmY=_Km2cU;DRp`sW2O!<a8LK%15i^EY
z%3-iBbh1#8IyN=Snlx$Lh&RTzzry~UO4oyBWx)Ea<PeS_a~5fKwxlfEV3j4sZgQ{6
z)>NI*0yjT}RVG-SdPr$xLR+x2;$CcuJ$0E_l~!^3VSIM^vwzkh_;RJptO1axnQoA}
zddO>`3vMd?<KO@jFJc_z^0s%?>5`5vX@0`8+_Fe)+<l8N1>VFeFV~1PgXWg2MM{LE
zrCig1<`MYJ;EHoRVVfTC+YE?i4kQb41vl1Xw73emxMvq!Y<weq9>zKv{bAPd8vnh`
zm~+B~yjx+0){BXu7KOhQ4sq&+QWy!t2M_X*JwhY8qhRrON3zZ`%hbxwxUxK7XBR)&
z7O_QB@v4Q9nSzORt;}d|mc50mJ4*p39*NBw499g1!$Oxm;4R*Wu?c=Cl0Wj@RX?5^
zVlRribM8koqdGNq4y`6Gr{hI83T?RyUB1&6ie_)%uf5%!aV=c(^ihwJEiL>W^bkX4
zZ~3{{gFe{T{G?e1+`ECSD7MVxOy$OWncnblwVQHF9VI4TdhnWx(0zDxikTuoA&o&s
z*$P(>5*X$=`{ZeP84YEg@CF!F@MMG|!}$5!UxjSlp87assV*;Ft;BkM1>g3sWgb=X
zGcp9ZG<=V_&qgo&Xxit5W!mKm(>hS)6p4%Y>=}lHHjZVoqZ{U)%*zjGy6NybW7HwI
z(L{uP-zpkk1m5w)NUnj~0HKRA?B>hNq7~RDzX2DdZTp!(%Jp0ePfUEv#d^@_J&qkr
zMTJbUnWzMvSj1K-y&SA`!Y%yAcTv#UUklwqsQt4&Bd>p$QE2kYSk(P(US)q-et%ln
zhivg-mZ5t$Un8G-W$F_SL(-f3KOu;V42_6RX?waX2+8e6yU&VUct;}^oD!s?^N<f*
zbBv~f(#sH`AJ5XxEDrM}Q}*T@)CBejFPF%-HO~ra#<Io3ZB)g=IzZkan|WTuhbKL&
zl@5sSauifV<_yG&kp&j>&(c?qP2A17otRaRnRbrmAd|!k3LoMM^X|w)PZsWN2XDLN
z{AxwW0qo!(UZUUVU|ic(KesQMowfeBb?xTuK(49J3-l<z*-YQ_R#n-ERnyvm%Pu^m
z8VT#69G{@@Gc+7<XcUL>J9y@3R6@OqppN!~83xKWjxPr#aCpu#*wM*+2Jw;QFY{No
ze-<ls=o-B`xWZTqZbKctibLUFb@5c5v=QRAPArW;{qs&%*Ft$&gXI)q{?V47i6mw~
zD{j>~REF7wl1afNK#-sVGnQ=90a9-I21^8vIY1~}ap=utAD7>DQ1lw9wsa(XN70yQ
zTgW!Om{Pi0uy-#gv-`UxN3^7Z?W?2@9`Bz0?}IXA<dY)Xz(7EFf8nIb{~x{ef7&zr
zA98Ei_CmT<2qSqe2uDVBO+MmVu0Sx<1acLqGE>yOQ5l(|IL@R?pm(*KIf);)pf3uc
z=Z&Ccm;2(08~f+`9#@^sKA&G-s69%K7Nz>UJ(D;*mddu{tLs0NZHMzzecOSrm|ms}
z<DWSDo!ea|_-`o>sl(n>rIIctJh&j?4mT|+u~a=2!<Ju1f1R{=#>SUyjq7I<*wSsf
zp3$z8m|-owC2L||OT;0(Gb?Nyr5pEq6$Ng|v@-dt+cC^bIMObNl}XbUD5O&a5~Esh
z){73bCO@$<Yr#XVrkvczH4-NcrJp2?$pw-_C*fs#v|yNB0TN}!MA{q<nP|OiErY`+
z$@wHZH-8UQJ~n6#>&vxKXGA>Y091&~0RuCsQ8&yfr}C!kUO8`nzKYghZh_W`)=UEd
z(W1Txpx@U~dagcsI1RIE#`s0e+%kNGQGxl<{5rNk$GH4fxQ{-onIZ1|O-6v3f&h%o
zMCy(GSusthHB!NM%2`;j&5)R>o-XvjLw`ZxrNHT>I>G&=z+jby2u9#){V0D9$EaAb
zR5ll!ClMwH9R8h7ZlN+A0)sN{U^(N+opW96?b#JkB4pWQX)>M-$}br$B25bAUUGU&
zCrf?UMgD)zvH1&1CKM1LAfx}1xzWGonAkr~hWr;fb(NC#KYSW^=aa3qsm1Fk^YdSt
z$Y#U%UO<?bphC@N8Wn|H*Q|#xXD+21STx6{??j@)zJPoZZ>=N1p&3}OjGv}>J*IhG
zuCqQL-{0kcrfbjs%=SisBx`L9&|$XJUG(+hL%Lw!ohwSb`xBk3;J~%QZ=%38sFV#@
z&sl}PbZ$pNQK>lXh{5wGm-)aQS!&`0v#a2Te8`tZE0f1|V3HAC0-*I*8$`h*XfKi3
zyUc$+`udnl(GZ(e?yd`lsY4Kc5nI4r9sNM!rD<YDP#vi`Cq)=YmIfa;ftEw~?3%7s
zmr6|1o{be%G-61aTOvFXr?H`+D?s1IQ_q9*E39{vUQzgTpd9Z<JUeNY;PQVLm|3LL
zK^=;3M5o)6d;Fx#^M7%RyR|b+kGwupW>@uYGy!AE(JfWmM>KN%>`tFx#Ei}z-lv3o
z4hO_QA`oEQLg^rbD`Pd2FM490_s&uczB<ZknRneg^XPIJ3$fm*jIa}L%O95r>6Oj)
z$FWqpE+&L>Jt_xTBq0|D9(puU|8(@2!#O|gkZU1(W?Iq?_PW*$8ygsYj|4$)zrxp|
zU59R+>rpa18J1xXbpcKpaT)ap;(6`qGrxjd@or9}GV1>E46pQ9GvZUsjx9YuPX>!)
zgG~_LNE59Nh{UdMXtWR162Nc}l7+rEoZnCzO*WgH@%CG40<8sF{{CA_QfEu=a26B@
zNc*pl%D=V9Pby($YxzHoZnyv8NB(7vQja7kP+L`Go|GTtYgt9N1c8hrDFxq{j==SJ
zTHgwvV(rY*?qc@7x4oCa(7{pQ{Lp(liTzDJe7liBw#v3Dh)>?I+J3xs@3s9}XY&2^
z{LBxeCD7z6Knvg7cZ`t?`vOAKKce6CD>(yWiFQMu5{y{c&oQx-r8WfamF!faX(Bem
zjiX(rC0rL1u0Z89tg5t?#2?agm~7m2(FM>x30jt8U?6)r7Hf?=nLIAPal?bGtVIy)
zU#Y9|nX7jVeO>n;D7Hq&Zay=HkoBusnKF|y_ACwGzNTxRzbWTJl1vM`d`9PyN7rud
zWiro7gC!B0_Nwg*mF{a!+9~GRVf|32A7Ow*jblv52@g3qzHxJXl|;xbS<sNL|G^G{
z#jy35Y2$6XkK0`&Yev*OoI8fyZQL*-ypQqG>40h#ZG8@D`xw{;hRmNs|I{N9AVKm}
zHpwmOG5*{!vWSgk7M4q;0-#!`mU9EFG9X?~+Urvw+_vi^$SQPU7swO`Fu_6eA=~SM
zwc)zkmcqNv{CGw65+5O1(#}ItLE;>vNVWJJppY#*#dnUU#Eb^g<G9zq=d-|PyIH8v
zPLUix;8jk5kEx*i5ppg@xkNyfPq7EL;3$*T|EBFN@~P-6YLM$hwee<^hlTOxmwL&^
zn@a>ia4Hk*Q0C1ryTCd*c0N;xbnU>N&y(#<guN-gC0jCc<+Tx6FE|+kB33D-z0lBk
zZy*qW!4&yO94!B*G_!}sde<4*r8bY~8snB+R`Vr(cMCd(H+XPa@WOSTCu5ey>+EDz
z%%O-#*#(A4O9rEF;^EG+FFsX9yQW^Rka?506>W#vs~h4JR*XbAC0bR;5xzh?8Cj!>
zM2J6E-W@@e>l>Dte^v>i<m4O83&>9{wqND0Em*;wYo0HPNgBwwNCEqIneRglQ+G-G
zQwIlo_9uEPf81u~H!SFC!0R?+kNg{U8sVQqZ((|mU&HmmmYJr$=U`9RyxTwg$%I~X
zaLa{U<47~f`aq_3>Dri6S%HnddsBn%4QL)PVtex$Ft?cex+7riYBe1-8V;l!rsMce
zz|u>+{tVtEtx<4!x+&gttxg++udo>Zj6xL0><<B;L3ZLpZVpb7*Dj;fk=B_o;u=^C
zz}5997I(6XRk#)0k!aBMMDMGg?@A8YQ3O@sie*F;Q}FR&=>G)2h50GQ%(C#jKt4SB
z_?f8H9a*Xt(Ky%omDpAg<wat>_O*hD615gFS=t?q`Pd>R+G)yaEFSYjtAyC!0f#~D
z3Yzc@{LdJI<n*|K^lxA=$^Urf|HNSQmjB9NF#n6eoKKvKSJSEvO<wbdgnfMZ$6Q;g
z{tpaxq(3?sg_q3x7lR?T)a~^S;$ymC7qkDh5&{=mVpzn=l-Wdrb1*6!(3vZXc=3{t
zfuc%u!V+%!kzB?Pg1;Ugtk+Vx02F}he^1VjQcjlyO?E9Rk>I=$Sa+d8(np&7l$!DD
z=ULk{e^ViP9P84}Ced-fu3=X1`dLW6MUm>zAoZ(C)<E7$a@n6-+TBrw8Ca}j>ahBH
z67xCn@{1zHHHZK_v%{)Fy~aIFFPZ>NK(fC?qFCi*u|WJq?vQ%sm)vISv_d*pq+tBb
z9dtcQS|J*oft)jN1wruJd*XeCfAH7oU;HJ|X!F1M>;517#V>j9ig&oDL-2gtGuY2V
z&^t{Mg3|v~n0~Fl$<J2=h@A?PnsnKUK9(A`^cD3pzni3FTzE|@u3b3k9l=)pyps@4
zaxYImFCzMjzuuFWe?B}G{#2cJ3n>YA<Qr=1x83=sQAmGr%~8nJXaDGrFybakF?S7z
z`vja0o=okcyb`$8Fv{@N0**d_xJNLUgDx;Rwi#7E!%wFl$OEw5-3<ly>H5U7onMJy
zQ<$WjqmzY3&<&aRchG8ou}yj<S;j5VUSgVQbA!R!eg3WFYdCkL_>YNFP{{wc+!M6a
zv$imD{Cn;t{&$zF;pqp#Jb#s16(o_HC5(R8FjGZ;Fcj88bA5R7x5iC`%fw4-7H-W$
z?$^D9Fhp-4{>0k}XN~4@dR&zET8ASo?_>U!uh;i;b|9W0F*k7`GRQ@|O4QV~J+_o}
zu(`uABEO03d3`V#C+h|motn`Bu>!L^ldh}OU?)?k>Z7%^IQ%OVj#BP?nf3|3qh<^H
zwU!PxjfJ1!*HS5I**kZEZNZ!7T-zth2q_bL)sCmtMk~Y8-Z*aNU`KD#4*<t)=2bfl
zFz4~dY9>ZX<L0tIVi+uB_z)I;Bk#tTpiK-W+DX%ZvFu{H!G0)dSYu|sKZ116aF8h$
zp=|UnMETIFrkftomy)|_a{?3hl(&A79Gxi>Ka9wL1#?;5xF|knp{ufV+f+7(&e9-k
z)`K6wFgm2=E2;H`8BXv`#f9u09KB<vIlHms1p=Np8#Lg_p)Z65K5Pf@{~K%X99-%4
ztqaGtosMnWwr$(CZFFqgPP${;w(WG1PHy+!`}du*_gD9id(N&}vsTTw-c>bg)-%R<
z2G$tip{8-loB@OCNJlU*<3<F4wJH8FQ4sQ%k;s`29f=U%w)HuB0{RZIW67jjrWf<k
z`ln5WQl<pK8bG$*Yg@(j?*+>o2)F}KJ_gISnGuSizA3R6vLoR%F6Q$4<|PE;_?CJf
z^GJiG;gWubIdB*V+woGq4T$T@n0S^y6#CY{8GR;cGTCdwmlFu2-CNsG)5k5@-wCyB
zU($wepNi)+4|vrv-OUsY)+R!3QBzR7^Qzt&xyf%e+xm5;19DvRb4oZj&lhX{SoyOK
zK0wQ!%YiLt@L~wc72<k`Qqz)cX~(u;44r|pUptU2UAmHFPL<`7mwTp321hBONsYI<
zNDZ|Fv5UY`_2VDYdSm!rJ@bF<lmP#Cg<^mGhUWi!loHzu)klvYeEl=h|Jm2SH8K*l
zg7Az-MiqP0mbg>l-D^H_CqGd4i2lvgOw@APKDsQGA6={}Ql?xpen<<?48(0wcs%D0
za}$o!{;8vTb4lxaSD8j2D`Ny)HD>_v3aA`Sy!}wYV7ld(=Ku<1e(3i(RhN#MY5k(}
z49=bc-zsP5pchufut}mlH{~v|DK`lzNiW2C<LzU#5BRpvcaXo|!?uM@gUm0h!h!$4
zy9cvBeWU-nhi;9{!~#x)p6${+%PSxMb|(}wo~Sw!btNa+>;^*S_*L;0;)&SfQ#tSj
z2M`dH_Ii|_E4rUaSF+ypIiSbaox^sDh$25h%hJF_llgGEC32!a`ryfwEJ~u4{S`ZN
z14+l+iLQ+Y#F1jOL*NTkp-`6j;Ov}EA@>=PXGGqUUL%~qh}&h|k&p$vLH9TvxYliJ
zQe0T=b}G+}J3G0)%J9diN>w&$myl!2Km-wg*{q%{E){l(v!iYQa_SOTx#;~$6Tn9T
z_|=4Pu+FCP@lp?)0uhP(rEKK>XP_yHx_rv$&_dJ1alKiM*?sYOa~N04<65|@uC>#u
zqEmoP@siV0jm6~D#vSM$^3WKCx4;)57ErK+*bkExBx18`e>hR=rq1BhTuCk((NuMq
zDnk{d8anfehlU(;qyt1hdTW0GAff|9J$hL9778H|q@-zo8Wpf<r`y{+COzE4!Y=I|
zhze)T?3Ah6b6X+@@jh@P5`qbg8YV!2Gy)a0&^V7N{0Ed3l6U~r6y>Z$yz_kMZ%pFe
z^!DGxC~E+2X|7-!4AKyOsNKAn1j*)Lmu1th;>8K1(G!}`@ZWM;MIN_}2qR{UU~yR;
z)@_WUSL~tru1o1Rd=EozLFeyZ=&GDaCFcWM)#V2$DTjA)xH>^gXVgrHZMGK)K06Uh
zw>ju7JabM;jgQoNhYyELc!VCBzC12jVe1XGeO(nD5{%F0Hr1f`{P^)KWkSOyZPcay
zsm&ZvqW+P|P-|t@qRZa$+)eT{$n59rUvunA_E>x5z6#;O6Fj9oZzY&9?tpB}%2s{q
zxmR@|YO|fKvcJYGx*l-EEP(Dbp3!+UP+vMJ@3n|Csp@MhmKIiHV~X?L#&8+zzSSr*
z48U&MZ5lDegnN60rSk%XO%B0XHvkI745k%lkRuM{P}N=`uK>C!KJnpOq>H+8MWIM>
zD|`JBU1kKc;&e@M&JuOx(Mvi)JozP;s<Y9%q9|1O4sf~iJVKZ*eW9T0GzxTVq2ggg
zd=!KQaJU4i*qeidaYTU@h718Qrc#J@z*n$@w|<TO`qD<jZxHe>BUo~&*{491+b<4a
zT*sB3?nDF#e6(aDpP?3bQKZdDy*JTo<3V*-oj>BWpX*~JdET|fCqG)Uw?JfsRr;09
z2zk(!;Wb;Wc+hUOSOm*9(n7yd3i(|fmy)$PnpAf|oJ%J*R9)pQwDOoK51MFhmph9p
zG7W489YDhG|6DHwM>0|hem%lfAYZ3A5lf02or^2+H)Ef9D5NsZ+R){8R8jAJQ&{k_
z;hJC5t57j>!Oy^yEAYKYWk7H3l)u%B-{_5L_RRbYYlBv!6ZLu6jE<yQCaV&`Vt^B`
zsO5crjw<P4vUZR>3%k?+=*`vDcCg3vcTzVx2E-#M=lfC!st9+s4!m0z+uV+oW&fhD
zy7B%ji#kWFekK+DrgW%wZqxqXb@y*Z(zxYTWc7=YfPw!no9h@lIXfB{{r@S+wjGiH
z!m!zoRYR&Z&8B9}a#g@gU85!oAd4AN7D`LPl3$zzM@yaiYGey<?Q;}8SK9jq{w9ub
z3J;oRr)EVM&(+M#mG?e-Q_J^v%_sm~uPfM|ytEJnEIecp<;KySKYy1zH)%Y(b4E0O
z%aF~}&^c?GyBs!}XR2kaM70rRo2HeSU`xByj>;q=O=17V^oFa9?E`gfNa}7z;B(Qq
zw4A+%W!r)+YgX;hSJpo`NlYoM8kFT2ypUS@cf+^{+OJnur0cRt-x~$1h29qG$~GB6
zxa!j=Vg%}N!n<so>E%C|FDZQoSUWRX&|rz^$<jvMb0HV6QNZ7d3qpR<hN1MrRKLyC
z*HcU<!x`oTN5Ef%&v}i)D6*RJLmUj%9yhUd6-?eMQ56GE<ka4$$`q5)8~BA9rXUh{
zYUJ|kD2`6<{=Cd_@<Yt40>gDMWjU8dDhvI^Nk-TZ;AC>jE<sd@B-%>lXyRlb+-pEC
zw1xdCTNzz3%(8=Degd7(f}+qWxp5mb5Y^DKuszzkDqjH+f05W3^z(`Vd7>S_A|bs)
z==Z~X%mgkl-c9RE31I5w(0Bzr;KE`M-%q>C)@sAlH>d+VA_!vQ1>G)8)O#hLi15oC
zp?*m(7Em^$v_hnPyTvfxg^C^PfRZAI{ifO$N;T*cR{0W+4R7D-bCoT?{9Pv?>xfbl
zrY6q0as{?Y)yE6AI<v0kQEm7P<ndZ`fn%PpOlSvfBgX?Pj!4!Bm`XZF6pzLQE7RVs
zWb7wIN|H9v^GAScy2QBE8rsHk6Hk^=ep7|q_-PHP1qj|tW#2!_K`S&<a0np*0Ftl(
z0Hpu5O6dReh5X^BG>kg@jc61t6<=3fT4ohEM$MSM@)Ds10b(d1W3MjwNW*spemt>o
zP=BsSCZpKm3v>udE3C%akVPIWvHspn#|(*$ldRv^G*4;ik8(eLU-GbE-|P9L2V!G1
zqaFGjF1w?x=?$;rskG^y4`Yz;hTf|F8ZQCNa#Huv%zVj58u(*3S?JSmJA+P)cY)}9
zcfDT`bRX(})IaD_4jACv?wR0A-b6ywqV2KZ&<x1gOK0rsc3ln1`J{y+-+AzR@+BP|
z&%Fy~uywI(gtOhIO0!dTw?f~-#YU#+z1~p0YkFQo&F3*+OWb2yY<)dSW-cxMQ61Pq
zfx<|59_YzzDU2%FkJva5bK3hTI&-pM#HhN|rFT95^EM6hp%xlENc4+os89?PXtk-C
zc-$aSXkSZKQbt8)e}e3%FVTWcXaV5-Hg>d<&jLQI@Wht-0>l83Y1KCVq7d%oZqP>y
zEt4t8q<NJ?%E`63P%`@i+c-!_SVL&W)qtu*9O5~YTahcu<DMJTpcbPTs^|5@NkGwT
z*=K-!*Kqg=1JgpfV0x~}v|uI%BOH4>ul|B2jt~@&8~T{V1R-VA5Iadc=r}p*HB*d!
zDDpHpip>ayGQ_sdhO`sf%>s!15&E4hJHo7&S4?;wS6<6Wx3;lqY;?Ax6|r|6U$!k|
zvjES+={6!O7xnjdQYPaeRf=S_174dHE)?$bKHSjw41z+Et$ADFmh(%2SZPZ*@P{2Z
z9>Yj$cuzwe(&uJ}uDW6b<FwOjnT)j@>{nUYZx?KF42*_QS5OJsLx3Tv4l<}$<@8u~
za;cahs79cqx^%asMJh7ZF{c5xM=^&)bW@rkKZ^vF2CwQh5!tG6?kyP^7QH6anH}s=
zmsHsu84NFy+I}G8XKTFLzxn!_Z}|L_Kcp?OjjOhKJsCSm4@ab*;3Xnl^~}aIt;9Pu
zZjqfb2&S^Wa@mz<MvDM9G^o(XfZk#-V&3ZWR~o;_Bv(jt+sBkqar9N&01-8f>0?^m
z(ylBlp<LMf!dysB*@CK}awWjQ4(&uy&wC6}TQ<^o##T8~cHS`26q&x*YGjJi@8d~7
zrNqS2k9nFsfw37(JzYORcz+t;j~FvmTUn{JqQanCTzB_69Dc5^v$j#d8CJJKvA`8V
zk~)JGD+V+KrUZ3*AT0zv7#-SNwp=Hf@m8ckF{x<5s!z3Cq_HGS==lx6!n<l|p5|1}
zCUmP?A<nh_i-mgFBNpCJ5EfeB^<WqlFOm%Q@G#FkI^-$`>@mZ^ASf)pQQD(iKUrJZ
z?(<7fUqgKgeTW0i=iVS9tlt2M!&!Knn=lR!AuYbb3O(<~&0a$&-|jTlN8mTl+wwNw
zN_4;Z8@G2M?Ll_#$Zjl{i}{(DyimMgX71SVP>emSR|LfsCpP>HD6Z?ZBn5+K9q;X1
zS8=l+C213>9lFULf*J-u0z$`Olly9*?%17=aH-?vsO^<&$=bDqTOp=Uja7XbQi(5B
zWLva6Ylb+|UA|>w$PK|1qdzpzjYVP;ljT}idUs&Ak{7rb_G6^1x^LB&Tv$DKr$Q39
zZ636mTbY9*gkmt4syIkAnyDxkW`)0_DIatkH?&5yzpJ!Hf6JEhm#V;YcTsdSKqQqw
zlpd8Lr*j#hBCmBGkx9NDf9)9~sLk(Ul`_SZ8HK+=_aq5R{~3eR4#VcfueAtzpr#Y-
zb_^=b9vA4$Mz{G`)OqE+oN`6!>T`jX6Q-)d6C7byz7`{6UAbe_iGsI~htZrS%SN3?
zboSDkV7tP9Vxu04s~#K1-bft~GHDK0wPiSNqqVa9!o<)(-dvCNVbohdy{;)MafG6*
zk}Z?~yVt<)ow^4mS}@C)EU&7MO_>5swu`;Y2YC*<a9eS9PhL<EXn;ahm-O|*JrUQf
zVPDb}inhR*tXq>aT7tGo1>T79)GCxg#DHJM%&el1B)NG(cc=-lX;HVY2`rAB?ipqm
zyPy1+l7V3FA^8ODHj`qOWG_0oOgJkY0sNLgWg6?dmNHLefaeqgr6oq=ra5xJdV1kZ
zyjspzf5GAhBxTqihd<ENK6aWvM{LLLk>4=7o;(6)?*ubu??iqr@n1_SBS9u{_Rgxh
z`t6*K+@e3Nl0MqQ!p%T(PNz}Rl5Qub*XlFH-?PfUC)#VJMiB2x3{lkxE6EoQUVsGI
zk3q?grzfa;f+`4eK1R$Qg6o#hbr;0d2*Hbf!0Hmo%scXW&xt#fE`Oh@iHV96#g0oQ
z+Q$-&Q-!8O8Ckj+^KFsVxl#;KS*Po+15s6Mrc$?m{|tjrRnf+H&zY&XWp};kJyE)P
zCDwb5T{Ocq_ELqH(Iza@if1WJOOYo1`oiR}lZEidmg!Hj+-pi!uiFuo2lx7WD(V}<
zuOw6Xzv~owQ>kur0?sKT*?mC|%bo6+r`K%XvZ{8&$2rLs@r^z}sYiIp9CDI)hXbg^
zaYujzFY+@KJy2K9z}i#1KdNdaP0*G4V|T4jS62tKDr?Gd`&z-`k2!eUFZHhG%Ow?t
z#DRWNr-!Li<>+U-C%*ZP1*-SiIWf%MWldDb?Jh8R#%YMP=iFMg>YpR>gEzNm@H*>>
z5a=+($r3Q@F}Ol<4`LRK=LXuAHz$}am4vs)on;VgSOI^o13j_(=O%obh=AsplzZiX
zUV%clMLL<zwgGqzh(oQ!$vSI%_l2H6B)7SnY!b2wc!S{8`i?BHF%5eIYU<^)<H{<Z
zP!Cu-tVeiaV7mj6ueS@P+kFa_h$m;e<GG>eK@<zx=%_qlG{7M{u^izVm<G%?2vfK`
zBuy+zE8Sx_oYAjRcyxn3v6wWm%a-16#}u~RZUIN8kj;T(Lgxl|zi1<bUqZcJBOy>K
zS$bcxo1$$q@9Thj*_k#vN%!5W4gGpPzm$57BZ~>ywHgVUVht;kwLhB)$=Jsz%5$<z
z;nRPXr@t(hWJN6cwS7I@li6)SigX76ZY@pG(!@1K+ty4`gnk>V%9$JGPCeZ`Fbe)q
z`=Y&hQ0_qcqNjOqd%S(c#VRUyqFsHn&(POz%<|hb0Komp9TM>e^*(HCmYN{2AM0IB
zdoG_^;m$v%#eba6qzMB90K|g*zf6qyi;F3mSeh6)n-~ii8JRdaiMSh?*gIR;+5RWm
zu4RWThQWi()nde@tt|+3#CT}QMLb@NZr(?Npoj>HM=u;0rkeCvmu}qMxt48{wEO}6
zitP?ij!-UsX++|SvX^<gryfD1Qr5tIKlwbF<#aUBiqHGId1qyt(ttB23=;{vX^(av
zDw7_~K0-~*?w1~#-A<$)wq1A;ZMt1iOciaay<tLA%ps&hP{GoA<1(7sD7}#VsP9f|
zoT>q4tj^{X`}8sxD^8((Sy0J6gZB0HZf{%CP9X$-bQcKky(Xw5Vis;HLvjNZc9249
zFI0r8rr9L-o-&BbdyW`hQynm@%JFSu5$_9yBN7|xBAf}fSXAAI#DphRp_x-g?X)^H
zT=z9pNe3S#R7BN%`b#@DA|P59;xx%}BWxc@H$F85f#?MN0|*dGw5}1_?!s!1MYh-K
zUPZGwrdRdD7I`XaHD$uHhsQx*7Wz&|(@QS{WW*klrn*^9ZK*?V3m2YGokd8Xx#E(n
zm`^<_A{Ky0z4zN^S+<t?Hr>e!CiWe<q>a>QDI3}A<J_1+a}69@uR6=`xEN~;ft+B-
z*1N%XixR~cuP9~YwZph&h->#q%hWJHTOF2g@=xe3VTif}ewd=_?LzdY<0gXl(DCd}
z59_X_1YC_9w6&v_Y&84c)P%FOouX`A%Y9_dSs7G#AW5iouMn1N-voT<zVLBI=JV={
zyPD@oPV<MN3!{wY_0#iIDLoZ2N}b9`ab6VLhxDunJtV~Cnc_4edWbj$@ZLb;6gwoU
zej^g&)315NyI5rvwQP4Ak(>R-D%nr+`c23HdvN-3v$&PKyZ%IP-u=5F$4*<c#+-e$
zYFAj?ei<+;r+{Z#jI1KF;bYd=!@EG|Ju}^9Z7Hj0e-q@GUV$wd)4;pG=6IRa<I3w<
z>aP!@3n{0J!qnM8`c!V2p=HWaa=w{RI2wKA8@bUe67HqVHL}W03`xP&phks^=6+f+
zp3TpQxpQ9aUQ&F`G)p@nFelo|oYM4NAX?KiumH+hS3n+Ipn(~FCaw*FM^UTIvKREQ
zb2^3(yhXF-TN|90QWd|b$ac#q!KErczIhj40ymJ}YB=rIt#7uQuJ}aXCM8$}c9R!f
zPLcmEs~E9SEd9S^^#%d}fcyVdR{!BAWvl)**qhaafKIWuMR68tF$3M?TnaH0gQDI7
zS}Ly?Sm|xh#7TzM`gbNB^&^fiZxOTJ_2Q+P>7yiezdaKHDe)v3zTNA&i~Bk2ILnF6
z@AG~b8X$Mq7s!H|^oAtW*}Hh(6bK6nIlM4!V40j^l1;LuO4sgGUE)iG2(Ah4He(U>
zum*?r;Z=`4aHxdS^y@66AO()mrX?x{X^Ze?v+;>j==EE(h*RyQ8FM$5TQr<x@56h?
ztio!aIfsD`CTI(tCgYCl3ABefNUGNQBV2TLX#56Z0Cn<7TYZ6j2sMLw`UR^{m-GlF
z_3oYJ%EsY`kkvB5X!7Z5YNO2$!EU!;hgF2+fjJFeeeu?|Z4^fJ<A&Wu3{}R<WZdy;
zY~Ih_-4^DxF~K-fBeyt|kl~<$3pbd1ctN#D(rvVWJa#skZA-_|pISBN5>ild41OGU
zJoHsHGi9DN*qm@7EQ^qp(j{~7Hm5&e*g^-Fj2I}hia&3ujwB1UOSv4Z%ONg}5^Fxe
zC5Ze<x%g3gv)6EGG0{Q;gwF_s;rXp8!Vi}NFyK5*>Yxt6TA!(M^lZNF3F3p2-A>2y
zY6HSML>Vrbe_+^}Hke&&v<%x@43H~|%||@(%2+WIaoWzK_R`O9C;DWw>o#RiA&|Co
z&9r)ml%0AOdYuH0F^5=miMUfJ+lS@fY2JQ1!=Peh_PE)vgqW&xV<S>#by7(0b;Wv7
zR2kBMBA-iY%NPJ>DhDO4TZL)8xmD*0bkS$=Z9*BZL0AEzem(^p*z$K-d-kc^<ufx8
zpKEUwLN;h;re)+i##V?i+`m*6tD+lrT!WQ-lvmPrq+-rZ1rbW7OmuRjBW|ziZZ{Z#
z0=DPKZd<pmNtYZ$%Rk{P9u&n8&THm#yR=8+H47+s$MR}e$Y;)8H&hVuY!}IC!zhW*
z<aER=K@&5ajGlPVx`8|~Gq#JLs}oP`BUP8T0B#MzAgK9Y#~Y^_&tuta70XOZf?e-I
z^)^j=@i9sd%cf5l^aL^Fbwt98mh%oYE0Fo2U>e6?Vw_Z+r(lDLKN)8Z52F<B?V1@<
zi%uVIBWjIz4;(m|$2IXG^7XZoebc9YhVg{)Bd|TvGgPH;Qo7xy_YH<rD!-qOpQ%go
z6U5LI-sK*$&>`7iSxX;qPnp}wBfi>q;^v2hC-S75YkvR-&eadtItuUPMw~2T%zGWw
zEsxrLr80K$mh@9tD^}o$MjmrOtre{Y9z7Q4<rF+qi{^=$<1RmBt=1DJX}|r)blLqk
z^d<9O${`K%e~`X3`(vKnpX0Bk?F@`f9RC?BOwm%Bmq!@>ETtJ(;HTLEO^$L8DiFT4
z1w=$asEiFNEaWXdt;d0pAd|rSA^5r%#iVQMeFOZGkMm3nD46L##hxwke6jlT@@h3{
zvUZ!#7bs1T1Rk|j8K>`(`zkMMnA!BMDQj}SCi#fIa3?3w18kB>XZD6FR$-sE|8}gS
z-r^+HVEGYr{HDvkaAJmo#(H;}5hl8LCHkBG2n{>SlzbUPCZC0^a{JpxnP$;xIeUpg
zH@!B&asuOVEo7WQ@m`yYPxktC@MXH7o%$rFglAgD@MH<qJIyB3h32A1?Xu4B>PBRk
zZ#${CE#!15cM6yrTd>?pPmA#Qel2E))kYIJd?(%sMx>1?%<xl5=i-WNd+nlo2eZ_Z
zPGyflkC!zwA(M;Bf=$0&2Qj|gxX|l}az}wSzLVc%Im5&-jn2o?UP*0O=HbfJ{28ZB
z@^(`tag!5K0c=q}23-5bfuYh<S829THNysHwv3%1!d>{CuD$iNTV}~M!jY%q9Ya);
zH+-hU*bN{;=<H9LKHm+_FPIi7iE?(zI4%q5N3K@1*Yg=D@&rIMP_~PyZPWDWAdoG{
zYgCB1c88=weieFBX)2heS9*O#AY05;q??<CUT{XOiAtvgMP7kg@fyC179FH|D0jH0
za-KnCB&tE7ps*e|s`h&Qz|@rLb9K>SSe~<``XaqVp@*L=tQfZM$dpHExJgE}Gk1aW
z$>mObXpt4T*mBv`WOFrWuw;81c9`njm*jykS6;goFvZL;YA54)b74VSRvrh$<-}Ge
z1!ip3XbJiF@pL}mR5IQoM@-d><TH)f8lGqgM0zQnPQj|ff>v`+00G41(M=0no|2|4
zhG=9x1X{0w6X4|SaU&*t35@7@T%#g=t_g#<#)x7PVk`+&pstEefknQFT=5hWv+vLi
z+!A9-7}1s<q8V9Lb;1Eo+q1V8rOEVL{0OxuSeFAz48gnldV>(M;HzaAgP4@LyVO%6
zCfx;}7py%@eP%{4`2c)KSc5mm4g`Ht=A^1=8`%A>Ec?VM^oS~rDDYpEC(R|>HZA+?
zVbC2YAS;OZr%U<C@~=4vu`--nk*0VcH6=NoRm+k~#1oHwQI`qdrJb`CZ<Fe+7Gg`|
zmbbt1x#<5;Qux6JG@bd+E+29c`4m8a005(a|AUgczhqkJ&#i>5vx(zxes1ST{3mU<
zbNoxR<$0ul1rU5HZ)tOG3z4g7njCtUD8mT?^uGYUO`5W^)-(=Z>9)PIK>PXgNp6e>
zps5BbO)T$EW~RqYx4Hqiu}>--u%nG|S4)Tm+&)e&{7|fk(1QWDF*Z48G+{KitH2On
z-WsTeiBywX9{CX~UYWmy(q~jy9yxT|{e7_O$Xxey6{N9=+1OQ~SskG*t7cJ@MbU@t
zFv+N<T4um-*Rs~am>M#Rjx!%p?C#S3*iOqf7CB%wSCyvQDYN>W=ca<I&m-VNjx&uu
z$*+zQM3O4Exnhoz_RxBj$LfLa4)aT0*pjfEK7O|{ei5Y<LjdHsTTh%oq{tZ*&K@~c
z&p$35JVf6H;+G<w`k&N+{NFE~=|2UGe@;6KU9v5Y`ht$yWwoeCTe*XKy-`Jor4SuA
z?n(`OF3ZGKeREV9H^f&EkvBVlzZ1upvubmwC_T_5aXi7{HO0oXJ>~XvTx-V%5Ut;W
z`WDY5^bPaQ6k{Y0HwZ11QQTmLy&sdE-EITgA{v7$qgO<`!G5(56<Q6`v!W&!w%xbD
zIGw8dHT+ye!}ugq!?Chvzf)jT;XP%V=W<|r2*X;bsBKszg(`GPracZlmApAesV3ic
zGJReWgk((OR0Pp<nrS09q2hr0R$l`opDe3Ek79NLl80oB^FUVwvimI9R$e=vN>)Nb
zL&xRFuoc0)hFf<@5px2Y5aAWAzf-%B|5H|EzZW}hm2Wy8=c~xn3@;H7ua-ym_eCbR
z-s4cT)Ao<9%HUh8-lF^v3~CTSwf!FK(5ww`8BST(g}S1)Ra%DJ^KIO#`LcNQYfn7*
z{!vt5N@M=CbPkPtmXctO{@$UGFjyAhKI5GqjKr3PNHp55453=AaC`AFKTn!wLu|2m
z*!2t1TOqBv%AYCw=p0S<;jT2>%#3i5SxFfNzlYjL8};@1V1sh!A+tuYhQ?mjX6`y9
z%@}Etlv8vwWLv_q3uVF_u`=5lg!WQ`sI*%jys@H<HE6?7jd#H*iDk!bOlno5e#{@*
zO`L9*YY;n%lAIzf&$^hMjM+>@1tu@`&<L02C2Bmg=(JtYpkmVu(R}sbhqWPZ4PwR?
zY>pBMvH0cH_CM6<_GgOZx6=vYB9&BzJQv`7kr-~MWYfrgD_y!XYn4H)2oZxp|2&Ri
zg1IVzAv-BtfJ=l;#Kjd|0nnIpHI~>)AX%Izs}A|-J}JEDXU-(?gJ11=|Bj{ZYY$8F
zBcFx%u6vY)_+GE>SV`F_cnD<?;MyU12pCZoKX!I4+!QQ314wpH8TO3>Nnw!xgGsZ8
z=<yDkI)ij6L09aYlQG-NB2PSVg7c!*{H@KV9)8x)6-G&mI$&Nw70qmf)B)|-o_kF&
z&^+7^7o|IOYzGW)&$Qx^?e8*&6JfI=4Fmx22Kukc9NT{;44%s(3t;ffr_wGAs&?hM
z3stY78ACGMf)5QK@Jk~a!G3K0F8kx0pOB{NN+Csx;qwO2`~Jc>WaqlhPn@COk(vF2
zmdWgh%gMFp^Ys<>J5*{ZeL!VRyDC54GIU!&Cf*Ux#+`j;J~PC=W2V;lBWo+}qG4L)
zbx06>xX>ybvmf^T2$+R!3V|J0U-DPXoW&Gda4&7w5at93Pls<Zs``X9o=Z1nwIMtZ
z(&Sn)&G=2tia|kn2_0IAOHuCAl$Z4Q&=eQQV7i#-C)-kGSBwWs%27-x=Yn_WKiy<%
z^ui|7ez6bKkXzfbko&OSEUNV0?Zm|MW_IS#q&IJAEgC*Y81o)6FJe`y#rfSHNz%Ke
zdGfuXs%tL!d}0GMtO_|RYY4Uei_ws;I3mJ*9npp+!Pcc99^`LrQIT;#Q!i-)$?*6p
z@GSVy>P0lMm9|LRvlN%iN<gkd!8vyY%>4%m?F@MKp%x@;?LOryaaLYC1`)mMiNK48
z$;suBofSr}I=q3H`L?82x7BcDc+1vfL$~7nmYfBPXQKiztC7f$N9B=T+lZ;ded<Cp
z`KYs*3jWDC6%Nk$%v7H*nL~xD@PPgOp9V1ox6JeOa%={8&e|i%lCqlskHjt=G)xaa
z(n>Bg8kR<;74@oUZ~_<6;1kMyM4yZp>%^;r0Dbd>FN=*G5s&Th#HqnYPrCi1gubT?
zfRkF~#{UT12;+<QB^CGOG!0KCF=n$w`&vG|3w1;<w1i_q8qbR-a(w{Z76#syoBIm;
zcifsC7vjqQ!Yv%wzlvMt|KN60_Rq<fI%QEbFF`x_mWwT4q#)d|kc9vk$cM1H{tLDn
zKZu9KW`qlF`@nDVqs?5U%!O&`Hz%jEw(X`koSxoaf9{j{qf*Q1!>DaKR{L|;pxXnp
z@l1HN9qzIU)#DGD7zt4o!1nHw_Fp{duD}PeCs*^|w=%?8$Cu$T9@uE5-7)sh+Z1c{
z;(f&>kRcAV-LOJLO%so*Vc|ZrFn|X_9y1lX1gEK1{`^u_dXd_sE!Jg~;+hs0jPk@F
z)W}FVqr~(lY?GAs)_=ja+YR;?Y-7@h=hrEr_BZ9Bhv9=czA^-TBOzI~axjM>ds+=A
zq^a!y`UP78MFpzG#$T|-@wk^jaWGnX#x0Xiq=$A{EM#I09yd5T=#{DwR1S8*92|pK
z^_;TNV&O^l*$^2N13dPQHtGwDs|d@81Ep3BFC5FvclMUxifIDiA`+B4|ApKahIR%l
z`%npz^NpT`it%Qio4SD=o6(*#dqrRI%(lX{lI2}7da<%hNG_bS?+$Gy^Oi7DXR7n4
zKl@8O6$j$0+gP``l{&81`|i{+tWN0JV771|F-qn>s^H-x>KtGBSTpdR5a_Eu<Y+L_
zruRZUuwp%CNC=fE+jGFpOY!}|%tLwclZtrc7O-wL)}oq2gzDDz2pF5~Mtmh;qMA4{
zc8DaKbY-)m()vKZ<l_(*J`>Wy0;nP3VbuDF9C113ehR)OfB8{92|yt=GGz&-W<G6z
z=9ETi8Ov-WjvrU#b_crA54<rg_x_JsYj(u8z2Ddc`ggI*{@-=(U)Zg77q|`8Y^E7O
z+Ji@qjv(+)BOJnd@7|2PoN*~hPgixPk|D<Odja4LyJh%=-T&xZj%B+e@4u^D+qQqG
zTmx5xp~DhI2KYnL*3@$wTds;hdbMq6a07&}23+$G)}sVi#cfKVE!SWQIwtN)s!h13
zwhJf=Ld1tX-^`-#!kQ0Ny9#>HUI=OOEg6=4=2pdE-~vP{t;E&nw>c_n2E1sBD`YTT
zjI=Y~zRGW!j8vDSnUODr9MHX9XJ~(e%Vf|nJ^K^DrSLHvYK;E{;Kv_nEt<Xu7&G2+
zPvTXo6{Y<?Da8L<y&F3BPrcjrhu%H>NdKz&*wzA$mx|Fv!y&IDE1T}>pynd|ZCs3=
zXkk*Ar)SY%?>0wfmEG1tT}G@)lLzxRc1yOnRUEFl{=hB-XA_|(6Qg`-=_Y#zd`61j
zyUhOSf781bX{FE%@SL>9k|fKU0Fw)6&K9O8_Y5*yjl|UnImPYjTI?W|G<bwcZ_yXS
z#C76@f9T!)V&e92Cw6$^#317b-S2}0JCX&!NzHO2-U3(s_~LxX#C$QBgeH)yB9nWJ
zlN{Q;IHuwmMAIO1!$jxV-hj_H0MGYI-~NGJrjhkxpkExl>)++*9RK0yr@wpYeS`*E
zhev%W-Kj1kz=;Y64<v8>5=IhvIBmid8el@k(iw3B(G#Nzsjhhl{KB64jmFCrxqShM
zs(kFh+3xu_MPGiqJU*@kc&(QYnioIMSAxgnaW0k*vjyg%AfBnt-a?^%uy|HQ`nk3x
zYXIN|v%z9N{oN<@sNmA|!2L#glv}NLi5p(kBsJg1c9M22)yj)Q>Xwbx4T#E<bwK}&
za1fU^Qk#MKVq8aCqj14dwkOz=-i$)NZ(Ko^P#x7*48K2#qug-`>v<{Un5%EBGX!Un
zdRu`I|7C-M9MM{%=h8&&pd>{}5v{eVcqIE4s0JqozGyD3zYn<=qQBF*_!mbXoDIU~
zF+FA!^42!x5ZcVTc@Z=)3aLbYiX3O5nXBJ4(Sp4E8t5Pc&A`6zp&irNa_!`3M&+Cp
zD=?Y3=h->n-EnW+Hr+3ngX@BG^_G;0r7RvtuO!vLZzT=s6S`Cg{cLF&9xO5KP%O6~
zOpN8OZwNs|s_C#afXSR@E}Rr$+LUJAPXxpzeWotZrcoo!JyaIJfV`hZ&k#WYwq#|9
zg$$OHmexz1U8mT@uz>Ho2@{1X7-ybRRC2K8T*0^l(>#~CHQyG%0cJErHReL2M~5`l
zq5TMb-UXv1nhm%4Q;P-_@A~euoMm866ItSnbNA5HT>5$%Iw)Dyja=BPBoWjrs77r*
zAhJ8u@c4eC@M$sW<5?F@n}|{xj1h`KIyd~GwUThB<_0*I{*s@)b_@{7p18qL3U+ST
zlK7jO7NQ1Lni<AR?(_JJPa>msiJUyHIC1#$vK1z<vBYRT2}4*avn+lc<!ftxcEj|n
zb-=r2!)1DnO`Y^JYXu|Edbr8j-g>y1tHMu$Dh@fLKuiDYHhv?i@cG!NCf2@m(NZ*j
zsy59&-w1W}*_0pQ6?EcVTOk7TD{zTiWvc=eyC|?I5lO27KOmd0;c1?Tv?rqVC8GxI
zX(rCTyZmnLD5DM4ia>-_pvNNuj!XfwPk~2j>H809E64}DkojdPK0yBmb%_6WX=9-O
zPaUGoFP9i$_)|&>{>%WH_sdK0Z(Bidi~Eb7e;=Y8!t(a%uDP6ZYF*t_eNoL2XYTnO
zSzK7{M6!gSqwgNSoSL|Lw>5Kh_51m8i~OB)se~coyrw-t436!-Eo2=pm3!mX{%bxx
z#C~G^FKXGc;}B(#--8d=_XW;`Yvx^Of(V;f2pfiD9kHZo=%%2?nQP^^fvPA%cqZ!2
zCJ_kPVzx0<%!lT}KwogxvLYz2It2>{EJnFnV%%lGOVwi7o3f~G8bkBYL0~#MuVFZT
zQ<+9KU^(QV_6<K%`y2Ex8*%j8Ms)vSBQ($%g7lIS&nJI#^H)b{DjFVLC(Ie|+$C`h
z8nr2K-%R$qrTbq-!Wx&oLOwC=N9ftSTuTVF;m1R+nocA+v=(Dz3Sz_0$n{uD5Aq*v
zaSd_Yv@dCWP4M`r@GAJ@>IP*oH1?r;qpX*#^Dq~&kh!Fy7NO<H4qn{$p_n9YZ9av+
z`T2=KN^j+8z?mafvIVA_%J4(yJBE|=ro_T*F&wT~6zk+rS+N1j<*ex8197PIYRcnO
zd*Iu`pZwh1?PVJu8^d(o(K=ce%HYQZ6H89wBLY45kK74{s;psHDQC<heyz|5!`T#e
zex5}xoiyZM1U-K?ir6MGC%;EthZm@_2FIY_6*ir2bO5Ls4)|RlVXZR439zvZgg8-%
z(UWd}452OO<h$}C6=@IA+Ydb?Bgj#?V;Bic!cL9*Hc=lmX!QXci6~~qh=<z|Pr9$e
zz}$WP8xQ}eG!*nVf4_zX0Pw>4A2go)3%O!{d<hv?TPs;On<$xB|M%FLx|chS3hJlK
z6T_(KtN2`z41QBd@uoGaPPDot_G_NJ`6z9(lonuuEL)QC+N5n-_Co-?d}UtXU74gm
z5Sk5tVapebF(Ut&)G%&k1XTQRxtVFcpYgQ_e$P`^#%!GyRJq=hQ`t__JkMF%KeC;!
zZ#LfG;epM2`GCuMWA=`%0KIY9K<g0LD%(T`t0|w#UP2@7z~p1?eu%zoH*4?j<Jas)
z$#+*H`LuN-x$Vf_HmVKk2zs~DyUPJ=5Aoi5*1G?c1=t?^09byGO2}%HlitAp{#>Uw
z_zavD696#v9e!W~esCjhU^+k&X8;&AnWt=T7?2u46W&060vD+zG<dP!@X$XpEaU|d
zHIA|@z0`~`)Fks%`G}jT&`tvD5-NEdrEIe!`-G7ZDzJBaz2$8EQCv~ZMO2lf-O!@v
zV2?&CCb+vPA*!o#?lLq`!p3wg{L$5pp-L)P0(8;lG&pCYOsm9w8VWVZ&k9BQVwR?R
zy{^2wQtU!qrz=0uzfvS70|}12jA|ofsDWz{4bvKyW<L<pK}*g$>WoLDJF;yxeeO~>
zYQJQ!Zm__C&`y0jvtiQKs4$(u!cu2yIi*~AZHc4@s${&Gi>QMtdSI?x*^W^{&vIfS
zLwRUP3DPLr#5J>}JzIAI9!)@D4UnW*-*HP>i*r$;Qa6*Fyo?giyghwWwx|>&LrKzT
zN&O%p{;TVl98AZYu`;)MRXkb5da8t*ltCt0Lv$>$NkSR3q#7lXXT_%VvJFw#C3~b~
z;I5`<-<J|qgSOS`h-6zAQ)TXwydL_mpcGj;S$!%xqK4~dO{h+H>gjm}Hjkti%&nZ?
z*!@Z|4l5Lxq@3Pz#0z%^um~k6Ls7Mr8T~#xmEf?OqWK9BCyzXSLY}??&Uft^N5A>I
zR&q@!dnq?@)J%!wIX4Q8Kl#Q+4y$nIe_uAhl8~k0BSHGQ=GaXC#eGG<HHK?CwrWp;
zairI|x$(R~Dd0gkvxZybMb^0Aj4PW%9VqbK#cJhFm<qMNWKiHssizGSW(0OYd6q7@
z1<hf`&SHbohPgIyz-5&#msj2dY^*~O#N1HKL)zhVN_DT&U462$db+u3fyH?EGX`X1
zzwtf?6+18Fa4zCyV?k!<fkL0d+=y|5QEmJ^fpGM~A`)E<mfm}{=~&ZOiW`s+Gu_Vd
zqNZvZ8yC?Qta2M}03_2Qveorb1>&T-2|O+%Vo#d+E!5GvR$GbdXlKpShbNr`=mVpa
z9O)sM^>FMywN<w<E#%P))&Td8Wl4-m8Hdy<@@~WYaP@w<o8-_^2jM{l*x{S#(EIuf
zvK4jJJM9V1FCpj$MIMn;B0=BL@qD=-?oJXLVr2X0Zm4tS;{&SqJYe|-p{-xAbWx_d
zg1<_vFi0%M19bny^sU)L$I|Vs#NrKPVtGfZt>-a+LG`WPWn(YcZEO?mKYyu?+@?t5
z9Q(2r(t>%3ewI$_DAE7bK09=KA0Eqf*Amt)d=~$<B9e{eU1H@2y(Wq@_M?%>RiJB+
zNihwo-_i|wz_Q*g8>}Dt`nQl))T*DKBr5%UH_CtmvVaXnv7sc;@^}tTv~<0DeT^1t
z?#yH|lGUzS4-bls?Ip?<rgyfI2kcU$^qx_B&9%zNh+kO(Qnm{3eX%8qIy+CTbf?(p
zxg8)cM^}4@yGQ4|JVAz!P}%l}2qVZ<k?ad|E?nL<GlgpMTq3a3pbd5E>Z>udGZZ@?
zq$gG+Zn`Ocq#;>T$3{k<Ghf_C3oEupKXKn+iVM}<9$;p;2!bvlP1a&N$>b`Uv!i>v
z<dDe{mUC4$A=?(H&_>R_uDooVr*F4asG)n5k1^4u^RG_KEjbCNb55Z!@f*$AJ*DfH
zOUvd7c71J^W7pi%VMeYLl7oODMZrOxXxWl&gdV97H{;w)pFpJEYoI`OkQjg5!Yx9x
znw+Sc8XN|Xs9%$GgT{$07rjbdKh=h>%CqoANys%S%i)^&VWYBaYb;H8=!)ojyV8w0
zvD><b`7W(ODu;|4RtO0Zz61u(E9pR!izn%o5h~R0)_;t7lf}fu+y$SRY1)F*KQJ?q
zDnRbjHp2AXAjzHTJm?#~lp_-pId`OH4_xm&v2V9xeomt0wy$)-g~Us7^pV?Fil0Q!
z?%-{u=ut17SSs%^{KdJb4|S1SGR1yQCwjoCbDvHpKO7}h^--q=2es?*tXAsi1i=kY
z_A*eGcBwVf`_(Bq8ZpcYrG-OCngBQ~i*dKu*q2_Mk5cd31O1ZZbscab71<nQWA14A
z^3@d8hbC1azmJvq<$Ra_02_cj$_qQj4C1e)Ss-?}^#ISv30@0Zl6U#xYwlehKPT@p
z=u5q0<$-_1%oA{D?v4;ZQMTa(PRi8}>GcF9GfmD&a0O~D$iX``dnkN_%nqwYKSnhh
zJsGVv9I_JFeBxYa*UPNUUmo5QLtdRS+lpA(5_mGG&5Yd*pTlos#CoJ&o<<e^+F?EM
zxi>$3oH2tyiaTTsT7T4ErZ^J@23LW~9gsn?<!Ptn4xyC#a^@qpTl<WAg73jY>>;mm
znWR*IRCvRJFAo<DxndZPN$np)?<o<D3u8%!+!2MRD|5p)2*5`LtSc&phL97NfWTW*
zA(#c|Ret=HF(HGcEx1=OmUajX^Bv2Y7;{XUJu5|_Mw<Y7zzYWuHS?%Ds)1qvkGXV5
zkr$MiB?rjd5kO}M#Djz%xQQA-69Y@whMBu-qH#p)Ji8gbG{mZ#1}I)&fd$sUGIzkF
z^(*MDDIS!|ogcMNj>rw@#GviOF?;m+28tYs&VEtgjONHm77AT50|!M-A$aT(YK<!G
zD)O!eehMXTIr;pyL%OetLYfH7igXJHpzYWb3=8o+Irp>p^iQNsY;C#nz1Px?lS-o*
zx29mfSUN3P*gOBW1_d4W2Rq*JAJG&HfxI$xcJ2w&jU#&JwU3wmd!BaH-%KJjYvBrV
zQaHQe8wcG*)lKt5g%{2ij|e7EC=`r3e@c(mAI&CbiJ}K&wvA8XYzwYdJ6prQeV-&=
zwqe|1A^{CDC%X-Hoq**z3dI`_)g4lS6A%*!KP0i>?IKEpQ3=T}5E3bkq(v<e?A|xu
zg-++l=%SgJQnemmIu=KZYSYS{wQu273w3(Lw89&xs;8fv3OZ#5CoOQ`FSr%`94Q=A
z=f4`DzA!P_8m#Eblrf_VS{eR+mEs><=EbU!Cd}4sRv!^{hEf&Y$%0wBk9~)gRES!<
z1O={GiX<jZ7MPHzZ=G0H1d72VCVcNm2C(PoNcy}}L7nt`m~vL-Ah{@FxS@DyR=+u{
z*q!TfZdMM5l3W4dXI+j4rqjVc4+?6TO<m>xvNo!y-&lkp{}aMg&lAFFEdygaEOcgu
zS+f$^gcL5G5`44?ylC8IiqcglA=}Zy$t$NY))-tYR*9>asA8|<yIgh^w4H;dd{N5D
zWK3vW0XGU79E_oEm4|!6a^r~FdFA7kkd0Gytw{u*^7Zk9Ek2+x*Mc)f=~sh!0rX?A
z(UY+7p)dDt;Zyjg`+jMqI|f^5c>9=q7mBuk3YyYIBDz{80P#cuydh{)dw>nB>%O9o
zg*6{=YJ6vBV&!y>O2E?&(!`&}p}f`P*Eel0buZGVMK@LnMh^2Gyip@D6NAy@0cnU{
z0QYucF79pVY_(%zb^h&8ytEV;N3hhi?CilqBt1tL{y0_7@PrFww2F_uy;JdBx(jay
zE`?ikHJFA|WMF&QhEq~|aQ6G8SL1%Woq3*byOW*PSyE{Jx#zsxBCWYY);I!0v3D0d
zqVBl{A$;Rb&m5}H_rXV?EnDcT{(6QK-O@9$^pCY8DB2@mw8BT5K~{%TqHa0Tqrp;3
z+fqG1LAYm^q|)pTFk5x|ym{n0ii64dN6|U%+8`aPM0BhORboFJ)%-kKj3z_|z0xKZ
zZnhngDXtB2F3>~|i$3*{>|9l-P-ypt+mldr=}<HRdS(ci@srbWct&-T5IIOFUEdq3
zB5T{Crjwa=VoZ0x5Vo2z_#oU5V?mi+YnZG-)o-dDKEQs0{{1h-KCR;IBENP*0RM|1
z)bHmef4Ue-f4oWS<ZNJXZQ`i(G&!wwBRQc&&!|Gr+`!1t$jGW_4-2P2&q&X_FF7?$
zMN2^`Lpw^>KqE^#Mom6TAv+-@F;+VxF(pAwODj%2x&!o&%=XiB;jYv#KOXAejrcPB
zC*r&QJInSv;!7Sy<IaEchZj$HD{Ev3@ueiP9;~)?y&kt?ikWF1$c;CV6e$Ls*B{>G
z-K-Ua&@tfD*7b<b_deIv_YWVQQk9fG)XKJ9mmiM}sx3kb4~=`{$v(`$6Jf}NAO_ZC
zfDI&03&!bj(;flLfqXsS2;UHI^@{?J!N__n{UK^7x=ZnTFYQ;IyVyUR_=5j(;syS2
z;(z|(#Dl~nZziUmhd)=%!QGd~_wgE;tB8Vnnu0CjhHhk7I)obPh<|i^){j1R)?p?Y
zm(&!{Z$UQOzssjNVKTjFDLQteg$>yo>cx`J-4Uq)OuA7BQ(6{#@@}+75ZUp>5!z0?
z_5h<wBAMprzpgbe9MXHe?wF_%Q2rI@{kGRqsEIemdzHUe=r4i4pLVlbc$R-;geZlw
zS9WJgj>~4znU1FKC46F`lWdB?N6ID&JVjq@9JJ2%SF9KF&sgu6+$qAJK0L$`gbR~_
zTqvhAH%Eg7i>xG;s#4U4ff5gm;fU%+nq3anW_N5IH`)*uCv_8{rysF?n)I=gJ5O**
z<7dsRbZwab?(L^?g25@bt$JP*1H2_ZV{u}ptG_FjPY3t!EF0k^Xu(qW^qg)L4PM}4
zDqKRjkI<8pp?c9`FMv<7d3Pc^IzvnpzaWRW=rxHp9#9P_H@)s#<b>M+?`KHU*WZZ>
zgg+7$XlfSI25|Rj1eQ5}B`WSgH-?3{NB)+m_$_ChB_Cko0DlgM*8JDxjLzJ|+MebQ
z<k}lJo70**+gOuK%tC(u0t5QpuNQX<<Pu2HKAE`$qmGi)`2)=pSex<{hhZm4N@01n
zJODdg<__w#M;T^-+SHS^w|NM*7HGeCz7=EcgO2X+=WpP4e3SwK04M|p08sk(&TnLA
zYieOeYiVL_?ct+hV7DiV@bgNK!K`^K+xSAtrJ52X0*Ag=tuDcacCys6e%U=~(CV@#
zDevsV%Pc0KPyt&cFgx4hdU9flzQbqT!98D*K_Twa>bViNX-cH`>~cldtg-j{=`x1p
zl^#P~L&N~nv`(L+8nwA9!u%=Gh6?tZch3iqUb!O56~}n4&bX#RyV2NpASHPP2{x}4
zNkuD7c6mujf#i5KVcT+GO@Q*}nLGp-1Z)}g7$krGSYkBKGbn>(@<*x!lx*lPk`Y;m
z13`iZm$6G3=KX4nvZ&q*Wy`W}5N}Fiit>FlszL2sy1i8MDdsHV6-~zNz4rc#9Ck98
zvddYQ>eKptof9b`dDVR|(X!yK>g{vhbF|eZoAxD?;83P{Y}KNLj6*fSv7`OSNGOLJ
zf*_$Co!Zl9ocKiD44{iX5y|yks)laqkV>knV^|ax=t>aO8pAKbPBzp--6&a6YDt>3
zXMyR_04+e$zY8;GuTrdgA+GH>SX$6AittF%z!^?zZ&WIXQwBnBfdq7wG)9~yM6lg+
zEAFD~%!01opR&k$(yZ`bV$4>9azPME>LmB<cA3)xFH7B9aNQvqJ-Vg<c#!zU@Cb4O
z@Ok?14VYcNyf~$RSU@=#hKw%~!pxwFCJlOGi9XwhIVeQevJJ3B=V`!%)`dX@E%?&}
z88Z$S`k~YIUCh>-8lYiLXk_`rQ}K=Vje72q)oGGdvctyvM%F1{Od=UWrV1ptk3_OU
z^y~u8wSQB`pd8mLd>uFmlIZf3?tAk9yLV@RopDFcWBjy5#3`dMAMJzx3Mc)u*bm=X
zfuVpn)q$%lD9l4&I&^yYQvz)$LBa@0Oe0VXyivMA=|m_E4DLlDEhBIu(fw4tBnt!4
z?F$AvC^(9eW!nivN7_9ntgJsh>^rETfmcD)Q~Q#>y^%)YI+^#1R~{u9EUxuaP+)4&
zp{IATiB#=`sRtIGw>|tWl{eP<rb8NZ*6NmetW8{Fj2cvXqaF44Zwed(4qv^pT*jj6
zs~tzNY=TTP=IejXZ}V+S5$Ha}yP|Ku)zPB3VJ?|q^^2bpP~@y(i52>FTUtZ6yX2bx
zoUlw`YTdm=`_>K)Byz9H*zJZYJ0RNCz8*XH6HE97Y`*ug_M6X#p%<I}oS&S!#b#Ol
zv5iAv6E+(<7d&|3t}-4Ucy|t9jedubBGl<_SF^Ima+@*)oNSCx^k5LLz#^+@2`%P$
zeu*8{Fx0b|$o(<NAZn<IW$>Knmd0GVnSUp=)K{mc=#<aiSg8Wz7b|;`Gp?<%N`iw<
z36V3J4qOc}-R<~K^XYu;r;q_zOie%YHO=fhNqB;78}=Sd=NI{QRE6W*)VLyx4P)G&
zDYA+7DaE-nn{R$1W{lt1FL*a3Ifn6*LQkOfy++CAi_ImlC7D<4I}(9f^S6L0B8l*v
zaUc{G6y;ab$;9&J54l306UB7-(Ak#w{;s>6k-pNw|JuR+T2}v_?h-cn^CxzWzgzp!
z8QTe&n;2RBod8iuO;E@z{>5ql0RDb19xZXOlwZ51UrX)ZJC~%0tdxYT5)A_jD?Kx<
zr4vtdJzO9?iilfJ0Wc&<f-17h_gVHb$S6Je^-|>ro_RHW`u9$V2)9l$4lyf*;g=&t
ztLY7(N^t%C1n6_rkj@^kGt7rm`RusGVs)FA@#Yf>W>Wd68fjaawG+q?pG&JCxA-0J
zqB;cEj`kN~!wqTFOgQ77O!<s4X_uqZ?1-HP?ST5`cksh$P!aYpQ7eo=f*(MCzlj_v
zSm*d(yQN=C{a?0@f4%mHZB&^SfcrnSodsBx$=ASXX_W2;>F)0CZmCOmBPCMO-5}D9
zGzf@vBS=bjN{TefcUgB=Wp($ztDioXhxb0b^E)$h=1iV5j|Jc%hk5hQ?hv|xE>CRI
z!YT{3562{fIe3U?k-N++BrdS^xRffa^F1SYk-;%0QQRipTTfQCE3g+!gQ$3y$$WDs
zSl3e|PBRU>AeMqIE%kZLwmkJ64l78qz!Z#?R<2+Zg(Oij58^tNj7(iae+S07@>mWi
z>43AL=EQ26UN$<>bLH~F>HhN}xNnEH$BOd<JwQb@qxuga1%5cR{XDRJsRg5tJMR9;
z+uYUEm4&ORSz`sxvzLoTyB5&Yj5L)H9aiDlOTIX6K|`yz8!{IkK9?szWKAh2G}PgL
zH-?QP$GYfl6g-p_#l3($YiJ^Km_b3M>5;o&x#l1^8y?J6?{qE6j7^niQrwS*Jgz@}
z-1jl!y>2y<2P;TK#M^b74Z8bu_>ff2oTGG!lK$z$QrALZ;*i-{Lxdnt@zVZy+=i2!
zw_Xs^^<pPG%T;y+>{TqW!#cm^SzaK9Q&{(ko~QKOgRw*Frqxc@vABJzzE_)=K|bS$
zOwIX3xfIVg&)7X5=z2dBxf%{7D4cvwb<VH0n&Ec1AM!pWi|0ATb><TP%QJd<J@uSx
zwSMm+lcvliQ?Bj9JPiKHL-hHH1AZ>-g9wc4;w22Ogyrk8)dxkr`xb8U-LOrCOI~=z
z2XZiN9NDP6#o15<n;iEEeeTJIG%3j_cXkFWPjqA(G3P$X3sx70gM1>7p)2KSC{aib
z;HsrGd_j)J<w8+N-;XJK#pR;>ENr~u&b}FwT(`5uyc?Ggxf>vhJkcC^*f^%8aj@wP
zeEu?w?;F(6<Y4DF3QXqYkj=un(Q#Peq{@$rQ&xgsH{cAu^_8H(iWoZ<@!;kxk`6?P
zeyTD8e@aeV*zVk`P?F8-?KoHVp$`By^j?A{MvGEI&Am`&eGj#MqLW)j(A|;L#Aa*P
zh8<-_cvn&BYVgpGqJcT?Nr7q5rj)a&SzBIc?Azog-AMRlmNf*ahLp_r*gQ6IQVcqb
zXibW!=PT$?!z~<M2v~;Tg%L1p)z4V<BX%^#yu35OlFBj}K4FAjm;Aa7FvuQ=7`UC4
zsbM<Dx=RH+6*r+mjQmcg)^#)Ig|K9p(MZ_dgV@cSaigP>%!cUd286^sS^()lITmMu
z+u2d@fs;0VpVzy$tx5hgyE)nnl<&OSW(n5bbImlSsZXcC1|U`YKP=I(U`kH9FM@5W
zb|JD{kwdP`L5)9Sh;I=>rktsfbT9Jb1!Fmr&ln;BvoV=999-U7g*9G{9NEKm7b@AF
z!ME+aTO}_YR&)D{)#yfzi{e8+C{iJ-y`ZSCQOJAn@PrY&)WpJ)c;1LyDF`lWr2GkH
zt`wPMzbFo|NgNhd&x+PNG}DXSWR^#;H5`;XyS<nze3&68DQXw_(rY!4R5Z+^<Lc)O
z%cND=m6OQQ5-1vy((Gb<$=Rz()iK=Zg&mVgtLFl5k2E$|le>5mx%1JA!lyE+K<ok$
zROefI1|LriM&Q0vl_pJI{ZK83m6H)U*o9jK&Sr1TgU>2lG3(kn#|s~SAHDA7(w2-z
z8MCRDxyOm&#K4K?fYivRnk<Gq#{$zAk$SK90zB9kPP^J*#iKvot7?ZatafnnZYXf7
zjP2UdKtW9HHI8U}*h4RB?a?@>Ar+5)p)a=<)WV^h6)M~(XFk*!`thN)E$MV?ebuQU
zt4;VRxk_G9C9A!e-jH%Jf>W;(_~o0zUNk7g{`kisM^?MKJVD0N%W8smND-2Wm=QXn
zxw|JG#A*f(Byc`H?{hX_yQ7;qZ_MR|^0GoDXQo8kb`R-TOxXo}hLL1JD%o<84wp4Y
zswf%z<aH9_!*fW$n<(r;fbP%;&-^sbUgd^q6TQZRCxj#E?QVJublk0ZGpV~y!t0Xh
z<VOgagvapsyq_5G8I3b(lt48~B>jk_SE*QS3&{nA6M7w-H4S>CG@S*f<sy@VdK_v>
z811<C7>r9xR=m@hJH;MIYh67wXEF9G(LVwBHH<T*dWn0GP8f)ei-!x>N*~&Lwnc?k
z_C}FU4TzNrtU38Iom-GIg+3!646N=+XtRH=KKoozTiOMb7WFhB<WdbhBhC_Gio7&n
zrK!NK1RbYR*9FrJ`T?_X{?3ST9g%fqcgx4KCjE7@KCWViu`uVn2KXuJNv!wLLetYN
zi&b(M5lhH|ivGMC#=>QZ7P2-B#sqw79G}z~Gq`+E&a20wqNvtn1KK98z}{;q2<VkO
zG;)L;^R7A73W)w#Pd!nbvWgH8O<wRK$wtyn))z;#HA~uj5+V`7bv5hs^{eUm_$LIF
z@+8V)JYlOl%A9ztpc;j8JE`=Y4l^LmW#(&Jug1f;#Ofl7A}^x&OnVeZjpoO2LMlbE
zGlD+O^1gW4yJXzAIyH_VMJg23euytrLp4;H$CE?8hD74AfNE8Ibv*Py82)`_j7AgY
zSl<hGxdJ{p3Cr>Z2V>uplxRH6?JY*5Rn^p>$zgQnIbm43vZX=KV5te#uD8?Vn>`vE
zWk(D7EGac)V}m8>tYf9_+Pbz>PxsimRoBxQ`7(euq&?TGb2-@$vY9(ZD(~Z~S_ijD
z#Bh&hmA8(*D?z)vL)_jgxm@#~mZJa>1_VK)6FFk0vYGNcyChF&lcHkmT$U_xQw*~^
z%=cUgU&SJEsyf^Ac~nj!#NOfK#?~GXe*79~MUkO9%vr{4kka}{{7Emv_NDc)<9Yq*
z%w=zpB7RoTb%*lara5n2(TSZiAKva332gt!ixpyiGo)*GcMVmQmxY_#yAoYS&Ny#Z
zG#2>XuMmSC5*I44IQXO4o)k#Yr|W+rKb94afL%DhCNx!n5!6+SFiFItbnMzNK0Cik
zc4a)zuIw~2<+!};d)z9&QCr96)$~-Nd8(U!BS6R;ztU@4!pHy90Zre9kN+z6IH;!e
z{8PARHHt6t;=<~Z3+F{-ydEKkaSnB!8+Vs^ddy68HO<#($l%X6O0BQ<Ik)fICq>?!
z1}!fth?K{5KOYT%ret@h1{J-6+f)UQD%uuT_@K&%wgmDVK(X$OuT$U`nU>|5qCX_Y
zZup2*Ne8m7&{o+~{HbVeoFHXoNgmrGm+$g3?nQ5Oa8~(NXQZz8>wJMQHQw_4)kYMh
zMQWo^i@R|3Pn~u>z?z@kU!*KEN2m`0$Hxf1|LjuQ0{kfo1C*kgsx|M2?CR%v1b|Nt
zrzizx)F+MFGdkW6Ecv^3h^0e!EUC-LSQm-M7cj=;40UEC!)$R{Ag(*Sb@C=M1RjxG
zlj>QVXQMW!oqEgQx5O!{B4tx7mci6tFtUnIYWcj#{p7N}(M&+AQajINrQ5Q$Y&OkE
zgHVrWfYGDqc*&?M%M)&Xm3Yq`Og#;@UVgDp*=dXK*Z|rH3j!@{5T39+%2%VKg{F&!
z#y}&%fHJ{|Ozq&K)J_XknO0=#o1S<aJN82P6^o`vCZ0&N96_{|nA)WRHjle%T#18G
zd8jnDq8!FT{o<aB1@#p7VB>Y&i$}!$h^}7082j*wjSrUHJ1CS~klRla+vYI6)e~W~
zfpzu*A6@T+Z#oHk(X(~m!HIjXJQjjJW_|tTi@XyE69}vvQ^jPwXUS9owUZV>T^*hJ
zgIs~gXwjepd&>5yj(sssEh9l}ZwRnm+FIynT5K-z!}+ExHDC24q)V=>R}bRiwRM+}
z+Sbz0l1GYN;d^JKT|ZLstFr1#&!L#{qTup_#QtQb6H(~8RA98-kD50&Wx3K?eyEUP
zZMEiZBrYc!AM9AgR8b_qCS6n6#L@rWOW~D~LLdWkwjY-M2u6Cs8nv}5Q^NkBMl-w7
z`Mgs#r$bh_wdR{z8ogFC`GHD}5~ms(x(SM$uwI8a{pXy4<~82fIdj<x{6pBrAD+L9
zeWsn;;u&xusG?=^kfwu{BY}6HbbF=<>?tS>e1k4}ZLnp4`HWxa4v(f4H_c`#j2n0g
z6<_ls+q*UB+7Dy}`XL>3Ghju}C0U~CY(b<S@1-@|8?(Gphji-9Cskm2!WAknDJwA4
zZ8{)HLzaOYA0wD@j7k-;q(5k`qEH18Bx$)&HL_=j^XfmMtb7a~23oS}P*xSr@Hp3Z
z<im&(pncX;THW4!3q-B>3R}dy<s-!ebVPgcRpW_g$Q5Vkog{cr@>ckX-KkAMS{or=
z>N9L~|KeoiM$8=-s7q)YB4b-X<wBr5bKe6(|H#<)tm~(v0|&MY+w=^3{2liXx!_)>
zo{^+==641dDFu2M)9{g~FX|O`nF9FsV%N^HSe8Ji9<MmyHIrT*KErKET)T^3IdX(T
zvC;tjVh+KNc_Vs3T(QW3Qu$eg3GCP#8DFjteizs=#VZ(dx&iWi{>}_WfaMz0v?se`
zrEbvyC3$rq$#Oogc)k1_ksfX~Ji)Fz{^>!fT(R5=b56X*Rx@fY^J~M1Ko3^W+Es8X
z6W>ugf}>Z<G}t9U+E=Cu{dH)j42kmlSy@&u1BcdHR=hpu1B0kVRJ-i5t)iawi}j#F
zr8ahOwHbe;Ys_OkDdd3Ct@#u_A;+w@OZ@R|9Oc7s3<1+T@N{n$z#wPvAe&VgVngWo
zdWxXT(UT{IuSI17Gh!`i+4O25Mm^H5Q*>Oo7!9kc9*y3m*y^4LvfBkm+=yA?uvLb}
z7O=!#t0@)C?s~<mPoam7XvL5?0TGr758a9f3l&nyjL;gye3u3;F4q#?>xE^(hdCV`
zwnw!(XYqIX?kECisa+Rcm)dxBH25C9d@VGmr*W?UvtwC6blN3Vypw^aj3hDy)YISB
z6`>8qF1-)Q_*hy=nIXP08DVqs-fB&TJh<l(MQU~T*$HXhiv2(br3-BS6c$f-jT@Bg
z8CR`-RQyNHJ;b4VpB6~d^a#UViJCP%@i?@;LenE|dF6+4MyKvc@O<%(Tln2;NN-Y`
zCaT;s#-$^a<d6(0vU&ac2h5s}*#Y3*a{8~xO5L=D+|(Nmo{}E$wR(x!bZfqVBj}mq
zxPKZVj*lwaOswaw<M}>p^L<)ekMwe)I-sP9b|r*xCA5htvp|I$9nx6qjY_hfQ-F>+
z8jOo$^<byr2MjyqHv3|oxL!XRV;{-43H`;@=b^Z&6mhw5cf{qE7JDdhai;>Z>&=Mp
z3HdQ5`nctm%wpKn+TKvhD~3?v66D9xYX+<+zvtvJLyJ&1MrxKxiI_B|e%akd6i;L1
zGl&*AR)zT~T(v`mk&$r^*KcLw01d&XICH3o^g+PE@>3^tW+s4%u1oS%9M(7h_O(vq
z;(+1@=7Npg#DZZu8lHxWYs&nYS5H}LTGauk_>(9VsxR;?obz@!`_rI!)H>7ConZ?q
z)1WPL(h5f28}KamJPdVIDSorrV_s%a=<Wcp_p@xW?88vdW}a6ia8g&7+3!YZEJ6cm
z`sCHEh-_!7GUXg39g*P?-6ylxziVp@+BDG6TX~n+_}*jO=Lt~KHCt)y$%uRT7De5b
z)m)g)JDP${Y0n&}U}u)Nx>xPAn?2*yGwnB^spQcES``i4Kj5}|6TR$tSihgP9k8RG
zkd0qeb{`91$E^BM9U2e+m^$brgZH&po#VpNY#rw*`bP8Ai{}n|)M=MW8}o~^@6tVx
z*x#k{G(Wg?s8xY~I2s%Z1cd)C2#EMk9S!__-Qf3KFm+9JTv60d7MNz6@I)~XZAoZZ
zi0?>E7?~as8@GZ4!y_hlkjcse%*-0P^)!~7Nw*Kr7901U0;?R1>i+uN9iNzo#d)Sg
z@T&|xoWjnkbGw&&r8DC`ACI~-K=eB6U}LB-^U#`#33G|V%o#Hj?W6-9S3jPi!nPCd
z^l<Yb;A;t5-rD0cOHzGSY$hbu8M+9&N7+M_q->8G7~)P-z~NsVVv<CKZV-&{-iW$~
zQKX9|l$#`Py<rx>k;|=f<QDU;xm|pxGtFS6%zBQwvN_v5(3(-_iF3q^99!887GM6k
z4bQu`CnHpYv_lnxZlX01!fyVkm?>Qdq4F1@RkO(xCbC-Q_;t>MGUgFP>#c?olUT1+
z*9xrr>UfNz^Wi56wc8T_9uAQpV%-}xWY%P5Xc#N8wSe<H$&k|2VK})iYua|aKxW25
z40cv(9QqkaCz~ocJ5$y~yJ{QiyY`-z15y@hCKGxF^@@9s?`k{_@+Z}Qstp&owk^hE
zdZGC+q_M$hl}8=I!mZez-IkP(+0<>8MTh=PvY|feS*Da27Ip$$418kIaqF}CfX&OC
zXh@IO#~5xzijeWe4qPVgvv1sAS3zEM<>YU{p=imiYqyG5THry(ksiMfi9*3r7Pwby
zE4L{-_y(O5YbI_g;1T}<vy37!YHd3$JzrMx`g{RR_CePU&m^RS*tq*LCnA;>oBD}G
znZjJYs~TRC99bYTtS6*&TuDxJ4NIg&jDb7h_$$_@nH%~;GsP(&BMHY?IjRrkq)K_m
zO?CC8P|YFxRiLtYHtf>njKvf*g><#<7h-dX!Mk2BY*OW3wNz%WIm}XqP->9h1rG$c
z38RY3=)-zALZPkn?D5>m+!&G^z6Sv+Ig^j#*cqkkFlv(l9ksMmc4-8Gl4OiIE2(&@
zJEX_5=h%%9CNUnp%p|;z*v$)VKmCU0^yw~*!~Mr-B}y==!czLyA&s>!j5Vez$*Ia`
zP3tS~Q~_iqH7=916d*G6W3ZJVjFQ3@l^G97&fqhY^-j|!Moj}U=!rMQhHQlC*{s>U
zM=R9TOr>P644va&+m&LA05~a9LKdYxa~I!1H@AZO9ulP^wGzEyYcieQJmd8s-IB2K
zs$=}Hvo6|US8i<d@O4Gvk(ih(+5sxY;lV(8nd2mFa}#F7?%Q~FPWn-c`RU$GrECBb
z+7Pib4!?_Ocj$=YkYiQ@j;_;;_C4n|5i9!rz=uJmTbk9_<8@N83@_zn9~yN~)oxCN
z*n*nV_w!;AMdQynn3Ig>nI>SKV5q<*w$zq}boS2*L_IEATt=OnjTE|~bn4}gK!IK&
z9kh8C!3Xxp2uFX**}u#+AmbUiZj~>CtYxfaLF(2+5ilYq&>eAvj|2j|P`!(Hr_Irc
zz>hh?5YzIeq(7jLKgg>9eNKqZ!6ly3rq~V@=QPQ+EiHC*Plpy8B_w@w+A!<_3+rB&
zcOIjR(Ipi2$lN=H`wu6|pTBbz*>oz)Jj5u7HQe#KNUFxMzpEHi7Cj$<0xl4<BReV=
za$=K-W*$>7dRYfRy-zma@*zv!VIqR#byO}?^%9MjOaL_E@Z;fEIcnL9O^@MV=^j(M
zl_DmZ(aVfH&(3&?Eer~r{6JX4VZMq<)xzd}8c>lzL~xz`sT^~rO}^KZ#0vm}tJr6(
za&gx!g$zZLiANmyh}0;-VDp(Vf)qTSDEu3cc7<qLqT@grWQu4SfnyV_BH{vrCNdQE
zO1yf-$D}Q~<kv(*mA>TB2jFwBmIAsvbBY~C^Fj9d?X=&w<+z9j&S3g$6CV}n(8qPK
zVpEGT1lIXcou~FyMs&SFV9B@4SbRqDPI#+~6<1HVpGzxt%g)sSPn;a$nz!TH`1zs_
zg7wEGJ;}@LPg>^+)Mxwc?oxQ0>=fOeyrQ|0cRsjZMXfI=&Uwqn@JH=LB5NcL44K_~
zYX-7|TH&4kRERWsNFsdo`pIGjl}Ky-s*fcs)r6|VY{RA|NaQHRh?aD<xOCjc(3Cu2
zqa@+=wd{-Qh%5d8BPQ0d662EN+gF+>5y0y2fP;WQ!hnEi|FZRY(r<TA{<s?x?zhX4
z=wPg3=xCKF5DaV3SSd$nRV&bP3<+6T39YAxmyar6#Lk*jHC7=(UETlmnCmr%pVnwt
z`WDiGIOo$w&AV3RwG#uYe6M*U_dPe}W3N7S+eU)ww6S9~`G-;tnAOL%a=WP`?B_Cu
zo-#`;R$`Z#oe}!6tTQEb2U%$JEK>3H>E9zLRuyco3?y!EX{rX4w?y@<6~p&FRz`up
z-#3C@Y+$MER(F;s8naYs<WStlTX<5zfW?wCWalY)mUn-y<xq-t(r{S1mbU3}r`Lnw
z^M_N1+g-c{?76$CBX*_ba@5(Dt8mO8jLVJAX3MO(X2j+k(@OEOvsRb2stZL@VuMx&
z6jvLd6LR*oJWb>4px;Q)J!tN(t2eN3v{3<*pLQO>Dd7wVWJuNJhi86qzlQDonwZ8B
z-V8LjIhJU*rRobZOP;6*S-!Vy?Q0Y$u^bi$!wbR|TrP{835s@FW!1zVi4zkFXl+y5
z!Ur$w>e0kRPFnIiUns{R2x-IAPw6b#h%m=1wX+5~vI}!Z(JIC_lOAH9QmhELh1Tvu
zC@N$<WCDBZgzfznHITq=68Wh;3F`doX3$P)b>q2p(8GTHz1+F1YMK@Lh>ZsdQ|ssy
zhIz~WPbou`=29!}$J0@$VO9pk^2E&?;193u3cPL3Qtf7tV|t|1wM3$4)Qw=EiOu&$
zvCSDTBdf$fw3~`g*~F5|W|6#o=SWpW91=wZ1Fz0bTO92j_TFZFC;~!8@i`pcgJo)j
z2h6jd9+dH~d5SDyc11S#!e=waz1@50+HDtxuiTr*ZIr5#UGh-!C2C=kaLx;KKt-Fi
z9tP^6lg;%xE*H^mw4TE@<C4iNNgv{K%HFrW`Sy#Cbiy_wIFxvc7uKH2KXK&6cW(AP
z(CavjULqyC%gS<IT2KnTa9?6o!tJTyzM;JM^;_JFH1hW3S>@{WPjjN1Hb&K<W$!r0
zxC?|)%mRy1SNZFSQ2U3B%Os$K@%g<~*W8Be)-<Dcl92=B3a1(G^(*YRo;Y53!G7$-
zI6`FfBf5Z5%Ybmk-xgqr7=HaMIpyBP5I@9aFuE6Ju00|0r$@>x+q#fp2DnAmFT;Z0
zx^c0|!JqDa8vM`=o)_#js%{rp9k+E#Dm%h+2_4*sM>@0V^T;=7IB!~_bRnpjYfdcB
z&!`b)foRUxo4^kbUe4LBDIBFSdO<NQ?;0+cVw(~S`by^A1IY`xO1DQ<X5tjDm2+s6
z+|Zs!vvr0Y7L04Ag?bJyJIf%~vJ;Q>a%0cS<Vs`D3q_FndF8}KDk&Jn=oC5SAGol{
zuLz~p3pyq=V`(871V1yrhWOUVhzs|Axbe_J__ZgynEp7~rENRPfXQpqXhMxeyTXK7
z2MRfDLo?ce0}UfPgSm~FWyX_VX#Ntav2w2R<>8|<UP4A+x5YaL*>^Ky)lxAD5m*&>
z_6-Rxx%mzwGZvb`HCo@JlG{zOs>AlISb$F2&9yfL;o#da#X%Y9u+3_f)z$A7pttLI
zvE%v+;`X^bJAaoX&L-iAg!#UfM8-XNNm6&qrMw@YE`bvK4C8dh7?OM>%M>B<LhJ3v
z7XQj|6%RpeYSy<%*oBRh<}W{=?#hg6<1<{0xA*<@(tjIK*haO6L%4#D)MvtHboB!8
zHjI)<SzQrx-(QQv2Xo*>4Azw_<qN%VVIz(g^4-<r??a3Pj&!F<Dzplp!k>yVMc3hr
z-(xqi9`c1HgQ*%;@X|8Ut;aTrq;FcKAV!`rMx`b(<|gYAp6a$%@kF)j>n6?fJS%uu
zaIVopY;CXO9D9Z+Z{C=UT+U1WAr2!KiyUe2`0x?44E5CF$qO~!vfbt&GALVRM3qG4
z_qs*PW!p*KiIMtZ1vtSTPQ~rP;;gBa_ADdiDG{4UMn&Di@KYhN=Uu^lUNfH^v_b>a
zM4pR*j(8Uhy+L?Wa<y`e9qG*r0e^ZOBp%oqE7Q(17w$d`N~}!9`4W6A_H66Z!0?7q
zN@aep78$>^S4FKIh?+K!K;8-DlzeXsaSbArTO@J~Moh10TB{~u#f=j>?rS7ab!391
z5-+iJY6k)z;fpB3^Q|NzrG%)t0!^J9z98wOc6d$4xMYC~H`JH$^oxjlOE%uy7~d*x
zz`==z98hs#pnk1u;h$#`|G2Y~F0NBeMd3>5Ch~{xSs)`LM0rKXJ-?xu-M5IkrYXth
z0Y16GA}fCUEd+q3su?KaHxQ$9JFh?TFrN;jpP#?GL;`uIk=_PT*0>N3_P$=Tg?9F&
zd~+!xs1e@LkAV&cN9*3Mo#hMfUTg6hOmyr!ON8*t3bo*a3*9`Gg4;9tznx1|4ctJ;
zooNM4)V&Fzpf_t9i<%@6`jnMt+tMHs45d#^84t?3bZn90t@L<9&N=aXl@#~DeIeM(
zIA8TH$ct0tqD%M}vg6C}oq<tTs@KA?@9GSg$@{H@MGcw=ES5fGGHytj9K2I<c!?F%
zWvBEY%)D@|hE?2m{Z6$+R*e!b!9gl%blp=?pz6LG&b(3G^85>y-da1+fsAzbPJ0m=
zt6mB<u^yMcsG!Qo%Yris{pl~N+r}j9Wfj02CwF3Am&{boO@0=K2~=JAj$NSY4p2zu
zuh-nDZgdbD)N{H!Mg6^$qkMZs5nHb3&?f#3u?6{wTrxa!HIz8{v>s}s_|_^zP>jaZ
zWu>mKRcE_DA4+`eQrFTL?fY7AI-=0aiJpb}nnQKPTnh=bedT&7!r+|8TqDPW5owy`
z#s_^BBz)}9$@RtuU3ebu#<eiFLPMJis+g95MENpgXM?m{!siY+TR3vBqol(<40{*}
z(wo>HVbsDc$0B#gEgwXk2hQg6N0}gh@j+jq3g^^m2Q!h>BK+)w{?Zc^=>Qt(uRiDk
z7Ya2uF>B6#ZOj_BZ|@7c{!Mk!n+X31TGOmA0}tAv!f1Hl-iSAo`A&wJx%8lvCECpM
zK=-3u7jq*S3o<^#ZXWYSTJq5hXJYyTpXO_j@{o9#u%#57GK{G1a4?(Ygdj+yI^J1>
zq`e?}O$j4mtV7wG*dIDx{5wHFldJaZ{PM=+CQJZLF0G7vz>>S}mRk7`AgGDtp3{n6
z=uPAVr_v=wc{mTuBn38{Z9+5i+>4-An<5+Oe&>$H8?RX6oN{@rlz7D(uh@p}C~bAw
z*9s+Yy$_E0Sn9oT*bFNN##B+eJTlSc2rwP#4556qrOGB(hB4)~L+_<mU%e$0IP&5m
zCcDwwQ`zO7)S;{=I92wG&x9lm(Op#K8)F(UP2^v>O#z<7loMrZU=eB4zpyUO18T0v
zjpmMYbCCb8xgE%O_A2&3%?+s@l|U(HCVrR#G`d~#9fNOLu=3(&mrrWcbjx-#g8)#r
z+9#?(qggV)NB-zeGTK(lLL_ir<e05AXA7ilR8tO~D9UHQ(cHqi*J!idwZCbuP>`C)
zegp!1tT{U(onN`bNgYdy-i=S}MMfGUO?o#1oD;&jV5d-?io;8UVVQ6_bwJ=JzC5#I
zFv)j0rsi}L=#ecJ(&9a1&BT|SQyMvM3?5}rym2G5r!&OH@D*{85E~-X!3R-C!NYv+
zCAf~`knxG=qnw0ygQ-9t^3-lhr)r90Qag`{L`r@<V-A00$(Q4_kl*U<Zd{q{BjBSg
z?oS+*`RlRu&qrl6U_4RBv94bk$4asZGu(R&8aJLr9$Ie^I&LQcEtoAGC&F3mTzT1p
zXk{{ytVvp{>Y?eOQL2Sjpj8t;k=?20Ai?`^YGOKey746E)GJZx@N#~@#w9lVZrk%$
z1Unu_5&Ks@-TjXAyoacds{GNrrs^}X;SLZ#y@>Xi$I8oa4LG!E3NmF6IMkaRz^U^;
z<eSCrvaU}z-QSqwwy?XuSJcX8wUL2`&DY}L8f1^OH-6BHJsWhHJOS=`A<T2haLrR-
zV2Z|v+$G}~C&`nuWPncqvjV}>N6LpThR65XvXO-+ZwZCxV@_aqds66}0ldCK``yTP
z1Cc|B>m8UCWw)5gry~a}%I<-Q{DW0P2Rl{ReECa9*iX?4bm`{&jZAoEwl@27AU`1X
z$H-|<+v#q>s$4XJ9Usbep_3%AmCS3@Z6vAf3xN)@mKaCAR23+}D3CiS4O_~Eh&YTi
z<z>bTO)V1-DsCLq>p!TBK&^KhJISiw{m{iGX<23d0){z3($vEo{pdv_Q?#?pbN*8-
z%YH_SI-Y!=CFHF6xA8SRRq|zQx>fgSwQ2iL;D@Sdl?)@6YgtWJF^sG!lixPAxo}l&
zvCNf8V{TQ;)J{!^Rk8O^M{kG9^nXZzP8(rSJ3Y=mw$!7&Yf%-OGdosq-uv3>L8KEM
zs{}gRQ(1U5oQU3qR>L0YWYSs4puz^*Esf_!GujtMb4_$Z>I8G!q~>oF2J-l0jmVIM
z{dyZ7A>37EVVj|3Z`AD48S2T&MbWl#>tf=ztZ>&I>LrJ^BHfkj#Bc1d3*+08%<pkV
z$R#yZTUujU>G5CcC8g$bFf&ef8{-&}aFLvpvn67dv9zG$aI+sGPgZEziPv)lIa(%h
zf2N*l<BGVwCOZh>l1^6>zW9>Q_4(aH<py4o3isS-MVsLRNMBW>*RuE*%-wB`qqQ^y
zQ>?*4G7E267;Q?E!;EYhM^-uIZOGyXc+1r!)CBYob3Wwb#vK4qG?+N&SUjT#<DGG1
zO4?(+z(#wu3#~@TLQfRU@{O8gc>3|&<6CB9%=S;Z>D*P-8f1>8RY0M$AiXt=9u|fg
zzZzO;%gZ(!>r&K#zT+;Y8WT6Dqz_F)8%70qQ*TY0Tg8BXR~@HchPwBF9*ae5LXz2&
z@>p4>Bq<42H>R-1*piq?x6aE_$ON-C43?d2R3#8QloY0Vm6l66S*;Cr08<<;rmQ<L
zT}MNS%(qfRjF5>OeY}qB<y(NRJuICnWya_Mpr}$shH`f`z?qeYK8mtS+!Be5gJkJk
zwI-<jY5(?8*BKG-z!LsmZIzr*83Sk45T?hb(}bWncXL)YB%Cu%n<1XG9scvu;R98?
z2kn#2P59~-XMqv6hA$)5G)fGfN7ybwA}p*Qa(gZ}a!nZU0_gA-+D|EkoUTADov-dD
z!qTLPEHWJun7b)<M;@XSy)w!QTNdk<KV-(^H#K0-QtzfOm+z*ph@`rBvcg?pcZzKe
z%Pqg2E^IJvYf6$3*Zag&yuLvkR*1xq`yR=14@+V&v}$@>df11a@LCcQ%|s+r?6}<%
zYP?rnTE0f&AfwwHV*J@+-L?nXd>^>+UUd^VUET8;IW)Zrm{op~5B5aqBgO2SL-nh0
z>>z~BGouur$pa+3>yB4X-f|FSt}L7(Wz0QadByQ;$%jj?O)y<Z8JdP4JGwBGNl}hQ
z<cSI@8kd!#q@s_Lf^6~!yT=lXmD%mKdz(+|YB}H(SP3)<X}F-$bG+Avr=E_;_J)bn
zQ$`0km?>F84(CGoVW)}4Qkuk(qKsXfz4&DJuAjr1F+Yw;JXLln0Xn71Vk+_Q!Yfvm
z2J0-M$DTO8Fcq1@HY*D~mPm5uzEe6v2J6FI91&%nGjtButeDlZ7<g`}>Jo7YtI9#G
zV7c190q};*0*pb>^kUOKJ8rZPp#<!*bp08QBFWSoY*hFvJ))C>hj#RPr`G2JJY)xp
zMAOV6$Kj~qrRcfbO7ph15OVmVgz<Zi^Ymn8)mko?5&_9=)H*F%y4y_<4XIL2QLzy{
zMYtGyiro##vU$li+(Gv_->^Q9rYdzB7FWKruU5d6&(+%NmLRDbb6lwPCY3)ZU*{w7
zQ!yq^sg4$xtH2Q+Z8SySygUT5h&T-tGaGDGvTk!Q&FTpfN=(7R9^O-vv*0m$5>d{N
zVTTQy>-Lu;D4|cLys#{m(`Fyw!SjElhmJ}mY|05MNsSF%;EWigtnXmWnq$t)`vk2)
zF>4Ip9lukKTtICY=M$U8OLV_PQt`1=ag379f%G##)_yh*<gr43jOcSKDzd3)CE8?Y
z3xsiowdwo58%XTsh=-&XubL;jeG)s#PYg+Obi6<G>Guk$Z9jJ))A3`j05JuJ&U~67
z%u>985skg2=+8ux>yD*W5!NLIUH#?^-TU4f4dI0k7FjbJqmwmGbRsL&n}i}x^EPp!
zru$;<PM>W2@w1N|bOc@@6g+!yEyr3qmIdCuEOY^x^~vj^0a^iQ-3zd!Rr5?})H#<~
zCjDNLkv?!I-0Ew}NoUa;P)eXSY~G|fAahEBY>s++sHf^QZ^if|q#G3!ovB2l)L%?Q
zqx^{v9leICUU`u~xvB+kcZ0Ozc2_QosocgeMh2pIkOC)&wXD-5g<kO!rNremYBWSQ
z#Rrk&pz)aDP3rf&Z~-I`RO8FrkNeTi`z_0BJJ#Ndi|Oh;c+bRZ11{|hk@#-QVN+Ad
zFEG6TS7^Mf$;eAe9aW(SiNgBXHFlpxqPd&yVs8IYUV~6Y)`kn=M)oSIn4kwsHO@HA
zj>{MlWdcCBAekM+OV$ZQIZ%<h{C%~74BFek6*Gsh7UqI?IaNnnDj#3_U1pJtqzfQ}
zyv)%J$zf)MOYNmLN6wG5Ggy1+iFn>B5c%HKV}4;*f>097Mxh~oi0hFBf&+iVef~Eq
zsi=l;CZY8BY@oaKP`%Kd-&~ltC+Ue9%FYBwVMceIz7P&+aQ6s+?xBo<2TiO5HybWD
zFBFSGhsq!<yaY2UCFYVb=W3;rlVXQA=mLod6*n&nC(KbRtcut8U_@1>NP}|~>Kj5d
z21y0W)I}X@OC$S<i`aoT+UJO<XQt=u1erdD{VlaeZ{7F|BLK;ytT==9$&`GRANK~*
zikt6ll!sj#*F_Qu!xIT<vt|b`X;CB5#Vcj^b&pp83|KZfceyJVJK81N-BhtAc6iR(
z@CS6oEr~=oB-41pl;1MuzXrB`&-uG4D`7R(Pj&^J=9)$W1#t3fh9RNmLDrF$J`i=d
z)Tl7{!J>7U^6h5eb!d`+;I$OrIY`mX*+k^=53+}%^zrR;bN=ALOz8<XXhQ}*7sy$U
zm%oD82XIv?st<is7amsaC*#I$)52R1b2>8VC9>un5_*Rr>`uIWBXo{E6CHR>429DQ
zRbMa>S2jw44%0hCu%@7rkerw9nERdRI;DgSiNnM4HfDs%I<Z6fJ1iN~IGcH|x|8EU
z-N~um>9y&=8XQNq@cZza5Qs2Su{0^Rr?Ti2yOjA2+kNzwA!2=d^texyj`J0ot@6r@
zeOU;Y@1zna*PU>B@NY-D5<{%VHJ~6M^5FmB&e!j4@&4)RsH7`DCV<M@PM0u2B`tUl
z?Mj~@fviGb#<L|U2?09>Hds1gV`?vl+cKSqc^8&H6oPE2^(Kn%d@YXRYNvkeeB>y%
ztK87b1)nq@@B>^~4CmP+hHx^Z)5Dfl;XD0^YM4!o@~LcW?-`6Vo*-u*pK-{%kZQ9D
zwqcxgBa0u<W2UJsqtbZCIL7^u5YvRDu*2q4A^iZ~e!f3MbcFl#iWvGiM2V@eIo1_k
zuK!lftd`)GOO7mZg#QIad^o@@X&pw?p!0PI2RjotBCWb#Gau}InfdrKZQnuJEN$i&
z#4}WG?z-uz8cp$JiToBB;b%!GYu0G_(^BzG7*h&JxIFI<G37luk`9-M?GDDean-Q6
zu6+rGv+L`X?4I)@Gr|z)2oN~rQpL~fT(ZR^RlikyHS&`B&Y5ik0X%?Q$-KDrj?ZZ}
zuSKb7qK^X{PPPB&GiNYM7FcI<_WVufrF#!!voPW?o=oapgH7<Yk4b8-#O5j+JI)fn
zORNZ*F^e)~Nz)%$B0FDBo#BJL44G~f1%Gb!F}aNQqBNM>T&dkt^Ti|X)pzxwq5}!}
zX1a<z%>1{U3T@A$6`lZ}3PJw6Q=SUI(dn~(C;^OY9gG1E-#F#bh6y6J5#AL&O?y0$
zR~)hjPwBJ)^8thwJ}?jrtDvF|qsHgdTW_ABd9vk!L}z}%q5~Irw^_{bVd0|vt7COc
zR-7(K;kTUV%z&MZmvx(Yv?}AO)8&^`p;z3rn4vnTR|+X2(A`_8PZmv=kV~Io+2W)P
z#4#z&y*R=wd2HCT0h`6zd2f8@R--^ERq$5<0|CMMwM)gUe>wr%pfKL$l^e0bsU<}<
z%bbOUkQf;$rE&u!$}FN4^(B7XcVuFO%pQt2C1<v9hTj1$p+bm%2Eqr+I4?UElByC{
zVmQ>v_mmTV=#=2WD^QKjK2&nMRs;;Vo)sm~MElP6$3eyTWsC!eZS_`GW};(@6AmB!
zXCf>Z2PR$H1u;7^t?s0}3UN2~8*`2PE!?g;CjL#h-NrBBc9s4Nw>yXQTew|}n{c}y
zpG6mG$GrX=Zg(G!atHi#xLxIfJ%&HS?dE@+lr4MUKbS=GTew}hf`HMWt~BYd!tGwT
z$z&$%b3w5z<YESoOC7t_55<Nz9W#W~GrsdcRH2Ye3JBaD#lmS@V>rER?T;WPHqaHT
zU=pfTe#{f+H7n354tn2H#<1^m&{9zv#V0E_K}+4FX9nXQ?J{QOH&F~SxKr4K-AOah
zl6=TKRK0C)eacJ2?56GTtRXGUc9iPNqFZu-xG<g#k5&~WjyNqs@m9#E^1O@2U?OdM
zK(l*^(}I)#S_Q+zut6Dh6E4=KZq9M?w76H6=6N?Yjy#$NH0ItFQYyT3_f#O{cC7m_
z>rK?sqB~}J_XS?E2>TF>uJTHbU~g%rgw}L|mrsv?GSv+Ac*~%pn>#VIaL1XY$+BVC
z!{+;nI7EdtGjni5=*T+hSDwHm)Ax9tL2h|HUd^`*l+YA%DPFgWSjT;BgwISm7;6f)
zHAM36*b|i99;fcTGXJe*H*S;rD8fMf^@RB8nD|NnM_Vfwa~spI?!EZ)?yApG+7swX
z0*Do;Flwmu>8Dkjcm>>u-m4I5`N7zZ?iyn??66c-AzYzeLpH~C-0^wD-{<C{4V_@&
zSuXoJtv}7N`6zvgfd7@(opN7SHgd(Z780Du!;UVh39FJ7^Bua*EUQez%)Y3p7+;nd
zc<I~=n0<%t4d0EOGamSNA$9)qGz3gJt}4<DtJ_R>FW;CeZ^}1q#hTWZ>Fg0W&>DFx
z%A^`$F?kkH?{eNJHtQ#J${jr<iDbF&RI`($P#>MJJ`3YMY*EDAJu2lqlrFY#MIp52
z3Rs-;7qa8l32k9O{q!ioVB|inJ!8oNZjk}Y_zVvfQofQB*J6GzM_n1S23M<)flCL&
zIK!;<{^4tVjmwY8)Lddkgw+RO)9g7Ib|~f{@z;eP)c~mtZxPVU)pz>p%?{~l#+E<O
zSj`$}kOx{?JL8I3E51X~z&X&YI^YS##)YG=bPGm+dtT`l&aOGIWKFY<h4|?x5c56B
zq!0?i`Dy%=s^V~iNu+^E5;ZXyi%#l66-&3uLx|M1?1lG;DfioQCmEMunBBk}a}_UN
zBfP-Od#+S=mwsNZ$=k>>``N68A2Io+cBqe${$ZDdN$)hdN7!qb+=nnHtikfp)hM=z
zD@m;^=5QaiSCb`+jO{S0RE${X@s%V?+0rSw)QhT&cypQw)whV|+TCh`21Iik9AMr(
zUM|dOcXDujs<5{8K%xQl@_bTPjiORO*Rb@Fhra=1uc<ptbWGkbQ-I;{siaSo8IsQ}
zt)-%dz*hol?cHCz&%yMUeU7nCwJQMy)EW!zDA8q{E)f`gBQz4Ij6Y*9z+OwC1b2N_
zR?|8Jkt~?J#;Np6cayzj?xUm0Qv#5Qa;^Xv9miMiAXh6CS`cPGly5F21kJ$1{l3q^
zt4y_?IlB(DyD`7nUG|ed?QZ0a-K~2aRflKLR}4RdBUR_;Mb{{lA_4KTeu12lAsU_6
z(rs+A4Ihd;t~8GedRnWn)u24J$XW78w8``)UUUHJ2@Lr2Ft`u<WGbha4md@fSRn{R
z=f$6b$R};vO=J?114G)}=*QZ&gpFRu4=hgRu0A9|3}4D=#vE1ZN1DWiOxYhL4xW%Y
zwra7B5t)C8EjpVt2p&WgM>^0}wmnL!-G;{K@o*ij`(8yk<;|+`45jc*42G=b>_?7#
z<cw?W;^V@D-N*@8+eXxBnNCge+=Fqx>5Q%U9XE!T#wPs6@V-z!(kjNEJQ;3>^;1s-
zA75LIGbi{h1cN68v(TK}SgbT2`O}^0xbWBn-D2~|iQ;@e%u2M$i5XL>JtJ`qd^jTn
z!N&f@xgLQHLhJ4^z6Okxc%QVQLzdE@M@w(6?Yhf76If_Qj+5?KV>9K(SUNls+jeUZ
zx(UHRzV9BxCNVUkQ9_I7JDw03Rp=#p;)tw~^U4o2RWx{&`ew7k?%wCk4*!1PmYT0O
zJJ!G2>{zA>=NvHj!|JX?AImjA@^E`}d0x2i?P!S!wznJrd~yYT;D8@<8)Jam=TQz`
zcq>Ai06fHXp&<?-%Uz<w+|ZTRV4<OS?&%^<L%|;hjKrpMx9n3HT=wVWmx)dkNu;#L
z<FLqhpE#-1!S8b{kY&0|wG~I{Bh1AVbRM8~@EwQ}Sdcz6OH5?hiCg5MoxEN``a>EJ
z5JD4936QV;-8d)9imC|GO3I1RTN}6lZ0LXd$K-$gV_-w1`@JF38ky7m(Gq{02HXFf
z#^=^d`)70hQlx{xA~h_C$R7qyOdi35fbjn3H0^Ay>D;WXUaD!^&ak0+4?SOe+>C~t
zp4Sc~jKXH+C6PGRsf6l9Z5EP%rJU0eN>6dI;7Xx|>};Q~YXEAPx`F$&-_>ToqVy?d
z&87y7x%Z2CEp2+nvYw~Cabx~Anng~*{AKtDGfvTTWqzyg&D`#Lao~=$Ta%ocRMfXV
zz~3WSG89Fo3nz<Vst25nuylBc2Cqpqw_rAqzPTIoaprmG^Ux1wA@8nWTOX(uJ`Ns|
z!5PkAr()uH23e6}MsCf);;%%lzJSKLDVLEn>$?E6W=^XE!_PeX{t`z-yP0SVj8Ou>
zL453RS+$h<p*sU(OE&NnT;6U+s$@)I&@vTMEPefiWgOqU`P{q&J!<-%UC}@t>#5kZ
zk-oH2#Z^VcBm5!s;ciDv1m+$zn))TQYjS@s%ny9e{3I0Zd&9>&sH~$@pHP|CAa9nF
zq1z`502EE&VX5G=M6y_gr&}jsVDx>V7aUuq)Cf%pAF;Go^e+035}!Kjd*&YEMWU=)
zW-jKTulg^%x;)sJ3lhg&emK{4+z{UXPSDh?x(I8rS0=U4svS__k}D}>9*~wtTU4hY
zWy^Hcq)@yaM0#F*VN@f6HpOUMWAwy|X0*o!>zPVRkiJL*mn8Z6D8iB<*@AhgQ!`Op
z`TX{y$%G+_7#X|1oGtKolDxUkeS;e1H~Gp}I$VWlPe6FzMvHOE3g4-9VJLupdjfUX
zV(4n6%TgWUpJ_!3Pl!awkU&;9$lrDF!uefX5o`vt9H;m3E>HPLGeL7*@FN_oh!4kN
zu(hUbB*&K}H4i+r`+bZo<#xv*c#a-C#?nvGREoGSgnTjYSjN+XSCnj0!-P8>gVgto
zBtuMcU3AYqySa~no=&}e08*!s)fij8$iRvt>w_~+)+fvP<9kQfi2Cza{_}T~8O#zM
zOLD<ylSG0)nH-X{4xgz=P9J?DW(fi@_9+e%Y()@n<5b@9{xoXno4ifqx6!a0TP8i2
zO!-a0*WNAG!OZ4%`$D*hD=%=xK|VgFzef^?J7n-_DEJYdtaPqaYl_>53&blzY7r?w
z>YWI8K`EPd901?_z&5L11F;?VR@jB*PggQ__j2jGYF4tCeQa{g9Xs<jjx-DJv*P&R
ze%uLc@)r(jE4Cf7nb@xaIUlT8${p>H%k&f9?wgvPn%!T3Ki$aGX;Si_UzUaIy6;if
zd7X7<n2{lGw>te{SAA_N<+|}m;<TIRxsEkVi7JSn?K8zTa~fqTH?{$%i2RL%M|s>m
zS=YSHPfTqtYE$evh>;qsHKcc6l!|!Lb*@h>pXzykeLKpH`SF@>wr~bMxdT5UKV>TH
z9Bl0X4o>C(M}$6U*fxf{Aj4jAjKj`;Fcb2b(v)ZoBXAu~@Yzf-u{pytGjrNaCL&_?
zkQi>(42@`-td7R@+)y*V6(0{rT-ED&pXwv6=cvWWMBm9C)PxLXmF>Svwu$sUk)!UZ
z)5UnXGAHE+m*yQ3k4%;6ux8kJ*^j_65hxfc`1kE9%%8vA1=$q@`8u0lUV{d~1HPs!
z_%=}k6a>T)IG{rPDv2E5`(M8%D<~%^CaSDLCoA?f_@+Pm8jSW0xB~R66bx)^Y@G~l
zuC#Te|GOk0zDZ&g^z-=c@7_TC<_##Y+atoidl&ticbWe3?w3C7$7zs#lZMF;)3`Mv
z{W{4vx00m&CdtC3RtY%N-})c>5<gP5#ulN7A-j^4HT#lCnz0NGW?`&Z#-JooDQ&K;
zkfcy{neRx+lC=~DgX~PmGG>^W>)!jn|9<_p=RWtI=Q-c!obPi!pZA>ieV_O9vUJ+W
zvMkqgqv#CgGWxbyCC7YYDn7GZ4Kuqqy;gHD2koGzn#|%?+_pG&$Pui}Lj@GAa2^+o
zt?ES`r*Pf!N8SRQxX~rnV;h#M;sCJUo#By@iBEg_3V(>W0-g0-U<uG-L)Ig#urar_
zk4*wLL+fpwWmpql`^V{&?vQqq4w3GVkPsM+0^;aRWPpH<91{Kj0R<5pAs`HJga}AT
z!|0ZhmWD~^#xtLPT+fT=oa??$y!d?2Iqy#0w_=iabrOu1aFAayUQ`^tvWlNEZ7K*!
z|6TO!<E7SPBME}PJnyVdU^T@V|EvPkd61q*(&si2e`63-&E$!4%!|bf(x|w(7pM`S
zV7sdQZOesqhNfsC;FW80bB|UQFgu&#6w^+K3+EQ2wA*tblgpr2n$K9~cO;dkp<V_J
z23zBiG7^^&8mbR69?E>UYxjQQL~uYLxoEsAoWBCg1LZQSWSREm0}$>}fl0Bor+^@_
zpv2$#3t(Td)&WZY8iU+#-4Xc~yPs_}G&BSmE=iaj;*B$BZi!Ws1gb={#$EP?-Sp$p
z)Ac6O4mh^&3(YIA+M&fbF7})-@h+%K!P_n3y9)LCoUW^aPLjgx;j8nIy@IdU!F%Q7
zi&Ed#B5@t5+jOP!Cw*@mjz{MdE1myXeMbTwvNrBHhF3k24*hm#v`({PR|6wyHi=?i
zzpyU;I?+_egQf1_DqKAC!ZvLbusn}pF%J116H`BCm`@B;$c}Fz^X_>nzfyp1J(z1A
za14Ng!2p{jfIXf@_uvQxCHw5(v_5xK7-5qNP221+kz{?SXnAz-c$X|INeL)zi=BMu
z^TvAnlrKWR9tPood4Y)ogCMIMvWC8V&UBvJqmL0$$MSEK-*In`7mM~rft&E`epg~1
zHH})5o5ono(>qe@Q!X0XxA`wroEf~%iNe@^Fr+tsHRYUE8!PT*E@=YPUm;aC?g-Ky
zQuL$^*^nhWSh`a%`@!U%X#;-*RX5oRJxXx#(NY0e%fg2#l?$?`qu-Mj9!C{sSTb3?
z%sx6xd0J8-Q<UE>A9xCwD1aATQVZkVHD!he@1~a0K<r5}^n0G;AZG~fyccdw>pZ6|
zwCpDnaIJ$fP=t{zM?>x{Y{x(C5Km;ixXXtgW?Kobq{+c$DsQN8`YooQoE^TL`emJ0
z{gEeyrJ2dQvfhPnHxP1LjSdK7xI#b8P+x}Tx@M$mm|KhwEW1Bx``NC?FZ0*rsfa=J
zo9O8~l%2mW&?zCZR^kmvbIXU{>LT}WZ=LHFijdrRz|DgXH4a9OlJ6ZzY`=o(#a&iK
z5CDbXn3>{U)7=i-S=d2075JRAaX)Xdv>?TuT%cB9II;8D*X2qR#F;+WJG-*K3#`3A
zFsBWCK$mpe3NFr#v2c~OaU*8wonB*Yu<P#k%Ef+?qkqToVp%gMi}X{!Lm#iKorg^9
zfgPjU{Sv?D&QH<(MYNt-ibdzR;{myKlAbmfx)V>k%rn)^$if&ke~!W!aCMEJNR!g;
zJNgt;ey4KGVr!M=cc*^Q4dz@$E#sH6$c`=MpJAfRsAyscEtG?eGW`3WJ!Or10D-*?
z7FWkE=C!wCu{s9qtm<hcGovKPBN%G~13acnUNB<Ivee}0;rVv6Z&28TWL>wXI?y6-
zO2cC?v6TiT3kp>pD|LfmL~VRcY+|xwl&=HLL*BA?_rsw6^XYe`IKz*L4MYz&BP%(O
zH~$37@?~~zUCnmR-e;MORf@}UBz1U6pP241eL7N_q9v++Yb>T)H<>1{(nRP+U#$o-
zVJ@f29&nf5-eRXFa!*S-9se*fORG}!v|U@%%yr5AXoujH;C*XV?Oke&m+u?y;p7(G
zM1=tu^B@USj$)s-tFhDuy!pG45^^F{>i#KBBtzj+(_BJy&-Tr)ZEDLUtLIavOz;+$
z_{h>fF7}s($*b)q^`)mwd22<-yb?pv;`T6>E?w_Li+Jl$y~^%}Z=Tv#%RKz-xzWVw
zbwAUXoIO)`7K9#6`wU~;6*p%eb~UdWIuF(7)0+`xy@T|KFd#)#G(aMQm`Ul!?@KTY
zalL=|Qui3sq7FUC`T4e`bkF0$gTK&pX9YUAw$OI}#IWhtTfZ$QKKK<qhO`5nS>kJ5
zxi;seY(|BRbahFosb75-&V28n%#<CaNVuo@vz{5_;y{~+W2AUSCt93MBJ}b1l^&+M
z97041nx>CFYH_DtTk9wSuUNjR4IzAFPEtYgZ7{=FS@gkTmSA0PT}%0<HfQ)$3}jJP
zzG~Rs(=!N|_F0AEQ^9QuGspX!<;{$!8xqZh{fKdy4;O~hxl=9n2lk@5cc5<cgag1?
z8tzw;;~V9?poQeH!jh!4{>Q%La1&aUF6()?eA1QNxzb@Alrr!^f=W1pI#GMbEnvqT
z>wxECeU!rGDx4`v`HtO1fU2a8!3UJT_*ZXEjP<KS<s3euSBRXjz7Lar6%?G1>J@OX
zG&UWz-Q=X^71S%=Ng%iQ2giv4C5}jOcZNzon4gM1EOTi+E7F*~r$b5KKrHseKl;qF
z21NJW|2`fr2Rc{Jtdh~GQ_Z3IFhl0MY;VPNs{p~&)^rYfPX%<bGDAJ%V#=E835WnF
z_dK;Ff9bsLUq)PO1>$FvI5eF^?)q>TbMUTx_H|AVtuC36%LvSG0Q^|<G2uln4ynL0
zy(DlIHlaWLQFB+ai|y21@9*6qkB*|(8}^%Soi$}>5ZzzTbNh!(E7wO@_T+o45g;$y
zm3uwRZQxMVGLvSXu0Z>cJ#ihK_ig8y=^V<WNq@!A!=HoAOO4J|bImx`HgJ^7fXG+~
zSLHzbE5t(Ky9>y-@nXF0Z10P?lKHlzs-(@}2=RW8Z)J2j)3}C93H0N=J>IX+^iGJ5
zTnJld)eD`oHJ#Y~84~p~SH}7lc;6Xy`5@htU7_knVf2^Xmwj~hnc{S-(#{DP`CmHU
zgZit<);JyqO1`c>5n8bqF-l``i`t)1OOtpLeU}obNkz6yjydPDs}ho58=cn54W?)G
z#11Z0y8|c6cKQXisrZ#>XuDAcLeWUo=edU5ZRirzV+7c>Z~MfXWD@X0pi7+m{Fp0O
zd_HZ6iOY@a`OgyJ&$^AM@fT*(58KXS`;JC_#H71@eR?cU2I9T<x*h*b(9RhyMbRDb
z`Werj^9ApGIDb&{^tBMWV^zNnl_5N}OydE@nkegl=enayBEP2$=1@qZvkqLWEE1I6
zdV=em9jXPELVrR%46{*w22{IkpI<m;$Q;VNqwz{S@J$34IPq@&GL0$AYir_QTf&T>
z;lTPwAO19a33ukoar}6%*dcr5Q1jFChJxA>1qf77MP~A`y(TIDpS~SaV1~kLgi+eY
zi)8Q6+fqAu?zYkqzi-j++q{x^(Ra=?>GHLdz0X$DmVF5l#g~K4RfbR6{gj)%;m8*8
zZ6m&cUgM)EBujJ;0q2+6PyA6o&y8F5iO}8?-g=R_6?BsdHn99a{?A#>JZh9N%Psjy
z#ie8Kd5Xw%lo=We4yg)iFJd{FnaZXV!Z=V>gkOF3V7rmc)!1LA*`H=(bJ>UUft{1k
zaq8=mPL`j~g?BR?4V^`X-9-cym1n-jXp+Vq(Zqfd2oJN{JdGU@#BUM%fdoimtPiz|
z-J;sAo~MVm=3Vl`T;Mv4?;qTim;*|XF>#ZhryxH1k>1BH9|6@>sX3*INVsr6vpMAt
z_@`$!wju$Wdx_gpJog3S5}t6}h2_kA;$ig(!H%hZZmL9apnts!kP;};p&!LCQ4Yl;
z$QKHOD?>a641Wjc<!X?r4W$%+2wc(am`Fq(MtC-R4tO;jic<f6#Qfp$m5zHRYv_HP
z{_^VS>y+Ng3rqNbAvwxfAHo7!%i5`{&5R5E@VG0*;mkefWY)9#ZOIr}z8)^}(b5fy
z5{Vj#z}@AV7ziFvygi0^3+3@M|AOpIaSL%`V~`dTB!mRa1`Va^)4A{ZV;NR3FRiF*
z4qtXTv@g`Q6!9T&Ia7Bfmo5&r1qp5hswd~y6NaWA<@ry!v72Xv`ET6lPn8)$&JXWp
zXft}oSypE0Hpt%M_YNpt)76mi`JAwukPw^+twf&MQEQjmjI`IR<VzHa=*HKqgv6&O
zwL-jbPp#i54mnwCgW~(s#S_Rim584ou`Jp$1wXkkTpxch#-X9XiOl#1qOvQtE=^cP
zrxAtpBMT%q#cNTgl;%ngIhpV>LtnZ08@`f5|A;smnmTcN*`v+3?PT_o%Op~GeX22`
z+~YUURMKBn;_I$zg=$i{W5+gxXVEv213>;<>rpt$M4$35y!7Q4iktYUgw%eRAfVl3
zo38wAktR*j3-MH@AzkXrg}2Fr-Qo4KaG7?Bu}3o9l`deA-79lwMUMI-{4u1%sD|#%
zNQ)$lbk<63Vu`!6k(6gnTn`&3V7}YyV|1=fNw$humERMa4B)Pn_!%QPC%QB=QFSNI
z@iVVDR=9`R+j6-zb<<~i?P>!5ly$P!xHNZ!@1|0Yma4JldZo2zl*mqAgVpx~Bc_Yn
zC!Lixo2isx)&>Qy<PbB5to{S#MFY+H>VU64TH`|s;fpE@xhoAr%^l)~*CP&`XH0ke
z0^p}&+Z<CHL8G^mtGhZIsBK=6B(p*NoN%L%SQBAuwH|!%gc@VVd3=aL6s|P>=*9$J
zsoGb?np)4v=Zoyu{n^f?9VtMxmEAMFCkgB%)d7}U^FLKYX&Hrys~ndSK(!pzs<-fU
z<$+6^MX@RHrR<1o)TUQ3yLsqaj2Gw*XPDD@Z&t2?^kHW)AnbtfWQ(G@fpOIG_&9}~
z-a4+OS^R^2U^uFbw981A9o=ZA^6qMl>pRbJ$R=Cdq`mB;v;FdiVfmdeFBgXw|1jG}
zsHBDCYpmp-v<2C|_750PofJm$nI;MugHH<6XST|8$C}}%uY}w@*Hc~=dT7OOsC6sG
zwGWD=eCO90%juWs=C}!gcgP7j9UF|4@>6X0(M|~eDiaMHGIbkYFl8`%Al*^EjVrUQ
z{Dg?8`1o*qP#%|KOb#GRjEqGHE!wpP`QR0~+j5b1ssqRhz2>2l^T}Af?aQDhI=0}K
z2yBoxL%jU*{>;$0+WY%z%q1fNTVJA&%hh{L+iYcQE`$arxqr7HifEm%Q*+B9bDM+j
z^4(?y%ap{AaL6!Iv)fHS=B5{i9h6)x1XUKm8!C~SW9hAHE(2Z787s-#Vhh)3gf=V7
zFgoX)w2L-%J~HIPjXBut2v+MPeDm~&0r8{rpE8ats^YLa9vp#=hd<={FVmK2zVYK)
zob$-Sbl|R+fgDS?vBc}hac4Aph)V|r4WcTNHSD`A&*hNeHKV+WnlasW%)#+J1C$ra
z$Gey^IOZz-kA3ljQ(bX|VGsq6;R#SDRd&`K@xv%uQ|J<+c@(_^rn%$~G6?_8m6xN&
zlG=-Z0ms8CM$H%J7NV~~=<95&Q{W)_T6P_Kd>K27H*5{BGsRwn`>b3aUDYyOK*-Nr
zdoS0nA8#3``&Fzh<82?&MpOmyf&F}dvfAO45AG9_@R8CG{Y~|zsrP+H{EkTp^}i-g
z#QC?Ih?rmnk$-F6V5pB56edNm09RjMDWm@>tpmJ#rF>ms0s6sUHyf}&%<C!C8bnS+
ziX2yT2n?nrA|^W~K*(4Li2oGS_DQ|}7yEyS>VE}^h!}}>wLJ;le!hVo1TpD<)0C-{
z{yXh2mx@S|K*NlZel$xVA=-LNLd5g`w7<hg{Ra)^=I`YfAPEDz1^Rmhgh+Y%dHq{}
X?Y{|-Q~VtsDIp6G=3tsiLTLR9tuW_w

literal 0
HcmV?d00001

-- 
GitLab


From 54c5872d1b27d244b250d518d6846351be13f503 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Tue, 9 Jan 2018 18:56:19 +0100
Subject: [PATCH 017/863] [JENKINS-22088] - Upgrade Extras Executable War from
 1.36 to 1.37

---
 war/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/war/pom.xml b/war/pom.xml
index e930a6dd80..bbcbf954ad 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -49,7 +49,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>org.jenkins-ci</groupId>
       <artifactId>executable-war</artifactId>
-      <version>1.36</version>
+      <version>1.37</version>
       <scope>provided</scope>
     </dependency>
     <dependency>
-- 
GitLab


From 847a2534ce7a63e2b0943d7f5ddbd4a612a69776 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Wed, 17 Jan 2018 14:52:07 -0800
Subject: [PATCH 018/863] [maven-release-plugin] prepare release jenkins-2.89.3

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index a6f850b032..6610a1ea30 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.3-SNAPSHOT</version>
+    <version>2.89.3</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 77438d3623..8e26a992c7 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.3-SNAPSHOT</version>
+    <version>2.89.3</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 803856390a..38364a8fcd 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.89.3-SNAPSHOT</version>
+  <version>2.89.3</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.89.3</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 40e66224ae..c1aafcfdac 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.3-SNAPSHOT</version>
+    <version>2.89.3</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 4405af0e96..58956cc3cb 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.3-SNAPSHOT</version>
+    <version>2.89.3</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 2904044e5105d415383305b802695ca059ed2153 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Wed, 17 Jan 2018 14:52:07 -0800
Subject: [PATCH 019/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 6610a1ea30..1c717b6e89 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.3</version>
+    <version>2.89.4-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 8e26a992c7..b9345cd9b8 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.3</version>
+    <version>2.89.4-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 38364a8fcd..b45748cc3e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.89.3</version>
+  <version>2.89.4-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.89.3</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index c1aafcfdac..bcf700e1f8 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.3</version>
+    <version>2.89.4-SNAPSHOT</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 58956cc3cb..7dc5da5d65 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.3</version>
+    <version>2.89.4-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 0ca85720d44f71315fdca2723b758ff8711771fc Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Mon, 22 Jan 2018 11:22:47 +0100
Subject: [PATCH 020/863] [JENKINS-48766] - Make the RemotingVersionInfo API
 publicly available

---
 .../jenkins/MasterToSlaveFileCallable.java    |  7 +++
 .../security/MasterToSlaveCallable.java       |  4 ++
 .../jenkins/slaves/RemotingVersionInfo.java   | 51 +++++++++++--------
 3 files changed, 42 insertions(+), 20 deletions(-)

diff --git a/core/src/main/java/jenkins/MasterToSlaveFileCallable.java b/core/src/main/java/jenkins/MasterToSlaveFileCallable.java
index 9b5c88dcb6..ce7d8df28e 100644
--- a/core/src/main/java/jenkins/MasterToSlaveFileCallable.java
+++ b/core/src/main/java/jenkins/MasterToSlaveFileCallable.java
@@ -1,12 +1,19 @@
 package jenkins;
 
 import hudson.FilePath.FileCallable;
+import hudson.remoting.VirtualChannel;
 import jenkins.security.Roles;
+import jenkins.slaves.RemotingVersionInfo;
 import org.jenkinsci.remoting.RoleChecker;
 
+import java.io.File;
+
 /**
  * {@link FileCallable}s that are meant to be only used on the master.
  *
+ * Note that the logic within {@link #invoke(File, VirtualChannel)} should use API of a minimum supported Remoting version.
+ * See {@link RemotingVersionInfo#getMinimumSupportedVersion()}.
+ *
  * @since 1.587 / 1.580.1
  * @param <T> the return type; note that this must either be defined in your plugin or included in the stock JEP-200 whitelist
  */
diff --git a/core/src/main/java/jenkins/security/MasterToSlaveCallable.java b/core/src/main/java/jenkins/security/MasterToSlaveCallable.java
index 39be186fb0..d8ef8b09ee 100644
--- a/core/src/main/java/jenkins/security/MasterToSlaveCallable.java
+++ b/core/src/main/java/jenkins/security/MasterToSlaveCallable.java
@@ -3,6 +3,7 @@ package jenkins.security;
 import hudson.remoting.Callable;
 import hudson.remoting.Channel;
 import hudson.remoting.ChannelClosedException;
+import jenkins.slaves.RemotingVersionInfo;
 import org.jenkinsci.remoting.RoleChecker;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
@@ -11,6 +12,9 @@ import org.kohsuke.accmod.restrictions.NoExternalUse;
 /**
  * Convenient {@link Callable} meant to be run on agent.
  *
+ * Note that the logic within {@link #call()} should use API of a minimum supported Remoting version.
+ * See {@link RemotingVersionInfo#getMinimumSupportedVersion()}.
+ *
  * @author Kohsuke Kawaguchi
  * @since 1.587 / 1.580.1
  * @param <V> the return type; note that this must either be defined in your plugin or included in the stock JEP-200 whitelist
diff --git a/core/src/main/java/jenkins/slaves/RemotingVersionInfo.java b/core/src/main/java/jenkins/slaves/RemotingVersionInfo.java
index e2c2211591..2c89ec136e 100644
--- a/core/src/main/java/jenkins/slaves/RemotingVersionInfo.java
+++ b/core/src/main/java/jenkins/slaves/RemotingVersionInfo.java
@@ -24,10 +24,7 @@
 package jenkins.slaves;
 
 import hudson.util.VersionNumber;
-import org.kohsuke.accmod.Restricted;
-import org.kohsuke.accmod.restrictions.NoExternalUse;
 
-import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
 import java.io.IOException;
 import java.io.InputStream;
@@ -39,17 +36,17 @@ import java.util.logging.Logger;
 /**
  * Provides information about Remoting versions used within the core.
  * @author Oleg Nenashev
+ * @since TODO
  */
-@Restricted(NoExternalUse.class)
 public class RemotingVersionInfo {
 
     private static final Logger LOGGER = Logger.getLogger(RemotingVersionInfo.class.getName());
     private static final String RESOURCE_NAME="remoting-info.properties";
 
-    @CheckForNull
+    @Nonnull
     private static VersionNumber EMBEDDED_VERSION;
 
-    @CheckForNull
+    @Nonnull
     private static VersionNumber MINIMUM_SUPPORTED_VERSION;
 
     private RemotingVersionInfo() {}
@@ -64,39 +61,53 @@ public class RemotingVersionInfo {
             LOGGER.log(Level.WARNING, "Failed to load Remoting Info from " + RESOURCE_NAME, e);
         }
 
-        EMBEDDED_VERSION = tryExtractVersion(props, "remoting.embedded.version");
-        MINIMUM_SUPPORTED_VERSION = tryExtractVersion(props, "remoting.minimum.supported.version");
+        EMBEDDED_VERSION = extractVersion(props, "remoting.embedded.version");
+        MINIMUM_SUPPORTED_VERSION = extractVersion(props, "remoting.minimum.supported.version");
     }
 
-    @CheckForNull
-    private static VersionNumber tryExtractVersion(@Nonnull Properties props, @Nonnull String propertyName) {
+    @Nonnull
+    private static VersionNumber extractVersion(@Nonnull Properties props, @Nonnull String propertyName)
+            throws ExceptionInInitializerError {
         String prop = props.getProperty(propertyName);
         if (prop == null) {
-            LOGGER.log(Level.FINE, "Property {0} is not defined in {1}", new Object[] {propertyName, RESOURCE_NAME});
-            return null;
+            throw new ExceptionInInitializerError(String.format(
+                    "Property %s is not defined in %s", propertyName, RESOURCE_NAME));
         }
 
         if(prop.contains("${")) { // Due to whatever reason, Maven does not nullify them
-            LOGGER.log(Level.WARNING, "Property {0} in {1} has unresolved variable(s). Raw value: {2}",
-                    new Object[] {propertyName, RESOURCE_NAME, prop});
-            return null;
+            throw new ExceptionInInitializerError(String.format(
+                    "Property %s in %s has unresolved variable(s). Raw value: %s",
+                    propertyName, RESOURCE_NAME, prop));
         }
 
         try {
             return new VersionNumber(prop);
         } catch (RuntimeException ex) {
-            LOGGER.log(Level.WARNING, String.format("Failed to parse version for for property %s in %s. Raw Value: %s",
-                    propertyName, RESOURCE_NAME, prop), ex);
-            return null;
+            throw new ExceptionInInitializerError(new IOException(
+                    String.format("Failed to parse version for for property %s in %s. Raw Value: %s",
+                    propertyName, RESOURCE_NAME, prop), ex));
         }
     }
 
-    @CheckForNull
+    /**
+     * Returns a version which is embedded into the Jenkins core.
+     * Note that this version <b>may</b> differ from one which is being really used in Jenkins.
+     * @return Remoting version
+     */
+    @Nonnull
     public static VersionNumber getEmbeddedVersion() {
         return EMBEDDED_VERSION;
     }
 
-    @CheckForNull
+    /**
+     * Gets Remoting version which is supported by the core.
+     * Jenkins core and plugins make invoke operations on agents (e.g. {@link jenkins.security.MasterToSlaveCallable})
+     * and use Remoting-internal API within them.
+     * In such case this API should be present on the remote side.
+     * This method defines a minimum expected version, so that all calls should use a compatible API.
+     * @return Minimal Remoting version for API calls.
+     */
+    @Nonnull
     public static VersionNumber getMinimumSupportedVersion() {
         return MINIMUM_SUPPORTED_VERSION;
     }
-- 
GitLab


From 1b2f0e7e64dc32bc6aac8d31b35013f52a668613 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Mon, 22 Jan 2018 11:23:39 +0100
Subject: [PATCH 021/863] [JENKINS-48766] - Expose Remoting Minimum version in
 TcpSlaveAgentListener

---
 core/src/main/java/hudson/TcpSlaveAgentListener.java | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/core/src/main/java/hudson/TcpSlaveAgentListener.java b/core/src/main/java/hudson/TcpSlaveAgentListener.java
index 03455a7753..f0a9c03700 100644
--- a/core/src/main/java/hudson/TcpSlaveAgentListener.java
+++ b/core/src/main/java/hudson/TcpSlaveAgentListener.java
@@ -34,6 +34,7 @@ import javax.annotation.Nullable;
 import hudson.model.AperiodicWork;
 import jenkins.model.Jenkins;
 import jenkins.model.identity.InstanceIdentityProvider;
+import jenkins.slaves.RemotingVersionInfo;
 import jenkins.util.SystemProperties;
 import hudson.slaves.OfflineCause;
 import java.io.DataOutputStream;
@@ -300,6 +301,7 @@ public final class TcpSlaveAgentListener extends Thread {
                     o.write("Jenkins-Session: " + Jenkins.SESSION_HASH + "\r\n");
                     o.write("Client: " + s.getInetAddress().getHostAddress() + "\r\n");
                     o.write("Server: " + s.getLocalAddress().getHostAddress() + "\r\n");
+                    o.write("Remoting-Minimum-Version: " + RemotingVersionInfo.getMinimumSupportedVersion() + "\r\n");
                     o.flush();
                     s.shutdownOutput();
                 } else {
-- 
GitLab


From 95f1f5ad19385408da15eb1b4dcaedb705dee638 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Mon, 22 Jan 2018 11:24:32 +0100
Subject: [PATCH 022/863] [JENKINS-48766] - Print warnings in agent connection
 logs when the Remoting version is not supported

---
 core/src/main/java/hudson/slaves/SlaveComputer.java | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/core/src/main/java/hudson/slaves/SlaveComputer.java b/core/src/main/java/hudson/slaves/SlaveComputer.java
index 9b87bf5dec..1f3f2beb13 100644
--- a/core/src/main/java/hudson/slaves/SlaveComputer.java
+++ b/core/src/main/java/hudson/slaves/SlaveComputer.java
@@ -47,6 +47,7 @@ import hudson.util.Futures;
 import hudson.util.NullStream;
 import hudson.util.RingBufferLogHandler;
 import hudson.util.StreamTaskListener;
+import hudson.util.VersionNumber;
 import hudson.util.io.RewindableFileOutputStream;
 import hudson.util.io.RewindableRotatingFileOutputStream;
 import jenkins.model.Jenkins;
@@ -54,6 +55,7 @@ import jenkins.security.ChannelConfigurator;
 import jenkins.security.MasterToSlaveCallable;
 import jenkins.slaves.EncryptedSlaveAgentJnlpFile;
 import jenkins.slaves.JnlpSlaveAgentProtocol;
+import jenkins.slaves.RemotingVersionInfo;
 import jenkins.slaves.systemInfo.SlaveSystemInfo;
 import jenkins.util.SystemProperties;
 import org.acegisecurity.context.SecurityContext;
@@ -545,6 +547,12 @@ public class SlaveComputer extends Computer {
 
         String slaveVersion = channel.call(new SlaveVersion());
         log.println("Remoting version: " + slaveVersion);
+        VersionNumber agentVersion = new VersionNumber(slaveVersion);
+        if (agentVersion.isOlderThan(RemotingVersionInfo.getMinimumSupportedVersion())) {
+            log.println(String.format("WARNING: Remoting version is older than a minimum required one (%s). " +
+                    "Connection will not be rejected, but the compatibility is NOT guaranteed",
+                    RemotingVersionInfo.getMinimumSupportedVersion()));
+        }
 
         boolean _isUnix = channel.call(new DetectOS());
         log.println(_isUnix? hudson.model.Messages.Slave_UnixSlave():hudson.model.Messages.Slave_WindowsSlave());
-- 
GitLab


From 07d8f4e3e6715a3ea5b060709a92a6b6950aca30 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Mon, 22 Jan 2018 12:04:54 +0100
Subject: [PATCH 023/863] [JENKINS-48766] - Add info about remoting to the WAR
 manifest file

---
 .../slaves/RemotingVersionInfoTest.java       | 70 +++++++++++++++++++
 war/pom.xml                                   |  2 +
 2 files changed, 72 insertions(+)
 create mode 100644 test/src/test/java/jenkins/slaves/RemotingVersionInfoTest.java

diff --git a/test/src/test/java/jenkins/slaves/RemotingVersionInfoTest.java b/test/src/test/java/jenkins/slaves/RemotingVersionInfoTest.java
new file mode 100644
index 0000000000..c396eb3a22
--- /dev/null
+++ b/test/src/test/java/jenkins/slaves/RemotingVersionInfoTest.java
@@ -0,0 +1,70 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.slaves;
+
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.For;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.InputStream;
+import java.util.jar.Attributes;
+import java.util.jar.JarEntry;
+import java.util.jar.Manifest;
+import java.util.zip.ZipEntry;
+import java.util.zip.ZipFile;
+
+import static org.hamcrest.Matchers.equalTo;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertThat;
+
+@For(RemotingVersionInfo.class)
+public class RemotingVersionInfoTest {
+
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+
+    @Test
+    @Issue("JENKINS-48766")
+    public void warShouldIncludeRemotingManifestEntries() throws Exception {
+        ZipFile jenkinsWar = new ZipFile(new File(j.getWebAppRoot(), "../jenkins.war"));
+        ZipEntry entry = new JarEntry("META-INF/MANIFEST.MF");
+        try (InputStream inputStream = jenkinsWar.getInputStream(entry)) {
+            assertNotNull("Cannot open input stream for /META-INF/MANIFEST.MF", inputStream);
+            Manifest manifest = new Manifest(inputStream);
+
+            assertAttributeValue(manifest, "Remoting-Embedded-Version", RemotingVersionInfo.getEmbeddedVersion());
+            assertAttributeValue(manifest, "Remoting-Minimum-Supported-Version", RemotingVersionInfo.getMinimumSupportedVersion());
+        }
+    }
+
+    private void assertAttributeValue(Manifest manifest, String attributeName, Object expectedValue) throws AssertionError {
+        assertThat("Wrong value of manifest attribute " + attributeName,
+                manifest.getMainAttributes().getValue(attributeName),
+                equalTo(expectedValue.toString()));
+    }
+}
diff --git a/war/pom.xml b/war/pom.xml
index b25893b6b5..ecb48903a5 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -199,6 +199,8 @@ THE SOFTWARE.
               <Implementation-Version>${project.version}</Implementation-Version>
               <Hudson-Version>1.395</Hudson-Version>
               <Jenkins-Version>${project.version}</Jenkins-Version>
+              <Remoting-Embedded-Version>${remoting.version}</Remoting-Embedded-Version>
+              <Remoting-Minimum-Supported-Version>${remoting.minimum.supported.version}</Remoting-Minimum-Supported-Version>
             </manifestEntries>
           </archive>
           <!--outputFileNameMapping>@{artifactId}@.@{extension}@</outputFileNameMapping-->
-- 
GitLab


From 9842a2795e81bbdb0aeb5039cd9953bbb0ff2531 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 22 Jan 2018 17:45:26 -0500
Subject: [PATCH 024/863] [JENKINS-46652] Check Computer.BUILD permission only
 on heayweight tasks.

---
 core/src/main/java/hudson/model/Node.java                   | 2 +-
 core/src/main/java/hudson/model/queue/MappingWorksheet.java | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/model/Node.java b/core/src/main/java/hudson/model/Node.java
index bcf81c19ad..70484762e4 100644
--- a/core/src/main/java/hudson/model/Node.java
+++ b/core/src/main/java/hudson/model/Node.java
@@ -394,7 +394,7 @@ public abstract class Node extends AbstractModelObject implements Reconfigurable
         }
 
         Authentication identity = item.authenticate();
-        if (!hasPermission(identity,Computer.BUILD)) {
+        if (!(item.task instanceof Queue.FlyweightTask) && !hasPermission(identity, Computer.BUILD)) {
             // doesn't have a permission
             return CauseOfBlockage.fromMessage(Messages._Node_LackingBuildPermission(identity.getName(), getDisplayName()));
         }
diff --git a/core/src/main/java/hudson/model/queue/MappingWorksheet.java b/core/src/main/java/hudson/model/queue/MappingWorksheet.java
index a8cdad8ef9..708f022284 100644
--- a/core/src/main/java/hudson/model/queue/MappingWorksheet.java
+++ b/core/src/main/java/hudson/model/queue/MappingWorksheet.java
@@ -134,7 +134,7 @@ public class MappingWorksheet {
             if (c.assignedLabel!=null && !c.assignedLabel.contains(node))
                 return false;   // label mismatch
 
-            if (!nodeAcl.hasPermission(item.authenticate(), Computer.BUILD))
+            if (!(item.task instanceof Queue.FlyweightTask) && !nodeAcl.hasPermission(item.authenticate(), Computer.BUILD))
                 return false;   // tasks don't have a permission to run on this node
 
             return true;
-- 
GitLab


From 0f1c35291d38a7b5700a4cfa47eb04d2cee3a0a2 Mon Sep 17 00:00:00 2001
From: Daniel Trebbien <dtrebbien@gmail.com>
Date: Mon, 22 Jan 2018 18:50:01 -0800
Subject: [PATCH 025/863] [JENKINS-49060] Include the filename of the
 unreadable file in the exception message

---
 core/src/main/java/hudson/util/TextFile.java | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/core/src/main/java/hudson/util/TextFile.java b/core/src/main/java/hudson/util/TextFile.java
index 0ac1326ce7..fcfd45604e 100644
--- a/core/src/main/java/hudson/util/TextFile.java
+++ b/core/src/main/java/hudson/util/TextFile.java
@@ -75,6 +75,8 @@ public class TextFile {
             String line;
             while ((line = in.readLine()) != null)
                 w.println(line);
+        } catch (Exception e) {
+            throw new IOException("Failed to fully read " + file, e);
         }
         return out.toString();
     }
-- 
GitLab


From d2b81b8ad1a71410765aad0e92c540168571e1f3 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Tue, 23 Jan 2018 13:47:05 +0100
Subject: [PATCH 026/863] Separate original and downstream dependency errors

Nobody understands 'fix this plugin first', so separate those from
the actual issues that need fixing.
---
 core/src/main/java/hudson/PluginWrapper.java  | 54 +++++++++++++++----
 .../message.jelly                             | 31 ++++++++---
 .../message.properties                        |  3 +-
 3 files changed, 70 insertions(+), 18 deletions(-)

diff --git a/core/src/main/java/hudson/PluginWrapper.java b/core/src/main/java/hudson/PluginWrapper.java
index 9ca85b04aa..64238fbe5c 100644
--- a/core/src/main/java/hudson/PluginWrapper.java
+++ b/core/src/main/java/hudson/PluginWrapper.java
@@ -37,6 +37,9 @@ import hudson.model.UpdateCenter;
 import hudson.model.UpdateSite;
 import hudson.util.VersionNumber;
 import org.jvnet.localizer.ResourceBundleHolder;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.DoNotUse;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
 import org.kohsuke.stapler.HttpResponse;
 import org.kohsuke.stapler.HttpResponses;
 import org.kohsuke.stapler.StaplerRequest;
@@ -66,10 +69,12 @@ import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
+import java.util.function.Predicate;
 import java.util.jar.JarFile;
 import java.util.jar.Manifest;
 import java.util.logging.Level;
 import java.util.logging.Logger;
+import java.util.stream.Collectors;
 
 import static java.util.logging.Level.WARNING;
 import static org.apache.commons.io.FilenameUtils.getBaseName;
@@ -159,10 +164,34 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
     private final List<Dependency> optionalDependencies;
 
     public List<String> getDependencyErrors() {
-        return Collections.unmodifiableList(dependencyErrors);
+        return Collections.unmodifiableList(new ArrayList<>(dependencyErrors.keySet()));
     }
 
-    private final transient List<String> dependencyErrors = new ArrayList<>();
+    @Restricted(NoExternalUse.class) // Jelly use
+    public List<String> getOriginalDependencyErrors() {
+        Predicate<Map.Entry<String, Boolean>> p = Map.Entry::getValue;
+        return dependencyErrors.entrySet().stream().filter(p.negate()).map(Map.Entry::getKey).collect(Collectors.toList());
+    }
+
+    @Restricted(NoExternalUse.class) // Jelly use
+    public boolean hasOriginalDependencyErrors() {
+        return !getOriginalDependencyErrors().isEmpty();
+    }
+
+    @Restricted(NoExternalUse.class) // Jelly use
+    public List<String> getDerivedDependencyErrors() {
+        return dependencyErrors.entrySet().stream().filter(Map.Entry::getValue).map(Map.Entry::getKey).collect(Collectors.toList());
+    }
+
+    @Restricted(NoExternalUse.class) // Jelly use
+    public boolean hasDerivedDependencyErrors() {
+        return !getDerivedDependencyErrors().isEmpty();
+    }
+
+    /**
+     * A String error message, and a boolean indicating whether it's an original error (false) or downstream from an original one (true)
+     */
+    private final transient Map<String, Boolean> dependencyErrors = new HashMap<>();
 
     /**
      * Is this plugin bundled in jenkins.war?
@@ -571,7 +600,7 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
             } else {
                 VersionNumber actualVersion = Jenkins.getVersion();
                 if (actualVersion.isOlderThan(new VersionNumber(requiredCoreVersion))) {
-                    dependencyErrors.add(Messages.PluginWrapper_obsoleteCore(Jenkins.getVersion().toString(), requiredCoreVersion));
+                    dependencyErrors.put(Messages.PluginWrapper_obsoleteCore(Jenkins.getVersion().toString(), requiredCoreVersion), false);
                 }
             }
         }
@@ -581,21 +610,21 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
             if (dependency == null) {
                 PluginWrapper failedDependency = NOTICE.getPlugin(d.shortName);
                 if (failedDependency != null) {
-                    dependencyErrors.add(Messages.PluginWrapper_failed_to_load_dependency(failedDependency.getLongName(), failedDependency.getVersion()));
+                    dependencyErrors.put(Messages.PluginWrapper_failed_to_load_dependency(failedDependency.getLongName(), failedDependency.getVersion()), true);
                     break;
                 } else {
-                    dependencyErrors.add(Messages.PluginWrapper_missing(d.shortName, d.version));
+                    dependencyErrors.put(Messages.PluginWrapper_missing(d.shortName, d.version), false);
                 }
             } else {
                 if (dependency.isActive()) {
                     if (isDependencyObsolete(d, dependency)) {
-                        dependencyErrors.add(Messages.PluginWrapper_obsolete(dependency.getLongName(), dependency.getVersion(), d.version));
+                        dependencyErrors.put(Messages.PluginWrapper_obsolete(dependency.getLongName(), dependency.getVersion(), d.version), false);
                     }
                 } else {
                     if (isDependencyObsolete(d, dependency)) {
-                        dependencyErrors.add(Messages.PluginWrapper_disabledAndObsolete(dependency.getLongName(), dependency.getVersion(), d.version));
+                        dependencyErrors.put(Messages.PluginWrapper_disabledAndObsolete(dependency.getLongName(), dependency.getVersion(), d.version), false);
                     } else {
-                        dependencyErrors.add(Messages.PluginWrapper_disabled(dependency.getLongName()));
+                        dependencyErrors.put(Messages.PluginWrapper_disabled(dependency.getLongName()), false);
                     }
                 }
 
@@ -606,7 +635,7 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
             PluginWrapper dependency = parent.getPlugin(d.shortName);
             if (dependency != null && dependency.isActive()) {
                 if (isDependencyObsolete(d, dependency)) {
-                    dependencyErrors.add(Messages.PluginWrapper_obsolete(dependency.getLongName(), dependency.getVersion(), d.version));
+                    dependencyErrors.put(Messages.PluginWrapper_obsolete(dependency.getLongName(), dependency.getVersion(), d.version), false);
                 } else {
                     dependencies.add(d);
                 }
@@ -616,7 +645,7 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
             NOTICE.addPlugin(this);
             StringBuilder messageBuilder = new StringBuilder();
             messageBuilder.append(Messages.PluginWrapper_failed_to_load_plugin(getLongName(), getVersion())).append(System.lineSeparator());
-            for (Iterator<String> iterator = dependencyErrors.iterator(); iterator.hasNext(); ) {
+            for (Iterator<String> iterator = dependencyErrors.keySet().iterator(); iterator.hasNext(); ) {
                 String dependencyError = iterator.next();
                 messageBuilder.append(" - ").append(dependencyError);
                 if (iterator.hasNext()) {
@@ -750,6 +779,11 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
             return !plugins.isEmpty();
         }
 
+        @Restricted(DoNotUse.class) // Jelly
+        public boolean hasAnyDerivedDependencyErrors() {
+            return plugins.values().stream().anyMatch(PluginWrapper::hasDerivedDependencyErrors);
+        }
+
         @Override
         public String getDisplayName() {
             return Messages.PluginWrapper_PluginWrapperAdministrativeMonitor_DisplayName();
diff --git a/core/src/main/resources/hudson/PluginWrapper/PluginWrapperAdministrativeMonitor/message.jelly b/core/src/main/resources/hudson/PluginWrapper/PluginWrapperAdministrativeMonitor/message.jelly
index a98627489a..067f0c1c97 100644
--- a/core/src/main/resources/hudson/PluginWrapper/PluginWrapperAdministrativeMonitor/message.jelly
+++ b/core/src/main/resources/hudson/PluginWrapper/PluginWrapperAdministrativeMonitor/message.jelly
@@ -4,14 +4,31 @@
     <form method="post" action="${rootURL}/${it.url}/act" name="${it.id}">
       <f:submit name="correct" value="${%Correct}"/>
     </form>
-    ${%Dependency errors}
+    <p><strong>${%Dependency errors}:</strong></p>
+    <p>${%blurbOriginal}</p>
     <j:forEach items="${it.plugins}" var="plugin">
-    <dl>
-      <dt>${plugin.longName} v${plugin.version}</dt>
-      <j:forEach items="${plugin.dependencyErrors}" var="d">
-        <dd>${d}</dd>
-      </j:forEach>
-    </dl>
+      <j:if test="${plugin.hasOriginalDependencyErrors()}">
+        <dl>
+          <dt>${plugin.longName} version ${plugin.version}</dt>
+          <j:forEach items="${plugin.originalDependencyErrors}" var="d">
+            <dd>${d}</dd>
+          </j:forEach>
+        </dl>
+      </j:if>
     </j:forEach>
+    <j:if test="${it.hasAnyDerivedDependencyErrors()}">
+      <p><strong>${%Downstream dependency errors}:</strong></p>
+      <p>${%blurbDerived}</p>
+      <dl>
+        <j:forEach items="${it.plugins}" var="plugin">
+          <j:if test="${plugin.hasDerivedDependencyErrors()}">
+            <dt>${plugin.displayName} version ${plugin.version}</dt>
+            <j:forEach items="${plugin.derivedDependencyErrors}" var="d">
+              <dd>${d}</dd>
+            </j:forEach>
+          </j:if>
+        </j:forEach>
+      </dl>
+    </j:if>
   </div>
 </j:jelly>
diff --git a/core/src/main/resources/hudson/PluginWrapper/PluginWrapperAdministrativeMonitor/message.properties b/core/src/main/resources/hudson/PluginWrapper/PluginWrapperAdministrativeMonitor/message.properties
index 555e651d66..9313dac39c 100644
--- a/core/src/main/resources/hudson/PluginWrapper/PluginWrapperAdministrativeMonitor/message.properties
+++ b/core/src/main/resources/hudson/PluginWrapper/PluginWrapperAdministrativeMonitor/message.properties
@@ -19,4 +19,5 @@
 # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
-Dependency\ errors=There are dependency errors loading some plugins.
+blurbOriginal=Some plugins could not be loaded due to unsatisfied dependencies. Fix these issues and restart Jenkins to restore the functionality provided by these plugins.
+blurbDerived=These plugins failed to load because of one or more of the errors above. Fix those and these plugins will load again.
-- 
GitLab


From 7e8d817f78f4bad6c8100643c860cb326dc03a42 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Tue, 23 Jan 2018 14:45:10 +0100
Subject: [PATCH 027/863] Remove support for unbounded number of polling
 threads

The default is 10. Previously unbounded configs will be set to 10.
---
 .../main/java/hudson/triggers/SCMTrigger.java   | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/core/src/main/java/hudson/triggers/SCMTrigger.java b/core/src/main/java/hudson/triggers/SCMTrigger.java
index 682ce987fb..5a1bea9e09 100644
--- a/core/src/main/java/hudson/triggers/SCMTrigger.java
+++ b/core/src/main/java/hudson/triggers/SCMTrigger.java
@@ -237,13 +237,19 @@ public class SCMTrigger extends Trigger<Item> {
          * Max number of threads for SCM polling.
          * 0 for unbounded.
          */
-        private int maximumThreads;
+        private int maximumThreads = 10;
 
         public DescriptorImpl() {
             load();
             resizeThreadPool();
         }
 
+        private void readResolve() {
+            if (maximumThreads == 0) {
+                maximumThreads = 10;
+            }
+        }
+
         public boolean isApplicable(Item item) {
             return SCMTriggerItem.SCMTriggerItems.asSCMTriggerItem(item) != null;
         }
@@ -299,11 +305,11 @@ public class SCMTrigger extends Trigger<Item> {
 
         /**
          * Sets the number of concurrent threads used for SCM polling and resizes the thread pool accordingly
-         * @param n number of concurrent threads, zero or less means unlimited, maximum is 100
+         * @param n number of concurrent threads in the range 10..100, outside values will set the to the nearest bound
          */
         public void setPollingThreadCount(int n) {
             // fool proof
-            if(n<0)     n=0;
+            if(n<10)     n=10;
             if(n>100)   n=100;
 
             maximumThreads = n;
@@ -313,7 +319,7 @@ public class SCMTrigger extends Trigger<Item> {
 
         @Restricted(NoExternalUse.class)
         public boolean isPollingThreadCountOptionVisible() {
-            if (getPollingThreadCount() != 0) {
+            if (getPollingThreadCount() != 10) {
                 // this is a user who already configured the option
                 return true;
             }
@@ -337,8 +343,7 @@ public class SCMTrigger extends Trigger<Item> {
          * Update the {@link ExecutorService} instance.
          */
         /*package*/ synchronized void resizeThreadPool() {
-            queue.setExecutors(
-                    (maximumThreads==0 ? Executors.newCachedThreadPool(threadFactory()) : Executors.newFixedThreadPool(maximumThreads, threadFactory())));
+            queue.setExecutors(Executors.newFixedThreadPool(maximumThreads, threadFactory()));
         }
 
         @Override
-- 
GitLab


From f0b1bce2f4b5b14bb60f62647cffd68f7d8655c2 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Tue, 23 Jan 2018 17:35:35 +0100
Subject: [PATCH 028/863] Further clean up the polling threads option, better
 validation

---
 .../main/java/hudson/triggers/SCMTrigger.java | 32 +++++++++++--------
 .../main/java/hudson/util/FormValidation.java | 24 ++++++++++++++
 .../hudson/model/Messages.properties          |  2 ++
 .../SCMTrigger/help-pollingThreadCount.html   |  8 ++---
 .../help-pollingThreadCount_bg.html           | 10 ------
 .../help-pollingThreadCount_de.html           | 10 ------
 .../help-pollingThreadCount_fr.html           | 11 -------
 .../help-pollingThreadCount_it.html           | 10 ------
 .../help-pollingThreadCount_ja.html           |  8 -----
 .../help-pollingThreadCount_nl.html           | 10 ------
 .../help-pollingThreadCount_pt_BR.html        |  9 ------
 .../help-pollingThreadCount_ru.html           |  9 ------
 .../help-pollingThreadCount_tr.html           |  9 ------
 .../help-pollingThreadCount_zh_TW.html        |  6 ----
 14 files changed, 46 insertions(+), 112 deletions(-)
 delete mode 100644 core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_bg.html
 delete mode 100644 core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_de.html
 delete mode 100644 core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_fr.html
 delete mode 100644 core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_it.html
 delete mode 100644 core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_ja.html
 delete mode 100644 core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_nl.html
 delete mode 100644 core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_pt_BR.html
 delete mode 100644 core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_ru.html
 delete mode 100644 core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_tr.html
 delete mode 100644 core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_zh_TW.html

diff --git a/core/src/main/java/hudson/triggers/SCMTrigger.java b/core/src/main/java/hudson/triggers/SCMTrigger.java
index 5a1bea9e09..7afeeacdb0 100644
--- a/core/src/main/java/hudson/triggers/SCMTrigger.java
+++ b/core/src/main/java/hudson/triggers/SCMTrigger.java
@@ -235,10 +235,13 @@ public class SCMTrigger extends Trigger<Item> {
 
         /**
          * Max number of threads for SCM polling.
-         * 0 for unbounded.
          */
         private int maximumThreads = 10;
 
+        private static final int THREADS_LOWER_BOUND = 5;
+        private static final int THREADS_UPPER_BOUND = 100;
+        private static final int THREADS_DEFAULT= 10;
+
         public DescriptorImpl() {
             load();
             resizeThreadPool();
@@ -246,7 +249,7 @@ public class SCMTrigger extends Trigger<Item> {
 
         private void readResolve() {
             if (maximumThreads == 0) {
-                maximumThreads = 10;
+                maximumThreads = THREADS_DEFAULT;
             }
         }
 
@@ -296,8 +299,6 @@ public class SCMTrigger extends Trigger<Item> {
         /**
          * Gets the number of concurrent threads used for polling.
          *
-         * @return
-         *      0 if unlimited.
          */
         public int getPollingThreadCount() {
             return maximumThreads;
@@ -305,12 +306,16 @@ public class SCMTrigger extends Trigger<Item> {
 
         /**
          * Sets the number of concurrent threads used for SCM polling and resizes the thread pool accordingly
-         * @param n number of concurrent threads in the range 10..100, outside values will set the to the nearest bound
+         * @param n number of concurrent threads in the range 5..100, outside values will set the to the nearest bound
          */
         public void setPollingThreadCount(int n) {
             // fool proof
-            if(n<10)     n=10;
-            if(n>100)   n=100;
+            if (n < THREADS_LOWER_BOUND) {
+                n = THREADS_LOWER_BOUND;
+            }
+            if (n > THREADS_UPPER_BOUND) {
+                n = THREADS_UPPER_BOUND;
+            }
 
             maximumThreads = n;
 
@@ -319,7 +324,7 @@ public class SCMTrigger extends Trigger<Item> {
 
         @Restricted(NoExternalUse.class)
         public boolean isPollingThreadCountOptionVisible() {
-            if (getPollingThreadCount() != 10) {
+            if (getPollingThreadCount() != THREADS_DEFAULT) {
                 // this is a user who already configured the option
                 return true;
             }
@@ -349,10 +354,11 @@ public class SCMTrigger extends Trigger<Item> {
         @Override
         public boolean configure(StaplerRequest req, JSONObject json) throws FormException {
             String t = json.optString("pollingThreadCount",null);
-            if(t==null || t.length()==0)
-                setPollingThreadCount(0);
-            else
+            if (doCheckPollingThreadCount(t).kind != FormValidation.Kind.OK) {
+                setPollingThreadCount(THREADS_DEFAULT);
+            } else {
                 setPollingThreadCount(Integer.parseInt(t));
+            }
 
             // Save configuration
             save();
@@ -361,9 +367,7 @@ public class SCMTrigger extends Trigger<Item> {
         }
 
         public FormValidation doCheckPollingThreadCount(@QueryParameter String value) {
-            if (value != null && "".equals(value.trim()))
-                return FormValidation.ok();
-            return FormValidation.validateNonNegativeInteger(value);
+            return FormValidation.validateIntegerInRange(value, THREADS_LOWER_BOUND, THREADS_UPPER_BOUND);
         }
 
         /**
diff --git a/core/src/main/java/hudson/util/FormValidation.java b/core/src/main/java/hudson/util/FormValidation.java
index c95e5d1da8..b8964811a2 100644
--- a/core/src/main/java/hudson/util/FormValidation.java
+++ b/core/src/main/java/hudson/util/FormValidation.java
@@ -393,6 +393,30 @@ public abstract class FormValidation extends IOException implements HttpResponse
         }
     }
 
+    /**
+     * Make sure that the given string is an integer in the range specified by the lower and upper bounds (both inclusive)
+     *
+     * @param value the value to check
+     * @param lower the lower bound (inclusive)
+     * @param upper the upper bound (inclusive)
+     *
+     * @since TODO
+     */
+    public static FormValidation validateIntegerInRange(String value, int lower, int upper) {
+        try {
+            int intValue = Integer.parseInt(value);
+            if (intValue < lower) {
+                return error(hudson.model.Messages.Hudson_MustBeAtLeast(lower));
+            }
+            if (intValue > upper) {
+                return error(hudson.model.Messages.Hudson_MustBeAtMost(upper));
+            }
+            return ok();
+        } catch (NumberFormatException e) {
+            return error(hudson.model.Messages.Hudson_NotANumber());
+        }
+    }
+
     /**
      * Makes sure that the given string is a positive integer.
      */
diff --git a/core/src/main/resources/hudson/model/Messages.properties b/core/src/main/resources/hudson/model/Messages.properties
index 35d5c33cc8..600d509e98 100644
--- a/core/src/main/resources/hudson/model/Messages.properties
+++ b/core/src/main/resources/hudson/model/Messages.properties
@@ -149,6 +149,8 @@ Hudson.NotANumber=Not a number
 Hudson.NotAPositiveNumber=Not a positive number
 Hudson.NotANonNegativeNumber=Number may not be negative
 Hudson.NotANegativeNumber=Not a negative number
+Hudson.MustBeAtLeast=Must be {0} or greater
+Hudson.MustBeAtMost=Must be {0} or less
 Hudson.NotUsesUTF8ToDecodeURL=\
   Your container doesn\u2019t use UTF-8 to decode URLs. If you use non-ASCII characters as a job name etc, \
   this will cause problems. \
diff --git a/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount.html b/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount.html
index b4e1e8c45e..5d45a865d2 100644
--- a/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount.html
+++ b/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount.html
@@ -1,9 +1,5 @@
 <div>
-  If you use SCM polling to trigger a new build for a large number of projects,
-  you may want to limit the number of concurrent polling activities to avoid
-  overloading the server.
-
+  This option configures the maximum number of concurrent threads that are used by Jenkins to poll for SCM changes.
   <p>
-  Setting a positive number sets the upper bound to the number of concurrent polling.
-  Leaving the field empty will make it unbounded.
+  Depending on your network connection, SCM service, and Jenkins configuration, you may need to increase or decrease the number of threads to achieve optimal results.
 </div>
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_bg.html b/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_bg.html
deleted file mode 100644
index d3a0eb9407..0000000000
--- a/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_bg.html
+++ /dev/null
@@ -1,10 +0,0 @@
-<div>
-  Ако много проекти се изграждат след слушане за промени в системата за контрол
-  на версиите, може да искате да ограничите общия брой едновременни заявки към
-  сървъра за версиите, за да не бъде претоварен.
-
-  <p>
-  Попълването на положително цяло число ограничава броя на едновременните заявки
-  за проверка.  Ако оставите полето празно, няма да има никакви ограничения в
-  броя на едновременните заявки.
-</div>
diff --git a/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_de.html b/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_de.html
deleted file mode 100644
index 846b1801b5..0000000000
--- a/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_de.html
+++ /dev/null
@@ -1,10 +0,0 @@
-<div>
-  Um eine Überlastung des Servers zu vermeiden, kann es bei einer großen Anzahl
-  von zu bauenden Projekten sinnvoll sein, die Anzahl gleichzeitiger SCM-Anfragen
-  zu begrenzen.
-
-  <p>
-  Geben Sie eine positive Zahl an, um die Anzahl der gleichzeitigen SCM-Anfragen
-  auf diesen Wert zu begrenzen. Lassen Sie das Feld frei, wenn Sie keine
-  Begrenzung wünschen. 
-</div>
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_fr.html b/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_fr.html
deleted file mode 100644
index 832dfde213..0000000000
--- a/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_fr.html
+++ /dev/null
@@ -1,11 +0,0 @@
-<div>
-  Si vous utilisez la scrutation de l'outil de gestion de version pour
-  déclencher un nouveau build pour un grand nombre de projets, vous
-  souhaiterez peut-être limiter le nombre de scrutations parallèles, afin
-  d'éviter de surcharger le serveur.
-
-  <p>
-  Un nombre positif indique la limite supérieure du nombre de scrutations
-  parallèles.
-  Laissez le champ vide pour supprimer toute limite supérieure.
-</div>
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_it.html b/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_it.html
deleted file mode 100644
index 8b6c74881f..0000000000
--- a/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_it.html
+++ /dev/null
@@ -1,10 +0,0 @@
-<div>
-  Se si utilizza il polling del sistema di controllo del codice sorgente per
-  attivare una nuova compilazione per un numero elevato di progetti, si
-  potrebbe desiderare di limitare il numero di polling concorrenti per evitare
-  di sovraccaricare il server.
-
-  <p>
-  Impostando un numero positivo si imposta il limite superiore al numero dei
-  polling concorrenti. Lasciando il campo vuoto non si imposta alcun limite.
-</div>
diff --git a/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_ja.html b/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_ja.html
deleted file mode 100644
index 5bcac2d21c..0000000000
--- a/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_ja.html
+++ /dev/null
@@ -1,8 +0,0 @@
-<div>
-  SCMのポーリングを使用してたくさんのプロジェクトの新規ビルドを起動するのなら、
-  サーバーの過負荷を避けるために、並行して動くポーリング数を制限してください。
-
-  <p>
-  正の数を設定すると、並行してポーリングする数の上限を設定します。
-  項目を空欄のままにすると、無制限になります。
-</div>
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_nl.html b/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_nl.html
deleted file mode 100644
index c4e33a4f95..0000000000
--- a/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_nl.html
+++ /dev/null
@@ -1,10 +0,0 @@
-<div>
-  Indien U voor een groot aantal projecten, bouwpogingen start omwille van het 
-  bemonsteren van u versiecontrolesysteem, kan het nuttig zijn om het aantal 
-  parallelle bemonsteringsopdrachten te limiteren, teneinde het versiecontrolesysteem
-  niet te overbelasten.  
-
-  <p>
-  Een positieve waarde bepaalt het maximaal aantal parallelle bemonsteringsopdrachten.
-  Standaard is dit maximum onbegrensd.      
-</div>
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_pt_BR.html b/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_pt_BR.html
deleted file mode 100644
index e92297111f..0000000000
--- a/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_pt_BR.html
+++ /dev/null
@@ -1,9 +0,0 @@
-<div>
-  Se voc&#234; usa a vota&#231;&#227;o de SCM para disparar uma nova constru&#231;&#227;o para um grande n&#250;mero de projetos,
-  voc&#234; pode querer limitar o n&#250;mero de atividades de vota&#231;&#227;o concorrentes para evitar
-  sobrecarregar o servidor.
-
-  <p>
-  Informando um n&#250;mero positivo indica o limite superior do n&#250;mero de vota&#231;&#245;es concorrentes.
-  Deixar o campo vazio o tornar&#225; ilimitado.
-</div>
diff --git a/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_ru.html b/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_ru.html
deleted file mode 100644
index 00cfe9e521..0000000000
--- a/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_ru.html
+++ /dev/null
@@ -1,9 +0,0 @@
-<div>
-  Если вы используете опрос сервера с системой контроля версий для инициации 
-  новой сборки для большого количества проектов, для предотвращения перегрузки 
-  сервера рекомендуется ограничить количество одновременных опросов.
-  <p>
-  Установив положительное значение в это поле, вы зададите верхнюю границу 
-  количества конкурирующих опросов, оставив поле пустым - ограничение 
-  установлено не будет.
-</div>
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_tr.html b/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_tr.html
deleted file mode 100644
index 2cf7791765..0000000000
--- a/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_tr.html
+++ /dev/null
@@ -1,9 +0,0 @@
-<div>
-  &#199;ok say&#305;da proje &#252;zerinde, yap&#305;land&#305;rmalar&#305; tetiklemek i&#231;in SCM kontrolleri kullan&#305;yorsan&#305;z,
-  SCM sunucusunu &#231;ok fazla yorabilirsiniz. Bunu engellemek i&#231;in e&#351;zamanl&#305; SCM kontrol say&#305;s&#305;n&#305;
-  s&#305;n&#305;rlamak isteyebilirsiniz.
-
-  <p>
-  Bu alana pozitif bir say&#305; yazarsan&#305;z, e&#351;zamanl&#305; SCM kontrol&#252; say&#305;s&#305;n&#305;n &#252;st limiti olacakt&#305;r.
-  E&#287;er bo&#351; b&#305;rak&#305;rsan&#305;z, herhangi bir s&#305;n&#305;r kullan&#305;lmayacakt&#305;r.
-</div>
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_zh_TW.html b/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_zh_TW.html
deleted file mode 100644
index 63617d80d3..0000000000
--- a/core/src/main/resources/hudson/triggers/SCMTrigger/help-pollingThreadCount_zh_TW.html
+++ /dev/null
@@ -1,6 +0,0 @@
-<div>
-  如果很多專案的建置是由 SCM 輪詢機制觸發，您或許會想限制同時輪詢活動的上限數，免得讓伺服器過忙。
-
-  <p>
-  正數代表同時輪詢的上限數。不填則代表不限制。
-</div>
\ No newline at end of file
-- 
GitLab


From 104f4888bbf587103dc1df6f870a8c688de66895 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@github.com>
Date: Wed, 27 Aug 2014 03:50:37 +0200
Subject: [PATCH 029/863] [FIXED JENKINS-24452] Don't export arbitrary
 unexportable exceptions

---
 core/src/main/java/hudson/slaves/OfflineCause.java | 1 -
 1 file changed, 1 deletion(-)

diff --git a/core/src/main/java/hudson/slaves/OfflineCause.java b/core/src/main/java/hudson/slaves/OfflineCause.java
index 3d711dd5f0..7c5c77861f 100644
--- a/core/src/main/java/hudson/slaves/OfflineCause.java
+++ b/core/src/main/java/hudson/slaves/OfflineCause.java
@@ -103,7 +103,6 @@ public abstract class OfflineCause {
      * Caused by unexpected channel termination.
      */
     public static class ChannelTermination extends OfflineCause {
-        @Exported
         public final Exception cause;
 
         public ChannelTermination(Exception cause) {
-- 
GitLab


From 240a127315437f700a068afaf6b9dd2bd4cde8f8 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Wed, 24 Jan 2018 10:56:38 +0100
Subject: [PATCH 030/863] OldDataMonitor: Prevent escaping b-old version

---
 .../hudson/diagnosis/OldDataMonitor/manage.jelly  | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/core/src/main/resources/hudson/diagnosis/OldDataMonitor/manage.jelly b/core/src/main/resources/hudson/diagnosis/OldDataMonitor/manage.jelly
index 0f73ec6d0f..56587c3092 100644
--- a/core/src/main/resources/hudson/diagnosis/OldDataMonitor/manage.jelly
+++ b/core/src/main/resources/hudson/diagnosis/OldDataMonitor/manage.jelly
@@ -34,15 +34,22 @@ THE SOFTWARE.
       <tr><th>${%Type}</th><th>${%Name}</th><th>${%Version}</th><th></th></tr>
       <j:forEach var="item" items="${it.data.entrySet()}">
         <j:set var="obj" value="${item.key}"/>
-        <j:set var="range" value="${item.value}"/>
         <j:choose>
-          <j:when test="${range!=''}">
-            <j:if test="${range.isOld(150)}"><j:set var="range"><b>${range}</b></j:set></j:if>
+          <j:when test="${item.value!=''}">
             <tr>
               <td>${obj.class.name}</td>
               <!-- fullName is first to avoid calling User.get(String) for User object -->
               <td>${obj.fullName?:obj.fullDisplayName?:obj.displayName?:obj.name}</td>
-              <td>${range}</td>
+              <td>
+                <j:choose>
+                  <j:when test="${item.value.isOld(150)}">
+                    <b title="${%Very old version}">${item.value}</b>
+                  </j:when>
+                  <j:otherwise>
+                    ${item.value}
+                  </j:otherwise>
+                </j:choose>
+              </td>
               <td style="white-space:normal">${item.value.extra}</td>
             </tr>
           </j:when>
-- 
GitLab


From 8e189efbdf0ffe228d15d85dbaa764fea02eb07d Mon Sep 17 00:00:00 2001
From: MarcoAurelioWM <30000615+MarcoAurelioWM@users.noreply.github.com>
Date: Wed, 24 Jan 2018 13:09:57 +0100
Subject: [PATCH 031/863] Fix Spanish (es) link translation

Typo/gramar fix.
---
 .../hudson/security/SecurityRealm/loginLink_es.properties       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/hudson/security/SecurityRealm/loginLink_es.properties b/core/src/main/resources/hudson/security/SecurityRealm/loginLink_es.properties
index caf5fd8393..5387de8441 100644
--- a/core/src/main/resources/hudson/security/SecurityRealm/loginLink_es.properties
+++ b/core/src/main/resources/hudson/security/SecurityRealm/loginLink_es.properties
@@ -20,4 +20,4 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-login=Iniciar Sesion
+login=Iniciar sesión
-- 
GitLab


From 9a4a913e387c49d0c4cec602280e25c37196f83c Mon Sep 17 00:00:00 2001
From: mike cirioli <mcirioli@cloudbees.com>
Date: Fri, 8 Dec 2017 14:45:22 -0500
Subject: [PATCH 032/863] [JENKINS-48463] - update jenkins core to use xml v1.1
   - switched to KxmlDriver (needed for xml 1.1 support)   - updated to create
 xml v1.1 headers   - updated test to use KXml2Driver explicitly   - updated
 unit tests to support xml v1.1

---
 core/src/main/java/hudson/Main.java           |  2 +-
 core/src/main/java/hudson/XmlFile.java        |  7 ++--
 .../main/java/hudson/model/Fingerprint.java   |  2 +-
 core/src/main/java/hudson/util/XStream2.java  |  2 +-
 .../test/java/hudson/PluginManagerTest.java   |  2 +-
 .../hudson/util/XStream2EncodingTest.java     |  2 +-
 .../java/jenkins/model/RunIdMigratorTest.java | 36 +++++++++----------
 .../jenkins/util/xstream/XStreamDOMTest.java  |  3 +-
 .../test/java/jenkins/xml/XMLUtilsTest.java   |  6 ++--
 .../java/hudson/cli/GetNodeCommandTest.java   |  2 +-
 .../java/hudson/cli/GetViewCommandTest.java   |  2 +-
 .../model/AbstractItemSecurityTest.java       |  4 +--
 .../model/ComputerConfigDotXmlTest.java       |  2 +-
 .../java/hudson/model/ItemGroupMixInTest.java |  2 +-
 .../util/RobustReflectionConverterTest.java   |  2 +-
 15 files changed, 38 insertions(+), 38 deletions(-)

diff --git a/core/src/main/java/hudson/Main.java b/core/src/main/java/hudson/Main.java
index 896ae4dd53..11cb516cee 100644
--- a/core/src/main/java/hudson/Main.java
+++ b/core/src/main/java/hudson/Main.java
@@ -144,7 +144,7 @@ public class Main {
             int ret;
             try (OutputStream os = Files.newOutputStream(tmpFile.toPath());
                  Writer w = new OutputStreamWriter(os,"UTF-8")) {
-                w.write("<?xml version='1.0' encoding='UTF-8'?>");
+                w.write("<?xml version='1.1' encoding='UTF-8'?>");
                 w.write("<run><log encoding='hexBinary' content-encoding='"+Charset.defaultCharset().name()+"'>");
                 w.flush();
 
diff --git a/core/src/main/java/hudson/XmlFile.java b/core/src/main/java/hudson/XmlFile.java
index 16644262b9..ae65b265d5 100644
--- a/core/src/main/java/hudson/XmlFile.java
+++ b/core/src/main/java/hudson/XmlFile.java
@@ -26,7 +26,7 @@ package hudson;
 import com.thoughtworks.xstream.XStream;
 import com.thoughtworks.xstream.converters.Converter;
 import com.thoughtworks.xstream.converters.UnmarshallingContext;
-import com.thoughtworks.xstream.io.xml.Xpp3Driver;
+import com.thoughtworks.xstream.io.xml.KXml2Driver;
 import hudson.diagnosis.OldDataMonitor;
 import hudson.model.Descriptor;
 import hudson.util.AtomicFileWriter;
@@ -39,7 +39,6 @@ import org.xml.sax.Locator;
 import org.xml.sax.SAXException;
 import org.xml.sax.ext.Locator2;
 import org.xml.sax.helpers.DefaultHandler;
-
 import javax.xml.parsers.ParserConfigurationException;
 import javax.xml.parsers.SAXParserFactory;
 import java.io.BufferedInputStream;
@@ -172,7 +171,7 @@ public final class XmlFile {
         mkdirs();
         AtomicFileWriter w = new AtomicFileWriter(file);
         try {
-            w.write("<?xml version='1.0' encoding='UTF-8'?>\n");
+            w.write("<?xml version='1.1' encoding='UTF-8'?>\n");
             beingWritten.put(o, null);
             writing.set(file);
             try {
@@ -343,7 +342,7 @@ public final class XmlFile {
 
     private static final SAXParserFactory JAXP = SAXParserFactory.newInstance();
 
-    private static final Xpp3Driver DEFAULT_DRIVER = new Xpp3Driver();
+    private static final KXml2Driver DEFAULT_DRIVER = new KXml2Driver();
 
     static {
         JAXP.setNamespaceAware(true);
diff --git a/core/src/main/java/hudson/model/Fingerprint.java b/core/src/main/java/hudson/model/Fingerprint.java
index b2fcc6c5d6..2e0a7ce166 100644
--- a/core/src/main/java/hudson/model/Fingerprint.java
+++ b/core/src/main/java/hudson/model/Fingerprint.java
@@ -1256,7 +1256,7 @@ public class Fingerprint implements ModelObject, Saveable {
             AtomicFileWriter afw = new AtomicFileWriter(file);
             try {
                 PrintWriter w = new PrintWriter(afw);
-                w.println("<?xml version='1.0' encoding='UTF-8'?>");
+                w.println("<?xml version='1.1' encoding='UTF-8'?>");
                 w.println("<fingerprint>");
                 w.print("  <timestamp>");
                 w.print(DATE_CONVERTER.toString(timestamp));
diff --git a/core/src/main/java/hudson/util/XStream2.java b/core/src/main/java/hudson/util/XStream2.java
index 6b17761cb6..285dd6b2db 100644
--- a/core/src/main/java/hudson/util/XStream2.java
+++ b/core/src/main/java/hudson/util/XStream2.java
@@ -215,7 +215,7 @@ public class XStream2 extends XStream {
      */
     public void toXMLUTF8(Object obj, OutputStream out) throws IOException {
         Writer w = new OutputStreamWriter(out, Charset.forName("UTF-8"));
-        w.write("<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n");
+        w.write("<?xml version=\"1.1\" encoding=\"UTF-8\"?>\n");
         toXML(obj, w);
     }
 
diff --git a/core/src/test/java/hudson/PluginManagerTest.java b/core/src/test/java/hudson/PluginManagerTest.java
index 843e15ba1e..1e89e5c5c8 100644
--- a/core/src/test/java/hudson/PluginManagerTest.java
+++ b/core/src/test/java/hudson/PluginManagerTest.java
@@ -64,7 +64,7 @@ public class PluginManagerTest {
     @Issue("SECURITY-167")
     @Test
     public void parseInvalidRequestedPlugins() throws Exception {
-        String evilXML = "<?xml version='1.0' encoding='UTF-8'?>\n" +
+        String evilXML = "<?xml version='1.1' encoding='UTF-8'?>\n" +
                 "<!DOCTYPE project[<!ENTITY foo SYSTEM \"file:///\">]>\n" +
                 "<root>\n" +
                 "  <stuff plugin='stuff@1.0'>\n" +
diff --git a/core/src/test/java/hudson/util/XStream2EncodingTest.java b/core/src/test/java/hudson/util/XStream2EncodingTest.java
index ea23797dea..ea10414ebc 100644
--- a/core/src/test/java/hudson/util/XStream2EncodingTest.java
+++ b/core/src/test/java/hudson/util/XStream2EncodingTest.java
@@ -70,7 +70,7 @@ public class XStream2EncodingTest {
         Thing t = (Thing) xs.fromXML(new ByteArrayInputStream(ambiguousXml));
         assertThat(t.field, not(msg));
         ByteArrayOutputStream baos2 = new ByteArrayOutputStream();
-        baos2.write("<?xml version='1.0' encoding='UTF-8'?>\n".getBytes("UTF-8"));
+        baos2.write("<?xml version='1.1' encoding='UTF-8'?>\n".getBytes("UTF-8"));
         baos2.write(ambiguousXml);
         t = (Thing) xs.fromXML(new ByteArrayInputStream(ambiguousXml));
         assertThat(t.field, not(msg));
diff --git a/core/src/test/java/jenkins/model/RunIdMigratorTest.java b/core/src/test/java/jenkins/model/RunIdMigratorTest.java
index 71a3e47832..fda491eda6 100644
--- a/core/src/test/java/jenkins/model/RunIdMigratorTest.java
+++ b/core/src/test/java/jenkins/model/RunIdMigratorTest.java
@@ -83,13 +83,13 @@ public class RunIdMigratorTest {
 
     @Test public void legacy() throws Exception {
         assumeFalse("Symlinks don't work well on Windows", Functions.isWindows());
-        write("2014-01-02_03-04-05/build.xml", "<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>99</number>\n  <otherstuff>ok</otherstuff>\n</run>");
+        write("2014-01-02_03-04-05/build.xml", "<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>99</number>\n  <otherstuff>ok</otherstuff>\n</run>");
         link("99", "2014-01-02_03-04-05");
         link("lastFailedBuild", "-1");
         link("lastSuccessfulBuild", "99");
-        assertEquals("{2014-01-02_03-04-05={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>99</number>\n  <otherstuff>ok</otherstuff>\n</run>'}, 99=→2014-01-02_03-04-05, lastFailedBuild=→-1, lastSuccessfulBuild=→99}", summarize());
+        assertEquals("{2014-01-02_03-04-05={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>99</number>\n  <otherstuff>ok</otherstuff>\n</run>'}, 99=→2014-01-02_03-04-05, lastFailedBuild=→-1, lastSuccessfulBuild=→99}", summarize());
         assertTrue(migrator.migrate(dir, null));
-        assertEquals("{99={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <id>2014-01-02_03-04-05</id>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, lastFailedBuild=→-1, lastSuccessfulBuild=→99, legacyIds='2014-01-02_03-04-05 99\n'}", summarize());
+        assertEquals("{99={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <id>2014-01-02_03-04-05</id>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, lastFailedBuild=→-1, lastSuccessfulBuild=→99, legacyIds='2014-01-02_03-04-05 99\n'}", summarize());
         assertEquals(99, migrator.findNumber("2014-01-02_03-04-05"));
         migrator = new RunIdMigrator();
         assertFalse(migrator.migrate(dir, null));
@@ -104,58 +104,58 @@ public class RunIdMigratorTest {
         assumeFalse("Symlinks don't work well on Windows", Functions.isWindows());
         write("2014-01-02_03-04-04/build.xml", "<run>\n  <number>98</number>\n</run>");
         link("98", "2014-01-02_03-04-04");
-        write("99/build.xml", "<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>");
+        write("99/build.xml", "<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>");
         link("lastFailedBuild", "-1");
         link("lastSuccessfulBuild", "99");
-        assertEquals("{2014-01-02_03-04-04={build.xml='<run>\n  <number>98</number>\n</run>'}, 98=→2014-01-02_03-04-04, 99={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, lastFailedBuild=→-1, lastSuccessfulBuild=→99}", summarize());
+        assertEquals("{2014-01-02_03-04-04={build.xml='<run>\n  <number>98</number>\n</run>'}, 98=→2014-01-02_03-04-04, 99={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, lastFailedBuild=→-1, lastSuccessfulBuild=→99}", summarize());
         assertTrue(migrator.migrate(dir, null));
-        assertEquals("{98={build.xml='<run>\n  <id>2014-01-02_03-04-04</id>\n  <timestamp>1388649844000</timestamp>\n</run>'}, 99={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, lastFailedBuild=→-1, lastSuccessfulBuild=→99, legacyIds='2014-01-02_03-04-04 98\n'}", summarize());
+        assertEquals("{98={build.xml='<run>\n  <id>2014-01-02_03-04-04</id>\n  <timestamp>1388649844000</timestamp>\n</run>'}, 99={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, lastFailedBuild=→-1, lastSuccessfulBuild=→99, legacyIds='2014-01-02_03-04-04 98\n'}", summarize());
     }
 
     @Test public void reverseImmediately() throws Exception {
         assumeFalse("Symlinks don't work well on Windows", Functions.isWindows());
         File root = dir;
         dir = new File(dir, "jobs/somefolder/jobs/someproject/promotions/OK/builds");
-        write("99/build.xml", "<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <id>2014-01-02_03-04-05</id>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>");
+        write("99/build.xml", "<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <id>2014-01-02_03-04-05</id>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>");
         link("lastFailedBuild", "-1");
         link("lastSuccessfulBuild", "99");
         write("legacyIds", "2014-01-02_03-04-05 99\n");
-        assertEquals("{99={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <id>2014-01-02_03-04-05</id>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, lastFailedBuild=→-1, lastSuccessfulBuild=→99, legacyIds='2014-01-02_03-04-05 99\n'}", summarize());
+        assertEquals("{99={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <id>2014-01-02_03-04-05</id>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, lastFailedBuild=→-1, lastSuccessfulBuild=→99, legacyIds='2014-01-02_03-04-05 99\n'}", summarize());
         RunIdMigrator.main(root.getAbsolutePath());
-        assertEquals("{2014-01-02_03-04-05={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>99</number>\n  <otherstuff>ok</otherstuff>\n</run>'}, 99=→2014-01-02_03-04-05, lastFailedBuild=→-1, lastSuccessfulBuild=→99}", summarize());
+        assertEquals("{2014-01-02_03-04-05={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>99</number>\n  <otherstuff>ok</otherstuff>\n</run>'}, 99=→2014-01-02_03-04-05, lastFailedBuild=→-1, lastSuccessfulBuild=→99}", summarize());
     }
 
     @Test public void reverseAfterNewBuilds() throws Exception {
         assumeFalse("Symlinks don't work well on Windows", Functions.isWindows());
         File root = dir;
         dir = new File(dir, "jobs/someproject/modules/test$test/builds");
-        write("1/build.xml", "<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>");
+        write("1/build.xml", "<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>");
         write("legacyIds", "");
-        assertEquals("{1={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, legacyIds=''}", summarize());
+        assertEquals("{1={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, legacyIds=''}", summarize());
         RunIdMigrator.main(root.getAbsolutePath());
-        assertEquals("{1=→2014-01-02_03-04-05, 2014-01-02_03-04-05={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>1</number>\n  <otherstuff>ok</otherstuff>\n</run>'}}", summarize());
+        assertEquals("{1=→2014-01-02_03-04-05, 2014-01-02_03-04-05={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>1</number>\n  <otherstuff>ok</otherstuff>\n</run>'}}", summarize());
     }
 
     @Test public void reverseMatrixAfterNewBuilds() throws Exception {
         assumeFalse("Symlinks don't work well on Windows", Functions.isWindows());
         File root = dir;
         dir = new File(dir, "jobs/someproject/Environment=prod/builds");
-        write("1/build.xml", "<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>");
+        write("1/build.xml", "<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>");
         write("legacyIds", "");
-        assertEquals("{1={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, legacyIds=''}", summarize());
+        assertEquals("{1={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, legacyIds=''}", summarize());
         RunIdMigrator.main(root.getAbsolutePath());
-        assertEquals("{1=→2014-01-02_03-04-05, 2014-01-02_03-04-05={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>1</number>\n  <otherstuff>ok</otherstuff>\n</run>'}}", summarize());
+        assertEquals("{1=→2014-01-02_03-04-05, 2014-01-02_03-04-05={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>1</number>\n  <otherstuff>ok</otherstuff>\n</run>'}}", summarize());
     }
 
     @Test public void reverseMavenAfterNewBuilds() throws Exception {
         assumeFalse("Symlinks don't work well on Windows", Functions.isWindows());
         File root = dir;
         dir = new File(dir, "jobs/someproject/test$test/builds");
-        write("1/build.xml", "<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>");
+        write("1/build.xml", "<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>");
         write("legacyIds", "");
-        assertEquals("{1={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, legacyIds=''}", summarize());
+        assertEquals("{1={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, legacyIds=''}", summarize());
         RunIdMigrator.main(root.getAbsolutePath());
-        assertEquals("{1=→2014-01-02_03-04-05, 2014-01-02_03-04-05={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>1</number>\n  <otherstuff>ok</otherstuff>\n</run>'}}", summarize());
+        assertEquals("{1=→2014-01-02_03-04-05, 2014-01-02_03-04-05={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>1</number>\n  <otherstuff>ok</otherstuff>\n</run>'}}", summarize());
     }
 
     // TODO test sane recovery from various error conditions
diff --git a/core/src/test/java/jenkins/util/xstream/XStreamDOMTest.java b/core/src/test/java/jenkins/util/xstream/XStreamDOMTest.java
index b32ed5a40f..69a1fbe7ef 100644
--- a/core/src/test/java/jenkins/util/xstream/XStreamDOMTest.java
+++ b/core/src/test/java/jenkins/util/xstream/XStreamDOMTest.java
@@ -23,6 +23,7 @@
  */
 package jenkins.util.xstream;
 
+import com.thoughtworks.xstream.io.xml.KXml2Driver;
 import hudson.util.XStream2;
 import org.apache.commons.io.IOUtils;
 import org.junit.Before;
@@ -53,7 +54,7 @@ public class XStreamDOMTest {
 
     @Before
     public void setUp() throws Exception {
-        xs = new XStream2();
+        xs = new XStream2(new KXml2Driver());
         xs.alias("foo", Foo.class);
     }
 
diff --git a/core/src/test/java/jenkins/xml/XMLUtilsTest.java b/core/src/test/java/jenkins/xml/XMLUtilsTest.java
index 55b0d806bb..5b998b1ca1 100644
--- a/core/src/test/java/jenkins/xml/XMLUtilsTest.java
+++ b/core/src/test/java/jenkins/xml/XMLUtilsTest.java
@@ -49,7 +49,7 @@ public class XMLUtilsTest {
     @Issue("SECURITY-167")
     @Test()
     public void testSafeTransformDoesNotProcessForeignResources() throws Exception {
-        final String xml = "<?xml version='1.0' encoding='UTF-8'?>\n" +
+        final String xml = "<?xml version='1.1' encoding='UTF-8'?>\n" +
                 "<!DOCTYPE project[\n" +
                 "  <!ENTITY foo SYSTEM \"file:///\">\n" +
                 "]>\n" +
@@ -82,7 +82,7 @@ public class XMLUtilsTest {
     @Issue("SECURITY-167")
     @Test()
     public void testUpdateByXmlIDoesNotFail() throws Exception {
-        final String xml = "<?xml version='1.0' encoding='UTF-8'?>\n" +
+        final String xml = "<?xml version='1.1' encoding='UTF-8'?>\n" +
                 "<project>\n" +
                 "  <actions/>\n" +
                 "  <description>&amp;</description>\n" +
@@ -119,7 +119,7 @@ public class XMLUtilsTest {
     @Test
     public void testParse_with_XXE() throws IOException, XPathExpressionException {
         try {
-            final String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" +
+            final String xml = "<?xml version=\"1.1\" encoding=\"UTF-8\"?>\n" +
                     "<!DOCTYPE foo [\n" +
                     "   <!ELEMENT foo ANY >\n" +
                     "   <!ENTITY xxe SYSTEM \"http://abc.com/temp/test.jsp\" >]> " +
diff --git a/test/src/test/java/hudson/cli/GetNodeCommandTest.java b/test/src/test/java/hudson/cli/GetNodeCommandTest.java
index b2792924aa..71cc405915 100644
--- a/test/src/test/java/hudson/cli/GetNodeCommandTest.java
+++ b/test/src/test/java/hudson/cli/GetNodeCommandTest.java
@@ -74,7 +74,7 @@ public class GetNodeCommandTest {
                 .invokeWithArgs("MySlave")
         ;
 
-        assertThat(result.stdout(), startsWith("<?xml version=\"1.0\" encoding=\"UTF-8\"?>"));
+        assertThat(result.stdout(), startsWith("<?xml version=\"1.1\" encoding=\"UTF-8\"?>"));
         assertThat(result.stdout(), containsString("<name>MySlave</name>"));
         assertThat(result, hasNoErrorOutput());
         assertThat(result, succeeded());
diff --git a/test/src/test/java/hudson/cli/GetViewCommandTest.java b/test/src/test/java/hudson/cli/GetViewCommandTest.java
index d3a6fd9ef7..c08af750d2 100644
--- a/test/src/test/java/hudson/cli/GetViewCommandTest.java
+++ b/test/src/test/java/hudson/cli/GetViewCommandTest.java
@@ -79,7 +79,7 @@ public class GetViewCommandTest {
 
         assertThat(result, succeeded());
         assertThat(result, hasNoErrorOutput());
-        assertThat(result.stdout(), startsWith("<?xml version=\"1.0\" encoding=\"UTF-8\"?>"));
+        assertThat(result.stdout(), startsWith("<?xml version=\"1.1\" encoding=\"UTF-8\"?>"));
         assertThat(result.stdout(), containsString("<name>aView</name>"));
     }
 
diff --git a/test/src/test/java/hudson/model/AbstractItemSecurityTest.java b/test/src/test/java/hudson/model/AbstractItemSecurityTest.java
index 653097d295..7ed8b79557 100644
--- a/test/src/test/java/hudson/model/AbstractItemSecurityTest.java
+++ b/test/src/test/java/hudson/model/AbstractItemSecurityTest.java
@@ -47,7 +47,7 @@ public class AbstractItemSecurityTest {
     @Issue("SECURITY-167")
     @Test()
     public void testUpdateByXmlDoesNotProcessForeignResources() throws Exception {
-        final String xml = "<?xml version='1.0' encoding='UTF-8'?>\n" +
+        final String xml = "<?xml version='1.1' encoding='UTF-8'?>\n" +
                 "<!DOCTYPE project[\n" +
                 "  <!ENTITY foo SYSTEM \"file:///\">\n" +
                 "]>\n" +
@@ -73,7 +73,7 @@ public class AbstractItemSecurityTest {
     @Issue("SECURITY-167")
     @Test()
     public void testUpdateByXmlDoesNotFail() throws Exception {
-        final String xml = "<?xml version='1.0' encoding='UTF-8'?>\n" +
+        final String xml = "<?xml version='1.1' encoding='UTF-8'?>\n" +
                 "<project>\n" +
                 "  <description>&amp;</description>\n" +
                 "  <scm class=\"hudson.scm.NullSCM\"/>\n" +
diff --git a/test/src/test/java/hudson/model/ComputerConfigDotXmlTest.java b/test/src/test/java/hudson/model/ComputerConfigDotXmlTest.java
index 737e7b3228..6661d55780 100644
--- a/test/src/test/java/hudson/model/ComputerConfigDotXmlTest.java
+++ b/test/src/test/java/hudson/model/ComputerConfigDotXmlTest.java
@@ -121,7 +121,7 @@ public class ComputerConfigDotXmlTest {
         computer.doConfigDotXml(req, rsp);
 
         final String out = outputStream.toString();
-        assertThat(out, startsWith("<?xml version=\"1.0\" encoding=\"UTF-8\"?>"));
+        assertThat(out, startsWith("<?xml version=\"1.1\" encoding=\"UTF-8\"?>"));
         assertThat(out, containsString("<name>slave0</name>"));
         assertThat(out, containsString("<description>dummy</description>"));
     }
diff --git a/test/src/test/java/hudson/model/ItemGroupMixInTest.java b/test/src/test/java/hudson/model/ItemGroupMixInTest.java
index 79ea318b8b..0bf83e5970 100644
--- a/test/src/test/java/hudson/model/ItemGroupMixInTest.java
+++ b/test/src/test/java/hudson/model/ItemGroupMixInTest.java
@@ -185,7 +185,7 @@ public class ItemGroupMixInTest {
 
     @Test public void createProjectFromXMLShouldNoCreateEntities() throws IOException {
 
-        final String xml = "<?xml version='1.0' encoding='UTF-8'?>\n" +
+        final String xml = "<?xml version='1.1' encoding='UTF-8'?>\n" +
                 "<!DOCTYPE project[\n" +
                 "  <!ENTITY foo SYSTEM \"file:///\">\n" +
                 "]>\n" +
diff --git a/test/src/test/java/hudson/util/RobustReflectionConverterTest.java b/test/src/test/java/hudson/util/RobustReflectionConverterTest.java
index 0bff3490cf..bdbc887b88 100644
--- a/test/src/test/java/hudson/util/RobustReflectionConverterTest.java
+++ b/test/src/test/java/hudson/util/RobustReflectionConverterTest.java
@@ -168,7 +168,7 @@ public class RobustReflectionConverterTest {
     }
     
     private static final String CONFIGURATION_TEMPLATE =
-            "<?xml version='1.0' encoding='UTF-8'?>"
+            "<?xml version='1.1' encoding='UTF-8'?>"
             + "<project>"
             + "<properties>"
             +     "<hudson.util.RobustReflectionConverterTest_-KeywordProperty>"
-- 
GitLab


From 37365eeca7e8683920dd0d13f039e36380f19e24 Mon Sep 17 00:00:00 2001
From: mike cirioli <mcirioli@cloudbees.com>
Date: Fri, 8 Dec 2017 17:30:55 -0500
Subject: [PATCH 033/863] [JENKINS-48463] update hard coded references of
 XPP3Driver to KXml2Driver in order to support XMLv1.1

---
 core/src/main/java/hudson/model/View.java              |  4 ++--
 .../src/main/java/jenkins/util/xstream/XStreamDOM.java | 10 +++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/core/src/main/java/hudson/model/View.java b/core/src/main/java/hudson/model/View.java
index fa3914af44..fe181c327d 100644
--- a/core/src/main/java/hudson/model/View.java
+++ b/core/src/main/java/hudson/model/View.java
@@ -26,7 +26,7 @@ package hudson.model;
 
 import com.thoughtworks.xstream.converters.ConversionException;
 import com.thoughtworks.xstream.io.StreamException;
-import com.thoughtworks.xstream.io.xml.Xpp3Driver;
+import com.thoughtworks.xstream.io.xml.KXml2Driver;
 import hudson.DescriptorExtensionList;
 import hudson.Extension;
 import hudson.ExtensionPoint;
@@ -1213,7 +1213,7 @@ public abstract class View extends AbstractModelObject implements AccessControll
             // Do not allow overwriting view name as it might collide with another
             // view in same ViewGroup and might not satisfy Jenkins.checkGoodName.
             String oldname = name;
-            Object o = Jenkins.XSTREAM.unmarshal(new Xpp3Driver().createReader(in), this);
+            Object o = Jenkins.XSTREAM.unmarshal(new KXml2Driver().createReader(in), this);
             if (!o.getClass().equals(getClass())) {
                 // ensure that we've got the same view type. extending this code to support updating
                 // to different view type requires destroying & creating a new view type
diff --git a/core/src/main/java/jenkins/util/xstream/XStreamDOM.java b/core/src/main/java/jenkins/util/xstream/XStreamDOM.java
index d98f346540..f0def484da 100644
--- a/core/src/main/java/jenkins/util/xstream/XStreamDOM.java
+++ b/core/src/main/java/jenkins/util/xstream/XStreamDOM.java
@@ -34,8 +34,8 @@ import com.thoughtworks.xstream.io.HierarchicalStreamWriter;
 import com.thoughtworks.xstream.io.xml.AbstractXmlReader;
 import com.thoughtworks.xstream.io.xml.AbstractXmlWriter;
 import com.thoughtworks.xstream.io.xml.DocumentReader;
+import com.thoughtworks.xstream.io.xml.KXml2Driver;
 import com.thoughtworks.xstream.io.xml.XmlFriendlyReplacer;
-import com.thoughtworks.xstream.io.xml.Xpp3Driver;
 import hudson.Util;
 import hudson.util.VariableResolver;
 
@@ -241,11 +241,11 @@ public class XStreamDOM {
      * Writes this {@link XStreamDOM} into {@link OutputStream}.
      */
     public void writeTo(OutputStream os) {
-        writeTo(new Xpp3Driver().createWriter(os));
+        writeTo(new KXml2Driver().createWriter(os));
     }
 
     public void writeTo(Writer w) {
-        writeTo(new Xpp3Driver().createWriter(w));
+        writeTo(new KXml2Driver().createWriter(w));
     }
 
     public void writeTo(HierarchicalStreamWriter w) {
@@ -262,11 +262,11 @@ public class XStreamDOM {
     }
 
     public static XStreamDOM from(InputStream in) {
-        return from(new Xpp3Driver().createReader(in));
+        return from(new KXml2Driver().createReader(in));
     }
 
     public static XStreamDOM from(Reader in) {
-        return from(new Xpp3Driver().createReader(in));
+        return from(new KXml2Driver().createReader(in));
     }
 
     public static XStreamDOM from(HierarchicalStreamReader in) {
-- 
GitLab


From 570b52dbcc4e6b2555bb8080994d30cc7228f9ca Mon Sep 17 00:00:00 2001
From: mike cirioli <mcirioli@cloudbees.com>
Date: Wed, 10 Jan 2018 08:31:34 -0500
Subject: [PATCH 034/863] [JENKINS-48463] refactored XStream2 to default to
 KXml2Driver by default. Changed all explicit references of the hierarchical
 driver to use a static convinience method XStream2.getDefaultDriver() to
 ensure all XML operations are using the same driver.

---
 core/src/main/java/hudson/XmlFile.java        |  7 ++--
 core/src/main/java/hudson/model/View.java     |  3 +-
 core/src/main/java/hudson/util/XStream2.java  | 13 +++++++
 .../java/jenkins/util/xstream/XStreamDOM.java | 10 +++---
 .../test/java/hudson/PluginManagerTest.java   |  2 +-
 .../hudson/util/XStream2EncodingTest.java     |  2 +-
 .../java/jenkins/model/RunIdMigratorTest.java | 36 +++++++++----------
 .../jenkins/util/xstream/XStreamDOMTest.java  |  3 +-
 .../test/java/jenkins/xml/XMLUtilsTest.java   |  6 ++--
 .../model/AbstractItemSecurityTest.java       |  4 +--
 .../java/hudson/model/ItemGroupMixInTest.java |  2 +-
 11 files changed, 50 insertions(+), 38 deletions(-)

diff --git a/core/src/main/java/hudson/XmlFile.java b/core/src/main/java/hudson/XmlFile.java
index ae65b265d5..f63ed33881 100644
--- a/core/src/main/java/hudson/XmlFile.java
+++ b/core/src/main/java/hudson/XmlFile.java
@@ -26,7 +26,7 @@ package hudson;
 import com.thoughtworks.xstream.XStream;
 import com.thoughtworks.xstream.converters.Converter;
 import com.thoughtworks.xstream.converters.UnmarshallingContext;
-import com.thoughtworks.xstream.io.xml.KXml2Driver;
+import com.thoughtworks.xstream.io.HierarchicalStreamDriver;
 import hudson.diagnosis.OldDataMonitor;
 import hudson.model.Descriptor;
 import hudson.util.AtomicFileWriter;
@@ -336,13 +336,14 @@ public final class XmlFile {
     /**
      * {@link XStream} instance is supposed to be thread-safe.
      */
-    private static final XStream DEFAULT_XSTREAM = new XStream2();
 
     private static final Logger LOGGER = Logger.getLogger(XmlFile.class.getName());
 
     private static final SAXParserFactory JAXP = SAXParserFactory.newInstance();
 
-    private static final KXml2Driver DEFAULT_DRIVER = new KXml2Driver();
+    private static final HierarchicalStreamDriver DEFAULT_DRIVER = XStream2.getDefaultDriver();
+
+    private static final XStream DEFAULT_XSTREAM = new XStream2(DEFAULT_DRIVER);
 
     static {
         JAXP.setNamespaceAware(true);
diff --git a/core/src/main/java/hudson/model/View.java b/core/src/main/java/hudson/model/View.java
index fe181c327d..159f0befc3 100644
--- a/core/src/main/java/hudson/model/View.java
+++ b/core/src/main/java/hudson/model/View.java
@@ -26,7 +26,6 @@ package hudson.model;
 
 import com.thoughtworks.xstream.converters.ConversionException;
 import com.thoughtworks.xstream.io.StreamException;
-import com.thoughtworks.xstream.io.xml.KXml2Driver;
 import hudson.DescriptorExtensionList;
 import hudson.Extension;
 import hudson.ExtensionPoint;
@@ -1213,7 +1212,7 @@ public abstract class View extends AbstractModelObject implements AccessControll
             // Do not allow overwriting view name as it might collide with another
             // view in same ViewGroup and might not satisfy Jenkins.checkGoodName.
             String oldname = name;
-            Object o = Jenkins.XSTREAM.unmarshal(new KXml2Driver().createReader(in), this);
+            Object o = Jenkins.XSTREAM.unmarshal(XStream2.getDefaultDriver().createReader(in), this);
             if (!o.getClass().equals(getClass())) {
                 // ensure that we've got the same view type. extending this code to support updating
                 // to different view type requires destroying & creating a new view type
diff --git a/core/src/main/java/hudson/util/XStream2.java b/core/src/main/java/hudson/util/XStream2.java
index 285dd6b2db..b4a9520d28 100644
--- a/core/src/main/java/hudson/util/XStream2.java
+++ b/core/src/main/java/hudson/util/XStream2.java
@@ -26,6 +26,7 @@ package hudson.util;
 import com.google.common.collect.ImmutableList;
 import com.google.common.collect.ImmutableMap;
 import com.thoughtworks.xstream.XStream;
+import com.thoughtworks.xstream.io.xml.KXml2Driver;
 import com.thoughtworks.xstream.mapper.AnnotationMapper;
 import com.thoughtworks.xstream.mapper.Mapper;
 import com.thoughtworks.xstream.mapper.MapperWrapper;
@@ -86,7 +87,18 @@ public class XStream2 extends XStream {
      */
     private MapperInjectionPoint mapperInjectionPoint;
 
+    /**
+     * Convinience method so we only have to change the driver in one place
+     * if we switch to something new in the future
+     *
+     * @return a new instance of the HierarchicalStreamDriver we want to use
+     */
+    public static HierarchicalStreamDriver getDefaultDriver() {
+        return new KXml2Driver();
+    }
+
     public XStream2() {
+        super(getDefaultDriver());
         init();
         classOwnership = null;
     }
@@ -98,6 +110,7 @@ public class XStream2 extends XStream {
     }
 
     XStream2(ClassOwnership classOwnership) {
+        super(getDefaultDriver());
         init();
         this.classOwnership = classOwnership;
     }
diff --git a/core/src/main/java/jenkins/util/xstream/XStreamDOM.java b/core/src/main/java/jenkins/util/xstream/XStreamDOM.java
index f0def484da..2b2ed1621b 100644
--- a/core/src/main/java/jenkins/util/xstream/XStreamDOM.java
+++ b/core/src/main/java/jenkins/util/xstream/XStreamDOM.java
@@ -34,11 +34,11 @@ import com.thoughtworks.xstream.io.HierarchicalStreamWriter;
 import com.thoughtworks.xstream.io.xml.AbstractXmlReader;
 import com.thoughtworks.xstream.io.xml.AbstractXmlWriter;
 import com.thoughtworks.xstream.io.xml.DocumentReader;
-import com.thoughtworks.xstream.io.xml.KXml2Driver;
 import com.thoughtworks.xstream.io.xml.XmlFriendlyReplacer;
 import hudson.Util;
 import hudson.util.VariableResolver;
 
+import hudson.util.XStream2;
 import java.io.InputStream;
 import java.io.OutputStream;
 import java.io.Reader;
@@ -241,11 +241,11 @@ public class XStreamDOM {
      * Writes this {@link XStreamDOM} into {@link OutputStream}.
      */
     public void writeTo(OutputStream os) {
-        writeTo(new KXml2Driver().createWriter(os));
+        writeTo(XStream2.getDefaultDriver().createWriter(os));
     }
 
     public void writeTo(Writer w) {
-        writeTo(new KXml2Driver().createWriter(w));
+        writeTo(XStream2.getDefaultDriver().createWriter(w));
     }
 
     public void writeTo(HierarchicalStreamWriter w) {
@@ -262,11 +262,11 @@ public class XStreamDOM {
     }
 
     public static XStreamDOM from(InputStream in) {
-        return from(new KXml2Driver().createReader(in));
+        return from(XStream2.getDefaultDriver().createReader(in));
     }
 
     public static XStreamDOM from(Reader in) {
-        return from(new KXml2Driver().createReader(in));
+        return from(XStream2.getDefaultDriver().createReader(in));
     }
 
     public static XStreamDOM from(HierarchicalStreamReader in) {
diff --git a/core/src/test/java/hudson/PluginManagerTest.java b/core/src/test/java/hudson/PluginManagerTest.java
index 1e89e5c5c8..843e15ba1e 100644
--- a/core/src/test/java/hudson/PluginManagerTest.java
+++ b/core/src/test/java/hudson/PluginManagerTest.java
@@ -64,7 +64,7 @@ public class PluginManagerTest {
     @Issue("SECURITY-167")
     @Test
     public void parseInvalidRequestedPlugins() throws Exception {
-        String evilXML = "<?xml version='1.1' encoding='UTF-8'?>\n" +
+        String evilXML = "<?xml version='1.0' encoding='UTF-8'?>\n" +
                 "<!DOCTYPE project[<!ENTITY foo SYSTEM \"file:///\">]>\n" +
                 "<root>\n" +
                 "  <stuff plugin='stuff@1.0'>\n" +
diff --git a/core/src/test/java/hudson/util/XStream2EncodingTest.java b/core/src/test/java/hudson/util/XStream2EncodingTest.java
index ea10414ebc..ea23797dea 100644
--- a/core/src/test/java/hudson/util/XStream2EncodingTest.java
+++ b/core/src/test/java/hudson/util/XStream2EncodingTest.java
@@ -70,7 +70,7 @@ public class XStream2EncodingTest {
         Thing t = (Thing) xs.fromXML(new ByteArrayInputStream(ambiguousXml));
         assertThat(t.field, not(msg));
         ByteArrayOutputStream baos2 = new ByteArrayOutputStream();
-        baos2.write("<?xml version='1.1' encoding='UTF-8'?>\n".getBytes("UTF-8"));
+        baos2.write("<?xml version='1.0' encoding='UTF-8'?>\n".getBytes("UTF-8"));
         baos2.write(ambiguousXml);
         t = (Thing) xs.fromXML(new ByteArrayInputStream(ambiguousXml));
         assertThat(t.field, not(msg));
diff --git a/core/src/test/java/jenkins/model/RunIdMigratorTest.java b/core/src/test/java/jenkins/model/RunIdMigratorTest.java
index fda491eda6..71a3e47832 100644
--- a/core/src/test/java/jenkins/model/RunIdMigratorTest.java
+++ b/core/src/test/java/jenkins/model/RunIdMigratorTest.java
@@ -83,13 +83,13 @@ public class RunIdMigratorTest {
 
     @Test public void legacy() throws Exception {
         assumeFalse("Symlinks don't work well on Windows", Functions.isWindows());
-        write("2014-01-02_03-04-05/build.xml", "<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>99</number>\n  <otherstuff>ok</otherstuff>\n</run>");
+        write("2014-01-02_03-04-05/build.xml", "<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>99</number>\n  <otherstuff>ok</otherstuff>\n</run>");
         link("99", "2014-01-02_03-04-05");
         link("lastFailedBuild", "-1");
         link("lastSuccessfulBuild", "99");
-        assertEquals("{2014-01-02_03-04-05={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>99</number>\n  <otherstuff>ok</otherstuff>\n</run>'}, 99=→2014-01-02_03-04-05, lastFailedBuild=→-1, lastSuccessfulBuild=→99}", summarize());
+        assertEquals("{2014-01-02_03-04-05={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>99</number>\n  <otherstuff>ok</otherstuff>\n</run>'}, 99=→2014-01-02_03-04-05, lastFailedBuild=→-1, lastSuccessfulBuild=→99}", summarize());
         assertTrue(migrator.migrate(dir, null));
-        assertEquals("{99={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <id>2014-01-02_03-04-05</id>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, lastFailedBuild=→-1, lastSuccessfulBuild=→99, legacyIds='2014-01-02_03-04-05 99\n'}", summarize());
+        assertEquals("{99={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <id>2014-01-02_03-04-05</id>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, lastFailedBuild=→-1, lastSuccessfulBuild=→99, legacyIds='2014-01-02_03-04-05 99\n'}", summarize());
         assertEquals(99, migrator.findNumber("2014-01-02_03-04-05"));
         migrator = new RunIdMigrator();
         assertFalse(migrator.migrate(dir, null));
@@ -104,58 +104,58 @@ public class RunIdMigratorTest {
         assumeFalse("Symlinks don't work well on Windows", Functions.isWindows());
         write("2014-01-02_03-04-04/build.xml", "<run>\n  <number>98</number>\n</run>");
         link("98", "2014-01-02_03-04-04");
-        write("99/build.xml", "<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>");
+        write("99/build.xml", "<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>");
         link("lastFailedBuild", "-1");
         link("lastSuccessfulBuild", "99");
-        assertEquals("{2014-01-02_03-04-04={build.xml='<run>\n  <number>98</number>\n</run>'}, 98=→2014-01-02_03-04-04, 99={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, lastFailedBuild=→-1, lastSuccessfulBuild=→99}", summarize());
+        assertEquals("{2014-01-02_03-04-04={build.xml='<run>\n  <number>98</number>\n</run>'}, 98=→2014-01-02_03-04-04, 99={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, lastFailedBuild=→-1, lastSuccessfulBuild=→99}", summarize());
         assertTrue(migrator.migrate(dir, null));
-        assertEquals("{98={build.xml='<run>\n  <id>2014-01-02_03-04-04</id>\n  <timestamp>1388649844000</timestamp>\n</run>'}, 99={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, lastFailedBuild=→-1, lastSuccessfulBuild=→99, legacyIds='2014-01-02_03-04-04 98\n'}", summarize());
+        assertEquals("{98={build.xml='<run>\n  <id>2014-01-02_03-04-04</id>\n  <timestamp>1388649844000</timestamp>\n</run>'}, 99={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, lastFailedBuild=→-1, lastSuccessfulBuild=→99, legacyIds='2014-01-02_03-04-04 98\n'}", summarize());
     }
 
     @Test public void reverseImmediately() throws Exception {
         assumeFalse("Symlinks don't work well on Windows", Functions.isWindows());
         File root = dir;
         dir = new File(dir, "jobs/somefolder/jobs/someproject/promotions/OK/builds");
-        write("99/build.xml", "<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <id>2014-01-02_03-04-05</id>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>");
+        write("99/build.xml", "<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <id>2014-01-02_03-04-05</id>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>");
         link("lastFailedBuild", "-1");
         link("lastSuccessfulBuild", "99");
         write("legacyIds", "2014-01-02_03-04-05 99\n");
-        assertEquals("{99={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <id>2014-01-02_03-04-05</id>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, lastFailedBuild=→-1, lastSuccessfulBuild=→99, legacyIds='2014-01-02_03-04-05 99\n'}", summarize());
+        assertEquals("{99={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <id>2014-01-02_03-04-05</id>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, lastFailedBuild=→-1, lastSuccessfulBuild=→99, legacyIds='2014-01-02_03-04-05 99\n'}", summarize());
         RunIdMigrator.main(root.getAbsolutePath());
-        assertEquals("{2014-01-02_03-04-05={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>99</number>\n  <otherstuff>ok</otherstuff>\n</run>'}, 99=→2014-01-02_03-04-05, lastFailedBuild=→-1, lastSuccessfulBuild=→99}", summarize());
+        assertEquals("{2014-01-02_03-04-05={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>99</number>\n  <otherstuff>ok</otherstuff>\n</run>'}, 99=→2014-01-02_03-04-05, lastFailedBuild=→-1, lastSuccessfulBuild=→99}", summarize());
     }
 
     @Test public void reverseAfterNewBuilds() throws Exception {
         assumeFalse("Symlinks don't work well on Windows", Functions.isWindows());
         File root = dir;
         dir = new File(dir, "jobs/someproject/modules/test$test/builds");
-        write("1/build.xml", "<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>");
+        write("1/build.xml", "<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>");
         write("legacyIds", "");
-        assertEquals("{1={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, legacyIds=''}", summarize());
+        assertEquals("{1={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, legacyIds=''}", summarize());
         RunIdMigrator.main(root.getAbsolutePath());
-        assertEquals("{1=→2014-01-02_03-04-05, 2014-01-02_03-04-05={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>1</number>\n  <otherstuff>ok</otherstuff>\n</run>'}}", summarize());
+        assertEquals("{1=→2014-01-02_03-04-05, 2014-01-02_03-04-05={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>1</number>\n  <otherstuff>ok</otherstuff>\n</run>'}}", summarize());
     }
 
     @Test public void reverseMatrixAfterNewBuilds() throws Exception {
         assumeFalse("Symlinks don't work well on Windows", Functions.isWindows());
         File root = dir;
         dir = new File(dir, "jobs/someproject/Environment=prod/builds");
-        write("1/build.xml", "<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>");
+        write("1/build.xml", "<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>");
         write("legacyIds", "");
-        assertEquals("{1={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, legacyIds=''}", summarize());
+        assertEquals("{1={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, legacyIds=''}", summarize());
         RunIdMigrator.main(root.getAbsolutePath());
-        assertEquals("{1=→2014-01-02_03-04-05, 2014-01-02_03-04-05={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>1</number>\n  <otherstuff>ok</otherstuff>\n</run>'}}", summarize());
+        assertEquals("{1=→2014-01-02_03-04-05, 2014-01-02_03-04-05={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>1</number>\n  <otherstuff>ok</otherstuff>\n</run>'}}", summarize());
     }
 
     @Test public void reverseMavenAfterNewBuilds() throws Exception {
         assumeFalse("Symlinks don't work well on Windows", Functions.isWindows());
         File root = dir;
         dir = new File(dir, "jobs/someproject/test$test/builds");
-        write("1/build.xml", "<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>");
+        write("1/build.xml", "<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>");
         write("legacyIds", "");
-        assertEquals("{1={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, legacyIds=''}", summarize());
+        assertEquals("{1={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <timestamp>1388649845000</timestamp>\n  <otherstuff>ok</otherstuff>\n</run>'}, legacyIds=''}", summarize());
         RunIdMigrator.main(root.getAbsolutePath());
-        assertEquals("{1=→2014-01-02_03-04-05, 2014-01-02_03-04-05={build.xml='<?xml version='1.1' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>1</number>\n  <otherstuff>ok</otherstuff>\n</run>'}}", summarize());
+        assertEquals("{1=→2014-01-02_03-04-05, 2014-01-02_03-04-05={build.xml='<?xml version='1.0' encoding='UTF-8'?>\n<run>\n  <stuff>ok</stuff>\n  <number>1</number>\n  <otherstuff>ok</otherstuff>\n</run>'}}", summarize());
     }
 
     // TODO test sane recovery from various error conditions
diff --git a/core/src/test/java/jenkins/util/xstream/XStreamDOMTest.java b/core/src/test/java/jenkins/util/xstream/XStreamDOMTest.java
index 69a1fbe7ef..b32ed5a40f 100644
--- a/core/src/test/java/jenkins/util/xstream/XStreamDOMTest.java
+++ b/core/src/test/java/jenkins/util/xstream/XStreamDOMTest.java
@@ -23,7 +23,6 @@
  */
 package jenkins.util.xstream;
 
-import com.thoughtworks.xstream.io.xml.KXml2Driver;
 import hudson.util.XStream2;
 import org.apache.commons.io.IOUtils;
 import org.junit.Before;
@@ -54,7 +53,7 @@ public class XStreamDOMTest {
 
     @Before
     public void setUp() throws Exception {
-        xs = new XStream2(new KXml2Driver());
+        xs = new XStream2();
         xs.alias("foo", Foo.class);
     }
 
diff --git a/core/src/test/java/jenkins/xml/XMLUtilsTest.java b/core/src/test/java/jenkins/xml/XMLUtilsTest.java
index 5b998b1ca1..55b0d806bb 100644
--- a/core/src/test/java/jenkins/xml/XMLUtilsTest.java
+++ b/core/src/test/java/jenkins/xml/XMLUtilsTest.java
@@ -49,7 +49,7 @@ public class XMLUtilsTest {
     @Issue("SECURITY-167")
     @Test()
     public void testSafeTransformDoesNotProcessForeignResources() throws Exception {
-        final String xml = "<?xml version='1.1' encoding='UTF-8'?>\n" +
+        final String xml = "<?xml version='1.0' encoding='UTF-8'?>\n" +
                 "<!DOCTYPE project[\n" +
                 "  <!ENTITY foo SYSTEM \"file:///\">\n" +
                 "]>\n" +
@@ -82,7 +82,7 @@ public class XMLUtilsTest {
     @Issue("SECURITY-167")
     @Test()
     public void testUpdateByXmlIDoesNotFail() throws Exception {
-        final String xml = "<?xml version='1.1' encoding='UTF-8'?>\n" +
+        final String xml = "<?xml version='1.0' encoding='UTF-8'?>\n" +
                 "<project>\n" +
                 "  <actions/>\n" +
                 "  <description>&amp;</description>\n" +
@@ -119,7 +119,7 @@ public class XMLUtilsTest {
     @Test
     public void testParse_with_XXE() throws IOException, XPathExpressionException {
         try {
-            final String xml = "<?xml version=\"1.1\" encoding=\"UTF-8\"?>\n" +
+            final String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" +
                     "<!DOCTYPE foo [\n" +
                     "   <!ELEMENT foo ANY >\n" +
                     "   <!ENTITY xxe SYSTEM \"http://abc.com/temp/test.jsp\" >]> " +
diff --git a/test/src/test/java/hudson/model/AbstractItemSecurityTest.java b/test/src/test/java/hudson/model/AbstractItemSecurityTest.java
index 7ed8b79557..653097d295 100644
--- a/test/src/test/java/hudson/model/AbstractItemSecurityTest.java
+++ b/test/src/test/java/hudson/model/AbstractItemSecurityTest.java
@@ -47,7 +47,7 @@ public class AbstractItemSecurityTest {
     @Issue("SECURITY-167")
     @Test()
     public void testUpdateByXmlDoesNotProcessForeignResources() throws Exception {
-        final String xml = "<?xml version='1.1' encoding='UTF-8'?>\n" +
+        final String xml = "<?xml version='1.0' encoding='UTF-8'?>\n" +
                 "<!DOCTYPE project[\n" +
                 "  <!ENTITY foo SYSTEM \"file:///\">\n" +
                 "]>\n" +
@@ -73,7 +73,7 @@ public class AbstractItemSecurityTest {
     @Issue("SECURITY-167")
     @Test()
     public void testUpdateByXmlDoesNotFail() throws Exception {
-        final String xml = "<?xml version='1.1' encoding='UTF-8'?>\n" +
+        final String xml = "<?xml version='1.0' encoding='UTF-8'?>\n" +
                 "<project>\n" +
                 "  <description>&amp;</description>\n" +
                 "  <scm class=\"hudson.scm.NullSCM\"/>\n" +
diff --git a/test/src/test/java/hudson/model/ItemGroupMixInTest.java b/test/src/test/java/hudson/model/ItemGroupMixInTest.java
index 0bf83e5970..79ea318b8b 100644
--- a/test/src/test/java/hudson/model/ItemGroupMixInTest.java
+++ b/test/src/test/java/hudson/model/ItemGroupMixInTest.java
@@ -185,7 +185,7 @@ public class ItemGroupMixInTest {
 
     @Test public void createProjectFromXMLShouldNoCreateEntities() throws IOException {
 
-        final String xml = "<?xml version='1.1' encoding='UTF-8'?>\n" +
+        final String xml = "<?xml version='1.0' encoding='UTF-8'?>\n" +
                 "<!DOCTYPE project[\n" +
                 "  <!ENTITY foo SYSTEM \"file:///\">\n" +
                 "]>\n" +
-- 
GitLab


From 24a1852fc2c9a74c59a25c3e0ed022e315894344 Mon Sep 17 00:00:00 2001
From: mike cirioli <mcirioli@cloudbees.com>
Date: Thu, 11 Jan 2018 11:04:46 -0500
Subject: [PATCH 035/863] [JENKINS-48463] Added additional unit tests for
 verifying xml v1.1 compatibility   - verify can still read xml 1.0   - verify
 can read xml 1.1   - verify can read xml 1.1 with 'special' characters   -
 verify that jenkins can start with a config.xml having     <?xml
 version='1.1'> and special characters

---
 core/src/test/java/hudson/XmlFileTest.java    | 84 +++++++++++++++++++
 .../hudson/confg_1_1_with_special_chars.xml   |  9 ++
 core/src/test/resources/hudson/config_1_0.xml |  8 ++
 core/src/test/resources/hudson/config_1_1.xml |  8 ++
 pom.xml                                       |  2 +-
 test/src/test/java/hudson/XMLFileTest.java    | 23 +++++
 .../config.xml                                |  9 ++
 7 files changed, 142 insertions(+), 1 deletion(-)
 create mode 100644 core/src/test/java/hudson/XmlFileTest.java
 create mode 100644 core/src/test/resources/hudson/confg_1_1_with_special_chars.xml
 create mode 100644 core/src/test/resources/hudson/config_1_0.xml
 create mode 100644 core/src/test/resources/hudson/config_1_1.xml
 create mode 100644 test/src/test/java/hudson/XMLFileTest.java
 create mode 100644 test/src/test/resources/hudson/XMLFileTest/canStartWithXml_1_1_ConfigsTest/config.xml

diff --git a/core/src/test/java/hudson/XmlFileTest.java b/core/src/test/java/hudson/XmlFileTest.java
new file mode 100644
index 0000000000..0583e46e99
--- /dev/null
+++ b/core/src/test/java/hudson/XmlFileTest.java
@@ -0,0 +1,84 @@
+package hudson;
+
+import hudson.model.Node;
+import hudson.util.XStream2;
+import java.io.File;
+import java.io.IOException;
+import java.net.URL;
+
+import jenkins.model.Jenkins;
+import org.junit.Ignore;
+import org.junit.Test;
+
+import static org.hamcrest.CoreMatchers.is;
+import static org.junit.Assert.assertThat;
+
+public class XmlFileTest {
+
+    @Test
+    public void canReadXml1_0Test() throws IOException {
+        URL configUrl = getClass().getResource("/hudson/config_1_0.xml");
+        File configFile = new File(configUrl.getFile());
+        XStream2  xs = new XStream2();
+        xs.alias("hudson", Jenkins.class);
+
+        XmlFile xmlFile =  new XmlFile(xs, configFile);
+        if (xmlFile.exists()) {
+            Node n = (Node) xmlFile.read();
+            assertThat(n.getNumExecutors(), is(2));
+            assertThat(n.getMode().toString(), is("NORMAL"));
+        }
+    }
+
+    @Test
+    public void canReadXml1_1Test() throws IOException {
+        URL configUrl = getClass().getResource("/hudson/config_1_1.xml");
+        File configFile = new File(configUrl.getFile());
+        XStream2  xs = new XStream2();
+        xs.alias("hudson", Jenkins.class);
+
+        XmlFile xmlFile =  new XmlFile(xs, configFile);
+        if (xmlFile.exists()) {
+            Node n = (Node) xmlFile.read();
+            assertThat(n.getNumExecutors(), is(2));
+            assertThat(n.getMode().toString(), is("NORMAL"));
+        }
+    }
+
+    @Test
+    @Ignore
+    //TODO: find a way to complete this test
+    public void xml1_0ConfigMigrateTo1_1Test() throws IOException {
+        URL configUrl = getClass().getResource("/hudson/config_1_0.xml");
+        File configFile = new File(configUrl.getFile());
+        XStream2  xs = new XStream2();
+        xs.alias("hudson", Jenkins.class);
+
+        XmlFile xmlFile =  new XmlFile(xs, configFile);
+        if (xmlFile.exists()) {
+            Node n = (Node) xmlFile.read();
+            assertThat(n.getNumExecutors(), is(2));
+            assertThat(n.getMode().toString(), is("NORMAL"));
+            // this fails, because configFile.getParent() returns null....how do i fix?
+            n.save();
+            // Now verify that the node is showing <?xml version='1.1'> tag
+        }
+
+    }
+
+    @Test
+    public void canReadXmlWithControlCharsTest() throws IOException {
+        URL configUrl = getClass().getResource("/hudson/confg_1_1_with_special_chars.xml");
+        File configFile = new File(configUrl.getFile());
+        XStream2  xs = new XStream2();
+        xs.alias("hudson", Jenkins.class);
+
+        XmlFile xmlFile =  new XmlFile(xs, configFile);
+        if (xmlFile.exists()) {
+            Node n = (Node) xmlFile.read();
+            assertThat(n.getNumExecutors(), is(2));
+            assertThat(n.getMode().toString(), is("NORMAL"));
+            assertThat(n.getLabelString(), is("LESS_TERMCAP_mb=\u001B[01;31m"));
+        }
+    }
+}
diff --git a/core/src/test/resources/hudson/confg_1_1_with_special_chars.xml b/core/src/test/resources/hudson/confg_1_1_with_special_chars.xml
new file mode 100644
index 0000000000..cb072b5ebb
--- /dev/null
+++ b/core/src/test/resources/hudson/confg_1_1_with_special_chars.xml
@@ -0,0 +1,9 @@
+<?xml version='1.1' encoding='UTF-8'?>
+<hudson>
+    <disabledAdministrativeMonitors/>
+    <version>1.480.1</version>
+    <numExecutors>2</numExecutors>
+    <mode>NORMAL</mode>
+    <label>LESS_TERMCAP_mb=&#x1b;[01;31m</label>
+    <!-- Yeah, we deleted a lot of this ... fine for testing. -->
+</hudson>
\ No newline at end of file
diff --git a/core/src/test/resources/hudson/config_1_0.xml b/core/src/test/resources/hudson/config_1_0.xml
new file mode 100644
index 0000000000..c3a76a6eef
--- /dev/null
+++ b/core/src/test/resources/hudson/config_1_0.xml
@@ -0,0 +1,8 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<hudson>
+    <disabledAdministrativeMonitors/>
+    <version>1.480.1</version>
+    <numExecutors>2</numExecutors>
+    <mode>NORMAL</mode>
+    <!-- Yeah, we deleted a lot of this ... fine for testing. -->
+</hudson>
\ No newline at end of file
diff --git a/core/src/test/resources/hudson/config_1_1.xml b/core/src/test/resources/hudson/config_1_1.xml
new file mode 100644
index 0000000000..c3fd8c0603
--- /dev/null
+++ b/core/src/test/resources/hudson/config_1_1.xml
@@ -0,0 +1,8 @@
+<?xml version='1.1' encoding='UTF-8'?>
+<hudson>
+    <disabledAdministrativeMonitors/>
+    <version>1.480.1</version>
+    <numExecutors>2</numExecutors>
+    <mode>NORMAL</mode>
+    <!-- Yeah, we deleted a lot of this ... fine for testing. -->
+</hudson>
\ No newline at end of file
diff --git a/pom.xml b/pom.xml
index c798586c2b..7b64d217d7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -129,7 +129,7 @@ THE SOFTWARE.
       <dependency>
         <groupId>org.apache.ant</groupId>
         <artifactId>ant</artifactId>
-        <version>1.8.4</version>
+        <version>1.9.2</version>
       </dependency>
 
       <dependency>
diff --git a/test/src/test/java/hudson/XMLFileTest.java b/test/src/test/java/hudson/XMLFileTest.java
new file mode 100644
index 0000000000..dde05c3423
--- /dev/null
+++ b/test/src/test/java/hudson/XMLFileTest.java
@@ -0,0 +1,23 @@
+package hudson;
+
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.recipes.LocalData;
+
+import static org.hamcrest.CoreMatchers.is;
+import static org.junit.Assert.assertThat;
+
+public class XMLFileTest {
+
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+
+    @Test
+    @LocalData
+    public void canStartWithXml_1_1_ConfigsTest() {
+
+        assertThat(j.jenkins.getLabelString(),is("LESS_TERMCAP_mb=\u001B[01;31m"));
+
+    }
+}
diff --git a/test/src/test/resources/hudson/XMLFileTest/canStartWithXml_1_1_ConfigsTest/config.xml b/test/src/test/resources/hudson/XMLFileTest/canStartWithXml_1_1_ConfigsTest/config.xml
new file mode 100644
index 0000000000..cb072b5ebb
--- /dev/null
+++ b/test/src/test/resources/hudson/XMLFileTest/canStartWithXml_1_1_ConfigsTest/config.xml
@@ -0,0 +1,9 @@
+<?xml version='1.1' encoding='UTF-8'?>
+<hudson>
+    <disabledAdministrativeMonitors/>
+    <version>1.480.1</version>
+    <numExecutors>2</numExecutors>
+    <mode>NORMAL</mode>
+    <label>LESS_TERMCAP_mb=&#x1b;[01;31m</label>
+    <!-- Yeah, we deleted a lot of this ... fine for testing. -->
+</hudson>
\ No newline at end of file
-- 
GitLab


From b9c2148d6e53ef4c7f0f01fab591b0333b4c69f1 Mon Sep 17 00:00:00 2001
From: mike cirioli <mcirioli@cloudbees.com>
Date: Fri, 12 Jan 2018 08:55:34 -0500
Subject: [PATCH 036/863] [JENKINS-48463] Added a unit test that validates
 jenkins xml v1.0 configs are silently migrated to xml v1.1 as they are
 persisted

---
 core/src/test/java/hudson/XmlFileTest.java    | 24 +------------------
 test/src/test/java/hudson/XMLFileTest.java    | 22 +++++++++++++++++
 .../silentlyMigrateConfigsTest/config.xml     |  9 +++++++
 3 files changed, 32 insertions(+), 23 deletions(-)
 create mode 100644 test/src/test/resources/hudson/XMLFileTest/silentlyMigrateConfigsTest/config.xml

diff --git a/core/src/test/java/hudson/XmlFileTest.java b/core/src/test/java/hudson/XmlFileTest.java
index 0583e46e99..3493b4335f 100644
--- a/core/src/test/java/hudson/XmlFileTest.java
+++ b/core/src/test/java/hudson/XmlFileTest.java
@@ -7,7 +7,6 @@ import java.io.IOException;
 import java.net.URL;
 
 import jenkins.model.Jenkins;
-import org.junit.Ignore;
 import org.junit.Test;
 
 import static org.hamcrest.CoreMatchers.is;
@@ -44,28 +43,7 @@ public class XmlFileTest {
             assertThat(n.getMode().toString(), is("NORMAL"));
         }
     }
-
-    @Test
-    @Ignore
-    //TODO: find a way to complete this test
-    public void xml1_0ConfigMigrateTo1_1Test() throws IOException {
-        URL configUrl = getClass().getResource("/hudson/config_1_0.xml");
-        File configFile = new File(configUrl.getFile());
-        XStream2  xs = new XStream2();
-        xs.alias("hudson", Jenkins.class);
-
-        XmlFile xmlFile =  new XmlFile(xs, configFile);
-        if (xmlFile.exists()) {
-            Node n = (Node) xmlFile.read();
-            assertThat(n.getNumExecutors(), is(2));
-            assertThat(n.getMode().toString(), is("NORMAL"));
-            // this fails, because configFile.getParent() returns null....how do i fix?
-            n.save();
-            // Now verify that the node is showing <?xml version='1.1'> tag
-        }
-
-    }
-
+    
     @Test
     public void canReadXmlWithControlCharsTest() throws IOException {
         URL configUrl = getClass().getResource("/hudson/confg_1_1_with_special_chars.xml");
diff --git a/test/src/test/java/hudson/XMLFileTest.java b/test/src/test/java/hudson/XMLFileTest.java
index dde05c3423..0fa2c8af08 100644
--- a/test/src/test/java/hudson/XMLFileTest.java
+++ b/test/src/test/java/hudson/XMLFileTest.java
@@ -1,5 +1,8 @@
 package hudson;
 
+import java.io.BufferedReader;
+import java.io.File;
+import java.io.FileReader;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.JenkinsRule;
@@ -20,4 +23,23 @@ public class XMLFileTest {
         assertThat(j.jenkins.getLabelString(),is("LESS_TERMCAP_mb=\u001B[01;31m"));
 
     }
+
+    /**
+     *
+     * This test validates that xml v1.0 configs silently get migrated to xml v1.1 when they are persisted
+     *
+     */
+    @Test
+    @LocalData
+    public void silentlyMigrateConfigsTest() throws Exception {
+        j.jenkins.save();
+        // verify that we did indeed load our test config.xml
+        assertThat(j.jenkins.getLabelString(), is("LESS_TERMCAP_mb=\u001B[01;31m"));
+        //verify that the persisted top level config.xml is v1.1
+        File configFile = new File(j.jenkins.getRootPath().getRemote() + File.separator + "config.xml");
+        assertThat(configFile.exists(), is(true));
+        BufferedReader config = new BufferedReader(new FileReader(configFile));
+        assertThat(config.readLine(), is("<?xml version='1.1' encoding='UTF-8'?>"));
+        config.close();
+    }
 }
diff --git a/test/src/test/resources/hudson/XMLFileTest/silentlyMigrateConfigsTest/config.xml b/test/src/test/resources/hudson/XMLFileTest/silentlyMigrateConfigsTest/config.xml
new file mode 100644
index 0000000000..f26e502947
--- /dev/null
+++ b/test/src/test/resources/hudson/XMLFileTest/silentlyMigrateConfigsTest/config.xml
@@ -0,0 +1,9 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<hudson>
+    <disabledAdministrativeMonitors/>
+    <version>1.480.1</version>
+    <numExecutors>2</numExecutors>
+    <mode>NORMAL</mode>
+    <label>LESS_TERMCAP_mb=&#x1b;[01;31m</label>
+    <!-- Yeah, we deleted a lot of this ... fine for testing. -->
+</hudson>
\ No newline at end of file
-- 
GitLab


From a0f419120b72b3e645f5beb7b5213ae01cc58364 Mon Sep 17 00:00:00 2001
From: mike cirioli <mcirioli@cloudbees.com>
Date: Fri, 12 Jan 2018 10:16:57 -0500
Subject: [PATCH 037/863] [JENKINS-48463] It appears that the KXml2Driver is
 more tolerant of technically illegal xml (ie. it doesn't complain if an Xml
 v1.0 file contains special characters).  Added a unit test that proves this,
 as well as fixing silentlyMigrateConfigsTest so that it starts with
 technically valid Xml 1.0 content

---
 core/src/test/java/hudson/XmlFileTest.java    | 19 ++++++++++++++++++-
 .../hudson/config_1_0_with_special_chars.xml  |  9 +++++++++
 ....xml => config_1_1_with_special_chars.xml} |  0
 test/src/test/java/hudson/XMLFileTest.java    |  2 +-
 .../silentlyMigrateConfigsTest/config.xml     |  2 +-
 5 files changed, 29 insertions(+), 3 deletions(-)
 create mode 100644 core/src/test/resources/hudson/config_1_0_with_special_chars.xml
 rename core/src/test/resources/hudson/{confg_1_1_with_special_chars.xml => config_1_1_with_special_chars.xml} (100%)

diff --git a/core/src/test/java/hudson/XmlFileTest.java b/core/src/test/java/hudson/XmlFileTest.java
index 3493b4335f..b34d7340b4 100644
--- a/core/src/test/java/hudson/XmlFileTest.java
+++ b/core/src/test/java/hudson/XmlFileTest.java
@@ -8,6 +8,8 @@ import java.net.URL;
 
 import jenkins.model.Jenkins;
 import org.junit.Test;
+import org.junit.rules.ExpectedException;
+import org.xml.sax.SAXParseException;
 
 import static org.hamcrest.CoreMatchers.is;
 import static org.junit.Assert.assertThat;
@@ -29,6 +31,21 @@ public class XmlFileTest {
         }
     }
 
+    @Test(expected = SAXParseException.class)
+    public void xml1_0_withSpecialCharsShouldFail() throws IOException {
+        URL configUrl = getClass().getResource("/hudson/config_1_0_with_special_chars.xml");
+        File configFile = new File(configUrl.getFile());
+        XStream2  xs = new XStream2();
+        xs.alias("hudson", Jenkins.class);
+
+        XmlFile xmlFile =  new XmlFile(xs, configFile);
+        if (xmlFile.exists()) {
+            Node n = (Node) xmlFile.read();
+            assertThat(n.getNumExecutors(), is(2));
+            assertThat(n.getMode().toString(), is("NORMAL"));
+        }
+    }
+
     @Test
     public void canReadXml1_1Test() throws IOException {
         URL configUrl = getClass().getResource("/hudson/config_1_1.xml");
@@ -46,7 +63,7 @@ public class XmlFileTest {
     
     @Test
     public void canReadXmlWithControlCharsTest() throws IOException {
-        URL configUrl = getClass().getResource("/hudson/confg_1_1_with_special_chars.xml");
+        URL configUrl = getClass().getResource("/hudson/config_1_1_with_special_chars.xml");
         File configFile = new File(configUrl.getFile());
         XStream2  xs = new XStream2();
         xs.alias("hudson", Jenkins.class);
diff --git a/core/src/test/resources/hudson/config_1_0_with_special_chars.xml b/core/src/test/resources/hudson/config_1_0_with_special_chars.xml
new file mode 100644
index 0000000000..f26e502947
--- /dev/null
+++ b/core/src/test/resources/hudson/config_1_0_with_special_chars.xml
@@ -0,0 +1,9 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<hudson>
+    <disabledAdministrativeMonitors/>
+    <version>1.480.1</version>
+    <numExecutors>2</numExecutors>
+    <mode>NORMAL</mode>
+    <label>LESS_TERMCAP_mb=&#x1b;[01;31m</label>
+    <!-- Yeah, we deleted a lot of this ... fine for testing. -->
+</hudson>
\ No newline at end of file
diff --git a/core/src/test/resources/hudson/confg_1_1_with_special_chars.xml b/core/src/test/resources/hudson/config_1_1_with_special_chars.xml
similarity index 100%
rename from core/src/test/resources/hudson/confg_1_1_with_special_chars.xml
rename to core/src/test/resources/hudson/config_1_1_with_special_chars.xml
diff --git a/test/src/test/java/hudson/XMLFileTest.java b/test/src/test/java/hudson/XMLFileTest.java
index 0fa2c8af08..b384ee7dfb 100644
--- a/test/src/test/java/hudson/XMLFileTest.java
+++ b/test/src/test/java/hudson/XMLFileTest.java
@@ -34,7 +34,7 @@ public class XMLFileTest {
     public void silentlyMigrateConfigsTest() throws Exception {
         j.jenkins.save();
         // verify that we did indeed load our test config.xml
-        assertThat(j.jenkins.getLabelString(), is("LESS_TERMCAP_mb=\u001B[01;31m"));
+        assertThat(j.jenkins.getLabelString(), is("I am a label"));
         //verify that the persisted top level config.xml is v1.1
         File configFile = new File(j.jenkins.getRootPath().getRemote() + File.separator + "config.xml");
         assertThat(configFile.exists(), is(true));
diff --git a/test/src/test/resources/hudson/XMLFileTest/silentlyMigrateConfigsTest/config.xml b/test/src/test/resources/hudson/XMLFileTest/silentlyMigrateConfigsTest/config.xml
index f26e502947..1cc5aa6799 100644
--- a/test/src/test/resources/hudson/XMLFileTest/silentlyMigrateConfigsTest/config.xml
+++ b/test/src/test/resources/hudson/XMLFileTest/silentlyMigrateConfigsTest/config.xml
@@ -4,6 +4,6 @@
     <version>1.480.1</version>
     <numExecutors>2</numExecutors>
     <mode>NORMAL</mode>
-    <label>LESS_TERMCAP_mb=&#x1b;[01;31m</label>
+    <label>I am a label</label>
     <!-- Yeah, we deleted a lot of this ... fine for testing. -->
 </hudson>
\ No newline at end of file
-- 
GitLab


From 0431cc75fd2745335a8e06c75697890ef049df79 Mon Sep 17 00:00:00 2001
From: mike cirioli <mcirioli@cloudbees.com>
Date: Fri, 12 Jan 2018 11:10:34 -0500
Subject: [PATCH 038/863] [JENKINS-48463] - Ignoring test
 xml1_0_withSpecialCharsShouldFail due to KXml2Driver being tolerant of
 control characters which should be illegal in an XML v1.0 content.  This test
 should be revisted if we switch to another XML driver

---
 core/src/test/java/hudson/XmlFileTest.java | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/core/src/test/java/hudson/XmlFileTest.java b/core/src/test/java/hudson/XmlFileTest.java
index b34d7340b4..f4c3c42e02 100644
--- a/core/src/test/java/hudson/XmlFileTest.java
+++ b/core/src/test/java/hudson/XmlFileTest.java
@@ -7,6 +7,7 @@ import java.io.IOException;
 import java.net.URL;
 
 import jenkins.model.Jenkins;
+import org.junit.Ignore;
 import org.junit.Test;
 import org.junit.rules.ExpectedException;
 import org.xml.sax.SAXParseException;
@@ -31,6 +32,9 @@ public class XmlFileTest {
         }
     }
 
+    // KXml2Driver is able to parse XML 1.0 even if it has control characters which
+    // should be illegal.  Ignoring this test until we switch to a more compliant driver
+    @Ignore
     @Test(expected = SAXParseException.class)
     public void xml1_0_withSpecialCharsShouldFail() throws IOException {
         URL configUrl = getClass().getResource("/hudson/config_1_0_with_special_chars.xml");
-- 
GitLab


From 992100ac4223b3d5eab11e8dccae5e55c2a18484 Mon Sep 17 00:00:00 2001
From: mike cirioli <mcirioli@cloudbees.com>
Date: Tue, 23 Jan 2018 13:13:13 -0500
Subject: [PATCH 039/863] [JENKINS-48463] - fixed reference to deprecated
 Xpp3Driver and replaced with new default driver

---
 core/src/main/java/hudson/model/View.java        | 2 +-
 core/src/test/java/hudson/util/XStream2Test.java | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/hudson/model/View.java b/core/src/main/java/hudson/model/View.java
index 3cb1a61d1f..721c87476a 100644
--- a/core/src/main/java/hudson/model/View.java
+++ b/core/src/main/java/hudson/model/View.java
@@ -1213,7 +1213,7 @@ public abstract class View extends AbstractModelObject implements AccessControll
             // view in same ViewGroup and might not satisfy Jenkins.checkGoodName.
             String oldname = name;
             ViewGroup oldOwner = owner; // oddly, this field is not transient
-            Object o = Jenkins.XSTREAM.unmarshal(XStream2.getDefaultDriver().createReader(in), this, null, true);
+            Object o = Jenkins.XSTREAM2.unmarshal(XStream2.getDefaultDriver().createReader(in), this, null, true);
             if (!o.getClass().equals(getClass())) {
                 // ensure that we've got the same view type. extending this code to support updating
                 // to different view type requires destroying & creating a new view type
diff --git a/core/src/test/java/hudson/util/XStream2Test.java b/core/src/test/java/hudson/util/XStream2Test.java
index f5a038ae79..59192f02a4 100644
--- a/core/src/test/java/hudson/util/XStream2Test.java
+++ b/core/src/test/java/hudson/util/XStream2Test.java
@@ -29,7 +29,7 @@ import static org.junit.Assert.*;
 import com.google.common.collect.ImmutableList;
 import com.google.common.collect.ImmutableMap;
 import com.thoughtworks.xstream.XStreamException;
-import com.thoughtworks.xstream.io.xml.Xpp3Driver;
+import com.thoughtworks.xstream.io.xml.KXml2Driver;
 import com.thoughtworks.xstream.security.ForbiddenClassException;
 import hudson.model.Result;
 import hudson.model.Run;
@@ -426,7 +426,7 @@ public class XStream2Test {
 
     private Object fromXMLNullingOut(String xml, Object root) {
         // Currently not offering a public convenience API for this:
-        return Jenkins.XSTREAM2.unmarshal(new Xpp3Driver().createReader(new StringReader(xml)), root, null, true);
+        return Jenkins.XSTREAM2.unmarshal(XStream2.getDefaultDriver().createReader(new StringReader(xml)), root, null, true);
     }
 
     public static class WithDefaults {
-- 
GitLab


From eb41a7bb0a58474a0fc627ca1cb8f2002ad26b47 Mon Sep 17 00:00:00 2001
From: Alexander Akbashev <mr.akbashev@gmail.com>
Date: Wed, 22 Nov 2017 09:34:57 +0100
Subject: [PATCH 040/863] [JENKINS-48348] If task can be run only on master,
 use shortcut

Currently Jenkins to fire WorkflowJob re-calculates the ConstistentHash
for entire cluster even if there is no nodes were updated. If cluster is
big enough (>100 nodes), it becomes a problem, because MD5 is quite
expensive itself plus all this logic comes with high memory footprint.

Using the knowledge that WorkflowJob can be executed only on Jenkins master,
we can create a shortcut that does not do expensive calculation and just
returns Runnable or `null`.

(cherry picked from commit 00ccd23f6441a55bfd625660911d4bc79c7578ba)
---
 core/src/main/java/hudson/model/Queue.java | 34 +++++++++++++++++-----
 1 file changed, 26 insertions(+), 8 deletions(-)

diff --git a/core/src/main/java/hudson/model/Queue.java b/core/src/main/java/hudson/model/Queue.java
index ece3da76cf..bdec3a3f15 100644
--- a/core/src/main/java/hudson/model/Queue.java
+++ b/core/src/main/java/hudson/model/Queue.java
@@ -1691,6 +1691,17 @@ public class Queue extends ResourceController implements Saveable {
         //we double check if this is a flyweight task
         if (p.task instanceof FlyweightTask) {
             Jenkins h = Jenkins.getInstance();
+
+            Label lbl = p.getAssignedLabel();
+
+            if (lbl != null && lbl.equals(h.getSelfLabel())) {
+                if (h.canTake(p) == null) {
+                    return createFlyWeightTaskRunnable(p, h.toComputer());
+                } else {
+                    return null;
+                }
+            }
+
             Map<Node, Integer> hashSource = new HashMap<Node, Integer>(h.getNodes().size());
 
             // Even if master is configured with zero executors, we may need to run a flyweight task like MatrixProject on it.
@@ -1703,7 +1714,6 @@ public class Queue extends ResourceController implements Saveable {
             ConsistentHash<Node> hash = new ConsistentHash<Node>(NODE_HASH);
             hash.addAll(hashSource);
 
-            Label lbl = p.getAssignedLabel();
             String fullDisplayName = p.task.getFullDisplayName();
             for (Node n : hash.list(fullDisplayName)) {
                 final Computer c = n.toComputer();
@@ -1717,18 +1727,25 @@ public class Queue extends ResourceController implements Saveable {
                     continue;
                 }
 
-                LOGGER.log(Level.FINEST, "Creating flyweight task {0} for computer {1}", new Object[]{fullDisplayName, c.getName()});
-                return new Runnable() {
-                    @Override public void run() {
-                        c.startFlyWeightTask(new WorkUnitContext(p).createWorkUnit(p.task));
-                        makePending(p);
-                    }
-                };
+                return createFlyWeightTaskRunnable(p, c);
             }
         }
         return null;
     }
 
+    private Runnable createFlyWeightTaskRunnable(final BuildableItem p, final Computer c) {
+        if (LOGGER.isLoggable(Level.FINEST)) {
+            LOGGER.log(Level.FINEST, "Creating flyweight task {0} for computer {1}",
+                    new Object[]{p.task.getFullDisplayName(), c.getName()});
+        }
+        return new Runnable() {
+            @Override public void run() {
+                c.startFlyWeightTask(new WorkUnitContext(p).createWorkUnit(p.task));
+                makePending(p);
+            }
+        };
+    }
+
     private static Hash<Node> NODE_HASH = new Hash<Node>() {
         public String hash(Node node) {
             return node.getNodeName();
@@ -2104,6 +2121,7 @@ public class Queue extends ResourceController implements Saveable {
          * <p>
          * This code takes {@link LabelAssignmentAction} into account, then fall back to {@link SubTask#getAssignedLabel()}
          */
+        @CheckForNull
         public Label getAssignedLabel() {
             for (LabelAssignmentAction laa : getActions(LabelAssignmentAction.class)) {
                 Label l = laa.getAssignedLabel(task);
-- 
GitLab


From e0ea7a648ed6970897ea2c49bc662439ec4e4110 Mon Sep 17 00:00:00 2001
From: Alexander Akbashev <mr.akbashev@gmail.com>
Date: Thu, 16 Nov 2017 09:43:59 +0100
Subject: [PATCH 041/863] [JENKINS-48350] Cache estimated duration for
 execution

In case of having 1000s of ongoing builds opening main pages can take
some time if list of executors are opened. It happens because for every
queury that comes from jelly we re-calculate the value from scratch. And
calculation needs to load some builds from disk. The worst thing is that it
happens for every user separately.

(cherry picked from commit d7b120fea37b46b863c89acb638d04cdddc868b4)
---
 core/src/main/java/hudson/model/Executor.java | 74 ++++++-------------
 1 file changed, 23 insertions(+), 51 deletions(-)

diff --git a/core/src/main/java/hudson/model/Executor.java b/core/src/main/java/hudson/model/Executor.java
index 8cbf964a1a..e20f9a1eee 100644
--- a/core/src/main/java/hudson/model/Executor.java
+++ b/core/src/main/java/hudson/model/Executor.java
@@ -87,6 +87,7 @@ public class Executor extends Thread implements ModelObject {
     protected final @Nonnull Computer owner;
     private final Queue queue;
     private final ReadWriteLock lock = new ReentrantReadWriteLock();
+    private static final int DEFAULT_ESTIMATED_DURATION = -1;
 
     @GuardedBy("lock")
     private long startTime;
@@ -105,6 +106,11 @@ public class Executor extends Thread implements ModelObject {
     @GuardedBy("lock")
     private Queue.Executable executable;
 
+    /**
+     * Calculation of estimated duration needs some time, so, it's better to cache it once executable is known
+     */
+    private long executableEstimatedDuration = DEFAULT_ESTIMATED_DURATION;
+
     /**
      * Used to mark that the execution is continuing asynchronously even though {@link Executor} as {@link Thread}
      * has finished.
@@ -396,6 +402,8 @@ public class Executor extends Thread implements ModelObject {
                     return;
                 }
 
+                executableEstimatedDuration = executable.getEstimatedDuration();
+
                 if (executable instanceof Actionable) {
                     if (LOGGER.isLoggable(Level.FINER)) {
                         LOGGER.log(FINER, "when running {0} from {1} we are copying {2} actions whereas the item currently has {3}", new Object[] {executable, workUnit.context.item, workUnit.context.actions, workUnit.context.item.getAllActions()});
@@ -451,6 +459,7 @@ public class Executor extends Thread implements ModelObject {
             if (asynchronousExecution == null) {
                 finish2();
             }
+            executableEstimatedDuration = DEFAULT_ESTIMATED_DURATION;
         }
     }
 
@@ -686,18 +695,9 @@ public class Executor extends Thread implements ModelObject {
      */
     @Exported
     public int getProgress() {
-        long d;
-        lock.readLock().lock();
-        try {
-            if (executable == null) {
-                return -1;
-            }
-            d = executable.getEstimatedDuration();
-        } finally {
-            lock.readLock().unlock();
-        }
+        long d = executableEstimatedDuration;
         if (d <= 0) {
-            return -1;
+            return DEFAULT_ESTIMATED_DURATION;
         }
 
         int num = (int) (getElapsedTime() * 100 / d);
@@ -716,19 +716,17 @@ public class Executor extends Thread implements ModelObject {
      */
     @Exported
     public boolean isLikelyStuck() {
-        long d;
-        long elapsed;
         lock.readLock().lock();
         try {
             if (executable == null) {
                 return false;
             }
-
-            elapsed = getElapsedTime();
-            d = executable.getEstimatedDuration();
         } finally {
             lock.readLock().unlock();
         }
+
+        long elapsed = getElapsedTime();
+        long d = executableEstimatedDuration;
         if (d >= 0) {
             // if it's taking 10 times longer than ETA, consider it stuck
             return d * 10 < elapsed;
@@ -776,17 +774,7 @@ public class Executor extends Thread implements ModelObject {
      * until the build completes.
      */
     public String getEstimatedRemainingTime() {
-        long d;
-        lock.readLock().lock();
-        try {
-            if (executable == null) {
-                return Messages.Executor_NotAvailable();
-            }
-
-            d = executable.getEstimatedDuration();
-        } finally {
-            lock.readLock().unlock();
-        }
+        long d = executableEstimatedDuration;
         if (d < 0) {
             return Messages.Executor_NotAvailable();
         }
@@ -804,24 +792,14 @@ public class Executor extends Thread implements ModelObject {
      * it as a number of milli-seconds.
      */
     public long getEstimatedRemainingTimeMillis() {
-        long d;
-        lock.readLock().lock();
-        try {
-            if (executable == null) {
-                return -1;
-            }
-
-            d = executable.getEstimatedDuration();
-        } finally {
-            lock.readLock().unlock();
-        }
+        long d = executableEstimatedDuration;
         if (d < 0) {
-            return -1;
+            return DEFAULT_ESTIMATED_DURATION;
         }
 
         long eta = d - getElapsedTime();
         if (eta <= 0) {
-            return -1;
+            return DEFAULT_ESTIMATED_DURATION;
         }
 
         return eta;
@@ -906,16 +884,10 @@ public class Executor extends Thread implements ModelObject {
      * Returns when this executor started or should start being idle.
      */
     public long getIdleStartMilliseconds() {
-        lock.readLock().lock();
-        try {
-            if (isIdle())
-                return Math.max(creationTime, owner.getConnectTime());
-            else {
-                return Math.max(startTime + Math.max(0, executable == null ? -1 : executable.getEstimatedDuration()),
-                        System.currentTimeMillis() + 15000);
-            }
-        } finally {
-            lock.readLock().unlock();
+        if (isIdle())
+            return Math.max(creationTime, owner.getConnectTime());
+        else {
+            return Math.max(startTime + Math.max(0, executableEstimatedDuration), System.currentTimeMillis() + 15000);
         }
     }
 
@@ -981,7 +953,7 @@ public class Executor extends Thread implements ModelObject {
      */
     @Deprecated
     public static long getEstimatedDurationFor(Executable e) {
-        return e == null ? -1 : e.getEstimatedDuration();
+        return e == null ? DEFAULT_ESTIMATED_DURATION : e.getEstimatedDuration();
     }
 
     /**
-- 
GitLab


From bed6ccd71921c9321919f7a042864dbbbf63243a Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Sat, 16 Dec 2017 22:16:37 +0100
Subject: [PATCH 042/863] Merge pull request #3187 from
 daniel-beck/JENKINS-34254-v2

[JENKINS-34254] Fix RequirePOST form

(cherry picked from commit 76c9f8beacc681663571c925b5ee090222407e34)
---
 core/pom.xml                                  |  2 +-
 .../hudson/security/csrf/CrumbFilter.java     | 14 +++++++
 .../security/csrf/CrumbFilter/retry.jelly     | 42 +++++++++++++++++++
 .../csrf/CrumbFilter/retry.properties         |  4 ++
 .../security/csrf/DefaultCrumbIssuerTest.java | 17 ++++++++
 5 files changed, 78 insertions(+), 1 deletion(-)
 create mode 100644 core/src/main/resources/hudson/security/csrf/CrumbFilter/retry.jelly
 create mode 100644 core/src/main/resources/hudson/security/csrf/CrumbFilter/retry.properties

diff --git a/core/pom.xml b/core/pom.xml
index b9345cd9b8..59eafcba6c 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -39,7 +39,7 @@ THE SOFTWARE.
 
   <properties>
     <staplerFork>true</staplerFork>
-    <stapler.version>1.253</stapler.version>
+    <stapler.version>1.254</stapler.version>
     <spring.version>2.5.6.SEC03</spring.version>
     <groovy.version>2.4.11</groovy.version>
     <!-- TODO: Actually many issues are being filtered by src/findbugs/findbugs-excludes.xml -->
diff --git a/core/src/main/java/hudson/security/csrf/CrumbFilter.java b/core/src/main/java/hudson/security/csrf/CrumbFilter.java
index e2b2790ef0..437d220952 100644
--- a/core/src/main/java/hudson/security/csrf/CrumbFilter.java
+++ b/core/src/main/java/hudson/security/csrf/CrumbFilter.java
@@ -8,6 +8,11 @@ package hudson.security.csrf;
 import hudson.util.MultipartFormDataParser;
 import jenkins.model.Jenkins;
 import org.acegisecurity.providers.anonymous.AnonymousAuthenticationToken;
+import org.kohsuke.MetaInfServices;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+import org.kohsuke.stapler.ForwardToView;
+import org.kohsuke.stapler.interceptor.RequirePOST;
 
 import java.io.IOException;
 import java.util.Enumeration;
@@ -41,6 +46,15 @@ public class CrumbFilter implements Filter {
         return h.getCrumbIssuer();
     }
 
+    @Restricted(NoExternalUse.class)
+    @MetaInfServices
+    public static class ErrorCustomizer implements RequirePOST.ErrorCustomizer {
+        @Override
+        public ForwardToView getForwardView() {
+            return new ForwardToView(CrumbFilter.class, "retry");
+        }
+    }
+
     public void init(FilterConfig filterConfig) throws ServletException {
     }
 
diff --git a/core/src/main/resources/hudson/security/csrf/CrumbFilter/retry.jelly b/core/src/main/resources/hudson/security/csrf/CrumbFilter/retry.jelly
new file mode 100644
index 0000000000..70e615b78e
--- /dev/null
+++ b/core/src/main/resources/hudson/security/csrf/CrumbFilter/retry.jelly
@@ -0,0 +1,42 @@
+<!--
+The MIT License
+
+Copyright (c) 2017, Daniel Beck
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
+    <st:statusCode value="405"/>
+    <l:layout norefresh="true" title="${%Method Not Allowed}">
+
+        <l:main-panel>
+            <h1>${%This URL requires POST}</h1>
+            <p>
+                ${%blurb}
+            </p>
+            <p><tt>${requestURL}</tt></p>
+            <p><strong>${%warning}</strong></p>
+            <f:form method="post" name="retry">
+                <f:submit value="${%Retry using POST}"/>
+            </f:form>
+        </l:main-panel>
+    </l:layout>
+</j:jelly>
diff --git a/core/src/main/resources/hudson/security/csrf/CrumbFilter/retry.properties b/core/src/main/resources/hudson/security/csrf/CrumbFilter/retry.properties
new file mode 100644
index 0000000000..0e47fdc8d5
--- /dev/null
+++ b/core/src/main/resources/hudson/security/csrf/CrumbFilter/retry.properties
@@ -0,0 +1,4 @@
+blurb = The URL you're trying to access requires that requests be sent using POST (like a form submission). \
+  The button below allows you to retry accessing this URL using POST. \
+  URL being accessed:
+warning = If you were sent here from an untrusted source, please proceed with caution.
\ No newline at end of file
diff --git a/test/src/test/java/hudson/security/csrf/DefaultCrumbIssuerTest.java b/test/src/test/java/hudson/security/csrf/DefaultCrumbIssuerTest.java
index f3fddef1af..52dc455faf 100644
--- a/test/src/test/java/hudson/security/csrf/DefaultCrumbIssuerTest.java
+++ b/test/src/test/java/hudson/security/csrf/DefaultCrumbIssuerTest.java
@@ -8,6 +8,8 @@ package hudson.security.csrf;
 
 import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
 import com.gargoylesoftware.htmlunit.html.HtmlPage;
+import jenkins.model.Jenkins;
+import junit.framework.Assert;
 import net.sf.json.JSONObject;
 import org.junit.Before;
 import org.junit.Rule;
@@ -135,4 +137,19 @@ public class DefaultCrumbIssuerTest {
         wc.assertFails("crumbIssuer/api/json?jsonp=hack", HttpURLConnection.HTTP_FORBIDDEN);
     }
 
+    @Issue("JENKINS-34254")
+    @Test public void testRequirePostErrorPageCrumb() throws Exception {
+        Jenkins.getInstance().setCrumbIssuer(new DefaultCrumbIssuer(false));
+        WebClient wc = r.createWebClient();
+        try {
+            wc.goTo("quietDown");
+            fail("expected failure");
+        } catch (FailingHttpStatusCodeException ex) {
+            Assert.assertEquals("expect HTTP 405 method not allowed", 405, ex.getStatusCode());
+        }
+        HtmlPage retry = (HtmlPage) wc.getCurrentWindow().getEnclosedPage();
+        HtmlPage success = r.submit(retry.getFormByName("retry"));
+        Assert.assertTrue("quieting down", r.jenkins.isQuietingDown());
+    }
+
 }
-- 
GitLab


From 655be64a1753a3077a81fc0c34573bca74dcf5a0 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Thu, 25 Jan 2018 12:21:08 -0500
Subject: [PATCH 043/863] [JENKINS-49147] Tolerate unusual CodeSource.location
 format from old versions of Tomcat.

---
 .../jenkins/security/ClassFilterImpl.java     | 45 ++++++++++++++++---
 1 file changed, 39 insertions(+), 6 deletions(-)

diff --git a/core/src/main/java/jenkins/security/ClassFilterImpl.java b/core/src/main/java/jenkins/security/ClassFilterImpl.java
index 2de71b01e3..0c554232b4 100644
--- a/core/src/main/java/jenkins/security/ClassFilterImpl.java
+++ b/core/src/main/java/jenkins/security/ClassFilterImpl.java
@@ -28,6 +28,7 @@ import com.google.common.collect.ImmutableSet;
 import hudson.ExtensionList;
 import hudson.Main;
 import hudson.remoting.ClassFilter;
+import hudson.remoting.Which;
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.IOException;
@@ -49,6 +50,8 @@ import java.util.logging.Logger;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 import java.util.stream.Collectors;
+import javax.annotation.CheckForNull;
+import javax.annotation.Nonnull;
 import jenkins.model.Jenkins;
 import jenkins.util.SystemProperties;
 import org.apache.commons.io.IOUtils;
@@ -71,11 +74,14 @@ public class ClassFilterImpl extends ClassFilter {
     private static /* not final */ boolean SUPPRESS_WHITELIST = SystemProperties.getBoolean("jenkins.security.ClassFilterImpl.SUPPRESS_WHITELIST");
     private static /* not final */ boolean SUPPRESS_ALL = SystemProperties.getBoolean("jenkins.security.ClassFilterImpl.SUPPRESS_ALL");
 
+    private static final String JENKINS_LOC = codeSource(Jenkins.class);
+    private static final String REMOTING_LOC = codeSource(ClassFilter.class);
+
     /**
      * Register this implementation as the default in the system.
      */
     public static void register() {
-        if (Main.isUnitTest && Jenkins.class.getProtectionDomain().getCodeSource().getLocation() == null) {
+        if (Main.isUnitTest && JENKINS_LOC == null) {
             mockOff();
             return;
         }
@@ -146,10 +152,9 @@ public class ClassFilterImpl extends ClassFilter {
                 LOGGER.log(Level.FINE, "permitting {0} since it is an enum", name);
                 return false;
             }
-            CodeSource codeSource = c.getProtectionDomain().getCodeSource();
-            URL location = codeSource != null ? codeSource.getLocation() : null;
+            String location = codeSource(c);
             if (location != null) {
-                if (isLocationWhitelisted(location.toString())) {
+                if (isLocationWhitelisted(location)) {
                     LOGGER.log(Level.FINE, "permitting {0} due to its location in {1}", new Object[] {name, location});
                     return false;
                 }
@@ -176,11 +181,11 @@ public class ClassFilterImpl extends ClassFilter {
     private static final Pattern CLASSES_JAR = Pattern.compile("(file:/.+/)WEB-INF/lib/classes[.]jar");
     private boolean isLocationWhitelisted(String _loc) {
         return codeSourceCache.computeIfAbsent(_loc, loc -> {
-            if (loc.equals(Jenkins.class.getProtectionDomain().getCodeSource().getLocation().toString())) {
+            if (loc.equals(JENKINS_LOC)) {
                 LOGGER.log(Level.FINE, "{0} seems to be the location of Jenkins core, OK", loc);
                 return true;
             }
-            if (loc.equals(ClassFilter.class.getProtectionDomain().getCodeSource().getLocation().toString())) {
+            if (loc.equals(REMOTING_LOC)) {
                 LOGGER.log(Level.FINE, "{0} seems to be the location of Remoting, OK", loc);
                 return true;
             }
@@ -241,6 +246,34 @@ public class ClassFilterImpl extends ClassFilter {
         });
     }
 
+    /**
+     * Tries to determine what JAR file a given class was loaded from.
+     * The location is an opaque string suitable only for comparison to others.
+     * Similar to {@link Which#jarFile(Class)} but potentially faster, and more tolerant of unknown URL formats.
+     * @param c some class
+     * @return something typically like {@code file:/…/plugins/structs/WEB-INF/lib/structs-1.10.jar};
+     *         or null for classes in the Java Platform, some generated classes, etc.
+     */
+    private static @CheckForNull String codeSource(@Nonnull Class<?> c) {
+        CodeSource cs = c.getProtectionDomain().getCodeSource();
+        if (cs == null) {
+            return null;
+        }
+        URL loc = cs.getLocation();
+        if (loc == null) {
+            return null;
+        }
+        String r = loc.toString();
+        if (r.endsWith(".class")) {
+            // JENKINS-49147: Tomcat bug. Now do the more expensive check…
+            String suffix = c.getName().replace('.', '/') + ".class";
+            if (r.endsWith(suffix)) {
+                r = r.substring(0, r.length() - suffix.length());
+            }
+        }
+        return r;
+    }
+
     private static boolean isPluginManifest(Manifest mf) {
         Attributes attr = mf.getMainAttributes();
         return attr.getValue("Short-Name") != null && (attr.getValue("Plugin-Version") != null || attr.getValue("Jenkins-Version") != null) ||
-- 
GitLab


From 193855d1fb82e980e93f0c9ce3c15c459d448fab Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Thu, 25 Jan 2018 17:05:37 -0500
Subject: [PATCH 044/863] [JENKINS-47142] Simplifying the logic of
 ArtifactArchiver.perform, making it friendlier to Pipeline.

---
 core/src/main/java/hudson/FilePath.java       |  2 +-
 .../java/hudson/tasks/ArtifactArchiver.java   | 44 +++++++------------
 .../hudson/tasks/Messages.properties          |  1 -
 .../hudson/tasks/Messages_bg.properties       |  2 -
 .../hudson/tasks/Messages_da.properties       |  1 -
 .../hudson/tasks/Messages_de.properties       |  1 -
 .../hudson/tasks/Messages_es.properties       |  1 -
 .../hudson/tasks/Messages_fr.properties       |  1 -
 .../hudson/tasks/Messages_it.properties       |  1 -
 .../hudson/tasks/Messages_ja.properties       |  1 -
 .../hudson/tasks/Messages_nl.properties       |  1 -
 .../hudson/tasks/Messages_pt_BR.properties    |  1 -
 .../hudson/tasks/Messages_ru.properties       |  1 -
 .../hudson/tasks/Messages_sr.properties       |  1 -
 .../hudson/tasks/Messages_tr.properties       |  1 -
 .../hudson/tasks/Messages_zh_TW.properties    |  1 -
 16 files changed, 18 insertions(+), 43 deletions(-)

diff --git a/core/src/main/java/hudson/FilePath.java b/core/src/main/java/hudson/FilePath.java
index b7b5b2d79d..cf05ba9a58 100644
--- a/core/src/main/java/hudson/FilePath.java
+++ b/core/src/main/java/hudson/FilePath.java
@@ -2438,7 +2438,7 @@ public final class FilePath implements Serializable {
      * @throws InterruptedException not only in case of a channel failure, but also if too many operations were performed without finding any matches
      * @since 1.484
      */
-    public String validateAntFileMask(final String fileMasks, final int bound, final boolean caseSensitive) throws IOException, InterruptedException {
+    public @CheckForNull String validateAntFileMask(final String fileMasks, final int bound, final boolean caseSensitive) throws IOException, InterruptedException {
         return act(new MasterToSlaveFileCallable<String>() {
             private static final long serialVersionUID = 1;
             public String invoke(File dir, VirtualChannel channel) throws IOException, InterruptedException {
diff --git a/core/src/main/java/hudson/tasks/ArtifactArchiver.java b/core/src/main/java/hudson/tasks/ArtifactArchiver.java
index d42a4a3298..32be646aa6 100644
--- a/core/src/main/java/hudson/tasks/ArtifactArchiver.java
+++ b/core/src/main/java/hudson/tasks/ArtifactArchiver.java
@@ -214,20 +214,10 @@ public class ArtifactArchiver extends Recorder implements SimpleBuildStep {
         this.caseSensitive = caseSensitive;
     }
 
-    private void listenerWarnOrError(TaskListener listener, String message) {
-    	if (allowEmptyArchive) {
-    		listener.getLogger().println(String.format("WARN: %s", message));
-    	} else {
-    		listener.error(message);
-    	}
-    }
-
     @Override
-    public void perform(Run<?,?> build, FilePath ws, Launcher launcher, TaskListener listener) throws InterruptedException, AbortException {
+    public void perform(Run<?,?> build, FilePath ws, Launcher launcher, TaskListener listener) throws IOException, InterruptedException {
         if(artifacts.length()==0) {
-            listener.error(Messages.ArtifactArchiver_NoIncludes());
-            build.setResult(Result.FAILURE);
-            return;
+            throw new AbortException(Messages.ArtifactArchiver_NoIncludes());
         }
 
         Result result = build.getResult();
@@ -249,29 +239,29 @@ public class ArtifactArchiver extends Recorder implements SimpleBuildStep {
             } else {
                 result = build.getResult();
                 if (result == null || result.isBetterOrEqualTo(Result.UNSTABLE)) {
-                    // If the build failed, don't complain that there was no matching artifact.
-                    // The build probably didn't even get to the point where it produces artifacts. 
-                    listenerWarnOrError(listener, Messages.ArtifactArchiver_NoMatchFound(artifacts));
-                    String msg = null;
                     try {
-                    	msg = ws.validateAntFileMask(artifacts, FilePath.VALIDATE_ANT_FILE_MASK_BOUND, caseSensitive);
+                    	String msg = ws.validateAntFileMask(artifacts, FilePath.VALIDATE_ANT_FILE_MASK_BOUND, caseSensitive);
+                        if (msg != null) {
+                            listener.getLogger().println(msg);
+                        }
                     } catch (Exception e) {
-                    	listenerWarnOrError(listener, e.getMessage());
+                        Functions.printStackTrace(e, listener.getLogger());
                     }
-                    if(msg!=null)
-                        listenerWarnOrError(listener, msg);
-                }
-                if (!allowEmptyArchive) {
-                	build.setResult(Result.FAILURE);
+                    if (allowEmptyArchive) {
+                        listener.getLogger().println(Messages.ArtifactArchiver_NoMatchFound(artifacts));
+                    } else {
+                        throw new AbortException(Messages.ArtifactArchiver_NoMatchFound(artifacts));
+                    }
+                } else {
+                    // If a freestyle build failed, do not complain that there was no matching artifact:
+                    // the build probably did not even get to the point where it produces artifacts.
+                    // For Pipeline, the program ought not be *trying* to archive anything after a failure,
+                    // but anyway most likely result == null above so we would not be here.
                 }
             }
         } catch (java.nio.file.AccessDeniedException e) {
             LOG.log(Level.FINE, "Diagnosing anticipated Exception", e);
             throw new AbortException(e.toString()); // Message is not enough as that is the filename only
-        } catch (IOException e) {
-            Util.displayIOException(e,listener);
-            Functions.printStackTrace(e, listener.error(Messages.ArtifactArchiver_FailedToArchive(artifacts)));
-            build.setResult(Result.FAILURE);
         }
     }
 
diff --git a/core/src/main/resources/hudson/tasks/Messages.properties b/core/src/main/resources/hudson/tasks/Messages.properties
index fa673df13c..6db0726a91 100644
--- a/core/src/main/resources/hudson/tasks/Messages.properties
+++ b/core/src/main/resources/hudson/tasks/Messages.properties
@@ -31,7 +31,6 @@ Ant.ProjectConfigNeeded= Maybe you need to configure the job to choose one of yo
 ArtifactArchiver.ARCHIVING_ARTIFACTS=Archiving artifacts
 ArtifactArchiver.DisplayName=Archive the artifacts
 ArtifactArchiver.SkipBecauseOnlyIfSuccessful=Skipped archiving because build is not successful
-ArtifactArchiver.FailedToArchive=Failed to archive artifacts: {0}
 ArtifactArchiver.NoIncludes=\
 No artifacts are configured for archiving.\n\
 You probably forgot to set the file pattern, so please go back to the configuration and specify it.\n\
diff --git a/core/src/main/resources/hudson/tasks/Messages_bg.properties b/core/src/main/resources/hudson/tasks/Messages_bg.properties
index 2cd51a9c5f..fb0c09d7cb 100644
--- a/core/src/main/resources/hudson/tasks/Messages_bg.properties
+++ b/core/src/main/resources/hudson/tasks/Messages_bg.properties
@@ -41,8 +41,6 @@ ArtifactArchiver.DisplayName=\
  \u0410\u0440\u0445\u0438\u0432\u0438\u0440\u0430\u043d\u0435 \u043d\u0430 \u0430\u0440\u0442\u0435\u0444\u0430\u043a\u0442\u0438\u0442\u0435
 ArtifactArchiver.SkipBecauseOnlyIfSuccessful=\
  \u041f\u0440\u043e\u043f\u0443\u0441\u043a\u0430\u043d\u0435 \u043d\u0430 \u0430\u0440\u0445\u0438\u0432\u0438\u0440\u0430\u043d\u0435\u0442\u043e, \u0437\u0430\u0449\u043e\u0442\u043e \u0438\u0437\u0433\u0440\u0430\u0436\u0434\u0430\u043d\u0435\u0442\u043e \u0435 \u043d\u0435\u0443\u0441\u043f\u0435\u0448\u043d\u043e.
-ArtifactArchiver.FailedToArchive=\
- \u041d\u0435\u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0430\u0440\u0445\u0438\u0432\u0438\u0440\u0430\u043d\u0435 \u043d\u0430 \u0430\u0440\u0442\u0435\u0444\u0430\u043a\u0442\u0438: {0}
 ArtifactArchiver.NoIncludes=\
  \u041d\u0435 \u0441\u0430 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u0438 \u0430\u0440\u0442\u0435\u0444\u0430\u043a\u0442\u0438 \u0437\u0430 \u0430\u0440\u0445\u0438\u0432\u0438\u0440\u0430\u043d\u0435.\n\
  \u041f\u0440\u043e\u0431\u0432\u0430\u0439\u0442\u0435 \u0434\u0430 \u0443\u043a\u0430\u0436\u0435\u0442\u0435 \u0448\u0430\u0431\u043b\u043e\u043d \u0437\u0430 \u0438\u043c\u0435 \u043d\u0430 \u0444\u0430\u0439\u043b \u0432 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438\u0442\u0435.\n\
diff --git a/core/src/main/resources/hudson/tasks/Messages_da.properties b/core/src/main/resources/hudson/tasks/Messages_da.properties
index 7e80357600..a0b4e57eb2 100644
--- a/core/src/main/resources/hudson/tasks/Messages_da.properties
+++ b/core/src/main/resources/hudson/tasks/Messages_da.properties
@@ -57,7 +57,6 @@ JavadocArchiver.NoMatchFound=Ingen Javadoc fundet i {0}: {1}
 Maven.NoExecutable=Kunne ikke finde en eksekverbar i {0}
 BuildTrigger.NoSuchProject=Intet s\u00e5kaldt projekt ''{0}''. Mente du ''{1}''?
 Fingerprinter.Action.DisplayName=Se Filfingeraftryk
-ArtifactArchiver.FailedToArchive=Fejlede under arkivering af artifakter: {0}
 Maven.NotADirectory={0} er ikke et direktorie
 BuildTrigger.Disabled={0} er sl\u00e5et fra, starter ikke
 Fingerprinter.Recording=Opsamler filfingeraftryk
diff --git a/core/src/main/resources/hudson/tasks/Messages_de.properties b/core/src/main/resources/hudson/tasks/Messages_de.properties
index 9c2c5d095b..0b6522d91a 100644
--- a/core/src/main/resources/hudson/tasks/Messages_de.properties
+++ b/core/src/main/resources/hudson/tasks/Messages_de.properties
@@ -30,7 +30,6 @@ Ant.ProjectConfigNeeded=Eventuell m\u00FCssen Sie f\u00FCr das Projekt noch eine
 
 ArtifactArchiver.ARCHIVING_ARTIFACTS=Archiviere Artefakte
 ArtifactArchiver.DisplayName=Artefakte archivieren
-ArtifactArchiver.FailedToArchive=Artefakte konnten nicht archiviert werden: {0}
 ArtifactArchiver.NoIncludes=Es sind keine Artefakte zur Archivierung konfiguriert.\n\u00DCberpr\u00FCfen Sie, ob in den Einstellungen ein Dateisuchmuster angegeben ist.\nWenn Sie alle Dateien archivieren m\u00F6chten, geben Sie <tt>**</tt> an.
 ArtifactArchiver.NoMatchFound=Keine Artefakte gefunden, die mit dem Dateisuchmuster \u201E{0}\u201C \u00FCbereinstimmen. Ein Konfigurationsfehler?
 ArtifactArchiver.SkipBecauseOnlyIfSuccessful=Archivierung wird \u00FCbersprungen, da der Build nicht erfolgreich ist.
diff --git a/core/src/main/resources/hudson/tasks/Messages_es.properties b/core/src/main/resources/hudson/tasks/Messages_es.properties
index 1338b1660b..b5870ec434 100644
--- a/core/src/main/resources/hudson/tasks/Messages_es.properties
+++ b/core/src/main/resources/hudson/tasks/Messages_es.properties
@@ -30,7 +30,6 @@ Ant.ProjectConfigNeeded= Es posible que tengas que configurar la tarea para que
 
 ArtifactArchiver.ARCHIVING_ARTIFACTS=Guardando archivos
 ArtifactArchiver.DisplayName=Guardar los archivos generados
-ArtifactArchiver.FailedToArchive=Error al guardar los archivos generados: {0}
 ArtifactArchiver.NoIncludes=No hay archivos configurados para guardar.\nEs probable que olvidaras configurar el patr\u00f3n.\nSi lo que quieres es guardar todos los ficheros del espacio de trabajo, utiliza "**"
 ArtifactArchiver.NoMatchFound=No se encontraron archivos que cumplan el patr\u00f3n "{0}". Comprueba la configuraci\u00f3n
 
diff --git a/core/src/main/resources/hudson/tasks/Messages_fr.properties b/core/src/main/resources/hudson/tasks/Messages_fr.properties
index beb41a5301..c06fb41131 100644
--- a/core/src/main/resources/hudson/tasks/Messages_fr.properties
+++ b/core/src/main/resources/hudson/tasks/Messages_fr.properties
@@ -29,7 +29,6 @@ Ant.NotAntDirectory={0} ne semble pas \u00eatre un r\u00e9pertoire Ant
 Ant.ProjectConfigNeeded=Avez-vous configur\u00e9 le job de fa\u00e7on \u00e0 choisir une de vos installations de Ant?
 
 ArtifactArchiver.DisplayName=Archiver des artefacts
-ArtifactArchiver.FailedToArchive=Echec lors de l''archivage des artefacts: {0}
 ArtifactArchiver.NoIncludes=\
 Aucun artefact n''est configur\u00e9 pour l''archivage.\n\
 Vous avez probablement oubli\u00e9 de positionner le pattern pour les noms des fichiers; merci de retourner \u00e0 la configuration et de le sp\u00e9cifier.\n\
diff --git a/core/src/main/resources/hudson/tasks/Messages_it.properties b/core/src/main/resources/hudson/tasks/Messages_it.properties
index df27728217..586c301611 100644
--- a/core/src/main/resources/hudson/tasks/Messages_it.properties
+++ b/core/src/main/resources/hudson/tasks/Messages_it.properties
@@ -35,7 +35,6 @@ Ant.ExecFailed=esecuzione del comando non riuscita.
 BuildTrigger.Triggering=Attivazione di una nuova compilazione di {0}
 InstallFromApache=Installa da Apache
 Ant.DisplayName=Invoca Ant
-ArtifactArchiver.FailedToArchive=Archiviazione degli artefatti non riuscita: {0}
 CommandInterpreter.UnableToDelete=Impossibile eliminare il file script {0}
 BatchFile.DisplayName=Esegui comando batch Windows
 Fingerprinter.Recording=Registrazione impronte in corso
diff --git a/core/src/main/resources/hudson/tasks/Messages_ja.properties b/core/src/main/resources/hudson/tasks/Messages_ja.properties
index 8e98e612b6..8f44fddc91 100644
--- a/core/src/main/resources/hudson/tasks/Messages_ja.properties
+++ b/core/src/main/resources/hudson/tasks/Messages_ja.properties
@@ -30,7 +30,6 @@ Ant.ProjectConfigNeeded=\u3069\u306eAnt\u3092\u4f7f\u3046\u304b\u30d7\u30ed\u30b
 
 ArtifactArchiver.ARCHIVING_ARTIFACTS=\u6210\u679c\u7269\u3092\u4fdd\u5b58\u4e2d
 ArtifactArchiver.DisplayName=\u6210\u679c\u7269\u3092\u4fdd\u5b58
-ArtifactArchiver.FailedToArchive=\u6210\u679c\u7269\u306e\u4fdd\u5b58\u306e\u5931\u6557\u3057\u307e\u3057\u305f
 ArtifactArchiver.NoIncludes=\u4fdd\u5b58\u3059\u308b\u6210\u679c\u7269\u304c\u4f55\u3082\u6307\u5b9a\u3055\u308c\u3066\u3044\u307e\u305b\u3093\u3002\n\u6050\u3089\u304f\u30d5\u30a1\u30a4\u30eb\u30d1\u30bf\u30fc\u30f3\u306e\u6307\u5b9a\u3092\u5fd8\u308c\u305f\u306e\u3067\u3057\u3087\u3046\u3002\u8a2d\u5b9a\u30da\u30fc\u30b8\u306b\u623b\u3063\u3066\u30d1\u30bf\u30fc\u30f3\u3092\u6307\u5b9a\u3057\u3066\u304f\u3060\u3055\u3044\n\u3082\u3057\u672c\u5f53\u306b\u30ef\u30fc\u30af\u30b9\u30da\u30fc\u30b9\u306e\u5168\u3066\u306e\u30d5\u30a1\u30a4\u30eb\u3092\u4fdd\u5b58\u3059\u308b\u3064\u3082\u308a\u306a\u3089\u3001"**"\u3068\u6307\u5b9a\u3057\u3066\u304f\u3060\u3055\u3044\u3002
 ArtifactArchiver.NoMatchFound=\u6307\u5b9a\u3055\u308c\u305f\u30d5\u30a1\u30a4\u30eb\u30d1\u30bf\u30fc\u30f3\u300c{0}\u300d\u306b\u5408\u81f4\u3059\u308b\u30d5\u30a1\u30a4\u30eb\u304c\u3042\u308a\u307e\u305b\u3093\u3002\u8a2d\u5b9a\u30df\u30b9\uff1f
 
diff --git a/core/src/main/resources/hudson/tasks/Messages_nl.properties b/core/src/main/resources/hudson/tasks/Messages_nl.properties
index 5ff3634cb8..7f05296625 100644
--- a/core/src/main/resources/hudson/tasks/Messages_nl.properties
+++ b/core/src/main/resources/hudson/tasks/Messages_nl.properties
@@ -28,7 +28,6 @@ Ant.NotAntDirectory={0} is geen Ant folder
 Ant.ProjectConfigNeeded= Misschien dient u uw job te configureren om \u00e9\u00e9n van je Ant installaties te gebruiken?
 
 ArtifactArchiver.DisplayName=Archiveer de artefacten
-ArtifactArchiver.FailedToArchive=Fout bij het archiveren van de artefacten: {0}
 ArtifactArchiver.NoIncludes=Er werden geen artefacten voor archivering geconfigureerd.\nWaarschijnlijk werd geen bestands-selectiepatroon geconfigureerd. Gelieve dit te configureren.\n 
 Indien je alle bestanden in de werkplaats wenst te archiveren, gelieve dan "**" als patroon te configureren.
 ArtifactArchiver.NoMatchFound=Er werden geen artefacten gevonden die voldoen aan het bestands-selectiepatroon "{0}". Misschien dient U uw configuratie aan te passen?
diff --git a/core/src/main/resources/hudson/tasks/Messages_pt_BR.properties b/core/src/main/resources/hudson/tasks/Messages_pt_BR.properties
index 654a516574..bd20ca67af 100644
--- a/core/src/main/resources/hudson/tasks/Messages_pt_BR.properties
+++ b/core/src/main/resources/hudson/tasks/Messages_pt_BR.properties
@@ -28,7 +28,6 @@ Ant.NotAntDirectory={0} n\u00e3o parece ser um diret\u00f3rio Ant
 Ant.ProjectConfigNeeded= \u00c9 necess\u00e1rio configurar a job para escolher uma de suas instala\u00e7\u00f5es do Ant.
 
 ArtifactArchiver.DisplayName=Arquivar os artefatos
-ArtifactArchiver.FailedToArchive=Falha ao arquivar os artefatos: {0}
 ArtifactArchiver.NoIncludes=Nenhum artefato est\u00e1 configurado para arquivamento.\n \u00c9 necess\u00e1rio informar o padr\u00e3o de arquivo, volte para a configura\u00e7\u00e3o e especifique-o.\nSe necessitar arquivar todos os arquivos do workspace, por favor especifique "**"
 ArtifactArchiver.NoMatchFound=Nenhum artefato encontrado casa com o padr\u00e3o de arquivo "{0}". Erro de configura\u00e7\u00e3o?
 
diff --git a/core/src/main/resources/hudson/tasks/Messages_ru.properties b/core/src/main/resources/hudson/tasks/Messages_ru.properties
index 81eb29449f..54d6a3de8a 100644
--- a/core/src/main/resources/hudson/tasks/Messages_ru.properties
+++ b/core/src/main/resources/hudson/tasks/Messages_ru.properties
@@ -28,7 +28,6 @@ Ant.NotAntDirectory={0} \u043d\u0435 \u043f\u043e\u0445\u043e\u0436\u0430 \u043d
 Ant.ProjectConfigNeeded= \u0412\u043e\u0437\u043c\u043e\u0436\u043d\u043e, \u0432\u0430\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0443\u043a\u0430\u0437\u0430\u0442\u044c \u0432 \u043f\u0440\u043e\u0435\u043a\u0442\u0435, \u0433\u0434\u0435 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432\u0430\u0448\u0430 \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0446\u0438\u044f Ant?
 
 ArtifactArchiver.DisplayName=\u0417\u0430\u0430\u0440\u0445\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0430\u0440\u0442\u0435\u0444\u0430\u043a\u0442\u044b
-ArtifactArchiver.FailedToArchive=\u041d\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0437\u0430\u0430\u0440\u0445\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0430\u0440\u0442\u0435\u0444\u0430\u043a\u0442\u044b\: {0}
 ArtifactArchiver.NoIncludes=\
 \u041d\u0435\u0442 \u0430\u0440\u0442\u0435\u0444\u0430\u043a\u0442\u043e\u0432 \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u0445 \u0434\u043b\u044f \u0430\u0440\u0445\u0438\u0432\u0430\u0446\u0438\u0438.\n\
 \u041f\u043e\u0445\u043e\u0436\u0435, \u0432\u044b \u0437\u0430\u0431\u044b\u043b\u0438 \u0443\u043a\u0430\u0437\u0430\u0442\u044c \u0448\u0430\u0431\u043b\u043e\u043d \u0438\u043c\u0435\u043d\u0438 \u0444\u0430\u0439\u043b\u0430, \u043f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u0432\u0435\u0440\u043d\u0438\u0442\u0435\u0441\u044c \u043d\u0430 \u044d\u043a\u0440\u0430\u043d \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0438 \u0443\u043a\u0430\u0436\u0438\u0442\u0435 \u0435\u0433\u043e.\n\
diff --git a/core/src/main/resources/hudson/tasks/Messages_sr.properties b/core/src/main/resources/hudson/tasks/Messages_sr.properties
index e2ff5d5fca..ad91898542 100644
--- a/core/src/main/resources/hudson/tasks/Messages_sr.properties
+++ b/core/src/main/resources/hudson/tasks/Messages_sr.properties
@@ -10,7 +10,6 @@ Ant.ProjectConfigNeeded=\u041F\u043E\u043A\u0443\u0448\u0430\u0458\u0442\u0435 \
 ArtifactArchiver.ARCHIVING_ARTIFACTS=\u0410\u0440\u0445\u0438\u0432\u0438\u0440\u0430\u045A\u0435 \u0430\u0440\u0442\u0435\u0444\u0430\u043A\u0442\u0438
 ArtifactArchiver.DisplayName=\u0410\u0440\u0445\u0438\u0432\u0438\u0440\u0430\u0458 \u0430\u0440\u0442\u0435\u0444\u0430\u043A\u0442\u0438
 ArtifactArchiver.SkipBecauseOnlyIfSuccessful=\u041F\u0440\u0435\u0441\u043A\u043E\u045B\u0430\u0432\u0430 \u0430\u0440\u0445\u0438\u0432\u0438\u0440\u0430\u045A\u0435 \u0437\u0430\u0448\u0442\u043E \u0458\u0435 \u0438\u0437\u0433\u0440\u0430\u0434\u045A\u0430 \u043D\u0435\u0443\u0441\u043F\u0435\u0448\u043D\u0430
-ArtifactArchiver.FailedToArchive=\u041D\u0435\u0443\u0441\u043F\u0440\u0435\u0448\u043D\u043E \u0430\u0440\u0445\u0438\u0432\u0438\u0440\u0430\u045A\u0435 \u0430\u0440\u0442\u0435\u0444\u0430\u043A\u0442\u0438: {0}
 ArtifactArchiver.NoIncludes=\u041D\u0435\u043C\u0430 \u043D\u0430\u0432\u0435\u0434\u0435\u043D\u0438\u0445 \u043F\u0440\u0435\u0434\u043C\u0435\u0442\u0430 \u0437\u0430 \u0430\u0440\u0445\u0438\u0432\u0438\u0440\u0430\u045A\u0435.\n\
 \u0418\u0437\u0433\u043B\u0435\u0434\u0430 \u0434\u0430 \u043D\u0438\u0441\u0442\u0435 \u043D\u0430\u0432\u0435\u043B\u0438 \u0448\u0430\u0431\u043B\u043E\u043D \u0438\u043C\u0435\u043D\u0430 \u0434\u0430\u0442\u043E\u0442\u0435\u043A\u0435. \u041C\u043E\u043B\u0438\u043C\u043E \u0432\u0430\u0441, \u0432\u0440\u0430\u0442\u0438\u0442\u0435 \u0441\u0435 \u043D\u0430 \u0442\u0430\u0458 \u0435\u043A\u0440\u0430\u043D \u0438 \u0443\u043D\u0435\u0441\u0438\u0442\u0435 \u0433\u0430.\n\
 \u0410\u043A\u043E \u0437\u0430\u0438\u0441\u0442\u0430 \u0436\u0435\u043B\u0438\u0442\u0435 \u0434\u0430 \u0430\u0440\u0445\u0438\u0432\u0438\u0440\u0430 \u0441\u0432\u0435 \u0434\u0430\u0442\u043E\u0442\u0435\u043A\u0435 \u0443 \u0440\u0430\u0434\u043D\u043E\u043C \u043F\u0440\u043E\u0441\u0442\u043E\u0440\u0443, \u0443\u043D\u0435\u0441\u0438\u0442\u0435 "**"
diff --git a/core/src/main/resources/hudson/tasks/Messages_tr.properties b/core/src/main/resources/hudson/tasks/Messages_tr.properties
index c7d5f9437d..60abb6fde8 100644
--- a/core/src/main/resources/hudson/tasks/Messages_tr.properties
+++ b/core/src/main/resources/hudson/tasks/Messages_tr.properties
@@ -28,7 +28,6 @@ Ant.NotAntDirectory={0}, bir Ant dizinine benzemiyor
 Ant.ProjectConfigNeeded= \u00c7al\u0131\u015ft\u0131rd\u0131\u011f\u0131n\u0131z i\u015f i\u00e7in bir Ant kurulumu se\u00e7meniz gerekiyor olabilir?
 
 ArtifactArchiver.DisplayName=Artefaktlar\u0131 Ar\u015fivle
-ArtifactArchiver.FailedToArchive=Artefakt ar\u015fivleme ba\u015far\u0131s\u0131z oldu\: {0}
 ArtifactArchiver.NoIncludes=\
 Herhangi bir artefakt, ar\u015fivleme i\u00e7in ayarlanmad\u0131.\n\
 Konfig\u00fcrasyon k\u0131sm\u0131nda File Pattern ayarlar\u0131n\u0131 kontrol edin.\n\
diff --git a/core/src/main/resources/hudson/tasks/Messages_zh_TW.properties b/core/src/main/resources/hudson/tasks/Messages_zh_TW.properties
index aeef7ecace..74e72413e3 100644
--- a/core/src/main/resources/hudson/tasks/Messages_zh_TW.properties
+++ b/core/src/main/resources/hudson/tasks/Messages_zh_TW.properties
@@ -30,7 +30,6 @@ Ant.ProjectConfigNeeded=\u4e5f\u8a31\u60a8\u61c9\u8a72\u8a2d\u5b9a\u5c08\u6848\u
 
 ArtifactArchiver.ARCHIVING_ARTIFACTS=\u5c01\u5b58\u6210\u54c1
 ArtifactArchiver.DisplayName=\u5c01\u5b58\u6210\u54c1
-ArtifactArchiver.FailedToArchive=\u7121\u6cd5\u5c01\u5b58\u6210\u54c1: {0}
 ArtifactArchiver.NoIncludes=\
   \u6c92\u8981\u6210\u54c1\u88ab\u8a2d\u70ba\u9700\u8981\u5c01\u5b58\u3002\n\
   \u53ef\u80fd\u662f\u60a8\u5fd8\u4e86\u8a2d\u5b9a\u6a94\u6848\u6a23\u5f0f\uff0c\u8acb\u56de\u5230\u8a2d\u5b9a\u9801\u6aa2\u67e5\u770b\u770b\u3002\n\
-- 
GitLab


From 18efa58abf2ef977c1ad168c5f245606d5385193 Mon Sep 17 00:00:00 2001
From: Manuel Recena <recena@gmail.com>
Date: Thu, 25 Jan 2018 23:41:25 +0100
Subject: [PATCH 045/863] [JENKINS-49129] Manage Jenkins dropdown menu no
 longer works

---
 core/src/main/resources/jenkins/model/Jenkins/manage.jelly | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/core/src/main/resources/jenkins/model/Jenkins/manage.jelly b/core/src/main/resources/jenkins/model/Jenkins/manage.jelly
index 08393a484c..5fa406c953 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/manage.jelly
+++ b/core/src/main/resources/jenkins/model/Jenkins/manage.jelly
@@ -53,10 +53,11 @@ THE SOFTWARE.
         <j:set var="icon" value="${m.iconClassName != null ? m.iconClassName : m.iconFileName}" />
         <j:if test="${icon!=null}">
           <div class="manage-option">
+          <j:set var="iconUrl" value="${icon.startsWith('/') ? resURL+icon : imagesURL + '/48x48/' + icon}" />
+          ${taskTags!=null and attrs.contextMenu!='false' ? taskTags.add(m.urlName, iconUrl, m.displayName, m.requiresPOST, m.requiresConfirmation) : null}
           <j:choose>
             <j:when test="${m.requiresConfirmation}">
               <l:confirmationLink href="${m.urlName}" post="${m.requiresPOST}" message="${%are.you.sure(m.displayName)}">
-                <j:set var="iconUrl" value="${icon.startsWith('/') ? resURL+icon : imagesURL + '/48x48/' + icon}" />
                 <img class="icon" src="${iconUrl}" />
                 <dl>
                   <dt>${m.displayName}</dt>
@@ -67,7 +68,6 @@ THE SOFTWARE.
             </j:when>
             <j:when test="${m.requiresPOST}">
               <f:link href="${m.urlName}" post="${m.requiresPOST}">
-                <j:set var="iconUrl" value="${icon.startsWith('/') ? resURL+icon : imagesURL + '/48x48/' + icon}" />
                 <img class="icon" src="${iconUrl}" alt="manage-option"/>
                 <dl>
                   <dt>${m.displayName}</dt>
@@ -78,7 +78,6 @@ THE SOFTWARE.
             </j:when>
             <j:otherwise>
               <a href="${m.urlName}" title="${m.displayName}">
-                <j:set var="iconUrl" value="${icon.startsWith('/') ? resURL+icon : imagesURL + '/48x48/' + icon}" />
                 <img class="icon" src="${iconUrl}" alt="manage-option"/>
                 <dl>
                   <dt>${m.displayName}</dt>
-- 
GitLab


From 6a3e60ef71900704e552a295a802c2caf29a871c Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Thu, 25 Jan 2018 17:48:02 -0500
Subject: [PATCH 046/863] [JENKINS-46041] If guessBrowser fails, return null
 and move on.

---
 core/src/main/java/hudson/scm/SCM.java | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/scm/SCM.java b/core/src/main/java/hudson/scm/SCM.java
index c33810a7f8..2b1e94bb11 100644
--- a/core/src/main/java/hudson/scm/SCM.java
+++ b/core/src/main/java/hudson/scm/SCM.java
@@ -54,6 +54,8 @@ import java.io.IOException;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
+import java.util.logging.Level;
+import java.util.logging.Logger;
 import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
@@ -86,6 +88,8 @@ import org.kohsuke.stapler.export.ExportedBean;
 @ExportedBean
 public abstract class SCM implements Describable<SCM>, ExtensionPoint {
 
+    private static final Logger LOGGER = Logger.getLogger(SCM.class.getName());
+
     /** JENKINS-35098: discouraged */
     @SuppressWarnings("FieldMayBeFinal")
     private static boolean useAutoBrowserHolder = SystemProperties.getBoolean(SCM.class.getName() + ".useAutoBrowserHolder");
@@ -143,7 +147,12 @@ public abstract class SCM implements Describable<SCM>, ExtensionPoint {
             }
             return autoBrowserHolder.get();
         } else {
-            return guessBrowser();
+            try {
+                return guessBrowser();
+            } catch (RuntimeException x) {
+                LOGGER.log(Level.WARNING, null, x);
+                return null;
+            }
         }
     }
 
-- 
GitLab


From 197cf74f802a04d4ee7f2afaa80e189e7824ae66 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Fri, 26 Jan 2018 14:55:01 +0100
Subject: [PATCH 047/863] [JENKINS-32442] Disable API Tokens when user is
 created - admin monitor + configuration - preparation for rewrite API Token

---
 .../jenkins/security/ApiTokenProperty.java    | 61 ++++++++++++
 .../ApiTokenPropertyConfiguration.java        | 93 +++++++++++++++++++
 ...yDisabledDefaultAdministrativeMonitor.java | 66 +++++++++++++
 .../config.jelly                              | 33 +++++++
 .../help-enabled.html                         |  4 +
 .../message.jelly                             | 33 +++++++
 .../message.properties                        |  2 +
 .../jenkins/security/Messages.properties      |  1 +
 8 files changed, 293 insertions(+)
 create mode 100644 core/src/main/java/jenkins/security/ApiTokenPropertyConfiguration.java
 create mode 100644 core/src/main/java/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor.java
 create mode 100644 core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/config.jelly
 create mode 100644 core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-enabled.html
 create mode 100644 core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.jelly
 create mode 100644 core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.properties

diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index dd64d0e9d0..10b24c0c94 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -46,11 +46,13 @@ import java.io.IOException;
 import java.nio.charset.Charset;
 import java.security.MessageDigest;
 import java.security.SecureRandom;
+import java.util.Date;
 import javax.annotation.Nonnull;
 import org.apache.commons.lang.StringUtils;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 import org.kohsuke.stapler.interceptor.RequirePOST;
+import org.mindrot.jbcrypt.BCrypt;
 
 /**
  * Remembers the API token for this user, that can be used like a password to login.
@@ -72,6 +74,12 @@ public class ApiTokenProperty extends UserProperty {
     private static final boolean SHOW_TOKEN_TO_ADMINS = 
             SystemProperties.getBoolean(ApiTokenProperty.class.getName() + ".showTokenToAdmins");
     
+    /**
+     * Determine the (log of) number of rounds we need to apply when hashing the token
+     * default value corresponds to BCrypt#GENSALT_DEFAULT_LOG2_ROUNDS
+     */
+    private static final int BCRYPT_LOG_ROUND =
+            SystemProperties.getInteger(ApiTokenProperty.class.getName() + ".bcryptLogRound", 10);
     
     @DataBoundConstructor
     public ApiTokenProperty() {
@@ -168,6 +176,12 @@ public class ApiTokenProperty extends UserProperty {
         }
 
         /**
+         * New approach:
+         * API Token are generated only when a user request a new one. The value is randomly generated
+         * without any link to the user and only displayed to him the first time. 
+         * We only store the hash for future comparisons.
+         * 
+         * Legacy approach:
          * When we are creating a default {@link ApiTokenProperty} for User,
          * we need to make sure it yields the same value for the same user,
          * because there's no guarantee that the property is saved.
@@ -176,6 +190,11 @@ public class ApiTokenProperty extends UserProperty {
          * the initial API token value. So we take the seed by hashing the secret + user ID.
          */
         public ApiTokenProperty newInstance(User user) {
+            if(ApiTokenPropertyConfiguration.get().isTokenGenerationOnCreationDisabled()){
+                // recommended way
+                return null;
+            }
+
             return new ApiTokenProperty(API_KEY_SEED.mac(user.getId()));
         }
 
@@ -201,4 +220,46 @@ public class ApiTokenProperty extends UserProperty {
      * We don't want an API key that's too long, so cut the length to 16 (which produces 32-letter MAC code in hexdump)
      */
     private static final HMACConfidentialKey API_KEY_SEED = new HMACConfidentialKey(ApiTokenProperty.class,"seed",16);
+
+    private class HashedToken {
+        private String name;
+        // serve as an optimizer to avoid hashing all the token
+        private String prefix;
+        private String hash;
+        private Date creationDate;
+
+        private Date lastUseDate;
+        private Integer useCounter;
+
+        private boolean revoked;
+        private Date revokationDate;
+        private String revokedBy;
+
+        public HashedToken(String tokenValue){
+            this.creationDate = new Date();
+            this.hash = BCrypt.hashpw(tokenValue, BCrypt.gensalt(BCRYPT_LOG_ROUND));
+        }
+
+        public synchronized void incrementUse(){
+            if(revoked){
+                throw new RuntimeException("A revoked token cannot be used");
+            }
+            this.useCounter = useCounter == null ? 1 : useCounter + 1;
+            this.lastUseDate = new Date();
+        }
+
+        public void setName(String name){
+            this.name = name;
+        }
+
+        public synchronized void revoke(){
+            if(revoked){
+                throw new RuntimeException("The token is already revoked");
+            }
+            
+            this.revoked = true;
+            this.revokationDate = new Date();
+            this.revokedBy = Jenkins.getAuthentication().getName();
+        }
+    }
 }
diff --git a/core/src/main/java/jenkins/security/ApiTokenPropertyConfiguration.java b/core/src/main/java/jenkins/security/ApiTokenPropertyConfiguration.java
new file mode 100644
index 0000000000..b1a1437c05
--- /dev/null
+++ b/core/src/main/java/jenkins/security/ApiTokenPropertyConfiguration.java
@@ -0,0 +1,93 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.security;
+
+import hudson.Extension;
+import hudson.Util;
+import hudson.model.AdministrativeMonitor;
+import hudson.model.Descriptor.FormException;
+import hudson.model.User;
+import hudson.model.UserProperty;
+import hudson.model.UserPropertyDescriptor;
+import hudson.security.ACL;
+import hudson.util.HttpResponses;
+import hudson.util.Secret;
+import jenkins.model.GlobalConfiguration;
+import jenkins.model.GlobalConfigurationCategory;
+import jenkins.model.Jenkins;
+import jenkins.util.SystemProperties;
+import net.sf.json.JSONObject;
+import org.apache.commons.lang.StringUtils;
+import org.jenkinsci.Symbol;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+import org.kohsuke.stapler.AncestorInPath;
+import org.kohsuke.stapler.DataBoundConstructor;
+import org.kohsuke.stapler.HttpResponse;
+import org.kohsuke.stapler.QueryParameter;
+import org.kohsuke.stapler.StaplerRequest;
+import org.kohsuke.stapler.StaplerResponse;
+import org.kohsuke.stapler.interceptor.RequirePOST;
+import org.mindrot.jbcrypt.BCrypt;
+
+import javax.annotation.Nonnull;
+import java.io.IOException;
+import java.nio.charset.Charset;
+import java.security.MessageDigest;
+import java.security.SecureRandom;
+import java.util.Date;
+
+/**
+ * Configuration for the new token generation when a user is created
+ *
+ * @since TODO
+ */
+@Extension 
+@Symbol("apiToken")
+@Restricted(NoExternalUse.class)
+public class ApiTokenPropertyConfiguration extends GlobalConfiguration {
+    private boolean tokenGenerationOnCreationDisabled = false;
+    
+    public static ApiTokenPropertyConfiguration get() {
+        return Jenkins.get().getInjector().getInstance(ApiTokenPropertyConfiguration.class);
+    }
+
+    public ApiTokenPropertyConfiguration() {
+        load();
+    }
+
+    public boolean isTokenGenerationOnCreationDisabled() {
+        return tokenGenerationOnCreationDisabled;
+    }
+
+    public void setTokenGenerationOnCreationDisabled(boolean tokenGenerationOnCreationDisabled) {
+        this.tokenGenerationOnCreationDisabled = tokenGenerationOnCreationDisabled;
+        save();
+    }
+
+    @Override 
+    public GlobalConfigurationCategory getCategory() {
+        return GlobalConfigurationCategory.get(GlobalConfigurationCategory.Security.class);
+    }
+}
diff --git a/core/src/main/java/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor.java b/core/src/main/java/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor.java
new file mode 100644
index 0000000000..9e8b2f42b5
--- /dev/null
+++ b/core/src/main/java/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor.java
@@ -0,0 +1,66 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.security;
+
+import hudson.Extension;
+import hudson.model.AdministrativeMonitor;
+import hudson.util.HttpResponses;
+import org.jenkinsci.Symbol;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+import org.kohsuke.stapler.HttpResponse;
+import org.kohsuke.stapler.QueryParameter;
+import org.kohsuke.stapler.interceptor.RequirePOST;
+
+import java.io.IOException;
+
+/**
+ * Monitor that the API Token are not generated by default without the user interaction.
+ *
+ * @since TODO
+ */
+@Extension
+@Symbol("apiToken")
+@Restricted(NoExternalUse.class)
+public class ApiTokenPropertyDisabledDefaultAdministrativeMonitor extends AdministrativeMonitor {
+    @Override
+    public String getDisplayName() {
+        return Messages.ApiTokenPropertyDisabledDefaultAdministrativeMonitor_displayName();
+    }
+    
+    @Override
+    public boolean isActivated() {
+        return !ApiTokenPropertyConfiguration.get().isTokenGenerationOnCreationDisabled();
+    }
+    
+    @RequirePOST
+    public HttpResponse doAct(@QueryParameter String no) throws IOException {
+        if (no == null) {
+            ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationDisabled(true);
+        } else {
+            disable(true);
+        }
+        return HttpResponses.redirectViaContextPath("manage");
+    }
+}
diff --git a/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/config.jelly b/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/config.jelly
new file mode 100644
index 0000000000..985a5e77b8
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/config.jelly
@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+The MIT License
+
+Copyright 2018 CloudBees, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form">
+    <f:section title="${%API Token}">
+        <f:entry field="tokenGenerationOnCreationDisabled">
+            <f:checkbox title="${%Disable generation of API Token on user creation}"/>
+        </f:entry>
+    </f:section>
+</j:jelly>
diff --git a/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-enabled.html b/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-enabled.html
new file mode 100644
index 0000000000..c0cc87bbed
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-enabled.html
@@ -0,0 +1,4 @@
+<div>
+    Even if this is disabled (recommended for security reasons), the users are still able to generate new tokens
+    themselves on their configure page.
+</div>
diff --git a/core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.jelly b/core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.jelly
new file mode 100644
index 0000000000..4a310bedb3
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.jelly
@@ -0,0 +1,33 @@
+<!--
+The MIT License
+
+Copyright (c) 2017, CloudBees, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form">
+    <div class="warning">
+        <form method="post" action="${rootURL}/${it.url}/act" name="${it.id}">
+            <f:submit name="yes" value="${%Disable API Token generation by default}"/>
+            <f:submit name="no" value="${%Dismiss}"/>
+            ${%warningMessage(rootURL)}
+        </form>
+    </div>
+</j:jelly>
diff --git a/core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.properties b/core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.properties
new file mode 100644
index 0000000000..5638ccb00e
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.properties
@@ -0,0 +1,2 @@
+warningMessage=The API Token are currently generated directly when a new user is created. The recommended way is to \
+   disable this behavior and let users request new tokens themselves.
diff --git a/core/src/main/resources/jenkins/security/Messages.properties b/core/src/main/resources/jenkins/security/Messages.properties
index f0a98fb4a2..fffe3bfe6c 100644
--- a/core/src/main/resources/jenkins/security/Messages.properties
+++ b/core/src/main/resources/jenkins/security/Messages.properties
@@ -24,5 +24,6 @@ ApiTokenProperty.DisplayName=API Token
 ApiTokenProperty.ChangeToken.TokenIsHidden=Token is hidden
 ApiTokenProperty.ChangeToken.Success=<div>Updated. See the new token in the field above</div>
 ApiTokenProperty.ChangeToken.SuccessHidden=<div>Updated. You need to login as the user to see the token</div>
+ApiTokenPropertyDisabledDefaultAdministrativeMonitor.displayName=API Token not generated by default
 RekeySecretAdminMonitor.DisplayName=Re-keying
 UpdateSiteWarningsMonitor.DisplayName=Update Site Warnings
-- 
GitLab


From ef52f07eeac7153856d540cb244a34f96cf28bcb Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Fri, 26 Jan 2018 14:56:24 +0100
Subject: [PATCH 048/863] [JENKINS-32776] API Tokens not more stored in a
 recoverable format - rewrite the groovy view into jelly one - remove old
 config_xx.properties - add capabilities on token: list/generate/revoke -
 stored using BCrypt hashes - migration from Legacy API Token

---
 .../jenkins/security/ApiTokenProperty.java    | 347 +++++++++-----
 .../java/jenkins/security/ApiTokenStore.java  | 448 ++++++++++++++++++
 .../security/ApiTokenProperty/config.groovy   |  36 --
 .../security/ApiTokenProperty/config.jelly    |  91 ++++
 .../ApiTokenProperty/config.properties        |   9 +
 .../ApiTokenProperty/config_it.properties     |   5 -
 .../ApiTokenProperty/config_ja.properties     |  25 -
 .../ApiTokenProperty/config_sr.properties     |   5 -
 .../ApiTokenProperty/config_zh_TW.properties  |  25 -
 .../ApiTokenProperty/help-apiToken.html       |  15 +-
 .../security/ApiTokenProperty/resources.css   |  83 ++++
 .../security/ApiTokenProperty/resources.js    |  83 ++++
 .../jenkins/security/Messages.properties      |   2 +
 .../test/java/hudson/cli/CLIActionTest.java   |   2 +
 .../security/ApiTokenPropertyTest.java        |  23 +-
 .../security/BasicHeaderProcessorTest.java    |   3 +
 16 files changed, 979 insertions(+), 223 deletions(-)
 create mode 100644 core/src/main/java/jenkins/security/ApiTokenStore.java
 delete mode 100644 core/src/main/resources/jenkins/security/ApiTokenProperty/config.groovy
 create mode 100644 core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
 create mode 100644 core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
 delete mode 100644 core/src/main/resources/jenkins/security/ApiTokenProperty/config_it.properties
 delete mode 100644 core/src/main/resources/jenkins/security/ApiTokenProperty/config_ja.properties
 delete mode 100644 core/src/main/resources/jenkins/security/ApiTokenProperty/config_sr.properties
 delete mode 100644 core/src/main/resources/jenkins/security/ApiTokenProperty/config_zh_TW.properties
 create mode 100644 core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css
 create mode 100644 core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js

diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index 10b24c0c94..c11069c638 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -23,9 +23,11 @@
  */
 package jenkins.security;
 
+import com.thoughtworks.xstream.converters.UnmarshallingContext;
 import hudson.Extension;
+import hudson.diagnosis.OldDataMonitor;
+import hudson.util.XStream2;
 import jenkins.util.SystemProperties;
-import hudson.Util;
 import hudson.model.Descriptor.FormException;
 import hudson.model.User;
 import hudson.model.UserProperty;
@@ -34,25 +36,30 @@ import hudson.security.ACL;
 import hudson.util.HttpResponses;
 import hudson.util.Secret;
 import jenkins.model.Jenkins;
+import net.sf.json.JSONArray;
 import net.sf.json.JSONObject;
 import org.jenkinsci.Symbol;
 import org.kohsuke.stapler.AncestorInPath;
 import org.kohsuke.stapler.DataBoundConstructor;
 import org.kohsuke.stapler.HttpResponse;
+import org.kohsuke.stapler.QueryParameter;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.StaplerResponse;
 
 import java.io.IOException;
-import java.nio.charset.Charset;
-import java.security.MessageDigest;
-import java.security.SecureRandom;
-import java.util.Date;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
+
 import org.apache.commons.lang.StringUtils;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 import org.kohsuke.stapler.interceptor.RequirePOST;
-import org.mindrot.jbcrypt.BCrypt;
 
 /**
  * Remembers the API token for this user, that can be used like a password to login.
@@ -63,113 +70,182 @@ import org.mindrot.jbcrypt.BCrypt;
  * @since 1.426
  */
 public class ApiTokenProperty extends UserProperty {
-    private volatile Secret apiToken;
-
+    private static final Logger LOGGER = Logger.getLogger(ApiTokenProperty.class.getName());
+    
+    private transient volatile Secret apiToken;
+    private ApiTokenStore tokenStore;
+    
     /**
-     * If enabled, shows API tokens to users with {@link Jenkins#ADMINISTER) permissions.
+     * If enabled, the users with {@link Jenkins#ADMINISTER) permissions can generate new tokens for
+     * other users. Normally only a user can generate tokens for himself.
      * Disabled by default due to the security reasons.
      * If enabled, it restores the original Jenkins behavior (SECURITY-200).
+     * 
      * @since 1.638
      */
-    private static final boolean SHOW_TOKEN_TO_ADMINS = 
+    private static final boolean ADMIN_CAN_GENERATE_NEW_TOKENS =
             SystemProperties.getBoolean(ApiTokenProperty.class.getName() + ".showTokenToAdmins");
     
-    /**
-     * Determine the (log of) number of rounds we need to apply when hashing the token
-     * default value corresponds to BCrypt#GENSALT_DEFAULT_LOG2_ROUNDS
-     */
-    private static final int BCRYPT_LOG_ROUND =
-            SystemProperties.getInteger(ApiTokenProperty.class.getName() + ".bcryptLogRound", 10);
-    
     @DataBoundConstructor
     public ApiTokenProperty() {
-        _changeApiToken();
+        this.init();
     }
-
+    
+    public ApiTokenProperty readResolve() {
+        this.init();
+        return this;
+    }
+    
+    private void init() {
+        if (this.tokenStore == null) {
+            this.tokenStore = new ApiTokenStore();
+        }
+    }
+    
     /**
      * We don't let the external code set the API token,
      * but for the initial value of the token we need to compute the seed by ourselves.
      */
     /*package*/ ApiTokenProperty(String seed) {
         apiToken = Secret.fromString(seed);
+        this.init();
     }
-
+    
     /**
      * Gets the API token.
      * The method performs security checks since 1.638. Only the current user and SYSTEM may see it.
-     * Users with {@link Jenkins#ADMINISTER} may be allowed to do it using {@link #SHOW_TOKEN_TO_ADMINS}.
-     * 
+     * Users with {@link Jenkins#ADMINISTER} may be allowed to do it using {@link #ADMIN_CAN_GENERATE_NEW_TOKENS}.
+     *
      * @return API Token. Never null, but may be {@link Messages#ApiTokenProperty_ChangeToken_TokenIsHidden()}
      *         if the user has no appropriate permissions.
      * @since 1.426, and since 1.638 the method performs security checks
      */
     @Nonnull
+    @Deprecated
     public String getApiToken() {
-        return hasPermissionToSeeToken() ? getApiTokenInsecure() 
-                : Messages.ApiTokenProperty_ChangeToken_TokenIsHidden();
+        LOGGER.log(Level.WARNING, "Deprecated usage of getApiToken");
+        return "deprecated";
     }
     
-    @Nonnull
-    @Restricted(NoExternalUse.class)
-    /*package*/ String getApiTokenInsecure() {
-        String p = apiToken.getPlainText();
-        if (p.equals(Util.getDigestOf(Jenkins.getInstance().getSecretKey()+":"+user.getId()))) {
-            // if the current token is the initial value created by pre SECURITY-49 Jenkins, we can't use that.
-            // force using the newer value
-            apiToken = Secret.fromString(p=API_KEY_SEED.mac(user.getId()));
+    public boolean matchesPassword(String token) {
+        if(StringUtils.isBlank(token)){
+            return false;
         }
-        return Util.getDigestOf(p);
+
+        boolean matchFound = tokenStore.doesContainToken(token);
+        if (matchFound) {
+            try {
+                user.save();
+            } catch (IOException e) {
+                LOGGER.log(Level.WARNING, "Error saving the user after token match", e);
+            }
+        }
+        
+        return matchFound;
     }
+    
+    /**
+     * @deprecated Each token can be revoked now and new tokens can be requested without altering existing ones.
+     */
+    @Deprecated
+    public void changeApiToken() throws IOException {
+        // just to keep the same level of security
+        user.checkPermission(Jenkins.ADMINISTER);
+        
+        LOGGER.log(Level.WARNING, "Deprecated usage of changeApiToken");
+    }
+    
+    // only for Jelly
+    @Restricted(NoExternalUse.class)
+    public List<ApiTokenStore.HashedToken> getTokenList() {
+        return tokenStore.getTokenListSortedByName();
+    }
+    
+    @Override
+    public UserProperty reconfigure(StaplerRequest req, @CheckForNull JSONObject form) throws FormException {
+        if(form == null){
+            return this;
+        }
 
-    public boolean matchesPassword(String password) {
-        String token = getApiTokenInsecure();
-        // String.equals isn't constant time, but this is
-        return MessageDigest.isEqual(password.getBytes(Charset.forName("US-ASCII")),
-                token.getBytes(Charset.forName("US-ASCII")));
+        Object tokenStoreData = form.get("tokenStore");
+        Map<String, JSONObject> tokenStoreTypedData = convertToTokenMap(tokenStoreData);
+        this.tokenStore.reconfigure(tokenStoreTypedData);
+        return this;
+    }
+    
+    private Map<String, JSONObject> convertToTokenMap(Object tokenStoreData) {
+        if (tokenStoreData == null) {
+            // in case there are no token
+            return Collections.emptyMap();
+        } else if (tokenStoreData instanceof JSONObject) {
+            // in case there is only one token
+            JSONObject singleTokenData = (JSONObject) tokenStoreData;
+            Map<String, JSONObject> result = new HashMap<>();
+            addJSONTokenIntoMap(result, singleTokenData);
+            return result;
+        } else if (tokenStoreData instanceof JSONArray) {
+            // in case there are multiple tokens
+            JSONArray tokenArray = ((JSONArray) tokenStoreData);
+            Map<String, JSONObject> result = new HashMap<>();
+            for (int i = 0; i < tokenArray.size(); i++) {
+                JSONObject tokenData = tokenArray.getJSONObject(i);
+                addJSONTokenIntoMap(result, tokenData);
+            }
+            return result;
+        }
+        
+        throw HttpResponses.error(400, "Unexpected class received for the token store information");
+    }
+    
+    private void addJSONTokenIntoMap(Map<String, JSONObject> tokenMap, JSONObject tokenData) {
+        String uuid = tokenData.getString("tokenUuid");
+        tokenMap.put(uuid, tokenData);
     }
     
-    private boolean hasPermissionToSeeToken() {
-        final Jenkins jenkins = Jenkins.getInstance();
+    // for Jelly view
+    @Restricted(NoExternalUse.class)
+    public boolean hasCurrentUserPermissionToGenerateTokenForThisUser() {
+        return hasPermissionToGenerateTokenForUser(user);
+    }
 
-        // Administrators can do whatever they want
-        if (SHOW_TOKEN_TO_ADMINS && jenkins.hasPermission(Jenkins.ADMINISTER)) {
+    private static boolean hasPermissionToGenerateTokenForUser(User currentOwner) {
+        if (ADMIN_CAN_GENERATE_NEW_TOKENS && Jenkins.get().hasPermission(Jenkins.ADMINISTER)) {
             return true;
         }
         
-        
-        final User current = User.current();
-        if (current == null) { // Anonymous
+        User currentUser = User.current();
+        if (currentUser == null) { 
+            // Anonymous
             return false;
         }
         
-        // SYSTEM user is always eligible to see tokens
         if (Jenkins.getAuthentication() == ACL.SYSTEM) {
+            // SYSTEM user is always eligible to see tokens
             return true;
         }
-             
-        //TODO: replace by IdStrategy in newer Jenkins versions
-        //return User.idStrategy().equals(user.getId(), current.getId());
-        return StringUtils.equals(user.getId(), current.getId());
-    }
 
-    public void changeApiToken() throws IOException {
-        user.checkPermission(Jenkins.ADMINISTER);
-        _changeApiToken();
-        user.save();
+        return User.idStrategy().equals(currentOwner.getId(), currentUser.getId());
     }
 
-    private void _changeApiToken() {
-        byte[] random = new byte[16];   // 16x8=128bit worth of randomness, since we use md5 digest as the API token
-        RANDOM.nextBytes(random);
-        apiToken = Secret.fromString(Util.toHexString(random));
-    }
-
-    @Override
-    public UserProperty reconfigure(StaplerRequest req, JSONObject form) throws FormException {
-        return this;
+    public static class ConverterImpl extends XStream2.PassthruConverter<ApiTokenProperty> {
+        public ConverterImpl(XStream2 xstream) {
+            super(xstream);
+        }
+        
+        @Override
+        protected void callback(ApiTokenProperty apiTokenProperty, UnmarshallingContext context) {
+            // support legacy configuration
+            if (apiTokenProperty.apiToken != null) {
+                apiTokenProperty.tokenStore.generateTokenFromLegacy(apiTokenProperty.apiToken);
+                OldDataMonitor.report(context, "@since TODO");
+            }
+            
+            apiTokenProperty.tokenStore.optimize();
+        }
     }
 
-    @Extension @Symbol("apiToken")
+    @Extension
+    @Symbol("apiToken")
     public static final class DescriptorImpl extends UserPropertyDescriptor {
         public String getDisplayName() {
             return Messages.ApiTokenProperty_DisplayName();
@@ -190,76 +266,117 @@ public class ApiTokenProperty extends UserProperty {
          * the initial API token value. So we take the seed by hashing the secret + user ID.
          */
         public ApiTokenProperty newInstance(User user) {
-            if(ApiTokenPropertyConfiguration.get().isTokenGenerationOnCreationDisabled()){
+            if (ApiTokenPropertyConfiguration.get().isTokenGenerationOnCreationDisabled()) {
                 // recommended way
                 return null;
             }
 
+            return forceNewInstance(user);
+        }
+        
+        private ApiTokenProperty forceNewInstance(User user) {
             return new ApiTokenProperty(API_KEY_SEED.mac(user.getId()));
         }
 
+        /**
+         * @deprecated use {@link #doGenerateNewToken(User, StaplerResponse, String)} instead
+         */
+        @Deprecated
         @RequirePOST
         public HttpResponse doChangeToken(@AncestorInPath User u, StaplerResponse rsp) throws IOException {
+            LOGGER.log(Level.WARNING, "Deprecated action /changeToken used, consider using /generateNewToken instead");
+
             ApiTokenProperty p = u.getProperty(ApiTokenProperty.class);
-            if (p==null) {
-                p = newInstance(u);
+            if (p == null) {
+                p = forceNewInstance(u);
                 u.addProperty(p);
-            } else {
-                p.changeApiToken();
             }
-            rsp.setHeader("script","document.getElementById('apiToken').value='"+p.getApiToken()+"'");
-            return HttpResponses.html(p.hasPermissionToSeeToken() 
-                    ? Messages.ApiTokenProperty_ChangeToken_Success() 
+            
+            String newValue = p.tokenStore.generateNewTokenAndReturnHiddenValue("Created using deprecated method");
+            
+            rsp.setHeader("script","document.getElementById('apiToken').value='"+newValue+"'");
+            return HttpResponses.html(p.hasCurrentUserPermissionToGenerateTokenForThisUser()
+                    ? Messages.ApiTokenProperty_ChangeToken_Success()
                     : Messages.ApiTokenProperty_ChangeToken_SuccessHidden());
-        }
-    }
-
-    private static final SecureRandom RANDOM = new SecureRandom();
-
-    /**
-     * We don't want an API key that's too long, so cut the length to 16 (which produces 32-letter MAC code in hexdump)
-     */
-    private static final HMACConfidentialKey API_KEY_SEED = new HMACConfidentialKey(ApiTokenProperty.class,"seed",16);
-
-    private class HashedToken {
-        private String name;
-        // serve as an optimizer to avoid hashing all the token
-        private String prefix;
-        private String hash;
-        private Date creationDate;
-
-        private Date lastUseDate;
-        private Integer useCounter;
-
-        private boolean revoked;
-        private Date revokationDate;
-        private String revokedBy;
-
-        public HashedToken(String tokenValue){
-            this.creationDate = new Date();
-            this.hash = BCrypt.hashpw(tokenValue, BCrypt.gensalt(BCRYPT_LOG_ROUND));
+    
         }
 
-        public synchronized void incrementUse(){
-            if(revoked){
-                throw new RuntimeException("A revoked token cannot be used");
+        @RequirePOST
+        public HttpResponse doGenerateNewToken(@AncestorInPath User u, StaplerResponse rsp, @QueryParameter String newTokenName) throws IOException {
+            if(!hasPermissionToGenerateTokenForUser(u)){
+                return HttpResponses.forbidden();
+            }
+            
+            if (StringUtils.isBlank(newTokenName)) {
+                return HttpResponses.errorJSON("The name cannot be empty");
+            }
+            
+            ApiTokenProperty p = u.getProperty(ApiTokenProperty.class);
+            if (p == null) {
+                p = forceNewInstance(u);
+                u.addProperty(p);
             }
-            this.useCounter = useCounter == null ? 1 : useCounter + 1;
-            this.lastUseDate = new Date();
+            
+            String valueToDisplayOnce = p.tokenStore.generateNewTokenAndReturnHiddenValue(newTokenName);
+            u.save();
+            
+            return HttpResponses.okJSON(new HashMap<String, String>() {{ 
+                put("tokenValue", valueToDisplayOnce); 
+            }});
         }
-
-        public void setName(String name){
-            this.name = name;
+        
+        @RequirePOST
+        public HttpResponse doRename(@AncestorInPath User u,
+                                     @QueryParameter String tokenId, @QueryParameter String newName) throws IOException {
+            // only current user + administrator can rename token
+            u.checkPermission(Jenkins.ADMINISTER);
+    
+            if (StringUtils.isBlank(newName)) {
+                return HttpResponses.errorJSON("The name cannot be empty");
+            }
+            if(StringUtils.isBlank(tokenId)){
+                // using the web UI this should not occur
+                return HttpResponses.errorWithoutStack(400, "The tokenId cannot be empty");
+            }
+            
+            ApiTokenProperty p = u.getProperty(ApiTokenProperty.class);
+            if (p == null) {
+                return HttpResponses.errorWithoutStack(400, "The user does not have any ApiToken yet, try generating one before.");
+            }
+            
+            p.tokenStore.renameToken(tokenId, newName);
+            u.save();
+            
+            return HttpResponses.ok();
         }
-
-        public synchronized void revoke(){
-            if(revoked){
-                throw new RuntimeException("The token is already revoked");
+        
+        @RequirePOST
+        public HttpResponse doRevoke(@AncestorInPath User u,
+                                     @QueryParameter String tokenId) throws IOException {
+            // only current user + administrator can revoke token
+            u.checkPermission(Jenkins.ADMINISTER);
+            
+            if(StringUtils.isBlank(tokenId)){
+                // using the web UI this should not occur
+                return HttpResponses.errorWithoutStack(400, "The tokenId cannot be empty");
+            }
+            
+            ApiTokenProperty p = u.getProperty(ApiTokenProperty.class);
+            if (p == null) {
+                return HttpResponses.errorWithoutStack(400, "The user does not have any ApiToken yet, try generating one before.");
             }
             
-            this.revoked = true;
-            this.revokationDate = new Date();
-            this.revokedBy = Jenkins.getAuthentication().getName();
+            p.tokenStore.revokeToken(tokenId);
+            u.save();
+            
+            return HttpResponses.ok();
         }
     }
+    
+    /**
+     * We don't want an API key that's too long, so cut the length to 16 (which produces 32-letter MAC code in hexdump)
+     * @deprecated only used for the migration of data from previous save
+     */
+    @Deprecated
+    private static final HMACConfidentialKey API_KEY_SEED = new HMACConfidentialKey(ApiTokenProperty.class, "seed", 16);
 }
diff --git a/core/src/main/java/jenkins/security/ApiTokenStore.java b/core/src/main/java/jenkins/security/ApiTokenStore.java
new file mode 100644
index 0000000000..78fadab1fa
--- /dev/null
+++ b/core/src/main/java/jenkins/security/ApiTokenStore.java
@@ -0,0 +1,448 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.security;
+
+import hudson.Util;
+import hudson.diagnosis.OldDataMonitor;
+import hudson.util.Secret;
+import jenkins.util.SystemProperties;
+import net.sf.json.JSONObject;
+import org.apache.commons.lang.StringUtils;
+import org.mindrot.jbcrypt.BCrypt;
+
+import javax.annotation.Nonnull;
+import javax.annotation.concurrent.Immutable;
+import java.security.SecureRandom;
+import java.time.Instant;
+import java.time.temporal.ChronoUnit;
+import java.util.ArrayList;
+import java.util.Comparator;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.UUID;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+import java.util.stream.Collectors;
+
+public class ApiTokenStore {
+    private static final Logger LOGGER = Logger.getLogger(OldDataMonitor.class.getName());
+    private static final SecureRandom RANDOM = new SecureRandom();
+    
+    private static final Comparator<HashedToken> SORT_BY_LOWERCASED_NAME =
+            Comparator.comparing(hashedToken -> hashedToken.getName().toLowerCase());
+    
+    /**
+     * Determine the (log of) number of rounds we need to apply when hashing the token
+     * default value corresponds to 
+     * BCrypt#GENSALT_DEFAULT_LOG2_ROUNDS is 10 which is way too small in 2018
+     */
+    private static final int BCRYPT_LOG_ROUND =
+            SystemProperties.getInteger(ApiTokenStore.class.getName() + ".bcryptLogRound", 13);
+    /**
+     * Determine the number of attempt to generate an unique prefix (over 4096 possibilities) that is not currently used
+     */
+    private static final int MAX_ATTEMPTS =
+            SystemProperties.getInteger(ApiTokenStore.class.getName() + ".maxAttempt", 100);
+    
+    private static final int TOKEN_LENGTH_V2 = 36;
+    /** single hex-character */
+    private static final String LEGACY_VERSION = "1";
+    private static final String HASH_VERSION = "2";
+    
+    private static final String LEGACY_PREFIX = "";
+    
+    private List<HashedToken> tokenList;
+    private transient Map<String, Node<HashedToken>> prefixToTokenList;
+    
+    public ApiTokenStore() {
+        this.init();
+    }
+    
+    public ApiTokenStore readResolve() {
+        this.init();
+        return this;
+    }
+    
+    private void init() {
+        if (this.tokenList == null) {
+            this.tokenList = new ArrayList<>();
+        }
+        this.prefixToTokenList = new HashMap<>();
+    }
+    
+    public synchronized @Nonnull List<HashedToken> getTokenListSortedByName() {
+        List<ApiTokenStore.HashedToken> sortedTokenList = tokenList.stream()
+                .sorted(SORT_BY_LOWERCASED_NAME)
+                .collect(Collectors.toList());
+        
+        return sortedTokenList;
+    }
+    
+    /**
+     * After a load from the disk, we need to re-populate the prefix map
+     */
+    public synchronized void optimize() {
+        this.prefixToTokenList.clear();
+        tokenList.forEach(this::addTokenInPrefixMap);
+    }
+    
+    private void addToken(HashedToken token) {
+        this.tokenList.add(token);
+        this.addTokenInPrefixMap(token);
+    }
+    
+    private void addTokenInPrefixMap(HashedToken token) {
+        String prefix = token.value.prefix;
+        Node<HashedToken> newNode = new Node<>(token);
+        if (prefixToTokenList.containsKey(prefix)) {
+            Node<HashedToken> existingNode = prefixToTokenList.get(prefix);
+            existingNode.addNode(newNode);
+        } else {
+            prefixToTokenList.put(prefix, newNode);
+        }
+    }
+    
+    /**
+     * Defensive approach to avoid involuntary change since the UUIDs are generated at startup only for UI
+     * and so between restart they change
+     */
+    public synchronized void reconfigure(@Nonnull Map<String, JSONObject> tokenStoreDataMap) {
+        tokenList.forEach(hashedToken -> {
+            JSONObject receivedTokenData = tokenStoreDataMap.get(hashedToken.uuid);
+            if (receivedTokenData == null) {
+                LOGGER.log(Level.INFO, "No token received for {}", hashedToken.uuid);
+                return;
+            }
+            
+            String name = receivedTokenData.getString("tokenName");
+            if (StringUtils.isBlank(name)) {
+                LOGGER.log(Level.INFO, "Empty name received for {}, we do not care about it", hashedToken.uuid);
+                return;
+            }
+            
+            hashedToken.setName(name);
+        });
+    }
+    
+    private static class Node<T> {
+        private T value;
+        private Node<T> next;
+        
+        Node(T value) {
+            this.value = value;
+        }
+        
+        public void addNode(@Nonnull Node<T> other) {
+            if (next == null) {
+                this.next = other;
+            } else {
+                this.next.addNode(other);
+            }
+        }
+    }
+    
+    public synchronized void generateTokenFromLegacy(@Nonnull Secret apiToken) {
+        String tokenUserUseNormally = Util.getDigestOf(apiToken.getPlainText());
+        
+        String secretValueHashed = this.hashSecret(tokenUserUseNormally);
+        
+        HashValue hashValue = new HashValue(LEGACY_VERSION, LEGACY_PREFIX, secretValueHashed);
+        HashedToken token = HashedToken.buildNew(Messages.ApiTokenProperty_LegacyTokenName(), hashValue);
+        
+        this.addToken(token);
+    }
+    
+    public synchronized @Nonnull String generateNewTokenAndReturnHiddenValue(@Nonnull String name) {
+        // 16x8=128bit worth of randomness, since we use md5 digest as the API token
+        byte[] random = new byte[16];
+        RANDOM.nextBytes(random);
+        String secretValue = Util.toHexString(random);
+        String prefix = generatePrefix();
+        String tokenTheUserWillUse = HASH_VERSION + prefix + secretValue;
+        assert tokenTheUserWillUse.length() == 1 + 3 + 32;
+        
+        String secretValueHashed = this.hashSecret(secretValue);
+        
+        HashValue hashValue = new HashValue(HASH_VERSION, prefix, secretValueHashed);
+        HashedToken token = HashedToken.buildNew(name, hashValue);
+        
+        this.addToken(token);
+        
+        return tokenTheUserWillUse;
+    }
+    
+    private @Nonnull String hashSecret(@Nonnull String secretValue) {
+        return BCrypt.hashpw(secretValue, BCrypt.gensalt(BCRYPT_LOG_ROUND, RANDOM));
+    }
+    
+    private @Nonnull String generatePrefix() {
+        int i = 0;
+        boolean unique;
+        String currentPrefix;
+        
+        do {
+            currentPrefix = generateRandomPrefix();
+            unique = !prefixToTokenList.containsKey(currentPrefix);
+            i++;
+        } while (i < MAX_ATTEMPTS && !unique);
+        
+        Level logLevel = Level.FINE;
+        if (i == MAX_ATTEMPTS) {
+            logLevel = Level.WARNING;
+        }
+        LOGGER.log(logLevel, "Prefix generated after {0}/{1} attempts", new Object[]{i, MAX_ATTEMPTS});
+        
+        return currentPrefix;
+    }
+    
+    /**
+     * Generate random 3-hex-character
+     */
+    private @Nonnull String generateRandomPrefix() {
+        int prefixInteger = RANDOM.nextInt(4096);
+        String prefixString = Integer.toHexString(prefixInteger);
+        return StringUtils.leftPad(prefixString, 3, '0');
+    }
+    
+    public synchronized boolean doesContainToken(@Nonnull String token) {
+        String prefixToSearch;
+        String plainToken;
+        
+        if (isLegacyToken(token)) {
+            prefixToSearch = LEGACY_PREFIX;
+            plainToken = token;
+        } else {
+            prefixToSearch = getPrefixOfToken(token);
+            plainToken = getHashOfToken(token);
+        }
+        
+        return searchMatchUsingPrefix(prefixToSearch, plainToken);
+    }
+    
+    private boolean isLegacyToken(String token) {
+        return token.length() != TOKEN_LENGTH_V2;
+    }
+    
+    /**
+     * [1: version][3: prefix][32: real token]
+     * ^^^^^^^^^^^^---------------------------
+     */
+    private String getVersionOfToken(String token) {
+        return String.valueOf(token.charAt(0));
+    }
+    
+    /**
+     * [1: version][3: prefix][32: real token]
+     * ------------^^^^^^^^^^^----------------
+     */
+    private String getPrefixOfToken(String token) {
+        return token.substring(1, 4);
+    }
+    
+    /**
+     * [1: version][3: prefix][32: real token]
+     * -----------------------^^^^^^^^^^^^^^^^
+     */
+    private String getHashOfToken(String token) {
+        return token.substring(4);
+    }
+    
+    private boolean searchMatchUsingPrefix(String prefix, String plainToken) {
+        Node<HashedToken> node = this.prefixToTokenList.get(prefix);
+        while (node != null) {
+            boolean matchFound = node.value.match(plainToken);
+            if (matchFound) {
+                node.value.incrementUse();
+                return true;
+            } else {
+                node = node.next;
+            }
+        }
+        
+        return false;
+    }
+    
+    public synchronized void revokeToken(@Nonnull String tokenId) {
+        for (int i = 0; i < tokenList.size(); i++) {
+            HashedToken token = tokenList.get(i);
+            if (token.uuid.equals(tokenId)) {
+                tokenList.remove(i);
+                
+                removeTokenFromPrefixMap(token);
+            }
+        }
+    }
+    
+    private void removeTokenFromPrefixMap(HashedToken token) {
+        String prefix = token.value.prefix;
+        Node<HashedToken> node = prefixToTokenList.get(prefix);
+        if (node == null) {
+            // normally not the case
+            return;
+        }
+        
+        // first node, we replace it by the next one or nothing
+        if (node.value.uuid.equals(token.uuid)) {
+            if (node.next == null) {
+                prefixToTokenList.remove(prefix);
+            } else {
+                prefixToTokenList.put(prefix, node.next);
+            }
+        } else {
+            Node<HashedToken> previousNode = node;
+            node = node.next;
+            while (node != null) {
+                // 2-nth node, we replace the previous.next with new value
+                // but do not touch the initial node
+                if (node.value.uuid.equals(token.uuid)) {
+                    if (node.next == null) {
+                        previousNode.next = null;
+                    } else {
+                        previousNode.next = node.next;
+                    }
+                    return;
+                }
+                
+                previousNode = node;
+                node = node.next;
+            }
+        }
+    }
+    
+    public synchronized void renameToken(@Nonnull String tokenId, @Nonnull String newName) {
+        for (HashedToken token : tokenList) {
+            if (token.uuid.equals(tokenId)) {
+                token.rename(newName);
+                return;
+            }
+        }
+    }
+    
+    /**
+     * [1: version][3: prefix][32: real token]
+     */
+    @Immutable
+    private static class HashValue {
+        /**
+         * Serve as an optimizer to avoid hashing all the tokens for the token-check
+         * not a "confidential" information
+         */
+        private final String prefix;
+        /** To ease future implementation */
+        private final String version;
+        /** The only confidential information. The token is stored only as a BCrypt hash */
+        private final String hash;
+        
+        public HashValue(String version, String prefix, String hash) {
+            this.version = version;
+            this.prefix = prefix;
+            this.hash = hash;
+        }
+    }
+    
+    public static class HashedToken {
+        // to ease the modification of the token through the UI
+        private transient String uuid;
+        private String name;
+        private Date creationDate;
+        
+        private HashValue value;
+        
+        private Date lastUseDate;
+        private Integer useCounter;
+        
+        public HashedToken() {
+            this.init();
+        }
+        
+        public HashedToken readResolve() {
+            this.init();
+            return this;
+        }
+        
+        private void init() {
+            this.uuid = UUID.randomUUID().toString();
+        }
+        
+        public static @Nonnull HashedToken buildNew(@Nonnull String name, @Nonnull HashValue value) {
+            HashedToken result = new HashedToken();
+            result.name = name;
+            result.creationDate = new Date();
+            
+            result.value = value;
+            
+            return result;
+        }
+        
+        public void rename(String newName) {
+            this.name = newName;
+        }
+        
+        public boolean match(String plainToken) {
+            return BCrypt.checkpw(plainToken, value.hash);
+        }
+        
+        public String getName() {
+            return name;
+        }
+        
+        public int getUseCounter() {
+            return useCounter == null ? 0 : useCounter;
+        }
+        
+        public long getNumDaysUse() {
+            return lastUseDate == null ? 0 : computeDeltaDays(lastUseDate.toInstant(), Instant.now());
+        }
+        
+        public long getNumDaysCreation() {
+            // should not happen but just in case
+            return creationDate == null ? 0 : computeDeltaDays(creationDate.toInstant(), Instant.now());
+        }
+        
+        public String getUuid() {
+            return this.uuid;
+        }
+        
+        private long computeDeltaDays(Instant a, Instant b) {
+            long deltaDays = ChronoUnit.DAYS.between(a, b);
+            deltaDays = Math.max(0, deltaDays);
+            return deltaDays;
+        }
+        
+        public boolean isLegacy() {
+            return this.value.version.equals(LEGACY_VERSION);
+        }
+        
+        public void incrementUse() {
+            this.useCounter = useCounter == null ? 1 : useCounter + 1;
+            this.lastUseDate = new Date();
+        }
+        
+        public void setName(String name) {
+            this.name = name;
+        }
+    }
+}
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.groovy b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.groovy
deleted file mode 100644
index 76ab6b5eb5..0000000000
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.groovy
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
- * The MIT License
- *
- * Copyright (c) 2011, CloudBees, Inc.
- *
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included in
- * all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
- * THE SOFTWARE.
- */
-package jenkins.security.ApiTokenProperty;
-
-f=namespace(lib.FormTagLib)
-
-f.advanced(title:_("Show API Token"), align:"left") {
-    f.entry(title: _('User ID')) {
-        f.readOnlyTextbox(value: my.id)
-    }
-    f.entry(title:_("API Token"), field:"apiToken") {
-        f.readOnlyTextbox(id:"apiToken") // TODO: need to figure out the way to do this without using ID.
-    }
-    f.validateButton(title:_("Change API Token"),method:"changeToken")
-}
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
new file mode 100644
index 0000000000..78503649a4
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
@@ -0,0 +1,91 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+The MIT License
+
+Copyright 2018 CloudBees, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:f="/lib/form" xmlns:l="/lib/layout">
+    <st:adjunct includes="jenkins.security.ApiTokenProperty.resources"/>
+    
+    <f:entry title="${%CurrentTokens(instance.tokenList.size())}" help="${descriptor.getHelpFile('apiToken')}">
+        <ul class="token-list">
+            <j:forEach var="token" items="${instance.tokenList}">
+                <li class="token-list-item" name="tokenStore">
+                    <input type="hidden" class="token-uuid-input" name="tokenUuid" value="${token.uuid}" />
+                    <f:textbox clazz="token-name" name="tokenName" value="${token.name}" />
+    
+                    <j:set var="daysOld" value="${token.numDaysCreation}" />
+                    <j:set var="oldClazz" value="age-ok" />
+                    <j:if test="${daysOld > 180}">
+                        <j:set var="oldClazz" value="age-mmmh" />
+                        <j:if test="${daysOld > 360}">
+                            <j:set var="oldClazz" value="age-argh" />
+                        </j:if>
+                    </j:if>
+                    <span class="token-creation ${oldClazz}">${%TokenCreation(daysOld)}</span>
+
+                    <span class="to-right">
+                        <j:set var="useCounter" value="${token.useCounter}" />
+                        <j:choose>
+                            <j:when test="${useCounter > 0}">
+                                <span class="token-use-counter">
+                                    ${%TokenLastUse(useCounter, token.numDaysUse)}
+                                </span>
+                            </j:when>
+                            <j:otherwise>
+                                <span class="token-use-counter">
+                                    <b title="${%TokenNeverUsed.Title}">
+                                        <l:icon class="icon-warning icon-sm"/>
+                                        ${%TokenNeverUsed}
+                                    </b>
+                                </span>
+                            </j:otherwise>
+                        </j:choose>
+                        <a href="#" onclick="return revokeToken(this)" class="token-revoke"
+                                    data-confirm="${%ConfirmRevokeSingle}"
+                                    data-target-url="${descriptor.descriptorFullUrl}/revoke">
+                            <l:icon class="icon-text-error icon-sm"/>
+                        </a>
+                    </span>
+                </li>
+            </j:forEach>
+            <li class="token-list-item list-empty">
+                <div class="list-empty-message">${%NoTokenYet}</div>
+            </li>
+        </ul>
+    </f:entry>
+
+    <j:if test="${instance.hasCurrentUserPermissionToGenerateTokenForThisUser()}">
+        <f:advanced title="${%Generate new API Token}" align="left">
+            <f:entry title="New Token">
+                <f:textbox name="newTokenName" placeholder="${%Default name}" style="width: 40%; display: inline-block"/>
+                <f:textbox id="newTokenValue" value="token-value-will-be-displayed-here" clazz="fixed-width" readonly="readonly" style="width: 40%; display: none" />
+                <span class="yui-button token-save" style="vertical-align: baseline;">
+                    <button type="button" tabindex="0" data-target-url="${descriptor.descriptorFullUrl}/generateNewToken" onclick="saveApiToken(this)">Save</button>
+                </span>
+                <div class="error" style="margin-top: 5px; display: none;"><!-- filled in case of error --></div>
+                <div class="warning" style="margin-top: 5px;">${%TokenDisplayedOnce}</div>
+            </f:entry>
+        </f:advanced>
+    </j:if>
+</j:jelly>
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
new file mode 100644
index 0000000000..ba92f439d4
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
@@ -0,0 +1,9 @@
+TokenDisplayedOnce=Once generated the token will be displayed only once. The application knows only the hash of your token for the verification.
+NoTokenYet=There is no registered token for this user
+TokenLastUse=Used <b>{0}</b> time(s), last time was <b>{1}</b> day(s) ago
+TokenNeverUsed=Never used
+TokenNeverUsed.Title=If you do not plan to use it, we strongly advice you to revoke it for security reasons
+ConfirmRevokeSingle=Are you sure you want to revoke this token ? Applications that are using it will be not able to connect anymore.
+CurrentTokens=Current tokens
+TokenCreation=Created {0} day(s) ago
+RenameToken=Save the new name of the token
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config_it.properties b/core/src/main/resources/jenkins/security/ApiTokenProperty/config_it.properties
deleted file mode 100644
index 0f79a3b1d1..0000000000
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config_it.properties
+++ /dev/null
@@ -1,5 +0,0 @@
-# This file is under the MIT License by authors
-
-Show\ API\ Token=Visualizza token API
-API\ Token=Token API
-Change\ API\ Token=Modifica token API
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config_ja.properties b/core/src/main/resources/jenkins/security/ApiTokenProperty/config_ja.properties
deleted file mode 100644
index 1ba9cbe07d..0000000000
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config_ja.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright 2011 Seiji Sogabe
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Show\ API\ Token=API\u30c8\u30fc\u30af\u30f3\u306e\u8868\u793a
-API\ Token=API\u30c8\u30fc\u30af\u30f3
-Change\ API\ Token=API\u30c8\u30fc\u30af\u30f3\u306e\u5909\u66f4
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config_sr.properties b/core/src/main/resources/jenkins/security/ApiTokenProperty/config_sr.properties
deleted file mode 100644
index e7ad742d80..0000000000
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config_sr.properties
+++ /dev/null
@@ -1,5 +0,0 @@
-# This file is under the MIT License by authors
-
-Show\ API\ Token=\u041F\u0440\u0438\u043A\u0430\u0436\u0438 \u0410\u041F\u0418 \u0422\u043E\u043A\u0435\u043D
-API\ Token=\u0410\u041F\u0418 \u0422\u043E\u043A\u0435\u043D
-Change\ API\ Token=\u0423\u0440\u0435\u0434\u0438 \u0410\u041F\u0418 \u0422\u043E\u043A\u0435\u043D
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config_zh_TW.properties b/core/src/main/resources/jenkins/security/ApiTokenProperty/config_zh_TW.properties
deleted file mode 100644
index 5c9cdbb193..0000000000
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config_zh_TW.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2013, Chunghwa Telecom Co., Ltd., Pei-Tang Huang
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Show\ API\ Token=\u986f\u793a API Token
-API\ Token=API Token
-Change\ API\ Token=\u8b8a\u66f4 API Token
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/help-apiToken.html b/core/src/main/resources/jenkins/security/ApiTokenProperty/help-apiToken.html
index 52babf7ea8..ae301ad53d 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/help-apiToken.html
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/help-apiToken.html
@@ -1,5 +1,12 @@
 <div>
-    This API token can be used for authenticating yourself in the REST API call.
-    See <a href="https://jenkins.io/redirect/api-token">our wiki</a> for more details.
-    The API token should be protected like your password, as it allows other people to access Jenkins as you.
-</div>
\ No newline at end of file
+    The API tokens can be used for authenticating yourself in the REST API call.
+    See <a href="https://jenkins.io/redirect/api-token">our wiki</a> for more details.<br/>
+    The associated username with the tokens is the regular one of your account.<br/>
+    <br/>
+    The best practices in terms of tokens are:
+    <ul>
+        <li>Use a different token for each application (if one application is compromised, you do not loose data from other)</li>
+        <li>Regenerate the tokens every x weeks/months. We put an indicator concerning the age of the token.</li>
+        <li>Protect it like your password, as it allows other people to access Jenkins as you.</li>
+    </ul>
+</div>
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css
new file mode 100644
index 0000000000..1d9ac3c405
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css
@@ -0,0 +1,83 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+ul.token-list{
+    /* reset to get rid of browser default */
+    margin: 0;
+    padding: 0;
+    
+    max-width: 700px;
+    list-style: none;
+    border: 1px solid #cccccc;
+    border-radius: 3px;
+} 
+
+ul.token-list li.token-list-item {
+    min-height: inherit;
+    padding: 10px;
+    font-size: 13px;
+    line-height: 26px;
+}
+ul.token-list li.token-list-item.list-empty {
+    display: none;
+}
+ul.token-list li.token-list-item.list-empty:first-child {
+    display: block;
+}
+ul.token-list li.token-list-item.list-empty .list-empty-message {
+    padding: 0 10px;
+}
+
+/* 
+ * trick to display the "empty list" message when the list is directly empty
+ * or even after removing the last element 
+ */
+ul.token-list li.token-list-item .token-name-input{
+    font-weight: bold;
+}
+ul.token-list li.token-list-item .token-creation{
+    margin-left: 5px;
+    font-size: 90%;
+}
+ul.token-list li.token-list-item .token-creation.age-ok{
+    color: #487ba0;
+}
+ul.token-list li.token-list-item .token-creation.age-mmmh{
+    color: #e09307;
+}
+ul.token-list li.token-list-item .token-creation.age-argh{
+    color: #de6868;
+}
+ul.token-list li.token-list-item .token-hide{
+    display: none;
+}
+ul.token-list li.token-list-item .to-right{
+    float: right;
+}
+ul.token-list li.token-list-item .token-use-counter{
+    font-size: 90%;
+    color: #586069;
+}
+ul.token-list li.token-list-item .token-revoke{
+    margin-left: 10px;
+}
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js
new file mode 100644
index 0000000000..01028f5844
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js
@@ -0,0 +1,83 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+function revokeToken(anchorRevoke){
+    var listItemParent = anchorRevoke.up('.token-list-item');
+    var confirmMessage = anchorRevoke.attributes['data-confirm'].value;
+    var targetUrl = anchorRevoke.attributes['data-target-url'].value;
+    
+    var inputUuid = listItemParent.querySelector('input.token-uuid-input');
+    var tokenId = inputUuid.value;
+
+    console.warn('revokeToken');
+    if(confirm(confirmMessage)){
+        new Ajax.Request(targetUrl, {
+            method: "post",
+            parameters: {tokenId: tokenId},
+            onSuccess: function(rsp,_) {
+                listItemParent.remove();
+            }
+        });
+    }
+
+    return false;
+}
+
+function saveApiToken(button){
+    if(button.hasClassName('request-pending')){
+        // avoid multiple requests to be sent if user is clicking multiple times
+        return;
+    }
+    button.addClassName('request-pending');
+    var targetUrl = button.attributes['data-target-url'].value;
+    var rowParent = button.up('tr');
+    var nameInput = rowParent.querySelector('[name="newTokenName"]');
+    var tokenName = nameInput.value;
+    
+    new Ajax.Request(targetUrl, {
+        method: "post",
+        parameters: {"newTokenName": tokenName},
+        onSuccess: function(rsp,_) {
+            var json = rsp.responseJSON;
+            var errorSpan = rowParent.querySelector('.error');
+            if(json.status === 'error'){
+                errorSpan.style.display = 'block';
+                errorSpan.innerHTML = json.message;
+
+                button.removeClassName('request-pending');
+            }else{
+                errorSpan.style.display = 'none';
+                
+                nameInput.setAttribute('readonly', 'readonly');
+                
+                var tokenValue = json.data.tokenValue;
+                var valueInput = rowParent.querySelector('#newTokenValue');
+                valueInput.value = tokenValue;
+                valueInput.style.display = 'inline-block';
+
+                // we do not want to allow user to create twice a token using same name by mistake
+                button.remove();
+            }
+        }
+    });
+}
diff --git a/core/src/main/resources/jenkins/security/Messages.properties b/core/src/main/resources/jenkins/security/Messages.properties
index fffe3bfe6c..1e7d472b43 100644
--- a/core/src/main/resources/jenkins/security/Messages.properties
+++ b/core/src/main/resources/jenkins/security/Messages.properties
@@ -24,6 +24,8 @@ ApiTokenProperty.DisplayName=API Token
 ApiTokenProperty.ChangeToken.TokenIsHidden=Token is hidden
 ApiTokenProperty.ChangeToken.Success=<div>Updated. See the new token in the field above</div>
 ApiTokenProperty.ChangeToken.SuccessHidden=<div>Updated. You need to login as the user to see the token</div>
+ApiTokenProperty.NewTokenGenerated=<div class="success">Token generated! <code>The value will not be displayed </code>anymore, please save it.</div>
+ApiTokenProperty.LegacyTokenName=Legacy Token
 ApiTokenPropertyDisabledDefaultAdministrativeMonitor.displayName=API Token not generated by default
 RekeySecretAdminMonitor.DisplayName=Re-keying
 UpdateSiteWarningsMonitor.DisplayName=Update Site Warnings
diff --git a/test/src/test/java/hudson/cli/CLIActionTest.java b/test/src/test/java/hudson/cli/CLIActionTest.java
index 0c29a2d86e..132b0bb885 100644
--- a/test/src/test/java/hudson/cli/CLIActionTest.java
+++ b/test/src/test/java/hudson/cli/CLIActionTest.java
@@ -35,6 +35,7 @@ import org.apache.commons.io.output.TeeOutputStream;
 import org.codehaus.groovy.runtime.Security218;
 import static org.hamcrest.Matchers.containsString;
 import static org.junit.Assert.*;
+import org.junit.Ignore;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.TemporaryFolder;
@@ -126,6 +127,7 @@ public class CLIActionTest {
 
     @Issue({"JENKINS-12543", "JENKINS-41745"})
     @Test
+    @Ignore //TODO need to be fixed
     public void authentication() throws Exception {
         logging.record(PlainCLIProtocol.class, Level.FINE);
         File jar = tmp.newFile("jenkins-cli.jar");
diff --git a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
index 8737d26974..92fb1f986c 100644
--- a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
+++ b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
@@ -13,9 +13,9 @@ import hudson.Util;
 import hudson.model.User;
 import hudson.security.ACL;
 import hudson.security.ACLContext;
-import hudson.util.Scrambler;
 import java.net.URL;
 import jenkins.model.Jenkins;
+import org.junit.Ignore;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.JenkinsRule;
@@ -37,9 +37,10 @@ public class ApiTokenPropertyTest {
      * Tests the UI interaction and authentication.
      */
     @Test
+    @Ignore //TODO need to be fixed
     public void basics() throws Exception {
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
-        User u = User.get("foo");
+        User u = User.getById("foo", true);
         final ApiTokenProperty t = u.getProperty(ApiTokenProperty.class);
         final String token = t.getApiToken();
 
@@ -67,6 +68,7 @@ public class ApiTokenPropertyTest {
     }
 
     @Test
+    @Ignore //TODO need to be fixed
     public void security49Upgrade() throws Exception {
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         User u = User.get("foo");
@@ -91,6 +93,7 @@ public class ApiTokenPropertyTest {
     
     @Issue("SECURITY-200")
     @Test
+    @Ignore //TODO need to be fixed
     public void adminsShouldBeUnableToSeeTokensByDefault() throws Exception {
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         User u = User.get("foo");
@@ -106,6 +109,7 @@ public class ApiTokenPropertyTest {
     
     @Issue("SECURITY-200")
     @Test
+    @Ignore //TODO need to be fixed
     public void adminsShouldBeUnableToChangeTokensByDefault() throws Exception {
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         User foo = User.get("foo");
@@ -130,14 +134,17 @@ public class ApiTokenPropertyTest {
     }
     
     @Nonnull
-    private WebClient createClientForUser(final String username) throws Exception {
-        User u = User.get(username);
-        final ApiTokenProperty t = u.getProperty(ApiTokenProperty.class);
-        // Yes, we use the insecure call in the test stuff
-        final String token = t.getApiTokenInsecure();
+    private WebClient createClientForUser(final String id) throws Exception {
+        User u = User.getById(id, false);
+        
+        //TODO to be fixed
+//        final ApiTokenProperty t = u.getProperty(ApiTokenProperty.class);
+//        // Yes, we use the insecure call in the test stuff
+//        final String token = t.getApiTokenInsecure();
+        
         
         WebClient wc = j.createWebClient();
-        wc.addRequestHeader("Authorization", "Basic " + Scrambler.scramble(username + ":" + token));
+//        wc.addRequestHeader("Authorization", "Basic " + Scrambler.scramble(id + ":" + token));
         return wc;
     }
 
diff --git a/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java b/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java
index 0b471dd2b3..9189e051e4 100644
--- a/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java
+++ b/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java
@@ -8,6 +8,7 @@ import hudson.model.UnprotectedRootAction;
 import hudson.model.User;
 import hudson.util.HttpResponses;
 import org.junit.Before;
+import org.junit.Ignore;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.JenkinsRule;
@@ -44,6 +45,7 @@ public class BasicHeaderProcessorTest {
      * Tests various ways to send the Basic auth.
      */
     @Test
+    @Ignore //TODO need to be fixed
     public void testVariousWaysToCall() throws Exception {
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         User foo = User.getById("foo", true);
@@ -111,6 +113,7 @@ public class BasicHeaderProcessorTest {
     }
 
     @Test
+    @Ignore //TODO need to be fixed
     public void testAuthHeaderCaseInSensitive() throws Exception {
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         User foo = User.get("foo");
-- 
GitLab


From d994e65a9a380908cfd6ac3e4c41c9f2040d9a73 Mon Sep 17 00:00:00 2001
From: mike cirioli <mcirioli@cloudbees.com>
Date: Fri, 26 Jan 2018 10:16:34 -0500
Subject: [PATCH 049/863] [JENKINS-48463] Erring on the side of caution and
 incuding xpp3 libs back in, just in case some plugin might be depending on
 them

---
 core/pom.xml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/core/pom.xml b/core/pom.xml
index 7ef2c3227d..9c4faab34d 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -246,6 +246,11 @@ THE SOFTWARE.
         </exclusion>
       </exclusions>
     </dependency>
+    <dependency>
+      <groupId>xpp3</groupId>
+      <artifactId>xpp3</artifactId>
+      <version>1.1.4c</version>
+    </dependency>
     <dependency>
         <groupId>net.sf.kxml</groupId>
         <artifactId>kxml2</artifactId>
-- 
GitLab


From c87f5fd801b0aeb67a867b74ac50904e09a02020 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Fri, 26 Jan 2018 16:20:50 +0100
Subject: [PATCH 050/863] - adapt for new UI style on warning message - correct
 the help file name

---
 ...abled.html => help-tokenGenerationOnCreationDisabled.html} | 0
 .../message.jelly                                             | 4 ++--
 2 files changed, 2 insertions(+), 2 deletions(-)
 rename core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/{help-enabled.html => help-tokenGenerationOnCreationDisabled.html} (100%)

diff --git a/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-enabled.html b/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-tokenGenerationOnCreationDisabled.html
similarity index 100%
rename from core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-enabled.html
rename to core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-tokenGenerationOnCreationDisabled.html
diff --git a/core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.jelly b/core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.jelly
index 4a310bedb3..f7899f670c 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.jelly
+++ b/core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.jelly
@@ -23,11 +23,11 @@ THE SOFTWARE.
 -->
 <?jelly escape-by-default='true'?>
 <j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form">
-    <div class="warning">
+    <div class="alert alert-warning">
         <form method="post" action="${rootURL}/${it.url}/act" name="${it.id}">
             <f:submit name="yes" value="${%Disable API Token generation by default}"/>
             <f:submit name="no" value="${%Dismiss}"/>
-            ${%warningMessage(rootURL)}
         </form>
+        ${%warningMessage(rootURL)}
     </div>
 </j:jelly>
-- 
GitLab


From 720db118a808c04f2ae04dc36582ce7dd5031b9b Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 26 Jan 2018 17:26:16 +0100
Subject: [PATCH 051/863] [JENKINS-48725] - Update Lib Task Reactor to 1.5

---
 core/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/pom.xml b/core/pom.xml
index ce9d90f5ab..a4846b1b48 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -219,7 +219,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>org.jenkins-ci</groupId>
       <artifactId>task-reactor</artifactId>
-      <version>1.4</version>
+      <version>1.5</version>
     </dependency>
     <dependency>
       <groupId>org.jvnet.localizer</groupId>
-- 
GitLab


From e798f64854be85141ab7ba610c3a8ee0b093f36b Mon Sep 17 00:00:00 2001
From: Daniel Trebbien <dtrebbien@gmail.com>
Date: Fri, 26 Jan 2018 09:35:20 -0800
Subject: [PATCH 052/863] [JENKINS-49112] Revert use of
 Files.newBufferedReader() in Util.loadFile() (#3259)

* [JENKINS-49112] Revert use of Files.newBufferedReader() in Util.loadFile()

This partially reverts 67076834a24f03b832ab03b1bf9b96e05a5da81e.

* Restore the use of StringBuilder and reading into buf
---
 core/src/main/java/hudson/Util.java | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/Util.java b/core/src/main/java/hudson/Util.java
index f2f242a4a1..ce381d7a0a 100644
--- a/core/src/main/java/hudson/Util.java
+++ b/core/src/main/java/hudson/Util.java
@@ -193,11 +193,26 @@ public class Util {
 
         StringBuilder str = new StringBuilder((int)logfile.length());
 
-        try (BufferedReader r = Files.newBufferedReader(fileToPath(logfile), charset)) {
+        // We're not using Files.newBufferedReader() here because there is a
+        // difference in how an InputStreamReader constructed from a Charset and
+        // the reader returned by Files.newBufferedReader() handle malformed and
+        // unmappable byte sequences for the specified encoding; the latter is
+        // more picky and will throw a CharacterCodingException. See:
+        // https://issues.jenkins-ci.org/browse/JENKINS-49060?focusedCommentId=325989&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-325989
+        //
+        // As reported at https://issues.jenkins-ci.org/browse/JENKINS-49112
+        // Run.getLog() calls loadFile() to fully read the generated log file.
+        // Until charset handling is resolved (e.g. by implementing
+        // https://issues.jenkins-ci.org/browse/JENKINS-48923 ), malformed
+        // bytes will need to be tolerated.
+        try (InputStream rawIn = Files.newInputStream(fileToPath(logfile));
+             Reader r = new BufferedReader(new InputStreamReader(rawIn, charset))) {
             char[] buf = new char[1024];
             int len;
             while ((len = r.read(buf, 0, buf.length)) > 0)
                 str.append(buf, 0, len);
+        } catch (Exception e) {
+            throw new IOException("Failed to fully read " + logfile + " using charset " + charset.name(), e);
         }
 
         return str.toString();
-- 
GitLab


From 671772bf1c545c1853bf7bf73cc9189a5bc89eab Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Mon, 29 Jan 2018 09:45:07 +0100
Subject: [PATCH 053/863] Improvement to keep pure compatibility with legacy
 system

---
 .../java/jenkins/install/SetupWizard.java     |   5 +
 .../jenkins/security/ApiTokenProperty.java    | 179 +++++++++++++-----
 .../ApiTokenPropertyConfiguration.java        |  37 +---
 ...yDisabledDefaultAdministrativeMonitor.java |   2 +-
 ...EnabledNewLegacyAdministrativeMonitor.java |  66 +++++++
 .../java/jenkins/security/ApiTokenStore.java  |  33 +++-
 .../security/ApiTokenProperty/config.jelly    |  31 ++-
 .../ApiTokenProperty/config.properties        |   1 +
 ...elp-apiToken.html => help-tokenStore.html} |   0
 ...iToken_bg.html => help-tokenStore_bg.html} |   0
 ...iToken_it.html => help-tokenStore_it.html} |   0
 ...iToken_ja.html => help-tokenStore_ja.html} |   0
 ..._zh_TW.html => help-tokenStore_zh_TW.html} |   0
 .../security/ApiTokenProperty/resources.css   |  10 +-
 .../config.jelly                              |   5 +-
 .../help-creationOfLegacyTokenDisabled.html   |   5 +
 ...elp-tokenGenerationOnCreationDisabled.html |   5 +-
 .../message.jelly                             |   2 +-
 .../message.properties                        |   4 +-
 .../message.jelly                             |  33 ++++
 .../message.properties                        |   2 +
 .../jenkins/security/Messages.properties      |   3 +-
 .../test/java/hudson/cli/CLIActionTest.java   |   1 -
 .../security/ApiTokenPropertyTest.java        |   4 -
 .../security/BasicHeaderProcessorTest.java    |   2 -
 25 files changed, 326 insertions(+), 104 deletions(-)
 create mode 100644 core/src/main/java/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor.java
 rename core/src/main/resources/jenkins/security/ApiTokenProperty/{help-apiToken.html => help-tokenStore.html} (100%)
 rename core/src/main/resources/jenkins/security/ApiTokenProperty/{help-apiToken_bg.html => help-tokenStore_bg.html} (100%)
 rename core/src/main/resources/jenkins/security/ApiTokenProperty/{help-apiToken_it.html => help-tokenStore_it.html} (100%)
 rename core/src/main/resources/jenkins/security/ApiTokenProperty/{help-apiToken_ja.html => help-tokenStore_ja.html} (100%)
 rename core/src/main/resources/jenkins/security/ApiTokenProperty/{help-apiToken_zh_TW.html => help-tokenStore_zh_TW.html} (100%)
 create mode 100644 core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-creationOfLegacyTokenDisabled.html
 create mode 100644 core/src/main/resources/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.jelly
 create mode 100644 core/src/main/resources/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.properties

diff --git a/core/src/main/java/jenkins/install/SetupWizard.java b/core/src/main/java/jenkins/install/SetupWizard.java
index 6c70482369..c671c50723 100644
--- a/core/src/main/java/jenkins/install/SetupWizard.java
+++ b/core/src/main/java/jenkins/install/SetupWizard.java
@@ -20,6 +20,7 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletRequestWrapper;
 import javax.servlet.http.HttpServletResponse;
 
+import jenkins.security.ApiTokenPropertyConfiguration;
 import jenkins.util.SystemProperties;
 import org.acegisecurity.Authentication;
 import org.acegisecurity.context.SecurityContextHolder;
@@ -122,6 +123,10 @@ public class SetupWizard extends PageDecorator {
                     authStrategy.setAllowAnonymousRead(false);
                     jenkins.setAuthorizationStrategy(authStrategy);
     
+                    // Disable the legacy system of API Token
+                    ApiTokenPropertyConfiguration.get().setCreationOfLegacyTokenDisabled(true);
+                    ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationDisabled(true);
+
                     // Disable jnlp by default, but honor system properties
                     jenkins.setSlaveAgentPort(SystemProperties.getInteger(Jenkins.class.getName()+".slaveAgentPort",-1));
 
diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index c11069c638..f7e28b010d 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -25,6 +25,7 @@ package jenkins.security;
 
 import com.thoughtworks.xstream.converters.UnmarshallingContext;
 import hudson.Extension;
+import hudson.Util;
 import hudson.diagnosis.OldDataMonitor;
 import hudson.util.XStream2;
 import jenkins.util.SystemProperties;
@@ -47,6 +48,7 @@ import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.StaplerResponse;
 
 import java.io.IOException;
+import java.security.SecureRandom;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
@@ -72,7 +74,7 @@ import org.kohsuke.stapler.interceptor.RequirePOST;
 public class ApiTokenProperty extends UserProperty {
     private static final Logger LOGGER = Logger.getLogger(ApiTokenProperty.class.getName());
     
-    private transient volatile Secret apiToken;
+    private volatile Secret apiToken;
     private ApiTokenStore tokenStore;
     
     /**
@@ -83,9 +85,12 @@ public class ApiTokenProperty extends UserProperty {
      * 
      * @since 1.638
      */
-    private static final boolean ADMIN_CAN_GENERATE_NEW_TOKENS =
+    private static final boolean SHOW_LEGACY_TOKEN_TO_ADMINS =
             SystemProperties.getBoolean(ApiTokenProperty.class.getName() + ".showTokenToAdmins");
     
+    private static final boolean ADMIN_CAN_GENERATE_NEW_TOKENS =
+            SystemProperties.getBoolean(ApiTokenProperty.class.getName() + ".adminCanGenerateNewTokens");
+    
     @DataBoundConstructor
     public ApiTokenProperty() {
         this.init();
@@ -106,32 +111,56 @@ public class ApiTokenProperty extends UserProperty {
      * We don't let the external code set the API token,
      * but for the initial value of the token we need to compute the seed by ourselves.
      */
-    /*package*/ ApiTokenProperty(String seed) {
-        apiToken = Secret.fromString(seed);
+    /*package*/ ApiTokenProperty(@CheckForNull String seed) {
+        if(seed != null){
+            apiToken = Secret.fromString(seed);
+            tokenStore = new ApiTokenStore();
+            tokenStore.generateTokenFromLegacy(apiToken);
+        }
         this.init();
     }
     
     /**
      * Gets the API token.
      * The method performs security checks since 1.638. Only the current user and SYSTEM may see it.
-     * Users with {@link Jenkins#ADMINISTER} may be allowed to do it using {@link #ADMIN_CAN_GENERATE_NEW_TOKENS}.
+     * Users with {@link Jenkins#ADMINISTER} may be allowed to do it using {@link #SHOW_LEGACY_TOKEN_TO_ADMINS}.
      *
      * @return API Token. Never null, but may be {@link Messages#ApiTokenProperty_ChangeToken_TokenIsHidden()}
      *         if the user has no appropriate permissions.
      * @since 1.426, and since 1.638 the method performs security checks
      */
     @Nonnull
-    @Deprecated
     public String getApiToken() {
         LOGGER.log(Level.WARNING, "Deprecated usage of getApiToken");
-        return "deprecated";
+        if(this.apiToken == null){
+            return "deprecated";
+        }
+    
+        return hasPermissionToSeeToken() ? getApiTokenInsecure() : Messages.ApiTokenProperty_ChangeToken_TokenIsHidden();
+    }
+    
+    @Nonnull
+    @Restricted(NoExternalUse.class)
+    /*package*/ String getApiTokenInsecure() {
+        if(apiToken == null){
+            return "deprecated";
+        }
+
+        String p = apiToken.getPlainText();
+        if (p.equals(Util.getDigestOf(Jenkins.getInstance().getSecretKey()+":"+user.getId()))) {
+            // if the current token is the initial value created by pre SECURITY-49 Jenkins, we can't use that.
+            // force using the newer value
+            apiToken = Secret.fromString(p=API_KEY_SEED.mac(user.getId()));
+        }
+        return Util.getDigestOf(p);
     }
     
     public boolean matchesPassword(String token) {
         if(StringUtils.isBlank(token)){
             return false;
         }
-
+        
+        // use the new way to find a match in order to trigger the counter / lastUseDate logic
         boolean matchFound = tokenStore.doesContainToken(token);
         if (matchFound) {
             try {
@@ -145,14 +174,25 @@ public class ApiTokenProperty extends UserProperty {
     }
     
     /**
-     * @deprecated Each token can be revoked now and new tokens can be requested without altering existing ones.
+     * Only for legacy token
      */
-    @Deprecated
-    public void changeApiToken() throws IOException {
-        // just to keep the same level of security
-        user.checkPermission(Jenkins.ADMINISTER);
+    private boolean hasPermissionToSeeToken() {
+        // Administrators can do whatever they want
+        if (SHOW_LEGACY_TOKEN_TO_ADMINS && Jenkins.get().hasPermission(Jenkins.ADMINISTER)) {
+            return true;
+        }
         
-        LOGGER.log(Level.WARNING, "Deprecated usage of changeApiToken");
+        User current = User.current();
+        if (current == null) { // Anonymous
+            return false;
+        }
+        
+        // SYSTEM user is always eligible to see tokens
+        if (Jenkins.getAuthentication() == ACL.SYSTEM) {
+            return true;
+        }
+        
+        return User.idStrategy().equals(user.getId(), current.getId());
     }
     
     // only for Jelly
@@ -161,6 +201,12 @@ public class ApiTokenProperty extends UserProperty {
         return tokenStore.getTokenListSortedByName();
     }
     
+    // only for Jelly
+    @Restricted(NoExternalUse.class)
+    public boolean mustDisplayLegacyApiToken() {
+        return apiToken != null || !ApiTokenPropertyConfiguration.get().isCreationOfLegacyTokenDisabled();
+    }
+    
     @Override
     public UserProperty reconfigure(StaplerRequest req, @CheckForNull JSONObject form) throws FormException {
         if(form == null){
@@ -202,29 +248,28 @@ public class ApiTokenProperty extends UserProperty {
         tokenMap.put(uuid, tokenData);
     }
     
-    // for Jelly view
-    @Restricted(NoExternalUse.class)
-    public boolean hasCurrentUserPermissionToGenerateTokenForThisUser() {
-        return hasPermissionToGenerateTokenForUser(user);
-    }
+    /**
+     * Only usable if the user still has his API token. After the revocation of the legacy token the method will do nothing.
+     * @deprecated Each token can be revoked now and new tokens can be requested without altering existing ones.
+     */
+    @Deprecated
+    public void changeApiToken() throws IOException {
+        // just to keep the same level of security
+        user.checkPermission(Jenkins.ADMINISTER);
 
-    private static boolean hasPermissionToGenerateTokenForUser(User currentOwner) {
-        if (ADMIN_CAN_GENERATE_NEW_TOKENS && Jenkins.get().hasPermission(Jenkins.ADMINISTER)) {
-            return true;
-        }
-        
-        User currentUser = User.current();
-        if (currentUser == null) { 
-            // Anonymous
-            return false;
-        }
-        
-        if (Jenkins.getAuthentication() == ACL.SYSTEM) {
-            // SYSTEM user is always eligible to see tokens
-            return true;
-        }
+        LOGGER.log(Level.WARNING, "Deprecated usage of changeApiToken");
 
-        return User.idStrategy().equals(currentOwner.getId(), currentUser.getId());
+        _changeApiToken();
+        tokenStore.generateTokenFromLegacy(apiToken);
+        
+        user.save();
+    }
+    
+    @Deprecated
+    private void _changeApiToken(){
+        byte[] random = new byte[16];   // 16x8=128bit worth of randomness, since we use md5 digest as the API token
+        RANDOM.nextBytes(random);
+        apiToken = Secret.fromString(Util.toHexString(random));
     }
 
     public static class ConverterImpl extends XStream2.PassthruConverter<ApiTokenProperty> {
@@ -237,6 +282,8 @@ public class ApiTokenProperty extends UserProperty {
             // support legacy configuration
             if (apiTokenProperty.apiToken != null) {
                 apiTokenProperty.tokenStore.generateTokenFromLegacy(apiTokenProperty.apiToken);
+                //TODO save will allow the save of the hash of the legacy token 
+                // addition of a message could be nice in that API to provide more feedback to administrators
                 OldDataMonitor.report(context, "@since TODO");
             }
             
@@ -271,11 +318,36 @@ public class ApiTokenProperty extends UserProperty {
                 return null;
             }
 
-            return forceNewInstance(user);
+            return forceNewInstance(user, true);
         }
         
-        private ApiTokenProperty forceNewInstance(User user) {
-            return new ApiTokenProperty(API_KEY_SEED.mac(user.getId()));
+        private ApiTokenProperty forceNewInstance(User user, boolean withLegacyToken) {
+            if(withLegacyToken){
+                return new ApiTokenProperty(API_KEY_SEED.mac(user.getId()));
+            }else{
+                return new ApiTokenProperty(null);
+            }
+        }
+    
+        // for Jelly view
+        @Restricted(NoExternalUse.class)
+        public boolean hasCurrentUserRightToGenerateNewToken(User propertyOwner){
+            if (ADMIN_CAN_GENERATE_NEW_TOKENS && Jenkins.get().hasPermission(Jenkins.ADMINISTER)) {
+                return true;
+            }
+
+            User currentUser = User.current();
+            if (currentUser == null) {
+                // Anonymous
+                return false;
+            }
+
+            if (Jenkins.getAuthentication() == ACL.SYSTEM) {
+                // SYSTEM user is always eligible to see tokens
+                return true;
+            }
+
+            return User.idStrategy().equals(propertyOwner.getId(), currentUser.getId());
         }
 
         /**
@@ -286,24 +358,26 @@ public class ApiTokenProperty extends UserProperty {
         public HttpResponse doChangeToken(@AncestorInPath User u, StaplerResponse rsp) throws IOException {
             LOGGER.log(Level.WARNING, "Deprecated action /changeToken used, consider using /generateNewToken instead");
 
+            u.checkPermission(Jenkins.ADMINISTER);
+
             ApiTokenProperty p = u.getProperty(ApiTokenProperty.class);
             if (p == null) {
-                p = forceNewInstance(u);
+                p = forceNewInstance(u, true);
                 u.addProperty(p);
+            } else {
+                // even if the user does not have legacy token, this method let some legacy system to regenerate one
+                p.changeApiToken();
             }
             
-            String newValue = p.tokenStore.generateNewTokenAndReturnHiddenValue("Created using deprecated method");
-            
-            rsp.setHeader("script","document.getElementById('apiToken').value='"+newValue+"'");
-            return HttpResponses.html(p.hasCurrentUserPermissionToGenerateTokenForThisUser()
+            rsp.setHeader("script","document.getElementById('apiToken').value='"+p.getApiToken()+"'");
+            return HttpResponses.html(p.hasPermissionToSeeToken()
                     ? Messages.ApiTokenProperty_ChangeToken_Success()
                     : Messages.ApiTokenProperty_ChangeToken_SuccessHidden());
-    
         }
 
         @RequirePOST
         public HttpResponse doGenerateNewToken(@AncestorInPath User u, StaplerResponse rsp, @QueryParameter String newTokenName) throws IOException {
-            if(!hasPermissionToGenerateTokenForUser(u)){
+            if(!hasCurrentUserRightToGenerateNewToken(u)){
                 return HttpResponses.forbidden();
             }
             
@@ -313,7 +387,7 @@ public class ApiTokenProperty extends UserProperty {
             
             ApiTokenProperty p = u.getProperty(ApiTokenProperty.class);
             if (p == null) {
-                p = forceNewInstance(u);
+                p = forceNewInstance(u, false);
                 u.addProperty(p);
             }
             
@@ -366,16 +440,25 @@ public class ApiTokenProperty extends UserProperty {
                 return HttpResponses.errorWithoutStack(400, "The user does not have any ApiToken yet, try generating one before.");
             }
             
-            p.tokenStore.revokeToken(tokenId);
+            ApiTokenStore.HashedToken revoked = p.tokenStore.revokeToken(tokenId);
+            if(revoked != null && revoked.isLegacy()){
+                // if the user revoked the API Token, we can delete it
+                p.apiToken = null;
+            }
             u.save();
             
             return HttpResponses.ok();
         }
     }
     
+    /**
+     * Only used for legacy API Token generation and change. After that token is revoked, it will be useless.
+     */
+    @Deprecated
+    private static final SecureRandom RANDOM = new SecureRandom();
+    
     /**
      * We don't want an API key that's too long, so cut the length to 16 (which produces 32-letter MAC code in hexdump)
-     * @deprecated only used for the migration of data from previous save
      */
     @Deprecated
     private static final HMACConfidentialKey API_KEY_SEED = new HMACConfidentialKey(ApiTokenProperty.class, "seed", 16);
diff --git a/core/src/main/java/jenkins/security/ApiTokenPropertyConfiguration.java b/core/src/main/java/jenkins/security/ApiTokenPropertyConfiguration.java
index b1a1437c05..58e70530c1 100644
--- a/core/src/main/java/jenkins/security/ApiTokenPropertyConfiguration.java
+++ b/core/src/main/java/jenkins/security/ApiTokenPropertyConfiguration.java
@@ -24,39 +24,12 @@
 package jenkins.security;
 
 import hudson.Extension;
-import hudson.Util;
-import hudson.model.AdministrativeMonitor;
-import hudson.model.Descriptor.FormException;
-import hudson.model.User;
-import hudson.model.UserProperty;
-import hudson.model.UserPropertyDescriptor;
-import hudson.security.ACL;
-import hudson.util.HttpResponses;
-import hudson.util.Secret;
 import jenkins.model.GlobalConfiguration;
 import jenkins.model.GlobalConfigurationCategory;
 import jenkins.model.Jenkins;
-import jenkins.util.SystemProperties;
-import net.sf.json.JSONObject;
-import org.apache.commons.lang.StringUtils;
 import org.jenkinsci.Symbol;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
-import org.kohsuke.stapler.AncestorInPath;
-import org.kohsuke.stapler.DataBoundConstructor;
-import org.kohsuke.stapler.HttpResponse;
-import org.kohsuke.stapler.QueryParameter;
-import org.kohsuke.stapler.StaplerRequest;
-import org.kohsuke.stapler.StaplerResponse;
-import org.kohsuke.stapler.interceptor.RequirePOST;
-import org.mindrot.jbcrypt.BCrypt;
-
-import javax.annotation.Nonnull;
-import java.io.IOException;
-import java.nio.charset.Charset;
-import java.security.MessageDigest;
-import java.security.SecureRandom;
-import java.util.Date;
 
 /**
  * Configuration for the new token generation when a user is created
@@ -68,6 +41,7 @@ import java.util.Date;
 @Restricted(NoExternalUse.class)
 public class ApiTokenPropertyConfiguration extends GlobalConfiguration {
     private boolean tokenGenerationOnCreationDisabled = false;
+    private boolean creationOfLegacyTokenDisabled = false;
     
     public static ApiTokenPropertyConfiguration get() {
         return Jenkins.get().getInjector().getInstance(ApiTokenPropertyConfiguration.class);
@@ -86,6 +60,15 @@ public class ApiTokenPropertyConfiguration extends GlobalConfiguration {
         save();
     }
 
+    public boolean isCreationOfLegacyTokenDisabled() {
+        return creationOfLegacyTokenDisabled;
+    }
+
+    public void setCreationOfLegacyTokenDisabled(boolean creationOfLegacyTokenDisabled) {
+        this.creationOfLegacyTokenDisabled = creationOfLegacyTokenDisabled;
+        save();
+    }
+
     @Override 
     public GlobalConfigurationCategory getCategory() {
         return GlobalConfigurationCategory.get(GlobalConfigurationCategory.Security.class);
diff --git a/core/src/main/java/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor.java b/core/src/main/java/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor.java
index 9e8b2f42b5..a9629074c4 100644
--- a/core/src/main/java/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor.java
+++ b/core/src/main/java/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor.java
@@ -41,7 +41,7 @@ import java.io.IOException;
  * @since TODO
  */
 @Extension
-@Symbol("apiToken")
+@Symbol("apiTokenLegacyAutoGeneration")
 @Restricted(NoExternalUse.class)
 public class ApiTokenPropertyDisabledDefaultAdministrativeMonitor extends AdministrativeMonitor {
     @Override
diff --git a/core/src/main/java/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor.java b/core/src/main/java/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor.java
new file mode 100644
index 0000000000..565d481b4f
--- /dev/null
+++ b/core/src/main/java/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor.java
@@ -0,0 +1,66 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.security;
+
+import hudson.Extension;
+import hudson.model.AdministrativeMonitor;
+import hudson.util.HttpResponses;
+import org.jenkinsci.Symbol;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+import org.kohsuke.stapler.HttpResponse;
+import org.kohsuke.stapler.QueryParameter;
+import org.kohsuke.stapler.interceptor.RequirePOST;
+
+import java.io.IOException;
+
+/**
+ * Monitor that the API Token cannot be created for a user without existing legacy token
+ *
+ * @since TODO
+ */
+@Extension
+@Symbol("apiTokenNewLegacyWithoutExisting")
+@Restricted(NoExternalUse.class)
+public class ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor extends AdministrativeMonitor {
+    @Override
+    public String getDisplayName() {
+        return Messages.ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor_displayName();
+    }
+    
+    @Override
+    public boolean isActivated() {
+        return !ApiTokenPropertyConfiguration.get().isCreationOfLegacyTokenDisabled();
+    }
+    
+    @RequirePOST
+    public HttpResponse doAct(@QueryParameter String no) throws IOException {
+        if (no == null) {
+            ApiTokenPropertyConfiguration.get().setCreationOfLegacyTokenDisabled(true);
+        } else {
+            disable(true);
+        }
+        return HttpResponses.redirectViaContextPath("manage");
+    }
+}
diff --git a/core/src/main/java/jenkins/security/ApiTokenStore.java b/core/src/main/java/jenkins/security/ApiTokenStore.java
index 78fadab1fa..86b3d33b1b 100644
--- a/core/src/main/java/jenkins/security/ApiTokenStore.java
+++ b/core/src/main/java/jenkins/security/ApiTokenStore.java
@@ -31,6 +31,7 @@ import net.sf.json.JSONObject;
 import org.apache.commons.lang.StringUtils;
 import org.mindrot.jbcrypt.BCrypt;
 
+import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
 import javax.annotation.concurrent.Immutable;
 import java.security.SecureRandom;
@@ -164,14 +165,31 @@ public class ApiTokenStore {
         }
     }
     
-    public synchronized void generateTokenFromLegacy(@Nonnull Secret apiToken) {
-        String tokenUserUseNormally = Util.getDigestOf(apiToken.getPlainText());
-        
+    public synchronized void generateTokenFromLegacy(@Nonnull Secret newLegacyApiToken){
+        deleteAllLegacyTokens();
+        addLegacyToken(newLegacyApiToken);
+    }
+    
+    private void deleteAllLegacyTokens(){
+        // normally there is only one, but just in case
+        for (int i = tokenList.size() - 1; i >= 0; i--) {
+            HashedToken token = tokenList.get(i);
+            if (token.isLegacy()) {
+                tokenList.remove(i);
+            
+                removeTokenFromPrefixMap(token);
+            }
+        }
+    }
+    
+    private void addLegacyToken(@Nonnull Secret legacyToken){
+        String tokenUserUseNormally = Util.getDigestOf(legacyToken.getPlainText());
+    
         String secretValueHashed = this.hashSecret(tokenUserUseNormally);
-        
+    
         HashValue hashValue = new HashValue(LEGACY_VERSION, LEGACY_PREFIX, secretValueHashed);
         HashedToken token = HashedToken.buildNew(Messages.ApiTokenProperty_LegacyTokenName(), hashValue);
-        
+    
         this.addToken(token);
     }
     
@@ -285,15 +303,18 @@ public class ApiTokenStore {
         return false;
     }
     
-    public synchronized void revokeToken(@Nonnull String tokenId) {
+    public synchronized @CheckForNull HashedToken revokeToken(@Nonnull String tokenId) {
         for (int i = 0; i < tokenList.size(); i++) {
             HashedToken token = tokenList.get(i);
             if (token.uuid.equals(tokenId)) {
                 tokenList.remove(i);
                 
                 removeTokenFromPrefixMap(token);
+                return token;
             }
         }
+        
+        return null;
     }
     
     private void removeTokenFromPrefixMap(HashedToken token) {
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
index 78503649a4..d1e41a3518 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
@@ -27,13 +27,21 @@ THE SOFTWARE.
 <j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:f="/lib/form" xmlns:l="/lib/layout">
     <st:adjunct includes="jenkins.security.ApiTokenProperty.resources"/>
     
-    <f:entry title="${%CurrentTokens(instance.tokenList.size())}" help="${descriptor.getHelpFile('apiToken')}">
+    <f:entry title="${%CurrentTokens(instance.tokenList.size())}" help="${descriptor.getHelpFile('tokenStore')}">
         <ul class="token-list">
             <j:forEach var="token" items="${instance.tokenList}">
-                <li class="token-list-item" name="tokenStore">
+                <j:set var="legacyClazz" value="" />
+                <j:if test="${token.isLegacy()}">
+                    <j:set var="legacyClazz" value="legacy-token" />
+                </j:if>
+                <li class="token-list-item ${legacyClazz}" name="tokenStore">
                     <input type="hidden" class="token-uuid-input" name="tokenUuid" value="${token.uuid}" />
                     <f:textbox clazz="token-name" name="tokenName" value="${token.name}" />
     
+                    <j:if test="${token.isLegacy()}">
+                        <l:icon class="icon-warning icon-sm" title="${%LegacyToken}"/>
+                    </j:if>
+                    
                     <j:set var="daysOld" value="${token.numDaysCreation}" />
                     <j:set var="oldClazz" value="age-ok" />
                     <j:if test="${daysOld > 180}">
@@ -43,7 +51,7 @@ THE SOFTWARE.
                         </j:if>
                     </j:if>
                     <span class="token-creation ${oldClazz}">${%TokenCreation(daysOld)}</span>
-
+                    
                     <span class="to-right">
                         <j:set var="useCounter" value="${token.useCounter}" />
                         <j:choose>
@@ -54,10 +62,10 @@ THE SOFTWARE.
                             </j:when>
                             <j:otherwise>
                                 <span class="token-use-counter">
-                                    <b title="${%TokenNeverUsed.Title}">
+                                    <strong title="${%TokenNeverUsed.Title}">
                                         <l:icon class="icon-warning icon-sm"/>
                                         ${%TokenNeverUsed}
-                                    </b>
+                                    </strong>
                                 </span>
                             </j:otherwise>
                         </j:choose>
@@ -75,7 +83,8 @@ THE SOFTWARE.
         </ul>
     </f:entry>
 
-    <j:if test="${instance.hasCurrentUserPermissionToGenerateTokenForThisUser()}">
+    <j:if test="${descriptor.hasCurrentUserRightToGenerateNewToken(it)}">
+    <!--<j:if test="${instance == null || instance.hasCurrentUserPermissionToGenerateTokenForThisUser()}">-->
         <f:advanced title="${%Generate new API Token}" align="left">
             <f:entry title="New Token">
                 <f:textbox name="newTokenName" placeholder="${%Default name}" style="width: 40%; display: inline-block"/>
@@ -88,4 +97,14 @@ THE SOFTWARE.
             </f:entry>
         </f:advanced>
     </j:if>
+    
+    <!--TODO add if on apiToken non-nullability -->
+    <j:if test="${instance.mustDisplayLegacyApiToken()}">
+        <f:advanced title="${%Show Legacy API Token}" align="left">
+            <f:entry title="${%Legacy API Token}" field="apiToken">
+                <f:readOnlyTextbox id="apiToken" />
+            </f:entry>
+            <f:validateButton title="${%Change API Token}" method="changeToken" />
+        </f:advanced>
+    </j:if>
 </j:jelly>
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
index ba92f439d4..d4536152ee 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
@@ -7,3 +7,4 @@ ConfirmRevokeSingle=Are you sure you want to revoke this token ? Applications th
 CurrentTokens=Current tokens
 TokenCreation=Created {0} day(s) ago
 RenameToken=Save the new name of the token
+LegacyToken=We strongly recommend you to revoke this Legacy API Token as it''s not as secure as the others
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/help-apiToken.html b/core/src/main/resources/jenkins/security/ApiTokenProperty/help-tokenStore.html
similarity index 100%
rename from core/src/main/resources/jenkins/security/ApiTokenProperty/help-apiToken.html
rename to core/src/main/resources/jenkins/security/ApiTokenProperty/help-tokenStore.html
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/help-apiToken_bg.html b/core/src/main/resources/jenkins/security/ApiTokenProperty/help-tokenStore_bg.html
similarity index 100%
rename from core/src/main/resources/jenkins/security/ApiTokenProperty/help-apiToken_bg.html
rename to core/src/main/resources/jenkins/security/ApiTokenProperty/help-tokenStore_bg.html
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/help-apiToken_it.html b/core/src/main/resources/jenkins/security/ApiTokenProperty/help-tokenStore_it.html
similarity index 100%
rename from core/src/main/resources/jenkins/security/ApiTokenProperty/help-apiToken_it.html
rename to core/src/main/resources/jenkins/security/ApiTokenProperty/help-tokenStore_it.html
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/help-apiToken_ja.html b/core/src/main/resources/jenkins/security/ApiTokenProperty/help-tokenStore_ja.html
similarity index 100%
rename from core/src/main/resources/jenkins/security/ApiTokenProperty/help-apiToken_ja.html
rename to core/src/main/resources/jenkins/security/ApiTokenProperty/help-tokenStore_ja.html
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/help-apiToken_zh_TW.html b/core/src/main/resources/jenkins/security/ApiTokenProperty/help-tokenStore_zh_TW.html
similarity index 100%
rename from core/src/main/resources/jenkins/security/ApiTokenProperty/help-apiToken_zh_TW.html
rename to core/src/main/resources/jenkins/security/ApiTokenProperty/help-tokenStore_zh_TW.html
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css
index 1d9ac3c405..80723549e0 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css
@@ -38,6 +38,12 @@ ul.token-list li.token-list-item {
     font-size: 13px;
     line-height: 26px;
 }
+ul.token-list li.token-list-item.legacy-token {
+    padding: 8px 5px 8px 5px;
+    border: 2px solid #ffe262;
+    border-left-width: 5px;
+    border-right-width: 5px;
+}
 ul.token-list li.token-list-item.list-empty {
     display: none;
 }
@@ -60,7 +66,7 @@ ul.token-list li.token-list-item .token-creation{
     font-size: 90%;
 }
 ul.token-list li.token-list-item .token-creation.age-ok{
-    color: #487ba0;
+    color: #6d7680;
 }
 ul.token-list li.token-list-item .token-creation.age-mmmh{
     color: #e09307;
@@ -76,7 +82,7 @@ ul.token-list li.token-list-item .to-right{
 }
 ul.token-list li.token-list-item .token-use-counter{
     font-size: 90%;
-    color: #586069;
+    color: #6d7680;
 }
 ul.token-list li.token-list-item .token-revoke{
     margin-left: 10px;
diff --git a/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/config.jelly b/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/config.jelly
index 985a5e77b8..7208fa5408 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/config.jelly
+++ b/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/config.jelly
@@ -27,7 +27,10 @@ THE SOFTWARE.
 <j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form">
     <f:section title="${%API Token}">
         <f:entry field="tokenGenerationOnCreationDisabled">
-            <f:checkbox title="${%Disable generation of API Token on user creation}"/>
+            <f:checkbox title="${%Disable generation of Legacy API Token on user creation}"/>
+        </f:entry>
+        <f:entry field="creationOfLegacyTokenDisabled">
+            <f:checkbox title="${%Disable capability of user without Legacy API Token to create new one}"/>
         </f:entry>
     </f:section>
 </j:jelly>
diff --git a/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-creationOfLegacyTokenDisabled.html b/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-creationOfLegacyTokenDisabled.html
new file mode 100644
index 0000000000..578047e45c
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-creationOfLegacyTokenDisabled.html
@@ -0,0 +1,5 @@
+<div>
+    Even if this is disabled (recommended for security reasons), the users are still able to generate new tokens
+    themselves on their configure page using the new system.<br/>
+    It affects only the legacy tokens that are now <strong>deprecated</strong>.
+</div>
diff --git a/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-tokenGenerationOnCreationDisabled.html b/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-tokenGenerationOnCreationDisabled.html
index c0cc87bbed..e8c9bfb99b 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-tokenGenerationOnCreationDisabled.html
+++ b/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-tokenGenerationOnCreationDisabled.html
@@ -1,4 +1,5 @@
 <div>
-    Even if this is disabled (recommended for security reasons), the users are still able to generate new tokens
-    themselves on their configure page.
+    By disabling this capability, the users will be forced to use the new system of Token. <br/>
+    This behavior was the legacy one used until the new system was implemented.
+    It affects only the legacy tokens that are now <strong>deprecated</strong>.
 </div>
diff --git a/core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.jelly b/core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.jelly
index f7899f670c..004d73c999 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.jelly
+++ b/core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.jelly
@@ -25,7 +25,7 @@ THE SOFTWARE.
 <j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form">
     <div class="alert alert-warning">
         <form method="post" action="${rootURL}/${it.url}/act" name="${it.id}">
-            <f:submit name="yes" value="${%Disable API Token generation by default}"/>
+            <f:submit name="yes" value="${%Disable legacy generation by default}"/>
             <f:submit name="no" value="${%Dismiss}"/>
         </form>
         ${%warningMessage(rootURL)}
diff --git a/core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.properties b/core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.properties
index 5638ccb00e..71e8f0ab02 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.properties
+++ b/core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.properties
@@ -1,2 +1,2 @@
-warningMessage=The API Token are currently generated directly when a new user is created. The recommended way is to \
-   disable this behavior and let users request new tokens themselves.
+warningMessage=A Legacy API Token is currently generated when a new user is created. <br />\
+  This behavior is just implemented to help users migrate at their own pace but not meant for long-term use.
diff --git a/core/src/main/resources/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.jelly b/core/src/main/resources/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.jelly
new file mode 100644
index 0000000000..8aa1bd3d08
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.jelly
@@ -0,0 +1,33 @@
+<!--
+The MIT License
+
+Copyright (c) 2017, CloudBees, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form">
+    <div class="alert alert-warning">
+        <form method="post" action="${rootURL}/${it.url}/act" name="${it.id}">
+            <f:submit name="yes" value="${%Disable that capability}"/>
+            <f:submit name="no" value="${%Dismiss}"/>
+        </form>
+        ${%warningMessage(rootURL)}
+    </div>
+</j:jelly>
diff --git a/core/src/main/resources/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.properties b/core/src/main/resources/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.properties
new file mode 100644
index 0000000000..0221fc76ee
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.properties
@@ -0,0 +1,2 @@
+warningMessage=Users without Legacy API Token have the capability to create new Legacy API Token. <br />\
+  This behavior is just implemented to help users migrate at their own pace but not meant for long-term use.
diff --git a/core/src/main/resources/jenkins/security/Messages.properties b/core/src/main/resources/jenkins/security/Messages.properties
index 1e7d472b43..f6e4f71fc6 100644
--- a/core/src/main/resources/jenkins/security/Messages.properties
+++ b/core/src/main/resources/jenkins/security/Messages.properties
@@ -26,6 +26,7 @@ ApiTokenProperty.ChangeToken.Success=<div>Updated. See the new token in the fiel
 ApiTokenProperty.ChangeToken.SuccessHidden=<div>Updated. You need to login as the user to see the token</div>
 ApiTokenProperty.NewTokenGenerated=<div class="success">Token generated! <code>The value will not be displayed </code>anymore, please save it.</div>
 ApiTokenProperty.LegacyTokenName=Legacy Token
-ApiTokenPropertyDisabledDefaultAdministrativeMonitor.displayName=API Token not generated by default
+ApiTokenPropertyDisabledDefaultAdministrativeMonitor.displayName=Legacy API Token  not generated by default
+ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor.displayName=Legacy API Token can be created even without existing
 RekeySecretAdminMonitor.DisplayName=Re-keying
 UpdateSiteWarningsMonitor.DisplayName=Update Site Warnings
diff --git a/test/src/test/java/hudson/cli/CLIActionTest.java b/test/src/test/java/hudson/cli/CLIActionTest.java
index 132b0bb885..6738ee0612 100644
--- a/test/src/test/java/hudson/cli/CLIActionTest.java
+++ b/test/src/test/java/hudson/cli/CLIActionTest.java
@@ -127,7 +127,6 @@ public class CLIActionTest {
 
     @Issue({"JENKINS-12543", "JENKINS-41745"})
     @Test
-    @Ignore //TODO need to be fixed
     public void authentication() throws Exception {
         logging.record(PlainCLIProtocol.class, Level.FINE);
         File jar = tmp.newFile("jenkins-cli.jar");
diff --git a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
index 92fb1f986c..6b94e54322 100644
--- a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
+++ b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
@@ -37,7 +37,6 @@ public class ApiTokenPropertyTest {
      * Tests the UI interaction and authentication.
      */
     @Test
-    @Ignore //TODO need to be fixed
     public void basics() throws Exception {
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         User u = User.getById("foo", true);
@@ -68,7 +67,6 @@ public class ApiTokenPropertyTest {
     }
 
     @Test
-    @Ignore //TODO need to be fixed
     public void security49Upgrade() throws Exception {
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         User u = User.get("foo");
@@ -93,7 +91,6 @@ public class ApiTokenPropertyTest {
     
     @Issue("SECURITY-200")
     @Test
-    @Ignore //TODO need to be fixed
     public void adminsShouldBeUnableToSeeTokensByDefault() throws Exception {
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         User u = User.get("foo");
@@ -109,7 +106,6 @@ public class ApiTokenPropertyTest {
     
     @Issue("SECURITY-200")
     @Test
-    @Ignore //TODO need to be fixed
     public void adminsShouldBeUnableToChangeTokensByDefault() throws Exception {
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         User foo = User.get("foo");
diff --git a/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java b/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java
index 9189e051e4..b1bb90381a 100644
--- a/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java
+++ b/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java
@@ -45,7 +45,6 @@ public class BasicHeaderProcessorTest {
      * Tests various ways to send the Basic auth.
      */
     @Test
-    @Ignore //TODO need to be fixed
     public void testVariousWaysToCall() throws Exception {
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         User foo = User.getById("foo", true);
@@ -113,7 +112,6 @@ public class BasicHeaderProcessorTest {
     }
 
     @Test
-    @Ignore //TODO need to be fixed
     public void testAuthHeaderCaseInSensitive() throws Exception {
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         User foo = User.get("foo");
-- 
GitLab


From 91237450bca18b64a3acb3bf02ef165d2d86db57 Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Mon, 29 Jan 2018 11:55:44 +0100
Subject: [PATCH 054/863] Disable test temporarily to get the release out

Note: this test is wrong, the production code is correct.
So that is why disabling this test until we fix it is OK.
---
 core/src/test/java/hudson/util/AtomicFileWriterTest.java | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/core/src/test/java/hudson/util/AtomicFileWriterTest.java b/core/src/test/java/hudson/util/AtomicFileWriterTest.java
index 8d231c487b..949964eb64 100644
--- a/core/src/test/java/hudson/util/AtomicFileWriterTest.java
+++ b/core/src/test/java/hudson/util/AtomicFileWriterTest.java
@@ -3,6 +3,7 @@ package hudson.util;
 import org.apache.commons.io.FileUtils;
 import org.hamcrest.core.StringContains;
 import org.junit.Before;
+import org.junit.Ignore;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.TemporaryFolder;
@@ -141,6 +142,7 @@ public class AtomicFileWriterTest {
         }
     }
 
+    @Ignore // Need to fix the testing done here, since it assumes umask=002, which is wrong... Including on Kohsuke's release envt :-\.
     @Issue("JENKINS-48407")
     @Test
     public void checkPermissions() throws IOException, InterruptedException {
-- 
GitLab


From 4176b0c05ec37291c41532ad1b41719ce71c56d6 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 29 Jan 2018 03:35:21 -0800
Subject: [PATCH 055/863] [maven-release-plugin] prepare release jenkins-2.104

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 5ccf113f0c..8dddcb25f5 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.104-SNAPSHOT</version>
+    <version>2.104</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index ce9d90f5ab..847a454a44 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.104-SNAPSHOT</version>
+    <version>2.104</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index a7f4b0a388..eea0aacda5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.104-SNAPSHOT</version>
+  <version>2.104</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.104</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 1328f05bb5..75ff48b5f7 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.104-SNAPSHOT</version>
+    <version>2.104</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index b1cd21a8e9..9f79413192 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.104-SNAPSHOT</version>
+    <version>2.104</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 53b9bdff752b97bece30d450697852cbf8089c6d Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 29 Jan 2018 03:35:21 -0800
Subject: [PATCH 056/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 8dddcb25f5..e306fa9f74 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.104</version>
+    <version>2.105-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 847a454a44..1259e93805 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.104</version>
+    <version>2.105-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index eea0aacda5..b49d34a3e9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.104</version>
+  <version>2.105-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.104</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 75ff48b5f7..79cb741f3c 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.104</version>
+    <version>2.105-SNAPSHOT</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 9f79413192..8293af9dcf 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.104</version>
+    <version>2.105-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From d0110590fc1ae2bdcd3acc925de41b9a279b5a07 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Mon, 29 Jan 2018 15:58:20 +0100
Subject: [PATCH 057/863] - add a short-living cache for the hash with just
 sha256(salt + plainToken) to speed up things after the first "complete" check

---
 .../jenkins/security/ApiTokenProperty.java    |  16 +-
 .../java/jenkins/security/ApiTokenStore.java  | 173 +++++++++++++++++-
 2 files changed, 179 insertions(+), 10 deletions(-)

diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index f7e28b010d..18f4d35d9c 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -24,6 +24,7 @@
 package jenkins.security;
 
 import com.thoughtworks.xstream.converters.UnmarshallingContext;
+import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
 import hudson.Extension;
 import hudson.Util;
 import hudson.diagnosis.OldDataMonitor;
@@ -74,15 +75,12 @@ import org.kohsuke.stapler.interceptor.RequirePOST;
 public class ApiTokenProperty extends UserProperty {
     private static final Logger LOGGER = Logger.getLogger(ApiTokenProperty.class.getName());
     
-    private volatile Secret apiToken;
-    private ApiTokenStore tokenStore;
-    
     /**
      * If enabled, the users with {@link Jenkins#ADMINISTER) permissions can generate new tokens for
      * other users. Normally only a user can generate tokens for himself.
      * Disabled by default due to the security reasons.
      * If enabled, it restores the original Jenkins behavior (SECURITY-200).
-     * 
+     *
      * @since 1.638
      */
     private static final boolean SHOW_LEGACY_TOKEN_TO_ADMINS =
@@ -90,6 +88,9 @@ public class ApiTokenProperty extends UserProperty {
     
     private static final boolean ADMIN_CAN_GENERATE_NEW_TOKENS =
             SystemProperties.getBoolean(ApiTokenProperty.class.getName() + ".adminCanGenerateNewTokens");
+
+    private volatile Secret apiToken;
+    private ApiTokenStore tokenStore;
     
     @DataBoundConstructor
     public ApiTokenProperty() {
@@ -130,13 +131,16 @@ public class ApiTokenProperty extends UserProperty {
      * @since 1.426, and since 1.638 the method performs security checks
      */
     @Nonnull
+    @SuppressFBWarnings("NP_NONNULL_RETURN_VIOLATION")
     public String getApiToken() {
         LOGGER.log(Level.WARNING, "Deprecated usage of getApiToken");
         if(this.apiToken == null){
             return "deprecated";
         }
-    
-        return hasPermissionToSeeToken() ? getApiTokenInsecure() : Messages.ApiTokenProperty_ChangeToken_TokenIsHidden();
+        
+        return hasPermissionToSeeToken()
+                ? getApiTokenInsecure()
+                : Messages.ApiTokenProperty_ChangeToken_TokenIsHidden();
     }
     
     @Nonnull
diff --git a/core/src/main/java/jenkins/security/ApiTokenStore.java b/core/src/main/java/jenkins/security/ApiTokenStore.java
index 86b3d33b1b..797a0f2945 100644
--- a/core/src/main/java/jenkins/security/ApiTokenStore.java
+++ b/core/src/main/java/jenkins/security/ApiTokenStore.java
@@ -23,6 +23,7 @@
  */
 package jenkins.security;
 
+import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
 import hudson.Util;
 import hudson.diagnosis.OldDataMonitor;
 import hudson.util.Secret;
@@ -34,10 +35,15 @@ import org.mindrot.jbcrypt.BCrypt;
 import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
 import javax.annotation.concurrent.Immutable;
+import java.nio.charset.StandardCharsets;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
 import java.time.Instant;
+import java.time.LocalDateTime;
 import java.time.temporal.ChronoUnit;
 import java.util.ArrayList;
+import java.util.Base64;
 import java.util.Comparator;
 import java.util.Date;
 import java.util.HashMap;
@@ -60,12 +66,14 @@ public class ApiTokenStore {
      * default value corresponds to 
      * BCrypt#GENSALT_DEFAULT_LOG2_ROUNDS is 10 which is way too small in 2018
      */
-    private static final int BCRYPT_LOG_ROUND =
+    @SuppressFBWarnings(value = "MS_SHOULD_BE_FINAL", justification = "Accessible via System Groovy Scripts")
+    public static int BCRYPT_LOG_ROUND =
             SystemProperties.getInteger(ApiTokenStore.class.getName() + ".bcryptLogRound", 13);
     /**
      * Determine the number of attempt to generate an unique prefix (over 4096 possibilities) that is not currently used
      */
-    private static final int MAX_ATTEMPTS =
+    @SuppressFBWarnings(value = "MS_SHOULD_BE_FINAL", justification = "Accessible via System Groovy Scripts")
+    public static final int MAX_ATTEMPTS =
             SystemProperties.getInteger(ApiTokenStore.class.getName() + ".maxAttempt", 100);
     
     private static final int TOKEN_LENGTH_V2 = 36;
@@ -74,6 +82,12 @@ public class ApiTokenStore {
     private static final String HASH_VERSION = "2";
     
     private static final String LEGACY_PREFIX = "";
+
+    /**
+     * Cache the computation of hash in order to speed up API call that were already verified some times ago
+     * Does not keep deleted data alive, just optimize the computation of the hashes.
+     */
+    private static final HashCache HASH_CACHE = new HashCache();
     
     private List<HashedToken> tokenList;
     private transient Map<String, Node<HashedToken>> prefixToTokenList;
@@ -94,6 +108,7 @@ public class ApiTokenStore {
         this.prefixToTokenList = new HashMap<>();
     }
     
+    @SuppressFBWarnings("NP_NONNULL_RETURN_VIOLATION")
     public synchronized @Nonnull List<HashedToken> getTokenListSortedByName() {
         List<ApiTokenStore.HashedToken> sortedTokenList = tokenList.stream()
                 .sorted(SORT_BY_LOWERCASED_NAME)
@@ -212,8 +227,10 @@ public class ApiTokenStore {
         return tokenTheUserWillUse;
     }
     
+    @SuppressFBWarnings("NP_NONNULL_RETURN_VIOLATION")
     private @Nonnull String hashSecret(@Nonnull String secretValue) {
-        return BCrypt.hashpw(secretValue, BCrypt.gensalt(BCRYPT_LOG_ROUND, RANDOM));
+        String salt = BCrypt.gensalt(BCRYPT_LOG_ROUND, RANDOM);
+        return BCrypt.hashpw(secretValue, salt);
     }
     
     private @Nonnull String generatePrefix() {
@@ -239,8 +256,10 @@ public class ApiTokenStore {
     /**
      * Generate random 3-hex-character
      */
+    @SuppressFBWarnings("NP_NONNULL_RETURN_VIOLATION")
     private @Nonnull String generateRandomPrefix() {
         int prefixInteger = RANDOM.nextInt(4096);
+
         String prefixString = Integer.toHexString(prefixInteger);
         return StringUtils.leftPad(prefixString, 3, '0');
     }
@@ -289,11 +308,27 @@ public class ApiTokenStore {
     }
     
     private boolean searchMatchUsingPrefix(String prefix, String plainToken) {
+        String plainTokenCacheKey = HASH_CACHE.getCorrespondingCacheKey(plainToken);
+        String uuidFromCache = HASH_CACHE.getCachedUuid(plainTokenCacheKey);
+        if(uuidFromCache != null){
+            for (HashedToken token : tokenList) {
+                if (token.uuid.equals(uuidFromCache)) {
+                    LOGGER.log(Level.FINER, "Cache hit for prefix = ", prefix);
+                    token.incrementUse();
+                    HASH_CACHE.insertOrRefreshCache(plainTokenCacheKey, token.uuid);
+                    return true;
+                }
+            }
+        }
+        LOGGER.log(Level.FINER, "Cache miss for prefix = ", prefix);
+        
         Node<HashedToken> node = this.prefixToTokenList.get(prefix);
         while (node != null) {
             boolean matchFound = node.value.match(plainToken);
             if (matchFound) {
                 node.value.incrementUse();
+    
+                HASH_CACHE.insertOrRefreshCache(plainTokenCacheKey, node.value.uuid);
                 return true;
             } else {
                 node = node.next;
@@ -421,7 +456,10 @@ public class ApiTokenStore {
         public void rename(String newName) {
             this.name = newName;
         }
-        
+    
+        /**
+         * This operation should take some time (between 100ms and 1s)
+         */
         public boolean match(String plainToken) {
             return BCrypt.checkpw(plainToken, value.hash);
         }
@@ -466,4 +504,131 @@ public class ApiTokenStore {
             this.name = name;
         }
     }
+    
+    public static class HashCache {
+        /**
+         * A "session" duration, meaning we do not compute the long hash each time but use a weak hash instead after the first success
+         */
+        @SuppressFBWarnings(value = "MS_SHOULD_BE_FINAL", justification = "Accessible via System Groovy Scripts")
+        public static long HASH_CACHE_TIMEOUT_IN_MS =
+                SystemProperties.getLong(ApiTokenStore.class.getName() + ".hashCacheTimeout", (long)(5 * 60 * 1000));
+        
+        /**
+         * At minimum we compute the long hash every 30 minutes
+         */
+        @SuppressFBWarnings(value = "MS_SHOULD_BE_FINAL", justification = "Accessible via System Groovy Scripts")
+        public static long HASH_CACHE_MAX_LIVETIME_IN_MS =
+                SystemProperties.getLong(ApiTokenStore.class.getName() + ".hashCacheMaxLivetime", (long)(30 * 60 * 1000));
+    
+        @SuppressFBWarnings(value = "MS_SHOULD_BE_FINAL", justification = "Accessible via System Groovy Scripts")
+        public static boolean HASH_CACHE_DISABLED =
+                SystemProperties.getBoolean(ApiTokenStore.class.getName() + ".hashCacheDisabled", false);
+    
+        @SuppressFBWarnings(value = "MS_SHOULD_BE_FINAL", justification = "Accessible via System Groovy Scripts")
+        public static int HASH_CACHE_MIN_SIZE_FOR_CLEANUP =
+                SystemProperties.getInteger(ApiTokenStore.class.getName() + ".hashCacheMinSizeForCleanup", 20);
+    
+        private static final byte[] HASH_CACHE_SALT;
+        static {
+            // no requirement to keep it between restart since the cache is temporary
+            SecureRandom random = new SecureRandom();
+            HASH_CACHE_SALT = new byte[16];
+            random.nextBytes(HASH_CACHE_SALT);
+        }
+    
+        private static final String HASH_ALGORITHM = "SHA-256";
+        
+        private final Map<String, CacheEntry> cache = new HashMap<>();
+    
+        @SuppressFBWarnings("NP_NONNULL_RETURN_VIOLATION")
+        public @Nonnull String getCorrespondingCacheKey(String plainToken){
+            if(HASH_CACHE_DISABLED){
+                return "cache-disabled";
+            }
+            byte[] hashedTokenBytes = hashWithSalt(plainToken.getBytes(StandardCharsets.UTF_8));
+            return Base64.getEncoder().encodeToString(hashedTokenBytes);
+        }
+    
+        @SuppressFBWarnings("NP_NONNULL_RETURN_VIOLATION")
+        private @Nonnull byte[] hashWithSalt(byte[] tokenBytes){
+            MessageDigest digest;
+            try {
+                digest = MessageDigest.getInstance(HASH_ALGORITHM);
+            } catch (NoSuchAlgorithmException e) {
+                throw new AssertionError("There is no " + HASH_ALGORITHM + " available in this system");
+            }
+            digest.update(HASH_CACHE_SALT);
+            return digest.digest(tokenBytes);
+        }
+    
+        public synchronized @CheckForNull String getCachedUuid(String cacheKey){
+            if(HASH_CACHE_DISABLED){
+                return null;
+            }
+            
+            cleanup();
+            
+            if(cache.containsKey(cacheKey)){
+                CacheEntry entry = cache.get(cacheKey);
+                if(entry != null){
+                    if(entry.hasExpired()){
+                        cache.remove(cacheKey);
+                    }else{
+                        return entry.data;
+                    }
+                }
+            }
+
+            return null;
+        }
+    
+        private void cleanup(){
+            if(cache.size() < HASH_CACHE_MIN_SIZE_FOR_CLEANUP){
+                return;
+            }
+    
+            cache.entrySet().removeIf(entry -> entry.getValue().hasExpired());
+        }
+        
+        public synchronized void insertOrRefreshCache(String cacheKey, String uuid){
+            if(HASH_CACHE_DISABLED){
+                return;
+            }
+
+            CacheEntry entry = cache.get(cacheKey);
+            if(entry == null){
+                cache.put(cacheKey, new CacheEntry(uuid));
+            }else{
+                entry.touch();
+            }
+        }
+        
+        private static class CacheEntry {
+            LocalDateTime firstCheck;
+            LocalDateTime lastCheck;
+            String data;
+    
+            CacheEntry(String data){
+                this.data = data;
+                this.firstCheck = this.lastCheck = LocalDateTime.now();
+            }
+            
+            public void touch(){
+                this.lastCheck = LocalDateTime.now();
+            }
+            
+            public boolean hasExpired(){
+                LocalDateTime now = LocalDateTime.now();
+                if(now.isAfter(lastCheck.plus(HASH_CACHE_TIMEOUT_IN_MS, ChronoUnit.MILLIS))){
+                    // not recently used
+                    return true;
+                }
+                if(now.isAfter(firstCheck.plus(HASH_CACHE_MAX_LIVETIME_IN_MS, ChronoUnit.MILLIS))){
+                    // full check required after a certain time
+                    return true;
+                }
+                return false;
+            }
+        }
+    }
 }
-- 
GitLab


From a2377c747622b560eb6a0ee91e80c2507bf98511 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Mon, 29 Jan 2018 16:28:23 +0100
Subject: [PATCH 058/863] - fix for test

---
 .../jenkins/security/ApiTokenPropertyTest.java    | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
index 6b94e54322..77a3376121 100644
--- a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
+++ b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
@@ -14,6 +14,8 @@ import hudson.model.User;
 import hudson.security.ACL;
 import hudson.security.ACLContext;
 import java.net.URL;
+
+import hudson.util.Scrambler;
 import jenkins.model.Jenkins;
 import org.junit.Ignore;
 import org.junit.Rule;
@@ -107,6 +109,7 @@ public class ApiTokenPropertyTest {
     @Issue("SECURITY-200")
     @Test
     public void adminsShouldBeUnableToChangeTokensByDefault() throws Exception {
+        j.jenkins.setCrumbIssuer(null);
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         User foo = User.get("foo");
         User bar = User.get("bar");
@@ -131,16 +134,14 @@ public class ApiTokenPropertyTest {
     
     @Nonnull
     private WebClient createClientForUser(final String id) throws Exception {
-        User u = User.getById(id, false);
-        
-        //TODO to be fixed
-//        final ApiTokenProperty t = u.getProperty(ApiTokenProperty.class);
-//        // Yes, we use the insecure call in the test stuff
-//        final String token = t.getApiTokenInsecure();
+        User u = User.getById(id, true);
         
+        final ApiTokenProperty t = u.getProperty(ApiTokenProperty.class);
+        // Yes, we use the insecure call in the test stuff
+        final String token = t.getApiTokenInsecure();
         
         WebClient wc = j.createWebClient();
-//        wc.addRequestHeader("Authorization", "Basic " + Scrambler.scramble(id + ":" + token));
+        wc.addRequestHeader("Authorization", "Basic " + Scrambler.scramble(id + ":" + token));
         return wc;
     }
 
-- 
GitLab


From 5f0f9f2b87be0a2d2c1dfb34df59db117f9ea90f Mon Sep 17 00:00:00 2001
From: mike cirioli <mcirioli@cloudbees.com>
Date: Tue, 30 Jan 2018 09:31:15 -0500
Subject: [PATCH 059/863] [JENKINS-48463] added try-with-resources to
 XmlFileTest to ensure proper file handle cleanup in the event of failure

Fixed small nits regarding typo's and code cleanup
Added comment explaining why Xpp3 is still included as a dep
---
 core/pom.xml                                 | 10 +++++++---
 core/src/main/java/hudson/util/XStream2.java |  2 +-
 core/src/test/java/hudson/XmlFileTest.java   | 12 ++++--------
 test/src/test/java/hudson/XMLFileTest.java   | 10 ++++++----
 4 files changed, 18 insertions(+), 16 deletions(-)

diff --git a/core/pom.xml b/core/pom.xml
index 9c4faab34d..a0752203b3 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -246,15 +246,19 @@ THE SOFTWARE.
         </exclusion>
       </exclusions>
     </dependency>
+    <!--
+    still including the xpp3 driver to ensure backwards compatibilty
+    for other plugins that may be depending on it
+    -->
     <dependency>
       <groupId>xpp3</groupId>
       <artifactId>xpp3</artifactId>
       <version>1.1.4c</version>
     </dependency>
     <dependency>
-        <groupId>net.sf.kxml</groupId>
-        <artifactId>kxml2</artifactId>
-        <version>2.3.0</version>
+      <groupId>net.sf.kxml</groupId>
+      <artifactId>kxml2</artifactId>
+      <version>2.3.0</version>
     </dependency>
     <dependency>
       <groupId>jfree</groupId>
diff --git a/core/src/main/java/hudson/util/XStream2.java b/core/src/main/java/hudson/util/XStream2.java
index 13d0b359c9..4f90342ea9 100644
--- a/core/src/main/java/hudson/util/XStream2.java
+++ b/core/src/main/java/hudson/util/XStream2.java
@@ -99,7 +99,7 @@ public class XStream2 extends XStream {
     private MapperInjectionPoint mapperInjectionPoint;
 
     /**
-     * Convinience method so we only have to change the driver in one place
+     * Convenience method so we only have to change the driver in one place
      * if we switch to something new in the future
      *
      * @return a new instance of the HierarchicalStreamDriver we want to use
diff --git a/core/src/test/java/hudson/XmlFileTest.java b/core/src/test/java/hudson/XmlFileTest.java
index f4c3c42e02..69c85a93f7 100644
--- a/core/src/test/java/hudson/XmlFileTest.java
+++ b/core/src/test/java/hudson/XmlFileTest.java
@@ -20,11 +20,10 @@ public class XmlFileTest {
     @Test
     public void canReadXml1_0Test() throws IOException {
         URL configUrl = getClass().getResource("/hudson/config_1_0.xml");
-        File configFile = new File(configUrl.getFile());
         XStream2  xs = new XStream2();
         xs.alias("hudson", Jenkins.class);
 
-        XmlFile xmlFile =  new XmlFile(xs, configFile);
+        XmlFile xmlFile =  new XmlFile(xs, new File(configUrl.getFile()));
         if (xmlFile.exists()) {
             Node n = (Node) xmlFile.read();
             assertThat(n.getNumExecutors(), is(2));
@@ -38,11 +37,10 @@ public class XmlFileTest {
     @Test(expected = SAXParseException.class)
     public void xml1_0_withSpecialCharsShouldFail() throws IOException {
         URL configUrl = getClass().getResource("/hudson/config_1_0_with_special_chars.xml");
-        File configFile = new File(configUrl.getFile());
         XStream2  xs = new XStream2();
         xs.alias("hudson", Jenkins.class);
 
-        XmlFile xmlFile =  new XmlFile(xs, configFile);
+        XmlFile xmlFile =  new XmlFile(xs, new File(configUrl.getFile()));
         if (xmlFile.exists()) {
             Node n = (Node) xmlFile.read();
             assertThat(n.getNumExecutors(), is(2));
@@ -53,11 +51,10 @@ public class XmlFileTest {
     @Test
     public void canReadXml1_1Test() throws IOException {
         URL configUrl = getClass().getResource("/hudson/config_1_1.xml");
-        File configFile = new File(configUrl.getFile());
         XStream2  xs = new XStream2();
         xs.alias("hudson", Jenkins.class);
 
-        XmlFile xmlFile =  new XmlFile(xs, configFile);
+        XmlFile xmlFile =  new XmlFile(xs, new File(configUrl.getFile()));
         if (xmlFile.exists()) {
             Node n = (Node) xmlFile.read();
             assertThat(n.getNumExecutors(), is(2));
@@ -68,11 +65,10 @@ public class XmlFileTest {
     @Test
     public void canReadXmlWithControlCharsTest() throws IOException {
         URL configUrl = getClass().getResource("/hudson/config_1_1_with_special_chars.xml");
-        File configFile = new File(configUrl.getFile());
         XStream2  xs = new XStream2();
         xs.alias("hudson", Jenkins.class);
 
-        XmlFile xmlFile =  new XmlFile(xs, configFile);
+        XmlFile xmlFile =  new XmlFile(xs, new File(configUrl.getFile()));
         if (xmlFile.exists()) {
             Node n = (Node) xmlFile.read();
             assertThat(n.getNumExecutors(), is(2));
diff --git a/test/src/test/java/hudson/XMLFileTest.java b/test/src/test/java/hudson/XMLFileTest.java
index b384ee7dfb..1b3a9ff3ea 100644
--- a/test/src/test/java/hudson/XMLFileTest.java
+++ b/test/src/test/java/hudson/XMLFileTest.java
@@ -36,10 +36,12 @@ public class XMLFileTest {
         // verify that we did indeed load our test config.xml
         assertThat(j.jenkins.getLabelString(), is("I am a label"));
         //verify that the persisted top level config.xml is v1.1
-        File configFile = new File(j.jenkins.getRootPath().getRemote() + File.separator + "config.xml");
+        File configFile = new File(j.jenkins.getRootDir(), "config.xml");
         assertThat(configFile.exists(), is(true));
-        BufferedReader config = new BufferedReader(new FileReader(configFile));
-        assertThat(config.readLine(), is("<?xml version='1.1' encoding='UTF-8'?>"));
-        config.close();
+
+        try (BufferedReader config = new BufferedReader(new FileReader(configFile))) {
+            assertThat(config.readLine(), is("<?xml version='1.1' encoding='UTF-8'?>"));
+            config.close();
+        }
     }
 }
-- 
GitLab


From 2eda7816e8007851ced3d618cd0fe42c78a486e2 Mon Sep 17 00:00:00 2001
From: Kseniia Nenasheva <ks.nenasheva@gmail.com>
Date: Tue, 30 Jan 2018 17:33:53 +0100
Subject: [PATCH 060/863] [JENKINS-47793] - Jenkins master and agent
 configuration pages do not verify negative executor numbers (#3141)

* Fixed Regexps for number & positive-number

* Progress saving

* Fix for validation

* bug fixing

* bug fixing

* Address comments

* Address comments

* Address comments from @jglick

* Whitespace cleanup

* Address comment for @jglick
---
 core/src/main/java/hudson/model/Computer.java        |  5 +++++
 core/src/main/java/jenkins/model/Jenkins.java        | 12 +++++++++++-
 .../java/jenkins/model/MasterBuildConfiguration.java |  5 +++++
 .../model/Jenkins/MasterComputer/configure.jelly     |  2 +-
 .../model/MasterBuildConfiguration/config.groovy     |  2 +-
 .../main/resources/jenkins/model/Messages.properties |  1 +
 war/src/main/webapp/scripts/hudson-behavior.js       |  7 +++++--
 7 files changed, 29 insertions(+), 5 deletions(-)

diff --git a/core/src/main/java/hudson/model/Computer.java b/core/src/main/java/hudson/model/Computer.java
index 43fa2d31d7..dff02c5ab1 100644
--- a/core/src/main/java/hudson/model/Computer.java
+++ b/core/src/main/java/hudson/model/Computer.java
@@ -1472,6 +1472,11 @@ public /*transient*/ abstract class Computer extends Actionable implements Acces
             throw new FormException(Messages.ComputerSet_SlaveAlreadyExists(proposedName), "name");
         }
 
+        String nExecutors = req.getSubmittedForm().getString("numExecutors");
+        if (Integer.parseInt(nExecutors)<=0) {
+            throw new FormException(Messages.Slave_InvalidConfig_Executors(nodeName), "numExecutors");
+        }
+
         Node result = node.reconfigure(req, req.getSubmittedForm());
         Jenkins.getInstance().getNodesObject().replaceNode(this.getNode(), result);
 
diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index 01951e03f9..15a4edce00 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -290,6 +290,7 @@ import static hudson.init.InitMilestone.*;
 import hudson.init.Initializer;
 import hudson.util.LogTaskListener;
 import static java.util.logging.Level.*;
+import javax.annotation.Nonnegative;
 import static javax.servlet.http.HttpServletResponse.*;
 import org.kohsuke.stapler.WebMethod;
 
@@ -2713,7 +2714,16 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
         return initLevel;
     }
 
-    public void setNumExecutors(int n) throws IOException {
+    /**
+     * Sets a number of executors.
+     * @param n Number of executors
+     * @throws IOException Failed to save the configuration
+     * @throws IllegalArgumentException Negative value has been passed
+     */
+    public void setNumExecutors(@Nonnegative int n) throws IOException, IllegalArgumentException {
+        if (n < 0) {
+            throw new IllegalArgumentException("Incorrect field \"# of executors\": " + n +". It should be a non-negative number.");
+        }
         if (this.numExecutors != n) {
             this.numExecutors = n;
             updateComputerList();
diff --git a/core/src/main/java/jenkins/model/MasterBuildConfiguration.java b/core/src/main/java/jenkins/model/MasterBuildConfiguration.java
index 6ae797adf2..3bc348419c 100644
--- a/core/src/main/java/jenkins/model/MasterBuildConfiguration.java
+++ b/core/src/main/java/jenkins/model/MasterBuildConfiguration.java
@@ -51,6 +51,11 @@ public class MasterBuildConfiguration extends GlobalConfiguration {
         Jenkins j = Jenkins.getInstance();
         try {
             // for compatibility reasons, this value is stored in Jenkins
+            String num = json.getString("numExecutors");
+            if (!num.matches("\\d+")) {
+                throw new FormException(Messages.Hudson_Computer_IncorrectNumberOfExecutors(),"numExecutors");
+            }
+            
             j.setNumExecutors(json.getInt("numExecutors"));
             if (req.hasParameter("master.mode"))
                 j.setMode(Mode.valueOf(req.getParameter("master.mode")));
diff --git a/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/configure.jelly b/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/configure.jelly
index 19ad03f335..e06cc9a7a9 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/configure.jelly
+++ b/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/configure.jelly
@@ -42,7 +42,7 @@ THE SOFTWARE.
         -->
 
         <f:entry title="${%# of executors}" field="numExecutors">
-          <f:number clazz="positive-number" min="0" step="1"/>
+          <f:number clazz="non-negative-number" min="0" step="1"/>
         </f:entry>
 
         <f:entry title="${%Labels}" field="labelString">
diff --git a/core/src/main/resources/jenkins/model/MasterBuildConfiguration/config.groovy b/core/src/main/resources/jenkins/model/MasterBuildConfiguration/config.groovy
index 8b13c1ab11..f645dcbc41 100644
--- a/core/src/main/resources/jenkins/model/MasterBuildConfiguration/config.groovy
+++ b/core/src/main/resources/jenkins/model/MasterBuildConfiguration/config.groovy
@@ -3,7 +3,7 @@ package jenkins.model.MasterBuildConfiguration
 def f=namespace(lib.FormTagLib)
 
 f.entry(title:_("# of executors"), field:"numExecutors") {
-    f.number(clazz:"number", min:0, step:1)
+    f.number(clazz:"non-negative-number", min:0, step:1)
 }
 f.entry(title:_("Labels"),field:"labelString") {
     f.textbox()
diff --git a/core/src/main/resources/jenkins/model/Messages.properties b/core/src/main/resources/jenkins/model/Messages.properties
index adf5c9da94..f7d11a855f 100644
--- a/core/src/main/resources/jenkins/model/Messages.properties
+++ b/core/src/main/resources/jenkins/model/Messages.properties
@@ -26,6 +26,7 @@
 Hudson.BadPortNumber=Bad port number {0}
 Hudson.Computer.Caption=Master
 Hudson.Computer.DisplayName=master
+Hudson.Computer.IncorrectNumberOfExecutors=Incorrect field "# of executors". It should be a non-negative number.
 Hudson.ControlCodeNotAllowed=No control code is allowed: {0}
 Hudson.DisplayName=Jenkins
 Hudson.JobAlreadyExists=A job already exists with the name \u2018{0}\u2019
diff --git a/war/src/main/webapp/scripts/hudson-behavior.js b/war/src/main/webapp/scripts/hudson-behavior.js
index d8989d5dea..01c1b21861 100644
--- a/war/src/main/webapp/scripts/hudson-behavior.js
+++ b/war/src/main/webapp/scripts/hudson-behavior.js
@@ -694,9 +694,12 @@ var jenkinsRules = {
     "INPUT.required" : function(e) { registerRegexpValidator(e,/./,"Field is required"); },
 
 // validate form values to be an integer
-    "INPUT.number" : function(e) { registerRegexpValidator(e,/^(\d+|)$/,"Not an integer"); },
+    "INPUT.number" : function(e) { registerRegexpValidator(e,/^\-?(\d+)$/,"Not an integer"); },
+    "INPUT.non-negative-number" : function(e) {
+        registerRegexpValidator(e,/^\d+$/,"Not a non-negative number");
+    },
     "INPUT.positive-number" : function(e) {
-        registerRegexpValidator(e,/^(\d*[1-9]\d*|)$/,"Not a positive integer");
+        registerRegexpValidator(e,/^[1-9]\d*$/,"Not a positive integer");
     },
 
     "INPUT.auto-complete": function(e) {// form field with auto-completion support 
-- 
GitLab


From 2d16b459205730d85e51499c2457109b234ca9d9 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Tue, 30 Jan 2018 12:15:48 -0500
Subject: [PATCH 061/863] [SECURITY-506] Require admin permission to validate
 proxy config.

---
 core/src/main/java/hudson/ProxyConfiguration.java | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/core/src/main/java/hudson/ProxyConfiguration.java b/core/src/main/java/hudson/ProxyConfiguration.java
index 7c2809c53f..408d5e9c4f 100644
--- a/core/src/main/java/hudson/ProxyConfiguration.java
+++ b/core/src/main/java/hudson/ProxyConfiguration.java
@@ -341,6 +341,8 @@ public final class ProxyConfiguration extends AbstractDescribableImpl<ProxyConfi
                 @QueryParameter("userName") String userName, @QueryParameter("password") String password,
                 @QueryParameter("noProxyHost") String noProxyHost) {
 
+            Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
+
             if (Util.fixEmptyAndTrim(testUrl) == null) {
                 return FormValidation.error(Messages.ProxyConfiguration_TestUrlRequired());
             }
-- 
GitLab


From eb03a42078f29dbed3742b8740c95e02890e4545 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Tue, 30 Jan 2018 12:16:42 -0500
Subject: [PATCH 062/863] [SECURITY-705] Path traversal vulnerability in
 Plugin.doDynamic.

---
 core/src/main/java/hudson/Plugin.java     | 23 ++++++++++-------------
 test/src/test/java/hudson/PluginTest.java | 15 ++++++++++-----
 2 files changed, 20 insertions(+), 18 deletions(-)

diff --git a/core/src/main/java/hudson/Plugin.java b/core/src/main/java/hudson/Plugin.java
index bfe8e0fbe4..b955a6d3ad 100644
--- a/core/src/main/java/hudson/Plugin.java
+++ b/core/src/main/java/hudson/Plugin.java
@@ -35,6 +35,7 @@ import org.kohsuke.stapler.StaplerResponse;
 
 import javax.servlet.ServletContext;
 import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.io.File;
 
@@ -42,10 +43,9 @@ import net.sf.json.JSONObject;
 import com.thoughtworks.xstream.XStream;
 import hudson.init.Initializer;
 import hudson.init.Terminator;
-import java.net.URI;
-import java.net.URISyntaxException;
+import java.net.URL;
+import java.util.logging.Logger;
 import jenkins.model.GlobalConfiguration;
-import org.kohsuke.stapler.HttpResponses;
 
 /**
  * Base class of Hudson plugin.
@@ -81,6 +81,8 @@ import org.kohsuke.stapler.HttpResponses;
  */
 public abstract class Plugin implements Saveable {
 
+    private static final Logger LOGGER = Logger.getLogger(Plugin.class.getName());
+
     /**
      * You do not need to create custom subtypes:
      * <ul>
@@ -224,13 +226,12 @@ public abstract class Plugin implements Saveable {
     public void doDynamic(StaplerRequest req, StaplerResponse rsp) throws IOException, ServletException {
         String path = req.getRestOfPath();
 
-        if (path.startsWith("/META-INF/") || path.startsWith("/WEB-INF/")) {
-            throw HttpResponses.notFound();
+        if (path.isEmpty() || path.contains("..") || path.contains("%") || path.contains("META-INF") || path.contains("WEB-INF")) {
+            LOGGER.warning("rejecting possibly malicious " + req.getRequestURIWithQueryString());
+            rsp.sendError(HttpServletResponse.SC_BAD_REQUEST);
+            return;
         }
 
-        if(path.length()==0)
-            path = "/";
-
         // Stapler routes requests like the "/static/.../foo/bar/zot" to be treated like "/foo/bar/zot"
         // and this is used to serve long expiration header, by using Jenkins.VERSION_HASH as "..."
         // to create unique URLs. Recognize that and set a long expiration header.
@@ -240,11 +241,7 @@ public abstract class Plugin implements Saveable {
         long expires = staticLink ? TimeUnit2.DAYS.toMillis(365) : -1;
 
         // use serveLocalizedFile to support automatic locale selection
-        try {
-            rsp.serveLocalizedFile(req, wrapper.baseResourceURL.toURI().resolve(new URI(null, '.' + path, null)).toURL(), expires);
-        } catch (URISyntaxException x) {
-            throw new IOException(x);
-        }
+        rsp.serveLocalizedFile(req, new URL(wrapper.baseResourceURL, '.' + path), expires);
     }
 
 //
diff --git a/test/src/test/java/hudson/PluginTest.java b/test/src/test/java/hudson/PluginTest.java
index 19cd52bac7..dd7026406b 100644
--- a/test/src/test/java/hudson/PluginTest.java
+++ b/test/src/test/java/hudson/PluginTest.java
@@ -34,18 +34,23 @@ public class PluginTest {
 
     @Rule public JenkinsRule r = new JenkinsRule();
 
-    @Issue({"SECURITY-131", "SECURITY-155"})
+    @Issue({"SECURITY-131", "SECURITY-155", "SECURITY-705"})
     @Test public void doDynamic() throws Exception {
         r.createWebClient().goTo("plugin/credentials/images/24x24/credentials.png", "image/png");
         /* Collapsed somewhere before it winds up in restOfPath:
         r.createWebClient().assertFails("plugin/credentials/images/../images/24x24/credentials.png", HttpServletResponse.SC_BAD_REQUEST);
         */
         r.createWebClient().assertFails("plugin/credentials/images/%2E%2E/images/24x24/credentials.png", HttpServletResponse.SC_INTERNAL_SERVER_ERROR); // IAE from TokenList.<init>
-        r.createWebClient().assertFails("plugin/credentials/images/%252E%252E/images/24x24/credentials.png", HttpServletResponse.SC_NOT_FOUND); // SECURITY-131
-        r.createWebClient().assertFails("plugin/credentials/images/%25252E%25252E/images/24x24/credentials.png", HttpServletResponse.SC_NOT_FOUND); // just checking
+        r.createWebClient().assertFails("plugin/credentials/images/%252E%252E/images/24x24/credentials.png", HttpServletResponse.SC_BAD_REQUEST); // SECURITY-131
+        r.createWebClient().assertFails("plugin/credentials/images/%25252E%25252E/images/24x24/credentials.png", HttpServletResponse.SC_BAD_REQUEST); // just checking
+        // SECURITY-705:
+        r.createWebClient().assertFails("plugin/credentials/images/..%2fWEB-INF/licenses.xml", HttpServletResponse.SC_BAD_REQUEST);
+        r.createWebClient().assertFails("plugin/credentials/images/%2e%2e%2fWEB-INF/licenses.xml", HttpServletResponse.SC_BAD_REQUEST);
+        r.createWebClient().assertFails("plugin/credentials/images/%2e.%2fWEB-INF/licenses.xml", HttpServletResponse.SC_BAD_REQUEST);
+        r.createWebClient().assertFails("plugin/credentials/images/..%2f..%2f..%2f" + r.jenkins.getRootDir().getName() + "%2fsecrets%2fmaster.key", HttpServletResponse.SC_BAD_REQUEST);
         // SECURITY-155:
-        r.createWebClient().assertFails("plugin/credentials/WEB-INF/licenses.xml", HttpServletResponse.SC_NOT_FOUND);
-        r.createWebClient().assertFails("plugin/credentials/META-INF/MANIFEST.MF", HttpServletResponse.SC_NOT_FOUND);
+        r.createWebClient().assertFails("plugin/credentials/WEB-INF/licenses.xml", HttpServletResponse.SC_BAD_REQUEST);
+        r.createWebClient().assertFails("plugin/credentials/META-INF/MANIFEST.MF", HttpServletResponse.SC_BAD_REQUEST);
     }
 
 }
-- 
GitLab


From 38249b561b61564830dcfe937351e54d53f5d394 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Tue, 30 Jan 2018 12:18:09 -0500
Subject: [PATCH 063/863] [SECURITY-624] Stored XSS vulnerability in tool
 names.

---
 core/src/main/resources/lib/form/option.jelly |   2 +-
 test/src/test/java/lib/form/OptionTest.java   | 393 ++++++++++++++++++
 .../OptionTest/UsingGroovyView/index.groovy   |  64 +++
 .../OptionTest/UsingJellyView/index.jelly     |  61 +++
 4 files changed, 519 insertions(+), 1 deletion(-)
 create mode 100644 test/src/test/java/lib/form/OptionTest.java
 create mode 100644 test/src/test/resources/lib/form/OptionTest/UsingGroovyView/index.groovy
 create mode 100644 test/src/test/resources/lib/form/OptionTest/UsingJellyView/index.jelly

diff --git a/core/src/main/resources/lib/form/option.jelly b/core/src/main/resources/lib/form/option.jelly
index ef6e7d9155..a5c779da29 100644
--- a/core/src/main/resources/lib/form/option.jelly
+++ b/core/src/main/resources/lib/form/option.jelly
@@ -39,5 +39,5 @@ THE SOFTWARE.
   <!-- No escape/encode to avoid double-encoding if used in value attribute below -->
   <j:set var="optionBody" encode="false"><d:invokeBody escapeText="false"/></j:set>
   <option value="${attrs.value!=null?attrs.value:h.xmlUnescape(optionBody)}"
-          selected="${attrs.selected?'true':null}"><j:out value="${optionBody}"/></option>
+          selected="${attrs.selected?'true':null}">${h.xmlUnescape(optionBody)}</option>
 </j:jelly>
diff --git a/test/src/test/java/lib/form/OptionTest.java b/test/src/test/java/lib/form/OptionTest.java
new file mode 100644
index 0000000000..9e126376eb
--- /dev/null
+++ b/test/src/test/java/lib/form/OptionTest.java
@@ -0,0 +1,393 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2017, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package lib.form;
+
+import com.gargoylesoftware.htmlunit.html.DomElement;
+import com.gargoylesoftware.htmlunit.html.DomNodeList;
+import com.gargoylesoftware.htmlunit.html.HtmlElement;
+import com.gargoylesoftware.htmlunit.html.HtmlOption;
+import com.gargoylesoftware.htmlunit.html.HtmlPage;
+import hudson.model.RootAction;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.TestExtension;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotEquals;
+import static org.junit.Assert.assertTrue;
+
+/**
+ * Tests for lib/form/option.jelly
+ */
+public class OptionTest {
+    private static final int MODE_JELLY_REGULAR = 0;
+    private static final int MODE_JELLY_FORCE_RAW = 1;
+
+    private static final int MODE_GROOVY_REGULAR = 0;
+    private static final int MODE_GROOVY_TEXT = 1;
+
+    private static final int MODE_XML_ESCAPE = 2;
+    private static final int MODE_NATIVE_OPTION = 3;
+
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+
+    @Test
+    @Issue("SECURITY-624")
+    public void optionsAreCorrectlyEscaped() throws Exception {
+        checkNonDangerousOutputCorrect_simple();
+        checkNonDangerousOutputCorrect_advanced();
+        checkDangerousOutputNotActive();
+    }
+
+    private void checkNonDangerousOutputCorrect_simple() throws Exception {
+        String simpleText = "Simple text";
+        benchOfTest_acceptEscapedCharacters(simpleText, simpleText);
+    }
+
+    private void checkNonDangerousOutputCorrect_advanced() throws Exception {
+        String advancedText = "Markdown -> HTML & XHTML even with \"'_/$\\< characters";
+
+        // all those variants are displayed normally to the user since the escaping is un-escaped by the browser
+        // for display purpose (and only for display, not executing)
+        String escapeForValue = escapeForValue(advancedText);
+        String escapeForBody = escapeForBody(advancedText);
+        String escapeForBody_alternate = escapeForBody_alternate(advancedText);
+
+        // those variants are ugly for the user since they have some escaped visible characters
+        // they are produced by too much escaping done manually
+        // those tests are provided to ensure the security,
+        // normally they are not used since they are displaying the value in a ugly way
+        // => Markdown -&amp;gt; HTML &amp;amp; XHTML even with &quot;'_/$\&amp;lt; characters
+        String escapeForBody_uglyButSafe = escapeForBody_uglyButSafe(advancedText);
+        // => Markdown -&amp;gt; HTML &amp;amp; XHTML even with "'_/$\&amp;lt; characters
+        String escapeForValue_uglyButSafe = escapeForValue_uglyButSafe(advancedText);
+
+        { // lenient mode
+            checkJelly(MODE_JELLY_REGULAR, advancedText, advancedText, false);
+            checkGroovy(MODE_GROOVY_TEXT, advancedText, advancedText, false);
+            checkGroovy(MODE_XML_ESCAPE, advancedText, advancedText, false);
+
+            checkJelly(MODE_NATIVE_OPTION, advancedText, advancedText, advancedText, false, true, false);
+            checkGroovy(MODE_NATIVE_OPTION, advancedText, advancedText, advancedText, false, true, false);
+
+            // those ones were vulnerable before the patch, you can test that by undoing the changes
+            checkJelly(MODE_JELLY_FORCE_RAW, advancedText, advancedText, false);
+            checkGroovy(MODE_GROOVY_REGULAR, advancedText, advancedText, false);
+
+            // those ones are ugly and the display value is a string with escape characters.
+            checkJelly(MODE_XML_ESCAPE, advancedText, escapeForBody_alternate, advancedText, false, true, false);
+            checkJelly(MODE_XML_ESCAPE, advancedText, escapeForBody_alternate, escapeForBody_alternate, false, false, true);
+        }
+
+        { // in strict mode, we need to provide the exact characters that are expected
+            checkJelly(MODE_JELLY_REGULAR, advancedText, escapeForBody, escapeForValue, true);
+            checkGroovy(MODE_GROOVY_TEXT, advancedText, escapeForBody, escapeForValue, true);
+            checkJelly(MODE_NATIVE_OPTION, advancedText, escapeForBody, escapeForValue, true, true, false);
+            checkGroovy(MODE_XML_ESCAPE, advancedText, escapeForBody, escapeForValue, true);
+            checkGroovy(MODE_NATIVE_OPTION, advancedText, escapeForBody_alternate, escapeForValue, true, true, false);
+
+            // those ones were vulnerable before the patch, you can test that by undoing the changes
+            checkJelly(MODE_JELLY_FORCE_RAW, advancedText, escapeForBody, escapeForValue, true);
+            checkGroovy(MODE_GROOVY_REGULAR, advancedText, escapeForBody, escapeForValue, true);
+
+            // ugly display, was already the case, just shown here to be sure of the safety
+            checkJelly(MODE_XML_ESCAPE, advancedText, escapeForBody_uglyButSafe, escapeForValue, true, true, false);
+            checkJelly(MODE_XML_ESCAPE, advancedText, escapeForBody_uglyButSafe, escapeForValue_uglyButSafe, true, false, true);
+        }
+    }
+
+    private String escapeForBody(String str){
+        return str
+                .replace("&", "&amp;")
+                .replace("<", "&lt;")
+                ;
+    }
+
+    private String escapeForBody_alternate(String str){
+        return str
+                .replace("&", "&amp;")
+                .replace("<", "&lt;")
+                .replace(">", "&gt;")
+                ;
+    }
+
+
+
+    private String escapeForValue(String str){
+        return str
+                .replace("&", "&amp;")
+                .replace("<", "&lt;")
+                .replace(">", "&gt;")
+                .replace("\"", "&quot;")
+                ;
+    }
+
+    private String escapeForBody_uglyButSafe(String str){
+        return str
+                .replace("&", "&amp;")
+                .replace("<", "&lt;")
+                .replace(">", "&gt;")
+                // double escaping, make the text ugly but it was exactly the same case before
+                // when we are using too much escaping (manual h.xmlEscape on the body)
+                .replace("&", "&amp;")
+                ;
+    }
+
+    private String escapeForValue_uglyButSafe(String str){
+        return str
+                .replace("&", "&amp;")
+                .replace("<", "&lt;")
+                .replace(">", "&gt;")
+                // double escaping, make the text ugly but it was exactly the same case before
+                // when we are using too much escaping (manual h.xmlEscape on the body)
+                .replace("&", "&amp;")
+                // html attribute escaping done after the double escaping
+                .replace("\"", "&quot;")
+                ;
+    }
+
+    private void checkDangerousOutputNotActive() throws Exception {
+        // this javascript simply replace the whole document by "hacked" and so the "FLAG" will not be present
+        // but it will not be executed (thanks to the escaping)
+        benchOfTest_strictContains(
+                "<script>function hack(){document.writeln('hacked');};document.addEventListener('DOMContentLoaded', hack, false);</script>_FLAG",
+                "FLAG"
+        );
+    }
+
+    private void benchOfTest_strictContains(String msg, String containsExpected) throws Exception {
+        _benchOfTest(msg, containsExpected, true);
+    }
+
+    private void benchOfTest_acceptEscapedCharacters(String msg, String containsExpected) throws Exception {
+        _benchOfTest(msg, containsExpected, false);
+    }
+
+    private void _benchOfTest(String msg, String containsExpected, boolean checkExactCharacters) throws Exception {
+        checkJelly(MODE_JELLY_REGULAR, msg, containsExpected, checkExactCharacters);
+        checkGroovy(MODE_GROOVY_TEXT, msg, containsExpected, checkExactCharacters);
+
+        checkJelly(MODE_XML_ESCAPE, msg, containsExpected, checkExactCharacters);
+        checkJelly(MODE_NATIVE_OPTION, msg, containsExpected, containsExpected, checkExactCharacters, true, false);
+        checkGroovy(MODE_XML_ESCAPE, msg, containsExpected, checkExactCharacters);
+        checkGroovy(MODE_NATIVE_OPTION, msg, containsExpected, containsExpected, checkExactCharacters, true, false);
+
+        // those ones were vulnerable before the patch, you can test that by undoing the changes
+        checkJelly(MODE_JELLY_FORCE_RAW, msg, containsExpected, checkExactCharacters);
+        checkGroovy(MODE_GROOVY_REGULAR, msg, containsExpected, checkExactCharacters);
+    }
+
+    private void checkJelly(int mode, String msgToInject, String bothContainsExpected, boolean checkExactCharacters) throws Exception {
+        checkJelly(mode, msgToInject, bothContainsExpected, bothContainsExpected, checkExactCharacters);
+    }
+
+    private void checkJelly(int mode, String msgToInject,
+                            String bodyContainsExpected, String valueContainsExpected,
+                            boolean checkExactCharacters) throws Exception {
+        checkJelly(mode, msgToInject, bodyContainsExpected, valueContainsExpected, checkExactCharacters, true, true);
+    }
+
+    private void checkJelly(int mode, String msgToInject,
+                            String bodyContainsExpected, String valueContainsExpected,
+                            boolean checkExactCharacters,
+                            boolean withValueTrue, boolean withValueFalse) throws Exception {
+        UsingJellyView view = j.jenkins.getExtensionList(UsingJellyView.class).get(0);
+        view.setMode(mode);
+        view.setInjection(msgToInject);
+
+        if(withValueTrue){
+            view.setWithValue(true);
+            callPageAndCheckIfResultContainsExpected("usingJelly", bodyContainsExpected, valueContainsExpected, checkExactCharacters);
+        }
+        if(withValueFalse){
+            view.setWithValue(false);
+            callPageAndCheckIfResultContainsExpected("usingJelly", bodyContainsExpected, valueContainsExpected, checkExactCharacters);
+        }
+    }
+
+    private void checkGroovy(int mode, String msgToInject, String bothContainsExpected, boolean checkExactCharacters) throws Exception {
+        checkGroovy(mode, msgToInject, bothContainsExpected, bothContainsExpected, checkExactCharacters);
+    }
+
+    private void checkGroovy(int mode, String msgToInject, String bodyContainsExpected, String valueContainsExpected, boolean checkExactCharacters) throws Exception {
+        checkGroovy(mode, msgToInject, bodyContainsExpected, valueContainsExpected, checkExactCharacters, true, true);
+    }
+
+    private void checkGroovy(int mode, String msgToInject,
+                             String bodyContainsExpected, String valueContainsExpected,
+                             boolean checkExactCharacters,
+                             boolean withValueTrue, boolean withValueFalse) throws Exception {
+        UsingGroovyView view = j.jenkins.getExtensionList(UsingGroovyView.class).get(0);
+        view.setMode(mode);
+        view.setInjection(msgToInject);
+
+        if(withValueTrue){
+            view.setWithValue(true);
+            callPageAndCheckIfResultContainsExpected("usingGroovy", bodyContainsExpected, valueContainsExpected, checkExactCharacters);
+        }
+        if(withValueFalse){
+            view.setWithValue(false);
+            callPageAndCheckIfResultContainsExpected("usingGroovy", bodyContainsExpected, valueContainsExpected, checkExactCharacters);
+        }
+    }
+
+    private void callPageAndCheckIfResultContainsExpected(String url, String bodyContainsExpected, String valueContainsExpected, boolean checkExactCharacters) throws Exception {
+        HtmlPage page = (HtmlPage) j.createWebClient().goTo(url, null);
+        String responseContent = page.getWebResponse().getContentAsString();
+
+        if(checkExactCharacters){
+            // in this mode, we check the data directly received by the response,
+            // without any un-escaping done by HtmlElement
+
+            // first value shown as value
+            int indexOfValue = responseContent.indexOf(valueContainsExpected);
+            assertTrue(indexOfValue != -1);
+
+            // second as body
+            int indexOfBody = responseContent.indexOf(bodyContainsExpected, indexOfValue + 1);
+
+            assertTrue(indexOfBody != -1);
+
+            // also check there is no "<script>" present in the answer
+            int indexOfScript = responseContent.indexOf("<script>");
+            assertEquals(-1, indexOfScript);
+        }else{
+            // in this mode, we check the content as displayed to the user, converting all the escaped characters to
+            // their un-escaped equivalent, done by com.gargoylesoftware.htmlunit.html.HtmlSerializer#cleanUp(String)
+
+            HtmlElement document = page.getDocumentElement();
+            DomNodeList<HtmlElement> elements = document.getElementsByTagName("option");
+            assertEquals(1, elements.size());
+
+            HtmlOption option = (HtmlOption) elements.get(0);
+
+            // without that check, the getValueAttribute could return getText if the value is not present
+            assertNotEquals(DomElement.ATTRIBUTE_NOT_DEFINED, option.getAttribute("value"));
+
+            assertTrue(
+                    "Value attribute does not contain the expected value",
+                    option.getValueAttribute().contains(valueContainsExpected)
+            );
+            assertTrue(
+                    "Body content of the option does not contain the expected value",
+                    option.getText().contains(bodyContainsExpected)
+            );
+        }
+    }
+
+    @TestExtension("optionsAreCorrectlyEscaped")
+    public static class UsingJellyView implements RootAction {
+        private String injection;
+        private int mode;
+        private boolean withValue;
+
+        public String getInjection() {
+            return injection;
+        }
+
+        public void setInjection(String injection) {
+            this.injection = injection;
+        }
+
+        public int getMode() {
+            return mode;
+        }
+
+        public void setMode(int mode) {
+            this.mode = mode;
+        }
+
+        public boolean isWithValue() {
+            return withValue;
+        }
+
+        public void setWithValue(boolean withValue) {
+            this.withValue = withValue;
+        }
+
+        @Override
+        public String getIconFileName() {
+            return null;
+        }
+
+        @Override
+        public String getDisplayName() {
+            return null;
+        }
+
+        @Override
+        public String getUrlName() {
+            return "usingJelly";
+        }
+    }
+
+    @TestExtension("optionsAreCorrectlyEscaped")
+    public static class UsingGroovyView implements RootAction {
+        private String injection;
+        private int mode;
+        private boolean withValue;
+
+        public String getInjection() {
+            return injection;
+        }
+
+        public void setInjection(String injection) {
+            this.injection = injection;
+        }
+
+        public int getMode() {
+            return mode;
+        }
+
+        public void setMode(int mode) {
+            this.mode = mode;
+        }
+
+        public boolean isWithValue() {
+            return withValue;
+        }
+
+        public void setWithValue(boolean withValue) {
+            this.withValue = withValue;
+        }
+
+        @Override
+        public String getIconFileName() {
+            return null;
+        }
+
+        @Override
+        public String getDisplayName() {
+            return null;
+        }
+
+        @Override
+        public String getUrlName() {
+            return "usingGroovy";
+        }
+    }
+}
diff --git a/test/src/test/resources/lib/form/OptionTest/UsingGroovyView/index.groovy b/test/src/test/resources/lib/form/OptionTest/UsingGroovyView/index.groovy
new file mode 100644
index 0000000000..00180ec4ba
--- /dev/null
+++ b/test/src/test/resources/lib/form/OptionTest/UsingGroovyView/index.groovy
@@ -0,0 +1,64 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2017, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package lib.form
+
+import hudson.Functions
+
+f=namespace(lib.FormTagLib)
+h=Functions
+
+html{ ->
+    body{ ->
+        select { ->
+            if (it.withValue) {
+                if (it.mode == 0) {
+                    f.option(value: it.injection, it.injection)
+                }
+                if (it.mode == 1) {
+                    f.option(value: it.injection) { ->
+                        text(it.injection)
+                    }
+                }
+                if (it.mode == 2) {
+                    f.option(value: it.injection, h.xmlEscape(it.injection))
+                }
+                if (it.mode == 3) {
+                    option(value: it.injection, it.injection)
+                }
+            } else {
+                if (it.mode == 0) {
+                    f.option(it.injection)
+                }
+                if (it.mode == 1) {
+                    f.option { ->
+                        text(it.injection)
+                    }
+                }
+                if (it.mode == 2) {
+                    f.option(h.xmlEscape(it.injection))
+                }
+            }
+        }
+    }
+}
diff --git a/test/src/test/resources/lib/form/OptionTest/UsingJellyView/index.jelly b/test/src/test/resources/lib/form/OptionTest/UsingJellyView/index.jelly
new file mode 100644
index 0000000000..a85e761bd9
--- /dev/null
+++ b/test/src/test/resources/lib/form/OptionTest/UsingJellyView/index.jelly
@@ -0,0 +1,61 @@
+<!--
+The MIT License
+
+Copyright (c) 2017, CloudBees, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form">
+    <j:new var="h" className="hudson.Functions" />
+    
+    <html>
+        <body>
+            <select>
+                <j:if test="${it.withValue}">
+                    <j:if test="${it.mode == 0}">
+                        <f:option value="${it.injection}">${it.injection}</f:option>
+                    </j:if>
+                    <j:if test="${it.mode == 1}">
+                        <f:option value="${it.injection}"><j:out value="${it.injection}" /></f:option>
+                    </j:if>
+                    <j:if test="${it.mode == 2}">
+                        <!--double escaping done, the value and the display value are badly escaped, but at least secured-->
+                        <f:option value="${it.injection}">${h.xmlEscape(it.injection)}</f:option>
+                    </j:if>
+                    <j:if test="${it.mode == 3}">
+                        <option value="${it.injection}">${it.injection}</option>
+                    </j:if>
+                </j:if>
+                <j:if test="${!it.withValue}">
+                    <j:if test="${it.mode == 0}">
+                        <f:option>${it.injection}</f:option>
+                    </j:if>
+                    <j:if test="${it.mode == 1}">
+                        <f:option><j:out value="${it.injection}" /></f:option>
+                    </j:if>
+                    <j:if test="${it.mode == 2}">
+                        <!--double escaping done, the value and the display value are badly escaped, but at least secured-->
+                        <f:option>${h.xmlEscape(it.injection)}</f:option>
+                    </j:if>
+                </j:if>
+            </select>
+        </body>
+    </html>
+</j:jelly>
-- 
GitLab


From 7b6c86dc581e573a91802639647630ae40d8e208 Mon Sep 17 00:00:00 2001
From: Devin Nusbaum <dwnusbaum@users.noreply.github.com>
Date: Sun, 21 Jan 2018 09:33:03 -0500
Subject: [PATCH 064/863] [JENKINS-48899] Do not downgrade detached plugins
 when upgrading Jenkins (#3229)

* Reproduce JENKINS-48899

* Do not downgrade installed detached plugins

(cherry picked from commit d6298979581da67336f077cda9fd218eb790bdb3)
---
 core/src/main/java/hudson/PluginManager.java  |  11 +++++-----
 .../install/LoadDetachedPluginsTest.java      |  19 ++++++++++++++++++
 .../upgradeFromJenkins2WithNewerPlugin.zip    | Bin 0 -> 195304 bytes
 3 files changed, 25 insertions(+), 5 deletions(-)
 create mode 100644 test/src/test/resources/jenkins/install/LoadDetachedPluginsTest/upgradeFromJenkins2WithNewerPlugin.zip

diff --git a/core/src/main/java/hudson/PluginManager.java b/core/src/main/java/hudson/PluginManager.java
index b35149190b..505692c81f 100644
--- a/core/src/main/java/hudson/PluginManager.java
+++ b/core/src/main/java/hudson/PluginManager.java
@@ -705,13 +705,14 @@ public abstract class PluginManager extends AbstractModelObject implements OnMas
                     // If this was a plugin that was detached some time in the past i.e. not just one of the
                     // plugins that was bundled "for fun".
                     if (ClassicPluginStrategy.isDetachedPlugin(name)) {
-                        // If it's already installed and the installed version is older
-                        // than the bundled version, then we upgrade. The bundled version is the min required version
-                        // for "this" version of Jenkins, so we must upgrade.
                         VersionNumber installedVersion = getPluginVersion(rootDir, name);
                         VersionNumber bundledVersion = getPluginVersion(dir, name);
-                        if (installedVersion != null && bundledVersion != null && installedVersion.isOlderThan(bundledVersion)) {
-                            return true;
+                        // If the plugin is already installed, we need to decide whether to replace it with the bundled version.
+                        if (installedVersion != null && bundledVersion != null) {
+                            // If the installed version is older than the bundled version, then it MUST be upgraded.
+                            // If the installed version is newer than the bundled version, then it MUST NOT be upgraded.
+                            // If the versions are equal we just keep the installed version.
+                            return installedVersion.isOlderThan(bundledVersion);
                         }
                     }
 
diff --git a/test/src/test/java/jenkins/install/LoadDetachedPluginsTest.java b/test/src/test/java/jenkins/install/LoadDetachedPluginsTest.java
index 856e5263ba..c8cc60bce5 100644
--- a/test/src/test/java/jenkins/install/LoadDetachedPluginsTest.java
+++ b/test/src/test/java/jenkins/install/LoadDetachedPluginsTest.java
@@ -120,6 +120,25 @@ public class LoadDetachedPluginsTest {
         });
     }
 
+    @Issue("JENKINS-48899")
+    @Test
+    @LocalData
+    public void upgradeFromJenkins2WithNewerPlugin() {
+        // @LocalData has command-launcher 1.2 installed, which should not be downgraded to the detached version: 1.0.
+        VersionNumber since = new VersionNumber("2.0");
+        rr.then(r -> {
+            List<DetachedPlugin> detachedPlugins = ClassicPluginStrategy.getDetachedPlugins(since);
+            assertThat("Plugins have been detached since the pre-upgrade version",
+                    detachedPlugins.size(), greaterThan(1));
+            assertThat("Plugins detached between the pre-upgrade version and the current version should be installed",
+                    getInstalledDetachedPlugins(r, detachedPlugins).size(), equalTo(detachedPlugins.size()));
+            Plugin commandLauncher = r.jenkins.getPlugin("command-launcher");
+            assertThat("Installed detached plugins should not be overwritten by older versions",
+                    commandLauncher.getWrapper().getVersionNumber(), equalTo(new VersionNumber("1.2")));
+            assertNoFailedPlugins(r);
+        });
+    }
+
     @Test
     public void newInstallation() {
         rr.then(r -> {
diff --git a/test/src/test/resources/jenkins/install/LoadDetachedPluginsTest/upgradeFromJenkins2WithNewerPlugin.zip b/test/src/test/resources/jenkins/install/LoadDetachedPluginsTest/upgradeFromJenkins2WithNewerPlugin.zip
new file mode 100644
index 0000000000000000000000000000000000000000..2c18d023bd6acb253e53416b7f3ca3f7118abf41
GIT binary patch
literal 195304
zcmZs>Q>-vb(5Aa=+qP}nwr$(CZQHhO+qT!Y?6dzl$;`z}r7P9xq@TAhtGY@-8W;o$
z;D4-BHc8rM(cuO7zy1F>H2@BPm8qSzrJXa~f9_&vV?!tT|3_69OB*^HLuVIJ4^v|`
zQzvIjdplJXNC4ox6?UzlZgnkJ4`={DkQYDz01%Y_P)u|T3jbRt$eCK^zq9{s5dY~o
z*tnYir$PU}Aj4hiS~34O<bMeN1A_qAaHN)Dp0)EfPXPcpNeB4v{{JBu+uPb2+L_SW
z7`oaSTbMf0SvXk!FKT(a`v2=`Chf`%3^ENQ9yZ%;w*P1G?Kj^3kROfR&De;lzexAF
zn2EWT1hFtcpbY#~Wpy}M2K?0${8?)%q6%tBax!{_{sjsGsQiIPzo5r0f`9-xfB*pq
zeC!)G1vw=d6-`mOG#S-FF8v#Zfgp6Z+<&k4DoG0hA>YbF&;k__k1I0vk}h>@%XSL&
z_c%=|N)b0}cIH#h-b+L87*p|rA(FEKCgqs3X;4dAWB86A41Tc@b_32X0?LHCFy9E6
zdajlT_i~Mvv-6fr+TtIzA+_oiUCi~WyPuWY*U8C*v!kzswwo6V*`NUBnnqe(7}?s4
z%R3%DDsm?!OXvDW$z<Eq821rD)@W0N<lqfqh-hdd*%~CYKA9EeID;*?<ZRY>gG~<p
zEdEt|;M+US5og!IrM{SH0WQ?#2ig_cSSTvJY3uy7?_Roq{$+LNY(4xY`YuenGH^Fo
z^1eF|SI@x+Sf=EosG3h&!EReguF@2}k(>IrQrylSkJZQ$Wm&5oWBh1h_ZHt<2in}c
zI_6(ABF|1an-8T9?1^xJ7OhUJ0IP_g0{O3)sLDWjBPQkHu4SFp>5LJ;8Asm`^;dti
z>W_Yu;Mdw!vG7m0;g28c%wKp@1M5eBi3+c54Dp+scJWW*>yI#2_BKa0_maoP)(ZLj
zGynr}?CxDm_QDf!D~=3thXAt~io`^0fZ7hrNT+SuuE@(v*uDX;&id!i_s4iY|D#+V
zo9quqLm89wvJyJLG%`z5taTjBzsI(uod2svi9)9*#2!On$V5X_mrN5RGH|fz+)Q24
z^sM?uy&)6El18(uCL0GF8EHRgD#cvYsM@xp2$7dP@cIRdN5BnA`}S`PH$<Y^O}Cv-
zfh58vBg^al`Lq46`(dz2mOM-^E!dtA--aer43-pK_GZ6$UcOsz9vO$*Tmi-+nd!X}
z^V!G9q*P#k2@TGnBuKd6l#nkFa5eP+1dc;PLr6P|u9)>rkLsGG+w&|jJ+Agq=>E?R
zdbEX+T()@TtT>Pop4F}OobmA^qqOWA{@b6)3LJrh009`lVF4OI;KAR~-p1bA+QMAO
z+W5lC+{W-q#N6~ECFwRtpkY^~e^<@hurqhrtow)me9S33z5O@#$#(u{^&U=M^h6x7
zu{mnWinZ5Ytb93yMW6xTAU(KBBLn2%jo~1>ng!&v*r<hMW$D=-3#{V6BFjuFM*tEH
z&;a0$zdYw?KCLG`CM=|=KqD>W1S>HsAeR_mmHcV{y#3jnpWsNt6+$hCch6RMNNc`0
z+G<@Y?<Yo)m<ai{`P{Vk-vvLTLwpk&O$uRq#r{$p2Np<E5j!}Jn^3+wwqDEr6%qa<
zS@b{nph}brC|la~Q`YYL(L(zEYB&njo022?v|S#0%x_q@vrJuI^9CJX^a=41GF5jZ
z3&7tAB>4HwG>C{CciNq4ieySQOC{OGKzb&TNU4GiLu980lZ02%(LY4UsU=g+x+`p3
zN0H7xj*{+=Y~g1YeZZJ`!z%tqgu$({YkB8t<z+?1_a{_uuOIHapm!I<eU_JhJOsn{
z_wpiJ1iS~Y!1f!WY1EbSKJoqjHt1TJzv@IVs*|3(YbH5Zh})mTqRmhysI+J@gUp(_
z(BELY=)lfd75)+=cD_QdXOy?)z=KCHRJv-1qJV^;L!KHQTL_X*9~X^rqPl65F^CD5
zWcv%x<2Eu^`I8>{{XI;b3>;}MpW&&W+)$2R;iHv~laaF@u{FC->~(AmY^1FHr3Ebf
zovaN^kJ<RjpV@XWSkb`Fyw<_i-n?4I!e8u~-hb<Lu$_g4v9XuU-U;x^uZ?)$?!k2L
z%y;$N{jIEJ9Q_>3uaWcq75-pOPOD23zk+dR59Xiwqc*U!b}%q{r?zPRkFBkxlZl!2
z-<w3zzjX{jUq6Hn<zMF$Vz0L`R3VCa_@dkmi~s;}U;V{m-~PoK14}&z2O`Ba8wK73
z|I8_6^Py4HtVFW8dZleO^+~;739Eg0bYn}Jr{k&VSC^`^<9(F0a`ydHh`dnqm+gV9
zfJ+d`IT{=7rki(OH~!7&0%-891w|myklM@*k!Lio7e*pawXjDz&`cSOn{@|9!qLpZ
zZYGHryJEVLN<zbUAGMHRIw=(*+p9McJxX?=#2d9Dfpcl@sIPnHUrJ!j(ZO(`kj^lO
z8+>CC=Lfm2ljlznvW)yW^3IQ#lPY&Wztz%uvqckEn;oZj0Rl=@jmatuw20!1CI@#g
z&VCtecdJx&8%S%xwO4zuDoQN3{$*{|M(1vi8?@AaY2Prc{za9R#ejcp=@wBxu7gMz
z{i|hmhU&Od!XI-l7kG$08wC^HC#+6aT$u?^F4{y<#j9wPRes0}DeNz;bh3Sq^&)&I
zxt*0>ggx)qP26Y`oUMGr7T<zfY8K1O>U5ako;?Csr%Wx)`a#|%Ww?er%%8Qv>&S$j
zy^q1@p{B`_x}4O>*%=RcWRAP{1yo8IL-5xUafW`eGb0AeTQ4HV54gl`rB00Z+o>`I
z6&@R8-up}kDx7hak(qc7W_<vywmgxPsujT2)$B|9ng)PIwZ$xg)+Zy2$@L=<-!e8>
zls=>QYAw(uoN7(EMUk6ZPT$~6SQd*U=~1N&43=&uNe$Vshw_Yep02sg8&LCaRB7Y(
z2@3(}saV)nRHZcaqa1v;_QUKYL>^%ST$t-M<ac_Q(ITE!L;;IX87AVASmqFmYz%uX
z(j@*ju+<a=Lg`kMvImyP|Cko!g&vn_II&h>bC@IFuC3Sd0p$>8&+@z^PiN^15qnRR
z^E+IIrPsBUi<<G}#L$KQ1O#ePbg-8jB`$icJNGBde^2FQIii|rUf==db={g5w2nN(
z3LI-L`f_BgK_)fKC6)|IK!ap)bjC*+-+k;>Rwycwd^?_vFn;Ir9K+-KU#?}|9okcq
z4uj1rGDR4-Zc_Ed7|?24_EK+O>B6T0e`a?9pL{ZbN}x0V01$A}-|Be+-+7X+5o3fU
zjqSAW={q~QMq~(BHIy`q{+EthS=-*;^ooNVqg+EOOj+e|?Tb+qEB$lY)t2QmR4avN
zsHp4!0v&+&(oN%a5m3|N(AUk?^}167XT$S7g2NB5C#a6(?Bq1fk}91VeSMZfnCv~+
zj*O3WVd$UM6~1FIUK*<ll<AV9J2F6_H97m4DZ6w(XTasG*jihm*n!+XTB&GG0DZAx
zY}J0!K-W?2mi}6@fyANu29gI1$p`aw(o*Rm#ss2H(qhTye3K9xE_%y4;{(n}Cc|6e
z$DzGFO`Vnlp<^6bmki4(XmCAfOcMpMw4=_e(Hh}Ibz?TZ%;o2OkakIV{Xy`aWBfjt
z5UM?dnDWVE^v0UxYc5?mmK+w^uI|L4ukENbq^Dly<!dueFDC%?Qwp7N=s+ABPP0|I
z2d;q<=eM=7F^I^AnY7$8cgbQB@N*+$5sh@2qAypWAI@P(*Q#gfgJI{^Me3Qg%<iN(
zhu*-UK=c^as^GnMgabL!@%K&P)<~`Ys@mI*DylXf%^b`QMTBnuHQijjX_hqKj6kC^
z$HN)TUV!SBwOSAF5z79va&wW0Va8|iebc0zM~Bs=o6cDPBeFSSB?ba2-rH7M;Lmte
zmft<xGhp<xB&6TN!?cu-3QaDmfNUOm9?i9^967pf78Ai8g&qUd!y(hbTZXDX1t~jT
z-8;XW5*JBb)fK+2qWUL0vA~FRwlX$kNAFGoz}<0=<I*rxuBBEkJO(a<@F1uIi^G1>
znQcKuT4mwr>JXEWFF|@YiB?X6Jnc;gARcx>XIRHx%}`qm2Pj*A0|`K4<vhD*0a6KW
z$kDnf`*`W`4Y(BUP{!rT4b0)^B`%S_CNh#+$J?(P!599!Mj0QgpTz;|@(K`DRZyL0
zWjDt4lvy)-+!<$F)vEJU`&)=dz*^lmj6%VZS`cx3{WU9vADpQla>YWuVjJWJpy)Q7
z9IF|$Uu_D%K^tgLAI`wU`PujwT~{Q-iI`!uRACij7O_x!Og0IQTNw^)r!Ef(hKyVw
z?IO(im@rDa_5@7-taIUOV9#JRmc)%i7oS!#7LpH;-ke;V+l%Ass9@8^k?>`f5WHC`
zr9|D)eJ4dfzz-zGy{-{TqXx1DZ<R$LjlVYLU>wR(TP#|%GS*zFdE<yW+4k-F?Am6x
zC7PPzQ9;IQOSPZt{+MfdvScu>qb855mhV$k@8hdrXlHAw1V2EhW+o)7Mn$Yg$I{2d
z(!k8DU<3p!OUFmYa3?e}PEA8eBTg|zQzkn<H7zqGwFv>|<nKo2R@ClwbB-y$wlM#f
z3Sah#4r|&giJ*HR(07zfUqDJH(E=lh3Z9inN{<c(-wBKr5v&8`E=`nBRqD3CxH&pt
z=k`e6%`pjED9rN$g#8D0Gv$yfQ8RW|{AQef%VUM{`eNAS`*Oqs4YA;DZ9?#m{#$c_
z#4OoldzA&u<BQbc9|*SyyFT}?l^3bNAmF(6G6SsAObsox;!N_Q*gl#b)1?ydgy+4e
zdZv{kg6BuNo6D5B?MNM&E3iO%=VA#%BO}BQ%kcePU1T}G6+`X`ov`rei&IlajgM?V
zMi$;7ohw#5Y0Iajma$XlK~B|Je6QA?>f$X59|fnlbIG<Rg!e4Syb%AS&pnc4EpC(-
z>V$>h*||1x?^t85tp)RJDOA3$v34q49gfz#qZY|ddPQH`qU;yfe3g;@W?^D(q(mg0
z)P{1CVGyp9WbFu0#LATf>EvKVXqmzsP+}#EwIkkFkK?ZgDZrVCEFWTZCDjaBvOdvk
z`5-sr7F#w`HDG_ftY%Wivs==AegGnE>M&JJsjny|&R&?v)3`=;%^5y%%H<TEuF0ZB
zMUoC(lxAppP3+P2ZID^&fe@?B0%i?A!_KCj%5n?PO%l2W*M#6udEoP%%Z0|}XyOc?
z%S%X&g&+A-1<S{%4M*E7OF4#h9r0K*{RkXx3}f4^H)hxycN?d;H>sz`smFx3vnldv
zYiC@{vI3;@T2cY^@?-$%m#?zPJ#$5s!+f&VmD&#v2?Oy(@kVA}$`6mLsC^;i%kmDb
z<F#6A1JrZml1!J37f8bZlym>RvP_*5Zh}X%7Ma*P1I?vE?7wXdTEgGU2aRSA({q?i
z&YxQ9e28pT_5KU|^dCA-EPdK_e51hD8*%1ZjkKVfvGGcU!fnVP4DMz1SD>3yriI4u
z*gdT-P}EknaY<qg$96I#;H}Mv+8)HNCKNBg2@jJ-o>GHgBY3{r!h23{*>T1%hRFoU
zx48SVBl;_VaX-Mf_yn{Z_R#v1SC9SAy$2ghpy;30!U+yNVfPjQhZ+I%@3G6z<B3IS
zWpk?-eU<G1TLR}z{^N*}x}R<-_{Pk9gH(PIY-8MR2Asdab$5lE-Cs=LObsmU^-Of=
zY;5i94eOmvjGPi=C2S6qQ8rK1a2m2O$0)wbr6U9dW$ZGkoGeD&N*1lgVXw>qF2uiN
zo<*}!flYWKfW@ues1IqO*n)us4t(IKP;vygSkLF<Y5AFAz9)~oGp%InN`po=!Uw|$
zMn?=Ao1i-%UhpLlE`a|^;^Z}aGKW85-d@?8otU^^BQ9&7CSuHTBUykkgwu$FdyOMa
zKufOJN*4$T=!Q}^I3XPfrUWJJcSo2v#1?v%#EP62XbTS5kBIUFCV(=&P|EfXVE4(V
zX%-DOFQACAkV}QCHitThF(!KG+roMXy=^Z4P#uq%1bwaBQa9X12(94=2^xCT(Ay9J
z0EM<gKNUvoM2WpQ#QunGz?_!7Z_qX^fZo0$PYi3kbQ?ddqsg0TK8&pQ*tQ1>F3mxn
zT4)<>%_0Agh{P<EP_E0qQ@OM~)I>OfTDfAJ+<`?(#-<~#kes3c#4IQsN<lMA-%9}m
z)X0>;`+yDmTL9mAV7#YMO<8$CMDxdkRUVae4W}5iV&@{C3%!QU?RcV07aN#PB}>R6
z10S6@cH6k90QRnT!N1P_O$o#|nmCwIYYp|60Uu;pv9I5S8lLf-RdCsFyyY;kactd8
zC$)HBx7xM7)dJ+?idaPD`a&;Yn5V76sI&In&aP}gHf&ztB>m%s7r~~M0e$W7`I{*{
zKf9mKOl=!rv9~CTk+06mS#;P`pcT?bC!N)2;ig@(7e%niu(tvzeGGQUAKZ)~jLn@@
z(E;PiL=@Zhhg+n8Ku<jB48vngwvldB!=<<3XG~%6fb?PKxDnS*kx}ZMRMh$#q{JAm
zo1>dz-TwJ!lfhaJlQ7e>@$SXTK{2}fv`{ukFf6u6FANt4Y1`klK1Om&0q-3_)f#B)
zKc^Imn84>{ST7z+WaxZZ@Cu-I&*VBn!*~(o#Q~=r^*p6&!AU&0<F!?*K~CCPBJ}v~
zRQ}N=f1~-@W$!L0vd~&+Dn4*kvGYq`aQN2Ye%V<cuc+|pAtqLMh22_za#^wylb~t#
zsl)lZ%sT|Yn@8|h01Qhs<72kDyCC|`&2hesz*5eS%WJ^cC!abeE!K8fY<S`MQLFyD
zsupW$?<HH7^Zl3UyU}5Ou7Yodr?A<^hM-cBDH$f_B5Kmsbz#{t5=@wIh&OUYdFd;8
zY)#F^h;sYP`o7h1U8D4MGI`O_W6@)axw<AhYr1Oe>d6xHLN|MhW@CJ<+MkT^<8fGy
zc=lJhHK_T~LmE|C6$Sow_sThj9Jrjvr7=s?rw4@GDf8TaKMgD!BSg7C@R1+mhZrfV
zc8v0diLJ{jX=wurkFnw19l;t_*x$gv^cgqsdH&rmJoo|RUl8Xnq}$rq%tXiD=<mFS
zmV%DWIvs*fi9&xTgryO#7Nu0iBRFs|Dy$?uKWAZf>L9`mA#j~S;LA>yK!%f&M`8U|
z^-Punpj(k1p?xS+o^^>hI<HR{cBXnm1s5ioN{yA%db@ufh=^LsZ{JE46X{9gwvfSj
zzK7qqM%xw8z<@_N7K)<D-vbv(xpicOSEb&{dY1Lcq*X6lDPx5zX=>AW?fRr{hPkXW
zv{2D{R&y@~?3AQjJ5#Ezt9Dv2lP4_fu2*0Hx{l#&0|t-c)o`8CB15ws6k=W@P|He`
zO14HzaWb3@cAKto$@8Alu6WZqVhoe73r&hG({}vU2r}nRy5Fpk6-8OKF)mHY(^`fj
zchg84dZ0k=^d3As^<Q=}F~o0<RL(~X^;U|0`2-i@`&7q7m<v$RiIolhh2}8<7yz??
zgZH4k@YgsdRqs3`g2}r2cNyy#Gj(Sx0LG3-B(xE8)t^85m4Y#vo2xJ5V9*-L;a_ce
zUcXIg$YDPhhm?GIv8@*zYC}-(TvVOhC)Frw4G3olgzT1nxeM;Kf0&?si^3#%Uhal(
zTTfQ`gLrz#RTfdqq`g8W6%m`+F=vzjvR>PU??PzF>BTrDY*iS_>~wFp%U1+(rXUZG
zayMkY3IqviWV)S{)N$f1X<<6}LraM{|HL7lX^@yCefO~>E<(1@w4@H)bo3xY-B5|=
zB=&$dr{o}E5+n|C>cbL!cAwMD2ju!u`jO+NiEi(~WNs~v25|30ICxl0Z6u6B2NnNv
zMT)1F&om%BUt^t{aGfP%xu^~d(q4{DualZ<BlV@zFLJ|bk#EO~(OfWguH-93GT{A_
zHHf0KFbgE;Z&LDCvG>^dB49^(3dGE*o3m&|O5spF6$1lsqHi8ePx9P?Nc-)be&HmS
zWR5_EM9z8XnLchK(N|K?9C#pmb8wXG$nTljip%ya5uswnh|>*p-7z6|@%wyYFYtQB
zGMNzi>n5C0a%SITo}F`$zBHBu^553kq6U8?Mes{|0t}&h9i8oLI^ZL8U2BEREO+s-
z0Kd@K?O?DWdmeE*Kj9b|7}V@HGLP@hTo)q7?`&mX<+7q<GqqCJo>w?nQx#_bTBeLN
z+0pe)c6GWb%ar%7&fA0gpS<!J!SS*~t*TDx8p3o!VnX2JG1t1BY9*?|^Ju?qmcQWK
zEYTNP5>K<7Qp3lMDGb@T?Exy$DHC7gMJc!@w#m~&;i;?~=N#&`gX!4i066r9;W)a{
zx5NJd9FiU)sp+yp6xxroB{7~2ga|LEaycSTSd5tWj=hP^qpkW*NAxsVC*J7j9u<ge
z^c|b`5<teKc$g>-F56lIyXtOVHS+`70b~HYt6T5}SYO2C8nL)%oNNct=Pxk1a|nV1
zft&}ETptG9p-9in`sn6)IeiK1WDjwgSy^;9QraIBIu6ZPP*`(Gcz{=@RH=n5PgLtk
zA+Ys>imyIg1jDgeT2Q}0`%fGk70fiftW77-R@1aV4Wr<3N8ZIC>(uR(zh#&^U*nWs
zK+?i=wcS?{310Rtb7f`ciTOBmbcL*nQr=5E5kZQV6?w<{$yl@(V9D=$B+n+4HoW}_
zkI)DyuuAq}M>0?I6RDHp@E-%Jr^F!sN;Ur|B1k3GO%16V#Q*CVryW0{x#rZU=`HW{
zB~xeLlR&Jdi`eEaE_0FxZ<bIRYs%&&=k$<LFmn_a;{7L9KOqMLVF_qJv4gM?!<(ik
zcSRs_g$$=`Cz#BHKQRc338^Mj-S=0wdcs6xi%CNY3X^m{C_r6xP}?L2s!7V2(sfyA
zUXR;&ot9LQWqL{9Fqj|qMT7PkW`Ne0n9yosuZvz4JV%>82|bvQwE~S+yFtdF=H@FQ
z00XU6(^~IuF7D2qQ`>hJQFnnfDA<5`VeprJQSJTMiU@koG+cw<G3h=h{uEO5y@Cps
z2#A#j&Xm$Xwb9^S_9_{SCPNBtjLH*f23;@J*xXzL!-g4mn}bV3fqyY!Dy2*Zu`j9*
zsNMQYVIBxxJvSD~D=%JbZ3}4GmP_*&`^g?Jzh48pa{oo0YzOV6?igFw?fZZp{z4q_
zd(@BjPGn6OtSzmaBcv8=7qrnPZi$KFtR$bwVe?S<PDsNyAb~*WA;u|!Na*29)vd?*
z$Rktelp5XQx?EC*KXd$a@vpN-q*x6Y3(avwd0lg?Co*$Csdibxr;A=S?2m3Hk!&=u
z3Hv6}5%8!1=AxZ$qy1qfwh3N<iE%Vgsx>Lk;`bl-dJ<==+If6dGUaouQDe_3Hz$E|
zpB_s?HG!aagy9%4g+T?87jNIkn{K9iDN|BP$CZd=wG5mHOry0t12e>a9itr+!Pn%>
z!gQbVqF@n@JiMcLaFJ&f@usbx85-V4i`)&@eWopK4~ORYx)D^x#IdY=%dm<2!nKbk
zsRYN|9w{a25V*JioZkxil>^H+h-+5cp5BjAvLZJx?|tn_;y9XgFdw*cdf1K;RPCcF
zS25Vr8>fJKbQbTw*8NnQ{AnVva}1KK#qi!?yo_PG4x11w#l-6tlk-drk20Me`UO*V
zj}fYi*5zE6cD0-|>szz)y2Z*}v!N+<TV8O6)B7d`b2?Am=Qar0C(oqUOiC50tD2)=
zncP={D3=au?{}wOZ2Cbdjsf`iAiL>otAV8@iP|(VLqYC1B%ZAg;qvhA*Y0iVXzD`%
zTp)w&pzD`<V#YP~2+hvcl%X<L!}}r%c`5y+MF<2&p$U%S6o=AVy6z4DYUkaivHPrp
z{`q+JlV%_pqAFQ&+E{@mkf(%*1Ir~g+@<rmPrigtnp;5vZQm1W@Mq{#ZPTkdE|Lsc
zF8+a0D+ro@P8SBCz&2vQT@}2-ITw*`m*ZdL)YSrVTl>%B<dO6mMqz^aq>oD)MQueD
zrh)TOP^=iS4o)?05bNkAkupl4uJ_(#UpQh#aA3-$l$ZK_GhSW}dwt)kWijPhuPOAD
za81v7W@lcOoJ~G01@H5aPp*jfeRYkhntX}%?ED`WHeI9F@5e|tZYGhB6fD1_bZX`X
zPmbVSWmC)L7J1HCH8vnsT`FbRn@upyZxmhuiD&1QGMzH4S6h~N@!_@~Lsry0HEH87
zVfW+AUy#4pP-iQ)n<7De%*jL=srvX+{B8PZQPZ;N%;=`%UgO3iqAJ&YRJ&^Ku*{s3
zLaPYoJKRII0v}ZtR@cH`Oxe-u;B~)d{i*j^`Wy1jeX8`xb*X*s>HQz^_mpY<oy|&V
zEIEZ<)(f-gJjv&)?hi8ysKsWCp8@Ic;Z|}0^-}39n;uOx`YH&`;J#qV`hdaAOp-$|
zu7GUj+8kWtK`qd30=Ba_|4gPaI7U6?i~aN;1LlI;g};E_1ScpZkVLQ|itth4$L(DQ
zRy6(ok}`&*JM<)16*Ud60iFyJ*`?t~40^rU7km3zKsA`{9C<pr7f9OlqloR0tU4H_
z(2vB%!R-i_s7I6Z7WGBFK4i6A%_Wi!t;>n67Gg!w8UeO}eYoKSg||t096LJ(_93~2
zw{kLxZ56=Ee@C96wwNO$>P=!V6Ctq<)kQUIj#rXcX4&;rkh>85J)1n+#cB^N$hDKr
zHt`ADcE&=ym_p4X%`BFow<D@}dcS#}UI02C4J@=$jvt)zK&eypoo4TDoMd4ZNg{)9
z-3g{ESf=UVwAz9(rot_IW65(bpDwBwQ8y9Q-*z=6VR=5oWfnUPZ;}paH=H&2&Gdjq
zaGp5eZYFi>;_*Mz3&Sbml^9{AMg1o_a)Zi~dMu!XMY@GWc{=i-fPi=SgKH0&Awf%k
zvHOY-UG+S$p`H;4LrxoW0(+GTtk~DgiBx2CdY*;AL#KG)y2z(dZWO#J#e41>BQJ>y
zLFDo{GjA!6>q*1`ep?z=l-gr&LLd_zzp6*BVwM?Pa}~JG>V7BLF+WEcopoqxCie)<
z8G}|lO4Qa4lgn%W{iDV~`7Q(4^=S|_D(o9L#s`X}^a|L%f;OM$3U<{Ws_vckHN+Ov
z=l0%u*UKtXDa(!NOZo8CJ64fCywK`^A+MFZW7HB~8Nfx(AutTHogu%hvWIrBCW0CV
z^K0>8W6j%Ehxt5y_+SrcyKmjcF=!Wj<m%9E%kqccvx#?wl~Sb7m`WoZkEfE7@QjVh
z&cL{9<O$B@%{iJ3b%iN2!li&3)0XK@PwsCZEvH#3k0=Sy?=+dwZOhbsZET7{c*N8W
zkle;bKE(IX%Xeyp)v+p%Kdj_4Rv^3lcBi8Uo08a@lqsFJnVQ<kQi>I81`+e3=K&Vf
z5mW)R0oCk#$}M>a8GBW<%;)hiGZia91cM1A+n8#W!%||IBe)nG+m$S<uGSzZBlruQ
zBTNZpBc`C7sY&!|E}0tW=$N~i!+JCSJ)m3qeb~2Gpx!|C&yaR4XLk!-smF4G7p3!z
zGP#f5;$mEA&%YFcc&--|42rO*SP4Nv6l$3%xL;Kr%2vNOh*|b*xZ-?qlJ?>gk=e$|
z?X=h@zxmGnzRTTyH|n6{=LH*$_$D^bS{>H8pv+@qv16f1L%@A8Rt9>O#2f@PSVM`U
zX|Qwj7Nbk)%-u$Uf=SQ;qdkAWug%C>!u>TIN@->_0_xbIJtP_$j#<F<i#8mS#ya*{
zO5<A?{7|u3w`vmxRpmEUR%9Fcz$gUO+cif+gveM_GO~cU%UB|!d7?SHWMEQ(A=6N#
zORJ*pNfdQ*MdRAcRuD+K*xFNj$j;6)|8Bq-x=X_IER=kNi4?F@*g^m)EKZ8D<aMhU
zBYd;NQ)2kHK8i4qY$e_OIh-raR#d%49`TYfm>@4F5r0KRj~=CWZiocUZTM7~bc)IY
zj-rfbDh{TLl^p~CLuPvGr$*`w?m^uiOpf{)mtoqngT_Suu*ZDl)MI<o1-yn6J40j%
zfx@6_k45h&dfL{jmNz_xIG^1mBmzo2@OxHR``0t7(WNa@%~&;}pN;7Y5y>~_rf$cg
z<FcrFqk1-)cU-1JXb#R2A%2x>Br2M|$((+A=eHrBiwK*rRN)6Bn_dxF#AxN`fVWuw
z%23NIL*1*0<08gKYp!!g8%aK^`rj{kgAq$1?l(=TrK2*;as;3m{bf1^2#t{fQPm%&
za-dBBwMmklPq((k8AX|a165HL>jE(}tZpvo+`EVo(yYXw_lMcCIuTI;SeGxQw-dcg
zpcN04<XXiufpJJk2${tNE@(+bv%tt!fh2aUe{9!$a6?u|HP^dfG!;V@;)g|bddj<C
z&tT(8cxneTS(*nqeLq-)!G!L73Syx<UhnrDxgyA9;6Z0<x=nfbIb+jkA%<;)5ZOI2
z>yX-a2d(uOndV5I&P?<+vuvPD<E>J%V6Ch8!i2rBkhOfXeH>$Fe!Ca@@-&jRXKA~P
z!u_IhATj|=PN}o~QC1F<Un70(NaZc&yCt3-S|{`jqBs@jAAz$<f1ZS!W^=nbU!^5`
z^-x}Ni8?#tmOivAKrMng4XEhh)~2=Qy76HiDFUEw8jK%&rJ{2<PVg$EHLTi=Al=Fv
zOF6j$I4oA*owgV#(hi5t3a}FgTP<d3|AEDl?9@D~+Luh7xH7$2yz^EIZKDA`qd+}f
zw6KeqB32T7nR%gAt{NaC+Yaj;Eg?$4hYCMhwvEwuL=_nJgs*%jPEAT_(Y%w(9g+?8
zRlUGdm6z03mqvT;U0N)DFw4c1*s4RW=h!wZr%hml%e&y`6`-HOfYELLs)*cn$9tD2
z1g2gryXHuN3OyXff4$VVc=iW-W;RiTFyn1`chn1PpHzhJY5yTy)=&qT8Ya<{92*wU
z1O4Z@5f=%;e8;SUYR;yGco4Q$W;RuZBo_pf7xNu(RB6dmaL3sYS{bIiRaa};TNxX9
zGkg&kNb$5l{3<J?MgW;HTB#5T6@ZWwZnzIvLGU3w<S-;*j(IB8Alw)Ve*n0<!EfB2
ziRv998i;@)`#vddnVb5hJC(o(U$W9dS4CPi*ls^Q!E;sySyHBV0XfgLPmSZ~&(I1<
z6Y+Lv0`JzL{*UF{`1H9MCP8Kn>mf($slLTd-GS-J?os{ltZ7lo`8_wWFz?Lz@rKCy
z!?Bh{NakzEZ7Ur>Q01D~H9m>kn~AF|frHLSs`fFlIUs6oTBcX*O5>ojPts2H-1?eU
z^}=Yx2{kwG1!@BDTzt`l7q=xhox0QTy0-2riy>+>I=2^4j-n)~+Ze!v{WH=%=_`^s
zF*L&=;@29;TguYOMu5+rgFE7C?wTt><$ZmoRiqSP+KkL$#U0r2+k{K>;F?Q$JrBfH
z5ye0VLpuihA)OMuDgWgH!g&J(@C(^{mz8(<bhy(wVc&;axqHVEUc4_-9TRa<5Monm
zn!!u3<AX8ShR1HZ`Rl@6rJ2-xaFYrq+nP^BSc92xgS!RPxt*2JL|E%zmx@YYm~ku@
zRv9s=tW+@Xj=ZIx3o`QWo^tTGrB(_W@V?9Nn_`wc<Lbm{R;7bIy>W0HvS9kl-7P80
z5M_=;=qdt}Zp2jPTu#?eDC68Ys#&HT64>_|zEKfj^}$Y1cSGt@hAXv`15gr6gyR-U
z=#If<3nBq_`k2J;uxFz54RS<)j#LWvyCR1jBBHIP6~6Gmdr%@Yi;9d>rtUKLRkgvW
zVAKbN3e`a)n3IPG+NP9&fMF&CL9o()h_y0IKF0Vi2$30TNFEnb<0ju3hwadtL+<K1
zv>!T(5M?zRK%9h7ye1t!q6ApM6wOA0j<ZxJG)c<Ph&C))2^_kb&V5%$DTHIs8k8Ws
zTFv!6EMX5BjYw)#GL<A~kdC*e-qm6|JQKXPaMX-SBCUFi1QyL>9ubTa_{ZMsEKe1f
z1ljfB2P_iNw7%eg(Doc<^_(evW=Er+;59-U`a!RMwyWGz$!Z(F{FsIdB&UPG{+S28
z{Jqs1DdLdc2#+mUhqT`cXeH?Y7)Pib5u|PtYthlcs?dal)%{1QcIpT&TzEkoB{o%D
zqDRD~fHQRJbv{i2dAHfx_j=$ohjyoArx@|DD=4Xq;)V6b&Vm`;RC6Gi>DiwV!6bH@
zd2Z$NsPvz)Xy+R=mWKdRj?YZm*(Q9hr;a2p=xvTgvFg#fI%cre@Jb5K;JAFZv*=zx
zozwDN@tRfDfs^BJ`~XGo@4@oYAEq+bg#}rbOA<IEqPfbWh?D?lsho}Y<=l_kH9PEb
z3?3M!CmW1FN3|c0kBHJGOx5nPX80TmiQs@kOB*YN2aasaBM%3-PI~8fdkL-0J_8qp
zZ5*1`7JBg}vfi{UJ&^dUAv{;XCELW|IQ}U1FZQib{H@js-*XHVL$FWZraNGzn9Oi9
zjmpzbUTL=Cf@b$PtHp`4()y;O;Ks37>tc02ZCPsG%yT(!8)jL=M1O0Ohg-E=JH!bQ
zRmNzR|MmA~H}Pq+r^M>%#AEKbC`iF!MMpNzi>rz5IGA=dwkl6Y)wFEgVeEubom_ap
zDxt!i+Ttn9FxQGJO#fjNi82}lN)U+%>QU5ELuehMEQu>7x=+|ehj8_iy89m}7v9ZZ
zLpUTJtEPc_V1RfdMQDur*@2O`O5ava=XVdXAVHS5_!g)hPVjj%OsSK^pd8_rI}fV9
zYS?sMrXRacC5{H=?gmjJ2KGiD>V*|7mR2bm1^Zve>@Hh~pr2-y<f@5Qn>hZ_lD%IF
zGw1Vzc=Y!EVSqceXhi$JkByWADYz@gWfKsU*f#r%1EthrKpbe6M38-}h3T*cAN7qA
z3&oz~7IheJI4)VI14lL+_eKf_dF#TvwDMkP`-MU8SWjNHxAb9v0ky)+e5l#|a#RZ^
zMOUU}lG7v}dh-dZVDB%MCq2P|q(7{r8$y5pX}qJt`|Qv&5u%sQpsh|<bPpXhQAlDc
zvm<;`Ab1b}cwVg@%K`I2^=3dQ>8n5l@<-dnzVf8f!6o{1&rMDis^SSJZ_i`o9hOlZ
zA|nXZ3^CEp)h<*jBNe>)ufSjiE~Rb`NTP#*HenWNq;KGI<)bnh0$3*R+l6*^NZZt=
zWZDp+a!!0&Ht+-NryGp`eeivRg)Gn?!0;vuS*hH_Wb@{d-V&WFYUsVvbq5lIB8EDo
zrqIrYHZAXlO-J+UwXQj5BWAdNq^zsSzKHnO=FqTjJaO0{1iT!9pIg^IiQJjquZp`K
zA6ldf<qU(|tAU8a=(I%1m4=@==|LjG(aSF7qbZHd@Zbd(?j@jrb|R+V0+w`&PjJ(-
zsn3O~o%J#1Xs)V_e$vt4K4${AG4m;jDULgl`#}l(`^aL-%)pFbfe7WBYWt2+Xra)g
z?EqXX|I_4~B(0>G2(GLliI<~b)Xaz=2z81y6Vx|nZPoFVwWUexZ3E0Qaf$*<;Z$0&
z(ZNAvMkne4?k)iFccBZc08SsJf^e)^Iiyh4w;TRBNQ=TBZ0aPayLfZCeoPs+De*cx
zI!`ANL2}>An)O_ww+{a^Z<wzIDr${DE!%aX(-4dv9W;zUHpX<<qaJ&c7n_emW?P0Q
z-eDqSkOcIB*~N*fSal~T*Id|C;Cvlqp6|@p{azxtP}<7A-nR7*L@YrynOYdWExfLH
z{kB^nk(HyJ%hnHBo#KL!i#%yC`_bcF#ilqU!VM0H5&%&rUQ}f0lk@TS)A<lE-17A0
zIehwH<jtPgV*RosA*-V%K|^R0Zmrl~_8PNGNofXZ5u8+NNXL59hmvixaI(XCwm;pC
ze~4%hYp-~zm_#U}o58tx?8P;MF>VldBYons9w;IGZ%*o0@eqs6&d<cx{~o@dDBy8j
zpC>`iYuJWT)P=S9Z@$TA{eBW9VWgEjSQC2EnIUb2Z+isWJGWHRvUP}E{;kiy`uNt@
z*Gv_IkkB+vx36>b2}zp=T3BPK8TI^Nb?`BJco!$$VM3EavWilF4bVL={-IZKC#~)=
zSpPKaU&|WQO9es(^eMGhynd{hKp&iHhsWQMYnZmRF$5ph=*Zg6n%jL*p22*`T9$nl
z<z5H%#3-`ATd^J7_759Eb@K1PCM8RvLIg9=$e<lQT96}8I;EyN_OiK(3hXMeR{SKq
zu%64OukL_abJ5m9hdxOv7;KT{Z~58o5bGJS8$^J}A9`lPJTC7nhqYh-b)L#^7UYlg
zJV+Md!$Bi@V`xHj>}GH{TPdi!sI>?(q3VS+`_8rHKhdX#fatfYj%&LVPBqAv=<T<m
zGL|buB;)Q_+B~lCI63-NfUFRH6!9LXoFddTHJ#PwVu(w|_vx@ud?bm-IIxrI`HCKM
zI=0=LVl-6IvXK5k68o3|0JVMiI<rTlTF#4`P|FHezk{y#YD9P<j{;woFw=Zb^lS6%
z?Pwufe=P45Y$#ZbPu<p18P@)K1x}ANn-tJfFzxepy00-I*jo^#AXV4?17}F<w+?(*
z1(3s5mWB~{nkju;gCUL7Qw(0{!8+jssG8z#Ajw>LZ7AsX-(f7t6J&1+Lo}h82sTDZ
z0)*vv$akKHiVUtWO+iH?9KvM=Iun1y#I9@5aOnm;IyZsCFWn&H2r#sZKt!pDrfw=w
z<ff4lR2WXNGHsMc4IumC@|xIn^HBRTtCtaODj5d|Lz7%)ptC-f5mvDMYs#CGe+X!3
zO>~X_B}UkZW69h{qaueeAKo;ls}_nINVE^@7){l&E#JX33m|saME$}>IL`hY7#<_Z
z6K3q}l2iSwN!@8g(+YroWbFR1@&3-1cTeA>+k6838I9Kte1N6TG)6zrVEuQ|uyxeo
zm;PVlqssHAdNB{WK9mYVK55gCM)L%Wed*Ov=HZv84(CQCN};eTPv&=rlTF?wbJcJt
z1_cZ2haX@!Vq3QtQ{7Rv8asU{?(Q`?H;>eQ^eweaO)h&l_}>CS0;@<Nx!PGCe3-b(
z6V@M{ERbT|Z7NT&z}G+w@cink&aVhA8`sR?i%#Fmp?Abz1Nop#`9MsYRyG*Vy6NRu
zA<sIOcb#Qh#xI?Ke|_|(>}Gg1{Z<7GODo*urE;u&dR7()<gHrVWHt1i0I2>I(R+fX
zn%nn{(UeFBQx2THR)c&I6P6>-RypR4XNWT@Ig6<RY-uZPKl|5+T@{c;{RN!X*b5I1
zTA4u|jy|HL+`!N1iG8cuA~7|M+M82>-;RD&%$TQ@OOH~0c#VYj`$*5?L!*ZK1V<5h
z1OeQ)zT1rcJn+|Ord8KmC0xm}rx52qmPQ}9399hg?ag`Mt9qPp$pzp!R~#;c!7R)$
z1-g6hr@nro6;-`gfJ>z0m}m(OA(OU79&AKc2;`~h0c-c+V%p=!XeRmA9f=8sI-<rN
zZT@^{{Tn;FtXHqgqq^Q=Oh6HYB-G;y!%XSR%|Zyl^~GCCSJiPvjo;b=3un)D1dbuf
zd0y+&%}gsnMr`l(!~qP`z@$@fsQ8HgZfLr)R!3<UKA={JURJseg%{F#%&5FJS4)Vb
zT*{u;LF_4!l9riHlwK^%F^V6vqDT_;y9gyB$hFXpl+l0{uNsoj2=!bU4PQ50G-1Qh
z;p9J7$3!BRg~CFGK_ZAV>LjJu%MBMJbVg^?)9LFZbcT~J`{A`fe_0srH4HofEFrgJ
z?wuD#VNVl_=Z(i8`KY8_GBlHa2uVgSk2Ii(Cs8gJF_f(C+cur4V{7^I+a%ySN{z%P
z6eZ#`!&V1zgs;qx7{sx)(EKZDW!|<I_%Y%4f)ajG2*|PY0{ovi0sA!vIRD}V5b{5e
z5qy$=ge73YdxH)q_V^z~&|?5md1L^OtyoSy|4}~<XKt1;s(Znzc;{3dkeKyI34U3l
z2!Sj?^u^2XMo$Q%06!9OQ>h@#8uF3=0gR<dclH1d3Tvfor@qoFCS&FGossX7w1{55
z4GRe|lDEjc6}G5wQ=qigKU|1E?d@sQtCU1Q4bGK$iX5r6hF@cd>+rBF9qtmBMc><}
zb&VLqI{3@yuBnhC&=j2^HY~Z)RE=hd8Mm-f6iI>ZP_eT>+&G}##m^>b_}*+N31B0d
zsNSNk_7~$S75wcYgHm`a?BD|JbyHPJ5nchrwGO8Xdyu4-_P%BHnrET$x$sI&&!?;(
z)=<J1AG2;cG9WpAA2I%mUIAliV4{3KH?!WP*Eq}oF%h^oz@hs~h;dIqOo>?oUZoWq
z_>)2u8l(luN4{U2(dzY3$iRUNU2Xf5L@0B_ZJ4brY2s*ExQ(pv5iiitUtQXX?jCch
z#nk>}(!g$ot*?3FQdwg6p8!#4o8)$`c5U8zinf+p=aWAr3@#N7W`f{ow#n-RcLNuy
zuc)VEa=-lNK&m&AJwUwwn|8QO)(oZ2<n^Yy@(;xoUR3Cu6EX%>R%(fj=_PWpi8wS6
zd7*wg3>tI;OjV6a_=B&whhx`(pokhqO*3klpZFkNz#z6e%KHMCR@9UVa^oe*()>m_
z3~odt;aMRHx4u6Si9{<$pvwVu+qPA-3#K)(2LtTsDa3f6>82Os%5;T`THjP`G-3$t
zKse?(^8Td?Rc!&Gz>WI|1K&nrJdk9cQNX$&Aw(6(h|NHSL*Z!rQ&CC>Fi-`&@y6b6
zKq;K6<I?1^gOE}%-GiPKZoA0fziz~%0429=iU<~vWdMsk`U)+Zz;LZ?bmXzT<6>P#
zHo~)zpU?E?i<r1!aWtl1habb)3@Ha(kB(0vY>gFkC<v{GReOM*6r?WeWt}?dx1E-_
zWMnLaW_KxiW@e^)O0{*)X<>crwYsK|7b*nbWq$W}0(}|&Ir{qgYc<+>r(S%A6U^wu
z2eZW-UiKc7B2+Z2xk?!g9BUuN9#p2liXIPlOr!Z%us;IulX*>UO?>4*95kKe#hfTf
zPP5aeq3Nq)AhiL|2fh@qZ?P5VxOPtP5*nV<$X;YoF`T_~%y%`t&-aPWvL7d%d^B;;
zf5mFUeX@`~7L8(^XAyC`k}thx9!p$6x5PCvVqzNfTJ@bGmN+u9V26A6Pb=zqXPT&1
zoGYt)K_Ld~f?8{!)InR@r312Z>koCiDrYNtq|T|m2)+YCUtwXOcd3IE|74~4g<%3_
zXc^#e9YcD5uuDmznXkjx^SOaA86py-rG8x0?&ccH^Vnm51kX3~rhT2S7PUBYK=*d=
z&=HbV7s^2xe87$m02_j%JA2x-n$psn)F(Bm_zQo&h+bXMs&W>~<d-C1vze6Mi=FHN
z6`R;pU_&3_y=p<QC7rA?usMM=E%eupY>K~ZUIbMJZ7_8ip1QVS69tj@Cw60&ek>m`
zjc#($Pv!_?j2J7^N17p+{*bjnG6Zfblzpvqd@P;&R%`d%gkNyrzlBNvaRUA$SYr*?
zg0v<5@{50>)&@&HCMTFFJ;#p)bweTC9mP*I!7IT+9DyXHM$BX((LAS0BYVB|mRKW~
z%d1!WM#GjvD=*@563Bj^<9|3#a^ONP>4bo7C{V9NwD}?}YwafXSh{C~!4!w80V*QQ
ztTWi2wm38Ms?&xLgGQ*3k&r;r!RI7f^zrF$2v$&x6dG{eB0_{o`qM7S6C+C`ib|lO
zGe^$tfi!{dx-tY&rd_)^w1UCY#5i2;`Pma5!G@p;DnGhDbzQjtx`l-ef(Y9v(}*-5
zLLlLcYaeno1PlsrIkK$tUZG{vNkz~g5o6kwzCLzY_Kf7TGaPACq1eZ37-vpW6820<
zxEJhlmab{XZeANPn_^3TK2rI(*@Z>d5AA@Dno`gJ&*>=(_Q%spK@$U0D-Uw|Kke)^
z0+SSy;Gdau%z#h#F_3wH1P5lk8As}9lTKu5VQ%f9r#Ejte~IFah-DJsJ(jv7&9^k4
zHF?@-Z7vjM{-z-qeOi33zcib?Q0G6Qb8aDUB0D=y-d4_rhk<~tkhDsdC|X)fgy)@{
zRsn!~_nzCDt_EP2&R!oI$afw%+bst&ed~OnEV~%vn^;9r($WdNDAeHjLA@D_@#Ipj
zBs8RzBC7w+24<R#D4I&VjJd}n8!(AW%F86#uyr8}Ee&!jVU6CO(o2Jt(0%*XpU#mC
zFUE#wTxqu*hv(hPZu>L3J>T?1UosY8)!Fhrr8F*X8uUE47x$+Tg#IdHPCAzrixyBc
z^Pm0+N|@`cQcA@*W;#txThxlxMF+b{qa!PP1j2zKUeL+k7!X1~fv4B^iqY7vBAFbP
z4mOioF*5mZ9C6+4Ibcemngl3(-5ffaD#p>jEuddip(q9-X|A`v(2H%sL=m%c?v3C{
z)4^5wwE6aUvui=xe$PQo?$1#d%^S#^3$7`9J@`bKHzNi)QPl!3+*k+AXPQ<D$vB1j
z<^X%|-Igc)T`bMcVQcy=*-Ra;e!?7=lHGjunTE51GelX1TnTITMz9YaV8?#%#Tb?|
zp<fDQqc11dBFN@j_y+JUnOHEx+lC?OIL^@1s+B4`yeI?mE|tjLzrNpvoMLH2T}YM`
zjE-G?0Ns}gZUV`gTj-g}VANSqwMvBJh+>|o(>4*!q9UdkqOrp|=LqFAK{T_<EGY|i
zbGE!{Q+3eyyAyoRm?)+XIn+tnf5RwTh}m~yy_d<$6`!8C=MjM_;@-IZ!-iTsLq;}Q
z$~<X9wz*OuE#8gZ>DiXCB<Ils(HAvLGV#_Bxl9OTJR$o?VCynL!a5>W^kD~473F5g
za3eaKOgxZ1a;wpGO|Tn653<+B(L*#+I$LlI#9(p{?jBOo#2swo`$JchAD}jc2U^nw
zQ-ydJ@QFR=Docp;?$yBL{Pog7t5RzSU2CUvS2bJbB2@c%lP)G+3PoD{b?=XwyJhV?
z(>YDbY<iPUKktR5z;3x1_-oEA;LD~fpgzE=#eIzoKqgp>X?Xc~xMv+BS8r{YQ8Y*1
z9DX=+aUl8t1(>cQ!PnAERMuodYXs-xAdQw;dpsuRCI2i>8$Vb2Z*B`-GvPEI=UHe<
zv$p4KKFMCDB%%dzD-EG`4rAQR*|AD3vd8yt{wuOkh#9#)fm|eX5w?l=$}Wsx-c%J@
zY94iCR?DY1&xa6{@nE;AKj3ln<LGEom2g6o%M^a5YK?~#fo86fuk^%&NG7FA%WTGm
zz{9-dD$I=i?QtQ~?k_t<Osk;vGPLe^K2F(o^`-dTMK~iCHg8W*fHS8kmZ3<;+!<h<
zE*w20GibE7!}21CV5wAizp-5}Y2-kFu>RiCw2Xd=0&wy6g%doG$Lcm|WUq<(StMIR
zVB(F~#JGr=z0q0YUacM1oE$f9`aFo>*ek}yYD1D&TR<x%<T<a%EMFCeOke0Pw$-4!
zi+LuETd|p_-t32zOO_rEuy=S_<+sDQ{NbN7Ha_doUX|AIN>5AegNqK7|IWswePI9;
z)GtLq=oa^b8`~2#-(RarvwqaLNZp~#==;RCZki%R{9<c_t5+3+`5!)cPTAmmrLGp#
zr9D0_gUWueR2g$wO@lGaKixFBx@-{v$aQ+eNpX~<nJevQo$iw-Nvs5D<t!Drs>2Mf
z5w<E@oD)Hxt;TRY)PA*{WbEQ0O%Q8Kh&%uo)JN$400MkMKxGZ{9)L>TgfAj#%N{ox
zm>~u`A`&c0mLu&==t4sz%jap;LnMXo2vQsbmIadniIF9W9qmD36@0p!L%F~oV&yT<
zllt%H;Xnwf6_|S!;ybpZjXpJ;67nVEwFnH4l6jKqRFiJ241|lp5MEXzF1yKb>KeXD
z$|4FGo1zI6jaqr@8$GBuqQS!Zi$q9k7_(@{OBquvk8(pP3VuY3Nd4x*=l=Yn*s}?x
zJ0g-~LQ#A$%PeQ3P*lpuQfI_-3PL|y>HhcQ;j(KucKLm_^6+S9C}Cdd#QNp&#P#w2
z4?aM_zw})mvwXi&XnibD$Ors(2aN5%S`OTj9rWJ8poJGXO&iz^AYWfLZ9@S9DsUu2
zRq9kf8cIV1LE;esACuaF7H0bfQi3O_Z)sQZHobheUqZ(ghwi5jk0}+>OYzdk0_l#A
zsAZ1m6M;FR%G6`RyVqiU6W*t@xG)}bXN>J8hPvvESn-u8(iMPr0cwr9XC>8U@;A0Z
z7BlPV>{Xe9xDT_i*5nUpN(=X`y_BV|Q|%T(%%T{CMKyQp@HixGB6Ig^q#s;!&#lZR
zWi}i&V?oD(5B9=TG{>cx47rUQ9(I*5UyW^>iWnDA-_EYmIQ-I3O)UkXdyi<9SnZo;
zan2KY%C0{8TW0xlHLwE5T_%oGR8&;+jmN%UucR9femCc!Lgo^FGCX-%h(g~3{sWI}
z1mO2-z}66KKh?gXr*P%@5~q;+V+sxA5rCYXn+&^_OAH-Tt5YskBXRELKup2LHHf0g
zw!2CtHH?I%9RTxwO`zHN9~oF3rcD9n1qiKGw?3@F;GFX`7Gb+Q;I%f-7Ss}UE)AV8
zJ#l{)TBwSn>VZM?14)|=C6IZyZdwtdw85|jNo6Q;m2Vuy0Wc<Brvef`xmI(XW&OQ+
zfjoOJ1<#TK`X{ts1<%V8p8=iEoMZoP$*7meG+nFR?D~@OBM1V5@S9J&_fD7H_1Am1
zmeBr|*i+>}eMzPFs@p4-Q4b9||2c?f9(xy!0vzpOOW}02A`D@oKme2)e~1kKDJf_t
zn<$-^g<FyOHWzI^`$j#)1p7pd=N^)t!H8A2F$@_@Qd&m&B_|v74f}3RKYp4^nE|sX
zASwpnNa2*5&=Ww5n6`nSjUH~uwzPB38e2WBRUG;tpo=sp&tzHy_ym<I`Unam2E0yx
z9ait6jj~)>r|>u&APiD+z>-dnbofi0hNyCm>3LE=w@L6hK0SI_3YC2NN%b=>NUUgg
zD26w^q2XMoY|YcoFAqjR?R>>_SLhhF<K?;1!spM<j;n@VgB_UN4!jf%0pfvy@4EU-
zLK9*}Yee5{52~UEws$WTM<PH<C#C**0tI+^5YsTvHjK;u39}76^J~%!o0Pk`{X~p2
z)4ensG}i^LpKKM$^O?}Y^a>9EJU7V^-d(V^s`{N3xJnb6OgEokMejnKBI-in@7muD
zCd&pLIw|7<(iubTFT+OjLc@SAy|pRNkyg1Saix@t#V894?hyvBMym|gkx)0sTC1NV
zS}#bY9w&_vNvIVo>sgmWdwseEb;+QB1H#Xi%BR5KZJFH5#V~z=Mp)hZg_`~v&0fHN
zQN;}W^AYN->vw={8iXu-iSDky*F;$e(C-HQIv^M77}Bryoe_UfMyM?|zi1<CHB5T5
zMI&U_+e<@Z#UfI%5LmINczFA%L(1n*VS$m1*#+NSYgp;<<BPbuyWLqiWscqWjp*IV
zxAA;}6$t)GVpZlCk_uUsP>~#8uMbx)f#OHQ%vk{2zO6Pm)1!LZnP3*$q@?#n=S+)+
z--PJpj(*>8CS@Py>Zk0>QzE)GOE16p$OyT9A3VNJmxKkQ@Pg)2{e}XllOz{tS|acy
z@Gb?E7u!K!o2XL(dd`|@X5(#({@*5O=>X#6$7NOY%l)mwl+07m+{80ENS%~#Edasl
z{~8p9Oo@|TsGtr#3WnP?sE~<eVl*2-5rN?YkLLwlXw=fYBq=Mn5?J}Q!WqPAbI-qC
zkt1lcFfYYjNhmClCoSx5UUoiSRvrFbWAn}w&9Hk5uv1r_-7tI!$xLT>d`&TJSV)V`
zcaV4}DrQfd8k?;`N#;iFD%OH@BNH~?Ms`BBx7Ka1Hn$aM?FU~`SteRtj{Obq>4T~E
zm23wy+}eeDAKu=g-2PW`sQ(SR(C+STwA))Pg#m%w+pky7x0}vg+`kVdXGo?X61Rq@
z^lWl`ZEMql9+rlJH6NUTj%L#q=-cu;g$5!pq8oc^Ukyh#j4*K${U={Qa#u@p8=i6W
zswPITAp(b8u9AaISK#JRJ;AsEnR-E&9V?>#-WI<itWoio{*H2X$UY{KQSAe#uYZbk
zg!^o<zJoa3@^DMINLtdUzG*d9qWOOVt$)gb5uwsx=K&z8^73LHLZlR!R*?1a<~Y75
z-Z0Z^_vtnjsa8jFg>Mb3)#wFbTt?vf?+6Vq%5e2ogUpufdcfVMHCG%$*^@|O-YZR5
zDJr4A5zs~-iX`%?tf358{R8o4a_g&D01CGYa;1@)N2IGjj96Xwl|hBDjy&yvLpJ)z
zygoG<&O#-D2rI;j`s5OGTK=7TYY@5*1|Bf*ME?JHyuN7PG}4pRjuv@wfYfkrq<?7o
z(v;c|iP>L5v78#1vGvsF2t9J2_64s5%b(#|&70NU(~=iYJ6v92jn9t^9R<O@8N(tz
zea`kKrTl{)^?+iZi(4miVkpmcj@gg9QYr&UuL3zIQN``K5d+rs)u~7iu<A!@sGxG`
za{VV^(gn5{z4wHduKmkl5A3RnD<0FCX74JVzr>SmL|hrAs9NE8=rr@QIK~V}wosWu
z2$TtQ_DkMxPH`rz^n5JN3tWvIY~iIEh2jB9>mBNh*y?StR{wq-$wseis!M0fT}S@`
zF6>(#e~SPr<g}K;=`f*!9Aa82F~zp6JO|z$L1E_`!jkV876_ty*O|JVE+<9bM<QFP
zpVIuJ+>w|*<OL6qjjNn9V>Cyoc!GSUF~c`)L*Nuqcmh|NI8|LlbWTg6>1_+Z0ZbG+
z#`C$U1ot!#x*#TL-S{At-w!mDDjY?zDaz~Zpco1(Y;K~{NO2^j6a$k;A}B>h?(|>?
z;6*!NM+*5G4ATBH7<6@|#*XgkT<*+a6WibfBtg*8(p|t$YUFe}T)xx@lx{{EUK&n0
zGIUomS_i?85ZfW8Yz{BWE{6|j24l+QRfVc{rlu;iY*6zx2qjREr!`McV63QN;cF0b
z;Pyl{fqm2LP{E|*eCeprlv7qoL>Ix;nWZhukRC?@U*x|e=yR#AILO#M;&Uk+Fw$-m
z^X7JL3Mb`;nJueWhJU&fgWs=$bo^L~*LxVa@XI@1Dmo9s6sv-F0V!6xYK=q$>N%0!
zbPc9PEULy^x+^P>C|&*)I{znKCnKb{xd;khP(DIfy$i|&X}N1V!X}Z4R;6|QESts%
zUP)dI0J*D>1e7=y5F%h4VwI!IgAoYpsF8%Accvsk^_eWFzJ|Im|Lpe}U#4*@t}N5k
zh9^1(_#8%=1X}~)-M3|9v$T-H#UqLeQi!!;tgS$qV#|(YiKHC=0T8Oe)u7B45*eUK
zpGsqbSfKkY*9jZ>LyV`o@GcwZ9WVYAXqY1TOO5Ai#?cTd)*wtg6jJ;?$--n4^*AYQ
z3~0^Tf_{H!(Rg27es-Cb4b}d#JSt2~KOMaf<g=$AAp9dA(5Dap001}e$8>QcPcQ)C
zDVL4M74m{DW$A0kS&|wh9|)j-Ig<=jO&ZW2a{mwwFYCM8z+W(cEL9;n?(BJxH<43E
zb9$n|ka*FuG4PtAfs^Tr7puc>*M69=Y5dZq&6DStraa?gxA5EppJ--FGlusa`fufU
z(OUebkv7IfMt_haCIot{RlG*r!Hr{HYsCp9sm3A4Xut?7)(m8GR_#MJVq-^3jbM<S
zdm9wV+!GS{pjAuXP9{<ZMW_%=qns)Mv;%Sj;IjMbCwY^QSS#a4<->&|ZEhOScB)OL
zf?wSMe9b&>$*^;WzR@UImQVaTo$WUfm_Oq~3T$$b^Q)OTqNW(JNI+T3mPLUj1Is|e
zL#Vbv|JP}wf?yM$sQ-=<_`IKp^L5+*k2qO@$|?=6@JEnzClif-0R2#zCA%;zI?!S#
zq9yC`m94Qg@cbgedH4p*IOlj?!<3f2F8k-TdQmmdv$@oo;!9JxX4}@B+d?WGO+8$B
zh)ww>4^=Ju<u$Jce4_9o547wBAkx4cLSh@0>T}8w{Qwh()UIfmi$^j7kd;dyj+vZ3
zp9eL~7!AK)bVhYR<s#p6=^dx(O`yblz(N)W1q^Ygug`$;ed7z*fv+#ew{<<E8LJ6I
z7T84S7kY+!Q!R=Srz2@Ua62ekzTZMw%UW8yQoY09p#IjMNH&2(JKUZNw4V86{Bmku
zOi{nnEhqj;%?aJxXzHOc@Bj$^m|b8<g(;Zdm%Np_iZ7i@gemkzljVGQcF&~ix!&4&
z?1dM8a7CQ`gw+406?gKKaJ0oHx+Gy&*LH8o5YA-y!$?^-QL_p!C4KFvmm(EDFsin5
zaSFmR(+<=dBvjo)phV$2_)EfO4Cy%}fpFPYiufn>>N0Mq@tMfn&{1Q42!L_Ny(wiH
z4rozY9Wn2@pyIw(#yThiu*OUku}`G^>Zx*JKHzRTW9^X;+>)T94ia)+!6oQp$Q{Ak
zfO$KDhy4>1V4ij&>Byv@Pu-jaoWaw!%6opM<xJZl#ZUq>dD$KT3lge0<(#ZB8#d__
zMkka`2mA@FuSsL8;<xss;6oK@=!a@vr$Uw5Q0oNau}Y+E*AP*cC#|^fAEDl}LHR<5
z&zM;zRE!W3{OC6XQWaz^(Jp$c0xJwx48zrPnB<jr+FBs<lpS$w!fCVGZE|R-gj*3v
zK6yhs1dPHX^Q1mCMayDDZ0Z717mUwp=$#h6FA35IMb=|AZD<yMIYVVya&l3+GHoa{
zR3ER#BB+c9j5qXa30lLM9b{3T<KI6-Ir<|^%Eti4LKI}rcE8~%)dWVIl#d4~bEu!9
zfzJ(^i^6EW6R_XZ56*40`!jQS*Z}2z8LRfEuJmLP(@dU=r6;25-0s;OXRTDy_S<JR
zXmLIVp>r-TYbYvfxZvuJ%|+aj83zKVv8<_c(=Y0Ce(iNV!5rPIZff}-_bO?Bva8?F
zEj_n+6EJz9{dzjASRN$b`goFwm&`u0;DEEj;wzkU8#x^puH&JvD^C(~Of;I(oB+<z
zEO2+{Evo*~8S-R_O8fcofXuPh{br_E*BC@akV8t;4S5SsIC7Eu{J0yrRT?x#I-<EQ
zUD+$M{K7`&xF4#>jSZ?U$L85%&Uiu}!82F3CuXogtwV7;Xis0?!Ysr?8a@Wv4qmHk
zL~sAmmH~eQt$<zS1uWutufI6U#kIlhrf=ZoCQ3?~u!u4jGVHh8K6IQn@b`H)lTI%P
zI`;BGX`&|UtIcwiqSsPy?hJ0BCQSjZ`v8d!et4p&>)TZ>TQ14(+ZB0zUswi#UMcq4
zEu+E&Nk;~YpYs*x0hOo<XYTnwu}?Y*Q-1<qbw3896zxj`-8)yYoD;?=FP>--Qnffe
zjfa=&gO$+PzCt?_uYW%R-Tp>~^X7-Y0-t0EgO4^x1@mt(?ISz?YI6q2BnBYe6Ii9T
zhy&8Fdy$At-A0RxrV(gEx5_sn+y!CRH-i5_lx**ZiBkx6PIO~_K)Rw=cFpquQ7h4w
z{Y8R0W;oPlIlNi{s%BS{-<4NjF*;%UAz3e=Boj`RAv2+i09qBGjyMgK(r-HmKiXCx
z9676f$H=eeM-VOu)A|`{r+7kIzV^9X0Y8nQC-!&Wq+ac1risWs&6doou*+&sT);;M
zeIMsGa=h4xeN}$(PM1?CXkYhZy`2A=H}+9pZ9jBlQWCNs-{B36i)K5*c1T5-pe#ZV
z2VpOr{M!3q<m2lm2i)1pw!_!#N)*%<>ivFyTPc>?oTde(c$P>=GvrJ8fmO<Kbxhe{
zNbWmo-W1k`yZhI^D8FDd4it7+%zi$jr-qxRPTs?_hzU;muLu5Cn(Ebe8Z-?B@AFm~
zkyq8ux<~XHHD*Vtbeiy!r9u#!#fHmc(Uq22vc~wWK0ObU@bhV2i-Ex~D)Oy&uLiFM
z@06c;Vwf8BpUa&}mzQsp3#8s3L>w(+D>uTHa#k9=Pa6BwJFTmuXlto==zELrJK`JW
z_0^0<MQE$|2ldNR_(Xl(WwLY+f*<sKTmR{&@YpB8gDsxmljDspLwn1}4yeYIiVKJu
z$}McX2_9=BY8ufL9&gL`%Gs<;q>YBZqOU9xMTtorB;w~;fm6nk8zZ9;A-8E)sjYFO
z_d=1l(<X7dei0_^ZCa51f>zsy!_1OJn^{jpV!<VA2>x`DZ@(xcQd<05Y90M#d<@iW
zisX_CfDH+^k+Yxdh5C4UYpfspF~7I#l`{VxZm8Q+E{g&#!^_54$wf#goC(bMYzt$n
z&^*6vaU^3?Fr9xq0lS9&gnw+PxhVBZdtPaE0@Y=nKDAc`(lAUI6>1*zjHnuf?bc7q
zgHe}x{dsHmT^U(hxB`iABMOfD)IV#}A3eL8xtHyEJ<qU37++{c8TI;@T?#C1Oe>f@
z;!5F!7p)8sbq~pvmjEnQL>ut~jrnLS=TA15b7J?^Gt*%I4#N&IKM4}pMs@9zjAogG
zeW;S1%BM<*i?357j7Z5PP_dqt;DW8TG>B*#4k&=U;IGS91C|@H@2i}dFKFc5l@wy|
znLDk=lO0_^83T)GKfuLqmT`)%u|mE|fg`Iz-weeF0_%jYoWX~e7XJeNTSV7knZ)K@
zW$@S+Q&Z4y4VUsheyVenVh7#<B>3lUFbtea@Jo^r<QQ1vRCi)N#hygP`Dyzc5O|3j
zF}6tOLTTB<ZXAO^L}bi@$f}R{?v-R3E^WnVFzfvHEmXx|WE+z*MCD=v`+V=9-yxWS
zPMlr&>!Q{yjWLl;=OLm&v*PyDD~qv_B;+Y&lVlUC8e2D-BjjP6!amHLDp7PBXGM_u
z3pcP9lY;i(-5<x}DE4ZP=ktO1X|2<N28|Q_WqlH!`Gu(WZ-hGGxH7mS7EkN#ks?Vu
z9;D&ID=*YVcGS*r9@v07K&MT?j8+ED@}qdy>S`mbo|+z`+9S|$8I-@Y|JwQJcLM>(
z<Uq|@vyu7g`q@?B&GmqnKV35>**S4aV9@ZXB8ODp2j`)TM-yTrRJtY}sqvQ)vB}06
z)nnt##N_D-eI4YbLIUyE2Ze9^lhSdP1{Z86xjU|@<%Bb{*$0F^{GM?%nuxcOE(I1-
z2Mj!%4{{OoWh`|%zB)Gf3cH}4Do&P-T%bqQEB>O7oqJNKp5rF6yYF<tDpc)}t${@{
zM<6GV6Fz^KN~a?Y()KkfIrJxSis>LEJilDN-ruoi^vvrY>0KP_{r+SkZjLKT$lqf7
zl=Mc;!k`OI1py9fK-;1Mm$BN%g|gU!>ydICaIT%dK>$_&NlS76<6MN}nlJFP@W&)=
z*RAoK2+e@KWaHT6ZdTivJyr5bY%J&>1N@9=Y}xR%?5-fF2wOmO2|#y2YF`H6tUGr<
zGrD`yFh^kHkvY5TgukG5G;fpN&_gYIwkM>9VifK+q=Bx%$8K{F_#l_Q#7tSQkdGQp
zRD&w-AW&ofe$LKxogH+J;ktyN(2Qk<K9`pKC&A*(aISNAxsO%M_a=3TgA(x!EA-CZ
z;Bxaf2SOyY+pBcC5I|Gah7ZGPV{Cb2LL%xM548g};G8%~g!l>+L9x-!*=p_}=u_d4
z98^Kx!Q*MdZ$u1l5Ntl%6^uaFgS%Ny=ug>DSqKLvkegAmIsW|I)`24<g6_t&8?~02
z%7^h+f{9`ADHk94!o1XQ@Cg0kj8KDd>*CBbqK*BJD_`Bg$=0#RtrX<9&DX27Kk<c8
z4{A%eI#$~^xZd+wBPZYW2%MagtN;$&q)f_-``S0?wZe2z82o<M^g&<*MkzNSsvm#_
zW`SK0Xq8lf+9i(eLv6rQqCptUK`LWqEDS$f5J?&|Y<C)hn|PGRn272=iEA}b*X*jk
zrRF*O`X#>=wqU_S9)`7Va_LOs-6E5a(7vyHOzn##1Y1}K#U>w;@d~k{kO$_v(hfXa
zEZi>p&x8NL0>)no9B;*&s}S;FTyg}Dp3#Q-$7~@X7)sGn_A?KjAjDAGz7kQBj!gUw
zc3+4bMv}Pz8(pL*IJXLw?M^*`GiU<L3vNZEDzX7%wN_N}C%5szX)q(fYHy%?gX~MF
zr1FC#Jz<raEc24}ue$sup}6*<C;;vIHsHS{rn~&VH&&t(>4|-1wq1YSztef2rnj0K
zcX=_;u}n0kZc|ZgsMCc0!w5`8*vO4qM6YxOqP{<9NE;iAmw9e>qIM2z0D~}sG3ekz
zTD#KMomZ!(3kWdV%O`nwS6E3ZQ6|03`(q+`c5TJnGAIpHgG<t{g{M%^O5-{n6e3s=
z4S9Z3m=c@(jR85oz!Bvxni_452rmc{CzlzR`DB#l6S)Lt@|{)ZG?1^LJteEr{RCCm
zDXo)OVXL7afFahi0C9FJR$7Vp=yp~ymCpz@4cHZ?lYv-T+=p&nzzxo-8s(fP31-!l
zAp0!HHeU9K%7YH)pw0N_sOKcYv9e3eD%iRmb9p{kmpe)nTe6Rcf#cNXlQk_)*h_};
zmN587{-+Zve)ed=j$uh}QQBBNnvn_sX#j9AK3M%p5Q>6b3pQ1IS_PRgjSU&SnoPPG
zQ5hfQG^Hv8K0-|oWf8M0z}W%7Cx%DkE0wxZUvG!!XA|BzZ%Wd{j>rPz!)~g#?EgX(
zWZUBTJKhPhXU_ngHQ+blkCFZ!Y#&q&=$(eG>^qacS-e_ojYW^sj2ti%j<@VNVzg@R
z^47|mNV0X2n;J0%k4T&DS)MVa;TuVU=>`(fC-sdo9V#a&z+^Bsp#@zqnx#SrNuK5a
zgfe}A1xJBhrm0<ad<M>N726b~+)*lrWUM!YfN#)}#Ils9+oP-U!>zIl{<$8)VF?ET
z37P=nFxD1Xk$B8w`13Ry2}@|SE)DM33L68ul;?HOR`vHnL7D^gDicTq)WSm>QXyk-
z6`18qm4xoZu&SOD<*-?5feY8uOl*rSOZQ-XXb7Wc+E!%d5*^t7=ni?Oz6w%=Q<iWe
zHR}rN4s|zhCy8ZO6J;TWpk;l1+9EG`(8-<;v;HSRxs7SOg=iLQC6PBg@&1u>&WGTs
ze*&bQ;9kh4LmLWO=UyGIj_pNjUOlLAe8aKWBpR<PwF5W#9aEm>!6<(|VZJ$|1W)T>
z_jG=`l#uzfa#*>3_iZ5z%j@uYU~tD;O>tfDwVVgFM=&l-sn6L!>7YHi&sd(_4m0|)
zV-k}U8I~!s-7Tw6YGKVq4tBw33*fuC0fO^PTRAumzyJgu0Knp(iJLz}xLSpvHx*4+
zuWv17!OCKwAh?)_z=Eh&WEet(=n?uT8w6Y>+@LYE2$#a0#%1Lsx_aP~y@N4Yc59PX
z3*VPw-3tI|sCbVwK_%8S5nImrwJC?z(?V72!roCyqXg~i%vV9Jn((Nl$WQc5VD)iX
z?^CR9$<6xEHHktpkDVubKY9OTEQ4G^E(cBCQU_r8a~y8mOc_QT%;1}fn6tH`88W~6
zi=NxYTn|qNkvJVcGI<?=R<pQw$Yk=7;JKH&2yW-|B(nO%TvKlNG?t7#>F4+g{`!0=
zzxIkg5U_2WDly7CFKLg<$=HJoKB!}#y*OtYyp}^xk^ijgUlrcib~dQri=>b8*?Z!n
zy03}(o7jco+4btMaj+-26F&V!D)$h!SAO(9vE`2}+7mrwNc+-Pddoy~EiCzL1pDSg
z_=mJ!DK_qmdaU4uzK;_<6GV@*dTxAA16z3A1lx(_-p7KFjJmkAh*V`1+)%%gU`AOq
zwO|TLf?~(y<yFZL<LZ4bOk_dsO2lvqiphyp#H7I$3ev1K$?>ZeOC)3nHpmf@(sbg#
zIV-Cw($1PF42OjH?`}9zNh%Unudx{FilEnM<V&@a#KhQ}P!sl@e@mGW1elwQ@t2tO
zZt%Gu$Vf|y6>*K?#4xB~qP*Aj{iQJ5$TGC;*%KZj7ho+)*)T-o5SiR#{K#hCO5+H1
z<Wn&EhajmE%x(>bgY<1_5ehG`6CG3e@)E-K2KQU-H;I3V_4e1>&9;72r9DOl;){wI
zw6jIzwS71?L<%WHj0^$0HF|Z`Dl%Cr?ZG_<$5TYH+Ke_FLr(vs2*-qT6`9PeCPs5O
z@Cp%??NlRbWR#e-*yBj|d#IyOov0+APHD~P5uj-MR5fHPO3ge;92YaD2>l&O5Gd>F
zc*;vQ`*)5TF<R4f5bOC+7*t~r!x!QwtLZ)^$^Oo_{K0F!`Vs<P>QMSR2Lefj6<KxB
z0Vu=56P<C5AHlJl@^fY^`g)$$1z1C2!~;3G!29>^G3$$KiEXyG@imQpPSf53vvi)f
zzkF06GZan3L1#y*U@Rx2fcn~okBAzN#$L^+Gt7D{TA5M8MyR=e%SRzM6iZrH>qanz
zpSf8hYL;84R3r(hgBN;>^vy|7<DN3jn_{q%u2)kb#>I@yUO)Nc^GZX;0XM^gm&Ok;
z99z<KDgT|da#bzduvc&BwbmwQy>PHx-a4vYA%P1G?hdgZTghpbsOo!S{t<+y6=^cm
zkT)6xiS&g5$kOJsj~v1iA%B~x)9Q?xDij1XIvuB_CLqaBy_6`aDi9HL$_?FhE9|<I
zeeWU;vUl!iEKNDJ&c;5NaeJ;M>1>JFwZTN`A_uRfE8`>O^|7$xmFBV<w$%H~%3YwY
zQ4Dl@ZZ}keBXU?DaD#dABW94ms5Rs%?C26KLu8=D?u3CfV+!|Wam_e6R;Bnt2_}X7
zajNI$iRf{ge#FP=6|PwW9(k~kBh^*%@(QLYvc%ypri7(T@WM@zyX@#-M)V<3Cjr`c
z#hUbXsEGBFhD~n0gwv~{>`$Bb41Hj_k7kQ^%_W_=&4R8&s%2z>7fpg0xLwSI<p?iW
zgWOReGXb#<dfV0ApwbH$1IRu(qmxcSXiRzyy;7o-_zlqb^C_dan9T%gk{ONW5Z)Wu
z;l-utk<pHE@YvHiepnSQN)?dqP2!wuxE<13<VH}R>k%NI(L%64#}*{c+)y5suJ*RF
z-cJStFRdDvu71AXZ%Cd*$4*Ah`+9@Eb=GdwQ3}s=i70buBPJD$=#BurWu~Fq!35^}
zvW(Sj!%H+gd^RS4jgqg&p5TSvra4i<hiQw$Sr_9WexPgzsw|qGmew-aWD^DjeZ8F#
z!%Lmp$C#R-K$=ABUu=h(^Z?}8BJmBI5RxHM+F|NO6>L)?GMO{r3&Gz~azhv;ZNZJG
zZ4Jpik_*C-{C;mf(~@%M4#2PitO9Zb9|+-rdbLnJMk}FL6A05d>l<+atftudn0kFf
zF?T;C=sMf8Jhry3c<EhedLK}ALWlVpt9}=4GiV7T@>Z6QQ_-=IhUopGQz=D8*V4A$
zKo#Q2n3-71O00vCdY;NBYj`M~&2;M#lTs1uG3=^*9{4Rd_bIUx)%G)_YS{C@ubfX$
z>Gqd-RLb8MvQCBd?356<w#J9LINL5HMRu5Pq>LseiJ;i4-)|q;@S<Hny}GL8#_kwV
zkA#cQiG^iUw#<EMEl~V>rbu7Aes3z!v{RC26QRR5f0bBEd*1V<LLDifsZFGHSS*Mn
zHt1kgtYT)T*o^gL$&K(pk|~JvKDPatDirCIa~mJ&6~*ZC<fP=q-vVA?hvKZxNnX9R
z^wM7tiNI;>>1wCSk+_SJ(w>sBaSt361>cPTXt~r?ZvA&qkHMUD?&g3G>zB(k61>J^
zgzyfWXvfYD;HgTqs$D=N={QwR=${wE|NE~1tZsdWOEYaXIBAzBN|zL#PI)dO){}0q
z&lQaiVPL++WQamgyS$A-<&=***hsnX$Y2J$-La^glF%nuUqqbugg|^JW2`8pE@+HY
zVR+8!r>+pV*EGAC4bg8Zm4s0Djkzc@k}MCKL9(A7%t`lh$*GDWvt2RwollAI4>C6n
zZ35{w&`%Z1|3i=SiqWbwD#NZY<;w?RJxpE@x-{yhg#Jj<A!-DvB1Scn2(x~EipLa7
z6zS)*^`Y9Nik)&c_j~Ak{`INwld1o%Dh9*TFNhcq65&R2j7fVK96a$5b<6y?!UIii
z<f<Y$bmB{$1&;T%<iautgb*p^RK$oqG^Jer+B!;~qa&T!YS@YrD3>VJ40r0I^!T(M
ziWQ<C&cj{%M%PB)d~i8Oi5jmF$RR$9r+B-kNS9+sT{8@AcN|4%nNz%K@`TGrJ&Pn&
zaR<_01I_KA4wkHUOLWCd0?QpmBu7zhDH1ZJhr0gXr^vkYOG3xUs8%GA^^5Gtcsx(c
zbd77r*~h5Foj5;x`~$P_;RFhpzJKOi<CE@umYd9A9OcGm4VaKwAag8coJeiJRT{Gu
zX`Zg_a2?ZW5|@(A^-+ClTfK(K?R#eREnx5MCE*vbF-oMKA6{I#eCpozQH3p@wvEfN
zn;qaLmZJp{jxzP$=8Y)kdy_alY8i!t8;~-zOv$h<0@b19dh$9m-KBPo;Neg{RYe=G
z|39Y~nA?!|FIxk}9;F52S&bP+JAY|RC2l{6h;PVs1Z)(~VU6n}18H}!U7U3u<j}0G
zG|}G!odPfF3AoONSa@(9nuTAM+wEIFb?7ZgPV(Rn>qD+U&Xixo!vPeNUla%G#KsMu
z55!Ux<Mi)F2*XI&6{xE0>2EJ69WFZpig~6=@20`K4?gr5R`A<SC>iKoQ$THP74(TU
z-D?c}7A*T@)HGYOVtq{*dU|Ea9>zB{srLz6JEFB<$2+~XEVsM7fqm@}FU$DAEz$s$
zQ@UTd9+|m>>Jj+tM@j-GIjJ0>cTSqO44e|m0~r6?SZ6zFHWE$)HT+oPn!kvh@H5w*
zv%dPdK4o3u0YP5niAwIPNc$B7wspl4#bPX72Bac)TW*lUTQZ-7va{|_*wQuzi~`7D
zr`gBQ)gd09`OiL;z9IFQ;|Swqs@*E%YvYE=X_Z%iLkhS3g|-Q-+kxDtNaO4c3QOKZ
zpU5508f?|;?gIT5uib0sd+3&Hzd&#r%%8_yiby3dyN>(`TswjdKvqP<pTM1|ahQLS
z)zKe17t$r#KR7C-9q9jp>{O;F(B7(vr{Su4E)<eL-56+s&1;ej{>%9g7+V<%9YYfL
zOTE1qcQXY3d*^K;_863f<ZsuVkf%&%C3_(3)Mb!N`Q=V^OdK6xD3BoCt}GtusgMco
z<QxRcg*|%}d2*>eYnjypew5S3d=0(JH@8lWqt*J`?P`|QEyr!3+5fB>6irT4TpBLR
z&Op`?4CIi{&1{Myxdx$y6l?PrWHCZWd#eJmC`tHFA)LpK?YznI5WFO#+Z)_yK$7>?
zqM6zvH|MKqx%%mP;1yt3itbBJ|NIak$z&@is=rigsL&e-SX}&kum}c`v$@Z-ucJVu
z;qv2kACS?b{V(p3tOdfaa}&31)%0x`w_@IT;#00%^T6amrY)5eKHX<(0Ckcd;hyw$
z0*Vlys1UjG5v8i~rRwG2aKZg}9X*`fJ@nHzw*QW7pjx1E<B1uedg>H!q*pK5*qQa(
z88_^Af}D2%JNFOi=FfEOLj5*cUSs%>wPBGOk7uue-9URVN?b%YFhJ(PN229DV$8M(
zs{}`*n_pL2Zpn93{}l!87u9UfzJW|jDR9hU5p;na66V(U9Um2z?uPY+dHwd`y2VoR
z?sR;kl3R_OQf(shS)u$c_0NW{NL!w32HcDk*|!B}-58LLj4V&N8ZL&vmVc2djMige
z2TYn*xui?`U>e20SJfY^k{Z0MdtI)tUEU~tI&2lR0r9%3-zc{!{+5X&^f~VxzFi?^
zjAIcQq62F3GstfjZ}FS5@Y8$7;MWd5VbRJM^Fo}UM)7`>r}GG_J)%6-cAWT2^SuBa
z&?dp!%wv_1UUkQ2e9EEVbs9F&V$>r7&U<cjN$T>sVunp7cc+>+O9F0tN*D3Ea%S0m
zL{N0}dq~1Zw|huR1{1DGU(TIa?qgy+zZX4!@}#42>8zYMfoOhU(P}BCxsKOfY>s}w
zGK--0ILWF$BRTx_rA%+ZS=ACfZB#>yD=yDRLbs~$F!5V%avzGF8JILexf5rGKdx(B
zoctq_Yltl-S5ZV<Ef;j$faBee!#DiZ|8jkF0)GeDh=qX8`vDsU1TPyl($HnIOB#q*
z`+3Og7%QaBo4RiIZHpAU7AA`DB~u?Hnhtl$a6e$TkpZOR3AomR<;Hr5zb2AQ=B5D;
zL*1U0TLhnKn8T?B5qZt6dYb7m@SoGYi#?k<;TMq|1OVXsi+49z_)F|1qp+lyc`S66
z21xctLyv=;rc+A-Sg<J8DQ7Vit5jclXhC&mBuzU)Q1&m3$#Hn;P(hCDzZ~0+Y5F^r
zq0J9sJKsq%VZK;m%*vd<y7_@=j|}oIm!C4=XDKR&5sz}=;D9l*kv?Re7DG{)W+Y_$
zRMu{mM*c!}O8%n|KQ&wi2#TexMrtw7(mU4WslFQ6>w4#l%|iGD;pJK)3&&$bC)%~7
z9nJkI6ql-m%W^f;uUE><J}={+kP<&*6gi;FIPL;nuY-S(ga~zcgaCd;!fsjP3c{NV
zl-i^!72Ez`s=DtPepdY?6t>@?wNG80;hJ;^%|MAiOzG_(G$d|=nR@6!H2OA<6(KsX
zFm49Pp77j4r)2q!FpTdb0cUrq!0)K$DRx$QqJY1-AQ$X3c9|C~^@*Yv=In;6SUOy5
z?Fdfpmi*GB?zFhZ6=e>i$m;~<-{K2BK&MBVstsnq+1o|{8xvV7Zr89J4&PAIYy>@e
z2Cq*EZADE>8j#B`?CrP;3yk8pk|hHYl{CP!Z_T6#DbSdJEObjl&a?@-8P0nZ|3ct4
zE^yZb_Fl-mED{dZv?mv9`>0{Tba_E|?aR|-m~<NzYYWP?e}FJs4U?H>oO}hCrhia_
z3gYJc2j!QlKX8R-BD<xT7|*&=#V(^)s4*uSzCejwDAqKS?1o)mH!P+no085}rAjT~
zBWy(`#y+k~f~C_<0{&84Vo5;a5}zBZ3<fWjNw;gMxgwGkXIUYK@P$d-QXiL-34j^;
zo?LP#C%U;1%H`UZ?ro=^M7iIvrz|fYQ-rv|&KrTOI5?r;UJ<a|%c#ePQ&Fa<%Tsto
zJ^5Wdr5()4@MwFhnJA@NRKmf|pse%TV^YavECCj@M!N<8@`=t|YD2&F(DTDNWAgec
zfCX->;RQ|z%WrId2%gxxRROqTEnvHQANZ<(oPx_1a0D`3Bq~7sRdt9?B11p0sh@PJ
z8G%KVjMM(LG~XA0FtR{ilm~>pe{L_p>1iZ;|EdAh`h_xnB2>5qAx~q)^>n16XjdUw
z*Yfs!@^iDW`R(lviPylOB+?!vp7wdt@Wf+&g;sW_0{-;jimIRqG?S*8XTeFNf64Hm
zUgF=ocdMYH)#48H{RHj!D_;D~?~Feu{?Rcf8#Q<Diw1jNuOt2Tms5m=^*e*qMp70}
z!Nh<|VpL2M5X1^n5(t&6$-#&qIHqsGrJdP94lDowU`y~fSM--1v*k}nDZw9t_$#24
z5sj2IhMeO|2IrEx#D0SE?4$RkQ!XO8ko)j>ZRC_^8)ZZZqM=*q!RT&v1Cuvgr#v_u
z<E<y={n6CQ+5wS3*@^rPsbW?i0Ify|??C~PURr7<KrMXgejI+UJ^O~^e<$35sPDF4
z{jkjw_Buw+rC!{6<nf5w9Nb0hH%Aw1ydA({6@NDlkT^ve0sZjyA&_oBx^LUh02u2^
z-b&Lau%^rr#@$8N6m=UXdliwMm>^dYK@Kapk`5xZ@4EA^droy@TkPh_%#L7Z;h&^h
zOu>&!h`Wzd_`6Hk=(!ea5jtiS)JmBKJ;i7-ZfT=i3fLMiMR~n!M09WbKE%032f<^B
z&4P=uwU#}giq1ZiG#mkwop^uoMkFAuu06!`+)7aR&Sa(?&ZuFK<{l;^kvl`Ok6i#|
zD&~bdSvij4xAD{cw2%443y$Eri>_!h&3=^}sOJ*1w<$_p4EF9ePFE(k@YibL6{|nB
z_Su{G+3pHfb*;@6hhQ@+5sVowXzP`19h^Zem^PYuO1g{rCyHu#p=PO7utq;&P)G5W
zfjUCC2(X=p?vg?|niT-{q6iASVrrd+T^)i^g}puUNHSbezOiu0LIH8B(RaN@LRe%4
zg7PE&AtJu#hd;uRPaESiFM`#M(E<yG9Er%)*&($of$-MaCv2h!u?}tmiiL!Nv}=Vh
zK?8A&EW*&m22%CEWiHTfE&!KV9J2tDiKPX2<Z8+Un`^<iZU`;D>9*by%R7z?iTqXZ
z^0+w-*vR^LSALQrj44!nS>o90^$vb<8q^HcPy@1p^<fdY90-e?h4@n`t9WPxaSat+
zyN#senUbw^c@XJ{8Rr*m*_&>guXp*Hd7+CR;XuP99@N)o%O7uLs$-A53N1l&ajG*U
za;{Kb<9dHURfCq{RQcZQ(fe-AhVN;!hd*(q5u;Q1z`;zCmbR&TyIrb#KU0}b!H%rW
z$4dF1sZTXn3Kcs}>^-_Uelw7+vQe)7u9<={ageoSL<Vve3wbrHYJ!$IsSOb+Uv5sY
zD-G=@FX7AA=6Bc1rK@qpHsWcSqiTKC(IS@zYM8!LFhn8a8|gMunw5){OyqA)0N7=l
zwTVZSE$E=*Pzk{i&NI1gTrCa`^+Dj;8%rP?>63pcpziShc=C`X*avZ4xP(9ih`%GM
z1XUW9;spKdZQ=M2L3h+Tx!J!~yOz*_iaMoa;Hdd4eAK(5ytgBKb!}xsvROKZLX`~h
zfbq?7*Jz~!a|HrkzfO3DL?GVbzZF-GHiM4+=>AMyg`AWaJW#$8P$k4RJLJQ;W1#=}
zj;5kW{HP*D-kU*U=R90AP8IDFwPq3I?0*>SgX%1L?TJ8;p~;T65^-CfIzI}yDBh)r
zee)<*J}E`-=&Fz=AcfS{u1<nL4Fy82P3)~t<n}D~d_B?V5K*QErr9T!c*qzw&kwd>
z;YV@d>4|R~X&8n@<taTm9(bg8;GY+F_Y4PjjddWb5D4Xp$RWKN5TJ$CQzS5TAuD7h
zi%1i`Lb4(0PBe;nPjn-7O;6|ysu1q)t%<fO7Li6I%9l`Vq=YU;sfEDcSG~g^yB8qh
zmlk7>iG&p@vk8_{XAP@n!4w(`)lY&-K~G?`x4tGW&?Z-gY?ml~kEhnw`#u2)2w@mk
z@Z;+<$;VmDycp|6Sv;y<Wk+7Y!?KV(jZ1;-$BY;9q!3bemu@L7Hnd`dj82~yD@&JG
zM2V;~w&NivMjS*%2PKQCT5c$gBt2hRggKoqZkm!2kP>2%U-xE%q0kxV*tr3xDvBFE
z=2-3Dc3Uz$>P*f($_0qZc3SH+MMXDBjtm5mdl=s4YLcb7QO7gag{!^t?JIHZ|DzF7
zTakIKGwu0@<J3;)|8r(V_}6vyuHTvPmkRyy*QPU}KZ+3YYrg%#UmPazQIB=;H%0he
zk2CbYF8owsjV|qqYESpH#6PvX7js^a57x|7evlv^eo<t&dr<A!gSuB#nwf^p>GlY3
zSn%2c^o>HNG+w<9l0w3WDMC|SkK@h`fv(e^zL?s8<_H!_IiMq(>bzFh0`*DAwNl4p
zAd8B*SUxXJX*y;#zZ;?<!vRh7>`GI|_{V3;w=z&U_feoVOfAX7G~_ew;+kXk?aEg@
zg4lAr@gY<{ffWs)>mPE4{O4BkU`y!9JI*%bsZbxGQMH+JIq(IhL#*b12UHzDTw&ma
zhUAQ)&_jlGp#!vfwZER~h#WfY{C;)RpTxb~!X57B8&<r1dB26d=hPEmLD4@U`tTlB
zrmGIz`RhB>+YAFR9OxUYTeb|O=H6Cg<-3hB*><#HmGN~G(+^bBW-%NW!JbT-hVesl
zN8fEYf&{He&WJzmH=<i<)+spqP}H#SM*Sho&VzBQcW!wy@SU#q?PcOJ=E%2EdCcFf
zHhG8fdES+sYMjpC$RID`5QlwiskhA8I%j+*mp0OSBlP2MUn8H$AdanhKNJUy-=*F7
zlq=*_d)S5mQyG)IVE2rgRfnQJ$#ok4^dpQY0PHPMGR592`Ur<I780HAC{ciy7@AC2
zg=Lnh5}?}hfV+Ln*e6IrT-%Yh2^6&|E^i?P;us5ILZBh3axJDJ9F#qx>Ww3PqI7wH
z0%;9xq5$m1%QD*avAOQ8Io=oeR81geo{^B)GkHwnPKr3zJA@x8w%NQsyNPK^&SEDk
z%bC~2Pp*WyVI!4<ny`u9b0$}e`2^{*;F3k(A_D^$#h3UD5DI#q)w{3E!E^vXhkC*q
zJ!bbwnh8Z1q)hJea)#<N8$y-sDAnnT25k%@?hK2_$M!l1m&gTC&1zN`(09U%!H>l`
z_3*9+3f9PZ$5vxU!ndXVy^iJ9yTh$}{N?z4)Ss#RP4|E6|DOJ3f261J7z|F|sWsl)
zbB6u--5r4MWbwTFfhlNXh9SE}?o<9sHv)Rh(#WFAT8Qq$OFy3LF0^h|bZN3!h0w7W
z+Up&`L>swkKy&&TJ5%?|)J{qPl@lRnOHlu{kekfEzNUM-;opxA)K&;Mke?3XSW_18
z>he-QMdO7Zpm|6@#7dfMf(a;`4Tt0V<?Ij5*`0DWZlxcd=3QXaT+)^JJwaTM&^5Ke
zAronhu(4k`im$#EarnR?<}sA05)0HmAXR}o7*F**_hU=7I=qtYsCsIf_5782;sFtr
zLHT$G=QQxCH?epi_vh9ov5At(gD8hE&9Q;C95?fpKsJF@FOZ76sZ`M<nOIuG0m9uF
zjV-=+r@~O3T>=~e^>)KgY)g4Lyd7VtHj|<!aY>LN&8~R#UCXweTr%Z87ud{g2)HzS
zR7}94T(~95n3$p2x~edFTi3R~xZfeJ)F$%V7qlp!intgRlOj=V@7|;gVvgt688ehT
zP9S5ZQaH7h4cF#X@hl+WNJR~!uyrHJR6i1me=3?Kj6*GpKD2BjBg5DM{T-QD|K0My
z<$4OK+)NC`+<rz3o_h5ah+eq+H{GD0Eq(Y%>Qt%d0uD&<XoUq66@DSZsaFU;Z*Nys
zxE0k<Ks-jGKyITS${eQ#6h_l>Oko$uf#kzZ;GOy@vJ0HB9g+PjA+D%UwjAEU&nLW8
zOex700}c2#I7Sk|W<07&6E8WrKCXUeV|6DL>fjl-pCRV|7H8ndgj%(@@BR}wMoSH6
zsn$blzM@%GWeSPA{ujfew}eGtS|QDnMkB8FQ^AZu@!_KZX*puL`)W^JDU6iHmPhz4
z7ZdFxt=QHfOXUum6!X}*7r_(b$>}ekAJr$mZV`mC{e9u7iB47g@U#x#uYer0Q+sXw
z-t#PZj3P7Lx}Fy$9KTA`lf-kcK4A|`ztOqg_PF&eTHcd~PSI6l>R-!lf=dN`**{OS
z5B~hc(9Fi-^h2yVh*=!|R4j~;rAIFn2eS(rM2xJ+4LVY0hWRnrKZRVg-1y@|$`P*<
zKL6q4B4uJ!R#*Hobkx&)LAklv>#9=-cP7rtMh`7Zq|l%~no!LK1iLhlF<%$TvP6Ie
z>7Ve@@PkgvZL31Zm;I)>_eJ23uQU|(y<)VaZ}C!7Ym4)OGiy_WYw_1$f@P>KPHY|i
zw!gs9#ibRxDEzWC2*Be4A)~q%=!_zDU`{CVd87dsy#~_inp3aUz0m~{3z`Wf|5{-s
zFKYApq2n~^il4O&zR)It<eD4J$ZH(@P|R_~ZiUk>6r|h)`+~5BtQWFK$sq?{rkJTs
zO#h4F>3o-4ke~MPf?hzIm<9VV|CY&jfbW~=Z@H?bcyl!11OZr5S;Rnt5>KFD@pU#p
zKw!1<t5jJvjaVBr*GtciT%Pe5FNFKs0!D^rexuK4PCf8i#^JJ~GYmMqsTDm-=tw1{
zr9+dlWS!m!uApUNGR<`gD_%?|xfQ_AyP(+>HQk=(=bcF26&M&gB8E$r&-&9+LuqhN
z33o1ifZ-s}SKU8JXtin-=L%s#a+S<vHil(E_py8*p|76ITH5UNB2aR<2jZ2x<mnmM
zL#E9Q8GA4n$DNkDUb%bB1Lz$oo49YZa=!Z5idyYZ(gBIC!GVWRDfTiCZI^ULbaz~4
zi%^k~Ynv-U02>>+EiZD@u$R;?@z>+N==w32bH^O}*Db#@_Dk&A*2d86#=ual=+L~>
z-iSk*Oq8FIQ<{TNoK&Fa@Lue0!p_J^^{^<D)Q()7R)$#!WN_dX&}MH`LDh*~jFp~&
zaFZVTA*~LLo~rp7oGS3vKDWlN8yFf}8Jrx77@HRum>NqM+mjev+?yF#oOno4`+ijM
z{(e4!QTjZBbBfT3;xTJ`9UBb%82jA@oHQa!Q|z-*TP~!5@mM3I@uW`$x!KYQcyz}c
z`ZoB+x3?el+K-pEwzf2R@<YDWKdqwqn@dJ$dU8-;Zgg_LA9d`%9aYVrm+tk?j3t6D
z*r2<xy99Hpb_BM#0MqK7+%LvlpvOqSOJBQ*ry>7HcK=dGyT*KAr|oX%R%3U=PQQnI
zR)0-$ryc&ik+1V@@CU!<Nj~ZQ&n7VubQsi*RACrmtyBQQd*mxW`W5;Oc|w8jWz@Ln
ztU5UZ1q-qw&EnV8@=;lUtH)n^%fBhqKQ{Dl^YR=zCLFo{ezwMqFw)3~6n?BcsUi^|
zl5&RWFnjb$n6NoYlJT$owG>d<2Wxo$^_qXPonM#iX<jYu!cFA}>;<{y&pG1$?AJ8J
zaz0?YF^jXL-!J0YdDrUlZhQrH!M`nopL7oLQ3<IRe|@(ypkp~}G!|TRyb=epeSfuN
zQ28u9f$-nHSUhxk!oPxrqKEY3;uCP;)5qIsT-hx?4M_=$5G!yjQgaW+EeRe^XqkVy
z$8qyEY@-LiEmPCLzn9&y-xHpa0Y(C1$IXP5&4Nv7n*?Rdlo#tkEyLm))8{C%f0#BC
zu6w@x3{J{1neXAQn@)Y2j@q|1zM_I8$6at*c&%OoE;gVSEJ`c!LO~&oJsLqq=-kh#
z^oaT8-P%9x=Wwp5SH|2NBIz3(qi~_b8WHzGoa_%>T(J>;L_AeYD<jHNu^3FG^;Zye
z;6F{t4H0_)T@@g!uWW)b3&g_3zE#r=T})KOHd$7+Fb?}=kG@}0-tV?SV4n3H0QC&N
zKe9BS`n#!)9;Kd2gT2h1TYkHIm2v)CYp9Kihwl%i&B{$KP0Xm}L`y_8K$cBB@6`E4
z)&jNYq>+!K*bDjmEn6cvQ_*jj;P?Kog+G<3c?A1V>%!p8pD~|D+E$?~E5Hf#nlQSm
zuu3orK=49=DxWS7u$+7FQi!%Iw=FMY1ph{WY-c2=vHTYD)_cqa%@YSg8o``CtX{dc
zlJ~Wf#5?RO=dY4~H2{GrC^B9eRWxr`_C``30R2QeM&<G%yA%RQloAkdDoA*DQ)8Tt
zil4PH+$gMk03wwgRLUWPh{vJeY!m;5^`sdZYN|Ck%}^GLWaivmET!!-fgx?`ePrKy
zEp+M^Y9s(~r|V$_SY>ATEq2l8)GjrukiB4vHD#o4hWY)CHh)#2I`L*A`ITqxviFdg
z@6cw_s7ye2@aMnyunX{K?71sK9>Jsi>+ekV55}a-nk0BC_C{A~Pu`54(tUK?e9Zr7
z+Dd=^IK6_JiT=$B(yUz5%8Jl!-s+?}5-J+^0rVl=w$vr0=TvTs;Ksk|ILz!>{CDzm
z`2y52>8KY#A%T40OTqS<NoOq}scf{2yKJZGvW-#6*hX1A{Z?&@5a{MAT0`6QAR9as
zG#%Mv9gVm~H4K(A0j5-%1{|YH9w|~p{Yng*^x@!RXbeBp<49(_KV(@$_o<Q9b1Fn>
z9={y{tt$Ior+zp{^%EVf*nxdnqu2xsqS74sPPCh=p6O&5_Oiqysw8OFKPuBm1EUt7
zoUNtISMHTsjV85r-yR9+fR!=!sn4>HyVhns<(ZzY2#lRRqcn4_*a>zV`#gLT)d4r)
zZ&TY`nh8_*LUp){YD`7%g@r=^Pe8E0FfJFm;-Bdt-B8bF<0<x~#jR8Jt{azi!ByAK
z>^@YJD^oT&*!0ZCXDrPm!DOMr9uJ;|<dOg<&gUA%!GK~8No{^%tyn__jOsj;2%wAG
zv$C$*u#(+@-JC=U`>z<K)G8}k2)g8J<~>aCc2lG*gd;ywhL#%|J}_9I(<@RPl~15X
zrU}C`7Y6p<&4(UcPH%BXaf|nVuhc#on=$kC;`hTK?y?s-zD9mwa&E%gPJsA-S}O~n
zIFoe^5AGH`c<=y&YmhLw%s>ckK{L2ZNbun94ucJD0S4J1fdrR9f`-9Da0w(qf}L#L
zTW6Eqv!`yIbNjEZ>aObddAq;<zy30kO1NS>v~v+F4De6L5*<zcJRWu~h6-favJ2OM
z_aifb-Dc+`6E;L9oLt(XaE2uG1LUBXZg-ZytDc9^A(A~5`+dC?u=LbXG{FNaVmEwh
zzt9o<hWW)x7CWU!B8EE-gBm5f=B>pyK--z6JR!{Lof7q{SfnN%ri-{x>eNeGMfb6D
zB}3?_#$d45DSi9K{=9bhbk#Y{^09?&#rQxYpkYXCwPa)%c>zy&uOGO0m+7tOdUYYR
zdWHO9)R$M--<BW~1HQ?%zvU4#k<-n>jq*(EbTo;KM}$??nXv8D$CpMT_^j_gw5+oa
zrVM2d=eX$jOvZH^))dp0N{<mHyo6Q-&ofTS<Web;*d?@Zlvj4GWRpxQk+KTETGXh8
z_nL_4-Q0wK*WS(EI6cj%qu}BeM2*tf#b`E^SB7;RS)#;M8WyEYLsOAjQp-vGxvXMA
zvJ(&OC1B0B8SYn{I63f-a`bi+Ok}H9W3Gu3A{>*3Jvud*EK(d|Kw8ka<^Y>8P?AFl
z&U>F*7{aZLAi>hd76-CO-ot)C?`7!8DbJ^_C#I~xTBeHarl=&m?<!Ra5)+iiVncEo
zVmlts84@LjnI9gYyzzs(VEwl}7st0Ih~(n9F?<}&tq}Cy1x8+!_e(08QI>AAt4te=
z&pA27rn>Qi56p;Q$oRAna}q&Op67<R=TW`&^^-BPSKln$(69Q_;_485#*XL%>CJuz
z-oergu9-=~<T}0>+eRxB8u@GskE`kCL=C%9U^t|F&q;`$oXzu`MmWSCohO|rB6_U}
z{0-!oz@+bMdoFsuHes`ct9^b}2O(2_t=bOU@LsW+mC>EGxVI^RM8e7FPr_C5!f^ty
z?i{gc;e$P+xozypHr6o>_a+W2!)sMB@R@LP^lwNRb26=DJ)GrQn=dd`$oc~C$lg<O
zhGrtyn`Bp#tY1pk>1|l7r}sm#E@BBN`WYOUQ*3;-B4;uwRWwOC_9a|ZaE1W~>P@A_
zNZum5!L<#0Yq0lIh{u)*L-dJsUOy*7Tp#X)t6Mgls;3-xqGuGpC$rpBz0>~M_K@On
z)97n3bBty=ch&GXzjKaUx|!S50CfHfU9j9cpDiUpnb&RA##h4)Q3;JTByJlrt8rD7
ztLz74vetBF+(tKwP5Rfh4>oQ;l5^V$g&4EDjNe)1TGpS}X5IK?V&gOgr6@h@s<jzZ
zZO<yU6&`j>WH)0y0DIbjO@i3h{KtT##)DsgB^mO?=@vul@=5g25Sd$jbt@^ch&wE2
z$u_qPf=dna(m@V|7`;TVP<)?9g*F`nvQ#L6T~AY2GP6`~-J^#fjKeQ+wuRSXWa30k
zD&>vORqUOmv*X)_ahLo~T$M0VqeiM$;0WG6Qjm^v6U}gvd{W}nBESE!W^mimRm5Y3
z2UpFKGaeownoj}9ki1@TM&6;k+!V9i?JAl3@*GZmbMlRSLhw(lQ;X3i97?;x@rX#A
z<uTzT&L_sLVHpYXwaw<%V;FmLn_UDi-1xG<dx22{jdwIKDyb=V6U1WgF<c^=^?h2}
z>e~EJ2^3$nbKlR=G@o<^M>4I(i5v<AN&}x%NRFRHFA{|HJQ}F7KrWzQ=B?O?YPU}M
zqQanvl@;j2;9JY6tHcJ$k_sP*C$gA9iJAcnvV|`wCZz(KDpjpvovH>^0j_FUwFo4z
zYDA}B{3E%iHXWDLv`^_hI|qG_yIncBcR%zEDJ6}41`7L(u8tuctP}$|vQgZ@4wDPf
zPW67sX=kowiX9vAXA3|+_sP6CO%W>*G|%M149SRG&>JgdfFoc@rzI5I>e+gBeE)9+
z9?6>>xhM?^K5D3_DtD(vS@l<|)H|Yw9)L%*-W`Wlv5`T^(GvOMk4&$E4Q?WfmSNh=
zShtkB*I(hm;qRv(5IdtyoQs&?emzs=&mv;6=O~ZivuU)};}fcVpK1M4>#gEDG$G>s
z2iG^nMsu3$Tnlp{fNPZ9HWW~^8TEd~K~C9EVdNEm@2lv|xk*7X8DQ}gVVV(5Cc9Tp
zN5Kmv&aoTDhj=b7svWNoGfM$JZLFOq3llnhxCBo!VV>SNT_G=s^5)U!72chE{ECdm
z#8mVzMk53~k#FQMGHYh1gB6;89%L1~0L?-#v#n7|5anvMacw&wm0jIX(L0Hlfp7dO
zLcElSc;scxSGlk3K~m}AtngL;9a410w#(^m2K1H*J@sA-6#BmO_i`zm;(2^A(MK6d
z;(k{hfnbJWJ&_?@r=hw*kC6UX;>u=rN^H$9`xjy~)3*2(T!0AmH_t0z*b<Pk*YRCp
z+ZR`zt7W0*H^7D74<K8u5@gg#qn!&DT1;@Ph0iu;eHgFO)Xj((as@^ND7?B}0Nkt*
z+%Rd7>pve?o^8Ip>SMdT?z`1iC=wGWxw!1V`qJI=JqY1*IH_IcPR|sPoUYBqLRqwt
zGRDpWN}Fj*-ygK~RHGLi<YGW@h;n<ewt_tDA6HWBD9*C)sCzpVLu&cp#Z%#pEdg70
zGGA^Y=0+d5=ULx8lU>;gD1a7h1+1)qE&5w~W|$aFMHCiHD^O!$Li-c@>BZVLg9>l6
z_Xx#m393&FKTWxmwtXAh5$@CTt3^I_;m_C-afIouPY?&JvthM;xZsbLZK$<t(CWOl
zQc}IB^GeiCTr!}m^$@T4q|Xh+trb9Y`W!W-AA!Ta+J?6{CUinw-VbVBj0!-!q|&Ve
zK{wRpL{xzVjMNDHguyasDZIeAVG1-oT3`C8r&aIFX9IfMH(G^b>G~j-sRF6T`0P32
z6TC5JRCgyy(o?sTP;~lksf_PR`}oZrrz?3CWlk2Jpw;2RXWq)X<KT;V;t!yadYS0)
zWjtETx%;#U96LC*W6m+s{{FG0dvvB9wG}dWQ_K0hi>_$CuS+*#zAf|FsxAtp>rjok
z@(F(^--K&uRmiwZy@RYvyAXrT?>G6r2s&uARZqcD&^hvp=5ZDy7`Jt>WBaz)+%Znk
z{U9^hyc&hrN}G$u@Y&q!v;L-c|4zxe=_w{n`J`+<QaA|sAx&r}uBu5(yK8m<U5)ys
zA&ffX815UR1%Bq$wG2wnCO7gm_eB}hZV9rNiL@Go)P;||Xa6oY4$Ls?nG`LcTw0?t
z5YRZRnmteWO^(mB7gF84vTLC@`O#-o+J$0c-}fME>Du(|w5Ce-Hpgj+LD1KRK(q2{
z!61*6X~|2A&ProlZsgZ^M;M}}OXrgqq(^$Dh<(p<Fg6+=4?nF{ZM1jp#SD(5`o7-?
z$}t|P+kXK){H;qV=Q>N2W}xn1XDILHspADvRi0M2`B7)vU9fZRFl|B+hUlcI0s6@0
zzIs7zOzF{JS>~zt_sm?*JzMX@v!F#c9xw3XG<{;6_~Ct*rfRCXnq8<8Doahye$|=I
zTwJSYq~6)v*?(81s&(jPQa)LJY}^3#UE+?MTl*kaMERprSB)C|QbmZGL7qO!`PGG4
zpO~=YqI2i$_u5P<&v8HYE}H;6eBU~r*2d8V=~{R7)vr+*F&h&;)1&eQs~O}=b9%F9
zoGO+us|L9jlU<~CdnuiPr;*02e(GO9-BFvdey=ka?aO#ncL=p#vc?|zd+@v0RCZ0&
z?Y@?O{JLL%bnf{y`BthCS>KxQMq_1AkYCVMsE1lA$nf);*ucqqnvxbPR4jXda>(nh
z`D=xG-lkov^o|Es4_@<JG#aD6Fz4c-)NpX9nXcz%)HF?#rA|&+WUgS+@DCBaFS08Z
zCZ1Vn@v9N;ZzsMH!&72ZL^FwOrA75GO!fp`;A8xTQU6(xnKzsqNJ%GleJu8!K_n;G
z(d!A}B0=;b<ShaolbF655d}}QHcA{qCw5Y_BcgwPW@l$}hdq>b)xuyP0&nsWJAH2M
zp7%S06Gg{|=#g%P#3(9K#2fx#gzhs|`S<#?b7JZBd{T}o-F6K0CGNV|EAfO!nb8D9
zUvt|_m~s<o7L!nyw=ndUns<gxrQtAm(VUs~!|M3;W`@0$ckUE1R1gdJdqZ?qa=(u;
z&F+e#*@Dq4c_J*r$EsSDQnMpMi=@<ok5#ORBgqp)@s}=OQ`c@#&i-3fx<-1IuB^O=
zv~_N-Q!M#@;>Zm=v1leXiz6@xUe*I(iqae3BPc`qz;oC8crTbrd9{z+eaDg*3)(6s
z)9E_6v0gkWzo!eP+P9A|NyR#$odIUj&;$uH$vrgVk`=>YJ!WdZ6>TT^2+N4LIu;IF
zxAqjcb9>(Q+qT>OG%fxHKaAb(=^NG1W9m7EEKgb!nLht&Xi7`4{}Q?A1}tlExSlCl
z&bp=0zj%gZZ{$nOO*_aSH`2{;oUTWdXo%u0!rzdb_P91qO<y(QPD37VilH^Atc`c$
zZBA|!3<@bj=UmFQ>;n~CuazI^bd#Es@|s0qe&Y@2w!v+0prTvPFix!;?Voei9>+h<
zbsC~*4fQu9z&U=wfLR}hQQ1I`TfBIy*(iaV7Tiaf6h>`!u0xPStU>r$v$`n>3y1mc
zrh$r`pRdruEDIAyt+Kx!$=YK>1u0Fd*liZV6mI7t%u&i1w$P4nBt5<_W7ZwANv7|3
zY0PBkmIe5jqlWwzv-riYEv0qjblzmWkf;y{Wn>{xR=6`T{Uv{%d65B6KrAUHAQD}`
zg$6H7B{lvYhm`&?b@E+>`}nEbOD1vTb_v(AMGlHMFh+=b4^@%X?D^?4QlFP^MBPh6
z-J*!euEOR9Qi<Gy?@lPu+c&$bO2#RmZ5zd6viW?xa#~Xl32dlXTSkGN^?`W3bd?M*
z713Ui;$4fArR1}PiF3XKm1~B<Ia1vx!-O&Nfn;*BMqbpK71(B+$vMl6WDMLF1^Xd9
zY$*=RETXgGxZlO@A%Z*aJ(oH`IbtA{*uG_iQLHUvTpuLqt_6~H9<54665Ffpj-jO-
z+JAN^Y$8gDf{;&s!&a9+qhYhn0>(5Ez7M%USB*?%FFpgLg<|`$A&!!wHvPD;_!d;F
zP8*_pobM^bFMSSL5=Tldux4eexYoow`oHWxu6VjNnf+9v%rpV_sh!9hR@&l808R?^
z#nX%kF+RJG3dS`ZM>fZv-YKQ-$zJ=u)%U|2_qoodgS0g;F!2Gux0-}V4Zu&0<VOc9
z>B{q|L6rHOEq!cV`2T(}$6pt_dO(2=wl0qLE}neW_CPl$Z|INVzhQ{~pBdJ!&d!!D
zHhfN&-Y(X5wjTe4;sWx2hboLlA<zMU6C40Q_CJTZxjF-%IXiXgnP`0wpa?vwZ>Z`l
zn*Ve!tco;Zg5wos1a|IeM4Yvbf|ZI-N@&^j8N-M6Hv5+7Og#rZ*q*N}%#$A0Ng?Ub
zCI%XszK}H^CCk)=gPxXuarI>?Nxd)<iq)tskf<g#)bNygVxZT~R$54unU#@NE2%HV
zD*mKykj#9ZYuw|)O3}4*!Rhnn!~z2^)#b*(%q|r@!CgH2`}b*a_*pah@eE=nheN(Y
zg}!nUa7N{nT=rd~cV~GOjFS4VgW%G)hp`aTs4S<U4kI<u%yc;k`7%8-^D?}5{aU87
z7>7}Krkmc_LDo|{I3!g($ErqHAXm!Nha&R`@g#a<E^t(Dr6@8aE@EZEAzqarG3>lo
zQ<D-a-9ByF7@hLDI27i}#1wZTKeL~WKE-R4*~_t$P-|SBq9Ead?$1Zt7V8zPm0&HD
zfqmLsB(X(=OeJrigP7Ttu)Qk9(gOOMZA-swoUE!PMm4{aqH`_qc-ze7e9N}wS0{%3
zXwOC)K7paaC(K<%q#MB{#13756kN(qGQdW-{&rSM%c-9B!`Ql!7dSZlUZsF7<jGJu
z$sCNo-c^mj2N{CedvoY*;mpM(LLH~kqy*);%Z7ntkm+mpX~wdz^ARqYM4IwU&V~K<
z9kM7gz~?wu_<kb8bp&OI;A5R$p@xoNtL*6E0KAYD@9W@@-owLe=A*!t5eyQubDopw
z;2u^E`3@E}hsz$Ho<5tFGljZOCLZAMd~oC0rd5kXJWtL6q18tJn8VYIjRL)_BOTgD
z+?_J|o#)<OBlo~HKvR(0TS2m&CySQ7FVntZn2IjgN4jr56e5K4U+#&VCZBX02;>K;
z$m*tg&}33Db{|MRKW+;Zm%|?CnSU4fS}~%@ICj_jyR94KZHugQ!E?qz8XIQ!nYMU`
z4`SKZ*ncEM^^b(mk(;CT`Z4qS(UtzYgmCk4b+h&GvbXgl8h(Y}D?kdEka^-h(Owj-
zS~vkF!{NNdfO?cop6b-8^>nv>pfmSm<>&#Snae#}h1BG@SGlo}<YRpN{-v^&st!r!
z1kGDiYf1AHSghh|uR9a4iT<u|1@1t|?s(T77lOEV;=AbIZrREcAH=0!D;D2qYoMW1
zVEpUn1Mi<BQow;c;OArhA^V?r#0M$F8KD6H?mr$0ik}drA)G(U!153^Wu?cuK(O-9
z#?^l^#{I>(@dwvH3G^r5zp4m-QO*CPa<aGj%Z?wdr6(}|Saa_$J4Q$US!r$S;%V#o
z`?K|Df(szz&BHhVV6_tfVE%=mi}9=XpYI*$VCnJi0#EYGNv0D2McMd!F~=|B+rNtc
zwv7BeQ~VdELehUxR{n_LzbY($#4zhWH~HT(^XL2ebI$(ZRhjz#l)>5>SlGWK34VN#
zA3s5G+V8V}08mQ<1QY-O00;neb1O``4^M=YV*&sdX955l02}~tY;|X8ZgVelV{&P5
zbS-mbV|8+Aba^glaA{Rk2>=7Fx>s6)yH{Fucnbgl1oZ&`00a~O004BnQ>-vdv_N-k
z+qP}nwr$(CZQHhO+qUiRoc=d$(%UxO$)3z4>tT|$Gc)^T6r_PcpaA|Sl$@z#0RC4%
z{+F_%DuT3<a$@uf{}%=Up!gp)rNG&y0SEwK0t5hn^1m@zK{-h=QDqf6Sut0|X}Mtr
zgdXiD{u^A*Lq*6GZD<Is0wF2~(J{@e(mLDC?6e<VIN4F@oV6^>*}1s;mST08nmh)w
zr@ElxBZVkO7Fb&bzrlC3{cR9$p{VDGtVXrux**4eGQo~zY!@XNt)`#IYxLdMExgLr
z8ok#y^U=fSMGKPAQ|{vH-Bq3X#vl_SP&G(d>_~1(G(gziq{W?Rya-#h*xJ`^5M~!@
zCrFoGGV#b_GkoL*@MBzYd&6xDFefP}h(&A}%Z-Eq3vhaf#@S-vY)Vuj+leD2YYSz*
zt^}hlIJEVPkMUoAO8?0|RL&_`J<)wI)>`TZN6nsFC2C>OhFd27=hWEvAAQjFJz8+P
z$H_sXgQxfxFeM%_ZNXt2CDk--twld+!M++w(CTg{H_radIrP)H69apv2KLR_{lofg
zE?@r34h~wm5{$0DV0be04#8_-GU^1OD0qecUttjcrMjrl|HIe+mxB3Ul#Qj)|1$eO
zWQ(L_f69MmeS!Z^v;Q|~Y-;Ch>P+WhYg4N%Xt({J*>_ZEeHRFkF#!dTu+oBX7Kbe`
z&>X&iLJUvqERv2A(|>%}(o{Djpk5b}D4opQ+`@GBaNN+|$dJ9&X3mbBz{f523$3d+
z>&NR)UT(_%T3e#VL5{Hbg@gtP#i6xO(OVo$DgxNPaMfj0J~pHF$88rCD-=PqwDiyl
zjEBujm#twgBMDMWT;ejmkK%%i=<4aBzFYO+<!)tEYvM39;xIovNPqid3B>TNl9UTV
zQ*iAZj8HF4f>3I&Prq-6+gFCP;G*csMbV0j1%4MJE3fF*zTyu22!U2^7YRx#lj1=q
zg5K#x?F+UlKrW^cde}r56c8;=4<-a=zb^)#5z-FvYb|AgGCV;VQ_p2JhBIa@_v2TH
zeem4&V=p!=pE#|EHibDvsWB8Lya@7|J{dE*FMj*OTAgQ;_<JNxuh>)C&UnJ!A}K6{
za!MKge2L>%Vn2#ooHBjRUvC47Bz^gru(K%}xr*Bgz$JOHw||q=-*eUL*o&@5_HMTf
zsmJjU*$;uPPd})u|1XQ}(2NvYMSuWzFMt5}|1aOp#!i+FF0{_3#;#75E}nE&hE6R#
zpbk3HNpv)tGi@2RjLglW8%AbUjLiQN&7(6j2LDZ^@8{-vb~86Ou>X2C|3p;smoXtx
zRWtW1YijH?B^ewv68d$X-cpnZ{M`qC76FE$eprr{h+LZdjf24wzk_X6(ux&PQ9wo>
zpdlcx_L~7eN=HRQP*E%aiQ=4$mwaFJw^{8z<{miOP7RP)4hmMCK`3lPz*m=`s%g@f
zllMFj0D+S*qb)U%lNHlpKdF>ZHD5~DRsBA>n+)4#Aktp+c;hd!s}Jsg4BH7UTc;jX
z{o0mAe`cLI;GUGOT<r_XF|OaKKT4rdx8C8$fVbP3$wq*`bw10lp|e(7{lY>JrWgQn
z6zHH_6hh)UGFu&f5Ts8hroL4j$iS(%F~Z@L78iVq?<rUnx;={4ysF6(+>ja;m^qZn
z`i;9}3oZ(*$)5(7C>J1T!`%~RWl=n|jbF487t`bN!uUQYdc?UFIm7_BhO!fAQdQL3
ztZvVrRDy<B&trVrBNG?xxe#QrSrpXPiFv=Y*%#dto_2_^etbKgq$IJfnDvr=a#2wb
zPHo-faC9q^F}{<%yVl%TZKjd4w^yrk@_fc;Z&;Q<GivjHB}y=6f69YOR2YE_C7S*?
z4VV5{3=jNSthtT5{xX3d?QzTmsGXImy@8kc4@Lj%d)Uz8#{7ByMZ!$}Q5f4Bm|Gni
zz_U2CFuOYZ<3?rrD+xOLtA_ICr55(JPUlw~{jINZVq<g#(8}22-uR1DJM&kqZp>|M
zO}@^L$-4L}785P#4ZiT_nF5BbxrGUI^Iy9CQzwS<F9iOx5<BGQ_#26M`pZKkJkS@d
zxgDXkrTJCIIjh(IGa>5uQ&si9rS6Z7&23HI%XfX!U!$=oG`F`eJ~tq;IW>4Ue<b>}
zxBA5&|I7yuKi6k{@edbW*qQ>ocrv#eeygu)TWDr-TVV$K)yydh{Mq%EoS&N75}Y4g
z`MN)V{^A#r8@-YV9S{&GA`lcH`Bi;S1<wM6#R&-e0Rt28_BKQZE|}G~S-|=+jiE+u
zsZkVB^i=4;g6-g803|^PIN^#7a$SaPGCF|(<bUcK3>v8`o4tC_Jf_Z3-MXT+7wewr
z_9>(gG#*BIG}eEjq$kQMLfSk{O-YKOU+cIbSI*4g*Vill6c~38gNPn;QKs<1utQF)
zUdmg>EOyB~2(G6!WJ9(k14<jp=K^*Jh=RfTha3W)5j^pY05sYfMw*I7$OYJaxcf$(
zGu1a%14o9^{Q@wv|0dXb+W?8*xBUc`4}V_?o)Uzw)(@HYRY74~WKO?C)FiCImKa=B
zrxHRv#z_i)rwv&Rg?x$6gwQ}U<+njr#FHL1Hpadl#)(kJOx;}@1ua`W$Z86+3E5V~
zU1(jE5a+T`5m5pDX7W-aCdmF9r%FB_*XUQg6}E&DR)7ovMf#yt;u*H%gsS99)YtcT
zJxH2w>_f}vb!YCGTBc;Nhk?uCFL?kH;CRKJA-003X|{cN(?xbuXK{JD<Cp=`_3Yk6
zn!Kqknxa(EaW44n^ZYh7&}Ob#xKij_o-#-!>q)$goFGl?(bva&>uUb#Yc4zs_yA0E
zN#<Un=a^(M%v#!#V<xiB!gvdawQ1$0QN0TT7l_&EDT9dqmkl{pVf)rs%4S3YkK3-7
zn-B*^)$n@4hwV&PiT3<XTWi1O=8STiy=hMsD(xH9KH{iq*9!2NM%(ZnM{W<UA~=7S
z(R`U7soD47LU`i%Gw5YkHENzTP_p?#6270bos!pDBrdZ5Nxl&qVK)TV=V4da@O+P?
zZiO86bm_JioJUI>mC?!rH$CIhDD?uU-zD-|0M;YFLrQO|zxLeo=?*#c?(1d<Kk_xQ
zTL0+D9r|EpMq&0%gR}J1mx`YzEvr~-g4WG<{q$orKnFD8w~&jo03Ao1`V(cL8dq1-
zW>wjCq`)v|EVNsnFvn$=E~rdlPZ4xJh-d+ksEs_5B*TT&<Tg+DSS=4_Im$s}$QsKc
z;bh$*PH*yT^9KCDwm@$KGKlX%;r?TCg}jE7EB;Yb;tP2-28ow+ZGEyr<AKz<LFEoh
z?6p<;4yMLt+BQAvr(S)6i?e3LM%kcoILm%~A$kR~ryN<Z*|KQbdiRoBVJ(!C>d$RB
z_?UT#Z@g;yy18}}PfCulg8%SRKX$d>y94?=0PkE7JoQ)lL#v0(VxsV&7+!V<;`A@Y
zDy0ufpSI{dGbCf;JCK+eJ>!x%p^u@SIFCF>o6*to#+mniB%H`I@PSk(p4*ZoZt;kq
ze{BQb!VC9_)t9F~uPIRDWy~4<Wb8AWkZwpqb4W7nz?ZXa8~)R>#nSYfw4wDZvf9$}
zK5T;LmZH@QHHnf7boDkUx-tghUAm!Itk|*%OtT)B=g)evN`k{2q3XO(R=-G~%%?%i
zbkVzHo%032Ae-ld$Ti3L+r&;IFv9P$A&%ydt&+zow?V9Q%5ziPZb!(F1j|5l4zmA)
z^vy8{ZAr$wDVAxQEs?w%5j8R*udLL3K)lI#7Ee8yZBOZ0NC2YrXzJ04m9l>z2PfQ+
zsvkef@mwx@ke(0`XUpB~p5s_BrDkyQZDSI#Y6pXRKFLr&Xp59pT(y*6<a>&foE_Bj
z;eu9rdn}r896s{-Itx^q*$@_P#Py#29Dl=-Cwlzg0_=!Vrt80#m43^tpkq@1X-!dL
z<DFK5&vVsX<1;`sj&ZZXpx?JAi3D;AFQP~`CWJl2@^6hX?sl&RMK|>UkmMs8-?HhK
zFz#&ihS*42#%@K<{QE6ABFK1l%QcA#6c2BD3jErG9fZ>S?P45(5`pxU>D@&F+XCWq
z-W57@ic~l>O%1Hjx)k*hE$0yFsh0aypn7}OHU~h}C(55=FrGIwulsynC|Hnf#p)xB
zE-z0tvB9F!>*24`7u;D%#-Q^P+~un^a|Ux%Ghi}ewo_~YboSGXjW+EGag>sI1kM^D
z(|bfAm#oe4B#s}wqMLC6py|%Ah2K%OQUPU$tAyGS`31jMD}S2!>@)u48VMal#7h6+
zYLnX<UESZwa=%JmE;3p}4;_r8D@J~JKY@5nh(L15*MLnV0X2e(!S)AHFx%p&`2A<R
zgsA{T&J;O4T9)NY!cWnRF|B2qYP1CjjBA$Wr=M9Zs;ftO4y*YeP-+6d_eP^98LaG;
z^}bF2XV>o*r>pg=2ZDa@C)85xk6Of6wI<mG>ctcD#rFm(l>Vk`oc#m#KUF!<_R%%=
zzV<3=&^`mjgJ3GO-vyMPZLOA(Yyp5x3)qzZXh*f3Hp&eYva?*kE_6{hw<D+4!f2NT
z!iCcE?&L<^lU})cFP-cr`y2MurnlESB(ohRi+Np4pVtXhY95pYQHBWE3!=^9$lwmH
zXM|w1z8M4!GB$sk?P?pO2=#NlMV-PEo5hn7Jj|^aBQr!?f&&qM!WC&??TF+=)nGDW
z6U+!;Yg02%6rz*3-IlIc^4Yk%fPYjF%4oAp7v$<Q;rjRZT0u>nahm(xb*R_e9F?+W
zs5ymOdJrAXY`>KjE<TvS0NpL(&(dBBm>IF|n3oDMtN{CZl-knQH7VD&<VQLfj1jd+
zAxD=i_+zcPqd5ylUjsV^Rp)g>TBI0_PfCJF8=COqomoUh5$JaGlJO$B^%~rY)DwjN
z&?p~t(g<-ldT=uA=wQ=ae@vfr3vx?n<u|*b;cq2q%@uERz3uCzpxpob%sRe>s#-^7
z6goRM)C&JR5J_~1o54o43QJO?mY?`=TmSK_NfC!B&+jtVd(li)6{-p_yB=f5c+m-X
z{$h(yE1nRa@6i`C=}HzEhJCT|6=VkPx%gDBzf}s3Xf_AvlwtIFJKaNr0?fuS<&>!I
zDVcb)yg*xatJAMaNNN!WqJ}W{x(c)SbPuY{j($?})a6K?QkCb7$%zm`(GMtGMW(~-
z`^kvTt4eE%oa`WV3ZE<vR7!bYs-L;PiqU^7(Q~AjbuB%=ZH-{^and2v)jcQmGPiMi
z9ZMmTc#|V45Z!J3y82`k=3)|h{p_?bYV22{g1y9Y?T(Rj5O(r>4Rh1EGJFE2QZOKv
zOXwRXcC;2mO*UDEw_HZ-APp%sj<11w?wP23^6<f2TqRW-Z%Nvo1*6%K<@`Q|&JH@x
z5SYK}I5-;@Q;>;KYR#+y=x||E7HP-k;q*K}N;5Nm?myW`LA2suGEFG+qk^qJMOD1o
zU|UD9W}zNBKnTm0wZ4ybFd5IrCt$+7a3(3q9JNz6CW+Z99ZuVNl)+e642x2&_rttj
zE1z32m^o`@!5b>m#<60Z9V$v%g3%`|J)M7_C5wfkHB#J|wT1-Kw<m(>nt$>E?Jab}
z9AwlB7BA)ZB^552RS!{?%t-y(n6Iyk|HG>y*xDCtaekS7<1A^fdEwe%$9f36m-VOp
zVq21Jdv=OCFl=LfB`M_`=tFCP>X_C<`r4D0s>m+*D`tOYSHM5PO{4WbYN&WG_#G5`
zY{%}3s}_GRWUgW}v+9R~0~@)CY&;A;)hvlnhSr^$&FVo!wMh{DuyQr4R*v`Feuzwz
zE6b94_AVP*YzLg=bo{%jVx*RX@`Scav|@p^E;+MEYRWFqXInDc!v=6o#W80|S>@U!
zHpARZo+;5jD$>Un+DXUeu=U08d%E?-PQ8SaiYRI6e^WW%p|oFSDK!aS^C6q6#DRc2
z`wHD3%UbRkPwtMSN!)^^(6KH!hhmL-Bc*gnl5iQ(l}%nF$(!Dyr(Lzf5FfXL)m+Eg
zI_}}Gl-earw|N^J-WcQ<3^Q@m?Ssd|NO1m`jhiPg?_!)ijh!DaSCZ;CCpr8y%4`VF
z1WRub%61m8!|iftsSX=xvvYL5I(%-P5m?}OQJ8WMthy*tuy{44TTrqNBmT`1Vz;l_
z(cP}Lt0o55c<@<UpDwJfo)~*X`Et7^P5A6$@V`~kyGFHUK(49ErkyCYkzCyo@eQ*S
zNo`d_;N^25d4eS(lJ_es7cuRpBiYTMCou1%BcSb>X*Zr)F^J?Cb2kWO5BQl;FpX~z
z57lW%U@KZl)5+Kv=nKIdzXNZuAz)0QPwvg|j@Z&$$nKm_3+b?^RwmZ(XT|aDezT@P
z^olML+JPgiAG?O1x3-so6*fX*7#<OrR|RO7uFhFoQQ;s)xxt9fjvGKjDH%HNDW6tl
zv0#Hq^3zA4Ta7xUAB{ey*ZnIt9ea*P09k`n;7ua)>Yon5U09xKkH^I_1IZ<s$%M^-
z+tiUy_gXeQ`gCo@c*_6~s{<u&a&A2>VAvjzbK1i=PSB55zUjhuZJz<-ZH&1}nO*7I
zuR;W%B7!dcno(9&w^i`+7Y|^!3)F%+s2A;F7Y5l@khKAs+;DmX17DIwFZxO?tc!nZ
z=345S<;SNCY|2(-No)R@JN+T+=hBVAE;uQ7f^j0`7S(tYP$;1-*d&xeMYq8dn)IJ)
zBYjdiikPdCZW-Y&xlP=4%J~D#W+6E`>Qd}k!AsYS>XFr@bwN)f5GyOHJ4cNOZZNCx
z&h{BmYnEr7Q!7T%lYb0skyrB;<e}R2mS);I3iZ*DwRfhD)57s9yLC%3!H{moCW|Uu
zTTeTJ^Y=!!J0#wjP|YLbY%icJ+$MpSusM(9{zNz-@#N0m)8`ourp$;gmWc8gmnF@N
z#@4J{+)aCS_?03;WjLnS_+iYDO&Bm(NStT#$UXNTlXep0Q@fG@6kBI4Yhz_Q*US=u
z_H0yNCBxor!|`b3z4X(0#d<nJ{UqGqN<*zoC=`a}9iPnvs$0FfejpyPDuRnaEftBW
z2JUXo>YINI{T^*xsLb#m9*z<@p6V72?K5iho%A>p3>q^j#mi6uU@$8)gZF+bw-1Nz
zITq&MEM7KKSLaAJcZIa$aMPN7)<d-}TMR1L4L>@7JvhNjKfRlciSuTtc)&H<1ozaL
zSyk}}ur%A#Z>U^UTBw6@tyZpo)`-P52li-_>bstnmqqbey~1NM>Uo}%3*;u;ed4A*
zylxa_>ZJ&o-pZ!odt>H%x^7&Jf^^0Xr65}(5#+-BRLhj*ah{l?9+p6N9`SA@OBP4>
zW@(Gw0b~=V8DAqLPCl5WS<L`KlXnMbbCZXB9|-bu?0SR2{Dm=iVbNbsugfjq1z_J3
zHU3IT>-dbIKx1;}&y1LyzPVv&u75g+9VW92gYFpWDB#>E<xB{1_)Sx@8Z8+1Y3Aaa
z_2M|j?5QrdCHztu<IM7$lt5_7Y2-XNu<@UyHI)yC$Wm#^Qcch+>7mchi)6ayc5*l*
z_j3RY#hx7*7yp4ajWuQ&srJA9Cuuw{)$d!&MEC<D#WPRmk#dZ?lRMpvaqDt$ZuBej
z@Xi4CGxtT?JFU_)_f&h!Lq-RGp4V5yZ^y*zOa2hiUccy0=aSvN+acIFfv#&j4@c`~
zgD10x)#MA52^>B({?{{NV*bL*{zvQ>^h4~J^vRx<@$>Zt=jH|W$LqY+B6jx2W%AQg
zBi~xI_aNP?g2|$beVTrWzHF(4CdE8Nw3H5}1FL!$eF*!LI*%A*Lm5w9Qf)CN>BEs%
zTeUCrAvZQA*VCSPjir}AKkq>B!7G=*-J}$R0wKWwnqm#k&d0xP+9_$gfxATH#|Edx
z2b0%S)-iEV&`p{t8mW$@z*e1&4b9RfVMi(JQ#^Ukovq~zq_L~04o+rU{>h6LBRRRz
zk;OW%-Dsu)Pu5Hpf3LzRf<|01kQGY=Syke8Egrr^rk{~qCpGTA4y^*!H@BWr!yM$i
zTBacKw0;oQqRq81?Z=R>?Dg8*R?1pLjIfwo8q;AiOrujI)Qffo+P4f={5GK8C%3+)
zBtuGYWeyrblp8wJ6+bZDjP);M54(oX#=v?$yF;~r3Iuz;s!tXOC28^66a13gkJv$Z
z`nQslpQ-VmU!LjxKiYC2r1`aoQx&LAl8C=qvy5A6B7*7@9Gy&wo=%N0GAw{wB~ZUI
z$`j$uk&6(^9L$H8-%}Sbpj5TNOzrx(im0^E+r25t$0O)R_{Um6`*(>4@GU<Zq^0b7
z-#v}@O9RiaZOY!rJ{evdEBXR&oedbHZc6q{tXYjNFV+HZkYAY|gzQg8F8Y(>!oADk
z75U20pQy2vvwaKwdPdlG!(uUQL()mau9WQH3NW7F>3kuF1e+`#dZy3J?p7aWIEvN7
z>LT1Je_|F2?=E7MvUQc+YM9)Bef_8z=b6V;2)n|1(@rCCWJ&A*MM=}hgJlk*@@)?E
z*gj$MF>621p9fVrRD5QAL49qjgGq)7TZ&{%?m8k?&~bmN`_)hJe!W6xoIF5az{RiN
zl9&6BSN(SIz_7o|jS>G%*nipX)V5Ry6oq~ogzLVj2lbUSEYdU3FO3=k?C;@X6f_|!
z-~y(795nTyl1;6pb?vMkdfNK(1{UTMj=eU#v_`&3aJu!S$u!M$&<BZY^zFEIJ6?8t
z>sbDNJYvs*ULl!*U)4t6pi7F%#yW`<;G=LEpGwV&>J_Z<6GG6bKAdFf%xj`UJ&8H7
z?9!wL-K(xr?LyZ@qbQX5qKgU5=%D^SaY-^=blokEa^Xqm*jO_fk|Y}Dvc-~fwtH@*
zG?r&!;R@GPUWfPF0-FR}a4}X34O#P&BgZeT6se}^-;D(Wt>w3zC$;nKi4==76&c%(
zM_ZlB4!u+zTLvO?C0%D9d?mkX8D2sCo*Nu%h#}}mI;P1Bjze+~@<v;0YV=qx!nhna
zh%P<R)+{#crVBqis24uyW0}~T@mDeSp2;jhacC9pNqjX5;)@y*3!ETrfmDEY+x*`W
zcG&bzVM%v5j|nc9SlV+U{LwS@3TDL$MXA2V$@RhgNqzhDvE9!bf?1j8gCt3Gpr!$k
z_yR5KkhcSF?WEDpsl)!lZ%D|*T8m@?3U9-7f?;~6tSV%}HgVT68gXdoE$e3n2LsNb
z%SP2IrLk;`mLt6(DB${{cjQM(DK?<-Jqa@WYLkvw<`2Hx+8fe@5+?`q%AaT6uz+A!
z+zer=^6mLS4?EA758+SuTb`w5mXXq(M<CeYYC?58_dqeVjklRgo!9lV8Uq6@_Xvtr
zleMH{cj3Z*2`pb3<wFmhyG=NKRMx$zA!=YjLD(qV0Wo9LEq$&iKJFh6R|EU&qIET&
zWAx9=uZ!SFL8RyvU$c%YfR*Fl(|{x}m$h31e2fOwy||+652MhAXv9(^A!zkX7ZBPc
zX;~G5x-1jd=6AS0p~K-(h3bloJufrlqtFwPt$;;S50s@7kBuwT&jh>{QbiC84G+^c
z>j&BQqf@tYS<}GVd*K1e|G>dba93>81Lf~<aftQrFT4ZJg5^;V3^RSfOd!8z_G*=}
zbeJxxf>jwmq7-s;nE;52<%a<!?7vK3hVudM93(y?&cgc};B31G(d}VkaCgg!!HN@4
zf@y&6Eiue8*Y6r^tMr-R<k>;B^IkWFD_X~n%{KOpErJtlC=qr$5VVJx0lQX7zK*_>
zyJ~`?2{pb3Q2^YpDNeN$eHX!8@p}rlM*Bu0bjdYP+bGmv0%F3!UHdU_;5K>gCOU4)
zgt+K7mx_CKxsCJKW@|<cp_e65u7`b_FRKU3V45*;t$)GG-+svO)_nJ5paAEkdQsqi
zXp5~T(SlaMSNM$}sx_G$DLEh{X7EX7{egu;YH?@--Mrw+)W-foiJ;2H)V$#0+y?q>
z$0@A;0g`6uMa=gb*T@Wlk{oI%7#sPWQKu~x)FG)+ozYCB-OwcFxz4YJv>l?bN$MX(
zqA`1lGH^z&5E*q89AIL%?Z4RBsq=}Q(&K26Fe0z>K`d-N+U=O}cFFZU;c0oa`n(Z-
zQOLZ9+Dsag>3?gYyk@?TELp#cAIQbfIncyQ*HF<~58WoUsQ(lUatjpWy(L`>22_NB
z;R|In6N0{X+yw&sV|h^;HZW(C@LX&;om}rwB}Yx=Nj;+77dOX?Zp`O$QWIO4IBckq
zkW{u{NTdg&U`gC6*UYnOV;W(noX&3Vnp@0QA5ppsRXjw?Qw30TWG!2;{L(_Y*0|w3
zVjtz&n%USTvwrB%2)K}rOL}{F6WA_AMOCmtv4}ed1J-WE!P9&DDvJ9N>TXHnkcvId
z>>_D%Jmg~q5EBk9<PCo-RIZ)WODgUZrM#D)cce95$A*PqqXN-2Ow7>+a%bS~It5F!
zQ+Y!v4{L^OovH;^{k;zekKVFcF5!be-d2u?+#KGfPg=h(R@a_c1Um3q7jA3XvnBl=
z*15_AKCPtTDMy6JMMC(NIlF`6W^tW5wZy%Wyodu&sAlZ2Mv)a9t#P&Eg<%&><!i^M
z2RcU?Jaw^3fWjI(mj9exG%1+{<7bmHBSm~U{DD5M6Tk8sg@UtHcs=Q)MXbVKS}8Iu
zh;TIaF3Ea_WbD+VD@hM#y&sW)<&!cRw`?+Bs;urEN1Ujk&3=iDkAPOLEl^7DB2bCP
zB`65QozzDSZM2`*9<o+s!loL!M+-q+KL1xxMCli%Pl159VOqbUy1e?FMs_L?fXdX3
zOH7^g><s&xClnep_bZm3v)cs%-Pi}d)rA~?QiuFP$?<$m>{g2K{YyhJE*ntgx=!(H
z!=B^@NTy1xbXGuPE#Bm(q-48qmTMS)Q6+6;(=0EB_aptn8rKXDFRgEE##`kLZ$E>4
z6bELsrA`nhd}7+?U)rVIjz>3=4Pd%K>r#D-wF6thJc=1r;ES)`w_Y|0f0K|tox9IA
z^Ws)RiTDqRjQl}T8|&6Xf4P@`c`YidEMyj_c|JH)uVB&-eiIH7xQtyuI-D^*TziPV
zcqfix?c_pFXsx{NGjm<^`rial-a}Z!O*b?plv~F#ftJ1>JYh1=Xg{f+seYHaL<JCw
zOfk9$Qm|#g=A~}H1Cq#;#pL>)&j6W`(g6@IQvETby%bQ{{e&9Wg3@XWXQIbfN(0qq
zUgk^aiLew8kaU3qrL!{X{!+c(V}BC8?Y42tdAqyMCdT$5X6L)r5y%5h(t$o3X!9*a
zBiY78fo+PSjsXQMK?fX(-<JvMtubu4TXKAC@+TJ78#8Of;MW~*)4D~WPK=`1=MY?=
z3E=V6z=JJ5^J`lR^IgA3^h4@b<rZ#K+KPLa-i@pkD*;E+Xf1N0$Es$3T8S+fYhCiR
zVS+1v#<l$!yUXQlH}xGAv@?PTY}HuJhA7p7XF|jD%|Vw`r$U0Y$?j0v3GOmzfti7a
zf31ucEKV2%_oOtR!h)K#IOb$t+WoBVq1xgka}->5kTE2$&U?^ojh5$Bm~PYUzK`&i
zc*IEnaa{@!C}7|paVWwcJHZpbBcjEJIuA?=@Pv=yN0#Qg>?g<->ji%@kz09u$b4|A
z6vT0P7+i;vOjD_3k*-_Pw?y#M+ab28d-`ddBWG7OhP-(;2d|D-DA3}~ZOCyEuXQcv
zl;lJuY-oApkO?~<NU#n=Jxf7VgagPl8dWs{%SUHfuAtO_76m{ihK&ssIUPp4;XnXT
z{6|^E;Nr1e7kM`=gT%a@VT?8^!s?HS=WFuEHWaFfK^4uY1lnsMHH~H@sV|$MjYo3Z
zYz`^!r;>Kr+uAYZAChLtVn*jsue7v+3lgJC&A{ioVl9-gTT{=nINk5EDDdXRM}kEs
z9iwz$qS2Iug*J*3H**Mq^3XF(j?Q9V`9xj3S#bIN=Wr}AHaZ((r$BZXH&lmsbHrO^
zW}@7_Z%yw`zExw)7(q*aN+G<<A_-1YA|>k1eE%UB$1mO;t5A7LE=S;6g{Sz(I3=}Z
zoAJ-rxC`LmU$0W;h`#AB=b`e#mvm)}dEA;%v{FqP5B>cm`lJlSFl$KPulmX+&hk(}
zb=Ygg^QCj87g=m$CHCRO0zATfh&44Vhly=+Yh<&`dpON|G;H1a^7yz-0!?pZV21+^
zoYni80;~^pFyNm9-4?VMr8Q%cb4LMGE)&?>iyF{Ou;S-J91v*C^*YXv{nJVL3!&N1
z3e?^~PAmz8ubP!G0KJhYtQ1OQ>;%Wsvl&M4sXh_l(aJfDO`q9w+~%IykxEDz>b7lA
z@}TZ;&aW)A#E>*nD&nCO`)N*LP%8@*FSk|i<0mJ^%Zk*5K*5ENV9imJi6Jl$$@oo0
zm`DDkz;ZNG=Rv&Em4!teleq}NL)5-guA<KI6*!N&HN5J*{VIX!8A2auM-RY8uJGaD
zkD*!3Y^PE+6o0a;h3_8S=GEYTXFB*EO{JF}B>4JGF);29dUxO9VBL=2W>Ex*;Q0|v
zHgN489#R`fCdH&>`mKlZq~bI|qCVQ&(y5EIT_%86Df4fm3@ZKiBVo#W6peIJkP(A%
zyox|`v9jZHRFSp_W{Yt=#Q4GOoqQ_K*|qiFPd>1k{2+$098e3idW8mkoAV)arY{LQ
z5BrvvC0<t>@_d0DBTHDrv<q9Vmnpr4^X52!L|J#YVZUH(fW_T2wxEkva0#<c)&WM9
zp>Mq%l&*esi~5x5kW?#b*QOe|#Y=Ab{okp#KPPJtf1t5OJO~hz*5CbLDB}W@g}If$
zbAAbAZDNP6+DV)^>Q|5On%IbLETtn-XK0r`oRKMdt4T>pQ^iQ<;UxpBsrTa^nBH1$
z7y;vz5y6NQ5K!(jPziR>*U`uXf1R0H?1=ppALfV@{xjpm*f3^`yFY8}2y8d-6&xVt
zZLxH|_`SPxwoj8_27@T&xnn;=#OX!BG4CEQ#@wQbr-iyB6pqlwL}D5@k4iXd!jmgJ
zujr*zQf2}^*kP=&#EQ~ztFRkQZGRGzye=rQ?>#{eT^UQM$1F)}FUv2(M3p()n%pwB
z&w`;y-TU!-@!(S(C-}WsU!Ib-C2^P`#I}rECE`es?ORvM3GOt#AI%d@o(aPh1m4EB
zV+C<2(S85e+7y$7EA-&Y5@u<_hD_hq+OgkvSGCa6Fo#}#z@a9CNa?X0qf}k*EEod?
zd7-8toUYfj4N^}rR;XKWEiEnzAUxZ8R3FsW#eG+eA9j{w<*LibL>|$tRZ7NHmIpH0
zF0zFPC-b*OA2IQg)F|p#5S9tf#KAu#&@+?k^M9H%1bLu7xX9K863W&xf(@{iQ^y9-
z<%QrcMls5!v6{R<X12!1(=9XQJ)qYy5^*EK!-dk%Nd7daY|FJRq~MMeo!?1s3~<r0
zP^~0=(SyWm+ov}#kxUZZKaF}M40KlZ&gSGe=`1}zE*EkOBz$;@+lvU2oLFkg7>-Eo
zyj~xBfT&|<Tt3mR*3!=6d}C>J%-m7dz}+x}MsXSs%_ML}e;x;&-g<vxldCO$#Qz|P
z5{Rd}a&3A?Kyqa#w;BbU&6n}et9&oFzE5j>v5|i^%kU;pDY1p(#DHOlbh@38-4`zc
zXGr%D$r@cg9yj&rOe7lyJbR~U^BWwb2y6tD?-MOH@Urxa>*<6$vX5k%50zf-W{+Lz
zg6|t055;{ZES3hNzoJ6mSvN;axeS>1rjK`b-9VggZ~rCI6cRh9OSr8$9uh%-1G{*>
z`$PG$!eXE%U7tFkO&bMZQPy6H$g+RO9BSm@*33vrRy)?m-_Fnzrkux+@)j+e7a=$7
z9pFH|bkM0wdEY_^9xnrcJ^83=k&hDCf`|CzM-bnU)UDaHuG=+I*tJ_LF38OkPb+k=
z<aQ|~E+ayc`s5mz=wuO`*kykRW$*>wB-lt`C6Axq2}UIKS+1YaE0n=u&CiZ8bVooI
zR@t}dc);PN3kBrZ=9fM$2Rsvb%yAv$JkzNow7IN;p0h=}R~OIrWtrWj1?UdQm|tSr
z@3s?Us`qqueH3(%`;(bQk6y1Rz#*2Mco&AYj;DAUk>HN>VS=QO1}g(`tO=%~jK?qD
zr#cGuvG+zpdA_TB#6FQ<$M}S3q@i7~yv#rpiY?G8W%(rRA73C_9qt^GHOUsd-AId$
zB$phiFbNf>g^0#IA_zU2V=v@Q+zQ%?JS8<z6}drkXGp5umPc@8S5_pnQyOS>Ji)#A
z#g0}w=xi1{z>=ISKJZ;5hcQ5$FClmLte5a;21^;w!bB)#v1J>iREH35jR^>QE_!fh
z+e9NgFOF^0_;TBwkG(KmBrF>X4KMnn(6?;%!8c<fH`k?iRuXqqhx3y|PiXBPi^C1c
z%F>}$suZ{k@8a#>%C)XRkh=Kt@5!>s=GR?zX@Yurnu#2v@6+XPMAK=z`^5>Kh~Cpd
z>$~>$K&Rtx!a_t#dC@1}E%$05ovl9^J`&*(tWvYf?1Is^4I7*aRiXgna5R^Ik@j9T
zBdUeQCeHcOrkl0+V$*W#8j9Ska#cd%xA)1u(rr?0I>aaGUymHQp|lOP&ihs_^3}FH
zfBCMMhQ)l}9k-d#D*Dt;syhFutx}<;^n)*omIj30U6m2hKQi(z8kh0s-y@n%W4C$e
zp$K9oS+z0nc&)rBB^?!}+|nK`tkA!1Ce-tj<iw<pk4Vqato1jM=-akwFS@W>|NA%h
z!RvkiML@d0Ql3QEN0Gx$-D}+cw|My4A*U6JFuJ!QIvqpF&o(Q~%b#PzboXW5QTbl<
zP(avfa_5SPuZ9dLL+2&-Ry`MG6PUp{3|>5k3=5sv@Wt?D8-2+GD!Fv$_#^?9)FVC;
z>7(A+z~1e4V)#!yFbsbsCo)|+-RKM1s_<<+H#KUxo5?JjZg-mn5Dmh-`75qCEtM>m
z)kI$pQV+O{VRg94Cp^IS@rk4}%1Jp%DC=`hL#r=zZr!EJ6Q&v4<XOXs-%P?ewm6>_
zCZESdLz85EMVjS9Yw{LZWs8$8Q;2%d?4P-PDC_8;)HhKjZq+~idjHDnv*jk``ww7<
z$c6=)qbyNQC};^1_v}U(YNdDdz!Li5(FzKv+-%3HWOBtl*=OGr-zxV61JEk&_n0FW
zs=G+kb+xRen?M<hi-JA;LEbIQ!o!Z9e}G48baj1r+u>#_OM<fU0ED=Iuk_A4VP6F+
zOz#5hOOL}81)`J%K?Qbkg(>XQ0Z+%%a5=wPUK4!)H!!i-a*#`oc*Hu5!qmP>PzG=d
zM2o46t1}{kY1|(i*oaa~YE@l)zJnxs=9I*&S37rc-wPHOTz5qzkD7~G^f1Mt8h%<k
zTIc25w+dEtYzSjlvU$N*haDtBD;A^gtTs?qUhH&JQPg21_H?5>+x;^=J+EI9{?H{1
z1ngn9n>gHny`-TvAr$AnZ7OM?Om#v5){gU&tK%+nu>F!iZj@q<id<9`>~Etmh>Pw#
zyJo@%F0OrzqnXByyKNaspAJQZ$SlbhWhs_a{0>`B4K{z%Vi*NHRGPr^S<$Lu*ObE%
zZI&)gXYAq2)FtX_F6bVXzF`S4jS~Ro0E*d6x3NcDP9DB!82;0ARyh3=QtxX6z<cxL
z|4e%D`>Z_`2${Z&;2s0$IVX6z_yN63h;H!q8#)>(3YxdBBN)y%-__|JSx>!@nuprI
zM+vAG;zOoL3EqtBvvbHL8F4V<lX~FFnXAt~vWYr%dUyfF;{j*jS!`RGoiSvW(^`WM
zE{s(3f*z<7T;{i?Q=nRf6D$!#6Qzy*C6CZeplfW?bU*|C3-*9V*9a_V>%CH)r}g%8
zK6gm=!~~gicKcDuZDGtloR#s-L2A0o5`pttiG$>uf+|uN>xn~S3l3nEP}aoF4mR}L
z`=MWhq)DNSZUt$rJ>>Xz?E}MGO}v4T#r)nsA>u#QuHd44G`c_$c0^Tl-c#(5Ph)!V
z1swT6BzFsq)G>pOK#=9s;W^P=79{o+q9<)Btww}wv%o^%fFnz@%<zchKPuQjje@e3
zin{9E)Gc{(LI~4vg)zUnq@fBGW2-IqtM?S~UZrKo9`vp8+T4`#WQgYqXZ-?*I>DSq
zl#EIF&Ex?fGi#l?0~1V|Lvui}mAKGT_CRkQ8ET@_VVf0VK+p1dSkH1-ZJuhLAI$Bi
z;&MT)-t%7%AsK1|M~X<ZngZ|HV<N(hvi9vEy;UJt*I4JD*TfclwGK9zSMMU!WU;xQ
zgwllZI%}UQIsg(~dscH&9pug2BsJRnNgVtYQC$CKmJgZq<+P5E|2oI~F<ZOF{2`a8
z?8)Ozq-)_vBx7AA3WH^^5R&L5Tl9&x4y%x=mJaL3lB@!o4yW0)_$Gd~Ul(kV1AE@)
zAJH!9icKPx%gx|l8rO#?28@~H?uO}TvRAo4QvF)|lZJdNd-JX#{Sx;H3Q%{ZWCD#R
zpt%z}uGAWsyY1Fg&Ch406hoh}%-B_qAFd_2R+Aqqz*b1-PBU<o??^977lES;9@*ao
zC{>2*%vY&iK?_o<<5z!KY(gjH;dS5URJLVe!wdtoc|?Mhq+PAWJtoBI$VQg0oB&Dt
zz&kFPX=0Wm0*`hWQrQ!wDM|*;{Svb_dgFwd(za<I@3wq2ZWVSNsW=XFfzl)<0oR6r
zfYSaiQqy9Qm(Rk(v?F6cZLeXh$?5&m$dV1Tabdh6)LncIUn+LjWxjmGP2GM>l9uYb
zTHZ+tL1s`3(><wVW-GO}?Z~g_ied`mJ+7z;_G!QwSQ*^BR$-zuyO~g(-=c!X<+6p|
zCKUfT8^GzL6g@W8r6?xllz0qe{03e=iS*j`@3Qc_BomlUB%x>@*+zs<pIi9BU`e8*
zql=rK1lK4G8>FDo!2HOY#x4OqvPrX2Rj{%oGs_2sR>ax|*U$SZD79YmB1lqaVI=^|
zs|+$&?pI?){2g={6Yt?#fTH2~M}dBm)KH-eDU$BGO2_CF#)EzJ_*W0B)n$oxyDFeU
zVlgb^3AVV9Q+A*LQElqGAwU$(N+1&AM(iXclkb}$CR+0_3*4iMwK_-om{77sSEet@
z=c_9(P1&+uWfW-!=S&R3CIq8R18rz+lzDrq+gq#pmFrp$A`>XVcO7b;N|UvsLs*sy
zkTl^Y4^~4qdStr^13#&t%&1BjFMGBEp~}3d=&BI|Kbe64pBZ!`%QpSOvvnsxOVQN5
z%|z;kJdz0)rF>=y72^sGiiHkaRE}~)#z=4UC$V6AKT=?fjyfn*@v4|?923^r_jWv!
z->;ZgI^BsFRqh?-FSqcQy%R6Z&z^ZEN<8=%Q+f;&6bx=e3}VKXBO&04!8IQHM{xOd
z4@<el9YXNBLwf%7Scj<fcF?mtNZH)*fSvJpHZo=qX6_FNFneYI+zEp*dTiV?r3gE|
z6Ks;xJX7G!%VWKh9Ze+Sa#wzQ2MzYD*-@+C`PS52EOlAS_uKCH)O72@K!#nAu0v=t
z7<35$HAgwg*Khzd)wjr74u||8&7h}c`FZX@4cMDyvlCrNsaXB+jol!2Az)sf*mwtY
zGiXO9Y+kw?W>^^YDvafBL%5rL!=tzCSF)%UM_8|&PY~HqF6wR;I;^o{^QQ375#$5B
zbShk0YHXsi9HRCOm))h4{ONE_d-LH{-}63vySk)jae*(qC6b8ydtxZx8V*f<jv@85
zv36#>TTeZNCyj*JDcsV6>N|8_X8hX?G{kI+7KhCHZu(_hXDphv=nZBpj!gf-n{YOJ
zQHR38xq@K&ENIYeonaww1p2j)6&e)ja=hQ<K>nloF|F*pyQUOqO^TL<Od_#i<hy5^
zXCqeR+D_2=39{n2!vueBfq>fSYF?}R@!`cMaZ03$-+0?-^xk<+!(iWJZ`rny0}g!X
z^^v?d^P5tE)iv=*Ozgs#jrHnsn^I~062gDo=eoK7EQYkPpdB#e{+0`D*9>kiA{R|@
zh4>6>=T}t#JlRv(o^C8l40vzS`D^a_Y`*u5Sx+V`eR$vg&oJ=7gmf$Ea8=mN)eK<s
zh#wXDYsNy{1L}w8Ie0>09NJpE8T>7Pp1Nh<<wb0lrpf)o_v$x-elle#K33EomiGi&
zp#E4AaYxgZo?<cljqcugha|c+SA%LOorgF7<G<s&l<~?TQeF%Q2qYAUh{->%+EaS|
z2L=EDT$vi!zs|cN3(DZ3zg6g5rPB}ry+vTCR)p87VQiOY?5tCEEJzjL?l`IgU+2zl
zu>o^_6oDwxTgV$&$n5%%`uJVlP^R?{+WDoa&B;khYS+zIL%XX-ZVRz?vKmVeHt!q&
z9Z<)W$!4k=G;dYHDNe_;pNt?bb5n-oY-;NQ-m((ByF#I6c@7d<wdP;6(u1mNwix3Y
zJlCFX#9gPPPVNSt@&hXuccR-(3qvfL3Vs1|aK2>Y@2?LLem9xgTZ%ZAXEgg&WpyU^
zNkj?(<fG#Axqh0#JFU=Pvibah;zALl%(?{D7JLIZP$@Nf{!AF2QLmYx;$}#NCR*?@
zRhRLzQ{PSnnv_zdHCOtX>!yo^AFMSoitA~onvg{y82#B@l@N5GK=Cq;An|MwzhsKQ
z%c6vG4MvAhN(>q1w)U!qq#}PbRVZ?bKOAm7;o%T3EMa%5u+ljajM&d?#fRkP*%s+F
zL|*w+8cccZy7xy3)F_i|Z!6YDvT;J(K9>b)cj#`UIqAsfT30M1WLeS_2ycmq+Qh>-
zqN5#|%FK|r-#`!SBNm%QkML!xQcjeZm(xD5V^t|DZps(ke;`DzvL;XGV*JmbW>CSj
zW5hgFD<5$62c>a5&+>Ss?enFR)#Wz)XKB*Wn&I-7aT?U=?;zVQwMy9+sLp2v50UPn
zbVaTucsF+tSt3fS`@Vzt+$EqH9@(ItEg#4KnD2VPg~Agof~YD_&#c?hh?C}Xl3Ikd
zZSJu4jo(dL=q4)d{C-cqY!F}xF74L^(*h-a&-6nsSzf#+nMkr2Oh&_*2wm9@S~bA#
zPAgCdJ}UiWO75fQ5zSGuhtZkiFmM+k58)buowMi`8+VL?-Vel)^zp<_sz|$|^Yw{K
zl*wD5bWp$-pfAciIlvTHPt>~}&u;9kSx^caG-BxFqA3Vq(uA+9GI$ySm`{-jS3Zn?
z3%L3NAZBKLEA`EgwR6(c5-_CM%h~y<7O{_=D!3HX5l1{o?Q2A0Lw{m@9uOycBpE+*
z4X_sN6rGX*&>w$ZS;qA5%3*p4dlPc=m3s-X?GV!Uxttq6B<UY$>V4xh$<A?)@r&20
zf040qu|P~ffI&ol{W-1v(DEni-#Dl&gmur1udJ};EqvHmJxoRtS$x7w0CJekjKIc~
zO*tWZV*D&$N3#WO6>X!ON^v!PA~rWm@==sUZyi!Q57-=T%5=iy6E*M|1h?n#`Ib8I
z($SH&%BY9|3u!)a)8BgHG2fK2@9X!nZ4tWm*^6E~xhfyaMa+Jxh1FE#>NQxTzi)I~
zI=L;~fhQq#Pl&i8+#OHO+NWiBP&&9J-QFh~>uJn&B!=kPx7_MH8`z4U!Hn_;PV`;}
zs)y}X2CGBsBllFmO(F7S6q)mth?~aqfQZv1uu4{@prR#lEj&J;E*YkgHZ=^ypkHL*
zbXLgUu$h2%*mO^}QE0{Tp@36F%Q4AT#&u&fk?+Fuk$_jqf$Bci%c(&Vr+4(DC4j&(
z?Os<wHn3oNbxJc$q;6#KGbS-8H9V-6wPd%LAZJb|Tri9=8Qe&gZCW>PC_I_~!ZE52
z!=FSo`)^h#Yvs}2bxSni;4mxeNQbqdq3@ZIhCgZEk~ELr!Mw#m=#+uL-cM)cWa#Ed
zE2SCHblA+!>wq)L?r<KrqbIk;s5f$i{wvEz_v6az^nNSs`XKGL9|keXoi&vCO3oYB
zD`}W7;#SGvV7BUJ3`XvX=B@G8AVk-3YYT?rJMbLqD(R|CtnC=)O;3%`Aj}ni6<4D{
z0^x^$R*8Hh3eHisN<^|>QxDXI66ShSYP-c@*=04S=Tf8;>UFiz@k53#m0Q)55z+kt
zW!@!@B47^!f}9k0h)~u+l>Btd5wU?OCVdUOMz2fe7+G#XES-D|MR#w4NR|o{;PspM
zh5bNl7w?l(K3uerKV+0ls4bbWBTYNv5s4gRG);U+DGLA8waGy<djM?ca2kt~3`@r(
zqP8aZ&c7yVCqQLKIo0RB^#AocCdpAzfm9@_#2$$sEFqyLQ|e@?`0On^$lKqStVmdX
zt&LI|0OXdMk0MI4>+Ne`up^bpA6o|Z6>vI~Hz|5omC|oH-|>ZAU<NTmuZ<~C-e;^b
znZ_DNJ(%IWn4t}sP6O49nU5zL;@uPaH*cC4TP_dcsX^ZIosv2}jWUgh*Dgpr4j;b~
zMvEEp@5uHoI2@!v;CPKk#=D#<pcj#{_n`c@MX3;;{rUzXG76MBG#>;HabffBO{Eeu
zoFuNJ?-fj|A|v_-hSN+%w7czAP*Cu6EkNC;*zfqpmogN|+Gs3;7AUD=Cxwm3^GRzX
z6`KcH!aYXQKLO)ms3~%^`o5?t+AQ`{ym9u+y%k7!=P2^LcpTk6aK|^eWhGo>*3fEv
zc$6D{6!MxEQU$SC1!9AL+|und+t2L>{1eXHYh5DtyE`qJV09}5J>Jdn-z#Y7;B!VB
z|1fGNvW0VX(<)rYHj62B80bc`qYYQQ2XiFJu1&e4QW5#!l+*?vxyp^=cc)=NZSBA%
zbIcPJ!91XxD#0%{k=THAW6y`K)k&+w2q{Vy?4FiLW-F5Rh%+PmV6<6xczNa-F_%-R
zvnLVhRcq@M!AwlJ+T+5a#JzCDvB+1AUuA1z*posA9a)Oe%5mPZ8q<thg$IO@ru~Na
z?m}zSNR&)K;P*7PD6gCvh%$_KGD=D5&S+>QG6h^iyZ#=Q2q0!L_<jlvvqN~&-mnE5
zt%ZPSFChI`myywtRzIW>hSLE6hfcVdiYw!8p5JT08KC)8)#~p$;g42-VAoi_2>iDk
zbC@%{b{3?HxV4y%A_(MEF(%Ilv^qVK*jqL-TPj-M$31NY2NtIzFU%#+OCEr#q2c)b
ziO@OABakqteiIIYCq@tLM?SU24{6eHqZ6s*Hx8VqD`+n$Oa?y(t(76?_iKLM2T31c
znA;14E!7u31fnuzeW8Ry>~YLQOcb=VlYb^<m(2Zc4UOxWE^WNGdHmGOu7eWuo^ALT
zE^UHwu4~dq&YqpTJ$k|Dtie58QBE08a*z-`z*2`jNakd<<&-o>^4oT{E$yWw@+BMW
z_mjG@fZ1m0!^847^A+Drj`(yN_#ped-)#gu9yN;|zLEnI^OYu>*vLhS6j7o#ze!D!
zZ=$Eo70=9fCQNND!REul{$a4<_CmJ3?esUbTv}JH`cExMPZE9BB0PjiHz>HLdLmoE
za>Xxe)<A`KaHbn!YwL;+Pdz)wqnv-X!|QaL%DHph?Y@j>Sa{Oy7{bEgIG4UaN_rVL
z_+GE;mz@R*hMe;yVSODh4WiX7e+SH$F@~tA4N_UrQhR<wYsuC#^)o&P4iqRq{9}aX
zc$QWw@ZBqSm5|Ln?lcz`E5APy?}`ko_`Y38uDVG0dga-!!rW!w9>Cr5`KjFRN>hBv
z!7tPKhF`vCqA+oa5xo$Ol1AJg={vWCH|v0>D&ZJshu=H!Tf1!x>i2IX;rqJ7xUWTM
zWNobai9PX!C=<@){7YLfeN0;@Nk;&bDdsA&0VPw#mTaul7gB6?*L}uZ%M=rs|7W9U
z&eb|n9Wr^jlK8pkneeRm>%o_}^uo9Qy~t&H;)N|cL>;vP`<K&oD-}?fykHWrn2goO
z#~hQWigCp|%lLF4?m>%Vo2$Qh4nNcfvX_5&rrH5B&#O&@eIz}4-U_Z72d67ot7jQn
zzu~={0;H*bOM8Rvrk%qAt@4tVqI$cnD1w7}_bP=6ViLtmzrHNJ@;%4C)x@ah?iMo)
z^kn(E0bY1qT~L+d<Hb5J2vkq#AZ6f+1=nlX<f@&t?>=L7giY(BJyd@hcC$gH+ZX?s
zBf6dg*xMgpna1PscT9CcLuO)wi~<6Jjsr6C@t40NID%sFxUU2bN_)-erGj_a29#wg
zQE*f6xNsmHPtgZm7ocC^!DAXg<Qx#43$%OdFjkQ~&z(BW=s1IXf$iCU9CiN_Oxrjz
z`udM`zWB{5J^h`022GSYx`<ZUos{ieYgJ99x7l-2E$skgf;a>8cv(eo2RPi|lWSeD
zO*%-oD8bybFk~4}o=jsQ7L}UHhg072?=t%^o*P!L5iwMnAQ(o;ISIAhc*&E7xu^47
z!*s+rP@}<|sxy_hz^_|b@1V&7Ho3ou^D`p@`5%dXB8z3150EGU+Y5Rf)?!>)2{)UX
zYQkUU$!>FoS4{}uft*pk3;~~j5%F>_<nBumr=XTf$Esg`AXa>`s>1-psrTU+XzTA$
zv{tGhZKm3h<%h0YGg6?Y^Ph{<399i^V-4hX_k8r7_#u>!ZHW^EHJhO7Z+lMPoxD4+
zjNWXLV05<#>*A90<p-r=(N5B?1<cOfxnQPhqC4)|@D41tG|g6bF^*%K(1v(=H>L~!
z+JdECWH<d!{Pw2|>l%U=EvLRQ?RShNRarKt)9b<=WU0@T>a#zA72>Tgb=CyTQ%dv$
zu831-P7<v&o)T~5R@^v|mzN@@i<w>t!5wZSH7vv!=EImWre26*)gvzQ*zhN<L;Op8
zs`X9UuV*{I&kXX>ezne@>{&n6dgSBZqdCV={Cz_bYqA3C8wJ%t^WelFi`!$_m%50d
zM-%>sZ4)U{lnsY5J7#(1`nz>!^RAbEyun$g3PF48P=r4<J?_P+UEvQ>iwy*{r{m(a
z!ZSt^U7G%v;KtmVMNUO%1*blcS5>#6+)%xme11upuH>0PjOJNcv>j_w3EnU_k}Lfz
zp4Q`D*WM`niDYYLuwknd<OG}Y*eyIss8JAHf0ML&1hBnea-BKJaeEbg4W4lhLu4VI
zDLLwI8#~lNzZpr?JkLx2V09QthRrn6M2{c5C<4Rl&sY{lW3md=WJjFUv7ryAo<&W=
zSjm#}mW+aWem@lF&E4Q!UT(E5G#5*$5k04iVtTGIt4Sd9H|hu1vU>+H_gm#iH$Z>G
z>W|?_FNMEy@%ioh^h<$Q>QPU!kIqr~iU2j*6NMzR|IAk$EPYGcEbJJYBQ%qMOi0hE
zG>jwR)W7WlG_0t=J$jcV9%=!iR2mlTQRr^p7VHx7Z{{8TAPAuK@AoTyfRkVNq`5z~
z2npcazim(X>3$sC_a-4VRa5GnztRpa=xG=_#@>%7(R?BWTp`>+_*Zn>E>qoErh!eY
zx63keZ!vS~O=~P@aOUN=TbeJdiv&Y%i)q`LHGG9e`cJ%Nw~SNHORmYs4z)iYU&~!k
zQ{ZIXIlPQ3m-cM5va(7e<PkG@PlN0HnX;CqM}H0PathsGQr&j5%{JTZW}EFc#_2VE
zx7jA!?f=$nb62~&#`&#td+6oe^iDDK{nzdyCL(-^^;5WCZCbhg7EVo5X8p7qvXvu!
zbRCgpYmJtSJF~gY6H21y=QAQ+An{>ewgLn|S?rcNI^da3b<KrM`gNVNYZ;#Ze1y-;
z3j>y>|0(`%R#^T~H{699T{5kT>>3sWye^Tu_a{n5gngpf<x<y*$z((I>R!3|wiAXJ
zQxDXgv3Oq;=VU^F`Oay5ZMb^ol;^HhJ50uLpV?UT{u|po1S;b)9V7GQ`n*7WNVmF;
zP)D*pZ(}-CY&%d|jyygPnzJ*oo&gJ9bK=cBv}RJ)SZeNdP=_sKypSZnTo@d`OYdw@
z#R~{EuWP7a;Dzs?=8~l>F`7*U(CMoHu`)kQaA`C>t(PQCU1@-5Q!Y(0iqa4$(SCoU
znV!{RM3feO4Rnc(9gzaF!-gcZ5eWXUt2FIJ5@-HOM$%R*#6OC=RWnM;L$&lg@gki2
zC>mn)kt+e9-@0KnF$0Y*Qx3KitR3|*5E}zqHW4b0^9)K$6Ie}!&&W27n-*z1Y+<Vl
z*(XxB3FgcB)Wse6fm2ThkIT+wb;f{(0T@UP^p0fCe}RVq37-tGGt(_?aoQ*?>*2mb
z+t|FW`IR0wzOy98jZ|neuSy1Y$nE(8HJ{@4j@Fs|Sb-VnF7ZRfr0|RldPBSfZ~I-m
z3#>d*-F1w-{79=U5I=5fz!JoF81;65*wxXeC7};^r|_SY__O7gTO&QB<vATwrmyN6
zrDzsT$jpk`z(QaALjH4jk1&F#hKBatu<M-i1t6+Zf)N;tjpBm1^;)o9)^DrjPc_kw
zY!ZK<ibR1=AFA6QrUgVxr_Fg?TybK>_VZXljWT3ibQzpvrkaE6&c=Lf(X^OSNfoOn
z-)8a{&%EMAhy7dmERm?yPbAaE2wsZZdWYS~7WIOavcRcjjiP&G6i~s9K`a~dv+*);
z4hw!Lrh<=@taXGx*r(?-MF^Wcs!iqKUqQ)L44zT5nW5WQLdD|ImfnF&ia13tK2=8k
z2_YDz=jgh)^}aqu=}EBviF5h~)AAj|k!T_~!X`HIfX-kfmXt7vF@PXBS1!>aD%Fqe
z&2zer<vG_q6P>p6he|ivF>Uy`#d@pgKSRw)3+F?0nIiiu!MTPSuokSmxJtO_C;kDY
z9a@Am+c9VznHj2^noUY_h+YEdMwcVWH4+phQ2LrPj-K-nh4ZUbV5*Gj@XXzyYM~KY
zhoxHIFb=~Zx+J%7ma4U(B(J;Fvr_dWvqk@cp#A9uk1Xn{)_7kxCWVrBjh)u)*yfOP
zu_`@?32atg7fS#9(!`W5rk)TS@9_+63%`e3BW7Es05lc(eO-f=d>_;3i2bDtON!Qu
z;xqr~xnBaQn?PEpr)@|I^sHN=OdI;w3(c^my+eFD25L>V6<#Ht$Tmo_J%w1IU_9a(
zE&4PG4RJGv<v9OG^l`4i+2&D;0}TVR0`a*o4Dt7=3#3%`2NR1eMG+L?LjdSlTbWUU
zcokim1a;HT<qs&NSebNm2K;@0f4yEb<~F;aA7Q`R8Wj~61mQNynr{n&g!1-PqEpMe
zJ==TY)KuTJ=Jw;$ABbuECj>VhiVVJ0(8Y)f^OUH&%%BQ#9K9(12$xbvu%#HkQpIZC
z>JE=1h;T`j??!U1Jkd27rSG-m{1MSD+@c+CMQdB%WAKho!u?SBeOv1%uri{P^m<)D
z-5Cs+_xl3TU^8%bdW|=*wmR;5=d5B=$CzF$o*c)nZDj)>k>ta{m^ze6V+I9(dY0j;
zgtX6f8l1{Arr8Gn3RY!Hyrt>sj-o&OhvJUq&HT41D7n^Ljl@5LIPM~Mh01LR%8yyY
z^Tlab{7d8>oQm&jzEuI24909!?7wa1WyI4~Q{09c<~!GF0~LBmvK+gb86(y?@MdJ8
z+DdnM;cB60g4OGq1A7JtC||T7cQh%;!$I43L}(tM6e~2TWmK7<pj4G%-y%t9ClbaF
z0T9xKjwIS((ELQVA0%c(PHtIon@$+KIM-jZ4w0FwXTa=wl##>eeq=51-+;-&NY=|A
zV;q(G=FCT#&&thMLk>SVRnJtv6iO!%IY^7Mw7ut4dw<Wf_59Etdl(s~E)fBL?ZR-o
zv53c2iiWKWtymx)R{=-bBs~e|kY|^m{)yZQuF-*aY{Byk&~>~K#OgLql7vXPWW)33
zF!>KOh4we#?kOq1^tC+MLf%mBBghxzX7)l#<4;PX?;I%+=v*Dnjcz!BdX(|LC`0Ym
zUOSADeuUDoXs+|Z3E|pd#T(Bi`NZaN2l~#zChd9{sW`8dJHVgF>pqD9Q6}C1gr*zB
zhCfQHH0AQ_5H0-`B<6QoCzDli7VhZ}fS3CB9_08hHcz(g`){c^0{TyK-tNS<Br}tp
z{2WKrsMzP<R~gTS&|m*Tv$XH0AcsMVZSCRKi`$qrp&-x0`b;>rDCE4s&@^gIh8)MO
zNroA!)S-4Lc7?khuZD!w>3MJCMqkSme@3$PY)!-4>CS__CzOXNQwSc6lF)S=Meys{
zVge-AHHq7vwAy*UA6oLN$Qdh`mQcdA!6(0HIwN~I2qf=njf^Ap@ryc%<M72&L9%&5
zv*W(66U=oIr6t!>WD)fEYejUGpZr+0?X+d&qKoq?lp&yWR$l2ET2DR&NjMVC+$PyC
zpfBW9?ZO>NJW+GWBGwG&p8^U{w>JSF#|OKgTjfmM)3VW-|8w*G-`M=pG1OQb#gKk6
zClbNI)6yNWE0S<J)7C^<{~|p&Dup;tj%gd6SH4cC`(GxA29DauX0*$>>~#1WHEKvw
zhV@RWGC^lfx?sIR@((t@b*Yu>m(E06&q1Owxv#CxCg6ADZtxE~&l@Oo%$93(xoR=y
zXeC8~i3=N>F#Q!)2H!8)A?VgIAAyM_a^c%_n3U&^`U6(^hYtU*_*foiYljF{u4{HC
z`l=Fc`y62O=*Z3!L=$bo8%9E;50Bc8TCzZULf$*5jw!6+L-p4mZ|%3e>cn)97x*uK
z3VI+E2+7C3LVjXwVdHDRFPx>!CT;_<o4<mkP8Z5S@p7R%t5up!24O9TiSC)Q*IC-C
zZ0Vh_-<qz)ISMh2at<X4hBbLYA~%~c3<-{ZhU7r@^Zu}@&$HXv#f{JBo~>(7fKCe;
zR^V2svZXN`U!(U*8rc+o6VG!0h{GU}%Zi9j1XHz!3uwv<Qcqd=&7STr)L7tdU1*lb
z_m{P80kCE^PU{!|SbE1h^fgDiU;#<oPm(7XUEo~RWD0K3g^1*7W=z#!I!-E4Ka))i
z&qY#G>PEf^0*1Q<*$aABV>>J9r64ni1Q+|HG9TD2a$8qW4c4BT861B*`jK_dReA7i
zL@?SIDYSUdYs4^%e?VRdt&~?#YmGRa26<)zV6;%RNleq@rVtL6nxkEiA4v!`!p%{1
zc$j;OtiaX#__RIG0=kPvitWtiRc3{p+N(2-jGJNV9{J@KaYVKdCF7n(uv_Yrs?&X-
zG3lVH27oao?o?$}%Cm|&#I=c;eM&V4C$6#d!<w&c3Y&-{a~%bplaWmT)EV6m>!HYr
z1WdiC7<w3y9v%qW_XK`NCfy5{2*(%Ckt&%=Qx%NR9c=KLX=*70&--ci)fB)p*Z!oQ
z9ksz8(LM7rez8zJz-|=&t-DE^+!vq(a;CKIz#7F0RH|kah0F-atd|o!Vl-96!@A1r
z6|3$jM@=rs91|L_-PiZz{e49s>jzlYj)}8S{uPYNeMOvxNov>zp@H$<c-rH7Uq4ru
z7iZ7rc3dXO{(dbAm@|j7)C;~0<$UzE51?q*Ty-pI55W!T-c(AhSoH6L1%e-7d)QU1
zyk=nAw`}B~gR7(;fwuo^v#5y{nt0}OGAQX{4cwqUaUZgO(GCx_Rd3$J_Xt}SWw%_2
z^Va~+qYQd0)I)fmzMb0w(wfD~T)k8D7R$gqMzmhifV&aMmICLNcvD=X{nVnv-385Y
zNs$fSQ3UB7c#tZNj4ZY<S;BOPUQk1NHbN9mOB9S5X>Zz(8U5`v@f<KMT|YZE$nFoW
zMr6>XFz*>OJFF<U)+6Wd1<rCVXN(B;aSo|CtA#%KpIwS1HJWgCs!2^RlGO(sNnEK0
z{CvGAl#pAnt{R8030eb2KRmCv3Wok1S6#`Mz)+h6SPRXo?rXa`Xx;bxA`!Hilzu)a
z_0jdTg%Zg^3D^2Xh<ZGBv>ip@ML1jb**Kf7R{QcGu@lPFI{+EaVDpjwza{WyB{iq8
zQADedy-g{rIDByQ$2{h+_%mcd0(mzukky@q+4lFeJhLkQPn>x0O}lTGy12_ub2F1E
zQAS=GuQLv37i0E<x<Kg~N+ulLGy)NkDknd{5mQ%ZS`|P2dTZgelz!;M_FZwR9|w&J
zUJf11ZxeJ5p;u0G8Mi8pIj^hXJkkAW%y(ym7yXxi(%H9{PWzIWI1mwNcn}j8{#`=9
z{Q7g%*4>2_MSjWCOxtB>=(A9of2dT%r9|5?R!j}H%T2ii!74&CNzksTM`1>iDpxcP
z_yL=CPU!2mJ)|jV1(x}|OJ48g{zxyK(YC9F|D2P>uxys5x~X|=vyPW{SC?OhOz&QL
z`_EuX+P(o&^wdFNjs*r90h_QM2(fPT=8yiao%UyD`!N7p(0~qq6CwO>&}$a<a)1zC
zok7Ta=-$RSl>OHm+A_qAZNMnP8E=KMOO%OP2JJPtGi_+~DARP^2_VFZ{_Qj<DC!vj
znxQV18mb=0_K{re7_p=NqySOK24xs>9fm5nR%~xHnL?671`=U!Bq65K5-XqXN$p-e
zL$U3G*){MFDp4+(ykvN*59F>z4uwNiv5unZo4W?RLwzt+znoa;xOUytY@QK%tr3wF
zp5C)PfnT@2Y^4cagno2gEy^lb*I0x5=q8Qj?3|wC*JxA4qOClBj7CLMHMo>no<iQ#
zpo2wA%6s~T6UFx$nwcsn$0nEOX;yN)7VWDSCt+MzlDw-EX12jnccz!efLoeKjclE+
zbgsWAK)t+1Rd%K3?mQ>m%bJ8R=6;4aX`1xGF4NU6tEKDaoNOH@5Z8|jr3`6fLRqk!
z6RB0*0sY3Dbb24JP?^OoS<TBEo3^ORv6y3_1oUX#GOoJNJ;5vo`k0_X$w?nL5@MHW
z=@W{co}7qkmS~UyR*I+r*B^0u7w*ju6x$>3RZ+~{5f3j8=}c_5m}qzI(k;}lH1zvt
z36kp;McYauoJJptv^!<~*MUs6ezi^p-D?F4(;VSiw8*s|+X*%&TM<Sk2uXShOHDY0
zYf>>L-dU7x|F@K%;QA*S@tS0p_?l#2XiT*8r?etaN_Fhkq`Ab1YGnR9#~=lx*9i==
z9q2A%#$cCSV@Yfe|4d*Hj|$dY3$>AO2uC2edy@**zXJ+FyfX?uz84yfOYjVz35<W8
zGy>TDdm=#b%6BYq4g9D_zz)z{9i`Q_FftiBC7sm8()#5zFiLSt$!t4o70&IbYUR6Y
zT&Jn5`cD&3Fjg4ZG#e^Wu28(Xl*a|hX4%`R?h|=XK;%9~!&#`!dmyEvSYHS>Rje(H
zV^_|4u}pXS?l=43csgks0r!55Z1VFZz99(ob`oJ)RjJyJx99zf=P74b07ocj)7rN>
zval{<7DG5vsWYcI)HzSj>wq*l?yAr{f1Ro<O+DFmU&ruq*2c7_J4Ng2sX@ui>{+Y?
zJxesU65p*@E&-%>SbqiB{f_7+LZt5|U3n$D4#W62@*$ph)g*y`Nm%p}s!&c`TKs!)
zN!m-@@-bl+MkiEVnhIE_)F(d1maX`_c_`E}z9ws<OMe^c=}rLN9Q@RBcmBAXLUC1X
zqYA#Qjou$66*I)maA|#YsnO26)Hg)7AQUR!!1FkK26cg!+>8IAXV%?6TJ2yNjeYo8
z`!&IjHs#GIa18nhbv|k~927LkGN3+*W%<u|cO_CE%4l%hA2$)p4~J!}D==AwmcXcG
z0?k9XICUdny8&azN9gZ#g{?rsR*>+tu<`KndWJ}6IpwFp{=t*Yl4+?1$#zytuU*wy
zc>_X0cbOvPM!z1rRmO@*SOzyP38sxCww>IUMezX2o;Xxyg0MH0zCmctAMlo?)Z^f<
zA$3pl-<coV+XM4j#98Bw6waBux^wPvX4Rq=T%$5qrqdmocUD<e4GlK40x_(XHjC;9
z!s&QKWLx{Fqy<4U{ehqcV*a*0R~U~0RFRg-DT66Ysgap04r@i2rw?Fu?h}XU@<hVw
zVWd6KAl!Kjy?5gDHnSj>I6$!tbqy84g~gN^uQu`ct+-`e^^6Qk#x>P-Cz3vjE`GR+
z$S*eUk%-C;3yl5#YY}s0+;78^-7T|{dUvgFVZSVi8(+u|>p?gB#_{?{4;tBz3yd|p
zS;K6WAAM;0<g+w4-(UEPA&u7rD|AhYeBL!~)GaFY7i-9qIMgqALAWiyi}D93;j?9>
zkK~qrDi&@nk}S>Sderc_mg>&}xo?84vg*x5!a3X|`BW*YeyhlyV7w?%80K)jo@#(v
zfmUvuMHw*y%9(U7s%DfHd8CAWg6uogW7IOQOg=fU2M)zR^9t@!wQp$zwXRw+JNOS?
zq+&}0<?-@j(;xlHCIOAYBs>HH0yGLj!r`Bb)HnYgX60p7aYeD6qk$pQaB>hCl*m{$
zXc7{bFDrUgL>e2h>MA8mo&EFzHdhH+6G_px=*tPy1G|<s7mFspU=P~GLnk9TSb!er
z=Z#!@rhL8UDaX9Y?jHT=M_>;T6r^xDhNIX#&MNv@C}YDKd9!D@JcnnbRb{j4U72{r
zkl}KC=G4-4JZ>-XRxH^n&aOCc!tE663T|n*&0zQs8=~R(*`>db!^UpS$lA_@R2Dd<
zwQV8S7$z&0Bl*iLhrj&+jeg7~v7VHx<mw(NPAD(#b!1zYC(K}YZgRUri&p$+PL<D*
zEQYZanOC+N4);qA>Bakv<J<LGYp#Ij?@3jMCcHZLf%RC1btLQtZ9LO69gCs6vJ9Gb
z|LD-@6OH8OO;1<MPWXnGOSZa`{NpX>DbCiBciPArwOgYNZlJ1Cg+ono%*dm)VOPVV
z9{=7g7G~Kk_H`GIcWCC+$7bh<AI|tjOhyOkGRrnrUo<5RmG5z|O-88`6DU@j9vA=2
zq@8frfOja^7H7SJ4QtOQ6f<s}O@n-BO_@z*m~1e({{Ypsk}eM?t&LD_Rqw>yu39U5
z1WL?F7mvC4hW3@Z^97Z<6;*7+3yj6+s#7v|M6|K-A#O~Xl3t709*W;V;UNd>30Coq
zPR-kMVQ+`em+(LtZpPJyRcBS3)A4<DyDu8t3s7<4kRRFT0D<z5>iIc*fE}ogo(@Lq
z?@t~XKE@haFW}gpMP(fu7ixpf4xc+EMs?8BbeCXLjo+mIlvP%UR)QF2f~woT9}X7Q
z*XPQN_z-ch7G#?XUoaFkFe3kN&uLi%XQsoCC3Z7zx`XEiRliIH*i+>3z#X~Mphq}Q
zx$(>m`Ll$|y7!?Upgn3{7jv0?y-K5g?Qz42-}}X@7famy{$!{~-+lZa_BmQIu8G4w
z|GS+3s*EHJ>v12r%H&57_Ws``%@c5?h#@8Q3pFYai8RF(%(6p(@<;a!YPTLq3435_
zTbfED%Q`VR_hE*F%TRCBBdEvEGdf2lL-imHDM#&&B}cEMssibfFLnZ%jL+moQv(m1
zdM~EKdZcL@1;1@7N?(G;EA5RAHdjYqfP8^5uK-X;bch{;w!kVo#HKlK-U%=XW?O>;
zFhqP5bgJUdnF);kfx~hOO+bF`#R27d)B|vFBNWN<)F(?146Xu*W_|4ET5H2#om8%M
zYZ8Qd+E*sFQWaeb1#%i*C{a2((b2k>_&yc!ub2!x0y|7&s)%+!`Zk9A1cttV9TH7k
z9(^=yXVb(dp=jTKmqDzFldYbFx!2#rUtZKXRdn-J8Fx%%M6an<@ZA^G-g!9lBPw;F
zA(7!M+AK<JSG<HO%NO9+`NeUwQZDRcywx7=SO4c*T4QWMc46{mKU=bjYpbIO<0q2f
zxouJ?(&YNOeHde)Z0jP_ePl&Q2{TqYY6Wk$P1N|AtfF2}ixr<^9KsHK(dQ!n&O3tL
z=)PXLtU}VU0(s2kB(|N0UB`^OhQ_ZV;J0t^ZPA8;F`Nf5x&;9o2H-We1e8!`;S!$2
z_%)T%nqqb*Ea$|q7IrHW06`3eILa`5M9>`j!S08chUaUH@+C*pR(5%vTvUBSbow=a
zXSs$t4q38%4%m)~T~yq>t}XRmP#!icFMFoztuaU;oPjx0*8D|=wlGp;Gxlvya6}e6
zH7=m@YZ`pv{_=(0w7g5=h^ZWOv#Nu(jPP89BAx?u*<HJvBFv8Bs?|*DGlRCbcb#JS
zE_L_p*~V=;Qf$n=OA+d(TMuiw>Th1Cu%-v}9830EO`5c(5Z)HIw9OJN`Xw-DR(5-A
zo!pBgUaV}>p)ETjz(S)or@y+s*bHEmLeA`LamKPE$<A}c^(a#ov!4=bi861uYqFcS
z`{qE4HPo+IamTF?Nh6!RhQ#6dmIIhAPf}K09sh1ElJwze7A+mKT`AanhVZA@Z@Isj
zKO_00UVj(wg6}Y(;qYhm<QA<i_b65xa>!&)O&|bvZkZ&5`H@8p1a)zv)ILPxM|X9*
zM?N+_b;E!?{u{OcwO#sz0(JWI9Yb%L@}$h6^CcB9HN52$6=#rgp(fg0zZ5K{_i<!3
zoTEAX+Uc#bD>au;X@%GKu)==76ii`Lk>d|BXi7=du3=`S9o#ZtmR}v7CK)q*J+hX7
z>+3wg*Bs{TbXS(v3$*L1n-%rdiWnxtopv`JJeaU=+t^LpI}b(k8jt@%%UXY)BG^)g
z{sHEU*kYK!0UWE{1EeW`?~69UW~#h)2=1?2GzPz&C_<9znYC1F)UN;|7b6rlxp}j8
z6q#?d_}6E#;zc5bsh4>E+6w=ZWfA$=i$NXfd(#wV@ID2;l<Pnq$H90b1RTy3LDZQL
zUqFerSJ6AoR=Dfy>=Upaf^mNl3!d@?x)pVIF|p=hWJWePB`6ccKmB7#!pglj`ymsP
zHuce7#5E3%{DRp^1zX`)AsDC#wZV!l^-($EGV~hP-@Zq+`_|&J$YEp(-AJn=7s9{O
zwg5#nZeLjUEq$l9(eH!~5+X+09fL9vHQ^x2Vwgp#P73_lXLp(G#GWu7U|kZGE6`jZ
zGigY<be-yPL0TihZ)T@jt&nOB5N|$KxRR{af8wMev5Sn5CtKI*(?5AT&R*PIi9*~o
zEdGu!3x=m@@Sm&z6_DSo*H67yo%*sB89l{rF?(fuTU3LuQ>6Po{@74Rxk)3CQcY}Z
zdiSm%nf}7|j3Rh1YG%sx5!;2h$3``9^r%taZM96#$NCYwY>W=wU-|+9o_`##6hHBO
z(Qo*I;*#oksgSAjC_ug-w+dJ)qVw9oPH2evF*_v&G`Mj+D_)Hwbt4W#uEK7@&uc%j
zAQ)Hf^nn)DcTu2>z)hPy>AC-4_M>+u-Ob&p9c(GWsBR+zy}KBhVy#NGb{%lG!6yQO
zTGc||1u%-D1h2lLwkDu%_T3v{AURy62DF@>J#S03m*7d+13m)dh(?gg%m&fjmn3)<
zYmP3GFWZfrBW-oKf?~p9_=bK$32IcD_9kHIOWyKjYxdR8OBEkv+6mUWDxxen{fNC}
z!a=yqMe|Un4#oXccu>SrGOQStIOx7)>6)XJD@ipSOtIav3eM~?VN2OML(EqfDK6{o
zmX7bsN%B@XjyJ!Bj(1t=9~Ye0lB8Aq<WiWDT->oM`;wW&@|#6(w-?}5QjYih{OI9l
z^o2J@-CHcl8`#&MFg@|kWYQj-2(SFo%H&zoK85u8N5Pp(vTfc#7rV%6?#;vEoxuCo
zm~;<`GQOkBN~|$|xuz53gytyvAcYD#q#Kk2*w(`~>EhIUBwv$dh_XtL7!fhXIYeae
zg$*@iMqec~@()YkiYg+kQ$s~M)g6AC`GoFmDdi9Y0@Nx315Ey~zdqb;uJlJ1O94+~
zyH6gUx0QMYsj~!`Q)ay3#gfK~@7Bkx_zyvtN?d$<-ZvP$2i174n^U#Xqg!Rac)an{
zy#h;@zPfCUn7WN=taSrItk1k0h>eD5B5l2#fXo$<=rEd8yc|7Fdhw-&BQdyBlJ>{N
z)5l}iW9R4M=Viy+?sZ>c;3|ZP$iEKgaa*@3g($<>bgs3(z2F7k@V{VSmcfB6crSc*
zaziT93WV$(-*T(;`u`DM%n7(IgYz}uhWNJ4r^wLvF~qL}WZUEU2R&xvFK8#V*W(iC
zZ{_Vr!I>Bm*7pzIh}$X_v_pc$0{tKoQxwK*Q5+IDNAQDEBddrc0zov2@`4B~q9lr7
zQAkr{QiYH$<^so7DN7HPh>#-=O+ls;*9^h8fTBv)@DN->P|k~XMO3GPe?xBGqsJaa
zE)wE6UXV{ss0gu)J!`!lD38r-!Fh+Atqz>e4Yy48a0rMB?pU!tDi%M#Zj{PmnOxi!
zxGy^q4#)qaMFF3O+{fJt2?}=@h9BAbDRQj-b2G(xGf%*^C|+9(_r-KYY!;R~qE#J@
zX1OyM)2MbtH%;h5pc&V=W6gqlvj?QHO{6q0GbEd@V2gCp4Ts~I{)}3VVt2M!cVBBJ
zIS@jmyOS7UD`t3?vG^o=RV#)nhLW8>{)<_k0-atuJf1uty7^&SdWiYTa6vdfrKUH`
zg%Iw*R8|m&-M5tSX2tgU@`#xA<%<JDW)@e!F&jyYZgWYYVUcg(3LJf^c`?7Ucp#6H
zUaf)IY`4@2($8mW;#jiV*RXeV^zI_;Jyrd*GKb}dl2l?I*V(||crHbhHSYH;rc|LR
zAr(Bb7^E{B*P#Gln?hWu5jd*IS<2jRH5A@EUXSIWPma9<c<zIuH??geuJofs3-{1U
zv0k33Jr~SkzOs-a!Ya&XjvqtW^l|E=*jGeWNk$!v=Ry}Fi(+3V4O5t5H6*DfP1%zi
z7|&CGGdb;y6tRLnOEfW1jgJ`N&6YNJKa<?Y(Z{_+wI0SMe9TdoMqNOiliL%hlpc*Y
zw*>Q{0<5L!Vjd|DD0Lo}*IK}7Lv6tA3K6ME6JoN~7lrpC1*@iC`PwBnE!%@ga~L#Y
zluVbXZ0_9Vso}o5a^5yX^{DbM!!mldvUoNduhr1l?rb@j4x>Yv;e;9DLqG?~#cWc+
zBL%mQ;Ex-Vk4|wu5FN8;EVtPVts7iMWo*n#2UO>89LM$Wcy|x&w!gcb(pDsGt5GE8
zdw^qe;+73Z>s1^fxJoNT=dAXMMYRvE)HhQc<V*jANQX^(`x-`2v%bIlve~@9C3EBK
zMAB?O=k?1`Kk9%Z)e;M%W2eMwohC9Z;CymfJ>%q}l$=KL|6`-XPYIlqii*m#Ly44~
zqW8lI5RCx@1NBcZr4z!~7Ih+hSMKJp9q7uiPD41%XsV=1F_h|0PCp0IQ&YWQah)EL
z%Y+mrkWL-__P&OMx`?tixm>6CW~NZpsF4Uo5oinI=(&0eQ6u%H4=;dUsu(ugmI^li
zc4;bshymkYpLw)~B1?-W{=ylD;M1n8YG39~?eofcu^N%WvJ-UW*DNdcSh|vR4*RuN
zANDFg0XZ`k%9<=x7Ckdb0Rxf2Ww(_!bg6R6f!c~Sc1<Q{3NGmq_Mq_^c+jv;TX*hE
zMMTl%-hAl50D$R_ct}%T{g@q)fuDqJN>Yp0M43JgtQ{PV=bkm0oLaT3EwJ!U7IOV_
ze_Y_H?aur+doPCX_?X>uPlL~+-De;#r(Ju<QPMf{ZWTZH6>@ACu9_)iN|N7j9F%1u
z`P3r990wgIg@JLeBP_3x{XRXe7MRR0gIQK-y%kNml7i(+iD`R<Jh4^(7;I?y^I0g1
zL{=jqnlOAYv>-y=N{uLq`)~K(HW6{$^&MBD`b=3B1=?b8HjYr5U@F-AbN+k>*e-jP
z4Lvpnbz1TL>}jbRmJ6+E4k9@g-*~dBi~sqlSg-Uu<l*$t*euJ2<W(n7D0OTXUC)?B
zG||SjNH~EVeT6R}1xqE>ldG-FHWl%~`4o{ym`iV`BK=8%%d~c@Et2PBst6~~(8Kvy
ziE9<{OV6JfYHIyb_nK1IQGQB$6o1y4k;yfqvm)ot1kG}4zR`n%q|RM5T$Z14`I=~i
z*v+I`2IL)*iCsFqF2|H^3Ai3I$8EpA@nRYNS}(&}X>Vw>2?&Mpj|~M*WYw-|&r+lw
znx)uN^=zu~7$eVfN{VP^`Mz@9LF`F;x32D14Pw#iIgP7=K0K!~v9!YdxAL%Xf3{0x
zacKx+xxCIG2kBPX=b<xoYG4}6bfkB2ni(Q|>izS1s_YwaWmL$5H?JNNqv{>-v$_a@
z;iB35tqh8RsDoNqA_wLa0cuM4AW1mrh2P?)pYG+AoLMVlS4qYwLleVwdN`;CIoS@y
zT&f5OV-*$??VXkvcuiy2l31I_FP?#&Oz-o2oj5TU6(F@=(6#8QUuZy4c1H)GT-mvk
z6rncutj4i%r6N|`pAO>_Xs*^WsD|oBo`eGT8;?SaDp(tMISkC~rti-j6?nd9IRk^B
zf})xRV<5gcHaxR8AAaF6Wft|L+lvy0>(7MgZIbMEOuAa}KP+?G4Fzvpc%1y5t$u8O
zp&@aKVHWJhjPpBXOk$au{1e~?$jxRFCQ#e0-MD?*Z`!;ldJEYlrD2ABZxk^J1aAyq
z3WONiDl#J(HTCHK`MHI#fJ}+fe~spD%~J&BGL`4j(Usza<_a-Awt<A&yoL4r`w)Na
zQPCx=Cus#V-4I6YJzrta)1rj|T8>>TI#`&nJ!iZ;$+?!b)z^t-7I))}D}(8TU~b#S
z{t0DDV*i}Xb`RZuT<)PUA?+w~ub{NOMkEO{!PE}0-6j2Sr}Fkh{Xu#dp!>~t0t*Am
zpJtRHU4V&Q7G@=tT~ofX86#MnT3v$#BTh_ihyp|cVOtZ3?-q5Fhv|$qbx2dV8<20F
zyEIC>2FuPY(voRZt}ke}nJxQMs5Jl&fna5_p8zvJ%)ij3U>&@)K!Onz4_t(?Fme3o
zeYjBPM=EBOQXz$hk+~~`f(BnU)HUQpIlSCP@*gp~=V+YaC_{=y#*sOxH!_{Rty|VA
zYWOW6LkdX3B1tuLPe4S#Em9~cxd-((q-hFPTN%aiY4bz&Oc4VqY&I&PGJRgcEkvDa
z<VuXzNtIej8W($n88OEECdRM%dJsV+8^*LXG<mS^jCI7c?f8uD=$Wsbp8r4Hacjml
z+W<d9G7xom1WYNi+N)ZYmU=UN*n}>j$-7kUkj{Ct?V7EE1~}j?T@g`@gkA!rJz=Wd
zn;`Z+<_aA@FE#9jo<KcW(F$L=<jS{Z@q$^|HiRKD+L^Vg4w^cF*m?Iw1L&B0=?8<Y
zrGf+U*EbDe^OAY}e+%B-=R!YEL_cS0^6wi0z6ko5!gNe?=iIzk%2T(<w2C=+P4gyk
z370(NJK>qH5=+-QeBvMnazzhOhO;V)rk$<WQNc3){`To?v_HDl4_j8!8mqCYsW}6#
zsIq7SUPrbh(KVjD0+UMqA^7{p>_NoCtIl-0H0g?Js3%n)#(ITob_=Ka<JNKO^&R3<
zca_@0>IYtg>K;yhh>s%fzTZx`Vglc-Lz`b8+{tm+O*VQZmNf$D{tyzy{T5KYgSi71
z(BFl8aI7(O_7s^tgP7*8_DJkoVC}LaZ^~h_U9+tow|9QMcH|fOs67SQVC-nEb}izJ
zjTh-?{yRlbV=oL#u`ao~uH;J=om6W+T$->)Q^P1^DBHwFbPX=IGNNk*!6Q5j{Y4Lw
zMGzD3e=GrZxXM$Enx5jM|H>pVA2*Ww@#iUrKEV{vQ^!9_+R0hP>n;x{c3A(}w2AiB
z^N~4$YZopqEUBrhuAfyjC{NQ#VbNMP!<l##bZ*UnSNFC3jHyl|De7_*w7h}VWsogG
zo=_Vid9XwEl07<t*hG7>K@gAFnx8q6*yPU@%^o-KcqQ~nS?LgS&1yC(*1MTU_6`}_
zLt97aTtIHQhuF|dBkH_(u97{W({@bMc*9VKKkE>XstZ;PR^ur6F3t0tZo&C4TcF(a
zX=rNmcTkMn#6(;lxS9nln_>nW;=<|=TQqR|G=(92O(Xg`+;njAI~4XG>DJs;i}r`v
zpw3~efHLHbe*3_z9Oa()Fz1}jyC9c3z7ue0MUr}he$G52{fmw$Do*T=1~~)IYRCR|
z_;!OLaOi_3Y-03J`JKW94q-I!P@cE&S7kQ0;^ANl_h#BRZ0Lz4o17qxTU8=i!%iH(
zDu@kLEI=uZi%rScQO@9iC6hWUi#xptlW_7S=N%yL;;dAy_f@7lhiF{=fVFu8Q>5Vf
z9g=J|%g0^{E9f)WFpW2K_w#qNV-0IHrL%Ri!S%A9!Bp_Z%QKD2bh9%ZT$n8SNwfK*
z>m+ZXZG5{9r=}MQ3H%kW@E9#XZ%~oNh~Naq^W85Nhlms1;(idg$3Q53nX<g00&jYQ
zh*z2Y6Uwz)Wzkn<#YeR+f~Czzz}ebUqQkehc7AIJ+AALA_gVy%#;SDpcCOz(dykAe
zQKq%|wEi=B(eApuwiqj%!&tsme@EG{;?cNX2}F!TRsf%=H^=QbMV^Re)Pv<ojc$+H
zdzWMbZh`I^59gbY*s|FV-5T%)GKx7(X72)SC&*fhYf5VWckG#NSDowgxHZ=HinboK
zUt?#Ukw-sxp8qiF17RO*e)u+{W|tW>+L20Yzjr8nOsPS}DJ+-opjFMQ;78fC!eHsc
z{O(nT#r>P;sNvHa=&rCbt->D~nS;8Syn3Ij2dR~nuuS;n`=wI9HXC@RFEMFrgkJ$M
zU$YC8^XjA}lr!OIWjiW|pHasaX|v1p)8wzOHclb-M-!LOBa@J2;G=3`Im6EyPquMO
zU)YYa^zg6?$tmxlL#Ekvr!9Z@;Ud=A;nIBI(;4>>dLF!>)I(8wRhj6`YQTLYe2uU3
zM)5F1kjuxzw!-6bchhvkcrL)S()2aveTj|fht%y#{;5ER#qOg>WXCo*zcQu(8Pwqj
z&-tC5Hr3%s*ii**OY1h|=DZ@-I=U7ReCZB`=Gh#qq%rcEjNq8>Pjc}ktBfOi@Z^f{
zf<NS|9;-VL^Cxyj6vRDd|5^7Wa7*#J&s9kcNtQg1dko;>3A4N50<hDJ5d`5>=r7+S
zW9%IsP)YBs7Ltp+Q(1Sg-CZY`;Az^UAi^*|wQn7;JJ}t^18sGFrWP*p4EDv!?rT2O
z^H&75E%<HCJ97bmi^#q9G@<gzy+Xd`FzUp#f6OHM(m`#ybtysK&@>=(6}T2%A4B+<
zZQrGA(OdNRHr8YJ2&md$U+xRi)o+qrkvY}N?c6#}XO3R3)GNU@nLsHH;vIS@l3OG?
zgH9KA@DZw?FKs)YpLDW4qmH_Q{*|u{^+_*&C`=$AFrV<}za#foT>3zd8&dO!lPysp
z4r9ZzK-V0gDK*Z}n;<qdP*T+#k_d;)+;U~vT8Rgp*~IK!dH2^DY;i)S85g;E$k)Js
ze&TEm0Y`Sqht#)sW}I=zeaN+$^Y!o9H~bLayF99<hOoU}$MTVi*+I06pGqEML4Jz9
z&SJAxq5kWHlCK~%r=qcj!C#t;XU}7m<-o}olG!M4>X%27U>beBe}?fi%Qizk4p$fy
zY5J&FSvdSM^u7DqqO(>iXUX^ga=W>K&!d|YV!%h9d|!h_c{SRp{((q)$v4n{idcF@
z>^ygj;obtK4ZPA4No}YJ5IasrMG>1vfY>7Us5N<Okj@gUd&tMMJHTl!T*j`bCP2m*
z?%ZC3Z#5O?T{e$sn@Km@N7o{mko@N<YG6;Pqt@eQv}*TImE#K=d$na-<2ZS{aN%gq
z4W6uMaB7)G>C0;xQJq(}lJzK-?4E33j&;O&g0#6kvx+IU35ioSs<7=L$PyV_m)osk
zMex?Uge;D3jFQ@`zXhggievB&TPSIyKZB&*Z~YaTA5_gtK;QzB5kF`FYU@HW6#=0n
zT%A&dP3=|Hzi>)-rHg8h{PR;GpkR->XEWbx;0k=ZDPiqFsM~O7$~r_#&4J7)S9vBa
z66D+s%`m~skbjLfe7fLp3X3N#?l^7^V7N^CIH;gHMQsM76KE7+$Y(aCME*4wIr)6o
zbq@@&${LWvN?_{Re)`fpx6Lj7`rJ(2sD>8%Cwi+!Atbl6a=f{7)A*0B8^7t@vrMeR
zpzJ~E?J7**>a17a1&)>vjf?*>Vci`hNv=cTy{b)$cOvAhs0hlJ%ua57D^Bmp&(<Rk
zo`ZgflQ`+Lcm^KtdPYLHYM#%#NSnG(vZp~LE(tq>>gfuMP+PG&N!z@}{XCMoQZ5(x
zupp%<7q&G_uf_9bf<8Sb&~ql51teWZJumY)hWzww_$Zq(_I4JIOulg-81it5(oEav
zYE%+bFsv_CHbbVxFn!vhQNu#wV%s9sXvV7o4v=D<GI`iSgfXbPW=B?;&b5Up7rzez
zw2^5X9H#xc7V|56g5BA5idpgaI|&|}_sZvRRaBpA`UmZo<tK$a*0H0{cp&EhUJ!pH
zalnRKQWd{HW%E3Oh~Y+^V_$`gR|EH$INm9JgBY)ErF0`idmPIJK68JLoR(iaAc6wc
zb7k6{uNnOOUi7X=*yWf=PMrnSBkD#;12ba?qt!!{1c6rRBuWU=U8EYa7FaUJ(5E|;
zX4%|}EY*`jW-rq}eMMry>;oMfYnwlWQMNxI;6(5jI@$H_5a}QO@50~jGyge6RZ7b#
zI;cWFU{{KZ!8GE?fERsO76q#FAcCTTb*G4mV{5_Y8E)iyDqX<jSX4CLS$D{~UWm3M
z%_l6!doM!t$W0_F+Oyq0@_l|c^@bjr+OFt$B%m7W-t6HM0b2z0hqah{l8u{ow(#_!
zmI_m2G^bo9TcuyO19#cv90w&cSdGao3JbPQnrNOIn2bwOli>cnS(Ic+c9Frt2L}B7
zq{WsuMJ(on=h-?OWd-PDTiL)TO(cwx&ILK6RZgV#8f8kvZv+jCI5)DJ2iI%8jXqH4
zik#Oj+5ya`LwDscM0V6JF*-VTF?Xd2?miU$o-k4;345vxHP)(E)K`FY-dZ&9&ow;w
zSTx|`?rwmF_50!`JBR|!O<`ewAcC%^VN!kfz)rINwCY;FJR3>OS?o%)6oJx#eeIUB
zf$T&o4fPknj~>)Vjg9C}AN*podE#kMS|Qar1$uNF)3dtJh`ghyc?AZ7b)TFj3!g>Q
zXY%F;Yo}=bW8C<jEIq9M;I25Jf=P!h5=Pf{-3jaqs>c?M+n-wOPbbu>yuB=m`Lbbw
zq$9-B*l|TPR+o5fQ6z(Z*@wC94TwzK1Q0M_V9+1B#rK~J!ryys$u7Qfxxcevn>*3z
z4}4(754o*;KSxPf!3U&@c`2^A8y*NNPXq-)pcqiza+6~CI^X0}6Tm;>P$a&eemyLA
zcKbl&$#AMWjp?rkhHklIPY(@GLVzK5Hc&RZ-RIK)OkRcW)gc$74&H!p0O0P2QHl9N
z*u=(4)!O@xLNaI#?{{5Mh$ERQBo6_DsMbht_2Dl2vgAjIP3Bcz<?38U)N}#J`BBeB
zB2eP|`S!5r*A*?=3)nh+WeC)iGR-g8+o~HP-uqaWV$~4$86lJ-=3QxJfS*&)))DXx
znRX{2j7uq>_U_rczU#WMSjOrqYNNdn3&$@EnKn`b-zCM?OHn9n=QP^{3(ekCOlY1D
zi^LVnR8!)f4YC+BhLi9^mXAEB5E2mUx~ivAZ0L5QY}sj7JtZV!`s|{mgp7rRSg88g
zhf0rPu9sMcB=7z-ue3f(7@}p)s*VPd$xf}b5#seG1b#9@6hqi)c(M7<<_QJqEPV0m
zOEvw`@T{P1Y5wXkGAi_IJE|=@ogE}uqOJytDdvum&h~8T=4s1rHPmHGRnuY2*s4p4
zZFBXOu`MjG1+m7!BTGV8M1%YyG`rHe@HPn4o$;oIQgePnrl&qc9b+<iav+|qM0_XH
z&}h}1j{|ekgA?@`fFF>^a9yP54fCvxL|Ngn*6U}P8ClliKBs}ic)J*|xs=B}o1~ZT
ziBUizIY-59<k}g5J<0OkJ9UN`Zb$rhglD0^a8en9&=wKgQVlLpnL_kR;ff^KaE+n+
zJ2G8NnC_pC@1VZ#Kc`qAI(>LeI4}^G&=36v{4euEs!Xo!?GCN2%s+Z>H%xC~<o~K}
z{XQkEjj4*`%KZ!MRzO3;fWWfSAei5nl2VyBk*KN>j<*4kFgcUjEXvSgYlWmXWw#Oc
zU!(mduP|Y&Rizb4id9F?c*ScwOrMhG87mq$jBSHdZk1tZ^^P>zA7s2AoWJDM-1~PX
z=fXrS9VQ!b>*KxQk(!k84hr&~21QNj$}lKcI0DS_yIU^8mE2Nq!~u%(l%~>>8bEJh
z3I>i%Yj{<{5<~S2J2oVuCLkZzV2O%tc2x(4TWm-$rS(4G05}x1^;MdSQj=>(o0MN6
z$rpFkRq;kf=+lVV@L{mq6(Ad1e8%7Wvndvm!3S$pZwZWbxuU61l1^H=&BshrDty|k
zQ`D?jKhh^Avfsq0j%=E?U7jZBCXT%KWvp1WgxegI{7#mbPgTPeEH&uA>Nc4cIEo?&
zNEiCTaFqA)<GL5KU->-f6_jZsJnKk_;iv0SOe{bGX@_JG2cx29P|Ba@f5F&B-(Gwu
z_j33+iB_41(+1ZM;PM4m0BbAeSgI|V^LD-)12MY|s~Xk({I<QV174l49J|=+bf30?
zKNegiuK_-g)&g|3og~9nzB-1xy*(wvHvd4=?g{>NKkqzgmiE_X>9~{73hVMjT$nKa
zJGj$GsCZomv>A^oU`es$v1BBb33T=7inSAltBLunDiVA@Y09*ydL=0qajh4b#j1Qr
zNBMjl3YjfUqy2tz_<;NFY%Na>V1dDYhr99J66IEOHkpZpHqc~)H&jZc(E`uMOmAx2
z8%6P0v)hWA%1CaOeemF(x})r@OiCi$U{Fk*h?M2+!$O5N6&Ovlcku8~cnl8NP2JGL
z4wwPz@beUr_rCbY0k_R5PrmAz!J4WYnBB<7&ClKxVbP|YLTI)X)TY)XGeq#9!0331
znXG>i2HeM~B0P*s0yNCcs+pSSLOa)DB4Kg{wt0>=c21aG;wWC7=(2u0?5KVhd`+|E
zdQ-EdiXwQ81JS#A4oo5sIzQvbRABky+w(PUqc~n*3l~<k(CRQe!a?**Jv*kr#_P+*
zaDy3qdP4?2#jPe_=H8M!Q{XkuU;vb*z733d_Y1aO;0eAd4&*B=^i#J}I$H+qLlxi(
zm_3NYF(v;yI;;8!Ie)vItf78Hg6(yyK{y{V&fi?rylnW?2e4IIkXxoKu5a~9UKB$h
zvbNi!Xjmd8FH2lD-XK-o6(UehULK_=twiGjK(271#}e$M=IPPcBP1{^?Ja5tXFGrx
zM5@V>C4Suo-T4{asJs59<>vnpKRpss{zHFZ2q(o^4DYFod8w5ZdsrqbWV4GGBpeo8
zy8hBrWSIl5GX1lRhH!zj$ES;?fe6>AW?xr3jZo-=Eu+%j){lLOtE`^IYGRNj+hVuM
zc}RGzG4I^Csvi%}TCtcb^B7%>%}`!<B&TqVmc5DdqqvYKMgOVc5B<7i`7|Ti${$f$
zN7#I^pBzpHn~YSSh%_g7;Sde6gqX_lAn9;{cHRVO&z5da0gZrR{@SuEx^828L;mDR
zOq^#4EzC7!W_>>@KDqO6Iv*9~N<BX?E$G4PX?uQS{&xY(Gxmj8JJA{K=yl|k@sA6b
z$ZrQK5l9Wu+=kzI4h19RCSAtE9RaC<^s{N2|7eDc6`(ZW;l=zl#6*_SDIS4~e0fG1
z`J*xC9T|9a-K$W8e46Eu<lCfjT--&T--J_?V>pnz`7Tb!pK8M*n%e@&>R&Fa(Irg%
zISi#g4{F0L1menk>4E5iqJ9<a3u%+!jg_7`oyX^I_P>IDjLjnecI;B(<927aHi9Ev
zt`Z_*vJV_e>Qj^OL9$no;4}}yAj0z_QZbDH2jm>G>$i!v^uQL;uCaoL>0R1<iKiNw
zg!sfD^ia>xwAq5(D5CHG10jIke{~)&T_0G0aqxYpy#|-99SDBe?vLTFAJQTa5k+4s
zmHRi`KTmPlzr`zr{bN`5kEQ%yOb#lh&VT;>)T?A_Z141soWNjgZ)av{PH$yuW8*;=
zB?#Y7h$#A!88}&75pfMm_2&fY5r_^J0071+t!u$(@_X^s+h*)u>D8AQDk<G{;szP9
zNO-y{+jZ=DQpaS&83q$x<w9pMy*%k^IW4ABSyElE{h*Hg<e|fi)It4JNEd+|IYSNG
zHQz(7%EhwB$(&4LR@!QNz^n{38a;u|XB$FVx&-;>tXRzWF^>O_toQ;01f=;tpA|`2
z|Mv*-g*K`x<_}!Q<r*FYk?5_OZFqC-ZmwqWF4!0jU1YtEh%ydffRT~MJR?mse6)T-
zyl3&@v8ty}3TcWy=OghQvCAAhe5mNt|AF^}`R2=Y+xh$RW6U0CdzgdjvhTx*yTXWJ
zx{Nax#;JXDwuG372+BK7M6UV^IZ>U-Uz)1W(E|otu{7lKd?qu7y;q+az?j(&DVEsU
z&se-qU0wEyxPoO@T6jS|APx%%1ZWOeQeok{1!Xdlx0d8`aoA2`w;Q)6Z(m?`6A-nd
zk_J+3*q@nTs^{wd(Y+3Fzowx)3^qSo*vzWa-D!MEP;Ry;`6xC|0nW)Voq<38v*SQ9
zJY>6dADo)C05f+(_!7cm-LZ`ALML9>Z@1ADln5P>mO|(U@>^RRb<k@FR9zvbK{uNL
zW2BA4B#H-gEg7YFFA6i8?nm9<5eoxsAj95xf+#|0Gw(MT1hX|PJt+R1Yg6?vxF~sN
z7Q***VyuEkqylSH;f$OE5^sfY%=G(KCc&`6TN@ez=H>T*JtSRSBF4!y-vZQkoaAXZ
z@I>gy09a`>n+dkSdU4vRr6^qNb1n1lh$_`7^_gvU531Ub3zoRi>rASMcCz3jhpcAN
zz4Ky2Ima&bX~oj^9Cc|ec_~LQ#b+7c>Etx2AMr*6DX64}hUzoO9EUI7RAdzFb;hzi
zm(H?1)y`r=0$L}%0aP2fg;b)Fl?#65X1s*bKEe3?#AGN^2d$t;EI42?KrEa4EgNX6
zX=~9Q`!Oc}9Am6J7CNgpfCrj60FmYFZ8{`B2VR6y+)WhGZvG(@eLgXpviJmnVOCO)
zKngI!<{i)ht8euRt*;&@;wrUM|HoZlXp4IF1=v#A!DGQi{T1tPQ{WXEp(71<t95RL
zXvwaMS;2IzA=z<0XlS<L)DUxh_+tEBeI0*89@B!>RWDN{#GFS3sRmy;RDsGqJ=E!I
z4!nY*_dO*9F>pNcPg(-rQgD<C`bZ{$1NCO1b*s^6vd$qA8>;L!dZOt{6tF7ByO-V5
z&v7wFFErTU+*3-qf4_((-Cq!=*FiDS+dx@&gG9O_F|$<im$UDyOO@Ie&9WqrjX6BS
z_&<^3v-SOx9O`{{n%8lm1$;qok#7&suBs@6;bDFkJ@`i=8o!g?m<j$3Qa{tas1-pO
zn2wIhn<w%Q%$@|CXUCp4QL7I@cDX&z!a$W;TEt~x=Kfu07Bpgg&I5yfUZ}=kBP#5s
z`#_Y^{t#Yl<P*9SABzBCr3gbDJ)ld^fD|hn&1Lfx3n4!9O{$7_AXV@PBxUXA(-rFM
z@j+^Od)AM`^a5S33p;E^mHo%LUIC-d6l#6WeFKCNK|x$v_L-@9*nxL$8;K}mzZ2<c
zsGu^OZU66$Z|^sm%@0)chAXMB=z>ONI9*;FBl-;buoan~Arg-p*)@TD6-F+5*%DZ(
zDrliEg}&CD><WwpZLl?M)Uf0|R%<XPJ&EYe7&>a0Q>umdToBFa2xb>)%{&;Jj7~wT
zbgdWYN47!inJiU-`>&|edJA!gtLv&u6|9D(QT`#p|A)4B3=-w(vvu3H?cKI*+qUiQ
z-L`Gpwr$(CZSU^$e=&2<yfgR4jWctiGAg1n>Qm*4l~KRUXXP2nDtpRYxR9|N6yG6z
zzoGCwO?NOC#P1;TPXsMe7s!y`7&|8Hl1^FsJo@QvmQ;Q67%?=5Ad1QQak!)Aym+SF
zmHD9$>$t~>%*#O<a?K_`eKjIiJ$lW|P4>B(4tpT53!?iGwGcePi~AdaOoX&D$**A7
zu8BhDbH^kq)=#htkzHBx|9S#205w*-$X`!F0RN4D?7#J!{Id%4_cv*soDJ-)O&pcr
z<YW}?B&U?<ndRx3>lqmv85@-CVc`_$8R?t$Bxh!+XelUVXvgUqXk=+8sLAIkWT&Jg
zCTiy-W+bR-X~n6>_kjLo+jK!Y0Tl!w0024=0D#f|g;_+%z{uQ0)Wz1w*}~5DpOu2R
zZrMS4l;Bt?33K!O*uFmb6c2skKE-myV##E2Rj}3OD4{yyALXZI3^xEgsQnfxWdtN7
z-5VY?-re?>(bG*XKPwoetP*x&@pgBM0CbSwh3>;EQ7h6?oaO0GPJ^lgC)E!7)eDTh
zmeFXFlJ>dCPf)*D9{WXC-r%bmqE6;*+#hj0ew1WY)AZZZDmcM(P^4>9PM!tWm1>D=
zQCW8~l(LYyv8XJ5JvA=GP;D#;jKpx-svKtT^;7od+r}0wU^VW{>5Zi#kK_(9o8KhQ
zg9HL^=UUKQ%@E-9-`$~tMEdTK143}F;Vt}P7i7CQEaMa}*!WE$>)ISDP^Hm@=!^V^
z<P+#W4g>*8sk!`Lg8=<MTb<$fx9ZHb?Eh1p`QpEaZno5-lv?5gGb#W<P#g~H-`%`k
zgVQn1NVf=XT@Ws~4~5?o!o0m|@fT<AcV_E!;+vh~aWeDy{`dy&Bc_%y08-n&)dY0c
zrrQIv^+<cQpB%IaX&1mq)w=FRmmKC!y8K6pMuEnW)pbw+V<_JmJi|B4-8gWmbt<kE
z*I+^lh7Mb@HBg7PQ!qmuq`PgGl!87UjmOGuX>|Y(gfywTWCMOfv%FuRF1rFd;Uv;+
zmhzfD7mDJF2}~Cg{cKmN?1uhGRXLIg1zYf8^-nkH>g|B3bV_<i#DE*w(!jZp(M<Bx
zo}Kvkvm_4Ipu{%LqT-|+4sgcp0#^94<g;^|U83-g2cF1Q+Ojt|WfIBMK+DA<j@7_2
zy{F@Wh!|pg9c7_9CgCQ90Nw=eO~FB-9}_Pr!||Zlve5J>&_&ab!}7E|=SFe0sbt?u
z+MJSZl4%+@(&`BC41M)hx_hBYtd-}UL45ya9Psk-QIZAvZ<W!fPA?E9K^?iJLn&NR
zyxaAp=))A7N{h&pO0qzV2GrH1%Tmf4BQbS6Xd_sGP*veuF)&V03$~J%`Rci<uS4nR
zQZpV9nAo3Cu8<Fl1$sF)BfKVyu_VcwQ9!Kn{qvWpxl^NzE;9*DLLMoj`WAZ#)k=IK
zrO$|~Q<6GyUvOYmvG5})2}i_JdpvOx@bR;5zeu6J&~P~El^%je*mgNz0#L|=+!2`g
zhM=ngQ-|~soEm*NCX(rRGobUs_-EN3KTkKm&-e1(|EOK_fPMk?zqIQF_TMm(|Kxfk
zLe?e*w*Tn)Pvx3s<w@H`eiWX>P?^L9erQ+_C{Q30i+*t(Fc;+VvIGO<vLT@SaHb+9
zZ8?lhl}7#XpFT<?aW4S;;5H^mg>&M9F!ctW*N>_8Q{E9iAD=&P`oPgZI8_;=xahy3
z#}0BLKWXvksapm63(Yjk0|ls#9ImK#P%{jCxFUjDXc3vHHL_T=C}Bk6$bmTIOh^)C
zLQYwHWAW|jjud9O1{R-^Z`}PaB6M;_bZ18hxg?vQx>Gi8C*umr&a$tHGsqN0ra$0>
zYDBa!BzvNUBAt7QpQLsm#~aTo{X)64rHo>;+l|!{Mp{|da>8~d$>EAt;TQ3$yV&O%
za)*e-o29{YrwVPwaKF(OS$!BP_&13vOIM2|-a`&Al4iwI3H)V33=Z)X&C0S=#Fdg2
z^FZZ>iU4Wx7^!jWCQ3K-gj?=)6&_1|msKm`LPS=69@?pHgkLECBngxsDQ=A1ooQQQ
zFgi@o^8^!DU_cRDNo7co=U$x{Db2d0$TP=Q!r+^7{#sUoi-6R2QZRF4T3mynQt}+C
z^U1+ugt21cRcuUG=A_j65o60Ckn5FkGC40H1p0$z(Ja$)-xl5cOt^-wX=*<&$Os^{
zSBC;^TpOcLzMoL+;D8w^Y^W;LW;ka`J=&CMj2*kEj!op0^^D-oT30nmycD#I*?4j`
z`5Zpf6|M6Xa%Dxu^y)5nh5>nXh!{Q$sey>PRfiPW7LH1Fp0e$Zjee#>=!K^uso#`Q
zIA>zm71I7M0W?$n)lp@b0044=007eeW2XDh{n?t3`Y6ZGzIHEZ>+9pq2>R?tC_)Lp
zNce+5i9mqDk>t_*!^ktINi^23LU@48n?>d=ZB(k316rEhmRBr6WCBp)Ho$HzdFodz
zmp4|Bn^mdCe!L&2WnB|xu*|<aue=^{Z#_?MyKghO@1F-h0re~FBVf4fvw&On+%U=Z
z%86u+=}I{m;K}Oiy%3>|sfF1tbEZyE#@Rt5O{n|J8O7OU2F{66BHTJ)*4c$hESgM7
zJw1f8ejQk2h8*Culu3u+a0><T5X~eTki;Z9;H5OKctN7qnSpAx#5JSU!&0uxp>94&
zBhDt+*Ta+=un;!~-M1vc=F;qQT$!YY=|ZMTxzT!R5$;Q3su@IwosQGvs!6%^gjpG<
z`J>Z&pfeI#i9C(dWB+xZln<#~7sth(7p_Xp$Fa(`hi0WO!7?Eq@Qb>%=PATTsh1c)
zK<1z}Xbi(PE;H>EHjXl!@^`RCbSQ+Gv~Lc}G*+L<$uv>#cTEpK4|l7FVNs{rZx!wm
z4tcx>LZnOH2V%Y5WUM-V>>)lt!~C+|F|ppA{IxZaqeeepYg~OB;fCs|OSAt<(iKwv
z^ojJ%KVYSC>w=_9x6cY`r!V;@AJ}dP4YTDSHp>lphx#BkU89xD9(;#rzZ&UVcqI2=
z*0>ASm-axGbm#i&7!L6k<(?Mt7VRFLXovWKPUI^&>{as33i3Ab&IeNKmlywl4$@7^
zod6_$LY>TjD<l`m7V+U=o7&KBSR1^6W=ZwpSG_%mKsi)!)7V!Y9oBLI#LKW0I!%Ro
z2))-mr(R?&IUY1fWWat%2!C0=IRj7g7&XY~$OykQG*|&c5N70Hd`N+drnxr($}@OG
zMxa9m4o$=dvHyv>^5ZD6|Jq4G8J)5k_KtEBV|~IHJ34hmkNx+7yRKa@dVh0<9p=-#
zDyNV&nOz>?QRFZ&mY{7cWaHzcx$I1WQ{^O8ijF#uo%?aH)QJj{p@zhjCriuv+fvTD
zL{nEiL^xaIe8VhU5Kuj1kcK-M)oKwc#LD|VXS4$%goV_BOtYqOdo8OtPtCAFFJ0RJ
zI%M7N!bL1An7A7%IqT67arUi-_OVI5N<jvigVl`jGLjG^I2Eh<5&LZ~y*MBfz5sPp
zOUT;Qu>-9(<IBP5`8N+50a5{%`0os1n}B+I)r5hR6~@=}Wu@RsPuYy6#>gqn)wv-|
zW*(Vbg!zj==EAVpdEs!<ixN_%QU`d73ed|_5iD~z`HXHv#>>Hb`R#z3?ITi}6R9p3
zEo<>wx(Ze?^Lz~Pv&yHVC6Or+=3X>&17_`Ww?;Nh>oyO{gsg$m$Y2==A;oM{C#L}i
zuu}Li7`v%cJ-utImC|rGKfj<XzXyn82t?b}#9?Vfd_osxYeO&af&8*Ca0?6eCgDwW
z)QAx;LcVK+kKOFx&5GU}f1jXv3vNSR2aL#}KU=+{&pd(U0z<nO4*VTqpkLH*2t7>l
z3t3&Ki2;z_GciG#&EnRNesxP$%rA+*)Rff_>qRz61P8~t(7~Dry2~w|s^J;f>{x^A
zo8JN)WM037eK^eg_-zD<OzLr;ZOE@ELJBxnjnB=YJ~<#uR56q={e(MFa??@~>9uuI
zLlXY_V2b&Ln-&TU*<b_+9?eQ0{A)q<45+z4^W-vecgCW$GBZSJ+DQd|giA_zaNsO@
z<Su=6u9l?}T#K}I%q)o#*ZK6T1>J=C_aR9Zn9bvnkg-;ah)$$e1zL2a`JE!dA-`oK
z;@Mpu^1Ao2AvS(E{Kpk&l*Kf>nHFVaxsS}aKrVnavk@8kyS_EPg9-vi{Z!dzZ&wTE
zjlsv3wq10i##Tm*h7t!?ms^&dau{8%Br-@IRpP^LGav4HoXrW*f1LmojmdD*=_aPy
zfuPDoaj7wBguPjWv03C}FfnudSh)WT3rs!P+%tfWZYW<J4Iba~$7O{oE@`Xg#{pF&
zMkF|W9CKK_pEYOn1N_korYAIkT0LxVBS$k|Na!9%GdfsU4{BozQ3ELeq$E8F7Bm1u
zO|n9E_fU$Ty`s+8Eqh<3gAq#^3KU2wRZ`2nj(jUSn<t_$4tXVMB*B4lfLgHjog*Ko
zaj$Ah>E3q>+GnBi3we=7NyKCTz3HEa+5&S9`N#$Wzkh{T*MU0x)eiI<FuQ~kl{+Yw
zVh*ZPiPWJw;;k(}ZZ8q)Drghc3n~}w9uxG(Z#LpBE5LW?6x9n*kA(dQ)My|=V|$J)
zn7K7SfNp=XXqcpDV5hA&K9T-9e~$ns%AOM%f)AGp%lqD(h=@qLTcoONnJ|nMTI{?j
z=}P`^fh7LMGp<Kh;f}tiVlVfOLD8Cym+HU@>Kju}?T+pZ?0pGi#Z9RnW=i?4_AMpA
z?vU#$bm@W33*DffA3&Qe3>SHUHO7GYN2lL+j}O%iPgnkq$1B&1!US*DQd?Ei9z(ad
zO?D+j%`C9uk0z90LV|r_xngS?kZ-{1*kzd|!aXo3-%#vX6f6I-G=tHPk*eu0bWC88
z?jQxef;?D0g*&A$>pgNglcXOO`==6$J5HaPz25sse_~FZe!6=;C?Y5*pI|W&?vlM#
zH*NpFer|yJzfn|_&p?{xg{l+~`S~4zDOJE?1{FaF`2jrn5kb5ZP^csHgJ1j$eLwo*
zGZ^fPOeq7R*V`@g0?eU6<%JvpU@?vl0E<)@{hCTB19T9;<Mx{H(#9!o$7LX=zOZ7H
zXmS~aYDppAXzucf!~=u`xPT|JYLfb0&GSGai6oU}nCl7}KY2Y)(}sB8%mhlD8#2E2
z3iFUrHCJ%t8l`WgsSC+9nL-)k_E11Y5E+A{6~+{UtO-lCR;2XK$?ufj(#hLU4C44P
zUr>D6Wdjrt8AFzht&wx<6};I6Gxv=Z#!M_?S}+SBgn|tqputBFsLOkbAu8x`3?%i^
zef(8#Bf*Wd33ArUTF5V~Am#S9Ri$s7hDUOsp+2?i2;GPl)mU6|b+=ZZA`qgVj>fi2
zbG#U;H@|qFB{2phV{E0WjO9GmGJptQk}|}f{ZIBxUELs?<eT^4*;qb_HXi8Pi8^oU
z;!MteBU^2rf91_KFxN9qAue4Q?TqmAyf@)MGBcCvYU|LQh7|aR#Ho@&5u+Fs(ND}7
z`OXSJNP)k#fEsL!;|w8$JiC@h(v$pQ2-YvLntm7&cO&jS!dX65(UUCCaAXO#KN%+v
zoE)mb>+(-KSq=!n>mu`|zC85dB0eqzaZlsJiFgOPQcub>9h5jN&LL(MGtxxnx@t6P
z<lB;tNzXOaP|2vFbWKxCpfV0Jarf5A$SMjeCVRyV-ttFMP$EEkF1cg>Rr@-<P%nz5
z<t&Jkw%bx5;&n=rqWxvalw7#M%Z^nCjTin<>=1{O#8w`fJ_c?s7*N>m?wuK3d%kGN
zv>11`TFmRN5@OH>!gcITUPczI8)d%AI^->Y^fSbqVLTln-z5<lcPt1iL5eD2Cq+I>
zoVBs|xu|=+<~==)73lsO3-?(&zU}&)wRd&0u;yKnda4rv?6lZKWdA!&-nq&*0`F{6
ztdtKkmdc}|J~uA@BbtmY+f}VDlH*2)LPFnzb3F0<`9KA(rtjB=Xi&(Hs8JtE$~H!A
zWQdRmba@jCZNG7EEeFCQC@^|Fne0`n5hCF=NU!4S_jDUP1aY?BpPxFp-kZtrRHhI2
z#+^^}O6tMDr{6r+Gcsl#yxn@}V@DD$yG0S~RMH;}-$iFVL9;UB6*`n@UPP30fa#%d
zf+jnDpdr%w+Bt0z*cquFg*GsAO#&7j?<)KU#P7bbgpUP!Fv8Kba4FoRYGCmiCBp~t
zarZ8zR?+v~Q8S>ERx>qcC*qN5Xp81*xA^OwuIo9nHByDP&(93*dCWZZdhO<Dhh9E<
z9F&b#<|6F!qkPb+WH<7NPzyJUe?a2M4ILNZ;`Erozb=tAYN~RVWoq?=LR?X|PjXo;
zXf)%lI_fMXg5SqWPNOu!AGGinwn;PCFN@xlC>$v+_|tM%srq><sUJ~_LU}9iketb0
zZ??~WjID^Wl_RkR_CxYS&Gt%2CwRZ@<zK5RN=n?Kt_u$R5NgEQO6{U>_i~z!1%BSL
zL6!8OuK)n3V9ZuImK^JEd7p4*c-H|2aF@{bWIcMJZ&-JI0X3ewz<nfmdJ9$rFObhD
zPFsOb(78bdfIqrC&)JZvpSW^g)B)hi{PY$#5qPn00zUzt&^A%SGga4QjD(fk&`HJs
z`ecG_mp1^>Vr80f17@M%16;VuI{Qv`fL#GwghYJ+GZ)|tD=oL}bUNWlVs)Cept>uT
z3pT2k)&b$3!aDh1#4DP5mkcP9osP9fWz#Ap+a1G4%Q?3zx`DIsL{vBp1iu3b$|5Z7
zfPW?TxIqZ3+=pqIbbY=7s$7ADQo8bw_z$p-Ih(A%2)ITMCm&YVcaYd&x2Y~@c57AC
zx0S0kE8ga*#tsEfn0(;`5mIDc1?RKaipF-sapgT4QYly4<dsZ0bvA71zqzW*0&Um^
zS|+p{5gb{EzE><uRwHg2lvr*;6I*Q<pcJkGmNxa9uVQ={IBn`vXTCv1<^6E#<G8f;
zzrm&1^EbQnm4lDr{T{&IcgK)!F-qxzkj>vsHXc?nUdF<JuFMCZ4LYww<K82tD+{J9
zEA(Z75a1Ec_ov=~Smg((33ah2j=u7PJu*Wq=t6wyCoSl~)D4o_b7@2Q2HOpZ-FIY%
z(_%ob=`*nZH4}1c2vW1sU4oe<{F{gy0^VP+se~W9Nom*F4T#gP%iq;5Fw{bs#KXvd
z?kmJAjGKJlY-t1hQ-XGd6CjqJu4qNzjpk9ol1Eax>WIqV4OgMQ|JEX2@bO(YyJ?m1
zq8#j0fgEAK{xA++77-799}+PKWuF33RQ~tDt3^?EOg}SXPW~&Mzz2}EV<LnvI~1{q
z+Y9s<&I@Y!JqHg!ymEK2chupH91Rr%KwaD1HXt(35l1M29bJ~H5yn!o*bC(msY~XH
zRj9<4LDdcG*e;yx3GKD~+(cLPonOylw};#2`KzYlk_*Y+vpmdZ9*ivk@=jT$2iEQ;
z%-k^Ku)-w(h0dIov<_N<f&i&kI62wUu%~VbUI{HYgjl|MkQ!KNm<NU~i?DYxtI<`}
ziNO9*ylw(@Ri~8tw(oWa{42`l$N&k4DOoF{*^GXIRszYctoAhlSr6(-pWGfbP_GkY
zK-!T>7OK+2a>-Gp%(xnvc8F%kWFO<8iFEjB+;k|ZMATIxdFmQt4(m8c?53!>YE$-*
zgG|2s4xrFhjbXRJgWf^}UZ%<@`~X}mPkvna*41L$7hb(QDyE+XMxJwkmRgAN7y>mW
zv!rIaY2(YlQ-+s{WvF5-4QM8JjNs~dMc{nAN;`6dGpA$zg}4}*8Ql~CC*xyXIv%!@
zGJN2|(6=mZlWFm$FKe|^%OH-X3qnJykkmeL+_VTieH%RwSSHFuSil0D83L%Lq}J@S
zaT#W~3#Rp{`}s=pVn>u~+H6)8GNbY)p1NPs2FZwzNNVmCK^|ZLMKaQ^o1_~u#X4%@
zeTDgwR8B(#caguBF>rAeni~KuF~o*wk3BTtoDB%iEArdbytf%2w@CawcmF8W5$^4P
zkv#}r=<Gfu${vSvAHD+wcP#N9Xch?FfwCK<S>I$EfbQt8JM^ak?6W{N2c9p~%zc_K
zw64<6^X52-%ZvS47#NEa<AAQ-Gf1aQ$lsgNZJVY8+pKPbew{XVq|X`#M1`<+@waG)
znr@lE6siMU%yJ-fDTwrZ!u%c45ZzLRa0&NLZ(PsgB+EW;;MbG>4h+Uoe6n|E;={rp
ze@bJ*mwaFdJ~5IU!<=!0A&I(Dy-`Z$uz5%qHdEuW+xdfDl>|?L-{L}Jyb&DO!X^Ug
z=8cZ$nIdrV%3#ruNU1f)?`s;8(^rjLI%k%YjA^BOZR}GZ!;-11s6C3~!perdMU@3C
zh0~2;YAa6en}!m{T5F2Sk8n_gva;~hiz~Lk%x(jmZWzfYyA^ath^lbAAW_JlJhH0d
z@(I@UG7KoDr~bOuAk``*ZB4_;q^5~lvZ*5)mak;TR>RFIWqBex7IkHt8aMZ~6;;vd
zOX(&RoHz|SG7|M;mB!A42cQb#7U8IPTB_5P5u5E{=78Oh;Pn^2DsnC@-JWt%<0h`3
zjZr#OD>0>o(k)Ga1R0^1qjD?>_c(GPj2m)TKmfKB+oe6a(-_H|?A_@xwH22P<*1fG
zwQ0~D&G%g|br{Yqs*WS>fAuFyxwr`C^h_*+HS?^#SwvUjUX0<a$ktV^0G|^^#5mJO
zSk_bKOw}g|!tD`5UBp@(Ay?G!70=J=!+b%L_MzKzdi^B_HF-F(`~;|k<~tS@qftU>
zKyQj=ay29boj|lUOp`YJ>^g8%Hyoxt)QW+fK594c#(fACBfb0xA$#_iVMKOBu>)qD
z;KqBDtkA-GEV)6Iw9sgFNG*DNx?!L$9O!#a%}3&_m{voIZydSNPkXSIed(=8Jno?5
zH=LPKzI`AsV5&P}?XaH_5jPYnP|Q@Qz<X;0k{n{`zGFea9IB~4)BzlAimc#D5V{qJ
z$~*3SIPU?lD%6%dy*9YZpiBj1+hLD=^fi*Jfw;LCgM9^Sw45Q>fkq5O-NDEpwtK^U
zn=awd`QAbKg~a5hSB5ov>g7~1h_wa>REuk5%VUHw+m*{HY6GxrA6}Ef0WfvBk75M_
z^khF6HyxM+q&_JcV7GD;0J>)OJI$ckaa#PvoMXXGz^-Ix-4AW>o#p}8w^q2W%b?3K
zR~WZj^cfQ9?-ak^vGnNQg}}FJZ_T=ooDz*z&Je2NsqV(dJaGb8Ji*p~5R9P$AxAWD
zvy#bYVB9&&Lj_)L^@kiB(X=QH@qvr*H}4LW5nO>Ejd=RH5?UK$6Aw+E8945_2CAY;
zA12oNe&`4?p^ggaLyCip<c&`tk|T}_>C<Pa_hTKH!_mUFm4?w?#Lz``-g(cJib``S
z0aQUX*Xr*Ol1R~0u;@sYW<{??R~p-zI#n{^L^Zl9<ZZ6ycPHldmu#PZ>4Gup!fCXj
zPTWJWgVzSJxFz4%CujX??0L$3F3$CF^FCkA9w}&5FSc0Ls#<7@Keu|4T-;HyNJ*3o
zAv@<c_3bjrnxf0&6=mepI0HkX=2JNXQd&`cJhEMt3dJYMUVC&I;kRS36MZ0)B4Qbo
zJsdkY(ctH6U}rbIXOfVlHD8(~@xRIFgcR;d&w3x-6Re1G0M80(CC!%DDmnRE3nu_(
z(|jgCF0ZIpkSEFJ*FItxCqppybvLr#vCQI+;5hwwCr)?Lij{QD_Nh7R|1%r@nLYI9
zdgu=>J=$#$P#4#^wt}^z-aniD?1!5TsbCLnD2+;t0fl22xdTUC;D<35hxG~<?W=&g
z-39lWWr>zme&u+V+IbK|`6|qbmk+8wlVmIwmDczKd_>Wo;(}u3iDbv&Y<jKcQ^{X=
zp%;6~*;yB7NkSS>^HIQBzbY{BWL_o__>P0ql~^A?B<$?YpoAYmIuRVj_dFr<d|@ef
z;1BDQt9}5I_Gr^WJIe#SAyN_qSN8DMg5U>_+t6zUcKc-7;C&*%_uwvme(_q49FdY2
zX?A5hOJ6WmJFhh@7%WPLQphx%;mFZX$obkHoas*l1D38xETwIa1e9g?nSNr0Ttc`h
zkM{ofMa$C-=g3a<ZslAVUlqj@m+*i)d1m-vSjh17twZT3AYXDC;DFZ%0=FfkIIK00
zVYZBvAnUK7syO(T8&kL(aXJ=f%a=s7#~`V;J08f&dQp?jm{akXCwk)=?*@*)L_Ztu
zwmD?Lzgn7Ayx%ck_{+(2b3-oPQKW^-3H{;)p1jjg51t+L@bZUBM?X(`Kw5t@X}G1b
z$EUaxxbVf$TfOdzN;prZ*Jx#eP9!eLj!kprHQaa)Gca2jEo8{88dq?`n&vAjv>!Og
zvL%~mq2?XnK8YI^!$!-^nK@wmgtiB+y)CK6l%Jw^Zej23u=h<bUdph-ZAKnJInk8j
zZV9jsxJpR|okEi~qiWTZShhn5iM6{16ZZv$+zp6-V+9@KLLsp0SN2j<8^Oq6OIXSf
zDPYjg&W{8uDxgS<<`{xUHYSG{CCpp~Cl)3-!|Z2#MW>HR!wU)w2XR_#CV?>W5ZeFt
zj_VdaUFr5Ei#omPaH{6ay9tO^9%B4G{&a!Uo3aa-3AN>^-w3LSS)<(r-IHveA{9ll
z3}&R0iiH`0bF#T5hEe1dDu`zQH5IUKAHPqFtO0Q7sXzK!9`OkfvKM;9c$+9KrqAjF
zWb#I_+?|_lzy|_`jb$%iFkXByCMnN@$~%znv9Yah+6C)DDcU{EJbcxZQ*p2<0SQUA
z$Maheeo+T?EvEkA+=6?iD&AS-jX7COE}$>8$|8ii>wYR#pHHd?$%9>PlszB_TjE*(
z%>#3I=1rm(Y5AZKmT#kmi@ncuHHEdU3Yc~m7Trwh%fo}JGp8ruVB4j*b>!xwrd8Bg
z=eRmvTg}s|;kxE_zV@tRq!ZhC^;L(@Ugxr7#--aztECOz(fk?K`Wb%x0(<=ezkZqR
zuXb7Kdv)!1-Pu3F3!uLM?#Bc%Mri;?4GuV3hZGobojdo)_)w!&X5G0=s}w!>qhZBO
zN1t<wJ&SeNKHx^nmNOY;)_hORmSZyF)N-F?z+H+x3$71-)xh-){~uR`5Q!2+rLh12
z?s)ziD?<Ny1INFu2)QXQKl7cMFxoM?OXw5y`3;mo5c)?E0KtU?A<!cMkpdBs%aYQK
z^D`ow88}o+RX4XZS#FoPSR`*0fTqTU1yrM2=~x!4YNc8(x3pNk!uEgpp7yXMN-)Mx
z-~M>t?PPn-@|<pY&b((k-A>N(dRwC-W>-x+EIxBH#nv2ZJh02)HEz3Q-JEb}6IQp|
z)*QJr${(M+clAx1**7=MB+UoEYY#>~l;>C-*Q=lYVsuT(ylm4wZG3d6phMQ34F15e
zsE!+L=d4A^seE|j=G`5x-1Y(le{A;`vb8l<D$CT~x+-yM6Y&Y!W=>dbv*4_CaiVIK
z&=bZ}IJZijht|PK#CJgVCb$jCOze`yyVU6t@L=sY6GGQJI*4@X5$2>_erIIUo6(zl
zheFpoKd999YM#+^UOeYs99}(Il-4bJOx;o*U!71C;`Ch?xt-LkMPBYbIJgvfuAPXj
zZFft|ls&HPTqC@-Yg;=vlsU!L_9~R$K02`Lcr(qmbGWaj?U6a%e6;vwm*OHch5PQz
z>#KFjwe1Y3cX`n1+_O3S+D0+7i@3j=Jlb8b>D@4{wZ)v)Tl)Bi(^pT_C+|^}t@;>z
z>x<w={?vxnV`q3%<W6Yexh|9TNX*%1N#?R$=*1-T$+@FF5+6Aro0IRRM9RHnMsCc*
zwcV|C%15#7Tl^G1a;emKMlNW0@xdwf%S-e$7izze^GEvhG!5!B{a&7WD<^EEVsk?)
zJ?cVyC`zRT?9hQ}hPkR?8AcRss9@d&Tg6O<dChzzEo+6DRBk$BuOqLQ1;gTHmCSHo
z{85_JPKPl8qBVVT;ND)SQUftu7`b1V9Sd+W-f{rUmwx-aHd>Tud_`4y>9AkiNXQu&
zId?J%9V!00Ul@9kKuVSo(e`;Y=nxX&bU8GWxL=sjl#%9!iMx^%%j%_;f!Jy=-i`dq
z&Q6B4@VIp;CNtldI%_TM<GfZHvLb@S5Zi19?3LlqbCorNkkzS}QFBT|piuvcYGXYk
zmIV|WnaTNDYQ``$n(}gSiUq|ImQBc=sW0q~DGXC~<3PN<A?spW!uRHH+udYY^^v2p
zC|1LC5tjWhjZAARdLuLN`o@MIg|d2T4CqO_&c%3hNTbSG_92<Nm#y8ZsjJ#lpT!3E
z?t-9^L66AwwHzc9yaA|~6^sVJ;)u}=b1Cljm8VhU{ufoIlU#IZkW<k_L<T`_M5&Oy
zvALJGo$po>4Ct10NT!uZ#88t(ZQ=IQ^lJtt6zR0+hC9519G|hV*!2DpP9{7XolqML
zO-8~%dxt?RrXua8b?K$e_=QXoTq^f{H}8paCrQ%2Ygp-ut9vgwOWl%N^d+)@{N~7j
z>j@Z6zFB8gzK%lpfG_zHCp|4kHyEmoO{002epL)I16x00U!U(ZtB4rsQru-EKz2eY
zwvu(RR#p=D^%`Spu;~h9Q*0#$n1uxEC}55agzjpe^N^{mG<U+qwJJCryY9;==tNWP
zwjRGD7`myt!3X;Sll=Di1P9ac)3)**UPZr23jt8VaS*9ZB}jcy(<kGikaSF5bvx3J
z@1(a0&?-G=#Jfg1aDfrk%%3~JHDbIeaR|a#dsgh~nKl3;JC5%0g?H*wjwQ-D+uMMH
z9lB0~hq;~wvt&v3q^A@{D*)W!r=h?&sKNER+epqI9F~+BIsi~WufIUI3f7=0SL~b&
zc$+}*mHjvr1W%Y&na(_x4S>*;ev|$c5_y{=eok_xn#M404S%`f8_q@x-Yv>N0#nxJ
zfB`-}>lUa8&eaGyzc4`G9+-g*b8p6_g0Y28B8T3Umuw$dziTDNN@AILNd)Fs4OnBC
zi%szD49}|Cj+CJ(ru-r2I{PNjO$I7(x)KFoMA`%eojvj@%91FX+NhQZLz?O5v~@Hc
zGg`@1u<jS5_;mB|3Rs0cRf}S{Ul2^%;pW*H(?!9^7O%>J2s!n6$uA?%gFjWQsm2?=
z-+p)=;WNGb@6i)lr>P36z-u2|Fx=9N+Pz_DV&hVqpj42X2M7(*-6ck)(3zj~&H)`X
zG4a~VamE&MdP$;TJCWq5(XWPexs;3~8&NIEt=gy-YcMSo0TcRVBGhLv5<)>0Ap|b5
z1O!FV_jR@vkmzX?H>D@b1xs;V1#SH?lW+zvRXce5Vq1On#Dq=&h2-=T)eVY!@9Qu5
z)P=}EBa|D&2*jK3QdxoaKmqsCknT%-(oSH)rPAiv*fGqK$%)OZ3yJlr_lh8zB($EY
zSpvzJkB{(lgUjheeb!YF!BcMBiScMq4B1s}!Etd~0po6z_>!0ik&<IA&7tvrN+RC$
zEG#=j{40ERORZ@u<HM5L_SoJ1n$6VYo2Gq^>g`8_*cim71HDZ(CBMNaZH4+qS!u&X
zkS$p#;uZz{u!&KkrXnjEH5z!LGrbRYPAaY6l(O{{$mVP~f1pN1agh8iT+_92HByiB
zSer+zr9TpFqQB+0c0rD@6Q=K@4&}G>a)l9tcyjoDyVIlfZ;%A0&S*7sG}KfaTvaS5
zv!FgdvqVyzs4Q34)Ku5zs5N`+94t#+RHUk`D$|r@gjN{JFy=t81q($G54bAOBU!Uz
zd&6RTV}5GE?Pj7{Hp9!5B_NJocUx6PfGz#>%MWnQv5KoulWhpm_`_@BN({AM7LKcr
zW#Oj;&fa|sA2(csZI3U)et>Q3&#|4G2HNIp&5Qj$|ElP(y|0D6D5A~wHM+Ze3KQ5Z
z$aL`;++%yE$@ZnXZ58Oh#dxCU2^iSXkM=dY>wJpqznu@1W{NF1K%Ke0{PGO^>GKs%
zxKhh0*kgVJ{!Z-oMU(lxm<Z-OhL8Eh;5+1eWws&%wk@!`@=gc#ll%ilHhj)aSzL5`
zkoec6dJFaw_!Dk9y61b}tMG>Lh5ubEz*lVMe<|Y_hAbHPGx`bR5xB$rhP-2U2N*Ev
zV`<OEp1{qH4<AjhW|R|C0Q0Gk6LIP&HR#AyJ5WABrL;ae$4oOihoec$n32!Hg4<c$
zo>qb%G#CJ=*qeWR-<y6BYyYw452h@!uY8=G)Z*>8GPi}*qA#x}F5=3{EJVeRH=`Qh
zXEaqqXlksaJ~pYOutdc*4LdSj@7mx{T!B<V$fHPUSidI<J*iVZ0Drf@wMoquXtjt5
z&PCV5{m}@`8(1q$Z4rDRJ8ImKXvY&n#tZG}jV>3m`Xxlg*d!q679e>im}afkG)IO7
zHCex%LHe|zzhP>QX9IDu`hA{g(Vwo;4DGLxSR%{oazO#8r`e{h{JubYY!xB0>BVZk
z97Jq&j477{UHAYo6CA>-Of^%Gn6cXG^AJvYyl?K_yJ2iy!9HHs;Sva-Y?)k%+0PTz
zY111yk$?6UsD>B9Dve!ZMeLEzq(hI9p;pE0<=5bE;ke@Rtkk=u*o(szyQl`=YRPWq
zREHY66O_)%3D=BWD4{nL)QzN&tKIO<2v^c$K85}?Jf&(f$Ew2ii8WPXKK1nLP%sX1
zoL{$kZB7)3r&(cx;o(tT2)jC(fjQSz+tT6>6FmW`)6iVZsw_Ww%~iHW@V2@R*Zkaw
z#bLj--va=P<_Mi$;+xynDw4L@hagQJ3pSZ%HbrcV@Vub!l$os`*RXdY>3fw&U+5oQ
z=mS{OtyW$v%-lYv7S*lZp*d3X;sOQCMfY5}73|DEA8J9;%uN!S?fLJ`iOx0+`7-me
ztWD(`6ylUTG0vj&I|baH;wcj|b0rdOG1gE-xtb+t76%e9nkE_$KbQdzkG!#1b91uG
zKn30EaF}2*^pku08y4h@e7U$xP3s%y?2I^)HUmvhPK-*sT3-V@&jfLMd%tDKIT}@;
z6pKuBNdV~8OxxSeqY-(`yh;#(vt2#ghu3N9&pa+A-Ni|No_NmVsGFGq&gvrFOEkos
z=E+Wl_A*?+IF~wG0dHWGw06jpCOKBEt>o4)pYJYsCW#djjz*-UT|f3KHZozEt2wLA
z4U0$|4Yxx2u|C-r%R?(AEGeDWvW`c-A<}WLMO@LqaaS(Cc@8y2?I1_2k}uhbE?m|P
zb_!qHn|UR-9bB=VG3^P|%uEXwDi9Xd=x10r1#T(<;T#pK_#F^N52^+I&WEVch1P38
zB8qq$Md+fbuHx}H(v*kLGs^fbr5d!$@m(-F6crWOS3VoF+h>GHj%R9XlIc8mto2@k
zj7^~~8@!%`2nq^McSt6$sC%~UB8S{K`bR|H+u}@~v@bX8CFEHVGG0ComOgz1)J7wR
zWxRU?O4v=D?gaF!PhPi5;c3$2XfV(6nr`~5uC4iXV?QfFlMk;eID@M*H52bs-pkOH
znr#d&I@LykYcQi!G+XUCDY+w0!!`8tb_H#`Pt)0Bho(fi&}BHsmU>nfK^>S3mJtjt
z2Q9-t1l{Urq_~>6qKtqHMNlUVGn7v<6Gh^`xzc5tb21O?jdh%>1D3uE)bI)dWF0O(
z8q+D^Mj09%Qe&3}q_<T|XGm+3B;tENxeB#|0cnSphSy;lrE73NAC%V_+R%G6@!c6E
zkuT?9+@Z*x?7Jit$&(^N=@^%b6`I#-HN89J!9h)e3jqxcejz!a__Y=<N#Vlf2@_Sw
zj!6IdwcbK4g})e-z#AGh`v#)qK=NFu!%@=10pB`-Sy^#~>O%(m_H4$lOu>gkmw<}1
zD&_IwagD<DigS}~Gib1_fbS2X(N_Q%jDy*m)%N!BMopN_bK<xeSl>p0mjb)ah@SC1
z#dTfRW$G@)ZqQO8$xKFWw%)hz<0$JSzuS{ocLw@votaCqX1$k|y0)ycx<;o@**%DY
z&6`NVyD4UZ7adH6QyiB*J%>*jhGXnB{AZP~8siN+{O6AMO5bee^Q+>a%0#TCHy-OQ
z)<$tz^}R2#;g1BGOv&Y$2hqf@SnX}(#pt)=p-<8-9>>Jmoz}VPqIny0D`(FPQ>GoY
z2^roU;v+PiTY<CQ#2X^;?P$GJ{~iC=xdq&zVw2beRgbB{Bqh#s1xIT!U%2hSQ~EJ7
zO~?tAB(YNk!fZJqa~5y#?&1}%587?1BF&VX1*B`{Wu!ljXS_|Yo>ypR=|)yvzpC$F
z?|SfmA|0=OC3M3me0;Vnm>pyXwpKP>VeAOBZ=xbAEL9J&#K{sCXU!H!QJqRsoi-$Y
z`d`R}?^;IAE-oCfc=+KB(IIjNGPA7fY)H(&4LP2-@D^nDwP}R6tem%qF#U;Z@fU1+
zyO$bql)@*h4)s@ZshLj8vXYx&=2&#~7*i!nRG3-ejVjQ<sQ2pZPZ>M1^lSi6#PzHr
z>1v5<Ow`_7aBXEDW@2}@mW@5=mDSwW&gQfxzBwy2BXe2z;05puPgG9k#4F}jcyWDj
zri|AlJ5F_ptM6(Ggz6|m2)8msM`dt};Wt89Ok{3DYf9ulUSIg*V-f3Gm=8GrOMSa|
z?uHRdM9(j{CXeIpU9yAn8h}YZan!ujF}R|MN_qb92?WJUxthjo$!B8GVwIN@jdc^Y
zJf(W3o`$y|F@&0WTPRS9N2s$*9k_pv=4cPkhWgVN61tnUTMzE-J@#z$#Rs$Ky3~M^
zhefP3_bEc5q|_p|Tf@vh)}AsXa#??Vkki5qJi3fRMC<lGMX))mR&Z#wER2;Rey}S1
z1qqjVO_ykq3Ebdzdghyy{+)Df_bdHs`=NU3fwBkc4{ek!?H|PGu52(K;X=FuBks|G
zuEN&TWY>9&ezH;5ua{(*tD-~efI~zDGC#1|`eM0-u?-1aXT!dIm#d7FOr~j#E9#l<
z&=Ysu;TZ}*?*cWoDBHsD@^jtpz!8HUwcDcm2lDt)kaJoU#~Rm%l$-25%@!RBy2vWf
zFhqM1a2z=Q525<0dG#F(02N4n3(h@r(mQ>)I5X6^0?fBMyd5t{fPE;CCl-kFTB9q|
zpyg`_>h+>>`%x9Q@2DK5oA&gaQuL%jn-cW%(}{G}MJaQOz0L$50lLjT@*2zOEvs3t
zc%SqVU(lxm;Zda<`QL2Gi8YJ0&K@d%JY`Dtn8^9^BYp(G?Uta@X<LaOUDD2AJr)_`
z3n907=$CcjUrZEb(o4GnzamLFInRp1w*(Tcc$DVoJY%;xHKLAP+)4sS<1VLBDeY*%
zNWrsml!9bmFLEq6<mR5>GWJ~x94x^>bBfXd(ZNhP=<A3^oh*4of!%W!jYBpsU#42j
zKpuWCoKv~ZW%((blp_#=?g0H7S{89qSVHxHw&6~rrU4Ml8_T?<X#fQUbBDF_|BZm+
zkwD31u8Xc>(c~rd>ZEm6#V?R<=6?s0D4ip+LzHRO-V}67aEFt0z=6RH-5rQJdrlET
z=K&imSCGf!S<{3fEQ5|{&tjnCK^L9q&y<$*Th()B3iJ?_V`tz470wP32e-4{Uh37z
zvTdYs43Cww3=O6D0Z2encNQ*7|JHAe>fyva8_voQaST}ges$B}N#+TyTj<dS-8XLH
zZVRyJyZ|UK51gGH$bkziUQ4jk94Ji&P;?qVayq}%95C)2C{F>#uO6|^0oKqHS^EL4
z?Ge}hn3nw!kNxD*ey{aRMcgBNCm8t$)AoyPV-oa93QwZ;PWS`$^PD9Ia5PJ*cVE*Z
zJ9PoOD`Dpd%p;Pnu=O3vBlNat_ny`x)mQfRe)6dYD!*4~kf$%b^{ll_wPWugHeUq<
z7j14cP8|RekA)NCVWezcU``+J4_smJTq)SkF0c+wHb~B_0d}fkac}62NF1yBGpYo{
zTL1YG`WgJ$V1M@O9Dct@A!1h|FTg1d)?n;hF8xIwg%{gVS0F;>AlpJHhRXs_PY$nQ
zzYpN(xzPvo9o>k)2h|I4EbBwN`m7T~pOqWpA7JnIrts5wJ_UHpwe0C9x(_yLVgPwD
zTCKzGxwQo+x~Hb5P3UWCnHNE1sS1GLUj}p}>RvyIC!czEsAJ-aK5Qwul>mpnoY#xz
z$jo6K{>CES9!yxDE}VH-ZmwnDIzbkT@sE6el0^3`T)tCFZphHFatV}Q7TJ?U$&B;j
zl$AL*gZ;I>)dwh#nxML1pLntZ3WmM&#s-3pH-Q60q`1u_=z-Ie>A6s#027UiXoJaQ
zxsCv(&{V4-+I+5DJe(HCl<~(NPu3Ax#59q9`ijiT5CG3PIs;Q|&wVy4J-7GtJn-Fv
zNl~Xp-BOY@(@mvb4|P|Sw8;75Vq4jKUtQZKAleGy`&+SWKiSb<*aa`|oqIHdi0{9M
zvrd51PUP$l_>4xx(jFO1|A5APvt@u7<-mxgLn_e*Aztp|QRy!&)0?4m_Qt>DcfErI
zkNAL`04g_bJA<=6b@u&)a)ffO3GnS}ql(L{T~S#uiuy#VqR1BdYvowCO~@(wUCDCr
zx)`=NdU*hF58ac^SMNQ+HRVdI)+2kj&z%#k<d-663@i7YpI;S|)KSqG*l7;vcFt)E
zda#M(PE=d#5#N0_VUMq6uV;GTiL>l^exAEAzsB3)Tc~iJUI$+Bw#RIHcgcKHjy|yV
zz#kQC;N~13*zj*V#bu}hIP#pX&}Fn)xy~?))gP{To;8FI$58lhF*?xr_CaQ$$~iVj
zLQoAicbKCN4xRQpX(y;8F{y}4^*_GrG->XjJImKS@v<jUEe2vyccJqo1jSW003K^!
z^9MVc$hk1WvJzgEBtDvRuN<FxaR$Tk%K<Js5@rvII1|Dbz;dVA8pChHblBa~o4l{D
z{pMo{{J?EGnPa5wgTc-83V8rTk1i!Y+0BD<{aw_(k9LP_hY&f@Ka;`1&XO2fc5oBZ
zWE0G5vI%;0CJLKlr4=74DY6iKm5@4L=v0r96iN~3YNTlQL47Qxm&gczis(v1jHeM+
z^V=b5tTP+RRna`S)B!xbvpoekK@u8-u%j$oAwRfyB~EWTDrpU9@<fwDRYQ5*zN@K9
zNvto}D0FpMz@QIY*Ge(DkBZCU8tRDywUDf=IdbEOAAw?1U>>!ZrA%#-v%EV5xZ_k%
zjv6=`XE965T)xkQ?As0e*AcTbw$8G|IRB1phrP(Uu-y)vCb~T;mjlR##HCu2#3)!_
z&W($Eze(ZhFYr>hj<Q7Bn<6P7TSD9um#ZQv1qmI~Uin8`LOBAx@sEI0C_5i;9S#fl
zbHC}zt{WS`R_fVmxCXr~oA4chRrP>Sihiy$sqUc{oORB#4Y&_Sg4;%t&c%f7^n}M2
z(5TrA)wmqhIF9Kx*ws$ZoI2Dy55LHLpj2XD{5=Y1mfBMpFJK>F1k6+YoB%v`zA?`?
zjgG9=f@T(6b$sBNu+f1+Sz%CyoDh3R*h5HXnA8P!+CmHN@DxXmf=xNAHxkRhs7rUs
zhfC*<aJk^c*`iK2wC&N-`9IvDEf3ZnadM@!HAQ6cfw?D?9_i?Fm0n<!nU)_2=|2Fq
zf^S*i-GSTzYLDVQexpudlWp;Tx*)JtACz^coZ4d09eL>X8{f5cp(2jeCn<YCoY)L*
zVADL2Pj;f?JsDnoqU?^7)psd<Fql30AF0iAfTykU+yk*u3HI)!r4*FLIo3eUHAZxm
z31pW--^)sNgpL`I>>p`k2X4#9#%~`O#4+U-hrOs{!7O{E5%C6j=eCU(+w0+ny|PFE
zbj1ZcpEx{~^DeiSG_YyP8`U+vxO4qTn1b{U>eqg7uD+nT;R@ldewgY;sv*v0)V(2N
zRAfPg9dDGe21R8vFI?pz&$>hg!G9Agv^&!#ONLB3=afliz&*ngG{%x%7tU{wHE4vz
zdA^i`7~|woaLO&Td+{X`OinGY>xCH?6VjMun;;s|=05RJ#w`scz9?zbmV2a>GZNQk
zb}7f%#Gxz@N@+-Y)Wwk%vViQdfqLy~O5mI(x?5(+^_R#68flh()*IK;bFUJ1Ixnc<
zl_+d3g9^>M%tS0TW6%0AO>+755iXH(JgIcV^nh)z9R6{6%9`CZjAgq0*TavdA5;yM
zfB*mx!2S;oKl*=%M;Vy@Kj_gok$e0RVMu)=RAMk+yH+7C=WGkp64af)MSJ1%`oWuY
zHEx0t&4Vm%U(NjCW_q2<et*CGga@Ef&lv!z>DX-sdT7(_gWY<fzuiv>-Go^MH_&Ef
zZ6flhQJxZNAFn?CKyAfcHcYd+3J#<X6IzF3-i`h{K05Jtd~_0q4ok8%kmvsoKI$Uz
zDAHw??3yMQgz`cGTpI=bbo)#BH-@8C#V}?BEaCg*cj$kOkFFLUdC<T`?-%v_4IhP9
z!vW2>ohJ%kk$iUU`#V31CbE_G>>c`V{3r?b04js0<H@g4#QHkgfAFJ1{}n%qhIwH`
zm6h+@B&Ri<<X_FuUphoSP47-(8wH+apxLhUC|ZfP`qDRu6sVT^4}KK?-}%vP>3{O0
z8~@}-V^#mjkFI3?Z~SQI<ldh#{!;>*(Iwsv^o(TRtcrW)>QKM^`ycz!I=2kwsm13s
za2qVf;sh&4KhX=f4nd};_cYR5jf55P*#-3~8k~S-H2C;(Z;=-#B=w@+K)_9r|AHSC
z```Id7bFtCXiOp#$aRtF1IB0$?S33n@eJZwkcCm=%WN;e*E@jMN2T6>!RC{NcfY0n
z(l6})Ed2a$*@enlc8l~FJhq*tRG2h}j2Nwepc}T-hYw(af{UynP(motr_3zXtNLm!
zS}kloNXXIzcyEAT<U^-L%cNl9LNX|yool1tF>+srr>(aDH%9JI$ZcmCQlLi;?S52k
z7X~|nEbyzCl7aNJ*tRsQv+dVqXoK3`TsT1jI1{dU@0)32tm01am=7()((dW|7CPsy
zb<-wle+#BVf88|xTQHp&Z0v{T+IC-1!?H4$fEE?Y8Z1_MC!s}m*lX1S++%#)0I%s@
zvV;G3chCizkgZ5FyHGtXiSNAc>d}YGS`-DNl9~dBU9cv*FUH@4>0l|^b;E^>*xP4E
znwB4QM*U7Uo5T#86?yP(DvgQkc*2Qnr!HcEQ6-T~^YcHNMl$SKrtoy!#ubD~swT))
zMaNtv<3bx^Gt1t{_kv<2q~Grpp5-6w{X{kn+Ac`%akCaonSSXzNuN>BNis>}rCA*U
znx&~W^j}L=duVU!z)QjGgy59XmL7#F59=&5{Gr9~kCI<Se!Wu-MTWOxH952|GGM`-
z#~)FS4f#vBWRK5A$)7#M)Um<!A!yLmVLMSkMSqlY3$Y6{-ba5}@cwu}VBmeh$HGL8
zriZw9U_a&o3zsN6dVrUa-7o%0&z~J-Hjztc7W7H^FtjniuWD(FmA-~<@Eq?WYK8+_
z6AIsO8b2bE-Di$dhfA3E1Tzcudqu)etMV2-p>o9c75Ydbct1}gR7{E6F4M>=<qd^S
z8-&qtN=oPda6{>ir`toj*>m-|_?PpaNRBf+r2mpF)c>q(|J`*r|8iZ7?-Cjv@<<vt
z{<|Q}W|}dids!nx2!fJ`da&BR2P)3|El}|{ZvrV&G&(Q9eR|Z-RSLf_9sTz7%-5*h
z_u|Zc?JXZbmEqq46%SG>{}OGr-(}mrLI0o(d@DxDU#^R`uqH3+C3M#|Os}>J3vPfA
z+JI~RO?wg#i?mD}(sd1?q-)@&s@8#f<+%Rq_8(?T`R`_X1O9ijh5nn_`pk*1(^#~}
z{GHXuho-nf4pB8x&ik3l>llpFQlgoWuYw-ed)Z}c_d#YgN|;(wK^fu7M~lISa-uZ?
z^OcgUSv{D;kiB|D6w%am0iE+o6)Y-HtuPz(&SrmDStLIgsk-Hm&nGcJ!>Xv&k<x){
zEQQx~MJ*tzn*5t+U!ZNdDvtB74&f+yq0*ihVj%H(EAT9N(dvZ>V<_!H790{=GA#gG
z#Da2GL@Yw?jU0`b_h6JHS=+peRbs6=Zw=D>HxvG{+oG>DI0rQs>E6j${TO*R<QL;I
zq0vO*Ox44pzjWJtM#s9mNEBi{9Q}ThzVK%bF=cc>T_`kI^?%X!R>5&4%NnkjnOPPy
zGs|LTW@czHGcz+YGn2*4%xp1Qvc;0GJ$ujDd*<G!d*(#+dRQyEBUV&rWo1_W^`(e?
z92i{EnKwdRSpD5iuQlu91(AXKlYpv;26q%L#;MU%&_<X{#n)2&{2Z}7`dK(1{!$6A
z*mAamre;j*C`f~r5>OK>{e<^yEDTE*#y%pcW<9CwsPqw!PX&0SMUNo#2*8A-yo`FU
zfm0k``QHP+vwXf&&iZY)Im@*4i@Ae%$4tUYyp|*J`~;HrC$Q~NukC4hPw;=WTNB4k
zIbcvApf8aBY`E~Jzg4|ZS`<Y4NKGwWvOq=yyU}V%mhOAiO^~i2<}T#?fIHK|5Nd6b
zq~Q&;FJfus<URy_QiwHAQp+zVk>gq9^OBo+c72@mrP%fJeumhC!RQ1)Y4X9H5tW7Q
zqb*=DF=h&ZkZfQ}_YbtYQY5xlU!|bc9%KewK-gimj{};mx-w7@b7?e>sn@(Gg3vWh
zu(I`As#=dW^v0FmY9@2~B6GJ58C?<%5HMA1u{>SB@@wmrESbr51a$J4Gbs$vD9RCQ
zAp4qS8`|krCbmrUu<bv`)=$`#h_Fn$B~wE3yHQJlWu@AC4V!itrX(jX%UUxz!s_*<
z3{D29;M~{ViU9KVeOh(%{Ys5)`X33LEFy^b$)d7}_!xM<C}`>*pO^GpI?6^l+qjLZ
z3BAS`=qw7sVerOPQLR4s$XzF~<5RFO6<8|i+@zJyB3vOpiE4~RCB+W<_?Zb8!JHwR
zSt+VnBxn{O&iA?<F-^laFdlN%evils7X@vT-Rk#2edjbgVDyyveh?l}bjrfy4+*w1
zab6S&h|<Y$50?aulaVpp7=kmyUQ3VQErp-Tpxk2;F0k!pa&G$q2sO72jB`&ZF8li6
z+{(8H2U(J~tJV?V0a3K4dX$M#k11&?Tl<v4wi9ewcr5I8qJ|st)AikN70*bsCX)0=
z&aEfQcQd!+kk3-mZNV0^Dvbtpi|^cxRYqMUYe&qF<pD8fKfk2uK8C|21w;$MJ^Lhl
z*olH|q5JNkmf}O5xUdMK#Hy^=RDOQQ(;BbaZWT>~$Ys`f&wHF?Y|LZME{IdWAw?PL
z>S~DvZX`XLOUx9OCN7iLfP9B!lvp3NY!&pSSnuBgz|(Rl35(k`hice;(i7%w3z>;C
zoQB3hRRLuWOJco&b%1b)ToL13JY50>V4UEr)gdjSW6k&ojjEIG*!1UHR>zv)>$((s
zBFqUUaAt5%&2l~!m^O^=8<~MEYS4z>8>&HIj*U1VrvbRPgrY6NeYeqiQY7~2bNBQL
zFaE~e<wU+#1_1^F8VCMg<4ga0wkerfnHv8OZJ<VhPa5<yl26q)`rL0ts5NxW4zSWy
zpF+U`1Hdjhvi8^7X9&8y_U~3{-+(_T9T*_BG@#{}^y4_}&G`9ucYwF{S;Z3$H9p-p
zljDPrta2!yNOzF?GT}8Rq|{6%kLUMP7=6<9LTzKF)T7fSIpHC$3Dr`Dii;_w#u<GC
z!Mx8b@+dJ!omyCkUl(0A`n>1ZsfN2O@nbt#KDMKk9XTqbs;4xeffVrNG?*N3ylpV2
z*S3R84$RC?tL6KQZR_1*U)43#3HXb^nZba}M}H*}WsUbrrBqdWa+B#}_59B<bN@a9
zEmXb$pYKXO@s+g0VC1yB&-@Tn7!@>t@S^Iczu|P!Hjl34e=W@*|LoGt@$b=2-n2ty
zLJIYxuxy3aMwuv3ko%1vIaTu?5=BO-+*qJi5K-*dv5`42YarQ#zS0g50Y3<Y+$%sj
z+!m=R7o?U_)0~aIn$6v9`uHO$imTV@L#ypvZ6W@Z6b=1Kit6|NNQ#^W8Ec!9BRwcN
z+FNvbzqVFwz}-*x0I(n&D0u>oZ;T1nKV4}Xj&0U5rkI9e%9il-6QuDG$&v>8@}9<{
zr%ObAVdKTIFhm4Fop6=Dg2b;`y8W~!xh*SsA=+)9;yP6(1oIjlpiTk)?gi7L8@g3#
z<rJ!<Eb(D=TQK}%vmRa9q_v`uaR<Hy@IjgGM8)!yrR3Oy6E*^HY$I=8o<J@0KlW-C
zS8CDX!GDxxPH4*$N9HiI-TfSrI7EA04qVefuY=%3fvM++k^p7R9GQaLm<02+;NXzH
zl0TC3&=?1tkl%{noF8L8pHA-A0)016W!t6%+)5!L@1mG#_%f!G2bXOq)?t6#qUKY3
z6%a-SVXus!8mC+)Q`KJ9X*PFgJeA&=&_3G6o$20frpy*A?pj?+qE(TDHxysfS-8Wg
z>PXl%aHoM~4fPv%j0;)5uxN$13t4k6@TGKIrRtAtsC;CObDEWQE+iciACvj0vC7V0
zi`u1=mF4>*lW>puxE7g!v~9%~cPKS`JYwaak(VbX1`#_5plV_nm(t^3QD*jee}$Ff
zryc%LBzuEHkfj&;@z0@KWdagS(Btx>(Gr@(U5ZZaGPVfnjB%Qc#}(!<XR}48Io`;B
zWJ4i;qv?#I$}ZOaHr-#Vv-<x5lIu^bql)%#VE0F9GX07uOr$$xhh{A-$WA0_sGt!o
znbu$y)8bV-t&MqR50d+j*{4VbDeqgzr=n={QZ`~$1?8;ET$Zxk=PyoXvr}nxdHkRn
zf<#gDTjRuW5wzq?riNOZ8ML%hS^(N9&2;lI+Si3Rbu8{XRBgC3RaJC2K2iNhC8etH
zTe3PZv@;s&G)QgU?>{=RWkxrBhYSQ#l!B{(<A^^`Ix2?bHj#X-WguB~JO6x;a3W%N
zx_T(lE_pf%DK})=Quu(+pkj5?N5zrKAW|I2r|%hBTkftJTyzf(F{#?(iIQZ+q`$TA
zwFTY&J=?f`paH;z5K+XaSWG*rJOLXlY$q#OHbAm(vtq0-Nr1%UgzYKMeE!5gcsuSc
zIebB#u-xLKjs*j<;X(j|%@JvU^(5=ktedzxrPjJMKBpVo(bd&|VP<`1&6G{^n)}rO
zMQP@O{h@nn;SvV@_Q@X2H<+D<XCTG}v}$V`<08Vj1!k~IO=0uofMWc}?@Ze*m#&J`
zdAPGq-18KzM>9u0%viQFAo8>q9@)OCGNg;Wk<;F=e}p)dcB{#O5Hb9+`mEs_Qk>2A
zed59U);yfht#SLl+w)#uu+VAtdzSA%9qG@!!M>(L4QhORXL|Q7hn!7E4o&tPtWUPj
z*%9cFX6{CrSM6g=6u^z;>Wu0VjG2qs{){+{RAY08*BEVc@>RV4@oVv%>`gSZ-XOT=
zCOnYmoOJ3LHgU3?uQa<XI|ti4aK*wDGB<*>_$e<dwic<ZV`km#o*l{!T_l3iL;SuT
z=?)xU+MK*ZmO>hnfz%Y+k7hS;b$H`g>Q1>#4jgp;rtoj66&{R_!K|T~veT$R$Mxhc
zh8cs(8;zOFXXNvYV$t}+=@GHGn%jbr^)IWUU7WF-8JB+}f)fX&W=#BAPTxWQZ>Gqf
z8JM!H{H7q1PgZ(6sU0+$RIenN3K`Xa#1_mscmUdXi533Q+~$a0c8Dp5)~4l?I-s2T
z#~k4tp{mQJ2sO2;JeRwh+0G`1{pdzs@0XuI^>HiAmF_xWK@{}4o$ezFlVZ%<JH}5~
zSXoaeLi!RpVhe;-yai+OBs8O%)P-9UmlN_Gv0-NC6f5cDDTFf%^2BUb#4e7-?wJsw
zqXPu-PX$ZNUZa2&y>?H)48@kZ4ux;JCI})oD8$LwP@o}MyjJ#cny}%kcX@duMtXP^
za9iWpiD+3nZ_w(Z)|!%z0uKGg#RLCzA@eqk&X&XU9B-1;59jo6r-k+&A|vdZIoeYn
zW0?#g#>A__Nt+VcV*`E{0<vyV_pA}d_*6+K4|*mfs9o;Y``~(>8bZ@SQFJdqV0#%f
zUyXZ3<YZlq9PtU|NtkAe=ivx3wo(l>6&2L5^xAG_Uhc0dQh75^M+CxifVIA>;CZrD
zuhWW&Du(c5J_`C!o-68=^vwI*qgQv`!>42=s+6^ek?zsqG`E_uy1N4<&oAKF8-UAl
ze}k#g$eO&K(=$l9{-JLbR+7mfd}5`_OWWjPGk3j*%<hm^$lXwB%JByAx4yg_*)i3>
z0s}H+ARzI7qD#iV%|(4(9d{M~qZSEnY@m3DkyMV+RXZ9Ul|x!NcpF91b!kixImDoh
zY|sJ;bRn7>Ryy%oJ9CKw(dWubKZjpXTQ2kQ1Nhx(!}rmu*}%lx-w~m6)Be?Wv**6<
z=i6Z(klvs%yficv@6xTr;4AddH-%ci;{8!*3yqcA&meq^C>p=QbWsh*R!<1BYRh`m
z(?L%V1|wl%O<~cXq&{f?YWV>Lv`(KR$jKhr9!Wgp5~|f2n#3{Q=-q<p;3J*>Ugepl
zm;pL1%lGPL?TQW4+|HRwT^K%+dR_6om;_vpRhqL>?dFx}xmD@h3%hH;6<DtJ%4TB;
z*nuT8)b}IX(M$vynp6(^>f{b5`kPEKkN#Vmj#zf%QmWgH2sHSq5IF<&YVgfAD(eY{
zEx{b*Jp<qEHP%*_qJ|3ju2|I6Ns~(ff4vvd8ywL|RCgDVZ)c{1RA+P)6}Yo&6kF(n
z6tN%XDBV~Y8BXk*STCMC)S;dlROh92bsKUHWVFw8X0M(^)oOf`k2gI%7VfcE$=)zm
zTdWgA%duu=X^T$l70;KB+ybhUU(HLI*E^23oQcxL>CMej%}*R*JG>u!*-7TQ2wnnu
ztg;k?!(goKH0Tj(G=$LynWQkvc!c{i*@igh_YbFV8Jr#E`tx<KTl-|H{K6*_KFd^`
z)@aX!UOko8s81S3uxxYib>TcMOuE(=y|NL#9Ax5am~J8}abSRf_4pR#C<NrzaF_IH
zQ!EqZKf7Fvro_X$O(Swtd!{aHURRmUK-11PR|e1suWCcVIUNQls*YD0N~dhKhT;c^
zxN0wqBUwHv7(5xU&*0=LHc(y)HggdF3<=OpeU@$Fn}q((`tHN6-r5c@Gu>t;bL?O6
zJmP`@r^lzA%(3cWts|V~=IV{_%v!ij2#v$84%Bsw_6H}cXX{{eSj+92?bl0kGlGoQ
zJ~BsBE9uB@mrKdhWuwk0wk2hOXU3>XLN`S(p~))GdM!RTz=rm|{n=8hJEp&O7j3nC
zhhu`{D}|KQY7FUSIT}8MhPYxwZv5h&NwR3|g5m;p<{yaLXmq_^IZVijp9TT5#qa7Q
zU+C`<z$4C-d1-1l{4sa;CJ}BV%h3ux5=;3wHsmo2cvD@i($GT@7@W-zqHvHRwVk=!
zz9ZLmo`nC@@FujkLp9XON=9{+X7gF{4d&iPLUPK0KSF<USX}ZAqSsVM9)IPctt5As
z%mH_oyY?)m^y;E1x2vaV&E~*9mv#|+hYPwe6^m7b?3<T&;Xb0IcjPSTh(IHMG2&Tk
zg>qNS(WA3uBPqhJEl69e6EbwR{Y1L{{Z>t8{8R&6Zc{Ozn!^O^bGn6&9*BDE<pgAM
z8z6^gYy63rC33j6Wy}sWmY4f3<#EeXF6WYq`)P^-pU2SZE32Dun|TUnS`9fe_q3=E
zf1bN>bhGXJyRAJiS)B>^gb=sS*SV;qY9D!9=<J%NCH;EPFl=0g`Eg1xiomF<w@Y{E
zJNZM*iAi^GCO8MSAbQ_^AoT~L)CVLlH`Wg_?o{pv<depx`l#CBc?!~SMKAyc{##Fw
z-BwB8jZu0PDY)|?aqT|0y8cNo+B1AC-xImm7*jES9(QtKu8)Ouk=LmmOpRu|HB?eG
z2jfd}eb$@6>@%HX3}4_a6T<dr6{%TKRP$SgarWUYzh|o5HPN@d75bUz4}3}H>%vC{
z37JWU%PI!S$}|v2$?bwE_l#O#UkMLbUXM6)#Q8Y!V)wE8#}p4?n4gUE-L=_V(Hytr
zWIqgmc1N^XuXwh4g4g`UR|*V;KnXRIkZ`V@=gsq70)1Zz%zGN3G`BU|n1+p^59?GG
z$G>eXGS0v(UHUO2ryUBu(VSl%wG|C9jUgdY<Et-MM)k6T*CiFo;6SEvAvoF?b%eGh
zsA<%))x(KtFvs{yRMLt^Toa1~U+ckkLbSiSi;J>9(#G#nutGCSzcWcT#_?w$Gi<%#
zet8fjp+PwZL_v60PxYvfjC76BIC+scWy$&EKU{FJOgGekv!ur~9_>zPpA}8<&(OK}
zM%**sFwn+a9~{urUlsJ$qxEX84IV)<BeY?KoiSmD>B7kjjV8b5$v9U^mPHS8HW7<@
zP<4_lk5w630oT>?dk_35lewIgcusH5TbzuOeC`0@tYqd`1WJzp(kprN>(h)zYZ-Gc
z=hR7ckRYlxlpEd$P;MM+%J9!}rXkF6P29RJya&myuEN~O(}Ay#cWNk{M4dnK=_nEz
zsVld-{`}jiw?-iyF~wgg2f{y_EwlYk{pDYo2Ayts6rKC$+fc0*G?R!likJu@|8(jR
z9Pb^wQP)%M#VHw@?&l=d1dHF921m5tpu1UHu-I4N#qG<f4qvC4jHZ*(8~a`0t-%Sf
z5x_iM8qC<CBd|JPd9XXonxK{i?e$+JL@i8SJLahs*8$((+*$C<-rt2okst9y_L~FA
z>R7oe$#&p8I<CR22~eF5b)qT;#B`l2x8-Fa+psc}S@12m&CN>hJ^8tfSqqN%-)dDi
z4Ea%%)<)r`C&~rmrVR|Uh}tSMvr+1x$MwJOu(kW*vl}JKtg4`mZ2sQMhWcYKTUn}B
z{qXl*b`!FwmhT=+{xd>|glG+IHr%7?!C033@76%A7k{({Dz75Q`JE`Ui2r*td;Iri
z_KK6;X60GI<smsWKMd!QF&-+vH?4d5i^dR22xnzCwp3VJ^RfhNJsa`&W_l@>Xu`yc
zB4G1$mByJX>6%WRO+Lg)xSi6=Dg=t7u;vJ!N?T8SUmz#{&V>5G0tCD;ZT6ax`eHja
z-FX2UjM&KE)x%?43aLjQ?LVrA_{X9BS)jm!DjRt}_KA?yVt<Z`Ee;ZZgueb%mJTgR
zYB$UcH70P5_zj;u0p2)+%m>aam>ngxlt*om@=kp)a&aK6?re^e`2pLQhcZZ9g8=aq
zfl_mVdO}<ZfRLbs96#lYasut^f<}y17a+Mu?}+mwdY6iSTQc)cCNnW-3xaJvVT|IE
zL1h!qWGapmU%-6^vD-(mJE8daTk-oHJ&7LeS0ca*{eP1Tu>Lz=R<%`L6h!hxfGJ=S
z1Rqi#N{cL^RP0|R4%YxH^WO+OgdCMzY{Dx|lS?Fy73k|NnhB4c;q-kF=ejPzud!%g
zNi}g?-`@1f?b)6@-h7nT2a+*hinJqj`EDRH%9VX1_~Sgr2(Oe`cMhN^j!92tDl}Lu
zM?-JjUbs&k)Idr0c#Jps*dc#jdNh=$T8s~+Zq+_A$7jBN;r+$T$UW1cr?8{{$ce~D
zJKeNQiFEwCt$Z?Q-X^*{7=!F?Vn}zFDF)x_wzs8O)w%F>*Gy^ra6IFo7WnnBABhB$
zvm7*4pk=7HQCx@EDi*PmT>#5>v*53jDN4CsTr@ZFB@BlfsZC}cLT7Boq#BsXr8bkG
zS;aBpc!}6%C>ik9i_G}a7}MN&OBN%p(q{86Q3xE8v>gl0%b_wy`9LW`f@14;?QoTo
zSP1NW#^Gk7idvtCi)w1#39nSP&u#V+xKbudN+V2)3Eatg`>*^Ne=;(ip3!BcshWDj
zuVU-5ks@GM?aQ)-zw`#G8D40%9jtrnm3QW?mAD?l1j#9AZNy$IZlNHqYzKzoLMWv(
zBMJ8g0B<cZ+8RK#u}<N%$8dqV#g`5)-8G^0mOmZCZw-SC2K17T^(o>RyU#f~hAzq`
z$Lx>i`fkF#_qM*@>o8R}r>C6jHRj&G?n7dV_1${TzN$6F<ntA1>3FYtZq-6jY=zT5
zN99Qo&!-prVkf|bMAU)}5OGL)DOWH$6%MIa#IaaNM@?3BIHwwNHdWCW4nL`Bx_dup
z_VtJ-lTI899qb6Cvf*1+{0PaAVLQ)Eev0ibG}Dk`T^!G(qoJQe><;_*MvI}`6H@Hz
z2>}3t3nG;*jIk4xkL`h!_7&XJUf2M{kI3BtGjoa*Ay0549EJ-i!v}Pu4WMuf1rHL=
z^ZSqSINJ%oM%RvxHz0=F3HvpH0=U5Ns_83%sV$*KEqyt^^CM@GMJBODMrg&)e_d0*
z+zf3%ZR8)ZfWJfILvGA2ZGgcU&A8<YY}(fWDLN%PgE}hafh&x<K5xl0d*%K?_}7WJ
zjN+yByTRNG_&-}#V*GQ{^^av_^ygwKeey6y_a}GZnhgw-Z+E0aLr8ri)M9Y__HD-h
zmZ5w}AxDWp^aT<~{x)R?EiwT5yThE*%+&K$_T<csfPf#cdteH5^nRw7F2kodT=1<S
zIz(6kJFoUZMn0&+#`uv?=7X%jQM%BM5j{?*AkO3~!TY%14d!HOn7`VJr{BR0PKGXA
z8N^M}dx#UC4!^TY21GQUY7Q2C!Fc$@SYX4p>^rw21&<Jzqf#S1=`!S{W;v>Zs<d_j
zS2IzbZ!V^=Z8}y{g<(#~9{kn*B`;H_7cq-T(+r0i=5Sj9whS?b3zI2GKP~a%2PbQ2
z(u<V{51oLP1NNME+=GN>jmj*fZyM*_N)+Y6h|MKWr9xtQ2>$YFZ7F^D`l7y`D^($_
z&Db9$QR{z~L<#<05*<<?)ZBwBIb^owScJ2QgUTZp`&|-saAF07QjxW_`&9jlV4l%m
zH5qX3n3-&e`-cMM4a!MmTWTpu8=pJZW`h-%f{sT`IYzCj43o)(rnaVS27T)!ww@Pb
z1V<=LO@uHO4lc=(2O%z~-tl3VHPh^Ohq?E>Y$n>AQFvHqq~p)SLZvE>)9`Z=IdWm9
zp#+4=tX=`dE(=Yp7}il?1}!DRCRV!%@0ql;3!8?0xdkG3DMKCMmO5Z4<3!loX#fu>
z@9f_l=5Uz>;$QC&E$N7!&oYUqq)pnaFw`xl3=!_ri7a!?M&k7dG;fY!+vCFA<MW<i
z|7y9yb{vfmzm||0$bU5cVg9oo`mgvWbj7Zs>Juf*4th)S<iR^g;TD4<Qy~^%+LZ>x
zN{*SU*3q>3&lvJRG1P-5fr($S4|;LBzh%-)hSNi~z1f$Xo6A}K-BzHjA#ajcV(U<P
zmakKDIiFEIX}_Dr3&lCSFazf7w=OKV7$3|a+5npa_^@ttTgIG<uJ1GP7iCfy9Savu
zI(1{b!lRd!+OGJ!@G!9lbw1aY6u#_z23f?zeDo7KOwE^Lx*B>VOIC6XfiG?|g=)l<
z3UX3);q^^<hE{5oflU)ZY{<d6fJom8K^BVd$&}~uUSwq7J5f77`)Yo1f{~iI>ukd6
zS`0XzI25Hz>BmD0m=lI0Z2ST8&Vk+nS;uF#iX!Z&a?B;XSPk{$eKyUkKD%w2hpSb5
z@*-V}GExVY6pCR4;D&0)`LWIT_3O;i8D|a$oOEQ?70Ug3ZO}e{6pV-O+PyngY%fc`
z5JYf>W-^(Uu~0focC~K%tb#CUG-NJ=a3MMQ`~WB}C|08bN|_Cwa8!&MUYi4mE&Il|
z@IKchZY31oTpHXsCL6<{5y}ypXyd?uAM5Eu=^<3Oi|GZZD^cvB$J=#Th6Qq`Of`v1
z$ve4nOOV<7;cysjY<7mJ{h0_8j?-h0KD5bf9Vn?Q?&zhF+}IsFZCX@Yt4DRyXB$<T
zq>W-^XCSNdF6I`~*Hck}$t%q?B4zoB9*^+4?T3D<Hf>mK8ef6gns+V<7OJ6D=`qkt
zTcU;Gk{~_d?bU;izd*T2q}O8XOj`Mq;!oCYn7Fv=*Bs5-T@b6lI>EJloW!tv$18@z
zJS|!RON39Ho)%jJ(p+#gk=#ijTVAB73HZ1=&A(h^&7$~;v>vPT2%%AH4hr9~15fIB
zH4abeqz^b%R&fd)L0bmW=9D(p4qgm!YGyCY_*_=%AJwkX?;9YZGN1Dr9eN|t^8yl8
z8X;TEG2b2`GiiuJnMm3M{Yn$-z16Z7XTii1T0xuIcSKo*sy;^UfW8Xg-w+D42=|*t
z>&criK$5>@Tz<m+Yum1_(hmrUUw5*<F0Frzv%z3tY6GDAW6}W(oh|4soNaB$rskph
zKEZ+a`Ss)PfL(zo0g_ouvFfSGoj))<L3OBK@R;_Jq!m}^D*|vcWba_kzNo+r(VBU(
z_qU9|*MS_CEVf}Sd@wNl_5E|D;hp1u-L3q(H2&fD|M%Dacze~^&j^8naNu)%WlxZw
z+<^~PPU&Ejg$CymGe8`@#0$w?H+R!^*~eUK6ps1x2|MyQmn5nN#K+sonyv(|lV}kX
zk(ez{FC%olMUpkMLCcdU>9e!yTF&KZAUSQo$wD(R5Bs?z%oNf^$-Ic$RPqXRje;GS
zw(FBPA*4f|X1}C0(~h&#i#{vYS8Pl^&%*w76!^3yAX0waH3R)GLht|gC`gIQNlVHp
z(=oBJGqTcKIq^j|AOtd^iMo9$1cfF`P(yX;o98Ttj?!1yEK~W;x2SHw_|^p#;nqdL
zC2p-a`gE*hJ-Y=`1!-`Y0DFNR()9)69Q*s3LQdRriH2?KWXmZPE4e~ct&APr#wm1&
z&y{tMTl}7PaXpf2XU7w%(UuH)7J|u_EQQPo8JFX;oQS<foq&dxH^`$|a8b@MF>9=0
zqUXQWo1Ib87!ZHm!T-9f|GAM6G5yz1>>VX-0X7UK_QDpX#@2uB3PdA4MJ2oZ?^ZuR
zK!5#*8hIUmNP__Z6+!<0Z;$u?@m~Mk9?wVB(EdOS>HS)t$-HGE$K+DlrG^?T0*|p@
zy*|N~e!9%6Vbwip*!rqADgXS#%RDBaND)^wFek_3W_oIdvD0VM!M#9<Nipuq`mqVV
zc}BGV{Ax|lys7`@;VOphg%L|bQ`8XKtlogD2EC;^!r~#(mIl7p`^yK2euWa+HP>XG
z?xdDthw(%oh_ZsBB!}0Ul#;a;r-GE!=j3>G5xWXdEuf0WxqKuzBwSgI7!-fOSW*nn
za~Q*9${#cdXgRQ-q$0ABhk}H@Ud66tS`4Z)%b|NOm9NUZLcJ=BD=7@nsRecL==IYq
zrdY5^R5qJ*^aK2tx$I@J<yNz=G-eG3x~5V>@@od*qU9i6H98i&7wBtBw*jTpkT7QX
z95rG^%p<kIvEzfNC}>ApLSUhtT{^Sp+=L`OOyJ8t5y=hRYDR7u(8_A-6F5|sn95MJ
znxju5PPVioJ!sic>PcGk=Ybi~OLONh((DHzt{r$d+ORQ7h$u3knNI4jG^)rmhQhCb
zL=07Q#@wYO@I4D_?qZy*LayFF<xury*bzU)n6C%rfgzRFOC8wnv!(}LmASX#yF)d3
zbk6|sp$JS65ak9C@(mCgvbubFa!LWSgmEwmnOr7@o5K)G8ur8ydjy0zC`Q+D3~@x~
zYr=)rhrt9b`O^iNFpn1bVbTv=&NrADVqi~cX8R-32#gPmd+t-zYf)5j!pHkY)+=I7
zqnJRaeopQfi)4rTvJbq_(W`+)J*i*xGISaw+3hJa@ah3^@6H52=Z=}r{L>B@ubi=B
zd;l>GLFT>0kI-3>sgN|)fu}qu%)>w?bawQoB*sXBq%n%PW}rA^lT4%Xsc<?3!joir
zX5dt!`<X^*HWsqmCoD{GNHk@u_EV_N^m}f2Ie$j@H*h0EufnK@juiudv1ZXGh4-3Q
zJ~ahAzRg2WU~2J^r+0~|blsGh2M&QZ0CAtj8)tLdAsse*eMckKHm)f~9j2qnp0=-7
zk!#2y%`4kwBC4UraU91s$SiZQ;eByeU{{(*?;+k5bN98L9?cDV#S~{y;*5wYcLPVf
z$gjuB2DZZ`&*FW`DutzO{|ckG0}@2^UX8iO4P9<Xth-|~cK97f<OyQ2|3_V~&xes0
zhrxoMyoTj=dBKUTLs2s>2PO|9WYN9~fdFJrE^w_ur?C>u*?xD6ipOfZ3KW7|jBxaD
z5dY_8cC%7??8$;sdz?|2M|08p6S86SP*bbm1+g8?g$#55E?DU_r-$g2pZ&4Yg(gqd
z0J3wQorx-<uU(R&=X9O;n&Nu9@joqQ3v?brhUBod{46%Ka_*!MiFR!{zhFB*DRiJK
zp5&#*6<cnZ;J>HHB?3}P^5(W*{Y1@~dpR%px1_j636nxkVGg~<DHcmCBypu!*8!c0
zAZ-OZpj4401kQL+N{UJf>lqZ{`HM$9p^u5;dIFdnD*}Hj)3Nbze)|=bgF^!WY5#L=
zh5qVO|Lk#TtBk9P=1UK4)2ORetN>-yg3d;@K=;LfMq*gd%1UsfxnOv8@>tF>Yx;WT
z3*%lKV1&Wy9rOpu3@2+5%LkBO@?pnhpg~Yeiy8Uj(boN4_Q{r4;_lC<BMu<@18Mx(
zeI<xRoSiw#pQ$)IGe!_MrxN>(IJFk;>f#tp+{d@MIL9tJ!>`;Jw*gw{Y_yh?Oy8#^
z#Y6AmD!dCu;^{kG`T>>1_zfs69Kn83_G_fr)$JH<)>~;-c~Fan$`EiAn4$*H3$VJq
zTMsr6MVFid3>&;qU^#WFI=zNFsB+TW0c5hXu{h1lkI^88qF><Jru}(-z`IS_Jk@q}
z*s7)I=tOZWYd9TPWNSulA?+8!@n!%}K(D{q*WI!c;Y?ssKR%Ij*j}?vS)EFkefE5J
zX<I{6vz|p9bpBAR`5{z-y$rg_RHU$BHvVIi&2Ew#vE(8iv2_^0H8VsUo5>6Fkf2qI
z`ci9)vE52>rO`W7LU%5$oqCIMzawiW&Xk~gYbkk+W|}jnCT!P|+JU(!Q?dkz*?*fJ
zgErM(GWjIgJ>fIKiS`kA*lviIT%H>a+`46k)Dnyxywwz9zY`wZ>ti7Jtx<Iy;4bmT
ztnq5uMn$*z7IoNRuF|^h5m~OjJ=P{7S?R@cSH2)R3?qDPktptny9L?Vj1EJg(2RpM
zWC;;JN$Ndieb7#2qdgb~G0|?fN20<?i>uK;I$^Wi2ft;K?$H^EQ*M-fZnTGChg)ta
zJBSbJ)=;~T%I0Ua$KqYP4;#AqbMi-7b{rMn;MzBi3`5R<#5LXBO{VPpQ5DzI8BUC4
z$}&AA4pHi3Aj{ejO<Jcg4lq%?X+qvS5{hEJC0RK>@(l@3k>Mj3GHkBztO)q=Q4McQ
z;+5t<Jhu>`9KK8z(W@ZrMt$XH&MpNz2qo`D`C*C-_G_7i-c`TUJwHDs%o2{<G~&$i
zi(a|x?Sk^!1iK16d8Yq?a6Si?xlaxLjA#cnynvcPgF;+LA)%*Aw$7sCp+x#x8cbwd
z;VLu4%-UK1p6p8~?02@_Ei7Z~?;E&GA(|7$jT9r?%wkz;7Q6$C*za2?iWq8nsVwxs
zHZ!-errZZLlE1NXk0l>nhH|)MFgvp=)5~R&$<62kY%VFC@gcFmI?d8c?9vwWo!-+=
zY**MKscWp7&%c4W1-2&$mFMs=;i}Kw{{!KLf`_vsN|~o&*D!kFXNU^k4>(}3SB$|+
zezA48v4$Im*mtC&cEJS4u|3glkqtDK{vx##0RID9P#V+cHN6PMvKtF`wj?@hcX*G)
z?~n0HL~@^FEFCKra)vIx@rFc69*|FSy_`1_^brG3y+i-i(=dF4!HPlx0@@+@6+iv2
z1OdW^Ha5zZ&Zf$yHvg^8)P#0dS#|lSGxI2#7k&i-O+>0H#*XOsHzg5lU9(wFy!_P1
zMj9}BDjAJEJ=SCpj=L!f&@Geh<cu;2(!IpuC}@ztAqvxAw*`&JahA+#j%aF^Oxm!!
zD7C~j##H$5+MQaIz!5yE>Xo;@?wag4c{>r99IVrMxx?~TJ>X{8U_2Q1&Q6R|WYFtN
zJKC~@*Pp*F%*Lbn`YMg1_b?E}qW8x2AvCD(`As!@86Y>f%IduxrPO_ZbK-}nSR3W%
z9?zh(P$l{V@kKMZcR+t~bl2iZo9ms9>gA^U$;(@t{|m{<$7lWz#X+~DjmNK()_UHA
z0=EM(gcI{^M~6I)Kg9K>1}+@G%in!7X7CLpw0JUSNR`IlyjA9UXL)`~Bkm61VCyc~
z*Y9a3Fz0>Zcz(UP`_>BilgQ8Sdf4i%470b-PjXx!P5q+{FK7N%Kxu*joH`Y2yf{Nb
z^q}Eusl>t>E}IwFkQ{K$u0+UVhGanKi!S~n7G$)-QuvP$b}<hl+v_QOuN$VpiWVMR
z_lXXs9b=eeXAvVa^-jOKj5Tsom}Ix1K{4mBgz&M)sp9b4I^BHtJ_)RMv&b$)_%WKv
zvR%r(7B>fRQ3Ck#@4$AF-yM7&zP?hjJC)gIp1K665#%iAFb}-)!~{%z8Mv0vpOPp+
z#p93@7bNJ!gNkY`HLj58?I1~vR#?f=Y}qtwaGy}nfSpnfLkxxUVqQXz8(x^FOsU9b
zbdlz5AhA}NoZ_92$HYxbkiZHnrnsZUkkx5d>RZI+vUqS#XBt3>eMB5GHlrnDLZh5K
zOeZGG*nCxbE%)Lt$07o`Fo!etg{3AQf6!ny9U3^!iIDIkMduQXNnMs#riv5n6rIan
z$S#R>uZ~m7p)yUUNJOTC&Xb>h6WRu|)z4;H)D`d%o{@2*M&5UMwwcb5O7Bse3E@sr
zpjO9XH{wemATc$=cFKq$mO(`^TO%cp7?+#Tk(DNkV(li`%bS{$9MWOTNymN6*ncNA
zN*kUjWaKDCIRjA7RI$sC`h}|5Wg|7Qd)=hCo^m}Z&2Q+c^EI4K@KlfKd!ut<_}$Fi
z62YH<+s#hK{_GlGIr3C8!n>ZTx41wb_l_am@MYuIFWS1>k*F?HPKC~$(Ne&YWY%w~
z@Fsgv9rsZm^s0t_5OTeUe3_J<ErT7biQgzohF<rKufVb@;9D^!SehF*S;b{4>OLsN
z7B%IkX_EkEuJ^>IPt!GD&ENOKMoGnO(`aj*8H!TxY_<(0=t_iBpAahLM+ECQ*~s{A
zI-b-zVtS?~eWpT+bIxwMq08-Irpv!fnxbv)K5q){j>w2#!i=D+BOsb!8P9&1KeE+P
z>njFxoRvZxNisg;K5$9EIGC^lwRqa|Y_X1kkR_Qy%aSTvH^fu-E&aenKvf|ou$Vc{
zWJHdOq27eN5IUbOq#kV?lLswFiPCMY@d)AB=%)Q<V=9$VFYD;MxU%4axIv;)wNH@&
z|3Ky{N+B;c*1eFyISzYsb^<Rp7^3iuKUQcQK+GI3mAUUsoXCwP)hKu!LkRbS?BE+{
zm{41JUW^#)2EJs*cIlF63dn3HfYm9cjVD(wc$yA*{bYL9&!|I1ZM1IR4j&VsI7$|6
zEwd^V4ua3OH@;A@KZZb76q4CJoVgq#%;{n?L>|zAD!$R^^LQ*moICf8H<WFEAw=6E
zNkse9a-b+mXg{afgl)~__G@matd`u|u##C`#++!voC}<h1ZtDBBCXUK<Y{4YY6P?5
zOnu$~9)8$2WL=eTDGWZ{ry(1BL}@&B<EYrOZ*ba!5#`34)lpnVwXt#gZ5g*N`<VC6
zOoWG><%w=8s33|Y7^j75v`a(80bHnM&kgmvmmSLz*T&z^-BIMvj2d|BMW$AUlyqqa
zIbVbDiV78*X2Tne<ukGnL#KfwjMYqHh1rWq<_RJcBsE-ES{gIhP|RxR&qaE?S>x?m
zDmW=XRIp~F^2u>r=0zx?j)+MCn?DJmT^c|zHQ6ZO)Ug%W6qnU)(8-a_9ScYU?pqjK
zV{+5%*|doxiN~|WGUrDPzRR($ziCXQEgWISiVR~hJ_TSAm%gj8h4E}!X1#^uj!o=f
z^wJo@!AZ!|X6WJImQKeX`IuQ9er1S@eDTKRkdPgCJKZubPSSisRdd5lL<bP+4))!^
z+A@2^IIBQ!rZO6h@3<H4)`u(OnBCXYeGz^bwOvtP$b8|&mv}{YX<G!?8F41dWH6Ui
z$rl5>{R=@o1Z`(omg$oW4U>_32E$9~Ah%PGW{V@Kd-ZInr)LgWBaH42-SZMInGs7R
zp3`3{s%NV{@QixL;l!~i`EV&*wxZ5)Yj>Q|zCGnAe>tI{Ae`c^<2@mdYS_}w`H7M>
zkAvu<_@eTDHH+8gVZRX%wnVIH?@5|dUE7eHR4x71N&(PD`Q}Sy-l^}V6>8F=j6Arg
z`kXQev6MYY%cQBK;g(5+)VdUZ!^}b98B;GpNs++}y|5~VDBoeaG{k99nP+$Ae8}=_
zca{9^;n`5}%2(mu8v1;vD@wk?G$-uy&0U`r_nwHSFNugJZcOixU##oRwWaZ@^~p52
zHL04<j9JM0%8Js-lRHAI*$@Lrky~9&E>>zUr3DgUYv3&9&BgISST%?e4osYgJJ2|w
zfnwh=8_=u<ITC9qU+;Oug$7xv9-D7~)W#zRz)H4{{oEc`MApTemt?+wctM%{`PsPw
z-ghRsD^C>qWJXZg3C(YfC^k;uh_`<;r#)qsUgfqU(Z1@_&+Qtx>Ff^V`vwTu`9PqR
z!i0w{3F(!EP&KXj@g%n*(3?^G)6rK(e_IK_=;up8o)U1%=`cpS!K>zES4aD@HwuZ^
zPIs~L`5ci_|1w}cmc@XYx2t1)Dwv*JSR^A?2ip*LMEV_|>zx_g@X{d2>qMX`igHeE
ze0phsz}Pg-2?2aGm)8npB~((`1uP|=kmMp4T2AQWwKAn=g=E2rC9#!me?w)iS=sC}
zXX|VBOqs%naz8b!wK`z!gf}vh+}a3g7%w|y^aM{xw?2|byr8YUGTTdUs2am<Zr_ck
zQcUsEP5oJS+xHOwSR3&Ky#nDE1Q(FVaw~%Hsz-zP24f5^Q@AUQ`hYwLW&VJ=Nx9(7
z?~jF>3CtT<Jn*Q7vli#E7NMJ*BGz#itc_z!@@@fPi7D^v?@PHCLwMZNb(Vk*W{r4~
z4fDRP(<Eo7`X#;#?mE$zGU%1qDmb)96!S^@OefnxBt5+;t{Eyuol1(klLV<*&?y%x
z_w)Ft74Qk^ypWkRW;R?(2CvlmoX=;Utb!PdnwuQJj#A3qFCCJ#gm;a_zsik*iGp@Z
zFAN5~a(Vho@kyK#7^VAw$v#nzd!@e;kZ<#s?p2h~(=eqOJWwriL!H@yOF;%~iz<*y
zP^?D7o#_DFec-V{Zxm&+R2d^IL!6~pjqf+#QsUbn#h6aOr_fKWJb``t*<Fw!@4@s&
z-Z08`v2E}~Rih?vxMACN*}T2qTKr+g8XeoT&aJp%)felra*b{&EWT1GhRHL1@W&v9
zS}Yw#Pf%dRh+{>FSBwzS1Zh`D;P0PN$m{T`hH}EYI_7ClORhF233Q=BU9leMnR@dS
zJ;Y{XHOt}fQthXMpMblwk*0Nr1xgij9vzpm`jN4sCj~LW&H-<Y-ZLW!OkNSp@Zn>9
zb}2ixN;ZgQ>%yD1%iBER4vq0Go9$^7y|*SQhn_eIR9r$Zq5`h?roCv@8qu${Se%N<
zobcRIJ7`zhP^ZxcK8n@I0gf-@6a_KQdzDGnu^P?fpE5;6Wv(&qK?nJwR{AT`3jU@E
zvF_k_#-$S`VA%LV`<ZK|@0oY-%wyn{41{MOo>%lFdVz_=c_gZp$0|eaP$nG5O~p(s
zI8d%W{i!)nFZ4takGKuC{R1q=C4MIHT4NerdgQ$|`qdUY)ToO0`Ql;xm4&DaCfC6X
zEQYCSe-MXY?)Fn&AVRPI5AOnw*}<buu-;5P_nnzqL|Lah){mbM#&R8LHwdD%bom;z
zM9!2@+mYJlmkM7oHf^SlbJ;_@R_HC$OD4t5#W?HU7ABLI(a{vgI(+9vC+Kn~g1T%7
zvWLxj#Y)mxy+|=rnJwvXhg=+WR!{FKQRvA#Drr$xo_P}kTx9RYOkns|SwH6-Q6Ah^
zExqHBoLOr`*O7#)V^!2Gl-e_j_eS<SktZE<72eWiQGZrj57UI@<8^`cO=?cGyKZB;
z`1P4JP|LRxrWHo#YhpK`XyoP`)wH68;Vsm-)y5%6L2D0x{3hC6#c3ey1MdDTnN3v<
zpAp=awYQ?Zo}KT^9*eB)iV;KGRuj`mV`;F17|RyR7j&`QRW_`-eR<arcxjCR;X|J~
zD^)6rASQ_1Pqdug4t0V^arBOXcK@t9@Qv@~$E)`%^5LEfMs;32-!oOfEB5*a#LA&;
z<~v4K5J&pKj+ytz07P2`xLPX_{WaX4n~GL3G>ln!0(#hR@SU3`H!P(Gs;@j7{rZ7L
zPO|0vMoWql%5et(Q_sJ4|1hmya799KQ0|CNY7&>bH%?$IIo1ItKBHli9zQ20V_|+J
zoep2Oc&k~b^%F%Jn`U#%;@ZVjI9Eos*!*c)`3Mg!&WYrp8`n>S%|O`ZgTn3d8pDxS
z;WuPAb(Y0p)u2z7$#j_8DsMa4nU+@*>`+t6Y6)28)k%OjssS?edwwElbvF8o${rxb
zcOAZI??lyEDVEW8-9|gEj0K6t7H*R=H6J*(82%F}O*N-@06d{9N(A9aAEWlitUWce
zIGRBNzyNzRX290Gj0^i-mpZVCsm(ibenpG@OXPlgFtO=gcLd|h_vNX(3BUdc1%o&k
z<NP<))FwiB7cfi0vwC9A1c|5;ieO9v#bBiZnv@!|n(QB9o})!3{0T+nY)-)>(iKHg
z$g*qHyb)#0)ZG<QkXThD?X^t_e75<D)Qo{Cy0XU8a$(V$dG}b}vT(~7Zhbe$jggCO
zApMy2l|XJe%?^5`*mP2RD3{x!*pZ^(=OSd8PhC<|{aQ?`r8@YEoiP&9y|u~^f-$7e
zCX(F&CC+Z8>@t@em+#`2@1Z@rV_>G>c$f+@A5@4wI^p-x%CJ$!&pCIjx#K47P2JKM
z@k#u?!su%7<9H`d@D7}m$|`{9{wLCNIpZJOWe$AXD>}Y|P<F*9E6HtuzHnWZz?QQ5
zYcli(=6zdOW&`ntT&9buXbtB#f@40ir8+4Eg(KzO(oWM}ao2H2*(A{C8Oz!##-Dg~
z)<?26B<*LEtS1hf_{#hzBIvpbF~o{NQVl>&!^98QQ4ODIMZ+{guL=>mMEQti&R#`<
zERlzN3ZW6Bj@(6pB`(mP&>jhpt5PO+<P}=)506-!BS(61*Kw~(yEyKvq>t6kQj;!Y
za+U44#_cMUL#8AjWU|oo<qw>6T*~L6Yq^(C<vY$Bb8NN^);O@JMWrmYSr+5~CM~7S
zHDkEl{vZy>(yF!V+A4SSQt7^vb~8#p@87%#26<`M2?7<2bOMyypNlsPIA{(aOv}(u
z>36<^qigFoBi5<Wyx~#X<MxLZz@6)h?4y0|9)5|ZoU>0|eb3PPSg8A(c8<F9=bZuw
z5D@e~437Cz`JkdJ{~vISio%=FZ^aI>&tN(h$ePA*c>mB-<96)ToJ(m&hT4;QrUWbh
z6X=`b2v3*oCmdPE?dj{SSr(_+tqekeULQyRA&qi+AK7D<jv#?LOnam?0S2$mBOu7o
z6=}rOSeT}e?l*m-{WpEX+nC```bO7p`i74+oW~||Y4^Zwae*_>+F>J2afHZR)T?bG
z2&(0LQ>eHP-Q{Nkp>?au_xzd^96T_d3avC&{okscuxAAcLqew8iFU!CdO|K~L~XTN
z*#&Dzi2^sh_Kxq=HX|k(mgSVu04adhe{RBb+5D`>I^%G@x>B{PzqOy|i%fJa-uBCi
z`OgG&i54{~@(^##l3!~^6^CNh*WAj5BnN0O%lTy+sdSK?{ARi@If*gYP0(maOn6Mk
zgx5#uRJ_pu6QiW1-cRM8<<A;JD8fEAAuP$U50+gS%=LWaPsvy%*yM3T)8G7AWN0MI
zjziS=ejk%Gg{Y&4tehODTI9d3j6HLEhB6E8Oer5t<CfvwX`#X$rQ=asB&bpS31>8>
zrlW12Q{Ik<Z|FfA%?5U57qChKniJHFul#zdXQB4tP&u;LOaKxJ`Ew9|a6xjRUhvU~
zpxN@b@N*m(r{eJJdTQ>(IJ3J<Qj3C5+PI<B9ZF4`Tcq>>d|h7BAmIZ6;u2npbe4Qv
zG`nB(Q^IeI0p1KEusSOKfAAZgS)ZOQr;w<m$LOsPFfFF`iI16t7kE9$<M|0R?T=yG
zW4hXt@?OCIYP>+F)|)E7j2HW#RV}mr4}RnK8DBoR1smK}QZ$Q#Ef_F~g@u}Y`%k1Q
zEhUr+A_^Y=IpK?&2Zn+k4$1FNDEJ0v)SXq1&QU?BIh-5i!|TMGTPMKp2MoacZNA_f
zI<%kSq``GY&=Fw?YCYRW7<r%$8ygDH6@#=Vf1uj&R1P!h{|CcCeVhQVw9EG=hC}6F
z7!LFWk-v$~Tm}9Ro$37+ojnAJRoY2%GaT?$H4k<(6xSnSxtr?b`^gvl7ltG6L7$_;
z7n$9-@lOng93hSqz3G229Os8jAzFGaa28*rnNX@y&c6ZjC~!S44AC5nS03@o6%rX?
z;g`!;*n=kxuOEZb@I^%iI-`wDgKf&dJSbn=10v%<<et)pk`W125!nc%GzyVMQ#gdr
zZc|&csDL+(h2%XHGY#()wy+R62b&YWo8?+AA8uTGX_(!%eid}#;@T}$-BQJ0ytzZ3
zf^uO|j0@%7a&I<MW{=gvQCmcRH<bP1hAP~8FyVc#arWg5YSP%Sx?oU8-JOehu1n&A
zr6uk~r0FhBojsTO0g18t12GFudUQP${5;8Hj*VEEx}y@(qLf0ghgH~*aPcdj<O0r_
zW@c2&Flhb80x)w++}Ia+3=B(W#y*Z@i)>kTOb3{<01?Od=r1gsJYd~Pr+p?@pv-yk
zUXQQ~k6`2St8fX8!Ix^&`*_n_*`vH>5}6dUU<-NTD;Liob_eWsM`gZ$(+n(QphK(v
zvR_Py{~O^l^PdNOx8=~7&^}-$5qRJNDGwMv1=0#A`5i11M-Umwh=o@>mSAqLbEBDW
z%9aU#_3;MkQ9KMm+!My0ovKCtOiF$s>Ln*X`<T;u^4<IO<A}!JYma{-{f;T-g5L}<
zI0|IOH|5cOW|&*hUD@nt4fnnrf*-ojX(<(&pkUdN(SozUj~Nq8Yg`Z^(nwN0v8ro4
zepQ)F<X+g)d=Vj`EIH|EVKenu>|5lFL$xE<n9iCjrq-fMT{K1Q)~8&M1%ID9x|045
zs&_-%W@?q_Q*szc&ss=zb-9fbgqfkn<Alam9qMJIe=BmDPUu*L&%ByL7P}!NK}mp%
zN|Bhf!JNq<LjA0^NmV2&H1t_pqe3?<$nXHnv9kuF=720V#ISrxwK`;ymaF@6|5=R(
ziw@tf0e@wMaw*8K;HT+^)#dmYvah?YNS7nYq9Q@y{<cF|F2!wIeAQ3yv$qZ3Z4>rH
zTxy2yvtBUm@qU$oIOpW_<cD0THtS4+N?-`ZZ}mt9$kGI<pj!h{{)*YA?ko41rdWJ0
z^>B3`7n963KhpCI-{OWx7}2EDNbZUmr&Q#tzvNk(q;r$qe8<$+Ufh^UEMC;VR*zdf
zKGVl(s~AoBOc%s$AOJtXUE{sLDJkY?@C|hhQt5?J#HoXEhA5xwl+yr<gj7=x|7%JR
zVbatYwe%$6{3G`JO&rn`CfFi=8U5$ln0=iF{eF*V)B~Y_EG!?1ub5pFUBcyfCv?Y`
zB}GeNv&SwK(z=C{?Mh=+?P?knmi)rT(KevN$Pmyh5z?kVA^&R0W@}n;zm>lq|FH7+
zPgk65`zwq<8vQ9Pjd*Sd%m3-=4-`_t9fGkDlz}n2G5nV=daJHy9h;YSG~P6_q&WId
zz;6m8>s=@~&<u<{lUFlS*Kc;_uC9JRpPym-l&fWpQC4-GNaFD9jvZjz_-H-a5BKSX
z4UtC3e#a5E{f8KXLOue2h7hB_Lx@mzEXP(78OxY`)87EE+5Z7}k^TqZHTVa>3-UL>
zixUo~LMtit;y1u6_E|>4Fps5q;xI55`?F~rQCEdlHb@=p`0jTBwhmvy-#&Qxmk;*(
z!v{Cf8$tAvldWbsSin*ISWZ{d^6b85&VS~wNodrn%|?8qclcU^`8$N*2B;K}GTr}j
z!g)5Zm_u)80(G5eiWsebgb=T6ZTQP~3U>~Kri30kw@e|Hg#6S5mHep<0}8m>dvL=^
zwi~vk*lYNx{IbytaLN=15AJ(#EK=8iSGC{lxw%2=AoV2B<s(+gMdp7+5lqMFok`_I
z()ir57`B-)iqeBt8$~e_XOeIkjWicIPT-Fn|3Y}pUElg~vNKMV9<5>Zpbgxun_Kac
zT@V>){LGtTs?HvTmv+WJ7Ss-nFq%){6y#gx(M?DF{+wPgA4O`Lm|O5gL6;w-sus_%
z@C84kZhQ!&1p%~Fk@VT>K&OwE9ysD_eDuy_J2M!+q_aWg3p}bo{QDi^I60|64hyMi
z_@&wOA<hp?S_5P!Qo4mP(%<B{9vuS2TPQ@QMZdq1=Suc9R8W3dF3T?;?Do%T41{e=
z4ekD25&SQY{Kw-z9thjp{C9z{M@9DkVeK2EGuyUpW81cE+qRulY}>YN+eRf7+qPLT
zs#5XG#<}<Gea~y{opaxhmDW~%t@e#R`W$`EG5WMy5J2!j&Q33u#Ma7JpqMoxfTXP*
zL>we7hoIa?I)yEWX=>Nr+}e$c)O(8m#YqrA<**BWQ-p9J8<{Vnm;eFpWol-+Gx;@V
z%WmhJH>f>!43nHe1rRv8j*hcKgo0F?>b_0824S|1xY8+j1Ebf=r38uONO(^)<WiW{
z#A>Fokoz*D!|Aoeo6s4F!aKpZ(DExu_!5Dvar_X~)+2Jk3-A3nJZ=8Y)TLwic1yzc
zFK@T@$}Xv@2fV#}#v>gxJ_er-+QvhBF9T<+tWmqHt$;|8%4pyIA2M)PnKW?4F;=#S
z*=!?-$6Qhq;%m0@!*QbYMibs6AVlj(4dW}sMM?O;hJ9)l=T=!1iGr5t@5Y@t?q3q`
zFgY;Wgfu>=Lm@&)h*@GMP~deb7GCZ+^V;D2usc)4nwZxyAaS1$j*FRs*Ht*fqWoOF
zt;8=Ps3IxU6$8ZGpLQ~w9b)R)8W68f17`3-+U4B2md15A2_{#qd`CaBhK--Q^$W|~
zVp7SM1y*0#n-MZcY|*e^Be`DlmAZ4|(5yh;snP-YQ>tCovR<revhoCJwY2#K_KIMu
zZv9f*g7k_c>=aAfzJk>rvi+RiLosOapwU>xk~@I$dMY(=NbWV0q=~AL&xhv^knTv>
z*6#hzU;v`g%lX0|mqer9(TP;%+%VWny2zOkWTJDdr>3bV`t&z~HS_|Mk^F?|3+VsX
zQkU(&{5@?K7*PIUkobk62Moo$t3k&97jtlMsf{%ij3SF~S%pP6SXbj#V>haV41w<r
z01wJOmqkk?WN`smq!0hamz@LTkJle>;QrzoIejR#oyS^$9y;{9V78tb5B3uSHlgzb
z(GxbG5{>?MgT#O0*O%W7691HF<2Qx1pAzllza(1Ye@isO-z8em?-C6xW^pUES?>>t
zrt-<JpAxP3cZnAFheXprPyF`X&)o5i&3YImqpFG``ca5Bn;+&kiT2)_tW!5qz?i+6
z18LLpI>`7*ua^lLp9(GPg)C!Kd!{HHyUAhq_whXQa=w}dN*&mHa&$ch6huhu-+gRy
zkPZtj4(NWH%{%yl#mwie!n^2AW0=v(QPC;sJyO=ZAp^OZgWx$HH4n2ea(ryui)os&
zx&O1}H-%OZh6-k<4X2W(tW-+%PYSL5KpR&MXT^Ga*!_2ZM6Dl(1fkYL5uWENLp~S3
zSGa_yvyrD;6arH6OB|i>nJIp+vPp`6_}J7B*L!DLXcT8Lz;n?VOOck@`g<mFZKYy9
zdrvC;q|rP-G^?OrPL1ugoDd&f>>+yL#MCHW?(;WMBzjR|>Iiq@fG0@}GJeqO9U}bQ
z$HwYUADj46BocmHW|48EMr_u&iNzCpQ0R1Gs{kft3H-Q1w>!|y0pQJ<nZMgCB(Ps;
zn*##?q(lDap#3NIR5!P9HnFyF`tvr$niOs21%=O|pp15KQGk{ml%9f0NU_kp&7T4)
zTy><cPcd))K?5$dIH@?=o6zTW2$P<f@3*ob)+-U9Kvuvkd%D=`=f%70<HgwV$~8Ve
zppGahJZhT?PX8s(Retsei|Ji+_S8Xb@-aivZf@WUOr}|9;hs89(Xei4QHsl#g<0Bx
z+VlI=J&!%Hi~=XE)&4va3@qseOnsBlDQ?zjg>r~2ej8hrj+g#&t>Uu^j#9%KtlIc<
ziH!S|;E{SAht1BO=}Wi%pE3pP)uuTlyfRY<rVFU=saKe;HQ&FkoYx*$+YSkT(?RBI
z3qDcKl?v*@?kBg_*DgG|U4hwRwbe=v(}j128De7&4d_0zWo=cyvSQ7pn@aRqiL^_<
z&c%osmC;3X*|^D~8x!BSi|1oXsijyU-_&=qgn2wjrSr3LSXddDa<o3tbje{Gw_8_5
zTJJ!d3!OKF3DdE4Y@qboUYIUe#<0zqE@dZ#@DTBs;ch+Yl3j3vaN?zWN*C4Y37g_D
z`2_$mF#3*W$Zv}qAKff9R>n>h%k>@Fsf#u3(Lxrg93cP=q|GvF(=1&k5ad%Tr-aA0
zIVKr0EY*=tM#3;Z(i<uP*<q<AUD<x*4y@K3ig-et<?f;xr|LUo){dbEdy9i5ZSP7(
zEae;O3FC#K^32{KKtrLi((EOK>OD|usNJL+p83VVhGKsNM{=5u9IjF~f8Av<`Mwz!
zQfN6ctZa7P&|D=t5WxYj1*T@l9Z5j`*nPtis)Q9v{a~VSHXwN2!sD2zlE~^j*Oa9O
zJvs|Nn${DPLe@icpP`0{a=I2n!y7f4P$$*RDO43Oo7v1OKp;s)O#34?H&HVteJH|i
zG_{A|9#HCv*l|t1coOtf&M~20*VqAEQ-uGloGh`WSI#mvfkna*oGFAe(@!vUMA8F@
zyhtlIiHw|@Msau3&DndMk~EqfWso{VjQdt4yWhUPZl7fuWUU;dPm?Nd4`*83q`UCr
zf~|+S-|WjTWx#i5bCiL&eWBpAS($2v4))MX%V9|>L!wGkMm)NT%!Fk7uBG5T47z<K
zBo#^j*ir%Vf@@A9tW4)Nq-kDAEh)}NwesXriNq6M)D@yv8Rs0O+oT4o#n`gAm7O$x
z7lS8d#V2;4nJmA*Z5YD;<d!W40RYJO{Fl)Gb58&9N-t<{?`Y?0Xf15_xdyrana3q6
zf3#lOB55Sj&>}#H#T!Y}l2C4FwW!r64jWk{`Gb`2LeoviH6pOJuhk6A-8S*}>Ce`!
zQZ_GP@-JihCA(j3Wg!S<a}CHGZ+gj3^UmC7J6*lM&0PBdwF5E->TN<50pmL`4^1@(
z#t}Df!yO<`iX`;qKs5eh3G7NgI&NaPGK>w|jN1ovMC3Z|prlAQgYaNoFg%^GIg4|y
zDcm5fIps>#%`}pr@ocraOs7_xS}#w>+^FsBv{Jpq8US_JYba&U)@rrJ+GtWO+f}7<
z<~Hs)h7-2m*!*&u-D*A2J!Nn8$}<0PD^sm7Z0)jO%#qh*-L!jYoj#o?_m$(NvOrzU
zd1T-045q^*DtvodH7BvvWPKx5mzl<<Z9m1lYzby$-NmYOk2AGPo!>HJOSkM<qRzOg
z)r!wma%3n;Rbv*{XT(|dM1+$Ic4SdkC<il-gW6!_F;!a+%|_E&xrX`Vny$06A!o%+
zw7}dKg+@V@({kAfXTjCS{+Myl(ZsGvY-+1uUY+HABsp*fGdYoR;91fkYY&m?cn|_*
zMBa37yJ;f4Me_Uoog#Sn${7S`6v|)+FM^Zgp3#DCSyn{^a}y@fP~{26arMwh#kY_?
zl9lRxSQOO<!cwB?DFP#y1vABAWik|+3XS2&z%Z&FflRJqBUCFDPgMPVYE*rv6LzZQ
zhQfU!x&%7Z9ikeckx(e$EEwJqn~a@RCfLW|iE9+$>k7EG=T}d#ktgivF+VIOrZt?D
zhITET&aAQ#qRvWe(=o2tn@uLz6qE1~AzmyW-RPZRpl)U<8{d<&6s&8rTGg4wL97t0
z_u1C7b`14UI6h>RIKVaJr)!^&L4;|PW9X`<rz0ZaWFxaP;NzhCg=}3XmyLYoKzYwD
zl;An)ldI|N+e>O2{p+)gL6>K)$9Zx-i6oIGkW4l%mw7G$D}4MK<(@v}9ta?B*U=uy
zGN>9tt(T;kzQhV(ki;`!kR)|@gy)!7K$wIWWG4F*B67sgP^We=kGe1EUnM{Iw)-In
zT>0304x)jKMm#_q0)95+lgwKWU<_?EpCr>kG7vn2bE#o|nVIXL2MQ~O+9lJ>G_BY}
z@9b3^{uNTDpjQ}0=n{TYr?83~tTbj;e2OW=q+CzA5Iu|Vc+JidEeZRjS)R~d<N+9p
zj@lhOfX?4n{43i$>VvNL1SnNC;iZ)D;!JQaW2insqI9Vqp%6%sJc19D>J6{RBV${5
zc(-^;j@3Rp%~MFZ-$8o(E1i=sZ=wuR^fK|j690;%l4yJ?=t6JsFE}bGgKu*t--w`r
z6n_Ad7~Q`zWClrQnCq(f27|!fe!mZ{NaGkGIF~(=Z(V*hOe#$fn-U)_l9Uzka}Nz~
zTfWDd%8tt}OF4<W-|i8bfzCeZ5`I7+vJ%y?n@33tM=Hy+-?l+?FJjcPQZfhx89oQ%
zRQS%{oRZZ{inWe(hbuMN=eoXawUMh}<yBc{GxHMja}@=#*oEQ;I_btEc2eDhM49~8
zFuvQ^$I*9zF<%jOUnGSh-^kEZ!nHEnXDDxi?Z@=dJ}zz4EtEz6SM<Nm)VRPk;8#Nf
z06cU2JN8k3a^N2V@gGb`Z((a};{L}R&64(+)4BxO$F%<3T&b9Q=s@l|yfTP{A<al-
zOCP9vW5rqpEg@?;ZozUTDf0NyhtG}`E)Ev}{uoS(qe9ir+w+e)_;vhmv^aMHK7H*Q
ziqlwSPzAMPw8zuj<6DP~?^$;Z+7{ocR;ZD)60v=RYBMBt1*uc`9@Y4=HUOV~JY3`z
zU*F7fm8mR-UuDKf9i=`)lf^R|2CgoaEudz+gkmdHiJ9`11kZ$9V83TCOY}zU)rNz2
z0s!WLfjJ368zCScs^ps)0Au%=_08W<I=6-sg0N=*zJ?D?*$Zy<LMUuUbE?E!0#H#O
zqziE-2+>$_pdKT6r+p=oMqA~936~e$Wk&W`gm9827m+Wn!)-Na03k^mj)G!<1=aBP
zTpk6=W*_*dV3~j}gF|+W(SXsE9{|7tWs{;`o{c4YjL45w284roNNufcN%B!}fyc!f
zq(fS5Y<@D@Kq8}RnspN-Nnt?)Pm_#zT!g6y?V4#nxFO9nbzCtrPcT<C4v(Sq%b!oB
zXr+S}SdsvR@o$T@e3e=aJ&31_!3A^7(C#Z8#K9km0sxwU33J~}yK|iij?U1rFy{H1
z?R^!)QW!UOY5uFrw?G%6ggw-(M2zn|scLU4SRhW(j^RltG_9EZm(Y6&Je{S;%j2a4
zcHEe~%AB2ToeS*xgW$*Wl@Pu+(TM;%h7izs{BW-`6A1-_X^GVrW7ndXXZ4#^?v=V9
zV`*APN_jBxCr9=oo`<dMnWt}E=iA|%+cCCbUtkCI0X72o+HnF<F2%5Aun17s!+&z~
z#NVo3KVylidb;JmLHr<o+q+Clct5igstsL1$70E~%GbPp)rt}cP<%Vj^;ITD@6OsL
zmsNrdm?#h2BDx$sp@z*;(1U;fLH=y-Z~71xGzNiZWpHGknCQDaq80NX_Kbn+$ceSR
zNOdZgk0C`Sz&=YvcWT*)ig+40<MxHtM1rn)oAoB}2Bx)trF`*RfrD>bSg#HOwRCUp
z*;%#ibP^&bzX;4%LbaOqv8Eheg-D|RC6)+Zn=FhFn>~`iB827+=Q}xlcI>?KYV#Qe
zHAbG~IgM?OgI|F&H3*+g8R`#0KxmwGMd!Awr_Exa_=YoPdIDZ}EIb(THHq8UyZ5=9
zufwOdH#-h~#XEAt@{HnRsvtESXAx$T0W}6_KVZ_hU@Pi`G!X9Hl`^q|<*WdI)X;U+
zW)bHq<y?xr@?h|3PWsFz7?r_*k(gsE9nJt5e-H{YL+ffzhQoS_x~ka-uaX}!E}-*Y
zS5=aKr+Nw*)q~BW%g0iYZ_Lh%G{Kxt2nz>x!s6_1n!jnX>R05_T-3!apS4|KpA|!D
z>aYSSkbeX<X2v7Z;A{p|jsRbS$;j{AEcve3C_EDg$t>k+S)vtQsb36Cww(;lHhND;
z91K2`1$X3~n1<P~E+!V}IUf%R?H#{`U*^Yl#pzV_-A|__IPT0iWy{3H6@hxf{$%l_
zV0GqZ#W57z*bhrD!MiF!cti-#hA5vy?iXc*ZI5>D_?;KGXq=NUR_lpJVfL%tF^r~C
z?m;L}KfBU`bNSv$dzH)pQRX#9LAB@*+4EvcxgWG2;OkFZ4FPvC11mZKr}*zjZRnc4
zrp4jKdkSu`q)ozd6FC0JwtQioG?xl@Ha#>{O-DHXtIZi-EZ~Mx5C<CsVHfnmLUVcM
zog?YT-@2I?&LdI0i53wbM1Q6=eCYjT_oMR$&FhgTj4&*Kg67pB_ARMtyehs#G<89l
zdH8;fzh?(5{++Cvh9r3D3&98_#=7GEnh+rl0R{87Qd;d;4b>%B%I^{LF=5(Wm<{KN
z#|?=MG?c5kQp2gdM)dg;TE}_`*o(zjyad-}Nsc>g-AMfJI@T6*9NSari8{k^gHmwp
z-+<!n&k_eaz&R_IM~M|PN?OAs3&a(~OMF5WrpXpKnoksQT+_wnVn{|23gXj&v{aLU
zWE0wb=37ZvF${R|MFu66gKO_1o>0OK?JJn17h^oU^6=T+FN;xag?jT@tMw4B%T$P8
z<bIaBhNm&c#Mv{t@~?lh!mMy|Fu%CJ09%{b%w$&CnJjapAThN)8fFZ(T8Jx9@^uV^
zCkrd_Xg*X=`4RpSLSf17DMr7`{L|Lxv9?iM>TF{EjAB`)Qj_R#P1ylcZM3lXz(E;k
zk*Rl#!d)>mJJLMXUrv-Jw)gXo9x6`?1Sh~YiWX(VBQ-(2kF9q=te*pnsRWEE4}Os5
zVnH7n$beP~x6B;?;yfN`M6|4g@mEF?Dx7?~z=-GrM#aO|qGKx(_u=U7)FwtVX}yv7
z9_#JlObbW1;a5>rTt(o=N#dV#eKJV36s$+hVvN^(iMd@w57;m;JU0=oX`qmxd=36I
z83+E?g$IR{AxhU_w%*&q#Avgr_I3bd90F^jKl=-Ata}6UF21(>_{m}105`J(q@BFD
zwgQMw3Z%!7RjRzCO`NP^Kj!QDgs0#d^%A$h56!Y26zQmubJV~!Jozd*7l1v%sS<Wo
za@_t%%I&PJT_ldBEO4h@U!1>*YorKy7T0QR6~~@*1bz)?M&TE(ngMnRc--!6tH-pm
zKY^u)W2-TKjG}9OlnqwlNnBBLHT}zt(XOm!Ym%GScBf4y%So__13{10=6j-lBmtL%
z?cl`3sl75w`Yf7WJ&?Vgf9wY7jbm?8ObdqF;ExG=5#l^eJPjLmVp^xA6Mv;w(g|j|
zE5?H!uy9nuFXFc#xnm0<qb;r0ptG&3!p#oU_B(2W(xJwr2+Wn@u2-6py?4ZfK^+NQ
zfN!mFB8j-|fH?RvRaUI`k3RR0E^W(9Pt~oDjz`=h_9q35^73Wi!-0H5iaU0z!=jO=
z!yxw2Z$NahS8BbZ#XI|6s8d(DKXlIu!MP{3MmGTvB2Sn1Yn#4PjIoDP<+p&|`&_M{
z->|AtvLfm4jIOZXTv}9p137c*4IZ@#-_#P>b|vJ~4@{epYv=;r@eQ&&!-X@z_pmxI
zl~`tw7zk9cEA7bT4}}Va>KU(sAH(A0%!vw>06B6@`~eLgVF4iI075<&nY&BNFjEE}
z9Y&-K*oY`I&p6ea$O_*mr-@qa&?uet5yBEIuCsMfYtdMifrzg8^!$scn}}q7bI0LO
zZob9l+Y?p^2QRu$w`F$y>mF!FK3*9azDi;PQB=@R`|;PLpKG!Mlie_=LnVCP{kS12
z0VjA3TWtgzNxR=R40aF{N`Y=OKwVXH7{6;+8vc6BN_1-27qGhNv}y0XSZfEiTwi?k
zOwN&IdB7B0?SXEPKe@!Dy8IQLacY8`a7dZ<z5&%%^yW{zAjC4yEdy=_fN>}nvU1VS
zp4WA6>jn067iQ2W`?i{-7h~--)<p{kZ8(xa;CvJ67LEaN5yl6tdQ|wdeUZI%GN8<@
z@#lo}+A=WA>*+ot2msHjIlH0`db|b6n<`SVv*$;xvay?Pg@IH*reDg{U`r#i5asb|
zrj2r|6rS~H%~x%gB}2L`x*E;pc;RdOh67|%$nDsexl#EK4(>OA4&Bo_SLTL8j4%}S
zc(V?wYt!9x59+uVY>tZ_QgZ}KMMr+cwXf$J6ldvxaoqP%DK`bdf>(=;<kiwy0mM<~
z(5Z+U?)m3hMyO~>Tb_cIe5_AKfb9h9;r<VtW2F;@l*-@tf{;%94=H1&o$kw6!W^kg
z@ut_}W}C`y#Qh%*Uj?g`ZPBaI^;ErOtMPUgs5<gelL)X0yiN#8AuP>QCEc*@L{B6x
z?IQa1w@9Q&gs_V}<&NZof60L1_dBt7qOmp}zN_blK<d3)SBCPhGH#*@01~8?jRe?$
z7!&%z8Ly{rozWMn@jM*t0J6%tR*z5i$0up>!l$#etrUoZ6z)pE%rL-53nVC*uxB|&
z)2=+PO`P^ud%hH4<zQlAQ=!0blk}7jvv*}=$L_e44qn4yj9i-jbYopbdwVF;?h~Rk
z^lH2F`|GBN4V_e-Hy{9j9}oZl_rEI$WDIT1Tnx=j{@4x4QRI~$U_jsvn-zEpMWcWY
zj35dI55^FXD4(SS0V(gou6~fRRF4hX)$a=)?1kSIC!~|qR#?-x@}6<K-fH6iw#^T)
z3t(xI?q3OBg;(uSKb`L!2z5yr6p`Z@6|gb;nAjH>Ck19vM>~~cJ`zmx!iC}>jWPKh
z@N^xH3?|mwhG;wGJD@5O(e;Rh2zhQW*b7^Nq2(+eyz~_`Y6(%|2+UWBb%BTQ%0}hK
zu6@OublayI)^Z}t@~z@=Bl%Va!9*TqDQ!bV>cp*4@Z5Hc0G?T?5(k-}`$6wmNq)4M
zkX|Ifj1FlQv8;*B<753$G4W7%S)0JXQtv8d<Z&`n*OSn!YqKv+43MN?VIOzX2Dc-Z
zs$JB=6Zz|s*U0O8`(simvurC^DK2fj1@c8JrTEU2Ni?EyRB{=Lxtl(~Kc&FIODR$v
z?XgQKr_o>)LNPN<Rb~*G_)oP)8-^UB_mK?c=o;A(99AdN`}gQU%M>sgXijLTpJb1)
z{~A<v$p8(;&o}zdNBG|js_;K7NJMR&9X<Zx)SwI}FROSXHL1+NqQJn?z{J$V)Tm+)
z3#Z7y#L&DeH9bR3M@c11H%8w`D?u~13-q_WH*ePt^uSMuZG!y=U-Vbq`QN=E(#pt!
z2=8POnvHZw1HygimdQNvpx*glijhK5mF4E~FZD9CK@--NZbGQwe(|b$JmIO}6HWZ%
zjb_L+dbvi8Eg4taxpm*p&aU*oeft2gM{mJ-wqFo~6UEltY;?dzW|N}OE?<49u{50T
z$Awmg(d;HY*k>6?^2B($YE`%{iR3+F3rdww#P&+C{;uI(Bk{c(c*%z3+^7jNq>HB<
zarUc<5<LSCwM&SKp4li(NLHX>K3$6Y()t?09M%rRs8V?t9{jQgNz68*=_DdXHfo7T
zGs+DIS~1^csHj7#oUzBAT#`77p}T6iY{e_c*RdbVjq`JO10%JuT0E#N%fO>|P{LH%
zhUO0dn*uXTGRfaJywkb>)q7q%zi7L6y3QM=A7ag`>$J(3^1oUsOHcIbO40eBGh|)^
z-hvj|viGYUMx4x}%<s<GD2GC*?ls;8GL*j2hipT!)3(EvG9K*G;DEoSyOf_@X|`YQ
z0v^-wINw0TVQ#;=jl+dH1ZcHXjhl|*&u|XRT1c9eyC6mwPNF|IJ4r0$g(yAE%C4AH
zpK;BTF1)in@*s{3by#Fd>(P5wBWpok_IPQR^-de+6v&6c?pJt^PXf-6=-XIbO2EPM
zIOTXWpv@0b<ZP<w^>N7V;G6~<JbkUe$6B@Ud~t}a1}32;5QR5Tuhj3Q(ocAn(Sq`L
zo=JqCpWu+clh}X;g#nB(p2gr*A;PUzy<<EL`OaSan2=#j|H5&9hH)GP;`H_M4ZX=f
z3WIe=5{sBJMW5tB8ux+oPOe?Ol0PA**bRT#VV6yl9PsQKz|5ZWwllD5%rgcE``l%-
z*8qt|)WY(k(HOVy^luh&2-*C^rJoSD0s9Y_RMy1F>61vE{$x@WtKWN1rKR;#)rZhW
zv71FrR7Ji-l7;`0pdu5MgkdyZi@of1ZOh20*{ws89W;OV?Ro>Z)Vpoi!8Zn{ljB^k
zt88w!kJq<b>|T~DGlUU$EKHeVd)kO|%tJ*9Bc>n_+hTj>5N$~ri#iJe#rte1WH2)6
z-15wG*)+<9TkDCvymW>M8PA^jHRPQdjtfx)ZIVSAw+>Hhf>e4M?C=>cRMY&bLEYBV
zm6de&FEyNpV=2z1Cerpkwwwo*!zBUWUBQ!EyS2?7Yxb{Hnx)O4b`)dQ`t~g?ZY=tY
zlr>aIgM19v8cJ+5s@nD`t6EFTmFE>9vUI2>S5xRx=V}W~xDz#*(o*(qQuTdH%JyG^
zp^*!kt<JtvPAQ0_c8CeP%c?Ol;D|aSFd^aHCPQ<caBPd?GGiqiODI?_yJ~fh(ty@@
z4!4ZrdU?uPkitBq`KaG=d7ZI!96Bd)ra?8LJnD2lDcE1b){(uznrgM`K2mi)lH}BA
zgxGFvH{;~pWf~?FqE;kjL~Zw%8uhniw<V%Bor<WVX*y@0ZX~ys!kz8-%r>uBolmMs
zZcgvRT`2{WJ%}#I<eg6O2^ZgZA&Rr)Jk^C|4Dn84jOMvSn@94w7ur$+!{3wdoJ*ax
zV-3x!>rUtS*v||L0pnINQJv52H3Dr#?g1l7g(9BvBO2t(Kju}VtUchEUzR3Gb_sgD
z9KuE0Fs;uDTM^m+BoeoBWd}GpgDG|ZMAzPh9L)a~OK(0gWb_T;BlPDC;D%tLL!eIo
z5n8c8#KX!xa)jGUJuXSyfJ~q+q?wc`11jV^`c!hHfu~&kyM3uMh;jyjdQrwaqRh4A
zYk<$0I1oN%=7jf1N1gcwAKJF~6b6hIQ?TJW_gIx+5jBH#^c(PB;otrghGF<wNLYTR
zfb_o$e^pz<-`U;7SoOCw5Ox3Ukl(`2_Rr%|MOkTJMg*UR9hVlZ4XW_=d?D>2Q64J2
z;_n6S6`pZco2APaiBo7Vbtou(LHxb=q|>(i2#Z<4F!!e0Uo#|sza{A63u#;l5mPxz
zyclbk7Tg5P86A8V%#mvxeEY)5xD%I{^bszDF?>nlad?5&M~1DA;%$Q;F@}^)#h{0?
zAMFF^x2q_PX*Z9LNGr?(2L_u?CSwkpmvtvkp)E<&&Uwh^1o2$tPAxDp6x-qwOu2lg
z3U>r^KLT4i;j4({AZj3DAJO|G9>eLxTk0RfcF-u?zQwu@L<c{u{3tJnQ((@EVq5QG
zcu|IP<1e-KHxwyo4i)R;MPmzo&{H#1`(k_Quud7py;BP7i_c)Xk=ljQ!3ri2d6)$s
zgfG!FsZX-B>BoCYX*3z1BoK88rep=T86Z~1{7NsPL84zaahB4+sN#YIW12E6#w&AN
zBWX_>)gbQI2sLChO!@Y=wVLEvx<%(RiuEA>PDkATh~$6Q5r2!O@}G_M@>)>_p!@<R
zhzYJ1ni01F2Ht`(5<!qDWP@cUm>WYTt!o*icXccQ`DCYEenTGyUzu&5C}M8=!nQh`
zW_VAwy&7NcAKR`0@CL^Aeesyx<Hg~cIAQh*e5YUwlFOR1Lvn_A2Fec;uEAjOB>7RY
zs%9`(twQ%w6eNzImh6Ml%jA8nIrRN-Yne$7C=A-QHe4Qc#qE!*Z5LB9m1xylF(Pxk
zcOy%c)f4D5gH3Xu`_*SKa+B!>&_n1Bj=&=7g1NH|i;tmu@UCs{Piwkx?YHP2%w5yi
z^1awIlxX#ts+ao9&n_Hq`_Sj_b6gSFDIJT^pKM4w(8YVWPIYr+_gXg;+h^R=fYirZ
ztF-9(JipeAqIM6wFswVF4#=G8lTEX95G7yGro7aQBmEq2XI%!Se@>|jb2z+B>)AGa
zwhN*)XJh3=_Gs#!;7t)N@rP7_ZjTKC5@XQnWktcn^WcSzf=0#FXqu;*8gC>OGQqVs
z`QfSAT!$)Mi#m*<_K}qalXRkX#WYh;^cKoM1N+N*d+FIt5AXEo7l3U?fao)*<3k?F
zSP4(9e}O<7NT}kXt)k9i=v+o&7)^epLnH|k8MDbunS5_+V#>2xrPfE_AY-EI5d>wI
zXYhj=vFpI-=^ZB$#U9&uJ2*Bw<rg<&`=~~SIglkL<TF4dvUy^XDS)Icz~%5VX3nnk
zj5-`*uVpF#SU{)0I|<cw>%QiCu8=ZXN3rw_321VPo}eyW!!Ws+l1t%YzMM!?8OJ#Y
zG%iqGL9s3wSc0;bF=^nj)QZgazfn@-t-8*{Cy48z{v89ce_eD6{)y_pcXFs{E8~cw
zynDJCrj8*5fFL0y<_k9IfHR7~k|ZDiozjV<`crR*u1(J}JXAaFA^phHptMuHy({Dc
zAQh{c%;Fz+_jHpau&!ii*Ip>=I@#=TlFK{$_VIKH4^X!U4I9KYy&D;ern6)(JEDzI
z+2;ad)m|VxAc4e=io2B1tATW2dD|N67O(ad6BZeZZ0R92*7IwXsWR91_$9`e4XNws
zP|cRNTr5XRcm09vP<V_=@DP+e)lm0JpHM=^izChfXbZw8k!GHmHw&xnlAO?HGwrMB
zBj^@7J0?%8g{b976Q~)SJRHp?4?>h&90J+BKnRTQVNjqu+IvrHpoos@AcR4Tbfk}A
zy3`OH4Kk&?JB;WZI!H|QA)5BYVWy@AFNFwTo3Y-AwbwLL)(NSLTDBW}Z^m70*jhi8
zhN)2AXoR|l?FUa<$*&>E@5Zi6RbDoA#@tpCV>4iV2yv0*5-(>H*=}_>qs@S^_!fV^
z`r%<Df$*#6a+G)04hmK9$WN#r6k!;dWki^fCVa#|f)Js_4?<Nm+wpqgcLC&62`%vx
z`6!nQCIJo|N`i+vh$D$@2qMy(&DLIP6IseU1f#B__ayqFt;CKa)q`hgoGDCB{mQOB
z79DNCa*1hhXhhP-C*7>~4yiENL*!tcv$Blk3W6v+z-Y&;t6+BoD{?$JRp$xz_nYdO
z(~J)$G>@?-^!MIY1UMEU$wz8*!hYSVqss<%$t$T_6E)~Cn*m=800X5m)S?iuQeoOP
z*a-F*qd&;)tGIW8oJL*4)M)drE1&01mQqwbn%zWe{pC^3h47M13qnVGq10fj`^x;)
zD6E0c+pTt)S-oSsU@|^_EHZ9->v^|%+u8V}6$S`%3@bc>JRQCgwGHGvQ`ySW|Jt^!
z@PI8nhI9X#SGxtcMCrnX!vnGY?CFK6rF2;mE?!_SyW%7fCu}z6(9U14-08J*iz>IR
zW+rYbRw{NnsGg|KL!xJc3Z-+5*{S?;zuse4<xMA{;O3rANKPAegC~D!rg};DAmtRA
zG!rPG558`2D#^Pr0TrtlzkdiYz}o1YF7`~aimqB;rW7{c%B{S>ccNL#hdI?%0P9sd
z5%p#(U-^>qV>f^KQFY3&vZf)?X>rX82&!d5Se_|+M;EtbeFwM|q&c#)LrRLc#PkHk
z%nggo!n*j{sDz8N;#WnLDgvi;oh<_MV>iX>jKBIBlq1-8bYSJJ%waVxA4&8~j5%rC
zTX2J{a2IO=J}>-=2ee9G(I0Hhn`DWwtk|>M?DoMDL4pHdmhAQq=<|spw7Skn;RmAg
zPEbq6`*?{Bbqd%oXf6$Piuf;JZw=QsNZocsRzJ)KJUr7IqtX(H*5%}JjpED=u(%dy
z*TlRY9Ec!~&aR!0q!6a8=a$Nu)1IonV7qkKES_++&DKYJIXZL5v@LXimc`~!d;=hN
za&Y|0nI(<DnKGq{$eDBL`RiU}W#Ecm(gUdogLvqRbB=N|NHL@;$RQt6!!_h2{AuJ{
zc*ClEoM1e$$qF)tIJ`_?kpN2|FA=K)P(guuQ7>{bU#AI`SZCtghY=(6TQDvPZRkow
zkKl}A<~PZiBTfcv;C2Bot{Uyr#$QmGAAcKAf^K0)3I_%NNCy9RY=!>i7Q(-DEvr$r
z`6NyR-%#$=0}Z5(uNfGLtb)8k1_#pKV}yvY!V%y|bOq7AnHREGWNqwStlU|>{Bw0`
zPl8n{uRzHacb|HP#w(Rr2&4wZc1dpL;bCH7Yopum^=ac8V0*|CkyHkC7u^Ba4*f<h
zA^jTF0r{HyS3U$d{`!D8oGoWL3ZwDo`tr6)$E^0+8YGW1$pj-KO*#c5T+7ol9A76U
z+h^ZMm!cup1s~Egf*(3axm4sIW~C$Tb;WpJN{bwdd`|?~94%Xn-sLd5OGicO%z7wE
zblRgA=RDy@qat2O67P#sO1u8lB^3doL_0OSJvZ}UWV_C4@-VzAc!27-f@G>k<}k{h
z>XBxUO&7O<e^0&%-(mR#TU271u&KaY*(y4#NvI6NKK_x6S=Y8;ibToJ%JhIvw55Ac
zVC_guEDE;D71UN$5`3HH{wrKW<o?~VyA?0IoqYKtILsooP*?zl9R{9DnrB)`jMT8b
zF_Vh8%Se_i(VbdH8Aa?=vxF$=sWdyrg!5eFlH?MCpOFVH<mYv%kR6XY!F>?yn$l)*
z=Br-^x@?*y#<Smv%`?YS-DG^05wVmD0a|g*b43u4GMi=SJ$Mlpf{X>crp*>a%4%~5
zN63Q8L{KZvWJkGC?&O@Nd7M|=Xqg%4R|&7=CrWTubm;brU1jt<!-N9I=o^|?ZaO~k
zoW1#PX_<SQQJ}ffCaWl!hQ(MVh6_dMkX3Snv@=6Usk+_)is;ns6ZR(`RzO0IA{Cgm
zTI@W>g4(|X7cZ3ne-ih|>vO3NCXC@YaKo6vok!JS(BW)h6~8B2i6+u#y@-jK9cYLz
zvamRpr(oJDf8Y(s9EB5@XQKjf12E<5r^PLSelSvjx#K`D8K?6&PvYEe#T)gBbkSrI
z3t4IRt@|QBu5)=>ii;nSj-cy}K)jJ(Bmp;ViJfC|J&9n>y<2S<e48(YH?zPUP2btW
zsky2J&>ON6!K5>4F5_8Ko=$mY(^q)&&9l7f_)e-rMp^X?dp8JfD|bQgNDC(Yg!^E3
zWw48x4UW7)VQpydboR^)!@C-)jkVn$0qNOh?+9LJomgSW<bf#4WR#Oj>fH<f(DssG
z>sy$W2YEz~2@z*31{o+WdD=whWq)x6RhwADxXyiwt>=0Jw%rVly`tSbR+J6O7Hfr>
z)B8g&JV}IpR=fBO!Xj^ESO2f=A*Fi?arK{XAD@rZ|1RtQ@B{uYD`U~PIjDXH7||Wj
zk3C=iQ}}QKK1w2{lcqu1F9B<*#d5D+3y@GD&Ftje?B{C3Q{Jtjg`31wwM&Scf%dCv
zr^dTS-fE9V`n}J;aI`itlM{y%-rm7L6<*>AQd1iJ_QP&i)V>auInI>VmTj1*U(T>1
zoeNKrgo+YMuVAGl&n3VdhrZY<Mfng)vBp0Wv-q8h25cwgrcipN>r>%z8iY?3N1i~>
z8RoRw2mSco_4v0Qb`}jc+)p9|0R4RQ{+GYYzxKsd`0a=KXIEU%zq#SgV<!wK{nnBE
z`3(~P%TM@c3tSTwL%R(&gtuvZ2V}Np(8G4zp9K&XAdR9U)+S@|ho<imlF38SXs`)V
zMldheyyKNo&Y=K7BVN~AUBsMSe!NufXgLX;IbM0Te4YgBO6rZglij*KnchFIu17E0
z#)1!H{9z{u6HClv2#hP_Pvr2hpsy$3Z%#(!{QzI21^|9;KAgPcOOC2Ji(BAuN&v^4
zia3M{k7!d<;eVHdm}O0dy@u-tuL@{0<1plem<>5<91`*uj!*(&wh3YpTlpE{29!j-
zJAA6-co-y=_NLgJs$HfoO$zh1O`|0(2I6{vKnb!o+`8}bZ8Z?x0((pQG`Jy$1~&}8
zkyiCO(_u^PjzSz19RC$Nu((?gyjBiBcJ<r(TU6h21${D0419|7qNp9CxsJVg@wK;%
z3%D4CXuP1&R?te`5-ex!Ly}cFuC}qxVaeP`n_MxW%T5agC74V}gGtbS5=Bi^`-2vB
ziGFsAQd^31>?AE_=_K?U4H$jeZR@&GMH<p3fE<4rmu*HUHE0M1c4%iKDc!?>+{t0g
zP@i<|ZgH33wR#qN`M1(|(yCWR3CenyR*Sos5Ec;nQTxlMo6$R$#tA^?d4lQ3_-cai
z$D5R)0{Dk(8>uFk#N_%ZHY1cTG<srP@k8+S0y^2dn5OQD2`uuxkg+P!rm@z-3rARK
zeSxAhJ1@pVcdHJyi6}s;U>4J<T@(_AUD9omVv2ks>*+&PD5|HS!%wi4Mlh%BIs&b5
zg`<)Q24PEOwR{?68$RQB%be9o6vY@i3e_|kA`e6%rKyU&Y<$6eWbXOERD!9=?ak6I
zH|?c#hYvunshrYAW?wP}JtC#?bxWU6pGTR#3&%H3vKpt5Vdu5G5)olaAfPWmM_I9c
z&44Iv|3O!zE(BqLK!_eo?#tYR&6Kf;$kgT6ALIjODCLWkw9iu^GUa7*a&5g5<#y%c
z(b;{tYZY8}V{rvLv7vO3gB$c?GmA=7#%c?<n;Ym?)>51MRu}WOOF?Ca+kWe9uT<6G
z=F8g-f6s3CCNqHTKu(`7)*HK#_*c}r*4a7+T+A}!BYGg>6IAZ1LuPwY_+RF5Zilp1
z<Z^-9dK8FIq}3V^%ljr7dV9))AMy@txEuE3J-~m>+k~l}Y8T)??x*^<^Y(9D$N$`N
z=c1x-x6gs#_gI!5Be$+i*?V<{C#PzWf}~sx3n|tA^BDuFtliAWnESFo`P<7hh}2RS
zo)A!+nXjLzwZ7g*_reWHjdE!g*v_y%aJ;S!))KEwkP9dN8={VW!-RYhB6S;5YGJU*
zQlnF1L&h3@wdbnmugmkc9m7)DolS`|Ap~7sQ)|*oIZh$4BLnK1O`P36wVX6rh?*26
z8R#Fajqpq$cKP4o>cwd_4A^><a4Y?xEDsIS&)OgkWX|)bsTn&0#yOR%pl<USUA`sd
z)bZT5NJ)c#^GwD;DT~~l5SSm8VqOBg?6&P|y3=0ps-O3$vh0TtbZNP&Kt8dlas56h
za1`V*g3#=C>hBy{KXBagKn<?_;#-um5jsl|xcz_^6dNdvE_}zxh?c#WNf;>fnY8RK
z!f=v1%EE6IqOn9X+D%^9BAm-VTZN@K7g@lx*%<i7*Oi0kwToIj$gEn<utZ}wL9xYj
zY$lU%zT%i|V8$uMA(;cbv{mG`Znn;2vE3~)9IE0L%~s(`KTIF&s+JhqUGzTMWw{%T
zgN6}hrMW3i3!>DIH{lZ<GlD1voD&3dE7CQ(K&B^%TX?{);S@gL^+d721$=ajdngK|
zGB@au27Zw#ZZgJ=dO)+Sr<=L~faV#7&@vSWCa36w2GYLsZtXR3CPq@+4zs2kPi8pL
zghQ+@{EE`#f^<}`by8KmD}hgJO*QWkOXEGZ;22$v0sIb(u0T^rLP&*Hqv#{|Y>--W
z<>b&sVVFS5II;^XZZap^AE#n&nJQw0DTG5?q|K*d5}wE`#a$WH1zLu1EBY%Zg-CjA
zm_~X6CylUka>D5>hr%5~kq*jolxHTDu*lU&l+E8jcRY?_(bAnAQKsNW=dPJRxJNPp
zS}eH_dk-Ua%*|fA@1T<pz}a_8dhx7*@&ubDEB?0&8+!hQjXQUT$-XoQ_`L%bj8ycN
zK5DNa0RHsCo9f-IY_M;yMXwljSt0Vur=B(Xa+1PCJ<8@B)2BlHSWUyUrNv8fKw}<L
zR<wFq6Hu*ctsoXLx92<_83;FrGPg(qHMcPtVD1$qcos`<s5;#?`f`;?y^xeVQ7-cX
z$|hw2caG@0`dbr8j*(wMlHz>Ew!}+sYMv#&HyCVczkM({<h_oJU%I&Dv%RV_zro>t
zGvfc-0Osj89GL(h0D!~)4~LqJ|MF0C0Gv;u=rDjLKM)Co5~`{^GLC4}XYIdEHPJuf
z|LIVZT?63;C8=i0`SGXsn~S{s$Mf576K&;34E|nZjue@r`#llh=`4yuYXU>XcB;V2
zV0c*RrlXa*h^S^5xhp}lO^@x~^u~u!T}N%ai5H`=qSB(9Heo`zcvY^%dg|IW3>@~a
zSb(&Ul#5IQQA+X>M>e68TC;~R!Y+hQ=Re=!;M=ls^Jqdmce&nMk)dkbqA_!Tf?5bk
z;a9xLBRMLlyXz@F)krAzMO$_}Q8cORcJ!Qf?7D6m6_4?+Rpr{Ddqb<YUK%@w;y}&N
z8sB`Y3(n9nC7&5id+VKq+&5FRxUNdq<-&?Xtp21}%k%HPzg9|Hk$Sq(@B@ni?JMvn
z(;~XoAl3^e^r5z72g)90t;iN5&*y&xNl09ys&@%4_}dtQHKEb<H!_5CM%iwE0hXtk
z{L<H}3_VjnTL1LHsf{s&+F8&0gI&0%>pKkbNlH$^vM@=gLtK>;GU9V4n$!_;m@axk
zA+TiH0}2D~%8{Z<c3#2l;>CpQ`CzKf+BMrb${JS%Gfa8Dph$^$3nv+tI!(i}oa*f=
z^GXJ`HsFBy*+uCc7@0ZLi2!Bb(S2u#xqaCg?jUI+Ttag+3a`Irg)d;0x9E3f3(CVY
zerY}l`hBLcFA?Za7=T8SMU0;1l3W^gW8y{Vl{@i#LZ(!jvG#k)=*LRYoC)q9Lo~Zo
zwP)8Py5y88`lJuHaL+&<Bb(Gqd82Z3ULZx-9E4Uw1VOmFFt&qw><-j=cFG1e-9cR#
zu|Xx}GGp}8%Z!JAzn`vSOa<E%5CFgx=s!UCKd>!h;pA*$Yx3u~aEW4<955pSP7-mz
z4Md$lKF}NhC>@0dWPw5s0Ajuyo!azXy?iTt!c3u1;V$qmiotDNg#Ed>i>qj}k*=Q`
zFB8=MywyvJeU7lytj(4hCgpe(HLr-mCRQ)0gdD8AW3vz`sV8eb>g!f>vf-K#vLuPx
zhN`jR#=BpRFk*$jym%A*$eE{8;*o9SQ{5C*E7=~SXc~v-C*+q@w!#xZqB<!_b<HcV
zbsihX6LzA;2?y^(E_nHRP&5Db=H0rScFKY{UD7{db9otWcpsOVI5&TvRaMUbVYIjJ
zouaR$#oq)uaPdfnRsDqtdyF}yZsV2n$+k9kn4=OV?86f{w4<(ot`iv3qmzExbJ~2{
zmn246OdqSnr#^u3Swt($mu1G8cL<A6E<+J-#{<l(&<F+@r3$noKr(Wn1i(cG5RjNh
zIGs)Wi?O55>V8|Ftzo?$UMiR<YuM9%wjNs4Vqd+AGaLWk!dPJtCpq^S#{SPbMCsoR
zqxGLnKA)83@fk=PVLKZeLtEp&_Wsl;$;K@(Ao$2N$+iX41>ZGHtlTw}i&7;B;3yy>
zQQ1dEiYQ*&TAFOhUQoFrys1xsB7hHO;D@9)3#yc$BXCZx&e(0c=ia}Kq}2i7?b#y3
z)w-|R?E|Ru>QLYR0JCMWPbzp<p|Z$hT;$qf4C0<u?yE<aBn=g1LwwTalZ1pM!o7E%
zbke+{o^2VKXMiEjA>WfJN3M{e8Su~|X@-)`p6FmDqI0xB|JG_auBvn+l5XG3pk@r5
zW1=Hl1a-Bbi)4tI>)h!_{<U;Bp+DZtd4#QE@)viHHFm5uovKhU8ls*Av;33MkX5X6
z!pMFK4LJ9zXA^h{+`xO5kY+|i152W{du?*-rc{lL#exGPt5yj8j&=b|fDb<G1ryJE
znIaF)b9=}J%*WCfe6Mz4vh*WEdcB<auDaDQ)EqENyJ=)eVLN5{7Cy>jn62r|uApS>
zh3oe{K~3RYe4B%JF+F)xqE;WQl@k8eSDpHKo=DmCkYvoGoR_>_zS;gh%*Y?4?jU)E
z--vc;w36K{#+_7eyQLaYIr0>tH{({Hz)q48T1)2(-0=ie7pkz91E0^ty0*2tw3cG`
z`cswcnjZF2mB24ezJ^PqUNhYw{}n*Sl7#q=p8!Gv`FF-){|A8na23$7vHl<6u|sD3
z1kXGPEMZAObMlNrW+Fj|Y6wR@0f|aaFq>$h>f*WSxoytXdctK*rk^UEKL^3|E5+c2
zDWYN~bU1G`@67d-d+y`NOx+Fu&u|cwW4mJi6qN0rE2LZE4_nL_rmK{OJ_T>G;`$lP
zyPD4guP=h*97v=l*@-CvTzT0hASu40+JSz_MU%`80QI7Q8Q@kw>&0~RAS%8MVTL;J
zca6Pm!O$Fd(}3oF&*3T{4_bw8ci1*BksAS5JT+BFyF#>|xM^N`?<!PAl~OTWi8}SA
zRxvrv@wAXOo3SJWCRz-?QA$@ljUoSP0+iV2C1h3NRRNm9i)xkk4Q(vH3f=aZqGF={
zoiJ5R<STtNfwZ1PMYUN-B3Z))2Oo<RSKTyCT4=8=YE(G`&r{i)RJ;BVStg9#N7|06
zP9NG7Rxx-^6NRxxRz21W4^bG69S-Fd$7#m{%h}WTg-R{MgVB&eMUwmAtgWm^53=X5
z^9Fjh1j_@`l*cCj=u2PxOKX%3$|<{C4`}_MP-Gf~ler1x^9}Q=`1+wjiH1xctWK#$
z4uZk}QcV=gwIkW~xYY9Z4*Jm*=)C$H+zuz9Rh1O7A+B1}Ou1zSefr#)W-IxY3A4-5
zYR>uj>SktjPn+0g9_p=J;weMc7_0W&+vNcLzd}s&7)EID6Jlw=|H0PNe?v^_H*NGk
z;q{wA#W{xqmJAe`cd{LnD5H`U;UFL=VL>V$Rh0zFQICWARq3?tp)T=V-FS%#@9*g1
zU?d9G5%|T>bkA}<HJS9yhyMd;7Za~#cQ-Vw1<iIpHEhGAXJK%Q?23^^Pm1)CI#i4O
zg1LR;S%IN?SSjMohy~%vi*FPH(kSPqdd5j}8TE9X*aE}#OHSFGLiv{p8KNQwwc>|J
znZ$_(Rw7DA3v&JmiUTTIcPg1?@<wYUb(1((i4YU_IoJ<5d$~U15Fft6Ev{mwL;PRP
zI?e`86-t)o$^)@12hsATJ~hC)hY_nO3)Fra=AUA<x|=#Vg?KJaY<{gSWj<BAB8Ae1
zlL{_IZ7wTLjY8O9MjV+MX6EAz1pd*7r<ZGB`r~GCgbI&oF^p8g!!DION_u2I{x(MD
z{J>}u!S$qiW4fKO`zB6U8V<9wq52X1&XoZr;&P8t=NWcl29z4NaJ7)CaFSvr&l~JT
z1Rflnf~|Cy%RBPD8W4T1^s5lLZslkk^_c5!b^%&@S-D?`lMqCf@>;$-rr^+8HP~|C
z@K}Gly{%3S)`-0c<dSx=EnNZEsmy_@PStZQ@ZZ-nbTtds)laOP1OErTCV!`+{~H%s
zV+lzK|DxDwh8-tL`IC#J=r)MvsNBq~Y;tTbMt`au>Zd>xz=bpOLos&gia>Az^oQL}
zE_`Lj|G8q9#|P{lEr&~5?a{6{BD;BK&)s#sXx|p<1+!$PB>9+Ku=xWVCI#1r1Vc@z
zV$hch56WpY43e-$L7WHEp17$Ufci>9E7Z4K7AHEGD`8xWDV@YZM$dqln0z{tf^}Zj
zFIcc&HTzCuHQ%n8FDF!Vvxv-S4<pz0?VED8;*Er1UR*^7TSfFQ%9(Re@M#HDWuYV_
zJt=O<Uk^NXDgM^qc`c&Zyq;cv0Ow>%d`(<SPV=+5S0o#+|4F7Q7ds@NB{|_<knFlC
zS!3N=eef`9iF(oFBBTlA1-n>3d2^U|d}seHz{Q&3;yq24y*^OZ^Mylv><nGbtLIul
z%QN1x@P{Oq;Y}Aa^_FCN3-3ppCNmsuXA{LE`JE>RQo^|*HtKWUnkLXhsz|Gxq5%8E
zY#4s;c7k$0XyX!&j(Cvu0naCLioG&IJ5}QGQ4*)r&WOir#=U5K1ka)o*ox)}yCT*4
z)~KLTwU?SY9N%R+92H~Vhkz>C<+rpXY(6BHE<qQOY7c)>)uMW=1YG|WKmqjJz{8&a
zO8f+n<o||j-2cT=_B+?Ke{#)w=AB}X1!ZJHWC#K{N^r0chl*N)IjX}}JGGm#8T(zW
z;!EB5pM?-cnV1G4Is)IMd+u>}hR4rGeEl9E_rMn$j`m~2qL}mcy*<+myB7Pd5N?>M
z6D7%)z=Ap0Fc@2Xe5lYA4XOrp88IUM-J<Atf@R2=P@Xgs-GEx&#85+obDo%CAzWz_
zBuv>RqLQ{zl8$UG;zXjfpAYJoCORdc@*xqfLy~Cfs&Q(+an154*VO%10^#M&TAmj(
z9bZ3LYc<>b#x<u31Jo9!nEbrgR@di5@`F~I+f8cvr;3thtM1wq)Z|7KF~vptR3)@+
zO4Q1kjw(1<HHCc<sN)E$_jCPB0}Fngy#u=VkM(1-AMmly8hvO!#f*l@uHe^3cP73E
z8dyx-85TY|GMN3gQ?0(kF=ruuI+~87lb531-xAo18YHaY<M!t9HTdW>EZ~ROR1r<Y
zJkIvW>){{vcY%hEVK#&1=lJb<MV%?=7X+(Np9D$QAhT!8L9WDUe1e?BAgU^?m34#_
z99$~{V)8xM*y*ZctW*v#=xFmj?-z4GRlv`i+%eTFd#ZZn{|Xjbqa?_UPq6d>{|85*
ze`gzI^Unq9Ut=b#-2q7ks#IXY>=%U;!Vtml>(d<}VO5Gm%FD2BwrtM-VeOovb8Wgc
zovhflZQHhO+qPD0+qP}Kv7M~gwzZP}cJKZV{vO?Zuy>E~j5>IZ>R{fpW>wwus_pUa
zy77K$3_)B(3x8DOD@>%&|G7S~_}|XVHuwL$J)jMcY}pqD$zkZo=?<A;Xgv6~#@V>(
zT2%0*N^e-euE=`~>|I@m3^w3Plf5)eD3(C@W+;v!xD6)*E12o0%Z<gA7(t5Ujt**8
zkW|W&23sYKxI)XOOjfcHPbynk^iLA*Q_p(R%HDCWe0Z)BM3O>HnaA5B!%W?kEdAyA
z0|u6k`tlZH-yuY8;y)c-D70IqJOXNov=_>{6f$?xVQyeyMXEpHTRVgH+Ld3;XxlrJ
zl8VBVAf5y^_n)iO1Rb_nxOny6u@6m3q4}H$9$eViPfJ8}TR2X~#NEly`=t?HJ0`Z%
zz4cg(WjR-kA0fGE1lqL+w;cxQgM(M8BK8MotLSC1?d1G5?Rs~%qlx#nfbBS!>BkH8
z)$Q!JBQ5bJK!o!Na1sxa_9@XQr6!oEq~HAsbp?V)%_-KX&f31O^mGE0BOdJ>tj?#B
zbeoby*Z+W}w)-B@>QIrR7*1E=N|_gG;OssbsMhb^#Co$c)M3pPx4#8l)h+AS5TrdQ
zjx={D9N7)|1^VxSlqJx%><tM7RDcKsB=q03<^ShiTK(MvWex3nbaUL8QT(bysw@TB
z1gDHhN+qp?sSOBe3fvSuylhs|yKM}AhO!x`OiCuLO{zV_+)5TFtIoBsRw}rl@RH%Z
z@GrxI$9$f@11oz|jk7oW*qB51=gr?6kM#0@@6+P`U!Ir&QbPkUQnmn%O)g)$NElD0
z5gDkS98ns5rTb@6Wan>jWT_tFaEHnL6;gdbyQ(iwq?#vD;O+Q(H<Yi!Z2c6E1F55G
zRW~I^{Upz>#(f#<bJ|u9UA#ehwa3u~1XK@A=_zst=_!HqAi=~wA6okHmx&dVvb$2<
zPI~q0<~_<6YhXUvy~~&I2!oog(mWI8SCB<2$l6rOWZN&gL(U<b2Dx2~zMzx&L!+_z
z7OzoOTqMk~c(`k|hI7p`P<5%C245P7X#X)M5S9kra1C~ep;K6w`*}=vJc<@OecMe7
zF7>;RAh&I`+_rOB?9PGaoQd8|1xiaS$7tcfDxxVQfDsi#k5V!^YDw5ukX1e-pUll6
zAkA>HXksi}*I_XOeKzL!4Qz^XbDva0e1**bRd^2C9HUMANbe79*`oa346<7EmL$p)
zA(dp=9GWQCODzR6>!JMnehlN+0PW@w3;4{y)@_))({JHG4D@kw2YW5)MWiJb8Dhj8
z<hG5{bEWi_2VoNVi%Jc0^h2Z0QQ#@`hr66#f8$J7TPSqvNuzq2AoGoBTmrQ+CbEtr
z_)q9vQV}r^l{BoC9RpsKeKymzjn(PL2_h*s7d8E<Lg`S_T3%?tY-k0D1Lhw>Os&`-
zeB64I%FmT53Yzt^-q+~_s*;H-HVihm=Z$f|h*xsAryy(mr)WRZ_S?yYh;MbAv$EZO
zJ?hd$BhV_`1yU(xaP4^mR%jJK?a`oXBTt2wUM`XSNd@HMi6yePzn&JCqXiyR3RUBz
z=c{N2VL_a<M(WXAN4V0QW?3mmB*H|QScjAsDBngyj!_@?OALZHIh>6;ub_4X8h%R7
zxkRs)>@TsF;4@+Mg8xjveHSJMmNNq&#+uI;L`Z@=?-Td$BQ{c(3JEk()QOZ!4H;>I
zsM;%<rS1GCpPqXV<8G2#lic)CKc9Rt&n!Y`Wl$YMC@+=|FH=~bq4XzNI41Dw<<+u*
zf@c_8v)ar)7UKRIEzPTHK1p?6k%)%{kKCSy(ss1<7;ebyO@%Z~3ko>mY0=s&m5VO{
zI;Y1S?R$RS25r4PS^36WX0?*zutJmrH5C<!5jW4~nrmi+746czw0N6zZo13c9z$&D
zxj3Gni?n@g(x9(WfY<IYf5CxZF28~D4G}Ni;pCVW?)0vsU2*5&n{PSu;QL=KY<It&
z6{*6TKMw^#>CK0c`Q~;OB>TSBP)eH^?4c;?Fv4thfLOlK$y;|sS!DQQ`-d+<voB-p
zea|;V4^=-?GILZ1IPdGh^^XytUVR=7<><Sb0JUAtp0%-&xEg_}44H_}x7|4JpPBD?
zTr(ne*^+cEmkkbQgn4ltDJ68&GhKL4>A;DMTfYhJycIv~iNrKcU}D!555cq9dHb+#
z35top7h{V%iVp7hK-Pyb>|?>r4XQY)0P^pUSh$FVM(E)9ziSLHf09k1;den|YM*a?
zEc_bMMzf#GwEeYDpqrN-K22_*_#KPq7N%P)S*FbPQPHm6cI#Ikatvqd6J|DDK-%{<
zo_hsQ{(@_YMS=lV*!zd7{6M*Xarng{RGMsDb&|cn{<>GtR&LtAg>L&pN?^kf5vnW`
zF$Y>S{GG&^io=(7Gk2rh;9vM9@<M%xx&qnUBGVQpehS^j#;EOr92%0hPxQ^s@@A3*
zY0Bo}pVG}fn}6Dq!~%mzw?3l>F86h4H3vt@*UPcsiZ`?7IUmA@%QHXSNL_Pp%HVNX
zjnRM*53+Cp<(nv-f7BJ~a#_^rKl}M!Pu+MOV$0M+Pxli&r0i8!9+bva(-XSdsJaPP
z5zrkvjJe-3hp;WIT&HgONj-nk5VSN2&3#gOMOTB}9XPvu0j;c>C|$d+IH+A2c%p8C
z!j2;2ax{jX1%6*O+?CbAj-r7vXiJu(Um~?MIL?v#pd+P^4FTC4okuWCWKA+XE+d6G
zA9=D8u8RB3!S1YjuNr$R_2-u{21SLO^NN`7rSc`sI%D|kcsVrt&Oq5aky&0ktL=ce
zaFwu}5)$L|5(zJ#G)J7od<&$w2I>MeESg-os`RSMblp%ZDC4ZwFU>WV<a)K+G07M8
zyGj~GsJ%Wf|B5VGabXkDA6L1MwUILI^IN5dLQ!!x)@^YLKYT@}n9=nyV~5=%S`cem
z%q7dKZ?2X$-O^5oCO@j)Acf?>zU4G%eita~DYO<=1HF*OyfUCcryz2QiDB5xMhp;<
zmFNU-W67k>Ls;1*VMBWoF~|1C%)30*H09zwQ2Ej2s~}{gth0B-8IH#13**^#u~Q+q
z^GMD$v>aj?x!9Wk_r9C&PViToDMg~SauYrAnrgL+Dvc-K*rHYNsH`ItL>g|qF`rP?
zVccjG*)nNkrok$<zr+gq!aVx=F`hg>{kWyDXv1O5Y9isLS#+3w?80;9jY!E(`YYUb
z+9Krd1)~KFPH9yA&94OO?ohQe8a_X9c3P`{g8@AJ;$w0Ab<}5lLGV_E3{6eF{B}D9
z@fha-ou^y7nn9k#mAtBx5&c#aF>*{F9u(^!3%Qgl<0?5Njj~BOAJvt#sB-``3Sx?4
zMu;3`q8<UfE`b^T{Y)&LC%d^{aY&D%8J|W%4f3K7gmvru4$0mWTWA|o*qXEovUKZw
zl2f4^K?h8XJO8~9?BO6~UCcJbnas7MUA5t9Ys3XlTD?o1Xkbdc;P?;AFN@6TnT*&X
zcYK4$lT$1;FR8)Pw+!Bpm!JQQ295nd3J>!izLbA{iT(F3!ep)NZT?l<=xCs5pnk_e
z$wDHrO4mktYuAFN#ypv){uUR-flEPdP_wyabdimdoh@+*T+E-BAm~yz@I4dBuhkpb
zs5?eDbFl92I!!_h3`H2yK5aVP-0jPQ3;20Gl>s6UG;>15XzmD!bfhw4#JW+z(w*It
z_N0A1q%LFAog&5|ZqAt4^X}Lk-&=C54{6B8+Jb(y7BFYZ9n|%Frwx9G<-Y~|vc^Vd
zqh)$ZD@poB6{%wM&L-l!)(kRgpia$z$(kC{V@<P5I;xJdT5pHb2zwRHc)?jTq13=@
zuM<GF7Ned^@t%Uea9!kEN~POHG2fF8==EE%S<ts{)wNh@m{^<y)vAH%H|D<RY8lB{
zAbki9UAQ1IS(&#JS$WR7l~$wJ+sSgsplKGTxhIl|lBvVHgq=UmdeUxd+#y43G&`pR
zuchLhtB^pt9@x1B?K{PpETRFaW_;2DMXW>d#HJJy5$z!CgDat_@!DrEJr(O2o7faL
z^om>L0e0}GII*39(p3q$XTsgc3pPH31MG(izBf_X%P1)Onw8@2Lh8K=$D_co?7j<=
z^+=$EMrm&g9gC`Fp_T80(Fk+MHlJ&L1l>{UFJYjczb5?st-I(U+y%u<x^$W|Usnz5
zGl7D_1$&qg#^C&h?BU!I?UTaSM5`U9W?ShEU+xsOFDVwQlt6BlJ0|q#z6>jnZnvrR
z*fHoZIs<^Kmij9x4!7&ndF!ZABi%SERebC@bRdOtKZISH(KH~|sDGq<k5hM8Qy2fx
z8pevV1&0d7X9ab`AsXIy4TYBB1J98=(DwG=Jw>S1ZQH|hW(;qz-xpTz;`!U5!coWP
z#G24frh^Mpv&?*-Y|%~Cj~X=tmVyVqU36J>OR|U|?FoK)s1g_Sh9&1DuZ9MIFdnI=
zhF?@yILJ6Em)+xl<sS?qM&B#0aDenIJ2tZ@BJrLAvFSu1QBf*kiA?(-Kjq=2vM6$f
zTADyDoPYHkk{^Y9x&?Ism#+eI7uHDq)`V!i)D)JAYs-p7-@o5L_?m1Xh(~Sfx2pJ*
zmyPQC<+i(u%p}_rD3ulSbTnb-z2_h(!XTHtBinpjFVXx$5AZ+8jh8_)Iq$u3K<FJv
zZ_`Kd=e*ZPnqPiCdL<?<ykC|PBZRjO8G7+*^ZQMHEnNc$owUzq>06rJ8Kf8BxfW#b
zQQ_UTAI$6ku~O|tmPplSb%O7qE-b{7KXtE9O}4*iV^YQJZC}d3m##`^5q#*e0-~dx
z;j55iP(8u0K|QcX!8+s=4zLB}>o+)NEO_VGb6>~2<gv^R`j-Omb0h@^q#U(fn1F8g
z^ft~@4^@kFrBWci2lC)b{Dl#GvJ?c!q^OOt3h-F5J{g1jW853zNNsP$G*=admhd+2
zL)4=!ee&$@t!ttsE<M>6l?Y^(Ro-`Ms}A+5D&wpRYbWbaxaFF5AGO(-^SlE2!zT7A
z_5z4}PPsnj><QC%Wv1@H!5@NM*9ZDAdw$sVd^z3*U~sqKc$eY)FOQcS=>|kvaA5)+
zC<dCdz4}Gp!T5_d$1sP%a0kS4#z3W?e87@B;-^@#>kA^8{Rdd_53&7+Vf_KIltLB<
zq@+;N`&cVCu%(uW{d=^tN=f)C7%>Y}Xljm#=K)UoB8j;?uL#gaA8yQ;>BSi-B!6MU
z+gA_OHTV|sTn>>g{5}wvM*T3sP}t#$e`C^bfw0_9{QP^i6=sCn;`s#x6!=fZRr+t*
z4iwGoO|9%L{ulb0>0iupJsT7u)UaJCWA<(P4OVrVztYPUQr6v4)fgMd^Hqql!H86z
zWJ@y*xm|zsUW(@fN(*W!-#~hh2m49#q}q&C9F`ldrZY1=@?6YkjrzXc-mnI+Z{&p}
zq{dh$xgR>p_PgR>C%Lv1{m8<ztNKg#+rp?t*f&y*N(&2T69VYB`dqK`&?E(n88_-^
zg5<)(3n8)c+<FGsUqe2%y9&wVb|dYYrX48}LeU_YxjFH(NG3&g5qkV?ROK7iCho&r
z&6bVN)G5Ym?O06Nd;1JCt|c{G4+rBQ_3!Y)&7<(<4rbXAO0X%CvD|=Rb&_F<7E2DT
z+9JAq1>sMsTW9fiPs;#$n^$7MP*RK{L1WBMc>auw=X?zCwD+o26|;G+4Mjk%B@}hX
zo<zWHqAi!taJ2hzz#w2CE}HBOzmkoNwl<43x&4q3-Ao8YT6=5MP3)r~%s}8+u{5U!
zsL`pWP<kN3d;-KSNtLWLO)M2?5yPyyu1q)qev{(@BVtxE8fuZ}TTP;v>RGYifa*x}
zyL@Z1DZhMG*r}DJsd5j}_p;c|aU40OnjeW6N|9blAR1KF*2L7Z0C+J)rNkBCD1O0u
zhF*wj0;1<MajI#RY%;hzw9^Vc0cE9rAXqxF;tK#6EqTq#KIZt!ZlIsw#|-BAW`b!9
zD^%qELH%Dl<?7Z&3R8XjeOV?SNIIiLwP_`nh)Soc*WHFv(CpFD!VBg)#r(q8Cu;Kv
z>P20Aw&?^FKTpK}{lJ6nCf=}}1PF*;@4s;1@$ZrPpOHD^4dto2^8Ci-!R(bhAtOnS
z2zl86DuO;lZYW4p14RlvAuc##^dJdN&f;V)EGTNT{aS17RJo#FDTAh%Y^kcN-L7rZ
z8r@pgTC3AKRj<vF^~3er>(zV|iX6H78qRRL<8iv<GS|2DnfG%GhzB09y^m*Ayp#BP
zV-m3USUiLWd*!~T@GKAVaPnyndgZ(;mzM<icrE(LV+MY9wC_Uw@%(LYt8oYH?==tA
z-7p1p*{Cy!|6Q6*!C$fmkjE_Te|k7X+BsJOBai_EzjdJG4^Vi$sGPsCd~pfnso!By
z$c|dPA9LmX?EwiGbkR4IWZ=9@m-j^qI37s%oHKZwn)>n#CFplLaJct?{?;GV$YsR&
zDcG}-|03zD+rxqGI}dq(OG7!?-~93nCkSvp=>B?R`3~iHuSVGgyuRN93-HSV;_n=+
zmOnEL1e^|b?+IeYRG`0?pwQkJ{J#j|uS{IOYxm0KD@J{C->~>E2Ywtsxsu<(k{`%a
zUeH*sY|4HTKz^zX3I5XlX2&=~9HO!%9-+D-PW6F)#f_3Y#3(0T%x%Ex#uF}8H@zcC
zCIEP9r-_)-3>_nK$*)s~p;Q@%h#WmkNp8r+I7je?W6r3IA+8$J8qtk%jd(H%A=%qg
za2Kk`8q1Q?7(=(eM`ct+nB+K;yYq+zW~9+WI}z{=oBAK|h$7vKq0$tEl+cvX6s7E1
zAT}D8iA*~Wg&Mb^%wo8B9%<gp9FOsaXWWK34O4h?#igg*hk(g{Nz$qg-`4~vaP50L
z1*y;?M`NWrMNw)DBU5bArZJz4!&G>bX_iGC%Xi4tI7X!w2_vP-cj(n94pUQHk+oQD
zSc`vBiK%k!+Zz)k#584ocZ;=(EI05<iswhN^%xQ`Xvzc~Kqa3;tkcLJHM+$p(7j&d
z6y+_44zCtOh*R)R5^E{cS~^F-!8a}t$va0R;~k)eua`uqAT>>GZi)<EYrB|KGZel1
z?L!7>V?kOLmijAj)`TL7*R1@S=@X2`wR{!TPKO{a%!Sk%^{lNY+lzD!VGW5nOW-)N
ziKiSA8Hg$DQuii25`UEmGq2WeMmBO?QJ-^Hu#y-)Wq5|r(YBPcLTlBw1P(Isv)k@E
zK3-{tlvT5laN)$9x2UU+4PjN-q|IX4G8tG?s<;c$$qdWk>~JHJt6m{y<)VXsHu;#-
ztU!3@3jw_r?4acgRPUUoE2_?v!msb&GWJawi_$0fIcnZu!nCH^t^#X&|7BEP-?F_c
zL<^Z7M#f|`vx)Q|<}Pj^<A(ig$M;ROT9e9Y(KZGX#y%Il*)xf;UdF~!?b>FGb=F=i
z!XU&!s{ZF%3Oi*u)xqfTOy2n?@ftmg&TNT$xv8;*C^Dp0j3iq}mGRng4<#q1bkKb9
z&}f*owyfB$8NKS!_GKxen)>Yd4TqPApdTj~{ukaoXwNd=HzmhxMXYDfW)<HxGV6%t
zVx1daU_`x~&0VM;t2#a;C`n!f116+|oUcUX7%pus6!<SZ|FG0kD|`HL5mt0xoK>dU
zKurv*XC!m>_;$R)o6Yr5T;NDAAc+m-`P~KFRCd?`J5fuTKgc$s{eKY?R105p)>Dz0
zLZJSJ_O+-z+Up>}uAC+1r&KW8@DV9wqb~?Ub+JS(n*fos<L0_+9?ni0*;v#{>Yc&7
z5mU_D03#g0JHK;d_zf;jvQ2q-wz`WaVVxH<qMiy+M?x!*jw8w5w;|89nrF2H2LH4F
zxUr4LK2?ui*;TeI2+=^whGH@B^wRM$EhkNI%yuYDR@b&Jl&qZTLyvuoaQdhxw_nlb
zys}zIo5;5^7FxVz8{B|*u<7h4ldP|`yXVcde(2&yys>mZ2qV^heE7{VE*zboQN{8b
z7nfv3XmcXxlTF!s^{;7drs*EyJaOssWfeG~rOQ|voi?P9t!|LvE7%5)WpJd_`lYGb
zL%cV)FwJ#VpPcytJ!s@#xtw1kwaWiYaz+;&a)>YfK~Kz9$T3TGanjX+v0-Fw5h;ml
zC04x&JEct(s|Wk2sluBM4xD%+E`sefBtFAzvkVF6#80GV-SLSIQJ#|<6^U2GUiU8w
zj*o<<^vO|SatxV6_~%d~FNgJEiKaSmXw1j7(8oBbgHy_+ko^*tJ)HYnwhiAVM83xp
zjCosJf&mg;lx68;4(!epuvnAd;lctJU13K7;>zmY{bv?mSahag)-`m#K{b@PIw;St
z872x*F{Yt|V$s4uZo0S8Nf*tioa-Ym*Xu%8`WNM!*W|x#$p9_B5OCp}`NL;rTFr91
zl^!JZb&R+aojk$ElfAgbvq@(tiqVf^Hv^F%&_-K`)C!s~Xl-py?H0-)<!Gc7No}<(
z66i9!mIox0nBgkshHYY;e8R>pbXzzN+a+l!db>gMAu`!&ESwj!;X?SuXyximA`^0u
z;<sL32(IPdV+I7~<$QUJdZX|1l<P=s!hgh5ko;yAxFEHlR`REj%Shq0)Q_XqtIF4p
zSIyoSKPr=qBU&`2X(!y!HNBT*NB>~hzxudeJm#<}5<FZoU_CXdhUtTga)||6X<cr9
z@s2i5CUC8!tBJR#c$U7)Xq-EQT(eJ({1rl|?6Z@|&Oev`RUCnwg`5_*cpkgS%%d)m
zG2-i<f<8go8zDgEWm{pQ8@5ks9UC&me8%cXEH1qCD@TCt!~8|d3~29Hn6ij+CNb3b
z;fl8J2{nlbq4INJg&NIzIb?vVoN7Sjo87BT;o?8J(dC?aNQa_WJGup2>oRvn+t4DV
zB`0B3Jca!3H|zN28ZVK`X3-EPK1Bg1+><ZQgCysiB!bn#Z~`k?I&M&@M1vQ1B!Nv>
zNdaR#oRkR_*K8EE*p*@JfHXr5(o`f~(Fg&xw9@d71o;DB+?dIMuE`Gzo<<NT>}?Pc
z3qm^JxG=$@{C<<Y`rhF>qOO&|dv`;<7=kl8!FDkWH9ByvS34|YC(vWktR4?fUt+06
z(acarF&<bqIkY{+-t4ry%3TgF+=2cLZ}d-r>)}Ll3A>|ZT;5F>T4NMK;PcuMwM*48
zaQw(Dz54UfO0kz?fk>kh)ablHmOS4|7PHAH?5xa@iMg#OIzqf$f@r_V>)93;ugA6$
zUNddPE~Ps>!S=r9&S2yGCC99GPU~P?g2obvfjn`=Ic!9HQ_R3br3B$LRx)(J@7=09
zY61NqgX%jf^900LFK<$P3|Qr=0jp@@4OJw>5;&N+AV#zuv=UYnW8=D~&sOyK{xoK~
znduWreY?EeY&H+UrL6750-h4Po4fby?GN*4)iZz{b&q&O^pdD#s7D7zSU@!~F*l+-
zt}}?zi2Fii6kd-OL8r+04Fw^ZKS)0rIJ_f${m|uI7_`Fz2p=rb*ny@jQp?i0aXRs=
z;)uOd8TBmkuF|l%T25>gbsx<v(F(S=LwS@7)|VF~HGzY&mO8;63A;Jpsk;4NUizyS
z+rr_MnKo2H^iC~;O{%}8NWV_)Uz7}ELH`t~%1Wdr9c)BBBxOd;t2*^{{NA~|R8N`K
z7zsTfR@0@W-ybWbHjkP@b?T(9L)1vZ;A~o=pENPiR>g<6A;Q<ghX&IUJ)oY9h(Ds0
zMbcN(rK^jiJ{~w#Mdc_4N*@oVujRVY*m?B%>QF~pi@a33_nUMSYbJiFH~_a*9*HFu
zeW!igCs*5=zWNUA5JM7B9jQHFSNoFu(nM>I=Bbd?7}2*CuE1^LRYem(@?f_2s64QD
zLKu1w3MAKKY$?l|BRkZTpembNCVj2L>fYvGOeD2i*Sfl~efHAX&O^j<WjuI!`#UIK
z>($lWM21L8-{lAF!Ag+)tlrp7Qq#%f=ii_0D>z>9rh2d9#Go_cM}2Z2S!O{X@KSy7
zdp)#)JuH$}KIIMdDy!2cYj~1y@ER&RdqIcdJjF-PZ>DUc^pbjQb){>wRWX}k8s3?^
z)QSmCr#Z86@A{TP1Stg`PT{vhh>#d>K@>!z6p~)m89HB;XGG{v!x>q=`}!lI8t;%Y
zK_)J6dc)yi)j(^?TnH&dyA9E9TCSPB8ZR~e;h2yb@9d{*G{v|liWsuVU?Q}6Ll=fh
zLWWLc<~gxLlI{Z_cqq*5tAsia*+conaKwe{(4y*%%VscRJw{!D<vbpp(M(~&w{w${
zemn1k9Xek%?QyWI&UV4lWZL7=EnSBq3CNB}&+U`gzMf*hT8dh_BeGm;bdK>h-z@mG
z@_-BdFae#e$}{f^4Cx(4t!LmRJGF+i>aEl>Q8>!2(=aiQ=0Ky$6Ut%=Byif%I03yM
zonyh$xUzO=>JAz#!jnvWWa<D7je~iFYN=A#f;0dSzgy*roL3XI+gSX`H+Ix1b6lF1
zog@nY+SY*_c75GYbYua;NeWP99d^r;vTw~4UaCHzR{Ij_DKicU>U%5p#M^%>rcO}1
z2e(%l&aU#5>5<ETy8xoT0ZF(Zs)beC3gpT3xP?vYBOPbK8qY_)ucQ8^{dP_nFi%|2
zDto5Zk4T9<BLBg3O9?=`O;m39Q+?p)y!NKY8!jQBxc|ec^qJ7Zp&yh^eL$l2CFd&(
zzjC32781H+xanFiu)ZKWiknxbkY%sPq<2zz1q%CBPC=G)fO78<q9y@iBE1+W{+s|5
zjdszQw%d1gL~=45+nm%7Li9(|FH1;9g0$q`H?hDVQyn(YfSF&(`MIAUste-q7X$y;
zb-skwu7~)VB!>DLHnjUi1VY_~r1{uTG1r~ACOfLc@{tnCrDsyoaVN!43kiQ)v{tOv
z`gwuM-@&~$_^Q^j5sZ~2hDMvX5H?h*huRbJQ^5z*8m{+`>9^SWxn;)Gjh)q%jajrB
z<QKXSY0Ap3c=`4qd^#5km(0zFTHks@FTdK{)&2W$6l%`q@wGM^|ESy8<4bF58+CGj
zj5J0op%(f^PEx|r1)!nDAYcuG7n@&8xKAJ^`BrY7P!uTl1j;SmLu|@&%D=kWP&J!)
zr!dlJwbA89Bk(?q=!Lm=p)w4FW?FcQxxOG^;e#4XEkfqBoaq#}(&ydru4nQf?F<>#
zJ4F3$RSj7mPF+PzE+YlKqd{p}@IIWwq-bhLtt$(Bd$CFDvE0N-igBer`hFj28oq;w
zaISuo10IBw0bH>{CS<LsVnd>jjk{-ENy9QRD-OE2R|LF^UPnwqX|GhMO1}Fa4d~BA
zA9PY)5+$j~F8OQ4K9y9X6z-AV6i(<CsbQkVENMvqg<89+S{?mZ#&b!-k})-XNR#R$
zp*pr`rqNtiE_T6Z@4@|(W)f+#3-w0`H2J^$(jFPn5T8&+KMo}H-#;fZN#HL}+682b
z)culG%aLh~95hwyjdND$0U~247CgxiUwac@>=l6yPTy-a#pOI^VrDbWArFJ|Eelx{
z08K!$zk`4BjaE&qQBV#i$#3kSK_{Zark*d*jGhMaQSZVPeDy;a0gKi6-;dCjy))5x
zph#O`jD33n16UkDImbMd6ol9+R6M1GQHsnBr?&yRjf7TxVm%6Zw-KPl_<ml2X3IFN
z@o|55tu4JUvM<O4W(F;t2NPx6o5|})95&9O?mI1u85Xs#p(dW9^;|>0vX<%V2`TxC
z5<6h|w=vimevmF`8Fv^#+mK&!XYYxTQ(AF$*|jr+Mlgpag~<AI7o5|SnZCV;a5NZH
zp0o~LJ=-U;Z_N2VL|LNQ9zZm<)gEg>{wU_au*~A150fI}HKvVU1yNHkN|V$M#-*)F
zS}?ZI>2{IO2D`R2=_Wu*MCq}(^4F5gpFoA`@P#DwCZ8Q5j2?Ta1VakK(QdZ6(}}W_
zFxOJO?J_M;Kf$}2%tgu)n%|U4^fVDy<Wq73oQ#~h(A+`nW`>VPcy>yK`VAh%i$V}y
zn(K}(>%r?{X@7@nr3M#D*3?AmDN`6Ot==rS7=o8t`q##0#5fM^3#_sAraTvd@0z-Y
ze7Oy_;>Wd@f-o5l_{=LYd68*U0Fs~?Hlk>Wv^iu6)?c*^#5X43yoXjbs{Y#afM-BL
z*FXTfdx9?-vKm1CQv77@5w4A{Zv)!*SjM>X@eW|y*Sk|Q9{RL#x(z6KuLt0qd}cp=
zt8aa7KE29seF+TG4(;o`u{{3>lVlHy_XEdx{P7`NDRm7zbW&8u;0M9#O;|m0b{F{=
z9P(oYfCr?mm(4GMWVS4V>0`oR_ehXX3r&R3dJ^y#v?H9)0l%@usO^!w;q;a+-V%WP
ze1d+<`|bEZ?GskGq4NV-D`A+j-lTIr@XNnX)rMT!A^X?yqkI$XyWHmAF$9sk4MaPd
zc$P0^$8Jc0GBj5}gt-Z=9wzANeX*LNz5b4F8~+3Ha^ROCiZB~)<cS+I#_V_~+?lTv
zZhFH3#UDCn*>98p@)I~`MUgDt{>vbP)nDpb<Egwr>Tb<(JZMjrCa4j2(QyI@^e4T|
ztiq3!0SW;D`61?HaL680e;tM-tBdGW2oviP`Xa8#ekYibdlgUQaqK44NDX4Z{r5Pz
zDmkL`8?5PQ8nFzSk*HY<ia4_!jF&n_M|CtoP$Z;}A+8%a5ifjlx8Y=7U;G(cKJL^|
zub)HwACU^T!R6irwc6V&?y`)w9fgwF-&~9cql0>m3|HmsV$5bVT2On;-rZ@OKYp08
zERY+t8G$s0@ajXnx=@deztRq@HAB@D<JlaM>jKevk$!c+yBqUe4S{!{;_Qp-BD5Q$
zYz0yb>UlzMMdPo>XYT>!LB|(rF#Ey(IrEj25EY{3hafM8Q-SOTDVStJpAZru?KZ^P
zNHmR$D*XBI4KKt=CajH@6mA1jWu)Wd;rT?2)DSvNXS70#tq|4Wt_pMBA`XR76vM^)
z0|w?}Nc9|Yg*UdC*sGkoyF69Cb4H)h7C!tA6qDF%o0jmUCiMq~s?A51FJH6^di_`C
zI&|^81n~y+NC(_W5dpdhPEFZvk-ID>CMz=@bVR-3igA?X7gBKGRWxWCn?qrB14L9+
zbhIw%coKbvevaBISm{XUi4Vr~SzzX8m5-6TiWA2)7v`muJ3a{5QBp@P*ckS>JXtdY
ztPph=5e!K}G@fb3W+4!d5%$e*tqv6P!}GFn<;WaaT=Bayq+q1x3J#r@rel1V1+h_>
zrgV~-H<9fFZ8Ti{$~{QOyV~*_<a_0yGs9yNy<DBpm89V;{fxC`n8)m>uKkWAd&=rr
z`9KL=GpZ3UD!m55tzVTspZqinm2}O?Q%Vs}p{816r+;2o7-z_2U9_y9%6pcB&7!{a
zxFmU~8-Uc25ISm$w>5-<ZLb?rw&?nO%&J{1p*pn(Tn6G!6RSIcnD2y}4x`68>B(<&
z!C~&GHA6I#jdUSs&i&Bz<%#=#U0C{p#QIp~bb9={rw55k-)a`(uO$feGPSRU<KKYH
zhvUQ^ljOG_Y2=hYDB1VSF}%AcRs685)DvnCLP5(Z*)s(zPoVdM(}F&EUBG95lxPDx
zd0*y7ZbHT}Pv=4_h}SFOpJXXNV0w~)zGjWvk^z=yF?EF-G;Qv#j?nZHMkq-sZTQnb
zi@puC_A+olPq_<H>}@y!tm(}YQ<@0UPy>^88(4ET9W&ais6ecvWIop{0Qcw?tgV%n
zm2S=1{Kd=jS}IU|79^cD#Z+>Ohfmht)_(iiQ-ML96%{4bSKVdkR(x~NG<6l`G1HtJ
zPqQJxstd9PfGcxZGV`S1yr*Bh>z*jw208X*n7HJxC_+?=|1?6u|1IA`Fgt4B0ZtHh
zd9Ty~?6Xhq3+gZYop06=*V397)0v>FMqN|VDpqpn-Z9~*?S7JsC2^C~_PZ%Pctp9*
z!w5>ALW^fVoO!x5gI+FNN7_+q@lfy``y@efMI=Ea*40eRK==jv!5oYE=6F4(1LG$r
zg2k~6sieLzO(o)&^4}_)0sR&R>LKhjnMl-v4VV>M1~!Oj<3ev%Bj7jQ^9cqio&Yd<
zU#QXjDMqval6S=l02>t@<3Aszo06*8hiy_8E233Sp<!R8=}J-<Y~t@;9E*Khz%8DG
z=pE~5Dy61tJk|i$2go-Oy=Qr5MG4j)km@^Jz0eU{<vrHfaLDN_z62A|;npW_V~m>3
zIXgKigypnE8V@q-rEmR=t(0_O+$x%87tuYXgUxt57Zo3(>;Pf}9fPtbmXHTd5l;0W
zTSvAHg3xEVwxo@+l%A9gddmaKB#Fwsuu;mZn9-EZN}oc;51CPXOoy7CjGip>ILT7F
zV)wlW;~PffznW3v?<KPJ$|oP_tzDk&DhPLe$hQzjPXZyh)-LxXn34GdnqL%H`xd6o
zKS3sUyGLIFWG?SH#A_HOHwHu4Ur`6&YmVIbLDl#Drucr25RrTML<JJ-dt`~f>LJ1O
z(X8&e6!+=&Lp(&eeQCp_yjn%L_f3~l^M#edj5u#G$&Y@s-GT6?75Pzjc2}EHmyPSP
zQ|~K`v(2VXzC^N;mpz!}gv)N@danQO$!Nlv)wxy%wg@yaCFtBml}19%so!%tdNZxN
zV>3<C{>Dh7(G+ic8=0=Gwt9jYZ&;j*?D(CezRh5cY?)bbDSdnunC!iG<X0oJQg-A3
z#4(lX7O{Asy_mvX$;bMMnzs#-{j&1(JN%Q4thXUEiLbu86Na^EnNDwh5v2ChG8-3K
zEqY&76EfO#>K2Vu%)g%TSX<H_Y}it97;_x;kWfPQw@D}tdX!Xyrfi^dA_AH*wQ7{f
z^lyE6?cbifLKP*pp=1LSVPi*aV|(uK%aZt)SQ_jlrv7kb!^5S}c@0UNX&F(?INBxM
zL|bwXBp$zBrB)entc!T5n6R33P7hQ8tbSc(7|CVn4Mnd*tK@6!FQ4DReDmZYisab_
zP-I}H{)@8Ga4b-ybZs%nu!;L%2$Ku$YgSU#FDO(zd$62Sru8wz#_a18g`6Y0m=q@f
zR43e0QnLnSTm-cP(7On+29Xp1mN8ZiS=zuKV=7&8^`U2Dv@II-?972b=ED_5lEc>1
zU9R~PFQ2e&n^eYUwjM**PWY`r%J75ISiO&2udNbjn{>e=PRi~5Au+7yjw)7vIi>HD
zO<RC4a9XX(6HU>Ft!^;SJ!2z?LQ_tlp9M9kYq6-Ay>csp?~C#>7BDpy@aTDcDc4j^
zjIB(MQHNZ6E?|3fBRfo4Ck@dwW+TnVk+rvO=v_S0JG-aWx1E>B7PJxQ8KX9}#M6}3
zOpho{qKlxU*$zd{L`|)iUgP+iP5LL&bZ5atfkq<;aY;4`6?4E@#KvK@OeDW$Dz}gq
zxkjXayCNC{i-><lwwyax^|{LP$_O7l8RKJ3zGNkpn|U#pVQ^<lTbe>(Ey_<u92g5p
zt8S_kaV6rEB>-ZrA3fcx4`3Hhw)fC267TwCGW;RRBAX|ya%{LGtU}JE7gbm1yvS8f
z6JOLN%Vt?}8giTVrBwtT1)mnoyZZIW{@V2|PXK>iSW{EE31b8%I7&E5m8F}N3qW^w
z?Zu24dB|QcLm*;|s40`U9yMrNlPUW}b(oVBV5}{IQ)J=r0&_E=^*WMwZZ=mv$r-yn
zhgj<MMkfc|UIjiCC54YC1(N<XM>-$yK!Pj|-@^q4m#1oMk<x{ScLI||*GQVL57Iio
zHa>looyma(RA_(8Qfr0|%0q~)Y1c$oJ3J?PlU$bv?IWJP!j)j4^n)@1MaHJ_iuM-Z
zWrX|0C4@&@R+g>Fm8@43fRT%AVnE1YJ`ve-2Bjis)@@nV(K4xT=$?`@Tu16yv!p?P
zJJ0Qnb?zmkvA09aR#SV2S$F#NI{GgGcNAdI+Y*0vjzjjE@?xmmx#<ZbMD=YuT5;&6
zxrUJ8hoatNLcJ4;1yUR&&3BH@Qkg=P?~#jmKI~0a?o~oTXe7TKdV%oFjJrypy918Z
z#1ur(ja*0YC25FV>uk63TmH^Xm|Deof;*46IBmwWwzVhcZ^rDrUAv&!%2VF5x;)x}
zW^0_DXHNmfo#g7OyY?@Fdw$p^_^-h>@~VE_6PIEz3{u`Z<3f9pLj#;-h@rV6DGA#Q
ztCh-Au!D}Dyj`0t128DGyMgud>WdtJ=(eLaEm3B9&5=lFd9{m_u6;t~Rur(GMa4~w
zlsI&!ZkpaId-p1+{HsEo155cF^;$1K@FlN<Zr4&U>5WVy_mS%uikGw1Z~tt*YDk;e
zuftep=JI&G1b<p>!a8rN#>*&7UBg=bPOjv`VxLeyHN`4~JBS}1S(`xX6AJQ8CLYmY
z6zY-te#Ofm+6lG3x2Ql12n4^!w?(`KOf1_Y5oA1Tu$2@MY?jd2F#UCoR{EYM?8hA_
zK(a0uvL+}rN#4m=40hML3z*;<W&~46-Z!UJOH;vfB4%Dj69M^Hc1&4HNxY!uWgoT5
zox(BJjl&zbh<aj5{DJBi-Zd(DgGl_D;}pZTL1tB_utfBfJ3z37%Xg|qnk>gD?CFoM
zFCe5>sQ%npnp1cUvI|I(_~F3%EKi{0FD85^c(}+HiF~7`U(2vJ=Givv50*CLCq;C^
z_p7446>A|}1$?0jmxBx%9$r-J${U(sY-NlKY$H4gVcX@IiD25Jp!0u?bA@$mFJg|7
zVinW537TBBfYQF{7y=e@z^Ig4SoApVpT}k%J`T;@J>U<15ME08p}Vtf*`ZZZ0xx6r
z*rjgP(%>`M(RABjF|BaW%UM|9LYR%1^WwS>a_1z$<|OX|y6<I!kBu^MQMT`C)4kLZ
zW2xaX)whR6I_Lesp@Mji5lnItCv9<rhQ>pk+7cO8*rB2AyqqFZvo4gVSxN>eA4Pd>
z?kWz9l<*WP<Ox-`LoP&x-4+uHKk$|aY}plaT|HGlZCbA}hw6SeWP_vFg*s)7Y$N!A
zOwW?DEi-KzW@PZ-vka1xFO}dx9B5PRvjx}Kky~xkVwz;5SU}$h>1>I9$80rpr~??q
zUHB(cojA6%)s|t}*^uxBE&>TK$kcS&4h36N2Prp;IKN}q--?CF^P*2jj*~vd-xqwO
zdJKVL=y4H?WkHHJv5I+W7`4SQ=_q2<;Ubju1Y+o!nYuiI>RqAqt#gQ`Nn$!aI(so*
zl=EJasgaj*5tQs;%Ovu#p3nZUg<Nd2UgEDQ$aL-P(09zW#&duA>;XM@@A*$28ZZK>
zp%g%n60)q$MUH+<{8O5flhPOCrxbLop&?vyfuL*Yajb-FGo6fYqHStBuFHq`ZgOiH
zRfkIJ;N@6WhZocW*R`<?wYEK**QP39>VoGlT@Z3LPVE^mckSAzL2(=&dxAAyi&g+=
zD$5~~7jVb)p!LZP-?l^&@U96wK<j?2dqySGXOlfhfYvh00#`!i*c6;WZ})pnttb=9
zlc;dl-aGrby^~Z*@{i8+%R?ThEHZnKsHCH!^25x$)zwgDsxVUqFL`gUB2)S1X3@Sy
zd_H&Rn3$_oZ;ndwNed7jnbsLKe@#IFjuojk#W`{4OJ0OKG~2k>YzV`<$`c0dgIqT&
z8K+MIbvMnKwHc%ev7&6TX<O_9N7~dYn%)g-?PypxzUHlLf?4c<IX73~PyfgV!&LT8
zqO;H0Iu|NRQ-E;`C3dFgGEydcp_c=%Wzt`8lfX%a%N)SZJP2`tMjs=|eKKbTl;Q{N
zFMQbyL36QYz{1}9DD4k=iI*i4JlfE*dy&iu)1-A`@^DN{g(UlL${(zp50~pDnDBs%
zZny_;x~uC3B|9jmIq1)xO6!yA%_2a*+sGY(3`-?O_^Q?`UaW-i6+B7k$77x%J)EK}
zVjwPJjJ)T6OX8Hv-w1JCT#iGXYt}IdOX&YfTgWgnL?@W4Bb=@)$#6n5v(y+HiS8L3
zji!archHAS$Le&qHc~<;AuY93MIYu&h}z|#H&JmyaQVHr^_v6Radh%MWDvN42{k5M
zn8jfzJ2vy4tFU2bejLh5gg6HMXTaIXdB&kNgLV)7k@5z<(jQ3Y%_VaO-}A`7;d!X|
z$c~_!fWF{k+bto$E5}EngF0p>xlX>=qwf7urEWs}*5afmKl?Gy-Au)ye<JkUw2Su6
z)wz|V0G?cs4^0V<5oZ-}KMzVn70-#pzW9?|;VXb;`zC@lVb4b9h0{6*On{xdN#6cJ
zE5(<+aau|C3fy1N7PNs;@t3TXp{!)k)H*<n=+J%sXS<B!2jSmcK}tx5qfsD0Ksk^=
zK$`!bu+0Cb?x<GPIR_ju)bG(tPrGKhtr9vgX>CiO02_ehe;>+i!GbSGNGL1mSmDHj
zmIz|_?C0@3Qx+R{i{cX?4thyR-A@e1eIR7I2#_F}0M!+a=1oI~SWz<POpeDBzg?fl
z-pu#U!P@{J%^?Z2lsj`YHQj~g_9{=DTh)8|4fdTScQJ%p4J(J0(X3bm%qS2Be8y?}
z8*hj_9M7g(cQsPe{ux6ur2)oVd#SpuY@O^QdO8@YWoW?2$6>|&-YDH<1O5vqV7e^f
zOT4KcP;BQwvBzz3<}*mgfb5;i6>Uvu9L8b;Fha$@+wtBTxt~`FhN~<R0WT*Zi;qcH
z*?KX@eBRche+`N8+lLP>QDEVCAz@NwdQFzB07%HR+t^NCgTW*x&m&#)YplgGmS4n5
zEv8WZh96h-Y59rgXG6jnswO_@gLYd{?{&&9tZ9{BA(RN$d`pkSm}ioYr+%N9rQhGc
zHVWnGKAf3g$C7tVJ-zk2f@9gI_U{mQBJRUu_SF`E*K!@9{Yp2ss=s*Wk3S5hiH?Tt
zJ)|P4ciV?Qu5uMK@TQKG467%ow;OJ@XI%`UBarZ-QB`WiAy1sEhuTi*blNi0g95nd
zM5-F+dmIHufT1;$n^o|V2}^nG_f*<4;0{mVdq^$)Z8){R&#23*_l#GTMN$*Kx+xi_
zj9xaqiFG`TJ4k#A%4Txl$rz0Z#$Lta<TN_03Wn2dzAp@Z>@Ym!2CV)tL<eKs6$Pg+
zEC6Vp1Rv;%EZ8e0PBP~a7X6E|9t1{pzqztJe46q;EA8V~Qu&`K<oM_%Zc0r9B#K3x
zQ_kYeJ)yy-FXZQM`Ko<H+JwKc<rg_+s^=(&h<TR2&_c~G@oP>>eGCPXtABHW&@5su
zRX}DTP5{d%o(e+)ta8AnWy_7s%TUlPzhU!c7CTIzcT^uSGzIVy(_<dz5xK1d#U(v3
zPsx94;eV}wGT!l?u-si@b<_;@7rvRm|I9%4`KIL1UxN0y5vX{5wWHj-60m$>pz0Cw
z?0&$Mc5`lippY3$|GDaJh!!ZYv{JVTdFBCllZ)Z!TH|9h3Vt$VHlxqhUM!vsSyZYw
ztHzN#WP%?1cJ9U_@<<HBU$C0AvKiZ$+R9+*lvc|0#Y^W&$K~`SDX&ag7CjqmpvSdd
zCsh_lXvi&_1zC4Ttc}a7#Mlolo*MG+3@jZjd31-EaZ4N%{k#4THdS4oe*pn`fd3b0
zH2)X>s+EPkk*k~YzdCAFr4&$wP`|Cs3o;86jnI&UklfG<!M2D*g;`~TBr%VE-zz?;
znqy~OG-3n^gc|IP1d|7i1}{_x43jZ2-P`-F@LlP`;&$y+xBEKOet*0kQUDcWDiB5L
zB4a;XbmSG8FoqIgQf&<sgdvGZux*)2daG+W3pj#_Tuwt9oQBPq{h|D*BbzcYRV=D@
z%pEW>l!1LdOl$dq3JaZ9dMw2nqr;&QuG3y*p)0nAFgt*qbFHnqg<^4}`#GLn$*57+
zv&h|4iF+Ce6G+oDm6YWon=JJjO)_TJ)Iq=bWzYt=!cE?c-fCU$C6|3ei$<22gVHJj
zjq({e1EUJ%F>{$iF=hG;$V3zAO5PnX^1O&P7nfp@&8e{r`+gVvSk2OG;f=1!I;1y1
z>2stgb@jc`i7WZl1+aI(^wqGO=2ix8t4*SU3CQw63wx1$>7Zg)mBevl&znHEj5!b+
zup7Ew7Z|0Oq8TdTn$J0$eV80ft)RlnisI+cAb7O4gRCq<=_vCwt(4guT!o_w2zzWr
zhH>Vjeh{?tGlI~_jl!sb4$eNwQei#`mH3n0N2xT<9Rv-z%{jYRt3}OdJqduj$US;d
zQHVL`4Bq5cwp=bOmKp<lvhFB8q`$H1s1IyVaAR?O+9w7)Q5n*!o)w7kd*)8(e8sk2
z!L<r1d+)%;_OZ~h7lkV6C~>;SFNT}Jnov-p0iJB67Zqs2(Ah{2w3l-t$j^9!%@<1|
zX^_;CT<!1pH0k?8HR~*3?%UZ63fPtdMDY4h77-r4q?idY-V5P!1;;BnX^&J(G{<wr
zFb+5+d|h%<whOI9t-KaQ%B4+0DxB@c?MUu{-5lHjYvB(DMv{C@m7%8Ar*UunBDOfs
z^$71j{HyuwRVP0=HEKh>?+o+o3#mV_u?fU2VRDv{8j{0k*1iN6`G~D74_kJk4D^Nh
zPwA2MA~mPLy<V^(P<n$a4WF=UXH&c&EQw+g>&KXKwwTw;)uanLkw*gmE;1Zy<?n`n
zL<Rx=Um*7UpGBr>`Ook#fyw;`rp_-pgf@f_67yIDNeoU%3(Y|>1ywpSR1#@#$ZB1d
zOoY9;a{Eujj}%=6vLXUL-+v&xDR3YsN1~+UZhc+*Z~V7e1Oog%;SJ&Em>V4HA*{CI
zhl61sGU7xBheTlFF_n!7eZvM@{dV@+rquq>TN_k8@QR#-R(uZaYo}m}vx}6P$z6>L
z-gFvEQ7O34@u4vuZPd)!K@K|emW~9PYwA9JHT5#6s#Ognx^Kfxu{MK@rMuxlQaqLV
z?`m(zJa^r)b#!mFP*f-#9uAyX#9g~7RL;AdGxiduE=R-4yw85g-XfAs=}R#_)k~4B
z0ygsQ+BwZ|6OXvIw)gvDR`1QFHAs~bwh^mDTkO;%=bhE4_8Gc)AwhHdzS}FJPBx?L
zs_?RsdR-ckakfs`3PS@5Ni&<~r|2H?Ps@2q``0jfTBv@_*(ojpKt1&z+I>EUB2zx1
zvUpZFdhlJ6sk{qsBhawu!syM}aQ?8wj7-#2jgrN(84cBWrxMmcXY<I<(ELFKbE{ao
zYM>8-hT86vU5aNTVZ2C7hZs&exN#>uX~rC|MfdAS665fuUDx6r)kIggTOPs%RR5?k
zg#`*!8cUuO%j=w#P%b~iqlu|JY~PmD*=9%gWd3}Td+2_>!*@u^EdopyY*GpYnB<s)
z&(>r};JT<!VxWZ{SM>$_l3BqWQ)j`g+KjIPW%p5Q7+qq96B}`ey++Rb1)&L`eo(@!
zQf;gcvF$M(GS>l+Gj!<P1sY%`jUYG+^z&+OF~j><?i;rFSktyDM5DIxY=KT&C0?K{
zG7F;KhoC86fx7!J$_r1RdZ=!JcqCe!tnXrP!KiGGvaq>`H&kFxtut$$SC?rE7R99G
zG2NRPtdUDLf`>Qs8NpP#9FfW<hTxt5l!5=QjdB*w6*W*Gpdje~!UH$|uLg>Lq3!?k
zO^~c!SXva#&P<prNyR^4%!abUO_D(w<5_0Gv_i?Al}2Y9c$nU+or-T4#Rz?mFb_%L
znyCpDYS>dUTKdxYwTlGCS{LV;MrIRzg6`FApRTW5r#uGvOBViLr;iN4Iio&yXTze<
zRypa5p{PmYrHqjpsIsMwNa;t6+i@C9B;jky9WgY}`U*lLHM&P=J%xMJfI=^Nby+2P
ztT?S_%;g@$t;|N(wPSjb#n_i_=<1KKI;}2B8?rf~Xk3wM-4E}~<bx6_S%;|o!@@B(
zm^PJF^-fKeP@4?xm4_)(t3ro#oIVq8f*aaa;Um|4^QDz46Nj_a7&_j*^J8Wi*n2FW
z(4b4&j3A7^&t^BY7gOlzuC^lWX|7`_mzFFyYO)8uZUG(pGuH(OtJ@UY3!NZI7K$+m
zP=Mv+ZBW2K5CgAEE<<LW)c>gMOyHsVz5qV9v1iG?BqCa@Swm&t*Rds~F$Tk!kv&Nz
zdyz<rR<fmpD2gJI6lEvb6DblED*3<psm45mV*c}Ks`ozg?)Tht&pr3t`|e^f=%Zsl
zxXv#<G*`8Ao4Z=cDQILz)8|*|Rt2GB;s#LI+pZg<R$KvLGSRMAFS5}UdMcXeQxDW`
z-TW*rgV)U~Ku$M0SZVVey7KVplZ?o53(p@E_IJg`x;jPt+z%%3o|#F$<|KKm#Tw&X
z9oxWo{QhXqR2x^tcMYTG{uR$q?ZW3Qo_^&&ZZD0z>C>vLBofUPqjj+6M6?vlhj#nA
zkYXomyCczVmHRvQ)pHaXh=o0|rV&-k2^`OnYw#8_dUsOh(7|}RT|+HCiGvoOQ*^Wh
zqBh@4^JWxff1d5XmY%_R%^5u^5%v>BIS#Z~GpJ=rH1B3i-`QY43kF2UCELc)!ya~F
zvpG==`3%$P)5vq~!M7gMF*ez~Pu#1PHgySwI#?4r+P<dZ^NtgFW*zaT3Uwtf2u@O#
z&(7*sz1ec!rKwGz17-75mHo)$G+!YD<06YARE=rLMz(iK-&%9a+}}&xy>7g*T06+=
z`76sWBi<?Zww$Srvel9vy3n*KlciECH}j)i;l9`|UTKZIEPgm`|K|kb#*F(^CQm1|
z%o76-$cnz}4$pY^MoJHv)GzDjtRrwmL^)6(??bhG-(>j?#^<Lf)6EBXg~!Crr(#;V
z`^82aHDG)iJDGJ^qo~X!FA2JBQa#Zh(Hn9G;XTDi`=uXZ+#r^!WU#TpuC^;xarBs~
zW*<iUq@%}I4am)~02bMb^_NZs2CDCuP7=Kr$8;5)S}65{`xVz6kKhotiVebp!dmZ+
z@Q&=!J^8wH=A(f9uF}(ok7}?=a`b#*f%k~2Po2;F8O-v7j`1PY)L}N*&dxD<mfA?M
zIL_ml4o6ar%3qe*lL@#oo1r;{f>2Mfy!>z)eu2*Ricgb!`5NV7n#zQB1{a82m;WKR
z{cbFGP>8XoCBj?rbwsFC!PQFahIRL0sT_}f>`qnBaoyb{6$SH_$P#`j6A+oU2j#W(
zQH#sjD%!|93QG1PbSi3EZ362bu(@2UdM4}lvYq?e<x(oA9=>MQ>W$h1+x5}{LeLfV
zNiCuN9iUTNJ(I={9jAgoqSinl)}--ZM0?Oyd;Hc~vi&rUbBdEH5Om*gCj02Q^fI>V
zDFrQ6HZCFsB6<}@mG9o1Gfb`vDL&IP5I#ol|4D6^gh7kvyX>8Goz61u@lrz$Y66})
zhmL%I_Tb|5_W_{ee6H-p0nGzi438-r#6(;yjrVi2)3#Oy?qyI2DKnA|+(3zm?Cqe$
z^efZ4GHjv!tPyW&)U(;2uRE1PLzRp_o3%w)mP^Q|IcM87y6oYw>#`Q9>1X&16kOvO
z;H^TDKfflF^COFGuJljp-!66t8ui7XvWje;vSS80IcsjW)-W_uHD2G8{o1CHaZh7{
zQ^n1C{X97X>~{H9I|IK_cT9raZPa;Q*9};nHCQD|)i!z~4(=4#y{pQN46bi2lR7_i
z#gw^(^2I4+Uw~h^!W&q=*S^<k_g<7ouMiBz%ii4ZxNGN0MW0S5u6=#l32kq9ue&Q)
zX6$fNY*B?C?2;-Pxai5crIfogP5~RIvd-oBg^eipZwxvoa(ai}m!x!Tuis-X?sHN3
zbq#meyUZ92kETQAgpGmO-8BhRjZ&|*HTE|bZ5u>ZnmWmfiGKA-9#W5q%je8}lRoO(
zP^o#Ta4&D&$+~!{hyB+Xd+*m>k;u8>8BKoRc;)ki=F!T}lH9(De3pCe-;kdXtCaI9
z&9W^)%UH-L_c*GZV<|#=H8%_=PL<N9KQ^VWep1gLc|ZUwYH{Uugq?b`ET-d$Xw?%{
zTjieMD`=X+s=Mx&*WM}QFX%jN1hcL9NPEV}qVQz?{-WdXV$69zEl)%9$yCZs@8mRm
z>`qiVc54?KQ&hzJmA6(TeaO8$$!gAg?iJY)!+3gDk;X#VAT>@ZskWQGw#@LhkFCQc
zc`T+k!&M#JoH~75i`1p<6teYCcd+fL?X^7ZO*z1Nk5w2o9Y=nWry70Y+sUi)XWe&f
zLQsB3et5itJ3LPU!5}KaB~x`kn>?XD!Ecn6+gVz$pD#&f4Q)TQhbh-ip}HLj9y(!E
z-x@ugg{1jzC>u|dqzpj?-#0gY?%8As6O`PPQ%eQ$X)Zrn5ZCLV@n|o%xasaS;=Coz
zZysTF{0;hzdO2u!R!_0)lzv{C&9=cnO{psOP(?m{z;s+GRh`r{N9CcUW~W2foaDa9
zTf7^1xix3|=L}~VY#Z8sribR5P5UUyS<6H@clttcOqVH-Q#86MQ_NKk6Z!G#QRN5a
zPstjZ?GC_$dWBSz)gbB-pC=!zNlxPBmwL19R&!A2q^ZeTzMDM^hk4S~&@5{DO&bq8
zrE6YoP!XyLeH)U=pX676%9UEM#3XxjElW~-JM0B>U5u)l*r9RSHjVA{y_w+}lUpNq
z$cIq!RzVE<xh^_)1SrNZkzqwX$Y4dbhL>1|p~I#1-<M16bwbsvntvb55-V6ce7L=v
z`J2zPAPc_y!<UST#d|tb2D<MYGhSPkz3T?&P|qy6*@jdz$i*+m9NIG?RJ6J!Rc&;(
z=Q`}*SX*1u`cSLk5o37OPxa3`zQ)W%iU}6hU;7>_#KcTX-{e6(EX^d>+49=+qhMgj
zsdqoup7I+iJ9$NW<b{G<e{x*tMAgtFTi(8VqT7!Si0|jVTpxAG?7|aa78aL@N0haP
z_N@<4{Z8{qM^~jH=TX}og|+HOk(>C9eal8a#bb~9!q%ZPuv$F2H%j&1M$8QE_)dHI
zuu6yT>DL<klFBOlSeQwbRJ3H^(b*dQAC2te-1bW0k`!kSO^E28cewb(`oTCf;aHLK
zSHAlK8$OZGw8AJ}#0H+6q7ar;)fr}i!Zg?>dc%de(gJukDil)eP(PF_m9jOAEnfP0
zpYH9wiZ#C2^G1z|C+G{-UQJ}SJ?mk%G23fh<E;Zvlj(~Ly>@Qe`V#wT<GC=A3uAPO
znoc==6j6prZ>M#CfX-*Jo(`}%4P23vK_I(Ue8w!`_&t!G-YBG(PfR`IBPj;WS>;gC
zYUoU+J|~1jDl6MIs*gFt^v)C1Gp693??<Ocza70!`%I-W&OT?Kgg&=bOUj7I>A^@;
zh-;bHwfz#Ng~>lBv5DqqsiQ}HoTz4x9o<Y-BHBZyq}X`4*YM~kX6dr%jna`;;|B1^
zQIpol+rEO;jj!a%wNH#|$#j?(MBH=}g*<HKdXuC8+J1VSw{!+@b)5nNkpccS(y~w!
z*E80ZgkvyRZ#eEuNiRu22NG^r7cU<-qy!v+aK}1Im?OQsJy8g6q~pz(<+x*KpgrF&
zRd{v7BWP0A8;;p^ynLKcAbbAaT|b*r|BhD%$<Uvtt_dpnQ1isLU5N_v_DX9LKKW>W
zRfx={7DsGv+9g#we@A#TD^)%D*KhCT;39?8!6E5<+us-}HPt4I3yAG(raf0kvG45g
z4nJN59n*+GezM)s&VX9J!q3WavX+9@K~FFHLi2TV`U35x{jzn3bf2BO0`+}2m`b@_
zh_M!QeD}Wk*S+$<l?w3Px>&Ydd>p;77zq>x<t?EH{Dp#}Q2|KLXOjA@&-81b)ji*0
zT-UUvdXo`#{^zLp6EgJrQLuP}6EX&y;dZKn7b^Suf-B<~T1(<m^d&&sYYqkQR$Kur
zOaKajh%Cd`^7lq!yns7t76!%@Qp|GpWDXR%7a+p&Mbw#;>S^TH&lv4m@4JydP2wlq
zM8A<rw2##;jDJr{o6(8QSH)%=*B+7$`dB;JpNv*CFlJjnlD8vuO_(;*rbO+RTpvQs
zdAQXxHth;lHxJyB?Kl&OKF|vNFl?-OXKnd~`$*Q<4?1L78_(&xN!#W$1ZesSS3BpH
z_a~IZCq$sXp06$wR1*8K?M;fWGuf->P1IrQQK;mGb(x$wc8{`Hb`P60iJay2j&(eX
z*iqb2mYB!JSDJ4-IZ;Hfu8Bzfq&6B&&LHb;c>DXbmv6x9@3!;-zO3Smw;2kxJQdTj
zJ~>b3Kko?8Eh`HZi{Lz1dZt=ONkn=V=EsI2yVxrO6)&>Oc<GNbZ4PZ6d=#TIOOLqm
zHQFq!eINNmrsA%_tIt>{{cNga5Ju;RRo;^wPA;2H2_}CQuOIxqn5Mxjd+NYvUoM5o
z>WLxNDA8A4Q^&*+%JxDi7HdglQEi&-!|R7rsOtM)3+nDHXvnw~<ygf&@vz~@iM;%l
z3HLnhw$w2A-K>{yw{iIQ2D!6iYaFB=5;~Gr$`Z;T;3^6D(gWXl2aE7WE3bJZ#Z2}6
zLZ43-IcK#_!RtqPoHjNeT>LJI-F?z02YarIwd)f04Bi?R9rlHfRaKq+azLy8jEo<m
z@9^kL-?f{<dyS_n+L;>?w<Wucr9dSkMDBBxf1+DcSCK9f$Gvqk784<e5OHx=6f`Of
z@#6?ESC=!t@7@39$kd<1Qy>s?KupNI57T^0bcg#QF_Me_c;mt!<NU-gUn!12N&I$}
zi>D#~*J;doSn)p|7q4prAWiHIk!>yH5XdGP2t;+oX?kGYCH&pdg_i$qv|c)CZL<ZF
z-PXx;%p#N~MDauZ{TpKHudQ+rJXn6^{EG$beGj+gC0C;89GEPI!@CXNmU6!^Y^)h_
zuH$=^VBUV$In=8;I5tk+4sL5^<#D4nNhRokXsdtBpmVub-tCmhF3es3LjyAsgA?@Q
zGe0r3OlM_TYPMhJ3eUJ<W5d*i(!Tg|SfKjlWfhfJ*;bQ@45hC2A6t_J{nOIwihoo^
zhfbYmIvvLX#h|nptw+ZyUk%;6_jFrC)aBw=NBcr(?VbiO?u0e8A6Jkw{&D3w8MBHx
zt6F)6lIh;UH??K-8!JSvb&cr^(`lA)HDsM<wsF!NV12gRJ)~nc^c}gqN#+$RUOMvD
z-DZ(z)0CmNQ$${zy+kI?#4z+JHckQh@B%frd(Wi#@J+3|SM?*_rkOt4u5nSGLn->4
zRh>)Z9V#E)Ov->02i(kP;4G<hHx*^%0!L0$t}Tkt)_w3+>AJY^Q5Y)>%2IfGcL(jA
z5xG2;PA&LVJqfhPyGyTw0;jwua)kvmCM0lw<g2dAXj}8?KXr#dhWmU(N-D8qmijTh
zT^Hrq47xndmy+G;WuvK<*4RwdU$Z8JLUw&c;p^@|Ex&TUZmo}Oi4+lMnhW7@iS0t<
z(kT~?-(W!=`5<d+rCsNdK-Z$4EXT#+*83xwd1~u0yVJc7H5HTxzf9z6kG)KN7$+sj
zbxBu`4ZHqnM@nJZH;=fH&ay&(+SaVx+wskZ4#=b?rN`u)%8;eK-Ddm4`}_5}A4Ar!
z=+2$Fx+TD+TZipnOUkE>!EQ#8)rS&oW@+uso3|A0X7y9y-lpX&S@lu#a#vzj^@fTg
zi2+gA;IH{!Yi2HcJ%*O6%IZe@{m|yT(>0d*ct=;s{)XBec@_g(N|PnJ>W54H4;KWK
z*Z3K>h_jjmGFA1fG*tCmzJ8_fv09mCKk8z}=R&#UF)dT;tui@Q-e0M{WZ&QqMSq>w
z{^2U&RBV!zH*j?j_-d}I!r&tv#+p1J5MVyqt7>xKWwBtE<+Yb)n&o=sO6ksu2?j;N
zp$|&ie=_|XJ$bT^PGam;&s!_UX4T}Jm~x)nep$Zs&UMC<)C^VYnxo=2jibM~Sj5^i
zBG0E%&Zzxl9qfuXe#m3HSv0h(F45Of@{IoFdh4tCSvyS)$jI3!h&vbBKmTKfjNtah
zz~>VG7!AY>c&x@$>5dK196JI&gl%3D*N%zKf6PeDSWjCEW+7puJs)fg0#g!z^T_6c
z$fcfGL-0f+893}*>RAqgXJ;2Yi}%8dry)X+#y0Z5414D%X#z@8oFGZxzfIB$j&XFr
z`Y)NZB0<vS|C+Sl@AIX-mZZoMP&g_6k>dQ{Uc^gkU59{xS|Py#h{WeMJ~l@pu%3=c
z&n2@(2(4Qo6o$Kx{I%cmf4^K3YDH*Ylq7?KPI~-%gUtAA8Gd!`mMTaUf~3d)HEF`p
z!X-07NHU~a-654rkqih(>8m6yQBGiGsuF;ipsPI3Z>c;g5TIQD6@}k;d?^S!0puZc
zk<Q-yCJC3sd)<7LCQv(LpmT?H{Qg`!HvZRg{;EFaNLM7Tr>=%TAicb_{1HeG9CK~}
z8qD?Ym_FbNxKs-2xwqPQ?j^dFJ6d%>S8hme>)&^XvyXEJ=1v36b{!uCVo1RDW?Y4n
z_r&@iT!ySDb8N&7$TgID?tLYm+{(FfvYLaJw<jF2T()0H`c&5gMZFieWk~?P#j^_d
zoN*x?|Imf;XM=-9katZK&I0^aEO5(?K!k~PD;Gfv<KvF>1PmPGj28klkq9h_620(E
zLm-G@AfG!o0xt=N@X96mgGV|N$7U9J$}j^+BqiAFpNgy;t3UV566KHce(P#^9d84D
z@0#1-ENh9aob8M|5DtY9|8onR<-qr_k5YiyF#$I3LV&ebBz2kNyd1&^>Ft7bT&Dbk
zZqM>?0NwbfoO4sx@KUj>kX9<<{134a&$<Eo;{y!AnSh_H`G3)hHVTPeN+~!C;VG_c
z3IK#UOa-=(S?!ez^}C0+sD&^p&j{QC^za3^Wlw<Z(Iv4ijFEoJ7{=44QP?S<h8EC(
zYbb*;sTzmh+jD~1Zi2VES&4cFYO|HIb>?d5GTvdb!TSC>fE&d&x5Fcz9SU1H+W`$n
zxDhM!FCY3mVL*hj73h;X5a7sdNL=QB<qs+uAQ`iOm)Zuz1#kj+n)i`dp5<yHPMpK7
zIhUw`((tDP2MRF6D%xrUTFnpciCo4v6>CE=`G6a^`s<h+Jp73>DFX%K^zd<a(IKFj
zYTXQkumto$)XM2|PH-7?%H%-gV<6LCY36r<aOmv;|A=0O<nFybrVvoE2?f~G?haa6
zuk}}db?)Y34yOCq^Cw1tgQ0|i9gNS>6?T^AF7<$3kS8wS$9f7Y5@$nA@@cLE4a*2K
zIQ*12zACmk(hH0B{XOx;5DRzweL^kR$6=>Wn??XvS-=-YAc8?8$woyGSd0_OdF~Ai
zSO@7+-)q(ZI+&z~Kz0)dpczGS9SF-VW(JV0JjJ-({c#5Y6PiK$DN>D@NO*a}J<v$c
z1$C@={T3R)@;L!BL=do}Vo9$84LHIDsqKS7EZ!4c&z9k03J62LpiZofBUznLBF=UR
zE>}|o*j`YuGG3e^RY3@AppkIQ+?^$B2u`5q<u^}easz%z9o#jJNF<dqh?7}_;<XKd
ze(0Dgn4FYHGMgkyt{t~>fB}WT3<bBfrq4-c0Mgrt!xJ>Se;NRA#s${L{DO3F;%wo8
zqyR&JO}Bvkq@HB#Me^<F*<nluG=2{jjD#F%B3-^0$+#lRC=568<|!GtDH>@d8GLRy
zY%z0B>=+m^0d!BkK=%&qBoje_IQz+3qsAN@n|f}}DW1*$n)EJskunfEe)fC~p#K>P
zun@btNiW1ARv4~uA^HYxZVb!(Hx~a{VJ`{7FyhdBbvtb{K>ceL6n*Rv$%<Z%ID3XY
zUV;tKxC$*;>qhVY4*>{qA(~ka+2W$mZ&cvA-!e+Nx-Uf>u7Od=hXNX?TQKk(`-x<5
z8RGHh{q&zuUC3Ow#+HCh{)J@ks$7t04{^lr_aYK5-tK6y9G46jy@6m0(gK-Vw~d$M
z5sBsa^)sSUsP55)CID9j5U?#)e<hg|`dY>Ydd4tuX*qc*Sqaw#=HShmD2bbo#0Y%d
z2!v>u{C~YZbi``7AQ5hh$H_SD<g0joF`$G%QmMgx71t?}3AR*UC0tHf@e@!{r~p^7
zhd_XhGbD>m2{l8!#!7yo<2nI!8oM@tha+Oi$X4N`HQ;D84Ctl9kmw~E>dp6N$8p^Q
z+6B>JB<srP#GDlohw)!WZOE;|0)TTbXezYXNd{lcOLMT(S^{iND7bn;xmLv{+Egr}
z0H-$FQ@Ez$=Ypo<B@gMezla9XdTlIl!?D`{4fqkjqxe?{|J&Z#-0lBvXkgJx*(dxE
znV}va<aa8tiAb*}nTF(vvrj9G?r{NJ#5r0p`>oK**z;7d%m^COS7oDXfPXv>+)^iC
z-`n`NY~t_oiMQQ8Yw`qc&;vn>A~;lhu;m|lpotjsX6!B)CX~>>6$k{$M}PuWCV;+B
z_(v$=N#$UWwcarsY2Zo{GB+xO2VGP8M-XWF*&@S0fxg9@!9cEFL%~4#?W<DfVxENg
z!p;rp0MH!@RwcLUKLY<OzaR=KnhxiJ17(Jr-C#ff;@b6(AWIDV*RD90IN&l<Dullo
z6xspMTuQL7>{DAY7+;!8!}C8`+dTuoxpd%gC0lcK<@tMKpk@34eW3zt1mKI#P=lj{
zLA_O3@Uk%q&O4;{nx4u9u4W<NX*8WitD?_^(L^J8T&`tp{P=+kLjdOw*+;<rV!S#o
z@tD;VC&(fZYXk4;3Ugd*fIB~yKo)<K)ycA0n2MvGu6=OBhhnZbO-Pl3t*#wd$}tZ;
z<TE@5)U`JY+!wv|>dbwS;gaH~7Q9Y?SHaD2B?OM_UST#3ar0C#i;V<l?LVbg4*(xg
zfG0>4?D<C^egYfpAb@n&z`DBw&HmCYlB1rWz$CzDUGOga%ib09=i)3Icl6Ti-ESGx
zD*<*Q1-Lfb>|ZfkA7@8Pb2+V0a%}+jJq5Vw2ys|to|gt6lT@at0>E(#UPnH5Tt$Zc
zm(jDhLp*H<fGuC}qIukDmHCAMesdXm(#|_g0W=WE6=v{^2W8aiVjiM6@X^|M9GmB=
zTn7H2Z7>pizAPRY?6*2EMf9}U1;q<GG!&2D8n7xnaU6IzLOf3W5@|w^zbR($o@n!=
zNFj~Rm!3HS-YyEy&qyN)f8OR%U^aL=9z44ulZ5t091h+|0}l_qNfP*SrB7^GH(rRt
zw^!QBz%PAT5EOt`RpV*s0<smXu?D9PUcQV^A5pkS`im@PUJyTl7AE6U?q4S5Kg*QC
zss}HG#V1*HmkdHQmLtA2b?$?kMekljws4{9;ty{mcsOa{!;3ClT|7;Bf;7ASI?XvN
zn!k`0uPtIrS@GJEDPAe#*TUBMC}N8M=UGw7YEbj*1r-$XAK@V6vH}F6R0^0D<bP00
z0|W{H000O8QgbRyg2Pg8d$#}p_Rs(TBLDyZS4BcCNlr#DY-wUIXL4_Ec6lvxVQyq%
zZ+I;+E-^MPYGHDeyaSYETeB`&w(aVwF55<zZQHipW!tuGqs!T4+qUi7Kkj>bpZnf_
z&&iQ1*T@kOBV*3>1u|yLDK7;I1_J~I1qHMs>@UUWIz*}o1O#O8=R*5)$%rTm&`QXP
z(#r_QN{EUmDbvY_-pP!QNlVev&A?01QcaFeH7YX9GjAU_Qca9g&bU-GDT+%=R!P(D
z9yroT%Fsy207r6SkdT=bQ9YBT6dzJzonfD82s#%Xdlnl9O4m&@hq1FT?i}nMfB?x$
zK|=ji1NndI1_TB4Pu+n2@`C=WZvQXa(tlwC`*Ybjn*9e3xPNn4*_k`JSeg6>PSpRx
zY368W=j!nv1aSYq1)L0QjScPG|AXMS|14->V{c9W|35W|f1Mf|16LE<|G<p<e=`61
zWxD@!HvX$1)qfWJm&&w%AL~Cr_K&f?eC%t*fB*r>fdc_C{5QrbWNu<)W#UM}$U<ji
zZQ$gTt*j-7DuDJ`l4MH>Yu-+=IYd>gt%_uaRtujo9Ds;Ka60GAeL|;W`unnFI}q^`
z?hBkuv=A}G%s1)g+_^A~P276!qJ7+Zi*t)}g^>T352QV0B{rPCC6L8BmM{W)A%GTi
z4&oO3-e~woUoVZ2<wCOUbD9B<-pY=Rt%o*S)lxIQLFiDrO^C6?0{DRVP_kiRvli+n
zMy&_hh-%VAx6Nf|JRxLa{vHIJsfOfEDh~lzz<PVcEv~8(r$8lTRY<M!TQ$19Mr}Fh
z*v7_PRl@i4l53~PF_Dladh4B*V8VE3bP<xlGsdn{g`4`{rpKKP3f^;t)w+4*I>=lV
zpX?@40!iz3^4|-2r?EoVglyTDUUX>$O)q*eyz(oJ_4Q-kWfpF2Zu+AWOxI5Z!Gt?%
zB-WIG>#MAOg5Hr~=%@eIpB}WK!BJ<j$QvWO+$FH^2uPxD)=J60E(Ae?=D01@<wZb!
zs_&QQ`1pa9^68S6vYoy~G1gK*O&Z#nQ1mL)b?|KY>-)q#r3W^Ijm?4-4-~d)%#<d(
z;(3m6v*rco>d#K4S#|Oi7@aAqMA0m?0_PU)QGE`cWh6-9jnv%oSrGAyr~@x1ILdaS
z$1x_T_NHK980>mHI40lOSGNfoOg$P`7w=US-A_U;&1RNvrUJQupG`h_CZtxu?-U7C
z<3EAl%I<{X<vd6T4ARcSC!wRZt3<_#A{9n|0kDQCF?YIz5_*2rTtkP~9veOTjl^Ud
za|rqxJVKSfOfev=5M`gu(G1+j4x*-om!?VbELjI5Oxm?*k7H<{a+F$)?C_ACT!Kdr
zme|Kfk>Ga-Uz%(TqH8bITeZb78=Fw3Ec#jS<hkt+%=gm&!)g5$(SOH!i$F~l^B)S<
z9}4Gx1M8Y5j&=f$W)ilpc7Gr*WNu(#`)|-EZrINKKnk8Bt3h2a%9qfDp_TuMI~xEF
z4oz8xQt<->L`1S&cxTu_H70Y=$|g&mAW&)(#I_7fvHd6?sWHYu$v~it*24_Yc*M<Z
z_4WMnfYi%H1>vkcuD|jFCKXP4#}Pt}sckfm-=3F!SwF3E{;4Y8#Fci6u{FbM9l?^_
z6{|^RW*08F<Lm}AP&aYRrgEiNx}MIuveQUHZKALUqiKV0pt~b3W(E1;GjBjf42IF$
z?vb{30qw11?XL5XE_FBGImcaSX2-G7rd>Chh`N1ZgD6$<6Oo%lZjf$Z4y@KFUG$sI
zR5|H6xrEZyO&+Z#AUqxnnf7Gel!4%4Z5>g2=YhFx`1&yjf$YAh%nd6?M%d$yu)vwE
zILI@^`+ME_q|;a|!mN3if76SRnhXYt>{$xR2vH!-z-at7buIt34-x3*>TP?I^4RWX
z`Ry5J)-cS#D|8Q1NV9J>m#!`sQ_Dum?uNPDNyKa2mE8P#kgVm{J?M#iswle)5L~Hw
zi-50MglKn%C(vVh0UDeqj)7~4DmsJA%zGIO=e`hn_9nWxQ3@Bc)K$`=6b>s+<5rxf
zkKg^1x=g8L9u}2~7;C*Eo1&rua&cUuNV=oNc<@i`8T2FR!Iff%Q~IozI43t{W@IrD
zSTqZxK}2C5Tx2ihLhV#Lf}ex;cGfN~7qCroNphk0>GA+mK&-zfcn+B1?JO;8j^_n<
zofH7N(I(UQMY>=~8h+D&9q+bw*kAt)r+>xY-;udlSBj|q$GMAs2Lh7*&&X6Vva>f)
zb~G@uvamH1`Ue_??2JuB-0dAroSZD|Z2ypKolNZ<ZA={h1=fkQ6E7tI`tVj{iq#lq
z<Lb9>=aFhr8hF;<pn-8gTQtspB-SaX)Y7gr7(1I-=h?uJf|*O?!4owFHCdpV<y%Og
zDkWfuW46jX`N+K88+`>ndaTa6iAIuYb*NnqK>AMWm`<iU9lA}fGZ!L$zFpD+RbI1W
zrff^oVeD1Gx_WC4nGJqq!OHDnV`fgl`ok7nG*a;$1;9=n?hxmoPNWVVcsR75_aEJW
z-#CkC>msFA?%o!(dCvsXi+Jgwq|!%@scE}o*Op<)-&DXlU278P0&qRrLTV$%GO2n}
zLTmRr>fTc#?8@A=1SSpS+E#E+XV8<_gZlB&b%=6j){51fgM{)2#Hirp>Z)1i^=9yH
z+&drL`+v$={jgj7eul=e^cMK}8x+P`WXKC`nLT)wW3&juSKjXQ!ggVRR#3HXJ|u1l
zHSBB{=K?u*OJ3g2Qt5dCrNqFu&Pb`(2&-S%##c_A9nP2HcTL_50gT(3K?n1QT@jX|
zy!`z13Fmn^lzRYv){nHpD(at6ErB_<Crf3z;2xnLA^fvtV&3^|;A0U*zPcF?9-h%{
zfdt<bk<l#-r??osipBa0qWZac4Kkv{`SC^3T6rlvXeWmQ0>YVqqH_pF<V3IVO)*f#
zhw?zwa`|^7y}IeBYZFa>b+Tij4Tzeds50>Clt$pPki5*lJOIJdPFRaek{lb8G1HXp
zX2O(=><}UZb?Ic;3tue;B7;*ituYdB#78K5Sj@~&t?o)>SC>R&!jMT3vV}grz5{m?
zp&1&hX>uT;%DVIs#C4z>DXZMnfY3&8qQ$K0*&5^ql(#HAwppHFv8Z%m>H%x5S%HQ;
zQ>d$NuI5-SpTtt87}u8WYB@Acj2qR;2^0sflxbI-Xd7`DrNqkU47H+<M|j$k96tmL
z34AGZ(^7(8wK`H{YqG$@xl*csd>vP|4GmFzSV9x7?B~z9eCClOaTMq$2a7obE8D3?
zsYnc6JU2*R)a#~LjBC*V6k4t*ey6r1ViYE?ut?4HpO>LO_XPAGCxH?bvS%qfNw=S&
zRbmwr^V*+C2pJ;?h9E0@hdzt~I<ThM&o+U^B!VtNEObZf6N<##i|peuGO5WeDAJH-
zCKi*G%}*|%k0~|TS~5w0g(t%K{IH9KYqbX*sE&@fYFKWSK=)}|rXPVLrXwlsp4N<-
zu|#+X>GsUli|R6jdy6|Lu(hNRtPd$xFWK=@@3XtcVpA1-d84_+3AqM^C%-8gmN~G5
z=ND$g+_l%S-8m|dqp)~J=F@jryf!ju!EnK8G0Y4hJKx6C8IZeHf}b#-xkl!xFyKcp
zHxE`5g7nrl#OXkqMiPvL07XXUpSyN?4@e$kF?YyKToPSTZx9-wzoAC|wRnyDo}#dD
z&Hb)BKzJ=?+tn~Gh3-3hZT2oQ5c*sh(BajXsVtv7(v!R^c$SU%<Q;3)tdzy&iCUuX
ze;`YhVyAKG@$7&%_ZdVOUB!+D6Vb2%mbNe35ivo#vOGq~uV+O4Q<Vfj#+zUyYBr1M
z@6LBG`tBc5J&q(tG8okO!b1bP7J0cKAnE;`-1RtKm>9<}S1(Ivn5*kP1Da!IZgFva
z?K@z}Lq09t8%4^yt%z2uEmdi(aA@Do<FG%;n$8HpxP}U*WLjBBQpaFh8ZM?L=mpQ9
z&ELC3(T9T#{-+RL?46R9`}`w$fNEL+5+Yf$vS_2kRqSt}W}b@C)Ds5}XnQfM(o1x*
zL#<>c1aZC0eFt`zs6l_VXq8zwzya^$i+U6(5Zb5utb2ApAvK<s<g;>L=dn}Lx}Re<
zBC7mor4rku0CugWGSGoK9b`psMA|Kcq}(=d>%NUN1%A-QY8Wua7%)tsU_J1l5~-?W
zCr$KBeo|pw-%w8@=_q&FHNko8ERk5@?4Ut5t843rYVv^U0gXKdhpu4$n(nr?Mqx_Z
zf<PI0_Gs^hZ&K3c57`x@mQ=+2JZq$OQ1`N7-OCn4VmlzK0@|@5aT(jU3mhWPt-9m+
zjCDu18Z;G=NbaLY7uoid;x_-EGKb2DgO?Zg4Uow9Hy=RWw;N<f+Qeq^(%mSMDUO#W
zS!R@rj+?k)7eH%k9{fUnCW@Prov2pw;OH+LA#d13eW%s|3mTSci3;$!PrWXfPWctv
zDURI{@KglyH+h1yUqPMeb~RkOE!S?T2>WDX;q`+u$cinU#P&0`76(MuQA0Z#lcce<
zn2Nj8Mf1xh-|%b!)l{X`lC<)$S;R;&ATA~{vf<ofV1nrW6rIq~CKgcK8;?Y2DN;R|
z<rZ$-B-_n1C6bI-dpm71k3wmwB)rwbA{J^acm*Tb)B_4r`sd&FDc$3=@{YSBCkciX
zytA&Vk5jHjcGN|>7m~Dvid4L{gtDy4)nrZ<l4^!M`q6jPX`Og*V(>!tg5W}Bdc}kG
z1ZnVgPYkSyMUm42i5c$VP$7FfjI9ZFv~t2^x}zr0+C;<1LdoSq04Z^Ckuh)m>OnzL
zRBMmqv?%fKsEu+z0l)X%QaZCGMy}$T%p5<az7OymDw>?@$_!-Ifv-L5hP&MIN_t_8
z_%r|hzBVFVCdsFE*ArV#dOTUGP4`rPgSM5c-;pcbI;iN4>j);%ndR*h70txdm`%BH
zGTWgmxW~5&qWS6Wrz%y>HELsEN9)y!q}ff{bfFDrk;j@LWX0mYNRfZDZUAgE>+ZMs
zqg-^9wZ7HATPCPw0A*G7ToTfzm9uGsY}!@IoF{iEuR20tPAL!GkcmGIWHZSNUQYSh
z1Z7p)Fl>{3*8gI#KJ#i}u#FMeuEx10T`@atcxp=;jABMQ9BB3V1rOrc9V9OYsB8~e
zHJ`+9%n;})19aUA#J(2ncVo54q6|KwhFh4T!6^1Q@1Sm=24?+u2LOs$X7PeKv}Fox
zl@Hp6zZLCpx+EIX{3D4=u)Xm7!t6?+!*?8IRlu7CpCy))B^H_`HfRy17QE?X4|o+d
z>6PRlrtt~-k$}7jHD!9WO?d8y6?^ESEl9PF;Mun55}szCyPs=>qMX7di<eye6H9*f
z2=UzeNuEoF(Al54q0D!=$+Xl(gE0~@7<Q+CIih%AiR@=i;*|?`O5&J`>d@CfLujxs
zqJ$A}@)JPy6M$wI3{3G@oWT1tmUzV}g-aAK`i3Wz#>*F)7UIxZ6P;x|&1Eo6bwOtJ
zxbggU0B93+lBd6;+KN|jw;J??h?IFZ&snkmq8UQ<6qsf%UVAP$)obo>=sEJ|#qMp^
zg8Cz$sh;Rhi52|uLrwf%&zA9aX?Zt>(r~f4H(NtGeB#>7w9;)R)5y{nm`i<u=)%E^
zFv`u3w+Ar4;w*w|roL_vc+fO|wRSMQ0phO7xlP>lMO`D;u5^wh+md$$RcT1l(Hlkr
zm!W)THIOkn?*LLk17A?7;riu#XD;inVK{WaSD+v|xw7}Eo_g<NqB|4YLdWtJ`^)WB
zW~O?XK2l`J7ntM7=2==;Yr-dBL~ePabVKRZH><R0^5hHn9~tdm^VYv-w3Dk`1ml15
z+*4Q}Aj<#7e=RwCr+=lZ$tqe(Xkuueo|wy~I^W>}!XhHr=|&@PSpD6BfoBfLU|}TY
z4cwOT)3Y_)%#e3kpM<{zDiWTQU-C*|WU3?;lOa)^Jj4q|ymD^S+^9!ROkJ^3sv|s>
zFF$%N=Z?5br%pWHpD^`6mLs)*;UMZ!g$~U7?2$}3nnAvYK``L-ssoh<Ze#6od_Qzx
zln&cj_y*!GW9_Shl>@)6jRbcDDj!(ZAID*o@O>EhXquyh0|ie4A$t!5z!KUQzstZ$
z6T<=!iGdSK894myFmA66qtE8Y84{9~EUCrG{F5bf0o7EJ`J!y0Jk!$DmZ922d2N)T
zDneV{Y~FryG1~rDhOHR|Vg5u#_Lw;wWJ--I%?}|~)E&OLMHJ1FZYY;9+43Ci-7>w#
zL{*-#x-Z{s4ns3%W+FtIvuT+PzQJufYaAnrlZM@lxZ2FsA9SqcCIzQO0#PXSh82t@
zrq2HO4TG|$``%iEqa^)vs!W-gi~ZqICKKbqjTP9rO{N2$R5n47a~iiQv&&2K<W+~W
z#^cBIjaU^C<|gW#hL!aeFd`iVXQj&{-X2KKzoX(>t^F<itnaNcbudRJPgC06`2|P8
zgtBvZMG(y9USu|TlReoCNu6Q5;`i_w2PCi}XY3O4O)X3**vPs2kf~F{EqFVCvJ|JO
zSeUF)Rw5K~5-sV@N~|WE7FOyQrb5b)AA{>)tBJb&$AGn=cc^OO3rx}r9PjNz@=2BV
z%*o<WRaSU$=VsZ0C+bQVxU)Go!eE_(?D5$LuT7!sc5HUuvXM52yoj3elk*FvS%RK!
z1au>5+V(8jB-qjWL)#?EWpFvEB4(3pBhpJ9L#j*RPqSv5TqK_F0WKX(zM~P$&%&x7
z%G4~A5nl%(Y$mZJ50sfqX)~xJJn|TQWt3cU-!tW<b+Z<I7)x=KTM_W;&OyiuOd4m3
zB-_<>dO2{>LoX-HD`ZUQpK3H@xz@(AlPOf}Uy^KxP4MIQlPm!V2+Oy4KJ_F6fr*$+
zSVK5z3ej0?93l(NO~<_O4MjVYUeM8St?Z&Oa#nVlvI<+3CrxAxJ(Ug~XEb)qrMkcE
zed_77wGUgGe<&2-Mz&bFFoxdW+ix@hgqLq=3jq1!84;tY1x@vGu9f`Rg-D1P&^PS?
z!=|q+=S5Rdh%N=~$Dqh5=IlFch?_!$sAQgT!<gaFbJE!Xvxjfj8_8OabLwOxFnE5)
z#O=V4Hz*Sa&hKL}H>^q1KlQhGpU(*L_MMVmuUSWlX=CNTko<2#xA&eDYQT=_3v3DU
zJ*v85F?%f20TpY;N2xu!dD!YQn-vnW(f1mS_H?T=L@w4t)EvUPh^V{zQ%DHgP!<*g
z3Swg>Vp40o%I;0dpQS0>;DU>Zo$w?@o8OBj&>OI`kExIxqk^0Z0mu!ZG{XJvIwlfd
zpcJjJ39H)@RBn^BVs;8|JH(G`k*kFCmi+32J?&w<VtPHq?*^kFL+58cVN{aKr&HT*
zUn<igxz;s<Q%T#B-qds27XXWbpYii<x~FOqypM`<BoE!Go>b+8UGsJcuQO5~bmh4`
zXlvgnRL_b}Nt+j?Y?73-Q@N<i%Tl?>%N6KdbQO*0L|o7<G@vxgHS#nuKvWmo<iRTE
zJLHd57CYnztLNM0!OE(}geb)|t^|ohSGEO-gv;IXp|n<x1(6#XMuLg8O&UR|>0syM
z#2P_tMhdAxY$ggTL2Skftw3z13eP|;?1#3H>KK1<5XmbMgo9B}z#iAE>E`M~MkhlV
z(z?9a&MRs)%eNC09GRz$(#syWg}ZJRfqbNGW^mt6dJBQSCV76ztv<kou24BQP&wB_
z;2GH*n~F^jK+KFy?s7=w$LjP!yTX#Mh=tY3%}f#K`|<W8c?B3eLdw?vV(9-Am~TZX
z>~X=mW8I6o`Znytn`Xb(y|@&CdT$({Qs2!%NjUX8p?TwSmEgtuaSQ|Z8S@_@;;(_=
z?;!%#)YftZ1PI6&0tkrye^7d6`d6T+R$fz_lSk7DO@WXEqTB|*k}p<Mq^437t`AV6
zeU=Y_^pTunmNCy@kkGu5$^8KN0x`ow9(HhlEW~q@t=w)3bU%?!^x-tCZC;w>)cbYe
z3v7={Z2<ReHI|_Uew(Z0LrhvwTaY+Pmt-JK*b>NMTwI>S7)uZ~#Kb)kZm)i~WK|hm
zskvgb@s@0<OWQk;D6N$`%b?9%-Md<W-pNddHWMuz%|?cmT^Vrw;mUA)5;FD;lO~ee
zL&-%)*0#Z%Tcz0a%(ieixx#2|LM@_FGr6I=8tZ{pY2-}1(t$i<g7KbHdrvfxn@<#y
zy#Jee;*JGozZfy;6l0a;rATT`2Ri&hd+A!T9?=>rl%h+;Jit8F5-yNbZo#thR8=eR
z`nF}bm1m$u8=Cz${R+I;9(71=(pvW9bFlcLi4?O<s=O+APf(S#Q&uvOk^C_2dWyZ+
zFy7^88l-=5jKXcbJ!}d9Ki5wN1cC4teJ-xv?~RE-U!q?K+k?k2EZ3a_Ze^>w_{w0U
z9HXj4hWoa|Qk`UtDBNYEUa!SCgO7-2AdIXE=Hwh(Q&;+HWacDt@zdbBTQl-loqFXO
zPKh!ug33btMBFS%U{=K~+Rh8kU;Ulahd9N4*iZ-Ac#X@L-XQ(4mDSK4pZn6?8IE;z
zGwm%FBuGVOuLgI*_*n8cfD3jATqL>%M8~F$pMwj2jQLdi2C>M>UHhh!I$nTu&bP^*
z;<-LW6wWDoj@N>^(YKJ4>Do^AYe~qL%S#`N*eb`HA4QVHt#32(z3xhhV0nnrGsm{N
z7fMtl7-^V6_Juu(Q;74|q*jMd;Qb^SU!EBvaEM!)`HDaY=sj5iBvkP%A<;z<U;fn7
ztk*H3eyA%r*dbE4Kd)hHETuQba=7Y3?(zy-i(U2*XCF-@bXI9MrZ6d6aHKJq#SEz<
zePl|_c14(s;trGsazwC5AK&`-)5!eKtAAL{Uv1;>R%1x+F&6!Yg8YZV`hO`E{_Fmi
ziXaK&|F#{gf2`W@3Q19)!6dU&@KvS+H*BL8G7?2VOALYG@L9I3<?Ad@vM_hTf6|~v
zgcC*)vf%h8-CUx9v69r(XKr>fb04jDnoXX!US076wFMpk!)<$_L`by72W4W=tdABN
z6F~y{@ec1Oj_Tt=#~4;_`U_&#w5!WPYN+InZOS#fCgp3+-SMZQ3%@!0P`;~E(h)C3
z8dG0ypeM3Dvz2P(@*8qw%DaHz3oA0xs1;cv)l6pUR&9hNG~5k8IPdep^H%511}=2B
z>}o<P;w`BNv!o$)f3Bbn^p|UAQLJ08Bgn-e3(;9ZbhQ26#@Vm2K6Ote1a2ljWo<vQ
zeY~w5a*72-7M8=}OI0*f8hNNaEmAUcjU>v9V}w%y>08=UjjpUvgS9YiBle+Rzg3Ql
zLL_etcZ7S)K+;av<$zC}l~B+oCSs<-K$DU{Tr7!7p2~%k2oL86h7EU~->bM5DhHi$
z?<*{+I;uA}f^M~eGa3wuc4C8IG%obJV-sZ@xMt8X(&F{1X<jA5ejNN=GUvn|>&14t
z2mC^I@WzBTei@o$-bQc5y&fyRy;mNs9+uO4pga!u-G<aBM_uq(e2DKs3ir0+ehc2%
z{_MWD&6I<ye;PSTYu~s+lefE~eoNx$<3Tc{9St%Rub9(<Teaeyj^iPk`o6F6hgPI@
zejFA=o^%dly0sBgdpKXJ&pqJ~Ry9Fsrwh)LQjY6khyJ8DrjKlUWE6Aq1@T#z(3e(V
zdS2RhxNGP{Gywb*ONl)&gBvt=;Tf?hLVGTe5z^iyU;X9xJ7iAD70`V|`@^&)CT+d4
z(%O)<%Y1}(<~Czh-I7+YhPDVRWq9S<*v*cov6*w4YtVn-{jaG0JKjsy@m#{efPmZ(
zfPk3(Gv3Ai`Bl}x+QmfF!rJ+N7r>iUb(Gdb(RitG;bH{g+T=T%peMwl;o4-xSGT<t
zdQKPPSW1%EB$QUlMEk^}Xi#q#$L~|`i)$xfb54Xxre5e@K(l4nI;}ju2TIEbrtMrV
zSYB}+<>;t(Js-s$0nz1S4Sh=~!0Kf}Z1rdx7+88A(#b(5R^LI~x~>}?XyvK8xyDD_
zx>I>_cg+ojM1Du=6AHPsDlzF`#}X{BR|&bU>b7Ob8qG|p*IuK-nT*h_njZhLNq3U0
zvcdS$$d2vGK29}Yyy-fcF5^|GxyHg|0%&o|F|O!n)@^cQj@)%nshy7kZ`{R^P07C^
zkKbVZ^U#er;4l?m#9m`^%8yk!ojRX?Q?#$t2P(nw##CWLd2Ve9yIRGNiet-ie3Hj{
z4O1?)z>O6TyOc^t;>>YcZ7iD{GvOM!8KwBI7)x4_vgSx`z)s^chyjs(9R6l9EFA6Y
z6(NVM(OuP^ZRPb<S<_@%hxhVPtyLy|jwecJbUl};5ueaV*%?>8w_NzvTU!3L6_h1%
zD>d9=#eKw+buNJ2lOAxErpk#sZyfg?wu0t%@Guy+qgAlAxba}jAbjNJ5p1Eg0Oh=c
z$a$DSdWkqNWq0X+eFsl-%<m`CX{j|fyqBfo;!-KxX^EdYE-Mo6Co<5zx4agz$H$2Q
zY%?W!t#{F~Peu#=E5&HJu|<=ssniP4i5(=vOoxtXMJIEAT6@cvzxKqms(!)oy5@M#
zFfkL71@WeJa~<Xh;~Kqv5<+ejg0TLQ*d;82cU8s_i;P~#(*+n16E9C26hSX#6ihwu
z5vtjxDpAoMa6xCcR~mxjQ)2`)g6Cu(U`0L)iXiAQMG+oI&5t<d+QBK+8ZqlU)_Q8L
z*q;O59mydfj=9Hu4fWTtBZTgg^5bWgix>KG6bkgy3|rIA2RhLfhCxW;isBszyLT-#
ztFIR{JrPH*-YOtP9^{RJ)g~IBZv4OTZV<^fz)xZ$nl%Y!&9HG0dUBX?4@xxmaUSht
zrE;j5?^h<>|BQ-46pF`!p@V`8CR9Q!l$;E0gUvttesc87kb$?LSd8wHNcmaB;Md2S
zqJAjYBT)Y?e;a|c!q0FHI@lcMdtIU?M)LqhO6){&qpUPCimTvTcC<&#?C8>WIpHKA
z+^{$>lu8Q=8*juNXj<f&!pfLSUg1Y}Hd?4s9P|X!utDkYCn3W(^mrYzKtbX?;{NBP
zTZZb_sOQ=UneF#X0^fp>FLKYKpiLlXb{`ZJML|JH@wlL>xVShJ6kwENlxq?m664GB
zI=KKgA~0c4uyJT$%|c-qtQ3%tVm|``+}jzZpBL^;R`Vc$Fo~lx4&>g{yPF{rJ?Yz_
zq9ew26!^E7;}CA^(v!S}e26+aLW5Gfk?fq}c6->b_56<<IDI<2{H+(z4?5>*J3XMY
zRpi%f{vy3sPxtqyZX<NNTPsvA4izyPzYqV~qc-DMsmDJbk&$K1X0PfVS?IM##;|6M
zSD!$K1+{ixLo>#*l7~fr@x~7y>SxLA!yD*mg^aOj$lblm&98s10shsU{oT>wrQ<~$
zVE_TKu>k?m{`b@2fBQI1Xm90(?$6K0eKK}-BnT9&MJVwEXd)yGQa_k5lxPD9AkZcb
zX$U4H)7^0}XqWQE=GE@z;nmgEMd$p8)sSgr?Nvi7Et_f=8=cjqiJoeo+Unb?uB$9B
zGbsqDN3~?H$*hB~uSw1=Urxwe@1r#_pz+kLwCgYv!;mB_rqQ^WkfaRzu{7eJ-W5(&
zM0?U`65*64in=s=CIPR{DqDkw=_HBp=>@MPI7|~ka#YfsLM4?`a7w15>6Y6xLR7HD
zqd{sF3s-)#>PFkRmb=zUmL{_G^CQ|yhZ5Z=Tw8JAAv7$;@!`w|G!L9w5?a>cf#H@5
zinM094TFQ$4@NDo_4C5nG|c;WsCUYHJPYnM;oy!ruh#%aRI?G7V11MPEInbH%7_Dy
z_UX6<7=^-c6UTTWOial{qSQ3?{K2X?Q=!GQ2Gzy#^s|N1VtGyY6?qC=_!Z*<iD;_?
zDHXL$qD+}86<Vuejb>{`<H|p|-7Hlq&Mg6I=6tNoW6)E@6q^tobG-_yU2>jc%SK$>
zYL2T=KUvEd!o$vaHkqVJ{i|~tO1w^RgVx8faxQO)FlouY3$|l>IK@G|NoqxQHN@Zo
zxq+l&M<jAecZjwE#hdhbGJ()z=CJ~h=e%n7R2(&Y`{>|8#fhcY>jD{FqSgG-M~OD|
zQu!1l*q&BLXa7xdy*V-V6#}Wzjm(WcrWTm05zA=Kq&_jSEEG(NXhHlwCy1NMgQ&lm
zNfj>*)&^R5NM`4gH6lPOaE*Iq*D4}7AR9OEChYZs#WMjPd9=(nV#sarBF2TJ!!7j8
zb=auBo7W{=zsbkTT2IGVPR(p%G{)ZCjiV>%)D6rnR1JcgTZ>piQe9)AiMowleF;12
zvdT(g`1?$@l(hp9$O)7yx#I2a#*DGCTw4qU7iyMPDvDq}xL5y3jC!Xar!<Zlh9np`
ztgPJWtvk>1z{n60e78<BEZs;*r|DabJw?0m-QkX8D;%LJZ<oY&1c{SCsaKGgilv(~
z`S)xWnfM?}SFwb1tki{>G&n#YkN!eCIU2IGrQ>1=xGst;#Df9*End<(ZvgawsCL1V
z9PlbCvB#~HzMDc=DUJnVMIm!S-}9t>!jax@Nh`V3f<$_+gA<Ll-5q(32DO=~M5xPc
z<CSqGDd(X9ft-wbT9==jHfSP@Mt9bEc|56s^T*frhjG!GT;7kIS$eYxa3QXGDCe_t
zaP6CMxNz<9y0dYaO<vTj_Vn3Vz1q$6XqS?r=08H#X|BakqG!76H+ZzYY8QpoT!&FM
z94zgA3q`~$1Z2vmHM2gh0yv_+FB_8>-(40|7_7ZsO0bhnA-^cHOu57Ltqe5BD2KXf
zB>;qAN-+vI;&sOs6Kf8d9_e!rcWuJ$o3ejOonhLVA5d;2iUQjAoTg3fh9;41hoJCx
z#!=hM3>i>6q{_u{Jw?xE{fHeEq>Rm2(&o?CSmDxf?&v{M3r2!>_E+7bY({e4-=`cR
z$hqluP)rYAGsTJfK;=f{a0_s{<Tw-QN<%3HArz$83cPK(2#1H`1J*0OrP+SNy7+YC
z^EME580z3{iC?wY*wr;=>Y9RXXqc|0kV_n0Y>fKHO#GO##Ls3`9m*pzb?;x;2iL8m
z71UZzjbBYj@w^Euig6BAw9>$pB5@Ob<m95miI4Hd{?Q|(Z=HzsCCpsf!$vS^PCYdg
zmoGF2b;2O{Em+55#DtTB2}fzIn-~Rt*lRHkCGt)m>*TP5oBJ4c{U)aBxQ?l%G}4~|
zInwlqB77goi6`E7qszldR|T~Zr@chBWwAIB)UJ%V&6htu=*dB(_+Fsi-QB~DNffbv
zgLp%*-kt|dH9z|eQxeB9l8A8MM!1fqHWP=lZbq7Q67dSk)s2jusuLxP(>vS4ECo?%
zeYIlF-$P0Z_m%`^!2k4S;hjlkhmqZ_l0j7^c?xhip*5~gfhJ30I+@L#ieN~{Zz@%l
ziR&UDY(k&1=XO+9j=>iYtJ#L#3Uw;SZ)DPho1c0Fj8M$IFj}3mPDa>J^aD=Qg{*pZ
zR>jujcPQ;kn0HcpA}L{Ftkx~`OHr`gjw_jRinpZgkpcXQfD|9C8$&pkfuW^D?fMAG
zc)}D#xZ8*s{7V+8+t?8;PXr*0#LJTFu7Q|}9Ci(?c^}rXGx%!TK<YA{o+?|9X@4wb
zo!V#omgXhGdm*k?<JN^!e}sL%Ckww0QHp_Aj-uh9w3~;X=X-R~-F(WX-H3okZvx~&
z{#=@-FOJdC9FAzx9tFo14}2f2tkJn3>AO~d)7J=#Q20sfH8YRUR0}ieA}uEgXb4`*
z{#t|)vsePNI#U^ibE9|Yif_nx7szy^!lMO^T|C!NC^-5{6w?f<48+sIiBues7>$Q8
zLG!iQ`%piud;FQWaVhznT($&~uG-T{FSk^m*Lc5`<(eqZnKf)JwfFa&I&~y0#+M__
zXV#xaJFU+fC(@avDYtE;Tgg{561n4$EkV2SHTw}c#_G}Pn*`^(Cd&y|V>5FzYPC?e
zV2KxS0;<DYD#vqhum11Tapbfw@!s((r8vxD(e?X)QI!wj9K*22eT$cJQaXp+nBA9@
zcj*y#(Vw=z8&lo|a~k(OJp5&O_R`pdJ&2AYh7xxkS#?e;<m5G2G;j>3$sec#Mg_>J
z66#@G?j)7Zqrs>JvG*#%NT>?xjYZ@*G~zMJFg|xrzLoITu{4QSO(N(XXw>w4$FhUg
z+r*ElK-1qB#MHb^=&~N6KTu2QBL2m+uOg+JxI}A_pa&~@uz8XG4)6P}PnN>of~5CZ
z8l!AIH&Km$vyA>I)n7zQF6Bp-RTfL`dJAhvmAn3%hRPiBv|UT~ExYp781?>5n4^bl
zy?pCsT%Wj+Tg9Vc>hwKUTvUu<25&QUo<1NGJg4lFv4+am636;zckDL&NIQ~_?TiNG
zg{cLVmo+*vwB2l{+u#kKq<QM-(1T&zYlU|QRn36JAkvtrI#JTJSuzULQFZ}(lkftx
zbmm4l&AzqN4?>i06~Vk3-{5FzIZH+cnkEk(oO_{DlgYH!{`j#pm(A)n=PbOX>CpII
z0#O?Ix7byEDsUxhNxvplCy&WurlP5<h+wBusp}-A?1iwgIN@rRk|!!Rxpln`E`IYJ
zSG#Fw%LLDfQ4BE0RAq2{(@2t9cJGhd1RdV&(EGbZ%FBh)mkbpg2^urYM&^q3Iq;ih
z0+HYyTrsUo)&#5Ee$KOfApCIL1%!Q}5rnM>_-L8x=!vz(8ofr>h1bPl724BUIHt}8
z6xC%ZN1V2H5@jZ=a4OR~b3EL%<WL-sovdB#ePi}V>{7$23_9X;g57McMSPo9H*Yx(
z$;(pPYf4S`3Y<z@xt9h;Z+vp@{pu^lWvHQ4n<<Sz8zpFw{oyXzA+xOt#}C^*aos#I
zs4|`{tuQV_rQ)}~>C5fOx`0&P6${m=r2!o5CXRZ}w$Nt72YET84P<4BFbl|UUfoI+
z6>>Nm0P_on2#M7x0Q8019VdIBsRg$%{;uIgJbt`APreb^3L|4Ih8Y~A!=-D9iGa(7
zvh!-yCmreGZ|cg?uMqhZfHYohp<{u!X!e%~Lt35Q@Dxrw?(es(eC1UI0fwK?irL9%
zVgqU{OkZ%P&J3|$mgCgjO!S-~tvhh;44|jE&`1yZ{a27Ll`+M2_Yequ4?xs(>!Wu5
zwpqbz&&}t+&q#dZv&wRGllv|V90b>YeDdL)J3&b61im?EP(VqBUBCSjp)@SZL$BpC
z(zM{%Mffuo-{h>AKyEKNWs7)sbY1N3273Y0ke@bpIi`p|`F3*P&nX}nT%JU)dP5`;
zn^1i=cTi9YTZ(H;yb#jkAsQ8GWEQNSdlaMZy1#ZDmMX#v5saE(Ghbu)kDdtNctU1%
zo4^P}PJo74+&?w}+lA`Co)n&wIAl)%>RO}Lzh+_`y3@)>8-6CeNnQmXP%jt)2$cmD
z7XS?Tn6XQ*?;mN)k<1_+*|1nwPi<#!jO{B|H}m`vl<&2DLdQxEeioq$J0XHMV77T}
z(4ZWF-;@!N?FHuA^8|hK8;AWW%2_d9BAcLuruZWiK8af!mjitOx!8P-R8}Qx7k6HS
z!%=K*Hd2{@D+`52objH$DTLi|HWWkEA9jKV0%6v18?)i*Me$sdUh+d%+5~4jQ3AZ9
z41`Mcejl)mkdgKnUpf(uGf_jv5}=y($Xa#K7j0<S=0YHu4(M7n1F8fMUN;uj14qb%
zOZBLT1)y61x_7Y78{z_YP{w!6jvKO?UWfBk3HRLjZAp!wN@K>Fc=)!I-!+L8wsB()
zq1wTn2On)hbLRv}C?oEpzXH)RC5^k=618(A&U5>8_B{e9_#>z4UD4yWWY8cKbi?TF
zYf?MNb|SO1glT_visJD;qZFed$>8Y?cW2!|*v>k2N7NkeaU8FzU8|VzR{2D;rq=jm
zC%K)i0(%F(dE^=)uywpq4lLU9vr>R|KopMq_S$U&gCeSSZU&s;Yg=y<fo`!}SF;-|
z5|G~#gMJW0AYiBUoAP@4q57>F*>^_^F2>FQO`t{@F)w>Rb0B*(4kPupz5oVH;BL!$
z0z>ilekDg<*TF3(<(9W;Gjod^9Ih5(DM|fF%#X!X=(}=2FG2Ax7Vjz5aEF3%wT(G3
zIbjjw<PlH4!^&H7@&>HRwto5yZptnuwIb<w1!*14uI+^=-zXCd8MUl^8{qLQutQpi
z81nZEP+5-6h~ma67Q-v>;uQQOn2n%5*Wl>}G;`(hQO-1jYU-GNkGR(Ho|;)2XG^WN
zYnfHUjl-$7o0Rv7RoY6Ne{xTOy^lYm^pT9*H|LBX$D>s%cQW9#L2|M2&k#ym+r}R3
zV*7Q3bo!CA(yV##9wnK}mt9(RYw`MyDN$S6yb9ie_1>$%Ei<R$EJM3oYy}gM=>*sb
z4LTnIe)#^L<^wZNXLgbZS)WJS+e|NA?K4v%khLJ1W=1HT+tCgE%k0OCTvV}y8Jhu9
z^oA(2MsAgPVI64fsTWmfu-qBzXOj5O5VP|O2N}~U3gfrRboIV(4!Tt0?#^*}UM}m~
z(ke=}aWS71!>_!bAQ0ieG_t{AnD04(z<PlIhuGENUq=Eo<-AeFbU0sJ`O<50YjkYi
zy)09#TQNN4MdBgkwr<qka|-jce2tODR?YDfK|eT-kS2YC*qn9ghry2%Qq7!WxH!Vl
zBNVAYE$#UyOUVygd=dm4)Azz#@9h1*^2tA`*`Mw1U3^Ptdcq~UL<rrYKA*qpVC;-o
zKm8+zf)Q>EThX@JC<jZ6pmH%#bK_CGWkq*%v1JAb14E1P<iZK*#ldwA$`LFfS;vcW
z)pDBrG%?KOPV;LxR}(!~_WGu7Xrf=)q857^{0QC+-vewSB5F(CiLGMvj3;g)t9Svr
zZm-)m@J~)9#M4Y@bC9prgzDwq+x+rY+a4G5WPSE{s=qe&pBs+03YNG-X7-$x-#~2o
z4#yFghKs(_QQjrBY(<~=k0^<64#9)_XN)LGu6=-;L=|E_cZ0Us1688uN;6gZjSM8|
z(qJXHX2mDECcQ@E#CDDslGT!B>#Aah*3QJVuu`ph+Q@>Bl;ead;RaPSa+;L2)fCIA
zHKTAREVU^GAXZRp%1^t!lMWdg&U95^4_A&vs9_>1@L8fV!WT%~oF({W>_0sgYA~Jy
zLD*wqa+-GL)_^jhhA0;#^|%%&qw1iWGQvzHuBcNqs}nobNuEyAIL#2>*{9EcC%LN+
zRCqNNJ<%!#hBT%`7-NDP^>7zf-F4t3l>1G^Ly5Ufsu8_(fby=B;UK*jF4hu8dd711
zn21>Hj7D!E$~srSGUE+xnT5qymj1+q_ymL>X{bvSUrThSYf6vEfgdl$GA6v#vn#xh
zG9l1f^MUe9QQPDKJ?75xG8@(^<)sCt4sp^MUunFO{kp<*lLg<E^~L(JJHueB65*}n
zpzf+U31Dcsb3p7@{gnmKOuVRvs8_{5;sWSY@t3hy3TX$SoUTJC(G5^Q8+KU((4g}b
zR~gm%c?R)$db8DO@tsjSe-ClA)G0&OWpK#ZzG{oCwzZZ-ds+Rt<;=GMdbtPNoLbHw
zlKMt90V8_pMs-%VxYlExY|9uXbv_h?!j-EN@D_W^?r{aPJLkkq$m4AArkTa#hh(EJ
zO_5d>m`ihXw%aM2;+<{bYo5#(yBMoOkQSJ&vvjtFI^Iw^j@*y+=g8b@8>7vKM;^%o
zPBlE;6KW-C;~4|Si+E&>hYab>aEVd|Md{MSo!*>p?^f@_Bdm0;{jbLY){5Nrl!c!B
zt06_qj+hY#QpR&S8u8xFINRp$nGk8!yRFaJg}b_RVmBqW4O}B5z&U%Sjy)lz$LZrj
zRSRZq!BLwPNL`^&zfYb_U41(Y1J*-9Jp4+ZzYUKFr42e}c*C;ZLLJsg7ju)YOEp(o
z@}JHEo#FXal(>!+Th*EuaD|)HTznGvijy1Za!1a#Wm;`quGo62aV^Z_g!w34#2HKH
zkgO6KRK2H_JSAosS1t9i!23#*8~vIeQ3t-lw=<VEvf%Qat^5t~aAhH{#+^qc3lpJh
z2vuPgeu^plfTzHl8(cvg{jayBA&!a!f$~=$+LY+RSpDdPN=X5=PR82ASRE*>O(&K7
z>R~ecCAx06?hu#<JoCXr6MI41eRW<!dJ%jLlMPg|g;3eNA8!zg3g{z~4o)>N=04Ep
zl^b-MKE*aa(lsIUGd#%W+%Kf-+#5{DYc9=z49*mVpR+(MD=&N2+5E&u0%Duv9mi27
zv*w^Ul_&HakH4(PTz>h=P<I3?-bY8tE?jj=pENi{06D=F(~CQ8Y+|H2L*@I8Uy6AR
zYnN8YAnDSzYYvc7m~qY=^wBJtD>sgB!xTAy&$fXe&;e-34}sosnRR{e9ejdpPW#M1
zl61>!IjNky4afw!J$H=i8wv4y#QDiKDG%P;D>3nDTr2l@8_IgSe^W4z!d&)g{%RdB
zQ}a;e=ZdxWfET$GF-<?A=W;}R|0G^imP^;*_v58q%A9q3Zw(BqsFbY|b#Zx#e06v!
zIfH*(-wLf&ka(B92lHm`i30N_fr#rujn4oe^`Pz@t4+;-j^kuk-01G8=yYQ#-BI+1
z&QxDw_;3td(milUWLZ*U4{ow;p@-I8A^%F{?EB`KRJ%@ygkH7TS{|#Wu$BB&kl<8%
zDiX|`+7~qk>ClYh9nJgvkvYoKO`#fpxyl!1)J9Wd(A8Cg7+mrGgDieoWGvJQBti#O
zVJ9O<Qny>Rqa<&I72T%BBCIZ|y~OC36#`#x&ziOq<8cK5dCA**s~L#jjdoC~M&!BM
zit+PYGvHTyO88i_B#btuWV==KxV;XEOU(n*Rx_i|mAcsLd%Q9OHag}htRb@MF3<Xe
zmn_kRWwY(wD4ZyVjuPJXhnOCv2KV8<_n8M~gHz8#7xD_{mgi<<&uLe``ea$_eehh5
zTas#5paaAvvIk@$93J~IX{^DhLx)K%QJoY2<?pOk#vC7`$QXmH%2g^py<&f%%PKtc
zim!{l`chbRD%VV4&%?6~&^96?`c+*Wtp);p88d+=lh!a8ixz8o6HJDyCOxxBw@nu*
z^U4ygXFhijp`p-*!PMjIMm3vW6>kDeCC%SbhNt!HcZxhf*t_bEdJ!I#?`<K*r*@3C
zh922J!|%35b2b)MyI^Pbk`zkUFO#&g9TSyWxDGT+tsO_vW!rlxk2nvkORHQ*nJ;et
z)pPjQI{Du#=zVKoHJ+eAKp;^6vxbs?Z)I#&`S(^v>rQ!$b|@-c1qIC?YT$NgH;Mw4
zw7QZCz^r4gvo+RknH#jbg}#04U%_M$Ly&uo^rF$9I7U3&I@hxmgXW2{huVi(SKfCn
zuZLq}YCs|O>=CMXN%?FBpa`sc3^C7RaZx*DLH6@{F(Sx)Hx#nl#%SNgg&8B1Ca?x9
zu+5CKOv0jYQg)&lorh+hnnYw+Su68&(|-Y6=#g_x;}TqRn43!ABjr>j@7B|24`pth
zi)?h5OIZQe7rm4oA_FG!iYY_cMdj^u<WApgxWQfe=sJ?YYcTNEbiMOBGLmy!Q<V#q
z*%plB&tTV2@MRfTxU`RkiQV1_SkuZNn_02xmVn>0$<H`LRK&*@(<^jm<R#3Ovk>aS
z)kC~8u=)_UiW!MXFVQdFW9tI=z@(gDlA7ve#UMoEd-xmTs*~D<R%kWk<}jHwHR>eQ
z#*y&#W<6Gzt;dobV$Q2{9Gv+Ko~x*VeIP$3oz?bIY**>}MxlC{5@05cv;}Ziu^+2p
zLjs_+;~W$OU{cYvMKcVp*~#glm`yy^Z~Rx4zXeKwYfV>g!_<uZrb-i(9c~K1ZKK>v
z3BcaUQDF#OgS&Bw4BGjf>nM?GmMu7{*>ob@P=<}6GtnBEPQ~^3QDOYHxRR1DgW1`&
zO-?Dy@zf1fY50;_0e7adpS_?z#4OD!0%tWyAIxpp4d<xfME;Thm_~}6ild`7a2`H&
z4eMARowIutNG~(5#SY0|X<0l>b_hL%EMnq`_>i4p4LF8JAp4{?vEhF^7NE43V<Coq
z@9jU067=Beb`q)Ht(n|WrkSE}VEy3}pK0Q29vo5K4F~tp3=;Nri*E5jnf&uaS!TLY
z?V_ebth|y)-Z%jAc#=PHV_aGXBlPRg&>`$ITyw`)@V*!TQKYaM9e3eH`~f=EmlN?U
zx>dq)jgj4CTVa|9n<)|;_T?!5PSj$EJH#biBK`9l`!!BJa`_iFj_Nl?9#J_LLQ{7c
zosMF&xQ}9o>t3deoUjX~0{UqlluLxjYo?@cLJ6wV#Cy=_wn%ksMAB#6mJd0rKm8(N
z?|;2W^x}QLq5xit!6&9}h2RLy2C4hC7EHh>i_lpgS|NH2z8<M7zAUyWS~n$caxO-w
zfs!4rAget+8w<RHI|$qld`d{HNF=LM%(X-;qxVm<{;To+-K^8!BfFb`fq<O;P+9&v
z9RL!x&L)mVCic#D|4+k9v7(F|ngEhdw_amRWh4|up5sn0N<*}#u}}duRst{r5*%Q2
zWzu?Jy8GmW=<?TWBuU0IsI>IE$nYsJh(Wt`R#9cgW|ybR!p5)9pI^}1v?+q~421eb
z!q9g_73y%;#Jy4>nqn3QY}ljJ)!#!Tm+nc0m=!fI56pNi5Jl)ojk%cW#bbk1_<BI7
zZS$ByhGQ0IU6tZZ68ay0F9+pj2&Cjn=BOJ@it(U!Y%%A)0EpLTWLMP@vg^lc*~R<V
z^Sgd#yctqg9}8!}=5Qz9ikrl6AR;Ii1dq`oZ^j~Xp`vdrlk}xq#Va2NT|LPfpP%7v
zfgnPvM*L*-Jo1HoP1x}tfnHJlygwXPx6uob^_2pYk0i;u7UQP<^izWeD`Rf5^$d%S
zak46Q?Xn6f^!XT}BHz-W7VYVV$Vf9ZmvcpjYkWeOs$&aBT099~*#5;tYl-jd+qAcj
z{c?H=zO1&Igp^Q?zHP@tverft=PTW_3;32I_fu%|tMco|$ur0Sz1!{A`e?1*0Y4?j
zoD!k<(TO_hmV7(4qc3VI6LT8vJ6;a@u~S2=dGKHj#@yn+oc&*)z5L%!N2uE|8`b!O
zhJTz-!0|uY0B>(+Luc=3XK&)@Y+>T0<od6Z5fsELl<jH6r6<Kzu4QPXCX^T!nHL-P
zss4Sg0_!|8%bq0tC_U}9bo~Uq<kHyW6b0Rc?13Z=)rho|G#xMuXz|?`l}jY*onpc*
zb=yBzd;hBB-$BhKsfbwt0t8e9{y&RV9Dm(*kHsq_)k+I%-tLa69JFaHARkW*&GsV$
z&6{E;-)`-qNT*}N!qklV9qkL8Y<Mm3W`)q?-Bk-+C@@II^{I3GDVy1hj{oP+4+wqm
zObHT(%pZ7&qSr{V0aIBa00}rFzHsm&R$~@pY(v}@t4f)Wa_5)d=NTbJ9q@ZH7hzfz
zah%3s7$VusQK>emS8o?MsgR}<`QjBcG;^FR#rV%3`pT>}u>$n%bg3eMdmdTa8XDsP
z^YD_R*0z~AL1#I*Dd#g*2kYgF7$daIbxQ}%R#p8lDO-omF%v(B7*qqKs)0H-zw2~y
z5s5V$G^RkVL2gCoHf8cJ;(IA9QR>kqO)t|@{>uHw`XTO7jG9s+v7aK(v%B1`ar1BM
zn1P}s^DS1K{e_}l+N>fvLb?D{np1H@;ZT24_%W^=LlFQ~4&y%kv?;r@RLw5aw{Jx;
zNABeYI%2@MaOqNKqjk5x>Q(55Qmm8KYw{8d=bCgv!hhZ3u@t+np&IWbv?<#KtNNr?
z(u%w;dW$@qfiBi);@1H~R&UlV6tb;Iy^gv@p->tp@FmG+$1<7A%&i>(B8U<ul`Rn4
z^O@5L!WhWb8@*Y(3J`pBu-5NI)?U^VCLUm6)i!I!fU`sZbr!Fic04DYqqa_kh7z5H
zy15htQOgyX_~>y_>}{*{?Mh}8+34IniE5<{p2_J(;dBLH0cK&kT#$K2LW^840wgID
zJ|JF%hhm_)xB6mO-@Q86LH61RT*HWhp-1O-4I&%`2niL0kNI;y{PO9;7`g_Wr(&4A
z0rqUEUt!CXV+Z^~+{N+nNM<x;h6v7!!*FLo?v35DzSoCu?*6RNxIymBRc6d>BBDu(
zts~v23BMw}49@vX?W3#EhIS1yIdrEtIx(c)LH=O|e+B#B%^(+v5lr|G1q1B=+THa}
zGx$IE;wLNV{Iiv@G0B#{1<g_m92u#y1-z5$Sy)IANhT2_gpGtR{e;OP)b>x_W@F?V
zKV=zp99T>CN%1f_YyQ7Dd#CWsx^7)J6+3xj+qPA)ZQHg}6(<$jwr$(CDz@$H`u_RP
zwZCs)*V=3T>);(H?d<K((?)B3w0?JhP#@pK1h3m;hSSx=`}4~K_76B7DT3ew4(E!J
z9b4e?mSo{?Psr{+Lb$@YB)P_5=T$?bLI}0^4}@&tfi2P-1>AY;J86U6g_>~jV0n74
z-}$x5T$ZiUb(;4O+WM@$s<?4d`P^hRFSYJWFqUxEtirm8Hps?OJ3rJWm+dSkJM%LS
zcK|{SRJfSd%=_U-&}?pNhX!ZL>b<HbDTH-rSuwtCbhr)-$Blu@`?TpX(wmJfJ`=p9
zyNno6Tyth6+6U5)ugU?;&h35cDsTjPjB@IN@Il4y^e_72tiZM|PagaWoOXmCDvjs0
zAEkLr>E<mUR8K+5x`$+}RN)H(SiitcV_0GY6o-jHP*b?@u-*NOx!7Q>`;67QqkMu_
z{cxGBb&t%Ujkv%+rpHP+;h|PGo`U=u^QF9D?`#0)_is%N%H3p&!ikhgWOPb8uVuZ=
z=z!BooZn2r??L!vbmo`zZD(t2sB}6ZD7$&f2%_QSb%OK+;Ql#;<!Q230a;<eC};~3
z(gRpT&I0v;69A?>^?Z-kcTDRGZp8zH89swk+_?j0;V%8OpM6gaCeWBzcPT}TG9(&t
z6989asg@vY1G<7dX?RFAk1?h(f6zv~290^f>Ui=xlztnUC>s=W)oh1g^O6@p+MIE&
zDa!;M;#+1-C~3uf1|*E`peD;F_Fo$PyAuDYQF~tSSnNNMO3?qCiQ9iqt7j^$+afa}
z^4iYP$e<&w%_VvLl%KPiKe+V=x=~F0g%U1Y#zVx39dF%UOYOx@)!my-z)En_191%_
zeoY=)i>wTVVjgpVsdt!xIqlx{{(O(w!@FQA--AkBrCF;O7-A)&Jq(9{ioniW!6g0U
zp~wik*fy8RplCCDkP5}ES^Bvilg`3oK@W#bDJLQ~a!=S_5p-{aTrA1Ffe*7G*}|yh
zT<hbW6U0~>*PbSICwh`KBdjdmUR%0h3W+=1b(&_a_nya~-K2HOU=90VHzQUXF+U7@
zRfcRR_d50Ev!oeMXjhFX`Jf)2S+R`dncR%Tm0DgNN-k4n)Q*pPXoH3EexwL}u>xju
zCH+`6rZXlfYZhm`I3#afA}zKnVXZ^+@kd#EKC+Cq;}i;HNtx(G7iCQ$T6|^dcMe!)
z-V-^;Mrd8pNJ+e)d`q?8!O|Jng6mw+$+TVjk}G)ug$WUR`D&>N{l*JqhNda}GgL@T
z1ak#kzmDY;Z*`-;roJeC|90SZ-l6L7tkW}o8)t*=KYR|&YAb{*<+P@{{egO_jsRO6
zL!E4c2{fk+Rb0xpu&cx(MG?QKp~;)?lXWjx!v_Sz2A%?K39|1WJ<{#A<U|5v4Cg(_
zGx{f63m5_HsmI67X$(9DUVm8A^dUrrUO~1Zr0|(ia|PR>EV~UKBiM*VaAvqAq1(qg
z<0ac;9^r&zt#}N`{iVLYYwZ73-_jrTDe&4LRs5-buHb-x82{rs$KA%dQB}ikodePL
zsT$GWClQ0(q8YnH@Mj(^G|Nh!1^Sz$5^`#oFf_>lhx)nS)pbk-b+}ay0`LGQ$1;1r
zgca%4&s1~0M8R&}bu1-4WW`zB(7>ex8^YK!0==&;LbXv3N8dxz>Zdffx#;NV(Y?a>
zb`E~Mct5+YjXXmUBf5rM|8JHSzLmH)zl;~`DWe$Bc*$#*TgiuH>3Z)pn!@uM;y4q&
ze$1H@ICUhznp0D&D1r5<gYlq9vONH4K$gE8@$`GeL$oeVf)o^xdIHK|yYnXqa+6df
zJ<aHAV4ADHBqiRiIH4sYTp{#IS49V2#5M2AcNWc+F0%|}M7m<%Y7+w@jX&DV2J1j8
z3EuV>^4C>20krH8lPJ|TQ}qa5`jOvoS^G*vu}AWAj!cMTu5!F3CG<v*q(`x4h-V1v
zeq<QWUo*)ySfd0W_>X4%B6_>|FnR|k)``1mJ=SS=d?_nD6fFzLjk@2565sVOEgj_z
zg&0tuXbBRLbl(bNDVw12X4y3pO<I^N+K(t0fc6wJHZOI%+$bL}+TLAX7zOM#w{w}<
z30`ctzTmr;ai4u|;EBNjJg3<8XK-AGTZFvzm^2nUKvBI4Ev7kG$p&%hu|#B+8Gr88
z`s;r&lkRj+vniwM^Kif8+mhBVH?4Bg*$+@yTja<04c-Y(=$dmb34L{iuLJ8v4Fw^C
zF6WES2gGnYW?Ob9H7p2e=9q#(_K@_r%^WVVU~6$nWup$2>TkW3O@?`_&5$zfDMgn=
zmo{LNaAyUy1tFOQ$;D>l65mRpy4F{L#|G%@m_=dA?cMY0-3#v|>@PlZ9xE3EK|<HU
z=);4_Ua6C;2pqj%DtH-uVs**co_oCt$~7Bk@1A+xc-`0#TH$gbRkM+6l@a!@;G6$+
zc^FnA;GJ;wn)8JXacEBi+lNKT{+8>NLN1b81?v=aJZ2xOy-LWrAxT!F>3G@&*q~_x
zkf3$6NG>VS6r}C!U6q9jZGB{KXHBl|^lIPF?*u^;My6wX&K^9#dPYCEZ{$)JYl0cz
z=n_S+km#astX$#xuA2rtREvj(INT2VUBJ88KYSI`oLuV6lUYC%>J)Fu!I^gsUhJYU
zJ2iWHU2OTIPoIUjtkE)lTnx?_He3w(mN&vC^Ci<P^J`-dvRA#>mh@Cr!k2T?aq2v+
ziHwJ!EmIVdW1}%uzDtx|(&|>qNKY_VHCoZ=?lx~2B~_(zw&%AR!_>PvfIi?HFI`(d
zApeyL{%-hxzKFDb1-r-niG)G?hpaB9|J5`&&5NRZE+utF(PHfd-iua)UI!5X=h{HR
z!Px>SaDU4vg7b+xz||67DvLWOi~hiT_wSlZ)ipO;v(S5!dnK2QR;7zsLuTSJcbQss
z`gqK^TjuZngx^NGlrz8*#S_sEEgb}=+g0?YanL?|CI~@rdJZ+>jHaowuh@4$#XqVI
zx5CM`uV6F|N#dsW0XIc*TD-|HPc*37aMy>U?QiU;s$KOZI5!`xux2)QSp~q(!wn;2
z2l#4%YN@W1N|X}XjBhpplOKu+(w=e>2H1LLL7rBj2K%o#!C^W_>a4;*wD%o@E5biT
z&fId@w3>1F{ANAnHMk1b_r2ML7NSFJvJWN-4Tvxi`A$(aZto>HHZ7s4u<gE?=#V)^
zl5No}7H0ZJbUHfK+d?c>fIPr8tQl)^#YU@_SRt=-*dqJPyubWpy(1QNFBrvjL(2(i
z?a&`qJ1ZuV6|IAucb0WA7NgCsA|EB^Qn42twMTK1(kp}8tnaw7bc2b-m9|1af$;sd
z$WVqJ>3c>H$-8NGqC&FIZ|FF)v^rGcCXz*(E<ANQRMmHW8ZI`6Xah!g3nldXito>Q
z6Z+dCvU(V_-1hIsuf8OPk&RIYO3qP9QMBGuwUv7?-lOuoo*)d`zOjzK1e^vnXIMLP
zNy<H^9Xmk4NbH6f?xY(QVfNW2Ud*CX;QAf36f!}1$P-XZJ?2VqYA0o-Ya)wjjL1nR
z$d&^}9N^+(8jev%D_H1Ewt1;H5WN7brmc?ILw!mU)*gn&I-U~Qix%!2t|PvIc>T=>
z{ou|Om4{-%$fj1_)?HjgOvSqQWa)el$6-x-8oi%I**{{GQO3tjP3A^a;m<Y|Fq;F<
z%60ZAvWB=F&kxN3DbxHZn&$M~MoGHh#@ac&dIbm5;e+nXh>3Z2;Pp9mVQr$`X`ex-
zqxijLjoGoUx|EZ%sidR@EFF^f8B8?WtR3GdPGvF*yn>sr*)|8KK1JcNKGGNQV?M#K
z`h^ydxcaXl>J~LG<gP<T5*>dNDy7Z&3i*<E&b&eeiIHZqtQz5rQy5e>=F>Ld?Inus
zGgQu{3I)%N3d$YSBv5TjN`^>$adcWDJzIFnbmY(dDs{WblI#k5l1Lh&%u|c?^=F>p
zIOLRd%E(2wh^i0UhDycjn9tgZ&H2IfG9z9p_*n*BgEd9D3Ou#vk|#-$uG+e9ACl9N
zp85K(1CoDt_5X*>hfxCjf5qlw{r_e2b;uhUVzDd&|DWJ|#Q%izWp{Ud0bN5{{Tt4Q
zEe!vZKMe9uINxNV?Q_OoaK63&g7a0bW!3cWPS6R}6`cAT6zodYuC7%>`GqX=gd0<j
z9d6M*ZH`0-jLtZKfY;L$UQ6L20Dr&K7I}dyFU`nVL{aTmEBly&ZmC#ah&{N(cUK(+
zxGFuj4ki)_t)VyBulGfZw}lfS?LJ^^-IqK|8*|_5tWtDc%&OAQEObHQs(ht04G~CQ
zvX{ip;+ew=trIq<W4{xi5!U+}{|cB<VPaqq`)sm&X>vaim0-4YAp|DUSuVUN{h`jr
z(*4r|8Ky?sn8AFP5Dktdm1V{Rnc7`iGmH3u`Xb4M;=Ke&1UM>VseIUA7fKZq8XX_9
zf36#T9;xFR+hkSMxp3cJEl#<3fIF%ho_kJOFDBVwW=XYkARxxz;k?3yc<@p}xqLAz
z|Du_jG}0xma^|6e$zni)P|~bDA2zr@K*m9M!RIBFiuT9ClzJC=e@tBZZVgR9jFc8e
zP7GkYm*DQG(r<af@n+CaZ5UnW;NUAaUqx!3n)sFESZp0aQ?*WYG@7Wi?_8}$j*B1V
zB|&VLHFz}ZIHL!W&MFY44x{iLBElfU5isRNassmtogMoe%oiM;a=s!FjC_x7Di@RX
z1-zGnJKxGT$t3+HuB=bS#*nx&_ZOQF|G(ILEqPX>J5*#Rm#lxW`7-}v^L@XR*&LwV
zSgPf2`6cz=Y`#Lb{rZI-yMM9y{-)@EYQ0Jaq>lYhgaqurw)6f^T30o2{NJGY-mK>3
zQHHylTYYHCO|{ym7S(**Hd#2H0%{m3jPk1Z)W-`b#M5-=D=e7iLhia9p`rahzkMp~
zwpxtneq)E)$jI=TdUCqtWbgiZe+JtIj8Q34$Pk2KQ_-@|w<Hc-uv{`o+jhBcns-&(
z+Nq_(wl+8F7#SZ&?P$K1FI6!>l*5*?t~WxQ!PXzlufuS|diPtwfLEHf?;g}FBl-55
zbMB{>dKB%PV|3AW3z6eHpY!!gPTtXWp1HjCSIyA=z7x&9@7ih7+Ul}>dc?`RE$e!i
z!1d7Cv2%u9FEnK8VhG|z>QauTOhTS9aK}+P1<3hquU9p;A$o0OVK{d@I(#tv{Jy!t
zKDgEMxZ#WChMAQOg)-l~vJ3aybL9GxpLP1XMv-h)sw{_kA<b~fQfIDRIC)dX+{Vcz
ze~hMvw7?`$q%<0H%P@mWTu+Vn=O`1+2la`&`z7M~@$=U3&E^`H(vhL9hjhMs*k>Zj
zhXAaIhi+Zm_U-e2YC*LN$?-SE#K9|l2xHQiLKV0UbV|*BusY~Hid%C5eHnu^mZH+1
zoNMu#auOP`t%-w$^y1zDx14iQ3N#d|mWe|Ou}N5#64cQeV-zuyqs-{Xde9HQXP`Jb
zS?7-Ud(+20JYfqE1*rCBAoD~JX#>Trvb@Kjv>69{2(;t2Jo-q5wBx7mI7}J!t0MM@
zP5BHD|2&K(&zLmcA$bF+Td?4ZQ1-uJ2F>WjazF;VizhfN`%_hYf&C@Uzf16+;<O$|
zrY!su>G>1k`5%b$-`fBt#xf?(=61$H)^<)Vjwb)!uTr*>o0rG%g~z6*1tVimy#p>e
z4_=_o13|7cCt2O^hYWizJ(F#!tJ0a`qWgmG&Y3Ow{h=`Q<m|FDms2%*;x*;5b>y=p
z^>nwKd<B%HFBA~<h9z1{k{l6C;|P5V4UL7Qu6iwyRc+32E#FHF7LAE?)@1cojlr~f
z+vTB;6?MWEak0kN{JxtSUq)};tT1uGG$5s$$t;~<liYpQXr+Cg!Wtq=HlAg|)m~I{
zz{eBuCeuD%qxvY^Z|*T^TRj*VeBBXXlyBAckmhFm*Y2(I8@6t>efP<tRMheXl&&$x
zBfJhB$p`7rf^OWL>EFSICry`$(!;T<J}u{&zle+rJPs!YWtH4Rm{8l4WM+>WThEjP
zl>mXTMk>D>G*Ro3jpYW-Ql><Q6g=AZ@a@9E9cV=s_~s<aJ$Vgo*qbV>x!Me==j4Vl
zhFq}1J#gi2q<hPvj?{@)0jZ1?V~6SsOGT?^pC?hrtzDakLrGrSjV&?s<M%exK0d}b
zQ7py@=&+-|BwZ#53%3iSh?ayNzwCI0E~zxoYlz`4?Vcb+Nb8ZJ247AQz=`kJB?`%!
zHRG%opesE6qNo6wYwPVeJ9@=7bl9Ahx6JKKFE!+Lt@E)&sP*lXfgU&?m`6kl`aeIR
zok#R=q-9|$ksH<pBk%-9(UbUp`j9w5N@%ir22_An&4Nrk8Kev-3*_r#F$)t_YG{)?
zYe#(-UmvvpA$K6hi1KR|i`rZCz2Fu#><LBu1<(?OtPULilNQ%@Mk4Kz9pZbu{0R&0
zhy+|;F{HyU4%_%lpmkMyazqAvXbOO?XT(sKK|uz6h9GZi%sOz8E^Ob#V=mzf1Aq>6
zKhB<!WCIdvk%u%dGhYg{)p$z26eN@CB*Db61$+DI1N<*L{9W|_v_mfb^Wx#3hy(b4
zSeG#Vvn~m?Z7-zB+W@`NPgJDSqT2#es4y=B!<S@W?1EjFXs_8MtzQSW`-J;IO)2?-
zwO7wS=5DIh0qVaf<NBm+I`x$4WIEM+h2IU7(q{;4Bi=;x)5@kLits_=1Vfe}+!==$
z3f8az&In`K;B<sx;Lv&*{t(ks@x?`Vuc&`B?#0?hN4@v_nkpdaA>2Qg*sk5MRZ|1m
zF{ql;_+-Kh%}uqnA#sbr^84x|W<<srbgE0s6^x?TT^3C$w(e@REo40jZ*`N=>jrI=
z$9j>@s`G@khB~$&89A9L=B}c8UlmlTKvWD7VxJ3!E?)mLyA)welU5q9!=yphaP9yV
z5rx+vKPQVnldw%QMbnAio@^qL9X;sAn)+^fq#y}eGi@#AO4iv~3PI<#N+BuU>X-$~
z9Io2W(xzWk2kv}ey3m9!(pU=<79ikja2q{;+6>r@AzTn<g6mo2u@??yCtHF7qHPHf
zrxr0`_VQjq{cS!pXC8)`Uo=8(FI^1MpEfsRNzDXOoXv-`N!F?BbVAG3Yn2Iw%_`MX
z^6@Ro*whK(U;rBNQ8$dNtc}ND(q-f1eAP@dw@nQ=>){E73l5d2jZCphSkKhAaYJtX
z(1KvS84qWnLT(ot!9FL1(KC1Pc5E<1_e8D}T^tMJy4u=O;!WdMC|ixbr}$LZNq_6p
zV+nkCN=+7!v5r%G#{?Dj8tOh}^x0+*15*i#7y-iJPYaO#_@dWUW4`$>C3)kV!y-@3
z<3cHjU?q~tm@1mu`w_gA^_kzf&bI-b!xnK~XVmuKItGClZL>nYqFMF(N)B5y&yi){
zGJQjmK!h=L^Q-BsVD$hp(Gd?;_=xKl3r_&Gv2U8JJXg!E7Fr~r7lEQVUJNUI;49=<
zTiHUu^A9upP|~cB6r~6sgq@Tb#9AZ?Q}G2mf*8qg+eA=UwB5p|2Mqnx7?3srEs{CV
zEkURGSsa&0E8Z0k5Px~-?@sxrhv*To4VwN$i2hR#G5`C6w(`0xvI2^Z83nGU=q#H2
zO%#|UOvFZq{6HGi{{nA&&cWjz#-v&dvcJIUegI2Hh~mR`y($dx7DtM&5lF_nKAKGF
zo>g?Z`Mtlt!u9anIt)0_2V*FHVDz_yhh3+tGGdCMq+XMk8%hqc2sy91Ug!rIQ0Q#1
zr59bM*sA!cY#pk`q;D98V&wH<f`>PaFJp6?T-v0Wgb;=0)kvF--=ELeK@fkRe8g<<
zKXaV6m;QaUFN+$aws@9z$bPC_?J3Ce`?Tvsb<9w%+07Mqv&5l%s&nDoJ1Td253M<U
z1LixIH~?~o3zoi};gh%y;NGM)*?H+$X)BV?%~KLKCNbg)=g-nfr9-k>h}9ny+0$@p
zb!e*<_<Wi*=mw(I(iM(*%P!ns|LnvqZFx~X6&NJGtg`GFC`Vz1q!(1R!)MBRFEq~(
z;(-c-g?95}i+3n#&eA<ptl*Mzw=2fB7p?_e5h*KpSbgalbm4YlwY`twsX5sKDa&Kg
ze;vhnpd__P$`hA)tHNVfMk+gud6(&4Ypx8V2%mxGW7WP?psF6XP_fj?&#MxxuvfJX
zuo9(9pdpPEG#55S5unNZ;nF2G!+SD{B=eIxv)5S-RHlUm@}~_ZOBPku+)EP{?A2Ux
zrGQwn;zdB~Jl%UVi0r*4vFXUgDnEa|)73`b7emfP=q$eWv%;~I6|m;_x}*^V;#uiO
z<`sz4Zj9H25T@{Nbs<`I+ek=tf+!NOioW<lOz2A<(YnINsngzpw_v=m5b6`YV*5bE
zmGboc3Xo2LBMbNBB_ZVf1{GH^xQdZ@qxvaSf)b^-1FUdOo27kh+qP}nHlAbKe2#6~
zwr$(CZ5#7;{y)?Gbx%(wGnHLQ?WESViuaw`O%5?k3N=JMSwg)yK#2&zTR`m~qr|Fc
znS5Cc)g(Tmo{buIj5^eUun1gK<dVGRso##8Jr}`Mq80#$y@a`^j2Att+xby7{nmZ|
zeF_>O>|lTGeIMKUO=OxJSee>5@)bWz`F@PR{K+WQwv$FEVnM-lPtMyy(`8UcVS*v8
zm-!M!37PG=(JEbRDOc>m!|M+Gg1MH&5j*iA4dVQpqrw4zXT^Q$>^`&pH+6by`}%Se
z-Z)kcYCu($U>0ey5Xf*TVd>S+aMB(pni;k^h%;GdrRF13(yYs;;URejj-?&}eM>AX
zxN+D0{=`G4)%_w*ayU9c5**dmyRn79my!UynlP}2KaZxw0=0Uf#ZyTP+Vf>{E4f7r
zc)Qa4N38T`uG<1f@1oinb2}tPm)Sxd)QB#o+vG<g{#g?$o|QbZrWaoyQ)r38Z%KC)
zDd+HnFOa4E_2*l=FWSN7Rvca+m6rndMauQwouF`+z>+xPDS%sTaBRDEYUzerV1x#Z
z-!(%JuteyI_6z{fr-FoL@<U53>P3OYYJ$u>i6E@l7u`Oy&HH`<^>KRUMO1rn;TcTv
zxEZOX%yj5S`h(s4SL4+}<zCU*U)HIg`2e&#gy=_?*J;JzEV5W4lVUYM$43IuzD_yN
zl+g`I(8KXT*-l;OA@)|U03+SQghROSJl=(|d*Gn4K9D3T2J-&hc0U@)8p#@;z+lqu
zAQur$hpcZZs2Bqr81$7Nii_q&8g@L1G{FO^WIy&=tbhsh4EVMir6ey4-q~>p`T?Y2
z4b3)Amy07Nw{dAPtm1yE5%aHl1~=EmLep*^y*^iQK>j6!O#@QX_!mSnY9URuMBoxB
zget0+{TT{f*D$O)BqZ?>EwKLA4{Pha8|ja7p(&W*Ut(XPtzW{X3txXXmZYDi(p={z
zd$ysJU7R^=l4TUcdCCX19(3&I5Qcl}*-dw}!Eu5_NrlI4+s}0)AAcDKg?op)?&Cw5
z$*g)^1cvm4XiJ?Q=jGemT-Hew-$gXyr_d@Wkg$iK)YiCtYC&Q^{cr{^NfcBlLsUZ*
z3^GJkP4kat7{(%`jIG7$u?*VPmyrZhu5Mglh-IsZZ?`RRD=?NxRsdz4Wy%qQ@RjuQ
zHS8!*?W(<O8*Uj=qC<&>?oZXF1E%qnVbQ8no6D5A<WTAwyYkSO<BVoon)hn96hRy2
zwZ8_7pK1LZ?F{ct9EFYdV{l=~g{!2Ff48xWG{r8WZ|}XS;0f%j1TCkJeIjb2@*TFS
zOvFGTG`^c%2H}NOdg<{YFD@Q@*JW1cD!x&kb()W@omSE5|5Q4!fT+zW6|P&)F)q2g
z3vR3D%&DUaQYLOqDm0*DC9Nws_w@wIg6?~!D}E-6#3X(k7Kn6%qpMaFdvjA~#fPMW
z_@i^VH*+`M1?6-y+SP|M$^TGjh@7}E-sVq-{RRvlv6KL+88ElQOxaa!m6jDQALbzM
zvm}Z|c~Onih%%#Dm8qEVUkD;I`%l_<5LjX;W(9o@Rg7!~nXtWk86BfUkF%dilir@(
z)?FI_TDP0_u(y2V`t*?dRW$OYcB@^NZKWA8jH}NqhKQ%qit{HVf@N4ZnPYZXQ@i!Q
z1&Tlh#5?&ggoKk%DF?n=+e*f*ebEEYX;)=AtEYvSB5h!BZRi}U$Dvm5ezDNC5<I<N
zY7Xlhz4S%B1^N4har7FqjH@S5mae+qCCY@){NVBFYj}=SuK{TAhM-6`c2M_iw7KbT
zEfpgU!~dcCx?J8vZj0%H(k0gCz9lsYqjsz;aHtRpjS?@dw^^ecc9Q#INVmZ&yVaTD
zNB4PWA`_mdjpx))kPaGM$O-I2o{*dafBpVhwO-k+zLQV9E6Llu`3{%(4kdecvq>y}
z&?Ckr2-Y$(hvgseg(hS3&|XY|007H}23T$PN8r<tM7o|SFS^#^HC)Hn&t+IZ+=uAL
zU_$iO0%4bB==T$8nXW!lDJ_?4Er?BR<aQ<?epcw;hgLte(S*3u(BP5cfaV|!1_Ork
zbwNRhO2mWG;E>^9pXzxp3UQm-tNzx#+YRkcBrCkpl?__>8qXk$15c;xW{y5VYTn4)
z7)zb=d`^<^oLOjDj+vah&4KwGZ<^mdAEspIBJ(&lY{QPxmUwhS=Asp4kVwVNcw)Fu
zn5`<QfU&k#7wt4B8@P^-<_HunFNU?&Uu)%b9OMv6mDx@OsWBQh+csw%;i^7X4Ku5W
ztQjr+gFDjJhl-OKtedqC8YQIo*IG3(N0pn<RNEz~N-rVIW1q#=cbu*P&NVNA#~tm&
zSJ>J)Ue;;@IBN8oju{1WpNA8ED(U8aKfQE{Aw==OQHpucbT&EwHxG5r4&n<TfcsR7
zf_`F~c!*mXQzYbbQI;8QRKwG;ujWG)ZHF<7RFJ#o^q_}<HIe1d7`#MHN1N7$zUC-t
zIF^#;{lq?>bxN{Qv6KCKh57XACX;rvhgM9=dUeE)40eE2dS|#gKyB6;OF6HRErD_Y
zKN=c;8+pGeR-Z+&Lok_SiV~AN;qN|WsDbyUy{R1r)(cltyeHZ@M{GhekKq)^X9GV}
zLh%{>wySl)=bhxf2H)xw8pxb!ZVzk(=`1?<FWz$x%na(oxA$>2jP_?MB@9~clDbSy
z4u!3q2STn>tH7oN7NW2DUKfJTt=hSll|17t>&1MyxGi$sAg?GvAo=keD_Vze+F>i@
zRi6>Z;d|wJhxzi}$>D?QfPP%a0D`+n7dip9XIHAgY9RDMv;9u<FcaJj@|Brl&5gIW
z4@zsx-m0-}HSrr1pUrZ82iosLNGXfpU@V&Eyh4*~Kq*lLa+BR&^R9%cu?jPcLq6sg
zqu%$HqIK`y&%^Al?t}bqAD_0KgAXte*Uw|&PcDiO-ODd*KzLGWJg}+A6C_vN!aB%h
z%c3e81JgnMRhR?$!&SHge`%nwWC3qE@{4Q$!`AiiZj5PysxU$^bGEc@&V_!iugA+v
zKpi}i5P9>TofUlB%^;s5EyhN5sbJc>xf~+IizBhXbJmF9X9DrYyR0NLlZZx=Amj~Y
zFVZ1Q_SC=a(MdY)@*9-qxC_-SUVT$x1Bqrgbm9+VDTrLfm&&V8{jgT~v1MKpXv~Mo
zMOUo~(&SToY7&Wr{i78ksS{A_Vmz#sR2A|b71AaK;hMSfu$!}0ji#@cRSu4=Zfi5q
z5b*g8LAXCkEFoWCPqVu9KK5~U1?et9{#AJs*ZyiuY$Zn6_l_?U(Bw$xKYo7>7ALaz
z7bpM5C>!FNpohW?)q`0l9L{=2UNkWLpb2;3c{2=%1#7s7puX2u8vXqA{yK?XM4}da
z{8ph3`liim{B~+<H)o>@>}S*4OIXcoWh(1rWD;^S^4w@=0IR*h)!iYe6AFq5ut}Rc
zv@!6*lXRRjcZ!jh1rG^l`GkV>_(L~iu{jqA6hpjvICe-K|8)7Z?SXwPGhz2Jg1hwU
z3epKrU|`;}2(b!9tl{t10-k_e3R`I>Sx~VoFh*b-Dl9V96i;teG@S9m(;9bc0AHe6
z2)LmCl3eDydQ(dFukOThw8w047mf-kceV+_E^=|omE=<txHv=P;^@FIsuT>vluK6D
za3KrrDH-$qDcP_l)s|mXSh24c;b||_GXHDBTC~|~Kbg^qLn2#?axHLfJ%`{vOF$6_
zvXcq685Nh@NWZS9*6a^pFc6L90k~{kae@tE6)urbm0+quG=$ZK%KmdFWeOf4Jn(YH
zWCh=P6UKyCtDRaCHUr153x&sjjEd3$LOyJZOf-9P2%Ca-Q&fXPori%U7s0iY(3p)*
zx2#kT4SRkEF=X;;xPFP@ysM^+QKQsv9kmAx1%3EhsZgF-gHyF7BH3gGakDx$`6{WN
z&Kl%mWZ_*z0(@L5G_J@CTyQRuKBdn3ITmGGO+8NQ<Q6Gv;e>rtg&w$1k1(Xw!x@+j
zchx>&N&&O^@<atJUDstz+A=V}r+PP#FSD^hO=eJ{S_}4FWU0YS$JJP0(gSsESn-Df
zEC&$>?XS~A`)$aqk!`19$%dX|Erw)n@R!XTT<z;_)w9<IAPHTgC(+X=prMlvIe@%l
zsprQZ@so@7P}rbF!$yc-{CNycaR8r@y4$+l4h<rJ)~}#N6nfl{c|RfV5S7|o;<bS^
z%@EWk+bLW_7Q?yoKl*}Q@2vR{PU2oZ9-7`_eV#k48`sFTtc3!|_rfpGu4EEkI0e;%
z_z5e0M+f;4%t#TA^i!CkKbq)u`ojkrM~>J}7=w5&&S6!SXhzW&i&wtyhqrWZrThe6
zDd;5eettLRetv1ci<s@csUyEa8qGfMjH7l@a&irV(U(Snln_LO{^3Qo#F#HhNGByk
z2U@Q&H>3R}aw1F6Pkz}h+w64x%WUQ5s6R^Y=`Yb3CWqst?TX4)-;%8!?}uXgmllcK
zJ8f`mQ7OCU4bNk*VV|$azjmwTr_l#zPIVdh-bUZ+t6wUryz6c+S-B#Kp276zG(O{@
zZz@-MkfA<QG~7Vmxey3$aB=Giau-3Q10&q7BUHqq9{w?(MV3KCy42uBjvC>WP`a<M
zJ1U$3g8P(dWlIwtj6y_N;U+lyMiUkRQi3ZM0gqH1N)2h6L3xHruUTbsq!Y$H9qln?
z;WMxSgQTRQ<xa>BPlE|lS{?KE^ucp&%Pz9FnC}mQ`+_u<frS&r58>%1WfsE^@%w=j
zOA|+=7XwFgg!C?{eS!@U&HfF_Vg}|$ox^cnQe@yn0h<!trJ&On?T-{XT<uc>wK-c&
zP;hruq%-DKtpgkrC&jE8CBx5UF~_g^I)+4BRmH2!G2Fe>N4~+k*?Hz~V2~G-t0fj-
ztdZqfLw1rQYL`4_3bAH!;uXgg0%mHnr1-JQ_v6WhmM61*+iHq8tJJ~9J<9Dvs>i{`
z0_qh>QIobxm<2;?<|vcmk01j4QH<E|W*tKK%L@R8^q}pcGVT#a%}#=logRn=U>~Sk
zR}w>JY>q~E)&zR6m>!~(dq8fy=oQ1Rqxf6fS{GjP(cvtj6m`3&2>ak}X26ZS2&DbO
zOF^H2T^hZ^l=k)$g`$7mTNvwvLLYs_AgwY%H&y<0bi7ZMf|93CSY$_ovXhn*9i?a(
zZ@8#60wM@hyYq4v7{=sf1$Nm5A&)sM>gibO)!hVc(0Gt@psQ@Pl~79MY_X3lCakY#
zP}8#Xl+qN4wA1yxn0c}-0#DEn1b)u0rG~5pxOH}{WLy>AyOJ(+H0R_%SsEgRF1+}_
zYW2To`n(KfcJ$6d#W`bQTNKWAPh7;`MMG$%YwxINY?{w@vK2R$I4y>|ED)=1Tt$k(
z17QP<ZQ(#D2sN5msgPTbsn=~KKE)HtlMS})d91?C64(hpQqJb~t^76hbw&x?+|mJ>
zztmKvA=VR%_uTQNe;Ut@XjrYpd9g*hAJ^4vv{Q)ep*6a!*_Kg@$)h<Qg+#xMy*oI2
zwv6Vc7?n%4Y0E&i#Bnn%9F`AVNLc9^fZG>T%aVNvs=%i+4mN^2sGVj?D4;8IX`O64
z6V`k243iYB$g-|T2D&#+JJM%oJst8gtRl?2Q_V1K7Y~7m*&2iUxmW6+$<((y=VA~*
z<q<p)fiJW@Wxp<C?*qVX64}0c48(@KnI=tsY~wfld<uyxjfM75?vK5O%ay_U2s}4k
zNI}2dfI-ogt|INxJ17a!2O~w9&~E<pzF)^fj-@5?$U|f!(aW;Y`Fpxrc`7{F3bj*Y
z1IPLWO~OASZt1zh_fBf`q@x9}L`gRFkvC#|X^|l~gz=Uc*NMGAxaECvWb9gYW*N9_
z89_dFnsK^gt@&Iq3e@es9^)~?Vc0T?lABAgl3#YveI(*$Cv<oD*fb?UV;i9}?NkYb
zBT(L2Av6xddBMWm9G0A{*+*7DK+tdL7e!YIqI)6k^6~6rT@zu!#!W`^UUypKOEP)+
zr3qp$*o4Zutq^%~vk~@o!O-0KdqVX?bTTV$c6f;5bzQH^UT;633`^I0*~w-VTTW^K
z)n%l%Z?gpzl-C32n6sZ8sDp=>f*^MtdNIHuaOKmjs^hC%3EGhArz^+lmRg6`heGZG
zv;8K^rZNh`LhA!T=v-FuHeht@_yJJ4gaOQ^v1Jn5G-Es_K~$TC2z|2}TNLVK?5HV^
z8b0bos@P|KWxWd3!$QS_<uiu8Mn(2jz)cn%k*J3B=BMLej2cl~r-G0f%q&nk03b$g
zH>$+#E52Aj^)t6Pz;-e>+G!j*=lQPTU~^FKxN?N&A_XEXt~R}uu3~m)z`7Einnl=9
zF&0rw8xG4!rQL0Ml2$3pj=$+{9ndyL-XQ%z?dJOa24khnlf8`n{Eb>8OT?btOgon1
zOvD<xIf1EN`l?SJqW+eD|9QfqiohO*3W44d5<z8)Wd3W0mM;OT!8{d!CY34YQ|uIW
zb_--XqZ1@}^_5(NV|cpjG<x~k7N05+d3<z#Ph)eQ8idJ6WfRm2cHuLwYj`nR8Npg0
zzn_JDlxSV6TkysCmhw8peNkm_!gOJgJPPmTN6@ys`+X#M8U?6Ei$t~f>_`EvJ~=x0
zDgf5_8Crr#ELtwk*f3weL1-8Z7w<Y?tmD+bW&r`HsqgbpgRc_rE>Z*CHgjCCMShf2
zXY6;@H|$dt%DafXFrd01xhc`LWk=p+(&%n=9=L|UP|reRFBILHhQ)XXqZw@<THF$Q
zfU_81D*^zU$O^~1-)t>@J0%&P_DMbg*8R0_6k7KFR@Tsi|4bWsL?%`<VUM)aKFd5J
zs0lrql#@ZpGnDwO(M5Qkg=<O%sk|Z~(Z6MNm($}U-Q_9CxBECRFCoumK~{dsHDOvE
zclJCN`WL9heoT1^uKnCq$S=Amq`kn$#JS#GYTtX^J%k~5NXAU>%duT~k3Hf+gKMJ^
z`u2!r6!U25@6E08_tI&a?lf=Za0ETZ0KB%do2mBvYV2s8<l+(?%k<D@v|v|Y9mxf%
zm~VqI^weoH)S5r`1q50yfg<-x_|}AP0M-a6;<i7@xH(1DUZR1!JnTqMxXfMRrKI6D
zfyF7k5Nb9_g>&{@K!6n<;vbPy(^05k|B;Wey-ZHAUUCufx%(>yL?rxr+@||K5|R+Y
zNx15~9)hMY+7i9&v3b|};sHaJEEl^i@)`CN2)%v!LQb1|isB)rAr1&xu)2|9K02T#
z&{_&kKFmXmu%mpkt5TamUUBUz9(C<9OsFiHSWbUkOQ?BS%Hj0sIM2%4mSr6vc<j}3
z`kvQqf&kRVWjgnRKg(%n=4?91*GeVd6r`-S;uYMH9s+8egSugSHB52qQ@0lFD(Sn9
zG$L^kQs_umcfEY8YUiE2f)MWwrw7T0r`QA3uhKRrF{i`3(;|>T#o2<guUb!ome~OO
zz%$QG_~h@F@Id;2r3{2<-D{{Y5V7*UY2XYr<3rH!!p@a(gT(437iSH`Flb4@r`ctm
zkU*#`*Ta`0&=u(i8-PT(D1)msfPqn-7h){G8AsyLUR(`nb}m9$x3P^C^xE6f%M0Wz
z=7PgYE5Zvd9%;;d#Ma(Ry}lMCSOpQbb^3=+(j+S8?)fGCe542qHP84bDGTExt{l|>
z%WXPP($3m4g)ri7%(fa#jT^6Gx9p3exlQf!Xj|>@Zxk5}v$SQ|?yH%jjB2CpHoYuX
zHlv;t7yxO5KF@DPhFb}Q`@uW^+>u|#E5Kcn!~Gby1pXeM4{oM>6phheR3Y83xjHRV
zczRfQ?{K@8_qOEK`UUfNk$A<p%sU<uRkNYu%(%KeInnX3rGe;0!nhmc&D(xB?@*w1
z|11v>KESQ_p;dcE^?}5LyU_bJ+a-G&<0VwBr026-e-wBHbl?n%hPCx-pgHOZE?0%F
zZ>&=gd9)r7@c9{a$@benrtJgFnh%M+#l(wQNl<AxGq;*VCb4$dLhF8{twcOcTj#-x
z8Ydbxn=kT_!&HuL1x^KJGE>K6NkhXiM7b)E5V9S$rlACfG0jpLCw<pg2(sw`&h8r6
z;(K(`#vg3Wk78>Ng2WMQ0+aMwwc9e=;i5(ZIt>^`jOF5CE;NuOS4%PFs%^QY5TgB=
z#*Fx*rfc&FkAusqflXRT&L?-$!kiGz4<je@wg-bALJBd<EZvCjht^zJzi>W{cR}%O
z+eqh~n@Qlk%fD;r{gv)7*KQ@BGW9zht3Ua)y<DM_-He&K?%xPSar*LV2>o`wyfL7=
zIk0^>fcu75I!8MFYF0(QVOCRcKi}5+9*F3K#|^oYI%m*M5P4#wzIn3wbVV%U!@Mj_
zpcJ?O_GirzjSYG<U|wWibu;6}&qaLEZY9)Oz}^oeplspLCm1bi--hh=%~qPJIGUj|
z^UVtT*5DfB7ORT8^NAeo(&ge|F!X1V3zaT2dY;z@{bh66aujCfWlJ&Xz{`A${r!+J
zwK-}9K7w`CjF?HQ>ncPbd<o6_?G4QAww)`*M9P9nR+d8xH{x4-9Mwxj+zrD#O1xyx
z?NFay3_;HxVb|_EGw@|ujMw#pR)1A1t!39qK{rz6YMx&7JgH2Jzz5&D-==F{_eb+S
zjgN7bJn$*El5N(zhxb59oe+7^XvvfCjk`zkb8t^IK{*JgjE8fxn*gU41R6kRk$b4b
z`IERyaxzFuGk!QWsX1IS#TYw`$TXpR8U;9zrOFT+DaIr0&rH2YwMf5PvkR8zSYn~T
zpm<){Cae9sbo#bYLfP89Ylugp<LaPSAt@Wmo6YmZdlBHJaVF><$%VdWz^ggAlqT{|
z{Yh8yf)gS94@K+p$t|7A-$-wM4(_ACvQpYLL2ZE^bh{P<?)e&#Sk(%%kDAb^cPhOw
z-ZD>QF3rQ#^CU`L7&n!fDTi|fzdB1w9kwd)jybHl$(5&c65=?$m%}m>#UWUCGZUQX
z{a1ib#~3sw*HN>UfHHh_F6QRm#IYQh)Cn@ULMKZn&vAU#fy>p7b0SnP=Q>n+(OLdu
zxoL6c&Kt==nS7z_3qM)F%Hx$yy=TPi=W8W6s$jhrsmyDVs~#0XRHtu(W!6N20Pd)~
zACvl?Kz*J|4Vyp$i!bE|sIscWO}=n_J<c7SjX5BTtkT=ZEaO9Bp)z$h+^I>v2vY$I
z%TOgTx3?4$*i^NGgACvjLn#F9bNOH{ezY0J<^4^CP+=*}KS;T%R{KKeN_KET>a=o%
z-66uTj85t09R1Ggt5osvIBi*b?LChMiYx}{OiFOJyUkVc3~@BLmo4lyTtaAC6Y+@6
z3Sx9}z6^Ti^?4)ST4h9vfN60P6g-qmqE)%}0?@u9p-F#pL9eCJ;4szO?BQJcwF~c>
zO?-S$i`RXNyt*u6vri78&YZ#AagB0L#dAg%bHoc*!`fFG_*eELYX}x!{qK1G&Q?rc
z@uBa%KA&#yK@+`4%}GM6sr(SC1po~MU{#O3Q^<dEh&%t0xxkBWy3}8f)TtX?2TRKl
zzeLdJB|N~*VCys;xXu?FT(QYItC!m7w4fGgROa7Gj1O3^=-jQxM0db<CE2#zg77Ga
z-+acj^Tlg7d1`hC9A0(oXlXb&tQ6g}K^xu=AmNY1SMM@jPyS`wLECNP#PZUQYvN)}
zW!-Z><{wE?c<jH8EwT~>p8=doKUjq_Pj)tE>mTMGdpMP4aw(XsFe>MMia<@|T5*@h
zP+Lh#>TK@jxT~K*)jl5Gjod<T-U}y6U9F9NCbv_?p8pC1z_`b@vxS}M41`ysY3Lw_
zm97xCdW4~NTo1*0BHcQKnFc)Qj*AnIC1t{b2$^){4TFVmw%+n>snJ0mHj^bPu62PW
zC|>29Puz)GTvEbQoTXrLkz*(xae)acu|AuCx!CW{gHdjue98%Tonxa;6~w^#i)5N)
zJ?Ou_54re$54Mx<jAE<jSJYO-kskEkDZ1ocWurZ6hvP=R@uSv0@`+TbacJgk)HlPR
zB;q4U@+5lnc28A=7kJWS#Bl!?N=a>Lg?+Oa(n<j!HTNloNYNzk+eXaSIz!dr2a1hg
znhCBYEQY0idbMScoa|Pa<cqK<snR!L>dH^YTFlt0>MH3d+x^)}WtUzkz$R!m*8kl;
zc8%imMr(q5@D8@g>+di11;G7l#RE|Q{IlonXoy%RdyA3haUzy)+_2$NajMWR#b4N|
z^<(%!mpkX=u!A&7`HGj4CGAG7*c|QJzt6Kd1y+nL>o-}!+U(~eZc83my?*c7Ao>38
z&&I=5+<v!vZCiib?xU0EIM<lXUt=)4jweE|2`#~5x>(SS(2gO@%J$;yDt^)7kLZ7E
zS=1XcJLvyBr_Hbk7IG8J#xU~C$*D53`^e8Q!1WWJ81xl(BGc(-$Z?CVrFTL2@5Q|=
zqz93O8=qSOWVM}+?~mTrNhtQdt=l?*8S!Ebv~p~v1pRo;h}bY?lC%$%-G^^Yoie_w
zHUH!QSk6lzViEhL3%{lj$4M*sbx@L<I}=U4I_e0m+EUJZ2He{cRI=Z^R$p_6eZe0X
zi~e><#I*z4OxqoU<!VvpI2*pD8{q2wW^}!OhAi>7R`}6%jB51x`8~z|grZA*!IIzG
zDMW4fW)~VrGc5>N4f{z*FMJc)=iAViC5?!UD<J^WZ4V$~R2A!YLD&;0N&}_0&0f1x
zUBlso%9<F=WLd^J`RH<e$i!vWKrx{Z6Y)i4a@1yY9DQB0C9Ce<eBO6<d~PzI5m9{E
z+Jith4R!PB+H)a~4{=DY5}e;^FXmoNlVNvfVx$(;1M_L`42Hh}a~h2f1oac8W#UeT
zpa^qL0hb_CsbNj0L8d)IqZhkmB$rb4Lq3m~rN9Z#%xFC>DU#i<zT~#sn1mXcU>PME
z(BlRdgTwU?bfc7;NIe&Z2CSMG*wBVzfNyA%>WtwXI)h6l2dA)MErzcgX7D*2o0Pyc
z=3t(iuiKA$nUb$_Gp<YHwtt13tivpPXB~zWj)<p$CLJG4=(zP4FG^RK)BS1SV!0<N
zqD4NI?cU~U|71z~)Gn6BfI?<*+fQY|3QUULD7mpfD+F3!vt#eS;o{mMRcm+$-K6fv
z(%AO$goN*%3MN{w=arp~Vsy={kP9ixFv|a)eg^QqTC|}_k~HD+xNxrnK?d=>LFTSI
zL=|4mj{E3_Y7;s}SRKwpcpzDI?wmw_4t(L2F@-mrDv5+*igyacUa|l~DoR?2o}(Jh
zcY3l53+56}--t{Up{l%}dvdwjL0fOT76nMtuVtSSi`6QBXDb~i8$*rddU*LPMw-(H
z+Rn^iDBoIh;7Jg#Ug?X@I%JxzSf@Qz0K=>afO8?g$MASD(D7~k0kYxEd{)*&G^?h(
z3j{6P>AK!XHhwP2*J~h_$o#nVhg1s<HFPz&s8Asj@{&(*%Pcn<ncm=!ise31v!xzZ
zOfor{MDKKUg?TWfiDK^}4H?J2=qeiNn-E<;tJ~3Qf4%G;SUj%X=T+n`KvY1o1iON*
zrwt{6W{wjr(KHBjK7VMYhqzAQNh*L5@e%sYsMKHu7XCYX&Y1<WH5+a{<uA^jv|ft2
zlotT1t}6A!&@`Ng;=ZiKp&F(e070DCiz{<>5S_q`JmLAtB?kIF2-}n=(U5S}<kXlq
z?J;?NIrSAmD@`;Nqy$Hgc+b-gZi2B(MHN$CrABY(BsZqjd{<?;Ge2)Kuh&-TL$#mV
zxtqjDRakdK9v}9A@@#Pz*qDwN6-iewcq<&PM58CLI})b!A#}h0_Gia&@-re_V{CN1
zuU<e`Ql_afA_NBsh3#{q2__<!lfiln9ZXw&j{3!)kN^j8hC+vgy)vhC05Xc3<c6<N
zoPq!yNF|I1VC6lVa%xeS9}I5l4$<`BF&RqmJiZ@95K@*WrAlDNK%xlde(Kp74}=>G
zmd6<Ko@k!=*9?mBF1uOYOyYug@au6X?};9)-d}+}gP{+x&oq_MT?;%`mmKRI_*i1P
ztCJD6G{&DfEzor`-3pxG1}-9r6+W34zOu9zaD{Gi3*1&gGRpPv{sJgn8E{bOYy*HJ
z1xmfH7x(Qg$3oOxWT$?Xazq8nMbD>u*lK5!F8<oJ$VHj;^cJo6W`?dHxG3hCHkdz+
zs6hxCT9+d_TEZ-EKh>$FV-c-s?S|X}PfwKXr4tE$TEF)ocXW@=p>@~J?cuN7wB(9w
zH-7fd?Un<+*@M;QQvMgS;MZCMa?6<}SjitTgg(S<V=*6n45dv8=WBKx<B|g}eVtNa
zO$FM-lUp;*T6$F+)eq?+IN-?peBg?B3MzQ2`PBT)zSk8_IWT*!r*3Ozrgvzi86Now
zGe|wr+&2xbF~&*qQG{+oW+BVR_Sn2?UcJsyRC&GMj-%7t^w(U@_N`EYI6w@Dv(4YT
zr_hGX?O)TY%U3-kJ>hM%aW<}mc8Xo9XMTMJxlp-4lDz?lLn)OaR#KvtqE*rjY&P}c
z%>KL2@mj@O(RkyUR-v>8wNxnJeqUQGeAyzdcf4X|CpX`2CjdQRr9#O?n9W(}0Lwmt
z*1Q)zeI2Hvv3<JTIwLhzQr-@;+D)B?Y_lBG<SrPt3qNd0TK{M6ST2~7OEhIl@bc>0
z(uEkqbzM$8oZcx7o=KEgz1Fz0r_GoQHhSWAD9I`x%+6*@)mZ<k+_uf8)p@g2xPF#J
zE69zymYaNo8!0-FnL_EA$z&wQd@bfjeWXqp3SP3C`e5yA!HfvrN%OndgG9zMd18&1
z?fslKtmY`aT}yD-?M;<7bpt~E3)3IZb-)yUm&c@&bM-&GmO2d`LBbd%ShG~njfjcD
ziPJZL=_uq7CujIZT@yOJcVkL7RPB!F&TCUOihG``pr*FzDRv$+CM`at{EV)?s_N7<
z+rLZfnX2y;uh(mCV>EhbvK0|QAAN1=QMdK*OtNltWQLMfe-SF`nbGERbwh6S<s`0%
z=i8w32n+<0Q^^dH!UZsC7*fma8p6^B-=MHPkda=X4a3Pl)<1{=-3aRTI7{-B3jG$s
z<o*z)Q=4J!56uLaP=(@s`2_AEv{XadfZ(=1(LE=D{aktI^9g+{dZUM2Nt<*n*z)t2
z3GZY2#Ac|`=-aB~re_b3TzvrmBva8#q#yu`T3W-m%8bY06y8w42xrwdbCtfPQvKF+
z`&J<NP6q?vpg@?TAN)e(eALGF{JP8tj}Pzc%*?;{nrT`mt%xH2eO(t1^*M5zq9u<L
z`GE_yhR`V}bQweRqlU`1u!<A3Hw>!b4r3Mjn0V$TGn;5)IK|V=X*;#cx{Vq|YG7wI
z)7{wE>gX!7%f);C{Bm~!%J4M>2^^&F2}wYaf$%hiERYl2sTSYIzJWL`QE5>x6jUyu
z^g=^fKvlYqg=X_F9J$bn)2pIn&Vwb=3ER9a+b9O}ntsC4%i=Nj<{q^5hKR`G0Z_hR
z^(8o3LD#iyx!HY9e&bt>Gj%#EQEu*L>p0g~%$v83Uocrt`!nW2oujbs%pi+tc~Jyv
z6K0w6MctDids{W$T>N)w+4DxDxa~FTMPU&kb>fWq(vPV)VA9oR_`3cuA(pq=68;pA
ztz&+g)`-LX-dWUnE*X4nC>h(0L$U8PuKL*$F}8rTnJEoka#P0&rd6*t-mJ8)xv&-K
zD4`<QNbKq}WE5y))2g}=l|3MI?lRek%d28bCQOFyvM?h=BVNBWfCt@m=~}W2f{@Xh
zP?^WBG?a{4@NZe73I!>~^Qz|ALo8d*b%tHzeUtQMd(WlpPvsOXuCYZ$3w6+Wgy<vP
z+D@YcO_q-f{@CBF_+NP|J3!Ud1RL1Hn;Q@}x6r*Cxc=>Z{r&*lt?fW?$bMP@dkCzp
z<2^hQ5Qvx4of{v?v(N3-^H+Q@82#7`rz@^z%ldNGRco%u=%{^_I(i31IJ1Z8^H3oo
z>iH+x1foBM_}0V<XO9FLz}t==ZY$vJ@0^pdG>R(6*#q!unCdU_XT2`Q?$<tB!?z{a
zE}b%<$l&e_O}`VpQQ@#iHEH;iPqxCbKjs)N-I4EY=u2H!t{~+oA?b;fEJcktP$}&0
zSMvHNq&v&lcR2!uNLgj(jtd1ao<+nyC?1E@88;2NRmw4F`<<tvFt|`W#bT=QrqV|!
z#WIPRc1EiVvE?-}eM-~4CZ4mJ5ZRLr4IJ#`RS-sUfWdG=;@?u?wMH~l0jr6+&x?@<
z4@FT;>x>bRGbqm_@(yeqjNZm{Y2xt^b&za!QmT$72~-q}%S;{K6s17@pSp%0l$C4-
z&iihwRfXi4$oTchXT&dO#3!SX9hiaUMSPDfmpw)68`IwrbK>)nSfH|G(&0$YSrRg3
z=Eu<>)XZaLMVj0>Uo4Opq;&+SK2mWqtq{l^%|JK>v~<u$*oM2bBBydLlVIXBchUxL
zMrAZDN3A{6Sh(33OZ{h5!B31(5CdNsPXPAAwjc6IG)wH;69gmRB)s`DIfEGlw+K!P
zmZr~Hs|asd9-@vD4Ydma9L9+WdFO0O`OXK~&?f13flNrz(nFfZvQvI{^G{C)$QQ3G
zC|9Fz@jIFjI(*3$ysK17PfQ;PVH2_Y#3}Sx-wkh=PN5R_6V*tghm}S2vPVY}>u|bX
zCDax@BA1qW9hz8j?W@NVH`fy>zJYR6PwLyAeNvCN8zquWcbPbn=0-^PUT@5w-(8ts
z9kX2$<t;oQ;J}?fc34~Wzm@&j`~0}LnN-iaVHG(@OiS9cqY!$LFCcnK3ThCM6K|%u
zLv)~80I~YyKtFNY^-#MTcHa8h%gM@%UV?pz^8@`xtSdcU&b}Tlkx*<tT=c=)#(M2L
zW35VuJgf9gTgE_8Fv}t$!=>bO%yu}c^)_t-_)H{X01ue+xr~uGB59+#>2T3o54E|F
z)acE5WVY%JWrG@$i=+Tkj?w`Yj=Q9=P_nyD5&E2D+Mn6<6fFdA-qIbk7JMFs0+?gm
zU};Y_$s$z#t?fHHBMnw<p-;De5M?SjaZZXbFv}xGu=wEtjn2U*!^51N`#@|2CS%NP
zUA)QQZnJs}WdHCLK|(=)GrfcjO1fC574|Ilc?_T=&Q?R*exwEHXAp;O$5dOPgd~O=
zTF~sF4uE=@PjfvS6#c%}VGt5ZC2Q7%YgbF0mYTB0<dCe}V=AeH1tAUJLwBj9U;{#W
zlp8;Q2*Z*=`f)2R6k-XVT&Akl185;;aZS>;Oo&lpeSKq)CPCNiGq!Epwr$%sc5GWa
zJGO1xw(Z%mv18tOzw3w_w>m1iyMAPzu0P#<s!k@Acc_2}_B!c6e|&oaYP0)d1GgI0
z(GcVV{@y%lL{KcxzMa?G#mX=Unu#Zn0_LvM4SmMIMX5LY%iH4S2{;5JkRql~sfi#}
z3Nec2J{1N!n%EcvgDGyYB>SYx@$XRAH`i7zv4fN78s0wsQFsA9@~%!sa+MzellO^C
zqUq0^e1Q%!696HL^CEGj2?>q2P^aMYXOG@T(xRfdz*6iS!&Ez3DEJE0gC63fXq@z9
zs9y?U{Zu3C1=OT&NfAuT2uC2C%a43aL?v7zuQSCnIJ0>VtGHb(W!aV;VQ-fXw=GlA
z%D>Vm6`<l9OtB%B)}s~3JuDDJ^LsY1(woz_jkr~N%eYy9&0(6d0|HS+?)sqdJzJ&L
zWX`6#rwRV?&kB`323U<w@#4B})D!RT8jq}!fWUW(d{ET}t&6|3YT)XWFkhcc`gT^>
z628K2T@FU5IVO6V%pGFx1aw~81xDf(ntCp+descBwQf=R*#+b0?RGl{gh4^`)0)#0
z&tCh3G^^cBCD8VL(uNiqxrTW-12#?J5nMS7q%1_V3``V<NdY^3L~vIbSA6+nc|Df0
zm*rs^Z!0I{pUTPz)m56gnk}HT>zaYvl21N1?AfZ@eR(R@6|8f;jD0CCJr;u7J6Q#-
zwU{pYeC2Dv-jZ=KqksMQhXXxm4H=UWgMw)aI{BQ)VcEkxuEr2%V`T8)k?u6T62r$Z
zFNsBUtH1{#B=%zj3&EvE*J-A#hM%th4vZWdH9i^hRzU#vpybux(Y!?V*jeTd>3kfx
z31DBa8sL|aK*Um>qus_4AoVV?n^#mgv%QG~x#5GVQ2;E2WDYnQdCTSl+C=EsiPg#I
z9q6!EloB~Qv`3@0J;1^v<KDJC)wjspV+MUwxEGG&bDDttmyHe~gdQjk;7#WA5Rv~W
zUh2hm#<>#VeQ2y!^PgZ@$pR}vo~4o-12@?Kr!@kCY5a3mtkT5RkhyH_c;vr7L}VbZ
z{EOE4BFMb%!1E>NX~|Wl^Y7`G<QQCn?FHThYEHmYVV>dr4FK+3azACZMb})zRLjCQ
zcqCO|tf9W==Y9=2{~-}SYmIHu*acwc>H$l(kt+;Ttg-CiiN;k7r-kUFRI39gZ6iyN
z-me{~Ll~G&0&2rajZpEgO?6C{VGQI?3?!H|ed_#gWVgaR>DS-CbRD26n&P)mV-%T`
zSI4J3*tmUJR#dZr{@7P+l{snb=@7}h*ChQ~?@*<)Q&P(9WjJe!z4$oGh+S_#LKj`)
zt3>ZXqfS0XvN_5>X|oP5=Lna;EQL02hEm{^M%6=MM|{;&N!jXA-L%xuSLlB+uple;
z{KW%u*<^eJRJPan0yK0P)PD3+UD=jW8m1kX5L(r7>;sk?9k?)Q&hH_PWvGo-RYHIN
z0$O<M{*H2S;zOq7YP5LszMOVxpJz||UA}h^_giHqufAN?Wg`HjD8o;#jVj-9F{F`)
zMIka$FD0{dEUmD3Vcmi5C6GsVTQ<x5<7|xx&ImPm#nFGve2H)bGItXNx6fu#nW*&S
zV{g5{!38%_aK2?)vdQK`33%c|g-DAvlz&SfCWywFo5NAq_o#i4EXmr9sf^{{6CXM1
z20-gwp~aInOntw3=|y-kCdaw^Gc;2$shF8tTnPw?`V2Z|BR7<cCA{4Y<Z)u}pv~mF
z*I7Bg^2Pn}AM9#s!T51oL&WqYjP_Niq8QF+6U>u4n;*St#;brFVIxp781Dd><;S{&
zfI%9&D-O3~G}@dGv54hfcR}@G710ZS(2(1e@#!E0QjRNT5i`sAk6Y0aN3(5VNT@VN
zSL&lxcqR?s>$dr6h8N^TEi#46#3rqz#(Swo$KTE+5sqxWvT+n(MNNDwpa6z0j__yv
zZE*(;%adDRjgj&60z3Smv!+wPXl(WtsFi(-0ZZ0zGY!I!?Bp!R<rgHZ7A=~l$?*}!
zh?JLq+^eyP0h+k5O}lSVj1G=$*Kq-5OmdeQS$bwJjJM#sldNiPp%|CgFA`D=E>7*i
zcu>|45gm>p%kToOb3Fw+ft9*%cKlL0F$g`F%o}!m*&Y=(tcQyj5EyMr)a1N=QfO5A
z_TGIchr2_{{7n6a2s{L9Xe_PgY(246NsVLlt$#>H4hTl+%uEst4TS_**={PyXWT4A
za;SI(EV3Z(roACiBJJ}D{yy`MX?)0Rx1M~#66(w?wWRH+@2ID7iU#mkqo$&gQm?$1
zeafc(Ij$(l5n$?Uza{;JJJKsvEt1|JYf;$p$0|HY{nB52$ujfsOWssR3*?#y8)YIv
zcMF;7d=O$_m|JK~<b0S?u4IFVwYdmcevg3dFE+-Y>-e7mF=<Z&Xc#zj0~Do=8f&KP
z9N!|@qvTau*9yN2c|ZBkB!>{#VP^VfDjM>K;r60GuYl4_o?EWc<p}icQu0Srov(kE
zvr!mP5C(%nBN0llAX8xIi)#c0Ve-T2V>1EaG&{oM=miW8$3LEFasuh)HcUHq$I_G9
zl)xGBX6?F@bQXiVCc~AEu2byCLs5|a<}R#Rq|)YazKEu+eU;WoXa%cbQjW#RFcv`}
zoVJin=h*_Oq504@!iN3t#u;n6UF@pASB+}()LbBp<}?@F2Q4mcWT%02@_dKV<{qS`
z3SlIQ^qL>n791Spn)u2rT@x)&?D`BCL}i@oy$5FcyVKOu<3;Lbho7f*)(yG1AQU!g
z<!A?BlWKvAAmuVU7$A^@6&2M{VfxO_=)>J4%)z<|XLC<&`@cgW<r~V{xP-5xxs1|y
zGHS8K&72b6JqX4Vsk@_a7*Lpg`|yygkY_>Jh<zAQVuI86kU?<H%xmq<?UDC(4Y^H)
z+$O?FuY4s=)S*(AN4mtNRiV~lm<sNVj~p0L4EfPjN<~n-pGY-LM0{tst3q0ghKf?K
zvl}K&gYPWNkSE{|oFT?eh6W4vmy|~0Gg4C&upTK8nQXza%~|rcjzAxv)(~l@k`}J-
zl%+?8D7D4pRU56S^Lrs9<J@PF!GW->J(;ubY>BNZKBakXS`CsxWgyJ=RWRu6VNgUM
z&}J2<Upn_!dxbEtNNhR;<8@E#9;J1eCw=}gOQ07CF4{|w4#1z8q3R1lW`Vm&G`yph
zOLiq2{~+>FDXDVl;*ngC`FBMPhmpH(^8SPlpDh76NNPg{yy2;)hUwRZ!<{DcEkSAz
z<g$bFTN_(5+bY=w5ZcsmE14-t*>OV@71j8)1}zEr*f)*s>2^Cqq{4Fn*Y0|^0CX+X
zB*YrT#@FZ$Q8;z8?MJ$_joSF<*WjGGNm8t+qzVp;58z=>URybE*R^)kc!G;AfZ3Gf
zGWC3OST<+gU<qp0nn9&|E=brjRo(^!Z&MDiOJi+je}gsYo}gF4or>fkQD+$P4A)Bl
z@Od$BxYN&)BNpzLV>wk&Jwnh4+2OrAz`8nQ_Ug02CRdrdJP>y3f1O>IunjJ9lPLme
z3vi29po=2&lNztBUrezY@-N38%eF&v)P4~hlj4AQ|GY(^Q6bN)8o9R3Fq#G$oyB`n
z79garEU^Mv$7>}4Xy(o)YlB=Vi*3r)XIS{1j@pS`i-qXiaqP{8uB)2%ALjN9t4+$A
zLei_YFLAG^#D+yFF(uj|(qsdvs~yd0oa1<d5b|;6N2DP$RuCmos~-57_gJrCQmvMM
zVV*RS6{0)aGc@`0Vi59aUF>|=%7?j1(z8sbTIA`}%b~avGS%y;G)yD5W0?6{)pFq2
z;IO)KJdxY}PHKYZU>zF7^<E^$jC6o3XA-6f%oz+lU&B1`4}2n#y#F;9e?m_8Xg2}!
z6gwWz54Is{F;MVECG~LQL+*KwWZa9Nox2tbeCuu?=lqAPbOPNe`~Xo18uS|}SKPc`
zY21}T3Ye}5bsTSc6Sh=$a0TqwvgivdXw)sp(aSG6(yvbErcf-WVf&cLu(yIwT*~XD
zVSiuJ-CPTx9o_~1dH{d1kL8J*vnRIK!%sbvNUE>DxPj9J(gSoVI7weuEL7R(e5nMQ
zy&(9kuqZO*u#b@lr1wK@d_qz@?B$o~o<lew+(B`o9UKkt=f=?uugc4djh2TZwXYyF
z#yYk);4AVzKg}T*KJ=RXbOrDUCu;n;L{4dm0dt3ud_zh$_>kQB{Gx<dqNbcEsca+Q
zcj4m$hWZ3r`udXe9swF^t1xQ4i!1MS2iXvu>Sjb#J51qz#J$v(!_jg0%p2w|fFlsK
zZp1PW9^YEaorlJDgJgGq!oSxhE$gC$UQ<Z_Du_%N#Wg*pW+smMO!WS4)}!zMsbYbH
znt)t?e?*xU>DfYDxl7{hR{io2PV4M})j8})k-f52viI<E!L#bb)cRoM%6qi__IdWT
zShF%(?)u%RB1Z0(=JMyC4)0w}?GU9~mO;DUo7$1Jvg7RZ%9>X&E#-2xn@Nj4nYeDQ
z#?5%l*^zbCrAqc0IZIUo9DWwNAX~Rj=gQ_CDQ%h;UtE07l#CbIoa$gr%no-6tL-1M
zK_|sdLv}7_BdIa5deER!FRU0w-HaJ<f#afUM5*X&OXQ<-UNfugJ=<r<11IYP)~=k;
zS48^<^VOsrZSh@XIty!=f1v%$c{Uj5uQk>&DI-A7n1<K~tij82>Kq;}IYi0Xr2rvK
z_q}K6WeFN|VnK1^F(;_+_DCl*f2=#TF&Bx8+9}%nwxppas_7Hm`?dGzr|~}c4n?D%
zOwQ+RilarZ<o>~uoJ)wNx1l;%f^GMh6@q5}Coquvo>z28j}02_4#OHeR|h2ST$$r8
z=_<lC6^sgfP>YmiBupt)?B}m%sNnYcZ6L9$DV#d`j<3VW=Hkv8pRln!i~SrU4#P6X
zkv184RHBZdG}D>g_<$SsF<_!hAvJc0(U}4khWzxA0jJD%y6cgIcBmRuQ8*}_l>QLk
zc2H<U8~A%kHItmq4dbALDLE!JltT!zn+kyS5<NLnLPvVWni-JDc#!};WanrHw$%gA
zAotd1xdy9uG79t#alaOTvbt7;RJtv|pJTc?hgNHaFl8LpTSg)5cX|YX#U`hW$nHh1
zNDh}NW_EUu9;7!E9aW582efl~2w6}dayexZ*1v3R^y1~7K_1tTL;P|Xl!!W^BG0Xd
z{Ftsd%^f?cr?Q5DAFoUMVA}Kb*i53*V=^9@$zW_zP^WwHt~W4QrI?@KZ5DsCTK?4%
zsZ4b(n#EUmp|A5{jYa)41w#`eG?7a0NK=Yp*wXsbLgpTA0M<kwj-BKEQKSNn)V{Tk
zhJ<<<ZJ3*QBd6j=C#Rbr%d)3V@($SQ>BS9UTtGl=)O`^7MJ@~e(AXAeX&c*t14V~=
zkieg4hD3GzH)Pm(P~KLNqh(r77Fsw0A%iMH)Unem3K9fAKP@$5bms5an+aNX!n$Ik
zl%qsd-3U|gq)#0FRcFGJDVG`A=&<zVV9CAO5mCwj>-jIlR}6dFU!WRiT-8#sX|1w~
zlP5hg>(y!0n_u}*Rou3+a*oUgQn-CP*t`<qKVHtrjc|E`eJ~lW1^>JuX(J=Dnl|k{
zA7{QHhp_o=v927ItG$~+gkzAhML!<U7c@=rLdoGj<1#YWmFj{9!;NHa)2CaTmNw0J
z{eA;OyUR~F`l=69fKKlp3t=^;YQlgB`+C^#CDGL@wK=O}Ur-a2(4|oa*)lAEFTbGz
zZ;*2Tiz(Gd7^E@63`@<(RXZvzek|ta-as;cRb8le?pFds4Br<;OUPPcL2YvvRL16$
zB4UF4jqDxCDFV&-s@NpQfkNcFV@0j@+vI9&JP<b0Xv$F<r9wiGkmrF7%b$eCLl!DK
zD&yoV(ghj`dV7*PX{DtJ@sC{rP0u7B=h(L1(q^;g1~6nknz3P@qN!oTZZlprI~S|(
zM~(dJb>RDa)<k$Oow-Ya?VelGB>V&{$(=>&2)h&{OEO4K{zsbRB<S%OAR^jRS$2Xw
z0f}~c-bXbrrCStJ_2O#c#6((f66loEpCjTuf#{n3CG(Ka1MR1#m}n<MQY5Sw^827Z
zvC^J`APM;}qoV?i@huhqqtn0t@L_^W$X}2i|FEQ#^-22(cXW<Cu4Obl-nh=O5OP(w
zxzaa|;yxh0phK<GXbS@uEVO8<fn=7$B_f?b$#yEp;2DQ$tp+`T)T2U4AfR~>*D@`Y
zf)H_p*b$9~eH>Peju8zys%s=9r5m>owY5ILmph*Lkr#Wi<O1eiAyu8sqwZu|sPIeI
zS4sBF<+@$NsflG61=i0@ahX46*sygzqtf(MW2ZvD;Zx}S4rEgtFY2Es?+#_-&FG9#
z%pFUW=!b<IVOYA7a;a_bOD(w7;42Y~caM^I>Co!Nr&8rJQovG$2m4OH31x^8+hu>7
zHXFX79EFPh8LN%uu8KquL0bDWMa<uSAq4?{oYLG^elmO0<s1DvGMlF{C=i#@zajeS
zwt|xxJ9pa+8OQEnR^v9ErYV2<VZGelHvJvKY0|$}pnE8WcS*&Ctk5^>8e20`&MLYe
z%Xb~A2!fUTsh_BVmxMPpe#`<7rFCTfo(aNWMWI#*g#qUB!6n{ZW8EEY3^R=fFO9>x
zJ#}4;{5!A&kMvZRQ#QH@aJz#|m206y{zo&Ep-;{H<cww)M?uh5Q$^9DZsYTaH&H5z
z8zG$sY9A|x`}MfDXrW53LqO`T6_k<QMXmr|CA1<8vAdBg0oqf+8^L-dq!CJlu(@@B
zqo)D<6;s*;*R5jw6<eBbh<(#kWl#=(g7F;Tm;n}m@aZM$eR8_F$#%pd42iaEzXgJ)
z`{_z=-4i>E0cxV+uo<JtM81VjOl)L_kO$BLDzNkk8b2JsocheLy?r%Dac5*JVgt?K
z)m4s}w)%i6)GZ&_5_A0ieRml(lZb9J*umcGw=H~jR`A)wH+(mQH$({<il#rypK^cf
zhb(5X!{tQ{i!gRUDp~;@{dM8X*fy*v<3vPUaX74q|DEe&3MMb4>&q_*Ij{(Ew2>ft
zaZ@Mz%Yjh|{B$}`tVjeVPE%IL<F;61#WT|;OB>}TyBr2p$MNcIl=ArcuuEDS$%lJy
z_VZ{4qE1qyNpSnhd?=#1UX8*mbBwjyWWL23Vvy_pc%VnHf6<8=_s4L(J44?1Tm-4u
zBS|9hU$n}!M&@Os19Lg$fczJ_0k=URFfc=J1_YV^Cy`tHFA4<;C6W((uLa}}*sh0#
zH*Z>^<%tHU=mn9?9Px@AMxK0jNM4+}T>+A)fqX)=_$CNyNw606AF(Np<Cag2^xGyk
zyo7%r$jhSf(QNtDCzmnc%k-qWIPak3JeF@F%yBd{<23s4onmo3a^yFniE~U$GH~-B
z8@fQHBIrr9K}XDL`eI4%eq|$?5C~ai<yW2xoZ$!rI3(Kgd4G3dLFQ*1k;2-*pD&rS
z|ETo5oz}mmok__kXiI(!+?Arr!$qYp+-i2|F4UENP8AvJ&4+w!Z1W$_CU4{5P-)>!
zS|WF$PuB>uX-B_OC8ku5x)Px2v^nuTRTS7nKfsh$sbcY&0%@u4Jk3^Ugwx(Y;PTU2
zmSg)a4Q9>xxHTtQ?5)xs<t1O39@P>Cg|we=bXI_PsS#1SOndw?OFCP&=JTVDw}%NX
zKrUct+(Ot$J%;w=pl=Y@#dD}BA2kPArhkU9;7H_$p+g5gq=@&oV=WH<!k^P6bgC>J
zKy-YVUk~781^R5_Jy@VlkdYB_rB?sLQU5rkuOmt0!BtxrCZDH@5;Z|KG-#@RR;88Y
zWuFQ7$tDpyp#GzFM#ptxx06x;_n9AoB>~0<ms#jj7d8T$lZQ;-m6=+zj&nVoNCCx1
zNV7thG~uzG|HF_}GBB-k?6?wfU4MEd+XW|>L^U#}NW!mD9BN%!me_Uhiu+DdQAYkk
z7j+u~R-eJq&@6e&FnTsMR9)(f-(4G#ZEUFr66P|-U{Y>&Tu51GOIAm(HIPJ%C6GjE
zJoVKMD~`#V+~7XZ(#;CeE7Ac*(Aohhxz&$P&NzK8SA;binf5HDUgJ#Jhd__-5xTXE
zv`sZZ+K=i`Q+41Y0ZmEdXC<7c4$8}(LC#aITH7&AjzytSp}tI822!{+>ed6-Obxaw
zk+<s{0l}$q;Pi*ba#Cso=YeYCHgHYeFw$EUS?93HC!4?cS#f<Cue`^239nEfZ<V5u
zc|)n;i{_oP0~6x#dN&ii1o9ojl3S;W@tn;La*u6(=*U-vs4}SgDN1@$cDdt@4M>g2
z4wWl)8UM`TA0^yM7&BiPNbdFwd|jWSwn@~74@8dq-s!UDn<D*rWoy`*)TIZVk){_&
zLDb9{p1CUJnZ<U*X)LOLoMy>Jn$M1J(_}V*%$1E32g*s)w`?)61kDGseSrq@$pZU&
zr#wjH;WRaRy=za>!mGM^d1v(X<(jCQW%*+|dw?U;fFQbvJI5Hd#|ma>wO*{20`I-m
z7#yNXgDTre9V^RdJ*(FM?@jkTHm-_=g*HUx5|2cqOKY-i-L~H+bN&7kP#fRsKW{G?
zZSKskE8L!w8gWP-SLxyEL>ha9@>?pDSn6MCL{>(B8*Pd)cnT{H<LdEEC|io~jrZ_}
z?9gPEUmqL^wV(G~z>{ie`#-4P9&y)yi98U~QDZdhGG*^fqNB{!t5k^|@N^VQ%B4uZ
zOZdP)DIiC{CJLB%k%QqhaWvf>tf^P6Ov=AGMIbe4mHEL3>tscT(DJ!hs8@U2MiK?T
zDhss^armt0^JuE4yLT<;ip#=|MjuS5<L#2#Tb0Whx>wRfb4kOHNeRwAgn6M^;n1|?
z6b`n%Yn{OBu8s8eMzVvI%bIJ@hk@G1&-W6aSvK{E(vYozZppE1R&@P60;<^2Ze67e
z=#l1*@;MsoWh}W*xx7%RHP<f4_GwZC^w`)aHL$GdT}_r9Y!qYo3AtVbH@R>K!og7n
zEGk-*lvc8!)oG4igH)kWAsSP{!N*Cn*-CA0KxMM%1#-v-9==(+l)Y$+Sg6NLzec}@
zjL(a-<wEkdtq&$2L*&cvMNfBl;ZY|=@J0QY^IRpLk2VV0kg1ZE$ncxqN`*n>lMR!T
zbC4-hdswJbp%w(zl-4gmEY8c_gO3vuJ5Ijz!_pGDYbr}CwjhJLrR0AyuFth0#$RG#
zJul6o2<zJU+lB=Z0AP1k+|9kq$RFPqC^0;}aB{Q{nU1O7THPH@2DV{mA*Ev3UPEkS
z&K5OAf5XE)b50DMc>odCc{@GfUKUJ`0h-?FAxh<Nb0_{5vkO3^Fjug%z@Tv&PL(=r
zwFiH<EU0Y=mJ(IaAHq5#N>&}?;&us}SX@_Wiv`C`7HUDC%RNE${=Gdm#)e&$sMR~d
z7~u#Yp-O2_Nt|=+{Si=R5>L8sbY+4Wch_OST-a9W9@E6<keAe`ou@=2eY)#SYrSSI
zi<B%W!VFhZz2hvZ%rCDO;!K=AWO`B*;qs1)mWYOtiFuN%c27Ll_3mifq>DL?f&={0
zO_Wl%7kuN-Psy0rXI@cT%I#~v38}F$qGs-}9@DspkBNh4bwP+;R5P0r$cf<Ys+iRb
zv(->=GEl67N2^oxh+c(0Be{1iqXV92>Zd&vc!4-(N8G42FQk1#k!{{&pCX%W$NTrD
zek;eNc%kTznDM-q8EC>@ynNG-e*ZZXxsK#UB2A_018{Q|Nx`M|=E-6ppikyMD5uAW
zHPTyCE#+3HKUWqgvs+)D@{3VBtmGxEqgV+=+~xfTd9zc<?NZaNWov2s$HnEGE2B-X
zn@t77hq%)6GGi)3AcMBz&pM}`sS}r7s2VR~SExs(?V80i3X?!BX!AYhJj)Vx)<oQ~
z`h^S}8{I11N%Z47<66JbxXZYp+%sy_*yyhZpR(-Nq3S+W&Vw0s7vAG9T|F8(s_q!v
zb0_krHtJ`d36FmSxgi7o%*2#Ndn#}Ml~huj0sV$LjBS;>W^F~cf}Bpdg@UQTmiuZi
zIpgMvyx+}F+Bzs;XOz+Q3E3wtkfQ$V7Va-$w&|(OD29ttkPcvkkM-)EO7wFt49vs^
zo+Hc9Wa}oy_j#gXIBj$}OXmSN>W#pKMA6W&#u9X8%a6JInv@hYeanyM%l<ZW*J9X2
zUY5U6D9aceIpuwqb-Ql1LSnpD+67{&t6*jAlA7tGZ8XPJ7o<>}Teesa$fs3R7jD^T
zHT|msrG`~Vt|&BUThHU541W|QHYqnZVf6Cjj4x6rnG(b6_8P-a2pkSVQ{>Oaibe8H
zU1jYC8Z$!nOZUaFZ+Gk!GG%&<y2LS_=NF((+Cl@<`&&!oWl(g+q40=@eqA$p4II9Y
zd79k6(VxanyPgooMiA;UTp8O0ST7Fu4TBRR{UOc|M1|dWZ|1WkdqU039o8aO`&VL&
zaQ`jnI(==wK_knMqOl7viWW)s*FOa_-5FlB6tSqq{+ThlG9V+qy)qTC&6ZbiU^9h_
zyT<WIG|lQ5$GK}FOvLrYqf56#Ma3!m=g0TZfw!#Ncme5;M8RCQJhZbLdwZx3f@D!r
zvVPMRI~7WCei;<CD*_%<n=`UTzgjgwwD3k2G<I-_oBKS(?_6$L;P&hn8>b5$7mSfj
zj<*%~$~9eI#Xh({BKNlUZ#(xB9O0~?CCwqy?%3{!HsVJXoOPHpCv*a9ljr9foD)-P
zGPve}l-PL-ph2zjA^f1J9goeOwg9i9-+}*5;v*I0xti!+7(GN9FTwl)fVc;Dc#z$q
zvsJ5?wo8d_aj5G<ZM%cql>_krcH0#1q_%b5;ea~U(57}kQ5mKz*_yE~ZO4b?_FpLQ
z;{BE_LvC}CzmLodGR4hZ>=7ARcD{Mmj^rm&U_qdUM8CB#u?F%%8*)2{37id(0!dZ&
zUzza&Wv>IPyFH>emZa0>4}#`A!WHd7qAMK_wdIn_Z;fMtASAtot3>0PeWSR#xNq5~
zjY$z_Ug`j_mxmTUvl#A>=VKHZUxY)2f`X7e2-9SQ$yhrhGTLDl!xMAxZ$jM0=<9G=
zGh=)vys^j-th~sCDG0%bd_AK`uKp8tf4|1Gm&DSy3KEFG-$TRq7MI?bfa{FvdEb&0
z&CYyn<lCdR-ym>DT^Xqth{~PjL7Bf@i#?~BmM2$IZBG(WP2Byn_JtJfOAPs{NJZlL
z%?nEXu|)+}_?yEVIlQI?Q%xa?c6GC};3Nq|EsCa!ZIADDsT_$cU>O%mZ5CXh4%tBd
zzE4qLq5J%EpKw*T7ZA!b;Qyu}`!c7C`nZC=cquC^;%<+uG4FGaQuZX=r$;%(X{T7S
z3;u}TM}8ZTWCpqNY`I!8#t@YW<`1bBl;Il9IdCZD_(<8$m{wB6s9h=Wa;0({S-})8
zIsL#0**dhxN7}HFG0)IXQ$VGVu}FeQFs#M~a<+i<`BewQF%ug6a21}++LRvSD+h|6
ziMwIsSJrOI4w@4e_3?@TB`TEouCRk3MHl>Mea0zH?*qG(YneEfwQ|+cS&6@WRQv0_
zU!pa)2*pxL_zogd|HYC_>_cq)$#(>r*iQsQG{vdGT{3%>AAl|ukv4Z5lxn<%?N%|B
zaJ8BB2b(iRll0n@<bwiHtFw7m(;vQ&-QZr0PeUBY7}$&XO-9n_K#K5K!43zs{R^O?
zsF<^4W&wrvzV}o9i6m<DNzwsPh&~1eL|4<3eF$vZE{bg?3o}`LaNpeE1APO`iG|_K
z{A{<$3lct*XBT4~(>^VTUlS$EAAl^Q>Licqag|_f-j+1ouedluI>@AZ(acYNBLxz~
zjn{lHPq%~2<J-~N2+PvkFp(npuz+0gwW35Wvp%#Sx(?>*Nu0>85<N=bOizQuho3!s
z`IM~~SH@7FTy2whzrcJzK4B(2dyjyL=~%~yuQxU;?&pFX_|`k6IXX`ku8I^sF!;XI
z0Flzwv`FR>7kkFcp}>cPP~>d#jJMPoFvd%u*NB@fH04uhC28RwNr0FJZu?zPYjMD^
z0YfSR4I#)=w3JRtgaHyRccLjkW;&^fEs|jzQ&@H4Uk2VD`AdxYPeR-LVnO5If<k)<
zXFVHiG7QOP2!}v$a0{_FUluXTnO=|8H%AsH9DK_8dV6X+FS%w^;#6KQ89~|E{ejkM
z&d6IjrDEeiDFjb44K!O|c1_Z=f|E2^_}MPqG<Fm`P*4k*hY1Pjykg)w1^-CJPNwcf
zvb&j=O&7Ycx@Cv7#1#1YMbTjt>J1Bi2yiD<3f6Yi6^;Dy`W~u@!&Y2MGP`Wh%#MbF
z`VXPt-Hu76euGqd_hg&0Ne`2Q3;($(>{b5q@!dfbS$Qu*Fe_Omr)3x+nvN-Ey&JR!
zN8k2_>~-QlCyGW@B1V;{SC)zq%$R9j3yZb8z1(VxZ5!1LsT0efQqQ(VaVdw&hM<hs
zuowx|Za^acG;}LZF;`!;(qaa`<2~jBvtO1vBGT0x`-rHfjb~1NHVA{Eou*{ua2(ZO
ztsO;;hrn0bw(sXa)(&BHdFg;HONb66eYvF2!Om|h-Jh_K9PynKc_a7FA?wm{l_AyI
z@9`(7pm=ut^`tYjBh6=!Vs=#F08v`8;IDEGAvXWB{E0FcxpE+#;N>{heutO$g6;Q!
zv^Dy0l6%Oh1v*q!-fhV$yHL5+d8~+z!vv<grita+d&!I|zTW-G4o2%dhXfgUg3bDS
z+NE+U9J0zRA{;*lxWSkaXL2$H`(HX0Q>Paqx$#RjF$x*pO4-}62hnmATHvTi`3yUE
zvaO9A`;<aX!SDWd3mm61B<d2HD_m8`u5_{oms*uws~o8DfB8?X7wV<aQWzH3jy9|5
z5FhS>4l4#fhDK0;B%y!;=}Y5PP5hmhe9^Ct+<u4F()$8Owk{+q&I<=vh{p)vvWP~^
z&Gpte5vakM^vvj4vTRYD)g5HB=kv1RYmd#;B@cv_-+KCJB?>s|_WUU;<gzYz7lF{-
zCmdG<-C438Iy!h+4XrT{bDSuJ3RS6T^2SsQdb93BFuGH~yUiXhX6f5LYYvV^ZxN&z
zN}9l)MLwoe(NR^w;3R(Hy)*-PZl0fO`Wts%PCO+_mK@6I1>D;_=aW&vt#MorbwdG9
z;x1mIeh)!e2nPG%v=Y<kzPGnayiZ!077AEG*jLW;N{N^loY2YaH*8L%=skL1Z?{hw
z3zD2>a5ZKfjy3yRaWxrN3prz6LoDEWm^VweVV}hCoWvO)>>aKgpeeok1joB|EAyKV
zCP_;*!N{M-!N)QPE{SWc;6+;w@)W*AjZ7T$f9FU-6DnRXj#a7>`)lbN=I9VN{9V4{
zrE0N#U5>X%j%6JVsE74nC90$icLOSiX;9_whNx_03s%X84~`+Nzm=y1LAd+rD91fN
z0uqE=^C~2K8GLal#IYDPFhwrHAQ%Ftab<*sBgu|UfJ}_dG(bViVbksviepi0v{Sta
z-Qk`r)N<7Ayp&0a;i%2`XR-4Pcd@0pAjHUv_W6Rs&Y9N@6P1*Ch%YItvA+Lg=oAZg
zr~3j(H~cUvSxF?ip}8G#H%fw<$}M>c3Y{n)!yGKyH(0p~kX?tJK{@4%{X3KyxJ%^8
z4T5;gi`(I9^&%CSr+t86!3K!EvjybA+3$wh4Y!c9Vq65&Ym5qMa|J^m{nUf7Mgl`Q
z-K?iv#aF@i-EgZ9XlWyXhm&H@_Lu0INL$9|zA-tiIc~e_&Zwrr*)1Nt2tsO!@v%6y
zRI2|Cjz!i~TzOclCFI~oo}8o*xU%=S!Wad#v2sb0q@>9fqxIs{90>6Z++HU{V^X>w
zsQrl}Td2E+8qln*gi0R(z!$mpnLBsNk7u1_LbJTiqzSSB)u?7E>A(@%;;(97Kacsd
z>iI@epBUSZlbSkhh0D7oXOig0FtKDp-*WI{m3^^=bJwVJlinV<OxM^`kv>QKd{O=(
zDoKD27G)sI1<!MS3G2yjY~DKfP$IS^cGX0=e=<9yEpQJ(>8fxtPVYpf5kBmYZNk3`
zmbFx`Gj#PG+IqxKNk+EF$Ms=<|JPQE-LY?3ftmLh??a<$j`r81f7T_PEK}wZ?{t>;
z*k;f@DL(NR-k%{ch{7r76DZkPs9UsnPIUNO16^oc02Vqu_bG95l}$dVwhMy(`wJ7I
zK3O9M^JSvw*9mn>D9?}G2-Y5<2f^egPBMSCiB%(Ys_@`bx<y`XHO#vmVOf(YDX8f1
zHaHuLVxUG&5fE)kJA<KXLf)^DH1Kr(X)@bgZ3}CL)^IqRqkRyx7r*tt*LG`S+yv91
z=DOfuOI&=RFU)fNy0P%sHs!TR4vV&4Hp>QDA4+KDW+g`Uk~UZCxj@1s#Z%>STLPkJ
z{i4b0Jk0XG<Mm>OSn0dA`Q?}=sCgQV=#Hq6q55~I@ZN!(cN0X%Re^os?PKu6#(Jjt
zJ@ehiq~$OCnl>pi$=D*vlh$w%zK6E<v)soh;y??@W06#6)NxaxpN>h9x1k$Dru)E8
zo6>$Pj*<=BZAXHCT2yzte`JZ%sN6q%(fu+zw{nrPe`^H}S%ZUQ$hx`&t&GZ8yThYn
z=eZ|X%T67VW90qb7$E^dk-hZ7b)F)=m7D||n5{<Nu@IbzH>4*`qP?1LqSTX9pVsaV
zHp|CAI#6sNWDL=d+N2Pag6@^}<~F8`62q70_Oiox_&@iD1q?vJI#2|LINC<eHTBVQ
zxTOm#xOcI^Mix72?DU(t3ZeBbn9mA$^CV<A6_Z|+ln^xV^xHC9+c-vfX`FmjYm#TX
zg0L}BHawPjq0@u<%HxaC0jb8EoU$Lq&V|3={8I9XOA*F?1J|1P@Ui@&Mx|3U#iT>%
zz)Ojcwd8OGG|BsFJqD<#1hU{L87=#4$hTYx%~S)`xsZq4I3)y<K2n0z&-LRDC-8j^
z={l<Uc%Trt3P7~lLQY%hE&7zQMzBU`dsEI)Obd@kAq1(Xk0OICvW%wpz#2VMd{G#m
ztG@?OSd`nWL=n(rYR?BPzbD`H#72-AjnfJW|LJzK`<5<x2CFY4l8EnCsz`sht70`#
zHe)5Mcx<Dl28lzyVuH{nf>jobS$P*%KO;`G^3Ky$+m#g(Pb|N#FUuCoDqv1JXQTr5
zioa$~xMcEaj_>G`e<I{aN?8xZ&scqS6%O?tzJhl{%+v0Z%aMHlRjQdmUkTdLi4n3Y
zohJ113x-`Pw*&ubMc4aa1Es|^th5qAQ7xB_YiCv{k5hF&8f3MY-LF||BWS)YtX>!c
z#EnDXdZ<cWZeZ2^%d??m1G3YMo%WfS)&Z2$)3l8*%dM`mHp{>3R}swKK)B;s7XSLJ
z`qn2tmEJe{c?O!__BinI+jPK5Yi^v5Q6@9~T+Trqvo!rv4EtRo>vw>}zX-d1ln`#X
z(CtlgRMkIi`rqM=9^N{u7YMos?q7+-XyRZsm`Yx5#&lgWFD=~%gFflaWuX~ynW{a{
zE%ie!Tlif!(9geHU9pgOvji+(SiW;1Y`S`>d$8rwcX~wxbDvce33D&tE25Yatd*rZ
z0yCm8UJw!A-k#oiL=9*W83lUy2Ku%v69v-VOTp#uiGp@z)k@nB(|axjPs$@Q?^%R<
zTSzG$hN3=u5h!O{0f;>Tkh|)BJ#E1PZO*Y?etNwg7LC!l-RU_pUd~v)y^Aijt%kih
z_Zz)F4(839-F;xac}AEJ_RRV{{>(mnKyH^a{<VNz>t(cmg5j5n=UIO67yMLwFl?&p
z;;#a&_`M+3c|G1R3~ZZz8Ake4rF43fH0Ju7DA0g_<lP_zM1A}Ho07%`ODz}E(weGY
z72$rLb6aWJ2RXQUnOE7^c(}dV<IsnT67xG`!(MI_fJjEhmb20tCO-kA@;07cEi33K
zm|6&ZzBK>ow&&Xm`fdMR9tc16XK770a4h%t6F9%8b^m~0!n0fCzgGR2p<@<DJrMXs
z;0Fne?-*aG9?1MaP+lzmbZ_NR)px)7RkIJI4@7L?zP)X1yuUB_y!o45-&t5ZhHP7c
zsdWYm27r8awdGU?`t7Fry&^y&oKbi9cRg|UCJ!0}{yL0XEB@sVr{K3bMgzJW!sCYI
zPqx<Sh4pu!$7VwZhrwX>QfQU6hy8m;F6E~5<s2$<W;{_RLjUe0;qu`a^{%c?DP;Hh
z7v)&tYzge=z~{qG!JYTfx7!CS`g@1(cT|`!MXLXp!TI*Xiq(r((4>UL%M+Ti|MME}
z6FS77)}_1IM~3&ygf2xtN|f2X+*spJx5XUl(xeg5TN^~S?~PB<vC<P$TK@}$Dc`T|
zOG>`P*0cLSW2`MR|EHK2En!ZGZ^_<oyiuOgEDiP9A&h+1t8O<B(O2qG{NP@d%q?G_
ze*te=1sf3lCbL^+3C`hf*4!VVyDT?b-LIcwuMMX@1G_SDuWG(N)L?&RmtM)!g5Mh!
z-v)UuJC)pFzeGG%ZCc;sU2K7HgB1>bzf?}*sX&t$d`$elGkzG9dnv?KKKBeoXmtI?
znR=9ZEvEH^y4lffir#r@^t`7BegyB5``p65WZ2E6QM+#3pE@k8zWbQnGmY!trZeyp
z%fwHRpA3cX-;Z^;q}Or=ezB_d2Rc&r_fK9FNT!fZO?{=p&GWa&)F{J0#`O6-|Nhx-
z9SFklwG}(@{g*}(Bv=sWLr2M}AOYyd;`S?-nx=wSl7@;x+`(ke+F0g$*PZ;mHv0;9
z`jl4Awwl&9+cK8+^s-uS>dWfO0n_$-6qbTS0>;}yn*xOdLjuO)_xE@RApR@dN<(a-
z3m6n22n7V_d-tDiYHiGSZmqXhPma|y6+HD*Tg_{!*4+$y)_@9w{M%-IT2+9!p<Kx{
z&@gypKV~n?cWPEMi`x*u9HP+<xt+{)Hj<UBmBq=D*}pESuI<1E<E9NCA!E46G^ecE
zSer5Pqnu1+;QE`3?ZUmnf!1TY-p=)z`>TY<H^lGdt3EVD!AK};uc8l<u6kiEV7DG|
zGN-eTAan9)Khi`i*`M}kOY6H}oYaMZKF8`CI}+YcCj7U8AZTMVVyIegJI)5@#VMu*
zeDs*z?kx{w&=S^j$dQJ=CW5I&@=s+3u;`wWF!CkCk?Ncsf5vq%ISwh^MmtJx0P@*@
zCZ&SJ93vW+c*ar_)W!!KKg2>J!=%b!7_j!TDy#z4F}MvaVYb{jP*G?&SLbgTLx_uM
z;L)aaZ?%pxbi3(PXdWtc%su28bCH7>d6i5i1P373Ka?PMF)nq=A&i2wAr;4l#*aO5
z5JL7aD2b<B`&D^lcPiq_;3Bqht6L$q?dH`ITj*?KsYQ+Ce6#EKcYe-(RU|~TzD4h?
zzwJnKrDX9Wthc}cdw=^vn{39e<<+Ro{V6ix#JooNyK(B=2*8YEl+vId9D(T}(?SjF
zJZ)BWmZ}LXG#=2&&^T$W+SmI6;-VoV>IrG;py!94qr_z7Y)AO9ti>o3(LkoHziCkR
zV~>HCn+~jv5r+<5>*X))Yw9=x0})9igpr5i41F5&+Fu6w_q{r6*YTX1yK0zztxpD)
zGZvDTkhdg(HT;shn0#$CKE9Ck1)-*+%H3G>(ZC%xDc;MW?UQErnW9lUz))7OO7D<E
z8IOfX)LM%1J5(oir)c(x@tEUSW*MO0EAEH7=2^AEtjbLlBi^`@f$cUssc}qmD3$Ry
z%Ba;pO6%ZBw72*w*!*-zwD=CmoPwrH=;HVoBbpr;)3+DX|5s<2JC-lzcBaB&bDUik
z#0{qsoAD3k)Y%NpzU~p`sn;OQzca+)7Z&Wy_lM_)ir7~!eN1;@c6Vf9V`wDGr6}JL
z03>LazqV^om&d5xdOoW_ve#6=A`(lY!39UkQQ`Rw;bT@#bqNS{dwXOjGUJZf!CX#O
zKz*ACMt+<<XN!h&3UbFu6!<9kv9Vn`YotKRi)gHM4`Ja<zCf2D1s%=vc1E_MlF2tg
z^}5T;PlT&Ch?Ni#`u3Z<P4H_L9k{QVu+Km1sCSYOfcpJMj?%Hk5&#Uq{6-N``~oQ$
z%l#0TFa<jz9TrViJ2f5tavwqbHrD+{(9lyo6?py9K%43<Q~wU0*ciAq5dUzPAeV~X
zDe`~&0Q;IH0SA5iElq-=LxEE24`cJ4J_kK5S+4|ubo>Vj8Su>zqO|A#_@%HZZ(+6f
zl4}GMEbXRW4FE7W0{}zcz?)P+9~f!rh1uDa5Y>r+)%E$=Jai;@B%8g!->X(<yBg#N
z2y^~&%HQ2-mj*+H-)bMb<kjCf<4+8-mfhbf$NqB0-#t;^m8?%Um1WQVS9jkO&EH){
z-&}x?PPMH4@95>;a1byn#k%hs-9doqmvez^>{mKg-#0)}1_&4*1RC(4)-IPIV>|Eo
z2=a6NpH2h7{Le4|=%*L`=$``s)@JrLR`$;HKi$R1)|OuCzn|4ytZeCRjhtP?Jj_hg
z&77RA9PHIp!2lpROB~v+9xwnP(8nJTP}CoY|C2DtnMU?Mu>Z3`{trR`01<E{Wcf4f
zXzOb6L&or5XoDRZ|8KPa;6eh{e$mLXOxt@~Bmn@2sQ>`(|3dpu_!a*Lnu&v*osqpM
zovo3py@{on6TPLQ)qgRRw*G$^Tz}&2Ku`!tG64o)SO5cX{x1fL<o_M7vx$?HqYIt0
jnTe~Dm5b;9BB=g<Jpvf`e<lF*=Lq_lCB;|ZpS%AC;ZX>E

literal 0
HcmV?d00001

-- 
GitLab


From c359b86053dfe48c797f3b2135f72fb32cf8b609 Mon Sep 17 00:00:00 2001
From: Vincent Latombe <vincent@latombe.net>
Date: Sun, 10 Dec 2017 05:27:36 +0100
Subject: [PATCH 065/863] [FIXES JENKINS-47439] Setup wizard does not resume
 after restart (#3166)

* [JENKINS-47439] Add a failing test

On first startup, the setup wizard goes into state NEW and the filter to
force display the setup wizard is installed.

On second startup, the setup wizard goes into state RESTART (which
assumes the setup wizard is done), and the setup wizard is skipped
completely.

This test expects that state NEW is retained upon restart when nothing
is done.

* [JENKINS-47439] Persist InstallState

In some cases, the heuristics to determine the current setup wizard state are
fragile. It is safer to persist the install state so that upon restart,
the setup wizard can resume where it was left off.

* Missing javadoc and since for new public methods

* s/XXX/FIXME/

* Missed that one

* Setup wizard filter should be removed when entering a state where setup is complete

* Use parameterized logging

* Improvements over previous impl

* Removed static isUsingSecurityToken. Now only determined from install
state.
* Call onInstallStateUpdate before InstallState#initializeState as the
latter can update state.

* Triggering a new build

(cherry picked from commit 30ab4481f286a5c33499489dfcb9b3df6587ff38)
---
 .../java/hudson/util/PluginServletFilter.java | 19 +++++
 .../java/jenkins/install/InstallState.java    | 13 ++-
 .../java/jenkins/install/InstallUtil.java     |  1 -
 .../java/jenkins/install/SetupWizard.java     | 81 ++++++++++++++-----
 core/src/main/java/jenkins/model/Jenkins.java |  9 ++-
 .../install/SetupWizardRestartTest.java       | 50 ++++++++++++
 6 files changed, 143 insertions(+), 30 deletions(-)
 create mode 100644 test/src/test/java/jenkins/install/SetupWizardRestartTest.java

diff --git a/core/src/main/java/hudson/util/PluginServletFilter.java b/core/src/main/java/hudson/util/PluginServletFilter.java
index 9b311aa790..aa2c53973e 100644
--- a/core/src/main/java/hudson/util/PluginServletFilter.java
+++ b/core/src/main/java/hudson/util/PluginServletFilter.java
@@ -113,6 +113,25 @@ public class PluginServletFilter implements Filter, ExtensionPoint {
         }
     }
 
+    /**
+     * Checks whether the given filter is already registered in the chain.
+     * @param filter the filter to check.
+     * @return true if the filter is already registered in the chain.
+     * @since FIXME
+     */
+    public static boolean hasFilter(Filter filter) {
+        Jenkins j = Jenkins.getInstanceOrNull();
+        PluginServletFilter container = null;
+        if(j != null) {
+            container = getInstance(j.servletContext);
+        }
+        if (j == null || container == null) {
+            return LEGACY.contains(filter);
+        } else {
+            return container.list.contains(filter);
+        }
+    }
+
     public static void removeFilter(Filter filter) throws ServletException {
         Jenkins j = Jenkins.getInstanceOrNull();
         if (j==null || getInstance(j.servletContext) == null) {
diff --git a/core/src/main/java/jenkins/install/InstallState.java b/core/src/main/java/jenkins/install/InstallState.java
index 71790d3c54..939c45f828 100644
--- a/core/src/main/java/jenkins/install/InstallState.java
+++ b/core/src/main/java/jenkins/install/InstallState.java
@@ -49,7 +49,12 @@ public class InstallState implements ExtensionPoint {
      * Need InstallState != NEW for tests by default
      */
     @Extension
-    public static final InstallState UNKNOWN = new InstallState("UNKNOWN", true);
+    public static final InstallState UNKNOWN = new InstallState("UNKNOWN", true) {
+        @Override
+        public void initializeState() {
+            InstallUtil.proceedToNextStateFrom(this);
+        }
+    };
     
     /**
      * After any setup / restart / etc. hooks are done, states should be running
@@ -94,7 +99,7 @@ public class InstallState implements ExtensionPoint {
      */
     @Extension
     public static final InstallState INITIAL_PLUGINS_INSTALLING = new InstallState("INITIAL_PLUGINS_INSTALLING", false);
-    
+
     /**
      * Security setup for a new Jenkins install.
      */
@@ -106,7 +111,7 @@ public class InstallState implements ExtensionPoint {
             } catch (Exception e) {
                 throw new RuntimeException(e);
             }
-            
+
             InstallUtil.proceedToNextStateFrom(INITIAL_SECURITY_SETUP);
         }
     };
@@ -116,7 +121,7 @@ public class InstallState implements ExtensionPoint {
      */
     @Extension
     public static final InstallState NEW = new InstallState("NEW", false);
-    
+
     /**
      * Restart of an existing Jenkins install.
      */
diff --git a/core/src/main/java/jenkins/install/InstallUtil.java b/core/src/main/java/jenkins/install/InstallUtil.java
index 5b3f95555b..48b8d33ab6 100644
--- a/core/src/main/java/jenkins/install/InstallUtil.java
+++ b/core/src/main/java/jenkins/install/InstallUtil.java
@@ -93,7 +93,6 @@ public class InstallUtil {
      */
     public static void proceedToNextStateFrom(InstallState prior) {
         InstallState next = getNextInstallState(prior);
-        if (Main.isDevelopmentMode) LOGGER.info("Install state transitioning from: " + prior + " to: " + next);
         if (next != null) {
             Jenkins.getInstance().setInstallState(next);
         }
diff --git a/core/src/main/java/jenkins/install/SetupWizard.java b/core/src/main/java/jenkins/install/SetupWizard.java
index 0f04f903db..f15b468eed 100644
--- a/core/src/main/java/jenkins/install/SetupWizard.java
+++ b/core/src/main/java/jenkins/install/SetupWizard.java
@@ -64,7 +64,6 @@ import net.sf.json.JSONArray;
 import net.sf.json.JSONObject;
 import org.apache.commons.io.FileUtils;
 import org.apache.commons.io.IOUtils;
-import org.jenkinsci.remoting.engine.JnlpProtocol4Handler;
 import org.kohsuke.accmod.restrictions.DoNotUse;
 import org.kohsuke.stapler.interceptor.RequirePOST;
 
@@ -77,6 +76,10 @@ import org.kohsuke.stapler.interceptor.RequirePOST;
 @Restricted(NoExternalUse.class)
 @Extension
 public class SetupWizard extends PageDecorator {
+    public SetupWizard() {
+        checkFilter();
+    }
+
     /**
      * The security token parameter name
      */
@@ -84,11 +87,6 @@ public class SetupWizard extends PageDecorator {
 
     private static final Logger LOGGER = Logger.getLogger(SetupWizard.class.getName());
     
-    /**
-     * Used to determine if this was a new install (vs. an upgrade, restart, or otherwise)
-     */
-    private static boolean isUsingSecurityToken = false;
-
     /**
      * Initialize the setup wizard, this will process any current state initializations
      */
@@ -168,17 +166,8 @@ public class SetupWizard extends PageDecorator {
                         + "*************************************************************" + ls
                         + "*************************************************************" + ls);
             }
-            
-            try {
-                PluginServletFilter.addFilter(FORCE_SETUP_WIZARD_FILTER);
-                // if we're not using security defaults, we should not show the security token screen
-                // users will likely be sent to a login screen instead
-                isUsingSecurityToken = isUsingSecurityDefaults();
-            } catch (ServletException e) {
-                throw new RuntimeException("Unable to add PluginServletFilter for the SetupWizard", e);
-            }
         }
-        
+
         try {
             // Make sure plugin metadata is up to date
             UpdateCenter.updateDefaultSite();
@@ -186,14 +175,34 @@ public class SetupWizard extends PageDecorator {
             LOGGER.log(Level.WARNING, e.getMessage(), e);
         }
     }
-    
+
+    private void setUpFilter() {
+        try {
+            if (!PluginServletFilter.hasFilter(FORCE_SETUP_WIZARD_FILTER)) {
+                PluginServletFilter.addFilter(FORCE_SETUP_WIZARD_FILTER);
+            }
+        } catch (ServletException e) {
+            throw new RuntimeException("Unable to add PluginServletFilter for the SetupWizard", e);
+        }
+    }
+
+    private void tearDownFilter() {
+        try {
+            if (PluginServletFilter.hasFilter(FORCE_SETUP_WIZARD_FILTER)) {
+                PluginServletFilter.removeFilter(FORCE_SETUP_WIZARD_FILTER);
+            }
+        } catch (ServletException e) {
+            throw new RuntimeException("Unable to remove PluginServletFilter for the SetupWizard", e);
+        }
+    }
+
     /**
      * Indicates a generated password should be used - e.g. this is a new install, no security realm set up
      */
+    @SuppressWarnings("unused") // used by jelly
     public boolean isUsingSecurityToken() {
         try {
-            return isUsingSecurityToken // only ever show the unlock page if using the security token
-                    && !Jenkins.getInstance().getInstallState().isSetupComplete()
+            return !Jenkins.getInstance().getInstallState().isSetupComplete()
                     && isUsingSecurityDefaults();
         } catch (Exception e) {
             // ignore
@@ -487,8 +496,6 @@ public class SetupWizard extends PageDecorator {
         Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
         InstallUtil.saveLastExecVersion();
         setCurrentLevel(Jenkins.getVersion());
-        PluginServletFilter.removeFilter(FORCE_SETUP_WIZARD_FILTER);
-        isUsingSecurityToken = false; // this should not be considered new anymore
         InstallUtil.proceedToNextStateFrom(InstallState.INITIAL_SETUP_COMPLETED);
     }
     
@@ -508,7 +515,28 @@ public class SetupWizard extends PageDecorator {
         }
         return InstallState.valueOf(name);
     }
-    
+
+    /**
+     * Called upon install state update.
+     * @param state the new install state.
+     * @since FIXME
+     */
+    public void onInstallStateUpdate(InstallState state) {
+        if (state.isSetupComplete()) {
+            tearDownFilter();
+        } else {
+            setUpFilter();
+        }
+    }
+
+    /**
+     * Returns whether the setup wizard filter is currently registered.
+     * @since FIXME
+     */
+    public boolean hasSetupWizardFilter() {
+        return PluginServletFilter.hasFilter(FORCE_SETUP_WIZARD_FILTER);
+    }
+
     /**
      * This filter will validate that the security token is provided
      */
@@ -544,4 +572,13 @@ public class SetupWizard extends PageDecorator {
         public void destroy() {
         }
     };
+
+    /**
+     * Sets up the Setup Wizard filter if the current state requires it.
+     */
+    private void checkFilter() {
+        if (!Jenkins.getInstance().getInstallState().isSetupComplete()) {
+            setUpFilter();
+        }
+    }
 }
diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index 5bcd97f138..38e6f565d5 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -328,7 +328,7 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
     /**
      * The Jenkins instance startup type i.e. NEW, UPGRADE etc
      */
-    private transient InstallState installState = InstallState.UNKNOWN;
+    private InstallState installState;
     
     /**
      * If we're in the process of an initial setup, 
@@ -924,7 +924,7 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
                 System.exit(0);
 
             setupWizard = new SetupWizard();
-            InstallUtil.proceedToNextStateFrom(InstallState.UNKNOWN);
+            getInstallState().initializeState();
 
             launchTcpSlaveAgentListener();
 
@@ -1033,9 +1033,12 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
     public void setInstallState(@Nonnull InstallState newState) {
         InstallState prior = installState;
         installState = newState;
-        if (!prior.equals(newState)) {
+        LOGGER.log(Main.isDevelopmentMode ? Level.INFO : Level.FINE, "Install state transitioning from: {0} to : {1}", new Object[] { prior, installState });
+        if (!newState.equals(prior)) {
+            getSetupWizard().onInstallStateUpdate(newState);
             newState.initializeState();
         }
+        saveQuietly();
     }
 
     /**
diff --git a/test/src/test/java/jenkins/install/SetupWizardRestartTest.java b/test/src/test/java/jenkins/install/SetupWizardRestartTest.java
new file mode 100644
index 0000000000..474c1772f9
--- /dev/null
+++ b/test/src/test/java/jenkins/install/SetupWizardRestartTest.java
@@ -0,0 +1,50 @@
+package jenkins.install;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import java.io.IOException;
+
+import org.apache.commons.io.FileUtils;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runners.model.Statement;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.RestartableJenkinsRule;
+
+import hudson.Main;
+import jenkins.model.Jenkins;
+
+public class SetupWizardRestartTest {
+    @Rule
+    public RestartableJenkinsRule rr = new RestartableJenkinsRule();
+
+    @Issue("JENKINS-47439")
+    @Test
+    public void restartKeepsSetupWizardState() {
+        rr.addStep(new Statement() {
+            @Override
+            public void evaluate() throws IOException {
+                // Modify state so that we get into the same conditions as a real start
+                Main.isUnitTest = false;
+                FileUtils.write(InstallUtil.getLastExecVersionFile(), "");
+                Jenkins j = rr.j.getInstance();
+                // Re-evaluate current state based on the new context
+                InstallUtil.proceedToNextStateFrom(InstallState.UNKNOWN);
+                assertEquals("Unexpected install state", InstallState.NEW, j.getInstallState());
+                assertTrue("Expecting setup wizard filter to be up", j.getSetupWizard().hasSetupWizardFilter());
+                InstallUtil.saveLastExecVersion();
+            }
+        });
+        // Check that the state is retained after a restart
+        rr.addStep(new Statement() {
+            @Override
+            public void evaluate() {
+                Jenkins j = rr.j.getInstance();
+                assertEquals("Unexpected install state", InstallState.NEW, j.getInstallState());
+                assertTrue("Expecting setup wizard filter to be up after restart",  j.getSetupWizard().hasSetupWizardFilter());
+            }
+        });
+    }
+
+}
-- 
GitLab


From 5ed43002d7daca06676c565aab18c1842123281f Mon Sep 17 00:00:00 2001
From: Ulli Hafner <ullrich.hafner@gmail.com>
Date: Thu, 1 Feb 2018 21:17:34 +0100
Subject: [PATCH 066/863] [FIXED JENKINS-49319] Upgrade to Prototype 1.7.3.

---
 war/src/main/webapp/scripts/prototype.js | 5786 ++++++++++++++--------
 1 file changed, 3617 insertions(+), 2169 deletions(-)

diff --git a/war/src/main/webapp/scripts/prototype.js b/war/src/main/webapp/scripts/prototype.js
index 63644c0a5c..cc89dafcd6 100644
--- a/war/src/main/webapp/scripts/prototype.js
+++ b/war/src/main/webapp/scripts/prototype.js
@@ -1,4 +1,4 @@
-/*  Prototype JavaScript framework, version 1.7
+/*  Prototype JavaScript framework, version 1.7.3
  *  (c) 2005-2010 Sam Stephenson
  *
  *  Prototype is freely distributable under the terms of an MIT-style license.
@@ -8,7 +8,7 @@
 
 var Prototype = {
 
-  Version: '1.7',
+  Version: '1.7.3',
 
   Browser: (function(){
     var ua = navigator.userAgent;
@@ -49,7 +49,7 @@ var Prototype = {
     })()
   },
 
-  ScriptFragment: '<script[^>]*>([\\S\\s]*?)<\/script>',
+  ScriptFragment: '<script[^>]*>([\\S\\s]*?)<\/script\\s*>',
   JSONFilter: /^\/\*-secure-([\s\S]*)\*\/\s*$/,
 
   emptyFunction: function() { },
@@ -59,27 +59,6 @@ var Prototype = {
 
 if (Prototype.Browser.MobileSafari)
   Prototype.BrowserFeatures.SpecificElementExtensions = false;
-
-
-var Abstract = { };
-
-
-var Try = {
-  these: function() {
-    var returnValue;
-
-    for (var i = 0, length = arguments.length; i < length; i++) {
-      var lambda = arguments[i];
-      try {
-        returnValue = lambda();
-        break;
-      } catch (e) { }
-    }
-
-    return returnValue;
-  }
-};
-
 /* Based on Alex Arnell's inheritance implementation. */
 
 var Class = (function() {
@@ -141,8 +120,13 @@ var Class = (function() {
           return function() { return ancestor[m].apply(this, arguments); };
         })(property).wrap(method);
 
-        value.valueOf = method.valueOf.bind(method);
-        value.toString = method.toString.bind(method);
+        value.valueOf = (function(method) {
+          return function() { return method.valueOf.call(method); };
+        })(method);
+
+        value.toString = (function(method) {
+          return function() { return method.toString.call(method); };
+        })(method);
       }
       this.prototype[property] = value;
     }
@@ -160,6 +144,7 @@ var Class = (function() {
 (function() {
 
   var _toString = Object.prototype.toString,
+      _hasOwnProperty = Object.prototype.hasOwnProperty,
       NULL_TYPE = 'Null',
       UNDEFINED_TYPE = 'Undefined',
       BOOLEAN_TYPE = 'Boolean',
@@ -177,6 +162,18 @@ var Class = (function() {
         JSON.stringify(0) === '0' &&
         typeof JSON.stringify(Prototype.K) === 'undefined';
 
+
+
+  var DONT_ENUMS = ['toString', 'toLocaleString', 'valueOf',
+   'hasOwnProperty', 'isPrototypeOf', 'propertyIsEnumerable', 'constructor'];
+
+  var IS_DONTENUM_BUGGY = (function(){
+    for (var p in { toString: 1 }) {
+      if (p === 'toString') return false;
+    }
+    return true;
+  })();
+
   function Type(o) {
     switch(o) {
       case null: return NULL_TYPE;
@@ -213,9 +210,7 @@ var Class = (function() {
   }
 
   function Str(key, holder, stack) {
-    var value = holder[key],
-        type = typeof value;
-
+    var value = holder[key];
     if (Type(value) === OBJECT_TYPE && typeof value.toJSON === 'function') {
       value = value.toJSON(key);
     }
@@ -235,7 +230,7 @@ var Class = (function() {
       case false: return 'false';
     }
 
-    type = typeof value;
+    var type = typeof value;
     switch (type) {
       case 'string':
         return value.inspect(true);
@@ -244,7 +239,9 @@ var Class = (function() {
       case 'object':
 
         for (var i = 0, length = stack.length; i < length; i++) {
-          if (stack[i] === value) { throw new TypeError(); }
+          if (stack[i] === value) {
+            throw new TypeError("Cyclic reference to '" + value + "' in object");
+          }
         }
         stack.push(value);
 
@@ -286,10 +283,17 @@ var Class = (function() {
     if (Type(object) !== OBJECT_TYPE) { throw new TypeError(); }
     var results = [];
     for (var property in object) {
-      if (object.hasOwnProperty(property)) {
+      if (_hasOwnProperty.call(object, property))
         results.push(property);
+    }
+
+    if (IS_DONTENUM_BUGGY) {
+      for (var i = 0; property = DONT_ENUMS[i]; i++) {
+        if (_hasOwnProperty.call(object, property))
+          results.push(property);
       }
     }
+
     return results;
   }
 
@@ -346,30 +350,7 @@ var Class = (function() {
   extend(Object, {
     extend:        extend,
     inspect:       inspect,
-
-    // JENKINS-11618
-    //toJSON:        NATIVE_JSON_STRINGIFY_SUPPORT ? stringify : toJSON,
-    toJSON: function(object) {
-      var type = typeof object;
-      switch(type) {
-        case 'undefined':
-        case 'function':
-        case 'unknown': return;
-        case 'boolean': return object.toString();
-      }
-      if (object === null) return 'null';
-      // "|| object.toJSON" below is workaround for Opera 10.52/53 bug, see HUDSON-6424
-      if (object.toJSON || object.toJSON) return object.toJSON();
-      if (object.ownerDocument === document) return;
-      var results = [];
-      for (var property in object) {
-        var value = Object.toJSON(object[property]);
-        if (value !== undefined)
-          results.push(property.toJSON() + ': ' + value);
-      }
-      return '{' + results.join(', ') + '}';
-    },
-
+    toJSON:        NATIVE_JSON_STRINGIFY_SUPPORT ? stringify : toJSON,
     toQueryString: toQueryString,
     toHTML:        toHTML,
     keys:          Object.keys || keys,
@@ -406,13 +387,27 @@ Object.extend(Function.prototype, (function() {
     return names.length == 1 && !names[0] ? [] : names;
   }
 
+
   function bind(context) {
-    if (arguments.length < 2 && Object.isUndefined(arguments[0])) return this;
+    if (arguments.length < 2 && Object.isUndefined(arguments[0]))
+      return this;
+
+    if (!Object.isFunction(this))
+      throw new TypeError("The object is not callable.");
+
+    var nop = function() {};
     var __method = this, args = slice.call(arguments, 1);
-    return function() {
+
+    var bound = function() {
       var a = merge(args, arguments);
-      return __method.apply(context, a);
-    }
+      var c = this instanceof bound ? this : context;
+      return __method.apply(c, a);
+    };
+
+    nop.prototype   = this.prototype;
+    bound.prototype = new nop();
+
+    return bound;
   }
 
   function bindAsEventListener(context) {
@@ -462,16 +457,20 @@ Object.extend(Function.prototype, (function() {
     };
   }
 
-  return {
+  var extensions = {
     argumentNames:       argumentNames,
-    bind:                bind,
     bindAsEventListener: bindAsEventListener,
     curry:               curry,
     delay:               delay,
     defer:               defer,
     wrap:                wrap,
     methodize:           methodize
-  }
+  };
+
+  if (!Function.prototype.bind)
+    extensions.bind = bind;
+
+  return extensions;
 })());
 
 
@@ -565,6 +564,11 @@ Object.extend(String.prototype, (function() {
     return function(match) { return template.evaluate(match) };
   }
 
+  function isNonEmptyRegExp(regexp) {
+    return regexp.source && regexp.source !== '(?:)';
+  }
+
+
   function gsub(pattern, replacement) {
     var result = '', source = this, match;
     replacement = prepareReplacement(replacement);
@@ -572,13 +576,14 @@ Object.extend(String.prototype, (function() {
     if (Object.isString(pattern))
       pattern = RegExp.escape(pattern);
 
-    if (!(pattern.length || pattern.source)) {
+    if (!(pattern.length || isNonEmptyRegExp(pattern))) {
       replacement = replacement('');
       return replacement + source.split('').join(replacement) + replacement;
     }
 
     while (source.length > 0) {
-      if (match = source.match(pattern)) {
+      match = source.match(pattern)
+      if (match && match[0].length > 0) {
         result += source.slice(0, match.index);
         result += String.interpret(replacement(match));
         source  = source.slice(match.index + match[0].length);
@@ -616,7 +621,7 @@ Object.extend(String.prototype, (function() {
   }
 
   function stripTags() {
-    return this.replace(/<\w+(\s+("[^"]*"|'[^']*'|[^>])+)?>|<\/\w+>/gi, '');
+    return this.replace(/<\w+(\s+("[^"]*"|'[^']*'|[^>])+)?(\/)?>|<\/\w+>/gi, '');
   }
 
   function stripScripts() {
@@ -632,7 +637,7 @@ Object.extend(String.prototype, (function() {
   }
 
   function evalScripts() {
-    return this.extractScripts().map(function(script) { return eval(script) });
+    return this.extractScripts().map(function(script) { return eval(script); });
   }
 
   function escapeHTML() {
@@ -653,7 +658,10 @@ Object.extend(String.prototype, (function() {
         var key = decodeURIComponent(pair.shift()),
             value = pair.length > 1 ? pair.join('=') : pair[0];
 
-        if (value != undefined) value = decodeURIComponent(value);
+        if (value != undefined) {
+          value = value.gsub('+', ' ');
+          value = decodeURIComponent(value);
+        }
 
         if (key in hash) {
           if (!Object.isArray(hash[key])) hash[key] = [hash[key]];
@@ -711,10 +719,6 @@ Object.extend(String.prototype, (function() {
     return "'" + escapedString.replace(/'/g, '\\\'') + "'";
   }
 
-  function toJSON() {
-    return this.inspect(true);
-  }
-
   function unfilterJSON(filter) {
     return this.replace(filter || Prototype.JSONFilter, '$1');
   }
@@ -730,7 +734,7 @@ Object.extend(String.prototype, (function() {
 
   function evalJSON(sanitize) {
     var json = this.unfilterJSON(),
-        cx = /[\u0000\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g;
+        cx = /[\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff\u0000]/g;
     if (cx.test(json)) {
       json = json.replace(cx, function (a) {
         return '\\u' + ('0000' + a.charCodeAt(0).toString(16)).slice(-4);
@@ -751,12 +755,17 @@ Object.extend(String.prototype, (function() {
     return this.indexOf(pattern) > -1;
   }
 
-  function startsWith(pattern) {
-    return this.lastIndexOf(pattern, 0) === 0;
+  function startsWith(pattern, position) {
+    position = Object.isNumber(position) ? position : 0;
+    return this.lastIndexOf(pattern, position) === position;
   }
 
-  function endsWith(pattern) {
-    var d = this.length - pattern.length;
+  function endsWith(pattern, position) {
+    pattern = String(pattern);
+    position = Object.isNumber(position) ? position : this.length;
+    if (position < 0) position = 0;
+    if (position > this.length) position = this.length;
+    var d = position - pattern.length;
     return d >= 0 && this.indexOf(pattern, d) === d;
   }
 
@@ -795,12 +804,11 @@ Object.extend(String.prototype, (function() {
     dasherize:      dasherize,
     inspect:        inspect,
     unfilterJSON:   unfilterJSON,
-    toJSON:         toJSON,
     isJSON:         isJSON,
     evalJSON:       NATIVE_JSON_PARSE_SUPPORT ? parseJSON : evalJSON,
     include:        include,
-    startsWith:     startsWith,
-    endsWith:       endsWith,
+    startsWith:     String.prototype.startsWith || startsWith,
+    endsWith:       String.prototype.endsWith || endsWith,
     empty:          empty,
     blank:          blank,
     interpolate:    interpolate
@@ -847,11 +855,8 @@ var $break = { };
 
 var Enumerable = (function() {
   function each(iterator, context) {
-    var index = 0;
     try {
-      this._each(function(value) {
-        iterator.call(context, value, index++);
-      });
+      this._each(iterator, context);
     } catch (e) {
       if (e != $break) throw e;
     }
@@ -870,9 +875,9 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var result = true;
     this.each(function(value, index) {
-      result = result && !!iterator.call(context, value, index);
+      result = result && !!iterator.call(context, value, index, this);
       if (!result) throw $break;
-    });
+    }, this);
     return result;
   }
 
@@ -880,9 +885,9 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var result = false;
     this.each(function(value, index) {
-      if (result = !!iterator.call(context, value, index))
+      if (result = !!iterator.call(context, value, index, this))
         throw $break;
-    });
+    }, this);
     return result;
   }
 
@@ -890,28 +895,28 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var results = [];
     this.each(function(value, index) {
-      results.push(iterator.call(context, value, index));
-    });
+      results.push(iterator.call(context, value, index, this));
+    }, this);
     return results;
   }
 
   function detect(iterator, context) {
     var result;
     this.each(function(value, index) {
-      if (iterator.call(context, value, index)) {
+      if (iterator.call(context, value, index, this)) {
         result = value;
         throw $break;
       }
-    });
+    }, this);
     return result;
   }
 
   function findAll(iterator, context) {
     var results = [];
     this.each(function(value, index) {
-      if (iterator.call(context, value, index))
+      if (iterator.call(context, value, index, this))
         results.push(value);
-    });
+    }, this);
     return results;
   }
 
@@ -924,14 +929,14 @@ var Enumerable = (function() {
 
     this.each(function(value, index) {
       if (filter.match(value))
-        results.push(iterator.call(context, value, index));
-    });
+        results.push(iterator.call(context, value, index, this));
+    }, this);
     return results;
   }
 
   function include(object) {
-    if (Object.isFunction(this.indexOf))
-      if (this.indexOf(object) != -1) return true;
+    if (Object.isFunction(this.indexOf) && this.indexOf(object) != -1)
+      return true;
 
     var found = false;
     this.each(function(value) {
@@ -953,8 +958,8 @@ var Enumerable = (function() {
 
   function inject(memo, iterator, context) {
     this.each(function(value, index) {
-      memo = iterator.call(context, memo, value, index);
-    });
+      memo = iterator.call(context, memo, value, index, this);
+    }, this);
     return memo;
   }
 
@@ -969,10 +974,10 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var result;
     this.each(function(value, index) {
-      value = iterator.call(context, value, index);
+      value = iterator.call(context, value, index, this);
       if (result == null || value >= result)
         result = value;
-    });
+    }, this);
     return result;
   }
 
@@ -980,10 +985,10 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var result;
     this.each(function(value, index) {
-      value = iterator.call(context, value, index);
+      value = iterator.call(context, value, index, this);
       if (result == null || value < result)
         result = value;
-    });
+    }, this);
     return result;
   }
 
@@ -991,9 +996,9 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var trues = [], falses = [];
     this.each(function(value, index) {
-      (iterator.call(context, value, index) ?
+      (iterator.call(context, value, index, this) ?
         trues : falses).push(value);
-    });
+    }, this);
     return [trues, falses];
   }
 
@@ -1008,9 +1013,9 @@ var Enumerable = (function() {
   function reject(iterator, context) {
     var results = [];
     this.each(function(value, index) {
-      if (!iterator.call(context, value, index))
+      if (!iterator.call(context, value, index, this))
         results.push(value);
-    });
+    }, this);
     return results;
   }
 
@@ -1018,9 +1023,9 @@ var Enumerable = (function() {
     return this.map(function(value, index) {
       return {
         value: value,
-        criteria: iterator.call(context, value, index)
+        criteria: iterator.call(context, value, index, this)
       };
-    }).sort(function(left, right) {
+    }, this).sort(function(left, right) {
       var a = left.criteria, b = right.criteria;
       return a < b ? -1 : a > b ? 1 : 0;
     }).pluck('value');
@@ -1170,7 +1175,7 @@ Array.from = $A;
 
   function intersect(array) {
     return this.uniq().findAll(function(item) {
-      return array.detect(function(value) { return item === value });
+      return array.indexOf(item) !== -1;
     });
   }
 
@@ -1187,51 +1192,191 @@ Array.from = $A;
     return '[' + this.map(Object.inspect).join(', ') + ']';
   }
 
-  function toJSON() {
-    var results = [];
-    this.each(function(object) {
-      var value = Object.toJSON(object);
-      if (value !== undefined) results.push(value);
-    });
-    return '[' + results.join(', ') + ']';
-  }
-
   function indexOf(item, i) {
-    i || (i = 0);
-    var length = this.length;
-    if (i < 0) i = length + i;
-    for (; i < length; i++)
-      if (this[i] === item) return i;
+    if (this == null) throw new TypeError();
+
+    var array = Object(this), length = array.length >>> 0;
+    if (length === 0) return -1;
+
+    i = Number(i);
+    if (isNaN(i)) {
+      i = 0;
+    } else if (i !== 0 && isFinite(i)) {
+      i = (i > 0 ? 1 : -1) * Math.floor(Math.abs(i));
+    }
+
+    if (i > length) return -1;
+
+    var k = i >= 0 ? i : Math.max(length - Math.abs(i), 0);
+    for (; k < length; k++)
+      if (k in array && array[k] === item) return k;
     return -1;
   }
 
+
   function lastIndexOf(item, i) {
-    i = isNaN(i) ? this.length : (i < 0 ? this.length + i : i) + 1;
-    var n = this.slice(0, i).reverse().indexOf(item);
-    return (n < 0) ? n : i - n - 1;
+    if (this == null) throw new TypeError();
+
+    var array = Object(this), length = array.length >>> 0;
+    if (length === 0) return -1;
+
+    if (!Object.isUndefined(i)) {
+      i = Number(i);
+      if (isNaN(i)) {
+        i = 0;
+      } else if (i !== 0 && isFinite(i)) {
+        i = (i > 0 ? 1 : -1) * Math.floor(Math.abs(i));
+      }
+    } else {
+      i = length;
+    }
+
+    var k = i >= 0 ? Math.min(i, length - 1) :
+     length - Math.abs(i);
+
+    for (; k >= 0; k--)
+      if (k in array && array[k] === item) return k;
+    return -1;
   }
 
-  function concat() {
-    var array = slice.call(this, 0), item;
-    for (var i = 0, length = arguments.length; i < length; i++) {
-      item = arguments[i];
+  function concat(_) {
+    var array = [], items = slice.call(arguments, 0), item, n = 0;
+    items.unshift(this);
+    for (var i = 0, length = items.length; i < length; i++) {
+      item = items[i];
       if (Object.isArray(item) && !('callee' in item)) {
-        for (var j = 0, arrayLength = item.length; j < arrayLength; j++)
-          array.push(item[j]);
+        for (var j = 0, arrayLength = item.length; j < arrayLength; j++) {
+          if (j in item) array[n] = item[j];
+          n++;
+        }
       } else {
-        array.push(item);
+        array[n++] = item;
       }
     }
+    array.length = n;
     return array;
   }
 
+
+  function wrapNative(method) {
+    return function() {
+      if (arguments.length === 0) {
+        return method.call(this, Prototype.K);
+      } else if (arguments[0] === undefined) {
+        var args = slice.call(arguments, 1);
+        args.unshift(Prototype.K);
+        return method.apply(this, args);
+      } else {
+        return method.apply(this, arguments);
+      }
+    };
+  }
+
+
+  function map(iterator) {
+    if (this == null) throw new TypeError();
+    iterator = iterator || Prototype.K;
+
+    var object = Object(this);
+    var results = [], context = arguments[1], n = 0;
+
+    for (var i = 0, length = object.length >>> 0; i < length; i++) {
+      if (i in object) {
+        results[n] = iterator.call(context, object[i], i, object);
+      }
+      n++;
+    }
+    results.length = n;
+    return results;
+  }
+
+  if (arrayProto.map) {
+    map = wrapNative(Array.prototype.map);
+  }
+
+  function filter(iterator) {
+    if (this == null || !Object.isFunction(iterator))
+      throw new TypeError();
+
+    var object = Object(this);
+    var results = [], context = arguments[1], value;
+
+    for (var i = 0, length = object.length >>> 0; i < length; i++) {
+      if (i in object) {
+        value = object[i];
+        if (iterator.call(context, value, i, object)) {
+          results.push(value);
+        }
+      }
+    }
+    return results;
+  }
+
+  if (arrayProto.filter) {
+    filter = Array.prototype.filter;
+  }
+
+  function some(iterator) {
+    if (this == null) throw new TypeError();
+    iterator = iterator || Prototype.K;
+    var context = arguments[1];
+
+    var object = Object(this);
+    for (var i = 0, length = object.length >>> 0; i < length; i++) {
+      if (i in object && iterator.call(context, object[i], i, object)) {
+        return true;
+      }
+    }
+
+    return false;
+  }
+
+  if (arrayProto.some) {
+    some = wrapNative(Array.prototype.some);
+  }
+
+  function every(iterator) {
+    if (this == null) throw new TypeError();
+    iterator = iterator || Prototype.K;
+    var context = arguments[1];
+
+    var object = Object(this);
+    for (var i = 0, length = object.length >>> 0; i < length; i++) {
+      if (i in object && !iterator.call(context, object[i], i, object)) {
+        return false;
+      }
+    }
+
+    return true;
+  }
+
+  if (arrayProto.every) {
+    every = wrapNative(Array.prototype.every);
+  }
+
+
   Object.extend(arrayProto, Enumerable);
 
+  if (arrayProto.entries === Enumerable.entries) {
+    delete arrayProto.entries;
+  }
+
   if (!arrayProto._reverse)
     arrayProto._reverse = arrayProto.reverse;
 
   Object.extend(arrayProto, {
     _each:     _each,
+
+    map:       map,
+    collect:   map,
+    select:    filter,
+    filter:    filter,
+    findAll:   filter,
+    some:      some,
+    any:       some,
+    every:     every,
+    all:       every,
+
     clear:     clear,
     first:     first,
     last:      last,
@@ -1241,7 +1386,6 @@ Array.from = $A;
     reverse:   reverse,
     uniq:      uniq,
     intersect: intersect,
-    toJSON:    toJSON,
     clone:     clone,
     toArray:   clone,
     size:      size,
@@ -1250,7 +1394,7 @@ Array.from = $A;
 
   var CONCAT_ARGUMENTS_BUGGY = (function() {
     return [].concat(arguments)[0][0] !== 1;
-  })(1,2)
+  })(1,2);
 
   if (CONCAT_ARGUMENTS_BUGGY) arrayProto.concat = concat;
 
@@ -1267,12 +1411,14 @@ var Hash = Class.create(Enumerable, (function() {
   }
 
 
-  function _each(iterator) {
+  function _each(iterator, context) {
+    var i = 0;
     for (var key in this._object) {
       var value = this._object[key], pair = [key, value];
       pair.key = key;
       pair.value = value;
-      iterator(pair);
+      iterator.call(context, pair, i);
+      i++;
     }
   }
 
@@ -1325,7 +1471,13 @@ var Hash = Class.create(Enumerable, (function() {
 
   function toQueryPair(key, value) {
     if (Object.isUndefined(value)) return key;
-    return key + '=' + encodeURIComponent(String.interpret(value));
+
+    value = String.interpret(value);
+
+    value = value.gsub(/(\r)?\n/, '\r\n');
+    value = encodeURIComponent(value);
+    value = value.gsub(/%20/, '+');
+    return key + '=' + value;
   }
 
   function toQueryString() {
@@ -1352,10 +1504,6 @@ var Hash = Class.create(Enumerable, (function() {
     }).join(', ') + '}>';
   }
 
-  function toJSON() {
-    return this.toObject().toJSON();
-  }
-
   function clone() {
     return new Hash(this);
   }
@@ -1375,7 +1523,7 @@ var Hash = Class.create(Enumerable, (function() {
     update:                 update,
     toQueryString:          toQueryString,
     inspect:                inspect,
-    toJSON:                 toJSON,
+    toJSON:                 toObject,
     clone:                  clone
   };
 })());
@@ -1400,10 +1548,6 @@ Object.extend(Number.prototype, (function() {
     return '0'.times(length - string.length) + string;
   }
 
-  function toJSON() {
-    return isFinite(this) ? this.toString() : 'null';
-  }
-
   function abs() {
     return Math.abs(this);
   }
@@ -1425,7 +1569,6 @@ Object.extend(Number.prototype, (function() {
     succ:           succ,
     times:          times,
     toPaddedString: toPaddedString,
-    toJSON:         toJSON,
     abs:            abs,
     round:          round,
     ceil:           ceil,
@@ -1444,10 +1587,10 @@ var ObjectRange = Class.create(Enumerable, (function() {
     this.exclusive = exclusive;
   }
 
-  function _each(iterator) {
-    var value = this.start;
-    while (this.include(value)) {
-      iterator(value);
+  function _each(iterator, context) {
+    var value = this.start, i;
+    for (i = 0; this.include(value); i++) {
+      iterator.call(context, value, i);
       value = value.succ();
     }
   }
@@ -1469,6 +1612,25 @@ var ObjectRange = Class.create(Enumerable, (function() {
 
 
 
+var Abstract = { };
+
+
+var Try = {
+  these: function() {
+    var returnValue;
+
+    for (var i = 0, length = arguments.length; i < length; i++) {
+      var lambda = arguments[i];
+      try {
+        returnValue = lambda();
+        break;
+      } catch (e) { }
+    }
+
+    return returnValue;
+  }
+};
+
 var Ajax = {
   getTransport: function() {
     return Try.these(
@@ -1484,8 +1646,8 @@ var Ajax = {
 Ajax.Responders = {
   responders: [],
 
-  _each: function(iterator) {
-    this.responders._each(iterator);
+  _each: function(iterator, context) {
+    this.responders._each(iterator, context);
   },
 
   register: function(responder) {
@@ -1523,7 +1685,7 @@ Ajax.Base = Class.create({
       encoding:     'UTF-8',
       parameters:   '',
       evalJSON:     true,
-      evalJS:       false
+      evalJS:       true
     };
     Object.extend(this.options, options || { });
 
@@ -1531,14 +1693,6 @@ Ajax.Base = Class.create({
 
     if (Object.isHash(this.options.parameters))
       this.options.parameters = this.options.parameters.toObject();
-
-    // KK patch -- handle crumb for POST automatically by adding a header
-    if(this.options.method=="post") {
-        if(this.options.requestHeaders==undefined)
-            this.options.requestHeaders = {};
-        crumb.wrap(this.options.requestHeaders);
-    }
-    // KK patch until here
   }
 });
 Ajax.Request = Class.create(Ajax.Base, {
@@ -1631,7 +1785,8 @@ Ajax.Request = Class.create(Ajax.Base, {
     }
 
     for (var name in headers)
-      this.transport.setRequestHeader(name, headers[name]);
+      if (headers[name] != null)
+        this.transport.setRequestHeader(name, headers[name]);
   },
 
   success: function() {
@@ -1768,7 +1923,12 @@ Ajax.Response = Class.create({
   _getHeaderJSON: function() {
     var json = this.getHeader('X-JSON');
     if (!json) return null;
-    json = decodeURIComponent(escape(json));
+
+    try {
+      json = decodeURIComponent(escape(json));
+    } catch(e) {
+    }
+
     try {
       return json.evalJSON(this.request.options.sanitizeJSON ||
         !this.request.isSameOrigin());
@@ -1869,69 +2029,71 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
   }
 });
 
+(function(GLOBAL) {
 
-function $(element) {
-  if (arguments.length > 1) {
-    for (var i = 0, elements = [], length = arguments.length; i < length; i++)
-      elements.push($(arguments[i]));
-    return elements;
+  var UNDEFINED;
+  var SLICE = Array.prototype.slice;
+
+  var DIV = document.createElement('div');
+
+
+  function $(element) {
+    if (arguments.length > 1) {
+      for (var i = 0, elements = [], length = arguments.length; i < length; i++)
+        elements.push($(arguments[i]));
+      return elements;
+    }
+
+    if (Object.isString(element))
+      element = document.getElementById(element);
+    return Element.extend(element);
   }
-  if (Object.isString(element))
-    element = document.getElementById(element);
-  return Element.extend(element);
-}
 
-if (Prototype.BrowserFeatures.XPath) {
-  document._getElementsByXPath = function(expression, parentElement) {
-    var results = [];
-    var query = document.evaluate(expression, $(parentElement) || document,
-      null, XPathResult.ORDERED_NODE_SNAPSHOT_TYPE, null);
-    for (var i = 0, length = query.snapshotLength; i < length; i++)
-      results.push(Element.extend(query.snapshotItem(i)));
-    return results;
-  };
-}
+  GLOBAL.$ = $;
 
-/*--------------------------------------------------------------------------*/
 
-if (!Node) var Node = { };
-
-if (!Node.ELEMENT_NODE) {
-  Object.extend(Node, {
-    ELEMENT_NODE: 1,
-    ATTRIBUTE_NODE: 2,
-    TEXT_NODE: 3,
-    CDATA_SECTION_NODE: 4,
-    ENTITY_REFERENCE_NODE: 5,
-    ENTITY_NODE: 6,
-    PROCESSING_INSTRUCTION_NODE: 7,
-    COMMENT_NODE: 8,
-    DOCUMENT_NODE: 9,
-    DOCUMENT_TYPE_NODE: 10,
-    DOCUMENT_FRAGMENT_NODE: 11,
-    NOTATION_NODE: 12
-  });
-}
+  if (!GLOBAL.Node) GLOBAL.Node = {};
 
+  if (!GLOBAL.Node.ELEMENT_NODE) {
+    Object.extend(GLOBAL.Node, {
+      ELEMENT_NODE:                1,
+      ATTRIBUTE_NODE:              2,
+      TEXT_NODE:                   3,
+      CDATA_SECTION_NODE:          4,
+      ENTITY_REFERENCE_NODE:       5,
+      ENTITY_NODE:                 6,
+      PROCESSING_INSTRUCTION_NODE: 7,
+      COMMENT_NODE:                8,
+      DOCUMENT_NODE:               9,
+      DOCUMENT_TYPE_NODE:         10,
+      DOCUMENT_FRAGMENT_NODE:     11,
+      NOTATION_NODE:              12
+    });
+  }
 
+  var ELEMENT_CACHE = {};
 
-(function(global) {
-  function shouldUseCache(tagName, attributes) {
+  function shouldUseCreationCache(tagName, attributes) {
     if (tagName === 'select') return false;
     if ('type' in attributes) return false;
     return true;
   }
 
   var HAS_EXTENDED_CREATE_ELEMENT_SYNTAX = (function(){
-    return false;
+    try {
+      var el = document.createElement('<input name="x">');
+      return el.tagName.toLowerCase() === 'input' && el.name === 'x';
+    }
+    catch(err) {
+      return false;
+    }
   })();
 
-  var element = global.Element;
 
-  global.Element = function(tagName, attributes) {
-    attributes = attributes || { };
+  var oldElement = GLOBAL.Element;
+  function Element(tagName, attributes) {
+    attributes = attributes || {};
     tagName = tagName.toLowerCase();
-    var cache = Element.cache;
 
     if (HAS_EXTENDED_CREATE_ELEMENT_SYNTAX && attributes.name) {
       tagName = '<' + tagName + ' name="' + attributes.name + '">';
@@ -1939,1015 +2101,1212 @@ if (!Node.ELEMENT_NODE) {
       return Element.writeAttribute(document.createElement(tagName), attributes);
     }
 
-    if (!cache[tagName]) cache[tagName] = Element.extend(document.createElement(tagName));
+    if (!ELEMENT_CACHE[tagName])
+      ELEMENT_CACHE[tagName] = Element.extend(document.createElement(tagName));
 
-    var node = shouldUseCache(tagName, attributes) ?
-     cache[tagName].cloneNode(false) : document.createElement(tagName);
+    var node = shouldUseCreationCache(tagName, attributes) ?
+     ELEMENT_CACHE[tagName].cloneNode(false) : document.createElement(tagName);
 
     return Element.writeAttribute(node, attributes);
-  };
+  }
 
-  Object.extend(global.Element, element || { });
-  if (element) global.Element.prototype = element.prototype;
+  GLOBAL.Element = Element;
 
-})(this);
+  Object.extend(GLOBAL.Element, oldElement || {});
+  if (oldElement) GLOBAL.Element.prototype = oldElement.prototype;
+
+  Element.Methods = { ByTag: {}, Simulated: {} };
+
+  var methods = {};
+
+  var INSPECT_ATTRIBUTES = { id: 'id', className: 'class' };
+  function inspect(element) {
+    element = $(element);
+    var result = '<' + element.tagName.toLowerCase();
 
-Element.idCounter = 1;
-Element.cache = { };
+    var attribute, value;
+    for (var property in INSPECT_ATTRIBUTES) {
+      attribute = INSPECT_ATTRIBUTES[property];
+      value = (element[property] || '').toString();
+      if (value) result += ' ' + attribute + '=' + value.inspect(true);
+    }
 
-Element._purgeElement = function(element) {
-  var uid = element._prototypeUID;
-  if (uid) {
-    Element.stopObserving(element);
-    element._prototypeUID = void 0;
-    delete Element.Storage[uid];
+    return result + '>';
   }
-}
 
-Element.Methods = {
-  visible: function(element) {
-    return $(element).style.display != 'none';
-  },
+  methods.inspect = inspect;
+
 
-  toggle: function(element) {
+  function visible(element) {
+    return $(element).getStyle('display') !== 'none';
+  }
+
+  function toggle(element, bool) {
     element = $(element);
-    Element[Element.visible(element) ? 'hide' : 'show'](element);
+    if (typeof bool !== 'boolean')
+      bool = !Element.visible(element);
+    Element[bool ? 'show' : 'hide'](element);
+
     return element;
-  },
+  }
 
-  hide: function(element) {
+  function hide(element) {
     element = $(element);
     element.style.display = 'none';
     return element;
-  },
+  }
 
-  show: function(element) {
+  function show(element) {
     element = $(element);
     element.style.display = '';
     return element;
-  },
+  }
+
+
+  Object.extend(methods, {
+    visible: visible,
+    toggle:  toggle,
+    hide:    hide,
+    show:    show
+  });
 
-  remove: function(element) {
+
+  function remove(element) {
     element = $(element);
     element.parentNode.removeChild(element);
     return element;
-  },
+  }
 
-  update: (function(){
+  var SELECT_ELEMENT_INNERHTML_BUGGY = (function(){
+    var el = document.createElement("select"),
+        isBuggy = true;
+    el.innerHTML = "<option value=\"test\">test</option>";
+    if (el.options && el.options[0]) {
+      isBuggy = el.options[0].nodeName.toUpperCase() !== "OPTION";
+    }
+    el = null;
+    return isBuggy;
+  })();
 
-    var SELECT_ELEMENT_INNERHTML_BUGGY = (function(){
-      var el = document.createElement("select"),
-          isBuggy = true;
-      el.innerHTML = "<option value=\"test\">test</option>";
-      if (el.options && el.options[0]) {
-        isBuggy = el.options[0].nodeName.toUpperCase() !== "OPTION";
+  var TABLE_ELEMENT_INNERHTML_BUGGY = (function(){
+    try {
+      var el = document.createElement("table");
+      if (el && el.tBodies) {
+        el.innerHTML = "<tbody><tr><td>test</td></tr></tbody>";
+        var isBuggy = typeof el.tBodies[0] == "undefined";
+        el = null;
+        return isBuggy;
       }
+    } catch (e) {
+      return true;
+    }
+  })();
+
+  var LINK_ELEMENT_INNERHTML_BUGGY = (function() {
+    try {
+      var el = document.createElement('div');
+      el.innerHTML = "<link />";
+      var isBuggy = (el.childNodes.length === 0);
       el = null;
       return isBuggy;
-    })();
+    } catch(e) {
+      return true;
+    }
+  })();
 
-    var TABLE_ELEMENT_INNERHTML_BUGGY = (function(){
-      try {
-        var el = document.createElement("table");
-        if (el && el.tBodies) {
-          el.innerHTML = "<tbody><tr><td>test</td></tr></tbody>";
-          var isBuggy = typeof el.tBodies[0] == "undefined";
-          el = null;
-          return isBuggy;
-        }
-      } catch (e) {
-        return true;
-      }
-    })();
+  var ANY_INNERHTML_BUGGY = SELECT_ELEMENT_INNERHTML_BUGGY ||
+   TABLE_ELEMENT_INNERHTML_BUGGY || LINK_ELEMENT_INNERHTML_BUGGY;
 
-    var LINK_ELEMENT_INNERHTML_BUGGY = (function() {
-      try {
-        var el = document.createElement('div');
-        el.innerHTML = "<link>";
-        var isBuggy = (el.childNodes.length === 0);
-        el = null;
-        return isBuggy;
-      } catch(e) {
-        return true;
-      }
-    })();
+  var SCRIPT_ELEMENT_REJECTS_TEXTNODE_APPENDING = (function () {
+    var s = document.createElement("script"),
+        isBuggy = false;
+    try {
+      s.appendChild(document.createTextNode(""));
+      isBuggy = !s.firstChild ||
+        s.firstChild && s.firstChild.nodeType !== 3;
+    } catch (e) {
+      isBuggy = true;
+    }
+    s = null;
+    return isBuggy;
+  })();
 
-    var ANY_INNERHTML_BUGGY = SELECT_ELEMENT_INNERHTML_BUGGY ||
-     TABLE_ELEMENT_INNERHTML_BUGGY || LINK_ELEMENT_INNERHTML_BUGGY;
+  function update(element, content) {
+    element = $(element);
 
-    var SCRIPT_ELEMENT_REJECTS_TEXTNODE_APPENDING = (function () {
-      var s = document.createElement("script"),
-          isBuggy = false;
-      try {
-        s.appendChild(document.createTextNode(""));
-        isBuggy = !s.firstChild ||
-          s.firstChild && s.firstChild.nodeType !== 3;
-      } catch (e) {
-        isBuggy = true;
-      }
-      s = null;
-      return isBuggy;
-    })();
+    var descendants = element.getElementsByTagName('*'),
+     i = descendants.length;
+    while (i--) purgeElement(descendants[i]);
 
+    if (content && content.toElement)
+      content = content.toElement();
 
-    function update(element, content) {
-      element = $(element);
-      var purgeElement = Element._purgeElement;
+    if (Object.isElement(content))
+      return element.update().insert(content);
 
-      var descendants = element.getElementsByTagName('*'),
-       i = descendants.length;
-      while (i--) purgeElement(descendants[i]);
 
-      if (content && content.toElement)
-        content = content.toElement();
+    content = Object.toHTML(content);
+    var tagName = element.tagName.toUpperCase();
 
-      if (Object.isElement(content))
-        return element.update().insert(content);
+    if (tagName === 'SCRIPT' && SCRIPT_ELEMENT_REJECTS_TEXTNODE_APPENDING) {
+      element.text = content;
+      return element;
+    }
 
-      content = Object.toHTML(content);
+    if (ANY_INNERHTML_BUGGY) {
+      if (tagName in INSERTION_TRANSLATIONS.tags) {
+        while (element.firstChild)
+          element.removeChild(element.firstChild);
 
-      var tagName = element.tagName.toUpperCase();
+        var nodes = getContentFromAnonymousElement(tagName, content.stripScripts());
+        for (var i = 0, node; node = nodes[i]; i++)
+          element.appendChild(node);
 
-      if (tagName === 'SCRIPT' && SCRIPT_ELEMENT_REJECTS_TEXTNODE_APPENDING) {
-        element.text = content;
-        return element;
-      }
+      } else if (LINK_ELEMENT_INNERHTML_BUGGY && Object.isString(content) && content.indexOf('<link') > -1) {
+        while (element.firstChild)
+          element.removeChild(element.firstChild);
 
-      if (ANY_INNERHTML_BUGGY) {
-        if (tagName in Element._insertionTranslations.tags) {
-          while (element.firstChild) {
-            element.removeChild(element.firstChild);
-          }
-          Element._getContentFromAnonymousElement(tagName, content.stripScripts())
-            .each(function(node) {
-              element.appendChild(node)
-            });
-        } else if (LINK_ELEMENT_INNERHTML_BUGGY && Object.isString(content) && content.indexOf('<link') > -1) {
-          while (element.firstChild) {
-            element.removeChild(element.firstChild);
-          }
-          var nodes = Element._getContentFromAnonymousElement(tagName, content.stripScripts(), true);
-          nodes.each(function(node) { element.appendChild(node) });
-        }
-        else {
-          element.innerHTML = content.stripScripts();
-        }
-      }
-      else {
+        var nodes = getContentFromAnonymousElement(tagName,
+         content.stripScripts(), true);
+
+        for (var i = 0, node; node = nodes[i]; i++)
+          element.appendChild(node);
+      } else {
         element.innerHTML = content.stripScripts();
       }
-
-      content.evalScripts.bind(content).defer();
-      return element;
+    } else {
+      element.innerHTML = content.stripScripts();
     }
 
-    return update;
-  })(),
+    content.evalScripts.bind(content).defer();
+    return element;
+  }
 
-  replace: function(element, content) {
+  function replace(element, content) {
     element = $(element);
-    if (content && content.toElement) content = content.toElement();
-    else if (!Object.isElement(content)) {
+
+    if (content && content.toElement) {
+      content = content.toElement();
+    } else if (!Object.isElement(content)) {
       content = Object.toHTML(content);
       var range = element.ownerDocument.createRange();
       range.selectNode(element);
       content.evalScripts.bind(content).defer();
       content = range.createContextualFragment(content.stripScripts());
     }
+
     element.parentNode.replaceChild(content, element);
     return element;
-  },
+  }
+
+  var INSERTION_TRANSLATIONS = {
+    before: function(element, node) {
+      element.parentNode.insertBefore(node, element);
+    },
+    top: function(element, node) {
+      element.insertBefore(node, element.firstChild);
+    },
+    bottom: function(element, node) {
+      element.appendChild(node);
+    },
+    after: function(element, node) {
+      element.parentNode.insertBefore(node, element.nextSibling);
+    },
+
+    tags: {
+      TABLE:  ['<table>',                '</table>',                   1],
+      TBODY:  ['<table><tbody>',         '</tbody></table>',           2],
+      TR:     ['<table><tbody><tr>',     '</tr></tbody></table>',      3],
+      TD:     ['<table><tbody><tr><td>', '</td></tr></tbody></table>', 4],
+      SELECT: ['<select>',               '</select>',                  1]
+    }
+  };
+
+  var tags = INSERTION_TRANSLATIONS.tags;
+
+  Object.extend(tags, {
+    THEAD: tags.TBODY,
+    TFOOT: tags.TBODY,
+    TH:    tags.TD
+  });
 
-  insert: function(element, insertions) {
+  function replace_IE(element, content) {
     element = $(element);
+    if (content && content.toElement)
+      content = content.toElement();
+    if (Object.isElement(content)) {
+      element.parentNode.replaceChild(content, element);
+      return element;
+    }
 
-    if (Object.isString(insertions) || Object.isNumber(insertions) ||
-        Object.isElement(insertions) || (insertions && (insertions.toElement || insertions.toHTML)))
-          insertions = {bottom:insertions};
+    content = Object.toHTML(content);
+    var parent = element.parentNode, tagName = parent.tagName.toUpperCase();
 
-    var content, insert, tagName, childNodes;
+    if (tagName in INSERTION_TRANSLATIONS.tags) {
+      var nextSibling = Element.next(element);
+      var fragments = getContentFromAnonymousElement(
+       tagName, content.stripScripts());
 
-    for (var position in insertions) {
-      content  = insertions[position];
-      position = position.toLowerCase();
-      insert = Element._insertionTranslations[position];
+      parent.removeChild(element);
 
-      if (content && content.toElement) content = content.toElement();
-      if (Object.isElement(content)) {
-        insert(element, content);
-        continue;
-      }
+      var iterator;
+      if (nextSibling)
+        iterator = function(node) { parent.insertBefore(node, nextSibling) };
+      else
+        iterator = function(node) { parent.appendChild(node); }
 
-      content = Object.toHTML(content);
+      fragments.each(iterator);
+    } else {
+      element.outerHTML = content.stripScripts();
+    }
+
+    content.evalScripts.bind(content).defer();
+    return element;
+  }
 
-      tagName = ((position == 'before' || position == 'after')
-        ? element.parentNode : element).tagName.toUpperCase();
+  if ('outerHTML' in document.documentElement)
+    replace = replace_IE;
 
-      childNodes = Element._getContentFromAnonymousElement(tagName, content.stripScripts());
+  function isContent(content) {
+    if (Object.isUndefined(content) || content === null) return false;
 
-      if (position == 'top' || position == 'after') childNodes.reverse();
-      childNodes.each(insert.curry(element));
+    if (Object.isString(content) || Object.isNumber(content)) return true;
+    if (Object.isElement(content)) return true;
+    if (content.toElement || content.toHTML) return true;
 
-      content.evalScripts.bind(content).defer();
+    return false;
+  }
+
+  function insertContentAt(element, content, position) {
+    position   = position.toLowerCase();
+    var method = INSERTION_TRANSLATIONS[position];
+
+    if (content && content.toElement) content = content.toElement();
+    if (Object.isElement(content)) {
+      method(element, content);
+      return element;
     }
 
+    content = Object.toHTML(content);
+    var tagName = ((position === 'before' || position === 'after') ?
+     element.parentNode : element).tagName.toUpperCase();
+
+    var childNodes = getContentFromAnonymousElement(tagName, content.stripScripts());
+
+    if (position === 'top' || position === 'after') childNodes.reverse();
+
+    for (var i = 0, node; node = childNodes[i]; i++)
+      method(element, node);
+
+    content.evalScripts.bind(content).defer();
+  }
+
+  function insert(element, insertions) {
+    element = $(element);
+
+    if (isContent(insertions))
+      insertions = { bottom: insertions };
+
+    for (var position in insertions)
+      insertContentAt(element, insertions[position], position);
+
     return element;
-  },
+  }
 
-  wrap: function(element, wrapper, attributes) {
+  function wrap(element, wrapper, attributes) {
     element = $(element);
-    if (Object.isElement(wrapper))
-      $(wrapper).writeAttribute(attributes || { });
-    else if (Object.isString(wrapper)) wrapper = new Element(wrapper, attributes);
-    else wrapper = new Element('div', wrapper);
+
+    if (Object.isElement(wrapper)) {
+      $(wrapper).writeAttribute(attributes || {});
+    } else if (Object.isString(wrapper)) {
+      wrapper = new Element(wrapper, attributes);
+    } else {
+      wrapper = new Element('div', wrapper);
+    }
+
     if (element.parentNode)
       element.parentNode.replaceChild(wrapper, element);
+
     wrapper.appendChild(element);
+
     return wrapper;
-  },
+  }
 
-  inspect: function(element) {
+  function cleanWhitespace(element) {
     element = $(element);
-    var result = '<' + element.tagName.toLowerCase();
-    $H({'id': 'id', 'className': 'class'}).each(function(pair) {
-      var property = pair.first(),
-          attribute = pair.last(),
-          value = (element[property] || '').toString();
-      if (value) result += ' ' + attribute + '=' + value.inspect(true);
-    });
-    return result + '>';
-  },
+    var node = element.firstChild;
+
+    while (node) {
+      var nextNode = node.nextSibling;
+      if (node.nodeType === Node.TEXT_NODE && !/\S/.test(node.nodeValue))
+        element.removeChild(node);
+      node = nextNode;
+    }
+    return element;
+  }
+
+  function empty(element) {
+    return $(element).innerHTML.blank();
+  }
+
+  function getContentFromAnonymousElement(tagName, html, force) {
+    var t = INSERTION_TRANSLATIONS.tags[tagName], div = DIV;
+
+    var workaround = !!t;
+    if (!workaround && force) {
+      workaround = true;
+      t = ['', '', 0];
+    }
+
+    if (workaround) {
+      div.innerHTML = '&#160;' + t[0] + html + t[1];
+      div.removeChild(div.firstChild);
+      for (var i = t[2]; i--; )
+        div = div.firstChild;
+    } else {
+      div.innerHTML = html;
+    }
+
+    return $A(div.childNodes);
+  }
+
+  function clone(element, deep) {
+    if (!(element = $(element))) return;
+    var clone = element.cloneNode(deep);
+    if (!HAS_UNIQUE_ID_PROPERTY) {
+      clone._prototypeUID = UNDEFINED;
+      if (deep) {
+        var descendants = Element.select(clone, '*'),
+         i = descendants.length;
+        while (i--)
+          descendants[i]._prototypeUID = UNDEFINED;
+      }
+    }
+    return Element.extend(clone);
+  }
+
+  function purgeElement(element) {
+    var uid = getUniqueElementID(element);
+    if (uid) {
+      Element.stopObserving(element);
+      if (!HAS_UNIQUE_ID_PROPERTY)
+        element._prototypeUID = UNDEFINED;
+      delete Element.Storage[uid];
+    }
+  }
+
+  function purgeCollection(elements) {
+    var i = elements.length;
+    while (i--)
+      purgeElement(elements[i]);
+  }
+
+  function purgeCollection_IE(elements) {
+    var i = elements.length, element, uid;
+    while (i--) {
+      element = elements[i];
+      uid = getUniqueElementID(element);
+      delete Element.Storage[uid];
+      delete Event.cache[uid];
+    }
+  }
+
+  if (HAS_UNIQUE_ID_PROPERTY) {
+    purgeCollection = purgeCollection_IE;
+  }
+
+
+  function purge(element) {
+    if (!(element = $(element))) return;
+    purgeElement(element);
+
+    var descendants = element.getElementsByTagName('*'),
+     i = descendants.length;
+
+    while (i--) purgeElement(descendants[i]);
+
+    return null;
+  }
+
+  Object.extend(methods, {
+    remove:  remove,
+    update:  update,
+    replace: replace,
+    insert:  insert,
+    wrap:    wrap,
+    cleanWhitespace: cleanWhitespace,
+    empty:   empty,
+    clone:   clone,
+    purge:   purge
+  });
+
 
-  recursivelyCollect: function(element, property, maximumLength) {
+
+  function recursivelyCollect(element, property, maximumLength) {
     element = $(element);
     maximumLength = maximumLength || -1;
     var elements = [];
 
     while (element = element[property]) {
-      if (element.nodeType == 1)
+      if (element.nodeType === Node.ELEMENT_NODE)
         elements.push(Element.extend(element));
-      if (elements.length == maximumLength)
-        break;
+
+      if (elements.length === maximumLength) break;
     }
 
     return elements;
-  },
+  }
 
-  ancestors: function(element) {
-    return Element.recursivelyCollect(element, 'parentNode');
-  },
 
-  descendants: function(element) {
-    return Element.select(element, "*");
-  },
+  function ancestors(element) {
+    return recursivelyCollect(element, 'parentNode');
+  }
+
+  function descendants(element) {
+    return Element.select(element, '*');
+  }
 
-  firstDescendant: function(element) {
+  function firstDescendant(element) {
     element = $(element).firstChild;
-    while (element && element.nodeType != 1) element = element.nextSibling;
+    while (element && element.nodeType !== Node.ELEMENT_NODE)
+      element = element.nextSibling;
+
     return $(element);
-  },
+  }
 
-  immediateDescendants: function(element) {
+  function immediateDescendants(element) {
     var results = [], child = $(element).firstChild;
+
     while (child) {
-      if (child.nodeType === 1) {
+      if (child.nodeType === Node.ELEMENT_NODE)
         results.push(Element.extend(child));
-      }
+
       child = child.nextSibling;
     }
+
     return results;
-  },
+  }
 
-  previousSiblings: function(element, maximumLength) {
-    return Element.recursivelyCollect(element, 'previousSibling');
-  },
+  function previousSiblings(element) {
+    return recursivelyCollect(element, 'previousSibling');
+  }
 
-  nextSiblings: function(element) {
-    return Element.recursivelyCollect(element, 'nextSibling');
-  },
+  function nextSiblings(element) {
+    return recursivelyCollect(element, 'nextSibling');
+  }
 
-  siblings: function(element) {
+  function siblings(element) {
     element = $(element);
-    return Element.previousSiblings(element).reverse()
-      .concat(Element.nextSiblings(element));
-  },
+    var previous = previousSiblings(element),
+     next = nextSiblings(element);
+    return previous.reverse().concat(next);
+  }
 
-  match: function(element, selector) {
+  function match(element, selector) {
     element = $(element);
+
     if (Object.isString(selector))
       return Prototype.Selector.match(element, selector);
+
     return selector.match(element);
-  },
+  }
 
-  up: function(element, expression, index) {
-    element = $(element);
-    if (arguments.length == 1) return $(element.parentNode);
-    var ancestors = Element.ancestors(element);
-    return Object.isNumber(expression) ? ancestors[expression] :
-      Prototype.Selector.find(ancestors, expression, index);
-  },
 
-  down: function(element, expression, index) {
-    element = $(element);
-    if (arguments.length == 1) return Element.firstDescendant(element);
-    return Object.isNumber(expression) ? Element.descendants(element)[expression] :
-      Element.select(element, expression)[index || 0];
-  },
+  function _recursivelyFind(element, property, expression, index) {
+    element = $(element), expression = expression || 0, index = index || 0;
+    if (Object.isNumber(expression)) {
+      index = expression, expression = null;
+    }
 
-  previous: function(element, expression, index) {
-    element = $(element);
-    if (Object.isNumber(expression)) index = expression, expression = false;
-    if (!Object.isNumber(index)) index = 0;
+    while (element = element[property]) {
+      if (element.nodeType !== 1) continue;
+      if (expression && !Prototype.Selector.match(element, expression))
+        continue;
+      if (--index >= 0) continue;
 
-    if (expression) {
-      return Prototype.Selector.find(element.previousSiblings(), expression, index);
-    } else {
-      return element.recursivelyCollect("previousSibling", index + 1)[index];
+      return Element.extend(element);
     }
-  },
+  }
 
-  next: function(element, expression, index) {
+
+  function up(element, expression, index) {
     element = $(element);
-    if (Object.isNumber(expression)) index = expression, expression = false;
-    if (!Object.isNumber(index)) index = 0;
 
-    if (expression) {
-      return Prototype.Selector.find(element.nextSiblings(), expression, index);
-    } else {
-      var maximumLength = Object.isNumber(index) ? index + 1 : 1;
-      return element.recursivelyCollect("nextSibling", index + 1)[index];
-    }
-  },
+    if (arguments.length === 1) return $(element.parentNode);
+    return _recursivelyFind(element, 'parentNode', expression, index);
+  }
 
+  function down(element, expression, index) {
+    if (arguments.length === 1) return firstDescendant(element);
+    element = $(element), expression = expression || 0, index = index || 0;
 
-  select: function(element) {
+    if (Object.isNumber(expression))
+      index = expression, expression = '*';
+
+    var node = Prototype.Selector.select(expression, element)[index];
+    return Element.extend(node);
+  }
+
+  function previous(element, expression, index) {
+    return _recursivelyFind(element, 'previousSibling', expression, index);
+  }
+
+  function next(element, expression, index) {
+    return _recursivelyFind(element, 'nextSibling', expression, index);
+  }
+
+  function select(element) {
     element = $(element);
-    var expressions = Array.prototype.slice.call(arguments, 1).join(', ');
+    var expressions = SLICE.call(arguments, 1).join(', ');
     return Prototype.Selector.select(expressions, element);
-  },
+  }
 
-  adjacent: function(element) {
+  function adjacent(element) {
     element = $(element);
-    var expressions = Array.prototype.slice.call(arguments, 1).join(', ');
-    return Prototype.Selector.select(expressions, element.parentNode).without(element);
-  },
+    var expressions = SLICE.call(arguments, 1).join(', ');
+    var siblings = Element.siblings(element), results = [];
+    for (var i = 0, sibling; sibling = siblings[i]; i++) {
+      if (Prototype.Selector.match(sibling, expressions))
+        results.push(sibling);
+    }
+
+    return results;
+  }
+
+  function descendantOf_DOM(element, ancestor) {
+    element = $(element), ancestor = $(ancestor);
+    if (!element || !ancestor) return false;
+    while (element = element.parentNode)
+      if (element === ancestor) return true;
+    return false;
+  }
+
+  function descendantOf_contains(element, ancestor) {
+    element = $(element), ancestor = $(ancestor);
+    if (!element || !ancestor) return false;
+    if (!ancestor.contains) return descendantOf_DOM(element, ancestor);
+    return ancestor.contains(element) && ancestor !== element;
+  }
+
+  function descendantOf_compareDocumentPosition(element, ancestor) {
+    element = $(element), ancestor = $(ancestor);
+    if (!element || !ancestor) return false;
+    return (element.compareDocumentPosition(ancestor) & 8) === 8;
+  }
+
+  var descendantOf;
+  if (DIV.compareDocumentPosition) {
+    descendantOf = descendantOf_compareDocumentPosition;
+  } else if (DIV.contains) {
+    descendantOf = descendantOf_contains;
+  } else {
+    descendantOf = descendantOf_DOM;
+  }
+
+
+  Object.extend(methods, {
+    recursivelyCollect:   recursivelyCollect,
+    ancestors:            ancestors,
+    descendants:          descendants,
+    firstDescendant:      firstDescendant,
+    immediateDescendants: immediateDescendants,
+    previousSiblings:     previousSiblings,
+    nextSiblings:         nextSiblings,
+    siblings:             siblings,
+    match:                match,
+    up:                   up,
+    down:                 down,
+    previous:             previous,
+    next:                 next,
+    select:               select,
+    adjacent:             adjacent,
+    descendantOf:         descendantOf,
+
+    getElementsBySelector: select,
+
+    childElements:         immediateDescendants
+  });
+
 
-  identify: function(element) {
+  var idCounter = 1;
+  function identify(element) {
     element = $(element);
     var id = Element.readAttribute(element, 'id');
     if (id) return id;
-    do { id = 'anonymous_element_' + Element.idCounter++ } while ($(id));
+
+    do { id = 'anonymous_element_' + idCounter++ } while ($(id));
+
     Element.writeAttribute(element, 'id', id);
     return id;
-  },
+  }
 
-  readAttribute: function(element, name) {
+
+  function readAttribute(element, name) {
+    return $(element).getAttribute(name);
+  }
+
+  function readAttribute_IE(element, name) {
     element = $(element);
-    if (Prototype.Browser.IE) {
-      var t = Element._attributeTranslations.read;
-      if (t.values[name]) return t.values[name](element, name);
-      if (t.names[name]) name = t.names[name];
-      if (name.include(':')) {
-        return (!element.attributes || !element.attributes[name]) ? null :
-         element.attributes[name].value;
-      }
+
+    var table = ATTRIBUTE_TRANSLATIONS.read;
+    if (table.values[name])
+      return table.values[name](element, name);
+
+    if (table.names[name]) name = table.names[name];
+
+    if (name.include(':')) {
+      if (!element.attributes || !element.attributes[name]) return null;
+      return element.attributes[name].value;
     }
+
     return element.getAttribute(name);
-  },
+  }
+
+  function readAttribute_Opera(element, name) {
+    if (name === 'title') return element.title;
+    return element.getAttribute(name);
+  }
+
+  var PROBLEMATIC_ATTRIBUTE_READING = (function() {
+    DIV.setAttribute('onclick', []);
+    var value = DIV.getAttribute('onclick');
+    var isFunction = Object.isArray(value);
+    DIV.removeAttribute('onclick');
+    return isFunction;
+  })();
+
+  if (PROBLEMATIC_ATTRIBUTE_READING) {
+    readAttribute = readAttribute_IE;
+  } else if (Prototype.Browser.Opera) {
+    readAttribute = readAttribute_Opera;
+  }
+
 
-  writeAttribute: function(element, name, value) {
+  function writeAttribute(element, name, value) {
     element = $(element);
-    var attributes = { }, t = Element._attributeTranslations.write;
+    var attributes = {}, table = ATTRIBUTE_TRANSLATIONS.write;
 
-    if (typeof name == 'object') attributes = name;
-    else attributes[name] = Object.isUndefined(value) ? true : value;
+    if (typeof name === 'object') {
+      attributes = name;
+    } else {
+      attributes[name] = Object.isUndefined(value) ? true : value;
+    }
 
     for (var attr in attributes) {
-      name = t.names[attr] || attr;
+      name = table.names[attr] || attr;
       value = attributes[attr];
-      if (t.values[attr]) name = t.values[attr](element, value);
+      if (table.values[attr]) {
+        value = table.values[attr](element, value);
+        if (Object.isUndefined(value)) continue;
+      }
       if (value === false || value === null)
         element.removeAttribute(name);
       else if (value === true)
         element.setAttribute(name, name);
       else element.setAttribute(name, value);
     }
+
     return element;
-  },
+  }
 
-  getHeight: function(element) {
-    return Element.getDimensions(element).height;
-  },
+  var PROBLEMATIC_HAS_ATTRIBUTE_WITH_CHECKBOXES = (function () {
+    if (!HAS_EXTENDED_CREATE_ELEMENT_SYNTAX) {
+      return false;
+    }
+    var checkbox = document.createElement('<input type="checkbox">');
+    checkbox.checked = true;
+    var node = checkbox.getAttributeNode('checked');
+    return !node || !node.specified;
+  })();
 
-  getWidth: function(element) {
-    return Element.getDimensions(element).width;
-  },
+  function hasAttribute(element, attribute) {
+    attribute = ATTRIBUTE_TRANSLATIONS.has[attribute] || attribute;
+    var node = $(element).getAttributeNode(attribute);
+    return !!(node && node.specified);
+  }
+
+  function hasAttribute_IE(element, attribute) {
+    if (attribute === 'checked') {
+      return element.checked;
+    }
+    return hasAttribute(element, attribute);
+  }
+
+  GLOBAL.Element.Methods.Simulated.hasAttribute =
+   PROBLEMATIC_HAS_ATTRIBUTE_WITH_CHECKBOXES ?
+   hasAttribute_IE : hasAttribute;
 
-  classNames: function(element) {
+  function classNames(element) {
     return new Element.ClassNames(element);
-  },
+  }
 
-  hasClassName: function(element, className) {
+  var regExpCache = {};
+  function getRegExpForClassName(className) {
+    if (regExpCache[className]) return regExpCache[className];
+
+    var re = new RegExp("(^|\\s+)" + className + "(\\s+|$)");
+    regExpCache[className] = re;
+    return re;
+  }
+
+  function hasClassName(element, className) {
     if (!(element = $(element))) return;
+
     var elementClassName = element.className;
-    return (elementClassName && elementClassName.length > 0 && (elementClassName == className ||
-      new RegExp("(^|\\s)" + className + "(\\s|$)").test(elementClassName)));
-  },
 
-  addClassName: function(element, className) {
+    if (elementClassName.length === 0) return false;
+    if (elementClassName === className) return true;
+
+    return getRegExpForClassName(className).test(elementClassName);
+  }
+
+  function addClassName(element, className) {
     if (!(element = $(element))) return;
-    if (!Element.hasClassName(element, className))
+
+    if (!hasClassName(element, className))
       element.className += (element.className ? ' ' : '') + className;
+
     return element;
-  },
+  }
 
-  removeClassName: function(element, className) {
+  function removeClassName(element, className) {
     if (!(element = $(element))) return;
+
     element.className = element.className.replace(
-      new RegExp("(^|\\s+)" + className + "(\\s+|$)"), ' ').strip();
+     getRegExpForClassName(className), ' ').strip();
+
     return element;
-  },
+  }
 
-  toggleClassName: function(element, className) {
+  function toggleClassName(element, className, bool) {
     if (!(element = $(element))) return;
-    return Element[Element.hasClassName(element, className) ?
-      'removeClassName' : 'addClassName'](element, className);
-  },
 
-  cleanWhitespace: function(element) {
-    element = $(element);
-    var node = element.firstChild;
-    while (node) {
-      var nextNode = node.nextSibling;
-      if (node.nodeType == 3 && !/\S/.test(node.nodeValue))
-        element.removeChild(node);
-      node = nextNode;
-    }
-    return element;
-  },
+    if (Object.isUndefined(bool))
+      bool = !hasClassName(element, className);
 
-  empty: function(element) {
-    return $(element).innerHTML.blank();
-  },
+    var method = Element[bool ? 'addClassName' : 'removeClassName'];
+    return method(element, className);
+  }
 
-  descendantOf: function(element, ancestor) {
-    element = $(element), ancestor = $(ancestor);
+  var ATTRIBUTE_TRANSLATIONS = {};
 
-    if (element.compareDocumentPosition)
-      return (element.compareDocumentPosition(ancestor) & 8) === 8;
+  var classProp = 'className', forProp = 'for';
 
-    if (ancestor.contains)
-      return ancestor.contains(element) && ancestor !== element;
+  DIV.setAttribute(classProp, 'x');
+  if (DIV.className !== 'x') {
+    DIV.setAttribute('class', 'x');
+    if (DIV.className === 'x')
+      classProp = 'class';
+  }
 
-    while (element = element.parentNode)
-      if (element == ancestor) return true;
+  var LABEL = document.createElement('label');
+  LABEL.setAttribute(forProp, 'x');
+  if (LABEL.htmlFor !== 'x') {
+    LABEL.setAttribute('htmlFor', 'x');
+    if (LABEL.htmlFor === 'x')
+      forProp = 'htmlFor';
+  }
+  LABEL = null;
 
-    return false;
-  },
+  function _getAttr(element, attribute) {
+    return element.getAttribute(attribute);
+  }
 
-  scrollTo: function(element) {
-    element = $(element);
-    var pos = Element.cumulativeOffset(element);
-    window.scrollTo(pos[0], pos[1]);
-    return element;
-  },
+  function _getAttr2(element, attribute) {
+    return element.getAttribute(attribute, 2);
+  }
 
-  getStyle: function(element, style) {
-    element = $(element);
-    style = style == 'float' ? 'cssFloat' : style.camelize();
-    var value = element.style[style];
-    if (!value || value == 'auto') {
-      var css = document.defaultView.getComputedStyle(element, null);
-      value = css ? css[style] : null;
-    }
-    if (style == 'opacity') return value ? parseFloat(value) : 1.0;
-    return value == 'auto' ? null : value;
-  },
+  function _getAttrNode(element, attribute) {
+    var node = element.getAttributeNode(attribute);
+    return node ? node.value : '';
+  }
 
-  getOpacity: function(element) {
-    return $(element).getStyle('opacity');
-  },
+  function _getFlag(element, attribute) {
+    return $(element).hasAttribute(attribute) ? attribute : null;
+  }
 
-  setStyle: function(element, styles) {
-    element = $(element);
-    var elementStyle = element.style, match;
-    if (Object.isString(styles)) {
-      element.style.cssText += ';' + styles;
-      return styles.include('opacity') ?
-        element.setOpacity(styles.match(/opacity:\s*(\d?\.?\d*)/)[1]) : element;
-    }
-    for (var property in styles)
-      if (property == 'opacity') element.setOpacity(styles[property]);
-      else
-        elementStyle[(property == 'float' || property == 'cssFloat') ?
-          (Object.isUndefined(elementStyle.styleFloat) ? 'cssFloat' : 'styleFloat') :
-            property] = styles[property];
+  DIV.onclick = Prototype.emptyFunction;
+  var onclickValue = DIV.getAttribute('onclick');
 
-    return element;
-  },
+  var _getEv;
 
-  setOpacity: function(element, value) {
-    element = $(element);
-    element.style.opacity = (value == 1 || value === '') ? '' :
-      (value < 0.00001) ? 0 : value;
-    return element;
-  },
+  if (String(onclickValue).indexOf('{') > -1) {
+    _getEv = function(element, attribute) {
+      var value = element.getAttribute(attribute);
+      if (!value) return null;
+      value = value.toString();
+      value = value.split('{')[1];
+      value = value.split('}')[0];
+      return value.strip();
+    };
+  }
+  else if (onclickValue === '') {
+    _getEv = function(element, attribute) {
+      var value = element.getAttribute(attribute);
+      if (!value) return null;
+      return value.strip();
+    };
+  }
 
-  makePositioned: function(element) {
-    element = $(element);
-    var pos = Element.getStyle(element, 'position');
-    if (pos == 'static' || !pos) {
-      element._madePositioned = true;
-      element.style.position = 'relative';
-      if (Prototype.Browser.Opera) {
-        element.style.top = 0;
-        element.style.left = 0;
+  ATTRIBUTE_TRANSLATIONS.read = {
+    names: {
+      'class':     classProp,
+      'className': classProp,
+      'for':       forProp,
+      'htmlFor':   forProp
+    },
+
+    values: {
+      style: function(element) {
+        return element.style.cssText.toLowerCase();
+      },
+      title: function(element) {
+        return element.title;
       }
     }
-    return element;
-  },
+  };
 
-  undoPositioned: function(element) {
-    element = $(element);
-    if (element._madePositioned) {
-      element._madePositioned = undefined;
-      element.style.position =
-        element.style.top =
-        element.style.left =
-        element.style.bottom =
-        element.style.right = '';
+  ATTRIBUTE_TRANSLATIONS.write = {
+    names: {
+      className:   'class',
+      htmlFor:     'for',
+      cellpadding: 'cellPadding',
+      cellspacing: 'cellSpacing'
+    },
+
+    values: {
+      checked: function(element, value) {
+        value = !!value;
+        element.checked = value;
+        return value ? 'checked' : null;
+      },
+
+      style: function(element, value) {
+        element.style.cssText = value ? value : '';
+      }
     }
-    return element;
-  },
+  };
 
-  makeClipping: function(element) {
-    element = $(element);
-    if (element._overflow) return element;
-    element._overflow = Element.getStyle(element, 'overflow') || 'auto';
-    if (element._overflow !== 'hidden')
-      element.style.overflow = 'hidden';
-    return element;
-  },
+  ATTRIBUTE_TRANSLATIONS.has = { names: {} };
+
+  Object.extend(ATTRIBUTE_TRANSLATIONS.write.names,
+   ATTRIBUTE_TRANSLATIONS.read.names);
+
+  var CAMEL_CASED_ATTRIBUTE_NAMES = $w('colSpan rowSpan vAlign dateTime ' +
+   'accessKey tabIndex encType maxLength readOnly longDesc frameBorder');
+
+  for (var i = 0, attr; attr = CAMEL_CASED_ATTRIBUTE_NAMES[i]; i++) {
+    ATTRIBUTE_TRANSLATIONS.write.names[attr.toLowerCase()] = attr;
+    ATTRIBUTE_TRANSLATIONS.has.names[attr.toLowerCase()]   = attr;
+  }
+
+  Object.extend(ATTRIBUTE_TRANSLATIONS.read.values, {
+    href:        _getAttr2,
+    src:         _getAttr2,
+    type:        _getAttr,
+    action:      _getAttrNode,
+    disabled:    _getFlag,
+    checked:     _getFlag,
+    readonly:    _getFlag,
+    multiple:    _getFlag,
+    onload:      _getEv,
+    onunload:    _getEv,
+    onclick:     _getEv,
+    ondblclick:  _getEv,
+    onmousedown: _getEv,
+    onmouseup:   _getEv,
+    onmouseover: _getEv,
+    onmousemove: _getEv,
+    onmouseout:  _getEv,
+    onfocus:     _getEv,
+    onblur:      _getEv,
+    onkeypress:  _getEv,
+    onkeydown:   _getEv,
+    onkeyup:     _getEv,
+    onsubmit:    _getEv,
+    onreset:     _getEv,
+    onselect:    _getEv,
+    onchange:    _getEv
+  });
 
-  undoClipping: function(element) {
-    element = $(element);
-    if (!element._overflow) return element;
-    element.style.overflow = element._overflow == 'auto' ? '' : element._overflow;
-    element._overflow = null;
-    return element;
-  },
 
-  clonePosition: function(element, source) {
-    var options = Object.extend({
-      setLeft:    true,
-      setTop:     true,
-      setWidth:   true,
-      setHeight:  true,
-      offsetTop:  0,
-      offsetLeft: 0
-    }, arguments[2] || { });
+  Object.extend(methods, {
+    identify:        identify,
+    readAttribute:   readAttribute,
+    writeAttribute:  writeAttribute,
+    classNames:      classNames,
+    hasClassName:    hasClassName,
+    addClassName:    addClassName,
+    removeClassName: removeClassName,
+    toggleClassName: toggleClassName
+  });
 
-    source = $(source);
-    var p = Element.viewportOffset(source), delta = [0, 0], parent = null;
 
+  function normalizeStyleName(style) {
+    if (style === 'float' || style === 'styleFloat')
+      return 'cssFloat';
+    return style.camelize();
+  }
+
+  function normalizeStyleName_IE(style) {
+    if (style === 'float' || style === 'cssFloat')
+      return 'styleFloat';
+    return style.camelize();
+  }
+
+  function setStyle(element, styles) {
     element = $(element);
+    var elementStyle = element.style, match;
 
-    if (Element.getStyle(element, 'position') == 'absolute') {
-      parent = Element.getOffsetParent(element);
-      delta = Element.viewportOffset(parent);
+    if (Object.isString(styles)) {
+      elementStyle.cssText += ';' + styles;
+      if (styles.include('opacity')) {
+        var opacity = styles.match(/opacity:\s*(\d?\.?\d*)/)[1];
+        Element.setOpacity(element, opacity);
+      }
+      return element;
     }
 
-    if (parent == document.body) {
-      delta[0] -= document.body.offsetLeft;
-      delta[1] -= document.body.offsetTop;
+    for (var property in styles) {
+      if (property === 'opacity') {
+        Element.setOpacity(element, styles[property]);
+      } else {
+        var value = styles[property];
+        if (property === 'float' || property === 'cssFloat') {
+          property = Object.isUndefined(elementStyle.styleFloat) ?
+           'cssFloat' : 'styleFloat';
+        }
+        elementStyle[property] = value;
+      }
     }
 
-    if (options.setLeft)   element.style.left  = (p[0] - delta[0] + options.offsetLeft) + 'px';
-    if (options.setTop)    element.style.top   = (p[1] - delta[1] + options.offsetTop) + 'px';
-    if (options.setWidth)  element.style.width = source.offsetWidth + 'px';
-    if (options.setHeight) element.style.height = source.offsetHeight + 'px';
     return element;
   }
-};
 
-Object.extend(Element.Methods, {
-  getElementsBySelector: Element.Methods.select,
 
-  childElements: Element.Methods.immediateDescendants
-});
+  function getStyle(element, style) {
+    element = $(element);
+    style = normalizeStyleName(style);
 
-Element._attributeTranslations = {
-  write: {
-    names: {
-      className: 'class',
-      htmlFor:   'for'
-    },
-    values: { }
+    var value = element.style[style];
+    if (!value || value === 'auto') {
+      var css = document.defaultView.getComputedStyle(element, null);
+      value = css ? css[style] : null;
+    }
+
+    if (style === 'opacity') return value ? parseFloat(value) : 1.0;
+    return value === 'auto' ? null : value;
   }
-};
 
-if (Prototype.Browser.Opera) {
-  Element.Methods.getStyle = Element.Methods.getStyle.wrap(
-    function(proceed, element, style) {
-      switch (style) {
-        case 'height': case 'width':
-          if (!Element.visible(element)) return null;
+  function getStyle_Opera(element, style) {
+    switch (style) {
+      case 'height': case 'width':
+        if (!Element.visible(element)) return null;
 
-          var dim = parseInt(proceed(element, style), 10);
+        var dim = parseInt(getStyle(element, style), 10);
 
-          if (dim !== element['offset' + style.capitalize()])
-            return dim + 'px';
+        if (dim !== element['offset' + style.capitalize()])
+          return dim + 'px';
 
-          var properties;
-          if (style === 'height') {
-            properties = ['border-top-width', 'padding-top',
-             'padding-bottom', 'border-bottom-width'];
-          }
-          else {
-            properties = ['border-left-width', 'padding-left',
-             'padding-right', 'border-right-width'];
-          }
-          return properties.inject(dim, function(memo, property) {
-            var val = proceed(element, property);
-            return val === null ? memo : memo - parseInt(val, 10);
-          }) + 'px';
-        default: return proceed(element, style);
-      }
-    }
-  );
+        return Element.measure(element, style);
 
-  Element.Methods.readAttribute = Element.Methods.readAttribute.wrap(
-    function(proceed, element, attribute) {
-      if (attribute === 'title') return element.title;
-      return proceed(element, attribute);
+      default: return getStyle(element, style);
     }
-  );
-}
+  }
 
-else if (Prototype.Browser.IE) {
-  Element.Methods.getStyle = function(element, style) {
+  function getStyle_IE(element, style) {
     element = $(element);
-    style = (style == 'float' || style == 'cssFloat') ? 'styleFloat' : style.camelize();
+    style = normalizeStyleName_IE(style);
+
     var value = element.style[style];
-    if (!value && element.currentStyle) value = element.currentStyle[style];
+    if (!value && element.currentStyle) {
+      value = element.currentStyle[style];
+    }
 
-    if (style == 'opacity') {
-      if (value = (element.getStyle('filter') || '').match(/alpha\(opacity=(.*)\)/))
-        if (value[1]) return parseFloat(value[1]) / 100;
-      return 1.0;
+    if (style === 'opacity') {
+      if (!STANDARD_CSS_OPACITY_SUPPORTED)
+        return getOpacity_IE(element);
+      else return value ? parseFloat(value) : 1.0;
     }
 
-    if (value == 'auto') {
-      if ((style == 'width' || style == 'height') && (element.getStyle('display') != 'none'))
-        return element['offset' + style.capitalize()] + 'px';
+    if (value === 'auto') {
+      if ((style === 'width' || style === 'height') && Element.visible(element))
+        return Element.measure(element, style) + 'px';
       return null;
     }
+
     return value;
-  };
+  }
 
-  Element.Methods.setOpacity = function(element, value) {
-    function stripAlpha(filter){
-      return filter.replace(/alpha\([^\)]*\)/gi,'');
-    }
-    element = $(element);
-    var currentStyle = element.currentStyle;
-    if ((currentStyle && !currentStyle.hasLayout) ||
-      (!currentStyle && element.style.zoom == 'normal'))
-        element.style.zoom = 1;
+  function stripAlphaFromFilter_IE(filter) {
+    return (filter || '').replace(/alpha\([^\)]*\)/gi, '');
+  }
 
-    var filter = element.getStyle('filter'), style = element.style;
-    if (value == 1 || value === '') {
-      (filter = stripAlpha(filter)) ?
-        style.filter = filter : style.removeAttribute('filter');
-      return element;
-    } else if (value < 0.00001) value = 0;
-    style.filter = stripAlpha(filter) +
-      'alpha(opacity=' + (value * 100) + ')';
+  function hasLayout_IE(element) {
+    if (!element.currentStyle || !element.currentStyle.hasLayout)
+      element.style.zoom = 1;
     return element;
-  };
-
-  Element._attributeTranslations = (function(){
+  }
 
-    var classProp = 'className',
-        forProp = 'for',
-        el = document.createElement('div');
+  var STANDARD_CSS_OPACITY_SUPPORTED = (function() {
+    DIV.style.cssText = "opacity:.55";
+    return /^0.55/.test(DIV.style.opacity);
+  })();
 
-    el.setAttribute(classProp, 'x');
+  function setOpacity(element, value) {
+    element = $(element);
+    if (value == 1 || value === '') value = '';
+    else if (value < 0.00001) value = 0;
+    element.style.opacity = value;
+    return element;
+  }
 
-    if (el.className !== 'x') {
-      el.setAttribute('class', 'x');
-      if (el.className === 'x') {
-        classProp = 'class';
-      }
-    }
-    el = null;
+  function setOpacity_IE(element, value) {
+    if (STANDARD_CSS_OPACITY_SUPPORTED)
+      return setOpacity(element, value);
 
-    el = document.createElement('label');
-    el.setAttribute(forProp, 'x');
-    if (el.htmlFor !== 'x') {
-      el.setAttribute('htmlFor', 'x');
-      if (el.htmlFor === 'x') {
-        forProp = 'htmlFor';
-      }
-    }
-    el = null;
+    element = hasLayout_IE($(element));
+    var filter = Element.getStyle(element, 'filter'),
+     style = element.style;
 
-    return {
-      read: {
-        names: {
-          'class':      classProp,
-          'className':  classProp,
-          'for':        forProp,
-          'htmlFor':    forProp
-        },
-        values: {
-          _getAttr: function(element, attribute) {
-            return element.getAttribute(attribute);
-          },
-          _getAttr2: function(element, attribute) {
-            return element.getAttribute(attribute, 2);
-          },
-          _getAttrNode: function(element, attribute) {
-            var node = element.getAttributeNode(attribute);
-            return node ? node.value : "";
-          },
-          _getEv: (function(){
-
-            var el = document.createElement('div'), f;
-            el.onclick = Prototype.emptyFunction;
-            var value = el.getAttribute('onclick');
-
-            if (String(value).indexOf('{') > -1) {
-              f = function(element, attribute) {
-                attribute = element.getAttribute(attribute);
-                if (!attribute) return null;
-                attribute = attribute.toString();
-                attribute = attribute.split('{')[1];
-                attribute = attribute.split('}')[0];
-                return attribute.strip();
-              };
-            }
-            else if (value === '') {
-              f = function(element, attribute) {
-                attribute = element.getAttribute(attribute);
-                if (!attribute) return null;
-                return attribute.strip();
-              };
-            }
-            el = null;
-            return f;
-          })(),
-          _flag: function(element, attribute) {
-            return $(element).hasAttribute(attribute) ? attribute : null;
-          },
-          style: function(element) {
-            return element.style.cssText.toLowerCase();
-          },
-          title: function(element) {
-            return element.title;
-          }
-        }
-      }
+    if (value == 1 || value === '') {
+      filter = stripAlphaFromFilter_IE(filter);
+      if (filter) style.filter = filter;
+      else style.removeAttribute('filter');
+      return element;
     }
-  })();
 
-  Element._attributeTranslations.write = {
-    names: Object.extend({
-      cellpadding: 'cellPadding',
-      cellspacing: 'cellSpacing'
-    }, Element._attributeTranslations.read.names),
-    values: {
-      checked: function(element, value) {
-        element.checked = !!value;
-      },
+    if (value < 0.00001) value = 0;
 
-      style: function(element, value) {
-        element.style.cssText = value ? value : '';
-      }
-    }
-  };
+    style.filter = stripAlphaFromFilter_IE(filter) +
+     ' alpha(opacity=' + (value * 100) + ')';
 
-  Element._attributeTranslations.has = {};
+    return element;
+  }
 
-  $w('colSpan rowSpan vAlign dateTime accessKey tabIndex ' +
-      'encType maxLength readOnly longDesc frameBorder').each(function(attr) {
-    Element._attributeTranslations.write.names[attr.toLowerCase()] = attr;
-    Element._attributeTranslations.has[attr.toLowerCase()] = attr;
-  });
 
-  (function(v) {
-    Object.extend(v, {
-      href:        v._getAttr2,
-      src:         v._getAttr2,
-      type:        v._getAttr,
-      action:      v._getAttrNode,
-      disabled:    v._flag,
-      checked:     v._flag,
-      readonly:    v._flag,
-      multiple:    v._flag,
-      onload:      v._getEv,
-      onunload:    v._getEv,
-      onclick:     v._getEv,
-      ondblclick:  v._getEv,
-      onmousedown: v._getEv,
-      onmouseup:   v._getEv,
-      onmouseover: v._getEv,
-      onmousemove: v._getEv,
-      onmouseout:  v._getEv,
-      onfocus:     v._getEv,
-      onblur:      v._getEv,
-      onkeypress:  v._getEv,
-      onkeydown:   v._getEv,
-      onkeyup:     v._getEv,
-      onsubmit:    v._getEv,
-      onreset:     v._getEv,
-      onselect:    v._getEv,
-      onchange:    v._getEv
-    });
-  })(Element._attributeTranslations.read.values);
+  function getOpacity(element) {
+    return Element.getStyle(element, 'opacity');
+  }
 
-  if (Prototype.BrowserFeatures.ElementExtensions) {
-    (function() {
-      function _descendants(element) {
-        var nodes = element.getElementsByTagName('*'), results = [];
-        for (var i = 0, node; node = nodes[i]; i++)
-          if (node.tagName !== "!") // Filter out comment nodes.
-            results.push(node);
-        return results;
-      }
+  function getOpacity_IE(element) {
+    if (STANDARD_CSS_OPACITY_SUPPORTED)
+      return getOpacity(element);
 
-      Element.Methods.down = function(element, expression, index) {
-        element = $(element);
-        if (arguments.length == 1) return element.firstDescendant();
-        return Object.isNumber(expression) ? _descendants(element)[expression] :
-          Element.select(element, expression)[index || 0];
-      }
-    })();
+    var filter = Element.getStyle(element, 'filter');
+    if (filter.length === 0) return 1.0;
+    var match = (filter || '').match(/alpha\(opacity=(.*)\)/i);
+    if (match && match[1]) return parseFloat(match[1]) / 100;
+    return 1.0;
   }
 
-}
 
-else if (Prototype.Browser.Gecko && /rv:1\.8\.0/.test(navigator.userAgent)) {
-  Element.Methods.setOpacity = function(element, value) {
-    element = $(element);
-    element.style.opacity = (value == 1) ? 0.999999 :
-      (value === '') ? '' : (value < 0.00001) ? 0 : value;
-    return element;
-  };
-}
+  Object.extend(methods, {
+    setStyle:   setStyle,
+    getStyle:   getStyle,
+    setOpacity: setOpacity,
+    getOpacity: getOpacity
+  });
 
-else if (Prototype.Browser.WebKit) {
-  Element.Methods.setOpacity = function(element, value) {
-    element = $(element);
-    element.style.opacity = (value == 1 || value === '') ? '' :
-      (value < 0.00001) ? 0 : value;
-
-    if (value == 1)
-      if (element.tagName.toUpperCase() == 'IMG' && element.width) {
-        element.width++; element.width--;
-      } else try {
-        var n = document.createTextNode(' ');
-        element.appendChild(n);
-        element.removeChild(n);
-      } catch (e) { }
+  if ('styleFloat' in DIV.style) {
+    methods.getStyle = getStyle_IE;
+    methods.setOpacity = setOpacity_IE;
+    methods.getOpacity = getOpacity_IE;
+  }
 
-    return element;
-  };
-}
+  var UID = 0;
 
-if ('outerHTML' in document.documentElement) {
-  Element.Methods.replace = function(element, content) {
-    element = $(element);
+  GLOBAL.Element.Storage = { UID: 1 };
 
-    if (content && content.toElement) content = content.toElement();
-    if (Object.isElement(content)) {
-      element.parentNode.replaceChild(content, element);
-      return element;
-    }
+  function getUniqueElementID(element) {
+    if (element === window) return 0;
 
-    content = Object.toHTML(content);
-    var parent = element.parentNode, tagName = parent.tagName.toUpperCase();
+    if (typeof element._prototypeUID === 'undefined')
+      element._prototypeUID = Element.Storage.UID++;
+    return element._prototypeUID;
+  }
 
-    if (Element._insertionTranslations.tags[tagName]) {
-      var nextSibling = element.next(),
-          fragments = Element._getContentFromAnonymousElement(tagName, content.stripScripts());
-      parent.removeChild(element);
-      if (nextSibling)
-        fragments.each(function(node) { parent.insertBefore(node, nextSibling) });
-      else
-        fragments.each(function(node) { parent.appendChild(node) });
-    }
-    else element.outerHTML = content.stripScripts();
+  function getUniqueElementID_IE(element) {
+    if (element === window) return 0;
+    if (element == document) return 1;
+    return element.uniqueID;
+  }
 
-    content.evalScripts.bind(content).defer();
-    return element;
-  };
-}
+  var HAS_UNIQUE_ID_PROPERTY = ('uniqueID' in DIV);
+  if (HAS_UNIQUE_ID_PROPERTY)
+    getUniqueElementID = getUniqueElementID_IE;
 
-Element._returnOffset = function(l, t) {
-  var result = [l, t];
-  result.left = l;
-  result.top = t;
-  return result;
-};
+  function getStorage(element) {
+    if (!(element = $(element))) return;
 
-Element._getContentFromAnonymousElement = function(tagName, html, force) {
-  var div = new Element('div'),
-      t = Element._insertionTranslations.tags[tagName];
+    var uid = getUniqueElementID(element);
 
-  var workaround = false;
-  if (t) workaround = true;
-  else if (force) {
-    workaround = true;
-    t = ['', '', 0];
-  }
+    if (!Element.Storage[uid])
+      Element.Storage[uid] = $H();
 
-  if (workaround) {
-    div.innerHTML = '&nbsp;' + t[0] + html + t[1];
-    div.removeChild(div.firstChild);
-    for (var i = t[2]; i--; ) {
-      div = div.firstChild;
-    }
-  }
-  else {
-    div.innerHTML = html;
+    return Element.Storage[uid];
   }
-  return $A(div.childNodes);
-};
 
-Element._insertionTranslations = {
-  before: function(element, node) {
-    element.parentNode.insertBefore(node, element);
-  },
-  top: function(element, node) {
-    element.insertBefore(node, element.firstChild);
-  },
-  bottom: function(element, node) {
-    element.appendChild(node);
-  },
-  after: function(element, node) {
-    element.parentNode.insertBefore(node, element.nextSibling);
-  },
-  tags: {
-    TABLE:  ['<table>',                '</table>',                   1],
-    TBODY:  ['<table><tbody>',         '</tbody></table>',           2],
-    TR:     ['<table><tbody><tr>',     '</tr></tbody></table>',      3],
-    TD:     ['<table><tbody><tr><td>', '</td></tr></tbody></table>', 4],
-    SELECT: ['<select>',               '</select>',                  1]
+  function store(element, key, value) {
+    if (!(element = $(element))) return;
+    var storage = getStorage(element);
+    if (arguments.length === 2) {
+      storage.update(key);
+    } else {
+      storage.set(key, value);
+    }
+    return element;
   }
-};
-
-(function() {
-  var tags = Element._insertionTranslations.tags;
-  Object.extend(tags, {
-    THEAD: tags.TBODY,
-    TFOOT: tags.TBODY,
-    TH:    tags.TD
-  });
-})();
 
-Element.Methods.Simulated = {
-  hasAttribute: function(element, attribute) {
-    attribute = Element._attributeTranslations.has[attribute] || attribute;
-    var node = $(element).getAttributeNode(attribute);
-    return !!(node && node.specified);
-  }
-};
+  function retrieve(element, key, defaultValue) {
+    if (!(element = $(element))) return;
+    var storage = getStorage(element), value = storage.get(key);
 
-Element.Methods.ByTag = { };
+    if (Object.isUndefined(value)) {
+      storage.set(key, defaultValue);
+      value = defaultValue;
+    }
 
-Object.extend(Element, Element.Methods);
+    return value;
+  }
 
-(function(div) {
 
-  if (!Prototype.BrowserFeatures.ElementExtensions && div['__proto__']) {
-    window.HTMLElement = { };
-    window.HTMLElement.prototype = div['__proto__'];
-    Prototype.BrowserFeatures.ElementExtensions = true;
-  }
+  Object.extend(methods, {
+    getStorage: getStorage,
+    store:      store,
+    retrieve:   retrieve
+  });
 
-  div = null;
 
-})(document.createElement('div'));
+  var Methods = {}, ByTag = Element.Methods.ByTag,
+   F = Prototype.BrowserFeatures;
 
-Element.extend = (function() {
+  if (!F.ElementExtensions && ('__proto__' in DIV)) {
+    GLOBAL.HTMLElement = {};
+    GLOBAL.HTMLElement.prototype = DIV['__proto__'];
+    F.ElementExtensions = true;
+  }
 
-  function checkDeficiency(tagName) {
-    if (typeof window.Element != 'undefined') {
-      var proto = window.Element.prototype;
-      if (proto) {
-        var id = '_' + (Math.random()+'').slice(2),
-            el = document.createElement(tagName);
-        proto[id] = 'x';
-        var isBuggy = (el[id] !== 'x');
-        delete proto[id];
-        el = null;
-        return isBuggy;
-      }
+  function checkElementPrototypeDeficiency(tagName) {
+    if (typeof window.Element === 'undefined') return false;
+    if (!HAS_EXTENDED_CREATE_ELEMENT_SYNTAX) return false;
+    var proto = window.Element.prototype;
+    if (proto) {
+      var id = '_' + (Math.random() + '').slice(2),
+       el = document.createElement(tagName);
+      proto[id] = 'x';
+      var isBuggy = (el[id] !== 'x');
+      delete proto[id];
+      el = null;
+      return isBuggy;
     }
+
     return false;
   }
 
+  var HTMLOBJECTELEMENT_PROTOTYPE_BUGGY =
+   checkElementPrototypeDeficiency('object');
+
   function extendElementWith(element, methods) {
     for (var property in methods) {
       var value = methods[property];
@@ -2956,98 +3315,52 @@ Element.extend = (function() {
     }
   }
 
-  var HTMLOBJECTELEMENT_PROTOTYPE_BUGGY = checkDeficiency('object');
-
-  if (Prototype.BrowserFeatures.SpecificElementExtensions) {
-    if (HTMLOBJECTELEMENT_PROTOTYPE_BUGGY) {
-      return function(element) {
-        if (element && typeof element._extendedByPrototype == 'undefined') {
-          var t = element.tagName;
-          if (t && (/^(?:object|applet|embed)$/i.test(t))) {
-            extendElementWith(element, Element.Methods);
-            extendElementWith(element, Element.Methods.Simulated);
-            extendElementWith(element, Element.Methods.ByTag[t.toUpperCase()]);
-          }
-        }
-        return element;
-      }
-    }
-    return Prototype.K;
+  var EXTENDED = {};
+  function elementIsExtended(element) {
+    var uid = getUniqueElementID(element);
+    return (uid in EXTENDED);
   }
 
-  var Methods = { }, ByTag = Element.Methods.ByTag;
-
-  var extend = Object.extend(function(element) {
-    if (!element || typeof element._extendedByPrototype != 'undefined' ||
-        element.nodeType != 1 || element == window) return element;
+  function extend(element) {
+    if (!element || elementIsExtended(element)) return element;
+    if (element.nodeType !== Node.ELEMENT_NODE || element == window)
+      return element;
 
     var methods = Object.clone(Methods),
-        tagName = element.tagName.toUpperCase();
+     tagName = element.tagName.toUpperCase();
 
     if (ByTag[tagName]) Object.extend(methods, ByTag[tagName]);
 
     extendElementWith(element, methods);
-
-    element._extendedByPrototype = Prototype.emptyFunction;
+    EXTENDED[getUniqueElementID(element)] = true;
     return element;
+  }
 
-  }, {
-    refresh: function() {
-      if (!Prototype.BrowserFeatures.ElementExtensions) {
-        Object.extend(Methods, Element.Methods);
-        Object.extend(Methods, Element.Methods.Simulated);
-      }
-    }
-  });
-
-  extend.refresh();
-  return extend;
-})();
-
-if (document.documentElement.hasAttribute) {
-  Element.hasAttribute = function(element, attribute) {
-    return element.hasAttribute(attribute);
-  };
-}
-else {
-  Element.hasAttribute = Element.Methods.Simulated.hasAttribute;
-}
-
-Element.addMethods = function(methods) {
-  var F = Prototype.BrowserFeatures, T = Element.Methods.ByTag;
+  function extend_IE8(element) {
+    if (!element || elementIsExtended(element)) return element;
 
-  if (!methods) {
-    Object.extend(Form, Form.Methods);
-    Object.extend(Form.Element, Form.Element.Methods);
-    Object.extend(Element.Methods.ByTag, {
-      "FORM":     Object.clone(Form.Methods),
-      "INPUT":    Object.clone(Form.Element.Methods),
-      "SELECT":   Object.clone(Form.Element.Methods),
-      "TEXTAREA": Object.clone(Form.Element.Methods),
-      "BUTTON":   Object.clone(Form.Element.Methods)
-    });
-  }
+    var t = element.tagName;
+    if (t && (/^(?:object|applet|embed)$/i.test(t))) {
+      extendElementWith(element, Element.Methods);
+      extendElementWith(element, Element.Methods.Simulated);
+      extendElementWith(element, Element.Methods.ByTag[t.toUpperCase()]);
+    }
 
-  if (arguments.length == 2) {
-    var tagName = methods;
-    methods = arguments[1];
+    return element;
   }
 
-  if (!tagName) Object.extend(Element.Methods, methods || { });
-  else {
-    if (Object.isArray(tagName)) tagName.each(extend);
-    else extend(tagName);
+  if (F.SpecificElementExtensions) {
+    extend = HTMLOBJECTELEMENT_PROTOTYPE_BUGGY ? extend_IE8 : Prototype.K;
   }
 
-  function extend(tagName) {
+  function addMethodsToTagName(tagName, methods) {
     tagName = tagName.toUpperCase();
-    if (!Element.Methods.ByTag[tagName])
-      Element.Methods.ByTag[tagName] = { };
-    Object.extend(Element.Methods.ByTag[tagName], methods);
+    if (!ByTag[tagName]) ByTag[tagName] = {};
+    Object.extend(ByTag[tagName], methods);
   }
 
-  function copy(methods, destination, onlyIfAbsent) {
-    onlyIfAbsent = onlyIfAbsent || false;
+  function mergeMethods(destination, methods, onlyIfAbsent) {
+    if (Object.isUndefined(onlyIfAbsent)) onlyIfAbsent = false;
     for (var property in methods) {
       var value = methods[property];
       if (!Object.isFunction(value)) continue;
@@ -3077,169 +3390,150 @@ Element.addMethods = function(methods) {
     if (window[klass]) return window[klass];
 
     var element = document.createElement(tagName),
-        proto = element['__proto__'] || element.constructor.prototype;
+     proto = element['__proto__'] || element.constructor.prototype;
 
     element = null;
     return proto;
   }
 
-  var elementPrototype = window.HTMLElement ? HTMLElement.prototype :
-   Element.prototype;
+  function addMethods(methods) {
+    if (arguments.length === 0) addFormMethods();
 
-  if (F.ElementExtensions) {
-    copy(Element.Methods, elementPrototype);
-    copy(Element.Methods.Simulated, elementPrototype, true);
-  }
+    if (arguments.length === 2) {
+      var tagName = methods;
+      methods = arguments[1];
+    }
 
-  if (F.SpecificElementExtensions) {
-    for (var tag in Element.Methods.ByTag) {
-      var klass = findDOMClass(tag);
-      if (Object.isUndefined(klass)) continue;
-      copy(T[tag], klass.prototype);
+    if (!tagName) {
+      Object.extend(Element.Methods, methods || {});
+    } else {
+      if (Object.isArray(tagName)) {
+        for (var i = 0, tag; tag = tagName[i]; i++)
+          addMethodsToTagName(tag, methods);
+      } else {
+        addMethodsToTagName(tagName, methods);
+      }
     }
-  }
 
-  Object.extend(Element, Element.Methods);
-  delete Element.ByTag;
+    var ELEMENT_PROTOTYPE = window.HTMLElement ? HTMLElement.prototype :
+     Element.prototype;
 
-  if (Element.extend.refresh) Element.extend.refresh();
-  Element.cache = { };
-};
+    if (F.ElementExtensions) {
+      mergeMethods(ELEMENT_PROTOTYPE, Element.Methods);
+      mergeMethods(ELEMENT_PROTOTYPE, Element.Methods.Simulated, true);
+    }
 
+    if (F.SpecificElementExtensions) {
+      for (var tag in Element.Methods.ByTag) {
+        var klass = findDOMClass(tag);
+        if (Object.isUndefined(klass)) continue;
+        mergeMethods(klass.prototype, ByTag[tag]);
+      }
+    }
 
-document.viewport = {
+    Object.extend(Element, Element.Methods);
+    Object.extend(Element, Element.Methods.Simulated);
+    delete Element.ByTag;
+    delete Element.Simulated;
 
-  getDimensions: function() {
-    return { width: this.getWidth(), height: this.getHeight() };
-  },
+    Element.extend.refresh();
 
-  getScrollOffsets: function() {
-    return Element._returnOffset(
-      window.pageXOffset || document.documentElement.scrollLeft || document.body.scrollLeft,
-      window.pageYOffset || document.documentElement.scrollTop  || document.body.scrollTop);
+    ELEMENT_CACHE = {};
   }
-};
 
-(function(viewport) {
-  var B = Prototype.Browser, doc = document, element, property = {};
-
-  function getRootElement() {
-    if (B.WebKit && !doc.evaluate)
-      return document;
+  Object.extend(GLOBAL.Element, {
+    extend:     extend,
+    addMethods: addMethods
+  });
 
-    if (B.Opera && window.parseFloat(window.opera.version()) < 9.5)
-      return document.body;
+  if (extend === Prototype.K) {
+    GLOBAL.Element.extend.refresh = Prototype.emptyFunction;
+  } else {
+    GLOBAL.Element.extend.refresh = function() {
+      if (Prototype.BrowserFeatures.ElementExtensions) return;
+      Object.extend(Methods, Element.Methods);
+      Object.extend(Methods, Element.Methods.Simulated);
 
-    return document.documentElement;
+      EXTENDED = {};
+    };
   }
 
-  function define(D) {
-    if (!element) element = getRootElement();
-
-    property[D] = 'client' + D;
-
-    viewport['get' + D] = function() { return element[property[D]] };
-    return viewport['get' + D]();
+  function addFormMethods() {
+    Object.extend(Form, Form.Methods);
+    Object.extend(Form.Element, Form.Element.Methods);
+    Object.extend(Element.Methods.ByTag, {
+      "FORM":     Object.clone(Form.Methods),
+      "INPUT":    Object.clone(Form.Element.Methods),
+      "SELECT":   Object.clone(Form.Element.Methods),
+      "TEXTAREA": Object.clone(Form.Element.Methods),
+      "BUTTON":   Object.clone(Form.Element.Methods)
+    });
   }
 
-  viewport.getWidth  = define.curry('Width');
-
-  viewport.getHeight = define.curry('Height');
-})(document.viewport);
-
+  Element.addMethods(methods);
 
-Element.Storage = {
-  UID: 1
-};
-
-Element.addMethods({
-  getStorage: function(element) {
-    if (!(element = $(element))) return;
+  function destroyCache_IE() {
+    DIV = null;
+    ELEMENT_CACHE = null;
+  }
 
-    var uid;
-    if (element === window) {
-      uid = 0;
-    } else {
-      if (typeof element._prototypeUID === "undefined")
-        element._prototypeUID = Element.Storage.UID++;
-      uid = element._prototypeUID;
-    }
+  if (window.attachEvent)
+    window.attachEvent('onunload', destroyCache_IE);
 
-    if (!Element.Storage[uid])
-      Element.Storage[uid] = $H();
+})(this);
+(function() {
 
-    return Element.Storage[uid];
-  },
+  function toDecimal(pctString) {
+    var match = pctString.match(/^(\d+)%?$/i);
+    if (!match) return null;
+    return (Number(match[1]) / 100);
+  }
 
-  store: function(element, key, value) {
-    if (!(element = $(element))) return;
+  function getRawStyle(element, style) {
+    element = $(element);
 
-    if (arguments.length === 2) {
-      Element.getStorage(element).update(key);
-    } else {
-      Element.getStorage(element).set(key, value);
+    var value = element.style[style];
+    if (!value || value === 'auto') {
+      var css = document.defaultView.getComputedStyle(element, null);
+      value = css ? css[style] : null;
     }
 
-    return element;
-  },
-
-  retrieve: function(element, key, defaultValue) {
-    if (!(element = $(element))) return;
-    var hash = Element.getStorage(element), value = hash.get(key);
+    if (style === 'opacity') return value ? parseFloat(value) : 1.0;
+    return value === 'auto' ? null : value;
+  }
 
-    if (Object.isUndefined(value)) {
-      hash.set(key, defaultValue);
-      value = defaultValue;
+  function getRawStyle_IE(element, style) {
+    var value = element.style[style];
+    if (!value && element.currentStyle) {
+      value = element.currentStyle[style];
     }
-
     return value;
-  },
-
-  clone: function(element, deep) {
-    if (!(element = $(element))) return;
-    var clone = element.cloneNode(deep);
-    clone._prototypeUID = void 0;
-    if (deep) {
-      var descendants = Element.select(clone, '*'),
-          i = descendants.length;
-      while (i--) {
-        descendants[i]._prototypeUID = void 0;
-      }
-    }
-    return Element.extend(clone);
-  },
-
-  purge: function(element) {
-    if (!(element = $(element))) return;
-    var purgeElement = Element._purgeElement;
-
-    purgeElement(element);
+  }
 
-    var descendants = element.getElementsByTagName('*'),
-     i = descendants.length;
+  function getContentWidth(element, context) {
+    var boxWidth = element.offsetWidth;
 
-    while (i--) purgeElement(descendants[i]);
+    var bl = getPixelValue(element, 'borderLeftWidth',  context) || 0;
+    var br = getPixelValue(element, 'borderRightWidth', context) || 0;
+    var pl = getPixelValue(element, 'paddingLeft',      context) || 0;
+    var pr = getPixelValue(element, 'paddingRight',     context) || 0;
 
-    return null;
+    return boxWidth - bl - br - pl - pr;
   }
-});
 
-(function() {
-
-  function toDecimal(pctString) {
-    var match = pctString.match(/^(\d+)%?$/i);
-    if (!match) return null;
-    return (Number(match[1]) / 100);
+  if (!Object.isUndefined(document.documentElement.currentStyle) && !Prototype.Browser.Opera) {
+    getRawStyle = getRawStyle_IE;
   }
 
+
   function getPixelValue(value, property, context) {
     var element = null;
     if (Object.isElement(value)) {
       element = value;
-      value = element.getStyle(property);
+      value = getRawStyle(element, property);
     }
 
-    if (value === null) {
+    if (value === null || Object.isUndefined(value)) {
       return null;
     }
 
@@ -3262,14 +3556,12 @@ Element.addMethods({
 
     if (element && isPercentage) {
       context = context || element.parentNode;
-      var decimal = toDecimal(value);
-      var whole = null;
-      var position = element.getStyle('position');
+      var decimal = toDecimal(value), whole = null;
 
       var isHorizontal = property.include('left') || property.include('right') ||
        property.include('width');
 
-      var isVertical =  property.include('top') || property.include('bottom') ||
+      var isVertical   = property.include('top') || property.include('bottom') ||
         property.include('height');
 
       if (context === document.viewport) {
@@ -3293,14 +3585,12 @@ Element.addMethods({
   }
 
   function toCSSPixels(number) {
-    if (Object.isString(number) && number.endsWith('px')) {
+    if (Object.isString(number) && number.endsWith('px'))
       return number;
-    }
     return number + 'px';
   }
 
   function isDisplayed(element) {
-    var originalElement = element;
     while (element && element.parentNode) {
       var display = element.getStyle('display');
       if (display === 'none') {
@@ -3358,14 +3648,15 @@ Element.addMethods({
     },
 
     _begin: function() {
-      if (this._prepared) return;
+      if (this._isPrepared()) return;
 
       var element = this.element;
       if (isDisplayed(element)) {
-        this._prepared = true;
+        this._setPrepared(true);
         return;
       }
 
+
       var originalStyles = {
         position:   element.style.position   || '',
         width:      element.style.width      || '',
@@ -3375,30 +3666,30 @@ Element.addMethods({
 
       element.store('prototype_original_styles', originalStyles);
 
-      var position = element.getStyle('position'),
-       width = element.getStyle('width');
+      var position = getRawStyle(element, 'position'), width = element.offsetWidth;
 
-      if (width === "0px" || width === null) {
+      if (width === 0 || width === null) {
         element.style.display = 'block';
-        width = element.getStyle('width');
+        width = element.offsetWidth;
       }
 
       var context = (position === 'fixed') ? document.viewport :
        element.parentNode;
 
-      element.setStyle({
-        position:   'absolute',
+      var tempStyles = {
         visibility: 'hidden',
         display:    'block'
-      });
+      };
 
-      var positionedWidth = element.getStyle('width');
+      if (position !== 'fixed') tempStyles.position = 'absolute';
 
-      var newWidth;
+      element.setStyle(tempStyles);
+
+      var positionedWidth = element.offsetWidth, newWidth;
       if (width && (positionedWidth === width)) {
-        newWidth = getPixelValue(element, 'width', context);
+        newWidth = getContentWidth(element, context);
       } else if (position === 'absolute' || position === 'fixed') {
-        newWidth = getPixelValue(element, 'width', context);
+        newWidth = getContentWidth(element, context);
       } else {
         var parent = element.parentNode, pLayout = $(parent).getLayout();
 
@@ -3413,7 +3704,7 @@ Element.addMethods({
 
       element.setStyle({ width: newWidth + 'px' });
 
-      this._prepared = true;
+      this._setPrepared(true);
     },
 
     _end: function() {
@@ -3421,7 +3712,7 @@ Element.addMethods({
       var originalStyles = element.retrieve('prototype_original_styles');
       element.store('prototype_original_styles', null);
       element.setStyle(originalStyles);
-      this._prepared = false;
+      this._setPrepared(false);
     },
 
     _compute: function(property) {
@@ -3433,6 +3724,14 @@ Element.addMethods({
       return this._set(property, COMPUTATIONS[property].call(this, this.element));
     },
 
+    _isPrepared: function() {
+      return this.element.retrieve('prototype_element_layout_prepared', false);
+    },
+
+    _setPrepared: function(bool) {
+      return this.element.store('prototype_element_layout_prepared', bool);
+    },
+
     toObject: function() {
       var args = $A(arguments);
       var keys = (args.length === 0) ? Element.Layout.PROPERTIES :
@@ -3514,7 +3813,6 @@ Element.addMethods({
          pRight = this.get('padding-right');
 
         if (!this._preComputing) this._end();
-
         return bWidth - bLeft - bRight - pLeft - pRight;
       },
 
@@ -3705,6 +4003,14 @@ Element.addMethods({
     return $(element).getLayout().get(property);
   }
 
+  function getHeight(element) {
+    return Element.getDimensions(element).height;
+  }
+
+  function getWidth(element) {
+    return Element.getDimensions(element).width;
+  }
+
   function getDimensions(element) {
     element = $(element);
     var display = Element.getStyle(element, 'display');
@@ -3743,15 +4049,19 @@ Element.addMethods({
   function getOffsetParent(element) {
     element = $(element);
 
+    function selfOrBody(element) {
+      return isHtml(element) ? $(document.body) : $(element);
+    }
+
     if (isDocument(element) || isDetached(element) || isBody(element) || isHtml(element))
       return $(document.body);
 
     var isInline = (Element.getStyle(element, 'display') === 'inline');
-    if (!isInline && element.offsetParent) return $(element.offsetParent);
+    if (!isInline && element.offsetParent) return selfOrBody(element.offsetParent);
 
     while ((element = element.parentNode) && element !== document.body) {
       if (Element.getStyle(element, 'position') !== 'static') {
-        return isHtml(element) ? $(document.body) : $(element);
+        return selfOrBody(element);
       }
     }
 
@@ -3789,8 +4099,8 @@ Element.addMethods({
       }
     } while (element);
 
-    valueL -= layout.get('margin-top');
-    valueT -= layout.get('margin-left');
+    valueL -= layout.get('margin-left');
+    valueT -= layout.get('margin-top');
 
     return new Element.Offset(valueL, valueT);
   }
@@ -3798,17 +4108,24 @@ Element.addMethods({
   function cumulativeScrollOffset(element) {
     var valueT = 0, valueL = 0;
     do {
-      valueT += element.scrollTop  || 0;
-      valueL += element.scrollLeft || 0;
-      element = element.parentNode;
+      if (element === document.body) {
+        var bodyScrollNode = document.documentElement || document.body.parentNode || document.body;
+        valueT += !Object.isUndefined(window.pageYOffset) ? window.pageYOffset : bodyScrollNode.scrollTop || 0;
+        valueL += !Object.isUndefined(window.pageXOffset) ? window.pageXOffset : bodyScrollNode.scrollLeft || 0;
+        break;
+      } else {
+        valueT += element.scrollTop  || 0;
+        valueL += element.scrollLeft || 0;
+        element = element.parentNode;
+      }
     } while (element);
     return new Element.Offset(valueL, valueT);
   }
 
   function viewportOffset(forElement) {
-    element = $(element);
     var valueT = 0, valueL = 0, docBody = document.body;
 
+    forElement = $(forElement);
     var element = forElement;
     do {
       valueT += element.offsetTop  || 0;
@@ -3842,10 +4159,11 @@ Element.addMethods({
     var layout = element.getLayout();
 
     element.store('prototype_absolutize_original_styles', {
-      left:   element.getStyle('left'),
-      top:    element.getStyle('top'),
-      width:  element.getStyle('width'),
-      height: element.getStyle('height')
+      position: element.getStyle('position'),
+      left:     element.getStyle('left'),
+      top:      element.getStyle('top'),
+      width:    element.getStyle('width'),
+      height:   element.getStyle('height')
     });
 
     element.setStyle({
@@ -3872,6 +4190,142 @@ Element.addMethods({
     return element;
   }
 
+
+  function scrollTo(element) {
+    element = $(element);
+    var pos = Element.cumulativeOffset(element);
+    window.scrollTo(pos.left, pos.top);
+    return element;
+  }
+
+
+  function makePositioned(element) {
+    element = $(element);
+    var position = Element.getStyle(element, 'position'), styles = {};
+    if (position === 'static' || !position) {
+      styles.position = 'relative';
+      if (Prototype.Browser.Opera) {
+        styles.top  = 0;
+        styles.left = 0;
+      }
+      Element.setStyle(element, styles);
+      Element.store(element, 'prototype_made_positioned', true);
+    }
+    return element;
+  }
+
+  function undoPositioned(element) {
+    element = $(element);
+    var storage = Element.getStorage(element),
+     madePositioned = storage.get('prototype_made_positioned');
+
+    if (madePositioned) {
+      storage.unset('prototype_made_positioned');
+      Element.setStyle(element, {
+        position: '',
+        top:      '',
+        bottom:   '',
+        left:     '',
+        right:    ''
+      });
+    }
+    return element;
+  }
+
+  function makeClipping(element) {
+    element = $(element);
+
+    var storage = Element.getStorage(element),
+     madeClipping = storage.get('prototype_made_clipping');
+
+    if (Object.isUndefined(madeClipping)) {
+      var overflow = Element.getStyle(element, 'overflow');
+      storage.set('prototype_made_clipping', overflow);
+      if (overflow !== 'hidden')
+        element.style.overflow = 'hidden';
+    }
+
+    return element;
+  }
+
+  function undoClipping(element) {
+    element = $(element);
+    var storage = Element.getStorage(element),
+     overflow = storage.get('prototype_made_clipping');
+
+    if (!Object.isUndefined(overflow)) {
+      storage.unset('prototype_made_clipping');
+      element.style.overflow = overflow || '';
+    }
+
+    return element;
+  }
+
+  function clonePosition(element, source, options) {
+    options = Object.extend({
+      setLeft:    true,
+      setTop:     true,
+      setWidth:   true,
+      setHeight:  true,
+      offsetTop:  0,
+      offsetLeft: 0
+    }, options || {});
+
+    var docEl = document.documentElement;
+
+    source  = $(source);
+    element = $(element);
+    var p, delta, layout, styles = {};
+
+    if (options.setLeft || options.setTop) {
+      p = Element.viewportOffset(source);
+      delta = [0, 0];
+      if (Element.getStyle(element, 'position') === 'absolute') {
+        var parent = Element.getOffsetParent(element);
+        if (parent !== document.body) delta = Element.viewportOffset(parent);
+      }
+    }
+
+    function pageScrollXY() {
+      var x = 0, y = 0;
+      if (Object.isNumber(window.pageXOffset)) {
+        x = window.pageXOffset;
+        y = window.pageYOffset;
+      } else if (document.body && (document.body.scrollLeft || document.body.scrollTop)) {
+        x = document.body.scrollLeft;
+        y = document.body.scrollTop;
+      } else if (docEl && (docEl.scrollLeft || docEl.scrollTop)) {
+        x = docEl.scrollLeft;
+        y = docEl.scrollTop;
+      }
+      return { x: x, y: y };
+    }
+
+    var pageXY = pageScrollXY();
+
+
+    if (options.setWidth || options.setHeight) {
+      layout = Element.getLayout(source);
+    }
+
+    if (options.setLeft)
+      styles.left = (p[0] + pageXY.x - delta[0] + options.offsetLeft) + 'px';
+    if (options.setTop)
+      styles.top  = (p[1] + pageXY.y - delta[1] + options.offsetTop)  + 'px';
+
+    var currentLayout = element.getLayout();
+
+    if (options.setWidth) {
+      styles.width = layout.get('width')  + 'px';
+    }
+    if (options.setHeight) {
+      styles.height = layout.get('height') + 'px';
+    }
+
+    return Element.setStyle(element, styles);
+  }
+
+
   if (Prototype.Browser.IE) {
     getOffsetParent = getOffsetParent.wrap(
       function(proceed, element) {
@@ -3912,8 +4366,9 @@ Element.addMethods({
       do {
         valueT += element.offsetTop  || 0;
         valueL += element.offsetLeft || 0;
-        if (element.offsetParent == document.body)
+        if (element.offsetParent == document.body) {
           if (Element.getStyle(element, 'position') == 'absolute') break;
+        }
 
         element = element.offsetParent;
       } while (element);
@@ -3926,6 +4381,8 @@ Element.addMethods({
   Element.addMethods({
     getLayout:              getLayout,
     measure:                measure,
+    getWidth:               getWidth,
+    getHeight:              getHeight,
     getDimensions:          getDimensions,
     getOffsetParent:        getOffsetParent,
     cumulativeOffset:       cumulativeOffset,
@@ -3933,7 +4390,13 @@ Element.addMethods({
     cumulativeScrollOffset: cumulativeScrollOffset,
     viewportOffset:         viewportOffset,
     absolutize:             absolutize,
-    relativize:             relativize
+    relativize:             relativize,
+    scrollTo:               scrollTo,
+    makePositioned:         makePositioned,
+    undoPositioned:         undoPositioned,
+    makeClipping:           makeClipping,
+    undoClipping:           undoClipping,
+    clonePosition:          clonePosition
   });
 
   function isBody(element) {
@@ -3966,13 +4429,56 @@ Element.addMethods({
       }
     });
   }
-})();
-window.$$ = function() {
-  var expression = $A(arguments).join(', ');
-  return Prototype.Selector.select(expression, document);
-};
 
-Prototype.Selector = (function() {
+
+})();
+
+(function() {
+
+  var IS_OLD_OPERA = Prototype.Browser.Opera &&
+   (window.parseFloat(window.opera.version()) < 9.5);
+  var ROOT = null;
+  function getRootElement() {
+    if (ROOT) return ROOT;
+    ROOT = IS_OLD_OPERA ? document.body : document.documentElement;
+    return ROOT;
+  }
+
+  function getDimensions() {
+    return { width: this.getWidth(), height: this.getHeight() };
+  }
+
+  function getWidth() {
+    return getRootElement().clientWidth;
+  }
+
+  function getHeight() {
+    return getRootElement().clientHeight;
+  }
+
+  function getScrollOffsets() {
+    var x = window.pageXOffset || document.documentElement.scrollLeft ||
+     document.body.scrollLeft;
+    var y = window.pageYOffset || document.documentElement.scrollTop ||
+     document.body.scrollTop;
+
+    return new Element.Offset(x, y);
+  }
+
+  document.viewport = {
+    getDimensions:    getDimensions,
+    getWidth:         getWidth,
+    getHeight:        getHeight,
+    getScrollOffsets: getScrollOffsets
+  };
+
+})();
+window.$$ = function() {
+  var expression = $A(arguments).join(', ');
+  return Prototype.Selector.select(expression, document);
+};
+
+Prototype.Selector = (function() {
 
   function select() {
     throw new Error('Method "Prototype.Selector.select" must be defined.');
@@ -4012,982 +4518,1775 @@ Prototype.Selector = (function() {
   };
 })();
 Prototype._original_property = window.Sizzle;
+
+;(function () {
+  function fakeDefine(fn) {
+    Prototype._actual_sizzle = fn();
+  }
+  fakeDefine.amd = true;
+
+  if (typeof define !== 'undefined' && define.amd) {
+    Prototype._original_define = define;
+    Prototype._actual_sizzle = null;
+    window.define = fakeDefine;
+  }
+})();
+
 /*!
- * Sizzle CSS Selector Engine - v1.0
- *  Copyright 2009, The Dojo Foundation
- *  Released under the MIT, BSD, and GPL Licenses.
- *  More information: http://sizzlejs.com/
+ * Sizzle CSS Selector Engine v1.10.18
+ * http://sizzlejs.com/
+ *
+ * Copyright 2013 jQuery Foundation, Inc. and other contributors
+ * Released under the MIT license
+ * http://jquery.org/license
+ *
+ * Date: 2014-02-05
  */
-(function(){
-
-var chunker = /((?:\((?:\([^()]+\)|[^()]+)+\)|\[(?:\[[^[\]]*\]|['"][^'"]*['"]|[^[\]'"]+)+\]|\\.|[^ >+~,(\[\\]+)+|[>+~])(\s*,\s*)?((?:.|\r|\n)*)/g,
+(function( window ) {
+
+var i,
+	support,
+	Expr,
+	getText,
+	isXML,
+	compile,
+	select,
+	outermostContext,
+	sortInput,
+	hasDuplicate,
+
+	setDocument,
+	document,
+	docElem,
+	documentIsHTML,
+	rbuggyQSA,
+	rbuggyMatches,
+	matches,
+	contains,
+
+	expando = "sizzle" + -(new Date()),
+	preferredDoc = window.document,
+	dirruns = 0,
 	done = 0,
-	toString = Object.prototype.toString,
-	hasDuplicate = false,
-	baseHasDuplicate = true;
+	classCache = createCache(),
+	tokenCache = createCache(),
+	compilerCache = createCache(),
+	sortOrder = function( a, b ) {
+		if ( a === b ) {
+			hasDuplicate = true;
+		}
+		return 0;
+	},
 
-[0, 0].sort(function(){
-	baseHasDuplicate = false;
-	return 0;
-});
+	strundefined = typeof undefined,
+	MAX_NEGATIVE = 1 << 31,
+
+	hasOwn = ({}).hasOwnProperty,
+	arr = [],
+	pop = arr.pop,
+	push_native = arr.push,
+	push = arr.push,
+	slice = arr.slice,
+	indexOf = arr.indexOf || function( elem ) {
+		var i = 0,
+			len = this.length;
+		for ( ; i < len; i++ ) {
+			if ( this[i] === elem ) {
+				return i;
+			}
+		}
+		return -1;
+	},
 
-var Sizzle = function(selector, context, results, seed) {
-	results = results || [];
-	var origContext = context = context || document;
+	booleans = "checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|ismap|loop|multiple|open|readonly|required|scoped",
 
-	if ( context.nodeType !== 1 && context.nodeType !== 9 ) {
-		return [];
+
+	whitespace = "[\\x20\\t\\r\\n\\f]",
+	characterEncoding = "(?:\\\\.|[\\w-]|[^\\x00-\\xa0])+",
+
+	identifier = characterEncoding.replace( "w", "w#" ),
+
+	attributes = "\\[" + whitespace + "*(" + characterEncoding + ")" + whitespace +
+		"*(?:([*^$|!~]?=)" + whitespace + "*(?:(['\"])((?:\\\\.|[^\\\\])*?)\\3|(" + identifier + ")|)|)" + whitespace + "*\\]",
+
+	pseudos = ":(" + characterEncoding + ")(?:\\(((['\"])((?:\\\\.|[^\\\\])*?)\\3|((?:\\\\.|[^\\\\()[\\]]|" + attributes.replace( 3, 8 ) + ")*)|.*)\\)|)",
+
+	rtrim = new RegExp( "^" + whitespace + "+|((?:^|[^\\\\])(?:\\\\.)*)" + whitespace + "+$", "g" ),
+
+	rcomma = new RegExp( "^" + whitespace + "*," + whitespace + "*" ),
+	rcombinators = new RegExp( "^" + whitespace + "*([>+~]|" + whitespace + ")" + whitespace + "*" ),
+
+	rattributeQuotes = new RegExp( "=" + whitespace + "*([^\\]'\"]*?)" + whitespace + "*\\]", "g" ),
+
+	rpseudo = new RegExp( pseudos ),
+	ridentifier = new RegExp( "^" + identifier + "$" ),
+
+	matchExpr = {
+		"ID": new RegExp( "^#(" + characterEncoding + ")" ),
+		"CLASS": new RegExp( "^\\.(" + characterEncoding + ")" ),
+		"TAG": new RegExp( "^(" + characterEncoding.replace( "w", "w*" ) + ")" ),
+		"ATTR": new RegExp( "^" + attributes ),
+		"PSEUDO": new RegExp( "^" + pseudos ),
+		"CHILD": new RegExp( "^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\(" + whitespace +
+			"*(even|odd|(([+-]|)(\\d*)n|)" + whitespace + "*(?:([+-]|)" + whitespace +
+			"*(\\d+)|))" + whitespace + "*\\)|)", "i" ),
+		"bool": new RegExp( "^(?:" + booleans + ")$", "i" ),
+		"needsContext": new RegExp( "^" + whitespace + "*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\(" +
+			whitespace + "*((?:-\\d)?\\d*)" + whitespace + "*\\)|)(?=[^-]|$)", "i" )
+	},
+
+	rinputs = /^(?:input|select|textarea|button)$/i,
+	rheader = /^h\d$/i,
+
+	rnative = /^[^{]+\{\s*\[native \w/,
+
+	rquickExpr = /^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,
+
+	rsibling = /[+~]/,
+	rescape = /'|\\/g,
+
+	runescape = new RegExp( "\\\\([\\da-f]{1,6}" + whitespace + "?|(" + whitespace + ")|.)", "ig" ),
+	funescape = function( _, escaped, escapedWhitespace ) {
+		var high = "0x" + escaped - 0x10000;
+		return high !== high || escapedWhitespace ?
+			escaped :
+			high < 0 ?
+				String.fromCharCode( high + 0x10000 ) :
+				String.fromCharCode( high >> 10 | 0xD800, high & 0x3FF | 0xDC00 );
+	};
+
+try {
+	push.apply(
+		(arr = slice.call( preferredDoc.childNodes )),
+		preferredDoc.childNodes
+	);
+	arr[ preferredDoc.childNodes.length ].nodeType;
+} catch ( e ) {
+	push = { apply: arr.length ?
+
+		function( target, els ) {
+			push_native.apply( target, slice.call(els) );
+		} :
+
+		function( target, els ) {
+			var j = target.length,
+				i = 0;
+			while ( (target[j++] = els[i++]) ) {}
+			target.length = j - 1;
+		}
+	};
+}
+
+function Sizzle( selector, context, results, seed ) {
+	var match, elem, m, nodeType,
+		i, groups, old, nid, newContext, newSelector;
+
+	if ( ( context ? context.ownerDocument || context : preferredDoc ) !== document ) {
+		setDocument( context );
 	}
 
+	context = context || document;
+	results = results || [];
+
 	if ( !selector || typeof selector !== "string" ) {
 		return results;
 	}
 
-	var parts = [], m, set, checkSet, check, mode, extra, prune = true, contextXML = isXML(context),
-		soFar = selector;
+	if ( (nodeType = context.nodeType) !== 1 && nodeType !== 9 ) {
+		return [];
+	}
 
-	while ( (chunker.exec(""), m = chunker.exec(soFar)) !== null ) {
-		soFar = m[3];
+	if ( documentIsHTML && !seed ) {
 
-		parts.push( m[1] );
+		if ( (match = rquickExpr.exec( selector )) ) {
+			if ( (m = match[1]) ) {
+				if ( nodeType === 9 ) {
+					elem = context.getElementById( m );
+					if ( elem && elem.parentNode ) {
+						if ( elem.id === m ) {
+							results.push( elem );
+							return results;
+						}
+					} else {
+						return results;
+					}
+				} else {
+					if ( context.ownerDocument && (elem = context.ownerDocument.getElementById( m )) &&
+						contains( context, elem ) && elem.id === m ) {
+						results.push( elem );
+						return results;
+					}
+				}
 
-		if ( m[2] ) {
-			extra = m[3];
-			break;
+			} else if ( match[2] ) {
+				push.apply( results, context.getElementsByTagName( selector ) );
+				return results;
+
+			} else if ( (m = match[3]) && support.getElementsByClassName && context.getElementsByClassName ) {
+				push.apply( results, context.getElementsByClassName( m ) );
+				return results;
+			}
+		}
+
+		if ( support.qsa && (!rbuggyQSA || !rbuggyQSA.test( selector )) ) {
+			nid = old = expando;
+			newContext = context;
+			newSelector = nodeType === 9 && selector;
+
+			if ( nodeType === 1 && context.nodeName.toLowerCase() !== "object" ) {
+				groups = tokenize( selector );
+
+				if ( (old = context.getAttribute("id")) ) {
+					nid = old.replace( rescape, "\\$&" );
+				} else {
+					context.setAttribute( "id", nid );
+				}
+				nid = "[id='" + nid + "'] ";
+
+				i = groups.length;
+				while ( i-- ) {
+					groups[i] = nid + toSelector( groups[i] );
+				}
+				newContext = rsibling.test( selector ) && testContext( context.parentNode ) || context;
+				newSelector = groups.join(",");
+			}
+
+			if ( newSelector ) {
+				try {
+					push.apply( results,
+						newContext.querySelectorAll( newSelector )
+					);
+					return results;
+				} catch(qsaError) {
+				} finally {
+					if ( !old ) {
+						context.removeAttribute("id");
+					}
+				}
+			}
 		}
 	}
 
-	if ( parts.length > 1 && origPOS.exec( selector ) ) {
-		if ( parts.length === 2 && Expr.relative[ parts[0] ] ) {
-			set = posProcess( parts[0] + parts[1], context );
-		} else {
-			set = Expr.relative[ parts[0] ] ?
-				[ context ] :
-				Sizzle( parts.shift(), context );
+	return select( selector.replace( rtrim, "$1" ), context, results, seed );
+}
+
+/**
+ * Create key-value caches of limited size
+ * @returns {Function(string, Object)} Returns the Object data after storing it on itself with
+ *	property name the (space-suffixed) string and (if the cache is larger than Expr.cacheLength)
+ *	deleting the oldest entry
+ */
+function createCache() {
+	var keys = [];
 
-			while ( parts.length ) {
-				selector = parts.shift();
+	function cache( key, value ) {
+		if ( keys.push( key + " " ) > Expr.cacheLength ) {
+			delete cache[ keys.shift() ];
+		}
+		return (cache[ key + " " ] = value);
+	}
+	return cache;
+}
 
-				if ( Expr.relative[ selector ] )
-					selector += parts.shift();
+/**
+ * Mark a function for special use by Sizzle
+ * @param {Function} fn The function to mark
+ */
+function markFunction( fn ) {
+	fn[ expando ] = true;
+	return fn;
+}
+
+/**
+ * Support testing using an element
+ * @param {Function} fn Passed the created div and expects a boolean result
+ */
+function assert( fn ) {
+	var div = document.createElement("div");
 
-				set = posProcess( selector, set );
+	try {
+		return !!fn( div );
+	} catch (e) {
+		return false;
+	} finally {
+		if ( div.parentNode ) {
+			div.parentNode.removeChild( div );
+		}
+		div = null;
+	}
+}
+
+/**
+ * Adds the same handler for all of the specified attrs
+ * @param {String} attrs Pipe-separated list of attributes
+ * @param {Function} handler The method that will be applied
+ */
+function addHandle( attrs, handler ) {
+	var arr = attrs.split("|"),
+		i = attrs.length;
+
+	while ( i-- ) {
+		Expr.attrHandle[ arr[i] ] = handler;
+	}
+}
+
+/**
+ * Checks document order of two siblings
+ * @param {Element} a
+ * @param {Element} b
+ * @returns {Number} Returns less than 0 if a precedes b, greater than 0 if a follows b
+ */
+function siblingCheck( a, b ) {
+	var cur = b && a,
+		diff = cur && a.nodeType === 1 && b.nodeType === 1 &&
+			( ~b.sourceIndex || MAX_NEGATIVE ) -
+			( ~a.sourceIndex || MAX_NEGATIVE );
+
+	if ( diff ) {
+		return diff;
+	}
+
+	if ( cur ) {
+		while ( (cur = cur.nextSibling) ) {
+			if ( cur === b ) {
+				return -1;
 			}
 		}
+	}
+
+	return a ? 1 : -1;
+}
+
+/**
+ * Returns a function to use in pseudos for input types
+ * @param {String} type
+ */
+function createInputPseudo( type ) {
+	return function( elem ) {
+		var name = elem.nodeName.toLowerCase();
+		return name === "input" && elem.type === type;
+	};
+}
+
+/**
+ * Returns a function to use in pseudos for buttons
+ * @param {String} type
+ */
+function createButtonPseudo( type ) {
+	return function( elem ) {
+		var name = elem.nodeName.toLowerCase();
+		return (name === "input" || name === "button") && elem.type === type;
+	};
+}
+
+/**
+ * Returns a function to use in pseudos for positionals
+ * @param {Function} fn
+ */
+function createPositionalPseudo( fn ) {
+	return markFunction(function( argument ) {
+		argument = +argument;
+		return markFunction(function( seed, matches ) {
+			var j,
+				matchIndexes = fn( [], seed.length, argument ),
+				i = matchIndexes.length;
+
+			while ( i-- ) {
+				if ( seed[ (j = matchIndexes[i]) ] ) {
+					seed[j] = !(matches[j] = seed[j]);
+				}
+			}
+		});
+	});
+}
+
+/**
+ * Checks a node for validity as a Sizzle context
+ * @param {Element|Object=} context
+ * @returns {Element|Object|Boolean} The input node if acceptable, otherwise a falsy value
+ */
+function testContext( context ) {
+	return context && typeof context.getElementsByTagName !== strundefined && context;
+}
+
+support = Sizzle.support = {};
+
+/**
+ * Detects XML nodes
+ * @param {Element|Object} elem An element or a document
+ * @returns {Boolean} True iff elem is a non-HTML XML node
+ */
+isXML = Sizzle.isXML = function( elem ) {
+	var documentElement = elem && (elem.ownerDocument || elem).documentElement;
+	return documentElement ? documentElement.nodeName !== "HTML" : false;
+};
+
+/**
+ * Sets document-related variables once based on the current document
+ * @param {Element|Object} [doc] An element or document object to use to set the document
+ * @returns {Object} Returns the current document
+ */
+setDocument = Sizzle.setDocument = function( node ) {
+	var hasCompare,
+		doc = node ? node.ownerDocument || node : preferredDoc,
+		parent = doc.defaultView;
+
+	if ( doc === document || doc.nodeType !== 9 || !doc.documentElement ) {
+		return document;
+	}
+
+	document = doc;
+	docElem = doc.documentElement;
+
+	documentIsHTML = !isXML( doc );
+
+	if ( parent && parent !== parent.top ) {
+		if ( parent.addEventListener ) {
+			parent.addEventListener( "unload", function() {
+				setDocument();
+			}, false );
+		} else if ( parent.attachEvent ) {
+			parent.attachEvent( "onunload", function() {
+				setDocument();
+			});
+		}
+	}
+
+	/* Attributes
+	---------------------------------------------------------------------- */
+
+	support.attributes = assert(function( div ) {
+		div.className = "i";
+		return !div.getAttribute("className");
+	});
+
+	/* getElement(s)By*
+	---------------------------------------------------------------------- */
+
+	support.getElementsByTagName = assert(function( div ) {
+		div.appendChild( doc.createComment("") );
+		return !div.getElementsByTagName("*").length;
+	});
+
+	support.getElementsByClassName = rnative.test( doc.getElementsByClassName ) && assert(function( div ) {
+		div.innerHTML = "<div class='a'></div><div class='a i'></div>";
+
+		div.firstChild.className = "i";
+		return div.getElementsByClassName("i").length === 2;
+	});
+
+	support.getById = assert(function( div ) {
+		docElem.appendChild( div ).id = expando;
+		return !doc.getElementsByName || !doc.getElementsByName( expando ).length;
+	});
+
+	if ( support.getById ) {
+		Expr.find["ID"] = function( id, context ) {
+			if ( typeof context.getElementById !== strundefined && documentIsHTML ) {
+				var m = context.getElementById( id );
+				return m && m.parentNode ? [m] : [];
+			}
+		};
+		Expr.filter["ID"] = function( id ) {
+			var attrId = id.replace( runescape, funescape );
+			return function( elem ) {
+				return elem.getAttribute("id") === attrId;
+			};
+		};
 	} else {
-		if ( !seed && parts.length > 1 && context.nodeType === 9 && !contextXML &&
-				Expr.match.ID.test(parts[0]) && !Expr.match.ID.test(parts[parts.length - 1]) ) {
-			var ret = Sizzle.find( parts.shift(), context, contextXML );
-			context = ret.expr ? Sizzle.filter( ret.expr, ret.set )[0] : ret.set[0];
+		delete Expr.find["ID"];
+
+		Expr.filter["ID"] =  function( id ) {
+			var attrId = id.replace( runescape, funescape );
+			return function( elem ) {
+				var node = typeof elem.getAttributeNode !== strundefined && elem.getAttributeNode("id");
+				return node && node.value === attrId;
+			};
+		};
+	}
+
+	Expr.find["TAG"] = support.getElementsByTagName ?
+		function( tag, context ) {
+			if ( typeof context.getElementsByTagName !== strundefined ) {
+				return context.getElementsByTagName( tag );
+			}
+		} :
+		function( tag, context ) {
+			var elem,
+				tmp = [],
+				i = 0,
+				results = context.getElementsByTagName( tag );
+
+			if ( tag === "*" ) {
+				while ( (elem = results[i++]) ) {
+					if ( elem.nodeType === 1 ) {
+						tmp.push( elem );
+					}
+				}
+
+				return tmp;
+			}
+			return results;
+		};
+
+	Expr.find["CLASS"] = support.getElementsByClassName && function( className, context ) {
+		if ( typeof context.getElementsByClassName !== strundefined && documentIsHTML ) {
+			return context.getElementsByClassName( className );
 		}
+	};
 
-		if ( context ) {
-			var ret = seed ?
-				{ expr: parts.pop(), set: makeArray(seed) } :
-				Sizzle.find( parts.pop(), parts.length === 1 && (parts[0] === "~" || parts[0] === "+") && context.parentNode ? context.parentNode : context, contextXML );
-			set = ret.expr ? Sizzle.filter( ret.expr, ret.set ) : ret.set;
+	/* QSA/matchesSelector
+	---------------------------------------------------------------------- */
 
-			if ( parts.length > 0 ) {
-				checkSet = makeArray(set);
-			} else {
-				prune = false;
+
+	rbuggyMatches = [];
+
+	rbuggyQSA = [];
+
+	if ( (support.qsa = rnative.test( doc.querySelectorAll )) ) {
+		assert(function( div ) {
+			div.innerHTML = "<select t=''><option selected=''></option></select>";
+
+			if ( div.querySelectorAll("[t^='']").length ) {
+				rbuggyQSA.push( "[*^$]=" + whitespace + "*(?:''|\"\")" );
 			}
 
-			while ( parts.length ) {
-				var cur = parts.pop(), pop = cur;
+			if ( !div.querySelectorAll("[selected]").length ) {
+				rbuggyQSA.push( "\\[" + whitespace + "*(?:value|" + booleans + ")" );
+			}
 
-				if ( !Expr.relative[ cur ] ) {
-					cur = "";
-				} else {
-					pop = parts.pop();
-				}
+			if ( !div.querySelectorAll(":checked").length ) {
+				rbuggyQSA.push(":checked");
+			}
+		});
+
+		assert(function( div ) {
+			var input = doc.createElement("input");
+			input.setAttribute( "type", "hidden" );
+			div.appendChild( input ).setAttribute( "name", "D" );
+
+			if ( div.querySelectorAll("[name=d]").length ) {
+				rbuggyQSA.push( "name" + whitespace + "*[*^$|!~]?=" );
+			}
+
+			if ( !div.querySelectorAll(":enabled").length ) {
+				rbuggyQSA.push( ":enabled", ":disabled" );
+			}
+
+			div.querySelectorAll("*,:x");
+			rbuggyQSA.push(",.*:");
+		});
+	}
+
+	if ( (support.matchesSelector = rnative.test( (matches = docElem.webkitMatchesSelector ||
+		docElem.mozMatchesSelector ||
+		docElem.oMatchesSelector ||
+		docElem.msMatchesSelector) )) ) {
+
+		assert(function( div ) {
+			support.disconnectedMatch = matches.call( div, "div" );
 
-				if ( pop == null ) {
-					pop = context;
+			matches.call( div, "[s!='']:x" );
+			rbuggyMatches.push( "!=", pseudos );
+		});
+	}
+
+	rbuggyQSA = rbuggyQSA.length && new RegExp( rbuggyQSA.join("|") );
+	rbuggyMatches = rbuggyMatches.length && new RegExp( rbuggyMatches.join("|") );
+
+	/* Contains
+	---------------------------------------------------------------------- */
+	hasCompare = rnative.test( docElem.compareDocumentPosition );
+
+	contains = hasCompare || rnative.test( docElem.contains ) ?
+		function( a, b ) {
+			var adown = a.nodeType === 9 ? a.documentElement : a,
+				bup = b && b.parentNode;
+			return a === bup || !!( bup && bup.nodeType === 1 && (
+				adown.contains ?
+					adown.contains( bup ) :
+					a.compareDocumentPosition && a.compareDocumentPosition( bup ) & 16
+			));
+		} :
+		function( a, b ) {
+			if ( b ) {
+				while ( (b = b.parentNode) ) {
+					if ( b === a ) {
+						return true;
+					}
 				}
+			}
+			return false;
+		};
+
+	/* Sorting
+	---------------------------------------------------------------------- */
+
+	sortOrder = hasCompare ?
+	function( a, b ) {
+
+		if ( a === b ) {
+			hasDuplicate = true;
+			return 0;
+		}
 
-				Expr.relative[ cur ]( checkSet, pop, contextXML );
+		var compare = !a.compareDocumentPosition - !b.compareDocumentPosition;
+		if ( compare ) {
+			return compare;
+		}
+
+		compare = ( a.ownerDocument || a ) === ( b.ownerDocument || b ) ?
+			a.compareDocumentPosition( b ) :
+
+			1;
+
+		if ( compare & 1 ||
+			(!support.sortDetached && b.compareDocumentPosition( a ) === compare) ) {
+
+			if ( a === doc || a.ownerDocument === preferredDoc && contains(preferredDoc, a) ) {
+				return -1;
 			}
-		} else {
-			checkSet = parts = [];
+			if ( b === doc || b.ownerDocument === preferredDoc && contains(preferredDoc, b) ) {
+				return 1;
+			}
+
+			return sortInput ?
+				( indexOf.call( sortInput, a ) - indexOf.call( sortInput, b ) ) :
+				0;
 		}
+
+		return compare & 4 ? -1 : 1;
+	} :
+	function( a, b ) {
+		if ( a === b ) {
+			hasDuplicate = true;
+			return 0;
+		}
+
+		var cur,
+			i = 0,
+			aup = a.parentNode,
+			bup = b.parentNode,
+			ap = [ a ],
+			bp = [ b ];
+
+		if ( !aup || !bup ) {
+			return a === doc ? -1 :
+				b === doc ? 1 :
+				aup ? -1 :
+				bup ? 1 :
+				sortInput ?
+				( indexOf.call( sortInput, a ) - indexOf.call( sortInput, b ) ) :
+				0;
+
+		} else if ( aup === bup ) {
+			return siblingCheck( a, b );
+		}
+
+		cur = a;
+		while ( (cur = cur.parentNode) ) {
+			ap.unshift( cur );
+		}
+		cur = b;
+		while ( (cur = cur.parentNode) ) {
+			bp.unshift( cur );
+		}
+
+		while ( ap[i] === bp[i] ) {
+			i++;
+		}
+
+		return i ?
+			siblingCheck( ap[i], bp[i] ) :
+
+			ap[i] === preferredDoc ? -1 :
+			bp[i] === preferredDoc ? 1 :
+			0;
+	};
+
+	return doc;
+};
+
+Sizzle.matches = function( expr, elements ) {
+	return Sizzle( expr, null, null, elements );
+};
+
+Sizzle.matchesSelector = function( elem, expr ) {
+	if ( ( elem.ownerDocument || elem ) !== document ) {
+		setDocument( elem );
 	}
 
-	if ( !checkSet ) {
-		checkSet = set;
+	expr = expr.replace( rattributeQuotes, "='$1']" );
+
+	if ( support.matchesSelector && documentIsHTML &&
+		( !rbuggyMatches || !rbuggyMatches.test( expr ) ) &&
+		( !rbuggyQSA     || !rbuggyQSA.test( expr ) ) ) {
+
+		try {
+			var ret = matches.call( elem, expr );
+
+			if ( ret || support.disconnectedMatch ||
+					elem.document && elem.document.nodeType !== 11 ) {
+				return ret;
+			}
+		} catch(e) {}
 	}
 
-	if ( !checkSet ) {
-		throw "Syntax error, unrecognized expression: " + (cur || selector);
+	return Sizzle( expr, document, null, [elem] ).length > 0;
+};
+
+Sizzle.contains = function( context, elem ) {
+	if ( ( context.ownerDocument || context ) !== document ) {
+		setDocument( context );
 	}
+	return contains( context, elem );
+};
 
-	if ( toString.call(checkSet) === "[object Array]" ) {
-		if ( !prune ) {
-			results.push.apply( results, checkSet );
-		} else if ( context && context.nodeType === 1 ) {
-			for ( var i = 0; checkSet[i] != null; i++ ) {
-				if ( checkSet[i] && (checkSet[i] === true || checkSet[i].nodeType === 1 && contains(context, checkSet[i])) ) {
-					results.push( set[i] );
-				}
+Sizzle.attr = function( elem, name ) {
+	if ( ( elem.ownerDocument || elem ) !== document ) {
+		setDocument( elem );
+	}
+
+	var fn = Expr.attrHandle[ name.toLowerCase() ],
+		val = fn && hasOwn.call( Expr.attrHandle, name.toLowerCase() ) ?
+			fn( elem, name, !documentIsHTML ) :
+			undefined;
+
+	return val !== undefined ?
+		val :
+		support.attributes || !documentIsHTML ?
+			elem.getAttribute( name ) :
+			(val = elem.getAttributeNode(name)) && val.specified ?
+				val.value :
+				null;
+};
+
+Sizzle.error = function( msg ) {
+	throw new Error( "Syntax error, unrecognized expression: " + msg );
+};
+
+/**
+ * Document sorting and removing duplicates
+ * @param {ArrayLike} results
+ */
+Sizzle.uniqueSort = function( results ) {
+	var elem,
+		duplicates = [],
+		j = 0,
+		i = 0;
+
+	hasDuplicate = !support.detectDuplicates;
+	sortInput = !support.sortStable && results.slice( 0 );
+	results.sort( sortOrder );
+
+	if ( hasDuplicate ) {
+		while ( (elem = results[i++]) ) {
+			if ( elem === results[ i ] ) {
+				j = duplicates.push( i );
 			}
+		}
+		while ( j-- ) {
+			results.splice( duplicates[ j ], 1 );
+		}
+	}
+
+	sortInput = null;
+
+	return results;
+};
+
+/**
+ * Utility function for retrieving the text value of an array of DOM nodes
+ * @param {Array|Element} elem
+ */
+getText = Sizzle.getText = function( elem ) {
+	var node,
+		ret = "",
+		i = 0,
+		nodeType = elem.nodeType;
+
+	if ( !nodeType ) {
+		while ( (node = elem[i++]) ) {
+			ret += getText( node );
+		}
+	} else if ( nodeType === 1 || nodeType === 9 || nodeType === 11 ) {
+		if ( typeof elem.textContent === "string" ) {
+			return elem.textContent;
 		} else {
-			for ( var i = 0; checkSet[i] != null; i++ ) {
-				if ( checkSet[i] && checkSet[i].nodeType === 1 ) {
-					results.push( set[i] );
-				}
+			for ( elem = elem.firstChild; elem; elem = elem.nextSibling ) {
+				ret += getText( elem );
 			}
 		}
-	} else {
-		makeArray( checkSet, results );
+	} else if ( nodeType === 3 || nodeType === 4 ) {
+		return elem.nodeValue;
 	}
 
-	if ( extra ) {
-		Sizzle( extra, origContext, results, seed );
-		Sizzle.uniqueSort( results );
-	}
+	return ret;
+};
+
+Expr = Sizzle.selectors = {
+
+	cacheLength: 50,
+
+	createPseudo: markFunction,
+
+	match: matchExpr,
+
+	attrHandle: {},
+
+	find: {},
+
+	relative: {
+		">": { dir: "parentNode", first: true },
+		" ": { dir: "parentNode" },
+		"+": { dir: "previousSibling", first: true },
+		"~": { dir: "previousSibling" }
+	},
+
+	preFilter: {
+		"ATTR": function( match ) {
+			match[1] = match[1].replace( runescape, funescape );
+
+			match[3] = ( match[4] || match[5] || "" ).replace( runescape, funescape );
+
+			if ( match[2] === "~=" ) {
+				match[3] = " " + match[3] + " ";
+			}
+
+			return match.slice( 0, 4 );
+		},
+
+		"CHILD": function( match ) {
+			/* matches from matchExpr["CHILD"]
+				1 type (only|nth|...)
+				2 what (child|of-type)
+				3 argument (even|odd|\d*|\d*n([+-]\d+)?|...)
+				4 xn-component of xn+y argument ([+-]?\d*n|)
+				5 sign of xn-component
+				6 x of xn-component
+				7 sign of y-component
+				8 y of y-component
+			*/
+			match[1] = match[1].toLowerCase();
+
+			if ( match[1].slice( 0, 3 ) === "nth" ) {
+				if ( !match[3] ) {
+					Sizzle.error( match[0] );
+				}
+
+				match[4] = +( match[4] ? match[5] + (match[6] || 1) : 2 * ( match[3] === "even" || match[3] === "odd" ) );
+				match[5] = +( ( match[7] + match[8] ) || match[3] === "odd" );
+
+			} else if ( match[3] ) {
+				Sizzle.error( match[0] );
+			}
+
+			return match;
+		},
+
+		"PSEUDO": function( match ) {
+			var excess,
+				unquoted = !match[5] && match[2];
 
-	return results;
-};
+			if ( matchExpr["CHILD"].test( match[0] ) ) {
+				return null;
+			}
 
-Sizzle.uniqueSort = function(results){
-	if ( sortOrder ) {
-		hasDuplicate = baseHasDuplicate;
-		results.sort(sortOrder);
+			if ( match[3] && match[4] !== undefined ) {
+				match[2] = match[4];
 
-		if ( hasDuplicate ) {
-			for ( var i = 1; i < results.length; i++ ) {
-				if ( results[i] === results[i-1] ) {
-					results.splice(i--, 1);
-				}
+			} else if ( unquoted && rpseudo.test( unquoted ) &&
+				(excess = tokenize( unquoted, true )) &&
+				(excess = unquoted.indexOf( ")", unquoted.length - excess ) - unquoted.length) ) {
+
+				match[0] = match[0].slice( 0, excess );
+				match[2] = unquoted.slice( 0, excess );
 			}
-		}
-	}
 
-	return results;
-};
+			return match.slice( 0, 3 );
+		}
+	},
 
-Sizzle.matches = function(expr, set){
-	return Sizzle(expr, null, null, set);
-};
+	filter: {
 
-Sizzle.find = function(expr, context, isXML){
-	var set, match;
+		"TAG": function( nodeNameSelector ) {
+			var nodeName = nodeNameSelector.replace( runescape, funescape ).toLowerCase();
+			return nodeNameSelector === "*" ?
+				function() { return true; } :
+				function( elem ) {
+					return elem.nodeName && elem.nodeName.toLowerCase() === nodeName;
+				};
+		},
 
-	if ( !expr ) {
-		return [];
-	}
+		"CLASS": function( className ) {
+			var pattern = classCache[ className + " " ];
 
-	for ( var i = 0, l = Expr.order.length; i < l; i++ ) {
-		var type = Expr.order[i], match;
+			return pattern ||
+				(pattern = new RegExp( "(^|" + whitespace + ")" + className + "(" + whitespace + "|$)" )) &&
+				classCache( className, function( elem ) {
+					return pattern.test( typeof elem.className === "string" && elem.className || typeof elem.getAttribute !== strundefined && elem.getAttribute("class") || "" );
+				});
+		},
 
-		if ( (match = Expr.leftMatch[ type ].exec( expr )) ) {
-			var left = match[1];
-			match.splice(1,1);
+		"ATTR": function( name, operator, check ) {
+			return function( elem ) {
+				var result = Sizzle.attr( elem, name );
 
-			if ( left.substr( left.length - 1 ) !== "\\" ) {
-				match[1] = (match[1] || "").replace(/\\/g, "");
-				set = Expr.find[ type ]( match, context, isXML );
-				if ( set != null ) {
-					expr = expr.replace( Expr.match[ type ], "" );
-					break;
+				if ( result == null ) {
+					return operator === "!=";
+				}
+				if ( !operator ) {
+					return true;
 				}
-			}
-		}
-	}
 
-	if ( !set ) {
-		set = context.getElementsByTagName("*");
-	}
+				result += "";
+
+				return operator === "=" ? result === check :
+					operator === "!=" ? result !== check :
+					operator === "^=" ? check && result.indexOf( check ) === 0 :
+					operator === "*=" ? check && result.indexOf( check ) > -1 :
+					operator === "$=" ? check && result.slice( -check.length ) === check :
+					operator === "~=" ? ( " " + result + " " ).indexOf( check ) > -1 :
+					operator === "|=" ? result === check || result.slice( 0, check.length + 1 ) === check + "-" :
+					false;
+			};
+		},
 
-	return {set: set, expr: expr};
-};
+		"CHILD": function( type, what, argument, first, last ) {
+			var simple = type.slice( 0, 3 ) !== "nth",
+				forward = type.slice( -4 ) !== "last",
+				ofType = what === "of-type";
+
+			return first === 1 && last === 0 ?
+
+				function( elem ) {
+					return !!elem.parentNode;
+				} :
+
+				function( elem, context, xml ) {
+					var cache, outerCache, node, diff, nodeIndex, start,
+						dir = simple !== forward ? "nextSibling" : "previousSibling",
+						parent = elem.parentNode,
+						name = ofType && elem.nodeName.toLowerCase(),
+						useCache = !xml && !ofType;
+
+					if ( parent ) {
+
+						if ( simple ) {
+							while ( dir ) {
+								node = elem;
+								while ( (node = node[ dir ]) ) {
+									if ( ofType ? node.nodeName.toLowerCase() === name : node.nodeType === 1 ) {
+										return false;
+									}
+								}
+								start = dir = type === "only" && !start && "nextSibling";
+							}
+							return true;
+						}
 
-Sizzle.filter = function(expr, set, inplace, not){
-	var old = expr, result = [], curLoop = set, match, anyFound,
-		isXMLFilter = set && set[0] && isXML(set[0]);
+						start = [ forward ? parent.firstChild : parent.lastChild ];
 
-	while ( expr && set.length ) {
-		for ( var type in Expr.filter ) {
-			if ( (match = Expr.match[ type ].exec( expr )) != null ) {
-				var filter = Expr.filter[ type ], found, item;
-				anyFound = false;
+						if ( forward && useCache ) {
+							outerCache = parent[ expando ] || (parent[ expando ] = {});
+							cache = outerCache[ type ] || [];
+							nodeIndex = cache[0] === dirruns && cache[1];
+							diff = cache[0] === dirruns && cache[2];
+							node = nodeIndex && parent.childNodes[ nodeIndex ];
 
-				if ( curLoop == result ) {
-					result = [];
-				}
+							while ( (node = ++nodeIndex && node && node[ dir ] ||
 
-				if ( Expr.preFilter[ type ] ) {
-					match = Expr.preFilter[ type ]( match, curLoop, inplace, result, not, isXMLFilter );
+								(diff = nodeIndex = 0) || start.pop()) ) {
 
-					if ( !match ) {
-						anyFound = found = true;
-					} else if ( match === true ) {
-						continue;
-					}
-				}
+								if ( node.nodeType === 1 && ++diff && node === elem ) {
+									outerCache[ type ] = [ dirruns, nodeIndex, diff ];
+									break;
+								}
+							}
+
+						} else if ( useCache && (cache = (elem[ expando ] || (elem[ expando ] = {}))[ type ]) && cache[0] === dirruns ) {
+							diff = cache[1];
+
+						} else {
+							while ( (node = ++nodeIndex && node && node[ dir ] ||
+								(diff = nodeIndex = 0) || start.pop()) ) {
+
+								if ( ( ofType ? node.nodeName.toLowerCase() === name : node.nodeType === 1 ) && ++diff ) {
+									if ( useCache ) {
+										(node[ expando ] || (node[ expando ] = {}))[ type ] = [ dirruns, diff ];
+									}
 
-				if ( match ) {
-					for ( var i = 0; (item = curLoop[i]) != null; i++ ) {
-						if ( item ) {
-							found = filter( item, match, i, curLoop );
-							var pass = not ^ !!found;
-
-							if ( inplace && found != null ) {
-								if ( pass ) {
-									anyFound = true;
-								} else {
-									curLoop[i] = false;
+									if ( node === elem ) {
+										break;
+									}
 								}
-							} else if ( pass ) {
-								result.push( item );
-								anyFound = true;
 							}
 						}
-					}
-				}
 
-				if ( found !== undefined ) {
-					if ( !inplace ) {
-						curLoop = result;
+						diff -= last;
+						return diff === first || ( diff % first === 0 && diff / first >= 0 );
 					}
+				};
+		},
 
-					expr = expr.replace( Expr.match[ type ], "" );
+		"PSEUDO": function( pseudo, argument ) {
+			var args,
+				fn = Expr.pseudos[ pseudo ] || Expr.setFilters[ pseudo.toLowerCase() ] ||
+					Sizzle.error( "unsupported pseudo: " + pseudo );
 
-					if ( !anyFound ) {
-						return [];
-					}
+			if ( fn[ expando ] ) {
+				return fn( argument );
+			}
 
-					break;
-				}
+			if ( fn.length > 1 ) {
+				args = [ pseudo, pseudo, "", argument ];
+				return Expr.setFilters.hasOwnProperty( pseudo.toLowerCase() ) ?
+					markFunction(function( seed, matches ) {
+						var idx,
+							matched = fn( seed, argument ),
+							i = matched.length;
+						while ( i-- ) {
+							idx = indexOf.call( seed, matched[i] );
+							seed[ idx ] = !( matches[ idx ] = matched[i] );
+						}
+					}) :
+					function( elem ) {
+						return fn( elem, 0, args );
+					};
 			}
+
+			return fn;
 		}
+	},
 
-		if ( expr == old ) {
-			if ( anyFound == null ) {
-				throw "Syntax error, unrecognized expression: " + expr;
-			} else {
-				break;
+	pseudos: {
+		"not": markFunction(function( selector ) {
+			var input = [],
+				results = [],
+				matcher = compile( selector.replace( rtrim, "$1" ) );
+
+			return matcher[ expando ] ?
+				markFunction(function( seed, matches, context, xml ) {
+					var elem,
+						unmatched = matcher( seed, null, xml, [] ),
+						i = seed.length;
+
+					while ( i-- ) {
+						if ( (elem = unmatched[i]) ) {
+							seed[i] = !(matches[i] = elem);
+						}
+					}
+				}) :
+				function( elem, context, xml ) {
+					input[0] = elem;
+					matcher( input, null, xml, results );
+					return !results.pop();
+				};
+		}),
+
+		"has": markFunction(function( selector ) {
+			return function( elem ) {
+				return Sizzle( selector, elem ).length > 0;
+			};
+		}),
+
+		"contains": markFunction(function( text ) {
+			return function( elem ) {
+				return ( elem.textContent || elem.innerText || getText( elem ) ).indexOf( text ) > -1;
+			};
+		}),
+
+		"lang": markFunction( function( lang ) {
+			if ( !ridentifier.test(lang || "") ) {
+				Sizzle.error( "unsupported lang: " + lang );
 			}
-		}
+			lang = lang.replace( runescape, funescape ).toLowerCase();
+			return function( elem ) {
+				var elemLang;
+				do {
+					if ( (elemLang = documentIsHTML ?
+						elem.lang :
+						elem.getAttribute("xml:lang") || elem.getAttribute("lang")) ) {
+
+						elemLang = elemLang.toLowerCase();
+						return elemLang === lang || elemLang.indexOf( lang + "-" ) === 0;
+					}
+				} while ( (elem = elem.parentNode) && elem.nodeType === 1 );
+				return false;
+			};
+		}),
+
+		"target": function( elem ) {
+			var hash = window.location && window.location.hash;
+			return hash && hash.slice( 1 ) === elem.id;
+		},
 
-		old = expr;
-	}
+		"root": function( elem ) {
+			return elem === docElem;
+		},
 
-	return curLoop;
-};
+		"focus": function( elem ) {
+			return elem === document.activeElement && (!document.hasFocus || document.hasFocus()) && !!(elem.type || elem.href || ~elem.tabIndex);
+		},
 
-var Expr = Sizzle.selectors = {
-	order: [ "ID", "NAME", "TAG" ],
-	match: {
-		ID: /#((?:[\w\u00c0-\uFFFF-]|\\.)+)/,
-		CLASS: /\.((?:[\w\u00c0-\uFFFF-]|\\.)+)/,
-		NAME: /\[name=['"]*((?:[\w\u00c0-\uFFFF-]|\\.)+)['"]*\]/,
-		ATTR: /\[\s*((?:[\w\u00c0-\uFFFF-]|\\.)+)\s*(?:(\S?=)\s*(['"]*)(.*?)\3|)\s*\]/,
-		TAG: /^((?:[\w\u00c0-\uFFFF\*-]|\\.)+)/,
-		CHILD: /:(only|nth|last|first)-child(?:\((even|odd|[\dn+-]*)\))?/,
-		POS: /:(nth|eq|gt|lt|first|last|even|odd)(?:\((\d*)\))?(?=[^-]|$)/,
-		PSEUDO: /:((?:[\w\u00c0-\uFFFF-]|\\.)+)(?:\((['"]*)((?:\([^\)]+\)|[^\2\(\)]*)+)\2\))?/
-	},
-	leftMatch: {},
-	attrMap: {
-		"class": "className",
-		"for": "htmlFor"
-	},
-	attrHandle: {
-		href: function(elem){
-			return elem.getAttribute("href");
-		}
-	},
-	relative: {
-		"+": function(checkSet, part, isXML){
-			var isPartStr = typeof part === "string",
-				isTag = isPartStr && !/\W/.test(part),
-				isPartStrNotTag = isPartStr && !isTag;
+		"enabled": function( elem ) {
+			return elem.disabled === false;
+		},
+
+		"disabled": function( elem ) {
+			return elem.disabled === true;
+		},
+
+		"checked": function( elem ) {
+			var nodeName = elem.nodeName.toLowerCase();
+			return (nodeName === "input" && !!elem.checked) || (nodeName === "option" && !!elem.selected);
+		},
 
-			if ( isTag && !isXML ) {
-				part = part.toUpperCase();
+		"selected": function( elem ) {
+			if ( elem.parentNode ) {
+				elem.parentNode.selectedIndex;
 			}
 
-			for ( var i = 0, l = checkSet.length, elem; i < l; i++ ) {
-				if ( (elem = checkSet[i]) ) {
-					while ( (elem = elem.previousSibling) && elem.nodeType !== 1 ) {}
+			return elem.selected === true;
+		},
 
-					checkSet[i] = isPartStrNotTag || elem && elem.nodeName === part ?
-						elem || false :
-						elem === part;
+		"empty": function( elem ) {
+			for ( elem = elem.firstChild; elem; elem = elem.nextSibling ) {
+				if ( elem.nodeType < 6 ) {
+					return false;
 				}
 			}
+			return true;
+		},
 
-			if ( isPartStrNotTag ) {
-				Sizzle.filter( part, checkSet, true );
-			}
+		"parent": function( elem ) {
+			return !Expr.pseudos["empty"]( elem );
 		},
-		">": function(checkSet, part, isXML){
-			var isPartStr = typeof part === "string";
 
-			if ( isPartStr && !/\W/.test(part) ) {
-				part = isXML ? part : part.toUpperCase();
+		"header": function( elem ) {
+			return rheader.test( elem.nodeName );
+		},
 
-				for ( var i = 0, l = checkSet.length; i < l; i++ ) {
-					var elem = checkSet[i];
-					if ( elem ) {
-						var parent = elem.parentNode;
-						checkSet[i] = parent.nodeName === part ? parent : false;
-					}
-				}
-			} else {
-				for ( var i = 0, l = checkSet.length; i < l; i++ ) {
-					var elem = checkSet[i];
-					if ( elem ) {
-						checkSet[i] = isPartStr ?
-							elem.parentNode :
-							elem.parentNode === part;
-					}
-				}
+		"input": function( elem ) {
+			return rinputs.test( elem.nodeName );
+		},
 
-				if ( isPartStr ) {
-					Sizzle.filter( part, checkSet, true );
-				}
-			}
+		"button": function( elem ) {
+			var name = elem.nodeName.toLowerCase();
+			return name === "input" && elem.type === "button" || name === "button";
 		},
-		"": function(checkSet, part, isXML){
-			var doneName = done++, checkFn = dirCheck;
 
-			if ( !/\W/.test(part) ) {
-				var nodeCheck = part = isXML ? part : part.toUpperCase();
-				checkFn = dirNodeCheck;
-			}
+		"text": function( elem ) {
+			var attr;
+			return elem.nodeName.toLowerCase() === "input" &&
+				elem.type === "text" &&
 
-			checkFn("parentNode", part, doneName, checkSet, nodeCheck, isXML);
+				( (attr = elem.getAttribute("type")) == null || attr.toLowerCase() === "text" );
 		},
-		"~": function(checkSet, part, isXML){
-			var doneName = done++, checkFn = dirCheck;
 
-			if ( typeof part === "string" && !/\W/.test(part) ) {
-				var nodeCheck = part = isXML ? part : part.toUpperCase();
-				checkFn = dirNodeCheck;
-			}
+		"first": createPositionalPseudo(function() {
+			return [ 0 ];
+		}),
 
-			checkFn("previousSibling", part, doneName, checkSet, nodeCheck, isXML);
-		}
-	},
-	find: {
-		ID: function(match, context, isXML){
-			if ( typeof context.getElementById !== "undefined" && !isXML ) {
-				var m = context.getElementById(match[1]);
-				return m ? [m] : [];
-			}
-		},
-		NAME: function(match, context, isXML){
-			if ( typeof context.getElementsByName !== "undefined" ) {
-				var ret = [], results = context.getElementsByName(match[1]);
+		"last": createPositionalPseudo(function( matchIndexes, length ) {
+			return [ length - 1 ];
+		}),
 
-				for ( var i = 0, l = results.length; i < l; i++ ) {
-					if ( results[i].getAttribute("name") === match[1] ) {
-						ret.push( results[i] );
-					}
-				}
+		"eq": createPositionalPseudo(function( matchIndexes, length, argument ) {
+			return [ argument < 0 ? argument + length : argument ];
+		}),
 
-				return ret.length === 0 ? null : ret;
+		"even": createPositionalPseudo(function( matchIndexes, length ) {
+			var i = 0;
+			for ( ; i < length; i += 2 ) {
+				matchIndexes.push( i );
 			}
-		},
-		TAG: function(match, context){
-			return context.getElementsByTagName(match[1]);
-		}
-	},
-	preFilter: {
-		CLASS: function(match, curLoop, inplace, result, not, isXML){
-			match = " " + match[1].replace(/\\/g, "") + " ";
+			return matchIndexes;
+		}),
 
-			if ( isXML ) {
-				return match;
+		"odd": createPositionalPseudo(function( matchIndexes, length ) {
+			var i = 1;
+			for ( ; i < length; i += 2 ) {
+				matchIndexes.push( i );
 			}
+			return matchIndexes;
+		}),
 
-			for ( var i = 0, elem; (elem = curLoop[i]) != null; i++ ) {
-				if ( elem ) {
-					if ( not ^ (elem.className && (" " + elem.className + " ").indexOf(match) >= 0) ) {
-						if ( !inplace )
-							result.push( elem );
-					} else if ( inplace ) {
-						curLoop[i] = false;
-					}
-				}
+		"lt": createPositionalPseudo(function( matchIndexes, length, argument ) {
+			var i = argument < 0 ? argument + length : argument;
+			for ( ; --i >= 0; ) {
+				matchIndexes.push( i );
 			}
+			return matchIndexes;
+		}),
 
-			return false;
-		},
-		ID: function(match){
-			return match[1].replace(/\\/g, "");
-		},
-		TAG: function(match, curLoop){
-			for ( var i = 0; curLoop[i] === false; i++ ){}
-			return curLoop[i] && isXML(curLoop[i]) ? match[1] : match[1].toUpperCase();
-		},
-		CHILD: function(match){
-			if ( match[1] == "nth" ) {
-				var test = /(-?)(\d*)n((?:\+|-)?\d*)/.exec(
-					match[2] == "even" && "2n" || match[2] == "odd" && "2n+1" ||
-					!/\D/.test( match[2] ) && "0n+" + match[2] || match[2]);
-
-				match[2] = (test[1] + (test[2] || 1)) - 0;
-				match[3] = test[3] - 0;
+		"gt": createPositionalPseudo(function( matchIndexes, length, argument ) {
+			var i = argument < 0 ? argument + length : argument;
+			for ( ; ++i < length; ) {
+				matchIndexes.push( i );
 			}
+			return matchIndexes;
+		})
+	}
+};
 
-			match[0] = done++;
+Expr.pseudos["nth"] = Expr.pseudos["eq"];
 
-			return match;
-		},
-		ATTR: function(match, curLoop, inplace, result, not, isXML){
-			var name = match[1].replace(/\\/g, "");
+for ( i in { radio: true, checkbox: true, file: true, password: true, image: true } ) {
+	Expr.pseudos[ i ] = createInputPseudo( i );
+}
+for ( i in { submit: true, reset: true } ) {
+	Expr.pseudos[ i ] = createButtonPseudo( i );
+}
 
-			if ( !isXML && Expr.attrMap[name] ) {
-				match[1] = Expr.attrMap[name];
-			}
+function setFilters() {}
+setFilters.prototype = Expr.filters = Expr.pseudos;
+Expr.setFilters = new setFilters();
 
-			if ( match[2] === "~=" ) {
-				match[4] = " " + match[4] + " ";
-			}
+function tokenize( selector, parseOnly ) {
+	var matched, match, tokens, type,
+		soFar, groups, preFilters,
+		cached = tokenCache[ selector + " " ];
 
-			return match;
-		},
-		PSEUDO: function(match, curLoop, inplace, result, not){
-			if ( match[1] === "not" ) {
-				if ( ( chunker.exec(match[3]) || "" ).length > 1 || /^\w/.test(match[3]) ) {
-					match[3] = Sizzle(match[3], null, null, curLoop);
-				} else {
-					var ret = Sizzle.filter(match[3], curLoop, inplace, true ^ not);
-					if ( !inplace ) {
-						result.push.apply( result, ret );
-					}
-					return false;
-				}
-			} else if ( Expr.match.POS.test( match[0] ) || Expr.match.CHILD.test( match[0] ) ) {
-				return true;
+	if ( cached ) {
+		return parseOnly ? 0 : cached.slice( 0 );
+	}
+
+	soFar = selector;
+	groups = [];
+	preFilters = Expr.preFilter;
+
+	while ( soFar ) {
+
+		if ( !matched || (match = rcomma.exec( soFar )) ) {
+			if ( match ) {
+				soFar = soFar.slice( match[0].length ) || soFar;
 			}
+			groups.push( (tokens = []) );
+		}
 
-			return match;
-		},
-		POS: function(match){
-			match.unshift( true );
-			return match;
+		matched = false;
+
+		if ( (match = rcombinators.exec( soFar )) ) {
+			matched = match.shift();
+			tokens.push({
+				value: matched,
+				type: match[0].replace( rtrim, " " )
+			});
+			soFar = soFar.slice( matched.length );
 		}
-	},
-	filters: {
-		enabled: function(elem){
-			return elem.disabled === false && elem.type !== "hidden";
-		},
-		disabled: function(elem){
-			return elem.disabled === true;
-		},
-		checked: function(elem){
-			return elem.checked === true;
-		},
-		selected: function(elem){
-			elem.parentNode.selectedIndex;
-			return elem.selected === true;
-		},
-		parent: function(elem){
-			return !!elem.firstChild;
-		},
-		empty: function(elem){
-			return !elem.firstChild;
-		},
-		has: function(elem, i, match){
-			return !!Sizzle( match[3], elem ).length;
-		},
-		header: function(elem){
-			return /h\d/i.test( elem.nodeName );
-		},
-		text: function(elem){
-			return "text" === elem.type;
-		},
-		radio: function(elem){
-			return "radio" === elem.type;
-		},
-		checkbox: function(elem){
-			return "checkbox" === elem.type;
-		},
-		file: function(elem){
-			return "file" === elem.type;
-		},
-		password: function(elem){
-			return "password" === elem.type;
-		},
-		submit: function(elem){
-			return "submit" === elem.type;
-		},
-		image: function(elem){
-			return "image" === elem.type;
-		},
-		reset: function(elem){
-			return "reset" === elem.type;
-		},
-		button: function(elem){
-			return "button" === elem.type || elem.nodeName.toUpperCase() === "BUTTON";
-		},
-		input: function(elem){
-			return /input|select|textarea|button/i.test(elem.nodeName);
+
+		for ( type in Expr.filter ) {
+			if ( (match = matchExpr[ type ].exec( soFar )) && (!preFilters[ type ] ||
+				(match = preFilters[ type ]( match ))) ) {
+				matched = match.shift();
+				tokens.push({
+					value: matched,
+					type: type,
+					matches: match
+				});
+				soFar = soFar.slice( matched.length );
+			}
 		}
-	},
-	setFilters: {
-		first: function(elem, i){
-			return i === 0;
-		},
-		last: function(elem, i, match, array){
-			return i === array.length - 1;
-		},
-		even: function(elem, i){
-			return i % 2 === 0;
-		},
-		odd: function(elem, i){
-			return i % 2 === 1;
-		},
-		lt: function(elem, i, match){
-			return i < match[3] - 0;
-		},
-		gt: function(elem, i, match){
-			return i > match[3] - 0;
-		},
-		nth: function(elem, i, match){
-			return match[3] - 0 == i;
-		},
-		eq: function(elem, i, match){
-			return match[3] - 0 == i;
+
+		if ( !matched ) {
+			break;
 		}
-	},
-	filter: {
-		PSEUDO: function(elem, match, i, array){
-			var name = match[1], filter = Expr.filters[ name ];
-
-			if ( filter ) {
-				return filter( elem, i, match, array );
-			} else if ( name === "contains" ) {
-				return (elem.textContent || elem.innerText || "").indexOf(match[3]) >= 0;
-			} else if ( name === "not" ) {
-				var not = match[3];
-
-				for ( var i = 0, l = not.length; i < l; i++ ) {
-					if ( not[i] === elem ) {
-						return false;
-					}
-				}
+	}
 
-				return true;
-			}
-		},
-		CHILD: function(elem, match){
-			var type = match[1], node = elem;
-			switch (type) {
-				case 'only':
-				case 'first':
-					while ( (node = node.previousSibling) )  {
-						if ( node.nodeType === 1 ) return false;
-					}
-					if ( type == 'first') return true;
-					node = elem;
-				case 'last':
-					while ( (node = node.nextSibling) )  {
-						if ( node.nodeType === 1 ) return false;
-					}
-					return true;
-				case 'nth':
-					var first = match[2], last = match[3];
+	return parseOnly ?
+		soFar.length :
+		soFar ?
+			Sizzle.error( selector ) :
+			tokenCache( selector, groups ).slice( 0 );
+}
 
-					if ( first == 1 && last == 0 ) {
-						return true;
-					}
+function toSelector( tokens ) {
+	var i = 0,
+		len = tokens.length,
+		selector = "";
+	for ( ; i < len; i++ ) {
+		selector += tokens[i].value;
+	}
+	return selector;
+}
+
+function addCombinator( matcher, combinator, base ) {
+	var dir = combinator.dir,
+		checkNonElements = base && dir === "parentNode",
+		doneName = done++;
 
-					var doneName = match[0],
-						parent = elem.parentNode;
+	return combinator.first ?
+		function( elem, context, xml ) {
+			while ( (elem = elem[ dir ]) ) {
+				if ( elem.nodeType === 1 || checkNonElements ) {
+					return matcher( elem, context, xml );
+				}
+			}
+		} :
 
-					if ( parent && (parent.sizcache !== doneName || !elem.nodeIndex) ) {
-						var count = 0;
-						for ( node = parent.firstChild; node; node = node.nextSibling ) {
-							if ( node.nodeType === 1 ) {
-								node.nodeIndex = ++count;
+		function( elem, context, xml ) {
+			var oldCache, outerCache,
+				newCache = [ dirruns, doneName ];
+
+			if ( xml ) {
+				while ( (elem = elem[ dir ]) ) {
+					if ( elem.nodeType === 1 || checkNonElements ) {
+						if ( matcher( elem, context, xml ) ) {
+							return true;
+						}
+					}
+				}
+			} else {
+				while ( (elem = elem[ dir ]) ) {
+					if ( elem.nodeType === 1 || checkNonElements ) {
+						outerCache = elem[ expando ] || (elem[ expando ] = {});
+						if ( (oldCache = outerCache[ dir ]) &&
+							oldCache[ 0 ] === dirruns && oldCache[ 1 ] === doneName ) {
+
+							return (newCache[ 2 ] = oldCache[ 2 ]);
+						} else {
+							outerCache[ dir ] = newCache;
+
+							if ( (newCache[ 2 ] = matcher( elem, context, xml )) ) {
+								return true;
 							}
 						}
-						parent.sizcache = doneName;
 					}
+				}
+			}
+		};
+}
 
-					var diff = elem.nodeIndex - last;
-					if ( first == 0 ) {
-						return diff == 0;
-					} else {
-						return ( diff % first == 0 && diff / first >= 0 );
-					}
+function elementMatcher( matchers ) {
+	return matchers.length > 1 ?
+		function( elem, context, xml ) {
+			var i = matchers.length;
+			while ( i-- ) {
+				if ( !matchers[i]( elem, context, xml ) ) {
+					return false;
+				}
 			}
-		},
-		ID: function(elem, match){
-			return elem.nodeType === 1 && elem.getAttribute("id") === match;
-		},
-		TAG: function(elem, match){
-			return (match === "*" && elem.nodeType === 1) || elem.nodeName === match;
-		},
-		CLASS: function(elem, match){
-			return (" " + (elem.className || elem.getAttribute("class")) + " ")
-				.indexOf( match ) > -1;
-		},
-		ATTR: function(elem, match){
-			var name = match[1],
-				result = Expr.attrHandle[ name ] ?
-					Expr.attrHandle[ name ]( elem ) :
-					elem[ name ] != null ?
-						elem[ name ] :
-						elem.getAttribute( name ),
-				value = result + "",
-				type = match[2],
-				check = match[4];
-
-			return result == null ?
-				type === "!=" :
-				type === "=" ?
-				value === check :
-				type === "*=" ?
-				value.indexOf(check) >= 0 :
-				type === "~=" ?
-				(" " + value + " ").indexOf(check) >= 0 :
-				!check ?
-				value && result !== false :
-				type === "!=" ?
-				value != check :
-				type === "^=" ?
-				value.indexOf(check) === 0 :
-				type === "$=" ?
-				value.substr(value.length - check.length) === check :
-				type === "|=" ?
-				value === check || value.substr(0, check.length + 1) === check + "-" :
-				false;
-		},
-		POS: function(elem, match, i, array){
-			var name = match[2], filter = Expr.setFilters[ name ];
+			return true;
+		} :
+		matchers[0];
+}
+
+function multipleContexts( selector, contexts, results ) {
+	var i = 0,
+		len = contexts.length;
+	for ( ; i < len; i++ ) {
+		Sizzle( selector, contexts[i], results );
+	}
+	return results;
+}
 
-			if ( filter ) {
-				return filter( elem, i, match, array );
+function condense( unmatched, map, filter, context, xml ) {
+	var elem,
+		newUnmatched = [],
+		i = 0,
+		len = unmatched.length,
+		mapped = map != null;
+
+	for ( ; i < len; i++ ) {
+		if ( (elem = unmatched[i]) ) {
+			if ( !filter || filter( elem, context, xml ) ) {
+				newUnmatched.push( elem );
+				if ( mapped ) {
+					map.push( i );
+				}
 			}
 		}
 	}
-};
-
-var origPOS = Expr.match.POS;
 
-for ( var type in Expr.match ) {
-	Expr.match[ type ] = new RegExp( Expr.match[ type ].source + /(?![^\[]*\])(?![^\(]*\))/.source );
-	Expr.leftMatch[ type ] = new RegExp( /(^(?:.|\r|\n)*?)/.source + Expr.match[ type ].source );
+	return newUnmatched;
 }
 
-var makeArray = function(array, results) {
-	array = Array.prototype.slice.call( array, 0 );
-
-	if ( results ) {
-		results.push.apply( results, array );
-		return results;
+function setMatcher( preFilter, selector, matcher, postFilter, postFinder, postSelector ) {
+	if ( postFilter && !postFilter[ expando ] ) {
+		postFilter = setMatcher( postFilter );
 	}
+	if ( postFinder && !postFinder[ expando ] ) {
+		postFinder = setMatcher( postFinder, postSelector );
+	}
+	return markFunction(function( seed, results, context, xml ) {
+		var temp, i, elem,
+			preMap = [],
+			postMap = [],
+			preexisting = results.length,
 
-	return array;
-};
+			elems = seed || multipleContexts( selector || "*", context.nodeType ? [ context ] : context, [] ),
 
-try {
-	Array.prototype.slice.call( document.documentElement.childNodes, 0 );
+			matcherIn = preFilter && ( seed || !selector ) ?
+				condense( elems, preMap, preFilter, context, xml ) :
+				elems,
 
-} catch(e){
-	makeArray = function(array, results) {
-		var ret = results || [];
+			matcherOut = matcher ?
+				postFinder || ( seed ? preFilter : preexisting || postFilter ) ?
 
-		if ( toString.call(array) === "[object Array]" ) {
-			Array.prototype.push.apply( ret, array );
-		} else {
-			if ( typeof array.length === "number" ) {
-				for ( var i = 0, l = array.length; i < l; i++ ) {
-					ret.push( array[i] );
-				}
-			} else {
-				for ( var i = 0; array[i]; i++ ) {
-					ret.push( array[i] );
+					[] :
+
+					results :
+				matcherIn;
+
+		if ( matcher ) {
+			matcher( matcherIn, matcherOut, context, xml );
+		}
+
+		if ( postFilter ) {
+			temp = condense( matcherOut, postMap );
+			postFilter( temp, [], context, xml );
+
+			i = temp.length;
+			while ( i-- ) {
+				if ( (elem = temp[i]) ) {
+					matcherOut[ postMap[i] ] = !(matcherIn[ postMap[i] ] = elem);
 				}
 			}
 		}
 
-		return ret;
-	};
-}
+		if ( seed ) {
+			if ( postFinder || preFilter ) {
+				if ( postFinder ) {
+					temp = [];
+					i = matcherOut.length;
+					while ( i-- ) {
+						if ( (elem = matcherOut[i]) ) {
+							temp.push( (matcherIn[i] = elem) );
+						}
+					}
+					postFinder( null, (matcherOut = []), temp, xml );
+				}
 
-var sortOrder;
+				i = matcherOut.length;
+				while ( i-- ) {
+					if ( (elem = matcherOut[i]) &&
+						(temp = postFinder ? indexOf.call( seed, elem ) : preMap[i]) > -1 ) {
 
-if ( document.documentElement.compareDocumentPosition ) {
-	sortOrder = function( a, b ) {
-		if ( !a.compareDocumentPosition || !b.compareDocumentPosition ) {
-			if ( a == b ) {
-				hasDuplicate = true;
+						seed[temp] = !(results[temp] = elem);
+					}
+				}
 			}
-			return 0;
-		}
 
-		var ret = a.compareDocumentPosition(b) & 4 ? -1 : a === b ? 0 : 1;
-		if ( ret === 0 ) {
-			hasDuplicate = true;
-		}
-		return ret;
-	};
-} else if ( "sourceIndex" in document.documentElement ) {
-	sortOrder = function( a, b ) {
-		if ( !a.sourceIndex || !b.sourceIndex ) {
-			if ( a == b ) {
-				hasDuplicate = true;
+		} else {
+			matcherOut = condense(
+				matcherOut === results ?
+					matcherOut.splice( preexisting, matcherOut.length ) :
+					matcherOut
+			);
+			if ( postFinder ) {
+				postFinder( null, results, matcherOut, xml );
+			} else {
+				push.apply( results, matcherOut );
 			}
-			return 0;
 		}
+	});
+}
 
-		var ret = a.sourceIndex - b.sourceIndex;
-		if ( ret === 0 ) {
-			hasDuplicate = true;
-		}
-		return ret;
-	};
-} else if ( document.createRange ) {
-	sortOrder = function( a, b ) {
-		if ( !a.ownerDocument || !b.ownerDocument ) {
-			if ( a == b ) {
-				hasDuplicate = true;
+function matcherFromTokens( tokens ) {
+	var checkContext, matcher, j,
+		len = tokens.length,
+		leadingRelative = Expr.relative[ tokens[0].type ],
+		implicitRelative = leadingRelative || Expr.relative[" "],
+		i = leadingRelative ? 1 : 0,
+
+		matchContext = addCombinator( function( elem ) {
+			return elem === checkContext;
+		}, implicitRelative, true ),
+		matchAnyContext = addCombinator( function( elem ) {
+			return indexOf.call( checkContext, elem ) > -1;
+		}, implicitRelative, true ),
+		matchers = [ function( elem, context, xml ) {
+			return ( !leadingRelative && ( xml || context !== outermostContext ) ) || (
+				(checkContext = context).nodeType ?
+					matchContext( elem, context, xml ) :
+					matchAnyContext( elem, context, xml ) );
+		} ];
+
+	for ( ; i < len; i++ ) {
+		if ( (matcher = Expr.relative[ tokens[i].type ]) ) {
+			matchers = [ addCombinator(elementMatcher( matchers ), matcher) ];
+		} else {
+			matcher = Expr.filter[ tokens[i].type ].apply( null, tokens[i].matches );
+
+			if ( matcher[ expando ] ) {
+				j = ++i;
+				for ( ; j < len; j++ ) {
+					if ( Expr.relative[ tokens[j].type ] ) {
+						break;
+					}
+				}
+				return setMatcher(
+					i > 1 && elementMatcher( matchers ),
+					i > 1 && toSelector(
+						tokens.slice( 0, i - 1 ).concat({ value: tokens[ i - 2 ].type === " " ? "*" : "" })
+					).replace( rtrim, "$1" ),
+					matcher,
+					i < j && matcherFromTokens( tokens.slice( i, j ) ),
+					j < len && matcherFromTokens( (tokens = tokens.slice( j )) ),
+					j < len && toSelector( tokens )
+				);
 			}
-			return 0;
+			matchers.push( matcher );
 		}
+	}
 
-		var aRange = a.ownerDocument.createRange(), bRange = b.ownerDocument.createRange();
-		aRange.setStart(a, 0);
-		aRange.setEnd(a, 0);
-		bRange.setStart(b, 0);
-		bRange.setEnd(b, 0);
-		var ret = aRange.compareBoundaryPoints(Range.START_TO_END, bRange);
-		if ( ret === 0 ) {
-			hasDuplicate = true;
-		}
-		return ret;
-	};
+	return elementMatcher( matchers );
 }
 
-(function(){
-	var form = document.createElement("div"),
-		id = "script" + (new Date).getTime();
-	form.innerHTML = "<a name='" + id + "'/>";
+function matcherFromGroupMatchers( elementMatchers, setMatchers ) {
+	var bySet = setMatchers.length > 0,
+		byElement = elementMatchers.length > 0,
+		superMatcher = function( seed, context, xml, results, outermost ) {
+			var elem, j, matcher,
+				matchedCount = 0,
+				i = "0",
+				unmatched = seed && [],
+				setMatched = [],
+				contextBackup = outermostContext,
+				elems = seed || byElement && Expr.find["TAG"]( "*", outermost ),
+				dirrunsUnique = (dirruns += contextBackup == null ? 1 : Math.random() || 0.1),
+				len = elems.length;
+
+			if ( outermost ) {
+				outermostContext = context !== document && context;
+			}
+
+			for ( ; i !== len && (elem = elems[i]) != null; i++ ) {
+				if ( byElement && elem ) {
+					j = 0;
+					while ( (matcher = elementMatchers[j++]) ) {
+						if ( matcher( elem, context, xml ) ) {
+							results.push( elem );
+							break;
+						}
+					}
+					if ( outermost ) {
+						dirruns = dirrunsUnique;
+					}
+				}
 
-	var root = document.documentElement;
-	root.insertBefore( form, root.firstChild );
+				if ( bySet ) {
+					if ( (elem = !matcher && elem) ) {
+						matchedCount--;
+					}
 
-	if ( !!document.getElementById( id ) ) {
-		Expr.find.ID = function(match, context, isXML){
-			if ( typeof context.getElementById !== "undefined" && !isXML ) {
-				var m = context.getElementById(match[1]);
-				return m ? m.id === match[1] || typeof m.getAttributeNode !== "undefined" && m.getAttributeNode("id").nodeValue === match[1] ? [m] : undefined : [];
+					if ( seed ) {
+						unmatched.push( elem );
+					}
+				}
 			}
-		};
 
-		Expr.filter.ID = function(elem, match){
-			var node = typeof elem.getAttributeNode !== "undefined" && elem.getAttributeNode("id");
-			return elem.nodeType === 1 && node && node.nodeValue === match;
-		};
-	}
-
-	root.removeChild( form );
-	root = form = null; // release memory in IE
-})();
+			matchedCount += i;
+			if ( bySet && i !== matchedCount ) {
+				j = 0;
+				while ( (matcher = setMatchers[j++]) ) {
+					matcher( unmatched, setMatched, context, xml );
+				}
 
-(function(){
+				if ( seed ) {
+					if ( matchedCount > 0 ) {
+						while ( i-- ) {
+							if ( !(unmatched[i] || setMatched[i]) ) {
+								setMatched[i] = pop.call( results );
+							}
+						}
+					}
 
-	var div = document.createElement("div");
-	div.appendChild( document.createComment("") );
+					setMatched = condense( setMatched );
+				}
 
-	if ( div.getElementsByTagName("*").length > 0 ) {
-		Expr.find.TAG = function(match, context){
-			var results = context.getElementsByTagName(match[1]);
+				push.apply( results, setMatched );
 
-			if ( match[1] === "*" ) {
-				var tmp = [];
+				if ( outermost && !seed && setMatched.length > 0 &&
+					( matchedCount + setMatchers.length ) > 1 ) {
 
-				for ( var i = 0; results[i]; i++ ) {
-					if ( results[i].nodeType === 1 ) {
-						tmp.push( results[i] );
-					}
+					Sizzle.uniqueSort( results );
 				}
-
-				results = tmp;
 			}
 
-			return results;
-		};
-	}
+			if ( outermost ) {
+				dirruns = dirrunsUnique;
+				outermostContext = contextBackup;
+			}
 
-	div.innerHTML = "<a href='#'></a>";
-	if ( div.firstChild && typeof div.firstChild.getAttribute !== "undefined" &&
-			div.firstChild.getAttribute("href") !== "#" ) {
-		Expr.attrHandle.href = function(elem){
-			return elem.getAttribute("href", 2);
+			return unmatched;
 		};
-	}
-
-	div = null; // release memory in IE
-})();
 
-if ( document.querySelectorAll ) (function(){
-	var oldSizzle = Sizzle, div = document.createElement("div");
-	div.innerHTML = "<p class='TEST'></p>";
-
-	if ( div.querySelectorAll && div.querySelectorAll(".TEST").length === 0 ) {
-		return;
-	}
+	return bySet ?
+		markFunction( superMatcher ) :
+		superMatcher;
+}
 
-	Sizzle = function(query, context, extra, seed){
-		context = context || document;
+compile = Sizzle.compile = function( selector, match /* Internal Use Only */ ) {
+	var i,
+		setMatchers = [],
+		elementMatchers = [],
+		cached = compilerCache[ selector + " " ];
 
-		if ( !seed && context.nodeType === 9 && !isXML(context) ) {
-			try {
-				return makeArray( context.querySelectorAll(query), extra );
-			} catch(e){}
+	if ( !cached ) {
+		if ( !match ) {
+			match = tokenize( selector );
+		}
+		i = match.length;
+		while ( i-- ) {
+			cached = matcherFromTokens( match[i] );
+			if ( cached[ expando ] ) {
+				setMatchers.push( cached );
+			} else {
+				elementMatchers.push( cached );
+			}
 		}
 
-		return oldSizzle(query, context, extra, seed);
-	};
+		cached = compilerCache( selector, matcherFromGroupMatchers( elementMatchers, setMatchers ) );
 
-	for ( var prop in oldSizzle ) {
-		Sizzle[ prop ] = oldSizzle[ prop ];
+		cached.selector = selector;
 	}
+	return cached;
+};
 
-	div = null; // release memory in IE
-})();
+/**
+ * A low-level selection function that works with Sizzle's compiled
+ *  selector functions
+ * @param {String|Function} selector A selector or a pre-compiled
+ *  selector function built with Sizzle.compile
+ * @param {Element} context
+ * @param {Array} [results]
+ * @param {Array} [seed] A set of elements to match against
+ */
+select = Sizzle.select = function( selector, context, results, seed ) {
+	var i, tokens, token, type, find,
+		compiled = typeof selector === "function" && selector,
+		match = !seed && tokenize( (selector = compiled.selector || selector) );
 
-if ( document.getElementsByClassName && document.documentElement.getElementsByClassName ) (function(){
-	var div = document.createElement("div");
-	div.innerHTML = "<div class='test e'></div><div class='test'></div>";
+	results = results || [];
 
-	if ( div.getElementsByClassName("e").length === 0 )
-		return;
+	if ( match.length === 1 ) {
 
-	div.lastChild.className = "e";
+		tokens = match[0] = match[0].slice( 0 );
+		if ( tokens.length > 2 && (token = tokens[0]).type === "ID" &&
+				support.getById && context.nodeType === 9 && documentIsHTML &&
+				Expr.relative[ tokens[1].type ] ) {
 
-	if ( div.getElementsByClassName("e").length === 1 )
-		return;
+			context = ( Expr.find["ID"]( token.matches[0].replace(runescape, funescape), context ) || [] )[0];
+			if ( !context ) {
+				return results;
 
-	Expr.order.splice(1, 0, "CLASS");
-	Expr.find.CLASS = function(match, context, isXML) {
-		if ( typeof context.getElementsByClassName !== "undefined" && !isXML ) {
-			return context.getElementsByClassName(match[1]);
+			} else if ( compiled ) {
+				context = context.parentNode;
+			}
+
+			selector = selector.slice( tokens.shift().value.length );
 		}
-	};
 
-	div = null; // release memory in IE
-})();
+		i = matchExpr["needsContext"].test( selector ) ? 0 : tokens.length;
+		while ( i-- ) {
+			token = tokens[i];
 
-function dirNodeCheck( dir, cur, doneName, checkSet, nodeCheck, isXML ) {
-	var sibDir = dir == "previousSibling" && !isXML;
-	for ( var i = 0, l = checkSet.length; i < l; i++ ) {
-		var elem = checkSet[i];
-		if ( elem ) {
-			if ( sibDir && elem.nodeType === 1 ){
-				elem.sizcache = doneName;
-				elem.sizset = i;
+			if ( Expr.relative[ (type = token.type) ] ) {
+				break;
 			}
-			elem = elem[dir];
-			var match = false;
-
-			while ( elem ) {
-				if ( elem.sizcache === doneName ) {
-					match = checkSet[elem.sizset];
-					break;
-				}
-
-				if ( elem.nodeType === 1 && !isXML ){
-					elem.sizcache = doneName;
-					elem.sizset = i;
-				}
+			if ( (find = Expr.find[ type ]) ) {
+				if ( (seed = find(
+					token.matches[0].replace( runescape, funescape ),
+					rsibling.test( tokens[0].type ) && testContext( context.parentNode ) || context
+				)) ) {
+
+					tokens.splice( i, 1 );
+					selector = seed.length && toSelector( tokens );
+					if ( !selector ) {
+						push.apply( results, seed );
+						return results;
+					}
 
-				if ( elem.nodeName === cur ) {
-					match = elem;
 					break;
 				}
-
-				elem = elem[dir];
 			}
-
-			checkSet[i] = match;
 		}
 	}
-}
 
-function dirCheck( dir, cur, doneName, checkSet, nodeCheck, isXML ) {
-	var sibDir = dir == "previousSibling" && !isXML;
-	for ( var i = 0, l = checkSet.length; i < l; i++ ) {
-		var elem = checkSet[i];
-		if ( elem ) {
-			if ( sibDir && elem.nodeType === 1 ) {
-				elem.sizcache = doneName;
-				elem.sizset = i;
-			}
-			elem = elem[dir];
-			var match = false;
+	( compiled || compile( selector, match ) )(
+		seed,
+		context,
+		!documentIsHTML,
+		results,
+		rsibling.test( selector ) && testContext( context.parentNode ) || context
+	);
+	return results;
+};
 
-			while ( elem ) {
-				if ( elem.sizcache === doneName ) {
-					match = checkSet[elem.sizset];
-					break;
-				}
 
-				if ( elem.nodeType === 1 ) {
-					if ( !isXML ) {
-						elem.sizcache = doneName;
-						elem.sizset = i;
-					}
-					if ( typeof cur !== "string" ) {
-						if ( elem === cur ) {
-							match = true;
-							break;
-						}
+support.sortStable = expando.split("").sort( sortOrder ).join("") === expando;
 
-					} else if ( Sizzle.filter( cur, [elem] ).length > 0 ) {
-						match = elem;
-						break;
-					}
-				}
+support.detectDuplicates = !!hasDuplicate;
 
-				elem = elem[dir];
-			}
+setDocument();
+
+support.sortDetached = assert(function( div1 ) {
+	return div1.compareDocumentPosition( document.createElement("div") ) & 1;
+});
 
-			checkSet[i] = match;
+if ( !assert(function( div ) {
+	div.innerHTML = "<a href='#'></a>";
+	return div.firstChild.getAttribute("href") === "#" ;
+}) ) {
+	addHandle( "type|href|height|width", function( elem, name, isXML ) {
+		if ( !isXML ) {
+			return elem.getAttribute( name, name.toLowerCase() === "type" ? 1 : 2 );
 		}
-	}
+	});
 }
 
-var contains = document.compareDocumentPosition ?  function(a, b){
-	return a.compareDocumentPosition(b) & 16;
-} : function(a, b){
-	return a !== b && (a.contains ? a.contains(b) : true);
-};
-
-var isXML = function(elem){
-	return elem.nodeType === 9 && elem.documentElement.nodeName !== "HTML" ||
-		!!elem.ownerDocument && elem.ownerDocument.documentElement.nodeName !== "HTML";
-};
-
-var posProcess = function(selector, context){
-	var tmpSet = [], later = "", match,
-		root = context.nodeType ? [context] : context;
-
-	while ( (match = Expr.match.PSEUDO.exec( selector )) ) {
-		later += match[0];
-		selector = selector.replace( Expr.match.PSEUDO, "" );
-	}
-
-	selector = Expr.relative[selector] ? selector + "*" : selector;
+if ( !support.attributes || !assert(function( div ) {
+	div.innerHTML = "<input/>";
+	div.firstChild.setAttribute( "value", "" );
+	return div.firstChild.getAttribute( "value" ) === "";
+}) ) {
+	addHandle( "value", function( elem, name, isXML ) {
+		if ( !isXML && elem.nodeName.toLowerCase() === "input" ) {
+			return elem.defaultValue;
+		}
+	});
+}
 
-	for ( var i = 0, l = root.length; i < l; i++ ) {
-		Sizzle( selector, root[i], tmpSet );
-	}
+if ( !assert(function( div ) {
+	return div.getAttribute("disabled") == null;
+}) ) {
+	addHandle( booleans, function( elem, name, isXML ) {
+		var val;
+		if ( !isXML ) {
+			return elem[ name ] === true ? name.toLowerCase() :
+					(val = elem.getAttributeNode( name )) && val.specified ?
+					val.value :
+				null;
+		}
+	});
+}
 
-	return Sizzle.filter( later, tmpSet );
-};
+if ( typeof define === "function" && define.amd ) {
+	define(function() { return Sizzle; });
+} else if ( typeof module !== "undefined" && module.exports ) {
+	module.exports = Sizzle;
+} else {
+	window.Sizzle = Sizzle;
+}
 
+})( window );
 
-window.Sizzle = Sizzle;
+;(function() {
+  if (typeof Sizzle !== 'undefined') {
+    return;
+  }
 
+  if (typeof define !== 'undefined' && define.amd) {
+    window.Sizzle = Prototype._actual_sizzle;
+    window.define = Prototype._original_define;
+    delete Prototype._actual_sizzle;
+    delete Prototype._original_define;
+  } else if (typeof module !== 'undefined' && module.exports) {
+    window.Sizzle = module.exports;
+    module.exports = {};
+  }
 })();
 
 ;(function(engine) {
@@ -5026,15 +6325,23 @@ var Form = {
       accumulator = function(result, key, value) {
         if (key in result) {
           if (!Object.isArray(result[key])) result[key] = [result[key]];
-          result[key].push(value);
+          result[key] = result[key].concat(value);
         } else result[key] = value;
         return result;
       };
     } else {
       initial = '';
-      accumulator = function(result, key, value) {
-        return result + (result ? '&' : '') + encodeURIComponent(key) + '=' + encodeURIComponent(value);
-      }
+      accumulator = function(result, key, values) {
+        if (!Object.isArray(values)) {values = [values];}
+        if (!values.length) {return result;}
+        var encodedKey = encodeURIComponent(key).gsub(/%20/, '+');
+        return result + (result ? "&" : "") + values.map(function (value) {
+          value = value.gsub(/(\r)?\n/, '\r\n');
+          value = encodeURIComponent(value);
+          value = value.gsub(/%20/, '+');
+          return encodedKey + "=" + value;
+        }).join("&");
+      };
     }
 
     return elements.inject(initial, function(result, element) {
@@ -5055,42 +6362,30 @@ Form.Methods = {
     return Form.serializeElements(Form.getElements(form), options);
   },
 
+
   getElements: function(form) {
-    var elements = $(form).getElementsByTagName('*'),
-        element,
-        arr = [ ],
-        serializers = Form.Element.Serializers;
+    var elements = $(form).getElementsByTagName('*');
+    var element, results = [], serializers = Form.Element.Serializers;
+
     for (var i = 0; element = elements[i]; i++) {
-      arr.push(element);
+      if (serializers[element.tagName.toLowerCase()])
+        results.push(Element.extend(element));
     }
-    return arr.inject([], function(elements, child) {
-      if (serializers[child.tagName.toLowerCase()])
-        elements.push(Element.extend(child));
-      return elements;
-    })
+    return results;
   },
 
   getInputs: function(form, typeName, name) {
     form = $(form);
     var inputs = form.getElementsByTagName('input');
-    var textareas = form.getElementsByTagName('textarea');
-    // KK patch
-    var selects = form.getElementsByTagName('select');
-
-    if (!typeName && !name) return $A(inputs).concat($A(textareas)).concat($A(selects)).map(Element.extend);
-
-    var matchingInputs = [];
-    var f = function(inputs) {
-      for (var i = 0, length = inputs.length; i < length; i++) {
-        var input = inputs[i];
-        if ((typeName && input.type != typeName) || (name && input.name != name))
-          continue;
-        matchingInputs.push(Element.extend(input));
-      }
-    };
-    f(inputs);
-    f(textareas);
-    f(selects);
+
+    if (!typeName && !name) return $A(inputs).map(Element.extend);
+
+    for (var i = 0, matchingInputs = [], length = inputs.length; i < length; i++) {
+      var input = inputs[i];
+      if ((typeName && input.type != typeName) || (name && input.name != name))
+        continue;
+      matchingInputs.push(Element.extend(input));
+    }
 
     return matchingInputs;
   },
@@ -5386,7 +6681,11 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
     return Form.serialize(this.element);
   }
 });
-(function() {
+(function(GLOBAL) {
+  var DIV = document.createElement('div');
+  var docEl = document.documentElement;
+  var MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED = 'onmouseenter' in docEl
+   && 'onmouseleave' in docEl;
 
   var Event = {
     KEY_BACKSPACE: 8,
@@ -5402,16 +6701,9 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
     KEY_END:      35,
     KEY_PAGEUP:   33,
     KEY_PAGEDOWN: 34,
-    KEY_INSERT:   45,
-
-    cache: {}
+    KEY_INSERT:   45
   };
 
-  var docEl = document.documentElement;
-  var MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED = 'onmouseenter' in docEl
-    && 'onmouseleave' in docEl;
-
-
 
   var isIELegacyEvent = function(event) { return false; };
 
@@ -5467,6 +6759,10 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
   function isRightClick(event)  { return _isButton(event, 2) }
 
   function element(event) {
+    return Element.extend(_element(event));
+  }
+
+  function _element(event) {
     event = Event.extend(event);
 
     var node = event.target, type = event.type,
@@ -5479,20 +6775,15 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
             node = currentTarget;
     }
 
-    if (node.nodeType == Node.TEXT_NODE)
-      node = node.parentNode;
-
-    return Element.extend(node);
+    return node.nodeType == Node.TEXT_NODE ? node.parentNode : node;
   }
 
   function findElement(event, expression) {
-    var element = Event.element(event);
-
-    if (!expression) return element;
+    var element = _element(event), selector = Prototype.Selector;
+    if (!expression) return Element.extend(element);
     while (element) {
-      if (Object.isElement(element) && Prototype.Selector.match(element, expression)) {
+      if (Object.isElement(element) && selector.match(element, expression))
         return Element.extend(element);
-      }
       element = element.parentNode;
     }
   }
@@ -5604,198 +6895,268 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
     Object.extend(Event.prototype, methods);
   }
 
-  function _createResponder(element, eventName, handler) {
-    var registry = Element.retrieve(element, 'prototype_event_registry');
+  var EVENT_TRANSLATIONS = {
+    mouseenter: 'mouseover',
+    mouseleave: 'mouseout'
+  };
 
-    if (Object.isUndefined(registry)) {
-      CACHE.push(element);
-      registry = Element.retrieve(element, 'prototype_event_registry', $H());
-    }
+  function getDOMEventName(eventName) {
+    return EVENT_TRANSLATIONS[eventName] || eventName;
+  }
 
-    var respondersForEvent = registry.get(eventName);
-    if (Object.isUndefined(respondersForEvent)) {
-      respondersForEvent = [];
-      registry.set(eventName, respondersForEvent);
-    }
+  if (MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED)
+    getDOMEventName = Prototype.K;
 
-    if (respondersForEvent.pluck('handler').include(handler)) return false;
+  function getUniqueElementID(element) {
+    if (element === window) return 0;
 
-    var responder;
-    if (eventName.include(":")) {
-      responder = function(event) {
-        if (Object.isUndefined(event.eventName))
-          return false;
+    if (typeof element._prototypeUID === 'undefined')
+      element._prototypeUID = Element.Storage.UID++;
+    return element._prototypeUID;
+  }
 
-        if (event.eventName !== eventName)
-          return false;
+  function getUniqueElementID_IE(element) {
+    if (element === window) return 0;
+    if (element == document) return 1;
+    return element.uniqueID;
+  }
 
-        Event.extend(event, element);
-        handler.call(element, event);
-      };
-    } else {
-      if (!MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED &&
-       (eventName === "mouseenter" || eventName === "mouseleave")) {
-        if (eventName === "mouseenter" || eventName === "mouseleave") {
-          responder = function(event) {
-            Event.extend(event, element);
-
-            var parent = event.relatedTarget;
-            while (parent && parent !== element) {
-              try { parent = parent.parentNode; }
-              catch(e) { parent = element; }
-            }
-
-            if (parent === element) return;
-
-            handler.call(element, event);
-          };
-        }
-      } else {
-        responder = function(event) {
-          Event.extend(event, element);
-          handler.call(element, event);
-        };
-      }
-    }
+  if ('uniqueID' in DIV)
+    getUniqueElementID = getUniqueElementID_IE;
 
-    responder.handler = handler;
-    respondersForEvent.push(responder);
-    return responder;
+  function isCustomEvent(eventName) {
+    return eventName.include(':');
   }
 
-  function _destroyCache() {
-    for (var i = 0, length = CACHE.length; i < length; i++) {
-      Event.stopObserving(CACHE[i]);
-      CACHE[i] = null;
-    }
-  }
+  Event._isCustomEvent = isCustomEvent;
 
-  var CACHE = [];
+  function getOrCreateRegistryFor(element, uid) {
+    var CACHE = GLOBAL.Event.cache;
+    if (Object.isUndefined(uid))
+      uid = getUniqueElementID(element);
+    if (!CACHE[uid]) CACHE[uid] = { element: element };
+    return CACHE[uid];
+  }
 
-  if (Prototype.Browser.IE)
-    window.attachEvent('onunload', _destroyCache);
+  function destroyRegistryForElement(element, uid) {
+    if (Object.isUndefined(uid))
+      uid = getUniqueElementID(element);
+    delete GLOBAL.Event.cache[uid];
+  }
 
-  if (Prototype.Browser.WebKit)
-    window.addEventListener('unload', Prototype.emptyFunction, false);
 
+  function register(element, eventName, handler) {
+    var registry = getOrCreateRegistryFor(element);
+    if (!registry[eventName]) registry[eventName] = [];
+    var entries = registry[eventName];
 
-  var _getDOMEventName = Prototype.K,
-      translations = { mouseenter: "mouseover", mouseleave: "mouseout" };
+    var i = entries.length;
+    while (i--)
+      if (entries[i].handler === handler) return null;
 
-  if (!MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED) {
-    _getDOMEventName = function(eventName) {
-      return (translations[eventName] || eventName);
+    var uid = getUniqueElementID(element);
+    var responder = GLOBAL.Event._createResponder(uid, eventName, handler);
+    var entry = {
+      responder: responder,
+      handler:   handler
     };
+
+    entries.push(entry);
+    return entry;
   }
 
+  function unregister(element, eventName, handler) {
+    var registry = getOrCreateRegistryFor(element);
+    var entries = registry[eventName] || [];
+
+    var i = entries.length, entry;
+    while (i--) {
+      if (entries[i].handler === handler) {
+        entry = entries[i];
+        break;
+      }
+    }
+
+    if (entry) {
+      var index = entries.indexOf(entry);
+      entries.splice(index, 1);
+    }
+
+    if (entries.length === 0) {
+      delete registry[eventName];
+      if (Object.keys(registry).length === 1 && ('element' in registry))
+        destroyRegistryForElement(element);
+    }
+
+    return entry;
+  }
+
+
   function observe(element, eventName, handler) {
     element = $(element);
+    var entry = register(element, eventName, handler);
 
-    var responder = _createResponder(element, eventName, handler);
+    if (entry === null) return element;
 
-    if (!responder) return element;
+    var responder = entry.responder;
+    if (isCustomEvent(eventName))
+      observeCustomEvent(element, eventName, responder);
+    else
+      observeStandardEvent(element, eventName, responder);
 
-    if (eventName.include(':')) {
-      if (element.addEventListener)
-        element.addEventListener("dataavailable", responder, false);
-      else {
-        element.attachEvent("ondataavailable", responder);
-        element.attachEvent("onlosecapture", responder);
-      }
-    } else {
-      var actualEventName = _getDOMEventName(eventName);
+    return element;
+  }
 
-      if (element.addEventListener)
-        element.addEventListener(actualEventName, responder, false);
-      else
-        element.attachEvent("on" + actualEventName, responder);
+  function observeStandardEvent(element, eventName, responder) {
+    var actualEventName = getDOMEventName(eventName);
+    if (element.addEventListener) {
+      element.addEventListener(actualEventName, responder, false);
+    } else {
+      element.attachEvent('on' + actualEventName, responder);
     }
+  }
 
-    return element;
+  function observeCustomEvent(element, eventName, responder) {
+    if (element.addEventListener) {
+      element.addEventListener('dataavailable', responder, false);
+    } else {
+      element.attachEvent('ondataavailable', responder);
+      element.attachEvent('onlosecapture',   responder);
+    }
   }
 
   function stopObserving(element, eventName, handler) {
     element = $(element);
+    var handlerGiven = !Object.isUndefined(handler),
+     eventNameGiven = !Object.isUndefined(eventName);
 
-    var registry = Element.retrieve(element, 'prototype_event_registry');
-    if (!registry) return element;
-
-    if (!eventName) {
-      registry.each( function(pair) {
-        var eventName = pair.key;
-        stopObserving(element, eventName);
-      });
+    if (!eventNameGiven && !handlerGiven) {
+      stopObservingElement(element);
       return element;
     }
 
-    var responders = registry.get(eventName);
-    if (!responders) return element;
-
-    if (!handler) {
-      responders.each(function(r) {
-        stopObserving(element, eventName, r.handler);
-      });
+    if (!handlerGiven) {
+      stopObservingEventName(element, eventName);
       return element;
     }
 
-    var i = responders.length, responder;
-    while (i--) {
-      if (responders[i].handler === handler) {
-        responder = responders[i];
-        break;
-      }
+    var entry = unregister(element, eventName, handler);
+
+    if (!entry) return element;
+    removeEvent(element, eventName, entry.responder);
+    return element;
+  }
+
+  function stopObservingStandardEvent(element, eventName, responder) {
+    var actualEventName = getDOMEventName(eventName);
+    if (element.removeEventListener) {
+      element.removeEventListener(actualEventName, responder, false);
+    } else {
+      element.detachEvent('on' + actualEventName, responder);
     }
-    if (!responder) return element;
+  }
 
-    if (eventName.include(':')) {
-      if (element.removeEventListener)
-        element.removeEventListener("dataavailable", responder, false);
-      else {
-        element.detachEvent("ondataavailable", responder);
-        element.detachEvent("onlosecapture", responder);
-      }
+  function stopObservingCustomEvent(element, eventName, responder) {
+    if (element.removeEventListener) {
+      element.removeEventListener('dataavailable', responder, false);
     } else {
-      var actualEventName = _getDOMEventName(eventName);
-      if (element.removeEventListener)
-        element.removeEventListener(actualEventName, responder, false);
-      else
-        element.detachEvent('on' + actualEventName, responder);
+      element.detachEvent('ondataavailable', responder);
+      element.detachEvent('onlosecapture',   responder);
     }
+  }
 
-    registry.set(eventName, responders.without(responder));
 
-    return element;
+
+  function stopObservingElement(element) {
+    var uid = getUniqueElementID(element), registry = GLOBAL.Event.cache[uid];
+    if (!registry) return;
+
+    destroyRegistryForElement(element, uid);
+
+    var entries, i;
+    for (var eventName in registry) {
+      if (eventName === 'element') continue;
+
+      entries = registry[eventName];
+      i = entries.length;
+      while (i--)
+        removeEvent(element, eventName, entries[i].responder);
+    }
   }
 
-  function fire(element, eventName, memo, bubble) {
-    element = $(element);
+  function stopObservingEventName(element, eventName) {
+    var registry = getOrCreateRegistryFor(element);
+    var entries = registry[eventName];
+    if (entries) {
+      delete registry[eventName];
+    }
 
-    if (Object.isUndefined(bubble))
-      bubble = true;
+    entries = entries || [];
 
-    if (element == document && document.createEvent && !element.dispatchEvent)
-      element = document.documentElement;
+    var i = entries.length;
+    while (i--)
+      removeEvent(element, eventName, entries[i].responder);
 
-    var event;
-    if (document.createEvent) {
-      event = document.createEvent('HTMLEvents');
-      event.initEvent('dataavailable', bubble, true);
-    } else {
-      event = document.createEventObject();
-      event.eventType = bubble ? 'ondataavailable' : 'onlosecapture';
+    for (var name in registry) {
+      if (name === 'element') continue;
+      return; // There is another registered event
     }
 
-    event.eventName = eventName;
-    event.memo = memo || { };
+    destroyRegistryForElement(element);
+  }
 
-    if (document.createEvent)
-      element.dispatchEvent(event);
+
+  function removeEvent(element, eventName, handler) {
+    if (isCustomEvent(eventName))
+      stopObservingCustomEvent(element, eventName, handler);
     else
-      element.fireEvent(event.eventType, event);
+      stopObservingStandardEvent(element, eventName, handler);
+  }
+
+
 
+  function getFireTarget(element) {
+    if (element !== document) return element;
+    if (document.createEvent && !element.dispatchEvent)
+      return document.documentElement;
+    return element;
+  }
+
+  function fire(element, eventName, memo, bubble) {
+    element = getFireTarget($(element));
+    if (Object.isUndefined(bubble)) bubble = true;
+    memo = memo || {};
+
+    var event = fireEvent(element, eventName, memo, bubble);
     return Event.extend(event);
   }
 
+  function fireEvent_DOM(element, eventName, memo, bubble) {
+    var event = document.createEvent('HTMLEvents');
+    event.initEvent('dataavailable', bubble, true);
+
+    event.eventName = eventName;
+    event.memo = memo;
+
+    element.dispatchEvent(event);
+    return event;
+  }
+
+  function fireEvent_IE(element, eventName, memo, bubble) {
+    var event = document.createEventObject();
+    event.eventType = bubble ? 'ondataavailable' : 'onlosecapture';
+
+    event.eventName = eventName;
+    event.memo = memo;
+
+    element.fireEvent(event.eventType, event);
+    return event;
+  }
+
+  var fireEvent = document.createEvent ? fireEvent_DOM : fireEvent_IE;
+
+
+
   Event.Handler = Class.create({
     initialize: function(element, eventName, selector, callback) {
       this.element   = $(element);
@@ -5805,6 +7166,7 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
       this.handler   = this.handleEvent.bind(this);
     },
 
+
     start: function() {
       Event.observe(this.element, this.eventName, this.handler);
       return this;
@@ -5861,59 +7223,145 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
     loaded:        false
   });
 
-  if (window.Event) Object.extend(window.Event, Event);
-  else window.Event = Event;
-})();
+  if (GLOBAL.Event) Object.extend(window.Event, Event);
+  else GLOBAL.Event = Event;
 
-(function() {
+  GLOBAL.Event.cache = {};
+
+  function destroyCache_IE() {
+    GLOBAL.Event.cache = null;
+  }
+
+  if (window.attachEvent)
+    window.attachEvent('onunload', destroyCache_IE);
+
+  DIV = null;
+  docEl = null;
+})(this);
+
+(function(GLOBAL) {
+  /* Code for creating leak-free event responders is based on work by
+   John-David Dalton. */
+
+  var docEl = document.documentElement;
+  var MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED = 'onmouseenter' in docEl
+    && 'onmouseleave' in docEl;
+
+  function isSimulatedMouseEnterLeaveEvent(eventName) {
+    return !MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED &&
+     (eventName === 'mouseenter' || eventName === 'mouseleave');
+  }
+
+  function createResponder(uid, eventName, handler) {
+    if (Event._isCustomEvent(eventName))
+      return createResponderForCustomEvent(uid, eventName, handler);
+    if (isSimulatedMouseEnterLeaveEvent(eventName))
+      return createMouseEnterLeaveResponder(uid, eventName, handler);
+
+    return function(event) {
+      if (!Event.cache) return;
+
+      var element = Event.cache[uid].element;
+      Event.extend(event, element);
+      handler.call(element, event);
+    };
+  }
+
+  function createResponderForCustomEvent(uid, eventName, handler) {
+    return function(event) {
+      var cache = Event.cache[uid];
+      var element =  cache && cache.element;
+
+      if (Object.isUndefined(event.eventName))
+        return false;
+
+      if (event.eventName !== eventName)
+        return false;
+
+      Event.extend(event, element);
+      handler.call(element, event);
+    };
+  }
+
+  function createMouseEnterLeaveResponder(uid, eventName, handler) {
+    return function(event) {
+      var element = Event.cache[uid].element;
+
+      Event.extend(event, element);
+      var parent = event.relatedTarget;
+
+      while (parent && parent !== element) {
+        try { parent = parent.parentNode; }
+        catch(e) { parent = element; }
+      }
+
+      if (parent === element) return;
+      handler.call(element, event);
+    }
+  }
+
+  GLOBAL.Event._createResponder = createResponder;
+  docEl = null;
+})(this);
+
+(function(GLOBAL) {
   /* Support for the DOMContentLoaded event is based on work by Dan Webb,
      Matthias Miller, Dean Edwards, John Resig, and Diego Perini. */
 
-  var timer;
+  var TIMER;
 
   function fireContentLoadedEvent() {
     if (document.loaded) return;
-    if (timer) window.clearTimeout(timer);
+    if (TIMER) window.clearTimeout(TIMER);
     document.loaded = true;
     document.fire('dom:loaded');
   }
 
   function checkReadyState() {
     if (document.readyState === 'complete') {
-      document.stopObserving('readystatechange', checkReadyState);
+      document.detachEvent('onreadystatechange', checkReadyState);
       fireContentLoadedEvent();
     }
   }
 
   function pollDoScroll() {
-    try { document.documentElement.doScroll('left'); }
-    catch(e) {
-      timer = pollDoScroll.defer();
+    try {
+      document.documentElement.doScroll('left');
+    } catch (e) {
+      TIMER = pollDoScroll.defer();
       return;
     }
+
+    fireContentLoadedEvent();
+  }
+
+
+  if (document.readyState === 'complete') {
     fireContentLoadedEvent();
+    return;
   }
 
   if (document.addEventListener) {
     document.addEventListener('DOMContentLoaded', fireContentLoadedEvent, false);
   } else {
-    document.observe('readystatechange', checkReadyState);
-    if (window == top)
-      timer = pollDoScroll.defer();
+    document.attachEvent('onreadystatechange', checkReadyState);
+    if (window == top) TIMER = pollDoScroll.defer();
   }
 
   Event.observe(window, 'load', fireContentLoadedEvent);
-})();
+})(this);
 
-Element.addMethods();
 
+Element.addMethods();
 /*------------------------------- DEPRECATED -------------------------------*/
 
 Hash.toQueryString = Object.toQueryString;
 
 var Toggle = { display: Element.toggle };
 
-Element.Methods.childOf = Element.Methods.descendantOf;
+Element.addMethods({
+  childOf: Element.Methods.descendantOf
+});
 
 var Insertion = {
   Before: function(element, content) {
@@ -6055,10 +7503,10 @@ Element.ClassNames.prototype = {
     this.element = $(element);
   },
 
-  _each: function(iterator) {
+  _each: function(iterator, context) {
     this.element.className.split(/\s+/).select(function(name) {
       return name.length > 0;
-    })._each(iterator);
+    })._each(iterator, context);
   },
 
   set: function(className) {
-- 
GitLab


From ac05680bb6eba6efc8a825ba59fda6fbad753d22 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Fri, 2 Feb 2018 09:56:55 -0500
Subject: [PATCH 067/863] Introduced ACL.lambda convenience method (#3260)

* Introduced ACL.lambda convenience method.

* Javadoc
---
 core/src/main/java/hudson/model/User.java        | 10 +++-------
 core/src/main/java/hudson/security/ACL.java      | 16 ++++++++++++++++
 .../hudson/security/AuthorizationStrategy.java   | 14 +++-----------
 .../test/java/hudson/model/TaskActionTest.java   |  6 +-----
 4 files changed, 23 insertions(+), 23 deletions(-)

diff --git a/core/src/main/java/hudson/model/User.java b/core/src/main/java/hudson/model/User.java
index 7f132023b7..148526ca1d 100644
--- a/core/src/main/java/hudson/model/User.java
+++ b/core/src/main/java/hudson/model/User.java
@@ -977,14 +977,10 @@ public class User extends AbstractModelObject implements AccessControlled, Descr
     }
 
     public ACL getACL() {
-        final ACL base = Jenkins.getInstance().getAuthorizationStrategy().getACL(this);
+        ACL base = Jenkins.getInstance().getAuthorizationStrategy().getACL(this);
         // always allow a non-anonymous user full control of himself.
-        return new ACL() {
-            public boolean hasPermission(Authentication a, Permission permission) {
-                return (idStrategy().equals(a.getName(), id) && !(a instanceof AnonymousAuthenticationToken))
-                        || base.hasPermission(a, permission);
-            }
-        };
+        return ACL.lambda((a, permission) -> (idStrategy().equals(a.getName(), id) && !(a instanceof AnonymousAuthenticationToken))
+                        || base.hasPermission(a, permission));
     }
 
     /**
diff --git a/core/src/main/java/hudson/security/ACL.java b/core/src/main/java/hudson/security/ACL.java
index 41f8b5a9bc..95b3f8fc46 100644
--- a/core/src/main/java/hudson/security/ACL.java
+++ b/core/src/main/java/hudson/security/ACL.java
@@ -34,6 +34,7 @@ import hudson.model.Item;
 import hudson.remoting.Callable;
 import hudson.model.ItemGroup;
 import hudson.model.TopLevelItemDescriptor;
+import java.util.function.BiFunction;
 import jenkins.security.NonSerializableSecurityContext;
 import jenkins.model.Jenkins;
 import jenkins.security.NotReallyRoleSensitiveCallable;
@@ -95,6 +96,21 @@ public abstract class ACL {
      */
     public abstract boolean hasPermission(@Nonnull Authentication a, @Nonnull Permission permission);
 
+    /**
+     * Creates a simple {@link ACL} implementation based on a “single-abstract-method” easily implemented via lambda syntax.
+     * @param impl the implementation of {@link ACL#hasPermission(Authentication, Permission)}
+     * @return an adapter to that lambda
+     * @since FIXME
+     */
+    public static ACL lambda(final BiFunction<Authentication, Permission, Boolean> impl) {
+        return new ACL() {
+            @Override
+            public boolean hasPermission(Authentication a, Permission permission) {
+                return impl.apply(a, permission);
+            }
+        };
+    }
+
     /**
      * Checks if the current security principal has the permission to create top level items within the specified
      * item group.
diff --git a/core/src/main/java/hudson/security/AuthorizationStrategy.java b/core/src/main/java/hudson/security/AuthorizationStrategy.java
index a875908f21..a273e984b2 100644
--- a/core/src/main/java/hudson/security/AuthorizationStrategy.java
+++ b/core/src/main/java/hudson/security/AuthorizationStrategy.java
@@ -95,9 +95,7 @@ public abstract class AuthorizationStrategy extends AbstractDescribableImpl<Auth
      * @since 1.220
      */
     public @Nonnull ACL getACL(final @Nonnull View item) {
-        return new ACL() {
-            @Override
-            public boolean hasPermission(Authentication a, Permission permission) {
+        return ACL.lambda((a, permission) -> {
                 ACL base = item.getOwner().getACL();
 
                 boolean hasPermission = base.hasPermission(a, permission);
@@ -106,8 +104,7 @@ public abstract class AuthorizationStrategy extends AbstractDescribableImpl<Auth
                 }
 
                 return hasPermission;
-            }
-        };
+        });
     }
     
     /**
@@ -225,12 +222,7 @@ public abstract class AuthorizationStrategy extends AbstractDescribableImpl<Auth
             return Collections.emptySet();
         }
 
-        private static final ACL UNSECURED_ACL = new ACL() {
-            @Override
-            public boolean hasPermission(Authentication a, Permission permission) {
-                return true;
-            }
-        };
+        private static final ACL UNSECURED_ACL = ACL.lambda((a, p) -> true);
 
         @Extension @Symbol("unsecured")
         public static final class DescriptorImpl extends Descriptor<AuthorizationStrategy> {
diff --git a/core/src/test/java/hudson/model/TaskActionTest.java b/core/src/test/java/hudson/model/TaskActionTest.java
index ec31498e07..bfcf679cad 100644
--- a/core/src/test/java/hudson/model/TaskActionTest.java
+++ b/core/src/test/java/hudson/model/TaskActionTest.java
@@ -45,11 +45,7 @@ public class TaskActionTest {
         }
 
         protected ACL getACL() {
-            return new ACL() {
-                public boolean hasPermission(Authentication a, Permission permission) {
-                     return true;
-                }
-            };
+            return ACL.lambda((a, p) -> true);
         }
     }
 
-- 
GitLab


From 6cefcf17a8d92b43b738ec6cd5a2cf298cc1156e Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <bmathus@gmail.com>
Date: Fri, 2 Feb 2018 16:17:55 +0100
Subject: [PATCH 068/863] [JENKINS-48407] Re-enable
 AtomicFileWriterTest#checkPermissionsRespectUmask() (#3275)

* [JENKINS-48407] Re-enable test

The previous test assumed permissions would always be the same,
when they actually depend on umask settings.

This change creates a file *not* using the temporary API, gets its
permissions then compares it to the ones obtained using
AtomicFileWriter.

Note: we now only check the given permissions, not the "non-given".

* Use assertThat(..., equalTo()) instead of a manual loop

* Remove unused imports

* Use TemporaryFolder instead of manual temporary dir creation
---
 .../hudson/util/AtomicFileWriterTest.java     | 84 +++++++++----------
 1 file changed, 38 insertions(+), 46 deletions(-)

diff --git a/core/src/test/java/hudson/util/AtomicFileWriterTest.java b/core/src/test/java/hudson/util/AtomicFileWriterTest.java
index 949964eb64..5280c35646 100644
--- a/core/src/test/java/hudson/util/AtomicFileWriterTest.java
+++ b/core/src/test/java/hudson/util/AtomicFileWriterTest.java
@@ -1,14 +1,15 @@
 package hudson.util;
 
 import org.apache.commons.io.FileUtils;
-import org.hamcrest.core.StringContains;
 import org.junit.Before;
-import org.junit.Ignore;
+import org.junit.BeforeClass;
+import org.junit.ClassRule;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.TemporaryFolder;
 import org.jvnet.hudson.test.Issue;
 
+import javax.annotation.Nullable;
 import java.io.File;
 import java.io.IOException;
 import java.nio.charset.Charset;
@@ -17,20 +18,11 @@ import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.nio.file.attribute.PosixFilePermission;
-import java.util.EnumSet;
 import java.util.Set;
 
-import static org.hamcrest.core.StringContains.*;
-import static java.nio.file.attribute.PosixFilePermission.GROUP_EXECUTE;
-import static java.nio.file.attribute.PosixFilePermission.GROUP_READ;
-import static java.nio.file.attribute.PosixFilePermission.GROUP_WRITE;
-import static java.nio.file.attribute.PosixFilePermission.OTHERS_EXECUTE;
-import static java.nio.file.attribute.PosixFilePermission.OTHERS_READ;
-import static java.nio.file.attribute.PosixFilePermission.OTHERS_WRITE;
-import static java.nio.file.attribute.PosixFilePermission.OWNER_EXECUTE;
-import static java.nio.file.attribute.PosixFilePermission.OWNER_READ;
-import static java.nio.file.attribute.PosixFilePermission.OWNER_WRITE;
+import static org.hamcrest.CoreMatchers.equalTo;
 import static org.hamcrest.core.Is.is;
+import static org.hamcrest.core.StringContains.containsString;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertThat;
@@ -40,12 +32,40 @@ import static org.junit.Assume.assumeThat;
 
 public class AtomicFileWriterTest {
     private static final String PREVIOUS = "previous value \n blah";
-    @Rule
-    public TemporaryFolder tmp = new TemporaryFolder();
+    /**
+     * Provides access to the default permissions given to a new file. (i.e. indirect way to get umask settings).
+     * <p><strong>BEWARE: null on non posix systems</strong></p>
+     */
+    @Nullable
+    private static Set<PosixFilePermission> DEFAULT_GIVEN_PERMISSIONS;
+    @ClassRule
+    public static TemporaryFolder tmp = new TemporaryFolder();
     File af;
     AtomicFileWriter afw;
     String expectedContent = "hello world";
 
+    @BeforeClass
+    public static void computePermissions() throws IOException {
+        final File tempDir = tmp.newFolder();
+        final File newFile = new File(tempDir, "blah");
+        assertThat(newFile.createNewFile(), is(true));
+        if (!isPosixSupported(newFile)) {
+            return;
+        }
+        DEFAULT_GIVEN_PERMISSIONS = Files.getPosixFilePermissions(newFile.toPath());
+    }
+
+    private static boolean isPosixSupported(File newFile) throws IOException {
+        // Check Posix calls are supported (to avoid running this test on Windows for instance)
+        boolean posixSupported = true;
+        try {
+            Files.getPosixFilePermissions(newFile.toPath());
+        } catch (UnsupportedOperationException e) {
+            posixSupported = false;
+        }
+        return posixSupported;
+    }
+
     @Before
     public void setUp() throws IOException {
         af = tmp.newFile();
@@ -142,36 +162,16 @@ public class AtomicFileWriterTest {
         }
     }
 
-    @Ignore // Need to fix the testing done here, since it assumes umask=002, which is wrong... Including on Kohsuke's release envt :-\.
     @Issue("JENKINS-48407")
     @Test
-    public void checkPermissions() throws IOException, InterruptedException {
+    public void checkPermissionsRespectUmask() throws IOException, InterruptedException {
 
         final File newFile = tmp.newFile();
+        boolean posixSupported = isPosixSupported(newFile);
 
-        // Check Posix calls are supported (to avoid running this test on Windows for instance)
-        boolean posixSupported = true;
-        try {
-            Files.getPosixFilePermissions(newFile.toPath());
-        } catch (UnsupportedOperationException e) {
-            posixSupported = false;
-        }
         assumeThat(posixSupported, is(true));
 
         // given
-        final Set<PosixFilePermission> givenPermissions = EnumSet.of(OWNER_READ,
-                                                                     OWNER_WRITE,
-                                                                     GROUP_READ,
-                                                                     GROUP_WRITE,
-                                                                     OTHERS_READ
-        );
-
-        final Set<PosixFilePermission> notGivenPermissions = EnumSet.of(OWNER_EXECUTE,
-                                                                        GROUP_EXECUTE,
-                                                                        OTHERS_WRITE,
-                                                                        OTHERS_EXECUTE);
-
-        Files.setPosixFilePermissions(newFile.toPath(), givenPermissions);
         Path filePath = newFile.toPath();
 
         // when
@@ -183,14 +183,6 @@ public class AtomicFileWriterTest {
         assertFalse(w.getTemporaryPath().toFile().exists());
         assertTrue(filePath.toFile().exists());
 
-        final Set<PosixFilePermission> posixFilePermissions = Files.getPosixFilePermissions(filePath);
-
-        for (PosixFilePermission perm : givenPermissions) {
-            assertTrue("missing: " + perm, posixFilePermissions.contains(perm));
-        }
-
-        for (PosixFilePermission perm : notGivenPermissions) {
-            assertFalse("should not be allowed: " + perm, posixFilePermissions.contains(perm));
-        }
+        assertThat(Files.getPosixFilePermissions(filePath), equalTo(DEFAULT_GIVEN_PERMISSIONS));
     }
 }
-- 
GitLab


From 2a6fc653ee7b13adde18515b21f7e6dc1200fa8a Mon Sep 17 00:00:00 2001
From: Sam Van Oort <samvanoort@gmail.com>
Date: Sat, 3 Feb 2018 07:22:53 -0500
Subject: [PATCH 069/863] Fix [JENKINS-49206] by ensuring Timer threads get
 standard classloader (#3272)

* Fix [JENKINS-49206] by ensuring Timer threads get standard classloader

* Refactor to better fit in with existing ThreadFactor utils

* Fix javadocs
---
 .../util/ClassLoaderSanityThreadFactory.java  | 26 +++++++++
 core/src/main/java/jenkins/util/Timer.java    |  6 ++-
 .../src/test/java/jenkins/util/TimerTest.java | 54 +++++++++++++++++++
 3 files changed, 84 insertions(+), 2 deletions(-)
 create mode 100644 core/src/main/java/hudson/util/ClassLoaderSanityThreadFactory.java

diff --git a/core/src/main/java/hudson/util/ClassLoaderSanityThreadFactory.java b/core/src/main/java/hudson/util/ClassLoaderSanityThreadFactory.java
new file mode 100644
index 0000000000..041c2061df
--- /dev/null
+++ b/core/src/main/java/hudson/util/ClassLoaderSanityThreadFactory.java
@@ -0,0 +1,26 @@
+package hudson.util;
+
+import java.util.concurrent.ThreadFactory;
+import java.util.concurrent.TimeUnit;
+
+/**
+ *  Explicitly sets the {@link Thread#contextClassLoader} for threads it creates to its own classloader.
+ *  This avoids issues where threads are lazily created (ex by invoking {@link java.util.concurrent.ScheduledExecutorService#schedule(Runnable, long, TimeUnit)})
+ *   in a context where they would receive a customized {@link Thread#contextClassLoader} that was never meant to be used.
+ *
+ *  Commonly this is a problem for Groovy use, where this may result in memory leaks.
+ *  @see <a href="https://issues.jenkins-ci.org/browse/JENKINS-49206">JENKINS-49206</a>
+ */
+public class ClassLoaderSanityThreadFactory implements ThreadFactory {
+    private final ThreadFactory delegate;
+
+    public ClassLoaderSanityThreadFactory(ThreadFactory delegate) {
+        this.delegate = delegate;
+    }
+
+    @Override public Thread newThread(Runnable r) {
+        Thread t = delegate.newThread(r);
+        t.setContextClassLoader(ClassLoaderSanityThreadFactory.class.getClassLoader());
+        return t;
+    }
+}
diff --git a/core/src/main/java/jenkins/util/Timer.java b/core/src/main/java/jenkins/util/Timer.java
index b452efa062..65acffe4f7 100644
--- a/core/src/main/java/jenkins/util/Timer.java
+++ b/core/src/main/java/jenkins/util/Timer.java
@@ -1,6 +1,7 @@
 package jenkins.util;
 
 import hudson.security.ACL;
+import hudson.util.ClassLoaderSanityThreadFactory;
 import hudson.util.DaemonThreadFactory;
 import hudson.util.NamingThreadFactory;
 import javax.annotation.Nonnull;
@@ -29,7 +30,8 @@ public class Timer {
      * The scheduled executor thread pool. This is initialized lazily since it may be created/shutdown many times
      * when running the test suite.
      */
-    private static ScheduledExecutorService executorService;
+    static ScheduledExecutorService executorService;
+
 
     /**
      * Returns the scheduled executor service used by all timed tasks in Jenkins.
@@ -42,7 +44,7 @@ public class Timer {
             // corePoolSize is set to 10, but will only be created if needed.
             // ScheduledThreadPoolExecutor "acts as a fixed-sized pool using corePoolSize threads"
             // TODO consider also wrapping in ContextResettingExecutorService
-            executorService = new ImpersonatingScheduledExecutorService(new ErrorLoggingScheduledThreadPoolExecutor(10, new NamingThreadFactory(new DaemonThreadFactory(), "jenkins.util.Timer")), ACL.SYSTEM);
+             executorService = new ImpersonatingScheduledExecutorService(new ErrorLoggingScheduledThreadPoolExecutor(10, new NamingThreadFactory(new ClassLoaderSanityThreadFactory(new DaemonThreadFactory()), "jenkins.util.Timer")), ACL.SYSTEM);
         }
         return executorService;
     }
diff --git a/core/src/test/java/jenkins/util/TimerTest.java b/core/src/test/java/jenkins/util/TimerTest.java
index cbe40de66d..507c117739 100644
--- a/core/src/test/java/jenkins/util/TimerTest.java
+++ b/core/src/test/java/jenkins/util/TimerTest.java
@@ -1,12 +1,18 @@
 package jenkins.util;
 
+import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.fail;
 
+import groovy.lang.GroovyClassLoader;
 import hudson.triggers.SafeTimerTask;
+import org.junit.Assert;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
 
+import java.net.URLClassLoader;
 import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.ScheduledExecutorService;
+import java.util.concurrent.ScheduledFuture;
 import java.util.concurrent.TimeUnit;
 
 public class TimerTest {
@@ -44,4 +50,52 @@ public class TimerTest {
         }
 
     }
+
+    /**
+     * Launch two tasks which can only complete
+     * by running doRun() concurrently.
+     */
+    @Test
+    @Issue("JENKINS-49206")
+    public void timerBogusClassloader() throws Exception {
+        final int threadCount = 10;  // Twice Timer pool size to ensure we end up creating at least one new thread
+        final CountDownLatch startLatch = new CountDownLatch(threadCount);
+
+        final ClassLoader[] contextClassloaders = new ClassLoader[threadCount];
+        ScheduledFuture[] futures = new ScheduledFuture[threadCount];
+        final ClassLoader bogusClassloader = new GroovyClassLoader();
+
+        Runnable timerTest = new Runnable() {
+            @Override
+            public void run() {
+                ClassLoader cl = Thread.currentThread().getContextClassLoader();
+                Thread.currentThread().setContextClassLoader(bogusClassloader);
+                ScheduledExecutorService exec = Timer.get();
+                for (int i=0; i<threadCount; i++) {
+                    final int j = i;
+                    futures[j] = exec.schedule(new Runnable() {
+                        @Override
+                        public void run() {
+                            try {
+                                startLatch.countDown();
+                                contextClassloaders[j] = Thread.currentThread().getContextClassLoader();
+                            } catch (Exception ex) {
+                                throw  new RuntimeException(ex);
+                            }
+                        }
+                    }, 0, TimeUnit.SECONDS);
+                }
+                Thread.currentThread().setContextClassLoader(cl);
+            }
+        };
+
+        Thread t = new Thread(timerTest);
+        t.run();
+        t.join(1000L);
+
+        for (int i=0; i<threadCount; i++) {
+            futures[i].get();
+            Assert.assertEquals(Timer.class.getClassLoader(), contextClassloaders[i]);
+        }
+    }
 }
-- 
GitLab


From a5aa65fae411b14fc06b6a7a7b14c173bf3e72ce Mon Sep 17 00:00:00 2001
From: Ulli Hafner <ullrich.hafner@gmail.com>
Date: Sat, 3 Feb 2018 20:14:08 +0100
Subject: [PATCH 070/863] Reverted to plain vanilla 1.7.

---
 war/src/main/webapp/scripts/prototype.js | 5688 ++++++++--------------
 1 file changed, 2091 insertions(+), 3597 deletions(-)

diff --git a/war/src/main/webapp/scripts/prototype.js b/war/src/main/webapp/scripts/prototype.js
index cc89dafcd6..474b2231bb 100644
--- a/war/src/main/webapp/scripts/prototype.js
+++ b/war/src/main/webapp/scripts/prototype.js
@@ -1,4 +1,4 @@
-/*  Prototype JavaScript framework, version 1.7.3
+/*  Prototype JavaScript framework, version 1.7
  *  (c) 2005-2010 Sam Stephenson
  *
  *  Prototype is freely distributable under the terms of an MIT-style license.
@@ -8,7 +8,7 @@
 
 var Prototype = {
 
-  Version: '1.7.3',
+  Version: '1.7',
 
   Browser: (function(){
     var ua = navigator.userAgent;
@@ -49,7 +49,7 @@ var Prototype = {
     })()
   },
 
-  ScriptFragment: '<script[^>]*>([\\S\\s]*?)<\/script\\s*>',
+  ScriptFragment: '<script[^>]*>([\\S\\s]*?)<\/script>',
   JSONFilter: /^\/\*-secure-([\s\S]*)\*\/\s*$/,
 
   emptyFunction: function() { },
@@ -59,6 +59,27 @@ var Prototype = {
 
 if (Prototype.Browser.MobileSafari)
   Prototype.BrowserFeatures.SpecificElementExtensions = false;
+
+
+var Abstract = { };
+
+
+var Try = {
+  these: function() {
+    var returnValue;
+
+    for (var i = 0, length = arguments.length; i < length; i++) {
+      var lambda = arguments[i];
+      try {
+        returnValue = lambda();
+        break;
+      } catch (e) { }
+    }
+
+    return returnValue;
+  }
+};
+
 /* Based on Alex Arnell's inheritance implementation. */
 
 var Class = (function() {
@@ -120,13 +141,8 @@ var Class = (function() {
           return function() { return ancestor[m].apply(this, arguments); };
         })(property).wrap(method);
 
-        value.valueOf = (function(method) {
-          return function() { return method.valueOf.call(method); };
-        })(method);
-
-        value.toString = (function(method) {
-          return function() { return method.toString.call(method); };
-        })(method);
+        value.valueOf = method.valueOf.bind(method);
+        value.toString = method.toString.bind(method);
       }
       this.prototype[property] = value;
     }
@@ -144,7 +160,6 @@ var Class = (function() {
 (function() {
 
   var _toString = Object.prototype.toString,
-      _hasOwnProperty = Object.prototype.hasOwnProperty,
       NULL_TYPE = 'Null',
       UNDEFINED_TYPE = 'Undefined',
       BOOLEAN_TYPE = 'Boolean',
@@ -162,18 +177,6 @@ var Class = (function() {
         JSON.stringify(0) === '0' &&
         typeof JSON.stringify(Prototype.K) === 'undefined';
 
-
-
-  var DONT_ENUMS = ['toString', 'toLocaleString', 'valueOf',
-   'hasOwnProperty', 'isPrototypeOf', 'propertyIsEnumerable', 'constructor'];
-
-  var IS_DONTENUM_BUGGY = (function(){
-    for (var p in { toString: 1 }) {
-      if (p === 'toString') return false;
-    }
-    return true;
-  })();
-
   function Type(o) {
     switch(o) {
       case null: return NULL_TYPE;
@@ -210,7 +213,9 @@ var Class = (function() {
   }
 
   function Str(key, holder, stack) {
-    var value = holder[key];
+    var value = holder[key],
+        type = typeof value;
+
     if (Type(value) === OBJECT_TYPE && typeof value.toJSON === 'function') {
       value = value.toJSON(key);
     }
@@ -230,7 +235,7 @@ var Class = (function() {
       case false: return 'false';
     }
 
-    var type = typeof value;
+    type = typeof value;
     switch (type) {
       case 'string':
         return value.inspect(true);
@@ -239,9 +244,7 @@ var Class = (function() {
       case 'object':
 
         for (var i = 0, length = stack.length; i < length; i++) {
-          if (stack[i] === value) {
-            throw new TypeError("Cyclic reference to '" + value + "' in object");
-          }
+          if (stack[i] === value) { throw new TypeError(); }
         }
         stack.push(value);
 
@@ -283,17 +286,10 @@ var Class = (function() {
     if (Type(object) !== OBJECT_TYPE) { throw new TypeError(); }
     var results = [];
     for (var property in object) {
-      if (_hasOwnProperty.call(object, property))
+      if (object.hasOwnProperty(property)) {
         results.push(property);
-    }
-
-    if (IS_DONTENUM_BUGGY) {
-      for (var i = 0; property = DONT_ENUMS[i]; i++) {
-        if (_hasOwnProperty.call(object, property))
-          results.push(property);
       }
     }
-
     return results;
   }
 
@@ -387,27 +383,13 @@ Object.extend(Function.prototype, (function() {
     return names.length == 1 && !names[0] ? [] : names;
   }
 
-
   function bind(context) {
-    if (arguments.length < 2 && Object.isUndefined(arguments[0]))
-      return this;
-
-    if (!Object.isFunction(this))
-      throw new TypeError("The object is not callable.");
-
-    var nop = function() {};
+    if (arguments.length < 2 && Object.isUndefined(arguments[0])) return this;
     var __method = this, args = slice.call(arguments, 1);
-
-    var bound = function() {
+    return function() {
       var a = merge(args, arguments);
-      var c = this instanceof bound ? this : context;
-      return __method.apply(c, a);
-    };
-
-    nop.prototype   = this.prototype;
-    bound.prototype = new nop();
-
-    return bound;
+      return __method.apply(context, a);
+    }
   }
 
   function bindAsEventListener(context) {
@@ -457,20 +439,16 @@ Object.extend(Function.prototype, (function() {
     };
   }
 
-  var extensions = {
+  return {
     argumentNames:       argumentNames,
+    bind:                bind,
     bindAsEventListener: bindAsEventListener,
     curry:               curry,
     delay:               delay,
     defer:               defer,
     wrap:                wrap,
     methodize:           methodize
-  };
-
-  if (!Function.prototype.bind)
-    extensions.bind = bind;
-
-  return extensions;
+  }
 })());
 
 
@@ -564,11 +542,6 @@ Object.extend(String.prototype, (function() {
     return function(match) { return template.evaluate(match) };
   }
 
-  function isNonEmptyRegExp(regexp) {
-    return regexp.source && regexp.source !== '(?:)';
-  }
-
-
   function gsub(pattern, replacement) {
     var result = '', source = this, match;
     replacement = prepareReplacement(replacement);
@@ -576,14 +549,13 @@ Object.extend(String.prototype, (function() {
     if (Object.isString(pattern))
       pattern = RegExp.escape(pattern);
 
-    if (!(pattern.length || isNonEmptyRegExp(pattern))) {
+    if (!(pattern.length || pattern.source)) {
       replacement = replacement('');
       return replacement + source.split('').join(replacement) + replacement;
     }
 
     while (source.length > 0) {
-      match = source.match(pattern)
-      if (match && match[0].length > 0) {
+      if (match = source.match(pattern)) {
         result += source.slice(0, match.index);
         result += String.interpret(replacement(match));
         source  = source.slice(match.index + match[0].length);
@@ -621,7 +593,7 @@ Object.extend(String.prototype, (function() {
   }
 
   function stripTags() {
-    return this.replace(/<\w+(\s+("[^"]*"|'[^']*'|[^>])+)?(\/)?>|<\/\w+>/gi, '');
+    return this.replace(/<\w+(\s+("[^"]*"|'[^']*'|[^>])+)?>|<\/\w+>/gi, '');
   }
 
   function stripScripts() {
@@ -637,7 +609,7 @@ Object.extend(String.prototype, (function() {
   }
 
   function evalScripts() {
-    return this.extractScripts().map(function(script) { return eval(script); });
+    return this.extractScripts().map(function(script) { return eval(script) });
   }
 
   function escapeHTML() {
@@ -658,10 +630,7 @@ Object.extend(String.prototype, (function() {
         var key = decodeURIComponent(pair.shift()),
             value = pair.length > 1 ? pair.join('=') : pair[0];
 
-        if (value != undefined) {
-          value = value.gsub('+', ' ');
-          value = decodeURIComponent(value);
-        }
+        if (value != undefined) value = decodeURIComponent(value);
 
         if (key in hash) {
           if (!Object.isArray(hash[key])) hash[key] = [hash[key]];
@@ -734,7 +703,7 @@ Object.extend(String.prototype, (function() {
 
   function evalJSON(sanitize) {
     var json = this.unfilterJSON(),
-        cx = /[\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff\u0000]/g;
+        cx = /[\u0000\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g;
     if (cx.test(json)) {
       json = json.replace(cx, function (a) {
         return '\\u' + ('0000' + a.charCodeAt(0).toString(16)).slice(-4);
@@ -755,17 +724,12 @@ Object.extend(String.prototype, (function() {
     return this.indexOf(pattern) > -1;
   }
 
-  function startsWith(pattern, position) {
-    position = Object.isNumber(position) ? position : 0;
-    return this.lastIndexOf(pattern, position) === position;
+  function startsWith(pattern) {
+    return this.lastIndexOf(pattern, 0) === 0;
   }
 
-  function endsWith(pattern, position) {
-    pattern = String(pattern);
-    position = Object.isNumber(position) ? position : this.length;
-    if (position < 0) position = 0;
-    if (position > this.length) position = this.length;
-    var d = position - pattern.length;
+  function endsWith(pattern) {
+    var d = this.length - pattern.length;
     return d >= 0 && this.indexOf(pattern, d) === d;
   }
 
@@ -807,8 +771,8 @@ Object.extend(String.prototype, (function() {
     isJSON:         isJSON,
     evalJSON:       NATIVE_JSON_PARSE_SUPPORT ? parseJSON : evalJSON,
     include:        include,
-    startsWith:     String.prototype.startsWith || startsWith,
-    endsWith:       String.prototype.endsWith || endsWith,
+    startsWith:     startsWith,
+    endsWith:       endsWith,
     empty:          empty,
     blank:          blank,
     interpolate:    interpolate
@@ -855,8 +819,11 @@ var $break = { };
 
 var Enumerable = (function() {
   function each(iterator, context) {
+    var index = 0;
     try {
-      this._each(iterator, context);
+      this._each(function(value) {
+        iterator.call(context, value, index++);
+      });
     } catch (e) {
       if (e != $break) throw e;
     }
@@ -875,9 +842,9 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var result = true;
     this.each(function(value, index) {
-      result = result && !!iterator.call(context, value, index, this);
+      result = result && !!iterator.call(context, value, index);
       if (!result) throw $break;
-    }, this);
+    });
     return result;
   }
 
@@ -885,9 +852,9 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var result = false;
     this.each(function(value, index) {
-      if (result = !!iterator.call(context, value, index, this))
+      if (result = !!iterator.call(context, value, index))
         throw $break;
-    }, this);
+    });
     return result;
   }
 
@@ -895,28 +862,28 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var results = [];
     this.each(function(value, index) {
-      results.push(iterator.call(context, value, index, this));
-    }, this);
+      results.push(iterator.call(context, value, index));
+    });
     return results;
   }
 
   function detect(iterator, context) {
     var result;
     this.each(function(value, index) {
-      if (iterator.call(context, value, index, this)) {
+      if (iterator.call(context, value, index)) {
         result = value;
         throw $break;
       }
-    }, this);
+    });
     return result;
   }
 
   function findAll(iterator, context) {
     var results = [];
     this.each(function(value, index) {
-      if (iterator.call(context, value, index, this))
+      if (iterator.call(context, value, index))
         results.push(value);
-    }, this);
+    });
     return results;
   }
 
@@ -929,14 +896,14 @@ var Enumerable = (function() {
 
     this.each(function(value, index) {
       if (filter.match(value))
-        results.push(iterator.call(context, value, index, this));
-    }, this);
+        results.push(iterator.call(context, value, index));
+    });
     return results;
   }
 
   function include(object) {
-    if (Object.isFunction(this.indexOf) && this.indexOf(object) != -1)
-      return true;
+    if (Object.isFunction(this.indexOf))
+      if (this.indexOf(object) != -1) return true;
 
     var found = false;
     this.each(function(value) {
@@ -958,8 +925,8 @@ var Enumerable = (function() {
 
   function inject(memo, iterator, context) {
     this.each(function(value, index) {
-      memo = iterator.call(context, memo, value, index, this);
-    }, this);
+      memo = iterator.call(context, memo, value, index);
+    });
     return memo;
   }
 
@@ -974,10 +941,10 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var result;
     this.each(function(value, index) {
-      value = iterator.call(context, value, index, this);
+      value = iterator.call(context, value, index);
       if (result == null || value >= result)
         result = value;
-    }, this);
+    });
     return result;
   }
 
@@ -985,10 +952,10 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var result;
     this.each(function(value, index) {
-      value = iterator.call(context, value, index, this);
+      value = iterator.call(context, value, index);
       if (result == null || value < result)
         result = value;
-    }, this);
+    });
     return result;
   }
 
@@ -996,9 +963,9 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var trues = [], falses = [];
     this.each(function(value, index) {
-      (iterator.call(context, value, index, this) ?
+      (iterator.call(context, value, index) ?
         trues : falses).push(value);
-    }, this);
+    });
     return [trues, falses];
   }
 
@@ -1013,9 +980,9 @@ var Enumerable = (function() {
   function reject(iterator, context) {
     var results = [];
     this.each(function(value, index) {
-      if (!iterator.call(context, value, index, this))
+      if (!iterator.call(context, value, index))
         results.push(value);
-    }, this);
+    });
     return results;
   }
 
@@ -1023,9 +990,9 @@ var Enumerable = (function() {
     return this.map(function(value, index) {
       return {
         value: value,
-        criteria: iterator.call(context, value, index, this)
+        criteria: iterator.call(context, value, index)
       };
-    }, this).sort(function(left, right) {
+    }).sort(function(left, right) {
       var a = left.criteria, b = right.criteria;
       return a < b ? -1 : a > b ? 1 : 0;
     }).pluck('value');
@@ -1175,7 +1142,7 @@ Array.from = $A;
 
   function intersect(array) {
     return this.uniq().findAll(function(item) {
-      return array.indexOf(item) !== -1;
+      return array.detect(function(value) { return item === value });
     });
   }
 
@@ -1193,190 +1160,41 @@ Array.from = $A;
   }
 
   function indexOf(item, i) {
-    if (this == null) throw new TypeError();
-
-    var array = Object(this), length = array.length >>> 0;
-    if (length === 0) return -1;
-
-    i = Number(i);
-    if (isNaN(i)) {
-      i = 0;
-    } else if (i !== 0 && isFinite(i)) {
-      i = (i > 0 ? 1 : -1) * Math.floor(Math.abs(i));
-    }
-
-    if (i > length) return -1;
-
-    var k = i >= 0 ? i : Math.max(length - Math.abs(i), 0);
-    for (; k < length; k++)
-      if (k in array && array[k] === item) return k;
+    i || (i = 0);
+    var length = this.length;
+    if (i < 0) i = length + i;
+    for (; i < length; i++)
+      if (this[i] === item) return i;
     return -1;
   }
 
-
   function lastIndexOf(item, i) {
-    if (this == null) throw new TypeError();
-
-    var array = Object(this), length = array.length >>> 0;
-    if (length === 0) return -1;
-
-    if (!Object.isUndefined(i)) {
-      i = Number(i);
-      if (isNaN(i)) {
-        i = 0;
-      } else if (i !== 0 && isFinite(i)) {
-        i = (i > 0 ? 1 : -1) * Math.floor(Math.abs(i));
-      }
-    } else {
-      i = length;
-    }
-
-    var k = i >= 0 ? Math.min(i, length - 1) :
-     length - Math.abs(i);
-
-    for (; k >= 0; k--)
-      if (k in array && array[k] === item) return k;
-    return -1;
+    i = isNaN(i) ? this.length : (i < 0 ? this.length + i : i) + 1;
+    var n = this.slice(0, i).reverse().indexOf(item);
+    return (n < 0) ? n : i - n - 1;
   }
 
-  function concat(_) {
-    var array = [], items = slice.call(arguments, 0), item, n = 0;
-    items.unshift(this);
-    for (var i = 0, length = items.length; i < length; i++) {
-      item = items[i];
+  function concat() {
+    var array = slice.call(this, 0), item;
+    for (var i = 0, length = arguments.length; i < length; i++) {
+      item = arguments[i];
       if (Object.isArray(item) && !('callee' in item)) {
-        for (var j = 0, arrayLength = item.length; j < arrayLength; j++) {
-          if (j in item) array[n] = item[j];
-          n++;
-        }
+        for (var j = 0, arrayLength = item.length; j < arrayLength; j++)
+          array.push(item[j]);
       } else {
-        array[n++] = item;
+        array.push(item);
       }
     }
-    array.length = n;
     return array;
   }
 
-
-  function wrapNative(method) {
-    return function() {
-      if (arguments.length === 0) {
-        return method.call(this, Prototype.K);
-      } else if (arguments[0] === undefined) {
-        var args = slice.call(arguments, 1);
-        args.unshift(Prototype.K);
-        return method.apply(this, args);
-      } else {
-        return method.apply(this, arguments);
-      }
-    };
-  }
-
-
-  function map(iterator) {
-    if (this == null) throw new TypeError();
-    iterator = iterator || Prototype.K;
-
-    var object = Object(this);
-    var results = [], context = arguments[1], n = 0;
-
-    for (var i = 0, length = object.length >>> 0; i < length; i++) {
-      if (i in object) {
-        results[n] = iterator.call(context, object[i], i, object);
-      }
-      n++;
-    }
-    results.length = n;
-    return results;
-  }
-
-  if (arrayProto.map) {
-    map = wrapNative(Array.prototype.map);
-  }
-
-  function filter(iterator) {
-    if (this == null || !Object.isFunction(iterator))
-      throw new TypeError();
-
-    var object = Object(this);
-    var results = [], context = arguments[1], value;
-
-    for (var i = 0, length = object.length >>> 0; i < length; i++) {
-      if (i in object) {
-        value = object[i];
-        if (iterator.call(context, value, i, object)) {
-          results.push(value);
-        }
-      }
-    }
-    return results;
-  }
-
-  if (arrayProto.filter) {
-    filter = Array.prototype.filter;
-  }
-
-  function some(iterator) {
-    if (this == null) throw new TypeError();
-    iterator = iterator || Prototype.K;
-    var context = arguments[1];
-
-    var object = Object(this);
-    for (var i = 0, length = object.length >>> 0; i < length; i++) {
-      if (i in object && iterator.call(context, object[i], i, object)) {
-        return true;
-      }
-    }
-
-    return false;
-  }
-
-  if (arrayProto.some) {
-    some = wrapNative(Array.prototype.some);
-  }
-
-  function every(iterator) {
-    if (this == null) throw new TypeError();
-    iterator = iterator || Prototype.K;
-    var context = arguments[1];
-
-    var object = Object(this);
-    for (var i = 0, length = object.length >>> 0; i < length; i++) {
-      if (i in object && !iterator.call(context, object[i], i, object)) {
-        return false;
-      }
-    }
-
-    return true;
-  }
-
-  if (arrayProto.every) {
-    every = wrapNative(Array.prototype.every);
-  }
-
-
   Object.extend(arrayProto, Enumerable);
 
-  if (arrayProto.entries === Enumerable.entries) {
-    delete arrayProto.entries;
-  }
-
   if (!arrayProto._reverse)
     arrayProto._reverse = arrayProto.reverse;
 
   Object.extend(arrayProto, {
     _each:     _each,
-
-    map:       map,
-    collect:   map,
-    select:    filter,
-    filter:    filter,
-    findAll:   filter,
-    some:      some,
-    any:       some,
-    every:     every,
-    all:       every,
-
     clear:     clear,
     first:     first,
     last:      last,
@@ -1394,7 +1212,7 @@ Array.from = $A;
 
   var CONCAT_ARGUMENTS_BUGGY = (function() {
     return [].concat(arguments)[0][0] !== 1;
-  })(1,2);
+  })(1,2)
 
   if (CONCAT_ARGUMENTS_BUGGY) arrayProto.concat = concat;
 
@@ -1411,14 +1229,12 @@ var Hash = Class.create(Enumerable, (function() {
   }
 
 
-  function _each(iterator, context) {
-    var i = 0;
+  function _each(iterator) {
     for (var key in this._object) {
       var value = this._object[key], pair = [key, value];
       pair.key = key;
       pair.value = value;
-      iterator.call(context, pair, i);
-      i++;
+      iterator(pair);
     }
   }
 
@@ -1471,13 +1287,7 @@ var Hash = Class.create(Enumerable, (function() {
 
   function toQueryPair(key, value) {
     if (Object.isUndefined(value)) return key;
-
-    value = String.interpret(value);
-
-    value = value.gsub(/(\r)?\n/, '\r\n');
-    value = encodeURIComponent(value);
-    value = value.gsub(/%20/, '+');
-    return key + '=' + value;
+    return key + '=' + encodeURIComponent(String.interpret(value));
   }
 
   function toQueryString() {
@@ -1587,10 +1397,10 @@ var ObjectRange = Class.create(Enumerable, (function() {
     this.exclusive = exclusive;
   }
 
-  function _each(iterator, context) {
-    var value = this.start, i;
-    for (i = 0; this.include(value); i++) {
-      iterator.call(context, value, i);
+  function _each(iterator) {
+    var value = this.start;
+    while (this.include(value)) {
+      iterator(value);
       value = value.succ();
     }
   }
@@ -1612,25 +1422,6 @@ var ObjectRange = Class.create(Enumerable, (function() {
 
 
 
-var Abstract = { };
-
-
-var Try = {
-  these: function() {
-    var returnValue;
-
-    for (var i = 0, length = arguments.length; i < length; i++) {
-      var lambda = arguments[i];
-      try {
-        returnValue = lambda();
-        break;
-      } catch (e) { }
-    }
-
-    return returnValue;
-  }
-};
-
 var Ajax = {
   getTransport: function() {
     return Try.these(
@@ -1646,8 +1437,8 @@ var Ajax = {
 Ajax.Responders = {
   responders: [],
 
-  _each: function(iterator, context) {
-    this.responders._each(iterator, context);
+  _each: function(iterator) {
+    this.responders._each(iterator);
   },
 
   register: function(responder) {
@@ -1785,8 +1576,7 @@ Ajax.Request = Class.create(Ajax.Base, {
     }
 
     for (var name in headers)
-      if (headers[name] != null)
-        this.transport.setRequestHeader(name, headers[name]);
+      this.transport.setRequestHeader(name, headers[name]);
   },
 
   success: function() {
@@ -1923,12 +1713,7 @@ Ajax.Response = Class.create({
   _getHeaderJSON: function() {
     var json = this.getHeader('X-JSON');
     if (!json) return null;
-
-    try {
-      json = decodeURIComponent(escape(json));
-    } catch(e) {
-    }
-
+    json = decodeURIComponent(escape(json));
     try {
       return json.evalJSON(this.request.options.sanitizeJSON ||
         !this.request.isSameOrigin());
@@ -2029,51 +1814,54 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
   }
 });
 
-(function(GLOBAL) {
-
-  var UNDEFINED;
-  var SLICE = Array.prototype.slice;
-
-  var DIV = document.createElement('div');
 
-
-  function $(element) {
-    if (arguments.length > 1) {
-      for (var i = 0, elements = [], length = arguments.length; i < length; i++)
-        elements.push($(arguments[i]));
-      return elements;
-    }
-
-    if (Object.isString(element))
-      element = document.getElementById(element);
-    return Element.extend(element);
+function $(element) {
+  if (arguments.length > 1) {
+    for (var i = 0, elements = [], length = arguments.length; i < length; i++)
+      elements.push($(arguments[i]));
+    return elements;
   }
+  if (Object.isString(element))
+    element = document.getElementById(element);
+  return Element.extend(element);
+}
 
-  GLOBAL.$ = $;
+if (Prototype.BrowserFeatures.XPath) {
+  document._getElementsByXPath = function(expression, parentElement) {
+    var results = [];
+    var query = document.evaluate(expression, $(parentElement) || document,
+      null, XPathResult.ORDERED_NODE_SNAPSHOT_TYPE, null);
+    for (var i = 0, length = query.snapshotLength; i < length; i++)
+      results.push(Element.extend(query.snapshotItem(i)));
+    return results;
+  };
+}
 
+/*--------------------------------------------------------------------------*/
 
-  if (!GLOBAL.Node) GLOBAL.Node = {};
+if (!Node) var Node = { };
+
+if (!Node.ELEMENT_NODE) {
+  Object.extend(Node, {
+    ELEMENT_NODE: 1,
+    ATTRIBUTE_NODE: 2,
+    TEXT_NODE: 3,
+    CDATA_SECTION_NODE: 4,
+    ENTITY_REFERENCE_NODE: 5,
+    ENTITY_NODE: 6,
+    PROCESSING_INSTRUCTION_NODE: 7,
+    COMMENT_NODE: 8,
+    DOCUMENT_NODE: 9,
+    DOCUMENT_TYPE_NODE: 10,
+    DOCUMENT_FRAGMENT_NODE: 11,
+    NOTATION_NODE: 12
+  });
+}
 
-  if (!GLOBAL.Node.ELEMENT_NODE) {
-    Object.extend(GLOBAL.Node, {
-      ELEMENT_NODE:                1,
-      ATTRIBUTE_NODE:              2,
-      TEXT_NODE:                   3,
-      CDATA_SECTION_NODE:          4,
-      ENTITY_REFERENCE_NODE:       5,
-      ENTITY_NODE:                 6,
-      PROCESSING_INSTRUCTION_NODE: 7,
-      COMMENT_NODE:                8,
-      DOCUMENT_NODE:               9,
-      DOCUMENT_TYPE_NODE:         10,
-      DOCUMENT_FRAGMENT_NODE:     11,
-      NOTATION_NODE:              12
-    });
-  }
 
-  var ELEMENT_CACHE = {};
 
-  function shouldUseCreationCache(tagName, attributes) {
+(function(global) {
+  function shouldUseCache(tagName, attributes) {
     if (tagName === 'select') return false;
     if ('type' in attributes) return false;
     return true;
@@ -2089,11 +1877,12 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
     }
   })();
 
+  var element = global.Element;
 
-  var oldElement = GLOBAL.Element;
-  function Element(tagName, attributes) {
-    attributes = attributes || {};
+  global.Element = function(tagName, attributes) {
+    attributes = attributes || { };
     tagName = tagName.toLowerCase();
+    var cache = Element.cache;
 
     if (HAS_EXTENDED_CREATE_ELEMENT_SYNTAX && attributes.name) {
       tagName = '<' + tagName + ' name="' + attributes.name + '">';
@@ -2101,1212 +1890,1015 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
       return Element.writeAttribute(document.createElement(tagName), attributes);
     }
 
-    if (!ELEMENT_CACHE[tagName])
-      ELEMENT_CACHE[tagName] = Element.extend(document.createElement(tagName));
+    if (!cache[tagName]) cache[tagName] = Element.extend(document.createElement(tagName));
 
-    var node = shouldUseCreationCache(tagName, attributes) ?
-     ELEMENT_CACHE[tagName].cloneNode(false) : document.createElement(tagName);
+    var node = shouldUseCache(tagName, attributes) ?
+     cache[tagName].cloneNode(false) : document.createElement(tagName);
 
     return Element.writeAttribute(node, attributes);
-  }
-
-  GLOBAL.Element = Element;
-
-  Object.extend(GLOBAL.Element, oldElement || {});
-  if (oldElement) GLOBAL.Element.prototype = oldElement.prototype;
-
-  Element.Methods = { ByTag: {}, Simulated: {} };
+  };
 
-  var methods = {};
+  Object.extend(global.Element, element || { });
+  if (element) global.Element.prototype = element.prototype;
 
-  var INSPECT_ATTRIBUTES = { id: 'id', className: 'class' };
-  function inspect(element) {
-    element = $(element);
-    var result = '<' + element.tagName.toLowerCase();
+})(this);
 
-    var attribute, value;
-    for (var property in INSPECT_ATTRIBUTES) {
-      attribute = INSPECT_ATTRIBUTES[property];
-      value = (element[property] || '').toString();
-      if (value) result += ' ' + attribute + '=' + value.inspect(true);
-    }
+Element.idCounter = 1;
+Element.cache = { };
 
-    return result + '>';
+Element._purgeElement = function(element) {
+  var uid = element._prototypeUID;
+  if (uid) {
+    Element.stopObserving(element);
+    element._prototypeUID = void 0;
+    delete Element.Storage[uid];
   }
+}
 
-  methods.inspect = inspect;
-
-
-  function visible(element) {
-    return $(element).getStyle('display') !== 'none';
-  }
+Element.Methods = {
+  visible: function(element) {
+    return $(element).style.display != 'none';
+  },
 
-  function toggle(element, bool) {
+  toggle: function(element) {
     element = $(element);
-    if (typeof bool !== 'boolean')
-      bool = !Element.visible(element);
-    Element[bool ? 'show' : 'hide'](element);
-
+    Element[Element.visible(element) ? 'hide' : 'show'](element);
     return element;
-  }
+  },
 
-  function hide(element) {
+  hide: function(element) {
     element = $(element);
     element.style.display = 'none';
     return element;
-  }
+  },
 
-  function show(element) {
+  show: function(element) {
     element = $(element);
     element.style.display = '';
     return element;
-  }
-
-
-  Object.extend(methods, {
-    visible: visible,
-    toggle:  toggle,
-    hide:    hide,
-    show:    show
-  });
-
+  },
 
-  function remove(element) {
+  remove: function(element) {
     element = $(element);
     element.parentNode.removeChild(element);
     return element;
-  }
+  },
 
-  var SELECT_ELEMENT_INNERHTML_BUGGY = (function(){
-    var el = document.createElement("select"),
-        isBuggy = true;
-    el.innerHTML = "<option value=\"test\">test</option>";
-    if (el.options && el.options[0]) {
-      isBuggy = el.options[0].nodeName.toUpperCase() !== "OPTION";
-    }
-    el = null;
-    return isBuggy;
-  })();
+  update: (function(){
 
-  var TABLE_ELEMENT_INNERHTML_BUGGY = (function(){
-    try {
-      var el = document.createElement("table");
-      if (el && el.tBodies) {
-        el.innerHTML = "<tbody><tr><td>test</td></tr></tbody>";
-        var isBuggy = typeof el.tBodies[0] == "undefined";
-        el = null;
-        return isBuggy;
+    var SELECT_ELEMENT_INNERHTML_BUGGY = (function(){
+      var el = document.createElement("select"),
+          isBuggy = true;
+      el.innerHTML = "<option value=\"test\">test</option>";
+      if (el.options && el.options[0]) {
+        isBuggy = el.options[0].nodeName.toUpperCase() !== "OPTION";
       }
-    } catch (e) {
-      return true;
-    }
-  })();
-
-  var LINK_ELEMENT_INNERHTML_BUGGY = (function() {
-    try {
-      var el = document.createElement('div');
-      el.innerHTML = "<link />";
-      var isBuggy = (el.childNodes.length === 0);
       el = null;
       return isBuggy;
-    } catch(e) {
-      return true;
-    }
-  })();
+    })();
 
-  var ANY_INNERHTML_BUGGY = SELECT_ELEMENT_INNERHTML_BUGGY ||
-   TABLE_ELEMENT_INNERHTML_BUGGY || LINK_ELEMENT_INNERHTML_BUGGY;
+    var TABLE_ELEMENT_INNERHTML_BUGGY = (function(){
+      try {
+        var el = document.createElement("table");
+        if (el && el.tBodies) {
+          el.innerHTML = "<tbody><tr><td>test</td></tr></tbody>";
+          var isBuggy = typeof el.tBodies[0] == "undefined";
+          el = null;
+          return isBuggy;
+        }
+      } catch (e) {
+        return true;
+      }
+    })();
 
-  var SCRIPT_ELEMENT_REJECTS_TEXTNODE_APPENDING = (function () {
-    var s = document.createElement("script"),
-        isBuggy = false;
-    try {
-      s.appendChild(document.createTextNode(""));
-      isBuggy = !s.firstChild ||
-        s.firstChild && s.firstChild.nodeType !== 3;
-    } catch (e) {
-      isBuggy = true;
-    }
-    s = null;
-    return isBuggy;
-  })();
+    var LINK_ELEMENT_INNERHTML_BUGGY = (function() {
+      try {
+        var el = document.createElement('div');
+        el.innerHTML = "<link>";
+        var isBuggy = (el.childNodes.length === 0);
+        el = null;
+        return isBuggy;
+      } catch(e) {
+        return true;
+      }
+    })();
 
-  function update(element, content) {
-    element = $(element);
+    var ANY_INNERHTML_BUGGY = SELECT_ELEMENT_INNERHTML_BUGGY ||
+     TABLE_ELEMENT_INNERHTML_BUGGY || LINK_ELEMENT_INNERHTML_BUGGY;
 
-    var descendants = element.getElementsByTagName('*'),
-     i = descendants.length;
-    while (i--) purgeElement(descendants[i]);
+    var SCRIPT_ELEMENT_REJECTS_TEXTNODE_APPENDING = (function () {
+      var s = document.createElement("script"),
+          isBuggy = false;
+      try {
+        s.appendChild(document.createTextNode(""));
+        isBuggy = !s.firstChild ||
+          s.firstChild && s.firstChild.nodeType !== 3;
+      } catch (e) {
+        isBuggy = true;
+      }
+      s = null;
+      return isBuggy;
+    })();
 
-    if (content && content.toElement)
-      content = content.toElement();
 
-    if (Object.isElement(content))
-      return element.update().insert(content);
+    function update(element, content) {
+      element = $(element);
+      var purgeElement = Element._purgeElement;
 
+      var descendants = element.getElementsByTagName('*'),
+       i = descendants.length;
+      while (i--) purgeElement(descendants[i]);
 
-    content = Object.toHTML(content);
-    var tagName = element.tagName.toUpperCase();
+      if (content && content.toElement)
+        content = content.toElement();
 
-    if (tagName === 'SCRIPT' && SCRIPT_ELEMENT_REJECTS_TEXTNODE_APPENDING) {
-      element.text = content;
-      return element;
-    }
+      if (Object.isElement(content))
+        return element.update().insert(content);
 
-    if (ANY_INNERHTML_BUGGY) {
-      if (tagName in INSERTION_TRANSLATIONS.tags) {
-        while (element.firstChild)
-          element.removeChild(element.firstChild);
+      content = Object.toHTML(content);
 
-        var nodes = getContentFromAnonymousElement(tagName, content.stripScripts());
-        for (var i = 0, node; node = nodes[i]; i++)
-          element.appendChild(node);
+      var tagName = element.tagName.toUpperCase();
 
-      } else if (LINK_ELEMENT_INNERHTML_BUGGY && Object.isString(content) && content.indexOf('<link') > -1) {
-        while (element.firstChild)
-          element.removeChild(element.firstChild);
-
-        var nodes = getContentFromAnonymousElement(tagName,
-         content.stripScripts(), true);
+      if (tagName === 'SCRIPT' && SCRIPT_ELEMENT_REJECTS_TEXTNODE_APPENDING) {
+        element.text = content;
+        return element;
+      }
 
-        for (var i = 0, node; node = nodes[i]; i++)
-          element.appendChild(node);
-      } else {
+      if (ANY_INNERHTML_BUGGY) {
+        if (tagName in Element._insertionTranslations.tags) {
+          while (element.firstChild) {
+            element.removeChild(element.firstChild);
+          }
+          Element._getContentFromAnonymousElement(tagName, content.stripScripts())
+            .each(function(node) {
+              element.appendChild(node)
+            });
+        } else if (LINK_ELEMENT_INNERHTML_BUGGY && Object.isString(content) && content.indexOf('<link') > -1) {
+          while (element.firstChild) {
+            element.removeChild(element.firstChild);
+          }
+          var nodes = Element._getContentFromAnonymousElement(tagName, content.stripScripts(), true);
+          nodes.each(function(node) { element.appendChild(node) });
+        }
+        else {
+          element.innerHTML = content.stripScripts();
+        }
+      }
+      else {
         element.innerHTML = content.stripScripts();
       }
-    } else {
-      element.innerHTML = content.stripScripts();
+
+      content.evalScripts.bind(content).defer();
+      return element;
     }
 
-    content.evalScripts.bind(content).defer();
-    return element;
-  }
+    return update;
+  })(),
 
-  function replace(element, content) {
+  replace: function(element, content) {
     element = $(element);
-
-    if (content && content.toElement) {
-      content = content.toElement();
-    } else if (!Object.isElement(content)) {
+    if (content && content.toElement) content = content.toElement();
+    else if (!Object.isElement(content)) {
       content = Object.toHTML(content);
       var range = element.ownerDocument.createRange();
       range.selectNode(element);
       content.evalScripts.bind(content).defer();
       content = range.createContextualFragment(content.stripScripts());
     }
-
     element.parentNode.replaceChild(content, element);
     return element;
-  }
-
-  var INSERTION_TRANSLATIONS = {
-    before: function(element, node) {
-      element.parentNode.insertBefore(node, element);
-    },
-    top: function(element, node) {
-      element.insertBefore(node, element.firstChild);
-    },
-    bottom: function(element, node) {
-      element.appendChild(node);
-    },
-    after: function(element, node) {
-      element.parentNode.insertBefore(node, element.nextSibling);
-    },
-
-    tags: {
-      TABLE:  ['<table>',                '</table>',                   1],
-      TBODY:  ['<table><tbody>',         '</tbody></table>',           2],
-      TR:     ['<table><tbody><tr>',     '</tr></tbody></table>',      3],
-      TD:     ['<table><tbody><tr><td>', '</td></tr></tbody></table>', 4],
-      SELECT: ['<select>',               '</select>',                  1]
-    }
-  };
-
-  var tags = INSERTION_TRANSLATIONS.tags;
-
-  Object.extend(tags, {
-    THEAD: tags.TBODY,
-    TFOOT: tags.TBODY,
-    TH:    tags.TD
-  });
+  },
 
-  function replace_IE(element, content) {
+  insert: function(element, insertions) {
     element = $(element);
-    if (content && content.toElement)
-      content = content.toElement();
-    if (Object.isElement(content)) {
-      element.parentNode.replaceChild(content, element);
-      return element;
-    }
-
-    content = Object.toHTML(content);
-    var parent = element.parentNode, tagName = parent.tagName.toUpperCase();
 
-    if (tagName in INSERTION_TRANSLATIONS.tags) {
-      var nextSibling = Element.next(element);
-      var fragments = getContentFromAnonymousElement(
-       tagName, content.stripScripts());
-
-      parent.removeChild(element);
-
-      var iterator;
-      if (nextSibling)
-        iterator = function(node) { parent.insertBefore(node, nextSibling) };
-      else
-        iterator = function(node) { parent.appendChild(node); }
+    if (Object.isString(insertions) || Object.isNumber(insertions) ||
+        Object.isElement(insertions) || (insertions && (insertions.toElement || insertions.toHTML)))
+          insertions = {bottom:insertions};
 
-      fragments.each(iterator);
-    } else {
-      element.outerHTML = content.stripScripts();
-    }
+    var content, insert, tagName, childNodes;
 
-    content.evalScripts.bind(content).defer();
-    return element;
-  }
+    for (var position in insertions) {
+      content  = insertions[position];
+      position = position.toLowerCase();
+      insert = Element._insertionTranslations[position];
 
-  if ('outerHTML' in document.documentElement)
-    replace = replace_IE;
+      if (content && content.toElement) content = content.toElement();
+      if (Object.isElement(content)) {
+        insert(element, content);
+        continue;
+      }
 
-  function isContent(content) {
-    if (Object.isUndefined(content) || content === null) return false;
+      content = Object.toHTML(content);
 
-    if (Object.isString(content) || Object.isNumber(content)) return true;
-    if (Object.isElement(content)) return true;
-    if (content.toElement || content.toHTML) return true;
+      tagName = ((position == 'before' || position == 'after')
+        ? element.parentNode : element).tagName.toUpperCase();
 
-    return false;
-  }
+      childNodes = Element._getContentFromAnonymousElement(tagName, content.stripScripts());
 
-  function insertContentAt(element, content, position) {
-    position   = position.toLowerCase();
-    var method = INSERTION_TRANSLATIONS[position];
+      if (position == 'top' || position == 'after') childNodes.reverse();
+      childNodes.each(insert.curry(element));
 
-    if (content && content.toElement) content = content.toElement();
-    if (Object.isElement(content)) {
-      method(element, content);
-      return element;
+      content.evalScripts.bind(content).defer();
     }
 
-    content = Object.toHTML(content);
-    var tagName = ((position === 'before' || position === 'after') ?
-     element.parentNode : element).tagName.toUpperCase();
-
-    var childNodes = getContentFromAnonymousElement(tagName, content.stripScripts());
-
-    if (position === 'top' || position === 'after') childNodes.reverse();
-
-    for (var i = 0, node; node = childNodes[i]; i++)
-      method(element, node);
-
-    content.evalScripts.bind(content).defer();
-  }
-
-  function insert(element, insertions) {
-    element = $(element);
-
-    if (isContent(insertions))
-      insertions = { bottom: insertions };
-
-    for (var position in insertions)
-      insertContentAt(element, insertions[position], position);
-
     return element;
-  }
+  },
 
-  function wrap(element, wrapper, attributes) {
+  wrap: function(element, wrapper, attributes) {
     element = $(element);
-
-    if (Object.isElement(wrapper)) {
-      $(wrapper).writeAttribute(attributes || {});
-    } else if (Object.isString(wrapper)) {
-      wrapper = new Element(wrapper, attributes);
-    } else {
-      wrapper = new Element('div', wrapper);
-    }
-
+    if (Object.isElement(wrapper))
+      $(wrapper).writeAttribute(attributes || { });
+    else if (Object.isString(wrapper)) wrapper = new Element(wrapper, attributes);
+    else wrapper = new Element('div', wrapper);
     if (element.parentNode)
       element.parentNode.replaceChild(wrapper, element);
-
     wrapper.appendChild(element);
-
     return wrapper;
-  }
+  },
 
-  function cleanWhitespace(element) {
+  inspect: function(element) {
     element = $(element);
-    var node = element.firstChild;
-
-    while (node) {
-      var nextNode = node.nextSibling;
-      if (node.nodeType === Node.TEXT_NODE && !/\S/.test(node.nodeValue))
-        element.removeChild(node);
-      node = nextNode;
-    }
-    return element;
-  }
-
-  function empty(element) {
-    return $(element).innerHTML.blank();
-  }
-
-  function getContentFromAnonymousElement(tagName, html, force) {
-    var t = INSERTION_TRANSLATIONS.tags[tagName], div = DIV;
-
-    var workaround = !!t;
-    if (!workaround && force) {
-      workaround = true;
-      t = ['', '', 0];
-    }
-
-    if (workaround) {
-      div.innerHTML = '&#160;' + t[0] + html + t[1];
-      div.removeChild(div.firstChild);
-      for (var i = t[2]; i--; )
-        div = div.firstChild;
-    } else {
-      div.innerHTML = html;
-    }
-
-    return $A(div.childNodes);
-  }
-
-  function clone(element, deep) {
-    if (!(element = $(element))) return;
-    var clone = element.cloneNode(deep);
-    if (!HAS_UNIQUE_ID_PROPERTY) {
-      clone._prototypeUID = UNDEFINED;
-      if (deep) {
-        var descendants = Element.select(clone, '*'),
-         i = descendants.length;
-        while (i--)
-          descendants[i]._prototypeUID = UNDEFINED;
-      }
-    }
-    return Element.extend(clone);
-  }
-
-  function purgeElement(element) {
-    var uid = getUniqueElementID(element);
-    if (uid) {
-      Element.stopObserving(element);
-      if (!HAS_UNIQUE_ID_PROPERTY)
-        element._prototypeUID = UNDEFINED;
-      delete Element.Storage[uid];
-    }
-  }
-
-  function purgeCollection(elements) {
-    var i = elements.length;
-    while (i--)
-      purgeElement(elements[i]);
-  }
-
-  function purgeCollection_IE(elements) {
-    var i = elements.length, element, uid;
-    while (i--) {
-      element = elements[i];
-      uid = getUniqueElementID(element);
-      delete Element.Storage[uid];
-      delete Event.cache[uid];
-    }
-  }
-
-  if (HAS_UNIQUE_ID_PROPERTY) {
-    purgeCollection = purgeCollection_IE;
-  }
-
-
-  function purge(element) {
-    if (!(element = $(element))) return;
-    purgeElement(element);
-
-    var descendants = element.getElementsByTagName('*'),
-     i = descendants.length;
-
-    while (i--) purgeElement(descendants[i]);
-
-    return null;
-  }
-
-  Object.extend(methods, {
-    remove:  remove,
-    update:  update,
-    replace: replace,
-    insert:  insert,
-    wrap:    wrap,
-    cleanWhitespace: cleanWhitespace,
-    empty:   empty,
-    clone:   clone,
-    purge:   purge
-  });
-
-
+    var result = '<' + element.tagName.toLowerCase();
+    $H({'id': 'id', 'className': 'class'}).each(function(pair) {
+      var property = pair.first(),
+          attribute = pair.last(),
+          value = (element[property] || '').toString();
+      if (value) result += ' ' + attribute + '=' + value.inspect(true);
+    });
+    return result + '>';
+  },
 
-  function recursivelyCollect(element, property, maximumLength) {
+  recursivelyCollect: function(element, property, maximumLength) {
     element = $(element);
     maximumLength = maximumLength || -1;
     var elements = [];
 
     while (element = element[property]) {
-      if (element.nodeType === Node.ELEMENT_NODE)
+      if (element.nodeType == 1)
         elements.push(Element.extend(element));
-
-      if (elements.length === maximumLength) break;
+      if (elements.length == maximumLength)
+        break;
     }
 
     return elements;
-  }
-
+  },
 
-  function ancestors(element) {
-    return recursivelyCollect(element, 'parentNode');
-  }
+  ancestors: function(element) {
+    return Element.recursivelyCollect(element, 'parentNode');
+  },
 
-  function descendants(element) {
-    return Element.select(element, '*');
-  }
+  descendants: function(element) {
+    return Element.select(element, "*");
+  },
 
-  function firstDescendant(element) {
+  firstDescendant: function(element) {
     element = $(element).firstChild;
-    while (element && element.nodeType !== Node.ELEMENT_NODE)
-      element = element.nextSibling;
-
+    while (element && element.nodeType != 1) element = element.nextSibling;
     return $(element);
-  }
+  },
 
-  function immediateDescendants(element) {
+  immediateDescendants: function(element) {
     var results = [], child = $(element).firstChild;
-
     while (child) {
-      if (child.nodeType === Node.ELEMENT_NODE)
+      if (child.nodeType === 1) {
         results.push(Element.extend(child));
-
+      }
       child = child.nextSibling;
     }
-
     return results;
-  }
+  },
 
-  function previousSiblings(element) {
-    return recursivelyCollect(element, 'previousSibling');
-  }
+  previousSiblings: function(element, maximumLength) {
+    return Element.recursivelyCollect(element, 'previousSibling');
+  },
 
-  function nextSiblings(element) {
-    return recursivelyCollect(element, 'nextSibling');
-  }
+  nextSiblings: function(element) {
+    return Element.recursivelyCollect(element, 'nextSibling');
+  },
 
-  function siblings(element) {
+  siblings: function(element) {
     element = $(element);
-    var previous = previousSiblings(element),
-     next = nextSiblings(element);
-    return previous.reverse().concat(next);
-  }
+    return Element.previousSiblings(element).reverse()
+      .concat(Element.nextSiblings(element));
+  },
 
-  function match(element, selector) {
+  match: function(element, selector) {
     element = $(element);
-
     if (Object.isString(selector))
       return Prototype.Selector.match(element, selector);
-
     return selector.match(element);
-  }
+  },
 
+  up: function(element, expression, index) {
+    element = $(element);
+    if (arguments.length == 1) return $(element.parentNode);
+    var ancestors = Element.ancestors(element);
+    return Object.isNumber(expression) ? ancestors[expression] :
+      Prototype.Selector.find(ancestors, expression, index);
+  },
 
-  function _recursivelyFind(element, property, expression, index) {
-    element = $(element), expression = expression || 0, index = index || 0;
-    if (Object.isNumber(expression)) {
-      index = expression, expression = null;
-    }
+  down: function(element, expression, index) {
+    element = $(element);
+    if (arguments.length == 1) return Element.firstDescendant(element);
+    return Object.isNumber(expression) ? Element.descendants(element)[expression] :
+      Element.select(element, expression)[index || 0];
+  },
 
-    while (element = element[property]) {
-      if (element.nodeType !== 1) continue;
-      if (expression && !Prototype.Selector.match(element, expression))
-        continue;
-      if (--index >= 0) continue;
+  previous: function(element, expression, index) {
+    element = $(element);
+    if (Object.isNumber(expression)) index = expression, expression = false;
+    if (!Object.isNumber(index)) index = 0;
 
-      return Element.extend(element);
+    if (expression) {
+      return Prototype.Selector.find(element.previousSiblings(), expression, index);
+    } else {
+      return element.recursivelyCollect("previousSibling", index + 1)[index];
     }
-  }
-
+  },
 
-  function up(element, expression, index) {
+  next: function(element, expression, index) {
     element = $(element);
+    if (Object.isNumber(expression)) index = expression, expression = false;
+    if (!Object.isNumber(index)) index = 0;
 
-    if (arguments.length === 1) return $(element.parentNode);
-    return _recursivelyFind(element, 'parentNode', expression, index);
-  }
-
-  function down(element, expression, index) {
-    if (arguments.length === 1) return firstDescendant(element);
-    element = $(element), expression = expression || 0, index = index || 0;
-
-    if (Object.isNumber(expression))
-      index = expression, expression = '*';
-
-    var node = Prototype.Selector.select(expression, element)[index];
-    return Element.extend(node);
-  }
-
-  function previous(element, expression, index) {
-    return _recursivelyFind(element, 'previousSibling', expression, index);
-  }
+    if (expression) {
+      return Prototype.Selector.find(element.nextSiblings(), expression, index);
+    } else {
+      var maximumLength = Object.isNumber(index) ? index + 1 : 1;
+      return element.recursivelyCollect("nextSibling", index + 1)[index];
+    }
+  },
 
-  function next(element, expression, index) {
-    return _recursivelyFind(element, 'nextSibling', expression, index);
-  }
 
-  function select(element) {
+  select: function(element) {
     element = $(element);
-    var expressions = SLICE.call(arguments, 1).join(', ');
+    var expressions = Array.prototype.slice.call(arguments, 1).join(', ');
     return Prototype.Selector.select(expressions, element);
-  }
+  },
 
-  function adjacent(element) {
+  adjacent: function(element) {
     element = $(element);
-    var expressions = SLICE.call(arguments, 1).join(', ');
-    var siblings = Element.siblings(element), results = [];
-    for (var i = 0, sibling; sibling = siblings[i]; i++) {
-      if (Prototype.Selector.match(sibling, expressions))
-        results.push(sibling);
-    }
-
-    return results;
-  }
-
-  function descendantOf_DOM(element, ancestor) {
-    element = $(element), ancestor = $(ancestor);
-    if (!element || !ancestor) return false;
-    while (element = element.parentNode)
-      if (element === ancestor) return true;
-    return false;
-  }
-
-  function descendantOf_contains(element, ancestor) {
-    element = $(element), ancestor = $(ancestor);
-    if (!element || !ancestor) return false;
-    if (!ancestor.contains) return descendantOf_DOM(element, ancestor);
-    return ancestor.contains(element) && ancestor !== element;
-  }
-
-  function descendantOf_compareDocumentPosition(element, ancestor) {
-    element = $(element), ancestor = $(ancestor);
-    if (!element || !ancestor) return false;
-    return (element.compareDocumentPosition(ancestor) & 8) === 8;
-  }
-
-  var descendantOf;
-  if (DIV.compareDocumentPosition) {
-    descendantOf = descendantOf_compareDocumentPosition;
-  } else if (DIV.contains) {
-    descendantOf = descendantOf_contains;
-  } else {
-    descendantOf = descendantOf_DOM;
-  }
-
-
-  Object.extend(methods, {
-    recursivelyCollect:   recursivelyCollect,
-    ancestors:            ancestors,
-    descendants:          descendants,
-    firstDescendant:      firstDescendant,
-    immediateDescendants: immediateDescendants,
-    previousSiblings:     previousSiblings,
-    nextSiblings:         nextSiblings,
-    siblings:             siblings,
-    match:                match,
-    up:                   up,
-    down:                 down,
-    previous:             previous,
-    next:                 next,
-    select:               select,
-    adjacent:             adjacent,
-    descendantOf:         descendantOf,
-
-    getElementsBySelector: select,
-
-    childElements:         immediateDescendants
-  });
-
+    var expressions = Array.prototype.slice.call(arguments, 1).join(', ');
+    return Prototype.Selector.select(expressions, element.parentNode).without(element);
+  },
 
-  var idCounter = 1;
-  function identify(element) {
+  identify: function(element) {
     element = $(element);
     var id = Element.readAttribute(element, 'id');
     if (id) return id;
-
-    do { id = 'anonymous_element_' + idCounter++ } while ($(id));
-
+    do { id = 'anonymous_element_' + Element.idCounter++ } while ($(id));
     Element.writeAttribute(element, 'id', id);
     return id;
-  }
-
-
-  function readAttribute(element, name) {
-    return $(element).getAttribute(name);
-  }
+  },
 
-  function readAttribute_IE(element, name) {
+  readAttribute: function(element, name) {
     element = $(element);
-
-    var table = ATTRIBUTE_TRANSLATIONS.read;
-    if (table.values[name])
-      return table.values[name](element, name);
-
-    if (table.names[name]) name = table.names[name];
-
-    if (name.include(':')) {
-      if (!element.attributes || !element.attributes[name]) return null;
-      return element.attributes[name].value;
+    if (Prototype.Browser.IE) {
+      var t = Element._attributeTranslations.read;
+      if (t.values[name]) return t.values[name](element, name);
+      if (t.names[name]) name = t.names[name];
+      if (name.include(':')) {
+        return (!element.attributes || !element.attributes[name]) ? null :
+         element.attributes[name].value;
+      }
     }
-
-    return element.getAttribute(name);
-  }
-
-  function readAttribute_Opera(element, name) {
-    if (name === 'title') return element.title;
     return element.getAttribute(name);
-  }
-
-  var PROBLEMATIC_ATTRIBUTE_READING = (function() {
-    DIV.setAttribute('onclick', []);
-    var value = DIV.getAttribute('onclick');
-    var isFunction = Object.isArray(value);
-    DIV.removeAttribute('onclick');
-    return isFunction;
-  })();
-
-  if (PROBLEMATIC_ATTRIBUTE_READING) {
-    readAttribute = readAttribute_IE;
-  } else if (Prototype.Browser.Opera) {
-    readAttribute = readAttribute_Opera;
-  }
-
+  },
 
-  function writeAttribute(element, name, value) {
+  writeAttribute: function(element, name, value) {
     element = $(element);
-    var attributes = {}, table = ATTRIBUTE_TRANSLATIONS.write;
+    var attributes = { }, t = Element._attributeTranslations.write;
 
-    if (typeof name === 'object') {
-      attributes = name;
-    } else {
-      attributes[name] = Object.isUndefined(value) ? true : value;
-    }
+    if (typeof name == 'object') attributes = name;
+    else attributes[name] = Object.isUndefined(value) ? true : value;
 
     for (var attr in attributes) {
-      name = table.names[attr] || attr;
+      name = t.names[attr] || attr;
       value = attributes[attr];
-      if (table.values[attr]) {
-        value = table.values[attr](element, value);
-        if (Object.isUndefined(value)) continue;
-      }
+      if (t.values[attr]) name = t.values[attr](element, value);
       if (value === false || value === null)
         element.removeAttribute(name);
       else if (value === true)
         element.setAttribute(name, name);
       else element.setAttribute(name, value);
     }
-
     return element;
-  }
+  },
 
-  var PROBLEMATIC_HAS_ATTRIBUTE_WITH_CHECKBOXES = (function () {
-    if (!HAS_EXTENDED_CREATE_ELEMENT_SYNTAX) {
-      return false;
-    }
-    var checkbox = document.createElement('<input type="checkbox">');
-    checkbox.checked = true;
-    var node = checkbox.getAttributeNode('checked');
-    return !node || !node.specified;
-  })();
+  getHeight: function(element) {
+    return Element.getDimensions(element).height;
+  },
 
-  function hasAttribute(element, attribute) {
-    attribute = ATTRIBUTE_TRANSLATIONS.has[attribute] || attribute;
-    var node = $(element).getAttributeNode(attribute);
-    return !!(node && node.specified);
-  }
-
-  function hasAttribute_IE(element, attribute) {
-    if (attribute === 'checked') {
-      return element.checked;
-    }
-    return hasAttribute(element, attribute);
-  }
-
-  GLOBAL.Element.Methods.Simulated.hasAttribute =
-   PROBLEMATIC_HAS_ATTRIBUTE_WITH_CHECKBOXES ?
-   hasAttribute_IE : hasAttribute;
+  getWidth: function(element) {
+    return Element.getDimensions(element).width;
+  },
 
-  function classNames(element) {
+  classNames: function(element) {
     return new Element.ClassNames(element);
-  }
-
-  var regExpCache = {};
-  function getRegExpForClassName(className) {
-    if (regExpCache[className]) return regExpCache[className];
-
-    var re = new RegExp("(^|\\s+)" + className + "(\\s+|$)");
-    regExpCache[className] = re;
-    return re;
-  }
+  },
 
-  function hasClassName(element, className) {
+  hasClassName: function(element, className) {
     if (!(element = $(element))) return;
-
     var elementClassName = element.className;
+    return (elementClassName.length > 0 && (elementClassName == className ||
+      new RegExp("(^|\\s)" + className + "(\\s|$)").test(elementClassName)));
+  },
 
-    if (elementClassName.length === 0) return false;
-    if (elementClassName === className) return true;
-
-    return getRegExpForClassName(className).test(elementClassName);
-  }
-
-  function addClassName(element, className) {
+  addClassName: function(element, className) {
     if (!(element = $(element))) return;
-
-    if (!hasClassName(element, className))
+    if (!Element.hasClassName(element, className))
       element.className += (element.className ? ' ' : '') + className;
-
     return element;
-  }
+  },
 
-  function removeClassName(element, className) {
+  removeClassName: function(element, className) {
     if (!(element = $(element))) return;
-
     element.className = element.className.replace(
-     getRegExpForClassName(className), ' ').strip();
-
+      new RegExp("(^|\\s+)" + className + "(\\s+|$)"), ' ').strip();
     return element;
-  }
+  },
 
-  function toggleClassName(element, className, bool) {
+  toggleClassName: function(element, className) {
     if (!(element = $(element))) return;
+    return Element[Element.hasClassName(element, className) ?
+      'removeClassName' : 'addClassName'](element, className);
+  },
 
-    if (Object.isUndefined(bool))
-      bool = !hasClassName(element, className);
-
-    var method = Element[bool ? 'addClassName' : 'removeClassName'];
-    return method(element, className);
-  }
-
-  var ATTRIBUTE_TRANSLATIONS = {};
-
-  var classProp = 'className', forProp = 'for';
-
-  DIV.setAttribute(classProp, 'x');
-  if (DIV.className !== 'x') {
-    DIV.setAttribute('class', 'x');
-    if (DIV.className === 'x')
-      classProp = 'class';
-  }
+  cleanWhitespace: function(element) {
+    element = $(element);
+    var node = element.firstChild;
+    while (node) {
+      var nextNode = node.nextSibling;
+      if (node.nodeType == 3 && !/\S/.test(node.nodeValue))
+        element.removeChild(node);
+      node = nextNode;
+    }
+    return element;
+  },
 
-  var LABEL = document.createElement('label');
-  LABEL.setAttribute(forProp, 'x');
-  if (LABEL.htmlFor !== 'x') {
-    LABEL.setAttribute('htmlFor', 'x');
-    if (LABEL.htmlFor === 'x')
-      forProp = 'htmlFor';
-  }
-  LABEL = null;
+  empty: function(element) {
+    return $(element).innerHTML.blank();
+  },
 
-  function _getAttr(element, attribute) {
-    return element.getAttribute(attribute);
-  }
+  descendantOf: function(element, ancestor) {
+    element = $(element), ancestor = $(ancestor);
 
-  function _getAttr2(element, attribute) {
-    return element.getAttribute(attribute, 2);
-  }
+    if (element.compareDocumentPosition)
+      return (element.compareDocumentPosition(ancestor) & 8) === 8;
 
-  function _getAttrNode(element, attribute) {
-    var node = element.getAttributeNode(attribute);
-    return node ? node.value : '';
-  }
+    if (ancestor.contains)
+      return ancestor.contains(element) && ancestor !== element;
 
-  function _getFlag(element, attribute) {
-    return $(element).hasAttribute(attribute) ? attribute : null;
-  }
+    while (element = element.parentNode)
+      if (element == ancestor) return true;
 
-  DIV.onclick = Prototype.emptyFunction;
-  var onclickValue = DIV.getAttribute('onclick');
+    return false;
+  },
 
-  var _getEv;
+  scrollTo: function(element) {
+    element = $(element);
+    var pos = Element.cumulativeOffset(element);
+    window.scrollTo(pos[0], pos[1]);
+    return element;
+  },
 
-  if (String(onclickValue).indexOf('{') > -1) {
-    _getEv = function(element, attribute) {
-      var value = element.getAttribute(attribute);
-      if (!value) return null;
-      value = value.toString();
-      value = value.split('{')[1];
-      value = value.split('}')[0];
-      return value.strip();
-    };
-  }
-  else if (onclickValue === '') {
-    _getEv = function(element, attribute) {
-      var value = element.getAttribute(attribute);
-      if (!value) return null;
-      return value.strip();
-    };
-  }
+  getStyle: function(element, style) {
+    element = $(element);
+    style = style == 'float' ? 'cssFloat' : style.camelize();
+    var value = element.style[style];
+    if (!value || value == 'auto') {
+      var css = document.defaultView.getComputedStyle(element, null);
+      value = css ? css[style] : null;
+    }
+    if (style == 'opacity') return value ? parseFloat(value) : 1.0;
+    return value == 'auto' ? null : value;
+  },
 
-  ATTRIBUTE_TRANSLATIONS.read = {
-    names: {
-      'class':     classProp,
-      'className': classProp,
-      'for':       forProp,
-      'htmlFor':   forProp
-    },
+  getOpacity: function(element) {
+    return $(element).getStyle('opacity');
+  },
 
-    values: {
-      style: function(element) {
-        return element.style.cssText.toLowerCase();
-      },
-      title: function(element) {
-        return element.title;
-      }
+  setStyle: function(element, styles) {
+    element = $(element);
+    var elementStyle = element.style, match;
+    if (Object.isString(styles)) {
+      element.style.cssText += ';' + styles;
+      return styles.include('opacity') ?
+        element.setOpacity(styles.match(/opacity:\s*(\d?\.?\d*)/)[1]) : element;
     }
-  };
+    for (var property in styles)
+      if (property == 'opacity') element.setOpacity(styles[property]);
+      else
+        elementStyle[(property == 'float' || property == 'cssFloat') ?
+          (Object.isUndefined(elementStyle.styleFloat) ? 'cssFloat' : 'styleFloat') :
+            property] = styles[property];
 
-  ATTRIBUTE_TRANSLATIONS.write = {
-    names: {
-      className:   'class',
-      htmlFor:     'for',
-      cellpadding: 'cellPadding',
-      cellspacing: 'cellSpacing'
-    },
+    return element;
+  },
 
-    values: {
-      checked: function(element, value) {
-        value = !!value;
-        element.checked = value;
-        return value ? 'checked' : null;
-      },
+  setOpacity: function(element, value) {
+    element = $(element);
+    element.style.opacity = (value == 1 || value === '') ? '' :
+      (value < 0.00001) ? 0 : value;
+    return element;
+  },
 
-      style: function(element, value) {
-        element.style.cssText = value ? value : '';
+  makePositioned: function(element) {
+    element = $(element);
+    var pos = Element.getStyle(element, 'position');
+    if (pos == 'static' || !pos) {
+      element._madePositioned = true;
+      element.style.position = 'relative';
+      if (Prototype.Browser.Opera) {
+        element.style.top = 0;
+        element.style.left = 0;
       }
     }
-  };
-
-  ATTRIBUTE_TRANSLATIONS.has = { names: {} };
-
-  Object.extend(ATTRIBUTE_TRANSLATIONS.write.names,
-   ATTRIBUTE_TRANSLATIONS.read.names);
-
-  var CAMEL_CASED_ATTRIBUTE_NAMES = $w('colSpan rowSpan vAlign dateTime ' +
-   'accessKey tabIndex encType maxLength readOnly longDesc frameBorder');
-
-  for (var i = 0, attr; attr = CAMEL_CASED_ATTRIBUTE_NAMES[i]; i++) {
-    ATTRIBUTE_TRANSLATIONS.write.names[attr.toLowerCase()] = attr;
-    ATTRIBUTE_TRANSLATIONS.has.names[attr.toLowerCase()]   = attr;
-  }
-
-  Object.extend(ATTRIBUTE_TRANSLATIONS.read.values, {
-    href:        _getAttr2,
-    src:         _getAttr2,
-    type:        _getAttr,
-    action:      _getAttrNode,
-    disabled:    _getFlag,
-    checked:     _getFlag,
-    readonly:    _getFlag,
-    multiple:    _getFlag,
-    onload:      _getEv,
-    onunload:    _getEv,
-    onclick:     _getEv,
-    ondblclick:  _getEv,
-    onmousedown: _getEv,
-    onmouseup:   _getEv,
-    onmouseover: _getEv,
-    onmousemove: _getEv,
-    onmouseout:  _getEv,
-    onfocus:     _getEv,
-    onblur:      _getEv,
-    onkeypress:  _getEv,
-    onkeydown:   _getEv,
-    onkeyup:     _getEv,
-    onsubmit:    _getEv,
-    onreset:     _getEv,
-    onselect:    _getEv,
-    onchange:    _getEv
-  });
+    return element;
+  },
 
+  undoPositioned: function(element) {
+    element = $(element);
+    if (element._madePositioned) {
+      element._madePositioned = undefined;
+      element.style.position =
+        element.style.top =
+        element.style.left =
+        element.style.bottom =
+        element.style.right = '';
+    }
+    return element;
+  },
 
-  Object.extend(methods, {
-    identify:        identify,
-    readAttribute:   readAttribute,
-    writeAttribute:  writeAttribute,
-    classNames:      classNames,
-    hasClassName:    hasClassName,
-    addClassName:    addClassName,
-    removeClassName: removeClassName,
-    toggleClassName: toggleClassName
-  });
+  makeClipping: function(element) {
+    element = $(element);
+    if (element._overflow) return element;
+    element._overflow = Element.getStyle(element, 'overflow') || 'auto';
+    if (element._overflow !== 'hidden')
+      element.style.overflow = 'hidden';
+    return element;
+  },
 
+  undoClipping: function(element) {
+    element = $(element);
+    if (!element._overflow) return element;
+    element.style.overflow = element._overflow == 'auto' ? '' : element._overflow;
+    element._overflow = null;
+    return element;
+  },
 
-  function normalizeStyleName(style) {
-    if (style === 'float' || style === 'styleFloat')
-      return 'cssFloat';
-    return style.camelize();
-  }
+  clonePosition: function(element, source) {
+    var options = Object.extend({
+      setLeft:    true,
+      setTop:     true,
+      setWidth:   true,
+      setHeight:  true,
+      offsetTop:  0,
+      offsetLeft: 0
+    }, arguments[2] || { });
 
-  function normalizeStyleName_IE(style) {
-    if (style === 'float' || style === 'cssFloat')
-      return 'styleFloat';
-    return style.camelize();
-  }
+    source = $(source);
+    var p = Element.viewportOffset(source), delta = [0, 0], parent = null;
 
-  function setStyle(element, styles) {
     element = $(element);
-    var elementStyle = element.style, match;
 
-    if (Object.isString(styles)) {
-      elementStyle.cssText += ';' + styles;
-      if (styles.include('opacity')) {
-        var opacity = styles.match(/opacity:\s*(\d?\.?\d*)/)[1];
-        Element.setOpacity(element, opacity);
-      }
-      return element;
+    if (Element.getStyle(element, 'position') == 'absolute') {
+      parent = Element.getOffsetParent(element);
+      delta = Element.viewportOffset(parent);
     }
 
-    for (var property in styles) {
-      if (property === 'opacity') {
-        Element.setOpacity(element, styles[property]);
-      } else {
-        var value = styles[property];
-        if (property === 'float' || property === 'cssFloat') {
-          property = Object.isUndefined(elementStyle.styleFloat) ?
-           'cssFloat' : 'styleFloat';
-        }
-        elementStyle[property] = value;
-      }
+    if (parent == document.body) {
+      delta[0] -= document.body.offsetLeft;
+      delta[1] -= document.body.offsetTop;
     }
 
+    if (options.setLeft)   element.style.left  = (p[0] - delta[0] + options.offsetLeft) + 'px';
+    if (options.setTop)    element.style.top   = (p[1] - delta[1] + options.offsetTop) + 'px';
+    if (options.setWidth)  element.style.width = source.offsetWidth + 'px';
+    if (options.setHeight) element.style.height = source.offsetHeight + 'px';
     return element;
   }
+};
 
+Object.extend(Element.Methods, {
+  getElementsBySelector: Element.Methods.select,
 
-  function getStyle(element, style) {
-    element = $(element);
-    style = normalizeStyleName(style);
-
-    var value = element.style[style];
-    if (!value || value === 'auto') {
-      var css = document.defaultView.getComputedStyle(element, null);
-      value = css ? css[style] : null;
-    }
+  childElements: Element.Methods.immediateDescendants
+});
 
-    if (style === 'opacity') return value ? parseFloat(value) : 1.0;
-    return value === 'auto' ? null : value;
+Element._attributeTranslations = {
+  write: {
+    names: {
+      className: 'class',
+      htmlFor:   'for'
+    },
+    values: { }
   }
+};
 
-  function getStyle_Opera(element, style) {
-    switch (style) {
-      case 'height': case 'width':
-        if (!Element.visible(element)) return null;
+if (Prototype.Browser.Opera) {
+  Element.Methods.getStyle = Element.Methods.getStyle.wrap(
+    function(proceed, element, style) {
+      switch (style) {
+        case 'height': case 'width':
+          if (!Element.visible(element)) return null;
 
-        var dim = parseInt(getStyle(element, style), 10);
+          var dim = parseInt(proceed(element, style), 10);
 
-        if (dim !== element['offset' + style.capitalize()])
-          return dim + 'px';
+          if (dim !== element['offset' + style.capitalize()])
+            return dim + 'px';
 
-        return Element.measure(element, style);
+          var properties;
+          if (style === 'height') {
+            properties = ['border-top-width', 'padding-top',
+             'padding-bottom', 'border-bottom-width'];
+          }
+          else {
+            properties = ['border-left-width', 'padding-left',
+             'padding-right', 'border-right-width'];
+          }
+          return properties.inject(dim, function(memo, property) {
+            var val = proceed(element, property);
+            return val === null ? memo : memo - parseInt(val, 10);
+          }) + 'px';
+        default: return proceed(element, style);
+      }
+    }
+  );
 
-      default: return getStyle(element, style);
+  Element.Methods.readAttribute = Element.Methods.readAttribute.wrap(
+    function(proceed, element, attribute) {
+      if (attribute === 'title') return element.title;
+      return proceed(element, attribute);
     }
-  }
+  );
+}
 
-  function getStyle_IE(element, style) {
+else if (Prototype.Browser.IE) {
+  Element.Methods.getStyle = function(element, style) {
     element = $(element);
-    style = normalizeStyleName_IE(style);
-
+    style = (style == 'float' || style == 'cssFloat') ? 'styleFloat' : style.camelize();
     var value = element.style[style];
-    if (!value && element.currentStyle) {
-      value = element.currentStyle[style];
-    }
+    if (!value && element.currentStyle) value = element.currentStyle[style];
 
-    if (style === 'opacity') {
-      if (!STANDARD_CSS_OPACITY_SUPPORTED)
-        return getOpacity_IE(element);
-      else return value ? parseFloat(value) : 1.0;
+    if (style == 'opacity') {
+      if (value = (element.getStyle('filter') || '').match(/alpha\(opacity=(.*)\)/))
+        if (value[1]) return parseFloat(value[1]) / 100;
+      return 1.0;
     }
 
-    if (value === 'auto') {
-      if ((style === 'width' || style === 'height') && Element.visible(element))
-        return Element.measure(element, style) + 'px';
+    if (value == 'auto') {
+      if ((style == 'width' || style == 'height') && (element.getStyle('display') != 'none'))
+        return element['offset' + style.capitalize()] + 'px';
       return null;
     }
-
     return value;
-  }
+  };
 
-  function stripAlphaFromFilter_IE(filter) {
-    return (filter || '').replace(/alpha\([^\)]*\)/gi, '');
-  }
+  Element.Methods.setOpacity = function(element, value) {
+    function stripAlpha(filter){
+      return filter.replace(/alpha\([^\)]*\)/gi,'');
+    }
+    element = $(element);
+    var currentStyle = element.currentStyle;
+    if ((currentStyle && !currentStyle.hasLayout) ||
+      (!currentStyle && element.style.zoom == 'normal'))
+        element.style.zoom = 1;
 
-  function hasLayout_IE(element) {
-    if (!element.currentStyle || !element.currentStyle.hasLayout)
-      element.style.zoom = 1;
+    var filter = element.getStyle('filter'), style = element.style;
+    if (value == 1 || value === '') {
+      (filter = stripAlpha(filter)) ?
+        style.filter = filter : style.removeAttribute('filter');
+      return element;
+    } else if (value < 0.00001) value = 0;
+    style.filter = stripAlpha(filter) +
+      'alpha(opacity=' + (value * 100) + ')';
     return element;
-  }
+  };
 
-  var STANDARD_CSS_OPACITY_SUPPORTED = (function() {
-    DIV.style.cssText = "opacity:.55";
-    return /^0.55/.test(DIV.style.opacity);
-  })();
+  Element._attributeTranslations = (function(){
 
-  function setOpacity(element, value) {
-    element = $(element);
-    if (value == 1 || value === '') value = '';
-    else if (value < 0.00001) value = 0;
-    element.style.opacity = value;
-    return element;
-  }
+    var classProp = 'className',
+        forProp = 'for',
+        el = document.createElement('div');
 
-  function setOpacity_IE(element, value) {
-    if (STANDARD_CSS_OPACITY_SUPPORTED)
-      return setOpacity(element, value);
+    el.setAttribute(classProp, 'x');
+
+    if (el.className !== 'x') {
+      el.setAttribute('class', 'x');
+      if (el.className === 'x') {
+        classProp = 'class';
+      }
+    }
+    el = null;
 
-    element = hasLayout_IE($(element));
-    var filter = Element.getStyle(element, 'filter'),
-     style = element.style;
+    el = document.createElement('label');
+    el.setAttribute(forProp, 'x');
+    if (el.htmlFor !== 'x') {
+      el.setAttribute('htmlFor', 'x');
+      if (el.htmlFor === 'x') {
+        forProp = 'htmlFor';
+      }
+    }
+    el = null;
 
-    if (value == 1 || value === '') {
-      filter = stripAlphaFromFilter_IE(filter);
-      if (filter) style.filter = filter;
-      else style.removeAttribute('filter');
-      return element;
+    return {
+      read: {
+        names: {
+          'class':      classProp,
+          'className':  classProp,
+          'for':        forProp,
+          'htmlFor':    forProp
+        },
+        values: {
+          _getAttr: function(element, attribute) {
+            return element.getAttribute(attribute);
+          },
+          _getAttr2: function(element, attribute) {
+            return element.getAttribute(attribute, 2);
+          },
+          _getAttrNode: function(element, attribute) {
+            var node = element.getAttributeNode(attribute);
+            return node ? node.value : "";
+          },
+          _getEv: (function(){
+
+            var el = document.createElement('div'), f;
+            el.onclick = Prototype.emptyFunction;
+            var value = el.getAttribute('onclick');
+
+            if (String(value).indexOf('{') > -1) {
+              f = function(element, attribute) {
+                attribute = element.getAttribute(attribute);
+                if (!attribute) return null;
+                attribute = attribute.toString();
+                attribute = attribute.split('{')[1];
+                attribute = attribute.split('}')[0];
+                return attribute.strip();
+              };
+            }
+            else if (value === '') {
+              f = function(element, attribute) {
+                attribute = element.getAttribute(attribute);
+                if (!attribute) return null;
+                return attribute.strip();
+              };
+            }
+            el = null;
+            return f;
+          })(),
+          _flag: function(element, attribute) {
+            return $(element).hasAttribute(attribute) ? attribute : null;
+          },
+          style: function(element) {
+            return element.style.cssText.toLowerCase();
+          },
+          title: function(element) {
+            return element.title;
+          }
+        }
+      }
     }
+  })();
 
-    if (value < 0.00001) value = 0;
+  Element._attributeTranslations.write = {
+    names: Object.extend({
+      cellpadding: 'cellPadding',
+      cellspacing: 'cellSpacing'
+    }, Element._attributeTranslations.read.names),
+    values: {
+      checked: function(element, value) {
+        element.checked = !!value;
+      },
 
-    style.filter = stripAlphaFromFilter_IE(filter) +
-     ' alpha(opacity=' + (value * 100) + ')';
+      style: function(element, value) {
+        element.style.cssText = value ? value : '';
+      }
+    }
+  };
 
-    return element;
-  }
+  Element._attributeTranslations.has = {};
 
+  $w('colSpan rowSpan vAlign dateTime accessKey tabIndex ' +
+      'encType maxLength readOnly longDesc frameBorder').each(function(attr) {
+    Element._attributeTranslations.write.names[attr.toLowerCase()] = attr;
+    Element._attributeTranslations.has[attr.toLowerCase()] = attr;
+  });
 
-  function getOpacity(element) {
-    return Element.getStyle(element, 'opacity');
-  }
+  (function(v) {
+    Object.extend(v, {
+      href:        v._getAttr2,
+      src:         v._getAttr2,
+      type:        v._getAttr,
+      action:      v._getAttrNode,
+      disabled:    v._flag,
+      checked:     v._flag,
+      readonly:    v._flag,
+      multiple:    v._flag,
+      onload:      v._getEv,
+      onunload:    v._getEv,
+      onclick:     v._getEv,
+      ondblclick:  v._getEv,
+      onmousedown: v._getEv,
+      onmouseup:   v._getEv,
+      onmouseover: v._getEv,
+      onmousemove: v._getEv,
+      onmouseout:  v._getEv,
+      onfocus:     v._getEv,
+      onblur:      v._getEv,
+      onkeypress:  v._getEv,
+      onkeydown:   v._getEv,
+      onkeyup:     v._getEv,
+      onsubmit:    v._getEv,
+      onreset:     v._getEv,
+      onselect:    v._getEv,
+      onchange:    v._getEv
+    });
+  })(Element._attributeTranslations.read.values);
 
-  function getOpacity_IE(element) {
-    if (STANDARD_CSS_OPACITY_SUPPORTED)
-      return getOpacity(element);
+  if (Prototype.BrowserFeatures.ElementExtensions) {
+    (function() {
+      function _descendants(element) {
+        var nodes = element.getElementsByTagName('*'), results = [];
+        for (var i = 0, node; node = nodes[i]; i++)
+          if (node.tagName !== "!") // Filter out comment nodes.
+            results.push(node);
+        return results;
+      }
 
-    var filter = Element.getStyle(element, 'filter');
-    if (filter.length === 0) return 1.0;
-    var match = (filter || '').match(/alpha\(opacity=(.*)\)/i);
-    if (match && match[1]) return parseFloat(match[1]) / 100;
-    return 1.0;
+      Element.Methods.down = function(element, expression, index) {
+        element = $(element);
+        if (arguments.length == 1) return element.firstDescendant();
+        return Object.isNumber(expression) ? _descendants(element)[expression] :
+          Element.select(element, expression)[index || 0];
+      }
+    })();
   }
 
+}
 
-  Object.extend(methods, {
-    setStyle:   setStyle,
-    getStyle:   getStyle,
-    setOpacity: setOpacity,
-    getOpacity: getOpacity
-  });
-
-  if ('styleFloat' in DIV.style) {
-    methods.getStyle = getStyle_IE;
-    methods.setOpacity = setOpacity_IE;
-    methods.getOpacity = getOpacity_IE;
-  }
+else if (Prototype.Browser.Gecko && /rv:1\.8\.0/.test(navigator.userAgent)) {
+  Element.Methods.setOpacity = function(element, value) {
+    element = $(element);
+    element.style.opacity = (value == 1) ? 0.999999 :
+      (value === '') ? '' : (value < 0.00001) ? 0 : value;
+    return element;
+  };
+}
 
-  var UID = 0;
+else if (Prototype.Browser.WebKit) {
+  Element.Methods.setOpacity = function(element, value) {
+    element = $(element);
+    element.style.opacity = (value == 1 || value === '') ? '' :
+      (value < 0.00001) ? 0 : value;
+
+    if (value == 1)
+      if (element.tagName.toUpperCase() == 'IMG' && element.width) {
+        element.width++; element.width--;
+      } else try {
+        var n = document.createTextNode(' ');
+        element.appendChild(n);
+        element.removeChild(n);
+      } catch (e) { }
 
-  GLOBAL.Element.Storage = { UID: 1 };
+    return element;
+  };
+}
 
-  function getUniqueElementID(element) {
-    if (element === window) return 0;
+if ('outerHTML' in document.documentElement) {
+  Element.Methods.replace = function(element, content) {
+    element = $(element);
 
-    if (typeof element._prototypeUID === 'undefined')
-      element._prototypeUID = Element.Storage.UID++;
-    return element._prototypeUID;
-  }
+    if (content && content.toElement) content = content.toElement();
+    if (Object.isElement(content)) {
+      element.parentNode.replaceChild(content, element);
+      return element;
+    }
 
-  function getUniqueElementID_IE(element) {
-    if (element === window) return 0;
-    if (element == document) return 1;
-    return element.uniqueID;
-  }
+    content = Object.toHTML(content);
+    var parent = element.parentNode, tagName = parent.tagName.toUpperCase();
 
-  var HAS_UNIQUE_ID_PROPERTY = ('uniqueID' in DIV);
-  if (HAS_UNIQUE_ID_PROPERTY)
-    getUniqueElementID = getUniqueElementID_IE;
+    if (Element._insertionTranslations.tags[tagName]) {
+      var nextSibling = element.next(),
+          fragments = Element._getContentFromAnonymousElement(tagName, content.stripScripts());
+      parent.removeChild(element);
+      if (nextSibling)
+        fragments.each(function(node) { parent.insertBefore(node, nextSibling) });
+      else
+        fragments.each(function(node) { parent.appendChild(node) });
+    }
+    else element.outerHTML = content.stripScripts();
 
-  function getStorage(element) {
-    if (!(element = $(element))) return;
+    content.evalScripts.bind(content).defer();
+    return element;
+  };
+}
 
-    var uid = getUniqueElementID(element);
+Element._returnOffset = function(l, t) {
+  var result = [l, t];
+  result.left = l;
+  result.top = t;
+  return result;
+};
 
-    if (!Element.Storage[uid])
-      Element.Storage[uid] = $H();
+Element._getContentFromAnonymousElement = function(tagName, html, force) {
+  var div = new Element('div'),
+      t = Element._insertionTranslations.tags[tagName];
 
-    return Element.Storage[uid];
+  var workaround = false;
+  if (t) workaround = true;
+  else if (force) {
+    workaround = true;
+    t = ['', '', 0];
   }
 
-  function store(element, key, value) {
-    if (!(element = $(element))) return;
-    var storage = getStorage(element);
-    if (arguments.length === 2) {
-      storage.update(key);
-    } else {
-      storage.set(key, value);
+  if (workaround) {
+    div.innerHTML = '&nbsp;' + t[0] + html + t[1];
+    div.removeChild(div.firstChild);
+    for (var i = t[2]; i--; ) {
+      div = div.firstChild;
     }
-    return element;
   }
+  else {
+    div.innerHTML = html;
+  }
+  return $A(div.childNodes);
+};
 
-  function retrieve(element, key, defaultValue) {
-    if (!(element = $(element))) return;
-    var storage = getStorage(element), value = storage.get(key);
+Element._insertionTranslations = {
+  before: function(element, node) {
+    element.parentNode.insertBefore(node, element);
+  },
+  top: function(element, node) {
+    element.insertBefore(node, element.firstChild);
+  },
+  bottom: function(element, node) {
+    element.appendChild(node);
+  },
+  after: function(element, node) {
+    element.parentNode.insertBefore(node, element.nextSibling);
+  },
+  tags: {
+    TABLE:  ['<table>',                '</table>',                   1],
+    TBODY:  ['<table><tbody>',         '</tbody></table>',           2],
+    TR:     ['<table><tbody><tr>',     '</tr></tbody></table>',      3],
+    TD:     ['<table><tbody><tr><td>', '</td></tr></tbody></table>', 4],
+    SELECT: ['<select>',               '</select>',                  1]
+  }
+};
 
-    if (Object.isUndefined(value)) {
-      storage.set(key, defaultValue);
-      value = defaultValue;
-    }
+(function() {
+  var tags = Element._insertionTranslations.tags;
+  Object.extend(tags, {
+    THEAD: tags.TBODY,
+    TFOOT: tags.TBODY,
+    TH:    tags.TD
+  });
+})();
 
-    return value;
+Element.Methods.Simulated = {
+  hasAttribute: function(element, attribute) {
+    attribute = Element._attributeTranslations.has[attribute] || attribute;
+    var node = $(element).getAttributeNode(attribute);
+    return !!(node && node.specified);
   }
+};
 
+Element.Methods.ByTag = { };
 
-  Object.extend(methods, {
-    getStorage: getStorage,
-    store:      store,
-    retrieve:   retrieve
-  });
-
+Object.extend(Element, Element.Methods);
 
-  var Methods = {}, ByTag = Element.Methods.ByTag,
-   F = Prototype.BrowserFeatures;
+(function(div) {
 
-  if (!F.ElementExtensions && ('__proto__' in DIV)) {
-    GLOBAL.HTMLElement = {};
-    GLOBAL.HTMLElement.prototype = DIV['__proto__'];
-    F.ElementExtensions = true;
+  if (!Prototype.BrowserFeatures.ElementExtensions && div['__proto__']) {
+    window.HTMLElement = { };
+    window.HTMLElement.prototype = div['__proto__'];
+    Prototype.BrowserFeatures.ElementExtensions = true;
   }
 
-  function checkElementPrototypeDeficiency(tagName) {
-    if (typeof window.Element === 'undefined') return false;
-    if (!HAS_EXTENDED_CREATE_ELEMENT_SYNTAX) return false;
-    var proto = window.Element.prototype;
-    if (proto) {
-      var id = '_' + (Math.random() + '').slice(2),
-       el = document.createElement(tagName);
-      proto[id] = 'x';
-      var isBuggy = (el[id] !== 'x');
-      delete proto[id];
-      el = null;
-      return isBuggy;
-    }
+  div = null;
+
+})(document.createElement('div'));
 
+Element.extend = (function() {
+
+  function checkDeficiency(tagName) {
+    if (typeof window.Element != 'undefined') {
+      var proto = window.Element.prototype;
+      if (proto) {
+        var id = '_' + (Math.random()+'').slice(2),
+            el = document.createElement(tagName);
+        proto[id] = 'x';
+        var isBuggy = (el[id] !== 'x');
+        delete proto[id];
+        el = null;
+        return isBuggy;
+      }
+    }
     return false;
   }
 
-  var HTMLOBJECTELEMENT_PROTOTYPE_BUGGY =
-   checkElementPrototypeDeficiency('object');
-
   function extendElementWith(element, methods) {
     for (var property in methods) {
       var value = methods[property];
@@ -3315,52 +2907,98 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
     }
   }
 
-  var EXTENDED = {};
-  function elementIsExtended(element) {
-    var uid = getUniqueElementID(element);
-    return (uid in EXTENDED);
+  var HTMLOBJECTELEMENT_PROTOTYPE_BUGGY = checkDeficiency('object');
+
+  if (Prototype.BrowserFeatures.SpecificElementExtensions) {
+    if (HTMLOBJECTELEMENT_PROTOTYPE_BUGGY) {
+      return function(element) {
+        if (element && typeof element._extendedByPrototype == 'undefined') {
+          var t = element.tagName;
+          if (t && (/^(?:object|applet|embed)$/i.test(t))) {
+            extendElementWith(element, Element.Methods);
+            extendElementWith(element, Element.Methods.Simulated);
+            extendElementWith(element, Element.Methods.ByTag[t.toUpperCase()]);
+          }
+        }
+        return element;
+      }
+    }
+    return Prototype.K;
   }
 
-  function extend(element) {
-    if (!element || elementIsExtended(element)) return element;
-    if (element.nodeType !== Node.ELEMENT_NODE || element == window)
-      return element;
+  var Methods = { }, ByTag = Element.Methods.ByTag;
+
+  var extend = Object.extend(function(element) {
+    if (!element || typeof element._extendedByPrototype != 'undefined' ||
+        element.nodeType != 1 || element == window) return element;
 
     var methods = Object.clone(Methods),
-     tagName = element.tagName.toUpperCase();
+        tagName = element.tagName.toUpperCase();
 
     if (ByTag[tagName]) Object.extend(methods, ByTag[tagName]);
 
     extendElementWith(element, methods);
-    EXTENDED[getUniqueElementID(element)] = true;
-    return element;
-  }
 
-  function extend_IE8(element) {
-    if (!element || elementIsExtended(element)) return element;
+    element._extendedByPrototype = Prototype.emptyFunction;
+    return element;
 
-    var t = element.tagName;
-    if (t && (/^(?:object|applet|embed)$/i.test(t))) {
-      extendElementWith(element, Element.Methods);
-      extendElementWith(element, Element.Methods.Simulated);
-      extendElementWith(element, Element.Methods.ByTag[t.toUpperCase()]);
+  }, {
+    refresh: function() {
+      if (!Prototype.BrowserFeatures.ElementExtensions) {
+        Object.extend(Methods, Element.Methods);
+        Object.extend(Methods, Element.Methods.Simulated);
+      }
     }
+  });
 
-    return element;
+  extend.refresh();
+  return extend;
+})();
+
+if (document.documentElement.hasAttribute) {
+  Element.hasAttribute = function(element, attribute) {
+    return element.hasAttribute(attribute);
+  };
+}
+else {
+  Element.hasAttribute = Element.Methods.Simulated.hasAttribute;
+}
+
+Element.addMethods = function(methods) {
+  var F = Prototype.BrowserFeatures, T = Element.Methods.ByTag;
+
+  if (!methods) {
+    Object.extend(Form, Form.Methods);
+    Object.extend(Form.Element, Form.Element.Methods);
+    Object.extend(Element.Methods.ByTag, {
+      "FORM":     Object.clone(Form.Methods),
+      "INPUT":    Object.clone(Form.Element.Methods),
+      "SELECT":   Object.clone(Form.Element.Methods),
+      "TEXTAREA": Object.clone(Form.Element.Methods),
+      "BUTTON":   Object.clone(Form.Element.Methods)
+    });
   }
 
-  if (F.SpecificElementExtensions) {
-    extend = HTMLOBJECTELEMENT_PROTOTYPE_BUGGY ? extend_IE8 : Prototype.K;
+  if (arguments.length == 2) {
+    var tagName = methods;
+    methods = arguments[1];
   }
 
-  function addMethodsToTagName(tagName, methods) {
+  if (!tagName) Object.extend(Element.Methods, methods || { });
+  else {
+    if (Object.isArray(tagName)) tagName.each(extend);
+    else extend(tagName);
+  }
+
+  function extend(tagName) {
     tagName = tagName.toUpperCase();
-    if (!ByTag[tagName]) ByTag[tagName] = {};
-    Object.extend(ByTag[tagName], methods);
+    if (!Element.Methods.ByTag[tagName])
+      Element.Methods.ByTag[tagName] = { };
+    Object.extend(Element.Methods.ByTag[tagName], methods);
   }
 
-  function mergeMethods(destination, methods, onlyIfAbsent) {
-    if (Object.isUndefined(onlyIfAbsent)) onlyIfAbsent = false;
+  function copy(methods, destination, onlyIfAbsent) {
+    onlyIfAbsent = onlyIfAbsent || false;
     for (var property in methods) {
       var value = methods[property];
       if (!Object.isFunction(value)) continue;
@@ -3390,150 +3028,169 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
     if (window[klass]) return window[klass];
 
     var element = document.createElement(tagName),
-     proto = element['__proto__'] || element.constructor.prototype;
+        proto = element['__proto__'] || element.constructor.prototype;
 
     element = null;
     return proto;
   }
 
-  function addMethods(methods) {
-    if (arguments.length === 0) addFormMethods();
+  var elementPrototype = window.HTMLElement ? HTMLElement.prototype :
+   Element.prototype;
 
-    if (arguments.length === 2) {
-      var tagName = methods;
-      methods = arguments[1];
-    }
+  if (F.ElementExtensions) {
+    copy(Element.Methods, elementPrototype);
+    copy(Element.Methods.Simulated, elementPrototype, true);
+  }
 
-    if (!tagName) {
-      Object.extend(Element.Methods, methods || {});
-    } else {
-      if (Object.isArray(tagName)) {
-        for (var i = 0, tag; tag = tagName[i]; i++)
-          addMethodsToTagName(tag, methods);
-      } else {
-        addMethodsToTagName(tagName, methods);
-      }
+  if (F.SpecificElementExtensions) {
+    for (var tag in Element.Methods.ByTag) {
+      var klass = findDOMClass(tag);
+      if (Object.isUndefined(klass)) continue;
+      copy(T[tag], klass.prototype);
     }
+  }
 
-    var ELEMENT_PROTOTYPE = window.HTMLElement ? HTMLElement.prototype :
-     Element.prototype;
+  Object.extend(Element, Element.Methods);
+  delete Element.ByTag;
 
-    if (F.ElementExtensions) {
-      mergeMethods(ELEMENT_PROTOTYPE, Element.Methods);
-      mergeMethods(ELEMENT_PROTOTYPE, Element.Methods.Simulated, true);
-    }
+  if (Element.extend.refresh) Element.extend.refresh();
+  Element.cache = { };
+};
 
-    if (F.SpecificElementExtensions) {
-      for (var tag in Element.Methods.ByTag) {
-        var klass = findDOMClass(tag);
-        if (Object.isUndefined(klass)) continue;
-        mergeMethods(klass.prototype, ByTag[tag]);
-      }
-    }
 
-    Object.extend(Element, Element.Methods);
-    Object.extend(Element, Element.Methods.Simulated);
-    delete Element.ByTag;
-    delete Element.Simulated;
+document.viewport = {
 
-    Element.extend.refresh();
+  getDimensions: function() {
+    return { width: this.getWidth(), height: this.getHeight() };
+  },
 
-    ELEMENT_CACHE = {};
+  getScrollOffsets: function() {
+    return Element._returnOffset(
+      window.pageXOffset || document.documentElement.scrollLeft || document.body.scrollLeft,
+      window.pageYOffset || document.documentElement.scrollTop  || document.body.scrollTop);
   }
+};
 
-  Object.extend(GLOBAL.Element, {
-    extend:     extend,
-    addMethods: addMethods
-  });
+(function(viewport) {
+  var B = Prototype.Browser, doc = document, element, property = {};
 
-  if (extend === Prototype.K) {
-    GLOBAL.Element.extend.refresh = Prototype.emptyFunction;
-  } else {
-    GLOBAL.Element.extend.refresh = function() {
-      if (Prototype.BrowserFeatures.ElementExtensions) return;
-      Object.extend(Methods, Element.Methods);
-      Object.extend(Methods, Element.Methods.Simulated);
+  function getRootElement() {
+    if (B.WebKit && !doc.evaluate)
+      return document;
 
-      EXTENDED = {};
-    };
-  }
+    if (B.Opera && window.parseFloat(window.opera.version()) < 9.5)
+      return document.body;
 
-  function addFormMethods() {
-    Object.extend(Form, Form.Methods);
-    Object.extend(Form.Element, Form.Element.Methods);
-    Object.extend(Element.Methods.ByTag, {
-      "FORM":     Object.clone(Form.Methods),
-      "INPUT":    Object.clone(Form.Element.Methods),
-      "SELECT":   Object.clone(Form.Element.Methods),
-      "TEXTAREA": Object.clone(Form.Element.Methods),
-      "BUTTON":   Object.clone(Form.Element.Methods)
-    });
+    return document.documentElement;
   }
 
-  Element.addMethods(methods);
+  function define(D) {
+    if (!element) element = getRootElement();
+
+    property[D] = 'client' + D;
 
-  function destroyCache_IE() {
-    DIV = null;
-    ELEMENT_CACHE = null;
+    viewport['get' + D] = function() { return element[property[D]] };
+    return viewport['get' + D]();
   }
 
-  if (window.attachEvent)
-    window.attachEvent('onunload', destroyCache_IE);
+  viewport.getWidth  = define.curry('Width');
 
-})(this);
-(function() {
+  viewport.getHeight = define.curry('Height');
+})(document.viewport);
 
-  function toDecimal(pctString) {
-    var match = pctString.match(/^(\d+)%?$/i);
-    if (!match) return null;
-    return (Number(match[1]) / 100);
-  }
 
-  function getRawStyle(element, style) {
-    element = $(element);
+Element.Storage = {
+  UID: 1
+};
 
-    var value = element.style[style];
-    if (!value || value === 'auto') {
-      var css = document.defaultView.getComputedStyle(element, null);
-      value = css ? css[style] : null;
+Element.addMethods({
+  getStorage: function(element) {
+    if (!(element = $(element))) return;
+
+    var uid;
+    if (element === window) {
+      uid = 0;
+    } else {
+      if (typeof element._prototypeUID === "undefined")
+        element._prototypeUID = Element.Storage.UID++;
+      uid = element._prototypeUID;
     }
 
-    if (style === 'opacity') return value ? parseFloat(value) : 1.0;
-    return value === 'auto' ? null : value;
-  }
+    if (!Element.Storage[uid])
+      Element.Storage[uid] = $H();
 
-  function getRawStyle_IE(element, style) {
-    var value = element.style[style];
-    if (!value && element.currentStyle) {
-      value = element.currentStyle[style];
+    return Element.Storage[uid];
+  },
+
+  store: function(element, key, value) {
+    if (!(element = $(element))) return;
+
+    if (arguments.length === 2) {
+      Element.getStorage(element).update(key);
+    } else {
+      Element.getStorage(element).set(key, value);
+    }
+
+    return element;
+  },
+
+  retrieve: function(element, key, defaultValue) {
+    if (!(element = $(element))) return;
+    var hash = Element.getStorage(element), value = hash.get(key);
+
+    if (Object.isUndefined(value)) {
+      hash.set(key, defaultValue);
+      value = defaultValue;
     }
+
     return value;
-  }
+  },
 
-  function getContentWidth(element, context) {
-    var boxWidth = element.offsetWidth;
+  clone: function(element, deep) {
+    if (!(element = $(element))) return;
+    var clone = element.cloneNode(deep);
+    clone._prototypeUID = void 0;
+    if (deep) {
+      var descendants = Element.select(clone, '*'),
+          i = descendants.length;
+      while (i--) {
+        descendants[i]._prototypeUID = void 0;
+      }
+    }
+    return Element.extend(clone);
+  },
 
-    var bl = getPixelValue(element, 'borderLeftWidth',  context) || 0;
-    var br = getPixelValue(element, 'borderRightWidth', context) || 0;
-    var pl = getPixelValue(element, 'paddingLeft',      context) || 0;
-    var pr = getPixelValue(element, 'paddingRight',     context) || 0;
+  purge: function(element) {
+    if (!(element = $(element))) return;
+    var purgeElement = Element._purgeElement;
 
-    return boxWidth - bl - br - pl - pr;
-  }
+    purgeElement(element);
 
-  if (!Object.isUndefined(document.documentElement.currentStyle) && !Prototype.Browser.Opera) {
-    getRawStyle = getRawStyle_IE;
+    var descendants = element.getElementsByTagName('*'),
+     i = descendants.length;
+
+    while (i--) purgeElement(descendants[i]);
+
+    return null;
   }
+});
 
+(function() {
+
+  function toDecimal(pctString) {
+    var match = pctString.match(/^(\d+)%?$/i);
+    if (!match) return null;
+    return (Number(match[1]) / 100);
+  }
 
   function getPixelValue(value, property, context) {
     var element = null;
     if (Object.isElement(value)) {
       element = value;
-      value = getRawStyle(element, property);
+      value = element.getStyle(property);
     }
 
-    if (value === null || Object.isUndefined(value)) {
+    if (value === null) {
       return null;
     }
 
@@ -3556,12 +3213,14 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
 
     if (element && isPercentage) {
       context = context || element.parentNode;
-      var decimal = toDecimal(value), whole = null;
+      var decimal = toDecimal(value);
+      var whole = null;
+      var position = element.getStyle('position');
 
       var isHorizontal = property.include('left') || property.include('right') ||
        property.include('width');
 
-      var isVertical   = property.include('top') || property.include('bottom') ||
+      var isVertical =  property.include('top') || property.include('bottom') ||
         property.include('height');
 
       if (context === document.viewport) {
@@ -3585,12 +3244,14 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
   }
 
   function toCSSPixels(number) {
-    if (Object.isString(number) && number.endsWith('px'))
+    if (Object.isString(number) && number.endsWith('px')) {
       return number;
+    }
     return number + 'px';
   }
 
   function isDisplayed(element) {
+    var originalElement = element;
     while (element && element.parentNode) {
       var display = element.getStyle('display');
       if (display === 'none') {
@@ -3648,15 +3309,14 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
     },
 
     _begin: function() {
-      if (this._isPrepared()) return;
+      if (this._prepared) return;
 
       var element = this.element;
       if (isDisplayed(element)) {
-        this._setPrepared(true);
+        this._prepared = true;
         return;
       }
 
-
       var originalStyles = {
         position:   element.style.position   || '',
         width:      element.style.width      || '',
@@ -3666,30 +3326,30 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
 
       element.store('prototype_original_styles', originalStyles);
 
-      var position = getRawStyle(element, 'position'), width = element.offsetWidth;
+      var position = element.getStyle('position'),
+       width = element.getStyle('width');
 
-      if (width === 0 || width === null) {
+      if (width === "0px" || width === null) {
         element.style.display = 'block';
-        width = element.offsetWidth;
+        width = element.getStyle('width');
       }
 
       var context = (position === 'fixed') ? document.viewport :
        element.parentNode;
 
-      var tempStyles = {
+      element.setStyle({
+        position:   'absolute',
         visibility: 'hidden',
         display:    'block'
-      };
-
-      if (position !== 'fixed') tempStyles.position = 'absolute';
+      });
 
-      element.setStyle(tempStyles);
+      var positionedWidth = element.getStyle('width');
 
-      var positionedWidth = element.offsetWidth, newWidth;
+      var newWidth;
       if (width && (positionedWidth === width)) {
-        newWidth = getContentWidth(element, context);
+        newWidth = getPixelValue(element, 'width', context);
       } else if (position === 'absolute' || position === 'fixed') {
-        newWidth = getContentWidth(element, context);
+        newWidth = getPixelValue(element, 'width', context);
       } else {
         var parent = element.parentNode, pLayout = $(parent).getLayout();
 
@@ -3704,7 +3364,7 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
 
       element.setStyle({ width: newWidth + 'px' });
 
-      this._setPrepared(true);
+      this._prepared = true;
     },
 
     _end: function() {
@@ -3712,7 +3372,7 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
       var originalStyles = element.retrieve('prototype_original_styles');
       element.store('prototype_original_styles', null);
       element.setStyle(originalStyles);
-      this._setPrepared(false);
+      this._prepared = false;
     },
 
     _compute: function(property) {
@@ -3724,14 +3384,6 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
       return this._set(property, COMPUTATIONS[property].call(this, this.element));
     },
 
-    _isPrepared: function() {
-      return this.element.retrieve('prototype_element_layout_prepared', false);
-    },
-
-    _setPrepared: function(bool) {
-      return this.element.store('prototype_element_layout_prepared', bool);
-    },
-
     toObject: function() {
       var args = $A(arguments);
       var keys = (args.length === 0) ? Element.Layout.PROPERTIES :
@@ -3813,6 +3465,7 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
          pRight = this.get('padding-right');
 
         if (!this._preComputing) this._end();
+
         return bWidth - bLeft - bRight - pLeft - pRight;
       },
 
@@ -4003,14 +3656,6 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
     return $(element).getLayout().get(property);
   }
 
-  function getHeight(element) {
-    return Element.getDimensions(element).height;
-  }
-
-  function getWidth(element) {
-    return Element.getDimensions(element).width;
-  }
-
   function getDimensions(element) {
     element = $(element);
     var display = Element.getStyle(element, 'display');
@@ -4049,19 +3694,15 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
   function getOffsetParent(element) {
     element = $(element);
 
-    function selfOrBody(element) {
-      return isHtml(element) ? $(document.body) : $(element);
-    }
-
     if (isDocument(element) || isDetached(element) || isBody(element) || isHtml(element))
       return $(document.body);
 
     var isInline = (Element.getStyle(element, 'display') === 'inline');
-    if (!isInline && element.offsetParent) return selfOrBody(element.offsetParent);
+    if (!isInline && element.offsetParent) return $(element.offsetParent);
 
     while ((element = element.parentNode) && element !== document.body) {
       if (Element.getStyle(element, 'position') !== 'static') {
-        return selfOrBody(element);
+        return isHtml(element) ? $(document.body) : $(element);
       }
     }
 
@@ -4099,8 +3740,8 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
       }
     } while (element);
 
-    valueL -= layout.get('margin-left');
-    valueT -= layout.get('margin-top');
+    valueL -= layout.get('margin-top');
+    valueT -= layout.get('margin-left');
 
     return new Element.Offset(valueL, valueT);
   }
@@ -4108,24 +3749,17 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
   function cumulativeScrollOffset(element) {
     var valueT = 0, valueL = 0;
     do {
-      if (element === document.body) {
-        var bodyScrollNode = document.documentElement || document.body.parentNode || document.body;
-        valueT += !Object.isUndefined(window.pageYOffset) ? window.pageYOffset : bodyScrollNode.scrollTop || 0;
-        valueL += !Object.isUndefined(window.pageXOffset) ? window.pageXOffset : bodyScrollNode.scrollLeft || 0;
-        break;
-      } else {
-        valueT += element.scrollTop  || 0;
-        valueL += element.scrollLeft || 0;
-        element = element.parentNode;
-      }
+      valueT += element.scrollTop  || 0;
+      valueL += element.scrollLeft || 0;
+      element = element.parentNode;
     } while (element);
     return new Element.Offset(valueL, valueT);
   }
 
   function viewportOffset(forElement) {
+    element = $(element);
     var valueT = 0, valueL = 0, docBody = document.body;
 
-    forElement = $(forElement);
     var element = forElement;
     do {
       valueT += element.offsetTop  || 0;
@@ -4159,11 +3793,10 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
     var layout = element.getLayout();
 
     element.store('prototype_absolutize_original_styles', {
-      position: element.getStyle('position'),
-      left:     element.getStyle('left'),
-      top:      element.getStyle('top'),
-      width:    element.getStyle('width'),
-      height:   element.getStyle('height')
+      left:   element.getStyle('left'),
+      top:    element.getStyle('top'),
+      width:  element.getStyle('width'),
+      height: element.getStyle('height')
     });
 
     element.setStyle({
@@ -4190,142 +3823,6 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
     return element;
   }
 
-
-  function scrollTo(element) {
-    element = $(element);
-    var pos = Element.cumulativeOffset(element);
-    window.scrollTo(pos.left, pos.top);
-    return element;
-  }
-
-
-  function makePositioned(element) {
-    element = $(element);
-    var position = Element.getStyle(element, 'position'), styles = {};
-    if (position === 'static' || !position) {
-      styles.position = 'relative';
-      if (Prototype.Browser.Opera) {
-        styles.top  = 0;
-        styles.left = 0;
-      }
-      Element.setStyle(element, styles);
-      Element.store(element, 'prototype_made_positioned', true);
-    }
-    return element;
-  }
-
-  function undoPositioned(element) {
-    element = $(element);
-    var storage = Element.getStorage(element),
-     madePositioned = storage.get('prototype_made_positioned');
-
-    if (madePositioned) {
-      storage.unset('prototype_made_positioned');
-      Element.setStyle(element, {
-        position: '',
-        top:      '',
-        bottom:   '',
-        left:     '',
-        right:    ''
-      });
-    }
-    return element;
-  }
-
-  function makeClipping(element) {
-    element = $(element);
-
-    var storage = Element.getStorage(element),
-     madeClipping = storage.get('prototype_made_clipping');
-
-    if (Object.isUndefined(madeClipping)) {
-      var overflow = Element.getStyle(element, 'overflow');
-      storage.set('prototype_made_clipping', overflow);
-      if (overflow !== 'hidden')
-        element.style.overflow = 'hidden';
-    }
-
-    return element;
-  }
-
-  function undoClipping(element) {
-    element = $(element);
-    var storage = Element.getStorage(element),
-     overflow = storage.get('prototype_made_clipping');
-
-    if (!Object.isUndefined(overflow)) {
-      storage.unset('prototype_made_clipping');
-      element.style.overflow = overflow || '';
-    }
-
-    return element;
-  }
-
-  function clonePosition(element, source, options) {
-    options = Object.extend({
-      setLeft:    true,
-      setTop:     true,
-      setWidth:   true,
-      setHeight:  true,
-      offsetTop:  0,
-      offsetLeft: 0
-    }, options || {});
-
-    var docEl = document.documentElement;
-
-    source  = $(source);
-    element = $(element);
-    var p, delta, layout, styles = {};
-
-    if (options.setLeft || options.setTop) {
-      p = Element.viewportOffset(source);
-      delta = [0, 0];
-      if (Element.getStyle(element, 'position') === 'absolute') {
-        var parent = Element.getOffsetParent(element);
-        if (parent !== document.body) delta = Element.viewportOffset(parent);
-      }
-    }
-
-    function pageScrollXY() {
-      var x = 0, y = 0;
-      if (Object.isNumber(window.pageXOffset)) {
-        x = window.pageXOffset;
-        y = window.pageYOffset;
-      } else if (document.body && (document.body.scrollLeft || document.body.scrollTop)) {
-        x = document.body.scrollLeft;
-        y = document.body.scrollTop;
-      } else if (docEl && (docEl.scrollLeft || docEl.scrollTop)) {
-        x = docEl.scrollLeft;
-        y = docEl.scrollTop;
-      }
-      return { x: x, y: y };
-    }
-
-    var pageXY = pageScrollXY();
-
-
-    if (options.setWidth || options.setHeight) {
-      layout = Element.getLayout(source);
-    }
-
-    if (options.setLeft)
-      styles.left = (p[0] + pageXY.x - delta[0] + options.offsetLeft) + 'px';
-    if (options.setTop)
-      styles.top  = (p[1] + pageXY.y - delta[1] + options.offsetTop)  + 'px';
-
-    var currentLayout = element.getLayout();
-
-    if (options.setWidth) {
-      styles.width = layout.get('width')  + 'px';
-    }
-    if (options.setHeight) {
-      styles.height = layout.get('height') + 'px';
-    }
-
-    return Element.setStyle(element, styles);
-  }
-
-
   if (Prototype.Browser.IE) {
     getOffsetParent = getOffsetParent.wrap(
       function(proceed, element) {
@@ -4366,9 +3863,8 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
       do {
         valueT += element.offsetTop  || 0;
         valueL += element.offsetLeft || 0;
-        if (element.offsetParent == document.body) {
+        if (element.offsetParent == document.body)
           if (Element.getStyle(element, 'position') == 'absolute') break;
-        }
 
         element = element.offsetParent;
       } while (element);
@@ -4381,8 +3877,6 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
   Element.addMethods({
     getLayout:              getLayout,
     measure:                measure,
-    getWidth:               getWidth,
-    getHeight:              getHeight,
     getDimensions:          getDimensions,
     getOffsetParent:        getOffsetParent,
     cumulativeOffset:       cumulativeOffset,
@@ -4390,13 +3884,7 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
     cumulativeScrollOffset: cumulativeScrollOffset,
     viewportOffset:         viewportOffset,
     absolutize:             absolutize,
-    relativize:             relativize,
-    scrollTo:               scrollTo,
-    makePositioned:         makePositioned,
-    undoPositioned:         undoPositioned,
-    makeClipping:           makeClipping,
-    undoClipping:           undoClipping,
-    clonePosition:          clonePosition
+    relativize:             relativize
   });
 
   function isBody(element) {
@@ -4429,49 +3917,6 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
       }
     });
   }
-
-
-})();
-
-(function() {
-
-  var IS_OLD_OPERA = Prototype.Browser.Opera &&
-   (window.parseFloat(window.opera.version()) < 9.5);
-  var ROOT = null;
-  function getRootElement() {
-    if (ROOT) return ROOT;
-    ROOT = IS_OLD_OPERA ? document.body : document.documentElement;
-    return ROOT;
-  }
-
-  function getDimensions() {
-    return { width: this.getWidth(), height: this.getHeight() };
-  }
-
-  function getWidth() {
-    return getRootElement().clientWidth;
-  }
-
-  function getHeight() {
-    return getRootElement().clientHeight;
-  }
-
-  function getScrollOffsets() {
-    var x = window.pageXOffset || document.documentElement.scrollLeft ||
-     document.body.scrollLeft;
-    var y = window.pageYOffset || document.documentElement.scrollTop ||
-     document.body.scrollTop;
-
-    return new Element.Offset(x, y);
-  }
-
-  document.viewport = {
-    getDimensions:    getDimensions,
-    getWidth:         getWidth,
-    getHeight:        getHeight,
-    getScrollOffsets: getScrollOffsets
-  };
-
 })();
 window.$$ = function() {
   var expression = $A(arguments).join(', ');
@@ -4518,1775 +3963,982 @@ Prototype.Selector = (function() {
   };
 })();
 Prototype._original_property = window.Sizzle;
-
-;(function () {
-  function fakeDefine(fn) {
-    Prototype._actual_sizzle = fn();
-  }
-  fakeDefine.amd = true;
-
-  if (typeof define !== 'undefined' && define.amd) {
-    Prototype._original_define = define;
-    Prototype._actual_sizzle = null;
-    window.define = fakeDefine;
-  }
-})();
-
 /*!
- * Sizzle CSS Selector Engine v1.10.18
- * http://sizzlejs.com/
- *
- * Copyright 2013 jQuery Foundation, Inc. and other contributors
- * Released under the MIT license
- * http://jquery.org/license
- *
- * Date: 2014-02-05
+ * Sizzle CSS Selector Engine - v1.0
+ *  Copyright 2009, The Dojo Foundation
+ *  Released under the MIT, BSD, and GPL Licenses.
+ *  More information: http://sizzlejs.com/
  */
-(function( window ) {
-
-var i,
-	support,
-	Expr,
-	getText,
-	isXML,
-	compile,
-	select,
-	outermostContext,
-	sortInput,
-	hasDuplicate,
-
-	setDocument,
-	document,
-	docElem,
-	documentIsHTML,
-	rbuggyQSA,
-	rbuggyMatches,
-	matches,
-	contains,
-
-	expando = "sizzle" + -(new Date()),
-	preferredDoc = window.document,
-	dirruns = 0,
-	done = 0,
-	classCache = createCache(),
-	tokenCache = createCache(),
-	compilerCache = createCache(),
-	sortOrder = function( a, b ) {
-		if ( a === b ) {
-			hasDuplicate = true;
-		}
-		return 0;
-	},
-
-	strundefined = typeof undefined,
-	MAX_NEGATIVE = 1 << 31,
-
-	hasOwn = ({}).hasOwnProperty,
-	arr = [],
-	pop = arr.pop,
-	push_native = arr.push,
-	push = arr.push,
-	slice = arr.slice,
-	indexOf = arr.indexOf || function( elem ) {
-		var i = 0,
-			len = this.length;
-		for ( ; i < len; i++ ) {
-			if ( this[i] === elem ) {
-				return i;
-			}
-		}
-		return -1;
-	},
-
-	booleans = "checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|ismap|loop|multiple|open|readonly|required|scoped",
-
-
-	whitespace = "[\\x20\\t\\r\\n\\f]",
-	characterEncoding = "(?:\\\\.|[\\w-]|[^\\x00-\\xa0])+",
-
-	identifier = characterEncoding.replace( "w", "w#" ),
-
-	attributes = "\\[" + whitespace + "*(" + characterEncoding + ")" + whitespace +
-		"*(?:([*^$|!~]?=)" + whitespace + "*(?:(['\"])((?:\\\\.|[^\\\\])*?)\\3|(" + identifier + ")|)|)" + whitespace + "*\\]",
-
-	pseudos = ":(" + characterEncoding + ")(?:\\(((['\"])((?:\\\\.|[^\\\\])*?)\\3|((?:\\\\.|[^\\\\()[\\]]|" + attributes.replace( 3, 8 ) + ")*)|.*)\\)|)",
-
-	rtrim = new RegExp( "^" + whitespace + "+|((?:^|[^\\\\])(?:\\\\.)*)" + whitespace + "+$", "g" ),
-
-	rcomma = new RegExp( "^" + whitespace + "*," + whitespace + "*" ),
-	rcombinators = new RegExp( "^" + whitespace + "*([>+~]|" + whitespace + ")" + whitespace + "*" ),
-
-	rattributeQuotes = new RegExp( "=" + whitespace + "*([^\\]'\"]*?)" + whitespace + "*\\]", "g" ),
-
-	rpseudo = new RegExp( pseudos ),
-	ridentifier = new RegExp( "^" + identifier + "$" ),
+(function(){
 
-	matchExpr = {
-		"ID": new RegExp( "^#(" + characterEncoding + ")" ),
-		"CLASS": new RegExp( "^\\.(" + characterEncoding + ")" ),
-		"TAG": new RegExp( "^(" + characterEncoding.replace( "w", "w*" ) + ")" ),
-		"ATTR": new RegExp( "^" + attributes ),
-		"PSEUDO": new RegExp( "^" + pseudos ),
-		"CHILD": new RegExp( "^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\(" + whitespace +
-			"*(even|odd|(([+-]|)(\\d*)n|)" + whitespace + "*(?:([+-]|)" + whitespace +
-			"*(\\d+)|))" + whitespace + "*\\)|)", "i" ),
-		"bool": new RegExp( "^(?:" + booleans + ")$", "i" ),
-		"needsContext": new RegExp( "^" + whitespace + "*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\(" +
-			whitespace + "*((?:-\\d)?\\d*)" + whitespace + "*\\)|)(?=[^-]|$)", "i" )
-	},
-
-	rinputs = /^(?:input|select|textarea|button)$/i,
-	rheader = /^h\d$/i,
-
-	rnative = /^[^{]+\{\s*\[native \w/,
-
-	rquickExpr = /^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,
-
-	rsibling = /[+~]/,
-	rescape = /'|\\/g,
-
-	runescape = new RegExp( "\\\\([\\da-f]{1,6}" + whitespace + "?|(" + whitespace + ")|.)", "ig" ),
-	funescape = function( _, escaped, escapedWhitespace ) {
-		var high = "0x" + escaped - 0x10000;
-		return high !== high || escapedWhitespace ?
-			escaped :
-			high < 0 ?
-				String.fromCharCode( high + 0x10000 ) :
-				String.fromCharCode( high >> 10 | 0xD800, high & 0x3FF | 0xDC00 );
-	};
-
-try {
-	push.apply(
-		(arr = slice.call( preferredDoc.childNodes )),
-		preferredDoc.childNodes
-	);
-	arr[ preferredDoc.childNodes.length ].nodeType;
-} catch ( e ) {
-	push = { apply: arr.length ?
-
-		function( target, els ) {
-			push_native.apply( target, slice.call(els) );
-		} :
-
-		function( target, els ) {
-			var j = target.length,
-				i = 0;
-			while ( (target[j++] = els[i++]) ) {}
-			target.length = j - 1;
-		}
-	};
-}
-
-function Sizzle( selector, context, results, seed ) {
-	var match, elem, m, nodeType,
-		i, groups, old, nid, newContext, newSelector;
+var chunker = /((?:\((?:\([^()]+\)|[^()]+)+\)|\[(?:\[[^[\]]*\]|['"][^'"]*['"]|[^[\]'"]+)+\]|\\.|[^ >+~,(\[\\]+)+|[>+~])(\s*,\s*)?((?:.|\r|\n)*)/g,
+	done = 0,
+	toString = Object.prototype.toString,
+	hasDuplicate = false,
+	baseHasDuplicate = true;
 
-	if ( ( context ? context.ownerDocument || context : preferredDoc ) !== document ) {
-		setDocument( context );
-	}
+[0, 0].sort(function(){
+	baseHasDuplicate = false;
+	return 0;
+});
 
-	context = context || document;
+var Sizzle = function(selector, context, results, seed) {
 	results = results || [];
+	var origContext = context = context || document;
 
-	if ( !selector || typeof selector !== "string" ) {
-		return results;
-	}
-
-	if ( (nodeType = context.nodeType) !== 1 && nodeType !== 9 ) {
+	if ( context.nodeType !== 1 && context.nodeType !== 9 ) {
 		return [];
 	}
 
-	if ( documentIsHTML && !seed ) {
-
-		if ( (match = rquickExpr.exec( selector )) ) {
-			if ( (m = match[1]) ) {
-				if ( nodeType === 9 ) {
-					elem = context.getElementById( m );
-					if ( elem && elem.parentNode ) {
-						if ( elem.id === m ) {
-							results.push( elem );
-							return results;
-						}
-					} else {
-						return results;
-					}
-				} else {
-					if ( context.ownerDocument && (elem = context.ownerDocument.getElementById( m )) &&
-						contains( context, elem ) && elem.id === m ) {
-						results.push( elem );
-						return results;
-					}
-				}
-
-			} else if ( match[2] ) {
-				push.apply( results, context.getElementsByTagName( selector ) );
-				return results;
-
-			} else if ( (m = match[3]) && support.getElementsByClassName && context.getElementsByClassName ) {
-				push.apply( results, context.getElementsByClassName( m ) );
-				return results;
-			}
-		}
-
-		if ( support.qsa && (!rbuggyQSA || !rbuggyQSA.test( selector )) ) {
-			nid = old = expando;
-			newContext = context;
-			newSelector = nodeType === 9 && selector;
-
-			if ( nodeType === 1 && context.nodeName.toLowerCase() !== "object" ) {
-				groups = tokenize( selector );
-
-				if ( (old = context.getAttribute("id")) ) {
-					nid = old.replace( rescape, "\\$&" );
-				} else {
-					context.setAttribute( "id", nid );
-				}
-				nid = "[id='" + nid + "'] ";
-
-				i = groups.length;
-				while ( i-- ) {
-					groups[i] = nid + toSelector( groups[i] );
-				}
-				newContext = rsibling.test( selector ) && testContext( context.parentNode ) || context;
-				newSelector = groups.join(",");
-			}
-
-			if ( newSelector ) {
-				try {
-					push.apply( results,
-						newContext.querySelectorAll( newSelector )
-					);
-					return results;
-				} catch(qsaError) {
-				} finally {
-					if ( !old ) {
-						context.removeAttribute("id");
-					}
-				}
-			}
-		}
-	}
-
-	return select( selector.replace( rtrim, "$1" ), context, results, seed );
-}
-
-/**
- * Create key-value caches of limited size
- * @returns {Function(string, Object)} Returns the Object data after storing it on itself with
- *	property name the (space-suffixed) string and (if the cache is larger than Expr.cacheLength)
- *	deleting the oldest entry
- */
-function createCache() {
-	var keys = [];
-
-	function cache( key, value ) {
-		if ( keys.push( key + " " ) > Expr.cacheLength ) {
-			delete cache[ keys.shift() ];
-		}
-		return (cache[ key + " " ] = value);
-	}
-	return cache;
-}
-
-/**
- * Mark a function for special use by Sizzle
- * @param {Function} fn The function to mark
- */
-function markFunction( fn ) {
-	fn[ expando ] = true;
-	return fn;
-}
-
-/**
- * Support testing using an element
- * @param {Function} fn Passed the created div and expects a boolean result
- */
-function assert( fn ) {
-	var div = document.createElement("div");
-
-	try {
-		return !!fn( div );
-	} catch (e) {
-		return false;
-	} finally {
-		if ( div.parentNode ) {
-			div.parentNode.removeChild( div );
-		}
-		div = null;
+	if ( !selector || typeof selector !== "string" ) {
+		return results;
 	}
-}
 
-/**
- * Adds the same handler for all of the specified attrs
- * @param {String} attrs Pipe-separated list of attributes
- * @param {Function} handler The method that will be applied
- */
-function addHandle( attrs, handler ) {
-	var arr = attrs.split("|"),
-		i = attrs.length;
+	var parts = [], m, set, checkSet, check, mode, extra, prune = true, contextXML = isXML(context),
+		soFar = selector;
 
-	while ( i-- ) {
-		Expr.attrHandle[ arr[i] ] = handler;
-	}
-}
+	while ( (chunker.exec(""), m = chunker.exec(soFar)) !== null ) {
+		soFar = m[3];
 
-/**
- * Checks document order of two siblings
- * @param {Element} a
- * @param {Element} b
- * @returns {Number} Returns less than 0 if a precedes b, greater than 0 if a follows b
- */
-function siblingCheck( a, b ) {
-	var cur = b && a,
-		diff = cur && a.nodeType === 1 && b.nodeType === 1 &&
-			( ~b.sourceIndex || MAX_NEGATIVE ) -
-			( ~a.sourceIndex || MAX_NEGATIVE );
-
-	if ( diff ) {
-		return diff;
-	}
+		parts.push( m[1] );
 
-	if ( cur ) {
-		while ( (cur = cur.nextSibling) ) {
-			if ( cur === b ) {
-				return -1;
-			}
+		if ( m[2] ) {
+			extra = m[3];
+			break;
 		}
 	}
 
-	return a ? 1 : -1;
-}
+	if ( parts.length > 1 && origPOS.exec( selector ) ) {
+		if ( parts.length === 2 && Expr.relative[ parts[0] ] ) {
+			set = posProcess( parts[0] + parts[1], context );
+		} else {
+			set = Expr.relative[ parts[0] ] ?
+				[ context ] :
+				Sizzle( parts.shift(), context );
 
-/**
- * Returns a function to use in pseudos for input types
- * @param {String} type
- */
-function createInputPseudo( type ) {
-	return function( elem ) {
-		var name = elem.nodeName.toLowerCase();
-		return name === "input" && elem.type === type;
-	};
-}
+			while ( parts.length ) {
+				selector = parts.shift();
 
-/**
- * Returns a function to use in pseudos for buttons
- * @param {String} type
- */
-function createButtonPseudo( type ) {
-	return function( elem ) {
-		var name = elem.nodeName.toLowerCase();
-		return (name === "input" || name === "button") && elem.type === type;
-	};
-}
+				if ( Expr.relative[ selector ] )
+					selector += parts.shift();
 
-/**
- * Returns a function to use in pseudos for positionals
- * @param {Function} fn
- */
-function createPositionalPseudo( fn ) {
-	return markFunction(function( argument ) {
-		argument = +argument;
-		return markFunction(function( seed, matches ) {
-			var j,
-				matchIndexes = fn( [], seed.length, argument ),
-				i = matchIndexes.length;
-
-			while ( i-- ) {
-				if ( seed[ (j = matchIndexes[i]) ] ) {
-					seed[j] = !(matches[j] = seed[j]);
-				}
+				set = posProcess( selector, set );
 			}
-		});
-	});
-}
-
-/**
- * Checks a node for validity as a Sizzle context
- * @param {Element|Object=} context
- * @returns {Element|Object|Boolean} The input node if acceptable, otherwise a falsy value
- */
-function testContext( context ) {
-	return context && typeof context.getElementsByTagName !== strundefined && context;
-}
-
-support = Sizzle.support = {};
-
-/**
- * Detects XML nodes
- * @param {Element|Object} elem An element or a document
- * @returns {Boolean} True iff elem is a non-HTML XML node
- */
-isXML = Sizzle.isXML = function( elem ) {
-	var documentElement = elem && (elem.ownerDocument || elem).documentElement;
-	return documentElement ? documentElement.nodeName !== "HTML" : false;
-};
-
-/**
- * Sets document-related variables once based on the current document
- * @param {Element|Object} [doc] An element or document object to use to set the document
- * @returns {Object} Returns the current document
- */
-setDocument = Sizzle.setDocument = function( node ) {
-	var hasCompare,
-		doc = node ? node.ownerDocument || node : preferredDoc,
-		parent = doc.defaultView;
-
-	if ( doc === document || doc.nodeType !== 9 || !doc.documentElement ) {
-		return document;
-	}
-
-	document = doc;
-	docElem = doc.documentElement;
-
-	documentIsHTML = !isXML( doc );
-
-	if ( parent && parent !== parent.top ) {
-		if ( parent.addEventListener ) {
-			parent.addEventListener( "unload", function() {
-				setDocument();
-			}, false );
-		} else if ( parent.attachEvent ) {
-			parent.attachEvent( "onunload", function() {
-				setDocument();
-			});
 		}
-	}
-
-	/* Attributes
-	---------------------------------------------------------------------- */
-
-	support.attributes = assert(function( div ) {
-		div.className = "i";
-		return !div.getAttribute("className");
-	});
-
-	/* getElement(s)By*
-	---------------------------------------------------------------------- */
-
-	support.getElementsByTagName = assert(function( div ) {
-		div.appendChild( doc.createComment("") );
-		return !div.getElementsByTagName("*").length;
-	});
-
-	support.getElementsByClassName = rnative.test( doc.getElementsByClassName ) && assert(function( div ) {
-		div.innerHTML = "<div class='a'></div><div class='a i'></div>";
-
-		div.firstChild.className = "i";
-		return div.getElementsByClassName("i").length === 2;
-	});
-
-	support.getById = assert(function( div ) {
-		docElem.appendChild( div ).id = expando;
-		return !doc.getElementsByName || !doc.getElementsByName( expando ).length;
-	});
-
-	if ( support.getById ) {
-		Expr.find["ID"] = function( id, context ) {
-			if ( typeof context.getElementById !== strundefined && documentIsHTML ) {
-				var m = context.getElementById( id );
-				return m && m.parentNode ? [m] : [];
-			}
-		};
-		Expr.filter["ID"] = function( id ) {
-			var attrId = id.replace( runescape, funescape );
-			return function( elem ) {
-				return elem.getAttribute("id") === attrId;
-			};
-		};
 	} else {
-		delete Expr.find["ID"];
-
-		Expr.filter["ID"] =  function( id ) {
-			var attrId = id.replace( runescape, funescape );
-			return function( elem ) {
-				var node = typeof elem.getAttributeNode !== strundefined && elem.getAttributeNode("id");
-				return node && node.value === attrId;
-			};
-		};
-	}
-
-	Expr.find["TAG"] = support.getElementsByTagName ?
-		function( tag, context ) {
-			if ( typeof context.getElementsByTagName !== strundefined ) {
-				return context.getElementsByTagName( tag );
-			}
-		} :
-		function( tag, context ) {
-			var elem,
-				tmp = [],
-				i = 0,
-				results = context.getElementsByTagName( tag );
-
-			if ( tag === "*" ) {
-				while ( (elem = results[i++]) ) {
-					if ( elem.nodeType === 1 ) {
-						tmp.push( elem );
-					}
-				}
-
-				return tmp;
-			}
-			return results;
-		};
-
-	Expr.find["CLASS"] = support.getElementsByClassName && function( className, context ) {
-		if ( typeof context.getElementsByClassName !== strundefined && documentIsHTML ) {
-			return context.getElementsByClassName( className );
+		if ( !seed && parts.length > 1 && context.nodeType === 9 && !contextXML &&
+				Expr.match.ID.test(parts[0]) && !Expr.match.ID.test(parts[parts.length - 1]) ) {
+			var ret = Sizzle.find( parts.shift(), context, contextXML );
+			context = ret.expr ? Sizzle.filter( ret.expr, ret.set )[0] : ret.set[0];
 		}
-	};
-
-	/* QSA/matchesSelector
-	---------------------------------------------------------------------- */
-
-
-	rbuggyMatches = [];
-
-	rbuggyQSA = [];
-
-	if ( (support.qsa = rnative.test( doc.querySelectorAll )) ) {
-		assert(function( div ) {
-			div.innerHTML = "<select t=''><option selected=''></option></select>";
-
-			if ( div.querySelectorAll("[t^='']").length ) {
-				rbuggyQSA.push( "[*^$]=" + whitespace + "*(?:''|\"\")" );
-			}
-
-			if ( !div.querySelectorAll("[selected]").length ) {
-				rbuggyQSA.push( "\\[" + whitespace + "*(?:value|" + booleans + ")" );
-			}
-
-			if ( !div.querySelectorAll(":checked").length ) {
-				rbuggyQSA.push(":checked");
-			}
-		});
-
-		assert(function( div ) {
-			var input = doc.createElement("input");
-			input.setAttribute( "type", "hidden" );
-			div.appendChild( input ).setAttribute( "name", "D" );
 
-			if ( div.querySelectorAll("[name=d]").length ) {
-				rbuggyQSA.push( "name" + whitespace + "*[*^$|!~]?=" );
-			}
+		if ( context ) {
+			var ret = seed ?
+				{ expr: parts.pop(), set: makeArray(seed) } :
+				Sizzle.find( parts.pop(), parts.length === 1 && (parts[0] === "~" || parts[0] === "+") && context.parentNode ? context.parentNode : context, contextXML );
+			set = ret.expr ? Sizzle.filter( ret.expr, ret.set ) : ret.set;
 
-			if ( !div.querySelectorAll(":enabled").length ) {
-				rbuggyQSA.push( ":enabled", ":disabled" );
+			if ( parts.length > 0 ) {
+				checkSet = makeArray(set);
+			} else {
+				prune = false;
 			}
 
-			div.querySelectorAll("*,:x");
-			rbuggyQSA.push(",.*:");
-		});
-	}
-
-	if ( (support.matchesSelector = rnative.test( (matches = docElem.webkitMatchesSelector ||
-		docElem.mozMatchesSelector ||
-		docElem.oMatchesSelector ||
-		docElem.msMatchesSelector) )) ) {
-
-		assert(function( div ) {
-			support.disconnectedMatch = matches.call( div, "div" );
-
-			matches.call( div, "[s!='']:x" );
-			rbuggyMatches.push( "!=", pseudos );
-		});
-	}
+			while ( parts.length ) {
+				var cur = parts.pop(), pop = cur;
 
-	rbuggyQSA = rbuggyQSA.length && new RegExp( rbuggyQSA.join("|") );
-	rbuggyMatches = rbuggyMatches.length && new RegExp( rbuggyMatches.join("|") );
-
-	/* Contains
-	---------------------------------------------------------------------- */
-	hasCompare = rnative.test( docElem.compareDocumentPosition );
-
-	contains = hasCompare || rnative.test( docElem.contains ) ?
-		function( a, b ) {
-			var adown = a.nodeType === 9 ? a.documentElement : a,
-				bup = b && b.parentNode;
-			return a === bup || !!( bup && bup.nodeType === 1 && (
-				adown.contains ?
-					adown.contains( bup ) :
-					a.compareDocumentPosition && a.compareDocumentPosition( bup ) & 16
-			));
-		} :
-		function( a, b ) {
-			if ( b ) {
-				while ( (b = b.parentNode) ) {
-					if ( b === a ) {
-						return true;
-					}
+				if ( !Expr.relative[ cur ] ) {
+					cur = "";
+				} else {
+					pop = parts.pop();
 				}
-			}
-			return false;
-		};
-
-	/* Sorting
-	---------------------------------------------------------------------- */
-
-	sortOrder = hasCompare ?
-	function( a, b ) {
-
-		if ( a === b ) {
-			hasDuplicate = true;
-			return 0;
-		}
-
-		var compare = !a.compareDocumentPosition - !b.compareDocumentPosition;
-		if ( compare ) {
-			return compare;
-		}
-
-		compare = ( a.ownerDocument || a ) === ( b.ownerDocument || b ) ?
-			a.compareDocumentPosition( b ) :
 
-			1;
-
-		if ( compare & 1 ||
-			(!support.sortDetached && b.compareDocumentPosition( a ) === compare) ) {
+				if ( pop == null ) {
+					pop = context;
+				}
 
-			if ( a === doc || a.ownerDocument === preferredDoc && contains(preferredDoc, a) ) {
-				return -1;
+				Expr.relative[ cur ]( checkSet, pop, contextXML );
 			}
-			if ( b === doc || b.ownerDocument === preferredDoc && contains(preferredDoc, b) ) {
-				return 1;
-			}
-
-			return sortInput ?
-				( indexOf.call( sortInput, a ) - indexOf.call( sortInput, b ) ) :
-				0;
-		}
-
-		return compare & 4 ? -1 : 1;
-	} :
-	function( a, b ) {
-		if ( a === b ) {
-			hasDuplicate = true;
-			return 0;
-		}
-
-		var cur,
-			i = 0,
-			aup = a.parentNode,
-			bup = b.parentNode,
-			ap = [ a ],
-			bp = [ b ];
-
-		if ( !aup || !bup ) {
-			return a === doc ? -1 :
-				b === doc ? 1 :
-				aup ? -1 :
-				bup ? 1 :
-				sortInput ?
-				( indexOf.call( sortInput, a ) - indexOf.call( sortInput, b ) ) :
-				0;
-
-		} else if ( aup === bup ) {
-			return siblingCheck( a, b );
-		}
-
-		cur = a;
-		while ( (cur = cur.parentNode) ) {
-			ap.unshift( cur );
-		}
-		cur = b;
-		while ( (cur = cur.parentNode) ) {
-			bp.unshift( cur );
-		}
-
-		while ( ap[i] === bp[i] ) {
-			i++;
+		} else {
+			checkSet = parts = [];
 		}
-
-		return i ?
-			siblingCheck( ap[i], bp[i] ) :
-
-			ap[i] === preferredDoc ? -1 :
-			bp[i] === preferredDoc ? 1 :
-			0;
-	};
-
-	return doc;
-};
-
-Sizzle.matches = function( expr, elements ) {
-	return Sizzle( expr, null, null, elements );
-};
-
-Sizzle.matchesSelector = function( elem, expr ) {
-	if ( ( elem.ownerDocument || elem ) !== document ) {
-		setDocument( elem );
-	}
-
-	expr = expr.replace( rattributeQuotes, "='$1']" );
-
-	if ( support.matchesSelector && documentIsHTML &&
-		( !rbuggyMatches || !rbuggyMatches.test( expr ) ) &&
-		( !rbuggyQSA     || !rbuggyQSA.test( expr ) ) ) {
-
-		try {
-			var ret = matches.call( elem, expr );
-
-			if ( ret || support.disconnectedMatch ||
-					elem.document && elem.document.nodeType !== 11 ) {
-				return ret;
-			}
-		} catch(e) {}
-	}
-
-	return Sizzle( expr, document, null, [elem] ).length > 0;
-};
-
-Sizzle.contains = function( context, elem ) {
-	if ( ( context.ownerDocument || context ) !== document ) {
-		setDocument( context );
 	}
-	return contains( context, elem );
-};
 
-Sizzle.attr = function( elem, name ) {
-	if ( ( elem.ownerDocument || elem ) !== document ) {
-		setDocument( elem );
+	if ( !checkSet ) {
+		checkSet = set;
 	}
 
-	var fn = Expr.attrHandle[ name.toLowerCase() ],
-		val = fn && hasOwn.call( Expr.attrHandle, name.toLowerCase() ) ?
-			fn( elem, name, !documentIsHTML ) :
-			undefined;
-
-	return val !== undefined ?
-		val :
-		support.attributes || !documentIsHTML ?
-			elem.getAttribute( name ) :
-			(val = elem.getAttributeNode(name)) && val.specified ?
-				val.value :
-				null;
-};
-
-Sizzle.error = function( msg ) {
-	throw new Error( "Syntax error, unrecognized expression: " + msg );
-};
-
-/**
- * Document sorting and removing duplicates
- * @param {ArrayLike} results
- */
-Sizzle.uniqueSort = function( results ) {
-	var elem,
-		duplicates = [],
-		j = 0,
-		i = 0;
-
-	hasDuplicate = !support.detectDuplicates;
-	sortInput = !support.sortStable && results.slice( 0 );
-	results.sort( sortOrder );
-
-	if ( hasDuplicate ) {
-		while ( (elem = results[i++]) ) {
-			if ( elem === results[ i ] ) {
-				j = duplicates.push( i );
-			}
-		}
-		while ( j-- ) {
-			results.splice( duplicates[ j ], 1 );
-		}
+	if ( !checkSet ) {
+		throw "Syntax error, unrecognized expression: " + (cur || selector);
 	}
 
-	sortInput = null;
-
-	return results;
-};
-
-/**
- * Utility function for retrieving the text value of an array of DOM nodes
- * @param {Array|Element} elem
- */
-getText = Sizzle.getText = function( elem ) {
-	var node,
-		ret = "",
-		i = 0,
-		nodeType = elem.nodeType;
-
-	if ( !nodeType ) {
-		while ( (node = elem[i++]) ) {
-			ret += getText( node );
-		}
-	} else if ( nodeType === 1 || nodeType === 9 || nodeType === 11 ) {
-		if ( typeof elem.textContent === "string" ) {
-			return elem.textContent;
-		} else {
-			for ( elem = elem.firstChild; elem; elem = elem.nextSibling ) {
-				ret += getText( elem );
-			}
-		}
-	} else if ( nodeType === 3 || nodeType === 4 ) {
-		return elem.nodeValue;
-	}
-
-	return ret;
-};
-
-Expr = Sizzle.selectors = {
-
-	cacheLength: 50,
-
-	createPseudo: markFunction,
-
-	match: matchExpr,
-
-	attrHandle: {},
-
-	find: {},
-
-	relative: {
-		">": { dir: "parentNode", first: true },
-		" ": { dir: "parentNode" },
-		"+": { dir: "previousSibling", first: true },
-		"~": { dir: "previousSibling" }
-	},
-
-	preFilter: {
-		"ATTR": function( match ) {
-			match[1] = match[1].replace( runescape, funescape );
-
-			match[3] = ( match[4] || match[5] || "" ).replace( runescape, funescape );
-
-			if ( match[2] === "~=" ) {
-				match[3] = " " + match[3] + " ";
-			}
-
-			return match.slice( 0, 4 );
-		},
-
-		"CHILD": function( match ) {
-			/* matches from matchExpr["CHILD"]
-				1 type (only|nth|...)
-				2 what (child|of-type)
-				3 argument (even|odd|\d*|\d*n([+-]\d+)?|...)
-				4 xn-component of xn+y argument ([+-]?\d*n|)
-				5 sign of xn-component
-				6 x of xn-component
-				7 sign of y-component
-				8 y of y-component
-			*/
-			match[1] = match[1].toLowerCase();
-
-			if ( match[1].slice( 0, 3 ) === "nth" ) {
-				if ( !match[3] ) {
-					Sizzle.error( match[0] );
-				}
-
-				match[4] = +( match[4] ? match[5] + (match[6] || 1) : 2 * ( match[3] === "even" || match[3] === "odd" ) );
-				match[5] = +( ( match[7] + match[8] ) || match[3] === "odd" );
-
-			} else if ( match[3] ) {
-				Sizzle.error( match[0] );
-			}
-
-			return match;
-		},
-
-		"PSEUDO": function( match ) {
-			var excess,
-				unquoted = !match[5] && match[2];
-
-			if ( matchExpr["CHILD"].test( match[0] ) ) {
-				return null;
+	if ( toString.call(checkSet) === "[object Array]" ) {
+		if ( !prune ) {
+			results.push.apply( results, checkSet );
+		} else if ( context && context.nodeType === 1 ) {
+			for ( var i = 0; checkSet[i] != null; i++ ) {
+				if ( checkSet[i] && (checkSet[i] === true || checkSet[i].nodeType === 1 && contains(context, checkSet[i])) ) {
+					results.push( set[i] );
+				}
+			}
+		} else {
+			for ( var i = 0; checkSet[i] != null; i++ ) {
+				if ( checkSet[i] && checkSet[i].nodeType === 1 ) {
+					results.push( set[i] );
+				}
 			}
+		}
+	} else {
+		makeArray( checkSet, results );
+	}
+
+	if ( extra ) {
+		Sizzle( extra, origContext, results, seed );
+		Sizzle.uniqueSort( results );
+	}
 
-			if ( match[3] && match[4] !== undefined ) {
-				match[2] = match[4];
+	return results;
+};
 
-			} else if ( unquoted && rpseudo.test( unquoted ) &&
-				(excess = tokenize( unquoted, true )) &&
-				(excess = unquoted.indexOf( ")", unquoted.length - excess ) - unquoted.length) ) {
+Sizzle.uniqueSort = function(results){
+	if ( sortOrder ) {
+		hasDuplicate = baseHasDuplicate;
+		results.sort(sortOrder);
 
-				match[0] = match[0].slice( 0, excess );
-				match[2] = unquoted.slice( 0, excess );
+		if ( hasDuplicate ) {
+			for ( var i = 1; i < results.length; i++ ) {
+				if ( results[i] === results[i-1] ) {
+					results.splice(i--, 1);
+				}
 			}
-
-			return match.slice( 0, 3 );
 		}
-	},
-
-	filter: {
-
-		"TAG": function( nodeNameSelector ) {
-			var nodeName = nodeNameSelector.replace( runescape, funescape ).toLowerCase();
-			return nodeNameSelector === "*" ?
-				function() { return true; } :
-				function( elem ) {
-					return elem.nodeName && elem.nodeName.toLowerCase() === nodeName;
-				};
-		},
+	}
 
-		"CLASS": function( className ) {
-			var pattern = classCache[ className + " " ];
+	return results;
+};
 
-			return pattern ||
-				(pattern = new RegExp( "(^|" + whitespace + ")" + className + "(" + whitespace + "|$)" )) &&
-				classCache( className, function( elem ) {
-					return pattern.test( typeof elem.className === "string" && elem.className || typeof elem.getAttribute !== strundefined && elem.getAttribute("class") || "" );
-				});
-		},
+Sizzle.matches = function(expr, set){
+	return Sizzle(expr, null, null, set);
+};
 
-		"ATTR": function( name, operator, check ) {
-			return function( elem ) {
-				var result = Sizzle.attr( elem, name );
+Sizzle.find = function(expr, context, isXML){
+	var set, match;
 
-				if ( result == null ) {
-					return operator === "!=";
-				}
-				if ( !operator ) {
-					return true;
-				}
+	if ( !expr ) {
+		return [];
+	}
 
-				result += "";
-
-				return operator === "=" ? result === check :
-					operator === "!=" ? result !== check :
-					operator === "^=" ? check && result.indexOf( check ) === 0 :
-					operator === "*=" ? check && result.indexOf( check ) > -1 :
-					operator === "$=" ? check && result.slice( -check.length ) === check :
-					operator === "~=" ? ( " " + result + " " ).indexOf( check ) > -1 :
-					operator === "|=" ? result === check || result.slice( 0, check.length + 1 ) === check + "-" :
-					false;
-			};
-		},
+	for ( var i = 0, l = Expr.order.length; i < l; i++ ) {
+		var type = Expr.order[i], match;
 
-		"CHILD": function( type, what, argument, first, last ) {
-			var simple = type.slice( 0, 3 ) !== "nth",
-				forward = type.slice( -4 ) !== "last",
-				ofType = what === "of-type";
-
-			return first === 1 && last === 0 ?
-
-				function( elem ) {
-					return !!elem.parentNode;
-				} :
-
-				function( elem, context, xml ) {
-					var cache, outerCache, node, diff, nodeIndex, start,
-						dir = simple !== forward ? "nextSibling" : "previousSibling",
-						parent = elem.parentNode,
-						name = ofType && elem.nodeName.toLowerCase(),
-						useCache = !xml && !ofType;
-
-					if ( parent ) {
-
-						if ( simple ) {
-							while ( dir ) {
-								node = elem;
-								while ( (node = node[ dir ]) ) {
-									if ( ofType ? node.nodeName.toLowerCase() === name : node.nodeType === 1 ) {
-										return false;
-									}
-								}
-								start = dir = type === "only" && !start && "nextSibling";
-							}
-							return true;
-						}
+		if ( (match = Expr.leftMatch[ type ].exec( expr )) ) {
+			var left = match[1];
+			match.splice(1,1);
 
-						start = [ forward ? parent.firstChild : parent.lastChild ];
+			if ( left.substr( left.length - 1 ) !== "\\" ) {
+				match[1] = (match[1] || "").replace(/\\/g, "");
+				set = Expr.find[ type ]( match, context, isXML );
+				if ( set != null ) {
+					expr = expr.replace( Expr.match[ type ], "" );
+					break;
+				}
+			}
+		}
+	}
 
-						if ( forward && useCache ) {
-							outerCache = parent[ expando ] || (parent[ expando ] = {});
-							cache = outerCache[ type ] || [];
-							nodeIndex = cache[0] === dirruns && cache[1];
-							diff = cache[0] === dirruns && cache[2];
-							node = nodeIndex && parent.childNodes[ nodeIndex ];
+	if ( !set ) {
+		set = context.getElementsByTagName("*");
+	}
 
-							while ( (node = ++nodeIndex && node && node[ dir ] ||
+	return {set: set, expr: expr};
+};
 
-								(diff = nodeIndex = 0) || start.pop()) ) {
+Sizzle.filter = function(expr, set, inplace, not){
+	var old = expr, result = [], curLoop = set, match, anyFound,
+		isXMLFilter = set && set[0] && isXML(set[0]);
 
-								if ( node.nodeType === 1 && ++diff && node === elem ) {
-									outerCache[ type ] = [ dirruns, nodeIndex, diff ];
-									break;
-								}
-							}
+	while ( expr && set.length ) {
+		for ( var type in Expr.filter ) {
+			if ( (match = Expr.match[ type ].exec( expr )) != null ) {
+				var filter = Expr.filter[ type ], found, item;
+				anyFound = false;
 
-						} else if ( useCache && (cache = (elem[ expando ] || (elem[ expando ] = {}))[ type ]) && cache[0] === dirruns ) {
-							diff = cache[1];
+				if ( curLoop == result ) {
+					result = [];
+				}
 
-						} else {
-							while ( (node = ++nodeIndex && node && node[ dir ] ||
-								(diff = nodeIndex = 0) || start.pop()) ) {
+				if ( Expr.preFilter[ type ] ) {
+					match = Expr.preFilter[ type ]( match, curLoop, inplace, result, not, isXMLFilter );
 
-								if ( ( ofType ? node.nodeName.toLowerCase() === name : node.nodeType === 1 ) && ++diff ) {
-									if ( useCache ) {
-										(node[ expando ] || (node[ expando ] = {}))[ type ] = [ dirruns, diff ];
-									}
+					if ( !match ) {
+						anyFound = found = true;
+					} else if ( match === true ) {
+						continue;
+					}
+				}
 
-									if ( node === elem ) {
-										break;
-									}
+				if ( match ) {
+					for ( var i = 0; (item = curLoop[i]) != null; i++ ) {
+						if ( item ) {
+							found = filter( item, match, i, curLoop );
+							var pass = not ^ !!found;
+
+							if ( inplace && found != null ) {
+								if ( pass ) {
+									anyFound = true;
+								} else {
+									curLoop[i] = false;
 								}
+							} else if ( pass ) {
+								result.push( item );
+								anyFound = true;
 							}
 						}
+					}
+				}
 
-						diff -= last;
-						return diff === first || ( diff % first === 0 && diff / first >= 0 );
+				if ( found !== undefined ) {
+					if ( !inplace ) {
+						curLoop = result;
 					}
-				};
-		},
 
-		"PSEUDO": function( pseudo, argument ) {
-			var args,
-				fn = Expr.pseudos[ pseudo ] || Expr.setFilters[ pseudo.toLowerCase() ] ||
-					Sizzle.error( "unsupported pseudo: " + pseudo );
+					expr = expr.replace( Expr.match[ type ], "" );
 
-			if ( fn[ expando ] ) {
-				return fn( argument );
-			}
+					if ( !anyFound ) {
+						return [];
+					}
 
-			if ( fn.length > 1 ) {
-				args = [ pseudo, pseudo, "", argument ];
-				return Expr.setFilters.hasOwnProperty( pseudo.toLowerCase() ) ?
-					markFunction(function( seed, matches ) {
-						var idx,
-							matched = fn( seed, argument ),
-							i = matched.length;
-						while ( i-- ) {
-							idx = indexOf.call( seed, matched[i] );
-							seed[ idx ] = !( matches[ idx ] = matched[i] );
-						}
-					}) :
-					function( elem ) {
-						return fn( elem, 0, args );
-					};
+					break;
+				}
 			}
-
-			return fn;
 		}
-	},
 
-	pseudos: {
-		"not": markFunction(function( selector ) {
-			var input = [],
-				results = [],
-				matcher = compile( selector.replace( rtrim, "$1" ) );
-
-			return matcher[ expando ] ?
-				markFunction(function( seed, matches, context, xml ) {
-					var elem,
-						unmatched = matcher( seed, null, xml, [] ),
-						i = seed.length;
-
-					while ( i-- ) {
-						if ( (elem = unmatched[i]) ) {
-							seed[i] = !(matches[i] = elem);
-						}
-					}
-				}) :
-				function( elem, context, xml ) {
-					input[0] = elem;
-					matcher( input, null, xml, results );
-					return !results.pop();
-				};
-		}),
-
-		"has": markFunction(function( selector ) {
-			return function( elem ) {
-				return Sizzle( selector, elem ).length > 0;
-			};
-		}),
-
-		"contains": markFunction(function( text ) {
-			return function( elem ) {
-				return ( elem.textContent || elem.innerText || getText( elem ) ).indexOf( text ) > -1;
-			};
-		}),
-
-		"lang": markFunction( function( lang ) {
-			if ( !ridentifier.test(lang || "") ) {
-				Sizzle.error( "unsupported lang: " + lang );
+		if ( expr == old ) {
+			if ( anyFound == null ) {
+				throw "Syntax error, unrecognized expression: " + expr;
+			} else {
+				break;
 			}
-			lang = lang.replace( runescape, funescape ).toLowerCase();
-			return function( elem ) {
-				var elemLang;
-				do {
-					if ( (elemLang = documentIsHTML ?
-						elem.lang :
-						elem.getAttribute("xml:lang") || elem.getAttribute("lang")) ) {
-
-						elemLang = elemLang.toLowerCase();
-						return elemLang === lang || elemLang.indexOf( lang + "-" ) === 0;
-					}
-				} while ( (elem = elem.parentNode) && elem.nodeType === 1 );
-				return false;
-			};
-		}),
-
-		"target": function( elem ) {
-			var hash = window.location && window.location.hash;
-			return hash && hash.slice( 1 ) === elem.id;
-		},
-
-		"root": function( elem ) {
-			return elem === docElem;
-		},
-
-		"focus": function( elem ) {
-			return elem === document.activeElement && (!document.hasFocus || document.hasFocus()) && !!(elem.type || elem.href || ~elem.tabIndex);
-		},
+		}
 
-		"enabled": function( elem ) {
-			return elem.disabled === false;
-		},
+		old = expr;
+	}
 
-		"disabled": function( elem ) {
-			return elem.disabled === true;
-		},
+	return curLoop;
+};
 
-		"checked": function( elem ) {
-			var nodeName = elem.nodeName.toLowerCase();
-			return (nodeName === "input" && !!elem.checked) || (nodeName === "option" && !!elem.selected);
-		},
+var Expr = Sizzle.selectors = {
+	order: [ "ID", "NAME", "TAG" ],
+	match: {
+		ID: /#((?:[\w\u00c0-\uFFFF-]|\\.)+)/,
+		CLASS: /\.((?:[\w\u00c0-\uFFFF-]|\\.)+)/,
+		NAME: /\[name=['"]*((?:[\w\u00c0-\uFFFF-]|\\.)+)['"]*\]/,
+		ATTR: /\[\s*((?:[\w\u00c0-\uFFFF-]|\\.)+)\s*(?:(\S?=)\s*(['"]*)(.*?)\3|)\s*\]/,
+		TAG: /^((?:[\w\u00c0-\uFFFF\*-]|\\.)+)/,
+		CHILD: /:(only|nth|last|first)-child(?:\((even|odd|[\dn+-]*)\))?/,
+		POS: /:(nth|eq|gt|lt|first|last|even|odd)(?:\((\d*)\))?(?=[^-]|$)/,
+		PSEUDO: /:((?:[\w\u00c0-\uFFFF-]|\\.)+)(?:\((['"]*)((?:\([^\)]+\)|[^\2\(\)]*)+)\2\))?/
+	},
+	leftMatch: {},
+	attrMap: {
+		"class": "className",
+		"for": "htmlFor"
+	},
+	attrHandle: {
+		href: function(elem){
+			return elem.getAttribute("href");
+		}
+	},
+	relative: {
+		"+": function(checkSet, part, isXML){
+			var isPartStr = typeof part === "string",
+				isTag = isPartStr && !/\W/.test(part),
+				isPartStrNotTag = isPartStr && !isTag;
 
-		"selected": function( elem ) {
-			if ( elem.parentNode ) {
-				elem.parentNode.selectedIndex;
+			if ( isTag && !isXML ) {
+				part = part.toUpperCase();
 			}
 
-			return elem.selected === true;
-		},
+			for ( var i = 0, l = checkSet.length, elem; i < l; i++ ) {
+				if ( (elem = checkSet[i]) ) {
+					while ( (elem = elem.previousSibling) && elem.nodeType !== 1 ) {}
 
-		"empty": function( elem ) {
-			for ( elem = elem.firstChild; elem; elem = elem.nextSibling ) {
-				if ( elem.nodeType < 6 ) {
-					return false;
+					checkSet[i] = isPartStrNotTag || elem && elem.nodeName === part ?
+						elem || false :
+						elem === part;
 				}
 			}
-			return true;
-		},
 
-		"parent": function( elem ) {
-			return !Expr.pseudos["empty"]( elem );
+			if ( isPartStrNotTag ) {
+				Sizzle.filter( part, checkSet, true );
+			}
 		},
+		">": function(checkSet, part, isXML){
+			var isPartStr = typeof part === "string";
 
-		"header": function( elem ) {
-			return rheader.test( elem.nodeName );
-		},
+			if ( isPartStr && !/\W/.test(part) ) {
+				part = isXML ? part : part.toUpperCase();
 
-		"input": function( elem ) {
-			return rinputs.test( elem.nodeName );
-		},
+				for ( var i = 0, l = checkSet.length; i < l; i++ ) {
+					var elem = checkSet[i];
+					if ( elem ) {
+						var parent = elem.parentNode;
+						checkSet[i] = parent.nodeName === part ? parent : false;
+					}
+				}
+			} else {
+				for ( var i = 0, l = checkSet.length; i < l; i++ ) {
+					var elem = checkSet[i];
+					if ( elem ) {
+						checkSet[i] = isPartStr ?
+							elem.parentNode :
+							elem.parentNode === part;
+					}
+				}
 
-		"button": function( elem ) {
-			var name = elem.nodeName.toLowerCase();
-			return name === "input" && elem.type === "button" || name === "button";
+				if ( isPartStr ) {
+					Sizzle.filter( part, checkSet, true );
+				}
+			}
 		},
+		"": function(checkSet, part, isXML){
+			var doneName = done++, checkFn = dirCheck;
 
-		"text": function( elem ) {
-			var attr;
-			return elem.nodeName.toLowerCase() === "input" &&
-				elem.type === "text" &&
+			if ( !/\W/.test(part) ) {
+				var nodeCheck = part = isXML ? part : part.toUpperCase();
+				checkFn = dirNodeCheck;
+			}
 
-				( (attr = elem.getAttribute("type")) == null || attr.toLowerCase() === "text" );
+			checkFn("parentNode", part, doneName, checkSet, nodeCheck, isXML);
 		},
+		"~": function(checkSet, part, isXML){
+			var doneName = done++, checkFn = dirCheck;
 
-		"first": createPositionalPseudo(function() {
-			return [ 0 ];
-		}),
+			if ( typeof part === "string" && !/\W/.test(part) ) {
+				var nodeCheck = part = isXML ? part : part.toUpperCase();
+				checkFn = dirNodeCheck;
+			}
 
-		"last": createPositionalPseudo(function( matchIndexes, length ) {
-			return [ length - 1 ];
-		}),
+			checkFn("previousSibling", part, doneName, checkSet, nodeCheck, isXML);
+		}
+	},
+	find: {
+		ID: function(match, context, isXML){
+			if ( typeof context.getElementById !== "undefined" && !isXML ) {
+				var m = context.getElementById(match[1]);
+				return m ? [m] : [];
+			}
+		},
+		NAME: function(match, context, isXML){
+			if ( typeof context.getElementsByName !== "undefined" ) {
+				var ret = [], results = context.getElementsByName(match[1]);
 
-		"eq": createPositionalPseudo(function( matchIndexes, length, argument ) {
-			return [ argument < 0 ? argument + length : argument ];
-		}),
+				for ( var i = 0, l = results.length; i < l; i++ ) {
+					if ( results[i].getAttribute("name") === match[1] ) {
+						ret.push( results[i] );
+					}
+				}
 
-		"even": createPositionalPseudo(function( matchIndexes, length ) {
-			var i = 0;
-			for ( ; i < length; i += 2 ) {
-				matchIndexes.push( i );
+				return ret.length === 0 ? null : ret;
 			}
-			return matchIndexes;
-		}),
+		},
+		TAG: function(match, context){
+			return context.getElementsByTagName(match[1]);
+		}
+	},
+	preFilter: {
+		CLASS: function(match, curLoop, inplace, result, not, isXML){
+			match = " " + match[1].replace(/\\/g, "") + " ";
 
-		"odd": createPositionalPseudo(function( matchIndexes, length ) {
-			var i = 1;
-			for ( ; i < length; i += 2 ) {
-				matchIndexes.push( i );
+			if ( isXML ) {
+				return match;
 			}
-			return matchIndexes;
-		}),
 
-		"lt": createPositionalPseudo(function( matchIndexes, length, argument ) {
-			var i = argument < 0 ? argument + length : argument;
-			for ( ; --i >= 0; ) {
-				matchIndexes.push( i );
+			for ( var i = 0, elem; (elem = curLoop[i]) != null; i++ ) {
+				if ( elem ) {
+					if ( not ^ (elem.className && (" " + elem.className + " ").indexOf(match) >= 0) ) {
+						if ( !inplace )
+							result.push( elem );
+					} else if ( inplace ) {
+						curLoop[i] = false;
+					}
+				}
 			}
-			return matchIndexes;
-		}),
 
-		"gt": createPositionalPseudo(function( matchIndexes, length, argument ) {
-			var i = argument < 0 ? argument + length : argument;
-			for ( ; ++i < length; ) {
-				matchIndexes.push( i );
+			return false;
+		},
+		ID: function(match){
+			return match[1].replace(/\\/g, "");
+		},
+		TAG: function(match, curLoop){
+			for ( var i = 0; curLoop[i] === false; i++ ){}
+			return curLoop[i] && isXML(curLoop[i]) ? match[1] : match[1].toUpperCase();
+		},
+		CHILD: function(match){
+			if ( match[1] == "nth" ) {
+				var test = /(-?)(\d*)n((?:\+|-)?\d*)/.exec(
+					match[2] == "even" && "2n" || match[2] == "odd" && "2n+1" ||
+					!/\D/.test( match[2] ) && "0n+" + match[2] || match[2]);
+
+				match[2] = (test[1] + (test[2] || 1)) - 0;
+				match[3] = test[3] - 0;
 			}
-			return matchIndexes;
-		})
-	}
-};
-
-Expr.pseudos["nth"] = Expr.pseudos["eq"];
-
-for ( i in { radio: true, checkbox: true, file: true, password: true, image: true } ) {
-	Expr.pseudos[ i ] = createInputPseudo( i );
-}
-for ( i in { submit: true, reset: true } ) {
-	Expr.pseudos[ i ] = createButtonPseudo( i );
-}
-
-function setFilters() {}
-setFilters.prototype = Expr.filters = Expr.pseudos;
-Expr.setFilters = new setFilters();
-
-function tokenize( selector, parseOnly ) {
-	var matched, match, tokens, type,
-		soFar, groups, preFilters,
-		cached = tokenCache[ selector + " " ];
 
-	if ( cached ) {
-		return parseOnly ? 0 : cached.slice( 0 );
-	}
+			match[0] = done++;
 
-	soFar = selector;
-	groups = [];
-	preFilters = Expr.preFilter;
+			return match;
+		},
+		ATTR: function(match, curLoop, inplace, result, not, isXML){
+			var name = match[1].replace(/\\/g, "");
 
-	while ( soFar ) {
+			if ( !isXML && Expr.attrMap[name] ) {
+				match[1] = Expr.attrMap[name];
+			}
 
-		if ( !matched || (match = rcomma.exec( soFar )) ) {
-			if ( match ) {
-				soFar = soFar.slice( match[0].length ) || soFar;
+			if ( match[2] === "~=" ) {
+				match[4] = " " + match[4] + " ";
 			}
-			groups.push( (tokens = []) );
-		}
 
-		matched = false;
+			return match;
+		},
+		PSEUDO: function(match, curLoop, inplace, result, not){
+			if ( match[1] === "not" ) {
+				if ( ( chunker.exec(match[3]) || "" ).length > 1 || /^\w/.test(match[3]) ) {
+					match[3] = Sizzle(match[3], null, null, curLoop);
+				} else {
+					var ret = Sizzle.filter(match[3], curLoop, inplace, true ^ not);
+					if ( !inplace ) {
+						result.push.apply( result, ret );
+					}
+					return false;
+				}
+			} else if ( Expr.match.POS.test( match[0] ) || Expr.match.CHILD.test( match[0] ) ) {
+				return true;
+			}
 
-		if ( (match = rcombinators.exec( soFar )) ) {
-			matched = match.shift();
-			tokens.push({
-				value: matched,
-				type: match[0].replace( rtrim, " " )
-			});
-			soFar = soFar.slice( matched.length );
+			return match;
+		},
+		POS: function(match){
+			match.unshift( true );
+			return match;
 		}
-
-		for ( type in Expr.filter ) {
-			if ( (match = matchExpr[ type ].exec( soFar )) && (!preFilters[ type ] ||
-				(match = preFilters[ type ]( match ))) ) {
-				matched = match.shift();
-				tokens.push({
-					value: matched,
-					type: type,
-					matches: match
-				});
-				soFar = soFar.slice( matched.length );
-			}
+	},
+	filters: {
+		enabled: function(elem){
+			return elem.disabled === false && elem.type !== "hidden";
+		},
+		disabled: function(elem){
+			return elem.disabled === true;
+		},
+		checked: function(elem){
+			return elem.checked === true;
+		},
+		selected: function(elem){
+			elem.parentNode.selectedIndex;
+			return elem.selected === true;
+		},
+		parent: function(elem){
+			return !!elem.firstChild;
+		},
+		empty: function(elem){
+			return !elem.firstChild;
+		},
+		has: function(elem, i, match){
+			return !!Sizzle( match[3], elem ).length;
+		},
+		header: function(elem){
+			return /h\d/i.test( elem.nodeName );
+		},
+		text: function(elem){
+			return "text" === elem.type;
+		},
+		radio: function(elem){
+			return "radio" === elem.type;
+		},
+		checkbox: function(elem){
+			return "checkbox" === elem.type;
+		},
+		file: function(elem){
+			return "file" === elem.type;
+		},
+		password: function(elem){
+			return "password" === elem.type;
+		},
+		submit: function(elem){
+			return "submit" === elem.type;
+		},
+		image: function(elem){
+			return "image" === elem.type;
+		},
+		reset: function(elem){
+			return "reset" === elem.type;
+		},
+		button: function(elem){
+			return "button" === elem.type || elem.nodeName.toUpperCase() === "BUTTON";
+		},
+		input: function(elem){
+			return /input|select|textarea|button/i.test(elem.nodeName);
 		}
-
-		if ( !matched ) {
-			break;
+	},
+	setFilters: {
+		first: function(elem, i){
+			return i === 0;
+		},
+		last: function(elem, i, match, array){
+			return i === array.length - 1;
+		},
+		even: function(elem, i){
+			return i % 2 === 0;
+		},
+		odd: function(elem, i){
+			return i % 2 === 1;
+		},
+		lt: function(elem, i, match){
+			return i < match[3] - 0;
+		},
+		gt: function(elem, i, match){
+			return i > match[3] - 0;
+		},
+		nth: function(elem, i, match){
+			return match[3] - 0 == i;
+		},
+		eq: function(elem, i, match){
+			return match[3] - 0 == i;
 		}
-	}
-
-	return parseOnly ?
-		soFar.length :
-		soFar ?
-			Sizzle.error( selector ) :
-			tokenCache( selector, groups ).slice( 0 );
-}
-
-function toSelector( tokens ) {
-	var i = 0,
-		len = tokens.length,
-		selector = "";
-	for ( ; i < len; i++ ) {
-		selector += tokens[i].value;
-	}
-	return selector;
-}
-
-function addCombinator( matcher, combinator, base ) {
-	var dir = combinator.dir,
-		checkNonElements = base && dir === "parentNode",
-		doneName = done++;
-
-	return combinator.first ?
-		function( elem, context, xml ) {
-			while ( (elem = elem[ dir ]) ) {
-				if ( elem.nodeType === 1 || checkNonElements ) {
-					return matcher( elem, context, xml );
+	},
+	filter: {
+		PSEUDO: function(elem, match, i, array){
+			var name = match[1], filter = Expr.filters[ name ];
+
+			if ( filter ) {
+				return filter( elem, i, match, array );
+			} else if ( name === "contains" ) {
+				return (elem.textContent || elem.innerText || "").indexOf(match[3]) >= 0;
+			} else if ( name === "not" ) {
+				var not = match[3];
+
+				for ( var i = 0, l = not.length; i < l; i++ ) {
+					if ( not[i] === elem ) {
+						return false;
+					}
 				}
-			}
-		} :
 
-		function( elem, context, xml ) {
-			var oldCache, outerCache,
-				newCache = [ dirruns, doneName ];
+				return true;
+			}
+		},
+		CHILD: function(elem, match){
+			var type = match[1], node = elem;
+			switch (type) {
+				case 'only':
+				case 'first':
+					while ( (node = node.previousSibling) )  {
+						if ( node.nodeType === 1 ) return false;
+					}
+					if ( type == 'first') return true;
+					node = elem;
+				case 'last':
+					while ( (node = node.nextSibling) )  {
+						if ( node.nodeType === 1 ) return false;
+					}
+					return true;
+				case 'nth':
+					var first = match[2], last = match[3];
 
-			if ( xml ) {
-				while ( (elem = elem[ dir ]) ) {
-					if ( elem.nodeType === 1 || checkNonElements ) {
-						if ( matcher( elem, context, xml ) ) {
-							return true;
-						}
+					if ( first == 1 && last == 0 ) {
+						return true;
 					}
-				}
-			} else {
-				while ( (elem = elem[ dir ]) ) {
-					if ( elem.nodeType === 1 || checkNonElements ) {
-						outerCache = elem[ expando ] || (elem[ expando ] = {});
-						if ( (oldCache = outerCache[ dir ]) &&
-							oldCache[ 0 ] === dirruns && oldCache[ 1 ] === doneName ) {
-
-							return (newCache[ 2 ] = oldCache[ 2 ]);
-						} else {
-							outerCache[ dir ] = newCache;
-
-							if ( (newCache[ 2 ] = matcher( elem, context, xml )) ) {
-								return true;
+
+					var doneName = match[0],
+						parent = elem.parentNode;
+
+					if ( parent && (parent.sizcache !== doneName || !elem.nodeIndex) ) {
+						var count = 0;
+						for ( node = parent.firstChild; node; node = node.nextSibling ) {
+							if ( node.nodeType === 1 ) {
+								node.nodeIndex = ++count;
 							}
 						}
+						parent.sizcache = doneName;
 					}
-				}
-			}
-		};
-}
 
-function elementMatcher( matchers ) {
-	return matchers.length > 1 ?
-		function( elem, context, xml ) {
-			var i = matchers.length;
-			while ( i-- ) {
-				if ( !matchers[i]( elem, context, xml ) ) {
-					return false;
-				}
+					var diff = elem.nodeIndex - last;
+					if ( first == 0 ) {
+						return diff == 0;
+					} else {
+						return ( diff % first == 0 && diff / first >= 0 );
+					}
 			}
-			return true;
-		} :
-		matchers[0];
-}
-
-function multipleContexts( selector, contexts, results ) {
-	var i = 0,
-		len = contexts.length;
-	for ( ; i < len; i++ ) {
-		Sizzle( selector, contexts[i], results );
-	}
-	return results;
-}
+		},
+		ID: function(elem, match){
+			return elem.nodeType === 1 && elem.getAttribute("id") === match;
+		},
+		TAG: function(elem, match){
+			return (match === "*" && elem.nodeType === 1) || elem.nodeName === match;
+		},
+		CLASS: function(elem, match){
+			return (" " + (elem.className || elem.getAttribute("class")) + " ")
+				.indexOf( match ) > -1;
+		},
+		ATTR: function(elem, match){
+			var name = match[1],
+				result = Expr.attrHandle[ name ] ?
+					Expr.attrHandle[ name ]( elem ) :
+					elem[ name ] != null ?
+						elem[ name ] :
+						elem.getAttribute( name ),
+				value = result + "",
+				type = match[2],
+				check = match[4];
+
+			return result == null ?
+				type === "!=" :
+				type === "=" ?
+				value === check :
+				type === "*=" ?
+				value.indexOf(check) >= 0 :
+				type === "~=" ?
+				(" " + value + " ").indexOf(check) >= 0 :
+				!check ?
+				value && result !== false :
+				type === "!=" ?
+				value != check :
+				type === "^=" ?
+				value.indexOf(check) === 0 :
+				type === "$=" ?
+				value.substr(value.length - check.length) === check :
+				type === "|=" ?
+				value === check || value.substr(0, check.length + 1) === check + "-" :
+				false;
+		},
+		POS: function(elem, match, i, array){
+			var name = match[2], filter = Expr.setFilters[ name ];
 
-function condense( unmatched, map, filter, context, xml ) {
-	var elem,
-		newUnmatched = [],
-		i = 0,
-		len = unmatched.length,
-		mapped = map != null;
-
-	for ( ; i < len; i++ ) {
-		if ( (elem = unmatched[i]) ) {
-			if ( !filter || filter( elem, context, xml ) ) {
-				newUnmatched.push( elem );
-				if ( mapped ) {
-					map.push( i );
-				}
+			if ( filter ) {
+				return filter( elem, i, match, array );
 			}
 		}
 	}
+};
 
-	return newUnmatched;
-}
-
-function setMatcher( preFilter, selector, matcher, postFilter, postFinder, postSelector ) {
-	if ( postFilter && !postFilter[ expando ] ) {
-		postFilter = setMatcher( postFilter );
-	}
-	if ( postFinder && !postFinder[ expando ] ) {
-		postFinder = setMatcher( postFinder, postSelector );
-	}
-	return markFunction(function( seed, results, context, xml ) {
-		var temp, i, elem,
-			preMap = [],
-			postMap = [],
-			preexisting = results.length,
-
-			elems = seed || multipleContexts( selector || "*", context.nodeType ? [ context ] : context, [] ),
+var origPOS = Expr.match.POS;
 
-			matcherIn = preFilter && ( seed || !selector ) ?
-				condense( elems, preMap, preFilter, context, xml ) :
-				elems,
+for ( var type in Expr.match ) {
+	Expr.match[ type ] = new RegExp( Expr.match[ type ].source + /(?![^\[]*\])(?![^\(]*\))/.source );
+	Expr.leftMatch[ type ] = new RegExp( /(^(?:.|\r|\n)*?)/.source + Expr.match[ type ].source );
+}
 
-			matcherOut = matcher ?
-				postFinder || ( seed ? preFilter : preexisting || postFilter ) ?
+var makeArray = function(array, results) {
+	array = Array.prototype.slice.call( array, 0 );
 
-					[] :
+	if ( results ) {
+		results.push.apply( results, array );
+		return results;
+	}
 
-					results :
-				matcherIn;
+	return array;
+};
 
-		if ( matcher ) {
-			matcher( matcherIn, matcherOut, context, xml );
-		}
+try {
+	Array.prototype.slice.call( document.documentElement.childNodes, 0 );
 
-		if ( postFilter ) {
-			temp = condense( matcherOut, postMap );
-			postFilter( temp, [], context, xml );
+} catch(e){
+	makeArray = function(array, results) {
+		var ret = results || [];
 
-			i = temp.length;
-			while ( i-- ) {
-				if ( (elem = temp[i]) ) {
-					matcherOut[ postMap[i] ] = !(matcherIn[ postMap[i] ] = elem);
+		if ( toString.call(array) === "[object Array]" ) {
+			Array.prototype.push.apply( ret, array );
+		} else {
+			if ( typeof array.length === "number" ) {
+				for ( var i = 0, l = array.length; i < l; i++ ) {
+					ret.push( array[i] );
+				}
+			} else {
+				for ( var i = 0; array[i]; i++ ) {
+					ret.push( array[i] );
 				}
 			}
 		}
 
-		if ( seed ) {
-			if ( postFinder || preFilter ) {
-				if ( postFinder ) {
-					temp = [];
-					i = matcherOut.length;
-					while ( i-- ) {
-						if ( (elem = matcherOut[i]) ) {
-							temp.push( (matcherIn[i] = elem) );
-						}
-					}
-					postFinder( null, (matcherOut = []), temp, xml );
-				}
+		return ret;
+	};
+}
 
-				i = matcherOut.length;
-				while ( i-- ) {
-					if ( (elem = matcherOut[i]) &&
-						(temp = postFinder ? indexOf.call( seed, elem ) : preMap[i]) > -1 ) {
+var sortOrder;
 
-						seed[temp] = !(results[temp] = elem);
-					}
-				}
+if ( document.documentElement.compareDocumentPosition ) {
+	sortOrder = function( a, b ) {
+		if ( !a.compareDocumentPosition || !b.compareDocumentPosition ) {
+			if ( a == b ) {
+				hasDuplicate = true;
 			}
+			return 0;
+		}
 
-		} else {
-			matcherOut = condense(
-				matcherOut === results ?
-					matcherOut.splice( preexisting, matcherOut.length ) :
-					matcherOut
-			);
-			if ( postFinder ) {
-				postFinder( null, results, matcherOut, xml );
-			} else {
-				push.apply( results, matcherOut );
+		var ret = a.compareDocumentPosition(b) & 4 ? -1 : a === b ? 0 : 1;
+		if ( ret === 0 ) {
+			hasDuplicate = true;
+		}
+		return ret;
+	};
+} else if ( "sourceIndex" in document.documentElement ) {
+	sortOrder = function( a, b ) {
+		if ( !a.sourceIndex || !b.sourceIndex ) {
+			if ( a == b ) {
+				hasDuplicate = true;
 			}
+			return 0;
 		}
-	});
-}
-
-function matcherFromTokens( tokens ) {
-	var checkContext, matcher, j,
-		len = tokens.length,
-		leadingRelative = Expr.relative[ tokens[0].type ],
-		implicitRelative = leadingRelative || Expr.relative[" "],
-		i = leadingRelative ? 1 : 0,
-
-		matchContext = addCombinator( function( elem ) {
-			return elem === checkContext;
-		}, implicitRelative, true ),
-		matchAnyContext = addCombinator( function( elem ) {
-			return indexOf.call( checkContext, elem ) > -1;
-		}, implicitRelative, true ),
-		matchers = [ function( elem, context, xml ) {
-			return ( !leadingRelative && ( xml || context !== outermostContext ) ) || (
-				(checkContext = context).nodeType ?
-					matchContext( elem, context, xml ) :
-					matchAnyContext( elem, context, xml ) );
-		} ];
-
-	for ( ; i < len; i++ ) {
-		if ( (matcher = Expr.relative[ tokens[i].type ]) ) {
-			matchers = [ addCombinator(elementMatcher( matchers ), matcher) ];
-		} else {
-			matcher = Expr.filter[ tokens[i].type ].apply( null, tokens[i].matches );
 
-			if ( matcher[ expando ] ) {
-				j = ++i;
-				for ( ; j < len; j++ ) {
-					if ( Expr.relative[ tokens[j].type ] ) {
-						break;
-					}
-				}
-				return setMatcher(
-					i > 1 && elementMatcher( matchers ),
-					i > 1 && toSelector(
-						tokens.slice( 0, i - 1 ).concat({ value: tokens[ i - 2 ].type === " " ? "*" : "" })
-					).replace( rtrim, "$1" ),
-					matcher,
-					i < j && matcherFromTokens( tokens.slice( i, j ) ),
-					j < len && matcherFromTokens( (tokens = tokens.slice( j )) ),
-					j < len && toSelector( tokens )
-				);
+		var ret = a.sourceIndex - b.sourceIndex;
+		if ( ret === 0 ) {
+			hasDuplicate = true;
+		}
+		return ret;
+	};
+} else if ( document.createRange ) {
+	sortOrder = function( a, b ) {
+		if ( !a.ownerDocument || !b.ownerDocument ) {
+			if ( a == b ) {
+				hasDuplicate = true;
 			}
-			matchers.push( matcher );
+			return 0;
 		}
-	}
-
-	return elementMatcher( matchers );
-}
 
-function matcherFromGroupMatchers( elementMatchers, setMatchers ) {
-	var bySet = setMatchers.length > 0,
-		byElement = elementMatchers.length > 0,
-		superMatcher = function( seed, context, xml, results, outermost ) {
-			var elem, j, matcher,
-				matchedCount = 0,
-				i = "0",
-				unmatched = seed && [],
-				setMatched = [],
-				contextBackup = outermostContext,
-				elems = seed || byElement && Expr.find["TAG"]( "*", outermost ),
-				dirrunsUnique = (dirruns += contextBackup == null ? 1 : Math.random() || 0.1),
-				len = elems.length;
-
-			if ( outermost ) {
-				outermostContext = context !== document && context;
-			}
+		var aRange = a.ownerDocument.createRange(), bRange = b.ownerDocument.createRange();
+		aRange.setStart(a, 0);
+		aRange.setEnd(a, 0);
+		bRange.setStart(b, 0);
+		bRange.setEnd(b, 0);
+		var ret = aRange.compareBoundaryPoints(Range.START_TO_END, bRange);
+		if ( ret === 0 ) {
+			hasDuplicate = true;
+		}
+		return ret;
+	};
+}
 
-			for ( ; i !== len && (elem = elems[i]) != null; i++ ) {
-				if ( byElement && elem ) {
-					j = 0;
-					while ( (matcher = elementMatchers[j++]) ) {
-						if ( matcher( elem, context, xml ) ) {
-							results.push( elem );
-							break;
-						}
-					}
-					if ( outermost ) {
-						dirruns = dirrunsUnique;
-					}
-				}
+(function(){
+	var form = document.createElement("div"),
+		id = "script" + (new Date).getTime();
+	form.innerHTML = "<a name='" + id + "'/>";
 
-				if ( bySet ) {
-					if ( (elem = !matcher && elem) ) {
-						matchedCount--;
-					}
+	var root = document.documentElement;
+	root.insertBefore( form, root.firstChild );
 
-					if ( seed ) {
-						unmatched.push( elem );
-					}
-				}
+	if ( !!document.getElementById( id ) ) {
+		Expr.find.ID = function(match, context, isXML){
+			if ( typeof context.getElementById !== "undefined" && !isXML ) {
+				var m = context.getElementById(match[1]);
+				return m ? m.id === match[1] || typeof m.getAttributeNode !== "undefined" && m.getAttributeNode("id").nodeValue === match[1] ? [m] : undefined : [];
 			}
+		};
 
-			matchedCount += i;
-			if ( bySet && i !== matchedCount ) {
-				j = 0;
-				while ( (matcher = setMatchers[j++]) ) {
-					matcher( unmatched, setMatched, context, xml );
-				}
+		Expr.filter.ID = function(elem, match){
+			var node = typeof elem.getAttributeNode !== "undefined" && elem.getAttributeNode("id");
+			return elem.nodeType === 1 && node && node.nodeValue === match;
+		};
+	}
 
-				if ( seed ) {
-					if ( matchedCount > 0 ) {
-						while ( i-- ) {
-							if ( !(unmatched[i] || setMatched[i]) ) {
-								setMatched[i] = pop.call( results );
-							}
-						}
-					}
+	root.removeChild( form );
+	root = form = null; // release memory in IE
+})();
 
-					setMatched = condense( setMatched );
-				}
+(function(){
+
+	var div = document.createElement("div");
+	div.appendChild( document.createComment("") );
 
-				push.apply( results, setMatched );
+	if ( div.getElementsByTagName("*").length > 0 ) {
+		Expr.find.TAG = function(match, context){
+			var results = context.getElementsByTagName(match[1]);
 
-				if ( outermost && !seed && setMatched.length > 0 &&
-					( matchedCount + setMatchers.length ) > 1 ) {
+			if ( match[1] === "*" ) {
+				var tmp = [];
 
-					Sizzle.uniqueSort( results );
+				for ( var i = 0; results[i]; i++ ) {
+					if ( results[i].nodeType === 1 ) {
+						tmp.push( results[i] );
+					}
 				}
-			}
 
-			if ( outermost ) {
-				dirruns = dirrunsUnique;
-				outermostContext = contextBackup;
+				results = tmp;
 			}
 
-			return unmatched;
+			return results;
 		};
+	}
 
-	return bySet ?
-		markFunction( superMatcher ) :
-		superMatcher;
-}
+	div.innerHTML = "<a href='#'></a>";
+	if ( div.firstChild && typeof div.firstChild.getAttribute !== "undefined" &&
+			div.firstChild.getAttribute("href") !== "#" ) {
+		Expr.attrHandle.href = function(elem){
+			return elem.getAttribute("href", 2);
+		};
+	}
 
-compile = Sizzle.compile = function( selector, match /* Internal Use Only */ ) {
-	var i,
-		setMatchers = [],
-		elementMatchers = [],
-		cached = compilerCache[ selector + " " ];
+	div = null; // release memory in IE
+})();
 
-	if ( !cached ) {
-		if ( !match ) {
-			match = tokenize( selector );
-		}
-		i = match.length;
-		while ( i-- ) {
-			cached = matcherFromTokens( match[i] );
-			if ( cached[ expando ] ) {
-				setMatchers.push( cached );
-			} else {
-				elementMatchers.push( cached );
-			}
+if ( document.querySelectorAll ) (function(){
+	var oldSizzle = Sizzle, div = document.createElement("div");
+	div.innerHTML = "<p class='TEST'></p>";
+
+	if ( div.querySelectorAll && div.querySelectorAll(".TEST").length === 0 ) {
+		return;
+	}
+
+	Sizzle = function(query, context, extra, seed){
+		context = context || document;
+
+		if ( !seed && context.nodeType === 9 && !isXML(context) ) {
+			try {
+				return makeArray( context.querySelectorAll(query), extra );
+			} catch(e){}
 		}
 
-		cached = compilerCache( selector, matcherFromGroupMatchers( elementMatchers, setMatchers ) );
+		return oldSizzle(query, context, extra, seed);
+	};
 
-		cached.selector = selector;
+	for ( var prop in oldSizzle ) {
+		Sizzle[ prop ] = oldSizzle[ prop ];
 	}
-	return cached;
-};
-
-/**
- * A low-level selection function that works with Sizzle's compiled
- *  selector functions
- * @param {String|Function} selector A selector or a pre-compiled
- *  selector function built with Sizzle.compile
- * @param {Element} context
- * @param {Array} [results]
- * @param {Array} [seed] A set of elements to match against
- */
-select = Sizzle.select = function( selector, context, results, seed ) {
-	var i, tokens, token, type, find,
-		compiled = typeof selector === "function" && selector,
-		match = !seed && tokenize( (selector = compiled.selector || selector) );
 
-	results = results || [];
+	div = null; // release memory in IE
+})();
 
-	if ( match.length === 1 ) {
+if ( document.getElementsByClassName && document.documentElement.getElementsByClassName ) (function(){
+	var div = document.createElement("div");
+	div.innerHTML = "<div class='test e'></div><div class='test'></div>";
 
-		tokens = match[0] = match[0].slice( 0 );
-		if ( tokens.length > 2 && (token = tokens[0]).type === "ID" &&
-				support.getById && context.nodeType === 9 && documentIsHTML &&
-				Expr.relative[ tokens[1].type ] ) {
+	if ( div.getElementsByClassName("e").length === 0 )
+		return;
 
-			context = ( Expr.find["ID"]( token.matches[0].replace(runescape, funescape), context ) || [] )[0];
-			if ( !context ) {
-				return results;
+	div.lastChild.className = "e";
 
-			} else if ( compiled ) {
-				context = context.parentNode;
-			}
+	if ( div.getElementsByClassName("e").length === 1 )
+		return;
 
-			selector = selector.slice( tokens.shift().value.length );
+	Expr.order.splice(1, 0, "CLASS");
+	Expr.find.CLASS = function(match, context, isXML) {
+		if ( typeof context.getElementsByClassName !== "undefined" && !isXML ) {
+			return context.getElementsByClassName(match[1]);
 		}
+	};
 
-		i = matchExpr["needsContext"].test( selector ) ? 0 : tokens.length;
-		while ( i-- ) {
-			token = tokens[i];
+	div = null; // release memory in IE
+})();
 
-			if ( Expr.relative[ (type = token.type) ] ) {
-				break;
+function dirNodeCheck( dir, cur, doneName, checkSet, nodeCheck, isXML ) {
+	var sibDir = dir == "previousSibling" && !isXML;
+	for ( var i = 0, l = checkSet.length; i < l; i++ ) {
+		var elem = checkSet[i];
+		if ( elem ) {
+			if ( sibDir && elem.nodeType === 1 ){
+				elem.sizcache = doneName;
+				elem.sizset = i;
 			}
-			if ( (find = Expr.find[ type ]) ) {
-				if ( (seed = find(
-					token.matches[0].replace( runescape, funescape ),
-					rsibling.test( tokens[0].type ) && testContext( context.parentNode ) || context
-				)) ) {
-
-					tokens.splice( i, 1 );
-					selector = seed.length && toSelector( tokens );
-					if ( !selector ) {
-						push.apply( results, seed );
-						return results;
-					}
+			elem = elem[dir];
+			var match = false;
 
+			while ( elem ) {
+				if ( elem.sizcache === doneName ) {
+					match = checkSet[elem.sizset];
 					break;
 				}
+
+				if ( elem.nodeType === 1 && !isXML ){
+					elem.sizcache = doneName;
+					elem.sizset = i;
+				}
+
+				if ( elem.nodeName === cur ) {
+					match = elem;
+					break;
+				}
+
+				elem = elem[dir];
 			}
+
+			checkSet[i] = match;
 		}
 	}
+}
 
-	( compiled || compile( selector, match ) )(
-		seed,
-		context,
-		!documentIsHTML,
-		results,
-		rsibling.test( selector ) && testContext( context.parentNode ) || context
-	);
-	return results;
-};
-
+function dirCheck( dir, cur, doneName, checkSet, nodeCheck, isXML ) {
+	var sibDir = dir == "previousSibling" && !isXML;
+	for ( var i = 0, l = checkSet.length; i < l; i++ ) {
+		var elem = checkSet[i];
+		if ( elem ) {
+			if ( sibDir && elem.nodeType === 1 ) {
+				elem.sizcache = doneName;
+				elem.sizset = i;
+			}
+			elem = elem[dir];
+			var match = false;
 
-support.sortStable = expando.split("").sort( sortOrder ).join("") === expando;
+			while ( elem ) {
+				if ( elem.sizcache === doneName ) {
+					match = checkSet[elem.sizset];
+					break;
+				}
 
-support.detectDuplicates = !!hasDuplicate;
+				if ( elem.nodeType === 1 ) {
+					if ( !isXML ) {
+						elem.sizcache = doneName;
+						elem.sizset = i;
+					}
+					if ( typeof cur !== "string" ) {
+						if ( elem === cur ) {
+							match = true;
+							break;
+						}
 
-setDocument();
+					} else if ( Sizzle.filter( cur, [elem] ).length > 0 ) {
+						match = elem;
+						break;
+					}
+				}
 
-support.sortDetached = assert(function( div1 ) {
-	return div1.compareDocumentPosition( document.createElement("div") ) & 1;
-});
+				elem = elem[dir];
+			}
 
-if ( !assert(function( div ) {
-	div.innerHTML = "<a href='#'></a>";
-	return div.firstChild.getAttribute("href") === "#" ;
-}) ) {
-	addHandle( "type|href|height|width", function( elem, name, isXML ) {
-		if ( !isXML ) {
-			return elem.getAttribute( name, name.toLowerCase() === "type" ? 1 : 2 );
+			checkSet[i] = match;
 		}
-	});
+	}
 }
 
-if ( !support.attributes || !assert(function( div ) {
-	div.innerHTML = "<input/>";
-	div.firstChild.setAttribute( "value", "" );
-	return div.firstChild.getAttribute( "value" ) === "";
-}) ) {
-	addHandle( "value", function( elem, name, isXML ) {
-		if ( !isXML && elem.nodeName.toLowerCase() === "input" ) {
-			return elem.defaultValue;
-		}
-	});
-}
+var contains = document.compareDocumentPosition ?  function(a, b){
+	return a.compareDocumentPosition(b) & 16;
+} : function(a, b){
+	return a !== b && (a.contains ? a.contains(b) : true);
+};
 
-if ( !assert(function( div ) {
-	return div.getAttribute("disabled") == null;
-}) ) {
-	addHandle( booleans, function( elem, name, isXML ) {
-		var val;
-		if ( !isXML ) {
-			return elem[ name ] === true ? name.toLowerCase() :
-					(val = elem.getAttributeNode( name )) && val.specified ?
-					val.value :
-				null;
-		}
-	});
-}
+var isXML = function(elem){
+	return elem.nodeType === 9 && elem.documentElement.nodeName !== "HTML" ||
+		!!elem.ownerDocument && elem.ownerDocument.documentElement.nodeName !== "HTML";
+};
 
-if ( typeof define === "function" && define.amd ) {
-	define(function() { return Sizzle; });
-} else if ( typeof module !== "undefined" && module.exports ) {
-	module.exports = Sizzle;
-} else {
-	window.Sizzle = Sizzle;
-}
+var posProcess = function(selector, context){
+	var tmpSet = [], later = "", match,
+		root = context.nodeType ? [context] : context;
+
+	while ( (match = Expr.match.PSEUDO.exec( selector )) ) {
+		later += match[0];
+		selector = selector.replace( Expr.match.PSEUDO, "" );
+	}
 
-})( window );
+	selector = Expr.relative[selector] ? selector + "*" : selector;
 
-;(function() {
-  if (typeof Sizzle !== 'undefined') {
-    return;
-  }
+	for ( var i = 0, l = root.length; i < l; i++ ) {
+		Sizzle( selector, root[i], tmpSet );
+	}
+
+	return Sizzle.filter( later, tmpSet );
+};
+
+
+window.Sizzle = Sizzle;
 
-  if (typeof define !== 'undefined' && define.amd) {
-    window.Sizzle = Prototype._actual_sizzle;
-    window.define = Prototype._original_define;
-    delete Prototype._actual_sizzle;
-    delete Prototype._original_define;
-  } else if (typeof module !== 'undefined' && module.exports) {
-    window.Sizzle = module.exports;
-    module.exports = {};
-  }
 })();
 
 ;(function(engine) {
@@ -6325,23 +4977,15 @@ var Form = {
       accumulator = function(result, key, value) {
         if (key in result) {
           if (!Object.isArray(result[key])) result[key] = [result[key]];
-          result[key] = result[key].concat(value);
+          result[key].push(value);
         } else result[key] = value;
         return result;
       };
     } else {
       initial = '';
-      accumulator = function(result, key, values) {
-        if (!Object.isArray(values)) {values = [values];}
-        if (!values.length) {return result;}
-        var encodedKey = encodeURIComponent(key).gsub(/%20/, '+');
-        return result + (result ? "&" : "") + values.map(function (value) {
-          value = value.gsub(/(\r)?\n/, '\r\n');
-          value = encodeURIComponent(value);
-          value = value.gsub(/%20/, '+');
-          return encodedKey + "=" + value;
-        }).join("&");
-      };
+      accumulator = function(result, key, value) {
+        return result + (result ? '&' : '') + encodeURIComponent(key) + '=' + encodeURIComponent(value);
+      }
     }
 
     return elements.inject(initial, function(result, element) {
@@ -6362,16 +5006,19 @@ Form.Methods = {
     return Form.serializeElements(Form.getElements(form), options);
   },
 
-
   getElements: function(form) {
-    var elements = $(form).getElementsByTagName('*');
-    var element, results = [], serializers = Form.Element.Serializers;
-
+    var elements = $(form).getElementsByTagName('*'),
+        element,
+        arr = [ ],
+        serializers = Form.Element.Serializers;
     for (var i = 0; element = elements[i]; i++) {
-      if (serializers[element.tagName.toLowerCase()])
-        results.push(Element.extend(element));
+      arr.push(element);
     }
-    return results;
+    return arr.inject([], function(elements, child) {
+      if (serializers[child.tagName.toLowerCase()])
+        elements.push(Element.extend(child));
+      return elements;
+    })
   },
 
   getInputs: function(form, typeName, name) {
@@ -6681,11 +5328,7 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
     return Form.serialize(this.element);
   }
 });
-(function(GLOBAL) {
-  var DIV = document.createElement('div');
-  var docEl = document.documentElement;
-  var MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED = 'onmouseenter' in docEl
-   && 'onmouseleave' in docEl;
+(function() {
 
   var Event = {
     KEY_BACKSPACE: 8,
@@ -6701,9 +5344,16 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
     KEY_END:      35,
     KEY_PAGEUP:   33,
     KEY_PAGEDOWN: 34,
-    KEY_INSERT:   45
+    KEY_INSERT:   45,
+
+    cache: {}
   };
 
+  var docEl = document.documentElement;
+  var MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED = 'onmouseenter' in docEl
+    && 'onmouseleave' in docEl;
+
+
 
   var isIELegacyEvent = function(event) { return false; };
 
@@ -6759,10 +5409,6 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
   function isRightClick(event)  { return _isButton(event, 2) }
 
   function element(event) {
-    return Element.extend(_element(event));
-  }
-
-  function _element(event) {
     event = Event.extend(event);
 
     var node = event.target, type = event.type,
@@ -6775,15 +5421,20 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
             node = currentTarget;
     }
 
-    return node.nodeType == Node.TEXT_NODE ? node.parentNode : node;
+    if (node.nodeType == Node.TEXT_NODE)
+      node = node.parentNode;
+
+    return Element.extend(node);
   }
 
   function findElement(event, expression) {
-    var element = _element(event), selector = Prototype.Selector;
-    if (!expression) return Element.extend(element);
+    var element = Event.element(event);
+
+    if (!expression) return element;
     while (element) {
-      if (Object.isElement(element) && selector.match(element, expression))
+      if (Object.isElement(element) && Prototype.Selector.match(element, expression)) {
         return Element.extend(element);
+      }
       element = element.parentNode;
     }
   }
@@ -6895,268 +5546,198 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
     Object.extend(Event.prototype, methods);
   }
 
-  var EVENT_TRANSLATIONS = {
-    mouseenter: 'mouseover',
-    mouseleave: 'mouseout'
-  };
-
-  function getDOMEventName(eventName) {
-    return EVENT_TRANSLATIONS[eventName] || eventName;
-  }
-
-  if (MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED)
-    getDOMEventName = Prototype.K;
+  function _createResponder(element, eventName, handler) {
+    var registry = Element.retrieve(element, 'prototype_event_registry');
 
-  function getUniqueElementID(element) {
-    if (element === window) return 0;
+    if (Object.isUndefined(registry)) {
+      CACHE.push(element);
+      registry = Element.retrieve(element, 'prototype_event_registry', $H());
+    }
 
-    if (typeof element._prototypeUID === 'undefined')
-      element._prototypeUID = Element.Storage.UID++;
-    return element._prototypeUID;
-  }
+    var respondersForEvent = registry.get(eventName);
+    if (Object.isUndefined(respondersForEvent)) {
+      respondersForEvent = [];
+      registry.set(eventName, respondersForEvent);
+    }
 
-  function getUniqueElementID_IE(element) {
-    if (element === window) return 0;
-    if (element == document) return 1;
-    return element.uniqueID;
-  }
+    if (respondersForEvent.pluck('handler').include(handler)) return false;
 
-  if ('uniqueID' in DIV)
-    getUniqueElementID = getUniqueElementID_IE;
+    var responder;
+    if (eventName.include(":")) {
+      responder = function(event) {
+        if (Object.isUndefined(event.eventName))
+          return false;
 
-  function isCustomEvent(eventName) {
-    return eventName.include(':');
-  }
+        if (event.eventName !== eventName)
+          return false;
 
-  Event._isCustomEvent = isCustomEvent;
+        Event.extend(event, element);
+        handler.call(element, event);
+      };
+    } else {
+      if (!MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED &&
+       (eventName === "mouseenter" || eventName === "mouseleave")) {
+        if (eventName === "mouseenter" || eventName === "mouseleave") {
+          responder = function(event) {
+            Event.extend(event, element);
+
+            var parent = event.relatedTarget;
+            while (parent && parent !== element) {
+              try { parent = parent.parentNode; }
+              catch(e) { parent = element; }
+            }
+
+            if (parent === element) return;
+
+            handler.call(element, event);
+          };
+        }
+      } else {
+        responder = function(event) {
+          Event.extend(event, element);
+          handler.call(element, event);
+        };
+      }
+    }
 
-  function getOrCreateRegistryFor(element, uid) {
-    var CACHE = GLOBAL.Event.cache;
-    if (Object.isUndefined(uid))
-      uid = getUniqueElementID(element);
-    if (!CACHE[uid]) CACHE[uid] = { element: element };
-    return CACHE[uid];
+    responder.handler = handler;
+    respondersForEvent.push(responder);
+    return responder;
   }
 
-  function destroyRegistryForElement(element, uid) {
-    if (Object.isUndefined(uid))
-      uid = getUniqueElementID(element);
-    delete GLOBAL.Event.cache[uid];
+  function _destroyCache() {
+    for (var i = 0, length = CACHE.length; i < length; i++) {
+      Event.stopObserving(CACHE[i]);
+      CACHE[i] = null;
+    }
   }
 
+  var CACHE = [];
 
-  function register(element, eventName, handler) {
-    var registry = getOrCreateRegistryFor(element);
-    if (!registry[eventName]) registry[eventName] = [];
-    var entries = registry[eventName];
-
-    var i = entries.length;
-    while (i--)
-      if (entries[i].handler === handler) return null;
+  if (Prototype.Browser.IE)
+    window.attachEvent('onunload', _destroyCache);
 
-    var uid = getUniqueElementID(element);
-    var responder = GLOBAL.Event._createResponder(uid, eventName, handler);
-    var entry = {
-      responder: responder,
-      handler:   handler
-    };
-
-    entries.push(entry);
-    return entry;
-  }
-
-  function unregister(element, eventName, handler) {
-    var registry = getOrCreateRegistryFor(element);
-    var entries = registry[eventName] || [];
-
-    var i = entries.length, entry;
-    while (i--) {
-      if (entries[i].handler === handler) {
-        entry = entries[i];
-        break;
-      }
-    }
+  if (Prototype.Browser.WebKit)
+    window.addEventListener('unload', Prototype.emptyFunction, false);
 
-    if (entry) {
-      var index = entries.indexOf(entry);
-      entries.splice(index, 1);
-    }
 
-    if (entries.length === 0) {
-      delete registry[eventName];
-      if (Object.keys(registry).length === 1 && ('element' in registry))
-        destroyRegistryForElement(element);
-    }
+  var _getDOMEventName = Prototype.K,
+      translations = { mouseenter: "mouseover", mouseleave: "mouseout" };
 
-    return entry;
+  if (!MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED) {
+    _getDOMEventName = function(eventName) {
+      return (translations[eventName] || eventName);
+    };
   }
 
-
   function observe(element, eventName, handler) {
     element = $(element);
-    var entry = register(element, eventName, handler);
-
-    if (entry === null) return element;
 
-    var responder = entry.responder;
-    if (isCustomEvent(eventName))
-      observeCustomEvent(element, eventName, responder);
-    else
-      observeStandardEvent(element, eventName, responder);
+    var responder = _createResponder(element, eventName, handler);
 
-    return element;
-  }
+    if (!responder) return element;
 
-  function observeStandardEvent(element, eventName, responder) {
-    var actualEventName = getDOMEventName(eventName);
-    if (element.addEventListener) {
-      element.addEventListener(actualEventName, responder, false);
+    if (eventName.include(':')) {
+      if (element.addEventListener)
+        element.addEventListener("dataavailable", responder, false);
+      else {
+        element.attachEvent("ondataavailable", responder);
+        element.attachEvent("onlosecapture", responder);
+      }
     } else {
-      element.attachEvent('on' + actualEventName, responder);
-    }
-  }
+      var actualEventName = _getDOMEventName(eventName);
 
-  function observeCustomEvent(element, eventName, responder) {
-    if (element.addEventListener) {
-      element.addEventListener('dataavailable', responder, false);
-    } else {
-      element.attachEvent('ondataavailable', responder);
-      element.attachEvent('onlosecapture',   responder);
+      if (element.addEventListener)
+        element.addEventListener(actualEventName, responder, false);
+      else
+        element.attachEvent("on" + actualEventName, responder);
     }
+
+    return element;
   }
 
   function stopObserving(element, eventName, handler) {
     element = $(element);
-    var handlerGiven = !Object.isUndefined(handler),
-     eventNameGiven = !Object.isUndefined(eventName);
 
-    if (!eventNameGiven && !handlerGiven) {
-      stopObservingElement(element);
-      return element;
-    }
+    var registry = Element.retrieve(element, 'prototype_event_registry');
+    if (!registry) return element;
 
-    if (!handlerGiven) {
-      stopObservingEventName(element, eventName);
+    if (!eventName) {
+      registry.each( function(pair) {
+        var eventName = pair.key;
+        stopObserving(element, eventName);
+      });
       return element;
     }
 
-    var entry = unregister(element, eventName, handler);
+    var responders = registry.get(eventName);
+    if (!responders) return element;
 
-    if (!entry) return element;
-    removeEvent(element, eventName, entry.responder);
-    return element;
-  }
+    if (!handler) {
+      responders.each(function(r) {
+        stopObserving(element, eventName, r.handler);
+      });
+      return element;
+    }
 
-  function stopObservingStandardEvent(element, eventName, responder) {
-    var actualEventName = getDOMEventName(eventName);
-    if (element.removeEventListener) {
-      element.removeEventListener(actualEventName, responder, false);
-    } else {
-      element.detachEvent('on' + actualEventName, responder);
+    var i = responders.length, responder;
+    while (i--) {
+      if (responders[i].handler === handler) {
+        responder = responders[i];
+        break;
+      }
     }
-  }
+    if (!responder) return element;
 
-  function stopObservingCustomEvent(element, eventName, responder) {
-    if (element.removeEventListener) {
-      element.removeEventListener('dataavailable', responder, false);
+    if (eventName.include(':')) {
+      if (element.removeEventListener)
+        element.removeEventListener("dataavailable", responder, false);
+      else {
+        element.detachEvent("ondataavailable", responder);
+        element.detachEvent("onlosecapture", responder);
+      }
     } else {
-      element.detachEvent('ondataavailable', responder);
-      element.detachEvent('onlosecapture',   responder);
+      var actualEventName = _getDOMEventName(eventName);
+      if (element.removeEventListener)
+        element.removeEventListener(actualEventName, responder, false);
+      else
+        element.detachEvent('on' + actualEventName, responder);
     }
-  }
 
+    registry.set(eventName, responders.without(responder));
 
-
-  function stopObservingElement(element) {
-    var uid = getUniqueElementID(element), registry = GLOBAL.Event.cache[uid];
-    if (!registry) return;
-
-    destroyRegistryForElement(element, uid);
-
-    var entries, i;
-    for (var eventName in registry) {
-      if (eventName === 'element') continue;
-
-      entries = registry[eventName];
-      i = entries.length;
-      while (i--)
-        removeEvent(element, eventName, entries[i].responder);
-    }
+    return element;
   }
 
-  function stopObservingEventName(element, eventName) {
-    var registry = getOrCreateRegistryFor(element);
-    var entries = registry[eventName];
-    if (entries) {
-      delete registry[eventName];
-    }
+  function fire(element, eventName, memo, bubble) {
+    element = $(element);
 
-    entries = entries || [];
+    if (Object.isUndefined(bubble))
+      bubble = true;
 
-    var i = entries.length;
-    while (i--)
-      removeEvent(element, eventName, entries[i].responder);
+    if (element == document && document.createEvent && !element.dispatchEvent)
+      element = document.documentElement;
 
-    for (var name in registry) {
-      if (name === 'element') continue;
-      return; // There is another registered event
+    var event;
+    if (document.createEvent) {
+      event = document.createEvent('HTMLEvents');
+      event.initEvent('dataavailable', bubble, true);
+    } else {
+      event = document.createEventObject();
+      event.eventType = bubble ? 'ondataavailable' : 'onlosecapture';
     }
 
-    destroyRegistryForElement(element);
-  }
-
+    event.eventName = eventName;
+    event.memo = memo || { };
 
-  function removeEvent(element, eventName, handler) {
-    if (isCustomEvent(eventName))
-      stopObservingCustomEvent(element, eventName, handler);
+    if (document.createEvent)
+      element.dispatchEvent(event);
     else
-      stopObservingStandardEvent(element, eventName, handler);
-  }
-
-
+      element.fireEvent(event.eventType, event);
 
-  function getFireTarget(element) {
-    if (element !== document) return element;
-    if (document.createEvent && !element.dispatchEvent)
-      return document.documentElement;
-    return element;
-  }
-
-  function fire(element, eventName, memo, bubble) {
-    element = getFireTarget($(element));
-    if (Object.isUndefined(bubble)) bubble = true;
-    memo = memo || {};
-
-    var event = fireEvent(element, eventName, memo, bubble);
     return Event.extend(event);
   }
 
-  function fireEvent_DOM(element, eventName, memo, bubble) {
-    var event = document.createEvent('HTMLEvents');
-    event.initEvent('dataavailable', bubble, true);
-
-    event.eventName = eventName;
-    event.memo = memo;
-
-    element.dispatchEvent(event);
-    return event;
-  }
-
-  function fireEvent_IE(element, eventName, memo, bubble) {
-    var event = document.createEventObject();
-    event.eventType = bubble ? 'ondataavailable' : 'onlosecapture';
-
-    event.eventName = eventName;
-    event.memo = memo;
-
-    element.fireEvent(event.eventType, event);
-    return event;
-  }
-
-  var fireEvent = document.createEvent ? fireEvent_DOM : fireEvent_IE;
-
-
-
   Event.Handler = Class.create({
     initialize: function(element, eventName, selector, callback) {
       this.element   = $(element);
@@ -7166,7 +5747,6 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
       this.handler   = this.handleEvent.bind(this);
     },
 
-
     start: function() {
       Event.observe(this.element, this.eventName, this.handler);
       return this;
@@ -7223,145 +5803,59 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
     loaded:        false
   });
 
-  if (GLOBAL.Event) Object.extend(window.Event, Event);
-  else GLOBAL.Event = Event;
-
-  GLOBAL.Event.cache = {};
-
-  function destroyCache_IE() {
-    GLOBAL.Event.cache = null;
-  }
-
-  if (window.attachEvent)
-    window.attachEvent('onunload', destroyCache_IE);
-
-  DIV = null;
-  docEl = null;
-})(this);
-
-(function(GLOBAL) {
-  /* Code for creating leak-free event responders is based on work by
-   John-David Dalton. */
-
-  var docEl = document.documentElement;
-  var MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED = 'onmouseenter' in docEl
-    && 'onmouseleave' in docEl;
-
-  function isSimulatedMouseEnterLeaveEvent(eventName) {
-    return !MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED &&
-     (eventName === 'mouseenter' || eventName === 'mouseleave');
-  }
-
-  function createResponder(uid, eventName, handler) {
-    if (Event._isCustomEvent(eventName))
-      return createResponderForCustomEvent(uid, eventName, handler);
-    if (isSimulatedMouseEnterLeaveEvent(eventName))
-      return createMouseEnterLeaveResponder(uid, eventName, handler);
-
-    return function(event) {
-      if (!Event.cache) return;
-
-      var element = Event.cache[uid].element;
-      Event.extend(event, element);
-      handler.call(element, event);
-    };
-  }
-
-  function createResponderForCustomEvent(uid, eventName, handler) {
-    return function(event) {
-      var cache = Event.cache[uid];
-      var element =  cache && cache.element;
-
-      if (Object.isUndefined(event.eventName))
-        return false;
-
-      if (event.eventName !== eventName)
-        return false;
-
-      Event.extend(event, element);
-      handler.call(element, event);
-    };
-  }
-
-  function createMouseEnterLeaveResponder(uid, eventName, handler) {
-    return function(event) {
-      var element = Event.cache[uid].element;
-
-      Event.extend(event, element);
-      var parent = event.relatedTarget;
-
-      while (parent && parent !== element) {
-        try { parent = parent.parentNode; }
-        catch(e) { parent = element; }
-      }
-
-      if (parent === element) return;
-      handler.call(element, event);
-    }
-  }
-
-  GLOBAL.Event._createResponder = createResponder;
-  docEl = null;
-})(this);
+  if (window.Event) Object.extend(window.Event, Event);
+  else window.Event = Event;
+})();
 
-(function(GLOBAL) {
+(function() {
   /* Support for the DOMContentLoaded event is based on work by Dan Webb,
      Matthias Miller, Dean Edwards, John Resig, and Diego Perini. */
 
-  var TIMER;
+  var timer;
 
   function fireContentLoadedEvent() {
     if (document.loaded) return;
-    if (TIMER) window.clearTimeout(TIMER);
+    if (timer) window.clearTimeout(timer);
     document.loaded = true;
     document.fire('dom:loaded');
   }
 
   function checkReadyState() {
     if (document.readyState === 'complete') {
-      document.detachEvent('onreadystatechange', checkReadyState);
+      document.stopObserving('readystatechange', checkReadyState);
       fireContentLoadedEvent();
     }
   }
 
   function pollDoScroll() {
-    try {
-      document.documentElement.doScroll('left');
-    } catch (e) {
-      TIMER = pollDoScroll.defer();
+    try { document.documentElement.doScroll('left'); }
+    catch(e) {
+      timer = pollDoScroll.defer();
       return;
     }
-
-    fireContentLoadedEvent();
-  }
-
-
-  if (document.readyState === 'complete') {
     fireContentLoadedEvent();
-    return;
   }
 
   if (document.addEventListener) {
     document.addEventListener('DOMContentLoaded', fireContentLoadedEvent, false);
   } else {
-    document.attachEvent('onreadystatechange', checkReadyState);
-    if (window == top) TIMER = pollDoScroll.defer();
+    document.observe('readystatechange', checkReadyState);
+    if (window == top)
+      timer = pollDoScroll.defer();
   }
 
   Event.observe(window, 'load', fireContentLoadedEvent);
-})(this);
-
+})();
 
 Element.addMethods();
+
 /*------------------------------- DEPRECATED -------------------------------*/
 
 Hash.toQueryString = Object.toQueryString;
 
 var Toggle = { display: Element.toggle };
 
-Element.addMethods({
-  childOf: Element.Methods.descendantOf
-});
+Element.Methods.childOf = Element.Methods.descendantOf;
 
 var Insertion = {
   Before: function(element, content) {
@@ -7503,10 +5997,10 @@ Element.ClassNames.prototype = {
     this.element = $(element);
   },
 
-  _each: function(iterator, context) {
+  _each: function(iterator) {
     this.element.className.split(/\s+/).select(function(name) {
       return name.length > 0;
-    })._each(iterator, context);
+    })._each(iterator);
   },
 
   set: function(className) {
-- 
GitLab


From 3d2e29bc4dc6a0e783281d1172fbd35c9fe0d16c Mon Sep 17 00:00:00 2001
From: Ulli Hafner <ullrich.hafner@gmail.com>
Date: Sun, 4 Feb 2018 00:36:54 +0100
Subject: [PATCH 071/863] Revert "Reverted to plain vanilla 1.7."

This reverts commit a5aa65fae411b14fc06b6a7a7b14c173bf3e72ce.
---
 war/src/main/webapp/scripts/prototype.js | 5664 ++++++++++++++--------
 1 file changed, 3585 insertions(+), 2079 deletions(-)

diff --git a/war/src/main/webapp/scripts/prototype.js b/war/src/main/webapp/scripts/prototype.js
index 474b2231bb..cc89dafcd6 100644
--- a/war/src/main/webapp/scripts/prototype.js
+++ b/war/src/main/webapp/scripts/prototype.js
@@ -1,4 +1,4 @@
-/*  Prototype JavaScript framework, version 1.7
+/*  Prototype JavaScript framework, version 1.7.3
  *  (c) 2005-2010 Sam Stephenson
  *
  *  Prototype is freely distributable under the terms of an MIT-style license.
@@ -8,7 +8,7 @@
 
 var Prototype = {
 
-  Version: '1.7',
+  Version: '1.7.3',
 
   Browser: (function(){
     var ua = navigator.userAgent;
@@ -49,7 +49,7 @@ var Prototype = {
     })()
   },
 
-  ScriptFragment: '<script[^>]*>([\\S\\s]*?)<\/script>',
+  ScriptFragment: '<script[^>]*>([\\S\\s]*?)<\/script\\s*>',
   JSONFilter: /^\/\*-secure-([\s\S]*)\*\/\s*$/,
 
   emptyFunction: function() { },
@@ -59,27 +59,6 @@ var Prototype = {
 
 if (Prototype.Browser.MobileSafari)
   Prototype.BrowserFeatures.SpecificElementExtensions = false;
-
-
-var Abstract = { };
-
-
-var Try = {
-  these: function() {
-    var returnValue;
-
-    for (var i = 0, length = arguments.length; i < length; i++) {
-      var lambda = arguments[i];
-      try {
-        returnValue = lambda();
-        break;
-      } catch (e) { }
-    }
-
-    return returnValue;
-  }
-};
-
 /* Based on Alex Arnell's inheritance implementation. */
 
 var Class = (function() {
@@ -141,8 +120,13 @@ var Class = (function() {
           return function() { return ancestor[m].apply(this, arguments); };
         })(property).wrap(method);
 
-        value.valueOf = method.valueOf.bind(method);
-        value.toString = method.toString.bind(method);
+        value.valueOf = (function(method) {
+          return function() { return method.valueOf.call(method); };
+        })(method);
+
+        value.toString = (function(method) {
+          return function() { return method.toString.call(method); };
+        })(method);
       }
       this.prototype[property] = value;
     }
@@ -160,6 +144,7 @@ var Class = (function() {
 (function() {
 
   var _toString = Object.prototype.toString,
+      _hasOwnProperty = Object.prototype.hasOwnProperty,
       NULL_TYPE = 'Null',
       UNDEFINED_TYPE = 'Undefined',
       BOOLEAN_TYPE = 'Boolean',
@@ -177,6 +162,18 @@ var Class = (function() {
         JSON.stringify(0) === '0' &&
         typeof JSON.stringify(Prototype.K) === 'undefined';
 
+
+
+  var DONT_ENUMS = ['toString', 'toLocaleString', 'valueOf',
+   'hasOwnProperty', 'isPrototypeOf', 'propertyIsEnumerable', 'constructor'];
+
+  var IS_DONTENUM_BUGGY = (function(){
+    for (var p in { toString: 1 }) {
+      if (p === 'toString') return false;
+    }
+    return true;
+  })();
+
   function Type(o) {
     switch(o) {
       case null: return NULL_TYPE;
@@ -213,9 +210,7 @@ var Class = (function() {
   }
 
   function Str(key, holder, stack) {
-    var value = holder[key],
-        type = typeof value;
-
+    var value = holder[key];
     if (Type(value) === OBJECT_TYPE && typeof value.toJSON === 'function') {
       value = value.toJSON(key);
     }
@@ -235,7 +230,7 @@ var Class = (function() {
       case false: return 'false';
     }
 
-    type = typeof value;
+    var type = typeof value;
     switch (type) {
       case 'string':
         return value.inspect(true);
@@ -244,7 +239,9 @@ var Class = (function() {
       case 'object':
 
         for (var i = 0, length = stack.length; i < length; i++) {
-          if (stack[i] === value) { throw new TypeError(); }
+          if (stack[i] === value) {
+            throw new TypeError("Cyclic reference to '" + value + "' in object");
+          }
         }
         stack.push(value);
 
@@ -286,10 +283,17 @@ var Class = (function() {
     if (Type(object) !== OBJECT_TYPE) { throw new TypeError(); }
     var results = [];
     for (var property in object) {
-      if (object.hasOwnProperty(property)) {
+      if (_hasOwnProperty.call(object, property))
         results.push(property);
+    }
+
+    if (IS_DONTENUM_BUGGY) {
+      for (var i = 0; property = DONT_ENUMS[i]; i++) {
+        if (_hasOwnProperty.call(object, property))
+          results.push(property);
       }
     }
+
     return results;
   }
 
@@ -383,13 +387,27 @@ Object.extend(Function.prototype, (function() {
     return names.length == 1 && !names[0] ? [] : names;
   }
 
+
   function bind(context) {
-    if (arguments.length < 2 && Object.isUndefined(arguments[0])) return this;
+    if (arguments.length < 2 && Object.isUndefined(arguments[0]))
+      return this;
+
+    if (!Object.isFunction(this))
+      throw new TypeError("The object is not callable.");
+
+    var nop = function() {};
     var __method = this, args = slice.call(arguments, 1);
-    return function() {
+
+    var bound = function() {
       var a = merge(args, arguments);
-      return __method.apply(context, a);
-    }
+      var c = this instanceof bound ? this : context;
+      return __method.apply(c, a);
+    };
+
+    nop.prototype   = this.prototype;
+    bound.prototype = new nop();
+
+    return bound;
   }
 
   function bindAsEventListener(context) {
@@ -439,16 +457,20 @@ Object.extend(Function.prototype, (function() {
     };
   }
 
-  return {
+  var extensions = {
     argumentNames:       argumentNames,
-    bind:                bind,
     bindAsEventListener: bindAsEventListener,
     curry:               curry,
     delay:               delay,
     defer:               defer,
     wrap:                wrap,
     methodize:           methodize
-  }
+  };
+
+  if (!Function.prototype.bind)
+    extensions.bind = bind;
+
+  return extensions;
 })());
 
 
@@ -542,6 +564,11 @@ Object.extend(String.prototype, (function() {
     return function(match) { return template.evaluate(match) };
   }
 
+  function isNonEmptyRegExp(regexp) {
+    return regexp.source && regexp.source !== '(?:)';
+  }
+
+
   function gsub(pattern, replacement) {
     var result = '', source = this, match;
     replacement = prepareReplacement(replacement);
@@ -549,13 +576,14 @@ Object.extend(String.prototype, (function() {
     if (Object.isString(pattern))
       pattern = RegExp.escape(pattern);
 
-    if (!(pattern.length || pattern.source)) {
+    if (!(pattern.length || isNonEmptyRegExp(pattern))) {
       replacement = replacement('');
       return replacement + source.split('').join(replacement) + replacement;
     }
 
     while (source.length > 0) {
-      if (match = source.match(pattern)) {
+      match = source.match(pattern)
+      if (match && match[0].length > 0) {
         result += source.slice(0, match.index);
         result += String.interpret(replacement(match));
         source  = source.slice(match.index + match[0].length);
@@ -593,7 +621,7 @@ Object.extend(String.prototype, (function() {
   }
 
   function stripTags() {
-    return this.replace(/<\w+(\s+("[^"]*"|'[^']*'|[^>])+)?>|<\/\w+>/gi, '');
+    return this.replace(/<\w+(\s+("[^"]*"|'[^']*'|[^>])+)?(\/)?>|<\/\w+>/gi, '');
   }
 
   function stripScripts() {
@@ -609,7 +637,7 @@ Object.extend(String.prototype, (function() {
   }
 
   function evalScripts() {
-    return this.extractScripts().map(function(script) { return eval(script) });
+    return this.extractScripts().map(function(script) { return eval(script); });
   }
 
   function escapeHTML() {
@@ -630,7 +658,10 @@ Object.extend(String.prototype, (function() {
         var key = decodeURIComponent(pair.shift()),
             value = pair.length > 1 ? pair.join('=') : pair[0];
 
-        if (value != undefined) value = decodeURIComponent(value);
+        if (value != undefined) {
+          value = value.gsub('+', ' ');
+          value = decodeURIComponent(value);
+        }
 
         if (key in hash) {
           if (!Object.isArray(hash[key])) hash[key] = [hash[key]];
@@ -703,7 +734,7 @@ Object.extend(String.prototype, (function() {
 
   function evalJSON(sanitize) {
     var json = this.unfilterJSON(),
-        cx = /[\u0000\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g;
+        cx = /[\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff\u0000]/g;
     if (cx.test(json)) {
       json = json.replace(cx, function (a) {
         return '\\u' + ('0000' + a.charCodeAt(0).toString(16)).slice(-4);
@@ -724,12 +755,17 @@ Object.extend(String.prototype, (function() {
     return this.indexOf(pattern) > -1;
   }
 
-  function startsWith(pattern) {
-    return this.lastIndexOf(pattern, 0) === 0;
+  function startsWith(pattern, position) {
+    position = Object.isNumber(position) ? position : 0;
+    return this.lastIndexOf(pattern, position) === position;
   }
 
-  function endsWith(pattern) {
-    var d = this.length - pattern.length;
+  function endsWith(pattern, position) {
+    pattern = String(pattern);
+    position = Object.isNumber(position) ? position : this.length;
+    if (position < 0) position = 0;
+    if (position > this.length) position = this.length;
+    var d = position - pattern.length;
     return d >= 0 && this.indexOf(pattern, d) === d;
   }
 
@@ -771,8 +807,8 @@ Object.extend(String.prototype, (function() {
     isJSON:         isJSON,
     evalJSON:       NATIVE_JSON_PARSE_SUPPORT ? parseJSON : evalJSON,
     include:        include,
-    startsWith:     startsWith,
-    endsWith:       endsWith,
+    startsWith:     String.prototype.startsWith || startsWith,
+    endsWith:       String.prototype.endsWith || endsWith,
     empty:          empty,
     blank:          blank,
     interpolate:    interpolate
@@ -819,11 +855,8 @@ var $break = { };
 
 var Enumerable = (function() {
   function each(iterator, context) {
-    var index = 0;
     try {
-      this._each(function(value) {
-        iterator.call(context, value, index++);
-      });
+      this._each(iterator, context);
     } catch (e) {
       if (e != $break) throw e;
     }
@@ -842,9 +875,9 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var result = true;
     this.each(function(value, index) {
-      result = result && !!iterator.call(context, value, index);
+      result = result && !!iterator.call(context, value, index, this);
       if (!result) throw $break;
-    });
+    }, this);
     return result;
   }
 
@@ -852,9 +885,9 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var result = false;
     this.each(function(value, index) {
-      if (result = !!iterator.call(context, value, index))
+      if (result = !!iterator.call(context, value, index, this))
         throw $break;
-    });
+    }, this);
     return result;
   }
 
@@ -862,28 +895,28 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var results = [];
     this.each(function(value, index) {
-      results.push(iterator.call(context, value, index));
-    });
+      results.push(iterator.call(context, value, index, this));
+    }, this);
     return results;
   }
 
   function detect(iterator, context) {
     var result;
     this.each(function(value, index) {
-      if (iterator.call(context, value, index)) {
+      if (iterator.call(context, value, index, this)) {
         result = value;
         throw $break;
       }
-    });
+    }, this);
     return result;
   }
 
   function findAll(iterator, context) {
     var results = [];
     this.each(function(value, index) {
-      if (iterator.call(context, value, index))
+      if (iterator.call(context, value, index, this))
         results.push(value);
-    });
+    }, this);
     return results;
   }
 
@@ -896,14 +929,14 @@ var Enumerable = (function() {
 
     this.each(function(value, index) {
       if (filter.match(value))
-        results.push(iterator.call(context, value, index));
-    });
+        results.push(iterator.call(context, value, index, this));
+    }, this);
     return results;
   }
 
   function include(object) {
-    if (Object.isFunction(this.indexOf))
-      if (this.indexOf(object) != -1) return true;
+    if (Object.isFunction(this.indexOf) && this.indexOf(object) != -1)
+      return true;
 
     var found = false;
     this.each(function(value) {
@@ -925,8 +958,8 @@ var Enumerable = (function() {
 
   function inject(memo, iterator, context) {
     this.each(function(value, index) {
-      memo = iterator.call(context, memo, value, index);
-    });
+      memo = iterator.call(context, memo, value, index, this);
+    }, this);
     return memo;
   }
 
@@ -941,10 +974,10 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var result;
     this.each(function(value, index) {
-      value = iterator.call(context, value, index);
+      value = iterator.call(context, value, index, this);
       if (result == null || value >= result)
         result = value;
-    });
+    }, this);
     return result;
   }
 
@@ -952,10 +985,10 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var result;
     this.each(function(value, index) {
-      value = iterator.call(context, value, index);
+      value = iterator.call(context, value, index, this);
       if (result == null || value < result)
         result = value;
-    });
+    }, this);
     return result;
   }
 
@@ -963,9 +996,9 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var trues = [], falses = [];
     this.each(function(value, index) {
-      (iterator.call(context, value, index) ?
+      (iterator.call(context, value, index, this) ?
         trues : falses).push(value);
-    });
+    }, this);
     return [trues, falses];
   }
 
@@ -980,9 +1013,9 @@ var Enumerable = (function() {
   function reject(iterator, context) {
     var results = [];
     this.each(function(value, index) {
-      if (!iterator.call(context, value, index))
+      if (!iterator.call(context, value, index, this))
         results.push(value);
-    });
+    }, this);
     return results;
   }
 
@@ -990,9 +1023,9 @@ var Enumerable = (function() {
     return this.map(function(value, index) {
       return {
         value: value,
-        criteria: iterator.call(context, value, index)
+        criteria: iterator.call(context, value, index, this)
       };
-    }).sort(function(left, right) {
+    }, this).sort(function(left, right) {
       var a = left.criteria, b = right.criteria;
       return a < b ? -1 : a > b ? 1 : 0;
     }).pluck('value');
@@ -1142,7 +1175,7 @@ Array.from = $A;
 
   function intersect(array) {
     return this.uniq().findAll(function(item) {
-      return array.detect(function(value) { return item === value });
+      return array.indexOf(item) !== -1;
     });
   }
 
@@ -1160,41 +1193,190 @@ Array.from = $A;
   }
 
   function indexOf(item, i) {
-    i || (i = 0);
-    var length = this.length;
-    if (i < 0) i = length + i;
-    for (; i < length; i++)
-      if (this[i] === item) return i;
+    if (this == null) throw new TypeError();
+
+    var array = Object(this), length = array.length >>> 0;
+    if (length === 0) return -1;
+
+    i = Number(i);
+    if (isNaN(i)) {
+      i = 0;
+    } else if (i !== 0 && isFinite(i)) {
+      i = (i > 0 ? 1 : -1) * Math.floor(Math.abs(i));
+    }
+
+    if (i > length) return -1;
+
+    var k = i >= 0 ? i : Math.max(length - Math.abs(i), 0);
+    for (; k < length; k++)
+      if (k in array && array[k] === item) return k;
     return -1;
   }
 
+
   function lastIndexOf(item, i) {
-    i = isNaN(i) ? this.length : (i < 0 ? this.length + i : i) + 1;
-    var n = this.slice(0, i).reverse().indexOf(item);
-    return (n < 0) ? n : i - n - 1;
+    if (this == null) throw new TypeError();
+
+    var array = Object(this), length = array.length >>> 0;
+    if (length === 0) return -1;
+
+    if (!Object.isUndefined(i)) {
+      i = Number(i);
+      if (isNaN(i)) {
+        i = 0;
+      } else if (i !== 0 && isFinite(i)) {
+        i = (i > 0 ? 1 : -1) * Math.floor(Math.abs(i));
+      }
+    } else {
+      i = length;
+    }
+
+    var k = i >= 0 ? Math.min(i, length - 1) :
+     length - Math.abs(i);
+
+    for (; k >= 0; k--)
+      if (k in array && array[k] === item) return k;
+    return -1;
   }
 
-  function concat() {
-    var array = slice.call(this, 0), item;
-    for (var i = 0, length = arguments.length; i < length; i++) {
-      item = arguments[i];
+  function concat(_) {
+    var array = [], items = slice.call(arguments, 0), item, n = 0;
+    items.unshift(this);
+    for (var i = 0, length = items.length; i < length; i++) {
+      item = items[i];
       if (Object.isArray(item) && !('callee' in item)) {
-        for (var j = 0, arrayLength = item.length; j < arrayLength; j++)
-          array.push(item[j]);
+        for (var j = 0, arrayLength = item.length; j < arrayLength; j++) {
+          if (j in item) array[n] = item[j];
+          n++;
+        }
       } else {
-        array.push(item);
+        array[n++] = item;
       }
     }
+    array.length = n;
     return array;
   }
 
+
+  function wrapNative(method) {
+    return function() {
+      if (arguments.length === 0) {
+        return method.call(this, Prototype.K);
+      } else if (arguments[0] === undefined) {
+        var args = slice.call(arguments, 1);
+        args.unshift(Prototype.K);
+        return method.apply(this, args);
+      } else {
+        return method.apply(this, arguments);
+      }
+    };
+  }
+
+
+  function map(iterator) {
+    if (this == null) throw new TypeError();
+    iterator = iterator || Prototype.K;
+
+    var object = Object(this);
+    var results = [], context = arguments[1], n = 0;
+
+    for (var i = 0, length = object.length >>> 0; i < length; i++) {
+      if (i in object) {
+        results[n] = iterator.call(context, object[i], i, object);
+      }
+      n++;
+    }
+    results.length = n;
+    return results;
+  }
+
+  if (arrayProto.map) {
+    map = wrapNative(Array.prototype.map);
+  }
+
+  function filter(iterator) {
+    if (this == null || !Object.isFunction(iterator))
+      throw new TypeError();
+
+    var object = Object(this);
+    var results = [], context = arguments[1], value;
+
+    for (var i = 0, length = object.length >>> 0; i < length; i++) {
+      if (i in object) {
+        value = object[i];
+        if (iterator.call(context, value, i, object)) {
+          results.push(value);
+        }
+      }
+    }
+    return results;
+  }
+
+  if (arrayProto.filter) {
+    filter = Array.prototype.filter;
+  }
+
+  function some(iterator) {
+    if (this == null) throw new TypeError();
+    iterator = iterator || Prototype.K;
+    var context = arguments[1];
+
+    var object = Object(this);
+    for (var i = 0, length = object.length >>> 0; i < length; i++) {
+      if (i in object && iterator.call(context, object[i], i, object)) {
+        return true;
+      }
+    }
+
+    return false;
+  }
+
+  if (arrayProto.some) {
+    some = wrapNative(Array.prototype.some);
+  }
+
+  function every(iterator) {
+    if (this == null) throw new TypeError();
+    iterator = iterator || Prototype.K;
+    var context = arguments[1];
+
+    var object = Object(this);
+    for (var i = 0, length = object.length >>> 0; i < length; i++) {
+      if (i in object && !iterator.call(context, object[i], i, object)) {
+        return false;
+      }
+    }
+
+    return true;
+  }
+
+  if (arrayProto.every) {
+    every = wrapNative(Array.prototype.every);
+  }
+
+
   Object.extend(arrayProto, Enumerable);
 
+  if (arrayProto.entries === Enumerable.entries) {
+    delete arrayProto.entries;
+  }
+
   if (!arrayProto._reverse)
     arrayProto._reverse = arrayProto.reverse;
 
   Object.extend(arrayProto, {
     _each:     _each,
+
+    map:       map,
+    collect:   map,
+    select:    filter,
+    filter:    filter,
+    findAll:   filter,
+    some:      some,
+    any:       some,
+    every:     every,
+    all:       every,
+
     clear:     clear,
     first:     first,
     last:      last,
@@ -1212,7 +1394,7 @@ Array.from = $A;
 
   var CONCAT_ARGUMENTS_BUGGY = (function() {
     return [].concat(arguments)[0][0] !== 1;
-  })(1,2)
+  })(1,2);
 
   if (CONCAT_ARGUMENTS_BUGGY) arrayProto.concat = concat;
 
@@ -1229,12 +1411,14 @@ var Hash = Class.create(Enumerable, (function() {
   }
 
 
-  function _each(iterator) {
+  function _each(iterator, context) {
+    var i = 0;
     for (var key in this._object) {
       var value = this._object[key], pair = [key, value];
       pair.key = key;
       pair.value = value;
-      iterator(pair);
+      iterator.call(context, pair, i);
+      i++;
     }
   }
 
@@ -1287,7 +1471,13 @@ var Hash = Class.create(Enumerable, (function() {
 
   function toQueryPair(key, value) {
     if (Object.isUndefined(value)) return key;
-    return key + '=' + encodeURIComponent(String.interpret(value));
+
+    value = String.interpret(value);
+
+    value = value.gsub(/(\r)?\n/, '\r\n');
+    value = encodeURIComponent(value);
+    value = value.gsub(/%20/, '+');
+    return key + '=' + value;
   }
 
   function toQueryString() {
@@ -1397,10 +1587,10 @@ var ObjectRange = Class.create(Enumerable, (function() {
     this.exclusive = exclusive;
   }
 
-  function _each(iterator) {
-    var value = this.start;
-    while (this.include(value)) {
-      iterator(value);
+  function _each(iterator, context) {
+    var value = this.start, i;
+    for (i = 0; this.include(value); i++) {
+      iterator.call(context, value, i);
       value = value.succ();
     }
   }
@@ -1422,6 +1612,25 @@ var ObjectRange = Class.create(Enumerable, (function() {
 
 
 
+var Abstract = { };
+
+
+var Try = {
+  these: function() {
+    var returnValue;
+
+    for (var i = 0, length = arguments.length; i < length; i++) {
+      var lambda = arguments[i];
+      try {
+        returnValue = lambda();
+        break;
+      } catch (e) { }
+    }
+
+    return returnValue;
+  }
+};
+
 var Ajax = {
   getTransport: function() {
     return Try.these(
@@ -1437,8 +1646,8 @@ var Ajax = {
 Ajax.Responders = {
   responders: [],
 
-  _each: function(iterator) {
-    this.responders._each(iterator);
+  _each: function(iterator, context) {
+    this.responders._each(iterator, context);
   },
 
   register: function(responder) {
@@ -1576,7 +1785,8 @@ Ajax.Request = Class.create(Ajax.Base, {
     }
 
     for (var name in headers)
-      this.transport.setRequestHeader(name, headers[name]);
+      if (headers[name] != null)
+        this.transport.setRequestHeader(name, headers[name]);
   },
 
   success: function() {
@@ -1713,7 +1923,12 @@ Ajax.Response = Class.create({
   _getHeaderJSON: function() {
     var json = this.getHeader('X-JSON');
     if (!json) return null;
-    json = decodeURIComponent(escape(json));
+
+    try {
+      json = decodeURIComponent(escape(json));
+    } catch(e) {
+    }
+
     try {
       return json.evalJSON(this.request.options.sanitizeJSON ||
         !this.request.isSameOrigin());
@@ -1814,54 +2029,51 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
   }
 });
 
+(function(GLOBAL) {
 
-function $(element) {
-  if (arguments.length > 1) {
-    for (var i = 0, elements = [], length = arguments.length; i < length; i++)
-      elements.push($(arguments[i]));
-    return elements;
+  var UNDEFINED;
+  var SLICE = Array.prototype.slice;
+
+  var DIV = document.createElement('div');
+
+
+  function $(element) {
+    if (arguments.length > 1) {
+      for (var i = 0, elements = [], length = arguments.length; i < length; i++)
+        elements.push($(arguments[i]));
+      return elements;
+    }
+
+    if (Object.isString(element))
+      element = document.getElementById(element);
+    return Element.extend(element);
   }
-  if (Object.isString(element))
-    element = document.getElementById(element);
-  return Element.extend(element);
-}
 
-if (Prototype.BrowserFeatures.XPath) {
-  document._getElementsByXPath = function(expression, parentElement) {
-    var results = [];
-    var query = document.evaluate(expression, $(parentElement) || document,
-      null, XPathResult.ORDERED_NODE_SNAPSHOT_TYPE, null);
-    for (var i = 0, length = query.snapshotLength; i < length; i++)
-      results.push(Element.extend(query.snapshotItem(i)));
-    return results;
-  };
-}
+  GLOBAL.$ = $;
 
-/*--------------------------------------------------------------------------*/
 
-if (!Node) var Node = { };
-
-if (!Node.ELEMENT_NODE) {
-  Object.extend(Node, {
-    ELEMENT_NODE: 1,
-    ATTRIBUTE_NODE: 2,
-    TEXT_NODE: 3,
-    CDATA_SECTION_NODE: 4,
-    ENTITY_REFERENCE_NODE: 5,
-    ENTITY_NODE: 6,
-    PROCESSING_INSTRUCTION_NODE: 7,
-    COMMENT_NODE: 8,
-    DOCUMENT_NODE: 9,
-    DOCUMENT_TYPE_NODE: 10,
-    DOCUMENT_FRAGMENT_NODE: 11,
-    NOTATION_NODE: 12
-  });
-}
+  if (!GLOBAL.Node) GLOBAL.Node = {};
 
+  if (!GLOBAL.Node.ELEMENT_NODE) {
+    Object.extend(GLOBAL.Node, {
+      ELEMENT_NODE:                1,
+      ATTRIBUTE_NODE:              2,
+      TEXT_NODE:                   3,
+      CDATA_SECTION_NODE:          4,
+      ENTITY_REFERENCE_NODE:       5,
+      ENTITY_NODE:                 6,
+      PROCESSING_INSTRUCTION_NODE: 7,
+      COMMENT_NODE:                8,
+      DOCUMENT_NODE:               9,
+      DOCUMENT_TYPE_NODE:         10,
+      DOCUMENT_FRAGMENT_NODE:     11,
+      NOTATION_NODE:              12
+    });
+  }
 
+  var ELEMENT_CACHE = {};
 
-(function(global) {
-  function shouldUseCache(tagName, attributes) {
+  function shouldUseCreationCache(tagName, attributes) {
     if (tagName === 'select') return false;
     if ('type' in attributes) return false;
     return true;
@@ -1877,12 +2089,11 @@ if (!Node.ELEMENT_NODE) {
     }
   })();
 
-  var element = global.Element;
 
-  global.Element = function(tagName, attributes) {
-    attributes = attributes || { };
+  var oldElement = GLOBAL.Element;
+  function Element(tagName, attributes) {
+    attributes = attributes || {};
     tagName = tagName.toLowerCase();
-    var cache = Element.cache;
 
     if (HAS_EXTENDED_CREATE_ELEMENT_SYNTAX && attributes.name) {
       tagName = '<' + tagName + ' name="' + attributes.name + '">';
@@ -1890,1015 +2101,1212 @@ if (!Node.ELEMENT_NODE) {
       return Element.writeAttribute(document.createElement(tagName), attributes);
     }
 
-    if (!cache[tagName]) cache[tagName] = Element.extend(document.createElement(tagName));
+    if (!ELEMENT_CACHE[tagName])
+      ELEMENT_CACHE[tagName] = Element.extend(document.createElement(tagName));
 
-    var node = shouldUseCache(tagName, attributes) ?
-     cache[tagName].cloneNode(false) : document.createElement(tagName);
+    var node = shouldUseCreationCache(tagName, attributes) ?
+     ELEMENT_CACHE[tagName].cloneNode(false) : document.createElement(tagName);
 
     return Element.writeAttribute(node, attributes);
-  };
+  }
 
-  Object.extend(global.Element, element || { });
-  if (element) global.Element.prototype = element.prototype;
+  GLOBAL.Element = Element;
 
-})(this);
+  Object.extend(GLOBAL.Element, oldElement || {});
+  if (oldElement) GLOBAL.Element.prototype = oldElement.prototype;
+
+  Element.Methods = { ByTag: {}, Simulated: {} };
+
+  var methods = {};
 
-Element.idCounter = 1;
-Element.cache = { };
+  var INSPECT_ATTRIBUTES = { id: 'id', className: 'class' };
+  function inspect(element) {
+    element = $(element);
+    var result = '<' + element.tagName.toLowerCase();
+
+    var attribute, value;
+    for (var property in INSPECT_ATTRIBUTES) {
+      attribute = INSPECT_ATTRIBUTES[property];
+      value = (element[property] || '').toString();
+      if (value) result += ' ' + attribute + '=' + value.inspect(true);
+    }
 
-Element._purgeElement = function(element) {
-  var uid = element._prototypeUID;
-  if (uid) {
-    Element.stopObserving(element);
-    element._prototypeUID = void 0;
-    delete Element.Storage[uid];
+    return result + '>';
   }
-}
 
-Element.Methods = {
-  visible: function(element) {
-    return $(element).style.display != 'none';
-  },
+  methods.inspect = inspect;
 
-  toggle: function(element) {
+
+  function visible(element) {
+    return $(element).getStyle('display') !== 'none';
+  }
+
+  function toggle(element, bool) {
     element = $(element);
-    Element[Element.visible(element) ? 'hide' : 'show'](element);
+    if (typeof bool !== 'boolean')
+      bool = !Element.visible(element);
+    Element[bool ? 'show' : 'hide'](element);
+
     return element;
-  },
+  }
 
-  hide: function(element) {
+  function hide(element) {
     element = $(element);
     element.style.display = 'none';
     return element;
-  },
+  }
 
-  show: function(element) {
+  function show(element) {
     element = $(element);
     element.style.display = '';
     return element;
-  },
+  }
+
+
+  Object.extend(methods, {
+    visible: visible,
+    toggle:  toggle,
+    hide:    hide,
+    show:    show
+  });
+
 
-  remove: function(element) {
+  function remove(element) {
     element = $(element);
     element.parentNode.removeChild(element);
     return element;
-  },
+  }
 
-  update: (function(){
+  var SELECT_ELEMENT_INNERHTML_BUGGY = (function(){
+    var el = document.createElement("select"),
+        isBuggy = true;
+    el.innerHTML = "<option value=\"test\">test</option>";
+    if (el.options && el.options[0]) {
+      isBuggy = el.options[0].nodeName.toUpperCase() !== "OPTION";
+    }
+    el = null;
+    return isBuggy;
+  })();
 
-    var SELECT_ELEMENT_INNERHTML_BUGGY = (function(){
-      var el = document.createElement("select"),
-          isBuggy = true;
-      el.innerHTML = "<option value=\"test\">test</option>";
-      if (el.options && el.options[0]) {
-        isBuggy = el.options[0].nodeName.toUpperCase() !== "OPTION";
+  var TABLE_ELEMENT_INNERHTML_BUGGY = (function(){
+    try {
+      var el = document.createElement("table");
+      if (el && el.tBodies) {
+        el.innerHTML = "<tbody><tr><td>test</td></tr></tbody>";
+        var isBuggy = typeof el.tBodies[0] == "undefined";
+        el = null;
+        return isBuggy;
       }
+    } catch (e) {
+      return true;
+    }
+  })();
+
+  var LINK_ELEMENT_INNERHTML_BUGGY = (function() {
+    try {
+      var el = document.createElement('div');
+      el.innerHTML = "<link />";
+      var isBuggy = (el.childNodes.length === 0);
       el = null;
       return isBuggy;
-    })();
+    } catch(e) {
+      return true;
+    }
+  })();
 
-    var TABLE_ELEMENT_INNERHTML_BUGGY = (function(){
-      try {
-        var el = document.createElement("table");
-        if (el && el.tBodies) {
-          el.innerHTML = "<tbody><tr><td>test</td></tr></tbody>";
-          var isBuggy = typeof el.tBodies[0] == "undefined";
-          el = null;
-          return isBuggy;
-        }
-      } catch (e) {
-        return true;
-      }
-    })();
+  var ANY_INNERHTML_BUGGY = SELECT_ELEMENT_INNERHTML_BUGGY ||
+   TABLE_ELEMENT_INNERHTML_BUGGY || LINK_ELEMENT_INNERHTML_BUGGY;
 
-    var LINK_ELEMENT_INNERHTML_BUGGY = (function() {
-      try {
-        var el = document.createElement('div');
-        el.innerHTML = "<link>";
-        var isBuggy = (el.childNodes.length === 0);
-        el = null;
-        return isBuggy;
-      } catch(e) {
-        return true;
-      }
-    })();
+  var SCRIPT_ELEMENT_REJECTS_TEXTNODE_APPENDING = (function () {
+    var s = document.createElement("script"),
+        isBuggy = false;
+    try {
+      s.appendChild(document.createTextNode(""));
+      isBuggy = !s.firstChild ||
+        s.firstChild && s.firstChild.nodeType !== 3;
+    } catch (e) {
+      isBuggy = true;
+    }
+    s = null;
+    return isBuggy;
+  })();
 
-    var ANY_INNERHTML_BUGGY = SELECT_ELEMENT_INNERHTML_BUGGY ||
-     TABLE_ELEMENT_INNERHTML_BUGGY || LINK_ELEMENT_INNERHTML_BUGGY;
+  function update(element, content) {
+    element = $(element);
 
-    var SCRIPT_ELEMENT_REJECTS_TEXTNODE_APPENDING = (function () {
-      var s = document.createElement("script"),
-          isBuggy = false;
-      try {
-        s.appendChild(document.createTextNode(""));
-        isBuggy = !s.firstChild ||
-          s.firstChild && s.firstChild.nodeType !== 3;
-      } catch (e) {
-        isBuggy = true;
-      }
-      s = null;
-      return isBuggy;
-    })();
+    var descendants = element.getElementsByTagName('*'),
+     i = descendants.length;
+    while (i--) purgeElement(descendants[i]);
 
+    if (content && content.toElement)
+      content = content.toElement();
 
-    function update(element, content) {
-      element = $(element);
-      var purgeElement = Element._purgeElement;
+    if (Object.isElement(content))
+      return element.update().insert(content);
 
-      var descendants = element.getElementsByTagName('*'),
-       i = descendants.length;
-      while (i--) purgeElement(descendants[i]);
 
-      if (content && content.toElement)
-        content = content.toElement();
+    content = Object.toHTML(content);
+    var tagName = element.tagName.toUpperCase();
 
-      if (Object.isElement(content))
-        return element.update().insert(content);
+    if (tagName === 'SCRIPT' && SCRIPT_ELEMENT_REJECTS_TEXTNODE_APPENDING) {
+      element.text = content;
+      return element;
+    }
 
-      content = Object.toHTML(content);
+    if (ANY_INNERHTML_BUGGY) {
+      if (tagName in INSERTION_TRANSLATIONS.tags) {
+        while (element.firstChild)
+          element.removeChild(element.firstChild);
 
-      var tagName = element.tagName.toUpperCase();
+        var nodes = getContentFromAnonymousElement(tagName, content.stripScripts());
+        for (var i = 0, node; node = nodes[i]; i++)
+          element.appendChild(node);
 
-      if (tagName === 'SCRIPT' && SCRIPT_ELEMENT_REJECTS_TEXTNODE_APPENDING) {
-        element.text = content;
-        return element;
-      }
+      } else if (LINK_ELEMENT_INNERHTML_BUGGY && Object.isString(content) && content.indexOf('<link') > -1) {
+        while (element.firstChild)
+          element.removeChild(element.firstChild);
 
-      if (ANY_INNERHTML_BUGGY) {
-        if (tagName in Element._insertionTranslations.tags) {
-          while (element.firstChild) {
-            element.removeChild(element.firstChild);
-          }
-          Element._getContentFromAnonymousElement(tagName, content.stripScripts())
-            .each(function(node) {
-              element.appendChild(node)
-            });
-        } else if (LINK_ELEMENT_INNERHTML_BUGGY && Object.isString(content) && content.indexOf('<link') > -1) {
-          while (element.firstChild) {
-            element.removeChild(element.firstChild);
-          }
-          var nodes = Element._getContentFromAnonymousElement(tagName, content.stripScripts(), true);
-          nodes.each(function(node) { element.appendChild(node) });
-        }
-        else {
-          element.innerHTML = content.stripScripts();
-        }
-      }
-      else {
+        var nodes = getContentFromAnonymousElement(tagName,
+         content.stripScripts(), true);
+
+        for (var i = 0, node; node = nodes[i]; i++)
+          element.appendChild(node);
+      } else {
         element.innerHTML = content.stripScripts();
       }
-
-      content.evalScripts.bind(content).defer();
-      return element;
+    } else {
+      element.innerHTML = content.stripScripts();
     }
 
-    return update;
-  })(),
+    content.evalScripts.bind(content).defer();
+    return element;
+  }
 
-  replace: function(element, content) {
+  function replace(element, content) {
     element = $(element);
-    if (content && content.toElement) content = content.toElement();
-    else if (!Object.isElement(content)) {
+
+    if (content && content.toElement) {
+      content = content.toElement();
+    } else if (!Object.isElement(content)) {
       content = Object.toHTML(content);
       var range = element.ownerDocument.createRange();
       range.selectNode(element);
       content.evalScripts.bind(content).defer();
       content = range.createContextualFragment(content.stripScripts());
     }
+
     element.parentNode.replaceChild(content, element);
     return element;
-  },
+  }
+
+  var INSERTION_TRANSLATIONS = {
+    before: function(element, node) {
+      element.parentNode.insertBefore(node, element);
+    },
+    top: function(element, node) {
+      element.insertBefore(node, element.firstChild);
+    },
+    bottom: function(element, node) {
+      element.appendChild(node);
+    },
+    after: function(element, node) {
+      element.parentNode.insertBefore(node, element.nextSibling);
+    },
+
+    tags: {
+      TABLE:  ['<table>',                '</table>',                   1],
+      TBODY:  ['<table><tbody>',         '</tbody></table>',           2],
+      TR:     ['<table><tbody><tr>',     '</tr></tbody></table>',      3],
+      TD:     ['<table><tbody><tr><td>', '</td></tr></tbody></table>', 4],
+      SELECT: ['<select>',               '</select>',                  1]
+    }
+  };
+
+  var tags = INSERTION_TRANSLATIONS.tags;
 
-  insert: function(element, insertions) {
+  Object.extend(tags, {
+    THEAD: tags.TBODY,
+    TFOOT: tags.TBODY,
+    TH:    tags.TD
+  });
+
+  function replace_IE(element, content) {
     element = $(element);
+    if (content && content.toElement)
+      content = content.toElement();
+    if (Object.isElement(content)) {
+      element.parentNode.replaceChild(content, element);
+      return element;
+    }
 
-    if (Object.isString(insertions) || Object.isNumber(insertions) ||
-        Object.isElement(insertions) || (insertions && (insertions.toElement || insertions.toHTML)))
-          insertions = {bottom:insertions};
+    content = Object.toHTML(content);
+    var parent = element.parentNode, tagName = parent.tagName.toUpperCase();
 
-    var content, insert, tagName, childNodes;
+    if (tagName in INSERTION_TRANSLATIONS.tags) {
+      var nextSibling = Element.next(element);
+      var fragments = getContentFromAnonymousElement(
+       tagName, content.stripScripts());
 
-    for (var position in insertions) {
-      content  = insertions[position];
-      position = position.toLowerCase();
-      insert = Element._insertionTranslations[position];
+      parent.removeChild(element);
 
-      if (content && content.toElement) content = content.toElement();
-      if (Object.isElement(content)) {
-        insert(element, content);
-        continue;
-      }
+      var iterator;
+      if (nextSibling)
+        iterator = function(node) { parent.insertBefore(node, nextSibling) };
+      else
+        iterator = function(node) { parent.appendChild(node); }
 
-      content = Object.toHTML(content);
+      fragments.each(iterator);
+    } else {
+      element.outerHTML = content.stripScripts();
+    }
 
-      tagName = ((position == 'before' || position == 'after')
-        ? element.parentNode : element).tagName.toUpperCase();
+    content.evalScripts.bind(content).defer();
+    return element;
+  }
 
-      childNodes = Element._getContentFromAnonymousElement(tagName, content.stripScripts());
+  if ('outerHTML' in document.documentElement)
+    replace = replace_IE;
 
-      if (position == 'top' || position == 'after') childNodes.reverse();
-      childNodes.each(insert.curry(element));
+  function isContent(content) {
+    if (Object.isUndefined(content) || content === null) return false;
 
-      content.evalScripts.bind(content).defer();
+    if (Object.isString(content) || Object.isNumber(content)) return true;
+    if (Object.isElement(content)) return true;
+    if (content.toElement || content.toHTML) return true;
+
+    return false;
+  }
+
+  function insertContentAt(element, content, position) {
+    position   = position.toLowerCase();
+    var method = INSERTION_TRANSLATIONS[position];
+
+    if (content && content.toElement) content = content.toElement();
+    if (Object.isElement(content)) {
+      method(element, content);
+      return element;
     }
 
+    content = Object.toHTML(content);
+    var tagName = ((position === 'before' || position === 'after') ?
+     element.parentNode : element).tagName.toUpperCase();
+
+    var childNodes = getContentFromAnonymousElement(tagName, content.stripScripts());
+
+    if (position === 'top' || position === 'after') childNodes.reverse();
+
+    for (var i = 0, node; node = childNodes[i]; i++)
+      method(element, node);
+
+    content.evalScripts.bind(content).defer();
+  }
+
+  function insert(element, insertions) {
+    element = $(element);
+
+    if (isContent(insertions))
+      insertions = { bottom: insertions };
+
+    for (var position in insertions)
+      insertContentAt(element, insertions[position], position);
+
     return element;
-  },
+  }
 
-  wrap: function(element, wrapper, attributes) {
+  function wrap(element, wrapper, attributes) {
     element = $(element);
-    if (Object.isElement(wrapper))
-      $(wrapper).writeAttribute(attributes || { });
-    else if (Object.isString(wrapper)) wrapper = new Element(wrapper, attributes);
-    else wrapper = new Element('div', wrapper);
+
+    if (Object.isElement(wrapper)) {
+      $(wrapper).writeAttribute(attributes || {});
+    } else if (Object.isString(wrapper)) {
+      wrapper = new Element(wrapper, attributes);
+    } else {
+      wrapper = new Element('div', wrapper);
+    }
+
     if (element.parentNode)
       element.parentNode.replaceChild(wrapper, element);
+
     wrapper.appendChild(element);
+
     return wrapper;
-  },
+  }
 
-  inspect: function(element) {
+  function cleanWhitespace(element) {
     element = $(element);
-    var result = '<' + element.tagName.toLowerCase();
-    $H({'id': 'id', 'className': 'class'}).each(function(pair) {
-      var property = pair.first(),
-          attribute = pair.last(),
-          value = (element[property] || '').toString();
-      if (value) result += ' ' + attribute + '=' + value.inspect(true);
-    });
-    return result + '>';
-  },
+    var node = element.firstChild;
 
-  recursivelyCollect: function(element, property, maximumLength) {
+    while (node) {
+      var nextNode = node.nextSibling;
+      if (node.nodeType === Node.TEXT_NODE && !/\S/.test(node.nodeValue))
+        element.removeChild(node);
+      node = nextNode;
+    }
+    return element;
+  }
+
+  function empty(element) {
+    return $(element).innerHTML.blank();
+  }
+
+  function getContentFromAnonymousElement(tagName, html, force) {
+    var t = INSERTION_TRANSLATIONS.tags[tagName], div = DIV;
+
+    var workaround = !!t;
+    if (!workaround && force) {
+      workaround = true;
+      t = ['', '', 0];
+    }
+
+    if (workaround) {
+      div.innerHTML = '&#160;' + t[0] + html + t[1];
+      div.removeChild(div.firstChild);
+      for (var i = t[2]; i--; )
+        div = div.firstChild;
+    } else {
+      div.innerHTML = html;
+    }
+
+    return $A(div.childNodes);
+  }
+
+  function clone(element, deep) {
+    if (!(element = $(element))) return;
+    var clone = element.cloneNode(deep);
+    if (!HAS_UNIQUE_ID_PROPERTY) {
+      clone._prototypeUID = UNDEFINED;
+      if (deep) {
+        var descendants = Element.select(clone, '*'),
+         i = descendants.length;
+        while (i--)
+          descendants[i]._prototypeUID = UNDEFINED;
+      }
+    }
+    return Element.extend(clone);
+  }
+
+  function purgeElement(element) {
+    var uid = getUniqueElementID(element);
+    if (uid) {
+      Element.stopObserving(element);
+      if (!HAS_UNIQUE_ID_PROPERTY)
+        element._prototypeUID = UNDEFINED;
+      delete Element.Storage[uid];
+    }
+  }
+
+  function purgeCollection(elements) {
+    var i = elements.length;
+    while (i--)
+      purgeElement(elements[i]);
+  }
+
+  function purgeCollection_IE(elements) {
+    var i = elements.length, element, uid;
+    while (i--) {
+      element = elements[i];
+      uid = getUniqueElementID(element);
+      delete Element.Storage[uid];
+      delete Event.cache[uid];
+    }
+  }
+
+  if (HAS_UNIQUE_ID_PROPERTY) {
+    purgeCollection = purgeCollection_IE;
+  }
+
+
+  function purge(element) {
+    if (!(element = $(element))) return;
+    purgeElement(element);
+
+    var descendants = element.getElementsByTagName('*'),
+     i = descendants.length;
+
+    while (i--) purgeElement(descendants[i]);
+
+    return null;
+  }
+
+  Object.extend(methods, {
+    remove:  remove,
+    update:  update,
+    replace: replace,
+    insert:  insert,
+    wrap:    wrap,
+    cleanWhitespace: cleanWhitespace,
+    empty:   empty,
+    clone:   clone,
+    purge:   purge
+  });
+
+
+
+  function recursivelyCollect(element, property, maximumLength) {
     element = $(element);
     maximumLength = maximumLength || -1;
     var elements = [];
 
     while (element = element[property]) {
-      if (element.nodeType == 1)
+      if (element.nodeType === Node.ELEMENT_NODE)
         elements.push(Element.extend(element));
-      if (elements.length == maximumLength)
-        break;
+
+      if (elements.length === maximumLength) break;
     }
 
     return elements;
-  },
+  }
 
-  ancestors: function(element) {
-    return Element.recursivelyCollect(element, 'parentNode');
-  },
 
-  descendants: function(element) {
-    return Element.select(element, "*");
-  },
+  function ancestors(element) {
+    return recursivelyCollect(element, 'parentNode');
+  }
 
-  firstDescendant: function(element) {
+  function descendants(element) {
+    return Element.select(element, '*');
+  }
+
+  function firstDescendant(element) {
     element = $(element).firstChild;
-    while (element && element.nodeType != 1) element = element.nextSibling;
+    while (element && element.nodeType !== Node.ELEMENT_NODE)
+      element = element.nextSibling;
+
     return $(element);
-  },
+  }
 
-  immediateDescendants: function(element) {
+  function immediateDescendants(element) {
     var results = [], child = $(element).firstChild;
+
     while (child) {
-      if (child.nodeType === 1) {
+      if (child.nodeType === Node.ELEMENT_NODE)
         results.push(Element.extend(child));
-      }
+
       child = child.nextSibling;
     }
+
     return results;
-  },
+  }
 
-  previousSiblings: function(element, maximumLength) {
-    return Element.recursivelyCollect(element, 'previousSibling');
-  },
+  function previousSiblings(element) {
+    return recursivelyCollect(element, 'previousSibling');
+  }
 
-  nextSiblings: function(element) {
-    return Element.recursivelyCollect(element, 'nextSibling');
-  },
+  function nextSiblings(element) {
+    return recursivelyCollect(element, 'nextSibling');
+  }
 
-  siblings: function(element) {
+  function siblings(element) {
     element = $(element);
-    return Element.previousSiblings(element).reverse()
-      .concat(Element.nextSiblings(element));
-  },
+    var previous = previousSiblings(element),
+     next = nextSiblings(element);
+    return previous.reverse().concat(next);
+  }
 
-  match: function(element, selector) {
+  function match(element, selector) {
     element = $(element);
+
     if (Object.isString(selector))
       return Prototype.Selector.match(element, selector);
+
     return selector.match(element);
-  },
+  }
 
-  up: function(element, expression, index) {
-    element = $(element);
-    if (arguments.length == 1) return $(element.parentNode);
-    var ancestors = Element.ancestors(element);
-    return Object.isNumber(expression) ? ancestors[expression] :
-      Prototype.Selector.find(ancestors, expression, index);
-  },
 
-  down: function(element, expression, index) {
-    element = $(element);
-    if (arguments.length == 1) return Element.firstDescendant(element);
-    return Object.isNumber(expression) ? Element.descendants(element)[expression] :
-      Element.select(element, expression)[index || 0];
-  },
+  function _recursivelyFind(element, property, expression, index) {
+    element = $(element), expression = expression || 0, index = index || 0;
+    if (Object.isNumber(expression)) {
+      index = expression, expression = null;
+    }
 
-  previous: function(element, expression, index) {
-    element = $(element);
-    if (Object.isNumber(expression)) index = expression, expression = false;
-    if (!Object.isNumber(index)) index = 0;
+    while (element = element[property]) {
+      if (element.nodeType !== 1) continue;
+      if (expression && !Prototype.Selector.match(element, expression))
+        continue;
+      if (--index >= 0) continue;
 
-    if (expression) {
-      return Prototype.Selector.find(element.previousSiblings(), expression, index);
-    } else {
-      return element.recursivelyCollect("previousSibling", index + 1)[index];
+      return Element.extend(element);
     }
-  },
+  }
 
-  next: function(element, expression, index) {
+
+  function up(element, expression, index) {
     element = $(element);
-    if (Object.isNumber(expression)) index = expression, expression = false;
-    if (!Object.isNumber(index)) index = 0;
 
-    if (expression) {
-      return Prototype.Selector.find(element.nextSiblings(), expression, index);
-    } else {
-      var maximumLength = Object.isNumber(index) ? index + 1 : 1;
-      return element.recursivelyCollect("nextSibling", index + 1)[index];
-    }
-  },
+    if (arguments.length === 1) return $(element.parentNode);
+    return _recursivelyFind(element, 'parentNode', expression, index);
+  }
 
+  function down(element, expression, index) {
+    if (arguments.length === 1) return firstDescendant(element);
+    element = $(element), expression = expression || 0, index = index || 0;
 
-  select: function(element) {
+    if (Object.isNumber(expression))
+      index = expression, expression = '*';
+
+    var node = Prototype.Selector.select(expression, element)[index];
+    return Element.extend(node);
+  }
+
+  function previous(element, expression, index) {
+    return _recursivelyFind(element, 'previousSibling', expression, index);
+  }
+
+  function next(element, expression, index) {
+    return _recursivelyFind(element, 'nextSibling', expression, index);
+  }
+
+  function select(element) {
     element = $(element);
-    var expressions = Array.prototype.slice.call(arguments, 1).join(', ');
+    var expressions = SLICE.call(arguments, 1).join(', ');
     return Prototype.Selector.select(expressions, element);
-  },
+  }
 
-  adjacent: function(element) {
+  function adjacent(element) {
     element = $(element);
-    var expressions = Array.prototype.slice.call(arguments, 1).join(', ');
-    return Prototype.Selector.select(expressions, element.parentNode).without(element);
-  },
+    var expressions = SLICE.call(arguments, 1).join(', ');
+    var siblings = Element.siblings(element), results = [];
+    for (var i = 0, sibling; sibling = siblings[i]; i++) {
+      if (Prototype.Selector.match(sibling, expressions))
+        results.push(sibling);
+    }
+
+    return results;
+  }
+
+  function descendantOf_DOM(element, ancestor) {
+    element = $(element), ancestor = $(ancestor);
+    if (!element || !ancestor) return false;
+    while (element = element.parentNode)
+      if (element === ancestor) return true;
+    return false;
+  }
 
-  identify: function(element) {
+  function descendantOf_contains(element, ancestor) {
+    element = $(element), ancestor = $(ancestor);
+    if (!element || !ancestor) return false;
+    if (!ancestor.contains) return descendantOf_DOM(element, ancestor);
+    return ancestor.contains(element) && ancestor !== element;
+  }
+
+  function descendantOf_compareDocumentPosition(element, ancestor) {
+    element = $(element), ancestor = $(ancestor);
+    if (!element || !ancestor) return false;
+    return (element.compareDocumentPosition(ancestor) & 8) === 8;
+  }
+
+  var descendantOf;
+  if (DIV.compareDocumentPosition) {
+    descendantOf = descendantOf_compareDocumentPosition;
+  } else if (DIV.contains) {
+    descendantOf = descendantOf_contains;
+  } else {
+    descendantOf = descendantOf_DOM;
+  }
+
+
+  Object.extend(methods, {
+    recursivelyCollect:   recursivelyCollect,
+    ancestors:            ancestors,
+    descendants:          descendants,
+    firstDescendant:      firstDescendant,
+    immediateDescendants: immediateDescendants,
+    previousSiblings:     previousSiblings,
+    nextSiblings:         nextSiblings,
+    siblings:             siblings,
+    match:                match,
+    up:                   up,
+    down:                 down,
+    previous:             previous,
+    next:                 next,
+    select:               select,
+    adjacent:             adjacent,
+    descendantOf:         descendantOf,
+
+    getElementsBySelector: select,
+
+    childElements:         immediateDescendants
+  });
+
+
+  var idCounter = 1;
+  function identify(element) {
     element = $(element);
     var id = Element.readAttribute(element, 'id');
     if (id) return id;
-    do { id = 'anonymous_element_' + Element.idCounter++ } while ($(id));
+
+    do { id = 'anonymous_element_' + idCounter++ } while ($(id));
+
     Element.writeAttribute(element, 'id', id);
     return id;
-  },
+  }
+
 
-  readAttribute: function(element, name) {
+  function readAttribute(element, name) {
+    return $(element).getAttribute(name);
+  }
+
+  function readAttribute_IE(element, name) {
     element = $(element);
-    if (Prototype.Browser.IE) {
-      var t = Element._attributeTranslations.read;
-      if (t.values[name]) return t.values[name](element, name);
-      if (t.names[name]) name = t.names[name];
-      if (name.include(':')) {
-        return (!element.attributes || !element.attributes[name]) ? null :
-         element.attributes[name].value;
-      }
+
+    var table = ATTRIBUTE_TRANSLATIONS.read;
+    if (table.values[name])
+      return table.values[name](element, name);
+
+    if (table.names[name]) name = table.names[name];
+
+    if (name.include(':')) {
+      if (!element.attributes || !element.attributes[name]) return null;
+      return element.attributes[name].value;
     }
+
     return element.getAttribute(name);
-  },
+  }
+
+  function readAttribute_Opera(element, name) {
+    if (name === 'title') return element.title;
+    return element.getAttribute(name);
+  }
 
-  writeAttribute: function(element, name, value) {
+  var PROBLEMATIC_ATTRIBUTE_READING = (function() {
+    DIV.setAttribute('onclick', []);
+    var value = DIV.getAttribute('onclick');
+    var isFunction = Object.isArray(value);
+    DIV.removeAttribute('onclick');
+    return isFunction;
+  })();
+
+  if (PROBLEMATIC_ATTRIBUTE_READING) {
+    readAttribute = readAttribute_IE;
+  } else if (Prototype.Browser.Opera) {
+    readAttribute = readAttribute_Opera;
+  }
+
+
+  function writeAttribute(element, name, value) {
     element = $(element);
-    var attributes = { }, t = Element._attributeTranslations.write;
+    var attributes = {}, table = ATTRIBUTE_TRANSLATIONS.write;
 
-    if (typeof name == 'object') attributes = name;
-    else attributes[name] = Object.isUndefined(value) ? true : value;
+    if (typeof name === 'object') {
+      attributes = name;
+    } else {
+      attributes[name] = Object.isUndefined(value) ? true : value;
+    }
 
     for (var attr in attributes) {
-      name = t.names[attr] || attr;
+      name = table.names[attr] || attr;
       value = attributes[attr];
-      if (t.values[attr]) name = t.values[attr](element, value);
+      if (table.values[attr]) {
+        value = table.values[attr](element, value);
+        if (Object.isUndefined(value)) continue;
+      }
       if (value === false || value === null)
         element.removeAttribute(name);
       else if (value === true)
         element.setAttribute(name, name);
       else element.setAttribute(name, value);
     }
+
     return element;
-  },
+  }
 
-  getHeight: function(element) {
-    return Element.getDimensions(element).height;
-  },
+  var PROBLEMATIC_HAS_ATTRIBUTE_WITH_CHECKBOXES = (function () {
+    if (!HAS_EXTENDED_CREATE_ELEMENT_SYNTAX) {
+      return false;
+    }
+    var checkbox = document.createElement('<input type="checkbox">');
+    checkbox.checked = true;
+    var node = checkbox.getAttributeNode('checked');
+    return !node || !node.specified;
+  })();
 
-  getWidth: function(element) {
-    return Element.getDimensions(element).width;
-  },
+  function hasAttribute(element, attribute) {
+    attribute = ATTRIBUTE_TRANSLATIONS.has[attribute] || attribute;
+    var node = $(element).getAttributeNode(attribute);
+    return !!(node && node.specified);
+  }
+
+  function hasAttribute_IE(element, attribute) {
+    if (attribute === 'checked') {
+      return element.checked;
+    }
+    return hasAttribute(element, attribute);
+  }
 
-  classNames: function(element) {
+  GLOBAL.Element.Methods.Simulated.hasAttribute =
+   PROBLEMATIC_HAS_ATTRIBUTE_WITH_CHECKBOXES ?
+   hasAttribute_IE : hasAttribute;
+
+  function classNames(element) {
     return new Element.ClassNames(element);
-  },
+  }
+
+  var regExpCache = {};
+  function getRegExpForClassName(className) {
+    if (regExpCache[className]) return regExpCache[className];
+
+    var re = new RegExp("(^|\\s+)" + className + "(\\s+|$)");
+    regExpCache[className] = re;
+    return re;
+  }
 
-  hasClassName: function(element, className) {
+  function hasClassName(element, className) {
     if (!(element = $(element))) return;
+
     var elementClassName = element.className;
-    return (elementClassName.length > 0 && (elementClassName == className ||
-      new RegExp("(^|\\s)" + className + "(\\s|$)").test(elementClassName)));
-  },
 
-  addClassName: function(element, className) {
+    if (elementClassName.length === 0) return false;
+    if (elementClassName === className) return true;
+
+    return getRegExpForClassName(className).test(elementClassName);
+  }
+
+  function addClassName(element, className) {
     if (!(element = $(element))) return;
-    if (!Element.hasClassName(element, className))
+
+    if (!hasClassName(element, className))
       element.className += (element.className ? ' ' : '') + className;
+
     return element;
-  },
+  }
 
-  removeClassName: function(element, className) {
+  function removeClassName(element, className) {
     if (!(element = $(element))) return;
+
     element.className = element.className.replace(
-      new RegExp("(^|\\s+)" + className + "(\\s+|$)"), ' ').strip();
+     getRegExpForClassName(className), ' ').strip();
+
     return element;
-  },
+  }
 
-  toggleClassName: function(element, className) {
+  function toggleClassName(element, className, bool) {
     if (!(element = $(element))) return;
-    return Element[Element.hasClassName(element, className) ?
-      'removeClassName' : 'addClassName'](element, className);
-  },
 
-  cleanWhitespace: function(element) {
-    element = $(element);
-    var node = element.firstChild;
-    while (node) {
-      var nextNode = node.nextSibling;
-      if (node.nodeType == 3 && !/\S/.test(node.nodeValue))
-        element.removeChild(node);
-      node = nextNode;
-    }
-    return element;
-  },
+    if (Object.isUndefined(bool))
+      bool = !hasClassName(element, className);
 
-  empty: function(element) {
-    return $(element).innerHTML.blank();
-  },
+    var method = Element[bool ? 'addClassName' : 'removeClassName'];
+    return method(element, className);
+  }
 
-  descendantOf: function(element, ancestor) {
-    element = $(element), ancestor = $(ancestor);
+  var ATTRIBUTE_TRANSLATIONS = {};
 
-    if (element.compareDocumentPosition)
-      return (element.compareDocumentPosition(ancestor) & 8) === 8;
+  var classProp = 'className', forProp = 'for';
 
-    if (ancestor.contains)
-      return ancestor.contains(element) && ancestor !== element;
+  DIV.setAttribute(classProp, 'x');
+  if (DIV.className !== 'x') {
+    DIV.setAttribute('class', 'x');
+    if (DIV.className === 'x')
+      classProp = 'class';
+  }
 
-    while (element = element.parentNode)
-      if (element == ancestor) return true;
+  var LABEL = document.createElement('label');
+  LABEL.setAttribute(forProp, 'x');
+  if (LABEL.htmlFor !== 'x') {
+    LABEL.setAttribute('htmlFor', 'x');
+    if (LABEL.htmlFor === 'x')
+      forProp = 'htmlFor';
+  }
+  LABEL = null;
 
-    return false;
-  },
+  function _getAttr(element, attribute) {
+    return element.getAttribute(attribute);
+  }
 
-  scrollTo: function(element) {
-    element = $(element);
-    var pos = Element.cumulativeOffset(element);
-    window.scrollTo(pos[0], pos[1]);
-    return element;
-  },
+  function _getAttr2(element, attribute) {
+    return element.getAttribute(attribute, 2);
+  }
 
-  getStyle: function(element, style) {
-    element = $(element);
-    style = style == 'float' ? 'cssFloat' : style.camelize();
-    var value = element.style[style];
-    if (!value || value == 'auto') {
-      var css = document.defaultView.getComputedStyle(element, null);
-      value = css ? css[style] : null;
-    }
-    if (style == 'opacity') return value ? parseFloat(value) : 1.0;
-    return value == 'auto' ? null : value;
-  },
+  function _getAttrNode(element, attribute) {
+    var node = element.getAttributeNode(attribute);
+    return node ? node.value : '';
+  }
 
-  getOpacity: function(element) {
-    return $(element).getStyle('opacity');
-  },
+  function _getFlag(element, attribute) {
+    return $(element).hasAttribute(attribute) ? attribute : null;
+  }
 
-  setStyle: function(element, styles) {
-    element = $(element);
-    var elementStyle = element.style, match;
-    if (Object.isString(styles)) {
-      element.style.cssText += ';' + styles;
-      return styles.include('opacity') ?
-        element.setOpacity(styles.match(/opacity:\s*(\d?\.?\d*)/)[1]) : element;
-    }
-    for (var property in styles)
-      if (property == 'opacity') element.setOpacity(styles[property]);
-      else
-        elementStyle[(property == 'float' || property == 'cssFloat') ?
-          (Object.isUndefined(elementStyle.styleFloat) ? 'cssFloat' : 'styleFloat') :
-            property] = styles[property];
+  DIV.onclick = Prototype.emptyFunction;
+  var onclickValue = DIV.getAttribute('onclick');
 
-    return element;
-  },
+  var _getEv;
 
-  setOpacity: function(element, value) {
-    element = $(element);
-    element.style.opacity = (value == 1 || value === '') ? '' :
-      (value < 0.00001) ? 0 : value;
-    return element;
-  },
+  if (String(onclickValue).indexOf('{') > -1) {
+    _getEv = function(element, attribute) {
+      var value = element.getAttribute(attribute);
+      if (!value) return null;
+      value = value.toString();
+      value = value.split('{')[1];
+      value = value.split('}')[0];
+      return value.strip();
+    };
+  }
+  else if (onclickValue === '') {
+    _getEv = function(element, attribute) {
+      var value = element.getAttribute(attribute);
+      if (!value) return null;
+      return value.strip();
+    };
+  }
 
-  makePositioned: function(element) {
-    element = $(element);
-    var pos = Element.getStyle(element, 'position');
-    if (pos == 'static' || !pos) {
-      element._madePositioned = true;
-      element.style.position = 'relative';
-      if (Prototype.Browser.Opera) {
-        element.style.top = 0;
-        element.style.left = 0;
+  ATTRIBUTE_TRANSLATIONS.read = {
+    names: {
+      'class':     classProp,
+      'className': classProp,
+      'for':       forProp,
+      'htmlFor':   forProp
+    },
+
+    values: {
+      style: function(element) {
+        return element.style.cssText.toLowerCase();
+      },
+      title: function(element) {
+        return element.title;
       }
     }
-    return element;
-  },
+  };
 
-  undoPositioned: function(element) {
-    element = $(element);
-    if (element._madePositioned) {
-      element._madePositioned = undefined;
-      element.style.position =
-        element.style.top =
-        element.style.left =
-        element.style.bottom =
-        element.style.right = '';
+  ATTRIBUTE_TRANSLATIONS.write = {
+    names: {
+      className:   'class',
+      htmlFor:     'for',
+      cellpadding: 'cellPadding',
+      cellspacing: 'cellSpacing'
+    },
+
+    values: {
+      checked: function(element, value) {
+        value = !!value;
+        element.checked = value;
+        return value ? 'checked' : null;
+      },
+
+      style: function(element, value) {
+        element.style.cssText = value ? value : '';
+      }
     }
-    return element;
-  },
+  };
 
-  makeClipping: function(element) {
-    element = $(element);
-    if (element._overflow) return element;
-    element._overflow = Element.getStyle(element, 'overflow') || 'auto';
-    if (element._overflow !== 'hidden')
-      element.style.overflow = 'hidden';
-    return element;
-  },
+  ATTRIBUTE_TRANSLATIONS.has = { names: {} };
+
+  Object.extend(ATTRIBUTE_TRANSLATIONS.write.names,
+   ATTRIBUTE_TRANSLATIONS.read.names);
+
+  var CAMEL_CASED_ATTRIBUTE_NAMES = $w('colSpan rowSpan vAlign dateTime ' +
+   'accessKey tabIndex encType maxLength readOnly longDesc frameBorder');
+
+  for (var i = 0, attr; attr = CAMEL_CASED_ATTRIBUTE_NAMES[i]; i++) {
+    ATTRIBUTE_TRANSLATIONS.write.names[attr.toLowerCase()] = attr;
+    ATTRIBUTE_TRANSLATIONS.has.names[attr.toLowerCase()]   = attr;
+  }
+
+  Object.extend(ATTRIBUTE_TRANSLATIONS.read.values, {
+    href:        _getAttr2,
+    src:         _getAttr2,
+    type:        _getAttr,
+    action:      _getAttrNode,
+    disabled:    _getFlag,
+    checked:     _getFlag,
+    readonly:    _getFlag,
+    multiple:    _getFlag,
+    onload:      _getEv,
+    onunload:    _getEv,
+    onclick:     _getEv,
+    ondblclick:  _getEv,
+    onmousedown: _getEv,
+    onmouseup:   _getEv,
+    onmouseover: _getEv,
+    onmousemove: _getEv,
+    onmouseout:  _getEv,
+    onfocus:     _getEv,
+    onblur:      _getEv,
+    onkeypress:  _getEv,
+    onkeydown:   _getEv,
+    onkeyup:     _getEv,
+    onsubmit:    _getEv,
+    onreset:     _getEv,
+    onselect:    _getEv,
+    onchange:    _getEv
+  });
 
-  undoClipping: function(element) {
-    element = $(element);
-    if (!element._overflow) return element;
-    element.style.overflow = element._overflow == 'auto' ? '' : element._overflow;
-    element._overflow = null;
-    return element;
-  },
 
-  clonePosition: function(element, source) {
-    var options = Object.extend({
-      setLeft:    true,
-      setTop:     true,
-      setWidth:   true,
-      setHeight:  true,
-      offsetTop:  0,
-      offsetLeft: 0
-    }, arguments[2] || { });
+  Object.extend(methods, {
+    identify:        identify,
+    readAttribute:   readAttribute,
+    writeAttribute:  writeAttribute,
+    classNames:      classNames,
+    hasClassName:    hasClassName,
+    addClassName:    addClassName,
+    removeClassName: removeClassName,
+    toggleClassName: toggleClassName
+  });
 
-    source = $(source);
-    var p = Element.viewportOffset(source), delta = [0, 0], parent = null;
 
+  function normalizeStyleName(style) {
+    if (style === 'float' || style === 'styleFloat')
+      return 'cssFloat';
+    return style.camelize();
+  }
+
+  function normalizeStyleName_IE(style) {
+    if (style === 'float' || style === 'cssFloat')
+      return 'styleFloat';
+    return style.camelize();
+  }
+
+  function setStyle(element, styles) {
     element = $(element);
+    var elementStyle = element.style, match;
 
-    if (Element.getStyle(element, 'position') == 'absolute') {
-      parent = Element.getOffsetParent(element);
-      delta = Element.viewportOffset(parent);
+    if (Object.isString(styles)) {
+      elementStyle.cssText += ';' + styles;
+      if (styles.include('opacity')) {
+        var opacity = styles.match(/opacity:\s*(\d?\.?\d*)/)[1];
+        Element.setOpacity(element, opacity);
+      }
+      return element;
     }
 
-    if (parent == document.body) {
-      delta[0] -= document.body.offsetLeft;
-      delta[1] -= document.body.offsetTop;
+    for (var property in styles) {
+      if (property === 'opacity') {
+        Element.setOpacity(element, styles[property]);
+      } else {
+        var value = styles[property];
+        if (property === 'float' || property === 'cssFloat') {
+          property = Object.isUndefined(elementStyle.styleFloat) ?
+           'cssFloat' : 'styleFloat';
+        }
+        elementStyle[property] = value;
+      }
     }
 
-    if (options.setLeft)   element.style.left  = (p[0] - delta[0] + options.offsetLeft) + 'px';
-    if (options.setTop)    element.style.top   = (p[1] - delta[1] + options.offsetTop) + 'px';
-    if (options.setWidth)  element.style.width = source.offsetWidth + 'px';
-    if (options.setHeight) element.style.height = source.offsetHeight + 'px';
     return element;
   }
-};
 
-Object.extend(Element.Methods, {
-  getElementsBySelector: Element.Methods.select,
 
-  childElements: Element.Methods.immediateDescendants
-});
+  function getStyle(element, style) {
+    element = $(element);
+    style = normalizeStyleName(style);
 
-Element._attributeTranslations = {
-  write: {
-    names: {
-      className: 'class',
-      htmlFor:   'for'
-    },
-    values: { }
+    var value = element.style[style];
+    if (!value || value === 'auto') {
+      var css = document.defaultView.getComputedStyle(element, null);
+      value = css ? css[style] : null;
+    }
+
+    if (style === 'opacity') return value ? parseFloat(value) : 1.0;
+    return value === 'auto' ? null : value;
   }
-};
 
-if (Prototype.Browser.Opera) {
-  Element.Methods.getStyle = Element.Methods.getStyle.wrap(
-    function(proceed, element, style) {
-      switch (style) {
-        case 'height': case 'width':
-          if (!Element.visible(element)) return null;
+  function getStyle_Opera(element, style) {
+    switch (style) {
+      case 'height': case 'width':
+        if (!Element.visible(element)) return null;
 
-          var dim = parseInt(proceed(element, style), 10);
+        var dim = parseInt(getStyle(element, style), 10);
 
-          if (dim !== element['offset' + style.capitalize()])
-            return dim + 'px';
+        if (dim !== element['offset' + style.capitalize()])
+          return dim + 'px';
 
-          var properties;
-          if (style === 'height') {
-            properties = ['border-top-width', 'padding-top',
-             'padding-bottom', 'border-bottom-width'];
-          }
-          else {
-            properties = ['border-left-width', 'padding-left',
-             'padding-right', 'border-right-width'];
-          }
-          return properties.inject(dim, function(memo, property) {
-            var val = proceed(element, property);
-            return val === null ? memo : memo - parseInt(val, 10);
-          }) + 'px';
-        default: return proceed(element, style);
-      }
-    }
-  );
+        return Element.measure(element, style);
 
-  Element.Methods.readAttribute = Element.Methods.readAttribute.wrap(
-    function(proceed, element, attribute) {
-      if (attribute === 'title') return element.title;
-      return proceed(element, attribute);
+      default: return getStyle(element, style);
     }
-  );
-}
+  }
 
-else if (Prototype.Browser.IE) {
-  Element.Methods.getStyle = function(element, style) {
+  function getStyle_IE(element, style) {
     element = $(element);
-    style = (style == 'float' || style == 'cssFloat') ? 'styleFloat' : style.camelize();
+    style = normalizeStyleName_IE(style);
+
     var value = element.style[style];
-    if (!value && element.currentStyle) value = element.currentStyle[style];
+    if (!value && element.currentStyle) {
+      value = element.currentStyle[style];
+    }
 
-    if (style == 'opacity') {
-      if (value = (element.getStyle('filter') || '').match(/alpha\(opacity=(.*)\)/))
-        if (value[1]) return parseFloat(value[1]) / 100;
-      return 1.0;
+    if (style === 'opacity') {
+      if (!STANDARD_CSS_OPACITY_SUPPORTED)
+        return getOpacity_IE(element);
+      else return value ? parseFloat(value) : 1.0;
     }
 
-    if (value == 'auto') {
-      if ((style == 'width' || style == 'height') && (element.getStyle('display') != 'none'))
-        return element['offset' + style.capitalize()] + 'px';
+    if (value === 'auto') {
+      if ((style === 'width' || style === 'height') && Element.visible(element))
+        return Element.measure(element, style) + 'px';
       return null;
     }
+
     return value;
-  };
+  }
 
-  Element.Methods.setOpacity = function(element, value) {
-    function stripAlpha(filter){
-      return filter.replace(/alpha\([^\)]*\)/gi,'');
-    }
-    element = $(element);
-    var currentStyle = element.currentStyle;
-    if ((currentStyle && !currentStyle.hasLayout) ||
-      (!currentStyle && element.style.zoom == 'normal'))
-        element.style.zoom = 1;
+  function stripAlphaFromFilter_IE(filter) {
+    return (filter || '').replace(/alpha\([^\)]*\)/gi, '');
+  }
 
-    var filter = element.getStyle('filter'), style = element.style;
-    if (value == 1 || value === '') {
-      (filter = stripAlpha(filter)) ?
-        style.filter = filter : style.removeAttribute('filter');
-      return element;
-    } else if (value < 0.00001) value = 0;
-    style.filter = stripAlpha(filter) +
-      'alpha(opacity=' + (value * 100) + ')';
+  function hasLayout_IE(element) {
+    if (!element.currentStyle || !element.currentStyle.hasLayout)
+      element.style.zoom = 1;
     return element;
-  };
-
-  Element._attributeTranslations = (function(){
-
-    var classProp = 'className',
-        forProp = 'for',
-        el = document.createElement('div');
-
-    el.setAttribute(classProp, 'x');
-
-    if (el.className !== 'x') {
-      el.setAttribute('class', 'x');
-      if (el.className === 'x') {
-        classProp = 'class';
-      }
-    }
-    el = null;
-
-    el = document.createElement('label');
-    el.setAttribute(forProp, 'x');
-    if (el.htmlFor !== 'x') {
-      el.setAttribute('htmlFor', 'x');
-      if (el.htmlFor === 'x') {
-        forProp = 'htmlFor';
-      }
-    }
-    el = null;
+  }
 
-    return {
-      read: {
-        names: {
-          'class':      classProp,
-          'className':  classProp,
-          'for':        forProp,
-          'htmlFor':    forProp
-        },
-        values: {
-          _getAttr: function(element, attribute) {
-            return element.getAttribute(attribute);
-          },
-          _getAttr2: function(element, attribute) {
-            return element.getAttribute(attribute, 2);
-          },
-          _getAttrNode: function(element, attribute) {
-            var node = element.getAttributeNode(attribute);
-            return node ? node.value : "";
-          },
-          _getEv: (function(){
-
-            var el = document.createElement('div'), f;
-            el.onclick = Prototype.emptyFunction;
-            var value = el.getAttribute('onclick');
-
-            if (String(value).indexOf('{') > -1) {
-              f = function(element, attribute) {
-                attribute = element.getAttribute(attribute);
-                if (!attribute) return null;
-                attribute = attribute.toString();
-                attribute = attribute.split('{')[1];
-                attribute = attribute.split('}')[0];
-                return attribute.strip();
-              };
-            }
-            else if (value === '') {
-              f = function(element, attribute) {
-                attribute = element.getAttribute(attribute);
-                if (!attribute) return null;
-                return attribute.strip();
-              };
-            }
-            el = null;
-            return f;
-          })(),
-          _flag: function(element, attribute) {
-            return $(element).hasAttribute(attribute) ? attribute : null;
-          },
-          style: function(element) {
-            return element.style.cssText.toLowerCase();
-          },
-          title: function(element) {
-            return element.title;
-          }
-        }
-      }
-    }
+  var STANDARD_CSS_OPACITY_SUPPORTED = (function() {
+    DIV.style.cssText = "opacity:.55";
+    return /^0.55/.test(DIV.style.opacity);
   })();
 
-  Element._attributeTranslations.write = {
-    names: Object.extend({
-      cellpadding: 'cellPadding',
-      cellspacing: 'cellSpacing'
-    }, Element._attributeTranslations.read.names),
-    values: {
-      checked: function(element, value) {
-        element.checked = !!value;
-      },
+  function setOpacity(element, value) {
+    element = $(element);
+    if (value == 1 || value === '') value = '';
+    else if (value < 0.00001) value = 0;
+    element.style.opacity = value;
+    return element;
+  }
 
-      style: function(element, value) {
-        element.style.cssText = value ? value : '';
-      }
-    }
-  };
+  function setOpacity_IE(element, value) {
+    if (STANDARD_CSS_OPACITY_SUPPORTED)
+      return setOpacity(element, value);
 
-  Element._attributeTranslations.has = {};
+    element = hasLayout_IE($(element));
+    var filter = Element.getStyle(element, 'filter'),
+     style = element.style;
 
-  $w('colSpan rowSpan vAlign dateTime accessKey tabIndex ' +
-      'encType maxLength readOnly longDesc frameBorder').each(function(attr) {
-    Element._attributeTranslations.write.names[attr.toLowerCase()] = attr;
-    Element._attributeTranslations.has[attr.toLowerCase()] = attr;
-  });
+    if (value == 1 || value === '') {
+      filter = stripAlphaFromFilter_IE(filter);
+      if (filter) style.filter = filter;
+      else style.removeAttribute('filter');
+      return element;
+    }
 
-  (function(v) {
-    Object.extend(v, {
-      href:        v._getAttr2,
-      src:         v._getAttr2,
-      type:        v._getAttr,
-      action:      v._getAttrNode,
-      disabled:    v._flag,
-      checked:     v._flag,
-      readonly:    v._flag,
-      multiple:    v._flag,
-      onload:      v._getEv,
-      onunload:    v._getEv,
-      onclick:     v._getEv,
-      ondblclick:  v._getEv,
-      onmousedown: v._getEv,
-      onmouseup:   v._getEv,
-      onmouseover: v._getEv,
-      onmousemove: v._getEv,
-      onmouseout:  v._getEv,
-      onfocus:     v._getEv,
-      onblur:      v._getEv,
-      onkeypress:  v._getEv,
-      onkeydown:   v._getEv,
-      onkeyup:     v._getEv,
-      onsubmit:    v._getEv,
-      onreset:     v._getEv,
-      onselect:    v._getEv,
-      onchange:    v._getEv
-    });
-  })(Element._attributeTranslations.read.values);
+    if (value < 0.00001) value = 0;
 
-  if (Prototype.BrowserFeatures.ElementExtensions) {
-    (function() {
-      function _descendants(element) {
-        var nodes = element.getElementsByTagName('*'), results = [];
-        for (var i = 0, node; node = nodes[i]; i++)
-          if (node.tagName !== "!") // Filter out comment nodes.
-            results.push(node);
-        return results;
-      }
+    style.filter = stripAlphaFromFilter_IE(filter) +
+     ' alpha(opacity=' + (value * 100) + ')';
 
-      Element.Methods.down = function(element, expression, index) {
-        element = $(element);
-        if (arguments.length == 1) return element.firstDescendant();
-        return Object.isNumber(expression) ? _descendants(element)[expression] :
-          Element.select(element, expression)[index || 0];
-      }
-    })();
+    return element;
   }
 
-}
-
-else if (Prototype.Browser.Gecko && /rv:1\.8\.0/.test(navigator.userAgent)) {
-  Element.Methods.setOpacity = function(element, value) {
-    element = $(element);
-    element.style.opacity = (value == 1) ? 0.999999 :
-      (value === '') ? '' : (value < 0.00001) ? 0 : value;
-    return element;
-  };
-}
 
-else if (Prototype.Browser.WebKit) {
-  Element.Methods.setOpacity = function(element, value) {
-    element = $(element);
-    element.style.opacity = (value == 1 || value === '') ? '' :
-      (value < 0.00001) ? 0 : value;
-
-    if (value == 1)
-      if (element.tagName.toUpperCase() == 'IMG' && element.width) {
-        element.width++; element.width--;
-      } else try {
-        var n = document.createTextNode(' ');
-        element.appendChild(n);
-        element.removeChild(n);
-      } catch (e) { }
+  function getOpacity(element) {
+    return Element.getStyle(element, 'opacity');
+  }
 
-    return element;
-  };
-}
+  function getOpacity_IE(element) {
+    if (STANDARD_CSS_OPACITY_SUPPORTED)
+      return getOpacity(element);
 
-if ('outerHTML' in document.documentElement) {
-  Element.Methods.replace = function(element, content) {
-    element = $(element);
+    var filter = Element.getStyle(element, 'filter');
+    if (filter.length === 0) return 1.0;
+    var match = (filter || '').match(/alpha\(opacity=(.*)\)/i);
+    if (match && match[1]) return parseFloat(match[1]) / 100;
+    return 1.0;
+  }
 
-    if (content && content.toElement) content = content.toElement();
-    if (Object.isElement(content)) {
-      element.parentNode.replaceChild(content, element);
-      return element;
-    }
 
-    content = Object.toHTML(content);
-    var parent = element.parentNode, tagName = parent.tagName.toUpperCase();
+  Object.extend(methods, {
+    setStyle:   setStyle,
+    getStyle:   getStyle,
+    setOpacity: setOpacity,
+    getOpacity: getOpacity
+  });
 
-    if (Element._insertionTranslations.tags[tagName]) {
-      var nextSibling = element.next(),
-          fragments = Element._getContentFromAnonymousElement(tagName, content.stripScripts());
-      parent.removeChild(element);
-      if (nextSibling)
-        fragments.each(function(node) { parent.insertBefore(node, nextSibling) });
-      else
-        fragments.each(function(node) { parent.appendChild(node) });
-    }
-    else element.outerHTML = content.stripScripts();
+  if ('styleFloat' in DIV.style) {
+    methods.getStyle = getStyle_IE;
+    methods.setOpacity = setOpacity_IE;
+    methods.getOpacity = getOpacity_IE;
+  }
 
-    content.evalScripts.bind(content).defer();
-    return element;
-  };
-}
+  var UID = 0;
 
-Element._returnOffset = function(l, t) {
-  var result = [l, t];
-  result.left = l;
-  result.top = t;
-  return result;
-};
+  GLOBAL.Element.Storage = { UID: 1 };
 
-Element._getContentFromAnonymousElement = function(tagName, html, force) {
-  var div = new Element('div'),
-      t = Element._insertionTranslations.tags[tagName];
+  function getUniqueElementID(element) {
+    if (element === window) return 0;
 
-  var workaround = false;
-  if (t) workaround = true;
-  else if (force) {
-    workaround = true;
-    t = ['', '', 0];
+    if (typeof element._prototypeUID === 'undefined')
+      element._prototypeUID = Element.Storage.UID++;
+    return element._prototypeUID;
   }
 
-  if (workaround) {
-    div.innerHTML = '&nbsp;' + t[0] + html + t[1];
-    div.removeChild(div.firstChild);
-    for (var i = t[2]; i--; ) {
-      div = div.firstChild;
-    }
-  }
-  else {
-    div.innerHTML = html;
+  function getUniqueElementID_IE(element) {
+    if (element === window) return 0;
+    if (element == document) return 1;
+    return element.uniqueID;
   }
-  return $A(div.childNodes);
-};
 
-Element._insertionTranslations = {
-  before: function(element, node) {
-    element.parentNode.insertBefore(node, element);
-  },
-  top: function(element, node) {
-    element.insertBefore(node, element.firstChild);
-  },
-  bottom: function(element, node) {
-    element.appendChild(node);
-  },
-  after: function(element, node) {
-    element.parentNode.insertBefore(node, element.nextSibling);
-  },
-  tags: {
-    TABLE:  ['<table>',                '</table>',                   1],
-    TBODY:  ['<table><tbody>',         '</tbody></table>',           2],
-    TR:     ['<table><tbody><tr>',     '</tr></tbody></table>',      3],
-    TD:     ['<table><tbody><tr><td>', '</td></tr></tbody></table>', 4],
-    SELECT: ['<select>',               '</select>',                  1]
-  }
-};
+  var HAS_UNIQUE_ID_PROPERTY = ('uniqueID' in DIV);
+  if (HAS_UNIQUE_ID_PROPERTY)
+    getUniqueElementID = getUniqueElementID_IE;
 
-(function() {
-  var tags = Element._insertionTranslations.tags;
-  Object.extend(tags, {
-    THEAD: tags.TBODY,
-    TFOOT: tags.TBODY,
-    TH:    tags.TD
-  });
-})();
+  function getStorage(element) {
+    if (!(element = $(element))) return;
 
-Element.Methods.Simulated = {
-  hasAttribute: function(element, attribute) {
-    attribute = Element._attributeTranslations.has[attribute] || attribute;
-    var node = $(element).getAttributeNode(attribute);
-    return !!(node && node.specified);
+    var uid = getUniqueElementID(element);
+
+    if (!Element.Storage[uid])
+      Element.Storage[uid] = $H();
+
+    return Element.Storage[uid];
   }
-};
 
-Element.Methods.ByTag = { };
+  function store(element, key, value) {
+    if (!(element = $(element))) return;
+    var storage = getStorage(element);
+    if (arguments.length === 2) {
+      storage.update(key);
+    } else {
+      storage.set(key, value);
+    }
+    return element;
+  }
 
-Object.extend(Element, Element.Methods);
+  function retrieve(element, key, defaultValue) {
+    if (!(element = $(element))) return;
+    var storage = getStorage(element), value = storage.get(key);
 
-(function(div) {
+    if (Object.isUndefined(value)) {
+      storage.set(key, defaultValue);
+      value = defaultValue;
+    }
 
-  if (!Prototype.BrowserFeatures.ElementExtensions && div['__proto__']) {
-    window.HTMLElement = { };
-    window.HTMLElement.prototype = div['__proto__'];
-    Prototype.BrowserFeatures.ElementExtensions = true;
+    return value;
   }
 
-  div = null;
 
-})(document.createElement('div'));
+  Object.extend(methods, {
+    getStorage: getStorage,
+    store:      store,
+    retrieve:   retrieve
+  });
 
-Element.extend = (function() {
 
-  function checkDeficiency(tagName) {
-    if (typeof window.Element != 'undefined') {
-      var proto = window.Element.prototype;
-      if (proto) {
-        var id = '_' + (Math.random()+'').slice(2),
-            el = document.createElement(tagName);
-        proto[id] = 'x';
-        var isBuggy = (el[id] !== 'x');
-        delete proto[id];
-        el = null;
-        return isBuggy;
-      }
+  var Methods = {}, ByTag = Element.Methods.ByTag,
+   F = Prototype.BrowserFeatures;
+
+  if (!F.ElementExtensions && ('__proto__' in DIV)) {
+    GLOBAL.HTMLElement = {};
+    GLOBAL.HTMLElement.prototype = DIV['__proto__'];
+    F.ElementExtensions = true;
+  }
+
+  function checkElementPrototypeDeficiency(tagName) {
+    if (typeof window.Element === 'undefined') return false;
+    if (!HAS_EXTENDED_CREATE_ELEMENT_SYNTAX) return false;
+    var proto = window.Element.prototype;
+    if (proto) {
+      var id = '_' + (Math.random() + '').slice(2),
+       el = document.createElement(tagName);
+      proto[id] = 'x';
+      var isBuggy = (el[id] !== 'x');
+      delete proto[id];
+      el = null;
+      return isBuggy;
     }
+
     return false;
   }
 
+  var HTMLOBJECTELEMENT_PROTOTYPE_BUGGY =
+   checkElementPrototypeDeficiency('object');
+
   function extendElementWith(element, methods) {
     for (var property in methods) {
       var value = methods[property];
@@ -2907,98 +3315,52 @@ Element.extend = (function() {
     }
   }
 
-  var HTMLOBJECTELEMENT_PROTOTYPE_BUGGY = checkDeficiency('object');
-
-  if (Prototype.BrowserFeatures.SpecificElementExtensions) {
-    if (HTMLOBJECTELEMENT_PROTOTYPE_BUGGY) {
-      return function(element) {
-        if (element && typeof element._extendedByPrototype == 'undefined') {
-          var t = element.tagName;
-          if (t && (/^(?:object|applet|embed)$/i.test(t))) {
-            extendElementWith(element, Element.Methods);
-            extendElementWith(element, Element.Methods.Simulated);
-            extendElementWith(element, Element.Methods.ByTag[t.toUpperCase()]);
-          }
-        }
-        return element;
-      }
-    }
-    return Prototype.K;
+  var EXTENDED = {};
+  function elementIsExtended(element) {
+    var uid = getUniqueElementID(element);
+    return (uid in EXTENDED);
   }
 
-  var Methods = { }, ByTag = Element.Methods.ByTag;
-
-  var extend = Object.extend(function(element) {
-    if (!element || typeof element._extendedByPrototype != 'undefined' ||
-        element.nodeType != 1 || element == window) return element;
+  function extend(element) {
+    if (!element || elementIsExtended(element)) return element;
+    if (element.nodeType !== Node.ELEMENT_NODE || element == window)
+      return element;
 
     var methods = Object.clone(Methods),
-        tagName = element.tagName.toUpperCase();
+     tagName = element.tagName.toUpperCase();
 
     if (ByTag[tagName]) Object.extend(methods, ByTag[tagName]);
 
     extendElementWith(element, methods);
-
-    element._extendedByPrototype = Prototype.emptyFunction;
+    EXTENDED[getUniqueElementID(element)] = true;
     return element;
+  }
 
-  }, {
-    refresh: function() {
-      if (!Prototype.BrowserFeatures.ElementExtensions) {
-        Object.extend(Methods, Element.Methods);
-        Object.extend(Methods, Element.Methods.Simulated);
-      }
-    }
-  });
-
-  extend.refresh();
-  return extend;
-})();
-
-if (document.documentElement.hasAttribute) {
-  Element.hasAttribute = function(element, attribute) {
-    return element.hasAttribute(attribute);
-  };
-}
-else {
-  Element.hasAttribute = Element.Methods.Simulated.hasAttribute;
-}
-
-Element.addMethods = function(methods) {
-  var F = Prototype.BrowserFeatures, T = Element.Methods.ByTag;
+  function extend_IE8(element) {
+    if (!element || elementIsExtended(element)) return element;
 
-  if (!methods) {
-    Object.extend(Form, Form.Methods);
-    Object.extend(Form.Element, Form.Element.Methods);
-    Object.extend(Element.Methods.ByTag, {
-      "FORM":     Object.clone(Form.Methods),
-      "INPUT":    Object.clone(Form.Element.Methods),
-      "SELECT":   Object.clone(Form.Element.Methods),
-      "TEXTAREA": Object.clone(Form.Element.Methods),
-      "BUTTON":   Object.clone(Form.Element.Methods)
-    });
-  }
+    var t = element.tagName;
+    if (t && (/^(?:object|applet|embed)$/i.test(t))) {
+      extendElementWith(element, Element.Methods);
+      extendElementWith(element, Element.Methods.Simulated);
+      extendElementWith(element, Element.Methods.ByTag[t.toUpperCase()]);
+    }
 
-  if (arguments.length == 2) {
-    var tagName = methods;
-    methods = arguments[1];
+    return element;
   }
 
-  if (!tagName) Object.extend(Element.Methods, methods || { });
-  else {
-    if (Object.isArray(tagName)) tagName.each(extend);
-    else extend(tagName);
+  if (F.SpecificElementExtensions) {
+    extend = HTMLOBJECTELEMENT_PROTOTYPE_BUGGY ? extend_IE8 : Prototype.K;
   }
 
-  function extend(tagName) {
+  function addMethodsToTagName(tagName, methods) {
     tagName = tagName.toUpperCase();
-    if (!Element.Methods.ByTag[tagName])
-      Element.Methods.ByTag[tagName] = { };
-    Object.extend(Element.Methods.ByTag[tagName], methods);
+    if (!ByTag[tagName]) ByTag[tagName] = {};
+    Object.extend(ByTag[tagName], methods);
   }
 
-  function copy(methods, destination, onlyIfAbsent) {
-    onlyIfAbsent = onlyIfAbsent || false;
+  function mergeMethods(destination, methods, onlyIfAbsent) {
+    if (Object.isUndefined(onlyIfAbsent)) onlyIfAbsent = false;
     for (var property in methods) {
       var value = methods[property];
       if (!Object.isFunction(value)) continue;
@@ -3028,169 +3390,150 @@ Element.addMethods = function(methods) {
     if (window[klass]) return window[klass];
 
     var element = document.createElement(tagName),
-        proto = element['__proto__'] || element.constructor.prototype;
+     proto = element['__proto__'] || element.constructor.prototype;
 
     element = null;
     return proto;
   }
 
-  var elementPrototype = window.HTMLElement ? HTMLElement.prototype :
-   Element.prototype;
+  function addMethods(methods) {
+    if (arguments.length === 0) addFormMethods();
 
-  if (F.ElementExtensions) {
-    copy(Element.Methods, elementPrototype);
-    copy(Element.Methods.Simulated, elementPrototype, true);
-  }
+    if (arguments.length === 2) {
+      var tagName = methods;
+      methods = arguments[1];
+    }
 
-  if (F.SpecificElementExtensions) {
-    for (var tag in Element.Methods.ByTag) {
-      var klass = findDOMClass(tag);
-      if (Object.isUndefined(klass)) continue;
-      copy(T[tag], klass.prototype);
+    if (!tagName) {
+      Object.extend(Element.Methods, methods || {});
+    } else {
+      if (Object.isArray(tagName)) {
+        for (var i = 0, tag; tag = tagName[i]; i++)
+          addMethodsToTagName(tag, methods);
+      } else {
+        addMethodsToTagName(tagName, methods);
+      }
     }
-  }
 
-  Object.extend(Element, Element.Methods);
-  delete Element.ByTag;
+    var ELEMENT_PROTOTYPE = window.HTMLElement ? HTMLElement.prototype :
+     Element.prototype;
 
-  if (Element.extend.refresh) Element.extend.refresh();
-  Element.cache = { };
-};
+    if (F.ElementExtensions) {
+      mergeMethods(ELEMENT_PROTOTYPE, Element.Methods);
+      mergeMethods(ELEMENT_PROTOTYPE, Element.Methods.Simulated, true);
+    }
 
+    if (F.SpecificElementExtensions) {
+      for (var tag in Element.Methods.ByTag) {
+        var klass = findDOMClass(tag);
+        if (Object.isUndefined(klass)) continue;
+        mergeMethods(klass.prototype, ByTag[tag]);
+      }
+    }
 
-document.viewport = {
+    Object.extend(Element, Element.Methods);
+    Object.extend(Element, Element.Methods.Simulated);
+    delete Element.ByTag;
+    delete Element.Simulated;
 
-  getDimensions: function() {
-    return { width: this.getWidth(), height: this.getHeight() };
-  },
+    Element.extend.refresh();
 
-  getScrollOffsets: function() {
-    return Element._returnOffset(
-      window.pageXOffset || document.documentElement.scrollLeft || document.body.scrollLeft,
-      window.pageYOffset || document.documentElement.scrollTop  || document.body.scrollTop);
+    ELEMENT_CACHE = {};
   }
-};
 
-(function(viewport) {
-  var B = Prototype.Browser, doc = document, element, property = {};
-
-  function getRootElement() {
-    if (B.WebKit && !doc.evaluate)
-      return document;
+  Object.extend(GLOBAL.Element, {
+    extend:     extend,
+    addMethods: addMethods
+  });
 
-    if (B.Opera && window.parseFloat(window.opera.version()) < 9.5)
-      return document.body;
+  if (extend === Prototype.K) {
+    GLOBAL.Element.extend.refresh = Prototype.emptyFunction;
+  } else {
+    GLOBAL.Element.extend.refresh = function() {
+      if (Prototype.BrowserFeatures.ElementExtensions) return;
+      Object.extend(Methods, Element.Methods);
+      Object.extend(Methods, Element.Methods.Simulated);
 
-    return document.documentElement;
+      EXTENDED = {};
+    };
   }
 
-  function define(D) {
-    if (!element) element = getRootElement();
-
-    property[D] = 'client' + D;
-
-    viewport['get' + D] = function() { return element[property[D]] };
-    return viewport['get' + D]();
+  function addFormMethods() {
+    Object.extend(Form, Form.Methods);
+    Object.extend(Form.Element, Form.Element.Methods);
+    Object.extend(Element.Methods.ByTag, {
+      "FORM":     Object.clone(Form.Methods),
+      "INPUT":    Object.clone(Form.Element.Methods),
+      "SELECT":   Object.clone(Form.Element.Methods),
+      "TEXTAREA": Object.clone(Form.Element.Methods),
+      "BUTTON":   Object.clone(Form.Element.Methods)
+    });
   }
 
-  viewport.getWidth  = define.curry('Width');
-
-  viewport.getHeight = define.curry('Height');
-})(document.viewport);
-
+  Element.addMethods(methods);
 
-Element.Storage = {
-  UID: 1
-};
-
-Element.addMethods({
-  getStorage: function(element) {
-    if (!(element = $(element))) return;
+  function destroyCache_IE() {
+    DIV = null;
+    ELEMENT_CACHE = null;
+  }
 
-    var uid;
-    if (element === window) {
-      uid = 0;
-    } else {
-      if (typeof element._prototypeUID === "undefined")
-        element._prototypeUID = Element.Storage.UID++;
-      uid = element._prototypeUID;
-    }
+  if (window.attachEvent)
+    window.attachEvent('onunload', destroyCache_IE);
 
-    if (!Element.Storage[uid])
-      Element.Storage[uid] = $H();
+})(this);
+(function() {
 
-    return Element.Storage[uid];
-  },
+  function toDecimal(pctString) {
+    var match = pctString.match(/^(\d+)%?$/i);
+    if (!match) return null;
+    return (Number(match[1]) / 100);
+  }
 
-  store: function(element, key, value) {
-    if (!(element = $(element))) return;
+  function getRawStyle(element, style) {
+    element = $(element);
 
-    if (arguments.length === 2) {
-      Element.getStorage(element).update(key);
-    } else {
-      Element.getStorage(element).set(key, value);
+    var value = element.style[style];
+    if (!value || value === 'auto') {
+      var css = document.defaultView.getComputedStyle(element, null);
+      value = css ? css[style] : null;
     }
 
-    return element;
-  },
-
-  retrieve: function(element, key, defaultValue) {
-    if (!(element = $(element))) return;
-    var hash = Element.getStorage(element), value = hash.get(key);
+    if (style === 'opacity') return value ? parseFloat(value) : 1.0;
+    return value === 'auto' ? null : value;
+  }
 
-    if (Object.isUndefined(value)) {
-      hash.set(key, defaultValue);
-      value = defaultValue;
+  function getRawStyle_IE(element, style) {
+    var value = element.style[style];
+    if (!value && element.currentStyle) {
+      value = element.currentStyle[style];
     }
-
     return value;
-  },
-
-  clone: function(element, deep) {
-    if (!(element = $(element))) return;
-    var clone = element.cloneNode(deep);
-    clone._prototypeUID = void 0;
-    if (deep) {
-      var descendants = Element.select(clone, '*'),
-          i = descendants.length;
-      while (i--) {
-        descendants[i]._prototypeUID = void 0;
-      }
-    }
-    return Element.extend(clone);
-  },
-
-  purge: function(element) {
-    if (!(element = $(element))) return;
-    var purgeElement = Element._purgeElement;
-
-    purgeElement(element);
+  }
 
-    var descendants = element.getElementsByTagName('*'),
-     i = descendants.length;
+  function getContentWidth(element, context) {
+    var boxWidth = element.offsetWidth;
 
-    while (i--) purgeElement(descendants[i]);
+    var bl = getPixelValue(element, 'borderLeftWidth',  context) || 0;
+    var br = getPixelValue(element, 'borderRightWidth', context) || 0;
+    var pl = getPixelValue(element, 'paddingLeft',      context) || 0;
+    var pr = getPixelValue(element, 'paddingRight',     context) || 0;
 
-    return null;
+    return boxWidth - bl - br - pl - pr;
   }
-});
 
-(function() {
-
-  function toDecimal(pctString) {
-    var match = pctString.match(/^(\d+)%?$/i);
-    if (!match) return null;
-    return (Number(match[1]) / 100);
+  if (!Object.isUndefined(document.documentElement.currentStyle) && !Prototype.Browser.Opera) {
+    getRawStyle = getRawStyle_IE;
   }
 
+
   function getPixelValue(value, property, context) {
     var element = null;
     if (Object.isElement(value)) {
       element = value;
-      value = element.getStyle(property);
+      value = getRawStyle(element, property);
     }
 
-    if (value === null) {
+    if (value === null || Object.isUndefined(value)) {
       return null;
     }
 
@@ -3213,14 +3556,12 @@ Element.addMethods({
 
     if (element && isPercentage) {
       context = context || element.parentNode;
-      var decimal = toDecimal(value);
-      var whole = null;
-      var position = element.getStyle('position');
+      var decimal = toDecimal(value), whole = null;
 
       var isHorizontal = property.include('left') || property.include('right') ||
        property.include('width');
 
-      var isVertical =  property.include('top') || property.include('bottom') ||
+      var isVertical   = property.include('top') || property.include('bottom') ||
         property.include('height');
 
       if (context === document.viewport) {
@@ -3244,14 +3585,12 @@ Element.addMethods({
   }
 
   function toCSSPixels(number) {
-    if (Object.isString(number) && number.endsWith('px')) {
+    if (Object.isString(number) && number.endsWith('px'))
       return number;
-    }
     return number + 'px';
   }
 
   function isDisplayed(element) {
-    var originalElement = element;
     while (element && element.parentNode) {
       var display = element.getStyle('display');
       if (display === 'none') {
@@ -3309,14 +3648,15 @@ Element.addMethods({
     },
 
     _begin: function() {
-      if (this._prepared) return;
+      if (this._isPrepared()) return;
 
       var element = this.element;
       if (isDisplayed(element)) {
-        this._prepared = true;
+        this._setPrepared(true);
         return;
       }
 
+
       var originalStyles = {
         position:   element.style.position   || '',
         width:      element.style.width      || '',
@@ -3326,30 +3666,30 @@ Element.addMethods({
 
       element.store('prototype_original_styles', originalStyles);
 
-      var position = element.getStyle('position'),
-       width = element.getStyle('width');
+      var position = getRawStyle(element, 'position'), width = element.offsetWidth;
 
-      if (width === "0px" || width === null) {
+      if (width === 0 || width === null) {
         element.style.display = 'block';
-        width = element.getStyle('width');
+        width = element.offsetWidth;
       }
 
       var context = (position === 'fixed') ? document.viewport :
        element.parentNode;
 
-      element.setStyle({
-        position:   'absolute',
+      var tempStyles = {
         visibility: 'hidden',
         display:    'block'
-      });
+      };
 
-      var positionedWidth = element.getStyle('width');
+      if (position !== 'fixed') tempStyles.position = 'absolute';
 
-      var newWidth;
+      element.setStyle(tempStyles);
+
+      var positionedWidth = element.offsetWidth, newWidth;
       if (width && (positionedWidth === width)) {
-        newWidth = getPixelValue(element, 'width', context);
+        newWidth = getContentWidth(element, context);
       } else if (position === 'absolute' || position === 'fixed') {
-        newWidth = getPixelValue(element, 'width', context);
+        newWidth = getContentWidth(element, context);
       } else {
         var parent = element.parentNode, pLayout = $(parent).getLayout();
 
@@ -3364,7 +3704,7 @@ Element.addMethods({
 
       element.setStyle({ width: newWidth + 'px' });
 
-      this._prepared = true;
+      this._setPrepared(true);
     },
 
     _end: function() {
@@ -3372,7 +3712,7 @@ Element.addMethods({
       var originalStyles = element.retrieve('prototype_original_styles');
       element.store('prototype_original_styles', null);
       element.setStyle(originalStyles);
-      this._prepared = false;
+      this._setPrepared(false);
     },
 
     _compute: function(property) {
@@ -3384,6 +3724,14 @@ Element.addMethods({
       return this._set(property, COMPUTATIONS[property].call(this, this.element));
     },
 
+    _isPrepared: function() {
+      return this.element.retrieve('prototype_element_layout_prepared', false);
+    },
+
+    _setPrepared: function(bool) {
+      return this.element.store('prototype_element_layout_prepared', bool);
+    },
+
     toObject: function() {
       var args = $A(arguments);
       var keys = (args.length === 0) ? Element.Layout.PROPERTIES :
@@ -3465,7 +3813,6 @@ Element.addMethods({
          pRight = this.get('padding-right');
 
         if (!this._preComputing) this._end();
-
         return bWidth - bLeft - bRight - pLeft - pRight;
       },
 
@@ -3656,6 +4003,14 @@ Element.addMethods({
     return $(element).getLayout().get(property);
   }
 
+  function getHeight(element) {
+    return Element.getDimensions(element).height;
+  }
+
+  function getWidth(element) {
+    return Element.getDimensions(element).width;
+  }
+
   function getDimensions(element) {
     element = $(element);
     var display = Element.getStyle(element, 'display');
@@ -3694,15 +4049,19 @@ Element.addMethods({
   function getOffsetParent(element) {
     element = $(element);
 
+    function selfOrBody(element) {
+      return isHtml(element) ? $(document.body) : $(element);
+    }
+
     if (isDocument(element) || isDetached(element) || isBody(element) || isHtml(element))
       return $(document.body);
 
     var isInline = (Element.getStyle(element, 'display') === 'inline');
-    if (!isInline && element.offsetParent) return $(element.offsetParent);
+    if (!isInline && element.offsetParent) return selfOrBody(element.offsetParent);
 
     while ((element = element.parentNode) && element !== document.body) {
       if (Element.getStyle(element, 'position') !== 'static') {
-        return isHtml(element) ? $(document.body) : $(element);
+        return selfOrBody(element);
       }
     }
 
@@ -3740,8 +4099,8 @@ Element.addMethods({
       }
     } while (element);
 
-    valueL -= layout.get('margin-top');
-    valueT -= layout.get('margin-left');
+    valueL -= layout.get('margin-left');
+    valueT -= layout.get('margin-top');
 
     return new Element.Offset(valueL, valueT);
   }
@@ -3749,17 +4108,24 @@ Element.addMethods({
   function cumulativeScrollOffset(element) {
     var valueT = 0, valueL = 0;
     do {
-      valueT += element.scrollTop  || 0;
-      valueL += element.scrollLeft || 0;
-      element = element.parentNode;
+      if (element === document.body) {
+        var bodyScrollNode = document.documentElement || document.body.parentNode || document.body;
+        valueT += !Object.isUndefined(window.pageYOffset) ? window.pageYOffset : bodyScrollNode.scrollTop || 0;
+        valueL += !Object.isUndefined(window.pageXOffset) ? window.pageXOffset : bodyScrollNode.scrollLeft || 0;
+        break;
+      } else {
+        valueT += element.scrollTop  || 0;
+        valueL += element.scrollLeft || 0;
+        element = element.parentNode;
+      }
     } while (element);
     return new Element.Offset(valueL, valueT);
   }
 
   function viewportOffset(forElement) {
-    element = $(element);
     var valueT = 0, valueL = 0, docBody = document.body;
 
+    forElement = $(forElement);
     var element = forElement;
     do {
       valueT += element.offsetTop  || 0;
@@ -3793,10 +4159,11 @@ Element.addMethods({
     var layout = element.getLayout();
 
     element.store('prototype_absolutize_original_styles', {
-      left:   element.getStyle('left'),
-      top:    element.getStyle('top'),
-      width:  element.getStyle('width'),
-      height: element.getStyle('height')
+      position: element.getStyle('position'),
+      left:     element.getStyle('left'),
+      top:      element.getStyle('top'),
+      width:    element.getStyle('width'),
+      height:   element.getStyle('height')
     });
 
     element.setStyle({
@@ -3816,13 +4183,149 @@ Element.addMethods({
       return element;
     }
 
-    var originalStyles =
-     element.retrieve('prototype_absolutize_original_styles');
+    var originalStyles =
+     element.retrieve('prototype_absolutize_original_styles');
+
+    if (originalStyles) element.setStyle(originalStyles);
+    return element;
+  }
+
+
+  function scrollTo(element) {
+    element = $(element);
+    var pos = Element.cumulativeOffset(element);
+    window.scrollTo(pos.left, pos.top);
+    return element;
+  }
+
+
+  function makePositioned(element) {
+    element = $(element);
+    var position = Element.getStyle(element, 'position'), styles = {};
+    if (position === 'static' || !position) {
+      styles.position = 'relative';
+      if (Prototype.Browser.Opera) {
+        styles.top  = 0;
+        styles.left = 0;
+      }
+      Element.setStyle(element, styles);
+      Element.store(element, 'prototype_made_positioned', true);
+    }
+    return element;
+  }
+
+  function undoPositioned(element) {
+    element = $(element);
+    var storage = Element.getStorage(element),
+     madePositioned = storage.get('prototype_made_positioned');
+
+    if (madePositioned) {
+      storage.unset('prototype_made_positioned');
+      Element.setStyle(element, {
+        position: '',
+        top:      '',
+        bottom:   '',
+        left:     '',
+        right:    ''
+      });
+    }
+    return element;
+  }
+
+  function makeClipping(element) {
+    element = $(element);
+
+    var storage = Element.getStorage(element),
+     madeClipping = storage.get('prototype_made_clipping');
+
+    if (Object.isUndefined(madeClipping)) {
+      var overflow = Element.getStyle(element, 'overflow');
+      storage.set('prototype_made_clipping', overflow);
+      if (overflow !== 'hidden')
+        element.style.overflow = 'hidden';
+    }
+
+    return element;
+  }
+
+  function undoClipping(element) {
+    element = $(element);
+    var storage = Element.getStorage(element),
+     overflow = storage.get('prototype_made_clipping');
+
+    if (!Object.isUndefined(overflow)) {
+      storage.unset('prototype_made_clipping');
+      element.style.overflow = overflow || '';
+    }
+
+    return element;
+  }
+
+  function clonePosition(element, source, options) {
+    options = Object.extend({
+      setLeft:    true,
+      setTop:     true,
+      setWidth:   true,
+      setHeight:  true,
+      offsetTop:  0,
+      offsetLeft: 0
+    }, options || {});
+
+    var docEl = document.documentElement;
+
+    source  = $(source);
+    element = $(element);
+    var p, delta, layout, styles = {};
+
+    if (options.setLeft || options.setTop) {
+      p = Element.viewportOffset(source);
+      delta = [0, 0];
+      if (Element.getStyle(element, 'position') === 'absolute') {
+        var parent = Element.getOffsetParent(element);
+        if (parent !== document.body) delta = Element.viewportOffset(parent);
+      }
+    }
+
+    function pageScrollXY() {
+      var x = 0, y = 0;
+      if (Object.isNumber(window.pageXOffset)) {
+        x = window.pageXOffset;
+        y = window.pageYOffset;
+      } else if (document.body && (document.body.scrollLeft || document.body.scrollTop)) {
+        x = document.body.scrollLeft;
+        y = document.body.scrollTop;
+      } else if (docEl && (docEl.scrollLeft || docEl.scrollTop)) {
+        x = docEl.scrollLeft;
+        y = docEl.scrollTop;
+      }
+      return { x: x, y: y };
+    }
+
+    var pageXY = pageScrollXY();
+
+
+    if (options.setWidth || options.setHeight) {
+      layout = Element.getLayout(source);
+    }
+
+    if (options.setLeft)
+      styles.left = (p[0] + pageXY.x - delta[0] + options.offsetLeft) + 'px';
+    if (options.setTop)
+      styles.top  = (p[1] + pageXY.y - delta[1] + options.offsetTop)  + 'px';
 
-    if (originalStyles) element.setStyle(originalStyles);
-    return element;
+    var currentLayout = element.getLayout();
+
+    if (options.setWidth) {
+      styles.width = layout.get('width')  + 'px';
+    }
+    if (options.setHeight) {
+      styles.height = layout.get('height') + 'px';
+    }
+
+    return Element.setStyle(element, styles);
   }
 
+
   if (Prototype.Browser.IE) {
     getOffsetParent = getOffsetParent.wrap(
       function(proceed, element) {
@@ -3863,8 +4366,9 @@ Element.addMethods({
       do {
         valueT += element.offsetTop  || 0;
         valueL += element.offsetLeft || 0;
-        if (element.offsetParent == document.body)
+        if (element.offsetParent == document.body) {
           if (Element.getStyle(element, 'position') == 'absolute') break;
+        }
 
         element = element.offsetParent;
       } while (element);
@@ -3877,6 +4381,8 @@ Element.addMethods({
   Element.addMethods({
     getLayout:              getLayout,
     measure:                measure,
+    getWidth:               getWidth,
+    getHeight:              getHeight,
     getDimensions:          getDimensions,
     getOffsetParent:        getOffsetParent,
     cumulativeOffset:       cumulativeOffset,
@@ -3884,7 +4390,13 @@ Element.addMethods({
     cumulativeScrollOffset: cumulativeScrollOffset,
     viewportOffset:         viewportOffset,
     absolutize:             absolutize,
-    relativize:             relativize
+    relativize:             relativize,
+    scrollTo:               scrollTo,
+    makePositioned:         makePositioned,
+    undoPositioned:         undoPositioned,
+    makeClipping:           makeClipping,
+    undoClipping:           undoClipping,
+    clonePosition:          clonePosition
   });
 
   function isBody(element) {
@@ -3917,6 +4429,49 @@ Element.addMethods({
       }
     });
   }
+
+
+})();
+
+(function() {
+
+  var IS_OLD_OPERA = Prototype.Browser.Opera &&
+   (window.parseFloat(window.opera.version()) < 9.5);
+  var ROOT = null;
+  function getRootElement() {
+    if (ROOT) return ROOT;
+    ROOT = IS_OLD_OPERA ? document.body : document.documentElement;
+    return ROOT;
+  }
+
+  function getDimensions() {
+    return { width: this.getWidth(), height: this.getHeight() };
+  }
+
+  function getWidth() {
+    return getRootElement().clientWidth;
+  }
+
+  function getHeight() {
+    return getRootElement().clientHeight;
+  }
+
+  function getScrollOffsets() {
+    var x = window.pageXOffset || document.documentElement.scrollLeft ||
+     document.body.scrollLeft;
+    var y = window.pageYOffset || document.documentElement.scrollTop ||
+     document.body.scrollTop;
+
+    return new Element.Offset(x, y);
+  }
+
+  document.viewport = {
+    getDimensions:    getDimensions,
+    getWidth:         getWidth,
+    getHeight:        getHeight,
+    getScrollOffsets: getScrollOffsets
+  };
+
 })();
 window.$$ = function() {
   var expression = $A(arguments).join(', ');
@@ -3963,982 +4518,1775 @@ Prototype.Selector = (function() {
   };
 })();
 Prototype._original_property = window.Sizzle;
+
+;(function () {
+  function fakeDefine(fn) {
+    Prototype._actual_sizzle = fn();
+  }
+  fakeDefine.amd = true;
+
+  if (typeof define !== 'undefined' && define.amd) {
+    Prototype._original_define = define;
+    Prototype._actual_sizzle = null;
+    window.define = fakeDefine;
+  }
+})();
+
 /*!
- * Sizzle CSS Selector Engine - v1.0
- *  Copyright 2009, The Dojo Foundation
- *  Released under the MIT, BSD, and GPL Licenses.
- *  More information: http://sizzlejs.com/
+ * Sizzle CSS Selector Engine v1.10.18
+ * http://sizzlejs.com/
+ *
+ * Copyright 2013 jQuery Foundation, Inc. and other contributors
+ * Released under the MIT license
+ * http://jquery.org/license
+ *
+ * Date: 2014-02-05
  */
-(function(){
-
-var chunker = /((?:\((?:\([^()]+\)|[^()]+)+\)|\[(?:\[[^[\]]*\]|['"][^'"]*['"]|[^[\]'"]+)+\]|\\.|[^ >+~,(\[\\]+)+|[>+~])(\s*,\s*)?((?:.|\r|\n)*)/g,
+(function( window ) {
+
+var i,
+	support,
+	Expr,
+	getText,
+	isXML,
+	compile,
+	select,
+	outermostContext,
+	sortInput,
+	hasDuplicate,
+
+	setDocument,
+	document,
+	docElem,
+	documentIsHTML,
+	rbuggyQSA,
+	rbuggyMatches,
+	matches,
+	contains,
+
+	expando = "sizzle" + -(new Date()),
+	preferredDoc = window.document,
+	dirruns = 0,
 	done = 0,
-	toString = Object.prototype.toString,
-	hasDuplicate = false,
-	baseHasDuplicate = true;
+	classCache = createCache(),
+	tokenCache = createCache(),
+	compilerCache = createCache(),
+	sortOrder = function( a, b ) {
+		if ( a === b ) {
+			hasDuplicate = true;
+		}
+		return 0;
+	},
 
-[0, 0].sort(function(){
-	baseHasDuplicate = false;
-	return 0;
-});
+	strundefined = typeof undefined,
+	MAX_NEGATIVE = 1 << 31,
+
+	hasOwn = ({}).hasOwnProperty,
+	arr = [],
+	pop = arr.pop,
+	push_native = arr.push,
+	push = arr.push,
+	slice = arr.slice,
+	indexOf = arr.indexOf || function( elem ) {
+		var i = 0,
+			len = this.length;
+		for ( ; i < len; i++ ) {
+			if ( this[i] === elem ) {
+				return i;
+			}
+		}
+		return -1;
+	},
 
-var Sizzle = function(selector, context, results, seed) {
-	results = results || [];
-	var origContext = context = context || document;
+	booleans = "checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|ismap|loop|multiple|open|readonly|required|scoped",
 
-	if ( context.nodeType !== 1 && context.nodeType !== 9 ) {
-		return [];
+
+	whitespace = "[\\x20\\t\\r\\n\\f]",
+	characterEncoding = "(?:\\\\.|[\\w-]|[^\\x00-\\xa0])+",
+
+	identifier = characterEncoding.replace( "w", "w#" ),
+
+	attributes = "\\[" + whitespace + "*(" + characterEncoding + ")" + whitespace +
+		"*(?:([*^$|!~]?=)" + whitespace + "*(?:(['\"])((?:\\\\.|[^\\\\])*?)\\3|(" + identifier + ")|)|)" + whitespace + "*\\]",
+
+	pseudos = ":(" + characterEncoding + ")(?:\\(((['\"])((?:\\\\.|[^\\\\])*?)\\3|((?:\\\\.|[^\\\\()[\\]]|" + attributes.replace( 3, 8 ) + ")*)|.*)\\)|)",
+
+	rtrim = new RegExp( "^" + whitespace + "+|((?:^|[^\\\\])(?:\\\\.)*)" + whitespace + "+$", "g" ),
+
+	rcomma = new RegExp( "^" + whitespace + "*," + whitespace + "*" ),
+	rcombinators = new RegExp( "^" + whitespace + "*([>+~]|" + whitespace + ")" + whitespace + "*" ),
+
+	rattributeQuotes = new RegExp( "=" + whitespace + "*([^\\]'\"]*?)" + whitespace + "*\\]", "g" ),
+
+	rpseudo = new RegExp( pseudos ),
+	ridentifier = new RegExp( "^" + identifier + "$" ),
+
+	matchExpr = {
+		"ID": new RegExp( "^#(" + characterEncoding + ")" ),
+		"CLASS": new RegExp( "^\\.(" + characterEncoding + ")" ),
+		"TAG": new RegExp( "^(" + characterEncoding.replace( "w", "w*" ) + ")" ),
+		"ATTR": new RegExp( "^" + attributes ),
+		"PSEUDO": new RegExp( "^" + pseudos ),
+		"CHILD": new RegExp( "^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\(" + whitespace +
+			"*(even|odd|(([+-]|)(\\d*)n|)" + whitespace + "*(?:([+-]|)" + whitespace +
+			"*(\\d+)|))" + whitespace + "*\\)|)", "i" ),
+		"bool": new RegExp( "^(?:" + booleans + ")$", "i" ),
+		"needsContext": new RegExp( "^" + whitespace + "*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\(" +
+			whitespace + "*((?:-\\d)?\\d*)" + whitespace + "*\\)|)(?=[^-]|$)", "i" )
+	},
+
+	rinputs = /^(?:input|select|textarea|button)$/i,
+	rheader = /^h\d$/i,
+
+	rnative = /^[^{]+\{\s*\[native \w/,
+
+	rquickExpr = /^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,
+
+	rsibling = /[+~]/,
+	rescape = /'|\\/g,
+
+	runescape = new RegExp( "\\\\([\\da-f]{1,6}" + whitespace + "?|(" + whitespace + ")|.)", "ig" ),
+	funescape = function( _, escaped, escapedWhitespace ) {
+		var high = "0x" + escaped - 0x10000;
+		return high !== high || escapedWhitespace ?
+			escaped :
+			high < 0 ?
+				String.fromCharCode( high + 0x10000 ) :
+				String.fromCharCode( high >> 10 | 0xD800, high & 0x3FF | 0xDC00 );
+	};
+
+try {
+	push.apply(
+		(arr = slice.call( preferredDoc.childNodes )),
+		preferredDoc.childNodes
+	);
+	arr[ preferredDoc.childNodes.length ].nodeType;
+} catch ( e ) {
+	push = { apply: arr.length ?
+
+		function( target, els ) {
+			push_native.apply( target, slice.call(els) );
+		} :
+
+		function( target, els ) {
+			var j = target.length,
+				i = 0;
+			while ( (target[j++] = els[i++]) ) {}
+			target.length = j - 1;
+		}
+	};
+}
+
+function Sizzle( selector, context, results, seed ) {
+	var match, elem, m, nodeType,
+		i, groups, old, nid, newContext, newSelector;
+
+	if ( ( context ? context.ownerDocument || context : preferredDoc ) !== document ) {
+		setDocument( context );
 	}
 
+	context = context || document;
+	results = results || [];
+
 	if ( !selector || typeof selector !== "string" ) {
 		return results;
 	}
 
-	var parts = [], m, set, checkSet, check, mode, extra, prune = true, contextXML = isXML(context),
-		soFar = selector;
+	if ( (nodeType = context.nodeType) !== 1 && nodeType !== 9 ) {
+		return [];
+	}
+
+	if ( documentIsHTML && !seed ) {
 
-	while ( (chunker.exec(""), m = chunker.exec(soFar)) !== null ) {
-		soFar = m[3];
+		if ( (match = rquickExpr.exec( selector )) ) {
+			if ( (m = match[1]) ) {
+				if ( nodeType === 9 ) {
+					elem = context.getElementById( m );
+					if ( elem && elem.parentNode ) {
+						if ( elem.id === m ) {
+							results.push( elem );
+							return results;
+						}
+					} else {
+						return results;
+					}
+				} else {
+					if ( context.ownerDocument && (elem = context.ownerDocument.getElementById( m )) &&
+						contains( context, elem ) && elem.id === m ) {
+						results.push( elem );
+						return results;
+					}
+				}
 
-		parts.push( m[1] );
+			} else if ( match[2] ) {
+				push.apply( results, context.getElementsByTagName( selector ) );
+				return results;
 
-		if ( m[2] ) {
-			extra = m[3];
-			break;
+			} else if ( (m = match[3]) && support.getElementsByClassName && context.getElementsByClassName ) {
+				push.apply( results, context.getElementsByClassName( m ) );
+				return results;
+			}
 		}
-	}
 
-	if ( parts.length > 1 && origPOS.exec( selector ) ) {
-		if ( parts.length === 2 && Expr.relative[ parts[0] ] ) {
-			set = posProcess( parts[0] + parts[1], context );
-		} else {
-			set = Expr.relative[ parts[0] ] ?
-				[ context ] :
-				Sizzle( parts.shift(), context );
+		if ( support.qsa && (!rbuggyQSA || !rbuggyQSA.test( selector )) ) {
+			nid = old = expando;
+			newContext = context;
+			newSelector = nodeType === 9 && selector;
 
-			while ( parts.length ) {
-				selector = parts.shift();
+			if ( nodeType === 1 && context.nodeName.toLowerCase() !== "object" ) {
+				groups = tokenize( selector );
 
-				if ( Expr.relative[ selector ] )
-					selector += parts.shift();
+				if ( (old = context.getAttribute("id")) ) {
+					nid = old.replace( rescape, "\\$&" );
+				} else {
+					context.setAttribute( "id", nid );
+				}
+				nid = "[id='" + nid + "'] ";
+
+				i = groups.length;
+				while ( i-- ) {
+					groups[i] = nid + toSelector( groups[i] );
+				}
+				newContext = rsibling.test( selector ) && testContext( context.parentNode ) || context;
+				newSelector = groups.join(",");
+			}
 
-				set = posProcess( selector, set );
+			if ( newSelector ) {
+				try {
+					push.apply( results,
+						newContext.querySelectorAll( newSelector )
+					);
+					return results;
+				} catch(qsaError) {
+				} finally {
+					if ( !old ) {
+						context.removeAttribute("id");
+					}
+				}
 			}
 		}
-	} else {
-		if ( !seed && parts.length > 1 && context.nodeType === 9 && !contextXML &&
-				Expr.match.ID.test(parts[0]) && !Expr.match.ID.test(parts[parts.length - 1]) ) {
-			var ret = Sizzle.find( parts.shift(), context, contextXML );
-			context = ret.expr ? Sizzle.filter( ret.expr, ret.set )[0] : ret.set[0];
+	}
+
+	return select( selector.replace( rtrim, "$1" ), context, results, seed );
+}
+
+/**
+ * Create key-value caches of limited size
+ * @returns {Function(string, Object)} Returns the Object data after storing it on itself with
+ *	property name the (space-suffixed) string and (if the cache is larger than Expr.cacheLength)
+ *	deleting the oldest entry
+ */
+function createCache() {
+	var keys = [];
+
+	function cache( key, value ) {
+		if ( keys.push( key + " " ) > Expr.cacheLength ) {
+			delete cache[ keys.shift() ];
 		}
+		return (cache[ key + " " ] = value);
+	}
+	return cache;
+}
 
-		if ( context ) {
-			var ret = seed ?
-				{ expr: parts.pop(), set: makeArray(seed) } :
-				Sizzle.find( parts.pop(), parts.length === 1 && (parts[0] === "~" || parts[0] === "+") && context.parentNode ? context.parentNode : context, contextXML );
-			set = ret.expr ? Sizzle.filter( ret.expr, ret.set ) : ret.set;
+/**
+ * Mark a function for special use by Sizzle
+ * @param {Function} fn The function to mark
+ */
+function markFunction( fn ) {
+	fn[ expando ] = true;
+	return fn;
+}
 
-			if ( parts.length > 0 ) {
-				checkSet = makeArray(set);
-			} else {
-				prune = false;
+/**
+ * Support testing using an element
+ * @param {Function} fn Passed the created div and expects a boolean result
+ */
+function assert( fn ) {
+	var div = document.createElement("div");
+
+	try {
+		return !!fn( div );
+	} catch (e) {
+		return false;
+	} finally {
+		if ( div.parentNode ) {
+			div.parentNode.removeChild( div );
+		}
+		div = null;
+	}
+}
+
+/**
+ * Adds the same handler for all of the specified attrs
+ * @param {String} attrs Pipe-separated list of attributes
+ * @param {Function} handler The method that will be applied
+ */
+function addHandle( attrs, handler ) {
+	var arr = attrs.split("|"),
+		i = attrs.length;
+
+	while ( i-- ) {
+		Expr.attrHandle[ arr[i] ] = handler;
+	}
+}
+
+/**
+ * Checks document order of two siblings
+ * @param {Element} a
+ * @param {Element} b
+ * @returns {Number} Returns less than 0 if a precedes b, greater than 0 if a follows b
+ */
+function siblingCheck( a, b ) {
+	var cur = b && a,
+		diff = cur && a.nodeType === 1 && b.nodeType === 1 &&
+			( ~b.sourceIndex || MAX_NEGATIVE ) -
+			( ~a.sourceIndex || MAX_NEGATIVE );
+
+	if ( diff ) {
+		return diff;
+	}
+
+	if ( cur ) {
+		while ( (cur = cur.nextSibling) ) {
+			if ( cur === b ) {
+				return -1;
 			}
+		}
+	}
 
-			while ( parts.length ) {
-				var cur = parts.pop(), pop = cur;
+	return a ? 1 : -1;
+}
 
-				if ( !Expr.relative[ cur ] ) {
-					cur = "";
-				} else {
-					pop = parts.pop();
+/**
+ * Returns a function to use in pseudos for input types
+ * @param {String} type
+ */
+function createInputPseudo( type ) {
+	return function( elem ) {
+		var name = elem.nodeName.toLowerCase();
+		return name === "input" && elem.type === type;
+	};
+}
+
+/**
+ * Returns a function to use in pseudos for buttons
+ * @param {String} type
+ */
+function createButtonPseudo( type ) {
+	return function( elem ) {
+		var name = elem.nodeName.toLowerCase();
+		return (name === "input" || name === "button") && elem.type === type;
+	};
+}
+
+/**
+ * Returns a function to use in pseudos for positionals
+ * @param {Function} fn
+ */
+function createPositionalPseudo( fn ) {
+	return markFunction(function( argument ) {
+		argument = +argument;
+		return markFunction(function( seed, matches ) {
+			var j,
+				matchIndexes = fn( [], seed.length, argument ),
+				i = matchIndexes.length;
+
+			while ( i-- ) {
+				if ( seed[ (j = matchIndexes[i]) ] ) {
+					seed[j] = !(matches[j] = seed[j]);
 				}
+			}
+		});
+	});
+}
+
+/**
+ * Checks a node for validity as a Sizzle context
+ * @param {Element|Object=} context
+ * @returns {Element|Object|Boolean} The input node if acceptable, otherwise a falsy value
+ */
+function testContext( context ) {
+	return context && typeof context.getElementsByTagName !== strundefined && context;
+}
+
+support = Sizzle.support = {};
+
+/**
+ * Detects XML nodes
+ * @param {Element|Object} elem An element or a document
+ * @returns {Boolean} True iff elem is a non-HTML XML node
+ */
+isXML = Sizzle.isXML = function( elem ) {
+	var documentElement = elem && (elem.ownerDocument || elem).documentElement;
+	return documentElement ? documentElement.nodeName !== "HTML" : false;
+};
+
+/**
+ * Sets document-related variables once based on the current document
+ * @param {Element|Object} [doc] An element or document object to use to set the document
+ * @returns {Object} Returns the current document
+ */
+setDocument = Sizzle.setDocument = function( node ) {
+	var hasCompare,
+		doc = node ? node.ownerDocument || node : preferredDoc,
+		parent = doc.defaultView;
+
+	if ( doc === document || doc.nodeType !== 9 || !doc.documentElement ) {
+		return document;
+	}
+
+	document = doc;
+	docElem = doc.documentElement;
+
+	documentIsHTML = !isXML( doc );
+
+	if ( parent && parent !== parent.top ) {
+		if ( parent.addEventListener ) {
+			parent.addEventListener( "unload", function() {
+				setDocument();
+			}, false );
+		} else if ( parent.attachEvent ) {
+			parent.attachEvent( "onunload", function() {
+				setDocument();
+			});
+		}
+	}
+
+	/* Attributes
+	---------------------------------------------------------------------- */
+
+	support.attributes = assert(function( div ) {
+		div.className = "i";
+		return !div.getAttribute("className");
+	});
+
+	/* getElement(s)By*
+	---------------------------------------------------------------------- */
+
+	support.getElementsByTagName = assert(function( div ) {
+		div.appendChild( doc.createComment("") );
+		return !div.getElementsByTagName("*").length;
+	});
+
+	support.getElementsByClassName = rnative.test( doc.getElementsByClassName ) && assert(function( div ) {
+		div.innerHTML = "<div class='a'></div><div class='a i'></div>";
+
+		div.firstChild.className = "i";
+		return div.getElementsByClassName("i").length === 2;
+	});
+
+	support.getById = assert(function( div ) {
+		docElem.appendChild( div ).id = expando;
+		return !doc.getElementsByName || !doc.getElementsByName( expando ).length;
+	});
 
-				if ( pop == null ) {
-					pop = context;
+	if ( support.getById ) {
+		Expr.find["ID"] = function( id, context ) {
+			if ( typeof context.getElementById !== strundefined && documentIsHTML ) {
+				var m = context.getElementById( id );
+				return m && m.parentNode ? [m] : [];
+			}
+		};
+		Expr.filter["ID"] = function( id ) {
+			var attrId = id.replace( runescape, funescape );
+			return function( elem ) {
+				return elem.getAttribute("id") === attrId;
+			};
+		};
+	} else {
+		delete Expr.find["ID"];
+
+		Expr.filter["ID"] =  function( id ) {
+			var attrId = id.replace( runescape, funescape );
+			return function( elem ) {
+				var node = typeof elem.getAttributeNode !== strundefined && elem.getAttributeNode("id");
+				return node && node.value === attrId;
+			};
+		};
+	}
+
+	Expr.find["TAG"] = support.getElementsByTagName ?
+		function( tag, context ) {
+			if ( typeof context.getElementsByTagName !== strundefined ) {
+				return context.getElementsByTagName( tag );
+			}
+		} :
+		function( tag, context ) {
+			var elem,
+				tmp = [],
+				i = 0,
+				results = context.getElementsByTagName( tag );
+
+			if ( tag === "*" ) {
+				while ( (elem = results[i++]) ) {
+					if ( elem.nodeType === 1 ) {
+						tmp.push( elem );
+					}
 				}
 
-				Expr.relative[ cur ]( checkSet, pop, contextXML );
+				return tmp;
 			}
-		} else {
-			checkSet = parts = [];
+			return results;
+		};
+
+	Expr.find["CLASS"] = support.getElementsByClassName && function( className, context ) {
+		if ( typeof context.getElementsByClassName !== strundefined && documentIsHTML ) {
+			return context.getElementsByClassName( className );
 		}
-	}
+	};
+
+	/* QSA/matchesSelector
+	---------------------------------------------------------------------- */
 
-	if ( !checkSet ) {
-		checkSet = set;
+
+	rbuggyMatches = [];
+
+	rbuggyQSA = [];
+
+	if ( (support.qsa = rnative.test( doc.querySelectorAll )) ) {
+		assert(function( div ) {
+			div.innerHTML = "<select t=''><option selected=''></option></select>";
+
+			if ( div.querySelectorAll("[t^='']").length ) {
+				rbuggyQSA.push( "[*^$]=" + whitespace + "*(?:''|\"\")" );
+			}
+
+			if ( !div.querySelectorAll("[selected]").length ) {
+				rbuggyQSA.push( "\\[" + whitespace + "*(?:value|" + booleans + ")" );
+			}
+
+			if ( !div.querySelectorAll(":checked").length ) {
+				rbuggyQSA.push(":checked");
+			}
+		});
+
+		assert(function( div ) {
+			var input = doc.createElement("input");
+			input.setAttribute( "type", "hidden" );
+			div.appendChild( input ).setAttribute( "name", "D" );
+
+			if ( div.querySelectorAll("[name=d]").length ) {
+				rbuggyQSA.push( "name" + whitespace + "*[*^$|!~]?=" );
+			}
+
+			if ( !div.querySelectorAll(":enabled").length ) {
+				rbuggyQSA.push( ":enabled", ":disabled" );
+			}
+
+			div.querySelectorAll("*,:x");
+			rbuggyQSA.push(",.*:");
+		});
 	}
 
-	if ( !checkSet ) {
-		throw "Syntax error, unrecognized expression: " + (cur || selector);
+	if ( (support.matchesSelector = rnative.test( (matches = docElem.webkitMatchesSelector ||
+		docElem.mozMatchesSelector ||
+		docElem.oMatchesSelector ||
+		docElem.msMatchesSelector) )) ) {
+
+		assert(function( div ) {
+			support.disconnectedMatch = matches.call( div, "div" );
+
+			matches.call( div, "[s!='']:x" );
+			rbuggyMatches.push( "!=", pseudos );
+		});
 	}
 
-	if ( toString.call(checkSet) === "[object Array]" ) {
-		if ( !prune ) {
-			results.push.apply( results, checkSet );
-		} else if ( context && context.nodeType === 1 ) {
-			for ( var i = 0; checkSet[i] != null; i++ ) {
-				if ( checkSet[i] && (checkSet[i] === true || checkSet[i].nodeType === 1 && contains(context, checkSet[i])) ) {
-					results.push( set[i] );
+	rbuggyQSA = rbuggyQSA.length && new RegExp( rbuggyQSA.join("|") );
+	rbuggyMatches = rbuggyMatches.length && new RegExp( rbuggyMatches.join("|") );
+
+	/* Contains
+	---------------------------------------------------------------------- */
+	hasCompare = rnative.test( docElem.compareDocumentPosition );
+
+	contains = hasCompare || rnative.test( docElem.contains ) ?
+		function( a, b ) {
+			var adown = a.nodeType === 9 ? a.documentElement : a,
+				bup = b && b.parentNode;
+			return a === bup || !!( bup && bup.nodeType === 1 && (
+				adown.contains ?
+					adown.contains( bup ) :
+					a.compareDocumentPosition && a.compareDocumentPosition( bup ) & 16
+			));
+		} :
+		function( a, b ) {
+			if ( b ) {
+				while ( (b = b.parentNode) ) {
+					if ( b === a ) {
+						return true;
+					}
 				}
 			}
-		} else {
-			for ( var i = 0; checkSet[i] != null; i++ ) {
-				if ( checkSet[i] && checkSet[i].nodeType === 1 ) {
-					results.push( set[i] );
-				}
+			return false;
+		};
+
+	/* Sorting
+	---------------------------------------------------------------------- */
+
+	sortOrder = hasCompare ?
+	function( a, b ) {
+
+		if ( a === b ) {
+			hasDuplicate = true;
+			return 0;
+		}
+
+		var compare = !a.compareDocumentPosition - !b.compareDocumentPosition;
+		if ( compare ) {
+			return compare;
+		}
+
+		compare = ( a.ownerDocument || a ) === ( b.ownerDocument || b ) ?
+			a.compareDocumentPosition( b ) :
+
+			1;
+
+		if ( compare & 1 ||
+			(!support.sortDetached && b.compareDocumentPosition( a ) === compare) ) {
+
+			if ( a === doc || a.ownerDocument === preferredDoc && contains(preferredDoc, a) ) {
+				return -1;
+			}
+			if ( b === doc || b.ownerDocument === preferredDoc && contains(preferredDoc, b) ) {
+				return 1;
 			}
+
+			return sortInput ?
+				( indexOf.call( sortInput, a ) - indexOf.call( sortInput, b ) ) :
+				0;
 		}
-	} else {
-		makeArray( checkSet, results );
+
+		return compare & 4 ? -1 : 1;
+	} :
+	function( a, b ) {
+		if ( a === b ) {
+			hasDuplicate = true;
+			return 0;
+		}
+
+		var cur,
+			i = 0,
+			aup = a.parentNode,
+			bup = b.parentNode,
+			ap = [ a ],
+			bp = [ b ];
+
+		if ( !aup || !bup ) {
+			return a === doc ? -1 :
+				b === doc ? 1 :
+				aup ? -1 :
+				bup ? 1 :
+				sortInput ?
+				( indexOf.call( sortInput, a ) - indexOf.call( sortInput, b ) ) :
+				0;
+
+		} else if ( aup === bup ) {
+			return siblingCheck( a, b );
+		}
+
+		cur = a;
+		while ( (cur = cur.parentNode) ) {
+			ap.unshift( cur );
+		}
+		cur = b;
+		while ( (cur = cur.parentNode) ) {
+			bp.unshift( cur );
+		}
+
+		while ( ap[i] === bp[i] ) {
+			i++;
+		}
+
+		return i ?
+			siblingCheck( ap[i], bp[i] ) :
+
+			ap[i] === preferredDoc ? -1 :
+			bp[i] === preferredDoc ? 1 :
+			0;
+	};
+
+	return doc;
+};
+
+Sizzle.matches = function( expr, elements ) {
+	return Sizzle( expr, null, null, elements );
+};
+
+Sizzle.matchesSelector = function( elem, expr ) {
+	if ( ( elem.ownerDocument || elem ) !== document ) {
+		setDocument( elem );
 	}
 
-	if ( extra ) {
-		Sizzle( extra, origContext, results, seed );
-		Sizzle.uniqueSort( results );
+	expr = expr.replace( rattributeQuotes, "='$1']" );
+
+	if ( support.matchesSelector && documentIsHTML &&
+		( !rbuggyMatches || !rbuggyMatches.test( expr ) ) &&
+		( !rbuggyQSA     || !rbuggyQSA.test( expr ) ) ) {
+
+		try {
+			var ret = matches.call( elem, expr );
+
+			if ( ret || support.disconnectedMatch ||
+					elem.document && elem.document.nodeType !== 11 ) {
+				return ret;
+			}
+		} catch(e) {}
 	}
 
-	return results;
+	return Sizzle( expr, document, null, [elem] ).length > 0;
+};
+
+Sizzle.contains = function( context, elem ) {
+	if ( ( context.ownerDocument || context ) !== document ) {
+		setDocument( context );
+	}
+	return contains( context, elem );
 };
 
-Sizzle.uniqueSort = function(results){
-	if ( sortOrder ) {
-		hasDuplicate = baseHasDuplicate;
-		results.sort(sortOrder);
+Sizzle.attr = function( elem, name ) {
+	if ( ( elem.ownerDocument || elem ) !== document ) {
+		setDocument( elem );
+	}
 
-		if ( hasDuplicate ) {
-			for ( var i = 1; i < results.length; i++ ) {
-				if ( results[i] === results[i-1] ) {
-					results.splice(i--, 1);
-				}
+	var fn = Expr.attrHandle[ name.toLowerCase() ],
+		val = fn && hasOwn.call( Expr.attrHandle, name.toLowerCase() ) ?
+			fn( elem, name, !documentIsHTML ) :
+			undefined;
+
+	return val !== undefined ?
+		val :
+		support.attributes || !documentIsHTML ?
+			elem.getAttribute( name ) :
+			(val = elem.getAttributeNode(name)) && val.specified ?
+				val.value :
+				null;
+};
+
+Sizzle.error = function( msg ) {
+	throw new Error( "Syntax error, unrecognized expression: " + msg );
+};
+
+/**
+ * Document sorting and removing duplicates
+ * @param {ArrayLike} results
+ */
+Sizzle.uniqueSort = function( results ) {
+	var elem,
+		duplicates = [],
+		j = 0,
+		i = 0;
+
+	hasDuplicate = !support.detectDuplicates;
+	sortInput = !support.sortStable && results.slice( 0 );
+	results.sort( sortOrder );
+
+	if ( hasDuplicate ) {
+		while ( (elem = results[i++]) ) {
+			if ( elem === results[ i ] ) {
+				j = duplicates.push( i );
 			}
 		}
+		while ( j-- ) {
+			results.splice( duplicates[ j ], 1 );
+		}
 	}
 
+	sortInput = null;
+
 	return results;
 };
 
-Sizzle.matches = function(expr, set){
-	return Sizzle(expr, null, null, set);
+/**
+ * Utility function for retrieving the text value of an array of DOM nodes
+ * @param {Array|Element} elem
+ */
+getText = Sizzle.getText = function( elem ) {
+	var node,
+		ret = "",
+		i = 0,
+		nodeType = elem.nodeType;
+
+	if ( !nodeType ) {
+		while ( (node = elem[i++]) ) {
+			ret += getText( node );
+		}
+	} else if ( nodeType === 1 || nodeType === 9 || nodeType === 11 ) {
+		if ( typeof elem.textContent === "string" ) {
+			return elem.textContent;
+		} else {
+			for ( elem = elem.firstChild; elem; elem = elem.nextSibling ) {
+				ret += getText( elem );
+			}
+		}
+	} else if ( nodeType === 3 || nodeType === 4 ) {
+		return elem.nodeValue;
+	}
+
+	return ret;
 };
 
-Sizzle.find = function(expr, context, isXML){
-	var set, match;
+Expr = Sizzle.selectors = {
 
-	if ( !expr ) {
-		return [];
-	}
+	cacheLength: 50,
 
-	for ( var i = 0, l = Expr.order.length; i < l; i++ ) {
-		var type = Expr.order[i], match;
+	createPseudo: markFunction,
 
-		if ( (match = Expr.leftMatch[ type ].exec( expr )) ) {
-			var left = match[1];
-			match.splice(1,1);
+	match: matchExpr,
 
-			if ( left.substr( left.length - 1 ) !== "\\" ) {
-				match[1] = (match[1] || "").replace(/\\/g, "");
-				set = Expr.find[ type ]( match, context, isXML );
-				if ( set != null ) {
-					expr = expr.replace( Expr.match[ type ], "" );
-					break;
-				}
-			}
-		}
-	}
+	attrHandle: {},
 
-	if ( !set ) {
-		set = context.getElementsByTagName("*");
-	}
+	find: {},
 
-	return {set: set, expr: expr};
-};
+	relative: {
+		">": { dir: "parentNode", first: true },
+		" ": { dir: "parentNode" },
+		"+": { dir: "previousSibling", first: true },
+		"~": { dir: "previousSibling" }
+	},
 
-Sizzle.filter = function(expr, set, inplace, not){
-	var old = expr, result = [], curLoop = set, match, anyFound,
-		isXMLFilter = set && set[0] && isXML(set[0]);
+	preFilter: {
+		"ATTR": function( match ) {
+			match[1] = match[1].replace( runescape, funescape );
 
-	while ( expr && set.length ) {
-		for ( var type in Expr.filter ) {
-			if ( (match = Expr.match[ type ].exec( expr )) != null ) {
-				var filter = Expr.filter[ type ], found, item;
-				anyFound = false;
+			match[3] = ( match[4] || match[5] || "" ).replace( runescape, funescape );
 
-				if ( curLoop == result ) {
-					result = [];
-				}
+			if ( match[2] === "~=" ) {
+				match[3] = " " + match[3] + " ";
+			}
 
-				if ( Expr.preFilter[ type ] ) {
-					match = Expr.preFilter[ type ]( match, curLoop, inplace, result, not, isXMLFilter );
+			return match.slice( 0, 4 );
+		},
 
-					if ( !match ) {
-						anyFound = found = true;
-					} else if ( match === true ) {
-						continue;
-					}
+		"CHILD": function( match ) {
+			/* matches from matchExpr["CHILD"]
+				1 type (only|nth|...)
+				2 what (child|of-type)
+				3 argument (even|odd|\d*|\d*n([+-]\d+)?|...)
+				4 xn-component of xn+y argument ([+-]?\d*n|)
+				5 sign of xn-component
+				6 x of xn-component
+				7 sign of y-component
+				8 y of y-component
+			*/
+			match[1] = match[1].toLowerCase();
+
+			if ( match[1].slice( 0, 3 ) === "nth" ) {
+				if ( !match[3] ) {
+					Sizzle.error( match[0] );
 				}
 
-				if ( match ) {
-					for ( var i = 0; (item = curLoop[i]) != null; i++ ) {
-						if ( item ) {
-							found = filter( item, match, i, curLoop );
-							var pass = not ^ !!found;
-
-							if ( inplace && found != null ) {
-								if ( pass ) {
-									anyFound = true;
-								} else {
-									curLoop[i] = false;
-								}
-							} else if ( pass ) {
-								result.push( item );
-								anyFound = true;
-							}
-						}
-					}
-				}
+				match[4] = +( match[4] ? match[5] + (match[6] || 1) : 2 * ( match[3] === "even" || match[3] === "odd" ) );
+				match[5] = +( ( match[7] + match[8] ) || match[3] === "odd" );
 
-				if ( found !== undefined ) {
-					if ( !inplace ) {
-						curLoop = result;
-					}
+			} else if ( match[3] ) {
+				Sizzle.error( match[0] );
+			}
 
-					expr = expr.replace( Expr.match[ type ], "" );
+			return match;
+		},
 
-					if ( !anyFound ) {
-						return [];
-					}
+		"PSEUDO": function( match ) {
+			var excess,
+				unquoted = !match[5] && match[2];
 
-					break;
-				}
+			if ( matchExpr["CHILD"].test( match[0] ) ) {
+				return null;
 			}
-		}
 
-		if ( expr == old ) {
-			if ( anyFound == null ) {
-				throw "Syntax error, unrecognized expression: " + expr;
-			} else {
-				break;
-			}
-		}
+			if ( match[3] && match[4] !== undefined ) {
+				match[2] = match[4];
 
-		old = expr;
-	}
+			} else if ( unquoted && rpseudo.test( unquoted ) &&
+				(excess = tokenize( unquoted, true )) &&
+				(excess = unquoted.indexOf( ")", unquoted.length - excess ) - unquoted.length) ) {
 
-	return curLoop;
-};
+				match[0] = match[0].slice( 0, excess );
+				match[2] = unquoted.slice( 0, excess );
+			}
 
-var Expr = Sizzle.selectors = {
-	order: [ "ID", "NAME", "TAG" ],
-	match: {
-		ID: /#((?:[\w\u00c0-\uFFFF-]|\\.)+)/,
-		CLASS: /\.((?:[\w\u00c0-\uFFFF-]|\\.)+)/,
-		NAME: /\[name=['"]*((?:[\w\u00c0-\uFFFF-]|\\.)+)['"]*\]/,
-		ATTR: /\[\s*((?:[\w\u00c0-\uFFFF-]|\\.)+)\s*(?:(\S?=)\s*(['"]*)(.*?)\3|)\s*\]/,
-		TAG: /^((?:[\w\u00c0-\uFFFF\*-]|\\.)+)/,
-		CHILD: /:(only|nth|last|first)-child(?:\((even|odd|[\dn+-]*)\))?/,
-		POS: /:(nth|eq|gt|lt|first|last|even|odd)(?:\((\d*)\))?(?=[^-]|$)/,
-		PSEUDO: /:((?:[\w\u00c0-\uFFFF-]|\\.)+)(?:\((['"]*)((?:\([^\)]+\)|[^\2\(\)]*)+)\2\))?/
-	},
-	leftMatch: {},
-	attrMap: {
-		"class": "className",
-		"for": "htmlFor"
-	},
-	attrHandle: {
-		href: function(elem){
-			return elem.getAttribute("href");
+			return match.slice( 0, 3 );
 		}
 	},
-	relative: {
-		"+": function(checkSet, part, isXML){
-			var isPartStr = typeof part === "string",
-				isTag = isPartStr && !/\W/.test(part),
-				isPartStrNotTag = isPartStr && !isTag;
 
-			if ( isTag && !isXML ) {
-				part = part.toUpperCase();
-			}
+	filter: {
 
-			for ( var i = 0, l = checkSet.length, elem; i < l; i++ ) {
-				if ( (elem = checkSet[i]) ) {
-					while ( (elem = elem.previousSibling) && elem.nodeType !== 1 ) {}
+		"TAG": function( nodeNameSelector ) {
+			var nodeName = nodeNameSelector.replace( runescape, funescape ).toLowerCase();
+			return nodeNameSelector === "*" ?
+				function() { return true; } :
+				function( elem ) {
+					return elem.nodeName && elem.nodeName.toLowerCase() === nodeName;
+				};
+		},
 
-					checkSet[i] = isPartStrNotTag || elem && elem.nodeName === part ?
-						elem || false :
-						elem === part;
-				}
-			}
+		"CLASS": function( className ) {
+			var pattern = classCache[ className + " " ];
 
-			if ( isPartStrNotTag ) {
-				Sizzle.filter( part, checkSet, true );
-			}
+			return pattern ||
+				(pattern = new RegExp( "(^|" + whitespace + ")" + className + "(" + whitespace + "|$)" )) &&
+				classCache( className, function( elem ) {
+					return pattern.test( typeof elem.className === "string" && elem.className || typeof elem.getAttribute !== strundefined && elem.getAttribute("class") || "" );
+				});
 		},
-		">": function(checkSet, part, isXML){
-			var isPartStr = typeof part === "string";
 
-			if ( isPartStr && !/\W/.test(part) ) {
-				part = isXML ? part : part.toUpperCase();
+		"ATTR": function( name, operator, check ) {
+			return function( elem ) {
+				var result = Sizzle.attr( elem, name );
 
-				for ( var i = 0, l = checkSet.length; i < l; i++ ) {
-					var elem = checkSet[i];
-					if ( elem ) {
-						var parent = elem.parentNode;
-						checkSet[i] = parent.nodeName === part ? parent : false;
-					}
+				if ( result == null ) {
+					return operator === "!=";
 				}
-			} else {
-				for ( var i = 0, l = checkSet.length; i < l; i++ ) {
-					var elem = checkSet[i];
-					if ( elem ) {
-						checkSet[i] = isPartStr ?
-							elem.parentNode :
-							elem.parentNode === part;
-					}
+				if ( !operator ) {
+					return true;
 				}
 
-				if ( isPartStr ) {
-					Sizzle.filter( part, checkSet, true );
-				}
-			}
+				result += "";
+
+				return operator === "=" ? result === check :
+					operator === "!=" ? result !== check :
+					operator === "^=" ? check && result.indexOf( check ) === 0 :
+					operator === "*=" ? check && result.indexOf( check ) > -1 :
+					operator === "$=" ? check && result.slice( -check.length ) === check :
+					operator === "~=" ? ( " " + result + " " ).indexOf( check ) > -1 :
+					operator === "|=" ? result === check || result.slice( 0, check.length + 1 ) === check + "-" :
+					false;
+			};
 		},
-		"": function(checkSet, part, isXML){
-			var doneName = done++, checkFn = dirCheck;
 
-			if ( !/\W/.test(part) ) {
-				var nodeCheck = part = isXML ? part : part.toUpperCase();
-				checkFn = dirNodeCheck;
-			}
+		"CHILD": function( type, what, argument, first, last ) {
+			var simple = type.slice( 0, 3 ) !== "nth",
+				forward = type.slice( -4 ) !== "last",
+				ofType = what === "of-type";
+
+			return first === 1 && last === 0 ?
+
+				function( elem ) {
+					return !!elem.parentNode;
+				} :
+
+				function( elem, context, xml ) {
+					var cache, outerCache, node, diff, nodeIndex, start,
+						dir = simple !== forward ? "nextSibling" : "previousSibling",
+						parent = elem.parentNode,
+						name = ofType && elem.nodeName.toLowerCase(),
+						useCache = !xml && !ofType;
+
+					if ( parent ) {
+
+						if ( simple ) {
+							while ( dir ) {
+								node = elem;
+								while ( (node = node[ dir ]) ) {
+									if ( ofType ? node.nodeName.toLowerCase() === name : node.nodeType === 1 ) {
+										return false;
+									}
+								}
+								start = dir = type === "only" && !start && "nextSibling";
+							}
+							return true;
+						}
 
-			checkFn("parentNode", part, doneName, checkSet, nodeCheck, isXML);
-		},
-		"~": function(checkSet, part, isXML){
-			var doneName = done++, checkFn = dirCheck;
+						start = [ forward ? parent.firstChild : parent.lastChild ];
 
-			if ( typeof part === "string" && !/\W/.test(part) ) {
-				var nodeCheck = part = isXML ? part : part.toUpperCase();
-				checkFn = dirNodeCheck;
-			}
+						if ( forward && useCache ) {
+							outerCache = parent[ expando ] || (parent[ expando ] = {});
+							cache = outerCache[ type ] || [];
+							nodeIndex = cache[0] === dirruns && cache[1];
+							diff = cache[0] === dirruns && cache[2];
+							node = nodeIndex && parent.childNodes[ nodeIndex ];
 
-			checkFn("previousSibling", part, doneName, checkSet, nodeCheck, isXML);
-		}
-	},
-	find: {
-		ID: function(match, context, isXML){
-			if ( typeof context.getElementById !== "undefined" && !isXML ) {
-				var m = context.getElementById(match[1]);
-				return m ? [m] : [];
-			}
-		},
-		NAME: function(match, context, isXML){
-			if ( typeof context.getElementsByName !== "undefined" ) {
-				var ret = [], results = context.getElementsByName(match[1]);
+							while ( (node = ++nodeIndex && node && node[ dir ] ||
 
-				for ( var i = 0, l = results.length; i < l; i++ ) {
-					if ( results[i].getAttribute("name") === match[1] ) {
-						ret.push( results[i] );
-					}
-				}
+								(diff = nodeIndex = 0) || start.pop()) ) {
 
-				return ret.length === 0 ? null : ret;
-			}
-		},
-		TAG: function(match, context){
-			return context.getElementsByTagName(match[1]);
-		}
-	},
-	preFilter: {
-		CLASS: function(match, curLoop, inplace, result, not, isXML){
-			match = " " + match[1].replace(/\\/g, "") + " ";
+								if ( node.nodeType === 1 && ++diff && node === elem ) {
+									outerCache[ type ] = [ dirruns, nodeIndex, diff ];
+									break;
+								}
+							}
 
-			if ( isXML ) {
-				return match;
-			}
+						} else if ( useCache && (cache = (elem[ expando ] || (elem[ expando ] = {}))[ type ]) && cache[0] === dirruns ) {
+							diff = cache[1];
 
-			for ( var i = 0, elem; (elem = curLoop[i]) != null; i++ ) {
-				if ( elem ) {
-					if ( not ^ (elem.className && (" " + elem.className + " ").indexOf(match) >= 0) ) {
-						if ( !inplace )
-							result.push( elem );
-					} else if ( inplace ) {
-						curLoop[i] = false;
-					}
-				}
-			}
+						} else {
+							while ( (node = ++nodeIndex && node && node[ dir ] ||
+								(diff = nodeIndex = 0) || start.pop()) ) {
 
-			return false;
-		},
-		ID: function(match){
-			return match[1].replace(/\\/g, "");
-		},
-		TAG: function(match, curLoop){
-			for ( var i = 0; curLoop[i] === false; i++ ){}
-			return curLoop[i] && isXML(curLoop[i]) ? match[1] : match[1].toUpperCase();
-		},
-		CHILD: function(match){
-			if ( match[1] == "nth" ) {
-				var test = /(-?)(\d*)n((?:\+|-)?\d*)/.exec(
-					match[2] == "even" && "2n" || match[2] == "odd" && "2n+1" ||
-					!/\D/.test( match[2] ) && "0n+" + match[2] || match[2]);
-
-				match[2] = (test[1] + (test[2] || 1)) - 0;
-				match[3] = test[3] - 0;
-			}
+								if ( ( ofType ? node.nodeName.toLowerCase() === name : node.nodeType === 1 ) && ++diff ) {
+									if ( useCache ) {
+										(node[ expando ] || (node[ expando ] = {}))[ type ] = [ dirruns, diff ];
+									}
 
-			match[0] = done++;
+									if ( node === elem ) {
+										break;
+									}
+								}
+							}
+						}
 
-			return match;
+						diff -= last;
+						return diff === first || ( diff % first === 0 && diff / first >= 0 );
+					}
+				};
 		},
-		ATTR: function(match, curLoop, inplace, result, not, isXML){
-			var name = match[1].replace(/\\/g, "");
 
-			if ( !isXML && Expr.attrMap[name] ) {
-				match[1] = Expr.attrMap[name];
-			}
+		"PSEUDO": function( pseudo, argument ) {
+			var args,
+				fn = Expr.pseudos[ pseudo ] || Expr.setFilters[ pseudo.toLowerCase() ] ||
+					Sizzle.error( "unsupported pseudo: " + pseudo );
 
-			if ( match[2] === "~=" ) {
-				match[4] = " " + match[4] + " ";
+			if ( fn[ expando ] ) {
+				return fn( argument );
 			}
 
-			return match;
-		},
-		PSEUDO: function(match, curLoop, inplace, result, not){
-			if ( match[1] === "not" ) {
-				if ( ( chunker.exec(match[3]) || "" ).length > 1 || /^\w/.test(match[3]) ) {
-					match[3] = Sizzle(match[3], null, null, curLoop);
-				} else {
-					var ret = Sizzle.filter(match[3], curLoop, inplace, true ^ not);
-					if ( !inplace ) {
-						result.push.apply( result, ret );
-					}
-					return false;
-				}
-			} else if ( Expr.match.POS.test( match[0] ) || Expr.match.CHILD.test( match[0] ) ) {
-				return true;
+			if ( fn.length > 1 ) {
+				args = [ pseudo, pseudo, "", argument ];
+				return Expr.setFilters.hasOwnProperty( pseudo.toLowerCase() ) ?
+					markFunction(function( seed, matches ) {
+						var idx,
+							matched = fn( seed, argument ),
+							i = matched.length;
+						while ( i-- ) {
+							idx = indexOf.call( seed, matched[i] );
+							seed[ idx ] = !( matches[ idx ] = matched[i] );
+						}
+					}) :
+					function( elem ) {
+						return fn( elem, 0, args );
+					};
 			}
 
-			return match;
-		},
-		POS: function(match){
-			match.unshift( true );
-			return match;
+			return fn;
 		}
 	},
-	filters: {
-		enabled: function(elem){
-			return elem.disabled === false && elem.type !== "hidden";
-		},
-		disabled: function(elem){
-			return elem.disabled === true;
-		},
-		checked: function(elem){
-			return elem.checked === true;
-		},
-		selected: function(elem){
-			elem.parentNode.selectedIndex;
-			return elem.selected === true;
-		},
-		parent: function(elem){
-			return !!elem.firstChild;
-		},
-		empty: function(elem){
-			return !elem.firstChild;
-		},
-		has: function(elem, i, match){
-			return !!Sizzle( match[3], elem ).length;
-		},
-		header: function(elem){
-			return /h\d/i.test( elem.nodeName );
-		},
-		text: function(elem){
-			return "text" === elem.type;
-		},
-		radio: function(elem){
-			return "radio" === elem.type;
-		},
-		checkbox: function(elem){
-			return "checkbox" === elem.type;
-		},
-		file: function(elem){
-			return "file" === elem.type;
-		},
-		password: function(elem){
-			return "password" === elem.type;
+
+	pseudos: {
+		"not": markFunction(function( selector ) {
+			var input = [],
+				results = [],
+				matcher = compile( selector.replace( rtrim, "$1" ) );
+
+			return matcher[ expando ] ?
+				markFunction(function( seed, matches, context, xml ) {
+					var elem,
+						unmatched = matcher( seed, null, xml, [] ),
+						i = seed.length;
+
+					while ( i-- ) {
+						if ( (elem = unmatched[i]) ) {
+							seed[i] = !(matches[i] = elem);
+						}
+					}
+				}) :
+				function( elem, context, xml ) {
+					input[0] = elem;
+					matcher( input, null, xml, results );
+					return !results.pop();
+				};
+		}),
+
+		"has": markFunction(function( selector ) {
+			return function( elem ) {
+				return Sizzle( selector, elem ).length > 0;
+			};
+		}),
+
+		"contains": markFunction(function( text ) {
+			return function( elem ) {
+				return ( elem.textContent || elem.innerText || getText( elem ) ).indexOf( text ) > -1;
+			};
+		}),
+
+		"lang": markFunction( function( lang ) {
+			if ( !ridentifier.test(lang || "") ) {
+				Sizzle.error( "unsupported lang: " + lang );
+			}
+			lang = lang.replace( runescape, funescape ).toLowerCase();
+			return function( elem ) {
+				var elemLang;
+				do {
+					if ( (elemLang = documentIsHTML ?
+						elem.lang :
+						elem.getAttribute("xml:lang") || elem.getAttribute("lang")) ) {
+
+						elemLang = elemLang.toLowerCase();
+						return elemLang === lang || elemLang.indexOf( lang + "-" ) === 0;
+					}
+				} while ( (elem = elem.parentNode) && elem.nodeType === 1 );
+				return false;
+			};
+		}),
+
+		"target": function( elem ) {
+			var hash = window.location && window.location.hash;
+			return hash && hash.slice( 1 ) === elem.id;
 		},
-		submit: function(elem){
-			return "submit" === elem.type;
+
+		"root": function( elem ) {
+			return elem === docElem;
 		},
-		image: function(elem){
-			return "image" === elem.type;
+
+		"focus": function( elem ) {
+			return elem === document.activeElement && (!document.hasFocus || document.hasFocus()) && !!(elem.type || elem.href || ~elem.tabIndex);
 		},
-		reset: function(elem){
-			return "reset" === elem.type;
+
+		"enabled": function( elem ) {
+			return elem.disabled === false;
 		},
-		button: function(elem){
-			return "button" === elem.type || elem.nodeName.toUpperCase() === "BUTTON";
+
+		"disabled": function( elem ) {
+			return elem.disabled === true;
 		},
-		input: function(elem){
-			return /input|select|textarea|button/i.test(elem.nodeName);
-		}
-	},
-	setFilters: {
-		first: function(elem, i){
-			return i === 0;
+
+		"checked": function( elem ) {
+			var nodeName = elem.nodeName.toLowerCase();
+			return (nodeName === "input" && !!elem.checked) || (nodeName === "option" && !!elem.selected);
 		},
-		last: function(elem, i, match, array){
-			return i === array.length - 1;
+
+		"selected": function( elem ) {
+			if ( elem.parentNode ) {
+				elem.parentNode.selectedIndex;
+			}
+
+			return elem.selected === true;
 		},
-		even: function(elem, i){
-			return i % 2 === 0;
+
+		"empty": function( elem ) {
+			for ( elem = elem.firstChild; elem; elem = elem.nextSibling ) {
+				if ( elem.nodeType < 6 ) {
+					return false;
+				}
+			}
+			return true;
 		},
-		odd: function(elem, i){
-			return i % 2 === 1;
+
+		"parent": function( elem ) {
+			return !Expr.pseudos["empty"]( elem );
 		},
-		lt: function(elem, i, match){
-			return i < match[3] - 0;
+
+		"header": function( elem ) {
+			return rheader.test( elem.nodeName );
 		},
-		gt: function(elem, i, match){
-			return i > match[3] - 0;
+
+		"input": function( elem ) {
+			return rinputs.test( elem.nodeName );
 		},
-		nth: function(elem, i, match){
-			return match[3] - 0 == i;
+
+		"button": function( elem ) {
+			var name = elem.nodeName.toLowerCase();
+			return name === "input" && elem.type === "button" || name === "button";
 		},
-		eq: function(elem, i, match){
-			return match[3] - 0 == i;
-		}
-	},
-	filter: {
-		PSEUDO: function(elem, match, i, array){
-			var name = match[1], filter = Expr.filters[ name ];
-
-			if ( filter ) {
-				return filter( elem, i, match, array );
-			} else if ( name === "contains" ) {
-				return (elem.textContent || elem.innerText || "").indexOf(match[3]) >= 0;
-			} else if ( name === "not" ) {
-				var not = match[3];
-
-				for ( var i = 0, l = not.length; i < l; i++ ) {
-					if ( not[i] === elem ) {
-						return false;
-					}
-				}
 
-				return true;
-			}
+		"text": function( elem ) {
+			var attr;
+			return elem.nodeName.toLowerCase() === "input" &&
+				elem.type === "text" &&
+
+				( (attr = elem.getAttribute("type")) == null || attr.toLowerCase() === "text" );
 		},
-		CHILD: function(elem, match){
-			var type = match[1], node = elem;
-			switch (type) {
-				case 'only':
-				case 'first':
-					while ( (node = node.previousSibling) )  {
-						if ( node.nodeType === 1 ) return false;
-					}
-					if ( type == 'first') return true;
-					node = elem;
-				case 'last':
-					while ( (node = node.nextSibling) )  {
-						if ( node.nodeType === 1 ) return false;
-					}
-					return true;
-				case 'nth':
-					var first = match[2], last = match[3];
 
-					if ( first == 1 && last == 0 ) {
-						return true;
-					}
+		"first": createPositionalPseudo(function() {
+			return [ 0 ];
+		}),
 
-					var doneName = match[0],
-						parent = elem.parentNode;
+		"last": createPositionalPseudo(function( matchIndexes, length ) {
+			return [ length - 1 ];
+		}),
 
-					if ( parent && (parent.sizcache !== doneName || !elem.nodeIndex) ) {
-						var count = 0;
-						for ( node = parent.firstChild; node; node = node.nextSibling ) {
-							if ( node.nodeType === 1 ) {
-								node.nodeIndex = ++count;
-							}
-						}
-						parent.sizcache = doneName;
-					}
+		"eq": createPositionalPseudo(function( matchIndexes, length, argument ) {
+			return [ argument < 0 ? argument + length : argument ];
+		}),
 
-					var diff = elem.nodeIndex - last;
-					if ( first == 0 ) {
-						return diff == 0;
-					} else {
-						return ( diff % first == 0 && diff / first >= 0 );
-					}
+		"even": createPositionalPseudo(function( matchIndexes, length ) {
+			var i = 0;
+			for ( ; i < length; i += 2 ) {
+				matchIndexes.push( i );
 			}
-		},
-		ID: function(elem, match){
-			return elem.nodeType === 1 && elem.getAttribute("id") === match;
-		},
-		TAG: function(elem, match){
-			return (match === "*" && elem.nodeType === 1) || elem.nodeName === match;
-		},
-		CLASS: function(elem, match){
-			return (" " + (elem.className || elem.getAttribute("class")) + " ")
-				.indexOf( match ) > -1;
-		},
-		ATTR: function(elem, match){
-			var name = match[1],
-				result = Expr.attrHandle[ name ] ?
-					Expr.attrHandle[ name ]( elem ) :
-					elem[ name ] != null ?
-						elem[ name ] :
-						elem.getAttribute( name ),
-				value = result + "",
-				type = match[2],
-				check = match[4];
-
-			return result == null ?
-				type === "!=" :
-				type === "=" ?
-				value === check :
-				type === "*=" ?
-				value.indexOf(check) >= 0 :
-				type === "~=" ?
-				(" " + value + " ").indexOf(check) >= 0 :
-				!check ?
-				value && result !== false :
-				type === "!=" ?
-				value != check :
-				type === "^=" ?
-				value.indexOf(check) === 0 :
-				type === "$=" ?
-				value.substr(value.length - check.length) === check :
-				type === "|=" ?
-				value === check || value.substr(0, check.length + 1) === check + "-" :
-				false;
-		},
-		POS: function(elem, match, i, array){
-			var name = match[2], filter = Expr.setFilters[ name ];
+			return matchIndexes;
+		}),
 
-			if ( filter ) {
-				return filter( elem, i, match, array );
+		"odd": createPositionalPseudo(function( matchIndexes, length ) {
+			var i = 1;
+			for ( ; i < length; i += 2 ) {
+				matchIndexes.push( i );
 			}
-		}
+			return matchIndexes;
+		}),
+
+		"lt": createPositionalPseudo(function( matchIndexes, length, argument ) {
+			var i = argument < 0 ? argument + length : argument;
+			for ( ; --i >= 0; ) {
+				matchIndexes.push( i );
+			}
+			return matchIndexes;
+		}),
+
+		"gt": createPositionalPseudo(function( matchIndexes, length, argument ) {
+			var i = argument < 0 ? argument + length : argument;
+			for ( ; ++i < length; ) {
+				matchIndexes.push( i );
+			}
+			return matchIndexes;
+		})
 	}
 };
 
-var origPOS = Expr.match.POS;
+Expr.pseudos["nth"] = Expr.pseudos["eq"];
 
-for ( var type in Expr.match ) {
-	Expr.match[ type ] = new RegExp( Expr.match[ type ].source + /(?![^\[]*\])(?![^\(]*\))/.source );
-	Expr.leftMatch[ type ] = new RegExp( /(^(?:.|\r|\n)*?)/.source + Expr.match[ type ].source );
+for ( i in { radio: true, checkbox: true, file: true, password: true, image: true } ) {
+	Expr.pseudos[ i ] = createInputPseudo( i );
+}
+for ( i in { submit: true, reset: true } ) {
+	Expr.pseudos[ i ] = createButtonPseudo( i );
 }
 
-var makeArray = function(array, results) {
-	array = Array.prototype.slice.call( array, 0 );
+function setFilters() {}
+setFilters.prototype = Expr.filters = Expr.pseudos;
+Expr.setFilters = new setFilters();
 
-	if ( results ) {
-		results.push.apply( results, array );
-		return results;
+function tokenize( selector, parseOnly ) {
+	var matched, match, tokens, type,
+		soFar, groups, preFilters,
+		cached = tokenCache[ selector + " " ];
+
+	if ( cached ) {
+		return parseOnly ? 0 : cached.slice( 0 );
 	}
 
-	return array;
-};
+	soFar = selector;
+	groups = [];
+	preFilters = Expr.preFilter;
 
-try {
-	Array.prototype.slice.call( document.documentElement.childNodes, 0 );
+	while ( soFar ) {
 
-} catch(e){
-	makeArray = function(array, results) {
-		var ret = results || [];
+		if ( !matched || (match = rcomma.exec( soFar )) ) {
+			if ( match ) {
+				soFar = soFar.slice( match[0].length ) || soFar;
+			}
+			groups.push( (tokens = []) );
+		}
 
-		if ( toString.call(array) === "[object Array]" ) {
-			Array.prototype.push.apply( ret, array );
-		} else {
-			if ( typeof array.length === "number" ) {
-				for ( var i = 0, l = array.length; i < l; i++ ) {
-					ret.push( array[i] );
+		matched = false;
+
+		if ( (match = rcombinators.exec( soFar )) ) {
+			matched = match.shift();
+			tokens.push({
+				value: matched,
+				type: match[0].replace( rtrim, " " )
+			});
+			soFar = soFar.slice( matched.length );
+		}
+
+		for ( type in Expr.filter ) {
+			if ( (match = matchExpr[ type ].exec( soFar )) && (!preFilters[ type ] ||
+				(match = preFilters[ type ]( match ))) ) {
+				matched = match.shift();
+				tokens.push({
+					value: matched,
+					type: type,
+					matches: match
+				});
+				soFar = soFar.slice( matched.length );
+			}
+		}
+
+		if ( !matched ) {
+			break;
+		}
+	}
+
+	return parseOnly ?
+		soFar.length :
+		soFar ?
+			Sizzle.error( selector ) :
+			tokenCache( selector, groups ).slice( 0 );
+}
+
+function toSelector( tokens ) {
+	var i = 0,
+		len = tokens.length,
+		selector = "";
+	for ( ; i < len; i++ ) {
+		selector += tokens[i].value;
+	}
+	return selector;
+}
+
+function addCombinator( matcher, combinator, base ) {
+	var dir = combinator.dir,
+		checkNonElements = base && dir === "parentNode",
+		doneName = done++;
+
+	return combinator.first ?
+		function( elem, context, xml ) {
+			while ( (elem = elem[ dir ]) ) {
+				if ( elem.nodeType === 1 || checkNonElements ) {
+					return matcher( elem, context, xml );
+				}
+			}
+		} :
+
+		function( elem, context, xml ) {
+			var oldCache, outerCache,
+				newCache = [ dirruns, doneName ];
+
+			if ( xml ) {
+				while ( (elem = elem[ dir ]) ) {
+					if ( elem.nodeType === 1 || checkNonElements ) {
+						if ( matcher( elem, context, xml ) ) {
+							return true;
+						}
+					}
 				}
 			} else {
-				for ( var i = 0; array[i]; i++ ) {
-					ret.push( array[i] );
+				while ( (elem = elem[ dir ]) ) {
+					if ( elem.nodeType === 1 || checkNonElements ) {
+						outerCache = elem[ expando ] || (elem[ expando ] = {});
+						if ( (oldCache = outerCache[ dir ]) &&
+							oldCache[ 0 ] === dirruns && oldCache[ 1 ] === doneName ) {
+
+							return (newCache[ 2 ] = oldCache[ 2 ]);
+						} else {
+							outerCache[ dir ] = newCache;
+
+							if ( (newCache[ 2 ] = matcher( elem, context, xml )) ) {
+								return true;
+							}
+						}
+					}
 				}
 			}
-		}
+		};
+}
 
-		return ret;
-	};
+function elementMatcher( matchers ) {
+	return matchers.length > 1 ?
+		function( elem, context, xml ) {
+			var i = matchers.length;
+			while ( i-- ) {
+				if ( !matchers[i]( elem, context, xml ) ) {
+					return false;
+				}
+			}
+			return true;
+		} :
+		matchers[0];
 }
 
-var sortOrder;
+function multipleContexts( selector, contexts, results ) {
+	var i = 0,
+		len = contexts.length;
+	for ( ; i < len; i++ ) {
+		Sizzle( selector, contexts[i], results );
+	}
+	return results;
+}
 
-if ( document.documentElement.compareDocumentPosition ) {
-	sortOrder = function( a, b ) {
-		if ( !a.compareDocumentPosition || !b.compareDocumentPosition ) {
-			if ( a == b ) {
-				hasDuplicate = true;
+function condense( unmatched, map, filter, context, xml ) {
+	var elem,
+		newUnmatched = [],
+		i = 0,
+		len = unmatched.length,
+		mapped = map != null;
+
+	for ( ; i < len; i++ ) {
+		if ( (elem = unmatched[i]) ) {
+			if ( !filter || filter( elem, context, xml ) ) {
+				newUnmatched.push( elem );
+				if ( mapped ) {
+					map.push( i );
+				}
 			}
-			return 0;
 		}
+	}
 
-		var ret = a.compareDocumentPosition(b) & 4 ? -1 : a === b ? 0 : 1;
-		if ( ret === 0 ) {
-			hasDuplicate = true;
+	return newUnmatched;
+}
+
+function setMatcher( preFilter, selector, matcher, postFilter, postFinder, postSelector ) {
+	if ( postFilter && !postFilter[ expando ] ) {
+		postFilter = setMatcher( postFilter );
+	}
+	if ( postFinder && !postFinder[ expando ] ) {
+		postFinder = setMatcher( postFinder, postSelector );
+	}
+	return markFunction(function( seed, results, context, xml ) {
+		var temp, i, elem,
+			preMap = [],
+			postMap = [],
+			preexisting = results.length,
+
+			elems = seed || multipleContexts( selector || "*", context.nodeType ? [ context ] : context, [] ),
+
+			matcherIn = preFilter && ( seed || !selector ) ?
+				condense( elems, preMap, preFilter, context, xml ) :
+				elems,
+
+			matcherOut = matcher ?
+				postFinder || ( seed ? preFilter : preexisting || postFilter ) ?
+
+					[] :
+
+					results :
+				matcherIn;
+
+		if ( matcher ) {
+			matcher( matcherIn, matcherOut, context, xml );
 		}
-		return ret;
-	};
-} else if ( "sourceIndex" in document.documentElement ) {
-	sortOrder = function( a, b ) {
-		if ( !a.sourceIndex || !b.sourceIndex ) {
-			if ( a == b ) {
-				hasDuplicate = true;
+
+		if ( postFilter ) {
+			temp = condense( matcherOut, postMap );
+			postFilter( temp, [], context, xml );
+
+			i = temp.length;
+			while ( i-- ) {
+				if ( (elem = temp[i]) ) {
+					matcherOut[ postMap[i] ] = !(matcherIn[ postMap[i] ] = elem);
+				}
 			}
-			return 0;
 		}
 
-		var ret = a.sourceIndex - b.sourceIndex;
-		if ( ret === 0 ) {
-			hasDuplicate = true;
-		}
-		return ret;
-	};
-} else if ( document.createRange ) {
-	sortOrder = function( a, b ) {
-		if ( !a.ownerDocument || !b.ownerDocument ) {
-			if ( a == b ) {
-				hasDuplicate = true;
+		if ( seed ) {
+			if ( postFinder || preFilter ) {
+				if ( postFinder ) {
+					temp = [];
+					i = matcherOut.length;
+					while ( i-- ) {
+						if ( (elem = matcherOut[i]) ) {
+							temp.push( (matcherIn[i] = elem) );
+						}
+					}
+					postFinder( null, (matcherOut = []), temp, xml );
+				}
+
+				i = matcherOut.length;
+				while ( i-- ) {
+					if ( (elem = matcherOut[i]) &&
+						(temp = postFinder ? indexOf.call( seed, elem ) : preMap[i]) > -1 ) {
+
+						seed[temp] = !(results[temp] = elem);
+					}
+				}
+			}
+
+		} else {
+			matcherOut = condense(
+				matcherOut === results ?
+					matcherOut.splice( preexisting, matcherOut.length ) :
+					matcherOut
+			);
+			if ( postFinder ) {
+				postFinder( null, results, matcherOut, xml );
+			} else {
+				push.apply( results, matcherOut );
 			}
-			return 0;
 		}
+	});
+}
 
-		var aRange = a.ownerDocument.createRange(), bRange = b.ownerDocument.createRange();
-		aRange.setStart(a, 0);
-		aRange.setEnd(a, 0);
-		bRange.setStart(b, 0);
-		bRange.setEnd(b, 0);
-		var ret = aRange.compareBoundaryPoints(Range.START_TO_END, bRange);
-		if ( ret === 0 ) {
-			hasDuplicate = true;
+function matcherFromTokens( tokens ) {
+	var checkContext, matcher, j,
+		len = tokens.length,
+		leadingRelative = Expr.relative[ tokens[0].type ],
+		implicitRelative = leadingRelative || Expr.relative[" "],
+		i = leadingRelative ? 1 : 0,
+
+		matchContext = addCombinator( function( elem ) {
+			return elem === checkContext;
+		}, implicitRelative, true ),
+		matchAnyContext = addCombinator( function( elem ) {
+			return indexOf.call( checkContext, elem ) > -1;
+		}, implicitRelative, true ),
+		matchers = [ function( elem, context, xml ) {
+			return ( !leadingRelative && ( xml || context !== outermostContext ) ) || (
+				(checkContext = context).nodeType ?
+					matchContext( elem, context, xml ) :
+					matchAnyContext( elem, context, xml ) );
+		} ];
+
+	for ( ; i < len; i++ ) {
+		if ( (matcher = Expr.relative[ tokens[i].type ]) ) {
+			matchers = [ addCombinator(elementMatcher( matchers ), matcher) ];
+		} else {
+			matcher = Expr.filter[ tokens[i].type ].apply( null, tokens[i].matches );
+
+			if ( matcher[ expando ] ) {
+				j = ++i;
+				for ( ; j < len; j++ ) {
+					if ( Expr.relative[ tokens[j].type ] ) {
+						break;
+					}
+				}
+				return setMatcher(
+					i > 1 && elementMatcher( matchers ),
+					i > 1 && toSelector(
+						tokens.slice( 0, i - 1 ).concat({ value: tokens[ i - 2 ].type === " " ? "*" : "" })
+					).replace( rtrim, "$1" ),
+					matcher,
+					i < j && matcherFromTokens( tokens.slice( i, j ) ),
+					j < len && matcherFromTokens( (tokens = tokens.slice( j )) ),
+					j < len && toSelector( tokens )
+				);
+			}
+			matchers.push( matcher );
 		}
-		return ret;
-	};
+	}
+
+	return elementMatcher( matchers );
 }
 
-(function(){
-	var form = document.createElement("div"),
-		id = "script" + (new Date).getTime();
-	form.innerHTML = "<a name='" + id + "'/>";
+function matcherFromGroupMatchers( elementMatchers, setMatchers ) {
+	var bySet = setMatchers.length > 0,
+		byElement = elementMatchers.length > 0,
+		superMatcher = function( seed, context, xml, results, outermost ) {
+			var elem, j, matcher,
+				matchedCount = 0,
+				i = "0",
+				unmatched = seed && [],
+				setMatched = [],
+				contextBackup = outermostContext,
+				elems = seed || byElement && Expr.find["TAG"]( "*", outermost ),
+				dirrunsUnique = (dirruns += contextBackup == null ? 1 : Math.random() || 0.1),
+				len = elems.length;
+
+			if ( outermost ) {
+				outermostContext = context !== document && context;
+			}
+
+			for ( ; i !== len && (elem = elems[i]) != null; i++ ) {
+				if ( byElement && elem ) {
+					j = 0;
+					while ( (matcher = elementMatchers[j++]) ) {
+						if ( matcher( elem, context, xml ) ) {
+							results.push( elem );
+							break;
+						}
+					}
+					if ( outermost ) {
+						dirruns = dirrunsUnique;
+					}
+				}
 
-	var root = document.documentElement;
-	root.insertBefore( form, root.firstChild );
+				if ( bySet ) {
+					if ( (elem = !matcher && elem) ) {
+						matchedCount--;
+					}
 
-	if ( !!document.getElementById( id ) ) {
-		Expr.find.ID = function(match, context, isXML){
-			if ( typeof context.getElementById !== "undefined" && !isXML ) {
-				var m = context.getElementById(match[1]);
-				return m ? m.id === match[1] || typeof m.getAttributeNode !== "undefined" && m.getAttributeNode("id").nodeValue === match[1] ? [m] : undefined : [];
+					if ( seed ) {
+						unmatched.push( elem );
+					}
+				}
 			}
-		};
-
-		Expr.filter.ID = function(elem, match){
-			var node = typeof elem.getAttributeNode !== "undefined" && elem.getAttributeNode("id");
-			return elem.nodeType === 1 && node && node.nodeValue === match;
-		};
-	}
 
-	root.removeChild( form );
-	root = form = null; // release memory in IE
-})();
+			matchedCount += i;
+			if ( bySet && i !== matchedCount ) {
+				j = 0;
+				while ( (matcher = setMatchers[j++]) ) {
+					matcher( unmatched, setMatched, context, xml );
+				}
 
-(function(){
+				if ( seed ) {
+					if ( matchedCount > 0 ) {
+						while ( i-- ) {
+							if ( !(unmatched[i] || setMatched[i]) ) {
+								setMatched[i] = pop.call( results );
+							}
+						}
+					}
 
-	var div = document.createElement("div");
-	div.appendChild( document.createComment("") );
+					setMatched = condense( setMatched );
+				}
 
-	if ( div.getElementsByTagName("*").length > 0 ) {
-		Expr.find.TAG = function(match, context){
-			var results = context.getElementsByTagName(match[1]);
+				push.apply( results, setMatched );
 
-			if ( match[1] === "*" ) {
-				var tmp = [];
+				if ( outermost && !seed && setMatched.length > 0 &&
+					( matchedCount + setMatchers.length ) > 1 ) {
 
-				for ( var i = 0; results[i]; i++ ) {
-					if ( results[i].nodeType === 1 ) {
-						tmp.push( results[i] );
-					}
+					Sizzle.uniqueSort( results );
 				}
-
-				results = tmp;
 			}
 
-			return results;
-		};
-	}
+			if ( outermost ) {
+				dirruns = dirrunsUnique;
+				outermostContext = contextBackup;
+			}
 
-	div.innerHTML = "<a href='#'></a>";
-	if ( div.firstChild && typeof div.firstChild.getAttribute !== "undefined" &&
-			div.firstChild.getAttribute("href") !== "#" ) {
-		Expr.attrHandle.href = function(elem){
-			return elem.getAttribute("href", 2);
+			return unmatched;
 		};
-	}
 
-	div = null; // release memory in IE
-})();
-
-if ( document.querySelectorAll ) (function(){
-	var oldSizzle = Sizzle, div = document.createElement("div");
-	div.innerHTML = "<p class='TEST'></p>";
-
-	if ( div.querySelectorAll && div.querySelectorAll(".TEST").length === 0 ) {
-		return;
-	}
+	return bySet ?
+		markFunction( superMatcher ) :
+		superMatcher;
+}
 
-	Sizzle = function(query, context, extra, seed){
-		context = context || document;
+compile = Sizzle.compile = function( selector, match /* Internal Use Only */ ) {
+	var i,
+		setMatchers = [],
+		elementMatchers = [],
+		cached = compilerCache[ selector + " " ];
 
-		if ( !seed && context.nodeType === 9 && !isXML(context) ) {
-			try {
-				return makeArray( context.querySelectorAll(query), extra );
-			} catch(e){}
+	if ( !cached ) {
+		if ( !match ) {
+			match = tokenize( selector );
+		}
+		i = match.length;
+		while ( i-- ) {
+			cached = matcherFromTokens( match[i] );
+			if ( cached[ expando ] ) {
+				setMatchers.push( cached );
+			} else {
+				elementMatchers.push( cached );
+			}
 		}
 
-		return oldSizzle(query, context, extra, seed);
-	};
+		cached = compilerCache( selector, matcherFromGroupMatchers( elementMatchers, setMatchers ) );
 
-	for ( var prop in oldSizzle ) {
-		Sizzle[ prop ] = oldSizzle[ prop ];
+		cached.selector = selector;
 	}
+	return cached;
+};
 
-	div = null; // release memory in IE
-})();
+/**
+ * A low-level selection function that works with Sizzle's compiled
+ *  selector functions
+ * @param {String|Function} selector A selector or a pre-compiled
+ *  selector function built with Sizzle.compile
+ * @param {Element} context
+ * @param {Array} [results]
+ * @param {Array} [seed] A set of elements to match against
+ */
+select = Sizzle.select = function( selector, context, results, seed ) {
+	var i, tokens, token, type, find,
+		compiled = typeof selector === "function" && selector,
+		match = !seed && tokenize( (selector = compiled.selector || selector) );
 
-if ( document.getElementsByClassName && document.documentElement.getElementsByClassName ) (function(){
-	var div = document.createElement("div");
-	div.innerHTML = "<div class='test e'></div><div class='test'></div>";
+	results = results || [];
 
-	if ( div.getElementsByClassName("e").length === 0 )
-		return;
+	if ( match.length === 1 ) {
 
-	div.lastChild.className = "e";
+		tokens = match[0] = match[0].slice( 0 );
+		if ( tokens.length > 2 && (token = tokens[0]).type === "ID" &&
+				support.getById && context.nodeType === 9 && documentIsHTML &&
+				Expr.relative[ tokens[1].type ] ) {
 
-	if ( div.getElementsByClassName("e").length === 1 )
-		return;
+			context = ( Expr.find["ID"]( token.matches[0].replace(runescape, funescape), context ) || [] )[0];
+			if ( !context ) {
+				return results;
+
+			} else if ( compiled ) {
+				context = context.parentNode;
+			}
 
-	Expr.order.splice(1, 0, "CLASS");
-	Expr.find.CLASS = function(match, context, isXML) {
-		if ( typeof context.getElementsByClassName !== "undefined" && !isXML ) {
-			return context.getElementsByClassName(match[1]);
+			selector = selector.slice( tokens.shift().value.length );
 		}
-	};
 
-	div = null; // release memory in IE
-})();
+		i = matchExpr["needsContext"].test( selector ) ? 0 : tokens.length;
+		while ( i-- ) {
+			token = tokens[i];
 
-function dirNodeCheck( dir, cur, doneName, checkSet, nodeCheck, isXML ) {
-	var sibDir = dir == "previousSibling" && !isXML;
-	for ( var i = 0, l = checkSet.length; i < l; i++ ) {
-		var elem = checkSet[i];
-		if ( elem ) {
-			if ( sibDir && elem.nodeType === 1 ){
-				elem.sizcache = doneName;
-				elem.sizset = i;
+			if ( Expr.relative[ (type = token.type) ] ) {
+				break;
 			}
-			elem = elem[dir];
-			var match = false;
-
-			while ( elem ) {
-				if ( elem.sizcache === doneName ) {
-					match = checkSet[elem.sizset];
-					break;
-				}
-
-				if ( elem.nodeType === 1 && !isXML ){
-					elem.sizcache = doneName;
-					elem.sizset = i;
-				}
+			if ( (find = Expr.find[ type ]) ) {
+				if ( (seed = find(
+					token.matches[0].replace( runescape, funescape ),
+					rsibling.test( tokens[0].type ) && testContext( context.parentNode ) || context
+				)) ) {
+
+					tokens.splice( i, 1 );
+					selector = seed.length && toSelector( tokens );
+					if ( !selector ) {
+						push.apply( results, seed );
+						return results;
+					}
 
-				if ( elem.nodeName === cur ) {
-					match = elem;
 					break;
 				}
-
-				elem = elem[dir];
 			}
-
-			checkSet[i] = match;
 		}
 	}
-}
 
-function dirCheck( dir, cur, doneName, checkSet, nodeCheck, isXML ) {
-	var sibDir = dir == "previousSibling" && !isXML;
-	for ( var i = 0, l = checkSet.length; i < l; i++ ) {
-		var elem = checkSet[i];
-		if ( elem ) {
-			if ( sibDir && elem.nodeType === 1 ) {
-				elem.sizcache = doneName;
-				elem.sizset = i;
-			}
-			elem = elem[dir];
-			var match = false;
+	( compiled || compile( selector, match ) )(
+		seed,
+		context,
+		!documentIsHTML,
+		results,
+		rsibling.test( selector ) && testContext( context.parentNode ) || context
+	);
+	return results;
+};
 
-			while ( elem ) {
-				if ( elem.sizcache === doneName ) {
-					match = checkSet[elem.sizset];
-					break;
-				}
 
-				if ( elem.nodeType === 1 ) {
-					if ( !isXML ) {
-						elem.sizcache = doneName;
-						elem.sizset = i;
-					}
-					if ( typeof cur !== "string" ) {
-						if ( elem === cur ) {
-							match = true;
-							break;
-						}
+support.sortStable = expando.split("").sort( sortOrder ).join("") === expando;
 
-					} else if ( Sizzle.filter( cur, [elem] ).length > 0 ) {
-						match = elem;
-						break;
-					}
-				}
+support.detectDuplicates = !!hasDuplicate;
 
-				elem = elem[dir];
-			}
+setDocument();
 
-			checkSet[i] = match;
+support.sortDetached = assert(function( div1 ) {
+	return div1.compareDocumentPosition( document.createElement("div") ) & 1;
+});
+
+if ( !assert(function( div ) {
+	div.innerHTML = "<a href='#'></a>";
+	return div.firstChild.getAttribute("href") === "#" ;
+}) ) {
+	addHandle( "type|href|height|width", function( elem, name, isXML ) {
+		if ( !isXML ) {
+			return elem.getAttribute( name, name.toLowerCase() === "type" ? 1 : 2 );
 		}
-	}
+	});
 }
 
-var contains = document.compareDocumentPosition ?  function(a, b){
-	return a.compareDocumentPosition(b) & 16;
-} : function(a, b){
-	return a !== b && (a.contains ? a.contains(b) : true);
-};
-
-var isXML = function(elem){
-	return elem.nodeType === 9 && elem.documentElement.nodeName !== "HTML" ||
-		!!elem.ownerDocument && elem.ownerDocument.documentElement.nodeName !== "HTML";
-};
-
-var posProcess = function(selector, context){
-	var tmpSet = [], later = "", match,
-		root = context.nodeType ? [context] : context;
-
-	while ( (match = Expr.match.PSEUDO.exec( selector )) ) {
-		later += match[0];
-		selector = selector.replace( Expr.match.PSEUDO, "" );
-	}
-
-	selector = Expr.relative[selector] ? selector + "*" : selector;
+if ( !support.attributes || !assert(function( div ) {
+	div.innerHTML = "<input/>";
+	div.firstChild.setAttribute( "value", "" );
+	return div.firstChild.getAttribute( "value" ) === "";
+}) ) {
+	addHandle( "value", function( elem, name, isXML ) {
+		if ( !isXML && elem.nodeName.toLowerCase() === "input" ) {
+			return elem.defaultValue;
+		}
+	});
+}
 
-	for ( var i = 0, l = root.length; i < l; i++ ) {
-		Sizzle( selector, root[i], tmpSet );
-	}
+if ( !assert(function( div ) {
+	return div.getAttribute("disabled") == null;
+}) ) {
+	addHandle( booleans, function( elem, name, isXML ) {
+		var val;
+		if ( !isXML ) {
+			return elem[ name ] === true ? name.toLowerCase() :
+					(val = elem.getAttributeNode( name )) && val.specified ?
+					val.value :
+				null;
+		}
+	});
+}
 
-	return Sizzle.filter( later, tmpSet );
-};
+if ( typeof define === "function" && define.amd ) {
+	define(function() { return Sizzle; });
+} else if ( typeof module !== "undefined" && module.exports ) {
+	module.exports = Sizzle;
+} else {
+	window.Sizzle = Sizzle;
+}
 
+})( window );
 
-window.Sizzle = Sizzle;
+;(function() {
+  if (typeof Sizzle !== 'undefined') {
+    return;
+  }
 
+  if (typeof define !== 'undefined' && define.amd) {
+    window.Sizzle = Prototype._actual_sizzle;
+    window.define = Prototype._original_define;
+    delete Prototype._actual_sizzle;
+    delete Prototype._original_define;
+  } else if (typeof module !== 'undefined' && module.exports) {
+    window.Sizzle = module.exports;
+    module.exports = {};
+  }
 })();
 
 ;(function(engine) {
@@ -4977,15 +6325,23 @@ var Form = {
       accumulator = function(result, key, value) {
         if (key in result) {
           if (!Object.isArray(result[key])) result[key] = [result[key]];
-          result[key].push(value);
+          result[key] = result[key].concat(value);
         } else result[key] = value;
         return result;
       };
     } else {
       initial = '';
-      accumulator = function(result, key, value) {
-        return result + (result ? '&' : '') + encodeURIComponent(key) + '=' + encodeURIComponent(value);
-      }
+      accumulator = function(result, key, values) {
+        if (!Object.isArray(values)) {values = [values];}
+        if (!values.length) {return result;}
+        var encodedKey = encodeURIComponent(key).gsub(/%20/, '+');
+        return result + (result ? "&" : "") + values.map(function (value) {
+          value = value.gsub(/(\r)?\n/, '\r\n');
+          value = encodeURIComponent(value);
+          value = value.gsub(/%20/, '+');
+          return encodedKey + "=" + value;
+        }).join("&");
+      };
     }
 
     return elements.inject(initial, function(result, element) {
@@ -5006,19 +6362,16 @@ Form.Methods = {
     return Form.serializeElements(Form.getElements(form), options);
   },
 
+
   getElements: function(form) {
-    var elements = $(form).getElementsByTagName('*'),
-        element,
-        arr = [ ],
-        serializers = Form.Element.Serializers;
+    var elements = $(form).getElementsByTagName('*');
+    var element, results = [], serializers = Form.Element.Serializers;
+
     for (var i = 0; element = elements[i]; i++) {
-      arr.push(element);
+      if (serializers[element.tagName.toLowerCase()])
+        results.push(Element.extend(element));
     }
-    return arr.inject([], function(elements, child) {
-      if (serializers[child.tagName.toLowerCase()])
-        elements.push(Element.extend(child));
-      return elements;
-    })
+    return results;
   },
 
   getInputs: function(form, typeName, name) {
@@ -5328,7 +6681,11 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
     return Form.serialize(this.element);
   }
 });
-(function() {
+(function(GLOBAL) {
+  var DIV = document.createElement('div');
+  var docEl = document.documentElement;
+  var MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED = 'onmouseenter' in docEl
+   && 'onmouseleave' in docEl;
 
   var Event = {
     KEY_BACKSPACE: 8,
@@ -5344,16 +6701,9 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
     KEY_END:      35,
     KEY_PAGEUP:   33,
     KEY_PAGEDOWN: 34,
-    KEY_INSERT:   45,
-
-    cache: {}
+    KEY_INSERT:   45
   };
 
-  var docEl = document.documentElement;
-  var MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED = 'onmouseenter' in docEl
-    && 'onmouseleave' in docEl;
-
-
 
   var isIELegacyEvent = function(event) { return false; };
 
@@ -5409,6 +6759,10 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
   function isRightClick(event)  { return _isButton(event, 2) }
 
   function element(event) {
+    return Element.extend(_element(event));
+  }
+
+  function _element(event) {
     event = Event.extend(event);
 
     var node = event.target, type = event.type,
@@ -5421,20 +6775,15 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
             node = currentTarget;
     }
 
-    if (node.nodeType == Node.TEXT_NODE)
-      node = node.parentNode;
-
-    return Element.extend(node);
+    return node.nodeType == Node.TEXT_NODE ? node.parentNode : node;
   }
 
   function findElement(event, expression) {
-    var element = Event.element(event);
-
-    if (!expression) return element;
+    var element = _element(event), selector = Prototype.Selector;
+    if (!expression) return Element.extend(element);
     while (element) {
-      if (Object.isElement(element) && Prototype.Selector.match(element, expression)) {
+      if (Object.isElement(element) && selector.match(element, expression))
         return Element.extend(element);
-      }
       element = element.parentNode;
     }
   }
@@ -5546,198 +6895,268 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
     Object.extend(Event.prototype, methods);
   }
 
-  function _createResponder(element, eventName, handler) {
-    var registry = Element.retrieve(element, 'prototype_event_registry');
+  var EVENT_TRANSLATIONS = {
+    mouseenter: 'mouseover',
+    mouseleave: 'mouseout'
+  };
 
-    if (Object.isUndefined(registry)) {
-      CACHE.push(element);
-      registry = Element.retrieve(element, 'prototype_event_registry', $H());
-    }
+  function getDOMEventName(eventName) {
+    return EVENT_TRANSLATIONS[eventName] || eventName;
+  }
 
-    var respondersForEvent = registry.get(eventName);
-    if (Object.isUndefined(respondersForEvent)) {
-      respondersForEvent = [];
-      registry.set(eventName, respondersForEvent);
-    }
+  if (MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED)
+    getDOMEventName = Prototype.K;
 
-    if (respondersForEvent.pluck('handler').include(handler)) return false;
+  function getUniqueElementID(element) {
+    if (element === window) return 0;
 
-    var responder;
-    if (eventName.include(":")) {
-      responder = function(event) {
-        if (Object.isUndefined(event.eventName))
-          return false;
+    if (typeof element._prototypeUID === 'undefined')
+      element._prototypeUID = Element.Storage.UID++;
+    return element._prototypeUID;
+  }
 
-        if (event.eventName !== eventName)
-          return false;
+  function getUniqueElementID_IE(element) {
+    if (element === window) return 0;
+    if (element == document) return 1;
+    return element.uniqueID;
+  }
 
-        Event.extend(event, element);
-        handler.call(element, event);
-      };
-    } else {
-      if (!MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED &&
-       (eventName === "mouseenter" || eventName === "mouseleave")) {
-        if (eventName === "mouseenter" || eventName === "mouseleave") {
-          responder = function(event) {
-            Event.extend(event, element);
-
-            var parent = event.relatedTarget;
-            while (parent && parent !== element) {
-              try { parent = parent.parentNode; }
-              catch(e) { parent = element; }
-            }
-
-            if (parent === element) return;
-
-            handler.call(element, event);
-          };
-        }
-      } else {
-        responder = function(event) {
-          Event.extend(event, element);
-          handler.call(element, event);
-        };
-      }
-    }
+  if ('uniqueID' in DIV)
+    getUniqueElementID = getUniqueElementID_IE;
 
-    responder.handler = handler;
-    respondersForEvent.push(responder);
-    return responder;
+  function isCustomEvent(eventName) {
+    return eventName.include(':');
   }
 
-  function _destroyCache() {
-    for (var i = 0, length = CACHE.length; i < length; i++) {
-      Event.stopObserving(CACHE[i]);
-      CACHE[i] = null;
-    }
-  }
+  Event._isCustomEvent = isCustomEvent;
 
-  var CACHE = [];
+  function getOrCreateRegistryFor(element, uid) {
+    var CACHE = GLOBAL.Event.cache;
+    if (Object.isUndefined(uid))
+      uid = getUniqueElementID(element);
+    if (!CACHE[uid]) CACHE[uid] = { element: element };
+    return CACHE[uid];
+  }
 
-  if (Prototype.Browser.IE)
-    window.attachEvent('onunload', _destroyCache);
+  function destroyRegistryForElement(element, uid) {
+    if (Object.isUndefined(uid))
+      uid = getUniqueElementID(element);
+    delete GLOBAL.Event.cache[uid];
+  }
 
-  if (Prototype.Browser.WebKit)
-    window.addEventListener('unload', Prototype.emptyFunction, false);
 
+  function register(element, eventName, handler) {
+    var registry = getOrCreateRegistryFor(element);
+    if (!registry[eventName]) registry[eventName] = [];
+    var entries = registry[eventName];
 
-  var _getDOMEventName = Prototype.K,
-      translations = { mouseenter: "mouseover", mouseleave: "mouseout" };
+    var i = entries.length;
+    while (i--)
+      if (entries[i].handler === handler) return null;
 
-  if (!MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED) {
-    _getDOMEventName = function(eventName) {
-      return (translations[eventName] || eventName);
+    var uid = getUniqueElementID(element);
+    var responder = GLOBAL.Event._createResponder(uid, eventName, handler);
+    var entry = {
+      responder: responder,
+      handler:   handler
     };
+
+    entries.push(entry);
+    return entry;
   }
 
+  function unregister(element, eventName, handler) {
+    var registry = getOrCreateRegistryFor(element);
+    var entries = registry[eventName] || [];
+
+    var i = entries.length, entry;
+    while (i--) {
+      if (entries[i].handler === handler) {
+        entry = entries[i];
+        break;
+      }
+    }
+
+    if (entry) {
+      var index = entries.indexOf(entry);
+      entries.splice(index, 1);
+    }
+
+    if (entries.length === 0) {
+      delete registry[eventName];
+      if (Object.keys(registry).length === 1 && ('element' in registry))
+        destroyRegistryForElement(element);
+    }
+
+    return entry;
+  }
+
+
   function observe(element, eventName, handler) {
     element = $(element);
+    var entry = register(element, eventName, handler);
 
-    var responder = _createResponder(element, eventName, handler);
+    if (entry === null) return element;
 
-    if (!responder) return element;
+    var responder = entry.responder;
+    if (isCustomEvent(eventName))
+      observeCustomEvent(element, eventName, responder);
+    else
+      observeStandardEvent(element, eventName, responder);
 
-    if (eventName.include(':')) {
-      if (element.addEventListener)
-        element.addEventListener("dataavailable", responder, false);
-      else {
-        element.attachEvent("ondataavailable", responder);
-        element.attachEvent("onlosecapture", responder);
-      }
-    } else {
-      var actualEventName = _getDOMEventName(eventName);
+    return element;
+  }
 
-      if (element.addEventListener)
-        element.addEventListener(actualEventName, responder, false);
-      else
-        element.attachEvent("on" + actualEventName, responder);
+  function observeStandardEvent(element, eventName, responder) {
+    var actualEventName = getDOMEventName(eventName);
+    if (element.addEventListener) {
+      element.addEventListener(actualEventName, responder, false);
+    } else {
+      element.attachEvent('on' + actualEventName, responder);
     }
+  }
 
-    return element;
+  function observeCustomEvent(element, eventName, responder) {
+    if (element.addEventListener) {
+      element.addEventListener('dataavailable', responder, false);
+    } else {
+      element.attachEvent('ondataavailable', responder);
+      element.attachEvent('onlosecapture',   responder);
+    }
   }
 
   function stopObserving(element, eventName, handler) {
     element = $(element);
+    var handlerGiven = !Object.isUndefined(handler),
+     eventNameGiven = !Object.isUndefined(eventName);
 
-    var registry = Element.retrieve(element, 'prototype_event_registry');
-    if (!registry) return element;
-
-    if (!eventName) {
-      registry.each( function(pair) {
-        var eventName = pair.key;
-        stopObserving(element, eventName);
-      });
+    if (!eventNameGiven && !handlerGiven) {
+      stopObservingElement(element);
       return element;
     }
 
-    var responders = registry.get(eventName);
-    if (!responders) return element;
-
-    if (!handler) {
-      responders.each(function(r) {
-        stopObserving(element, eventName, r.handler);
-      });
+    if (!handlerGiven) {
+      stopObservingEventName(element, eventName);
       return element;
     }
 
-    var i = responders.length, responder;
-    while (i--) {
-      if (responders[i].handler === handler) {
-        responder = responders[i];
-        break;
-      }
+    var entry = unregister(element, eventName, handler);
+
+    if (!entry) return element;
+    removeEvent(element, eventName, entry.responder);
+    return element;
+  }
+
+  function stopObservingStandardEvent(element, eventName, responder) {
+    var actualEventName = getDOMEventName(eventName);
+    if (element.removeEventListener) {
+      element.removeEventListener(actualEventName, responder, false);
+    } else {
+      element.detachEvent('on' + actualEventName, responder);
     }
-    if (!responder) return element;
+  }
 
-    if (eventName.include(':')) {
-      if (element.removeEventListener)
-        element.removeEventListener("dataavailable", responder, false);
-      else {
-        element.detachEvent("ondataavailable", responder);
-        element.detachEvent("onlosecapture", responder);
-      }
+  function stopObservingCustomEvent(element, eventName, responder) {
+    if (element.removeEventListener) {
+      element.removeEventListener('dataavailable', responder, false);
     } else {
-      var actualEventName = _getDOMEventName(eventName);
-      if (element.removeEventListener)
-        element.removeEventListener(actualEventName, responder, false);
-      else
-        element.detachEvent('on' + actualEventName, responder);
+      element.detachEvent('ondataavailable', responder);
+      element.detachEvent('onlosecapture',   responder);
     }
+  }
 
-    registry.set(eventName, responders.without(responder));
 
-    return element;
+
+  function stopObservingElement(element) {
+    var uid = getUniqueElementID(element), registry = GLOBAL.Event.cache[uid];
+    if (!registry) return;
+
+    destroyRegistryForElement(element, uid);
+
+    var entries, i;
+    for (var eventName in registry) {
+      if (eventName === 'element') continue;
+
+      entries = registry[eventName];
+      i = entries.length;
+      while (i--)
+        removeEvent(element, eventName, entries[i].responder);
+    }
   }
 
-  function fire(element, eventName, memo, bubble) {
-    element = $(element);
+  function stopObservingEventName(element, eventName) {
+    var registry = getOrCreateRegistryFor(element);
+    var entries = registry[eventName];
+    if (entries) {
+      delete registry[eventName];
+    }
 
-    if (Object.isUndefined(bubble))
-      bubble = true;
+    entries = entries || [];
 
-    if (element == document && document.createEvent && !element.dispatchEvent)
-      element = document.documentElement;
+    var i = entries.length;
+    while (i--)
+      removeEvent(element, eventName, entries[i].responder);
 
-    var event;
-    if (document.createEvent) {
-      event = document.createEvent('HTMLEvents');
-      event.initEvent('dataavailable', bubble, true);
-    } else {
-      event = document.createEventObject();
-      event.eventType = bubble ? 'ondataavailable' : 'onlosecapture';
+    for (var name in registry) {
+      if (name === 'element') continue;
+      return; // There is another registered event
     }
 
-    event.eventName = eventName;
-    event.memo = memo || { };
+    destroyRegistryForElement(element);
+  }
 
-    if (document.createEvent)
-      element.dispatchEvent(event);
+
+  function removeEvent(element, eventName, handler) {
+    if (isCustomEvent(eventName))
+      stopObservingCustomEvent(element, eventName, handler);
     else
-      element.fireEvent(event.eventType, event);
+      stopObservingStandardEvent(element, eventName, handler);
+  }
+
+
 
+  function getFireTarget(element) {
+    if (element !== document) return element;
+    if (document.createEvent && !element.dispatchEvent)
+      return document.documentElement;
+    return element;
+  }
+
+  function fire(element, eventName, memo, bubble) {
+    element = getFireTarget($(element));
+    if (Object.isUndefined(bubble)) bubble = true;
+    memo = memo || {};
+
+    var event = fireEvent(element, eventName, memo, bubble);
     return Event.extend(event);
   }
 
+  function fireEvent_DOM(element, eventName, memo, bubble) {
+    var event = document.createEvent('HTMLEvents');
+    event.initEvent('dataavailable', bubble, true);
+
+    event.eventName = eventName;
+    event.memo = memo;
+
+    element.dispatchEvent(event);
+    return event;
+  }
+
+  function fireEvent_IE(element, eventName, memo, bubble) {
+    var event = document.createEventObject();
+    event.eventType = bubble ? 'ondataavailable' : 'onlosecapture';
+
+    event.eventName = eventName;
+    event.memo = memo;
+
+    element.fireEvent(event.eventType, event);
+    return event;
+  }
+
+  var fireEvent = document.createEvent ? fireEvent_DOM : fireEvent_IE;
+
+
+
   Event.Handler = Class.create({
     initialize: function(element, eventName, selector, callback) {
       this.element   = $(element);
@@ -5747,6 +7166,7 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
       this.handler   = this.handleEvent.bind(this);
     },
 
+
     start: function() {
       Event.observe(this.element, this.eventName, this.handler);
       return this;
@@ -5803,59 +7223,145 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
     loaded:        false
   });
 
-  if (window.Event) Object.extend(window.Event, Event);
-  else window.Event = Event;
-})();
+  if (GLOBAL.Event) Object.extend(window.Event, Event);
+  else GLOBAL.Event = Event;
 
-(function() {
+  GLOBAL.Event.cache = {};
+
+  function destroyCache_IE() {
+    GLOBAL.Event.cache = null;
+  }
+
+  if (window.attachEvent)
+    window.attachEvent('onunload', destroyCache_IE);
+
+  DIV = null;
+  docEl = null;
+})(this);
+
+(function(GLOBAL) {
+  /* Code for creating leak-free event responders is based on work by
+   John-David Dalton. */
+
+  var docEl = document.documentElement;
+  var MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED = 'onmouseenter' in docEl
+    && 'onmouseleave' in docEl;
+
+  function isSimulatedMouseEnterLeaveEvent(eventName) {
+    return !MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED &&
+     (eventName === 'mouseenter' || eventName === 'mouseleave');
+  }
+
+  function createResponder(uid, eventName, handler) {
+    if (Event._isCustomEvent(eventName))
+      return createResponderForCustomEvent(uid, eventName, handler);
+    if (isSimulatedMouseEnterLeaveEvent(eventName))
+      return createMouseEnterLeaveResponder(uid, eventName, handler);
+
+    return function(event) {
+      if (!Event.cache) return;
+
+      var element = Event.cache[uid].element;
+      Event.extend(event, element);
+      handler.call(element, event);
+    };
+  }
+
+  function createResponderForCustomEvent(uid, eventName, handler) {
+    return function(event) {
+      var cache = Event.cache[uid];
+      var element =  cache && cache.element;
+
+      if (Object.isUndefined(event.eventName))
+        return false;
+
+      if (event.eventName !== eventName)
+        return false;
+
+      Event.extend(event, element);
+      handler.call(element, event);
+    };
+  }
+
+  function createMouseEnterLeaveResponder(uid, eventName, handler) {
+    return function(event) {
+      var element = Event.cache[uid].element;
+
+      Event.extend(event, element);
+      var parent = event.relatedTarget;
+
+      while (parent && parent !== element) {
+        try { parent = parent.parentNode; }
+        catch(e) { parent = element; }
+      }
+
+      if (parent === element) return;
+      handler.call(element, event);
+    }
+  }
+
+  GLOBAL.Event._createResponder = createResponder;
+  docEl = null;
+})(this);
+
+(function(GLOBAL) {
   /* Support for the DOMContentLoaded event is based on work by Dan Webb,
      Matthias Miller, Dean Edwards, John Resig, and Diego Perini. */
 
-  var timer;
+  var TIMER;
 
   function fireContentLoadedEvent() {
     if (document.loaded) return;
-    if (timer) window.clearTimeout(timer);
+    if (TIMER) window.clearTimeout(TIMER);
     document.loaded = true;
     document.fire('dom:loaded');
   }
 
   function checkReadyState() {
     if (document.readyState === 'complete') {
-      document.stopObserving('readystatechange', checkReadyState);
+      document.detachEvent('onreadystatechange', checkReadyState);
       fireContentLoadedEvent();
     }
   }
 
   function pollDoScroll() {
-    try { document.documentElement.doScroll('left'); }
-    catch(e) {
-      timer = pollDoScroll.defer();
+    try {
+      document.documentElement.doScroll('left');
+    } catch (e) {
+      TIMER = pollDoScroll.defer();
       return;
     }
+
+    fireContentLoadedEvent();
+  }
+
+
+  if (document.readyState === 'complete') {
     fireContentLoadedEvent();
+    return;
   }
 
   if (document.addEventListener) {
     document.addEventListener('DOMContentLoaded', fireContentLoadedEvent, false);
   } else {
-    document.observe('readystatechange', checkReadyState);
-    if (window == top)
-      timer = pollDoScroll.defer();
+    document.attachEvent('onreadystatechange', checkReadyState);
+    if (window == top) TIMER = pollDoScroll.defer();
   }
 
   Event.observe(window, 'load', fireContentLoadedEvent);
-})();
+})(this);
 
-Element.addMethods();
 
+Element.addMethods();
 /*------------------------------- DEPRECATED -------------------------------*/
 
 Hash.toQueryString = Object.toQueryString;
 
 var Toggle = { display: Element.toggle };
 
-Element.Methods.childOf = Element.Methods.descendantOf;
+Element.addMethods({
+  childOf: Element.Methods.descendantOf
+});
 
 var Insertion = {
   Before: function(element, content) {
@@ -5997,10 +7503,10 @@ Element.ClassNames.prototype = {
     this.element = $(element);
   },
 
-  _each: function(iterator) {
+  _each: function(iterator, context) {
     this.element.className.split(/\s+/).select(function(name) {
       return name.length > 0;
-    })._each(iterator);
+    })._each(iterator, context);
   },
 
   set: function(className) {
-- 
GitLab


From 54e654faeca669ea51768f9c52b08314cb8da1a8 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Thu, 1 Mar 2012 18:50:05 -0800
Subject: [PATCH 072/863] [JENKINS-11618] backporting the fix here.

I actually applied the diff from
6904bb61e31595b70260840937114e79a646da5d in keyboard-shortcuts-plugin
---
 war/src/main/webapp/scripts/prototype.js | 25 +++++++++++++++++++++++-
 1 file changed, 24 insertions(+), 1 deletion(-)

diff --git a/war/src/main/webapp/scripts/prototype.js b/war/src/main/webapp/scripts/prototype.js
index cc89dafcd6..b5e0dbc60b 100644
--- a/war/src/main/webapp/scripts/prototype.js
+++ b/war/src/main/webapp/scripts/prototype.js
@@ -350,7 +350,30 @@ var Class = (function() {
   extend(Object, {
     extend:        extend,
     inspect:       inspect,
-    toJSON:        NATIVE_JSON_STRINGIFY_SUPPORT ? stringify : toJSON,
+
+    // JENKINS-11618
+    //toJSON:        NATIVE_JSON_STRINGIFY_SUPPORT ? stringify : toJSON,
+    toJSON: function(object) {
+      var type = typeof object;
+      switch(type) {
+        case 'undefined':
+        case 'function':
+        case 'unknown': return;
+        case 'boolean': return object.toString();
+      }
+      if (object === null) return 'null';
+      // "|| object.toJSON" below is workaround for Opera 10.52/53 bug, see HUDSON-6424
+      if (object.toJSON || object.toJSON) return object.toJSON();
+      if (object.ownerDocument === document) return;
+      var results = [];
+      for (var property in object) {
+        var value = Object.toJSON(object[property]);
+        if (value !== undefined)
+          results.push(property.toJSON() + ': ' + value);
+      }
+      return '{' + results.join(', ') + '}';
+    },
+
     toQueryString: toQueryString,
     toHTML:        toHTML,
     keys:          Object.keys || keys,
-- 
GitLab


From 8d314842975fb6c7a189ae9a76c8ed20725bb610 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Thu, 1 Mar 2012 18:56:24 -0800
Subject: [PATCH 073/863] Cherry-picking
 c6acb5b8d55a1402ecf95c21aa9c359c4b80db8c

---
 war/src/main/webapp/scripts/prototype.js | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/war/src/main/webapp/scripts/prototype.js b/war/src/main/webapp/scripts/prototype.js
index b5e0dbc60b..3e70ff4345 100644
--- a/war/src/main/webapp/scripts/prototype.js
+++ b/war/src/main/webapp/scripts/prototype.js
@@ -1716,6 +1716,14 @@ Ajax.Base = Class.create({
 
     if (Object.isHash(this.options.parameters))
       this.options.parameters = this.options.parameters.toObject();
+  
+    // KK patch -- handle crumb for POST automatically by adding a header
+    if(this.options.method=="post") {
+        if(this.options.requestHeaders==undefined)
+            this.options.requestHeaders = {};
+        crumb.wrap(this.options.requestHeaders);
+    }
+    // KK patch until here
   }
 });
 Ajax.Request = Class.create(Ajax.Base, {
-- 
GitLab


From 182da887b0e7a0bc9b87b23c0b186653e0c1e611 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Thu, 1 Mar 2012 19:04:06 -0800
Subject: [PATCH 074/863] Disabling automatic JSON evaluation.

This is an adopted version of 8b1e071d22e09cb16946b9c7cfc244bff3b53dfd.
Since 1.7 has a flag to disable this behaviour, I think a better fix is
to disable this flag by default.
---
 war/src/main/webapp/scripts/prototype.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/war/src/main/webapp/scripts/prototype.js b/war/src/main/webapp/scripts/prototype.js
index 3e70ff4345..8b549ca6fc 100644
--- a/war/src/main/webapp/scripts/prototype.js
+++ b/war/src/main/webapp/scripts/prototype.js
@@ -1708,7 +1708,7 @@ Ajax.Base = Class.create({
       encoding:     'UTF-8',
       parameters:   '',
       evalJSON:     true,
-      evalJS:       true
+      evalJS:       false
     };
     Object.extend(this.options, options || { });
 
-- 
GitLab


From 3ebecc3cf79d058af2b451e69c57d4fc851314dd Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Thu, 1 Mar 2012 19:17:03 -0800
Subject: [PATCH 075/863] Backporting 918fc6e6cad5ef2a2c5018ecad0b8a791d6bec1f

made to work with <textarea>s, too.

git-svn-id:
https://hudson.dev.java.net/svn/hudson/trunk/hudson/main@8172
71c3de6d-444a-0410-be80-ed276b4c234a
---
 war/src/main/webapp/scripts/prototype.js | 27 ++++++++++++++++--------
 1 file changed, 18 insertions(+), 9 deletions(-)

diff --git a/war/src/main/webapp/scripts/prototype.js b/war/src/main/webapp/scripts/prototype.js
index 8b549ca6fc..c6be49d021 100644
--- a/war/src/main/webapp/scripts/prototype.js
+++ b/war/src/main/webapp/scripts/prototype.js
@@ -6408,15 +6408,24 @@ Form.Methods = {
   getInputs: function(form, typeName, name) {
     form = $(form);
     var inputs = form.getElementsByTagName('input');
-
-    if (!typeName && !name) return $A(inputs).map(Element.extend);
-
-    for (var i = 0, matchingInputs = [], length = inputs.length; i < length; i++) {
-      var input = inputs[i];
-      if ((typeName && input.type != typeName) || (name && input.name != name))
-        continue;
-      matchingInputs.push(Element.extend(input));
-    }
+    var textareas = form.getElementsByTagName('textarea');
+    // KK patch
+    var selects = form.getElementsByTagName('select');
+
+    if (!typeName && !name) return $A(inputs).concat($A(textareas)).concat($A(selects)).map(Element.extend);
+
+    var matchingInputs = [];
+    var f = function(inputs) {
+      for (var i = 0, length = inputs.length; i < length; i++) {
+        var input = inputs[i];
+        if ((typeName && input.type != typeName) || (name && input.name != name))
+          continue;
+        matchingInputs.push(Element.extend(input));
+      }
+    };
+    f(inputs);
+    f(textareas);
+    f(selects);
 
     return matchingInputs;
   },
-- 
GitLab


From 96ceca6d0e1cae8af5d5f5c242a310a2dae949b1 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Thu, 1 Mar 2012 22:10:54 -0800
Subject: [PATCH 076/863] [JENKINS-11618] Adding back the 'toJSON' instance
 method.

This change, in parallel to a fix in stapler bind.js, would maximize the
backward compatibility.
---
 war/src/main/webapp/scripts/prototype.js | 28 ++++++++++++++++++++++--
 1 file changed, 26 insertions(+), 2 deletions(-)

diff --git a/war/src/main/webapp/scripts/prototype.js b/war/src/main/webapp/scripts/prototype.js
index c6be49d021..2f9d5d9ef7 100644
--- a/war/src/main/webapp/scripts/prototype.js
+++ b/war/src/main/webapp/scripts/prototype.js
@@ -742,6 +742,10 @@ Object.extend(String.prototype, (function() {
     return "'" + escapedString.replace(/'/g, '\\\'') + "'";
   }
 
+  function toJSON() {
+    return this.inspect(true);
+  }
+
   function unfilterJSON(filter) {
     return this.replace(filter || Prototype.JSONFilter, '$1');
   }
@@ -827,6 +831,7 @@ Object.extend(String.prototype, (function() {
     dasherize:      dasherize,
     inspect:        inspect,
     unfilterJSON:   unfilterJSON,
+    toJSON:         toJSON,
     isJSON:         isJSON,
     evalJSON:       NATIVE_JSON_PARSE_SUPPORT ? parseJSON : evalJSON,
     include:        include,
@@ -1215,6 +1220,15 @@ Array.from = $A;
     return '[' + this.map(Object.inspect).join(', ') + ']';
   }
 
+  function toJSON() {
+    var results = [];
+    this.each(function(object) {
+      var value = Object.toJSON(object);
+      if (value !== undefined) results.push(value);
+    });
+    return '[' + results.join(', ') + ']';
+  }
+
   function indexOf(item, i) {
     if (this == null) throw new TypeError();
 
@@ -1409,6 +1423,7 @@ Array.from = $A;
     reverse:   reverse,
     uniq:      uniq,
     intersect: intersect,
+    toJSON:    toJSON,
     clone:     clone,
     toArray:   clone,
     size:      size,
@@ -1527,6 +1542,10 @@ var Hash = Class.create(Enumerable, (function() {
     }).join(', ') + '}>';
   }
 
+  function toJSON() {
+    return this.toObject().toJSON();
+  }
+
   function clone() {
     return new Hash(this);
   }
@@ -1546,7 +1565,7 @@ var Hash = Class.create(Enumerable, (function() {
     update:                 update,
     toQueryString:          toQueryString,
     inspect:                inspect,
-    toJSON:                 toObject,
+    toJSON:                 toJSON,
     clone:                  clone
   };
 })());
@@ -1571,6 +1590,10 @@ Object.extend(Number.prototype, (function() {
     return '0'.times(length - string.length) + string;
   }
 
+  function toJSON() {
+    return isFinite(this) ? this.toString() : 'null';
+  }
+
   function abs() {
     return Math.abs(this);
   }
@@ -1592,6 +1615,7 @@ Object.extend(Number.prototype, (function() {
     succ:           succ,
     times:          times,
     toPaddedString: toPaddedString,
+    toJSON:         toJSON,
     abs:            abs,
     round:          round,
     ceil:           ceil,
@@ -1716,7 +1740,7 @@ Ajax.Base = Class.create({
 
     if (Object.isHash(this.options.parameters))
       this.options.parameters = this.options.parameters.toObject();
-  
+
     // KK patch -- handle crumb for POST automatically by adding a header
     if(this.options.method=="post") {
         if(this.options.requestHeaders==undefined)
-- 
GitLab


From 88aec821d931c410997bee94a7c806dad8dcf494 Mon Sep 17 00:00:00 2001
From: tfennelly <tom.fennelly@gmail.com>
Date: Fri, 24 Jul 2015 12:08:02 +0100
Subject: [PATCH 077/863] Removed prototypejs extended create syntax support
 check (always returning false)

---
 war/src/main/webapp/scripts/prototype.js | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/war/src/main/webapp/scripts/prototype.js b/war/src/main/webapp/scripts/prototype.js
index 2f9d5d9ef7..d636b1c52d 100644
--- a/war/src/main/webapp/scripts/prototype.js
+++ b/war/src/main/webapp/scripts/prototype.js
@@ -2135,13 +2135,7 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
   }
 
   var HAS_EXTENDED_CREATE_ELEMENT_SYNTAX = (function(){
-    try {
-      var el = document.createElement('<input name="x">');
-      return el.tagName.toLowerCase() === 'input' && el.name === 'x';
-    }
-    catch(err) {
-      return false;
-    }
+    return false;
   })();
 
 
-- 
GitLab


From fbe71717f6f89890a3656d4bceb0a436f1a73605 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sun, 4 Feb 2018 08:13:14 +0100
Subject: [PATCH 078/863] Updated SSHD Module to 2.4 to bundle SSHD Core 1.7.0

---
 war/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/war/pom.xml b/war/pom.xml
index 433d9ddde2..3866ee7f9a 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -130,7 +130,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>org.jenkins-ci.modules</groupId>
       <artifactId>sshd</artifactId>
-      <version>2.3</version>
+      <version>2.4</version>
     </dependency>
     <dependency>
       <groupId>org.jenkins-ci.ui</groupId>
-- 
GitLab


From f160d161c2701df539e47ee1ae64af8780a9524a Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 4 Feb 2018 14:37:51 -0800
Subject: [PATCH 079/863] [maven-release-plugin] prepare release jenkins-2.105

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index e306fa9f74..891471150e 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.105-SNAPSHOT</version>
+    <version>2.105</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 90a39c3a48..524a505855 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.105-SNAPSHOT</version>
+    <version>2.105</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 7b0f061f03..8162619869 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.105-SNAPSHOT</version>
+  <version>2.105</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.105</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 79cb741f3c..3b39729a66 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.105-SNAPSHOT</version>
+    <version>2.105</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 433d9ddde2..34e37003a0 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.105-SNAPSHOT</version>
+    <version>2.105</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From e5d25038b4079a27084e3872a48416bac7e305df Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 4 Feb 2018 14:37:51 -0800
Subject: [PATCH 080/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 891471150e..4d70defcf0 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.105</version>
+    <version>2.106-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 524a505855..929e140400 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.105</version>
+    <version>2.106-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 8162619869..5320d6507b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.105</version>
+  <version>2.106-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.105</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 3b39729a66..41d2fe3e1b 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.105</version>
+    <version>2.106-SNAPSHOT</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 34e37003a0..7ac74a69ae 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.105</version>
+    <version>2.106-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 491718f4f7411a3bccbbfb28e27d96163cdb97fa Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 5 Feb 2018 13:51:13 +0100
Subject: [PATCH 081/863] Follow standard databinding pattern

In order for this to behave more uniformly with other systems like CaC,
it's preferrable not to override the newInstance method and instead use
the standard annotation.

Issue: https://github.com/jenkinsci/configuration-as-code-plugin/issues/24
---
 .../java/hudson/security/LegacySecurityRealm.java     | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/core/src/main/java/hudson/security/LegacySecurityRealm.java b/core/src/main/java/hudson/security/LegacySecurityRealm.java
index 116e50b2c9..8f4cc84e7a 100644
--- a/core/src/main/java/hudson/security/LegacySecurityRealm.java
+++ b/core/src/main/java/hudson/security/LegacySecurityRealm.java
@@ -29,13 +29,12 @@ import org.acegisecurity.AuthenticationException;
 import org.jenkinsci.Symbol;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
+import org.kohsuke.stapler.DataBoundConstructor;
 import org.springframework.web.context.WebApplicationContext;
-import org.kohsuke.stapler.StaplerRequest;
 import groovy.lang.Binding;
 import hudson.model.Descriptor;
 import hudson.util.spring.BeanBuilder;
 import hudson.Extension;
-import net.sf.json.JSONObject;
 
 import javax.servlet.Filter;
 import javax.servlet.FilterConfig;
@@ -48,6 +47,10 @@ import javax.servlet.FilterConfig;
  * @author Kohsuke Kawaguchi
  */
 public final class LegacySecurityRealm extends SecurityRealm implements AuthenticationManager {
+    @DataBoundConstructor
+    public LegacySecurityRealm() {
+    }
+
     public SecurityComponents createSecurityComponents() {
         return new SecurityComponents(this);
     }
@@ -104,10 +107,6 @@ public final class LegacySecurityRealm extends SecurityRealm implements Authenti
             DESCRIPTOR = this;
         }
 
-        public SecurityRealm newInstance(StaplerRequest req, JSONObject formData) throws FormException {
-            return new LegacySecurityRealm();
-        }
-
         public String getDisplayName() {
             return Messages.LegacySecurityRealm_Displayname();
         }
-- 
GitLab


From 7f839d8277ce1ea43b43a762540a2b81cc4eb665 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 5 Feb 2018 23:43:54 +0100
Subject: [PATCH 082/863] Fixing nullability annotations on Util.escape.

---
 core/src/main/java/hudson/Util.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/Util.java b/core/src/main/java/hudson/Util.java
index ce381d7a0a..ba9890b7bd 100644
--- a/core/src/main/java/hudson/Util.java
+++ b/core/src/main/java/hudson/Util.java
@@ -1094,8 +1094,8 @@ public class Util {
     /**
      * Escapes HTML unsafe characters like &lt;, &amp; to the respective character entities.
      */
-    @Nonnull
-    public static String escape(@Nonnull String text) {
+    @Nullable
+    public static String escape(@CheckForNull String text) {
         if (text==null)     return null;
         StringBuilder buf = new StringBuilder(text.length()+64);
         for( int i=0; i<text.length(); i++ ) {
-- 
GitLab


From f4b78921e87c0a265c633674bc3ca3ec0458c19a Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Tue, 6 Feb 2018 09:40:24 +0100
Subject: [PATCH 083/863] [JENKINS-27035] Gathering command read/write events
 (#3071)

* Slave.JnlpJar.getURL did not work in some modes when core had a snapshot dependency on Remoting.

* Starting to implement Channel.Listener.read/write.

* Now obtaining response timing statistics.

* For now, avoiding timestamped snapshots, as it caused problems for #3120 which I have asked for help from @stephenc diagnosing.

* Simplified logging a bit.

* onResponse

* hudson.FilePath$Mkdirs is a lot more readable than hudson.FilePath$13.

* Specific snapshot.

* onJar

* LoggingChannelListener

* remoting.version=3.17

* Making a few test assertions more lenient to adapt to https://github.com/jenkinsci/remoting/pull/247.
---
 core/src/main/java/hudson/FilePath.java       | 30 ++++++++++++-------
 .../java/hudson/slaves/SlaveComputer.java     |  3 +-
 pom.xml                                       |  2 +-
 .../bugs/JnlpAccessWithSecuredHudsonTest.java |  2 +-
 .../jenkins/security/Security218Test.java     |  2 +-
 .../s2m/DefaultFilePathFilterTest.java        |  2 +-
 6 files changed, 25 insertions(+), 16 deletions(-)

diff --git a/core/src/main/java/hudson/FilePath.java b/core/src/main/java/hudson/FilePath.java
index b7b5b2d79d..1d27e35d7e 100644
--- a/core/src/main/java/hudson/FilePath.java
+++ b/core/src/main/java/hudson/FilePath.java
@@ -1167,19 +1167,22 @@ public final class FilePath implements Serializable {
      * Creates this directory.
      */
     public void mkdirs() throws IOException, InterruptedException {
-        if(!act(new SecureFileCallable<Boolean>() {
-            private static final long serialVersionUID = 1L;
-            public Boolean invoke(File f, VirtualChannel channel) throws IOException, InterruptedException {
-                if(mkdirs(f) || f.exists())
-                    return true;    // OK
+        if (!act(new Mkdirs())) {
+            throw new IOException("Failed to mkdirs: " + remote);
+        }
+    }
+    private class Mkdirs extends SecureFileCallable<Boolean> {
+        private static final long serialVersionUID = 1L;
+        @Override
+        public Boolean invoke(File f, VirtualChannel channel) throws IOException, InterruptedException {
+            if(mkdirs(f) || f.exists())
+                return true;    // OK
 
-                // following Ant <mkdir> task to avoid possible race condition.
-                Thread.sleep(10);
+            // following Ant <mkdir> task to avoid possible race condition.
+            Thread.sleep(10);
 
-                return mkdirs(f) || f.exists();
-            }
-        }))
-            throw new IOException("Failed to mkdirs: "+remote);
+            return mkdirs(f) || f.exists();
+        }
     }
 
     /**
@@ -2828,6 +2831,11 @@ public final class FilePath implements Serializable {
             return classLoader;
         }
 
+        @Override
+        public String toString() {
+            return callable.toString();
+        }
+
         private static final long serialVersionUID = 1L;
     }
 
diff --git a/core/src/main/java/hudson/slaves/SlaveComputer.java b/core/src/main/java/hudson/slaves/SlaveComputer.java
index 1f3f2beb13..c1b5166e71 100644
--- a/core/src/main/java/hudson/slaves/SlaveComputer.java
+++ b/core/src/main/java/hudson/slaves/SlaveComputer.java
@@ -88,6 +88,7 @@ import java.util.logging.LogRecord;
 import java.util.logging.Logger;
 
 import static hudson.slaves.SlaveComputer.LogHolder.SLAVE_LOG_HANDLER;
+import org.jenkinsci.remoting.util.LoggingChannelListener;
 
 
 /**
@@ -520,7 +521,7 @@ public class SlaveComputer extends Computer {
 
         channel.setProperty(SlaveComputer.class, this);
 
-        channel.addListener(new Channel.Listener() {
+        channel.addListener(new LoggingChannelListener(logger, Level.FINEST) {
             @Override
             public void onClosed(Channel c, IOException cause) {
                 // Orderly shutdown will have null exception
diff --git a/pom.xml b/pom.xml
index 5320d6507b..8ede8e8440 100644
--- a/pom.xml
+++ b/pom.xml
@@ -105,7 +105,7 @@ THE SOFTWARE.
     <maven-war-plugin.version>3.0.0</maven-war-plugin.version> <!-- JENKINS-47127 bump when 3.2.0 is out. Cf. MWAR-407 -->
 
     <!-- Minimum Remoting version, which is tested for API compatibility -->
-    <remoting.version>3.16</remoting.version>
+    <remoting.version>3.17</remoting.version>
     <remoting.minimum.supported.version>2.60</remoting.minimum.supported.version>
 
   </properties>
diff --git a/test/src/test/java/hudson/bugs/JnlpAccessWithSecuredHudsonTest.java b/test/src/test/java/hudson/bugs/JnlpAccessWithSecuredHudsonTest.java
index dcd8989846..8e0ce19006 100644
--- a/test/src/test/java/hudson/bugs/JnlpAccessWithSecuredHudsonTest.java
+++ b/test/src/test/java/hudson/bugs/JnlpAccessWithSecuredHudsonTest.java
@@ -139,7 +139,7 @@ public class JnlpAccessWithSecuredHudsonTest {
             assertTrue(f.exists());
             try {
                 fail("SECURITY-206: " + channel.call(new Attack(f.getAbsolutePath())));
-            } catch (SecurityException x) {
+            } catch (Exception x) {
                 assertThat(Functions.printThrowable(x), containsString("https://jenkins.io/redirect/security-144"));
             }
         } finally {
diff --git a/test/src/test/java/jenkins/security/Security218Test.java b/test/src/test/java/jenkins/security/Security218Test.java
index fa1fb1853f..b3cfc83d43 100644
--- a/test/src/test/java/jenkins/security/Security218Test.java
+++ b/test/src/test/java/jenkins/security/Security218Test.java
@@ -75,7 +75,7 @@ public class Security218Test implements Serializable {
         try {
             Object o = s.getComputer().getChannel().call(new EvilReturnValue());
             fail("Expected the connection to die: " + o);
-        } catch (SecurityException e) {
+        } catch (Exception e) {
             assertThat(e.getMessage(), containsString(MethodClosure.class.getName()));
         }
     }
diff --git a/test/src/test/java/jenkins/security/s2m/DefaultFilePathFilterTest.java b/test/src/test/java/jenkins/security/s2m/DefaultFilePathFilterTest.java
index 8dd83964cd..c7e3883b4a 100644
--- a/test/src/test/java/jenkins/security/s2m/DefaultFilePathFilterTest.java
+++ b/test/src/test/java/jenkins/security/s2m/DefaultFilePathFilterTest.java
@@ -63,7 +63,7 @@ public class DefaultFilePathFilterTest {
         try {
             s.getChannel().call(new ReverseCallable(reverse));
             fail("should have failed");
-        } catch (SecurityException x) {
+        } catch (Exception x) {
             // good
 
             // make sure that the stack trace contains the call site info to help assist diagnosis
-- 
GitLab


From 027d7c682b2d5c5d947a2798a0817871169df4f2 Mon Sep 17 00:00:00 2001
From: Stephen Connolly <stephen.alan.connolly@gmail.com>
Date: Tue, 6 Feb 2018 15:23:52 +0000
Subject: [PATCH 084/863] [JENKINS-48775] HACKY HACKY FIX

- Cheat and try a HTTP url if the proxy has never been accessed with a HTTP url before attempting a HTTPS url
---
 .../main/java/hudson/ProxyConfiguration.java  | 74 +++++++++++++------
 1 file changed, 52 insertions(+), 22 deletions(-)

diff --git a/core/src/main/java/hudson/ProxyConfiguration.java b/core/src/main/java/hudson/ProxyConfiguration.java
index 3baea805d4..eeb01c5077 100644
--- a/core/src/main/java/hudson/ProxyConfiguration.java
+++ b/core/src/main/java/hudson/ProxyConfiguration.java
@@ -110,6 +110,10 @@ public final class ProxyConfiguration extends AbstractDescribableImpl<ProxyConfi
     
     private String testUrl;
 
+    private transient Authenticator authenticator;
+
+    private transient boolean authCacheSeeded;
+
     public ProxyConfiguration(String name, int port) {
         this(name,port,null,null);
     }
@@ -129,7 +133,17 @@ public final class ProxyConfiguration extends AbstractDescribableImpl<ProxyConfi
         this.userName = Util.fixEmptyAndTrim(userName);
         this.secretPassword = Secret.fromString(password);
         this.noProxyHost = Util.fixEmptyAndTrim(noProxyHost);
-        this.testUrl =Util.fixEmptyAndTrim(testUrl);
+        this.testUrl = Util.fixEmptyAndTrim(testUrl);
+        authenticator = new Authenticator() {
+            @Override
+            public PasswordAuthentication getPasswordAuthentication() {
+                String userName = getUserName();
+                if (getRequestorType() == RequestorType.PROXY && userName != null) {
+                    return new PasswordAuthentication(userName, getPassword().toCharArray());
+                }
+                return null;
+            }
+        };
     }
 
     public String getUserName() {
@@ -234,17 +248,12 @@ public final class ProxyConfiguration extends AbstractDescribableImpl<ProxyConfi
         if(p==null) {
             con = url.openConnection();
         } else {
-            con = url.openConnection(p.createProxy(url.getHost()));
+            Proxy proxy = p.createProxy(url.getHost());
+            con = url.openConnection(proxy);
             if(p.getUserName()!=null) {
                 // Add an authenticator which provides the credentials for proxy authentication
-                Authenticator.setDefault(new Authenticator() {
-                    @Override
-                    public PasswordAuthentication getPasswordAuthentication() {
-                        if (getRequestorType()!=RequestorType.PROXY)    return null;
-                        return new PasswordAuthentication(p.getUserName(),
-                                p.getPassword().toCharArray());
-                    }
-                });
+                Authenticator.setDefault(p.authenticator);
+                p.jenkins48775workaround(proxy, url);
             }
         }
         
@@ -261,27 +270,48 @@ public final class ProxyConfiguration extends AbstractDescribableImpl<ProxyConfi
 
     public static InputStream getInputStream(URL url) throws IOException {
         final ProxyConfiguration p = get();
-        if (p == null) 
+        if (p == null)
             return new RetryableHttpStream(url);
 
-        InputStream is = new RetryableHttpStream(url, p.createProxy(url.getHost()));
+        Proxy proxy = p.createProxy(url.getHost());
+        InputStream is = new RetryableHttpStream(url, proxy);
         if (p.getUserName() != null) {
             // Add an authenticator which provides the credentials for proxy authentication
-            Authenticator.setDefault(new Authenticator() {
-
-                @Override
-                public PasswordAuthentication getPasswordAuthentication() {
-                    if (getRequestorType() != RequestorType.PROXY) {
-                        return null;
-                    }
-                    return new PasswordAuthentication(p.getUserName(), p.getPassword().toCharArray());
-                }
-            });
+            Authenticator.setDefault(p.authenticator);
+            p.jenkins48775workaround(proxy, url);
         }
 
         return is;
     }
 
+    /**
+     * If the first URL we try to access with a HTTP proxy is HTTPS then the authentication cache will not have been
+     * pre-populated, so we try to access at least one HTTP URL before the very first HTTPS url.
+     * @param proxy
+     * @param url the actual URL being opened.
+     */
+    private void jenkins48775workaround(Proxy proxy, URL url) {
+        if ("https".equals(url.getProtocol()) && !authCacheSeeded && proxy != Proxy.NO_PROXY) {
+            HttpURLConnection preAuth = null;
+            try {
+                // We do not care if there is anything at this URL, all we care is that it is using the proxy
+                preAuth = (HttpURLConnection) new URL("http", url.getHost(), -1, "/").openConnection(proxy);
+                preAuth.setRequestMethod("HEAD");
+                preAuth.connect();
+            } catch (IOException e) {
+                // ignore, this is just a probe we don't care at all
+            } finally {
+                if (preAuth != null) {
+                    preAuth.disconnect();
+                }
+            }
+            authCacheSeeded = true;
+        } else if ("https".equals(url.getProtocol())){
+            // if we access any http url using a proxy then the auth cache will have been seeded
+            authCacheSeeded = authCacheSeeded || proxy != Proxy.NO_PROXY;
+        }
+    }
+
     @CheckForNull
     private static ProxyConfiguration get() {
         if (JenkinsJVM.isJenkinsJVM()) {
-- 
GitLab


From 8830d68f5fe21f344be3496984bc4470bfcd0564 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Thu, 8 Feb 2018 15:37:47 +0100
Subject: [PATCH 085/863] [SECURITY-717] Plugin.doDynamic check for WEB-INF or
 META-INF should be case-insensitive.

---
 core/src/main/java/hudson/Plugin.java     | 4 +++-
 test/src/test/java/hudson/PluginTest.java | 2 ++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/Plugin.java b/core/src/main/java/hudson/Plugin.java
index b955a6d3ad..e8d8be1e69 100644
--- a/core/src/main/java/hudson/Plugin.java
+++ b/core/src/main/java/hudson/Plugin.java
@@ -44,6 +44,7 @@ import com.thoughtworks.xstream.XStream;
 import hudson.init.Initializer;
 import hudson.init.Terminator;
 import java.net.URL;
+import java.util.Locale;
 import java.util.logging.Logger;
 import jenkins.model.GlobalConfiguration;
 
@@ -226,7 +227,8 @@ public abstract class Plugin implements Saveable {
     public void doDynamic(StaplerRequest req, StaplerResponse rsp) throws IOException, ServletException {
         String path = req.getRestOfPath();
 
-        if (path.isEmpty() || path.contains("..") || path.contains("%") || path.contains("META-INF") || path.contains("WEB-INF")) {
+        String pathUC = path.toUpperCase(Locale.ENGLISH);
+        if (path.isEmpty() || path.contains("..") || path.contains("%") || pathUC.contains("META-INF") || pathUC.contains("WEB-INF")) {
             LOGGER.warning("rejecting possibly malicious " + req.getRequestURIWithQueryString());
             rsp.sendError(HttpServletResponse.SC_BAD_REQUEST);
             return;
diff --git a/test/src/test/java/hudson/PluginTest.java b/test/src/test/java/hudson/PluginTest.java
index dd7026406b..4ddfd44f94 100644
--- a/test/src/test/java/hudson/PluginTest.java
+++ b/test/src/test/java/hudson/PluginTest.java
@@ -51,6 +51,8 @@ public class PluginTest {
         // SECURITY-155:
         r.createWebClient().assertFails("plugin/credentials/WEB-INF/licenses.xml", HttpServletResponse.SC_BAD_REQUEST);
         r.createWebClient().assertFails("plugin/credentials/META-INF/MANIFEST.MF", HttpServletResponse.SC_BAD_REQUEST);
+        r.createWebClient().assertFails("plugin/credentials/web-inf/licenses.xml", HttpServletResponse.SC_BAD_REQUEST);
+        r.createWebClient().assertFails("plugin/credentials/meta-inf/manifest.mf", HttpServletResponse.SC_BAD_REQUEST);
     }
 
 }
-- 
GitLab


From 9de62915807deab61d6e780eed660428f9889b51 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Fri, 9 Feb 2018 11:25:42 -0500
Subject: [PATCH 086/863] [SECURITY-705] Additional precautions.

---
 core/src/main/java/hudson/Plugin.java     | 2 +-
 test/src/test/java/hudson/PluginTest.java | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/core/src/main/java/hudson/Plugin.java b/core/src/main/java/hudson/Plugin.java
index e8d8be1e69..32ca74a1b5 100644
--- a/core/src/main/java/hudson/Plugin.java
+++ b/core/src/main/java/hudson/Plugin.java
@@ -228,7 +228,7 @@ public abstract class Plugin implements Saveable {
         String path = req.getRestOfPath();
 
         String pathUC = path.toUpperCase(Locale.ENGLISH);
-        if (path.isEmpty() || path.contains("..") || path.contains("%") || pathUC.contains("META-INF") || pathUC.contains("WEB-INF")) {
+        if (path.isEmpty() || path.contains("..") || path.startsWith(".") || path.contains("%") || pathUC.contains("META-INF") || pathUC.contains("WEB-INF")) {
             LOGGER.warning("rejecting possibly malicious " + req.getRequestURIWithQueryString());
             rsp.sendError(HttpServletResponse.SC_BAD_REQUEST);
             return;
diff --git a/test/src/test/java/hudson/PluginTest.java b/test/src/test/java/hudson/PluginTest.java
index 4ddfd44f94..ef9bc38a52 100644
--- a/test/src/test/java/hudson/PluginTest.java
+++ b/test/src/test/java/hudson/PluginTest.java
@@ -37,17 +37,17 @@ public class PluginTest {
     @Issue({"SECURITY-131", "SECURITY-155", "SECURITY-705"})
     @Test public void doDynamic() throws Exception {
         r.createWebClient().goTo("plugin/credentials/images/24x24/credentials.png", "image/png");
-        /* Collapsed somewhere before it winds up in restOfPath:
-        r.createWebClient().assertFails("plugin/credentials/images/../images/24x24/credentials.png", HttpServletResponse.SC_BAD_REQUEST);
-        */
+        r.createWebClient().goTo("plugin/credentials/images/../images/24x24/credentials.png", "image/png"); // collapsed somewhere before it winds up in restOfPath
         r.createWebClient().assertFails("plugin/credentials/images/%2E%2E/images/24x24/credentials.png", HttpServletResponse.SC_INTERNAL_SERVER_ERROR); // IAE from TokenList.<init>
         r.createWebClient().assertFails("plugin/credentials/images/%252E%252E/images/24x24/credentials.png", HttpServletResponse.SC_BAD_REQUEST); // SECURITY-131
         r.createWebClient().assertFails("plugin/credentials/images/%25252E%25252E/images/24x24/credentials.png", HttpServletResponse.SC_BAD_REQUEST); // just checking
         // SECURITY-705:
         r.createWebClient().assertFails("plugin/credentials/images/..%2fWEB-INF/licenses.xml", HttpServletResponse.SC_BAD_REQUEST);
+        r.createWebClient().assertFails("plugin/credentials/./credentials.jpi", /* Path collapsed to simply `credentials.jpi` before entering */ HttpServletResponse.SC_NOT_FOUND);
         r.createWebClient().assertFails("plugin/credentials/images/%2e%2e%2fWEB-INF/licenses.xml", HttpServletResponse.SC_BAD_REQUEST);
         r.createWebClient().assertFails("plugin/credentials/images/%2e.%2fWEB-INF/licenses.xml", HttpServletResponse.SC_BAD_REQUEST);
         r.createWebClient().assertFails("plugin/credentials/images/..%2f..%2f..%2f" + r.jenkins.getRootDir().getName() + "%2fsecrets%2fmaster.key", HttpServletResponse.SC_BAD_REQUEST);
+        r.createWebClient().assertFails("plugin/credentials/" + r.jenkins.getRootDir() + "/secrets/master.key", /* ./ prepended anyway */ HttpServletResponse.SC_NOT_FOUND);
         // SECURITY-155:
         r.createWebClient().assertFails("plugin/credentials/WEB-INF/licenses.xml", HttpServletResponse.SC_BAD_REQUEST);
         r.createWebClient().assertFails("plugin/credentials/META-INF/MANIFEST.MF", HttpServletResponse.SC_BAD_REQUEST);
-- 
GitLab


From f6efa29041447715ffe19406cbc1559751a0a59e Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 11 Feb 2018 19:18:51 -0800
Subject: [PATCH 087/863] [maven-release-plugin] prepare release jenkins-2.106

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 4d70defcf0..d2474b6ace 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.106-SNAPSHOT</version>
+    <version>2.106</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 929e140400..f70dbbd94b 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.106-SNAPSHOT</version>
+    <version>2.106</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 8ede8e8440..c02f59d1d8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.106-SNAPSHOT</version>
+  <version>2.106</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.106</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 41d2fe3e1b..56797b8130 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.106-SNAPSHOT</version>
+    <version>2.106</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index d6c0944be7..ffd239d714 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.106-SNAPSHOT</version>
+    <version>2.106</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From f8a2309b0260df89a03a91ccf976e6be999c1c02 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 11 Feb 2018 19:18:51 -0800
Subject: [PATCH 088/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d2474b6ace..91149b579e 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.106</version>
+    <version>2.107-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index f70dbbd94b..d12b7ff9b7 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.106</version>
+    <version>2.107-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index c02f59d1d8..61f5a69154 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.106</version>
+  <version>2.107-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.106</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 56797b8130..6a74335821 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.106</version>
+    <version>2.107-SNAPSHOT</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index ffd239d714..d9f188f880 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.106</version>
+    <version>2.107-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 01ed9c9389f92dd34ddde1505d3ca8399c0eeb47 Mon Sep 17 00:00:00 2001
From: Jan Vansteenkiste <jan@vstone.eu>
Date: Mon, 12 Feb 2018 08:44:46 +0100
Subject: [PATCH 089/863] JENKINS-49496: Fix poorly translated sign-up string
 (dutch)

---
 .../security/HudsonPrivateSecurityRealm/config_nl.properties    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/config_nl.properties b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/config_nl.properties
index b0d875026f..b2202d9d9e 100644
--- a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/config_nl.properties
+++ b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/config_nl.properties
@@ -20,4 +20,4 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Allow\ users\ to\ sign\ up=Sta gebruikers toe in te loggen
+Allow\ users\ to\ sign\ up=Sta gebruikers toe zichzelf te registreren
-- 
GitLab


From 0b47ade85420a09b325cc494a5fcbf1d897a5c40 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 12 Feb 2018 18:33:31 -0800
Subject: [PATCH 090/863] [maven-release-plugin] prepare release jenkins-2.89.4

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 1c717b6e89..5c2397024c 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.4-SNAPSHOT</version>
+    <version>2.89.4</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 59eafcba6c..2984bf021c 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.4-SNAPSHOT</version>
+    <version>2.89.4</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index b45748cc3e..1de3dd9b3a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.89.4-SNAPSHOT</version>
+  <version>2.89.4</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.89.4</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index bcf700e1f8..7bd26ff1ec 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.4-SNAPSHOT</version>
+    <version>2.89.4</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 7dc5da5d65..2c1ef7805f 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.4-SNAPSHOT</version>
+    <version>2.89.4</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 4f68a6d35397c291fd9d70cdd77c6ae862c709f4 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 12 Feb 2018 18:33:32 -0800
Subject: [PATCH 091/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 5c2397024c..4033dfdf4a 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.4</version>
+    <version>2.89.5-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 2984bf021c..7f69ac3c6b 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.4</version>
+    <version>2.89.5-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 1de3dd9b3a..d6cadf6220 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.89.4</version>
+  <version>2.89.5-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.89.4</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 7bd26ff1ec..4d95e18ec6 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.4</version>
+    <version>2.89.5-SNAPSHOT</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 2c1ef7805f..97442f8a7d 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.89.4</version>
+    <version>2.89.5-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 6bb6436c55f43bc7bacf1360cf6bbf3c91f9ad89 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 12 Feb 2018 20:11:59 -0800
Subject: [PATCH 092/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 53dae2aa54..11179b1697 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107</version>
+    <version>2.108-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 3fb617780e..a2dc18b7e0 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107</version>
+    <version>2.108-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 3a297bea89..c844d4dcb6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.107</version>
+  <version>2.108-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.107</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index d4022c2abb..08dc62651a 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107</version>
+    <version>2.108-SNAPSHOT</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 230f72111c..3ce35c4883 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107</version>
+    <version>2.108-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 404bbaee7990209097be1b4ae59bd791ff54f90e Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 12 Feb 2018 20:11:59 -0800
Subject: [PATCH 093/863] [maven-release-plugin] prepare release jenkins-2.107

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 91149b579e..53dae2aa54 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107-SNAPSHOT</version>
+    <version>2.107</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index d12b7ff9b7..3fb617780e 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107-SNAPSHOT</version>
+    <version>2.107</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 61f5a69154..3a297bea89 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.107-SNAPSHOT</version>
+  <version>2.107</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.107</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 6a74335821..d4022c2abb 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107-SNAPSHOT</version>
+    <version>2.107</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index d9f188f880..230f72111c 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107-SNAPSHOT</version>
+    <version>2.107</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 2897239e4af89ea29e236b4b292e268ce65a9cc8 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Tue, 13 Feb 2018 09:50:24 -0500
Subject: [PATCH 094/863] Noting release version of #3272.

---
 .../main/java/hudson/util/ClassLoaderSanityThreadFactory.java    | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/src/main/java/hudson/util/ClassLoaderSanityThreadFactory.java b/core/src/main/java/hudson/util/ClassLoaderSanityThreadFactory.java
index 041c2061df..2977e9bfbd 100644
--- a/core/src/main/java/hudson/util/ClassLoaderSanityThreadFactory.java
+++ b/core/src/main/java/hudson/util/ClassLoaderSanityThreadFactory.java
@@ -10,6 +10,7 @@ import java.util.concurrent.TimeUnit;
  *
  *  Commonly this is a problem for Groovy use, where this may result in memory leaks.
  *  @see <a href="https://issues.jenkins-ci.org/browse/JENKINS-49206">JENKINS-49206</a>
+ * @since 2.105
  */
 public class ClassLoaderSanityThreadFactory implements ThreadFactory {
     private final ThreadFactory delegate;
-- 
GitLab


From 9b60f19ddfb62fdb84782016a73388351a11441f Mon Sep 17 00:00:00 2001
From: Julien Coste <julien.coste@orange.com>
Date: Tue, 13 Feb 2018 16:47:44 +0100
Subject: [PATCH 095/863] fix missing parameter in french translation of
 test:bar taglib

---
 core/src/main/resources/lib/test/bar_fr.properties | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/lib/test/bar_fr.properties b/core/src/main/resources/lib/test/bar_fr.properties
index dac7f847a1..27baa32efa 100644
--- a/core/src/main/resources/lib/test/bar_fr.properties
+++ b/core/src/main/resources/lib/test/bar_fr.properties
@@ -22,5 +22,5 @@
 
 No\ tests=Pas de test
 failures={0} \u00E9checs
-skipped=Non pass�s
+skipped={0} non pass�s
 tests={0} tests
-- 
GitLab


From 800668ba4305964afe59d8744fcfc24013ff6ee6 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Wed, 14 Feb 2018 13:29:43 +0100
Subject: [PATCH 096/863] [JENKINS-49543] - Add direct unit test for module
 class whitelisting

---
 .../main/java/jenkins/security/ClassFilterImpl.java  |  4 +++-
 .../java/jenkins/security/ClassFilterImplTest.java   | 12 ++++++++++++
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/jenkins/security/ClassFilterImpl.java b/core/src/main/java/jenkins/security/ClassFilterImpl.java
index 0c554232b4..22e4645557 100644
--- a/core/src/main/java/jenkins/security/ClassFilterImpl.java
+++ b/core/src/main/java/jenkins/security/ClassFilterImpl.java
@@ -24,6 +24,7 @@
 
 package jenkins.security;
 
+import com.google.common.annotations.VisibleForTesting;
 import com.google.common.collect.ImmutableSet;
 import hudson.ExtensionList;
 import hudson.Main;
@@ -105,7 +106,8 @@ public class ClassFilterImpl extends ClassFilter {
         ClassFilter.setDefault(ClassFilter.NONE); // even Method on the standard blacklist is going to explode
     }
 
-    private ClassFilterImpl() {}
+    @VisibleForTesting
+    /*package*/ ClassFilterImpl() {}
 
     /** Whether a given class is blacklisted. */
     private final Map<Class<?>, Boolean> cache = Collections.synchronizedMap(new WeakHashMap<>());
diff --git a/test/src/test/java/jenkins/security/ClassFilterImplTest.java b/test/src/test/java/jenkins/security/ClassFilterImplTest.java
index 89131e335f..029a5b85bf 100644
--- a/test/src/test/java/jenkins/security/ClassFilterImplTest.java
+++ b/test/src/test/java/jenkins/security/ClassFilterImplTest.java
@@ -36,6 +36,7 @@ import hudson.model.BuildListener;
 import hudson.model.FreeStyleProject;
 import hudson.model.Result;
 import hudson.model.Saveable;
+import hudson.remoting.ClassFilter;
 import hudson.tasks.BuildStepDescriptor;
 import hudson.tasks.Builder;
 import java.io.IOException;
@@ -51,6 +52,7 @@ import static org.junit.Assume.*;
 import org.junit.ClassRule;
 import org.junit.Rule;
 import org.jvnet.hudson.test.BuildWatcher;
+import org.jvnet.hudson.test.Issue;
 import org.jvnet.hudson.test.JenkinsRule;
 import org.jvnet.hudson.test.LoggerRule;
 import org.jvnet.hudson.test.TestExtension;
@@ -149,6 +151,16 @@ public class ClassFilterImplTest {
         assertEquals(Collections.singleton(config), data.keySet());
         assertThat(data.values().iterator().next().extra, allOf(containsString("LinkedListMultimap"), containsString("https://jenkins.io/redirect/class-filter/")));
     }
+
+    @Test
+    @Issue("JENKINS-49543")
+    public void moduleClassesShouldBeWhitelisted() throws Exception {
+        ClassFilterImpl filter = new ClassFilterImpl();
+        filter.check("org.jenkinsci.main.modules.cli.auth.ssh.UserPropertyImpl");
+        filter.check("org.jenkinsci.modules.windows_slave_installer.WindowsSlaveInstaller");
+        filter.check("org.jenkinsci.main.modules.instance_identity.PageDecoratorImpl");
+    }
+
     @TestExtension("xstreamRequiresWhitelist")
     public static class Config extends GlobalConfiguration {
         LinkedListMultimap<?, ?> obj;
-- 
GitLab


From 4cc4c3371a3b255eab4c1385c6ce20194db27f40 Mon Sep 17 00:00:00 2001
From: Kanstantsin Shautsou <kanstantsin.sha@gmail.com>
Date: Wed, 14 Feb 2018 16:59:50 +0300
Subject: [PATCH 097/863] Update Node.java

---
 core/src/main/java/hudson/model/Node.java | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/src/main/java/hudson/model/Node.java b/core/src/main/java/hudson/model/Node.java
index bcf81c19ad..9336774016 100644
--- a/core/src/main/java/hudson/model/Node.java
+++ b/core/src/main/java/hudson/model/Node.java
@@ -345,6 +345,7 @@ public abstract class Node extends AbstractModelObject implements Reconfigurable
     /**
      * Gets the special label that represents this node itself.
      */
+    @Nonnull
     @WithBridgeMethods(Label.class)
     public LabelAtom getSelfLabel() {
         return LabelAtom.get(getNodeName());
-- 
GitLab


From db0bddeb2cb5c6e62b9eb05e8e914e0d45c98d0e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20Gond=C5=BEa?= <ogondza@gmail.com>
Date: Thu, 15 Feb 2018 09:04:45 +0100
Subject: [PATCH 098/863] Towards 2.107.1

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 53dae2aa54..df60b493dd 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107</version>
+    <version>2.107.1-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 3fb617780e..953c499198 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107</version>
+    <version>2.107.1-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 3a297bea89..135a9f2b34 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.107</version>
+  <version>2.107.1-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.107</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index d4022c2abb..15e24b1994 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107</version>
+    <version>2.107.1-SNAPSHOT</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 230f72111c..931171425d 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107</version>
+    <version>2.107.1-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 4b5af6fe4cb31ce19b868f17c1cdf62e032c87a6 Mon Sep 17 00:00:00 2001
From: Devin Nusbaum <d.w.nusbaum@gmail.com>
Date: Thu, 15 Feb 2018 10:06:25 -0500
Subject: [PATCH 099/863] Always show the master node when it is offline

---
 core/src/main/resources/lib/hudson/executors.jelly | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/lib/hudson/executors.jelly b/core/src/main/resources/lib/hudson/executors.jelly
index 86f12dffc4..578808d47f 100644
--- a/core/src/main/resources/lib/hudson/executors.jelly
+++ b/core/src/main/resources/lib/hudson/executors.jelly
@@ -129,7 +129,7 @@ THE SOFTWARE.
       <j:forEach var="c" items="${computers}">
         <j:set var="cDisplayExecutors" value="${c.displayExecutors}"/>
         <tr>
-          <j:if test="${computersSize gt 1 and !cDisplayExecutors.isEmpty()}">
+          <j:if test="${(computersSize gt 1 and !cDisplayExecutors.isEmpty()) or (c.node == app and c.offline)}">
             <th class="pane" colspan="3">
               <local:computerCaption title="${c.displayName}" />
             </th>
-- 
GitLab


From 36f7fc0d925338a2642553ec7e7a0eda938fb3f6 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 16 Feb 2018 18:31:05 +0100
Subject: [PATCH 100/863] [JENKINS-49565] - Update Jenkins CLI to Mina SSHD
 Core 1.7.0

---
 cli/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 11179b1697..de0ef57a79 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -54,7 +54,7 @@
     <dependency>
       <groupId>org.apache.sshd</groupId>
       <artifactId>sshd-core</artifactId>
-      <version>1.6.0</version>
+      <version>1.7.0</version>
       <optional>true</optional> <!-- do not expose to core -->
     </dependency>
     <dependency>
-- 
GitLab


From 0e51e36023d0533f099226ba7a0035dae7b02a84 Mon Sep 17 00:00:00 2001
From: Antonio Muniz <amuniz@users.noreply.github.com>
Date: Fri, 16 Feb 2018 20:08:31 +0100
Subject: [PATCH 101/863] [JENKINS-49044] Apply visibility filters to
 SecurityRealm and AuthorizationStrategy (#3246)

* [JENKINS-49044] Honor DescriptorVisibilityFilter for SecurityRealm and AuthorizationStrategy

* [JENKINS-49044] The test
---
 .../GlobalSecurityConfiguration/index.groovy  |  4 +-
 .../model/DescriptorVisibilityFilterTest.java | 70 +++++++++++++++++++
 2 files changed, 72 insertions(+), 2 deletions(-)

diff --git a/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index.groovy b/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index.groovy
index 9d1b0917e9..e7fe82bba4 100644
--- a/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index.groovy
+++ b/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index.groovy
@@ -32,8 +32,8 @@ l.layout(norefresh:true, permission:app.ADMINISTER, title:my.displayName, csscla
 
                 f.entry(title:_("Access Control")) {
                     table(style:"width:100%") {
-                        f.descriptorRadioList(title:_("Security Realm"),varName:"realm",         instance:app.securityRealm,         descriptors:SecurityRealm.all())
-                        f.descriptorRadioList(title:_("Authorization"), varName:"authorization", instance:app.authorizationStrategy, descriptors:AuthorizationStrategy.all())
+                        f.descriptorRadioList(title:_("Security Realm"),varName:"realm",         instance:app.securityRealm,         descriptors:h.filterDescriptors(app, SecurityRealm.all()))
+                        f.descriptorRadioList(title:_("Authorization"), varName:"authorization", instance:app.authorizationStrategy, descriptors:h.filterDescriptors(app, AuthorizationStrategy.all()))
                     }
                 }
             }
diff --git a/test/src/test/java/hudson/model/DescriptorVisibilityFilterTest.java b/test/src/test/java/hudson/model/DescriptorVisibilityFilterTest.java
index dfbc4ea1c2..727ddbc407 100644
--- a/test/src/test/java/hudson/model/DescriptorVisibilityFilterTest.java
+++ b/test/src/test/java/hudson/model/DescriptorVisibilityFilterTest.java
@@ -8,13 +8,22 @@ import static org.hamcrest.Matchers.allOf;
 import static org.junit.Assert.*;
 
 import com.gargoylesoftware.htmlunit.html.HtmlPage;
+import hudson.Extension;
+import hudson.security.ACL;
+import hudson.security.AuthorizationStrategy;
+import hudson.security.SecurityRealm;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
 import org.jvnet.hudson.test.JenkinsRule;
 import org.jvnet.hudson.test.LoggerRule;
 import org.jvnet.hudson.test.TestExtension;
+import org.xml.sax.SAXException;
 
+import javax.annotation.CheckForNull;
+import javax.annotation.Nonnull;
+import java.io.IOException;
+import java.util.Collection;
 import java.util.logging.Level;
 import java.util.logging.LogRecord;
 
@@ -43,6 +52,67 @@ public class DescriptorVisibilityFilterTest {
         assertThat(page.getWebResponse().getContentAsString(), containsString("descriptors found: .")); // No output written from expression
     }
 
+    @Test @Issue("JENKINS-49044")
+    public void securityRealmAndAuthStrategyHidden() throws Exception {
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        j.jenkins.setAuthorizationStrategy(AuthorizationStrategy.UNSECURED);
+        HtmlPage page = j.createWebClient().goTo("configureSecurity");
+        String response = page.getWebResponse().getContentAsString();
+        assertThat(response, not(containsString("TestSecurityRealm")));
+        assertThat(response, not(containsString("TestAuthStrategy")));
+    }
+
+    public static final class TestSecurityRealm extends SecurityRealm {
+
+        @Override
+        public SecurityComponents createSecurityComponents() { return null; }
+
+        @TestExtension
+        public static final class DescriptorImpl extends Descriptor<SecurityRealm> {
+            @Nonnull
+            @Override
+            public String getDisplayName() {
+                return "TestSecurityRealm";
+            }
+        }
+
+        @TestExtension
+        public static final class HideDescriptor extends DescriptorVisibilityFilter {
+            @Override
+            public boolean filter(@CheckForNull Object context, @Nonnull Descriptor descriptor) {
+                return !(descriptor instanceof DescriptorImpl);
+            }
+        }
+    }
+
+    public static final class TestAuthStrategy extends AuthorizationStrategy {
+
+        @Nonnull
+        @Override
+        public ACL getRootACL() { return null; }
+
+        @Nonnull
+        @Override
+        public Collection<String> getGroups() { return null; }
+
+        @TestExtension
+        public static final class DescriptorImpl extends Descriptor<AuthorizationStrategy> {
+            @Nonnull
+            @Override
+            public String getDisplayName() {
+                return "TestAuthStrategy";
+            }
+        }
+
+        @TestExtension
+        public static final class HideDescriptor extends DescriptorVisibilityFilter {
+            @Override
+            public boolean filter(@CheckForNull Object context, @Nonnull Descriptor descriptor) {
+                return !(descriptor instanceof DescriptorImpl);
+            }
+        }
+    }
+
     @TestExtension("jenkins40545")
     public static final class Jenkins40545 implements UnprotectedRootAction {
 
-- 
GitLab


From 05948995afc30c3acb1b7c1c3c4a056b34ba5856 Mon Sep 17 00:00:00 2001
From: Sam Van Oort <samvanoort@gmail.com>
Date: Fri, 16 Feb 2018 18:07:30 -0500
Subject: [PATCH 102/863] Use performance-optimized build mode to reduce IO
 needs a bit

---
 Jenkinsfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Jenkinsfile b/Jenkinsfile
index 5d2a10435f..9c4b4efbba 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -13,7 +13,7 @@
 def runTests = true
 def failFast = false
 
-properties([buildDiscarder(logRotator(numToKeepStr: '50', artifactNumToKeepStr: '20'))])
+properties([buildDiscarder(logRotator(numToKeepStr: '50', artifactNumToKeepStr: '20')), durabilityHint('PERFORMANCE_OPTIMIZED')])
 
 // see https://github.com/jenkins-infra/documentation/blob/master/ci.adoc for information on what node types are available
 def buildTypes = ['Linux', 'Windows']
-- 
GitLab


From 015843cabf79aed14cad97b0ffae0122e2793e16 Mon Sep 17 00:00:00 2001
From: Matthew Brener <akkatracker@gmail.com>
Date: Sun, 18 Feb 2018 14:38:31 +1100
Subject: [PATCH 103/863] Two typos in JobQueueTest.java

its --> it's
---
 test/src/test/java/hudson/model/JobQueueTest.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/src/test/java/hudson/model/JobQueueTest.java b/test/src/test/java/hudson/model/JobQueueTest.java
index 41af7e4d1e..6da7bb0f4f 100644
--- a/test/src/test/java/hudson/model/JobQueueTest.java
+++ b/test/src/test/java/hudson/model/JobQueueTest.java
@@ -79,7 +79,7 @@ public class JobQueueTest {
         if(JobQueueTest.fireCompletedFlag) {
         //Schedule the build for the project and this build should be in Queue since the state is POST_PRODUCTION
             project.scheduleBuild2(0);
-            assertTrue(project.isInQueue()); //That means its pending or its waiting or blocked
+            assertTrue(project.isInQueue()); //That means it's pending or it's waiting or blocked
             j.jenkins.getQueue().maintain();
             while(j.jenkins.getQueue().getItem(project) instanceof WaitingItem) {
                 System.out.println(j.jenkins.getQueue().getItem(project));
-- 
GitLab


From 5c8cc45900bf8d78058cecd471840bdbc88215d3 Mon Sep 17 00:00:00 2001
From: Kseniia Nenasheva <ks.nenasheva@gmail.com>
Date: Sun, 18 Feb 2018 12:05:52 +0100
Subject: [PATCH 104/863] [JENKINS-49387][JENKINS-49520] - Validation errors
 (#3292)

* Fixes for validation

* Fix for an empty agent.nExecutors
---
 core/src/main/java/hudson/model/Computer.java          |  3 ++-
 .../hudson/slaves/DumbSlave/configure-entries.jelly    |  2 +-
 .../model/Jenkins/MasterComputer/configure.jelly       |  2 +-
 .../model/MasterBuildConfiguration/config.groovy       |  2 +-
 war/src/main/webapp/scripts/hudson-behavior.js         | 10 ++++++++--
 5 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/core/src/main/java/hudson/model/Computer.java b/core/src/main/java/hudson/model/Computer.java
index dff02c5ab1..a16b96e8f5 100644
--- a/core/src/main/java/hudson/model/Computer.java
+++ b/core/src/main/java/hudson/model/Computer.java
@@ -67,6 +67,7 @@ import jenkins.model.Jenkins;
 import jenkins.util.ContextResettingExecutorService;
 import jenkins.security.MasterToSlaveCallable;
 
+import org.apache.commons.lang.StringUtils;
 import org.jenkins.ui.icon.Icon;
 import org.jenkins.ui.icon.IconSet;
 import org.kohsuke.accmod.Restricted;
@@ -1473,7 +1474,7 @@ public /*transient*/ abstract class Computer extends Actionable implements Acces
         }
 
         String nExecutors = req.getSubmittedForm().getString("numExecutors");
-        if (Integer.parseInt(nExecutors)<=0) {
+        if (StringUtils.isBlank(nExecutors) || Integer.parseInt(nExecutors)<=0) {
             throw new FormException(Messages.Slave_InvalidConfig_Executors(nodeName), "numExecutors");
         }
 
diff --git a/core/src/main/resources/hudson/slaves/DumbSlave/configure-entries.jelly b/core/src/main/resources/hudson/slaves/DumbSlave/configure-entries.jelly
index c06a9e1d35..d9e46f50b6 100644
--- a/core/src/main/resources/hudson/slaves/DumbSlave/configure-entries.jelly
+++ b/core/src/main/resources/hudson/slaves/DumbSlave/configure-entries.jelly
@@ -33,7 +33,7 @@ THE SOFTWARE.
   </f:entry>
 
   <f:entry title="${%# of executors}" field="numExecutors">
-    <f:number clazz="positive-number" min="1" step="1" default="1"/>
+    <f:number clazz="positive-number-required" min="1" step="1" default="1"/>
   </f:entry>
 
   <f:entry title="${%Remote root directory}" field="remoteFS">
diff --git a/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/configure.jelly b/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/configure.jelly
index e06cc9a7a9..3967603159 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/configure.jelly
+++ b/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/configure.jelly
@@ -42,7 +42,7 @@ THE SOFTWARE.
         -->
 
         <f:entry title="${%# of executors}" field="numExecutors">
-          <f:number clazz="non-negative-number" min="0" step="1"/>
+          <f:number clazz="non-negative-number-required" min="0" step="1"/>
         </f:entry>
 
         <f:entry title="${%Labels}" field="labelString">
diff --git a/core/src/main/resources/jenkins/model/MasterBuildConfiguration/config.groovy b/core/src/main/resources/jenkins/model/MasterBuildConfiguration/config.groovy
index f645dcbc41..9ad0aaa0c5 100644
--- a/core/src/main/resources/jenkins/model/MasterBuildConfiguration/config.groovy
+++ b/core/src/main/resources/jenkins/model/MasterBuildConfiguration/config.groovy
@@ -3,7 +3,7 @@ package jenkins.model.MasterBuildConfiguration
 def f=namespace(lib.FormTagLib)
 
 f.entry(title:_("# of executors"), field:"numExecutors") {
-    f.number(clazz:"non-negative-number", min:0, step:1)
+    f.number(clazz:"non-negative-number-required", min:0, step:1)
 }
 f.entry(title:_("Labels"),field:"labelString") {
     f.textbox()
diff --git a/war/src/main/webapp/scripts/hudson-behavior.js b/war/src/main/webapp/scripts/hudson-behavior.js
index 01c1b21861..aedbb069fc 100644
--- a/war/src/main/webapp/scripts/hudson-behavior.js
+++ b/war/src/main/webapp/scripts/hudson-behavior.js
@@ -694,11 +694,17 @@ var jenkinsRules = {
     "INPUT.required" : function(e) { registerRegexpValidator(e,/./,"Field is required"); },
 
 // validate form values to be an integer
-    "INPUT.number" : function(e) { registerRegexpValidator(e,/^\-?(\d+)$/,"Not an integer"); },
-    "INPUT.non-negative-number" : function(e) {
+    "INPUT.number" : function(e) { registerRegexpValidator(e,/^(\d+|)$/,"Not an integer"); },
+    "INPUT.number-required" : function(e) { registerRegexpValidator(e,/^\-?(\d+)$/,"Not an integer"); },
+
+    "INPUT.non-negative-number-required" : function(e) {
         registerRegexpValidator(e,/^\d+$/,"Not a non-negative number");
     },
+
     "INPUT.positive-number" : function(e) {
+        registerRegexpValidator(e,/^(\d*[1-9]\d*|)$/,"Not a positive integer");
+    },
+    "INPUT.positive-number-required" : function(e) {
         registerRegexpValidator(e,/^[1-9]\d*$/,"Not a positive integer");
     },
 
-- 
GitLab


From 0acc8525b90e1a99db38d81e786bcee746fd5248 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 18 Feb 2018 13:36:42 -0800
Subject: [PATCH 105/863] [maven-release-plugin] prepare release jenkins-2.108

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index de0ef57a79..ec8ea47816 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.108-SNAPSHOT</version>
+    <version>2.108</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index a2dc18b7e0..391ead11f9 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.108-SNAPSHOT</version>
+    <version>2.108</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index c844d4dcb6..7e8e083e39 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.108-SNAPSHOT</version>
+  <version>2.108</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.108</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 08dc62651a..2c3aa407ad 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.108-SNAPSHOT</version>
+    <version>2.108</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 3ce35c4883..631822a6c2 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.108-SNAPSHOT</version>
+    <version>2.108</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 844a13f08abc34eb1619d69860a0465fd7f2c089 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 18 Feb 2018 13:36:42 -0800
Subject: [PATCH 106/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index ec8ea47816..53dc0407cb 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.108</version>
+    <version>2.109-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 391ead11f9..d9b49c4d16 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.108</version>
+    <version>2.109-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 7e8e083e39..fa54bac197 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.108</version>
+  <version>2.109-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.108</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 2c3aa407ad..1386a66c0a 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.108</version>
+    <version>2.109-SNAPSHOT</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 631822a6c2..0451509e2c 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.108</version>
+    <version>2.109-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 3f01a774662d0e6e3d4f644e6a3197009f0c7b14 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 19 Feb 2018 18:01:52 -0500
Subject: [PATCH 107/863] [JENKINS-49635] Defining new VirtualFile methods to
 better support external artifact storage.

---
 .../hudson/model/DirectoryBrowserSupport.java |  10 +
 .../main/java/jenkins/util/VirtualFile.java   |  64 +++++-
 .../model/DirectoryBrowserSupportTest.java    | 214 ++++++++++++++++++
 3 files changed, 286 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/model/DirectoryBrowserSupport.java b/core/src/main/java/hudson/model/DirectoryBrowserSupport.java
index 5426c7842e..da6ad3c2bd 100644
--- a/core/src/main/java/hudson/model/DirectoryBrowserSupport.java
+++ b/core/src/main/java/hudson/model/DirectoryBrowserSupport.java
@@ -29,6 +29,7 @@ import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
 import java.io.Serializable;
+import java.net.URL;
 import java.text.Collator;
 import java.util.ArrayList;
 import java.util.Arrays;
@@ -51,6 +52,7 @@ import org.apache.tools.zip.ZipOutputStream;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 import org.kohsuke.stapler.HttpResponse;
+import org.kohsuke.stapler.HttpResponses;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.StaplerResponse;
 
@@ -295,6 +297,14 @@ public final class DirectoryBrowserSupport implements HttpResponse {
             return;
         }
 
+        URL external = baseFile.toExternalURL();
+        if (external != null) {
+            // or this URL could be emitted directly from dir.jelly
+            // though we would prefer to delay toExternalURL calls unless and until needed
+            rsp.sendRedirect2(external.toExternalForm());
+            return;
+        }
+
         long lastModified = baseFile.lastModified();
         long length = baseFile.length();
 
diff --git a/core/src/main/java/jenkins/util/VirtualFile.java b/core/src/main/java/jenkins/util/VirtualFile.java
index e2d27d75ec..8376267e85 100644
--- a/core/src/main/java/jenkins/util/VirtualFile.java
+++ b/core/src/main/java/jenkins/util/VirtualFile.java
@@ -28,16 +28,17 @@ import hudson.FilePath;
 import hudson.model.DirectoryBrowserSupport;
 import hudson.remoting.Callable;
 import hudson.remoting.Channel;
+import hudson.remoting.RemoteInputStream;
 import hudson.remoting.VirtualChannel;
 import hudson.util.DirScanner;
 import hudson.util.FileVisitor;
 import java.io.File;
-import java.io.FileInputStream;
 import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.Serializable;
 import java.net.URI;
+import java.net.URL;
 import java.nio.file.Files;
 import java.nio.file.InvalidPathException;
 import java.nio.file.LinkOption;
@@ -45,9 +46,10 @@ import java.util.ArrayList;
 import java.util.List;
 import java.util.logging.Level;
 import java.util.logging.Logger;
+import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
-
 import jenkins.MasterToSlaveFileCallable;
+import jenkins.model.ArtifactManager;
 
 /**
  * Abstraction over {@link File}, {@link FilePath}, or other items such as network resources or ZIP entries.
@@ -62,6 +64,26 @@ import jenkins.MasterToSlaveFileCallable;
  * {@link VirtualFile} makes no assumption about where the actual files are, or whether there really exists
  * {@link File}s somewhere. This makes VirtualFile more abstract.
  *
+ * <h2>Opening files from other machines</h2>
+ *
+ * While {@link VirtualFile} is marked {@link Serializable},
+ * it is <em>not</em> safe in general to transfer over a Remoting channel.
+ * (For example, an implementation from {@link #forFilePath} could be sent on the <em>same</em> channel,
+ * but an implementation from {@link #forFile} will not.)
+ * Thus callers should assume that methods such as {@link #open} will work
+ * only on the node on which the object was created.
+ *
+ * <p>Since some implementations may in fact use external file storage,
+ * callers may request optional APIs to access those services more efficiently.
+ * Otherwise, for example, a plugin copying a file
+ * previously saved by {@link ArtifactManager} to an external storage servuce
+ * which tunneled a stream from {@link #open} using {@link RemoteInputStream}
+ * would wind up transferring the file from the service to the Jenkins master and then on to an agent.
+ * Similarly, if {@link DirectoryBrowserSupport} rendered a link to an in-Jenkins URL,
+ * a large file could be transferred from the service to the Jenkins master and then on to the browser.
+ * To avoid this overhead, callers may check whether an implementation
+ * supports {@link #asRemotable} and/or {@link #toExternalURL}.
+ *
  * @see DirectoryBrowserSupport
  * @see FilePath
  * @since 1.532
@@ -80,6 +102,7 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
     /**
      * Gets a URI.
      * Should at least uniquely identify this virtual file within its root, but not necessarily globally.
+     * <p>When {@link #toExternalURL} is implemented, it is natural but not required to use that same value here.
      * @return a URI (need not be absolute)
      */
     public abstract URI toURI();
@@ -208,6 +231,43 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
         return callable.call();
     }
 
+    /**
+     * Optionally produces a variant of this handle which may be safely passed over a Remoting {@link Channel}.
+     * This would allow remote nodes such as agents to make calls such as {@link #open}
+     * and be assured of the most efficient possible access.
+     * Otherwise, all calls must be made on the node originally producing this object,
+     * and the caller must arrange for transport of the result.
+     * <p>Note that the result of {@link #forFilePath} does <em>not</em> implement this method,
+     * since a {@link FilePath} may only be transferred over the channel on which it was created.
+     * It cannot, for example, be used to represent a workspace file from one agent on another agent.
+     * @return this object or a variant which may be passed over a {@link Channel}, or null if there is no such support
+     * @since FIXME
+     * @see #toExternalURL
+     */
+    public @CheckForNull VirtualFile asRemotable() {
+        return null;
+    }
+
+    /**
+     * Optionally obtains a URL which may be used to retrieve file contents from any process on any node.
+     * For example, given cloud storage this might produce a permalink to the file.
+     * <p>This is only meaningful for {@link #isFile}:
+     * no ZIP etc. archiving protocol is defined to allow bulk access to directory trees.
+     * <p>Any necessary authentication must be encoded somehow into the URL itself;
+     * do not include any tokens or other authentication which might allow access to unrelated files
+     * (for example {@link ArtifactManager} builds from a different job).
+     * <p>Generally this will be harder to implement than {@link #asRemotable},
+     * which would have the opportunity to perform arbitrary preparation for {@link #open}
+     * such as negotiating session authentication.
+     * @return an externally usable URL like {@code https://gist.githubusercontent.com/ACCT/GISTID/raw/COMMITHASH/FILE}, or null if there is no such support
+     * @since FIXME
+     * @see #toURI
+     * @see #asRemotable
+     */
+    public @CheckForNull URL toExternalURL() throws IOException {
+        return null;
+    }
+
     /**
      * Creates a virtual file wrapper for a local file.
      * @param f a disk file (need not exist)
diff --git a/test/src/test/java/hudson/model/DirectoryBrowserSupportTest.java b/test/src/test/java/hudson/model/DirectoryBrowserSupportTest.java
index 57583b878f..524144e348 100644
--- a/test/src/test/java/hudson/model/DirectoryBrowserSupportTest.java
+++ b/test/src/test/java/hudson/model/DirectoryBrowserSupportTest.java
@@ -23,6 +23,7 @@
  */
 package hudson.model;
 
+import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertTrue;
@@ -51,8 +52,26 @@ import org.jvnet.hudson.test.TestBuilder;
 import com.gargoylesoftware.htmlunit.Page;
 import com.gargoylesoftware.htmlunit.UnexpectedPage;
 import com.gargoylesoftware.htmlunit.html.HtmlPage;
+import hudson.ExtensionList;
+import hudson.Util;
+import java.io.ByteArrayInputStream;
+import java.io.FileNotFoundException;
 import java.io.OutputStream;
+import java.net.URI;
+import java.net.URL;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+import jenkins.model.ArtifactManager;
+import jenkins.model.ArtifactManagerConfiguration;
+import jenkins.model.ArtifactManagerFactory;
+import jenkins.model.ArtifactManagerFactoryDescriptor;
+import jenkins.model.Jenkins;
+import jenkins.util.VirtualFile;
 import org.apache.commons.io.IOUtils;
+import org.jvnet.hudson.test.TestExtension;
+import org.kohsuke.stapler.StaplerRequest;
+import org.kohsuke.stapler.StaplerResponse;
 
 /**
  * @author Kohsuke Kawaguchi
@@ -212,4 +231,199 @@ public class DirectoryBrowserSupportTest {
 
         return file;
     }
+
+    @Issue("JENKINS-49635")
+    @Test
+    public void externalURLDownload() throws Exception {
+        ArtifactManagerConfiguration.get().getArtifactManagerFactories().add(new ExternalArtifactManagerFactory());
+        FreeStyleProject p = j.createFreeStyleProject();
+        p.setScm(new SingleFileSCM("f", "Hello world!"));
+        p.getPublishersList().add(new ArtifactArchiver("f"));
+        j.buildAndAssertSuccess(p);
+        HtmlPage page = j.createWebClient().goTo("job/" + p.getName() + "/lastSuccessfulBuild/artifact/");
+        try {
+            Page download = page.getAnchorByText("f").click();
+            assertEquals("Hello world!", download.getWebResponse().getContentAsString());
+        } catch (FailingHttpStatusCodeException x) {
+            IOUtils.copy(x.getResponse().getContentAsStream(), System.err);
+            throw x;
+        }
+    }
+    @TestExtension("externalURLDownload")
+    public static final class ContentAddressableStore implements UnprotectedRootAction {
+        final List<byte[]> files = new ArrayList<>();
+        @Override
+        public String getUrlName() {
+            return "files";
+        }
+        @Override
+        public String getIconFileName() {
+            return null;
+        }
+        @Override
+        public String getDisplayName() {
+            return null;
+        }
+        public void doDynamic(StaplerRequest req, StaplerResponse rsp) throws Exception {
+            String hash = req.getRestOfPath().substring(1);
+            for (byte[] file : files) {
+                if (Util.getDigestOf(new ByteArrayInputStream(file)).equals(hash)) {
+                    rsp.setContentType("application/octet-stream");
+                    rsp.getOutputStream().write(file);
+                    return;
+                }
+            }
+            rsp.sendError(404);
+        }
+    }
+    public static final class ExternalArtifactManagerFactory extends ArtifactManagerFactory {
+        @Override
+        public ArtifactManager managerFor(Run<?, ?> build) {
+            return new ExternalArtifactManager();
+        }
+        @TestExtension("externalURLDownload")
+        public static final class DescriptorImpl extends ArtifactManagerFactoryDescriptor {}
+    }
+    private static final class ExternalArtifactManager extends ArtifactManager {
+        String hash;
+        @Override
+        public void archive(FilePath workspace, Launcher launcher, BuildListener listener, Map<String, String> artifacts) throws IOException, InterruptedException {
+            assertEquals(1, artifacts.size());
+            Map.Entry<String, String> entry = artifacts.entrySet().iterator().next();
+            assertEquals("f", entry.getKey());
+            try (InputStream is = workspace.child(entry.getValue()).read()) {
+                byte[] data = IOUtils.toByteArray(is);
+                ExtensionList.lookupSingleton(ContentAddressableStore.class).files.add(data);
+                hash = Util.getDigestOf(new ByteArrayInputStream(data));
+            }
+        }
+        @Override
+        public VirtualFile root() {
+            final VirtualFile file = new VirtualFile() {
+                @Override
+                public String getName() {
+                    return "f";
+                }
+                @Override
+                public URI toURI() {
+                    return URI.create("root:f");
+                }
+                @Override
+                public VirtualFile getParent() {
+                    return root();
+                }
+                @Override
+                public boolean isDirectory() throws IOException {
+                    return false;
+                }
+                @Override
+                public boolean isFile() throws IOException {
+                    return true;
+                }
+                @Override
+                public boolean exists() throws IOException {
+                    return true;
+                }
+                @Override
+                public VirtualFile[] list() throws IOException {
+                    return new VirtualFile[0];
+                }
+                @Override
+                public String[] list(String glob) throws IOException {
+                    return new String[0];
+                }
+                @Override
+                public VirtualFile child(String name) {
+                    throw new UnsupportedOperationException();
+                }
+                @Override
+                public long length() throws IOException {
+                    return 0;
+                }
+                @Override
+                public long lastModified() throws IOException {
+                    return 0;
+                }
+                @Override
+                public boolean canRead() throws IOException {
+                    return true;
+                }
+                @Override
+                public InputStream open() throws IOException {
+                    throw new FileNotFoundException("expect to be opened via URL only");
+                }
+                @Override
+                public URL toExternalURL() throws IOException {
+                    return new URL(Jenkins.get().getRootUrl() + "files/" + hash);
+                }
+            };
+            return new VirtualFile() {
+                @Override
+                public String getName() {
+                    return "";
+                }
+                @Override
+                public URI toURI() {
+                    return URI.create("root:");
+                }
+                @Override
+                public VirtualFile getParent() {
+                    return this;
+                }
+                @Override
+                public boolean isDirectory() throws IOException {
+                    return true;
+                }
+                @Override
+                public boolean isFile() throws IOException {
+                    return false;
+                }
+                @Override
+                public boolean exists() throws IOException {
+                    return true;
+                }
+                @Override
+                public VirtualFile[] list() throws IOException {
+                    return new VirtualFile[] {file};
+                }
+                @Override
+                public String[] list(String glob) throws IOException {
+                    throw new UnsupportedOperationException();
+                }
+                @Override
+                public VirtualFile child(String name) {
+                    if (name.equals("f")) {
+                        return file;
+                    } else if (name.isEmpty()) {
+                        return this;
+                    } else {
+                        throw new UnsupportedOperationException("trying to call child on " + name);
+                    }
+                }
+                @Override
+                public long length() throws IOException {
+                    return 0;
+                }
+                @Override
+                public long lastModified() throws IOException {
+                    return 0;
+                }
+                @Override
+                public boolean canRead() throws IOException {
+                    return true;
+                }
+                @Override
+                public InputStream open() throws IOException {
+                    throw new FileNotFoundException();
+                }
+            };
+        }
+        @Override
+        public void onLoad(Run<?, ?> build) {}
+        @Override
+        public boolean delete() throws IOException, InterruptedException {
+            return false;
+        }
+    }
+
 }
-- 
GitLab


From f6e2746920b5c543602dc9ed26c3f9eace84cc48 Mon Sep 17 00:00:00 2001
From: Manuel Recena <recena@gmail.com>
Date: Tue, 20 Feb 2018 00:02:36 +0100
Subject: [PATCH 108/863] [JENKINS-49634] Wrong escaping of quotes in the Setup
 Wizard

---
 .../resources/jenkins/install/pluginSetupWizard.properties    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/src/main/resources/jenkins/install/pluginSetupWizard.properties b/core/src/main/resources/jenkins/install/pluginSetupWizard.properties
index 01ab65a992..74b6051f2c 100644
--- a/core/src/main/resources/jenkins/install/pluginSetupWizard.properties
+++ b/core/src/main/resources/jenkins/install/pluginSetupWizard.properties
@@ -39,7 +39,7 @@ installWizard_installComplete_installComplete_restartRequiredNotSupportedMessage
 installWizard_installComplete_restartLabel=Restart
 installWizard_installIncomplete_title=Resume Installation
 installWizard_installIncomplete_banner=Resume Installation
-installWizard_installIncomplete_message=Jenkins was restarted during installation and some plugins didn''t seem to get installed.
+installWizard_installIncomplete_message=Jenkins was restarted during installation and some plugins didn't seem to get installed.
 installWizard_installIncomplete_resumeInstallationButtonLabel=Resume
 installWizard_saveFirstUser=Save and Finish
 installWizard_skipFirstUser=Continue as admin
@@ -63,7 +63,7 @@ installWizard_continue=Continue
 installWizard_retry=Retry
 installWizard_upgradePanel_title=Upgrade
 installWizard_upgradePanel_banner=Welcome to Jenkins {0}!
-installWizard_upgradePanel_message=Jenkins {0} includes some great new features that we think you''ll love, install these additional plugins to take advantage of them!
+installWizard_upgradePanel_message=Jenkins {0} includes some great new features that we think you'll love, install these additional plugins to take advantage of them!
 installWizard_upgradePanel_skipRecommendedPlugins=No thanks
 installWizard_upgradeComplete_title=Upgrade
 installWizard_pluginsInstalled_banner=Welcome to Jenkins {0}!
-- 
GitLab


From 02d6908ada70fcf8012833ddef628bc09c6f8389 Mon Sep 17 00:00:00 2001
From: Kseniia Nenasheva <ks.nenasheva@gmail.com>
Date: Tue, 20 Feb 2018 10:33:53 +0100
Subject: [PATCH 109/863] [JENKINS-46638] - Null pointer exception saving a
 parameterized freestyle job with no parameters defined (#3300)

* delete NPEs

* address comments
---
 .../hudson/model/ParametersDefinitionProperty.java     | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/core/src/main/java/hudson/model/ParametersDefinitionProperty.java b/core/src/main/java/hudson/model/ParametersDefinitionProperty.java
index f256e68ddc..46d2d273f3 100644
--- a/core/src/main/java/hudson/model/ParametersDefinitionProperty.java
+++ b/core/src/main/java/hudson/model/ParametersDefinitionProperty.java
@@ -71,17 +71,11 @@ public class ParametersDefinitionProperty extends OptionalJobProperty<Job<?, ?>>
 
     @DataBoundConstructor
     public ParametersDefinitionProperty(@Nonnull List<ParameterDefinition> parameterDefinitions) {
-        if (parameterDefinitions == null) {
-            throw new NullPointerException("ParameterDefinitions is null when this is a not valid value");
-        }
-        this.parameterDefinitions = parameterDefinitions;
+        this.parameterDefinitions = parameterDefinitions != null ? parameterDefinitions : new ArrayList<>();
     }
 
     public ParametersDefinitionProperty(@Nonnull ParameterDefinition... parameterDefinitions) {
-        if (parameterDefinitions == null) {
-            throw new NullPointerException("ParameterDefinitions is null when this is a not valid value");
-        }
-        this.parameterDefinitions = Arrays.asList(parameterDefinitions) ;
+        this.parameterDefinitions = parameterDefinitions != null ? Arrays.asList(parameterDefinitions) : new ArrayList<>();
     }
 
     private Object readResolve() {
-- 
GitLab


From c694486186af3f98125f0b0fa5d7781dfa1f2110 Mon Sep 17 00:00:00 2001
From: Manuel Recena <recena@gmail.com>
Date: Tue, 20 Feb 2018 12:29:56 +0100
Subject: [PATCH 110/863] [JENKINS-49634] Wrong escaping of quotes in the Setup
 Wizard

---
 .../resources/jenkins/install/pluginSetupWizard.properties  | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/core/src/main/resources/jenkins/install/pluginSetupWizard.properties b/core/src/main/resources/jenkins/install/pluginSetupWizard.properties
index 74b6051f2c..ff6ff7e931 100644
--- a/core/src/main/resources/jenkins/install/pluginSetupWizard.properties
+++ b/core/src/main/resources/jenkins/install/pluginSetupWizard.properties
@@ -39,12 +39,12 @@ installWizard_installComplete_installComplete_restartRequiredNotSupportedMessage
 installWizard_installComplete_restartLabel=Restart
 installWizard_installIncomplete_title=Resume Installation
 installWizard_installIncomplete_banner=Resume Installation
-installWizard_installIncomplete_message=Jenkins was restarted during installation and some plugins didn't seem to get installed.
+installWizard_installIncomplete_message=Jenkins was restarted during installation and some plugins did not seem to get installed.
 installWizard_installIncomplete_resumeInstallationButtonLabel=Resume
 installWizard_saveFirstUser=Save and Finish
 installWizard_skipFirstUser=Continue as admin
 installWizard_firstUserSkippedMessage=<div class="alert alert-warning fade in">\
-You''ve skipped creating an admin user. To log in, use the username: "admin" and \
+You have skipped creating an admin user. To log in, use the username: "admin" and \
 the administrator password you used to access the setup wizard.\
 </div>
 installWizard_addFirstUser_title=Getting Started
@@ -63,7 +63,7 @@ installWizard_continue=Continue
 installWizard_retry=Retry
 installWizard_upgradePanel_title=Upgrade
 installWizard_upgradePanel_banner=Welcome to Jenkins {0}!
-installWizard_upgradePanel_message=Jenkins {0} includes some great new features that we think you'll love, install these additional plugins to take advantage of them!
+installWizard_upgradePanel_message=Jenkins {0} includes some great new features that we think you will love, install these additional plugins to take advantage of them!
 installWizard_upgradePanel_skipRecommendedPlugins=No thanks
 installWizard_upgradeComplete_title=Upgrade
 installWizard_pluginsInstalled_banner=Welcome to Jenkins {0}!
-- 
GitLab


From bc10eca4ff16054321f514fe396e8a0160adb5b1 Mon Sep 17 00:00:00 2001
From: Nicolas De loof <nicolas.deloof@gmail.com>
Date: Tue, 20 Feb 2018 22:06:44 +0100
Subject: [PATCH 111/863] [JENKINS-42816] use "agent" for Symbol

---
 core/src/main/java/hudson/slaves/DumbSlave.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/slaves/DumbSlave.java b/core/src/main/java/hudson/slaves/DumbSlave.java
index 835cf004ad..3ead036d65 100644
--- a/core/src/main/java/hudson/slaves/DumbSlave.java
+++ b/core/src/main/java/hudson/slaves/DumbSlave.java
@@ -66,7 +66,7 @@ public final class DumbSlave extends Slave {
     }
 
     @Extension @Symbol({"dumb",
-            "slave"/*because this is in effect the canonical slave type*/})
+            "slave", "agent" /*because this is in effect the canonical slave type*/})
     public static final class DescriptorImpl extends SlaveDescriptor {
         public String getDisplayName() {
             return Messages.DumbSlave_displayName();
-- 
GitLab


From f5c4afb86233d512ff4240699acb0f1e31e6535b Mon Sep 17 00:00:00 2001
From: Manuel Recena <recena@gmail.com>
Date: Wed, 21 Feb 2018 15:16:36 +0100
Subject: [PATCH 112/863] [JENKINS-49634] Italian property file is also
 reviewed

---
 .../install/pluginSetupWizard_it.properties   | 53 +++++++++----------
 1 file changed, 26 insertions(+), 27 deletions(-)

diff --git a/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties b/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties
index 3f0df826dc..ef3a67eaac 100644
--- a/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties
+++ b/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties
@@ -1,51 +1,50 @@
 installWizard_welcomePanel_title=Per iniziare
 installWizard_welcomePanel_banner=Personalizza Jenkins
-installWizard_welcomePanel_message=I plugin estendono Jenkins con funzionalit� aggiuntive per far fronte a molte necessit� differenti.
+installWizard_welcomePanel_message=I plugin estendono Jenkins con funzionalit\u00E0 aggiuntive per far fronte a molte necessit\u00E0 differenti.
 installWizard_welcomePanel_recommendedActionTitle=Installa plugin consigliati
-installWizard_welcomePanel_recommendedActionDetails=Installa i plugin che la comunit� di Jenkins ritiene maggiormente utili.
+installWizard_welcomePanel_recommendedActionDetails=Installa i plugin che la comunit\u00E0 di Jenkins ritiene maggiormente utili.
 installWizard_welcomePanel_customizeActionTitle=Seleziona i plugin da installare
-installWizard_welcomePanel_customizeActionDetails=Seleziona e installa i plugin pi� adatti per le proprie necessit�.
-installWizard_jenkinsVersionTitle=Jenkins 
+installWizard_welcomePanel_customizeActionDetails=Seleziona e installa i plugin pi\u00F9 adatti per le proprie necessit\u00E0.
+installWizard_jenkinsVersionTitle=Jenkins
 installWizard_offline_title=Non in linea
-installWizard_offline_message=Sembra che quest''istanza di Jenkins non sia in linea. \
+installWizard_offline_message=Sembra che questa istanza di Jenkins non sia in linea. \
 <p style="font-size:18px; margin-top: 6%"> \
-Per informazioni sull''installazione di Jenkins in assenza di una connessione a Internet, si veda la \
+Per informazioni sull processo di Jenkins in assenza di una connessione a Internet, si veda la \
 <a href="https://jenkins.io/redirect/offline-installation" target="_blank">documentazione sull''installazione non in linea di Jenkins</a>. <br/><br/> \
-� possibile scegliere di continuare configurando un proxy o ignorando l''installazione dei plugin. \
-</p>
-installWizard_error_header=Si � verificato un errore
-installWizard_error_message=Si � verificato un errore durante l''installazione:
+\u00C8 possibile scegliere di continuare configurando un proxy o saltando la parte di installazione dei plugins.</p>
+installWizard_error_header=Si \u00E8 verificato un errore
+installWizard_error_message=Si \u00E8 verificato un errore durante il processo di installazione:
 installWizard_error_connection=Impossibile connettersi a Jenkins
-installWizard_error_restartNotSupported=Il riavvio non � supportato, riavviare manualmente quest''istanza
+installWizard_error_restartNotSupported=Il riavvio non \u00E8 supportato, riavviare manualmente questa istanza
 installWizard_installCustom_title=Per iniziare
 installWizard_installCustom_selectAll=Tutti
 installWizard_installCustom_selectNone=Nessuno
 installWizard_installCustom_selectRecommended=Suggeriti
 installWizard_installCustom_selected=Selezionati
 installWizard_installCustom_dependenciesPrefix=Dipendenze
-installWizard_installCustom_pluginListDesc=Si noti che qui non viene visualizzato l''elenco completo dei plugin. � possibile installare plugin aggiuntivi nel <strong>Gestore plugin</strong> una volta completata l''installazione iniziale. <a href="https://jenkins.io/redirect/installation-wizard" target="_blank">Si veda il Wiki per ulteriori informazioni</a>.
+installWizard_installCustom_pluginListDesc=Si noti che qui non viene visualizzata la lista completo di plugins. \u00C8 possibile installare plugin aggiuntivi nel <strong>Gestore plugin</strong> una volta completata la prima fase di installazione iniziale. <a href="https://jenkins.io/redirect/installation-wizard" target="_blank">Si veda il Wiki per ulteriori informazioni</a>.
 installWizard_goBack=Indietro
 installWizard_goInstall=Installa
 installWizard_installing_title=Per iniziare
 installWizard_installing_detailsLink=Dettagli...
 installWizard_installComplete_title=Per iniziare
-installWizard_installComplete_banner=Jenkins � pronto!
-installWizard_installComplete_bannerRestart=Jenkins � quasi pronto!
-installWizard_pluginsInstalled_message=L''installazione dei plugin � stata completata.
-installWizard_installComplete_message=L''installazione di Jenkins � stata completata.
+installWizard_installComplete_banner=Jenkins \u00E8 pronto!
+installWizard_installComplete_bannerRestart=Jenkins \u00E8 quasi pronto!
+installWizard_pluginsInstalled_message=Installazione dei plugins completata.
+installWizard_installComplete_message=Installazione di Jenkins completata.
 installWizard_installComplete_finishButtonLabel=Inizia a utilizzare Jenkins
-installWizard_installComplete_installComplete_restartRequiredMessage=L''installazione di Jenkins � stata completata, ma alcuni plugin richiedono il riavvio di Jenkins.
-installWizard_installComplete_installComplete_restartRequiredNotSupportedMessage=L''installazione di Jenkins � stata completata, ma alcuni plugin richiedono il riavvio di Jenkins e sembra che quest''istanza non supporti il riavvio automatico. Riavviare manualmente quest''istanza ora per completare l''installazione.
+installWizard_installComplete_installComplete_restartRequiredMessage=Installazione di Jenkins completata, ma alcuni plugin richiedono il riavvio di Jenkins.
+installWizard_installComplete_installComplete_restartRequiredNotSupportedMessage=Installazione di Jenkins completata, ma alcuni plugin richiedono il riavvio di Jenkins e sembra che quest''istanza non supporti il riavvio automatico. Riavviare manualmente quest''istanza ora per completare l''installazione.
 installWizard_installComplete_restartLabel=Riavvia
 installWizard_installIncomplete_title=Riprendi installazione
 installWizard_installIncomplete_banner=Riprendi installazione
-installWizard_installIncomplete_message=Jenkins � stato riavviato durante l''installazione e sembra che alcuni plugin non siano stati installati.
+installWizard_installIncomplete_message=Jenkins \u00E8 stato riavviato durante l''installazione e sembra che alcuni plugin non siano stati installati.
 installWizard_installIncomplete_resumeInstallationButtonLabel=Riprendi
 installWizard_saveFirstUser=Salva e finisci
 installWizard_skipFirstUser=Continua come amministratore
 installWizard_firstUserSkippedMessage=<div class="alert alert-warning fade in">\
-Si � ignorata la creazione di un utente amministratore. Per eseguire l''accesso, \
-utilizzare il nome utente ''admin'' e la password di amministratore utilizzata \
+Si \u00E8 ignorata la creazione di un utente amministratore. Per accedere, \
+utilizzare il nome utente <code>admin</code> e la password di amministratore utilizzata \
 per accedere alla procedura guidata di installazione.\
 </div>
 installWizard_addFirstUser_title=Per iniziare
@@ -58,21 +57,21 @@ installWizard_installIncomplete_dependenciesLabel=Dipendenze
 installWizard_installingConsole_dependencyIndicatorNote=** - dipendenza obbligatoria
 installWizard_websiteLinkLabel=Sito Web
 installWizard_pluginInstallFailure_title=Errori di installazione
-installWizard_pluginInstallFailure_message=Alcuni plugin non sono stati installati correttamente, � possibile riprovare ad installarli o continuare mantenendo i plugin la cui installazione non � riuscita
+installWizard_pluginInstallFailure_message=Alcuni plugin non sono stati installati correttamente, \u00E8 possibile riprovare ad installarli o continuare mantenendo i plugin la cui installazione non \u00E8 riuscita
 installWizard_continue=Continua
 installWizard_retry=Riprova
 installWizard_upgradePanel_title=Aggiorna
 installWizard_upgradePanel_banner=Benvenuto in Jenkins {0}!
-installWizard_upgradePanel_message=Jenkins {0} include nuove funzionalit� che pensiamo possano piacere, si installino questi plugin aggiuntivi per sfruttarle!
+installWizard_upgradePanel_message=Jenkins {0} include nuove funzionalit\u00E0 che pensiamo possano piacere, si installino questi plugin aggiuntivi per sfruttarle!
 installWizard_upgradePanel_skipRecommendedPlugins=No, grazie
 installWizard_upgradeComplete_title=Aggiorna
 installWizard_pluginsInstalled_banner=Benvenuto in Jenkins {0}!
-installWizard_upgradeComplete_message=Congratulazioni! Si � effettuato l''aggiornamento a Jenkins {0}.</p><p>Per saperne di pi� sulle sue nuove funzionalit�, si visiti <a target="_blank" href="https://jenkins.io/2.0/">il sito Web di Jenkins</a>!
+installWizard_upgradeComplete_message=Congratulazioni! Si \u00E8 effettuato l'aggiornamento a Jenkins {0}.</p><p>Per saperne di pi\u00F9 sulle sue nuove funzionalit\u00E0, si visiti <a target="_blank" href="https://jenkins.io/2.0/">il sito Web di Jenkins</a>!
 installWizard_upgradeSkipped_title=Aggiorna
-installWizard_upgradeSkipped_banner=Funzionalit� non installate
+installWizard_upgradeSkipped_banner=Funzionalit\u00E0 non installate
 installWizard_upgradeSkipped_message=<div class="alert alert-warning fade in">I plugin consigliati non saranno installati.</div> \
-<p style="padding: 0 4px">� possibile installare le nuove funzionalit� anche dal Gestore plugin nel caso in cui si cambi idea.</p> \
-<p style="padding: 0 4px">Si scopra come queste nuove funzionalit� possano migliorare l''esperienza Jenkins \
+<p style="padding: 0 4px">\u00C8 possibile installare le nuove funzionalit\u00E0 anche dal Gestore plugin nel caso in cui si cambi idea.</p> \
+<p style="padding: 0 4px">Si scopra come queste nuove funzionalit\u00E0 possano migliorare l'esperienza Jenkins \
 <a target="_blank" href="https://jenkins.io/2.0/">visitando la pagina iniziale</a>.</p>
 installWizard_upgrading_title=Installazione plugin in corso
 installWizard_upgradeComplete_finishButtonLabel=Fine
-- 
GitLab


From 12ddac9314861c02ddbada45a5baf112f861404d Mon Sep 17 00:00:00 2001
From: Manuel Recena <recena@gmail.com>
Date: Wed, 21 Feb 2018 15:18:33 +0100
Subject: [PATCH 113/863] [JENKINS-49634] Better HTML tag

---
 .../resources/jenkins/install/pluginSetupWizard_it.properties   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties b/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties
index ef3a67eaac..6c722a248a 100644
--- a/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties
+++ b/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties
@@ -44,7 +44,7 @@ installWizard_saveFirstUser=Salva e finisci
 installWizard_skipFirstUser=Continua come amministratore
 installWizard_firstUserSkippedMessage=<div class="alert alert-warning fade in">\
 Si \u00E8 ignorata la creazione di un utente amministratore. Per accedere, \
-utilizzare il nome utente <code>admin</code> e la password di amministratore utilizzata \
+utilizzare il nome utente <pre>admin</pre> e la password di amministratore utilizzata \
 per accedere alla procedura guidata di installazione.\
 </div>
 installWizard_addFirstUser_title=Per iniziare
-- 
GitLab


From 9a64c6a197eb9cf31b0ef35f291408b6f738ba9f Mon Sep 17 00:00:00 2001
From: Manuel Recena <recena@gmail.com>
Date: Wed, 21 Feb 2018 15:57:17 +0100
Subject: [PATCH 114/863] [JENKINS-49634] Addressed the @varmenise's
 suggestions

---
 .../resources/jenkins/install/pluginSetupWizard_it.properties | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties b/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties
index 6c722a248a..55cd1ecdc2 100644
--- a/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties
+++ b/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties
@@ -9,8 +9,8 @@ installWizard_jenkinsVersionTitle=Jenkins
 installWizard_offline_title=Non in linea
 installWizard_offline_message=Sembra che questa istanza di Jenkins non sia in linea. \
 <p style="font-size:18px; margin-top: 6%"> \
-Per informazioni sull processo di Jenkins in assenza di una connessione a Internet, si veda la \
-<a href="https://jenkins.io/redirect/offline-installation" target="_blank">documentazione sull''installazione non in linea di Jenkins</a>. <br/><br/> \
+Per informazioni sul processo di Jenkins in assenza di una connessione a Internet, si veda la \
+<a href="https://jenkins.io/redirect/offline-installation" target="_blank">relativa documentazione</a>. <br/><br/> \
 \u00C8 possibile scegliere di continuare configurando un proxy o saltando la parte di installazione dei plugins.</p>
 installWizard_error_header=Si \u00E8 verificato un errore
 installWizard_error_message=Si \u00E8 verificato un errore durante il processo di installazione:
-- 
GitLab


From dc150145ace6cf60269b11a47eb9138178359550 Mon Sep 17 00:00:00 2001
From: Manuel Recena <recena@gmail.com>
Date: Wed, 21 Feb 2018 16:14:41 +0100
Subject: [PATCH 115/863] [JENKINS-49634] Addressed the @varmenise's
 suggestions

---
 .../jenkins/install/pluginSetupWizard_it.properties         | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties b/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties
index 55cd1ecdc2..df58d8fe60 100644
--- a/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties
+++ b/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties
@@ -22,7 +22,7 @@ installWizard_installCustom_selectNone=Nessuno
 installWizard_installCustom_selectRecommended=Suggeriti
 installWizard_installCustom_selected=Selezionati
 installWizard_installCustom_dependenciesPrefix=Dipendenze
-installWizard_installCustom_pluginListDesc=Si noti che qui non viene visualizzata la lista completo di plugins. \u00C8 possibile installare plugin aggiuntivi nel <strong>Gestore plugin</strong> una volta completata la prima fase di installazione iniziale. <a href="https://jenkins.io/redirect/installation-wizard" target="_blank">Si veda il Wiki per ulteriori informazioni</a>.
+installWizard_installCustom_pluginListDesc=Si noti che qui non viene visualizzata la lista completo di plugins. \u00C8 possibile installare plugin aggiuntivi nel <strong>Gestore plugin</strong> una volta completata la fase di installazione iniziale. <a href="https://jenkins.io/redirect/installation-wizard" target="_blank">Si veda il Wiki per ulteriori informazioni</a>.
 installWizard_goBack=Indietro
 installWizard_goInstall=Installa
 installWizard_installing_title=Per iniziare
@@ -34,11 +34,11 @@ installWizard_pluginsInstalled_message=Installazione dei plugins completata.
 installWizard_installComplete_message=Installazione di Jenkins completata.
 installWizard_installComplete_finishButtonLabel=Inizia a utilizzare Jenkins
 installWizard_installComplete_installComplete_restartRequiredMessage=Installazione di Jenkins completata, ma alcuni plugin richiedono il riavvio di Jenkins.
-installWizard_installComplete_installComplete_restartRequiredNotSupportedMessage=Installazione di Jenkins completata, ma alcuni plugin richiedono il riavvio di Jenkins e sembra che quest''istanza non supporti il riavvio automatico. Riavviare manualmente quest''istanza ora per completare l''installazione.
+installWizard_installComplete_installComplete_restartRequiredNotSupportedMessage=Installazione di Jenkins completata, ma alcuni plugin richiedono il riavvio di Jenkins e sembra che quest istanza non supporti il riavvio automatico. Riavviare manualmente quest istanza ora per completare l''installazione.
 installWizard_installComplete_restartLabel=Riavvia
 installWizard_installIncomplete_title=Riprendi installazione
 installWizard_installIncomplete_banner=Riprendi installazione
-installWizard_installIncomplete_message=Jenkins \u00E8 stato riavviato durante l''installazione e sembra che alcuni plugin non siano stati installati.
+installWizard_installIncomplete_message=Jenkins \u00E8 stato riavviato durante il processo di installazione e sembra che alcuni plugin non siano stati installati.
 installWizard_installIncomplete_resumeInstallationButtonLabel=Riprendi
 installWizard_saveFirstUser=Salva e finisci
 installWizard_skipFirstUser=Continua come amministratore
-- 
GitLab


From 8e603a5986079f7137a571e6ce1c2d9d971a772d Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 21 Feb 2018 12:01:43 -0500
Subject: [PATCH 116/863] [JENKINS-26810] Added VirtualFile.mode.

---
 .../main/java/jenkins/util/VirtualFile.java   | 42 +++++++++++++++----
 .../java/jenkins/util/VirtualFileTest.java    | 19 +++++++++
 2 files changed, 52 insertions(+), 9 deletions(-)

diff --git a/core/src/main/java/jenkins/util/VirtualFile.java b/core/src/main/java/jenkins/util/VirtualFile.java
index 8376267e85..45b9c74cd4 100644
--- a/core/src/main/java/jenkins/util/VirtualFile.java
+++ b/core/src/main/java/jenkins/util/VirtualFile.java
@@ -26,12 +26,14 @@ package jenkins.util;
 
 import hudson.FilePath;
 import hudson.model.DirectoryBrowserSupport;
+import hudson.os.PosixException;
 import hudson.remoting.Callable;
 import hudson.remoting.Channel;
 import hudson.remoting.RemoteInputStream;
 import hudson.remoting.VirtualChannel;
 import hudson.util.DirScanner;
 import hudson.util.FileVisitor;
+import hudson.util.IOUtils;
 import java.io.File;
 import java.io.FileNotFoundException;
 import java.io.IOException;
@@ -171,6 +173,15 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
      */
     public abstract long lastModified() throws IOException;
 
+    /**
+     * Gets the file’s Unix mode, if meaningful.
+     * @return for example, 0644 ~ {@code rw-r--r--}; -1 by default, meaning unknown or inapplicable
+     * @throws IOException if checking the mode failed
+     */
+    public int mode() throws IOException {
+        return -1;
+    }
+
     /**
      * Checks whether this file can be read.
      * @return true normally
@@ -339,6 +350,12 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
                 }
                 return f.length();
             }
+            @Override public int mode() throws IOException {
+                if (isIllegalSymlink()) {
+                    return -1;
+                }
+                return IOUtils.mode(f);
+            }
             @Override public long lastModified() throws IOException {
                 if (isIllegalSymlink()) {
                     return 0;
@@ -408,7 +425,7 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
                 try {
                     return f.isDirectory();
                 } catch (InterruptedException x) {
-                    throw (IOException) new IOException(x.toString()).initCause(x);
+                    throw new IOException(x);
                 }
             }
             @Override public boolean isFile() throws IOException {
@@ -419,7 +436,7 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
                 try {
                     return f.exists();
                 } catch (InterruptedException x) {
-                    throw (IOException) new IOException(x.toString()).initCause(x);
+                    throw new IOException(x);
                 }
             }
             @Override public VirtualFile[] list() throws IOException {
@@ -431,14 +448,14 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
                     }
                     return vfs;
                 } catch (InterruptedException x) {
-                    throw (IOException) new IOException(x.toString()).initCause(x);
+                    throw new IOException(x);
                 }
             }
             @Override public String[] list(String glob) throws IOException {
                 try {
                     return f.act(new Scanner(glob));
                 } catch (InterruptedException x) {
-                    throw (IOException) new IOException(x.toString()).initCause(x);
+                    throw new IOException(x);
                 }
             }
             @Override public VirtualFile child(String name) {
@@ -448,35 +465,42 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
                 try {
                     return f.length();
                 } catch (InterruptedException x) {
-                    throw (IOException) new IOException(x.toString()).initCause(x);
+                    throw new IOException(x);
+                }
+            }
+            @Override public int mode() throws IOException {
+                try {
+                    return f.mode();
+                } catch (InterruptedException | PosixException x) {
+                    throw new IOException(x);
                 }
             }
             @Override public long lastModified() throws IOException {
                 try {
                     return f.lastModified();
                 } catch (InterruptedException x) {
-                    throw (IOException) new IOException(x.toString()).initCause(x);
+                    throw new IOException(x);
                 }
             }
             @Override public boolean canRead() throws IOException {
                 try {
                     return f.act(new Readable());
                 } catch (InterruptedException x) {
-                    throw (IOException) new IOException(x.toString()).initCause(x);
+                    throw new IOException(x);
                 }
             }
             @Override public InputStream open() throws IOException {
                 try {
                     return f.read();
                 } catch (InterruptedException x) {
-                    throw (IOException) new IOException(x.toString()).initCause(x);
+                    throw new IOException(x);
                 }
             }
             @Override public <V> V run(Callable<V,IOException> callable) throws IOException {
                 try {
                     return f.act(callable);
                 } catch (InterruptedException x) {
-                    throw (IOException) new IOException(x.toString()).initCause(x);
+                    throw new IOException(x);
                 }
             }
     }
diff --git a/core/src/test/java/jenkins/util/VirtualFileTest.java b/core/src/test/java/jenkins/util/VirtualFileTest.java
index 1d0b8457f5..77c31a828f 100644
--- a/core/src/test/java/jenkins/util/VirtualFileTest.java
+++ b/core/src/test/java/jenkins/util/VirtualFileTest.java
@@ -24,12 +24,15 @@
 
 package jenkins.util;
 
+import hudson.FilePath;
 import hudson.Functions;
 import hudson.Util;
 import hudson.model.TaskListener;
 import java.io.File;
 import java.io.FileNotFoundException;
+import java.io.IOException;
 import java.nio.file.NoSuchFileException;
+import java.nio.file.attribute.PosixFilePermissions;
 import org.apache.commons.io.FileUtils;
 import org.apache.commons.io.IOUtils;
 import org.junit.Test;
@@ -69,4 +72,20 @@ public class VirtualFileTest {
         }
     }
 
+    @Issue("JENKINS-26810")
+    @Test public void mode() throws Exception {
+        File f = tmp.newFile();
+        VirtualFile vf = VirtualFile.forFile(f);
+        FilePath fp = new FilePath(f);
+        VirtualFile vfp = VirtualFile.forFilePath(fp);
+        assertEquals(modeString(hudson.util.IOUtils.mode(f)), modeString(vf.mode()));
+        assertEquals(modeString(hudson.util.IOUtils.mode(f)), modeString(vfp.mode()));
+        fp.chmod(0755);
+        assertEquals(modeString(hudson.util.IOUtils.mode(f)), modeString(vf.mode()));
+        assertEquals(modeString(hudson.util.IOUtils.mode(f)), modeString(vfp.mode()));
+    }
+    private static String modeString(int mode) throws IOException {
+        return mode == -1 ? "N/A" : PosixFilePermissions.toString(Util.modeToPermissions(mode));
+    }
+
 }
-- 
GitLab


From e773bdb24b73aa5995556ca6474b73d878d18e53 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 21 Feb 2018 14:17:48 -0500
Subject: [PATCH 117/863] New VirtualFile.list overload with more capabilities
 and more precisely defined semantics.

---
 .../hudson/model/DirectoryBrowserSupport.java |  9 +--
 .../main/java/jenkins/util/VirtualFile.java   | 72 +++++++++++++++----
 .../java/jenkins/util/VirtualFileTest.java    | 25 +++++++
 .../model/DirectoryBrowserSupportTest.java    |  8 ++-
 4 files changed, 92 insertions(+), 22 deletions(-)

diff --git a/core/src/main/java/hudson/model/DirectoryBrowserSupport.java b/core/src/main/java/hudson/model/DirectoryBrowserSupport.java
index da6ad3c2bd..3baa9190f5 100644
--- a/core/src/main/java/hudson/model/DirectoryBrowserSupport.java
+++ b/core/src/main/java/hudson/model/DirectoryBrowserSupport.java
@@ -33,6 +33,7 @@ import java.net.URL;
 import java.text.Collator;
 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.Collection;
 import java.util.Collections;
 import java.util.Comparator;
 import java.util.List;
@@ -365,7 +366,7 @@ public final class DirectoryBrowserSupport implements HttpResponse {
     private static void zip(OutputStream outputStream, VirtualFile dir, String glob) throws IOException {
         try (ZipOutputStream zos = new ZipOutputStream(outputStream)) {
             zos.setEncoding(System.getProperty("file.encoding")); // TODO JENKINS-20663 make this overridable via query parameter
-            for (String n : dir.list(glob.length() == 0 ? "**" : glob)) {
+            for (String n : dir.list(glob, null, /* TODO what is the user expectation? */true)) {
                 String relativePath;
                 if (glob.length() == 0) {
                     // JENKINS-19947: traditional behavior is to prepend the directory name
@@ -545,10 +546,10 @@ public final class DirectoryBrowserSupport implements HttpResponse {
      * @param baseRef String like "../../../" that cancels the 'rest' portion. Can be "./"
      */
     private static List<List<Path>> patternScan(VirtualFile baseDir, String pattern, String baseRef) throws IOException {
-            String[] files = baseDir.list(pattern);
+            Collection<String> files = baseDir.list(pattern, null, /* TODO what is the user expectation? */true);
 
-            if (files.length > 0) {
-                List<List<Path>> r = new ArrayList<List<Path>>(files.length);
+            if (!files.isEmpty()) {
+                List<List<Path>> r = new ArrayList<List<Path>>(files.size());
                 for (String match : files) {
                     List<Path> file = buildPathList(baseDir, baseDir.child(match), baseRef);
                     r.add(file);
diff --git a/core/src/main/java/jenkins/util/VirtualFile.java b/core/src/main/java/jenkins/util/VirtualFile.java
index 45b9c74cd4..a4f80cb875 100644
--- a/core/src/main/java/jenkins/util/VirtualFile.java
+++ b/core/src/main/java/jenkins/util/VirtualFile.java
@@ -25,6 +25,7 @@
 package jenkins.util;
 
 import hudson.FilePath;
+import hudson.Util;
 import hudson.model.DirectoryBrowserSupport;
 import hudson.os.PosixException;
 import hudson.remoting.Callable;
@@ -45,13 +46,20 @@ import java.nio.file.Files;
 import java.nio.file.InvalidPathException;
 import java.nio.file.LinkOption;
 import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
 import java.util.List;
 import java.util.logging.Level;
 import java.util.logging.Logger;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
 import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
 import jenkins.MasterToSlaveFileCallable;
 import jenkins.model.ArtifactManager;
+import org.apache.tools.ant.types.AbstractFileSet;
+import org.apache.tools.ant.types.selectors.SelectorUtils;
 
 /**
  * Abstraction over {@link File}, {@link FilePath}, or other items such as network resources or ZIP entries.
@@ -144,13 +152,40 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
      */
     public abstract @Nonnull VirtualFile[] list() throws IOException;
 
+    /**
+     * @deprecated use {@link #list(String, String, boolean)} instead
+     */
+    @Deprecated
+    public @Nonnull String[] list(String glob) throws IOException {
+        return list(glob.replace('\\', '/'), null, true).toArray(new String[0]);
+    }
+
     /**
      * Lists recursive files of this directory with pattern matching.
-     * @param glob an Ant-style glob
-     * @return a list of relative names of children (files directly inside or in subdirectories)
+     * @param includes comma-separated Ant-style globs as per {@link Util#createFileSet(File, String, String)} using {@code /} as a path separator;
+     *                 the empty string means <em>no matches</em> (use {@link SelectorUtils#DEEP_TREE_MATCH} if you want to match everything except some excludes)
+     * @param excludes optional excludes in similar format to {@code includes}
+     * @param useDefaultExcludes as per {@link AbstractFileSet#setDefaultexcludes}
+     * @return a list of {@code /}-separated relative names of children (files directly inside or in subdirectories)
      * @throws IOException if this is not a directory, or listing was not possible for some other reason
      */
-    public abstract @Nonnull String[] list(String glob) throws IOException;
+    public @Nonnull Collection<String> list(@Nonnull String includes, @CheckForNull String excludes, boolean useDefaultExcludes) throws IOException {
+        if (Util.isOverridden(VirtualFile.class, getClass(), "list", String.class)) {
+            String[] included = list(includes.isEmpty() ? "**" : includes);
+            if (excludes != null) {
+                // Do our best to apply excludes and hope defaultexcludes are not relevant (original File/FilePath impls assumed uDE=true).
+                // Or we could use list() recursively and apply includes and excludes without calling list(String) at all.
+                return Stream.of(included).
+                    filter(path -> SelectorUtils.match(excludes.endsWith("/") ? excludes + SelectorUtils.DEEP_TREE_MATCH : excludes, path)).
+                    map(path -> path.replace('\\', '/')).
+                    collect(Collectors.toList());
+            } else {
+                return Arrays.asList(included);
+            }
+        } else {
+            throw new AbstractMethodError("implement " + getClass().getName() + ".list(String, String, boolean)");
+        }
+    }
 
     /**
      * Obtains a child file.
@@ -335,11 +370,12 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
                 }
                 return vfs;
             }
-            @Override public String[] list(String glob) throws IOException {
+            @Override
+            public Collection<String> list(String includes, String excludes, boolean useDefaultExcludes) throws IOException {
                 if (isIllegalSymlink()) {
-                    return new String[0];
+                    return Collections.emptySet();
                 }
-                return new Scanner(glob).invoke(f, null);
+                return new Scanner(includes, excludes, useDefaultExcludes).invoke(f, null);
             }
             @Override public VirtualFile child(String name) {
                 return new FileVF(new File(f, name), root);
@@ -451,9 +487,9 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
                     throw new IOException(x);
                 }
             }
-            @Override public String[] list(String glob) throws IOException {
+            @Override public Collection<String> list(String includes, String excludes, boolean useDefaultExcludes) throws IOException {
                 try {
-                    return f.act(new Scanner(glob));
+                    return f.act(new Scanner(includes, excludes, useDefaultExcludes));
                 } catch (InterruptedException x) {
                     throw new IOException(x);
                 }
@@ -504,20 +540,26 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
                 }
             }
     }
-    private static final class Scanner extends MasterToSlaveFileCallable<String[]> {
-        private final String glob;
-        Scanner(String glob) {
-            this.glob = glob;
+    private static final class Scanner extends MasterToSlaveFileCallable<List<String>> {
+        private final String includes, excludes;
+        private final boolean useDefaultExcludes;
+        Scanner(String includes, String excludes, boolean useDefaultExcludes) {
+            this.includes = includes;
+            this.excludes = excludes;
+            this.useDefaultExcludes = useDefaultExcludes;
         }
-        @Override public String[] invoke(File f, VirtualChannel channel) throws IOException {
+        @Override public List<String> invoke(File f, VirtualChannel channel) throws IOException {
+            if (includes.isEmpty()) { // see Glob class Javadoc, and list(String, String, boolean) note
+                return Collections.emptyList();
+            }
             final List<String> paths = new ArrayList<String>();
-            new DirScanner.Glob(glob, null).scan(f, new FileVisitor() {
+            new DirScanner.Glob(includes, excludes, useDefaultExcludes).scan(f, new FileVisitor() {
                 @Override
                 public void visit(File f, String relativePath) throws IOException {
                     paths.add(relativePath);
                 }
             });
-            return paths.toArray(new String[paths.size()]);
+            return paths;
         }
 
     }
diff --git a/core/src/test/java/jenkins/util/VirtualFileTest.java b/core/src/test/java/jenkins/util/VirtualFileTest.java
index 77c31a828f..c19e1677f5 100644
--- a/core/src/test/java/jenkins/util/VirtualFileTest.java
+++ b/core/src/test/java/jenkins/util/VirtualFileTest.java
@@ -33,6 +33,7 @@ import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.nio.file.NoSuchFileException;
 import java.nio.file.attribute.PosixFilePermissions;
+import java.util.TreeSet;
 import org.apache.commons.io.FileUtils;
 import org.apache.commons.io.IOUtils;
 import org.junit.Test;
@@ -88,4 +89,28 @@ public class VirtualFileTest {
         return mode == -1 ? "N/A" : PosixFilePermissions.toString(Util.modeToPermissions(mode));
     }
 
+    @Issue("JENKINS-26810")
+    @Test public void list() throws Exception {
+        File root = tmp.getRoot();
+        FilePath rootF = new FilePath(root);
+        rootF.child("top.txt").write("", null);
+        rootF.child("sub/mid.txt").write("", null);
+        rootF.child("sub/subsub/lowest.txt").write("", null);
+        rootF.child(".hg/config.txt").write("", null);
+        for (VirtualFile vf : new VirtualFile[] {VirtualFile.forFile(root), VirtualFile.forFilePath(rootF)}) {
+            assertEquals("[.hg/config.txt, sub/mid.txt, sub/subsub/lowest.txt, top.txt]", new TreeSet<>(vf.list("**/*.txt", null, false)).toString());
+            assertEquals("[sub/mid.txt, sub/subsub/lowest.txt, top.txt]", new TreeSet<>(vf.list("**/*.txt", null, true)).toString());
+            assertEquals("[.hg/config.txt, sub/mid.txt, sub/subsub/lowest.txt, top.txt]", new TreeSet<>(vf.list("**", null, false)).toString());
+            assertEquals("[]", new TreeSet<>(vf.list("", null, false)).toString());
+            assertEquals("[sub/mid.txt, sub/subsub/lowest.txt]", new TreeSet<>(vf.list("sub/", null, false)).toString());
+            assertEquals("[sub/mid.txt]", new TreeSet<>(vf.list("sub/", "sub/subsub/", false)).toString());
+            assertEquals("[sub/mid.txt]", new TreeSet<>(vf.list("sub/", "sub/subsub/**", false)).toString());
+            assertEquals("[sub/mid.txt]", new TreeSet<>(vf.list("sub/", "**/subsub/", false)).toString());
+            assertEquals("[.hg/config.txt, sub/mid.txt]", new TreeSet<>(vf.list("**/mid*,**/conf*", null, false)).toString());
+            assertEquals("[sub/mid.txt, sub/subsub/lowest.txt]", new TreeSet<>(vf.list("sub/", "**/notthere/", false)).toString());
+            assertEquals("[top.txt]", new TreeSet<>(vf.list("*.txt", null, false)).toString());
+            assertEquals("[sub/subsub/lowest.txt, top.txt]", new TreeSet<>(vf.list("**", "**/mid*,**/conf*", false)).toString());
+        }
+    }
+
 }
diff --git a/test/src/test/java/hudson/model/DirectoryBrowserSupportTest.java b/test/src/test/java/hudson/model/DirectoryBrowserSupportTest.java
index 524144e348..8375fcce41 100644
--- a/test/src/test/java/hudson/model/DirectoryBrowserSupportTest.java
+++ b/test/src/test/java/hudson/model/DirectoryBrowserSupportTest.java
@@ -60,6 +60,8 @@ import java.io.OutputStream;
 import java.net.URI;
 import java.net.URL;
 import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
 import java.util.List;
 import java.util.Map;
 import jenkins.model.ArtifactManager;
@@ -329,8 +331,8 @@ public class DirectoryBrowserSupportTest {
                     return new VirtualFile[0];
                 }
                 @Override
-                public String[] list(String glob) throws IOException {
-                    return new String[0];
+                public Collection<String> list(String includes, String excludes, boolean useDefaultExcludes) throws IOException {
+                    return Collections.emptySet();
                 }
                 @Override
                 public VirtualFile child(String name) {
@@ -387,7 +389,7 @@ public class DirectoryBrowserSupportTest {
                     return new VirtualFile[] {file};
                 }
                 @Override
-                public String[] list(String glob) throws IOException {
+                public Collection<String> list(String includes, String excludes, boolean useDefaultExcludes) throws IOException {
                     throw new UnsupportedOperationException();
                 }
                 @Override
-- 
GitLab


From 4911c5c04f3e3bd6ad314281f7f8e62f5d472a41 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 21 Feb 2018 15:03:42 -0500
Subject: [PATCH 118/863] More compatible default implementation of
 VirtualFile.list(String, String, boolean) which is also more convenient for
 some implementations.

---
 .../main/java/jenkins/util/VirtualFile.java   | 54 +++++++++----
 .../java/jenkins/util/VirtualFileTest.java    | 76 +++++++++++++++++--
 2 files changed, 107 insertions(+), 23 deletions(-)

diff --git a/core/src/main/java/jenkins/util/VirtualFile.java b/core/src/main/java/jenkins/util/VirtualFile.java
index a4f80cb875..6cf765f398 100644
--- a/core/src/main/java/jenkins/util/VirtualFile.java
+++ b/core/src/main/java/jenkins/util/VirtualFile.java
@@ -46,20 +46,21 @@ import java.nio.file.Files;
 import java.nio.file.InvalidPathException;
 import java.nio.file.LinkOption;
 import java.util.ArrayList;
-import java.util.Arrays;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 import java.util.stream.Collectors;
-import java.util.stream.Stream;
 import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
 import jenkins.MasterToSlaveFileCallable;
 import jenkins.model.ArtifactManager;
+import org.apache.tools.ant.DirectoryScanner;
 import org.apache.tools.ant.types.AbstractFileSet;
 import org.apache.tools.ant.types.selectors.SelectorUtils;
+import org.apache.tools.ant.types.selectors.TokenizedPath;
+import org.apache.tools.ant.types.selectors.TokenizedPattern;
 
 /**
  * Abstraction over {@link File}, {@link FilePath}, or other items such as network resources or ZIP entries.
@@ -162,6 +163,8 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
 
     /**
      * Lists recursive files of this directory with pattern matching.
+     * <p>The default implementation calls {@link #list()} recursively and applies filtering to the result.
+     * Implementations may wish to override this more efficiently.
      * @param includes comma-separated Ant-style globs as per {@link Util#createFileSet(File, String, String)} using {@code /} as a path separator;
      *                 the empty string means <em>no matches</em> (use {@link SelectorUtils#DEEP_TREE_MATCH} if you want to match everything except some excludes)
      * @param excludes optional excludes in similar format to {@code includes}
@@ -170,21 +173,40 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
      * @throws IOException if this is not a directory, or listing was not possible for some other reason
      */
     public @Nonnull Collection<String> list(@Nonnull String includes, @CheckForNull String excludes, boolean useDefaultExcludes) throws IOException {
-        if (Util.isOverridden(VirtualFile.class, getClass(), "list", String.class)) {
-            String[] included = list(includes.isEmpty() ? "**" : includes);
-            if (excludes != null) {
-                // Do our best to apply excludes and hope defaultexcludes are not relevant (original File/FilePath impls assumed uDE=true).
-                // Or we could use list() recursively and apply includes and excludes without calling list(String) at all.
-                return Stream.of(included).
-                    filter(path -> SelectorUtils.match(excludes.endsWith("/") ? excludes + SelectorUtils.DEEP_TREE_MATCH : excludes, path)).
-                    map(path -> path.replace('\\', '/')).
-                    collect(Collectors.toList());
-            } else {
-                return Arrays.asList(included);
-            }
-        } else {
-            throw new AbstractMethodError("implement " + getClass().getName() + ".list(String, String, boolean)");
+        List<String> r = new ArrayList<>();
+        collectFiles(r, "");
+        List<TokenizedPattern> includePatterns = patterns(includes);
+        List<TokenizedPattern> excludePatterns = patterns(excludes);
+        if (useDefaultExcludes) {
+            for (String patt : DirectoryScanner.getDefaultExcludes()) {
+                excludePatterns.add(new TokenizedPattern(patt));
+            }
+        }
+        return r.stream().filter(p -> {
+            TokenizedPath path = new TokenizedPath(p);
+            return includePatterns.stream().anyMatch(patt -> patt.matchPath(path, true)) && !excludePatterns.stream().anyMatch(patt -> patt.matchPath(path, true));
+        }).collect(Collectors.toSet());
+    }
+    private void collectFiles(Collection<String> names, String prefix) throws IOException {
+        for (VirtualFile child : list()) {
+            if (child.isFile()) {
+                names.add(prefix + child.getName());
+            } else if (child.isDirectory()) {
+                child.collectFiles(names, prefix + child.getName() + "/");
+            }
+        }
+    }
+    private List<TokenizedPattern> patterns(String patts) {
+        List<TokenizedPattern> r = new ArrayList<>();
+        if (patts != null) {
+            for (String patt : patts.split(",")) {
+                if (patt.endsWith("/")) {
+                    patt += SelectorUtils.DEEP_TREE_MATCH;
+                }
+                r.add(new TokenizedPattern(patt));
+            }
         }
+        return r;
     }
 
     /**
diff --git a/core/src/test/java/jenkins/util/VirtualFileTest.java b/core/src/test/java/jenkins/util/VirtualFileTest.java
index c19e1677f5..8be31af5a7 100644
--- a/core/src/test/java/jenkins/util/VirtualFileTest.java
+++ b/core/src/test/java/jenkins/util/VirtualFileTest.java
@@ -24,6 +24,7 @@
 
 package jenkins.util;
 
+import com.google.common.collect.ImmutableSet;
 import hudson.FilePath;
 import hudson.Functions;
 import hudson.Util;
@@ -31,11 +32,16 @@ import hudson.model.TaskListener;
 import java.io.File;
 import java.io.FileNotFoundException;
 import java.io.IOException;
+import java.io.InputStream;
+import java.net.URI;
 import java.nio.file.NoSuchFileException;
 import java.nio.file.attribute.PosixFilePermissions;
+import java.util.Set;
 import java.util.TreeSet;
+import java.util.stream.Collectors;
 import org.apache.commons.io.FileUtils;
 import org.apache.commons.io.IOUtils;
+import org.apache.commons.io.input.NullInputStream;
 import org.junit.Test;
 import static org.junit.Assert.*;
 import static org.junit.Assume.assumeFalse;
@@ -93,14 +99,14 @@ public class VirtualFileTest {
     @Test public void list() throws Exception {
         File root = tmp.getRoot();
         FilePath rootF = new FilePath(root);
-        rootF.child("top.txt").write("", null);
-        rootF.child("sub/mid.txt").write("", null);
-        rootF.child("sub/subsub/lowest.txt").write("", null);
-        rootF.child(".hg/config.txt").write("", null);
-        for (VirtualFile vf : new VirtualFile[] {VirtualFile.forFile(root), VirtualFile.forFilePath(rootF)}) {
+        Set<String> paths = ImmutableSet.of("top.txt", "sub/mid.txt", "sub/subsub/lowest.txt", ".hg/config.txt", "very/deep/path/here");
+        for (String path : paths) {
+            rootF.child(path).write("", null);
+        }
+        for (VirtualFile vf : new VirtualFile[] {VirtualFile.forFile(root), VirtualFile.forFilePath(rootF), new Ram(paths.stream().map(p -> "/" + p).collect(Collectors.toSet()), "")}) {
             assertEquals("[.hg/config.txt, sub/mid.txt, sub/subsub/lowest.txt, top.txt]", new TreeSet<>(vf.list("**/*.txt", null, false)).toString());
             assertEquals("[sub/mid.txt, sub/subsub/lowest.txt, top.txt]", new TreeSet<>(vf.list("**/*.txt", null, true)).toString());
-            assertEquals("[.hg/config.txt, sub/mid.txt, sub/subsub/lowest.txt, top.txt]", new TreeSet<>(vf.list("**", null, false)).toString());
+            assertEquals("[.hg/config.txt, sub/mid.txt, sub/subsub/lowest.txt, top.txt, very/deep/path/here]", new TreeSet<>(vf.list("**", null, false)).toString());
             assertEquals("[]", new TreeSet<>(vf.list("", null, false)).toString());
             assertEquals("[sub/mid.txt, sub/subsub/lowest.txt]", new TreeSet<>(vf.list("sub/", null, false)).toString());
             assertEquals("[sub/mid.txt]", new TreeSet<>(vf.list("sub/", "sub/subsub/", false)).toString());
@@ -109,7 +115,63 @@ public class VirtualFileTest {
             assertEquals("[.hg/config.txt, sub/mid.txt]", new TreeSet<>(vf.list("**/mid*,**/conf*", null, false)).toString());
             assertEquals("[sub/mid.txt, sub/subsub/lowest.txt]", new TreeSet<>(vf.list("sub/", "**/notthere/", false)).toString());
             assertEquals("[top.txt]", new TreeSet<>(vf.list("*.txt", null, false)).toString());
-            assertEquals("[sub/subsub/lowest.txt, top.txt]", new TreeSet<>(vf.list("**", "**/mid*,**/conf*", false)).toString());
+            assertEquals("[sub/subsub/lowest.txt, top.txt, very/deep/path/here]", new TreeSet<>(vf.list("**", "**/mid*,**/conf*", false)).toString());
+        }
+    }
+    private static final class Ram extends VirtualFile {
+        private final Set<String> paths; // e.g., [/very/deep/path/here]
+        private final String path; // e.g., empty string or /very or /very/deep/path/here
+        Ram(Set<String> paths, String path) {
+            this.paths = paths;
+            this.path = path;
+        }
+        @Override
+        public String getName() {
+            return path.replaceFirst(".*/", "");
+        }
+        @Override
+        public URI toURI() {
+            return URI.create("ram:" + path);
+        }
+        @Override
+        public VirtualFile getParent() {
+            return new Ram(paths, path.replaceFirst("/[^/]+$", ""));
+        }
+        @Override
+        public boolean isDirectory() throws IOException {
+            return paths.stream().anyMatch(p -> p.startsWith(path + "/"));
+        }
+        @Override
+        public boolean isFile() throws IOException {
+            return paths.contains(path);
+        }
+        @Override
+        public boolean exists() throws IOException {
+            return isFile() || isDirectory();
+        }
+        @Override
+        public VirtualFile[] list() throws IOException {
+            return paths.stream().filter(p -> p.startsWith(path + "/")).map(p -> new Ram(paths, p.replaceFirst("(\\Q" + path + "\\E/[^/]+)/.+", "$1"))).collect(Collectors.toSet()).toArray(new VirtualFile[0]);
+        }
+        @Override
+        public VirtualFile child(String name) {
+            return new Ram(paths, path + "/" + name);
+        }
+        @Override
+        public long length() throws IOException {
+            return 0;
+        }
+        @Override
+        public long lastModified() throws IOException {
+            return 0;
+        }
+        @Override
+        public boolean canRead() throws IOException {
+            return isFile();
+        }
+        @Override
+        public InputStream open() throws IOException {
+            return new NullInputStream(0);
         }
     }
 
-- 
GitLab


From e3e6d570f7065fb2d55287a98ef3b24b6a0b2e6a Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 21 Feb 2018 15:55:38 -0500
Subject: [PATCH 119/863] VirtualFile.readLink

---
 core/src/main/java/hudson/Util.java           |  4 +--
 .../main/java/jenkins/util/VirtualFile.java   | 25 +++++++++++++++++++
 .../java/jenkins/util/VirtualFileTest.java    | 17 +++++++++++++
 3 files changed, 44 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/Util.java b/core/src/main/java/hudson/Util.java
index ce381d7a0a..2f7ea8fcc6 100644
--- a/core/src/main/java/hudson/Util.java
+++ b/core/src/main/java/hudson/Util.java
@@ -1403,7 +1403,7 @@ public class Util {
      *      The relative path is meant to be resolved from the location of the symlink.
      */
     @CheckForNull
-    public static String resolveSymlink(@Nonnull File link) throws InterruptedException, IOException {
+    public static String resolveSymlink(@Nonnull File link) throws IOException {
         try {
             Path path =  link.toPath();
             return Files.readSymbolicLink(path).toString();
@@ -1415,7 +1415,7 @@ public class Util {
         } catch (IOException x) {
             throw x;
         } catch (Exception x) {
-            throw (IOException) new IOException(x.toString()).initCause(x);
+            throw new IOException(x);
         }
     }
 
diff --git a/core/src/main/java/jenkins/util/VirtualFile.java b/core/src/main/java/jenkins/util/VirtualFile.java
index 6cf765f398..434fefd827 100644
--- a/core/src/main/java/jenkins/util/VirtualFile.java
+++ b/core/src/main/java/jenkins/util/VirtualFile.java
@@ -139,8 +139,20 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
      */
     public abstract boolean isFile() throws IOException;
 
+    /**
+     * If this file is a symlink, returns the link target.
+     * <p>The default implementation always returns null.
+     * Some implementations may not support symlinks under any conditions.
+     * @return a target (typically a relative path in some format), or null if this is not a link
+     * @throws IOException if reading the link, or even determining whether this file is a link, failed
+     */
+    public @CheckForNull String readLink() throws IOException {
+        return null;
+    }
+
     /**
      * Checks whether this file exists.
+     * The behavior is undefined for symlinks; if in doubt, check {@link #readLink} first.
      * @return true if it is a plain file or directory, false if nonexistent
      * @throws IOException in case checking status failed
      */
@@ -378,6 +390,12 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
                 }
                 return f.exists();
             }
+            @Override public String readLink() throws IOException {
+                if (isIllegalSymlink()) {
+                    return null; // best to just ignore link -> ../whatever
+                }
+                return Util.resolveSymlink(f);
+            }
             @Override public VirtualFile[] list() throws IOException {
                 if (isIllegalSymlink()) {
                     return new VirtualFile[0];
@@ -497,6 +515,13 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
                     throw new IOException(x);
                 }
             }
+            @Override public String readLink() throws IOException {
+                try {
+                    return f.readLink();
+                } catch (InterruptedException x) {
+                    throw new IOException(x);
+                }
+            }
             @Override public VirtualFile[] list() throws IOException {
                 try {
                     List<FilePath> kids = f.list();
diff --git a/core/src/test/java/jenkins/util/VirtualFileTest.java b/core/src/test/java/jenkins/util/VirtualFileTest.java
index 8be31af5a7..d704cf8a8c 100644
--- a/core/src/test/java/jenkins/util/VirtualFileTest.java
+++ b/core/src/test/java/jenkins/util/VirtualFileTest.java
@@ -175,4 +175,21 @@ public class VirtualFileTest {
         }
     }
 
+    @Issue("JENKINS-26810")
+    @Test public void readLink() throws Exception {
+        assumeFalse("Symlinks do not work well on Windows", Functions.isWindows());
+        File root = tmp.getRoot();
+        FilePath rootF = new FilePath(root);
+        rootF.child("plain").write("", null);
+        rootF.child("link").symlinkTo("physical", TaskListener.NULL);
+        for (VirtualFile vf : new VirtualFile[] {VirtualFile.forFile(root), VirtualFile.forFilePath(rootF)}) {
+            assertNull(vf.readLink());
+            assertNull(vf.child("plain").readLink());
+            VirtualFile link = vf.child("link");
+            assertEquals("physical", link.readLink());
+            assertFalse(link.isFile());
+            assertFalse(link.isDirectory());
+        }
+    }
+
 }
-- 
GitLab


From 2e070ca8f2125c42e26243866eb4eebc30383b41 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 21 Feb 2018 15:56:22 -0500
Subject: [PATCH 120/863] Forgotten since tags.

---
 core/src/main/java/jenkins/util/VirtualFile.java | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/core/src/main/java/jenkins/util/VirtualFile.java b/core/src/main/java/jenkins/util/VirtualFile.java
index 434fefd827..46c44ff9a8 100644
--- a/core/src/main/java/jenkins/util/VirtualFile.java
+++ b/core/src/main/java/jenkins/util/VirtualFile.java
@@ -145,6 +145,7 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
      * Some implementations may not support symlinks under any conditions.
      * @return a target (typically a relative path in some format), or null if this is not a link
      * @throws IOException if reading the link, or even determining whether this file is a link, failed
+     * @since FIXME
      */
     public @CheckForNull String readLink() throws IOException {
         return null;
@@ -183,6 +184,7 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
      * @param useDefaultExcludes as per {@link AbstractFileSet#setDefaultexcludes}
      * @return a list of {@code /}-separated relative names of children (files directly inside or in subdirectories)
      * @throws IOException if this is not a directory, or listing was not possible for some other reason
+     * @since FIXME
      */
     public @Nonnull Collection<String> list(@Nonnull String includes, @CheckForNull String excludes, boolean useDefaultExcludes) throws IOException {
         List<String> r = new ArrayList<>();
@@ -246,6 +248,7 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
      * Gets the file’s Unix mode, if meaningful.
      * @return for example, 0644 ~ {@code rw-r--r--}; -1 by default, meaning unknown or inapplicable
      * @throws IOException if checking the mode failed
+     * @since FIXME
      */
     public int mode() throws IOException {
         return -1;
-- 
GitLab


From 9735a349c2321d4ffe99afdec15a5819b6f4f3f2 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 21 Feb 2018 15:58:45 -0500
Subject: [PATCH 121/863] Compilation error.

---
 .../src/main/java/hudson/util/DirScanner.java | 21 +++++++------------
 1 file changed, 8 insertions(+), 13 deletions(-)

diff --git a/core/src/main/java/hudson/util/DirScanner.java b/core/src/main/java/hudson/util/DirScanner.java
index a694c7c21b..2551aa0b08 100644
--- a/core/src/main/java/hudson/util/DirScanner.java
+++ b/core/src/main/java/hudson/util/DirScanner.java
@@ -7,7 +7,6 @@ import org.apache.tools.ant.types.FileSet;
 import java.io.File;
 import java.io.FileFilter;
 import java.io.IOException;
-import java.io.InterruptedIOException;
 import java.io.Serializable;
 
 import static hudson.Util.fixEmpty;
@@ -31,19 +30,15 @@ public abstract class DirScanner implements Serializable {
      */
     protected final void scanSingle(File f, String relative, FileVisitor visitor) throws IOException {
         if (visitor.understandsSymlink()) {
+            String target;
             try {
-                String target;
-                try {
-                    target = Util.resolveSymlink(f);
-                } catch (IOException x) { // JENKINS-13202
-                    target = null;
-                }
-                if (target != null) {
-                    visitor.visitSymlink(f, target, relative);
-                    return;
-                }
-            } catch (InterruptedException e) {
-                throw (IOException) new InterruptedIOException().initCause(e);
+                target = Util.resolveSymlink(f);
+            } catch (IOException x) { // JENKINS-13202
+                target = null;
+            }
+            if (target != null) {
+                visitor.visitSymlink(f, target, relative);
+                return;
             }
         }
         visitor.visit(f, relative);
-- 
GitLab


From a9430d34fd576051c3f24373b6eb3a641ad09e33 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 21 Feb 2018 17:57:37 -0500
Subject: [PATCH 122/863] Mistake caught by
 DirectoryBrowserSupportTest.zipDownload.

---
 core/src/main/java/hudson/model/DirectoryBrowserSupport.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/model/DirectoryBrowserSupport.java b/core/src/main/java/hudson/model/DirectoryBrowserSupport.java
index 3baa9190f5..f5f1080373 100644
--- a/core/src/main/java/hudson/model/DirectoryBrowserSupport.java
+++ b/core/src/main/java/hudson/model/DirectoryBrowserSupport.java
@@ -366,7 +366,7 @@ public final class DirectoryBrowserSupport implements HttpResponse {
     private static void zip(OutputStream outputStream, VirtualFile dir, String glob) throws IOException {
         try (ZipOutputStream zos = new ZipOutputStream(outputStream)) {
             zos.setEncoding(System.getProperty("file.encoding")); // TODO JENKINS-20663 make this overridable via query parameter
-            for (String n : dir.list(glob, null, /* TODO what is the user expectation? */true)) {
+            for (String n : dir.list(glob.isEmpty() ? "**" : glob, null, /* TODO what is the user expectation? */true)) {
                 String relativePath;
                 if (glob.length() == 0) {
                     // JENKINS-19947: traditional behavior is to prepend the directory name
-- 
GitLab


From e0fab1a6a2ac0152a794d51edf5d4f3ffd548504 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 21 Feb 2018 17:59:52 -0500
Subject: [PATCH 123/863] list(String, String, boolean) was returning
 \-separated paths on Windows, contrary to Javadoc.

---
 core/src/main/java/jenkins/util/VirtualFile.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/jenkins/util/VirtualFile.java b/core/src/main/java/jenkins/util/VirtualFile.java
index 46c44ff9a8..e62ae56eed 100644
--- a/core/src/main/java/jenkins/util/VirtualFile.java
+++ b/core/src/main/java/jenkins/util/VirtualFile.java
@@ -606,7 +606,7 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
             new DirScanner.Glob(includes, excludes, useDefaultExcludes).scan(f, new FileVisitor() {
                 @Override
                 public void visit(File f, String relativePath) throws IOException {
-                    paths.add(relativePath);
+                    paths.add(relativePath.replace('\\', '/'));
                 }
             });
             return paths;
-- 
GitLab


From 9ccffbad155ed34929e9b0f199274d60bb99bd09 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 21 Feb 2018 18:18:05 -0500
Subject: [PATCH 124/863] SelectorUtils.tokenizePath apparently expects the
 native path separator, which is normally handled deep within
 DirectoryScanner.

---
 core/src/main/java/jenkins/util/VirtualFile.java     | 6 +++---
 core/src/test/java/jenkins/util/VirtualFileTest.java | 1 +
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/jenkins/util/VirtualFile.java b/core/src/main/java/jenkins/util/VirtualFile.java
index e62ae56eed..dcd8966908 100644
--- a/core/src/main/java/jenkins/util/VirtualFile.java
+++ b/core/src/main/java/jenkins/util/VirtualFile.java
@@ -193,11 +193,11 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
         List<TokenizedPattern> excludePatterns = patterns(excludes);
         if (useDefaultExcludes) {
             for (String patt : DirectoryScanner.getDefaultExcludes()) {
-                excludePatterns.add(new TokenizedPattern(patt));
+                excludePatterns.add(new TokenizedPattern(patt.replace('/', File.separatorChar)));
             }
         }
         return r.stream().filter(p -> {
-            TokenizedPath path = new TokenizedPath(p);
+            TokenizedPath path = new TokenizedPath(p.replace('/', File.separatorChar));
             return includePatterns.stream().anyMatch(patt -> patt.matchPath(path, true)) && !excludePatterns.stream().anyMatch(patt -> patt.matchPath(path, true));
         }).collect(Collectors.toSet());
     }
@@ -217,7 +217,7 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
                 if (patt.endsWith("/")) {
                     patt += SelectorUtils.DEEP_TREE_MATCH;
                 }
-                r.add(new TokenizedPattern(patt));
+                r.add(new TokenizedPattern(patt.replace('/', File.separatorChar)));
             }
         }
         return r;
diff --git a/core/src/test/java/jenkins/util/VirtualFileTest.java b/core/src/test/java/jenkins/util/VirtualFileTest.java
index d704cf8a8c..c8eeca0f55 100644
--- a/core/src/test/java/jenkins/util/VirtualFileTest.java
+++ b/core/src/test/java/jenkins/util/VirtualFileTest.java
@@ -104,6 +104,7 @@ public class VirtualFileTest {
             rootF.child(path).write("", null);
         }
         for (VirtualFile vf : new VirtualFile[] {VirtualFile.forFile(root), VirtualFile.forFilePath(rootF), new Ram(paths.stream().map(p -> "/" + p).collect(Collectors.toSet()), "")}) {
+            System.err.println("testing " + vf.getClass().getName());
             assertEquals("[.hg/config.txt, sub/mid.txt, sub/subsub/lowest.txt, top.txt]", new TreeSet<>(vf.list("**/*.txt", null, false)).toString());
             assertEquals("[sub/mid.txt, sub/subsub/lowest.txt, top.txt]", new TreeSet<>(vf.list("**/*.txt", null, true)).toString());
             assertEquals("[.hg/config.txt, sub/mid.txt, sub/subsub/lowest.txt, top.txt, very/deep/path/here]", new TreeSet<>(vf.list("**", null, false)).toString());
-- 
GitLab


From 7131067f771cf110b8c6b219406c4099fc74bc8d Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 21 Feb 2018 18:40:50 -0500
Subject: [PATCH 125/863] Minor comments and simplifications.

---
 core/src/test/java/jenkins/util/VirtualFileTest.java        | 6 ++++--
 .../test/java/hudson/model/DirectoryBrowserSupportTest.java | 5 +++--
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/core/src/test/java/jenkins/util/VirtualFileTest.java b/core/src/test/java/jenkins/util/VirtualFileTest.java
index c8eeca0f55..8bab746557 100644
--- a/core/src/test/java/jenkins/util/VirtualFileTest.java
+++ b/core/src/test/java/jenkins/util/VirtualFileTest.java
@@ -87,7 +87,7 @@ public class VirtualFileTest {
         VirtualFile vfp = VirtualFile.forFilePath(fp);
         assertEquals(modeString(hudson.util.IOUtils.mode(f)), modeString(vf.mode()));
         assertEquals(modeString(hudson.util.IOUtils.mode(f)), modeString(vfp.mode()));
-        fp.chmod(0755);
+        fp.chmod(0755); // no-op on Windows, but harmless
         assertEquals(modeString(hudson.util.IOUtils.mode(f)), modeString(vf.mode()));
         assertEquals(modeString(hudson.util.IOUtils.mode(f)), modeString(vfp.mode()));
     }
@@ -119,6 +119,7 @@ public class VirtualFileTest {
             assertEquals("[sub/subsub/lowest.txt, top.txt, very/deep/path/here]", new TreeSet<>(vf.list("**", "**/mid*,**/conf*", false)).toString());
         }
     }
+    /** Roughly analogous to {@code org.jenkinsci.plugins.compress_artifacts.ZipStorage}. */
     private static final class Ram extends VirtualFile {
         private final Set<String> paths; // e.g., [/very/deep/path/here]
         private final String path; // e.g., empty string or /very or /very/deep/path/here
@@ -152,7 +153,7 @@ public class VirtualFileTest {
         }
         @Override
         public VirtualFile[] list() throws IOException {
-            return paths.stream().filter(p -> p.startsWith(path + "/")).map(p -> new Ram(paths, p.replaceFirst("(\\Q" + path + "\\E/[^/]+)/.+", "$1"))).collect(Collectors.toSet()).toArray(new VirtualFile[0]);
+            return paths.stream().filter(p -> p.startsWith(path + "/")).map(p -> new Ram(paths, p.replaceFirst("(\\Q" + path + "\\E/[^/]+)/.+", "$1"))).toArray(VirtualFile[]::new);
         }
         @Override
         public VirtualFile child(String name) {
@@ -190,6 +191,7 @@ public class VirtualFileTest {
             assertEquals("physical", link.readLink());
             assertFalse(link.isFile());
             assertFalse(link.isDirectory());
+            // not checking .exists() for now
         }
     }
 
diff --git a/test/src/test/java/hudson/model/DirectoryBrowserSupportTest.java b/test/src/test/java/hudson/model/DirectoryBrowserSupportTest.java
index 8375fcce41..a578e26aa3 100644
--- a/test/src/test/java/hudson/model/DirectoryBrowserSupportTest.java
+++ b/test/src/test/java/hudson/model/DirectoryBrowserSupportTest.java
@@ -251,6 +251,7 @@ public class DirectoryBrowserSupportTest {
             throw x;
         }
     }
+    /** Simulation of a storage service with URLs unrelated to {@link Run#doArtifact}. */
     @TestExtension("externalURLDownload")
     public static final class ContentAddressableStore implements UnprotectedRootAction {
         final List<byte[]> files = new ArrayList<>();
@@ -301,7 +302,7 @@ public class DirectoryBrowserSupportTest {
         }
         @Override
         public VirtualFile root() {
-            final VirtualFile file = new VirtualFile() {
+            final VirtualFile file = new VirtualFile() { // the file inside the root
                 @Override
                 public String getName() {
                     return "f";
@@ -359,7 +360,7 @@ public class DirectoryBrowserSupportTest {
                     return new URL(Jenkins.get().getRootUrl() + "files/" + hash);
                 }
             };
-            return new VirtualFile() {
+            return new VirtualFile() { // the root
                 @Override
                 public String getName() {
                     return "";
-- 
GitLab


From b295527b62ae993da1c06c55a1c035c47b52c2b1 Mon Sep 17 00:00:00 2001
From: Valentina Armenise <varmenise@cloudbees.com>
Date: Thu, 22 Feb 2018 17:35:46 +0100
Subject: [PATCH 126/863] [JENKINS-49634]fix syntax in properties file

---
 .../jenkins/install/pluginSetupWizard_it.properties       | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties b/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties
index df58d8fe60..88bd823565 100644
--- a/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties
+++ b/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties
@@ -9,7 +9,7 @@ installWizard_jenkinsVersionTitle=Jenkins
 installWizard_offline_title=Non in linea
 installWizard_offline_message=Sembra che questa istanza di Jenkins non sia in linea. \
 <p style="font-size:18px; margin-top: 6%"> \
-Per informazioni sul processo di Jenkins in assenza di una connessione a Internet, si veda la \
+Per informazioni sul processo di installazione Jenkins in assenza di una connessione a Internet, si veda la \
 <a href="https://jenkins.io/redirect/offline-installation" target="_blank">relativa documentazione</a>. <br/><br/> \
 \u00C8 possibile scegliere di continuare configurando un proxy o saltando la parte di installazione dei plugins.</p>
 installWizard_error_header=Si \u00E8 verificato un errore
@@ -22,7 +22,7 @@ installWizard_installCustom_selectNone=Nessuno
 installWizard_installCustom_selectRecommended=Suggeriti
 installWizard_installCustom_selected=Selezionati
 installWizard_installCustom_dependenciesPrefix=Dipendenze
-installWizard_installCustom_pluginListDesc=Si noti che qui non viene visualizzata la lista completo di plugins. \u00C8 possibile installare plugin aggiuntivi nel <strong>Gestore plugin</strong> una volta completata la fase di installazione iniziale. <a href="https://jenkins.io/redirect/installation-wizard" target="_blank">Si veda il Wiki per ulteriori informazioni</a>.
+installWizard_installCustom_pluginListDesc=Si noti che qui non viene visualizzata la lista completa di plugins. \u00C8 possibile installare plugin aggiuntivi nel <strong>Gestore plugin</strong> una volta completata la fase di installazione iniziale. <a href="https://jenkins.io/redirect/installation-wizard" target="_blank">Si veda il Wiki per ulteriori informazioni</a>.
 installWizard_goBack=Indietro
 installWizard_goInstall=Installa
 installWizard_installing_title=Per iniziare
@@ -34,7 +34,7 @@ installWizard_pluginsInstalled_message=Installazione dei plugins completata.
 installWizard_installComplete_message=Installazione di Jenkins completata.
 installWizard_installComplete_finishButtonLabel=Inizia a utilizzare Jenkins
 installWizard_installComplete_installComplete_restartRequiredMessage=Installazione di Jenkins completata, ma alcuni plugin richiedono il riavvio di Jenkins.
-installWizard_installComplete_installComplete_restartRequiredNotSupportedMessage=Installazione di Jenkins completata, ma alcuni plugin richiedono il riavvio di Jenkins e sembra che quest istanza non supporti il riavvio automatico. Riavviare manualmente quest istanza ora per completare l''installazione.
+installWizard_installComplete_installComplete_restartRequiredNotSupportedMessage=Installazione di Jenkins completata, ma alcuni plugin richiedono il riavvio di Jenkins e sembra che questa istanza non supporti il riavvio automatico. Riavviare manualmente questa istanza ora per completare l''installazione.
 installWizard_installComplete_restartLabel=Riavvia
 installWizard_installIncomplete_title=Riprendi installazione
 installWizard_installIncomplete_banner=Riprendi installazione
@@ -45,7 +45,7 @@ installWizard_skipFirstUser=Continua come amministratore
 installWizard_firstUserSkippedMessage=<div class="alert alert-warning fade in">\
 Si \u00E8 ignorata la creazione di un utente amministratore. Per accedere, \
 utilizzare il nome utente <pre>admin</pre> e la password di amministratore utilizzata \
-per accedere alla procedura guidata di installazione.\
+durante la procedura guidata di installazione.\
 </div>
 installWizard_addFirstUser_title=Per iniziare
 installWizard_configureProxy_label=Configura proxy
-- 
GitLab


From 036e0ce6bb0f257c1e90d49a0af907adf6bb79f7 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Thu, 22 Feb 2018 15:04:29 -0500
Subject: [PATCH 127/863] =?UTF-8?q?Added=20a=20kill=20switch=20at=20@oleg-?=
 =?UTF-8?q?nenashev=E2=80=99s=20request.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 core/src/main/java/hudson/model/Node.java                   | 6 +++++-
 core/src/main/java/hudson/model/queue/MappingWorksheet.java | 2 +-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/model/Node.java b/core/src/main/java/hudson/model/Node.java
index 91b10509a6..c61ee7abc1 100644
--- a/core/src/main/java/hudson/model/Node.java
+++ b/core/src/main/java/hudson/model/Node.java
@@ -62,6 +62,7 @@ import java.util.logging.Logger;
 import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
 import jenkins.model.Jenkins;
+import jenkins.util.SystemProperties;
 import jenkins.util.io.OnMaster;
 import net.sf.json.JSONObject;
 import org.acegisecurity.Authentication;
@@ -97,6 +98,9 @@ public abstract class Node extends AbstractModelObject implements Reconfigurable
 
     private static final Logger LOGGER = Logger.getLogger(Node.class.getName());
 
+    /** @see <a href="https://issues.jenkins-ci.org/browse/JENKINS-46652">JENKINS-46652</a> */
+    public static /* not final */ boolean SKIP_BUILD_CHECK_ON_FLYWEIGHTS = SystemProperties.getBoolean(Node.class.getName() + ".SKIP_BUILD_CHECK_ON_FLYWEIGHTS", true);
+
     /**
      * Newly copied agents get this flag set, so that Jenkins doesn't try to start/remove this node until its configuration
      * is saved once.
@@ -395,7 +399,7 @@ public abstract class Node extends AbstractModelObject implements Reconfigurable
         }
 
         Authentication identity = item.authenticate();
-        if (!(item.task instanceof Queue.FlyweightTask) && !hasPermission(identity, Computer.BUILD)) {
+        if (!(SKIP_BUILD_CHECK_ON_FLYWEIGHTS && item.task instanceof Queue.FlyweightTask) && !hasPermission(identity, Computer.BUILD)) {
             // doesn't have a permission
             return CauseOfBlockage.fromMessage(Messages._Node_LackingBuildPermission(identity.getName(), getDisplayName()));
         }
diff --git a/core/src/main/java/hudson/model/queue/MappingWorksheet.java b/core/src/main/java/hudson/model/queue/MappingWorksheet.java
index 708f022284..561c950e4a 100644
--- a/core/src/main/java/hudson/model/queue/MappingWorksheet.java
+++ b/core/src/main/java/hudson/model/queue/MappingWorksheet.java
@@ -134,7 +134,7 @@ public class MappingWorksheet {
             if (c.assignedLabel!=null && !c.assignedLabel.contains(node))
                 return false;   // label mismatch
 
-            if (!(item.task instanceof Queue.FlyweightTask) && !nodeAcl.hasPermission(item.authenticate(), Computer.BUILD))
+            if (!(Node.SKIP_BUILD_CHECK_ON_FLYWEIGHTS && item.task instanceof Queue.FlyweightTask) && !nodeAcl.hasPermission(item.authenticate(), Computer.BUILD))
                 return false;   // tasks don't have a permission to run on this node
 
             return true;
-- 
GitLab


From 848b6c1d818c31cffdeff2a53781fb4f839deb11 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Fri, 23 Feb 2018 09:36:41 +0100
Subject: [PATCH 128/863] - devin's proposal

---
 .../jenkins/security/ApiTokenProperty.java    |   9 +-
 .../java/jenkins/security/ApiTokenStore.java  | 362 +++++++++++-------
 2 files changed, 232 insertions(+), 139 deletions(-)

diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index 18f4d35d9c..66b58a54ec 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -50,6 +50,7 @@ import org.kohsuke.stapler.StaplerResponse;
 
 import java.io.IOException;
 import java.security.SecureRandom;
+import java.util.Collection;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
@@ -201,7 +202,7 @@ public class ApiTokenProperty extends UserProperty {
     
     // only for Jelly
     @Restricted(NoExternalUse.class)
-    public List<ApiTokenStore.HashedToken> getTokenList() {
+    public Collection<ApiTokenStore.HashedToken> getTokenList() {
         return tokenStore.getTokenListSortedByName();
     }
     
@@ -422,7 +423,11 @@ public class ApiTokenProperty extends UserProperty {
                 return HttpResponses.errorWithoutStack(400, "The user does not have any ApiToken yet, try generating one before.");
             }
             
-            p.tokenStore.renameToken(tokenId, newName);
+            boolean renameOk = p.tokenStore.renameToken(tokenId, newName);
+            if(!renameOk){
+                // that could potentially happens between instance restart, the uuid stored in the page are no more valid
+                return HttpResponses.errorJSON("No token found, try refreshing the page");
+            }
             u.save();
             
             return HttpResponses.ok();
diff --git a/core/src/main/java/jenkins/security/ApiTokenStore.java b/core/src/main/java/jenkins/security/ApiTokenStore.java
index 797a0f2945..df42b945e6 100644
--- a/core/src/main/java/jenkins/security/ApiTokenStore.java
+++ b/core/src/main/java/jenkins/security/ApiTokenStore.java
@@ -44,22 +44,29 @@ import java.time.LocalDateTime;
 import java.time.temporal.ChronoUnit;
 import java.util.ArrayList;
 import java.util.Base64;
+import java.util.Collection;
 import java.util.Comparator;
 import java.util.Date;
 import java.util.HashMap;
+import java.util.Iterator;
+import java.util.LinkedList;
 import java.util.List;
+import java.util.Locale;
 import java.util.Map;
+import java.util.SortedMap;
+import java.util.TreeMap;
 import java.util.UUID;
 import java.util.logging.Level;
 import java.util.logging.Logger;
-import java.util.stream.Collectors;
 
 public class ApiTokenStore {
     private static final Logger LOGGER = Logger.getLogger(OldDataMonitor.class.getName());
     private static final SecureRandom RANDOM = new SecureRandom();
     
-    private static final Comparator<HashedToken> SORT_BY_LOWERCASED_NAME =
-            Comparator.comparing(hashedToken -> hashedToken.getName().toLowerCase());
+//    private static final Comparator<HashedToken> SORT_BY_LOWERCASED_NAME2 =
+//            Comparator.comparing(hashedToken -> hashedToken.getName().toLowerCase());
+    private static final Comparator<String> SORT_BY_LOWERCASE =
+            Comparator.comparing(name -> name.toLowerCase(Locale.ENGLISH));
     
     /**
      * Determine the (log of) number of rounds we need to apply when hashing the token
@@ -82,15 +89,19 @@ public class ApiTokenStore {
     private static final String HASH_VERSION = "2";
     
     private static final String LEGACY_PREFIX = "";
-
+    
     /**
      * Cache the computation of hash in order to speed up API call that were already verified some times ago
      * Does not keep deleted data alive, just optimize the computation of the hashes.
      */
     private static final HashCache HASH_CACHE = new HashCache();
     
-    private List<HashedToken> tokenList;
-    private transient Map<String, Node<HashedToken>> prefixToTokenList;
+    @Deprecated
+    private List<HashedToken> tokenList2;
+    private SortedMap<String, HashedToken> tokenMap;
+    @Deprecated
+    private transient Map<String, Node<HashedToken>> prefixToTokenList2;
+    private transient Map<String, List<HashedToken>> prefixToTokenList;
     
     public ApiTokenStore() {
         this.init();
@@ -102,43 +113,59 @@ public class ApiTokenStore {
     }
     
     private void init() {
-        if (this.tokenList == null) {
-            this.tokenList = new ArrayList<>();
+//        if (this.tokenList2 == null) {
+//            this.tokenList2 = new ArrayList<>();
+//        }
+        if (this.tokenMap == null) {
+            this.tokenMap = new TreeMap<>(SORT_BY_LOWERCASE);
         }
+//        this.prefixToTokenList2 = new HashMap<>();
         this.prefixToTokenList = new HashMap<>();
     }
     
     @SuppressFBWarnings("NP_NONNULL_RETURN_VIOLATION")
-    public synchronized @Nonnull List<HashedToken> getTokenListSortedByName() {
-        List<ApiTokenStore.HashedToken> sortedTokenList = tokenList.stream()
-                .sorted(SORT_BY_LOWERCASED_NAME)
-                .collect(Collectors.toList());
-        
-        return sortedTokenList;
+    public synchronized @Nonnull Collection<HashedToken> getTokenListSortedByName() {
+        return tokenMap.values();
+//        
+//        List<ApiTokenStore.HashedToken> sortedTokenList = tokenList2.stream()
+//                .sorted(SORT_BY_LOWERCASED_NAME2)
+//                .collect(Collectors.toList());
+//        
+//        return sortedTokenList;
     }
     
     /**
      * After a load from the disk, we need to re-populate the prefix map
      */
     public synchronized void optimize() {
+//        this.prefixToTokenList2.clear();
         this.prefixToTokenList.clear();
-        tokenList.forEach(this::addTokenInPrefixMap);
+//        tokenList2.forEach(this::addTokenInPrefixMap);
+        tokenMap.values().forEach(this::addTokenInPrefixMap);
     }
     
     private void addToken(HashedToken token) {
-        this.tokenList.add(token);
+//        this.tokenList2.add(token);
+        this.tokenMap.put(token.getUuid(), token);
         this.addTokenInPrefixMap(token);
     }
     
     private void addTokenInPrefixMap(HashedToken token) {
         String prefix = token.value.prefix;
-        Node<HashedToken> newNode = new Node<>(token);
         if (prefixToTokenList.containsKey(prefix)) {
-            Node<HashedToken> existingNode = prefixToTokenList.get(prefix);
-            existingNode.addNode(newNode);
+            List<HashedToken> existingNode = prefixToTokenList.get(prefix);
+            existingNode.add(token);
         } else {
-            prefixToTokenList.put(prefix, newNode);
-        }
+            List<HashedToken> newList = new LinkedList<>();
+            newList.add(token);
+            prefixToTokenList.put(prefix, newList);
+        }
+//        if (prefixToTokenList2.containsKey(prefix)) {
+//            Node<HashedToken> existingNode = prefixToTokenList2.get(prefix);
+//            existingNode.addNode(newNode);
+//        } else {
+//            prefixToTokenList2.put(prefix, newNode);
+//        }
     }
     
     /**
@@ -146,16 +173,18 @@ public class ApiTokenStore {
      * and so between restart they change
      */
     public synchronized void reconfigure(@Nonnull Map<String, JSONObject> tokenStoreDataMap) {
-        tokenList.forEach(hashedToken -> {
+        //TODO check
+        tokenMap.values().forEach(hashedToken -> {
+//        tokenList2.forEach(hashedToken -> {
             JSONObject receivedTokenData = tokenStoreDataMap.get(hashedToken.uuid);
             if (receivedTokenData == null) {
-                LOGGER.log(Level.INFO, "No token received for {}", hashedToken.uuid);
+                LOGGER.log(Level.INFO, "No token received for {0}", hashedToken.uuid);
                 return;
             }
             
             String name = receivedTokenData.getString("tokenName");
             if (StringUtils.isBlank(name)) {
-                LOGGER.log(Level.INFO, "Empty name received for {}, we do not care about it", hashedToken.uuid);
+                LOGGER.log(Level.INFO, "Empty name received for {0}, we do not care about it", hashedToken.uuid);
                 return;
             }
             
@@ -180,36 +209,46 @@ public class ApiTokenStore {
         }
     }
     
-    public synchronized void generateTokenFromLegacy(@Nonnull Secret newLegacyApiToken){
+    public synchronized void generateTokenFromLegacy(@Nonnull Secret newLegacyApiToken) {
         deleteAllLegacyTokens();
         addLegacyToken(newLegacyApiToken);
     }
     
-    private void deleteAllLegacyTokens(){
+    private void deleteAllLegacyTokens() {
         // normally there is only one, but just in case
-        for (int i = tokenList.size() - 1; i >= 0; i--) {
-            HashedToken token = tokenList.get(i);
+        for (Iterator<HashedToken> iterator = tokenMap.values().iterator(); iterator.hasNext();) {
+            HashedToken token = iterator.next();
             if (token.isLegacy()) {
-                tokenList.remove(i);
-            
+//                tokenList2.remove(i);
+                iterator.remove();
+                
                 removeTokenFromPrefixMap(token);
             }
         }
+        
+//        for (int i = tokenList2.size() - 1; i >= 0; i--) {
+//            HashedToken token = tokenList2.get(i);
+//            if (token.isLegacy()) {
+//                tokenList2.remove(i);
+//                
+//                removeTokenFromPrefixMap(token);
+//            }
+//        }
     }
     
-    private void addLegacyToken(@Nonnull Secret legacyToken){
+    private void addLegacyToken(@Nonnull Secret legacyToken) {
         String tokenUserUseNormally = Util.getDigestOf(legacyToken.getPlainText());
-    
+        
         String secretValueHashed = this.hashSecret(tokenUserUseNormally);
-    
+        
         HashValue hashValue = new HashValue(LEGACY_VERSION, LEGACY_PREFIX, secretValueHashed);
         HashedToken token = HashedToken.buildNew(Messages.ApiTokenProperty_LegacyTokenName(), hashValue);
-    
+        
         this.addToken(token);
     }
     
     public synchronized @Nonnull String generateNewTokenAndReturnHiddenValue(@Nonnull String name) {
-        // 16x8=128bit worth of randomness, since we use md5 digest as the API token
+        // 16x8=128bit worth of randomness, using brute-force you need on average 2^127 tries
         byte[] random = new byte[16];
         RANDOM.nextBytes(random);
         String secretValue = Util.toHexString(random);
@@ -240,6 +279,7 @@ public class ApiTokenStore {
         
         do {
             currentPrefix = generateRandomPrefix();
+//            unique = !prefixToTokenList2.containsKey(currentPrefix);
             unique = !prefixToTokenList.containsKey(currentPrefix);
             i++;
         } while (i < MAX_ATTEMPTS && !unique);
@@ -259,7 +299,7 @@ public class ApiTokenStore {
     @SuppressFBWarnings("NP_NONNULL_RETURN_VIOLATION")
     private @Nonnull String generateRandomPrefix() {
         int prefixInteger = RANDOM.nextInt(4096);
-
+        
         String prefixString = Integer.toHexString(prefixInteger);
         return StringUtils.leftPad(prefixString, 3, '0');
     }
@@ -310,91 +350,138 @@ public class ApiTokenStore {
     private boolean searchMatchUsingPrefix(String prefix, String plainToken) {
         String plainTokenCacheKey = HASH_CACHE.getCorrespondingCacheKey(plainToken);
         String uuidFromCache = HASH_CACHE.getCachedUuid(plainTokenCacheKey);
-        if(uuidFromCache != null){
-            for (HashedToken token : tokenList) {
-                if (token.uuid.equals(uuidFromCache)) {
-                    LOGGER.log(Level.FINER, "Cache hit for prefix = ", prefix);
-                    token.incrementUse();
-                    HASH_CACHE.insertOrRefreshCache(plainTokenCacheKey, token.uuid);
-                    return true;
-                }
+        if (uuidFromCache != null) {
+            HashedToken token = tokenMap.get(uuidFromCache);
+            if(token != null){
+                LOGGER.log(Level.FINER, "Cache hit for prefix = {0}", prefix);
+                token.incrementUse();
+                HASH_CACHE.insertOrRefreshCache(plainTokenCacheKey, token.uuid);
+                return true;
+            }else{
+                LOGGER.log(Level.FINER, "Cache hit false positive, the cached uuid corresponds to a token that was removed, for prefix = {0}", prefix);
             }
-        }
-        LOGGER.log(Level.FINER, "Cache miss for prefix = ", prefix);
-        
-        Node<HashedToken> node = this.prefixToTokenList.get(prefix);
-        while (node != null) {
-            boolean matchFound = node.value.match(plainToken);
-            if (matchFound) {
-                node.value.incrementUse();
-    
-                HASH_CACHE.insertOrRefreshCache(plainTokenCacheKey, node.value.uuid);
+////            for (HashedToken token : tokenList2) {
+////                if (token.uuid.equals(uuidFromCache)) {
+//                    LOGGER.log(Level.FINER, "Cache hit for prefix = {0}", prefix);
+//                    token.incrementUse();
+//                    HASH_CACHE.insertOrRefreshCache(plainTokenCacheKey, token.uuid);
+//                    return true;
+////                }
+////            }
+        }
+        LOGGER.log(Level.FINER, "Cache miss for prefix = {0}", prefix);
+    
+        List<HashedToken> list = this.prefixToTokenList.get(prefix);
+        for (HashedToken hashedToken : list) {
+            if(hashedToken.match(plainToken)){
+                hashedToken.incrementUse();
+    
+                HASH_CACHE.insertOrRefreshCache(plainTokenCacheKey, hashedToken.uuid);
                 return true;
-            } else {
-                node = node.next;
             }
         }
+//        Node<HashedToken> node = this.prefixToTokenList2.get(prefix);
+//        while (node != null) {
+//            boolean matchFound = node.value.match(plainToken);
+//            if (matchFound) {
+//                node.value.incrementUse();
+//            
+//                HASH_CACHE.insertOrRefreshCache(plainTokenCacheKey, node.value.uuid);
+//                return true;
+//            } else {
+//                node = node.next;
+//            }
+//        }
         
         return false;
     }
     
-    public synchronized @CheckForNull HashedToken revokeToken(@Nonnull String tokenId) {
-        for (int i = 0; i < tokenList.size(); i++) {
-            HashedToken token = tokenList.get(i);
-            if (token.uuid.equals(tokenId)) {
-                tokenList.remove(i);
-                
-                removeTokenFromPrefixMap(token);
-                return token;
-            }
+    public synchronized @CheckForNull HashedToken revokeToken(@Nonnull String tokenUuid) {
+        HashedToken token = tokenMap.remove(tokenUuid);
+        if(token != null){
+            removeTokenFromPrefixMap(token);
+            return token;
         }
         
+//        for (int i = 0; i < tokenList2.size(); i++) {
+//            HashedToken token = tokenList2.get(i);
+//            if (token.uuid.equals(tokenId)) {
+//                tokenList2.remove(i);
+//                
+//                removeTokenFromPrefixMap(token);
+//                return token;
+//            }
+//        }
+        
         return null;
     }
     
     private void removeTokenFromPrefixMap(HashedToken token) {
         String prefix = token.value.prefix;
-        Node<HashedToken> node = prefixToTokenList.get(prefix);
-        if (node == null) {
-            // normally not the case
-            return;
-        }
-        
-        // first node, we replace it by the next one or nothing
-        if (node.value.uuid.equals(token.uuid)) {
-            if (node.next == null) {
-                prefixToTokenList.remove(prefix);
-            } else {
-                prefixToTokenList.put(prefix, node.next);
-            }
-        } else {
-            Node<HashedToken> previousNode = node;
-            node = node.next;
-            while (node != null) {
-                // 2-nth node, we replace the previous.next with new value
-                // but do not touch the initial node
-                if (node.value.uuid.equals(token.uuid)) {
-                    if (node.next == null) {
-                        previousNode.next = null;
-                    } else {
-                        previousNode.next = node.next;
-                    }
-                    return;
-                }
-                
-                previousNode = node;
-                node = node.next;
+        List<HashedToken> list = prefixToTokenList.get(prefix);
+        boolean found = false;
+        for (Iterator<HashedToken> iterator = list.iterator(); iterator.hasNext() && !found;) {
+            HashedToken currentToken = iterator.next();
+            if(currentToken.uuid.equals(token.uuid)){
+                iterator.remove();
+                found = true;
             }
         }
+        if(list.isEmpty()){
+            prefixToTokenList.remove(prefix);
+        }
+        
+        
+        
+//        Node<HashedToken> node = prefixToTokenList2.get(prefix);
+//        if (node == null) {
+////             normally not the case
+//            return;
+//        }
+//        
+//        // first node, we replace it by the next one or nothing
+//        if (node.value.uuid.equals(token.uuid)) {
+//            if (node.next == null) {
+//                prefixToTokenList2.remove(prefix);
+//            } else {
+//                prefixToTokenList2.put(prefix, node.next);
+//            }
+//        } else {
+//            Node<HashedToken> previousNode = node;
+//            node = node.next;
+//            while (node != null) {
+//                // 2-nth node, we replace the previous.next with new value
+//                // but do not touch the initial node
+//                if (node.value.uuid.equals(token.uuid)) {
+//                    if (node.next == null) {
+//                        previousNode.next = null;
+//                    } else {
+//                        previousNode.next = node.next;
+//                    }
+//                    return;
+//                }
+//                
+//                previousNode = node;
+//                node = node.next;
+//            }
+//        }
     }
     
-    public synchronized void renameToken(@Nonnull String tokenId, @Nonnull String newName) {
-        for (HashedToken token : tokenList) {
-            if (token.uuid.equals(tokenId)) {
-                token.rename(newName);
-                return;
-            }
-        }
+    public synchronized boolean renameToken(@Nonnull String tokenUuid, @Nonnull String newName) {
+        HashedToken token = tokenMap.get(tokenUuid);
+        if(token == null){
+            LOGGER.log(Level.FINER, "The target token for rename does not exist, for uuid = {0}, with desired name = {1}", new Object[]{tokenUuid, newName});
+            return false;
+        }else{
+            token.rename(newName);
+            return true;
+        }
+//        for (HashedToken token : tokenList2) {
+//            if (token.uuid.equals(tokenId)) {
+//                token.rename(newName);
+//                return;
+//            }
+//        }
     }
     
     /**
@@ -456,7 +543,7 @@ public class ApiTokenStore {
         public void rename(String newName) {
             this.name = newName;
         }
-    
+        
         /**
          * This operation should take some time (between 100ms and 1s)
          */
@@ -511,46 +598,47 @@ public class ApiTokenStore {
          */
         @SuppressFBWarnings(value = "MS_SHOULD_BE_FINAL", justification = "Accessible via System Groovy Scripts")
         public static long HASH_CACHE_TIMEOUT_IN_MS =
-                SystemProperties.getLong(ApiTokenStore.class.getName() + ".hashCacheTimeout", (long)(5 * 60 * 1000));
+                SystemProperties.getLong(ApiTokenStore.class.getName() + ".hashCacheTimeout", (long) (5 * 60 * 1000));
         
         /**
          * At minimum we compute the long hash every 30 minutes
          */
         @SuppressFBWarnings(value = "MS_SHOULD_BE_FINAL", justification = "Accessible via System Groovy Scripts")
         public static long HASH_CACHE_MAX_LIVETIME_IN_MS =
-                SystemProperties.getLong(ApiTokenStore.class.getName() + ".hashCacheMaxLivetime", (long)(30 * 60 * 1000));
-    
+                SystemProperties.getLong(ApiTokenStore.class.getName() + ".hashCacheMaxLivetime", (long) (30 * 60 * 1000));
+        
         @SuppressFBWarnings(value = "MS_SHOULD_BE_FINAL", justification = "Accessible via System Groovy Scripts")
         public static boolean HASH_CACHE_DISABLED =
                 SystemProperties.getBoolean(ApiTokenStore.class.getName() + ".hashCacheDisabled", false);
-    
+        
         @SuppressFBWarnings(value = "MS_SHOULD_BE_FINAL", justification = "Accessible via System Groovy Scripts")
         public static int HASH_CACHE_MIN_SIZE_FOR_CLEANUP =
                 SystemProperties.getInteger(ApiTokenStore.class.getName() + ".hashCacheMinSizeForCleanup", 20);
-    
+        
         private static final byte[] HASH_CACHE_SALT;
+        
         static {
             // no requirement to keep it between restart since the cache is temporary
             SecureRandom random = new SecureRandom();
             HASH_CACHE_SALT = new byte[16];
             random.nextBytes(HASH_CACHE_SALT);
         }
-    
+        
         private static final String HASH_ALGORITHM = "SHA-256";
         
         private final Map<String, CacheEntry> cache = new HashMap<>();
-    
+        
         @SuppressFBWarnings("NP_NONNULL_RETURN_VIOLATION")
-        public @Nonnull String getCorrespondingCacheKey(String plainToken){
-            if(HASH_CACHE_DISABLED){
+        public @Nonnull String getCorrespondingCacheKey(String plainToken) {
+            if (HASH_CACHE_DISABLED) {
                 return "cache-disabled";
             }
             byte[] hashedTokenBytes = hashWithSalt(plainToken.getBytes(StandardCharsets.UTF_8));
             return Base64.getEncoder().encodeToString(hashedTokenBytes);
         }
-    
+        
         @SuppressFBWarnings("NP_NONNULL_RETURN_VIOLATION")
-        private @Nonnull byte[] hashWithSalt(byte[] tokenBytes){
+        private @Nonnull byte[] hashWithSalt(byte[] tokenBytes) {
             MessageDigest digest;
             try {
                 digest = MessageDigest.getInstance(HASH_ALGORITHM);
@@ -560,45 +648,45 @@ public class ApiTokenStore {
             digest.update(HASH_CACHE_SALT);
             return digest.digest(tokenBytes);
         }
-    
-        public synchronized @CheckForNull String getCachedUuid(String cacheKey){
-            if(HASH_CACHE_DISABLED){
+        
+        public synchronized @CheckForNull String getCachedUuid(String cacheKey) {
+            if (HASH_CACHE_DISABLED) {
                 return null;
             }
             
             cleanup();
             
-            if(cache.containsKey(cacheKey)){
+            if (cache.containsKey(cacheKey)) {
                 CacheEntry entry = cache.get(cacheKey);
-                if(entry != null){
-                    if(entry.hasExpired()){
+                if (entry != null) {
+                    if (entry.hasExpired()) {
                         cache.remove(cacheKey);
-                    }else{
+                    } else {
                         return entry.data;
                     }
                 }
             }
-
+            
             return null;
         }
-    
-        private void cleanup(){
-            if(cache.size() < HASH_CACHE_MIN_SIZE_FOR_CLEANUP){
+        
+        private void cleanup() {
+            if (cache.size() < HASH_CACHE_MIN_SIZE_FOR_CLEANUP) {
                 return;
             }
-    
+            
             cache.entrySet().removeIf(entry -> entry.getValue().hasExpired());
         }
         
-        public synchronized void insertOrRefreshCache(String cacheKey, String uuid){
-            if(HASH_CACHE_DISABLED){
+        public synchronized void insertOrRefreshCache(String cacheKey, String uuid) {
+            if (HASH_CACHE_DISABLED) {
                 return;
             }
-
+            
             CacheEntry entry = cache.get(cacheKey);
-            if(entry == null){
+            if (entry == null) {
                 cache.put(cacheKey, new CacheEntry(uuid));
-            }else{
+            } else {
                 entry.touch();
             }
         }
@@ -607,23 +695,23 @@ public class ApiTokenStore {
             LocalDateTime firstCheck;
             LocalDateTime lastCheck;
             String data;
-    
-            CacheEntry(String data){
+            
+            CacheEntry(String data) {
                 this.data = data;
                 this.firstCheck = this.lastCheck = LocalDateTime.now();
             }
             
-            public void touch(){
+            public void touch() {
                 this.lastCheck = LocalDateTime.now();
             }
             
-            public boolean hasExpired(){
+            public boolean hasExpired() {
                 LocalDateTime now = LocalDateTime.now();
-                if(now.isAfter(lastCheck.plus(HASH_CACHE_TIMEOUT_IN_MS, ChronoUnit.MILLIS))){
+                if (now.isAfter(lastCheck.plus(HASH_CACHE_TIMEOUT_IN_MS, ChronoUnit.MILLIS))) {
                     // not recently used
                     return true;
                 }
-                if(now.isAfter(firstCheck.plus(HASH_CACHE_MAX_LIVETIME_IN_MS, ChronoUnit.MILLIS))){
+                if (now.isAfter(firstCheck.plus(HASH_CACHE_MAX_LIVETIME_IN_MS, ChronoUnit.MILLIS))) {
                     // full check required after a certain time
                     return true;
                 }
-- 
GitLab


From 816dc604b0c7e217dcf3bcb3fc2aa94ed10b6bd5 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Fri, 23 Feb 2018 10:57:51 +0100
Subject: [PATCH 129/863] - adjust Devin's proposal - address Jesse's review
 first part

---
 .../java/jenkins/install/SetupWizard.java     |   4 +-
 .../jenkins/security/ApiTokenProperty.java    |  13 +-
 .../ApiTokenPropertyConfiguration.java        |  21 ++-
 ...yDisabledDefaultAdministrativeMonitor.java |   4 +-
 ...EnabledNewLegacyAdministrativeMonitor.java |   6 +-
 .../java/jenkins/security/ApiTokenStore.java  | 124 ++++++------------
 .../ApiTokenProperty/config.properties        |   2 +-
 .../config.jelly                              |   8 +-
 ...elp-tokenGenerationOnCreationDisabled.html |   2 +-
 .../security/ApiTokenPropertyTest.java        |   9 +-
 .../security/BasicHeaderProcessorTest.java    |   1 -
 11 files changed, 70 insertions(+), 124 deletions(-)

diff --git a/core/src/main/java/jenkins/install/SetupWizard.java b/core/src/main/java/jenkins/install/SetupWizard.java
index c671c50723..1c983049d5 100644
--- a/core/src/main/java/jenkins/install/SetupWizard.java
+++ b/core/src/main/java/jenkins/install/SetupWizard.java
@@ -124,8 +124,8 @@ public class SetupWizard extends PageDecorator {
                     jenkins.setAuthorizationStrategy(authStrategy);
     
                     // Disable the legacy system of API Token
-                    ApiTokenPropertyConfiguration.get().setCreationOfLegacyTokenDisabled(true);
-                    ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationDisabled(true);
+                    ApiTokenPropertyConfiguration.get().setCreationOfLegacyTokenEnabled(false);
+                    ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(false);
 
                     // Disable jnlp by default, but honor system properties
                     jenkins.setSlaveAgentPort(SystemProperties.getInteger(Jenkins.class.getName()+".slaveAgentPort",-1));
diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index 66b58a54ec..712eb0fd5c 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -53,7 +53,6 @@ import java.security.SecureRandom;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.HashMap;
-import java.util.List;
 import java.util.Map;
 import java.util.logging.Level;
 import java.util.logging.Logger;
@@ -209,7 +208,7 @@ public class ApiTokenProperty extends UserProperty {
     // only for Jelly
     @Restricted(NoExternalUse.class)
     public boolean mustDisplayLegacyApiToken() {
-        return apiToken != null || !ApiTokenPropertyConfiguration.get().isCreationOfLegacyTokenDisabled();
+        return apiToken != null || ApiTokenPropertyConfiguration.get().isCreationOfLegacyTokenEnabled();
     }
     
     @Override
@@ -254,7 +253,7 @@ public class ApiTokenProperty extends UserProperty {
     }
     
     /**
-     * Only usable if the user still has his API token. After the revocation of the legacy token the method will do nothing.
+     * Only usable if the user still has the legacy API token.
      * @deprecated Each token can be revoked now and new tokens can be requested without altering existing ones.
      */
     @Deprecated
@@ -318,7 +317,7 @@ public class ApiTokenProperty extends UserProperty {
          * the initial API token value. So we take the seed by hashing the secret + user ID.
          */
         public ApiTokenProperty newInstance(User user) {
-            if (ApiTokenPropertyConfiguration.get().isTokenGenerationOnCreationDisabled()) {
+            if (!ApiTokenPropertyConfiguration.get().isTokenGenerationOnCreationEnabled()) {
                 // recommended way
                 return null;
             }
@@ -361,10 +360,10 @@ public class ApiTokenProperty extends UserProperty {
         @Deprecated
         @RequirePOST
         public HttpResponse doChangeToken(@AncestorInPath User u, StaplerResponse rsp) throws IOException {
-            LOGGER.log(Level.WARNING, "Deprecated action /changeToken used, consider using /generateNewToken instead");
-
             u.checkPermission(Jenkins.ADMINISTER);
 
+            LOGGER.log(Level.WARNING, "Deprecated action /changeToken used, consider using /generateNewToken instead");
+
             ApiTokenProperty p = u.getProperty(ApiTokenProperty.class);
             if (p == null) {
                 p = forceNewInstance(u, true);
@@ -465,7 +464,7 @@ public class ApiTokenProperty extends UserProperty {
      */
     @Deprecated
     private static final SecureRandom RANDOM = new SecureRandom();
-    
+
     /**
      * We don't want an API key that's too long, so cut the length to 16 (which produces 32-letter MAC code in hexdump)
      */
diff --git a/core/src/main/java/jenkins/security/ApiTokenPropertyConfiguration.java b/core/src/main/java/jenkins/security/ApiTokenPropertyConfiguration.java
index 58e70530c1..6c5430dc0e 100644
--- a/core/src/main/java/jenkins/security/ApiTokenPropertyConfiguration.java
+++ b/core/src/main/java/jenkins/security/ApiTokenPropertyConfiguration.java
@@ -38,10 +38,9 @@ import org.kohsuke.accmod.restrictions.NoExternalUse;
  */
 @Extension 
 @Symbol("apiToken")
-@Restricted(NoExternalUse.class)
 public class ApiTokenPropertyConfiguration extends GlobalConfiguration {
-    private boolean tokenGenerationOnCreationDisabled = false;
-    private boolean creationOfLegacyTokenDisabled = false;
+    private boolean tokenGenerationOnCreationEnabled = true;
+    private boolean creationOfLegacyTokenEnabled = true;
     
     public static ApiTokenPropertyConfiguration get() {
         return Jenkins.get().getInjector().getInstance(ApiTokenPropertyConfiguration.class);
@@ -51,21 +50,21 @@ public class ApiTokenPropertyConfiguration extends GlobalConfiguration {
         load();
     }
 
-    public boolean isTokenGenerationOnCreationDisabled() {
-        return tokenGenerationOnCreationDisabled;
+    public boolean isTokenGenerationOnCreationEnabled() {
+        return tokenGenerationOnCreationEnabled;
     }
 
-    public void setTokenGenerationOnCreationDisabled(boolean tokenGenerationOnCreationDisabled) {
-        this.tokenGenerationOnCreationDisabled = tokenGenerationOnCreationDisabled;
+    public void setTokenGenerationOnCreationEnabled(boolean tokenGenerationOnCreationEnabled) {
+        this.tokenGenerationOnCreationEnabled = tokenGenerationOnCreationEnabled;
         save();
     }
 
-    public boolean isCreationOfLegacyTokenDisabled() {
-        return creationOfLegacyTokenDisabled;
+    public boolean isCreationOfLegacyTokenEnabled() {
+        return creationOfLegacyTokenEnabled;
     }
 
-    public void setCreationOfLegacyTokenDisabled(boolean creationOfLegacyTokenDisabled) {
-        this.creationOfLegacyTokenDisabled = creationOfLegacyTokenDisabled;
+    public void setCreationOfLegacyTokenEnabled(boolean creationOfLegacyTokenEnabled) {
+        this.creationOfLegacyTokenEnabled = creationOfLegacyTokenEnabled;
         save();
     }
 
diff --git a/core/src/main/java/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor.java b/core/src/main/java/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor.java
index a9629074c4..12f1bce9f7 100644
--- a/core/src/main/java/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor.java
+++ b/core/src/main/java/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor.java
@@ -51,13 +51,13 @@ public class ApiTokenPropertyDisabledDefaultAdministrativeMonitor extends Admini
     
     @Override
     public boolean isActivated() {
-        return !ApiTokenPropertyConfiguration.get().isTokenGenerationOnCreationDisabled();
+        return ApiTokenPropertyConfiguration.get().isTokenGenerationOnCreationEnabled();
     }
     
     @RequirePOST
     public HttpResponse doAct(@QueryParameter String no) throws IOException {
         if (no == null) {
-            ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationDisabled(true);
+            ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(false);
         } else {
             disable(true);
         }
diff --git a/core/src/main/java/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor.java b/core/src/main/java/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor.java
index 565d481b4f..4b062422e7 100644
--- a/core/src/main/java/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor.java
+++ b/core/src/main/java/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor.java
@@ -37,8 +37,6 @@ import java.io.IOException;
 
 /**
  * Monitor that the API Token cannot be created for a user without existing legacy token
- *
- * @since TODO
  */
 @Extension
 @Symbol("apiTokenNewLegacyWithoutExisting")
@@ -51,13 +49,13 @@ public class ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor extends Admin
     
     @Override
     public boolean isActivated() {
-        return !ApiTokenPropertyConfiguration.get().isCreationOfLegacyTokenDisabled();
+        return ApiTokenPropertyConfiguration.get().isCreationOfLegacyTokenEnabled();
     }
     
     @RequirePOST
     public HttpResponse doAct(@QueryParameter String no) throws IOException {
         if (no == null) {
-            ApiTokenPropertyConfiguration.get().setCreationOfLegacyTokenDisabled(true);
+            ApiTokenPropertyConfiguration.get().setCreationOfLegacyTokenEnabled(false);
         } else {
             disable(true);
         }
diff --git a/core/src/main/java/jenkins/security/ApiTokenStore.java b/core/src/main/java/jenkins/security/ApiTokenStore.java
index df42b945e6..41c3a5ac0b 100644
--- a/core/src/main/java/jenkins/security/ApiTokenStore.java
+++ b/core/src/main/java/jenkins/security/ApiTokenStore.java
@@ -58,15 +58,14 @@ import java.util.TreeMap;
 import java.util.UUID;
 import java.util.logging.Level;
 import java.util.logging.Logger;
+import java.util.stream.Collectors;
 
 public class ApiTokenStore {
     private static final Logger LOGGER = Logger.getLogger(OldDataMonitor.class.getName());
     private static final SecureRandom RANDOM = new SecureRandom();
     
-//    private static final Comparator<HashedToken> SORT_BY_LOWERCASED_NAME2 =
-//            Comparator.comparing(hashedToken -> hashedToken.getName().toLowerCase());
-    private static final Comparator<String> SORT_BY_LOWERCASE =
-            Comparator.comparing(name -> name.toLowerCase(Locale.ENGLISH));
+    private static final Comparator<HashedToken> SORT_BY_LOWERCASED_NAME =
+            Comparator.comparing(hashedToken -> hashedToken.getName().toLowerCase(Locale.ENGLISH));
     
     /**
      * Determine the (log of) number of rounds we need to apply when hashing the token
@@ -96,9 +95,7 @@ public class ApiTokenStore {
      */
     private static final HashCache HASH_CACHE = new HashCache();
     
-    @Deprecated
-    private List<HashedToken> tokenList2;
-    private SortedMap<String, HashedToken> tokenMap;
+    private List<HashedToken> tokenList;
     @Deprecated
     private transient Map<String, Node<HashedToken>> prefixToTokenList2;
     private transient Map<String, List<HashedToken>> prefixToTokenList;
@@ -113,11 +110,8 @@ public class ApiTokenStore {
     }
     
     private void init() {
-//        if (this.tokenList2 == null) {
-//            this.tokenList2 = new ArrayList<>();
-//        }
-        if (this.tokenMap == null) {
-            this.tokenMap = new TreeMap<>(SORT_BY_LOWERCASE);
+        if (this.tokenList == null) {
+            this.tokenList = new ArrayList<>();
         }
 //        this.prefixToTokenList2 = new HashMap<>();
         this.prefixToTokenList = new HashMap<>();
@@ -125,13 +119,9 @@ public class ApiTokenStore {
     
     @SuppressFBWarnings("NP_NONNULL_RETURN_VIOLATION")
     public synchronized @Nonnull Collection<HashedToken> getTokenListSortedByName() {
-        return tokenMap.values();
-//        
-//        List<ApiTokenStore.HashedToken> sortedTokenList = tokenList2.stream()
-//                .sorted(SORT_BY_LOWERCASED_NAME2)
-//                .collect(Collectors.toList());
-//        
-//        return sortedTokenList;
+        return tokenList.stream()
+                .sorted(SORT_BY_LOWERCASED_NAME)
+                .collect(Collectors.toList());
     }
     
     /**
@@ -140,13 +130,11 @@ public class ApiTokenStore {
     public synchronized void optimize() {
 //        this.prefixToTokenList2.clear();
         this.prefixToTokenList.clear();
-//        tokenList2.forEach(this::addTokenInPrefixMap);
-        tokenMap.values().forEach(this::addTokenInPrefixMap);
+        tokenList.forEach(this::addTokenInPrefixMap);
     }
     
     private void addToken(HashedToken token) {
-//        this.tokenList2.add(token);
-        this.tokenMap.put(token.getUuid(), token);
+        this.tokenList.add(token);
         this.addTokenInPrefixMap(token);
     }
     
@@ -173,9 +161,7 @@ public class ApiTokenStore {
      * and so between restart they change
      */
     public synchronized void reconfigure(@Nonnull Map<String, JSONObject> tokenStoreDataMap) {
-        //TODO check
-        tokenMap.values().forEach(hashedToken -> {
-//        tokenList2.forEach(hashedToken -> {
+        tokenList.forEach(hashedToken -> {
             JSONObject receivedTokenData = tokenStoreDataMap.get(hashedToken.uuid);
             if (receivedTokenData == null) {
                 LOGGER.log(Level.INFO, "No token received for {0}", hashedToken.uuid);
@@ -216,24 +202,14 @@ public class ApiTokenStore {
     
     private void deleteAllLegacyTokens() {
         // normally there is only one, but just in case
-        for (Iterator<HashedToken> iterator = tokenMap.values().iterator(); iterator.hasNext();) {
+        for (Iterator<HashedToken> iterator = tokenList.iterator(); iterator.hasNext();) {
             HashedToken token = iterator.next();
             if (token.isLegacy()) {
-//                tokenList2.remove(i);
                 iterator.remove();
-                
+
                 removeTokenFromPrefixMap(token);
             }
         }
-        
-//        for (int i = tokenList2.size() - 1; i >= 0; i--) {
-//            HashedToken token = tokenList2.get(i);
-//            if (token.isLegacy()) {
-//                tokenList2.remove(i);
-//                
-//                removeTokenFromPrefixMap(token);
-//            }
-//        }
     }
     
     private void addLegacyToken(@Nonnull Secret legacyToken) {
@@ -351,25 +327,18 @@ public class ApiTokenStore {
         String plainTokenCacheKey = HASH_CACHE.getCorrespondingCacheKey(plainToken);
         String uuidFromCache = HASH_CACHE.getCachedUuid(plainTokenCacheKey);
         if (uuidFromCache != null) {
-            HashedToken token = tokenMap.get(uuidFromCache);
-            if(token != null){
-                LOGGER.log(Level.FINER, "Cache hit for prefix = {0}", prefix);
-                token.incrementUse();
-                HASH_CACHE.insertOrRefreshCache(plainTokenCacheKey, token.uuid);
-                return true;
-            }else{
-                LOGGER.log(Level.FINER, "Cache hit false positive, the cached uuid corresponds to a token that was removed, for prefix = {0}", prefix);
+            for (HashedToken token : tokenList) {
+                if (token.uuid.equals(uuidFromCache)) {
+                    LOGGER.log(Level.FINER, "Cache hit for prefix = {0}", prefix);
+                    token.incrementUse();
+                    HASH_CACHE.insertOrRefreshCache(plainTokenCacheKey, token.uuid);
+                    return true;
+                }
             }
-////            for (HashedToken token : tokenList2) {
-////                if (token.uuid.equals(uuidFromCache)) {
-//                    LOGGER.log(Level.FINER, "Cache hit for prefix = {0}", prefix);
-//                    token.incrementUse();
-//                    HASH_CACHE.insertOrRefreshCache(plainTokenCacheKey, token.uuid);
-//                    return true;
-////                }
-////            }
+            LOGGER.log(Level.FINER, "Cache hit false positive, the cached uuid corresponds to a token that was removed, for prefix = {0}", prefix);
+        }else{
+            LOGGER.log(Level.FINER, "Cache miss for prefix = {0}", prefix);
         }
-        LOGGER.log(Level.FINER, "Cache miss for prefix = {0}", prefix);
     
         List<HashedToken> list = this.prefixToTokenList.get(prefix);
         for (HashedToken hashedToken : list) {
@@ -397,22 +366,16 @@ public class ApiTokenStore {
     }
     
     public synchronized @CheckForNull HashedToken revokeToken(@Nonnull String tokenUuid) {
-        HashedToken token = tokenMap.remove(tokenUuid);
-        if(token != null){
-            removeTokenFromPrefixMap(token);
-            return token;
+        for (Iterator<HashedToken> iterator = tokenList.iterator(); iterator.hasNext();) {
+            HashedToken token = iterator.next();
+            if (token.uuid.equals(tokenUuid)) {
+                iterator.remove();
+            
+                removeTokenFromPrefixMap(token);
+                return token;
+            }
         }
-        
-//        for (int i = 0; i < tokenList2.size(); i++) {
-//            HashedToken token = tokenList2.get(i);
-//            if (token.uuid.equals(tokenId)) {
-//                tokenList2.remove(i);
-//                
-//                removeTokenFromPrefixMap(token);
-//                return token;
-//            }
-//        }
-        
+
         return null;
     }
     
@@ -468,20 +431,15 @@ public class ApiTokenStore {
     }
     
     public synchronized boolean renameToken(@Nonnull String tokenUuid, @Nonnull String newName) {
-        HashedToken token = tokenMap.get(tokenUuid);
-        if(token == null){
-            LOGGER.log(Level.FINER, "The target token for rename does not exist, for uuid = {0}, with desired name = {1}", new Object[]{tokenUuid, newName});
-            return false;
-        }else{
-            token.rename(newName);
-            return true;
+        for (HashedToken token : tokenList) {
+            if (token.uuid.equals(tokenUuid)) {
+                token.rename(newName);
+                return true;
+            }
         }
-//        for (HashedToken token : tokenList2) {
-//            if (token.uuid.equals(tokenId)) {
-//                token.rename(newName);
-//                return;
-//            }
-//        }
+
+        LOGGER.log(Level.FINER, "The target token for rename does not exist, for uuid = {0}, with desired name = {1}", new Object[]{tokenUuid, newName});
+        return false;
     }
     
     /**
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
index d4536152ee..993ccfef3a 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
@@ -7,4 +7,4 @@ ConfirmRevokeSingle=Are you sure you want to revoke this token ? Applications th
 CurrentTokens=Current tokens
 TokenCreation=Created {0} day(s) ago
 RenameToken=Save the new name of the token
-LegacyToken=We strongly recommend you to revoke this Legacy API Token as it''s not as secure as the others
+LegacyToken=We strongly recommend you to revoke this Legacy API Token as it is not as secure as the others
diff --git a/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/config.jelly b/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/config.jelly
index 7208fa5408..32bb1b166b 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/config.jelly
+++ b/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/config.jelly
@@ -26,11 +26,11 @@ THE SOFTWARE.
 <?jelly escape-by-default='true'?>
 <j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form">
     <f:section title="${%API Token}">
-        <f:entry field="tokenGenerationOnCreationDisabled">
-            <f:checkbox title="${%Disable generation of Legacy API Token on user creation}"/>
+        <f:entry field="tokenGenerationOnCreationEnabled">
+            <f:checkbox title="${%Enable generation of Legacy API Token on user creation}"/>
         </f:entry>
-        <f:entry field="creationOfLegacyTokenDisabled">
-            <f:checkbox title="${%Disable capability of user without Legacy API Token to create new one}"/>
+        <f:entry field="creationOfLegacyTokenEnabled">
+            <f:checkbox title="${%Enable capability of user without Legacy API Token to create new one}"/>
         </f:entry>
     </f:section>
 </j:jelly>
diff --git a/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-tokenGenerationOnCreationDisabled.html b/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-tokenGenerationOnCreationDisabled.html
index e8c9bfb99b..d8b25ae6f9 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-tokenGenerationOnCreationDisabled.html
+++ b/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-tokenGenerationOnCreationDisabled.html
@@ -1,5 +1,5 @@
 <div>
-    By disabling this capability, the users will be forced to use the new system of Token. <br/>
+    If this capability is disabled (recommended for security reasons), the users will be forced to use the new system of API token. <br/>
     This behavior was the legacy one used until the new system was implemented.
     It affects only the legacy tokens that are now <strong>deprecated</strong>.
 </div>
diff --git a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
index 77a3376121..9433cb7c77 100644
--- a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
+++ b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
@@ -15,9 +15,7 @@ import hudson.security.ACL;
 import hudson.security.ACLContext;
 import java.net.URL;
 
-import hudson.util.Scrambler;
 import jenkins.model.Jenkins;
-import org.junit.Ignore;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.JenkinsRule;
@@ -109,7 +107,6 @@ public class ApiTokenPropertyTest {
     @Issue("SECURITY-200")
     @Test
     public void adminsShouldBeUnableToChangeTokensByDefault() throws Exception {
-        j.jenkins.setCrumbIssuer(null);
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         User foo = User.get("foo");
         User bar = User.get("bar");
@@ -136,12 +133,8 @@ public class ApiTokenPropertyTest {
     private WebClient createClientForUser(final String id) throws Exception {
         User u = User.getById(id, true);
         
-        final ApiTokenProperty t = u.getProperty(ApiTokenProperty.class);
-        // Yes, we use the insecure call in the test stuff
-        final String token = t.getApiTokenInsecure();
-        
         WebClient wc = j.createWebClient();
-        wc.addRequestHeader("Authorization", "Basic " + Scrambler.scramble(id + ":" + token));
+        wc.withBasicApiToken(u);
         return wc;
     }
 
diff --git a/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java b/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java
index b1bb90381a..0b471dd2b3 100644
--- a/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java
+++ b/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java
@@ -8,7 +8,6 @@ import hudson.model.UnprotectedRootAction;
 import hudson.model.User;
 import hudson.util.HttpResponses;
 import org.junit.Before;
-import org.junit.Ignore;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.JenkinsRule;
-- 
GitLab


From c5faac818634f0c0241ad3378468e1308edcab71 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Fri, 23 Feb 2018 17:01:52 +0100
Subject: [PATCH 130/863] Change the approach for the configuration, when
 upgrading, we force the default secured version if you did not have
 ApiTokenPropertyConfiguration configured before. - inverse the boolean after
 Jesse's comment

---
 .../java/jenkins/install/SetupWizard.java     |   7 +-
 .../java/jenkins/install/UpgradeWizard.java   |  17 +
 .../jenkins/security/ApiTokenProperty.java    |   1 +
 .../ApiTokenPropertyConfiguration.java        |  19 +-
 .../java/jenkins/security/ApiTokenStore.java  | 301 +++---------------
 5 files changed, 80 insertions(+), 265 deletions(-)

diff --git a/core/src/main/java/jenkins/install/SetupWizard.java b/core/src/main/java/jenkins/install/SetupWizard.java
index 1c983049d5..67df12e70b 100644
--- a/core/src/main/java/jenkins/install/SetupWizard.java
+++ b/core/src/main/java/jenkins/install/SetupWizard.java
@@ -116,16 +116,11 @@ public class SetupWizard extends PageDecorator {
                     iapf.touch(System.currentTimeMillis());
                     iapf.chmod(0640);
                     iapf.write(randomUUID + System.lineSeparator(), "UTF-8");
-                    
-    
+
                     // Lock Jenkins down:
                     FullControlOnceLoggedInAuthorizationStrategy authStrategy = new FullControlOnceLoggedInAuthorizationStrategy();
                     authStrategy.setAllowAnonymousRead(false);
                     jenkins.setAuthorizationStrategy(authStrategy);
-    
-                    // Disable the legacy system of API Token
-                    ApiTokenPropertyConfiguration.get().setCreationOfLegacyTokenEnabled(false);
-                    ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(false);
 
                     // Disable jnlp by default, but honor system properties
                     jenkins.setSlaveAgentPort(SystemProperties.getInteger(Jenkins.class.getName()+".slaveAgentPort",-1));
diff --git a/core/src/main/java/jenkins/install/UpgradeWizard.java b/core/src/main/java/jenkins/install/UpgradeWizard.java
index ab7e243a70..dd52ccaca9 100644
--- a/core/src/main/java/jenkins/install/UpgradeWizard.java
+++ b/core/src/main/java/jenkins/install/UpgradeWizard.java
@@ -11,6 +11,7 @@ import java.util.logging.Logger;
 import javax.inject.Provider;
 import javax.servlet.http.HttpSession;
 
+import jenkins.security.ApiTokenPropertyConfiguration;
 import org.apache.commons.io.FileUtils;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
@@ -56,6 +57,8 @@ public class UpgradeWizard extends InstallState {
     
     @Override
     public void initializeState() {
+        applyForcedChanges();
+        
         // Initializing this state is directly related to 
         // running the detached plugin checks, these should be consolidated somehow
         updateUpToDate();
@@ -68,6 +71,20 @@ public class UpgradeWizard extends InstallState {
         }
     }
     
+    /**
+     * Put here the different changes that are enforced after an update.
+     */
+    private void applyForcedChanges(){
+        // Disable the legacy system of API Token only if the new system was not installed
+        // in such case it means there was already an upgrade before 
+        // and potentially the admin has re-enabled the features
+        ApiTokenPropertyConfiguration apiTokenPropertyConfiguration = ApiTokenPropertyConfiguration.get();
+        if(!apiTokenPropertyConfiguration.hasExistingConfigFile()){
+            apiTokenPropertyConfiguration.setCreationOfLegacyTokenEnabled(false);
+            apiTokenPropertyConfiguration.setTokenGenerationOnCreationEnabled(false);
+        }
+    }
+    
     @Override
     public boolean isSetupComplete() {
         return !isDue();
diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index 712eb0fd5c..ba321f4e40 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -165,6 +165,7 @@ public class ApiTokenProperty extends UserProperty {
         }
         
         // use the new way to find a match in order to trigger the counter / lastUseDate logic
+        // as the legacy token (if existing) are also stored there
         boolean matchFound = tokenStore.doesContainToken(token);
         if (matchFound) {
             try {
diff --git a/core/src/main/java/jenkins/security/ApiTokenPropertyConfiguration.java b/core/src/main/java/jenkins/security/ApiTokenPropertyConfiguration.java
index 6c5430dc0e..55a779f8c7 100644
--- a/core/src/main/java/jenkins/security/ApiTokenPropertyConfiguration.java
+++ b/core/src/main/java/jenkins/security/ApiTokenPropertyConfiguration.java
@@ -39,17 +39,30 @@ import org.kohsuke.accmod.restrictions.NoExternalUse;
 @Extension 
 @Symbol("apiToken")
 public class ApiTokenPropertyConfiguration extends GlobalConfiguration {
-    private boolean tokenGenerationOnCreationEnabled = true;
-    private boolean creationOfLegacyTokenEnabled = true;
+    /**
+     * When a user is created, this property determine if we create a legacy token for the user or not
+     * For security reason, we do not recommend to enable this but we let that open to ease upgrade.
+     */
+    private boolean tokenGenerationOnCreationEnabled = false;
+
+    /**
+     * When a user has a legacy token, this property determine if the user can request a new legacy token or not
+     * For security reason, we do not recommend to enable this but we let that open to ease upgrade.
+     */
+    private boolean creationOfLegacyTokenEnabled = false;
     
     public static ApiTokenPropertyConfiguration get() {
-        return Jenkins.get().getInjector().getInstance(ApiTokenPropertyConfiguration.class);
+        return GlobalConfiguration.all().get(ApiTokenPropertyConfiguration.class);
     }
 
     public ApiTokenPropertyConfiguration() {
         load();
     }
 
+    public boolean hasExistingConfigFile(){
+        return getConfigFile().exists();
+    }
+
     public boolean isTokenGenerationOnCreationEnabled() {
         return tokenGenerationOnCreationEnabled;
     }
diff --git a/core/src/main/java/jenkins/security/ApiTokenStore.java b/core/src/main/java/jenkins/security/ApiTokenStore.java
index 41c3a5ac0b..8e6c17bdb6 100644
--- a/core/src/main/java/jenkins/security/ApiTokenStore.java
+++ b/core/src/main/java/jenkins/security/ApiTokenStore.java
@@ -30,7 +30,6 @@ import hudson.util.Secret;
 import jenkins.util.SystemProperties;
 import net.sf.json.JSONObject;
 import org.apache.commons.lang.StringUtils;
-import org.mindrot.jbcrypt.BCrypt;
 
 import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
@@ -40,10 +39,8 @@ import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
 import java.time.Instant;
-import java.time.LocalDateTime;
 import java.time.temporal.ChronoUnit;
 import java.util.ArrayList;
-import java.util.Base64;
 import java.util.Collection;
 import java.util.Comparator;
 import java.util.Date;
@@ -53,8 +50,6 @@ import java.util.LinkedList;
 import java.util.List;
 import java.util.Locale;
 import java.util.Map;
-import java.util.SortedMap;
-import java.util.TreeMap;
 import java.util.UUID;
 import java.util.logging.Level;
 import java.util.logging.Logger;
@@ -67,14 +62,6 @@ public class ApiTokenStore {
     private static final Comparator<HashedToken> SORT_BY_LOWERCASED_NAME =
             Comparator.comparing(hashedToken -> hashedToken.getName().toLowerCase(Locale.ENGLISH));
     
-    /**
-     * Determine the (log of) number of rounds we need to apply when hashing the token
-     * default value corresponds to 
-     * BCrypt#GENSALT_DEFAULT_LOG2_ROUNDS is 10 which is way too small in 2018
-     */
-    @SuppressFBWarnings(value = "MS_SHOULD_BE_FINAL", justification = "Accessible via System Groovy Scripts")
-    public static int BCRYPT_LOG_ROUND =
-            SystemProperties.getInteger(ApiTokenStore.class.getName() + ".bcryptLogRound", 13);
     /**
      * Determine the number of attempt to generate an unique prefix (over 4096 possibilities) that is not currently used
      */
@@ -89,15 +76,9 @@ public class ApiTokenStore {
     
     private static final String LEGACY_PREFIX = "";
     
-    /**
-     * Cache the computation of hash in order to speed up API call that were already verified some times ago
-     * Does not keep deleted data alive, just optimize the computation of the hashes.
-     */
-    private static final HashCache HASH_CACHE = new HashCache();
+    private static final String HASH_ALGORITHM = "SHA-256";
     
     private List<HashedToken> tokenList;
-    @Deprecated
-    private transient Map<String, Node<HashedToken>> prefixToTokenList2;
     private transient Map<String, List<HashedToken>> prefixToTokenList;
     
     public ApiTokenStore() {
@@ -113,7 +94,6 @@ public class ApiTokenStore {
         if (this.tokenList == null) {
             this.tokenList = new ArrayList<>();
         }
-//        this.prefixToTokenList2 = new HashMap<>();
         this.prefixToTokenList = new HashMap<>();
     }
     
@@ -128,7 +108,6 @@ public class ApiTokenStore {
      * After a load from the disk, we need to re-populate the prefix map
      */
     public synchronized void optimize() {
-//        this.prefixToTokenList2.clear();
         this.prefixToTokenList.clear();
         tokenList.forEach(this::addTokenInPrefixMap);
     }
@@ -148,12 +127,6 @@ public class ApiTokenStore {
             newList.add(token);
             prefixToTokenList.put(prefix, newList);
         }
-//        if (prefixToTokenList2.containsKey(prefix)) {
-//            Node<HashedToken> existingNode = prefixToTokenList2.get(prefix);
-//            existingNode.addNode(newNode);
-//        } else {
-//            prefixToTokenList2.put(prefix, newNode);
-//        }
     }
     
     /**
@@ -178,23 +151,6 @@ public class ApiTokenStore {
         });
     }
     
-    private static class Node<T> {
-        private T value;
-        private Node<T> next;
-        
-        Node(T value) {
-            this.value = value;
-        }
-        
-        public void addNode(@Nonnull Node<T> other) {
-            if (next == null) {
-                this.next = other;
-            } else {
-                this.next.addNode(other);
-            }
-        }
-    }
-    
     public synchronized void generateTokenFromLegacy(@Nonnull Secret newLegacyApiToken) {
         deleteAllLegacyTokens();
         addLegacyToken(newLegacyApiToken);
@@ -215,7 +171,7 @@ public class ApiTokenStore {
     private void addLegacyToken(@Nonnull Secret legacyToken) {
         String tokenUserUseNormally = Util.getDigestOf(legacyToken.getPlainText());
         
-        String secretValueHashed = this.hashSecret(tokenUserUseNormally);
+        String secretValueHashed = this.plainSecretToHashInHex(tokenUserUseNormally);
         
         HashValue hashValue = new HashValue(LEGACY_VERSION, LEGACY_PREFIX, secretValueHashed);
         HashedToken token = HashedToken.buildNew(Messages.ApiTokenProperty_LegacyTokenName(), hashValue);
@@ -224,7 +180,7 @@ public class ApiTokenStore {
     }
     
     public synchronized @Nonnull String generateNewTokenAndReturnHiddenValue(@Nonnull String name) {
-        // 16x8=128bit worth of randomness, using brute-force you need on average 2^127 tries
+        // 16x8=128bit worth of randomness, using brute-force you need on average 2^127 tries (~10^37)
         byte[] random = new byte[16];
         RANDOM.nextBytes(random);
         String secretValue = Util.toHexString(random);
@@ -232,7 +188,7 @@ public class ApiTokenStore {
         String tokenTheUserWillUse = HASH_VERSION + prefix + secretValue;
         assert tokenTheUserWillUse.length() == 1 + 3 + 32;
         
-        String secretValueHashed = this.hashSecret(secretValue);
+        String secretValueHashed = this.plainSecretToHashInHex(secretValue);
         
         HashValue hashValue = new HashValue(HASH_VERSION, prefix, secretValueHashed);
         HashedToken token = HashedToken.buildNew(name, hashValue);
@@ -243,11 +199,26 @@ public class ApiTokenStore {
     }
     
     @SuppressFBWarnings("NP_NONNULL_RETURN_VIOLATION")
-    private @Nonnull String hashSecret(@Nonnull String secretValue) {
-        String salt = BCrypt.gensalt(BCRYPT_LOG_ROUND, RANDOM);
-        return BCrypt.hashpw(secretValue, salt);
+    private @Nonnull String plainSecretToHashInHex(@Nonnull String secretValueInPlainText) {
+        byte[] hashBytes = plainSecretToHashBytes(secretValueInPlainText);
+        return Util.toHexString(hashBytes);
     }
     
+    private @Nonnull byte[] plainSecretToHashBytes(@Nonnull String secretValueInPlainText) {
+        // ascii is sufficient for hex-format
+        return hashedBytes(secretValueInPlainText.getBytes(StandardCharsets.US_ASCII));
+    }
+
+    private @Nonnull byte[] hashedBytes(byte[] tokenBytes) {
+        MessageDigest digest;
+        try {
+            digest = MessageDigest.getInstance(HASH_ALGORITHM);
+        } catch (NoSuchAlgorithmException e) {
+            throw new AssertionError("There is no " + HASH_ALGORITHM + " available in this system");
+        }
+        return digest.digest(tokenBytes);
+    }
+
     private @Nonnull String generatePrefix() {
         int i = 0;
         boolean unique;
@@ -255,7 +226,6 @@ public class ApiTokenStore {
         
         do {
             currentPrefix = generateRandomPrefix();
-//            unique = !prefixToTokenList2.containsKey(currentPrefix);
             unique = !prefixToTokenList.containsKey(currentPrefix);
             i++;
         } while (i < MAX_ATTEMPTS && !unique);
@@ -324,44 +294,19 @@ public class ApiTokenStore {
     }
     
     private boolean searchMatchUsingPrefix(String prefix, String plainToken) {
-        String plainTokenCacheKey = HASH_CACHE.getCorrespondingCacheKey(plainToken);
-        String uuidFromCache = HASH_CACHE.getCachedUuid(plainTokenCacheKey);
-        if (uuidFromCache != null) {
-            for (HashedToken token : tokenList) {
-                if (token.uuid.equals(uuidFromCache)) {
-                    LOGGER.log(Level.FINER, "Cache hit for prefix = {0}", prefix);
-                    token.incrementUse();
-                    HASH_CACHE.insertOrRefreshCache(plainTokenCacheKey, token.uuid);
-                    return true;
-                }
-            }
-            LOGGER.log(Level.FINER, "Cache hit false positive, the cached uuid corresponds to a token that was removed, for prefix = {0}", prefix);
-        }else{
-            LOGGER.log(Level.FINER, "Cache miss for prefix = {0}", prefix);
-        }
-    
         List<HashedToken> list = this.prefixToTokenList.get(prefix);
-        for (HashedToken hashedToken : list) {
-            if(hashedToken.match(plainToken)){
-                hashedToken.incrementUse();
-    
-                HASH_CACHE.insertOrRefreshCache(plainTokenCacheKey, hashedToken.uuid);
+        if(list.isEmpty()){
+            return false;
+        }
+        
+        byte[] hashedBytes = plainSecretToHashBytes(plainToken);
+        for (HashedToken token : list) {
+            if(token.match(hashedBytes)){
+                token.incrementUse();
                 return true;
             }
         }
-//        Node<HashedToken> node = this.prefixToTokenList2.get(prefix);
-//        while (node != null) {
-//            boolean matchFound = node.value.match(plainToken);
-//            if (matchFound) {
-//                node.value.incrementUse();
-//            
-//                HASH_CACHE.insertOrRefreshCache(plainTokenCacheKey, node.value.uuid);
-//                return true;
-//            } else {
-//                node = node.next;
-//            }
-//        }
-        
+
         return false;
     }
     
@@ -370,7 +315,7 @@ public class ApiTokenStore {
             HashedToken token = iterator.next();
             if (token.uuid.equals(tokenUuid)) {
                 iterator.remove();
-            
+
                 removeTokenFromPrefixMap(token);
                 return token;
             }
@@ -393,41 +338,6 @@ public class ApiTokenStore {
         if(list.isEmpty()){
             prefixToTokenList.remove(prefix);
         }
-        
-        
-        
-//        Node<HashedToken> node = prefixToTokenList2.get(prefix);
-//        if (node == null) {
-////             normally not the case
-//            return;
-//        }
-//        
-//        // first node, we replace it by the next one or nothing
-//        if (node.value.uuid.equals(token.uuid)) {
-//            if (node.next == null) {
-//                prefixToTokenList2.remove(prefix);
-//            } else {
-//                prefixToTokenList2.put(prefix, node.next);
-//            }
-//        } else {
-//            Node<HashedToken> previousNode = node;
-//            node = node.next;
-//            while (node != null) {
-//                // 2-nth node, we replace the previous.next with new value
-//                // but do not touch the initial node
-//                if (node.value.uuid.equals(token.uuid)) {
-//                    if (node.next == null) {
-//                        previousNode.next = null;
-//                    } else {
-//                        previousNode.next = node.next;
-//                    }
-//                    return;
-//                }
-//                
-//                previousNode = node;
-//                node = node.next;
-//            }
-//        }
     }
     
     public synchronized boolean renameToken(@Nonnull String tokenUuid, @Nonnull String newName) {
@@ -454,7 +364,7 @@ public class ApiTokenStore {
         private final String prefix;
         /** To ease future implementation */
         private final String version;
-        /** The only confidential information. The token is stored only as a BCrypt hash */
+        /** The only confidential information. The token is stored as a SHA-256 hash, in hex format */
         private final String hash;
         
         public HashValue(String version, String prefix, String hash) {
@@ -502,11 +412,18 @@ public class ApiTokenStore {
             this.name = newName;
         }
         
-        /**
-         * This operation should take some time (between 100ms and 1s)
-         */
-        public boolean match(String plainToken) {
-            return BCrypt.checkpw(plainToken, value.hash);
+        public boolean match(byte[] hashedBytes) {
+            byte[] hashFromHex;
+            try{
+                hashFromHex = Util.fromHexString(value.hash);
+            }
+            catch(NumberFormatException e){
+                LOGGER.log(Level.INFO, "The API token with name=[{0}] is not in hex-format and so cannot be used", name);
+                return false;
+            }
+
+            // String.equals() is not constant-time but this method is. No link between correctness and time spent
+            return MessageDigest.isEqual(hashFromHex, hashedBytes);
         }
         
         public String getName() {
@@ -549,132 +466,4 @@ public class ApiTokenStore {
             this.name = name;
         }
     }
-    
-    public static class HashCache {
-        /**
-         * A "session" duration, meaning we do not compute the long hash each time but use a weak hash instead after the first success
-         */
-        @SuppressFBWarnings(value = "MS_SHOULD_BE_FINAL", justification = "Accessible via System Groovy Scripts")
-        public static long HASH_CACHE_TIMEOUT_IN_MS =
-                SystemProperties.getLong(ApiTokenStore.class.getName() + ".hashCacheTimeout", (long) (5 * 60 * 1000));
-        
-        /**
-         * At minimum we compute the long hash every 30 minutes
-         */
-        @SuppressFBWarnings(value = "MS_SHOULD_BE_FINAL", justification = "Accessible via System Groovy Scripts")
-        public static long HASH_CACHE_MAX_LIVETIME_IN_MS =
-                SystemProperties.getLong(ApiTokenStore.class.getName() + ".hashCacheMaxLivetime", (long) (30 * 60 * 1000));
-        
-        @SuppressFBWarnings(value = "MS_SHOULD_BE_FINAL", justification = "Accessible via System Groovy Scripts")
-        public static boolean HASH_CACHE_DISABLED =
-                SystemProperties.getBoolean(ApiTokenStore.class.getName() + ".hashCacheDisabled", false);
-        
-        @SuppressFBWarnings(value = "MS_SHOULD_BE_FINAL", justification = "Accessible via System Groovy Scripts")
-        public static int HASH_CACHE_MIN_SIZE_FOR_CLEANUP =
-                SystemProperties.getInteger(ApiTokenStore.class.getName() + ".hashCacheMinSizeForCleanup", 20);
-        
-        private static final byte[] HASH_CACHE_SALT;
-        
-        static {
-            // no requirement to keep it between restart since the cache is temporary
-            SecureRandom random = new SecureRandom();
-            HASH_CACHE_SALT = new byte[16];
-            random.nextBytes(HASH_CACHE_SALT);
-        }
-        
-        private static final String HASH_ALGORITHM = "SHA-256";
-        
-        private final Map<String, CacheEntry> cache = new HashMap<>();
-        
-        @SuppressFBWarnings("NP_NONNULL_RETURN_VIOLATION")
-        public @Nonnull String getCorrespondingCacheKey(String plainToken) {
-            if (HASH_CACHE_DISABLED) {
-                return "cache-disabled";
-            }
-            byte[] hashedTokenBytes = hashWithSalt(plainToken.getBytes(StandardCharsets.UTF_8));
-            return Base64.getEncoder().encodeToString(hashedTokenBytes);
-        }
-        
-        @SuppressFBWarnings("NP_NONNULL_RETURN_VIOLATION")
-        private @Nonnull byte[] hashWithSalt(byte[] tokenBytes) {
-            MessageDigest digest;
-            try {
-                digest = MessageDigest.getInstance(HASH_ALGORITHM);
-            } catch (NoSuchAlgorithmException e) {
-                throw new AssertionError("There is no " + HASH_ALGORITHM + " available in this system");
-            }
-            digest.update(HASH_CACHE_SALT);
-            return digest.digest(tokenBytes);
-        }
-        
-        public synchronized @CheckForNull String getCachedUuid(String cacheKey) {
-            if (HASH_CACHE_DISABLED) {
-                return null;
-            }
-            
-            cleanup();
-            
-            if (cache.containsKey(cacheKey)) {
-                CacheEntry entry = cache.get(cacheKey);
-                if (entry != null) {
-                    if (entry.hasExpired()) {
-                        cache.remove(cacheKey);
-                    } else {
-                        return entry.data;
-                    }
-                }
-            }
-            
-            return null;
-        }
-        
-        private void cleanup() {
-            if (cache.size() < HASH_CACHE_MIN_SIZE_FOR_CLEANUP) {
-                return;
-            }
-            
-            cache.entrySet().removeIf(entry -> entry.getValue().hasExpired());
-        }
-        
-        public synchronized void insertOrRefreshCache(String cacheKey, String uuid) {
-            if (HASH_CACHE_DISABLED) {
-                return;
-            }
-            
-            CacheEntry entry = cache.get(cacheKey);
-            if (entry == null) {
-                cache.put(cacheKey, new CacheEntry(uuid));
-            } else {
-                entry.touch();
-            }
-        }
-        
-        private static class CacheEntry {
-            LocalDateTime firstCheck;
-            LocalDateTime lastCheck;
-            String data;
-            
-            CacheEntry(String data) {
-                this.data = data;
-                this.firstCheck = this.lastCheck = LocalDateTime.now();
-            }
-            
-            public void touch() {
-                this.lastCheck = LocalDateTime.now();
-            }
-            
-            public boolean hasExpired() {
-                LocalDateTime now = LocalDateTime.now();
-                if (now.isAfter(lastCheck.plus(HASH_CACHE_TIMEOUT_IN_MS, ChronoUnit.MILLIS))) {
-                    // not recently used
-                    return true;
-                }
-                if (now.isAfter(firstCheck.plus(HASH_CACHE_MAX_LIVETIME_IN_MS, ChronoUnit.MILLIS))) {
-                    // full check required after a certain time
-                    return true;
-                }
-                return false;
-            }
-        }
-    }
 }
-- 
GitLab


From 72a7529a119b2be6b3ff93d63688ee6973404236 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20Gond=C5=BEa?= <ogondza@gmail.com>
Date: Fri, 23 Feb 2018 20:30:37 +0100
Subject: [PATCH 131/863] [FIX JENKINS-30909] Make sure queue is persisted
 reliably (#3244)

* [FIX JENKINS-30909] Make sure queue is persisted reliably

* Fix tests on Windows

* Ensure Saver is thread-safe
---
 core/src/main/java/hudson/model/Queue.java    |  78 ++++++-
 test/pom.xml                                  |   2 +-
 .../java/hudson/model/QueueRestartTest.java   |  89 ++++++++
 .../src/test/java/hudson/model/QueueTest.java |  19 ++
 .../model/QueueTest/load_queue_xml/config.xml |  48 +++++
 .../load_queue_xml/jobs/a/config.xml          |  18 ++
 .../load_queue_xml/jobs/b/config.xml          |  18 ++
 .../load_queue_xml/jobs/c/config.xml          |  18 ++
 .../load_queue_xml/jobs/d/config.xml          |  18 ++
 .../load_queue_xml/jobs/e/config.xml          |  18 ++
 .../load_queue_xml/jobs/f/config.xml          |  18 ++
 .../load_queue_xml/jobs/g/config.xml          |  18 ++
 .../load_queue_xml/jobs/h/config.xml          |  18 ++
 .../load_queue_xml/jobs/i/config.xml          |  18 ++
 .../load_queue_xml/jobs/j/config.xml          |  18 ++
 .../load_queue_xml/jobs/k/config.xml          |  18 ++
 .../model/QueueTest/load_queue_xml/queue.xml  | 193 ++++++++++++++++++
 17 files changed, 625 insertions(+), 2 deletions(-)
 create mode 100644 test/src/test/java/hudson/model/QueueRestartTest.java
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/a/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/b/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/c/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/d/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/e/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/f/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/g/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/h/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/i/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/j/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/k/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/queue.xml

diff --git a/core/src/main/java/hudson/model/Queue.java b/core/src/main/java/hudson/model/Queue.java
index 6ad10d5f81..7e59e52117 100644
--- a/core/src/main/java/hudson/model/Queue.java
+++ b/core/src/main/java/hudson/model/Queue.java
@@ -24,10 +24,12 @@
  */
 package hudson.model;
 
+import com.google.common.annotations.VisibleForTesting;
 import com.google.common.cache.Cache;
 import com.google.common.cache.CacheBuilder;
 import com.infradna.tool.bridge_method_injector.WithBridgeMethods;
 import hudson.BulkChange;
+import hudson.Extension;
 import hudson.ExtensionList;
 import hudson.ExtensionPoint;
 import hudson.Util;
@@ -64,7 +66,10 @@ import hudson.model.queue.WorkUnitContext;
 import hudson.security.ACL;
 import hudson.security.AccessControlled;
 import java.nio.file.Files;
+
+import hudson.util.Futures;
 import jenkins.security.QueueItemAuthenticatorProvider;
+import jenkins.util.SystemProperties;
 import jenkins.util.Timer;
 import hudson.triggers.SafeTimerTask;
 import java.util.concurrent.TimeUnit;
@@ -93,7 +98,6 @@ import java.util.NoSuchElementException;
 import java.util.Set;
 import java.util.TreeSet;
 import java.util.concurrent.Callable;
-import java.util.concurrent.TimeUnit;
 import java.util.concurrent.Future;
 import java.util.concurrent.atomic.AtomicLong;
 import java.util.concurrent.locks.Condition;
@@ -102,6 +106,7 @@ import java.util.logging.Level;
 import java.util.logging.Logger;
 
 import javax.annotation.Nonnull;
+import javax.annotation.concurrent.GuardedBy;
 import javax.servlet.ServletException;
 
 import jenkins.model.Jenkins;
@@ -3009,4 +3014,75 @@ public class Queue extends ResourceController implements Saveable {
     public static void init(Jenkins h) {
         h.getQueue().load();
     }
+
+    /**
+     * Schedule <tt>Queue.save()</tt> call for near future once items change. Ignore all changes until the time the save
+     * takes place.
+     *
+     * Once queue is restored after a crash, items stages might not be accurate until the next #maintain() - this is not
+     * a problem as the items will be reshuffled first and then scheduled during the next maintainance cycle.
+     *
+     * Implementation note: Queue.load() calls QueueListener hooks for every item deserialized that can hammer the persistance
+     * on load. The problem is avoided by delaying the actual save for the time long enough for queue to load so the save
+     * operations will collapse into one. Also, items are persisted as buildable or blocked in vast majority of cases and
+     * those stages does not trigger the save here.
+     */
+    @Extension
+    @Restricted(NoExternalUse.class)
+    public static final class Saver extends QueueListener implements Runnable {
+
+        /**
+         * All negative values will disable periodic saving.
+         */
+        @VisibleForTesting
+        /*package*/ static /*final*/ int DELAY_SECONDS = SystemProperties.getInteger("hudson.model.Queue.Saver.DELAY_SECONDS", 60);
+
+        private final Object lock = new Object();
+        @GuardedBy("lock")
+        private Future<?> nextSave;
+
+        @Override
+        public void onEnterWaiting(WaitingItem wi) {
+            push();
+        }
+
+        @Override
+        public void onLeft(Queue.LeftItem li) {
+            push();
+        }
+
+        private void push() {
+            if (DELAY_SECONDS < 0) return;
+
+            synchronized (lock) {
+                // Can be done or canceled in case of a bug or external intervention - do not allow it to hang there forever
+                if (nextSave != null && !(nextSave.isDone() || nextSave.isCancelled())) return;
+                nextSave = Timer.get().schedule(this, DELAY_SECONDS, TimeUnit.SECONDS);
+            }
+        }
+
+        @Override
+        public void run() {
+            try {
+                Jenkins j = Jenkins.getInstanceOrNull();
+                if (j != null) {
+                    j.getQueue().save();
+                }
+            } finally {
+                synchronized (lock) {
+                    nextSave = null;
+                }
+            }
+        }
+
+        @VisibleForTesting @Restricted(NoExternalUse.class)
+        /*package*/ @Nonnull Future<?> getNextSave() {
+            synchronized (lock) {
+                return nextSave == null
+                        ? Futures.precomputed(null)
+                        : nextSave
+                ;
+            }
+        }
+    }
 }
diff --git a/test/pom.xml b/test/pom.xml
index 1386a66c0a..cd5bc03f4d 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -53,7 +53,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>${project.groupId}</groupId>
       <artifactId>jenkins-test-harness</artifactId>
-      <version>2.32</version>
+      <version>2.33</version>
       <scope>test</scope>
       <exclusions>
         <exclusion>
diff --git a/test/src/test/java/hudson/model/QueueRestartTest.java b/test/src/test/java/hudson/model/QueueRestartTest.java
new file mode 100644
index 0000000000..2ba10b2ddd
--- /dev/null
+++ b/test/src/test/java/hudson/model/QueueRestartTest.java
@@ -0,0 +1,89 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) Red Hat, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package hudson.model;
+
+import hudson.ExtensionList;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runners.model.Statement;
+import org.jvnet.hudson.test.RestartableJenkinsRule;
+
+import java.io.IOException;
+import java.util.concurrent.TimeUnit;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+public class QueueRestartTest {
+
+    @Rule
+    public RestartableJenkinsRule j = new RestartableJenkinsRule();
+
+    @Test
+    public void persistQueueOnRestart() {
+        j.addStep(new Statement() {
+            @Override public void evaluate() throws Throwable {
+                Queue.Saver.DELAY_SECONDS = 24 * 60 * 60; // Avoid period save as we are after the explicit one
+                scheduleSomeBuild();
+                assertBuildIsScheduled();
+            }
+        });
+        j.addStep(new Statement() {
+            @Override public void evaluate() {
+                assertBuildIsScheduled();
+            }
+        });
+    }
+
+    @Test
+    public void persistQueueOnCrash() {
+        j.addStepWithDirtyShutdown(new Statement() {
+            @Override public void evaluate() throws Throwable {
+                Queue.Saver.DELAY_SECONDS = 0; // Call Queue#save() on every queue modification simulating time has passed before crash
+                scheduleSomeBuild();
+                assertBuildIsScheduled();
+
+                // Save have no delay though is not synchronous
+                ExtensionList.lookup(Queue.Saver.class).get(0).getNextSave().get(3, TimeUnit.SECONDS);
+
+                assertTrue("queue.xml does not exist", j.j.jenkins.getQueue().getXMLQueueFile().exists());
+            }
+        });
+        j.addStep(new Statement() {
+            @Override public void evaluate() {
+                assertBuildIsScheduled();
+            }
+        });
+    }
+
+    private void assertBuildIsScheduled() {
+        assertEquals(1, j.j.jenkins.getQueue().getItems().length);
+    }
+
+    private void scheduleSomeBuild() throws IOException {
+        FreeStyleProject p = j.j.createFreeStyleProject();
+        p.setAssignedLabel(Label.get("waitforit"));
+        p.scheduleBuild2(0);
+    }
+}
diff --git a/test/src/test/java/hudson/model/QueueTest.java b/test/src/test/java/hudson/model/QueueTest.java
index 689b63e5ae..bc18c08e5f 100644
--- a/test/src/test/java/hudson/model/QueueTest.java
+++ b/test/src/test/java/hudson/model/QueueTest.java
@@ -46,6 +46,7 @@ import hudson.model.Queue.BlockedItem;
 import hudson.model.Queue.Executable;
 import hudson.model.Queue.WaitingItem;
 import hudson.model.labels.LabelExpression;
+import hudson.model.listeners.SaveableListener;
 import hudson.model.queue.CauseOfBlockage;
 import hudson.model.queue.QueueTaskDispatcher;
 import hudson.model.queue.QueueTaskFuture;
@@ -1018,4 +1019,22 @@ public class QueueTest {
 
         assertEquals(expected.getShortDescription(), actual.getShortDescription());
     }
+
+    @Test @LocalData
+    public void load_queue_xml() {
+        Queue q = r.getInstance().getQueue();
+        Queue.Item[] items = q.getItems();
+        assertEquals(Arrays.asList(items).toString(), 11, items.length);
+        assertEquals("Loading the queue should not generate saves", 0, QueueSaveSniffer.count);
+    }
+
+    @TestExtension("load_queue_xml")
+    public static final class QueueSaveSniffer extends SaveableListener {
+        private static int count = 0;
+        @Override public void onChange(Saveable o, XmlFile file) {
+            if (o instanceof Queue) {
+                count++;
+            }
+        }
+    }
 }
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/config.xml
new file mode 100644
index 0000000000..d18cae81c5
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/config.xml
@@ -0,0 +1,48 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<hudson>
+  <disabledAdministrativeMonitors/>
+  <version>2.103-SNAPSHOT (private-01/18/2018 15:13 GMT-ogondza)</version>
+  <installState class="jenkins.install.InstallState$5">
+    <isSetupComplete>true</isSetupComplete>
+    <name>RESTART</name>
+  </installState>
+  <numExecutors>2</numExecutors>
+  <mode>NORMAL</mode>
+  <useSecurity>true</useSecurity>
+  <authorizationStrategy class="hudson.security.AuthorizationStrategy$Unsecured"/>
+  <securityRealm class="hudson.security.HudsonPrivateSecurityRealm">
+    <disableSignup>true</disableSignup>
+    <enableCaptcha>false</enableCaptcha>
+  </securityRealm>
+  <disableRememberMe>false</disableRememberMe>
+  <projectNamingStrategy class="jenkins.model.ProjectNamingStrategy$DefaultProjectNamingStrategy"/>
+  <workspaceDir>${JENKINS_HOME}/workspace/${ITEM_FULL_NAME}</workspaceDir>
+  <buildsDir>${ITEM_ROOTDIR}/builds</buildsDir>
+  <markupFormatter class="hudson.markup.EscapedMarkupFormatter"/>
+  <jdks/>
+  <viewsTabBar class="hudson.views.DefaultViewsTabBar"/>
+  <myViewsTabBar class="hudson.views.DefaultMyViewsTabBar"/>
+  <clouds/>
+  <scmCheckoutRetryCount>0</scmCheckoutRetryCount>
+  <views>
+    <hudson.model.AllView>
+      <owner class="hudson" reference="../../.."/>
+      <name>all</name>
+      <filterExecutors>false</filterExecutors>
+      <filterQueue>false</filterQueue>
+      <properties class="hudson.model.View$PropertyList"/>
+    </hudson.model.AllView>
+  </views>
+  <primaryView>all</primaryView>
+  <slaveAgentPort>-1</slaveAgentPort>
+  <disabledAgentProtocols>
+    <string>JNLP-connect</string>
+    <string>JNLP2-connect</string>
+  </disabledAgentProtocols>
+  <label></label>
+  <crumbIssuer class="hudson.security.csrf.DefaultCrumbIssuer">
+    <excludeClientIPFromCrumb>false</excludeClientIPFromCrumb>
+  </crumbIssuer>
+  <nodeProperties/>
+  <globalNodeProperties/>
+</hudson>
\ No newline at end of file
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/a/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/a/config.xml
new file mode 100644
index 0000000000..bbb41344ac
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/a/config.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties/>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>false</canRoam>
+  <assignedNode>!master</assignedNode>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders/>
+  <publishers/>
+  <buildWrappers/>
+</project>
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/b/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/b/config.xml
new file mode 100644
index 0000000000..bbb41344ac
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/b/config.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties/>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>false</canRoam>
+  <assignedNode>!master</assignedNode>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders/>
+  <publishers/>
+  <buildWrappers/>
+</project>
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/c/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/c/config.xml
new file mode 100644
index 0000000000..bbb41344ac
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/c/config.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties/>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>false</canRoam>
+  <assignedNode>!master</assignedNode>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders/>
+  <publishers/>
+  <buildWrappers/>
+</project>
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/d/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/d/config.xml
new file mode 100644
index 0000000000..bbb41344ac
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/d/config.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties/>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>false</canRoam>
+  <assignedNode>!master</assignedNode>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders/>
+  <publishers/>
+  <buildWrappers/>
+</project>
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/e/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/e/config.xml
new file mode 100644
index 0000000000..bbb41344ac
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/e/config.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties/>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>false</canRoam>
+  <assignedNode>!master</assignedNode>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders/>
+  <publishers/>
+  <buildWrappers/>
+</project>
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/f/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/f/config.xml
new file mode 100644
index 0000000000..bbb41344ac
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/f/config.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties/>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>false</canRoam>
+  <assignedNode>!master</assignedNode>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders/>
+  <publishers/>
+  <buildWrappers/>
+</project>
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/g/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/g/config.xml
new file mode 100644
index 0000000000..bbb41344ac
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/g/config.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties/>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>false</canRoam>
+  <assignedNode>!master</assignedNode>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders/>
+  <publishers/>
+  <buildWrappers/>
+</project>
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/h/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/h/config.xml
new file mode 100644
index 0000000000..bbb41344ac
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/h/config.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties/>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>false</canRoam>
+  <assignedNode>!master</assignedNode>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders/>
+  <publishers/>
+  <buildWrappers/>
+</project>
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/i/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/i/config.xml
new file mode 100644
index 0000000000..bbb41344ac
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/i/config.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties/>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>false</canRoam>
+  <assignedNode>!master</assignedNode>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders/>
+  <publishers/>
+  <buildWrappers/>
+</project>
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/j/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/j/config.xml
new file mode 100644
index 0000000000..bbb41344ac
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/j/config.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties/>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>false</canRoam>
+  <assignedNode>!master</assignedNode>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders/>
+  <publishers/>
+  <buildWrappers/>
+</project>
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/k/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/k/config.xml
new file mode 100644
index 0000000000..bbb41344ac
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/k/config.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties/>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>false</canRoam>
+  <assignedNode>!master</assignedNode>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders/>
+  <publishers/>
+  <buildWrappers/>
+</project>
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/queue.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/queue.xml
new file mode 100644
index 0000000000..cf854c0522
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/queue.xml
@@ -0,0 +1,193 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<hudson.model.Queue_-State>
+  <counter>17</counter>
+  <items>
+    <hudson.model.Queue_-BuildableItem>
+      <actions>
+        <hudson.model.CauseAction>
+          <causeBag class="linked-hash-map">
+            <entry>
+              <hudson.model.Cause_-UserIdCause/>
+              <int>1</int>
+            </entry>
+          </causeBag>
+        </hudson.model.CauseAction>
+      </actions>
+      <id>17</id>
+      <task class="hudson.model.FreeStyleProject">k</task>
+      <inQueueSince>1516354024440</inQueueSince>
+      <buildableStartMilliseconds>1516354024440</buildableStartMilliseconds>
+      <isPending>false</isPending>
+    </hudson.model.Queue_-BuildableItem>
+    <hudson.model.Queue_-BuildableItem>
+      <actions>
+        <hudson.model.CauseAction>
+          <causeBag class="linked-hash-map">
+            <entry>
+              <hudson.model.Cause_-UserIdCause/>
+              <int>1</int>
+            </entry>
+          </causeBag>
+        </hudson.model.CauseAction>
+      </actions>
+      <id>16</id>
+      <task class="hudson.model.FreeStyleProject">j</task>
+      <inQueueSince>1516354003647</inQueueSince>
+      <buildableStartMilliseconds>1516354003648</buildableStartMilliseconds>
+      <isPending>false</isPending>
+    </hudson.model.Queue_-BuildableItem>
+    <hudson.model.Queue_-BuildableItem>
+      <actions>
+        <hudson.model.CauseAction>
+          <causeBag class="linked-hash-map">
+            <entry>
+              <hudson.model.Cause_-UserIdCause/>
+              <int>1</int>
+            </entry>
+          </causeBag>
+        </hudson.model.CauseAction>
+      </actions>
+      <id>15</id>
+      <task class="hudson.model.FreeStyleProject">i</task>
+      <inQueueSince>1516354001887</inQueueSince>
+      <buildableStartMilliseconds>1516354001888</buildableStartMilliseconds>
+      <isPending>false</isPending>
+    </hudson.model.Queue_-BuildableItem>
+    <hudson.model.Queue_-BuildableItem>
+      <actions>
+        <hudson.model.CauseAction>
+          <causeBag class="linked-hash-map">
+            <entry>
+              <hudson.model.Cause_-UserIdCause/>
+              <int>1</int>
+            </entry>
+          </causeBag>
+        </hudson.model.CauseAction>
+      </actions>
+      <id>14</id>
+      <task class="hudson.model.FreeStyleProject">h</task>
+      <inQueueSince>1516353999191</inQueueSince>
+      <buildableStartMilliseconds>1516353999192</buildableStartMilliseconds>
+      <isPending>false</isPending>
+    </hudson.model.Queue_-BuildableItem>
+    <hudson.model.Queue_-BuildableItem>
+      <actions>
+        <hudson.model.CauseAction>
+          <causeBag class="linked-hash-map">
+            <entry>
+              <hudson.model.Cause_-UserIdCause/>
+              <int>1</int>
+            </entry>
+          </causeBag>
+        </hudson.model.CauseAction>
+      </actions>
+      <id>13</id>
+      <task class="hudson.model.FreeStyleProject">g</task>
+      <inQueueSince>1516353998031</inQueueSince>
+      <buildableStartMilliseconds>1516353998032</buildableStartMilliseconds>
+      <isPending>false</isPending>
+    </hudson.model.Queue_-BuildableItem>
+    <hudson.model.Queue_-BuildableItem>
+      <actions>
+        <hudson.model.CauseAction>
+          <causeBag class="linked-hash-map">
+            <entry>
+              <hudson.model.Cause_-UserIdCause/>
+              <int>1</int>
+            </entry>
+          </causeBag>
+        </hudson.model.CauseAction>
+      </actions>
+      <id>12</id>
+      <task class="hudson.model.FreeStyleProject">f</task>
+      <inQueueSince>1516353996504</inQueueSince>
+      <buildableStartMilliseconds>1516353996504</buildableStartMilliseconds>
+      <isPending>false</isPending>
+    </hudson.model.Queue_-BuildableItem>
+    <hudson.model.Queue_-BuildableItem>
+      <actions>
+        <hudson.model.CauseAction>
+          <causeBag class="linked-hash-map">
+            <entry>
+              <hudson.model.Cause_-UserIdCause/>
+              <int>1</int>
+            </entry>
+          </causeBag>
+        </hudson.model.CauseAction>
+      </actions>
+      <id>11</id>
+      <task class="hudson.model.FreeStyleProject">e</task>
+      <inQueueSince>1516353995471</inQueueSince>
+      <buildableStartMilliseconds>1516353995472</buildableStartMilliseconds>
+      <isPending>false</isPending>
+    </hudson.model.Queue_-BuildableItem>
+    <hudson.model.Queue_-BuildableItem>
+      <actions>
+        <hudson.model.CauseAction>
+          <causeBag class="linked-hash-map">
+            <entry>
+              <hudson.model.Cause_-UserIdCause/>
+              <int>1</int>
+            </entry>
+          </causeBag>
+        </hudson.model.CauseAction>
+      </actions>
+      <id>10</id>
+      <task class="hudson.model.FreeStyleProject">d</task>
+      <inQueueSince>1516353993872</inQueueSince>
+      <buildableStartMilliseconds>1516353993873</buildableStartMilliseconds>
+      <isPending>false</isPending>
+    </hudson.model.Queue_-BuildableItem>
+    <hudson.model.Queue_-BuildableItem>
+      <actions>
+        <hudson.model.CauseAction>
+          <causeBag class="linked-hash-map">
+            <entry>
+              <hudson.model.Cause_-UserIdCause/>
+              <int>1</int>
+            </entry>
+          </causeBag>
+        </hudson.model.CauseAction>
+      </actions>
+      <id>9</id>
+      <task class="hudson.model.FreeStyleProject">c</task>
+      <inQueueSince>1516353991671</inQueueSince>
+      <buildableStartMilliseconds>1516353991672</buildableStartMilliseconds>
+      <isPending>false</isPending>
+    </hudson.model.Queue_-BuildableItem>
+    <hudson.model.Queue_-BuildableItem>
+      <actions>
+        <hudson.model.CauseAction>
+          <causeBag class="linked-hash-map">
+            <entry>
+              <hudson.model.Cause_-UserIdCause/>
+              <int>1</int>
+            </entry>
+          </causeBag>
+        </hudson.model.CauseAction>
+      </actions>
+      <id>8</id>
+      <task class="hudson.model.FreeStyleProject">b</task>
+      <inQueueSince>1516353989177</inQueueSince>
+      <buildableStartMilliseconds>1516353989177</buildableStartMilliseconds>
+      <isPending>false</isPending>
+    </hudson.model.Queue_-BuildableItem>
+    <hudson.model.Queue_-BuildableItem>
+      <actions>
+        <hudson.model.CauseAction>
+          <causeBag class="linked-hash-map">
+            <entry>
+              <hudson.model.Cause_-UserIdCause/>
+              <int>1</int>
+            </entry>
+          </causeBag>
+        </hudson.model.CauseAction>
+      </actions>
+      <id>7</id>
+      <task class="hudson.model.FreeStyleProject">a</task>
+      <inQueueSince>1516353986148</inQueueSince>
+      <buildableStartMilliseconds>1516353986151</buildableStartMilliseconds>
+      <isPending>false</isPending>
+    </hudson.model.Queue_-BuildableItem>
+  </items>
+</hudson.model.Queue_-State>
\ No newline at end of file
-- 
GitLab


From e0070aa698383d6403dfefda049ed4d5d4fb5a4b Mon Sep 17 00:00:00 2001
From: John Lamb <jolamb@redhat.com>
Date: Sat, 24 Feb 2018 09:11:35 -0500
Subject: [PATCH 132/863] Improve sortable.js to work with BFA table (#3125)

* Improve sortable.js to work with BFA table

The Failure Cause Management table generated by the Build Failure
Analyzer
plugin (<https://wiki.jenkins.io/display/JENKINS/Build+Failure+Analyzer>)
doesn't render dates in a manner that sortable.js can recognize. This
commit improves the matching and sorting for date-like strings to
accommodate a broader variety of date/time strings, and uses the js Date
class to ensure accurate greater/equal/less than results.

* Remove commented patterns in sortable.js
---
 war/src/main/webapp/scripts/sortable.js | 52 ++++++++++++++++---------
 1 file changed, 33 insertions(+), 19 deletions(-)

diff --git a/war/src/main/webapp/scripts/sortable.js b/war/src/main/webapp/scripts/sortable.js
index 6f5f1bd777..0ccb09eb28 100644
--- a/war/src/main/webapp/scripts/sortable.js
+++ b/war/src/main/webapp/scripts/sortable.js
@@ -265,28 +265,43 @@ var Sortable = (function() {
     arrowTable.up.next = arrowTable.down;
     arrowTable.down.next = arrowTable.up;
 
-
+    /**
+     * Matches dates like:
+     *   "1/4/2017 ignored content"
+     *   "03-23-99 1:30 PM also ignored content"
+     *   "12-25/1979 13:45:22 always with the ignored content!"
+     */
+    var date_pattern = /^(\d{1,2})[\/-](\d{1,2})[\/-](\d\d|\d\d\d\d)(?:(?:\s*(\d{1,2})?:(\d\d)?(?::(\d\d)?)?)?(?:\s*([aA][mM]|[pP][mM])?))\b/
 
     // available sort functions
     var sorter = {
         date : function(a,b) {
-            function toDt(x) {
-              // y2k notes: two digit years less than 50 are treated as 20XX, greater than 50 are treated as 19XX
-              if (x.length == 10) {
-                  return x.substr(6,4)+x.substr(3,2)+x.substr(0,2);
-              } else {
-                  var yr = x.substr(6,2);
-                  if (parseInt(yr) < 50) { yr = '20'+yr; } else { yr = '19'+yr; }
-                  return yr+x.substr(3,2)+x.substr(0,2);
-              }
+            /**
+             * Note - 2-digit years under 50 are considered post-2000,
+             * otherwise they're pre-2000. This is terrible, but
+             * preserves existing behavior. If you use sortable.js,
+             * please make sure you use 4-digit year values.
+             */
+            function toDate(x) {
+                dmatches = x.match(date_pattern);
+                month = dmatches[1];
+                day = dmatches[2];
+                year = parseInt(dmatches[3]);
+                if (year < 50) {
+                    year += 2000;
+                } else if (year < 100) {
+                    year += 1900;
+                }
+                hours = dmatches[4] || 0;
+                minutes = dmatches[5] || 0;
+                seconds = dmatches[6] || 0;
+                hours = parseInt(hours);
+                if (dmatches[7] && dmatches[7].match(/pm/i) && hours < 12) {
+                    hours += 12;
+                }
+                return new Date(year, month, day, hours, minutes, seconds, 0);
             }
-
-            var dt1 = toDt(a);
-            var dt2 = toDt(b);
-
-            if (dt1==dt2) return 0;
-            if (dt1<dt2) return -1;
-            return 1;
+            return toDate(a) - toDate(b);
         },
 
         currency : function(a,b) {
@@ -332,8 +347,7 @@ var Sortable = (function() {
          */
         determine : function(itm) {
             var sortfn = this.caseInsensitive;
-            if (itm.match(/^\d\d[\/-]\d\d[\/-]\d\d\d\d$/)) sortfn = this.date;
-            if (itm.match(/^\d\d[\/-]\d\d[\/-]\d\d$/)) sortfn = this.date;
+            if (itm.match(date_pattern)) sortfn = this.date;
             if (itm.match(/^[�$]/)) sortfn = this.currency;
             if (itm.match(/\%$/)) sortfn = this.percent;
             if (itm.match(/^-?[\d\.]+$/)) sortfn = this.numeric;
-- 
GitLab


From 831fdb132cedec464cc87b46727baa7a350b4254 Mon Sep 17 00:00:00 2001
From: Bob Maertz <bou1der@users.noreply.github.com>
Date: Sat, 24 Feb 2018 08:12:53 -0600
Subject: [PATCH 133/863] [JENKINS-48467] - Updated UserIdCause.print() to use
 ModelHyperlinkNote (#3238)

[JENKINS-48467] - Updated UserIdCause.print() to use ModelHyperlinkNote
---
 core/src/main/java/hudson/model/Cause.java    | 11 +++--
 .../src/test/java/hudson/model/CauseTest.java | 45 ++++++++++++++++++-
 2 files changed, 52 insertions(+), 4 deletions(-)

diff --git a/core/src/main/java/hudson/model/Cause.java b/core/src/main/java/hudson/model/Cause.java
index bdac357b6b..c0286bc55a 100644
--- a/core/src/main/java/hudson/model/Cause.java
+++ b/core/src/main/java/hudson/model/Cause.java
@@ -453,9 +453,14 @@ public abstract class Cause {
 
         @Override
         public void print(TaskListener listener) {
-            listener.getLogger().println(Messages.Cause_UserIdCause_ShortDescription(
-                    // TODO JENKINS-48467 - better to use ModelHyperlinkNote.encodeTo(User), or User.getUrl, since it handles URL escaping
-                    ModelHyperlinkNote.encodeTo("/user/"+getUserIdOrUnknown(), getUserName())));
+            User user = getUserId() == null ? null : User.getById(getUserId(), false);
+            if (user != null) {
+                listener.getLogger().println(Messages.Cause_UserIdCause_ShortDescription(
+                        ModelHyperlinkNote.encodeTo(user)));
+            } else {
+                listener.getLogger().println(Messages.Cause_UserIdCause_ShortDescription(
+                        "unknown or anonymous"));
+            }
         }
 
         @Override
diff --git a/test/src/test/java/hudson/model/CauseTest.java b/test/src/test/java/hudson/model/CauseTest.java
index 9aeabdec9f..2faaa97f24 100644
--- a/test/src/test/java/hudson/model/CauseTest.java
+++ b/test/src/test/java/hudson/model/CauseTest.java
@@ -25,10 +25,17 @@
 package hudson.model;
 
 import hudson.XmlFile;
-import java.io.File;
+
+import java.io.*;
 import java.util.concurrent.Future;
 import java.util.regex.Pattern;
+
+import static org.hamcrest.CoreMatchers.containsString;
 import static org.junit.Assert.*;
+
+import hudson.security.*;
+import hudson.util.StreamTaskListener;
+import jenkins.model.Jenkins;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
@@ -79,4 +86,40 @@ public class CauseTest {
         //j.interactiveBreak();
     }
 
+
+    @Issue("JENKINS-48467")
+    @Test public void userIdCausePrintTest() throws Exception {
+        ByteArrayOutputStream baos = new ByteArrayOutputStream();
+        TaskListener listener = new StreamTaskListener(baos);
+
+        //null userId - print unknown or anonymous
+        Cause causeA = new Cause.UserIdCause(null);
+        causeA.print(listener);
+
+        assertEquals(baos.toString().trim(),"Started by user unknown or anonymous");
+        baos.reset();
+
+        //SYSTEM userid  - getDisplayName() should be SYSTEM
+        Cause causeB = new Cause.UserIdCause();
+        causeB.print(listener);
+
+        assertThat(baos.toString(), containsString("SYSTEM"));
+        baos.reset();
+
+        //unknown userid - print unknown or anonymous
+        Cause causeC = new Cause.UserIdCause("abc123");
+        causeC.print(listener);
+
+        assertEquals(baos.toString().trim(),"Started by user unknown or anonymous");
+        baos.reset();
+
+        //More or less standard operation
+        //user userid  - getDisplayName() should be foo
+        User user = User.getById("foo", true);
+        Cause causeD = new Cause.UserIdCause(user.getId());
+        causeD.print(listener);
+
+        assertThat(baos.toString(), containsString(user.getDisplayName()));
+        baos.reset();
+    }
 }
-- 
GitLab


From b652b07f13799aa0acef22570c04b429b95883fe Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20Gond=C5=BEa?= <ogondza@gmail.com>
Date: Sat, 24 Feb 2018 15:13:14 +0100
Subject: [PATCH 134/863] Add tests for REST API authenticated by token in
 parameter (#2768)

* Add tests for REST API authenticated by token

* Avoid adding the crumb that is not needed anymore
---
 .../security/ApiTokenPropertyTest.java        | 37 ++++++++++++++++---
 1 file changed, 31 insertions(+), 6 deletions(-)

diff --git a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
index 8737d26974..24c2424144 100644
--- a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
+++ b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
@@ -9,7 +9,10 @@ import com.gargoylesoftware.htmlunit.HttpMethod;
 import com.gargoylesoftware.htmlunit.WebRequest;
 import com.gargoylesoftware.htmlunit.html.HtmlForm;
 import com.gargoylesoftware.htmlunit.html.HtmlPage;
+import com.gargoylesoftware.htmlunit.util.NameValuePair;
 import hudson.Util;
+import hudson.model.Cause;
+import hudson.model.FreeStyleProject;
 import hudson.model.User;
 import hudson.security.ACL;
 import hudson.security.ACLContext;
@@ -21,6 +24,8 @@ import org.junit.Test;
 import org.jvnet.hudson.test.JenkinsRule;
 import org.jvnet.hudson.test.JenkinsRule.WebClient;
 
+import java.net.URL;
+import java.util.ArrayList;
 import java.util.concurrent.Callable;
 import javax.annotation.Nonnull;
 import org.jvnet.hudson.test.Issue;
@@ -128,17 +133,37 @@ public class ApiTokenPropertyTest {
         assertEquals("Update token response is incorrect", 
                 Messages.ApiTokenProperty_ChangeToken_SuccessHidden(), "<div>" + res.getBody().asText() + "</div>");
     }
-    
+
+    @Test
+    public void postWithUsernameAndTokenInBasicAuthHeader() throws Exception {
+        FreeStyleProject p = j.createFreeStyleProject("bar");
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        User.get("foo");
+
+        WebClient wc = createClientForUser("foo");
+        WebRequest wr = new WebRequest(new URL(j.getURL(), "job/bar/build"), HttpMethod.POST);
+
+        assertEquals(201, wc.getPage(wr).getWebResponse().getStatusCode());
+
+        j.waitUntilNoActivity();
+
+        Cause.UserIdCause triggeredBy = p.getBuildByNumber(1).getCause(Cause.UserIdCause.class);
+        assertEquals("foo", triggeredBy.getUserId());
+    }
+
     @Nonnull
     private WebClient createClientForUser(final String username) throws Exception {
-        User u = User.get(username);
-        final ApiTokenProperty t = u.getProperty(ApiTokenProperty.class);
-        // Yes, we use the insecure call in the test stuff
-        final String token = t.getApiTokenInsecure();
-        
+        final String token = getUserToken(username);
+
         WebClient wc = j.createWebClient();
         wc.addRequestHeader("Authorization", "Basic " + Scrambler.scramble(username + ":" + token));
         return wc;
     }
 
+    private String getUserToken(String username) {
+        User u = User.get(username);
+        final ApiTokenProperty t = u.getProperty(ApiTokenProperty.class);
+        // Yes, we use the insecure call in the test stuff
+        return t.getApiTokenInsecure();
+    }
 }
-- 
GitLab


From 2656ad2a8f74dce9e2d05c430f930a7dd3528328 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Mon, 26 Feb 2018 00:00:05 +0100
Subject: [PATCH 135/863] Fix form action target for rekey monitor

---
 .../jenkins/security/RekeySecretAdminMonitor/message.groovy     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/jenkins/security/RekeySecretAdminMonitor/message.groovy b/core/src/main/resources/jenkins/security/RekeySecretAdminMonitor/message.groovy
index cc73eab70f..16c02de8df 100644
--- a/core/src/main/resources/jenkins/security/RekeySecretAdminMonitor/message.groovy
+++ b/core/src/main/resources/jenkins/security/RekeySecretAdminMonitor/message.groovy
@@ -47,7 +47,7 @@ if (my.isFixingActive()) {
     }
 }
 
-form(method: "post", action: "${my.url}/scan", name:"rekey") {
+form(method: "post", action: "${rootURL}/${my.url}/scan", name:"rekey") {
     f.submit(name: "background", value:_("Re-key in background now"))
     if (my.isScanOnBoot()) {
         input(type: "button", class: "yui-button", disabled: "true", value:_("Re-keying currently scheduled during the next startup"))
-- 
GitLab


From 3476f228f82414c477a965b327001fef3d7affe0 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 25 Feb 2018 15:02:24 -0800
Subject: [PATCH 136/863] [maven-release-plugin] prepare release jenkins-2.109

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 53dc0407cb..9d6034e2f1 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.109-SNAPSHOT</version>
+    <version>2.109</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index d9b49c4d16..3902438270 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.109-SNAPSHOT</version>
+    <version>2.109</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index fa54bac197..c18b775f72 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.109-SNAPSHOT</version>
+  <version>2.109</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.109</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index cd5bc03f4d..ad48c660dd 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.109-SNAPSHOT</version>
+    <version>2.109</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 0451509e2c..9d6ec099ad 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.109-SNAPSHOT</version>
+    <version>2.109</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 501b1172622f995a0fe9eaea70c03162eabdd350 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 25 Feb 2018 15:02:25 -0800
Subject: [PATCH 137/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 9d6034e2f1..006f183ac1 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.109</version>
+    <version>2.110-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 3902438270..6f03e81ca2 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.109</version>
+    <version>2.110-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index c18b775f72..5915c55d00 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.109</version>
+  <version>2.110-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.109</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index ad48c660dd..9d17a1f4e1 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.109</version>
+    <version>2.110-SNAPSHOT</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 9d6ec099ad..0bad2fee7d 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.109</version>
+    <version>2.110-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From d0d1000d2da221ec4aae32f4d5bccc2cc3f00765 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Mon, 26 Feb 2018 09:33:13 +0100
Subject: [PATCH 138/863] - correction of two bugs, when the user does not have
 any token, the legacy generation is not displayed and when we load config
 with user with legacy token - de-final-ize the properties to be used in
 Groovy Script

---
 .../jenkins/security/ApiTokenProperty.java    | 38 +++++++++++++------
 .../java/jenkins/security/ApiTokenStore.java  |  8 +++-
 .../security/ApiTokenProperty/config.jelly    |  3 +-
 3 files changed, 34 insertions(+), 15 deletions(-)

diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index ba321f4e40..689c57066d 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -76,17 +76,28 @@ public class ApiTokenProperty extends UserProperty {
     private static final Logger LOGGER = Logger.getLogger(ApiTokenProperty.class.getName());
     
     /**
-     * If enabled, the users with {@link Jenkins#ADMINISTER) permissions can generate new tokens for
-     * other users. Normally only a user can generate tokens for himself.
-     * Disabled by default due to the security reasons.
+     * If enabled, the users with {@link Jenkins#ADMINISTER} permissions can generate new legacy tokens for
+     * other users. Normally only a user can generate tokens for himself.<p>
+     * Disabled by default due to the security reasons.<p>
      * If enabled, it restores the original Jenkins behavior (SECURITY-200).
      *
      * @since 1.638
      */
-    private static final boolean SHOW_LEGACY_TOKEN_TO_ADMINS =
+    @SuppressFBWarnings(value = "MS_SHOULD_BE_FINAL", justification = "Accessible via System Groovy Scripts")
+    private static /* not final */ boolean SHOW_LEGACY_TOKEN_TO_ADMINS =
             SystemProperties.getBoolean(ApiTokenProperty.class.getName() + ".showTokenToAdmins");
     
-    private static final boolean ADMIN_CAN_GENERATE_NEW_TOKENS =
+    /**
+     * If enabled, the users with {@link Jenkins#ADMINISTER} permissions can generate new tokens for
+     * other users. Normally only a user can generate tokens for himself.<p>
+     * Take care that only the creator of a token will have the plain value as it's only stored as an hash in the system.<p>
+     * Disabled by default due to the security reasons.
+     * It's the version of {@link #SHOW_LEGACY_TOKEN_TO_ADMINS} for the new API Token system (SECURITY-200).
+     *
+     * @since TODO
+     */
+    @SuppressFBWarnings(value = "MS_SHOULD_BE_FINAL", justification = "Accessible via System Groovy Scripts")
+    private static /* not final */ boolean ADMIN_CAN_GENERATE_NEW_TOKENS =
             SystemProperties.getBoolean(ApiTokenProperty.class.getName() + ".adminCanGenerateNewTokens");
 
     private volatile Secret apiToken;
@@ -206,12 +217,6 @@ public class ApiTokenProperty extends UserProperty {
         return tokenStore.getTokenListSortedByName();
     }
     
-    // only for Jelly
-    @Restricted(NoExternalUse.class)
-    public boolean mustDisplayLegacyApiToken() {
-        return apiToken != null || ApiTokenPropertyConfiguration.get().isCreationOfLegacyTokenEnabled();
-    }
-    
     @Override
     public UserProperty reconfigure(StaplerRequest req, @CheckForNull JSONObject form) throws FormException {
         if(form == null){
@@ -334,6 +339,16 @@ public class ApiTokenProperty extends UserProperty {
             }
         }
     
+        // for Jelly view
+        @Restricted(NoExternalUse.class)
+        public boolean mustDisplayLegacyApiToken(User propertyOwner) {
+            ApiTokenProperty property = propertyOwner.getProperty(ApiTokenProperty.class);
+            if(property != null && property.apiToken != null){
+                return true;
+            }
+            return ApiTokenPropertyConfiguration.get().isCreationOfLegacyTokenEnabled();
+        }
+    
         // for Jelly view
         @Restricted(NoExternalUse.class)
         public boolean hasCurrentUserRightToGenerateNewToken(User propertyOwner){
@@ -361,6 +376,7 @@ public class ApiTokenProperty extends UserProperty {
         @Deprecated
         @RequirePOST
         public HttpResponse doChangeToken(@AncestorInPath User u, StaplerResponse rsp) throws IOException {
+            // you are the user or you have ADMINISTER permission
             u.checkPermission(Jenkins.ADMINISTER);
 
             LOGGER.log(Level.WARNING, "Deprecated action /changeToken used, consider using /generateNewToken instead");
diff --git a/core/src/main/java/jenkins/security/ApiTokenStore.java b/core/src/main/java/jenkins/security/ApiTokenStore.java
index 8e6c17bdb6..07c9658519 100644
--- a/core/src/main/java/jenkins/security/ApiTokenStore.java
+++ b/core/src/main/java/jenkins/security/ApiTokenStore.java
@@ -66,7 +66,7 @@ public class ApiTokenStore {
      * Determine the number of attempt to generate an unique prefix (over 4096 possibilities) that is not currently used
      */
     @SuppressFBWarnings(value = "MS_SHOULD_BE_FINAL", justification = "Accessible via System Groovy Scripts")
-    public static final int MAX_ATTEMPTS =
+    public static /* not final */ int MAX_ATTEMPTS =
             SystemProperties.getInteger(ApiTokenStore.class.getName() + ".maxAttempt", 100);
     
     private static final int TOKEN_LENGTH_V2 = 36;
@@ -295,7 +295,7 @@ public class ApiTokenStore {
     
     private boolean searchMatchUsingPrefix(String prefix, String plainToken) {
         List<HashedToken> list = this.prefixToTokenList.get(prefix);
-        if(list.isEmpty()){
+        if(list == null){
             return false;
         }
         
@@ -327,6 +327,10 @@ public class ApiTokenStore {
     private void removeTokenFromPrefixMap(HashedToken token) {
         String prefix = token.value.prefix;
         List<HashedToken> list = prefixToTokenList.get(prefix);
+        if(list == null){
+            return;
+        }
+        
         boolean found = false;
         for (Iterator<HashedToken> iterator = list.iterator(); iterator.hasNext() && !found;) {
             HashedToken currentToken = iterator.next();
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
index d1e41a3518..e10f1dc7e1 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
@@ -98,8 +98,7 @@ THE SOFTWARE.
         </f:advanced>
     </j:if>
     
-    <!--TODO add if on apiToken non-nullability -->
-    <j:if test="${instance.mustDisplayLegacyApiToken()}">
+    <j:if test="${descriptor.mustDisplayLegacyApiToken(it)}">
         <f:advanced title="${%Show Legacy API Token}" align="left">
             <f:entry title="${%Legacy API Token}" field="apiToken">
                 <f:readOnlyTextbox id="apiToken" />
-- 
GitLab


From 4cdfe7f3a6de07552f72b24a77c2f95f2449f673 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20Gond=C5=BEa?= <ogondza@gmail.com>
Date: Sat, 24 Feb 2018 15:13:14 +0100
Subject: [PATCH 139/863] Add tests for REST API authenticated by token in
 parameter (#2768)

* Add tests for REST API authenticated by token

* Avoid adding the crumb that is not needed anymore

(cherry picked from commit b652b07)
---
 .../security/ApiTokenPropertyTest.java        | 29 ++++++++++++++++++-
 1 file changed, 28 insertions(+), 1 deletion(-)

diff --git a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
index 9433cb7c77..d01d049de1 100644
--- a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
+++ b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
@@ -10,12 +10,15 @@ import com.gargoylesoftware.htmlunit.WebRequest;
 import com.gargoylesoftware.htmlunit.html.HtmlForm;
 import com.gargoylesoftware.htmlunit.html.HtmlPage;
 import hudson.Util;
+import hudson.model.Cause;
+import hudson.model.FreeStyleProject;
 import hudson.model.User;
 import hudson.security.ACL;
 import hudson.security.ACLContext;
 import java.net.URL;
 
 import jenkins.model.Jenkins;
+import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.JenkinsRule;
@@ -33,6 +36,13 @@ public class ApiTokenPropertyTest {
     @Rule
     public JenkinsRule j = new JenkinsRule();
 
+    @Before
+    public void setupLegacyConfig(){
+        ApiTokenPropertyConfiguration config = ApiTokenPropertyConfiguration.get();
+        config.setCreationOfLegacyTokenEnabled(true);
+        config.setTokenGenerationOnCreationEnabled(true);
+    }
+    
     /**
      * Tests the UI interaction and authentication.
      */
@@ -128,7 +138,24 @@ public class ApiTokenPropertyTest {
         assertEquals("Update token response is incorrect", 
                 Messages.ApiTokenProperty_ChangeToken_SuccessHidden(), "<div>" + res.getBody().asText() + "</div>");
     }
-    
+
+    @Test
+    public void postWithUsernameAndTokenInBasicAuthHeader() throws Exception {
+        FreeStyleProject p = j.createFreeStyleProject("bar");
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        User.getById("foo", true);
+
+        WebClient wc = createClientForUser("foo");
+        WebRequest wr = new WebRequest(new URL(j.getURL(), "job/bar/build"), HttpMethod.POST);
+
+        assertEquals(201, wc.getPage(wr).getWebResponse().getStatusCode());
+
+        j.waitUntilNoActivity();
+
+        Cause.UserIdCause triggeredBy = p.getBuildByNumber(1).getCause(Cause.UserIdCause.class);
+        assertEquals("foo", triggeredBy.getUserId());
+    }
+
     @Nonnull
     private WebClient createClientForUser(final String id) throws Exception {
         User u = User.getById(id, true);
-- 
GitLab


From c6150ca17fdf3c1ee7d43cde9a5965df73a3d3c3 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Mon, 26 Feb 2018 10:31:58 +0100
Subject: [PATCH 140/863] - remove useless code

---
 core/src/main/java/jenkins/security/ApiTokenProperty.java | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index 689c57066d..0639cae4ce 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -145,10 +145,6 @@ public class ApiTokenProperty extends UserProperty {
     @SuppressFBWarnings("NP_NONNULL_RETURN_VIOLATION")
     public String getApiToken() {
         LOGGER.log(Level.WARNING, "Deprecated usage of getApiToken");
-        if(this.apiToken == null){
-            return "deprecated";
-        }
-        
         return hasPermissionToSeeToken()
                 ? getApiTokenInsecure()
                 : Messages.ApiTokenProperty_ChangeToken_TokenIsHidden();
-- 
GitLab


From 612f04af8ed2e0511a32ffee15baefd806bd653e Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Mon, 26 Feb 2018 11:56:01 +0100
Subject: [PATCH 141/863] provide the token id when we generate a new token,
 could be used to automate the generation / revocation of token

---
 .../java/jenkins/security/ApiTokenProperty.java |  5 +++--
 .../java/jenkins/security/ApiTokenStore.java    | 17 ++++++++++++++---
 2 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index 0639cae4ce..16af980daa 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -408,11 +408,12 @@ public class ApiTokenProperty extends UserProperty {
                 u.addProperty(p);
             }
             
-            String valueToDisplayOnce = p.tokenStore.generateNewTokenAndReturnHiddenValue(newTokenName);
+            ApiTokenStore.TokenIdAndPlainValue tokenIdAndPlainValue = p.tokenStore.generateNewToken(newTokenName);
             u.save();
             
             return HttpResponses.okJSON(new HashMap<String, String>() {{ 
-                put("tokenValue", valueToDisplayOnce); 
+                put("tokenId", tokenIdAndPlainValue.tokenId); 
+                put("tokenValue", tokenIdAndPlainValue.plainValue); 
             }});
         }
         
diff --git a/core/src/main/java/jenkins/security/ApiTokenStore.java b/core/src/main/java/jenkins/security/ApiTokenStore.java
index 07c9658519..8f89d2019b 100644
--- a/core/src/main/java/jenkins/security/ApiTokenStore.java
+++ b/core/src/main/java/jenkins/security/ApiTokenStore.java
@@ -179,7 +179,7 @@ public class ApiTokenStore {
         this.addToken(token);
     }
     
-    public synchronized @Nonnull String generateNewTokenAndReturnHiddenValue(@Nonnull String name) {
+    public synchronized @Nonnull TokenIdAndPlainValue generateNewToken(@Nonnull String name) {
         // 16x8=128bit worth of randomness, using brute-force you need on average 2^127 tries (~10^37)
         byte[] random = new byte[16];
         RANDOM.nextBytes(random);
@@ -194,8 +194,8 @@ public class ApiTokenStore {
         HashedToken token = HashedToken.buildNew(name, hashValue);
         
         this.addToken(token);
-        
-        return tokenTheUserWillUse;
+    
+        return new TokenIdAndPlainValue(token.uuid, tokenTheUserWillUse);
     }
     
     @SuppressFBWarnings("NP_NONNULL_RETURN_VIOLATION")
@@ -378,6 +378,17 @@ public class ApiTokenStore {
         }
     }
     
+    @Immutable
+    public static class TokenIdAndPlainValue {
+        public final String tokenId;
+        public final String plainValue;
+    
+        public TokenIdAndPlainValue(String tokenId, String plainValue) {
+            this.tokenId = tokenId;
+            this.plainValue = plainValue;
+        }
+    }
+    
     public static class HashedToken {
         // to ease the modification of the token through the UI
         private transient String uuid;
-- 
GitLab


From 3a81319ca3db4592fa9d062d5a92ce0af3eeee2d Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 26 Feb 2018 10:04:11 -0500
Subject: [PATCH 142/863] TextFileTest.tail failed on Windows when using a
 source checkout with Unix newlines.

---
 core/src/test/java/hudson/util/TextFileTest.java | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/core/src/test/java/hudson/util/TextFileTest.java b/core/src/test/java/hudson/util/TextFileTest.java
index cb689a080f..b923cfd074 100644
--- a/core/src/test/java/hudson/util/TextFileTest.java
+++ b/core/src/test/java/hudson/util/TextFileTest.java
@@ -40,10 +40,9 @@ public class TextFileTest {
     public void tail() throws Exception {
         File f = tmp.newFile();
         FileUtils.copyURLToFile(getClass().getResource("ascii.txt"), f);
-
+        String whole = FileUtils.readFileToString(f);
         TextFile t = new TextFile(f);
-        String tailStr = "la, vitae interdum quam rutrum id." + System.lineSeparator();
-        assertEquals(34 + System.lineSeparator().length(), tailStr.length());
+        String tailStr = whole.substring(whole.length() - 34);
         assertEquals(tailStr, t.fastTail(tailStr.length()));
     }
 
-- 
GitLab


From 520bcb96cbc2e545d9fc5d52f00d69c6fbda63ca Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 26 Feb 2018 10:15:47 -0500
Subject: [PATCH 143/863] =?UTF-8?q?Choose=20more=20mnemonic=20artifactId?=
 =?UTF-8?q?=E2=80=99s=20for=20modules=20not=20consumed=20externally.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 3 ++-
 test/pom.xml | 4 ++--
 war/pom.xml  | 2 +-
 5 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 006f183ac1..1c492221be 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -4,7 +4,7 @@
 
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
-    <artifactId>pom</artifactId>
+    <artifactId>jenkins-parent</artifactId>
     <version>2.110-SNAPSHOT</version>
   </parent>
 
diff --git a/core/pom.xml b/core/pom.xml
index 6f03e81ca2..b9ed1f99e7 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
 
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
-    <artifactId>pom</artifactId>
+    <artifactId>jenkins-parent</artifactId>
     <version>2.110-SNAPSHOT</version>
   </parent>
 
diff --git a/pom.xml b/pom.xml
index 5915c55d00..e4f3707dca 100644
--- a/pom.xml
+++ b/pom.xml
@@ -29,10 +29,11 @@ THE SOFTWARE.
     <groupId>org.jenkins-ci</groupId>
     <artifactId>jenkins</artifactId>
     <version>1.39</version>
+    <relativePath />
   </parent>
 
   <groupId>org.jenkins-ci.main</groupId>
-  <artifactId>pom</artifactId>
+  <artifactId>jenkins-parent</artifactId>
   <version>2.110-SNAPSHOT</version>
   <packaging>pom</packaging>
 
diff --git a/test/pom.xml b/test/pom.xml
index 9d17a1f4e1..376dc24db3 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -27,11 +27,11 @@ THE SOFTWARE.
 
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
-    <artifactId>pom</artifactId>
+    <artifactId>jenkins-parent</artifactId>
     <version>2.110-SNAPSHOT</version>
   </parent>
 
-  <artifactId>test</artifactId>
+  <artifactId>jenkins-test</artifactId>
 
   <name>Tests for Jenkins core</name>
   <description>Functional tests for Jenkins core</description>
diff --git a/war/pom.xml b/war/pom.xml
index 0bad2fee7d..afe79caf96 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -27,7 +27,7 @@ THE SOFTWARE.
 
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
-    <artifactId>pom</artifactId>
+    <artifactId>jenkins-parent</artifactId>
     <version>2.110-SNAPSHOT</version>
   </parent>
 
-- 
GitLab


From fcae9bb59881a8878774e4ebbe563935ed1382b4 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 26 Feb 2018 10:48:02 -0500
Subject: [PATCH 144/863] [JENKINS-49573] Fix bad serialization of
 ParametersAction.parameterDefinitionNames and make sure this kind of mistake
 produces a warning in the future.

---
 .../java/hudson/model/ParametersAction.java   |  2 +-
 .../jenkins/security/ClassFilterImpl.java     |  7 ++++
 .../hudson/model/ParametersAction2Test.java   | 36 ++++++++++++-------
 3 files changed, 32 insertions(+), 13 deletions(-)

diff --git a/core/src/main/java/hudson/model/ParametersAction.java b/core/src/main/java/hudson/model/ParametersAction.java
index a262ae6adb..9f57a26830 100644
--- a/core/src/main/java/hudson/model/ParametersAction.java
+++ b/core/src/main/java/hudson/model/ParametersAction.java
@@ -296,7 +296,7 @@ public class ParametersAction implements RunAction2, Iterable<ParameterValue>, Q
     public void onAttached(Run<?, ?> r) {
         ParametersDefinitionProperty p = r.getParent().getProperty(ParametersDefinitionProperty.class);
         if (p != null) {
-            this.parameterDefinitionNames = p.getParameterDefinitionNames();
+            this.parameterDefinitionNames = new ArrayList<>(p.getParameterDefinitionNames());
         } else {
             this.parameterDefinitionNames = Collections.emptyList();
         }
diff --git a/core/src/main/java/jenkins/security/ClassFilterImpl.java b/core/src/main/java/jenkins/security/ClassFilterImpl.java
index 22e4645557..6d4a704e72 100644
--- a/core/src/main/java/jenkins/security/ClassFilterImpl.java
+++ b/core/src/main/java/jenkins/security/ClassFilterImpl.java
@@ -156,6 +156,13 @@ public class ClassFilterImpl extends ClassFilter {
             }
             String location = codeSource(c);
             if (location != null) {
+                if (c.isAnonymousClass()) { // e.g., pkg.Outer$1
+                    LOGGER.warning("JENKINS-49573: attempt to serialize anonymous " + c + " in " + location);
+                } else if (c.isLocalClass()) { // e.g., pkg.Outer$1Local
+                    LOGGER.warning("JENKINS-49573: attempt to serialize local " + c + " in " + location);
+                } else if (c.isSynthetic()) { // e.g., pkg.Outer$$Lambda$1/12345678
+                    LOGGER.warning("JENKINS-49573: attempt to serialize synthetic " + c + " in " + location);
+                }
                 if (isLocationWhitelisted(location)) {
                     LOGGER.log(Level.FINE, "permitting {0} due to its location in {1}", new Object[] {name, location});
                     return false;
diff --git a/test/src/test/java/hudson/model/ParametersAction2Test.java b/test/src/test/java/hudson/model/ParametersAction2Test.java
index 8432651573..502506f945 100644
--- a/test/src/test/java/hudson/model/ParametersAction2Test.java
+++ b/test/src/test/java/hudson/model/ParametersAction2Test.java
@@ -2,29 +2,31 @@ package hudson.model;
 
 import hudson.Functions;
 import hudson.Launcher;
-import hudson.model.queue.QueueTaskFuture;
-import hudson.tasks.BatchFile;
+import hudson.XmlFile;
 import hudson.tasks.Builder;
+import java.io.File;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+import java.util.logging.Level;
+import static org.hamcrest.CoreMatchers.*;
+import static org.junit.Assert.*;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
 import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.LoggerRule;
 import org.jvnet.hudson.test.recipes.LocalData;
 
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.List;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-
 public class ParametersAction2Test {
     @Rule
     public JenkinsRule j = new JenkinsRule();
 
+    @Rule
+    public LoggerRule logs = new LoggerRule().record("", Level.WARNING).capture(100);
+
     @Test
     @Issue("SECURITY-170")
     public void undefinedParameters() throws Exception {
@@ -309,6 +311,16 @@ public class ParametersAction2Test {
         assertEquals(p2.getLastBuild().getAction(ParametersAction.class).getParameter("foo").getValue(), "for p2");
     }
 
+    @Issue("JENKINS-49573")
+    @Test
+    public void noInnerClasses() throws Exception {
+        FreeStyleProject p = j.createFreeStyleProject();
+        p.addProperty(new ParametersDefinitionProperty(new StringParameterDefinition("key", "sensible-default")));
+        FreeStyleBuild b = j.assertBuildStatusSuccess(p.scheduleBuild2(0, new ParametersAction(new StringParameterValue("key", "value"))));
+        assertThat(new XmlFile(Run.XSTREAM, new File(b.getRootDir(), "build.xml")).asString(), not(containsString("sensible-default")));
+        assertEquals(Collections.emptyList(), logs.getMessages());
+    }
+
     public static boolean hasParameterWithName(Iterable<ParameterValue> values, String name) {
         for (ParameterValue v : values) {
             if (v.getName().equals(name)) {
-- 
GitLab


From 376c6a0add41e0c2049b64edfdd464bb8717ed1b Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 26 Feb 2018 11:17:42 -0500
Subject: [PATCH 145/863] [JENKINS-49543] Old versions of Tomcat also failed to
 serialize classes from Jenkins modules.

---
 core/src/main/java/jenkins/security/ClassFilterImpl.java | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/core/src/main/java/jenkins/security/ClassFilterImpl.java b/core/src/main/java/jenkins/security/ClassFilterImpl.java
index 22e4645557..bbc085b442 100644
--- a/core/src/main/java/jenkins/security/ClassFilterImpl.java
+++ b/core/src/main/java/jenkins/security/ClassFilterImpl.java
@@ -273,6 +273,10 @@ public class ClassFilterImpl extends ClassFilter {
                 r = r.substring(0, r.length() - suffix.length());
             }
         }
+        if (r.startsWith("jar:file:/") && r.endsWith(".jar!/")) {
+            // JENKINS-49543: also an old behavior of Tomcat. Legal enough, but unexpected by isLocationWhitelisted.
+            r = r.substring(4, r.length() - 2);
+        }
         return r;
     }
 
-- 
GitLab


From d26b9f1c06cea71ae3bc7fe0d142cfafb702d6e4 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Tue, 27 Feb 2018 17:16:49 +0100
Subject: [PATCH 146/863] - remove modification in SetupWizard

---
 core/src/main/java/jenkins/install/SetupWizard.java | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/jenkins/install/SetupWizard.java b/core/src/main/java/jenkins/install/SetupWizard.java
index 67df12e70b..6c70482369 100644
--- a/core/src/main/java/jenkins/install/SetupWizard.java
+++ b/core/src/main/java/jenkins/install/SetupWizard.java
@@ -20,7 +20,6 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletRequestWrapper;
 import javax.servlet.http.HttpServletResponse;
 
-import jenkins.security.ApiTokenPropertyConfiguration;
 import jenkins.util.SystemProperties;
 import org.acegisecurity.Authentication;
 import org.acegisecurity.context.SecurityContextHolder;
@@ -116,12 +115,13 @@ public class SetupWizard extends PageDecorator {
                     iapf.touch(System.currentTimeMillis());
                     iapf.chmod(0640);
                     iapf.write(randomUUID + System.lineSeparator(), "UTF-8");
-
+                    
+    
                     // Lock Jenkins down:
                     FullControlOnceLoggedInAuthorizationStrategy authStrategy = new FullControlOnceLoggedInAuthorizationStrategy();
                     authStrategy.setAllowAnonymousRead(false);
                     jenkins.setAuthorizationStrategy(authStrategy);
-
+    
                     // Disable jnlp by default, but honor system properties
                     jenkins.setSlaveAgentPort(SystemProperties.getInteger(Jenkins.class.getName()+".slaveAgentPort",-1));
 
-- 
GitLab


From 10872006864c7bf8b2d6be3bb5a2d92cb42763f9 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Tue, 27 Feb 2018 17:45:36 +0100
Subject: [PATCH 147/863] remove the prefix as it is not more useful (was for
 BCrypt but no more with SHA-256)

---
 .../jenkins/security/ApiTokenProperty.java    |   8 +-
 .../java/jenkins/security/ApiTokenStore.java  | 155 +++---------------
 .../security/ApiTokenProperty/config.jelly    |   1 -
 .../ApiTokenProperty/help-tokenStore.html     |   8 +-
 4 files changed, 27 insertions(+), 145 deletions(-)

diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index 16af980daa..6d49bdb31c 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -76,8 +76,8 @@ public class ApiTokenProperty extends UserProperty {
     private static final Logger LOGGER = Logger.getLogger(ApiTokenProperty.class.getName());
     
     /**
-     * If enabled, the users with {@link Jenkins#ADMINISTER} permissions can generate new legacy tokens for
-     * other users. Normally only a user can generate tokens for himself.<p>
+     * If enabled, the users with {@link Jenkins#ADMINISTER} permissions can view legacy tokens for
+     * other users.<p>
      * Disabled by default due to the security reasons.<p>
      * If enabled, it restores the original Jenkins behavior (SECURITY-200).
      *
@@ -89,7 +89,7 @@ public class ApiTokenProperty extends UserProperty {
     
     /**
      * If enabled, the users with {@link Jenkins#ADMINISTER} permissions can generate new tokens for
-     * other users. Normally only a user can generate tokens for himself.<p>
+     * other users. Normally a user can only generate tokens for himself.<p>
      * Take care that only the creator of a token will have the plain value as it's only stored as an hash in the system.<p>
      * Disabled by default due to the security reasons.
      * It's the version of {@link #SHOW_LEGACY_TOKEN_TO_ADMINS} for the new API Token system (SECURITY-200).
@@ -292,8 +292,6 @@ public class ApiTokenProperty extends UserProperty {
                 // addition of a message could be nice in that API to provide more feedback to administrators
                 OldDataMonitor.report(context, "@since TODO");
             }
-            
-            apiTokenProperty.tokenStore.optimize();
         }
     }
 
diff --git a/core/src/main/java/jenkins/security/ApiTokenStore.java b/core/src/main/java/jenkins/security/ApiTokenStore.java
index 8f89d2019b..9e87396964 100644
--- a/core/src/main/java/jenkins/security/ApiTokenStore.java
+++ b/core/src/main/java/jenkins/security/ApiTokenStore.java
@@ -62,24 +62,14 @@ public class ApiTokenStore {
     private static final Comparator<HashedToken> SORT_BY_LOWERCASED_NAME =
             Comparator.comparing(hashedToken -> hashedToken.getName().toLowerCase(Locale.ENGLISH));
     
-    /**
-     * Determine the number of attempt to generate an unique prefix (over 4096 possibilities) that is not currently used
-     */
-    @SuppressFBWarnings(value = "MS_SHOULD_BE_FINAL", justification = "Accessible via System Groovy Scripts")
-    public static /* not final */ int MAX_ATTEMPTS =
-            SystemProperties.getInteger(ApiTokenStore.class.getName() + ".maxAttempt", 100);
-    
-    private static final int TOKEN_LENGTH_V2 = 36;
-    /** single hex-character */
-    private static final String LEGACY_VERSION = "1";
-    private static final String HASH_VERSION = "2";
-    
-    private static final String LEGACY_PREFIX = "";
+    private static final int TOKEN_LENGTH_V2 = 34;
+    /** two hex-characters */
+    private static final String LEGACY_VERSION = "01";
+    private static final String HASH_VERSION = "02";
     
     private static final String HASH_ALGORITHM = "SHA-256";
     
     private List<HashedToken> tokenList;
-    private transient Map<String, List<HashedToken>> prefixToTokenList;
     
     public ApiTokenStore() {
         this.init();
@@ -94,7 +84,6 @@ public class ApiTokenStore {
         if (this.tokenList == null) {
             this.tokenList = new ArrayList<>();
         }
-        this.prefixToTokenList = new HashMap<>();
     }
     
     @SuppressFBWarnings("NP_NONNULL_RETURN_VIOLATION")
@@ -104,29 +93,8 @@ public class ApiTokenStore {
                 .collect(Collectors.toList());
     }
     
-    /**
-     * After a load from the disk, we need to re-populate the prefix map
-     */
-    public synchronized void optimize() {
-        this.prefixToTokenList.clear();
-        tokenList.forEach(this::addTokenInPrefixMap);
-    }
-    
     private void addToken(HashedToken token) {
         this.tokenList.add(token);
-        this.addTokenInPrefixMap(token);
-    }
-    
-    private void addTokenInPrefixMap(HashedToken token) {
-        String prefix = token.value.prefix;
-        if (prefixToTokenList.containsKey(prefix)) {
-            List<HashedToken> existingNode = prefixToTokenList.get(prefix);
-            existingNode.add(token);
-        } else {
-            List<HashedToken> newList = new LinkedList<>();
-            newList.add(token);
-            prefixToTokenList.put(prefix, newList);
-        }
     }
     
     /**
@@ -158,14 +126,7 @@ public class ApiTokenStore {
     
     private void deleteAllLegacyTokens() {
         // normally there is only one, but just in case
-        for (Iterator<HashedToken> iterator = tokenList.iterator(); iterator.hasNext();) {
-            HashedToken token = iterator.next();
-            if (token.isLegacy()) {
-                iterator.remove();
-
-                removeTokenFromPrefixMap(token);
-            }
-        }
+        tokenList.removeIf(HashedToken::isLegacy);
     }
     
     private void addLegacyToken(@Nonnull Secret legacyToken) {
@@ -173,7 +134,7 @@ public class ApiTokenStore {
         
         String secretValueHashed = this.plainSecretToHashInHex(tokenUserUseNormally);
         
-        HashValue hashValue = new HashValue(LEGACY_VERSION, LEGACY_PREFIX, secretValueHashed);
+        HashValue hashValue = new HashValue(LEGACY_VERSION, secretValueHashed);
         HashedToken token = HashedToken.buildNew(Messages.ApiTokenProperty_LegacyTokenName(), hashValue);
         
         this.addToken(token);
@@ -184,13 +145,12 @@ public class ApiTokenStore {
         byte[] random = new byte[16];
         RANDOM.nextBytes(random);
         String secretValue = Util.toHexString(random);
-        String prefix = generatePrefix();
-        String tokenTheUserWillUse = HASH_VERSION + prefix + secretValue;
-        assert tokenTheUserWillUse.length() == 1 + 3 + 32;
+        String tokenTheUserWillUse = HASH_VERSION + secretValue;
+        assert tokenTheUserWillUse.length() == 2 + 32;
         
         String secretValueHashed = this.plainSecretToHashInHex(secretValue);
         
-        HashValue hashValue = new HashValue(HASH_VERSION, prefix, secretValueHashed);
+        HashValue hashValue = new HashValue(HASH_VERSION, secretValueHashed);
         HashedToken token = HashedToken.buildNew(name, hashValue);
         
         this.addToken(token);
@@ -218,51 +178,16 @@ public class ApiTokenStore {
         }
         return digest.digest(tokenBytes);
     }
-
-    private @Nonnull String generatePrefix() {
-        int i = 0;
-        boolean unique;
-        String currentPrefix;
-        
-        do {
-            currentPrefix = generateRandomPrefix();
-            unique = !prefixToTokenList.containsKey(currentPrefix);
-            i++;
-        } while (i < MAX_ATTEMPTS && !unique);
-        
-        Level logLevel = Level.FINE;
-        if (i == MAX_ATTEMPTS) {
-            logLevel = Level.WARNING;
-        }
-        LOGGER.log(logLevel, "Prefix generated after {0}/{1} attempts", new Object[]{i, MAX_ATTEMPTS});
-        
-        return currentPrefix;
-    }
-    
-    /**
-     * Generate random 3-hex-character
-     */
-    @SuppressFBWarnings("NP_NONNULL_RETURN_VIOLATION")
-    private @Nonnull String generateRandomPrefix() {
-        int prefixInteger = RANDOM.nextInt(4096);
-        
-        String prefixString = Integer.toHexString(prefixInteger);
-        return StringUtils.leftPad(prefixString, 3, '0');
-    }
     
     public synchronized boolean doesContainToken(@Nonnull String token) {
-        String prefixToSearch;
         String plainToken;
-        
         if (isLegacyToken(token)) {
-            prefixToSearch = LEGACY_PREFIX;
             plainToken = token;
         } else {
-            prefixToSearch = getPrefixOfToken(token);
             plainToken = getHashOfToken(token);
         }
         
-        return searchMatchUsingPrefix(prefixToSearch, plainToken);
+        return searchMatch(plainToken);
     }
     
     private boolean isLegacyToken(String token) {
@@ -270,37 +195,24 @@ public class ApiTokenStore {
     }
     
     /**
-     * [1: version][3: prefix][32: real token]
-     * ^^^^^^^^^^^^---------------------------
+     * [2: version][32: real token]
+     * ^^^^^^^^^^^^----------------
      */
     private String getVersionOfToken(String token) {
-        return String.valueOf(token.charAt(0));
-    }
-    
-    /**
-     * [1: version][3: prefix][32: real token]
-     * ------------^^^^^^^^^^^----------------
-     */
-    private String getPrefixOfToken(String token) {
-        return token.substring(1, 4);
+        return token.substring(0, 1);
     }
     
     /**
-     * [1: version][3: prefix][32: real token]
-     * -----------------------^^^^^^^^^^^^^^^^
+     * [2: version][32: real token]
+     * ------------^^^^^^^^^^^^^^^^
      */
     private String getHashOfToken(String token) {
-        return token.substring(4);
+        return token.substring(2);
     }
     
-    private boolean searchMatchUsingPrefix(String prefix, String plainToken) {
-        List<HashedToken> list = this.prefixToTokenList.get(prefix);
-        if(list == null){
-            return false;
-        }
-        
+    private boolean searchMatch(String plainToken) {
         byte[] hashedBytes = plainSecretToHashBytes(plainToken);
-        for (HashedToken token : list) {
+        for (HashedToken token : tokenList) {
             if(token.match(hashedBytes)){
                 token.incrementUse();
                 return true;
@@ -316,7 +228,6 @@ public class ApiTokenStore {
             if (token.uuid.equals(tokenUuid)) {
                 iterator.remove();
 
-                removeTokenFromPrefixMap(token);
                 return token;
             }
         }
@@ -324,26 +235,6 @@ public class ApiTokenStore {
         return null;
     }
     
-    private void removeTokenFromPrefixMap(HashedToken token) {
-        String prefix = token.value.prefix;
-        List<HashedToken> list = prefixToTokenList.get(prefix);
-        if(list == null){
-            return;
-        }
-        
-        boolean found = false;
-        for (Iterator<HashedToken> iterator = list.iterator(); iterator.hasNext() && !found;) {
-            HashedToken currentToken = iterator.next();
-            if(currentToken.uuid.equals(token.uuid)){
-                iterator.remove();
-                found = true;
-            }
-        }
-        if(list.isEmpty()){
-            prefixToTokenList.remove(prefix);
-        }
-    }
-    
     public synchronized boolean renameToken(@Nonnull String tokenUuid, @Nonnull String newName) {
         for (HashedToken token : tokenList) {
             if (token.uuid.equals(tokenUuid)) {
@@ -357,23 +248,17 @@ public class ApiTokenStore {
     }
     
     /**
-     * [1: version][3: prefix][32: real token]
+     * [2: version][32: real token]
      */
     @Immutable
     private static class HashValue {
-        /**
-         * Serve as an optimizer to avoid hashing all the tokens for the token-check
-         * not a "confidential" information
-         */
-        private final String prefix;
         /** To ease future implementation */
         private final String version;
         /** The only confidential information. The token is stored as a SHA-256 hash, in hex format */
         private final String hash;
         
-        public HashValue(String version, String prefix, String hash) {
+        public HashValue(String version, String hash) {
             this.version = version;
-            this.prefix = prefix;
             this.hash = hash;
         }
     }
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
index e10f1dc7e1..8e0e45bc2b 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
@@ -84,7 +84,6 @@ THE SOFTWARE.
     </f:entry>
 
     <j:if test="${descriptor.hasCurrentUserRightToGenerateNewToken(it)}">
-    <!--<j:if test="${instance == null || instance.hasCurrentUserPermissionToGenerateTokenForThisUser()}">-->
         <f:advanced title="${%Generate new API Token}" align="left">
             <f:entry title="New Token">
                 <f:textbox name="newTokenName" placeholder="${%Default name}" style="width: 40%; display: inline-block"/>
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/help-tokenStore.html b/core/src/main/resources/jenkins/security/ApiTokenProperty/help-tokenStore.html
index ae301ad53d..6c0258d8e8 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/help-tokenStore.html
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/help-tokenStore.html
@@ -1,12 +1,12 @@
 <div>
     The API tokens can be used for authenticating yourself in the REST API call.
     See <a href="https://jenkins.io/redirect/api-token">our wiki</a> for more details.<br/>
-    The associated username with the tokens is the regular one of your account.<br/>
+    The username associated with each token is your Jenkins username.<br/>
     <br/>
-    The best practices in terms of tokens are:
+    Some good practices for keeping your API tokens secure are:
     <ul>
-        <li>Use a different token for each application (if one application is compromised, you do not loose data from other)</li>
-        <li>Regenerate the tokens every x weeks/months. We put an indicator concerning the age of the token.</li>
+        <li>Use a different token for each application (if one application is compromised, you do not lose data from other)</li>
+        <li>Regenerate the tokens every 6 months (depending on your context). We put an indicator concerning the age of the token.</li>
         <li>Protect it like your password, as it allows other people to access Jenkins as you.</li>
     </ul>
 </div>
-- 
GitLab


From ac2a97f77a7e61a08eb9b572b43bc88e13632027 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Tue, 27 Feb 2018 17:50:16 +0100
Subject: [PATCH 148/863] adjust some whitespaces and removal of since

---
 core/src/main/java/jenkins/security/ApiTokenProperty.java   | 6 +++---
 ...piTokenPropertyDisabledDefaultAdministrativeMonitor.java | 2 --
 2 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index 6d49bdb31c..e948f28f02 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -74,7 +74,7 @@ import org.kohsuke.stapler.interceptor.RequirePOST;
  */
 public class ApiTokenProperty extends UserProperty {
     private static final Logger LOGGER = Logger.getLogger(ApiTokenProperty.class.getName());
-    
+
     /**
      * If enabled, the users with {@link Jenkins#ADMINISTER} permissions can view legacy tokens for
      * other users.<p>
@@ -131,12 +131,12 @@ public class ApiTokenProperty extends UserProperty {
         }
         this.init();
     }
-    
+
     /**
      * Gets the API token.
      * The method performs security checks since 1.638. Only the current user and SYSTEM may see it.
      * Users with {@link Jenkins#ADMINISTER} may be allowed to do it using {@link #SHOW_LEGACY_TOKEN_TO_ADMINS}.
-     *
+     * 
      * @return API Token. Never null, but may be {@link Messages#ApiTokenProperty_ChangeToken_TokenIsHidden()}
      *         if the user has no appropriate permissions.
      * @since 1.426, and since 1.638 the method performs security checks
diff --git a/core/src/main/java/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor.java b/core/src/main/java/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor.java
index 12f1bce9f7..1f9c951a80 100644
--- a/core/src/main/java/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor.java
+++ b/core/src/main/java/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor.java
@@ -37,8 +37,6 @@ import java.io.IOException;
 
 /**
  * Monitor that the API Token are not generated by default without the user interaction.
- *
- * @since TODO
  */
 @Extension
 @Symbol("apiTokenLegacyAutoGeneration")
-- 
GitLab


From 9054e2211ed62dac944b745099b0361d3962e4ba Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Tue, 27 Feb 2018 18:39:43 +0100
Subject: [PATCH 149/863] [JENKINS-49642] Fix proxy view recursion

---
 core/src/main/java/hudson/model/ProxyView.java | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/core/src/main/java/hudson/model/ProxyView.java b/core/src/main/java/hudson/model/ProxyView.java
index 795b94ba86..a879dfd0b0 100644
--- a/core/src/main/java/hudson/model/ProxyView.java
+++ b/core/src/main/java/hudson/model/ProxyView.java
@@ -91,6 +91,11 @@ public class ProxyView extends View implements StaplerFallback {
         return getProxiedView().contains(item);
     }
 
+    @Override
+    public TopLevelItem getItem(String name) {
+        return getProxiedView().getItem(name);
+    }
+
     @Override
     protected void submit(StaplerRequest req) throws IOException, ServletException, FormException {
         String proxiedViewName = req.getSubmittedForm().getString("proxiedViewName");
-- 
GitLab


From 35a38f0ce69596f7aff2a4b3de14739d5cb78dbc Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Wed, 28 Feb 2018 00:54:04 +0100
Subject: [PATCH 150/863] [JENKINS-32599] Ignore misplaced users/config.xml
 file

---
 core/src/main/java/hudson/model/User.java | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/core/src/main/java/hudson/model/User.java b/core/src/main/java/hudson/model/User.java
index 148526ca1d..34ba9bddab 100644
--- a/core/src/main/java/hudson/model/User.java
+++ b/core/src/main/java/hudson/model/User.java
@@ -1092,6 +1092,9 @@ public class User extends AbstractModelObject implements AccessControlled, Descr
             File[] subdirs = getRootDir().listFiles((FileFilter) DirectoryFileFilter.INSTANCE);
             if (subdirs != null) {
                 for (File subdir : subdirs) {
+                    if (subdir.equals(getRootDir())) {
+                        continue; // ignore the parent directory in case of stray config.xml
+                    }
                     File configFile = new File(subdir, "config.xml");
                     if (configFile.exists()) {
                         String name = strategy.idFromFilename(subdir.getName());
-- 
GitLab


From 930f70ef07aa6a7470c44754b79d8807351b6bcc Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Wed, 28 Feb 2018 08:47:28 +0100
Subject: [PATCH 151/863] correct exclusive boundary mistake

---
 core/src/main/java/jenkins/security/ApiTokenStore.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/jenkins/security/ApiTokenStore.java b/core/src/main/java/jenkins/security/ApiTokenStore.java
index 9e87396964..75ff2c9f74 100644
--- a/core/src/main/java/jenkins/security/ApiTokenStore.java
+++ b/core/src/main/java/jenkins/security/ApiTokenStore.java
@@ -199,7 +199,7 @@ public class ApiTokenStore {
      * ^^^^^^^^^^^^----------------
      */
     private String getVersionOfToken(String token) {
-        return token.substring(0, 1);
+        return token.substring(0, 2);
     }
     
     /**
-- 
GitLab


From 503c2459a43e57da1ca65c107410f9cb24aa2078 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Wed, 28 Feb 2018 09:03:51 +0100
Subject: [PATCH 152/863] correction of some tests that were using the
 withApiToken without legacy behavior

---
 .../java/hudson/bugs/JnlpAccessWithSecuredHudsonTest.java  | 4 ++++
 .../hudson/diagnosis/HudsonHomeDiskUsageMonitorTest.java   | 4 ++++
 test/src/test/java/hudson/model/ItemsTest.java             | 7 +++++++
 test/src/test/java/hudson/model/JobTest.java               | 4 ++++
 .../java/hudson/model/PasswordParameterDefinitionTest.java | 5 +++++
 test/src/test/java/hudson/model/QueueTest.java             | 3 +++
 test/src/test/java/hudson/security/LoginTest.java          | 4 ++++
 .../java/hudson/util/RobustReflectionConverterTest.java    | 5 +++++
 test/src/test/java/jenkins/model/JenkinsTest.java          | 7 +++++++
 .../test/java/jenkins/security/ApiCrumbExclusionTest.java  | 3 +++
 .../test/java/jenkins/security/ApiTokenPropertyTest.java   | 3 ---
 .../java/jenkins/security/BasicHeaderProcessorTest.java    | 3 +++
 test/src/test/java/lib/form/PasswordTest.java              | 4 ++++
 13 files changed, 53 insertions(+), 3 deletions(-)

diff --git a/test/src/test/java/hudson/bugs/JnlpAccessWithSecuredHudsonTest.java b/test/src/test/java/hudson/bugs/JnlpAccessWithSecuredHudsonTest.java
index 8e0ce19006..6b89696d1c 100644
--- a/test/src/test/java/hudson/bugs/JnlpAccessWithSecuredHudsonTest.java
+++ b/test/src/test/java/hudson/bugs/JnlpAccessWithSecuredHudsonTest.java
@@ -37,6 +37,7 @@ import hudson.slaves.JNLPLauncher;
 import hudson.slaves.RetentionStrategy;
 import hudson.slaves.DumbSlave;
 import hudson.util.StreamTaskListener;
+import jenkins.security.ApiTokenPropertyConfiguration;
 import jenkins.security.MasterToSlaveCallable;
 import jenkins.security.s2m.AdminWhitelistRule;
 import org.dom4j.Document;
@@ -85,6 +86,9 @@ public class JnlpAccessWithSecuredHudsonTest {
     @Email("http://markmail.org/message/on4wkjdaldwi2atx")
     @Test
     public void anonymousCanAlwaysLoadJARs() throws Exception {
+        // legacy behavior re-enabled (could be changed when the webclient will be adapted
+        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        
         r.jenkins.setNodes(Collections.singletonList(createNewJnlpSlave("test")));
         JenkinsRule.WebClient wc = r.createWebClient();
         HtmlPage p = wc.withBasicApiToken(User.getById("alice", true)).goTo("computer/test/");
diff --git a/test/src/test/java/hudson/diagnosis/HudsonHomeDiskUsageMonitorTest.java b/test/src/test/java/hudson/diagnosis/HudsonHomeDiskUsageMonitorTest.java
index 3b3da3b177..24ac6f19d3 100644
--- a/test/src/test/java/hudson/diagnosis/HudsonHomeDiskUsageMonitorTest.java
+++ b/test/src/test/java/hudson/diagnosis/HudsonHomeDiskUsageMonitorTest.java
@@ -12,6 +12,7 @@ import com.gargoylesoftware.htmlunit.util.NameValuePair;
 import hudson.model.User;
 import hudson.security.GlobalMatrixAuthorizationStrategy;
 import jenkins.model.Jenkins;
+import jenkins.security.ApiTokenPropertyConfiguration;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
@@ -59,6 +60,9 @@ public class HudsonHomeDiskUsageMonitorTest {
     @Issue("SECURITY-371")
     @Test
     public void noAccessForNonAdmin() throws Exception {
+        // legacy behavior re-enabled (could be changed when the webclient will be adapted
+        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        
         JenkinsRule.WebClient wc = j.createWebClient();
 
         // TODO: Use MockAuthorizationStrategy in later versions
diff --git a/test/src/test/java/hudson/model/ItemsTest.java b/test/src/test/java/hudson/model/ItemsTest.java
index 40dfd2fa8d..bd1574ecc7 100644
--- a/test/src/test/java/hudson/model/ItemsTest.java
+++ b/test/src/test/java/hudson/model/ItemsTest.java
@@ -41,6 +41,7 @@ import java.io.IOException;
 import java.net.URL;
 import java.util.Arrays;
 import jenkins.model.Jenkins;
+import jenkins.security.ApiTokenPropertyConfiguration;
 import org.acegisecurity.context.SecurityContext;
 import org.acegisecurity.context.SecurityContextHolder;
 import org.apache.commons.httpclient.HttpStatus;
@@ -62,6 +63,12 @@ public class ItemsTest {
     @Rule public JenkinsRule r = new JenkinsRule();
     @Rule public TemporaryFolder tmpRule = new TemporaryFolder();
 
+    @Before
+    public void setupLegacyBehavior(){
+        // legacy behavior re-enabled (could be changed when the webclient will be adapted
+        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+    }
+    
     @Test public void getAllItems() throws Exception {
         MockFolder d = r.createFolder("d");
         MockFolder sub2 = d.createProject(MockFolder.class, "sub2");
diff --git a/test/src/test/java/hudson/model/JobTest.java b/test/src/test/java/hudson/model/JobTest.java
index 58e14cdd33..dc39a9d88d 100644
--- a/test/src/test/java/hudson/model/JobTest.java
+++ b/test/src/test/java/hudson/model/JobTest.java
@@ -52,6 +52,7 @@ import java.util.concurrent.CountDownLatch;
 
 import jenkins.model.ProjectNamingStrategy;
 
+import jenkins.security.ApiTokenPropertyConfiguration;
 import org.hamcrest.Matchers;
 import org.junit.Rule;
 import org.junit.Test;
@@ -210,6 +211,9 @@ public class JobTest {
 
     @LocalData
     @Test public void configDotXmlPermission() throws Exception {
+        // legacy behavior re-enabled (could be changed when the webclient will be adapted
+        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        
         j.jenkins.setCrumbIssuer(null);
         JenkinsRule.WebClient wc = j.createWebClient();
         boolean saveEnabled = Item.EXTENDED_READ.getEnabled();
diff --git a/test/src/test/java/hudson/model/PasswordParameterDefinitionTest.java b/test/src/test/java/hudson/model/PasswordParameterDefinitionTest.java
index 4fab18d601..d93c393eaf 100644
--- a/test/src/test/java/hudson/model/PasswordParameterDefinitionTest.java
+++ b/test/src/test/java/hudson/model/PasswordParameterDefinitionTest.java
@@ -30,6 +30,8 @@ import hudson.Launcher;
 import java.io.IOException;
 import jenkins.model.Jenkins;
 import static org.junit.Assert.assertEquals;
+
+import jenkins.security.ApiTokenPropertyConfiguration;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
@@ -50,6 +52,9 @@ public class PasswordParameterDefinitionTest {
 
     @Issue("JENKINS-36476")
     @Test public void defaultValueAlwaysAvailable() throws Exception {
+        // legacy behavior re-enabled (could be changed when the webclient will be adapted
+        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         j.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy().
             grant(Jenkins.ADMINISTER).everywhere().to("admin").
diff --git a/test/src/test/java/hudson/model/QueueTest.java b/test/src/test/java/hudson/model/QueueTest.java
index bc18c08e5f..7fb9c974b3 100644
--- a/test/src/test/java/hudson/model/QueueTest.java
+++ b/test/src/test/java/hudson/model/QueueTest.java
@@ -72,6 +72,7 @@ import hudson.util.OneShotEvent;
 import hudson.util.XStream2;
 import jenkins.model.BlockedBecauseOfBuildInProgress;
 import jenkins.model.Jenkins;
+import jenkins.security.ApiTokenPropertyConfiguration;
 import jenkins.security.QueueItemAuthenticatorConfiguration;
 import jenkins.triggers.ReverseBuildTrigger;
 import org.acegisecurity.Authentication;
@@ -926,6 +927,8 @@ public class QueueTest {
     @Issue({"SECURITY-186", "SECURITY-618"})
     @Test
     public void queueApiOutputShouldBeFilteredByUserPermission() throws Exception {
+        // legacy behavior re-enabled (could be changed when the webclient will be adapted
+        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
 
         r.jenkins.setSecurityRealm(r.createDummySecurityRealm());
         ProjectMatrixAuthorizationStrategy str = new ProjectMatrixAuthorizationStrategy();
diff --git a/test/src/test/java/hudson/security/LoginTest.java b/test/src/test/java/hudson/security/LoginTest.java
index 91ef0e6e34..82ef6531ce 100644
--- a/test/src/test/java/hudson/security/LoginTest.java
+++ b/test/src/test/java/hudson/security/LoginTest.java
@@ -12,6 +12,7 @@ import com.gargoylesoftware.htmlunit.html.HtmlForm;
 import com.gargoylesoftware.htmlunit.html.HtmlCheckBoxInput;
 
 import hudson.model.User;
+import jenkins.security.ApiTokenPropertyConfiguration;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.JenkinsRule;
@@ -53,6 +54,9 @@ public class LoginTest {
     @Test
     @PresetData(DataSet.ANONYMOUS_READONLY)
     public void loginErrorRedirect2() throws Exception {
+        // legacy behavior re-enabled (could be changed when the webclient will be adapted
+        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+
         // in a secured Hudson, the error page should render.
         WebClient wc = j.createWebClient();
         wc.assertFails("loginError", SC_UNAUTHORIZED);
diff --git a/test/src/test/java/hudson/util/RobustReflectionConverterTest.java b/test/src/test/java/hudson/util/RobustReflectionConverterTest.java
index d728e053f1..1adbc4264b 100644
--- a/test/src/test/java/hudson/util/RobustReflectionConverterTest.java
+++ b/test/src/test/java/hudson/util/RobustReflectionConverterTest.java
@@ -44,6 +44,8 @@ import java.util.Map;
 
 import jenkins.model.Jenkins;
 import static org.junit.Assert.*;
+
+import jenkins.security.ApiTokenPropertyConfiguration;
 import net.sf.json.JSONObject;
 
 import org.junit.Rule;
@@ -186,6 +188,9 @@ public class RobustReflectionConverterTest {
     
     @Test
     public void testRestInterfaceFailure() throws Exception {
+        // legacy behavior re-enabled (could be changed when the webclient will be adapted
+        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+
         Items.XSTREAM2.addCriticalField(KeywordProperty.class, "criticalField");
 
         User test = User.getById("test", true);
diff --git a/test/src/test/java/jenkins/model/JenkinsTest.java b/test/src/test/java/jenkins/model/JenkinsTest.java
index 833230dbe8..dcac9db475 100644
--- a/test/src/test/java/jenkins/model/JenkinsTest.java
+++ b/test/src/test/java/jenkins/model/JenkinsTest.java
@@ -67,6 +67,7 @@ import hudson.util.FormValidation;
 import hudson.util.VersionNumber;
 
 import jenkins.AgentProtocol;
+import jenkins.security.ApiTokenPropertyConfiguration;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
@@ -312,6 +313,9 @@ public class JenkinsTest {
 
     @Test
     public void testDoScript() throws Exception {
+        // legacy behavior re-enabled (could be changed when the webclient will be adapted
+        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         j.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy().
             grant(Jenkins.ADMINISTER).everywhere().to("alice").
@@ -340,6 +344,9 @@ public class JenkinsTest {
 
     @Test
     public void testDoEval() throws Exception {
+        // legacy behavior re-enabled (could be changed when the webclient will be adapted
+        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         j.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy().
             grant(Jenkins.ADMINISTER).everywhere().to("alice").
diff --git a/test/src/test/java/jenkins/security/ApiCrumbExclusionTest.java b/test/src/test/java/jenkins/security/ApiCrumbExclusionTest.java
index eef3b21dfd..53cf8ce0a7 100644
--- a/test/src/test/java/jenkins/security/ApiCrumbExclusionTest.java
+++ b/test/src/test/java/jenkins/security/ApiCrumbExclusionTest.java
@@ -59,6 +59,9 @@ public class ApiCrumbExclusionTest {
     @Test
     @Issue("JENKINS-22474")
     public void callUsingApiTokenDoesNotRequireCSRFToken() throws Exception {
+        // legacy behavior re-enabled (could be changed when the webclient will be adapted
+        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         j.jenkins.setCrumbIssuer(null);
         User foo = User.get("foo");
diff --git a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
index 43990eb6ee..9ee062019a 100644
--- a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
+++ b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
@@ -9,7 +9,6 @@ import com.gargoylesoftware.htmlunit.HttpMethod;
 import com.gargoylesoftware.htmlunit.WebRequest;
 import com.gargoylesoftware.htmlunit.html.HtmlForm;
 import com.gargoylesoftware.htmlunit.html.HtmlPage;
-import com.gargoylesoftware.htmlunit.util.NameValuePair;
 import hudson.Util;
 import hudson.model.Cause;
 import hudson.model.FreeStyleProject;
@@ -25,8 +24,6 @@ import org.junit.Test;
 import org.jvnet.hudson.test.JenkinsRule;
 import org.jvnet.hudson.test.JenkinsRule.WebClient;
 
-import java.net.URL;
-import java.util.ArrayList;
 import java.util.concurrent.Callable;
 import javax.annotation.Nonnull;
 import org.jvnet.hudson.test.Issue;
diff --git a/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java b/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java
index 0b471dd2b3..b3beadccca 100644
--- a/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java
+++ b/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java
@@ -45,6 +45,9 @@ public class BasicHeaderProcessorTest {
      */
     @Test
     public void testVariousWaysToCall() throws Exception {
+        // legacy behavior re-enabled (could be changed when the webclient will be adapted
+        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         User foo = User.getById("foo", true);
         User.getById("bar", true);
diff --git a/test/src/test/java/lib/form/PasswordTest.java b/test/src/test/java/lib/form/PasswordTest.java
index 8eef7d40ff..aac0019c00 100644
--- a/test/src/test/java/lib/form/PasswordTest.java
+++ b/test/src/test/java/lib/form/PasswordTest.java
@@ -40,6 +40,7 @@ import java.util.Locale;
 import java.util.regex.Pattern;
 
 import jenkins.model.Jenkins;
+import jenkins.security.ApiTokenPropertyConfiguration;
 import org.acegisecurity.Authentication;
 import static org.hamcrest.Matchers.containsString;
 import static org.hamcrest.Matchers.not;
@@ -95,6 +96,9 @@ public class PasswordTest {
     @Issue({"SECURITY-266", "SECURITY-304"})
     @Test
     public void testExposedCiphertext() throws Exception {
+        // legacy behavior re-enabled (could be changed when the webclient will be adapted
+        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+
         boolean saveEnabled = Item.EXTENDED_READ.getEnabled();
         Item.EXTENDED_READ.setEnabled(true);
         try {
-- 
GitLab


From 94ea347aac6488ef584de6068031459100c7bf9c Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 26 Feb 2018 16:04:11 +0100
Subject: [PATCH 153/863] TextFileTest.tail failed on Windows when using a
 source checkout with Unix newlines.

(cherry picked from commit 3a81319)
---
 core/src/test/java/hudson/util/TextFileTest.java | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/core/src/test/java/hudson/util/TextFileTest.java b/core/src/test/java/hudson/util/TextFileTest.java
index cb689a080f..b923cfd074 100644
--- a/core/src/test/java/hudson/util/TextFileTest.java
+++ b/core/src/test/java/hudson/util/TextFileTest.java
@@ -40,10 +40,9 @@ public class TextFileTest {
     public void tail() throws Exception {
         File f = tmp.newFile();
         FileUtils.copyURLToFile(getClass().getResource("ascii.txt"), f);
-
+        String whole = FileUtils.readFileToString(f);
         TextFile t = new TextFile(f);
-        String tailStr = "la, vitae interdum quam rutrum id." + System.lineSeparator();
-        assertEquals(34 + System.lineSeparator().length(), tailStr.length());
+        String tailStr = whole.substring(whole.length() - 34);
         assertEquals(tailStr, t.fastTail(tailStr.length()));
     }
 
-- 
GitLab


From 5fafb0bd1b23407f832f3e69d28985cd6bff9bb5 Mon Sep 17 00:00:00 2001
From: suren <zxjlwt@126.com>
Date: Wed, 28 Feb 2018 17:24:14 +0800
Subject: [PATCH 154/863] Add Chinese translation (#3287)

* Add Chinese translation for Job Naming Strategy

* Add Chinese translation

* Localized for apply component
---
 .../config_zh_CN.properties                   | 23 +++++++++++++++++
 .../index_zh_CN.properties                    |  3 +++
 .../hudson/tools/Messages_zh_CN.properties    |  1 +
 .../config_zh_CN.properties                   | 23 +++++++++++++++++
 .../DownloadSettings/config_zh_CN.properties  | 24 ++++++++++++++++++
 .../config.groovy                             |  2 +-
 .../config.properties                         |  2 +-
 .../config_de.properties                      |  2 +-
 .../config_fr.properties                      |  2 +-
 .../config_it.properties                      |  2 +-
 .../config_ja.properties                      |  6 ++---
 .../config_sr.properties                      |  2 +-
 .../config_zh_CN.properties                   | 25 +++++++++++++++++++
 .../config_zh_TW.properties                   |  6 ++---
 .../jenkins/model/Messages_zh_CN.properties   |  6 +++++
 .../config_zh_CN.properties                   | 25 +++++++++++++++++++
 .../help-description_zh_CN.html               |  3 +++
 core/src/main/resources/lib/form/apply.jelly  |  2 +-
 .../main/resources/lib/form/apply.properties  | 23 +++++++++++++++++
 .../resources/lib/form/apply_zh_CN.properties | 23 +++++++++++++++++
 .../defaultJobNamingStrategy_zh_CN.html       |  3 +++
 .../patternJobNamingStrategy_zh_CN.html       |  7 ++++++
 22 files changed, 202 insertions(+), 13 deletions(-)
 create mode 100644 core/src/main/resources/hudson/security/FullControlOnceLoggedInAuthorizationStrategy/config_zh_CN.properties
 create mode 100644 core/src/main/resources/hudson/views/GlobalDefaultViewConfiguration/config_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/model/DownloadSettings/config_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/model/ProjectNamingStrategy/PatternProjectNamingStrategy/config_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/model/ProjectNamingStrategy/PatternProjectNamingStrategy/help-description_zh_CN.html
 create mode 100644 core/src/main/resources/lib/form/apply.properties
 create mode 100644 core/src/main/resources/lib/form/apply_zh_CN.properties
 create mode 100644 war/src/main/webapp/help/system-config/defaultJobNamingStrategy_zh_CN.html
 create mode 100644 war/src/main/webapp/help/system-config/patternJobNamingStrategy_zh_CN.html

diff --git a/core/src/main/resources/hudson/security/FullControlOnceLoggedInAuthorizationStrategy/config_zh_CN.properties b/core/src/main/resources/hudson/security/FullControlOnceLoggedInAuthorizationStrategy/config_zh_CN.properties
new file mode 100644
index 0000000000..954ea7ac0b
--- /dev/null
+++ b/core/src/main/resources/hudson/security/FullControlOnceLoggedInAuthorizationStrategy/config_zh_CN.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Allow\ anonymous\ read\ access=\u533F\u540D\u7528\u6237\u5177\u6709\u53EF\u8BFB\u6743\u9650
diff --git a/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index_zh_CN.properties b/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index_zh_CN.properties
index d8ee8ee3c0..8863a8c607 100644
--- a/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index_zh_CN.properties
+++ b/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index_zh_CN.properties
@@ -31,3 +31,6 @@ Access\ Control=\u8BBF\u95EE\u63A7\u5236
 Security\ Realm=\u5B89\u5168\u57DF
 Authorization=\u6388\u6743\u7B56\u7565
 Save=\u4FDD\u5B58
+Apply=\u5E94\u7528
+
+Disable remember me=\u4E0D\u8BB0\u4F4F\u6211
diff --git a/core/src/main/resources/hudson/tools/Messages_zh_CN.properties b/core/src/main/resources/hudson/tools/Messages_zh_CN.properties
index 03c08991d1..c3d894769d 100644
--- a/core/src/main/resources/hudson/tools/Messages_zh_CN.properties
+++ b/core/src/main/resources/hudson/tools/Messages_zh_CN.properties
@@ -20,6 +20,7 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
+ToolLocationNodeProperty.displayName=\u5DE5\u5177\u4F4D\u7F6E
 CommandInstaller.DescriptorImpl.displayName=\u8FD0\u884C\u547D\u4EE4
 CommandInstaller.no_command=\u5FC5\u987B\u63D0\u4F9B\u4E00\u4E2A\u8FD0\u884C\u547D\u4EE4.
 CommandInstaller.no_toolHome=\u5FC5\u987B\u63D0\u4F9B\u4E00\u4E2A\u5DE5\u5177\u6839\u76EE\u5F55.
diff --git a/core/src/main/resources/hudson/views/GlobalDefaultViewConfiguration/config_zh_CN.properties b/core/src/main/resources/hudson/views/GlobalDefaultViewConfiguration/config_zh_CN.properties
new file mode 100644
index 0000000000..8f6846014d
--- /dev/null
+++ b/core/src/main/resources/hudson/views/GlobalDefaultViewConfiguration/config_zh_CN.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Default\ view=\u9ED8\u8BA4\u89C6\u56FE
diff --git a/core/src/main/resources/jenkins/model/DownloadSettings/config_zh_CN.properties b/core/src/main/resources/jenkins/model/DownloadSettings/config_zh_CN.properties
new file mode 100644
index 0000000000..b57b404bcd
--- /dev/null
+++ b/core/src/main/resources/jenkins/model/DownloadSettings/config_zh_CN.properties
@@ -0,0 +1,24 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Use\ Browser=\u4F7F\u7528\u6D4F\u89C8\u5668
+Use\ browser\ for\ metadata\ download=\u4F7F\u7528\u6D4F\u89C8\u5668\u4E0B\u8F7D\u5143\u6570\u636E
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config.groovy b/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config.groovy
index 2be2077f72..1d422ee10c 100644
--- a/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config.groovy
+++ b/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config.groovy
@@ -6,7 +6,7 @@ def f=namespace(lib.FormTagLib)
 
 f.optionalBlock( field:"useProjectNamingStrategy", title:_("useNamingStrategy"), checked:app.useProjectNamingStrategy) {
 
-    f.entry(title:_("namingStrategyTitel")) {
+    f.entry(title:_("namingStrategyTitle")) {
         table(style:"width:100%") {
             f.descriptorRadioList(title:_("strategy"), varName:"namingStrategy", instance:app.projectNamingStrategy, descriptors:ProjectNamingStrategy.all())
         }
diff --git a/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config.properties b/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config.properties
index 4a4ac6fca4..bb670c7604 100644
--- a/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config.properties
+++ b/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config.properties
@@ -21,7 +21,7 @@
 # THE SOFTWARE.
 
 useNamingStrategy = Restrict project naming
-namingStrategyTitel = Naming Strategy
+namingStrategyTitle = Naming Strategy
 strategy = Strategy
 
 
diff --git a/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_de.properties b/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_de.properties
index 71af7664d5..23cb474eb7 100644
--- a/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_de.properties
+++ b/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_de.properties
@@ -21,5 +21,5 @@
 # THE SOFTWARE.
 
 useNamingStrategy = Namenskonventionen f\u00FCr Jobnamen erzwingen
-namingStrategyTitel = Namensschema
+namingStrategyTitle = Namensschema
 strategy = Schema
diff --git a/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_fr.properties b/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_fr.properties
index f561adbdff..06891b5c74 100644
--- a/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_fr.properties
+++ b/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_fr.properties
@@ -1,3 +1,3 @@
 useNamingStrategy=Restreindre le nommage de projet
-namingStrategyTitel=Strat\u00E9gie de nommage
+namingStrategyTitle=Strat\u00E9gie de nommage
 strategy=Strat\u00E9gie
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_it.properties b/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_it.properties
index 1cd105b88c..1f645e93df 100644
--- a/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_it.properties
+++ b/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_it.properties
@@ -21,5 +21,5 @@
 # THE SOFTWARE.
 
 useNamingStrategy=Forza utilizzo convenzioni nomi per i nomi dei processi
-namingStrategyTitel=Schema nomi
+namingStrategyTitle=Schema nomi
 strategy=Schema
diff --git a/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_ja.properties b/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_ja.properties
index 8daccb411b..b1f2120ff2 100644
--- a/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_ja.properties
+++ b/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_ja.properties
@@ -20,8 +20,8 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-useNamingStrategy = \u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u540d\u306e\u5236\u9650
-namingStrategyTitel = \u30cd\u30fc\u30df\u30f3\u30b0\u898f\u7d04
-strategy = \u898f\u7d04
+useNamingStrategy = \u30D7\u30ED\u30B8\u30A7\u30AF\u30C8\u540D\u306E\u5236\u9650
+namingStrategyTitle = \u30CD\u30FC\u30DF\u30F3\u30B0\u898F\u7D04
+strategy = \u898F\u7D04
 
 
diff --git a/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_sr.properties b/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_sr.properties
index b8a5aa7afa..bc04a65926 100644
--- a/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_sr.properties
+++ b/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_sr.properties
@@ -1,5 +1,5 @@
 # This file is under the MIT License by authors
 
 useNamingStrategy=\u041A\u043E\u0440\u0438\u0441\u0442\u0438 \u0448\u0435\u043C\u0443 \u0438\u043C\u0435\u043D\u043E\u0432\u0430\u045A\u0430 \u0437\u0430 \u043D\u0430\u0437\u0438\u0432 \u0437\u0430\u0434\u0430\u0442\u0430\u043A\u0430
-namingStrategyTitel=\u0428\u0435\u043C\u0430 \u0438\u043C\u0435\u043D\u043E\u0432\u0430\u045A\u0430
+namingStrategyTitle=\u0428\u0435\u043C\u0430 \u0438\u043C\u0435\u043D\u043E\u0432\u0430\u045A\u0430
 strategy=\u0428\u0435\u043C\u0430
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_zh_CN.properties b/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_zh_CN.properties
new file mode 100644
index 0000000000..efe5c87bfa
--- /dev/null
+++ b/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_zh_CN.properties
@@ -0,0 +1,25 @@
+# The MIT License
+#
+# Copyright (c) 2018 suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+useNamingStrategy=\u5DE5\u7A0B\u547D\u540D\u9650\u5236
+namingStrategyTitle=\u547D\u540D\u7B56\u7565
+strategy=\u7B56\u7565
diff --git a/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_zh_TW.properties b/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_zh_TW.properties
index 09f607fcf1..f9ac03128a 100644
--- a/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_zh_TW.properties
+++ b/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_zh_TW.properties
@@ -20,6 +20,6 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-useNamingStrategy=\u5c08\u6848\u547d\u540d\u9650\u5236
-namingStrategyTitel=\u547d\u540d\u7b56\u7565
-strategy=\u7b56\u7565
+useNamingStrategy=\u5C08\u6848\u547D\u540D\u9650\u5236
+namingStrategyTitle=\u547D\u540D\u7B56\u7565
+strategy=\u7B56\u7565
diff --git a/core/src/main/resources/jenkins/model/Messages_zh_CN.properties b/core/src/main/resources/jenkins/model/Messages_zh_CN.properties
index 883f8b0f37..72e1bc8efc 100644
--- a/core/src/main/resources/jenkins/model/Messages_zh_CN.properties
+++ b/core/src/main/resources/jenkins/model/Messages_zh_CN.properties
@@ -33,3 +33,9 @@ CauseOfInterruption.ShortDescription=\u88AB {0} \u7EC8\u6B62
 CLI.shutdown.shortDescription=\u7ACB\u523B\u5173\u95EDJenkins
 CLI.disable-job.shortDescription=\u7981\u7528\u4EFB\u52A1
 CLI.enable-job.shortDescription=\u542F\u7528\u4EFB\u52A1
+
+DefaultProjectNamingStrategy.DisplayName=\u9ED8\u8BA4
+
+PatternProjectNamingStrategy.DisplayName=\u6A21\u5F0F
+PatternProjectNamingStrategy.NamePatternRequired=\u6A21\u5F0F\u5B57\u6BB5\u5FC5\u586B
+PatternProjectNamingStrategy.NamePatternInvalidSyntax=\u683C\u5F0F\u9519\u8BEF
diff --git a/core/src/main/resources/jenkins/model/ProjectNamingStrategy/PatternProjectNamingStrategy/config_zh_CN.properties b/core/src/main/resources/jenkins/model/ProjectNamingStrategy/PatternProjectNamingStrategy/config_zh_CN.properties
new file mode 100644
index 0000000000..41e268c46a
--- /dev/null
+++ b/core/src/main/resources/jenkins/model/ProjectNamingStrategy/PatternProjectNamingStrategy/config_zh_CN.properties
@@ -0,0 +1,25 @@
+# The MIT License
+#
+# Copyright (c) 2018 suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+namePattern=\u6A21\u5F0F
+description=\u63CF\u8FF0
+forceExistingJobs=\u5F71\u54CD\u5DF2\u7ECF\u5B58\u5728\u7684
diff --git a/core/src/main/resources/jenkins/model/ProjectNamingStrategy/PatternProjectNamingStrategy/help-description_zh_CN.html b/core/src/main/resources/jenkins/model/ProjectNamingStrategy/PatternProjectNamingStrategy/help-description_zh_CN.html
new file mode 100644
index 0000000000..035b521a2e
--- /dev/null
+++ b/core/src/main/resources/jenkins/model/ProjectNamingStrategy/PatternProjectNamingStrategy/help-description_zh_CN.html
@@ -0,0 +1,3 @@
+<p>
+    当任务名称不符合规则时会给出的错误提示信息，用于解释命名约束的可读性描述。
+</p>
\ No newline at end of file
diff --git a/core/src/main/resources/lib/form/apply.jelly b/core/src/main/resources/lib/form/apply.jelly
index 86455202ec..dfe5c24f87 100644
--- a/core/src/main/resources/lib/form/apply.jelly
+++ b/core/src/main/resources/lib/form/apply.jelly
@@ -38,5 +38,5 @@ THE SOFTWARE.
   </s:documentation>
   <st:adjunct includes="lib.form.apply.apply"/>
   <input type="hidden" name="core:apply" value="" />
-  <input type="button" value="${attrs.value ?: 'Apply'}" class="apply-button applyButton" name="Apply"/><!-- applyButton is legacy -->
+  <input type="button" value="${attrs.value ?: '%Apply'}" class="apply-button applyButton" name="Apply"/><!-- applyButton is legacy -->
 </j:jelly>
\ No newline at end of file
diff --git a/core/src/main/resources/lib/form/apply.properties b/core/src/main/resources/lib/form/apply.properties
new file mode 100644
index 0000000000..b070eb0d1a
--- /dev/null
+++ b/core/src/main/resources/lib/form/apply.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018 suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Apply=Apply
diff --git a/core/src/main/resources/lib/form/apply_zh_CN.properties b/core/src/main/resources/lib/form/apply_zh_CN.properties
new file mode 100644
index 0000000000..8a9da8bf36
--- /dev/null
+++ b/core/src/main/resources/lib/form/apply_zh_CN.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018 suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Apply=\u5E94\u7528
diff --git a/war/src/main/webapp/help/system-config/defaultJobNamingStrategy_zh_CN.html b/war/src/main/webapp/help/system-config/defaultJobNamingStrategy_zh_CN.html
new file mode 100644
index 0000000000..73986e3a37
--- /dev/null
+++ b/war/src/main/webapp/help/system-config/defaultJobNamingStrategy_zh_CN.html
@@ -0,0 +1,3 @@
+<div>
+  默认设置，允许用户选择任意合法的命名。
+</div>
diff --git a/war/src/main/webapp/help/system-config/patternJobNamingStrategy_zh_CN.html b/war/src/main/webapp/help/system-config/patternJobNamingStrategy_zh_CN.html
new file mode 100644
index 0000000000..edb9af3eb7
--- /dev/null
+++ b/war/src/main/webapp/help/system-config/patternJobNamingStrategy_zh_CN.html
@@ -0,0 +1,7 @@
+<div>
+  定义（正则表达式）模式，用于检查命名是否有效。
+  <p>
+  强制检查已经存在的任务，允许你对已经存在的任务保持约束，例如：即使用户不修改名称，也会在每次
+  提交的时候做验证，只有验证通过才能保存。<br>
+  <i>该选项不影响任务的执行，只会在保存的时候做验证。</i>
+</div>
-- 
GitLab


From e5f61e29e260688d7d73339202c22ca199535018 Mon Sep 17 00:00:00 2001
From: Carl-Frederik Hallberg <nightwalker85@gmail.com>
Date: Wed, 28 Feb 2018 11:44:36 +0100
Subject: [PATCH 155/863] [JENKINS-49788] Added ConcurrentLinkedQueue to
 whitelisted classes. (#3315)

---
 core/src/main/resources/jenkins/security/whitelisted-classes.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/src/main/resources/jenkins/security/whitelisted-classes.txt b/core/src/main/resources/jenkins/security/whitelisted-classes.txt
index 68b07e4643..48a9b5db69 100644
--- a/core/src/main/resources/jenkins/security/whitelisted-classes.txt
+++ b/core/src/main/resources/jenkins/security/whitelisted-classes.txt
@@ -122,6 +122,7 @@ java.util.TreeSet
 java.util.UUID
 java.util.Vector
 java.util.concurrent.ConcurrentHashMap
+java.util.concurrent.ConcurrentLinkedQueue
 java.util.concurrent.ConcurrentSkipListMap
 java.util.concurrent.CopyOnWriteArrayList
 java.util.concurrent.CopyOnWriteArraySet
-- 
GitLab


From d31a3b1594c32f281592be1ccf315b6a9f59ca0c Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Wed, 28 Feb 2018 12:13:37 +0100
Subject: [PATCH 156/863] - correct last failing test, required legacy behavior
 to work

---
 test/src/test/java/hudson/cli/CLIActionTest.java               | 3 +++
 test/src/test/java/hudson/model/UserTest.java                  | 3 +++
 .../java/hudson/security/HudsonPrivateSecurityRealmTest.java   | 3 +++
 .../test/java/jenkins/security/BasicHeaderProcessorTest.java   | 2 ++
 4 files changed, 11 insertions(+)

diff --git a/test/src/test/java/hudson/cli/CLIActionTest.java b/test/src/test/java/hudson/cli/CLIActionTest.java
index 6738ee0612..5e2684d165 100644
--- a/test/src/test/java/hudson/cli/CLIActionTest.java
+++ b/test/src/test/java/hudson/cli/CLIActionTest.java
@@ -28,6 +28,7 @@ import java.util.concurrent.TimeUnit;
 import java.util.logging.Level;
 import jenkins.model.Jenkins;
 import jenkins.security.ApiTokenProperty;
+import jenkins.security.ApiTokenPropertyConfiguration;
 import jenkins.util.FullDuplexHttpService;
 import jenkins.util.Timer;
 import org.apache.commons.io.FileUtils;
@@ -128,6 +129,8 @@ public class CLIActionTest {
     @Issue({"JENKINS-12543", "JENKINS-41745"})
     @Test
     public void authentication() throws Exception {
+        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        
         logging.record(PlainCLIProtocol.class, Level.FINE);
         File jar = tmp.newFile("jenkins-cli.jar");
         FileUtils.copyURLToFile(j.jenkins.getJnlpJars("jenkins-cli.jar").getURL(), jar);
diff --git a/test/src/test/java/hudson/model/UserTest.java b/test/src/test/java/hudson/model/UserTest.java
index 34bb26a1c9..db918bd537 100644
--- a/test/src/test/java/hudson/model/UserTest.java
+++ b/test/src/test/java/hudson/model/UserTest.java
@@ -56,6 +56,7 @@ import jenkins.model.IdStrategy;
 import jenkins.model.Jenkins;
 import jenkins.security.ApiTokenProperty;
 
+import jenkins.security.ApiTokenPropertyConfiguration;
 import org.acegisecurity.AccessDeniedException;
 import org.acegisecurity.Authentication;
 import org.acegisecurity.AuthenticationException;
@@ -531,6 +532,8 @@ public class UserTest {
     @Test
     // @Issue("SECURITY-180")
     public void security180() throws Exception {
+        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        
         final GlobalMatrixAuthorizationStrategy auth = new GlobalMatrixAuthorizationStrategy();
         j.jenkins.setAuthorizationStrategy(auth);
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
diff --git a/test/src/test/java/hudson/security/HudsonPrivateSecurityRealmTest.java b/test/src/test/java/hudson/security/HudsonPrivateSecurityRealmTest.java
index e58fb48d0b..81e52c8939 100644
--- a/test/src/test/java/hudson/security/HudsonPrivateSecurityRealmTest.java
+++ b/test/src/test/java/hudson/security/HudsonPrivateSecurityRealmTest.java
@@ -50,6 +50,7 @@ import static org.hamcrest.Matchers.is;
 import static org.hamcrest.xml.HasXPath.hasXPath;
 import static org.junit.Assert.*;
 
+import jenkins.security.ApiTokenPropertyConfiguration;
 import jenkins.security.SecurityListener;
 import org.apache.commons.lang.StringUtils;
 import org.junit.Before;
@@ -167,6 +168,8 @@ public class HudsonPrivateSecurityRealmTest {
     @Issue("SECURITY-243")
     @Test
     public void fullNameCollisionToken() throws Exception {
+        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        
         HudsonPrivateSecurityRealm securityRealm = new HudsonPrivateSecurityRealm(false, false, null);
         j.jenkins.setSecurityRealm(securityRealm);
         
diff --git a/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java b/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java
index b3beadccca..f7156ce513 100644
--- a/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java
+++ b/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java
@@ -115,6 +115,8 @@ public class BasicHeaderProcessorTest {
 
     @Test
     public void testAuthHeaderCaseInSensitive() throws Exception {
+        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         User foo = User.get("foo");
         wc = j.createWebClient();
-- 
GitLab


From 2ce5036cb06a7dab0d4868e9539c8d42e7a5678c Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Wed, 14 Feb 2018 13:29:43 +0100
Subject: [PATCH 157/863] [JENKINS-49543] - Add direct unit test for module
 class whitelisting

(cherry picked from commit 800668ba4305964afe59d8744fcfc24013ff6ee6)
---
 .../main/java/jenkins/security/ClassFilterImpl.java  |  4 +++-
 .../java/jenkins/security/ClassFilterImplTest.java   | 12 ++++++++++++
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/jenkins/security/ClassFilterImpl.java b/core/src/main/java/jenkins/security/ClassFilterImpl.java
index 0c554232b4..22e4645557 100644
--- a/core/src/main/java/jenkins/security/ClassFilterImpl.java
+++ b/core/src/main/java/jenkins/security/ClassFilterImpl.java
@@ -24,6 +24,7 @@
 
 package jenkins.security;
 
+import com.google.common.annotations.VisibleForTesting;
 import com.google.common.collect.ImmutableSet;
 import hudson.ExtensionList;
 import hudson.Main;
@@ -105,7 +106,8 @@ public class ClassFilterImpl extends ClassFilter {
         ClassFilter.setDefault(ClassFilter.NONE); // even Method on the standard blacklist is going to explode
     }
 
-    private ClassFilterImpl() {}
+    @VisibleForTesting
+    /*package*/ ClassFilterImpl() {}
 
     /** Whether a given class is blacklisted. */
     private final Map<Class<?>, Boolean> cache = Collections.synchronizedMap(new WeakHashMap<>());
diff --git a/test/src/test/java/jenkins/security/ClassFilterImplTest.java b/test/src/test/java/jenkins/security/ClassFilterImplTest.java
index 89131e335f..029a5b85bf 100644
--- a/test/src/test/java/jenkins/security/ClassFilterImplTest.java
+++ b/test/src/test/java/jenkins/security/ClassFilterImplTest.java
@@ -36,6 +36,7 @@ import hudson.model.BuildListener;
 import hudson.model.FreeStyleProject;
 import hudson.model.Result;
 import hudson.model.Saveable;
+import hudson.remoting.ClassFilter;
 import hudson.tasks.BuildStepDescriptor;
 import hudson.tasks.Builder;
 import java.io.IOException;
@@ -51,6 +52,7 @@ import static org.junit.Assume.*;
 import org.junit.ClassRule;
 import org.junit.Rule;
 import org.jvnet.hudson.test.BuildWatcher;
+import org.jvnet.hudson.test.Issue;
 import org.jvnet.hudson.test.JenkinsRule;
 import org.jvnet.hudson.test.LoggerRule;
 import org.jvnet.hudson.test.TestExtension;
@@ -149,6 +151,16 @@ public class ClassFilterImplTest {
         assertEquals(Collections.singleton(config), data.keySet());
         assertThat(data.values().iterator().next().extra, allOf(containsString("LinkedListMultimap"), containsString("https://jenkins.io/redirect/class-filter/")));
     }
+
+    @Test
+    @Issue("JENKINS-49543")
+    public void moduleClassesShouldBeWhitelisted() throws Exception {
+        ClassFilterImpl filter = new ClassFilterImpl();
+        filter.check("org.jenkinsci.main.modules.cli.auth.ssh.UserPropertyImpl");
+        filter.check("org.jenkinsci.modules.windows_slave_installer.WindowsSlaveInstaller");
+        filter.check("org.jenkinsci.main.modules.instance_identity.PageDecoratorImpl");
+    }
+
     @TestExtension("xstreamRequiresWhitelist")
     public static class Config extends GlobalConfiguration {
         LinkedListMultimap<?, ?> obj;
-- 
GitLab


From dd3ddf3ceb6428dc0b3a15148d65e8baece0a42c Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 26 Feb 2018 11:17:42 -0500
Subject: [PATCH 158/863] [JENKINS-49543] Old versions of Tomcat also failed to
 serialize classes from Jenkins modules.

(cherry picked from commit 376c6a0add41e0c2049b64edfdd464bb8717ed1b)
---
 core/src/main/java/jenkins/security/ClassFilterImpl.java | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/core/src/main/java/jenkins/security/ClassFilterImpl.java b/core/src/main/java/jenkins/security/ClassFilterImpl.java
index 22e4645557..bbc085b442 100644
--- a/core/src/main/java/jenkins/security/ClassFilterImpl.java
+++ b/core/src/main/java/jenkins/security/ClassFilterImpl.java
@@ -273,6 +273,10 @@ public class ClassFilterImpl extends ClassFilter {
                 r = r.substring(0, r.length() - suffix.length());
             }
         }
+        if (r.startsWith("jar:file:/") && r.endsWith(".jar!/")) {
+            // JENKINS-49543: also an old behavior of Tomcat. Legal enough, but unexpected by isLocationWhitelisted.
+            r = r.substring(4, r.length() - 2);
+        }
         return r;
     }
 
-- 
GitLab


From 2ad96a3d5b5a10f11601d427690e765d654941a7 Mon Sep 17 00:00:00 2001
From: Kseniia Nenasheva <ks.nenasheva@gmail.com>
Date: Sun, 18 Feb 2018 12:05:52 +0100
Subject: [PATCH 159/863] [JENKINS-49387][JENKINS-49520] - Validation errors
 (#3292)

* Fixes for validation

* Fix for an empty agent.nExecutors

(cherry picked from commit 5c8cc45900bf8d78058cecd471840bdbc88215d3)
---
 core/src/main/java/hudson/model/Computer.java          |  3 ++-
 .../hudson/slaves/DumbSlave/configure-entries.jelly    |  2 +-
 .../model/Jenkins/MasterComputer/configure.jelly       |  2 +-
 .../model/MasterBuildConfiguration/config.groovy       |  2 +-
 war/src/main/webapp/scripts/hudson-behavior.js         | 10 ++++++++--
 5 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/core/src/main/java/hudson/model/Computer.java b/core/src/main/java/hudson/model/Computer.java
index dff02c5ab1..a16b96e8f5 100644
--- a/core/src/main/java/hudson/model/Computer.java
+++ b/core/src/main/java/hudson/model/Computer.java
@@ -67,6 +67,7 @@ import jenkins.model.Jenkins;
 import jenkins.util.ContextResettingExecutorService;
 import jenkins.security.MasterToSlaveCallable;
 
+import org.apache.commons.lang.StringUtils;
 import org.jenkins.ui.icon.Icon;
 import org.jenkins.ui.icon.IconSet;
 import org.kohsuke.accmod.Restricted;
@@ -1473,7 +1474,7 @@ public /*transient*/ abstract class Computer extends Actionable implements Acces
         }
 
         String nExecutors = req.getSubmittedForm().getString("numExecutors");
-        if (Integer.parseInt(nExecutors)<=0) {
+        if (StringUtils.isBlank(nExecutors) || Integer.parseInt(nExecutors)<=0) {
             throw new FormException(Messages.Slave_InvalidConfig_Executors(nodeName), "numExecutors");
         }
 
diff --git a/core/src/main/resources/hudson/slaves/DumbSlave/configure-entries.jelly b/core/src/main/resources/hudson/slaves/DumbSlave/configure-entries.jelly
index c06a9e1d35..d9e46f50b6 100644
--- a/core/src/main/resources/hudson/slaves/DumbSlave/configure-entries.jelly
+++ b/core/src/main/resources/hudson/slaves/DumbSlave/configure-entries.jelly
@@ -33,7 +33,7 @@ THE SOFTWARE.
   </f:entry>
 
   <f:entry title="${%# of executors}" field="numExecutors">
-    <f:number clazz="positive-number" min="1" step="1" default="1"/>
+    <f:number clazz="positive-number-required" min="1" step="1" default="1"/>
   </f:entry>
 
   <f:entry title="${%Remote root directory}" field="remoteFS">
diff --git a/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/configure.jelly b/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/configure.jelly
index e06cc9a7a9..3967603159 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/configure.jelly
+++ b/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/configure.jelly
@@ -42,7 +42,7 @@ THE SOFTWARE.
         -->
 
         <f:entry title="${%# of executors}" field="numExecutors">
-          <f:number clazz="non-negative-number" min="0" step="1"/>
+          <f:number clazz="non-negative-number-required" min="0" step="1"/>
         </f:entry>
 
         <f:entry title="${%Labels}" field="labelString">
diff --git a/core/src/main/resources/jenkins/model/MasterBuildConfiguration/config.groovy b/core/src/main/resources/jenkins/model/MasterBuildConfiguration/config.groovy
index f645dcbc41..9ad0aaa0c5 100644
--- a/core/src/main/resources/jenkins/model/MasterBuildConfiguration/config.groovy
+++ b/core/src/main/resources/jenkins/model/MasterBuildConfiguration/config.groovy
@@ -3,7 +3,7 @@ package jenkins.model.MasterBuildConfiguration
 def f=namespace(lib.FormTagLib)
 
 f.entry(title:_("# of executors"), field:"numExecutors") {
-    f.number(clazz:"non-negative-number", min:0, step:1)
+    f.number(clazz:"non-negative-number-required", min:0, step:1)
 }
 f.entry(title:_("Labels"),field:"labelString") {
     f.textbox()
diff --git a/war/src/main/webapp/scripts/hudson-behavior.js b/war/src/main/webapp/scripts/hudson-behavior.js
index 01c1b21861..aedbb069fc 100644
--- a/war/src/main/webapp/scripts/hudson-behavior.js
+++ b/war/src/main/webapp/scripts/hudson-behavior.js
@@ -694,11 +694,17 @@ var jenkinsRules = {
     "INPUT.required" : function(e) { registerRegexpValidator(e,/./,"Field is required"); },
 
 // validate form values to be an integer
-    "INPUT.number" : function(e) { registerRegexpValidator(e,/^\-?(\d+)$/,"Not an integer"); },
-    "INPUT.non-negative-number" : function(e) {
+    "INPUT.number" : function(e) { registerRegexpValidator(e,/^(\d+|)$/,"Not an integer"); },
+    "INPUT.number-required" : function(e) { registerRegexpValidator(e,/^\-?(\d+)$/,"Not an integer"); },
+
+    "INPUT.non-negative-number-required" : function(e) {
         registerRegexpValidator(e,/^\d+$/,"Not a non-negative number");
     },
+
     "INPUT.positive-number" : function(e) {
+        registerRegexpValidator(e,/^(\d*[1-9]\d*|)$/,"Not a positive integer");
+    },
+    "INPUT.positive-number-required" : function(e) {
         registerRegexpValidator(e,/^[1-9]\d*$/,"Not a positive integer");
     },
 
-- 
GitLab


From 565a4799ef812690cc8135a792107766bdd69c33 Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Thu, 1 Mar 2018 12:47:41 +0800
Subject: [PATCH 160/863] Submit button localization

---
 core/src/main/resources/lib/form/submit.jelly |  2 +-
 .../main/resources/lib/form/submit.properties | 23 +++++++++++++++++++
 .../lib/form/submit_zh_CN.properties          | 23 +++++++++++++++++++
 3 files changed, 47 insertions(+), 1 deletion(-)
 create mode 100644 core/src/main/resources/lib/form/submit.properties
 create mode 100644 core/src/main/resources/lib/form/submit_zh_CN.properties

diff --git a/core/src/main/resources/lib/form/submit.jelly b/core/src/main/resources/lib/form/submit.jelly
index 1353da0f2a..fce6a74687 100644
--- a/core/src/main/resources/lib/form/submit.jelly
+++ b/core/src/main/resources/lib/form/submit.jelly
@@ -37,5 +37,5 @@ THE SOFTWARE.
       The text of the submit button. Something like "submit", "OK", etc.
     </s:attribute>
   </s:documentation>
-  <input type="submit" name="${attrs.name ?: 'Submit'}" value="${attrs.value}" class="submit-button primary" />
+  <input type="submit" name="${attrs.name ?: 'Submit'}" value="${attrs.value ?: '%OK'}" class="submit-button primary" />
 </j:jelly>
diff --git a/core/src/main/resources/lib/form/submit.properties b/core/src/main/resources/lib/form/submit.properties
new file mode 100644
index 0000000000..00c548c367
--- /dev/null
+++ b/core/src/main/resources/lib/form/submit.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018 suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+OK=OK
diff --git a/core/src/main/resources/lib/form/submit_zh_CN.properties b/core/src/main/resources/lib/form/submit_zh_CN.properties
new file mode 100644
index 0000000000..eff139048d
--- /dev/null
+++ b/core/src/main/resources/lib/form/submit_zh_CN.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018 suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+OK=\u786e\u5b9a
-- 
GitLab


From 852ecdc5f2a7802fa74f425bd17ba028f787b2c1 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 2 Mar 2018 10:22:29 +0100
Subject: [PATCH 161/863] [JENKINS-49596] - Update Winstone to 4.1.2 (#3307)

* [JENKINS-49596] - Update Winstone to 4.1.1

* [JENKINS-49596] - Pick 4.1.2 with extended session eviction defaults
---
 war/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/war/pom.xml b/war/pom.xml
index 0bad2fee7d..b702a914f6 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -89,7 +89,7 @@ THE SOFTWARE.
       -->
       <groupId>org.jenkins-ci</groupId>
       <artifactId>winstone</artifactId>
-      <version>4.1</version>
+      <version>4.1.2</version>
       <scope>test</scope>
     </dependency>
     <dependency>
-- 
GitLab


From 8f512603231a0c6f5a219d0698cb94720d15a041 Mon Sep 17 00:00:00 2001
From: Daniel Trebbien <dtrebbien@gmail.com>
Date: Sat, 3 Mar 2018 04:04:29 -0800
Subject: [PATCH 162/863] hudson.Util improvements (#3226)

* Organize imports

* Use StandardCharsets

* Delete a redundant cast

* Replace use of _ as an identifier

_ is a keyword in Java 9.

* Use Logger message formatting

* Use fileToPath()

* Switch to using Files.createTempDirectory()

* Document that Util.touch() will truncate an existing file

* Replace an unnecessary use of Throwable.initCause()

* Implement deprecated copyStream() using IOUtils

* Copy to NULL_OUTPUT_STREAM

Also, closing source is moved to a finally block, to guarantee that it
will be closed per the documentation; it was technically possible for
the input stream to not be closed if construction of the MessageDigest,
DigestInputStream, or byte[] buffer failed for some reason (e.g. out of
memory).

* Delete an unnecessary try-with-resources

* Throw an IllegalArgumentException if data has odd length

Previously, a StringIndexOutOfBoundsException would be thrown, which is
less clear.

* Specify expanded POSIX file permissions
---
 core/src/main/java/hudson/Util.java | 139 ++++++++++++++--------------
 1 file changed, 71 insertions(+), 68 deletions(-)

diff --git a/core/src/main/java/hudson/Util.java b/core/src/main/java/hudson/Util.java
index ba9890b7bd..88f466077d 100644
--- a/core/src/main/java/hudson/Util.java
+++ b/core/src/main/java/hudson/Util.java
@@ -23,15 +23,16 @@
  */
 package hudson;
 
-import java.nio.file.InvalidPathException;
-import jenkins.util.SystemProperties;
-
 import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
+
 import hudson.model.TaskListener;
 import hudson.util.QuotedStringTokenizer;
 import hudson.util.VariableResolver;
+import jenkins.util.SystemProperties;
 
+import org.apache.commons.codec.digest.DigestUtils;
 import org.apache.commons.io.IOUtils;
+import org.apache.commons.io.output.NullOutputStream;
 import org.apache.commons.lang.time.FastDateFormat;
 import org.apache.tools.ant.BuildException;
 import org.apache.tools.ant.Project;
@@ -41,9 +42,6 @@ import org.apache.tools.ant.types.FileSet;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 
-import javax.crypto.SecretKey;
-import javax.crypto.spec.SecretKeySpec;
-
 import java.io.*;
 import java.lang.reflect.Method;
 import java.lang.reflect.Modifier;
@@ -56,9 +54,12 @@ import java.nio.CharBuffer;
 import java.nio.charset.CharacterCodingException;
 import java.nio.charset.Charset;
 import java.nio.charset.CharsetEncoder;
+import java.nio.charset.StandardCharsets;
 import java.nio.file.FileAlreadyExistsException;
 import java.nio.file.FileSystemException;
+import java.nio.file.FileSystems;
 import java.nio.file.Files;
+import java.nio.file.InvalidPathException;
 import java.nio.file.LinkOption;
 import java.nio.file.NoSuchFileException;
 import java.nio.file.Path;
@@ -67,6 +68,8 @@ import java.nio.file.attribute.PosixFilePermission;
 import java.nio.file.attribute.BasicFileAttributes;
 import java.nio.file.attribute.PosixFileAttributes;
 import java.nio.file.attribute.DosFileAttributes;
+import java.nio.file.attribute.PosixFilePermissions;
+import java.security.DigestInputStream;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.text.NumberFormat;
@@ -75,17 +78,16 @@ import java.util.*;
 import java.util.concurrent.TimeUnit;
 import java.util.concurrent.atomic.AtomicBoolean;
 import java.util.logging.Level;
+import java.util.logging.LogRecord;
 import java.util.logging.Logger;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
-import java.security.DigestInputStream;
-
 import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
-
-import org.apache.commons.codec.digest.DigestUtils;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
 
 /**
  * Various utility methods that don't have more proper home.
@@ -313,7 +315,7 @@ public class Util {
         if (!Functions.isWindows()) {
             try {
                 PosixFileAttributes attrs = Files.readAttributes(path, PosixFileAttributes.class);
-                Set<PosixFilePermission> newPermissions = ((PosixFileAttributes)attrs).permissions();
+                Set<PosixFilePermission> newPermissions = attrs.permissions();
                 newPermissions.add(PosixFilePermission.OWNER_WRITE);
                 Files.setPosixFilePermissions(path, newPermissions);
                 return;
@@ -506,7 +508,7 @@ public class Util {
          *  calling readAttributes.
          */
         try {
-            Path path = file.toPath();
+            Path path = fileToPath(file);
             BasicFileAttributes attrs = Files.readAttributes(path, BasicFileAttributes.class, LinkOption.NOFOLLOW_LINKS);
             if (attrs.isSymbolicLink()) {
                 return true;
@@ -519,8 +521,6 @@ public class Util {
             } else {
                 return false;
             }
-        } catch (InvalidPathException e) {
-            throw new IOException(e);
         } catch (NoSuchFileException e) {
             return false;
         }
@@ -560,25 +560,35 @@ public class Util {
      * @see InvalidPathException
      */
     public static boolean isDescendant(File forParent, File potentialChild) throws IOException {
-        try {
-            Path child = potentialChild.getAbsoluteFile().toPath().normalize();
-            Path parent = forParent.getAbsoluteFile().toPath().normalize();
-            return child.startsWith(parent);
-        } catch (InvalidPathException e) {
-            throw new IOException(e);
-        }
+        Path child = fileToPath(potentialChild.getAbsoluteFile()).normalize();
+        Path parent = fileToPath(forParent.getAbsoluteFile()).normalize();
+        return child.startsWith(parent);
     }
 
     /**
      * Creates a new temporary directory.
      */
     public static File createTempDir() throws IOException {
-        File tmp = File.createTempFile("jenkins", "tmp");
-        if(!tmp.delete())
-            throw new IOException("Failed to delete "+tmp);
-        if(!tmp.mkdirs())
-            throw new IOException("Failed to create a new directory "+tmp);
-        return tmp;
+        // The previously used approach of creating a temporary file, deleting
+        // it, and making a new directory having the same name in its place is
+        // potentially  problematic:
+        // https://stackoverflow.com/questions/617414/how-to-create-a-temporary-directory-folder-in-java
+        // We can use the Java 7 Files.createTempDirectory() API, but note that
+        // by default, the permissions of the created directory are 0700&(~umask)
+        // whereas the old approach created a temporary directory with permissions
+        // 0777&(~umask).
+        // To avoid permissions problems like https://issues.jenkins-ci.org/browse/JENKINS-48407
+        // we can pass POSIX file permissions as an attribute (see, for example,
+        // https://github.com/jenkinsci/jenkins/pull/3161 )
+        final Path tempPath;
+        final String tempDirNamePrefix = "jenkins";
+        if (FileSystems.getDefault().supportedFileAttributeViews().contains("posix")) {
+            tempPath = Files.createTempDirectory(tempDirNamePrefix,
+                    PosixFilePermissions.asFileAttribute(EnumSet.allOf(PosixFilePermission.class)));
+        } else {
+            tempPath = Files.createTempDirectory(tempDirNamePrefix);
+        }
+        return tempPath.toFile();
     }
 
     private static final Pattern errorCodeParser = Pattern.compile(".*CreateProcess.*error=([0-9]+).*");
@@ -613,7 +623,7 @@ public class Util {
                 try {
                     ResourceBundle rb = ResourceBundle.getBundle("/hudson/win32errors");
                     return rb.getString("error"+m.group(1));
-                } catch (Exception _) {
+                } catch (Exception ignored) {
                     // silently recover from resource related failures
                 }
             }
@@ -658,10 +668,7 @@ public class Util {
      */
     @Deprecated
     public static void copyStream(@Nonnull InputStream in,@Nonnull OutputStream out) throws IOException {
-        byte[] buf = new byte[8192];
-        int len;
-        while((len=in.read(buf))>=0)
-            out.write(buf,0,len);
+        IOUtils.copy(in, out);
     }
 
     /**
@@ -669,10 +676,7 @@ public class Util {
      */
     @Deprecated
     public static void copyStream(@Nonnull Reader in, @Nonnull Writer out) throws IOException {
-        char[] buf = new char[8192];
-        int len;
-        while((len=in.read(buf))>0)
-            out.write(buf,0,len);
+        IOUtils.copy(in, out);
     }
 
     /**
@@ -681,7 +685,7 @@ public class Util {
     @Deprecated
     public static void copyStreamAndClose(@Nonnull InputStream in, @Nonnull OutputStream out) throws IOException {
         try (InputStream _in = in; OutputStream _out = out) { // make sure both are closed, and use Throwable.addSuppressed
-            copyStream(in,out);
+            IOUtils.copy(_in, _out);
         }
     }
 
@@ -691,7 +695,7 @@ public class Util {
     @Deprecated
     public static void copyStreamAndClose(@Nonnull Reader in, @Nonnull Writer out) throws IOException {
         try (Reader _in = in; Writer _out = out) {
-            copyStream(in,out);
+            IOUtils.copy(_in, _out);
         }
     }
 
@@ -781,15 +785,15 @@ public class Util {
     public static String getDigestOf(@Nonnull InputStream source) throws IOException {
         try {
             MessageDigest md5 = MessageDigest.getInstance("MD5");
-
-            byte[] buffer = new byte[1024];
-            try (DigestInputStream in = new DigestInputStream(source, md5)) {
-                while (in.read(buffer) >= 0)
-                    ; // simply discard the input
-            }
+            DigestInputStream in = new DigestInputStream(source, md5);
+            // Note: IOUtils.copy() buffers the input internally, so there is no
+            // need to use a BufferedInputStream.
+            IOUtils.copy(in, NullOutputStream.NULL_OUTPUT_STREAM);
             return toHexString(md5.digest());
         } catch (NoSuchAlgorithmException e) {
             throw new IOException("MD5 not installed",e);    // impossible
+        } finally {
+            source.close();
         }
         /* JENKINS-18178: confuses Maven 2 runner
         try {
@@ -803,7 +807,7 @@ public class Util {
     @Nonnull
     public static String getDigestOf(@Nonnull String text) {
         try {
-            return getDigestOf(new ByteArrayInputStream(text.getBytes("UTF-8")));
+            return getDigestOf(new ByteArrayInputStream(text.getBytes(StandardCharsets.UTF_8)));
         } catch (IOException e) {
             throw new Error(e);
         }
@@ -818,11 +822,8 @@ public class Util {
      */
     @Nonnull
     public static String getDigestOf(@Nonnull File file) throws IOException {
-        try (InputStream is = Files.newInputStream(file.toPath())) {
-            return getDigestOf(new BufferedInputStream(is));
-        } catch (InvalidPathException e) {
-            throw new IOException(e);
-        }
+        // Note: getDigestOf() closes the input stream.
+        return getDigestOf(Files.newInputStream(fileToPath(file)));
     }
 
     /**
@@ -835,14 +836,12 @@ public class Util {
             // turn secretKey into 256 bit hash
             MessageDigest digest = MessageDigest.getInstance("SHA-256");
             digest.reset();
-            digest.update(s.getBytes("UTF-8"));
+            digest.update(s.getBytes(StandardCharsets.UTF_8));
 
             // Due to the stupid US export restriction JDK only ships 128bit version.
             return new SecretKeySpec(digest.digest(),0,128/8, "AES");
         } catch (NoSuchAlgorithmException e) {
             throw new Error(e);
-        } catch (UnsupportedEncodingException e) {
-            throw new Error(e);
         }
     }
 
@@ -864,6 +863,8 @@ public class Util {
 
     @Nonnull
     public static byte[] fromHexString(@Nonnull String data) {
+        if (data.length() % 2 != 0)
+            throw new IllegalArgumentException("data must have an even number of hexadecimal digits");
         byte[] r = new byte[data.length() / 2];
         for (int i = 0; i < data.length(); i += 2)
             r[i / 2] = (byte) Integer.parseInt(data.substring(i, i + 2), 16);
@@ -994,7 +995,7 @@ public class Util {
             StringBuilder out = new StringBuilder(s.length());
 
             ByteArrayOutputStream buf = new ByteArrayOutputStream();
-            OutputStreamWriter w = new OutputStreamWriter(buf,"UTF-8");
+            OutputStreamWriter w = new OutputStreamWriter(buf, StandardCharsets.UTF_8);
 
             for (int i = 0; i < s.length(); i++) {
                 int c = s.charAt(i);
@@ -1057,7 +1058,7 @@ public class Util {
                 if (!escaped) {
                     out = new StringBuilder(i + (m - i) * 3);
                     out.append(s.substring(0, i));
-                    enc = Charset.forName("UTF-8").newEncoder();
+                    enc = StandardCharsets.UTF_8.newEncoder();
                     buf = CharBuffer.allocate(1);
                     escaped = true;
                 }
@@ -1151,14 +1152,13 @@ public class Util {
     }
 
     /**
-     * Creates an empty file.
+     * Creates an empty file if nonexistent or truncates the existing file.
+     * Note: The behavior of this method in the case where the file already
+     * exists is unlike the POSIX <code>touch</code> utility which merely
+     * updates the file's access and/or modification time.
      */
     public static void touch(@Nonnull File file) throws IOException {
-        try {
-            Files.newOutputStream(file.toPath()).close();
-        } catch (InvalidPathException e) {
-            throw new IOException(e);
-        }
+        Files.newOutputStream(fileToPath(file)).close();
     }
 
     /**
@@ -1325,7 +1325,7 @@ public class Util {
     public static void createSymlink(@Nonnull File baseDir, @Nonnull String targetPath,
             @Nonnull String symlinkPath, @Nonnull TaskListener listener) throws InterruptedException {
         try {
-            Path path = new File(baseDir, symlinkPath).toPath();
+            Path path = fileToPath(new File(baseDir, symlinkPath));
             Path target = Paths.get(targetPath, new String[0]);
 
             final int maxNumberOfTries = 4;
@@ -1340,7 +1340,7 @@ public class Util {
                         TimeUnit.MILLISECONDS.sleep(timeInMillis); //trying to defeat likely ongoing race condition
                         continue;
                     }
-                    LOGGER.warning("symlink FileAlreadyExistsException thrown " + maxNumberOfTries + " times => cannot createSymbolicLink");
+                    LOGGER.log(Level.WARNING, "symlink FileAlreadyExistsException thrown {0} times => cannot createSymbolicLink", maxNumberOfTries);
                     throw fileAlreadyExistsException;
                 }
             }
@@ -1348,7 +1348,7 @@ public class Util {
             PrintStream log = listener.getLogger();
             log.print("Symbolic links are not supported on this platform");
             Functions.printStackTrace(e, log);
-        } catch (InvalidPathException | IOException e) {
+        } catch (IOException e) {
             if (Functions.isWindows() && e instanceof FileSystemException) {
                 warnWindowsSymlink();
                 return;
@@ -1405,7 +1405,7 @@ public class Util {
     @CheckForNull
     public static String resolveSymlink(@Nonnull File link) throws InterruptedException, IOException {
         try {
-            Path path =  link.toPath();
+            Path path = fileToPath(link);
             return Files.readSymbolicLink(path).toString();
         } catch (UnsupportedOperationException | FileSystemException x) {
             // no symlinks on this platform (windows?),
@@ -1415,7 +1415,7 @@ public class Util {
         } catch (IOException x) {
             throw x;
         } catch (Exception x) {
-            throw (IOException) new IOException(x.toString()).initCause(x);
+            throw new IOException(x);
         }
     }
 
@@ -1436,7 +1436,7 @@ public class Util {
         try {
             return new URI(null,url,null).toASCIIString();
         } catch (URISyntaxException e) {
-            LOGGER.warning("Failed to encode "+url);    // could this ever happen?
+            LOGGER.log(Level.WARNING, "Failed to encode {0}", url);    // could this ever happen?
             return url;
         }
     }
@@ -1594,7 +1594,10 @@ public class Util {
         try {
             toClose.close();
         } catch(IOException ex) {
-            logger.log(Level.WARNING, String.format("Failed to close %s of %s", closeableName, closeableOwner), ex);
+            LogRecord record = new LogRecord(Level.WARNING, "Failed to close {0} of {1}");
+            record.setParameters(new Object[] { closeableName, closeableOwner });
+            record.setThrown(ex);
+            logger.log(record);
         }
     }
 
-- 
GitLab


From 7d8dcaad78274fede3bc3c7478bf2f33db325b89 Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Sat, 3 Mar 2018 23:02:13 +0800
Subject: [PATCH 163/863] Add Chinese translation

---
 .../block-downstream-building_zh_CN.html      |  3 ++
 .../custom-workspace_zh_CN.html               | 23 ++++++++++
 .../help/run-config/description_zh_CN.html    |  3 ++
 .../help/run-config/displayName_zh_CN.html    |  3 ++
 .../master-slave/clock_zh_CN.html             |  4 ++
 .../demand/keepUpWhenActive_zh_CN.html        |  3 ++
 .../master-slave/jnlp-tunnel_zh_CN.html       | 15 +++++++
 .../master-slave/jnlpSecurity_zh_CN.html      | 42 +++++++++++++++++++
 8 files changed, 96 insertions(+)
 create mode 100644 war/src/main/webapp/help/project-config/block-downstream-building_zh_CN.html
 create mode 100644 war/src/main/webapp/help/project-config/custom-workspace_zh_CN.html
 create mode 100644 war/src/main/webapp/help/run-config/description_zh_CN.html
 create mode 100644 war/src/main/webapp/help/run-config/displayName_zh_CN.html
 create mode 100644 war/src/main/webapp/help/system-config/master-slave/clock_zh_CN.html
 create mode 100644 war/src/main/webapp/help/system-config/master-slave/demand/keepUpWhenActive_zh_CN.html
 create mode 100644 war/src/main/webapp/help/system-config/master-slave/jnlp-tunnel_zh_CN.html
 create mode 100644 war/src/main/webapp/help/system-config/master-slave/jnlpSecurity_zh_CN.html

diff --git a/war/src/main/webapp/help/project-config/block-downstream-building_zh_CN.html b/war/src/main/webapp/help/project-config/block-downstream-building_zh_CN.html
new file mode 100644
index 0000000000..08c696634c
--- /dev/null
+++ b/war/src/main/webapp/help/project-config/block-downstream-building_zh_CN.html
@@ -0,0 +1,3 @@
+<div>
+ 该选项勾选后，当有子工程在排队或者构建时Jenkins将会阻塞该工程的构建。子工程包括直接和间接的。
+</div>
diff --git a/war/src/main/webapp/help/project-config/custom-workspace_zh_CN.html b/war/src/main/webapp/help/project-config/custom-workspace_zh_CN.html
new file mode 100644
index 0000000000..1fd084b556
--- /dev/null
+++ b/war/src/main/webapp/help/project-config/custom-workspace_zh_CN.html
@@ -0,0 +1,23 @@
+<div>
+  Jenkins 会为每项任务分配一个独立的“工作区目录”。这个目录会被用来检出代码并执行构建的。
+  一般情况下您应该让Jenkins分配及清除工作区目录，但在某些情况下这是有问题的，
+  在这些情况下，此选项可以让您手动设定工作区目录
+
+  <p>
+    一种可能的情况是您的代码中的路径是写死的，只能在特定位置才能构建。
+    毋庸置疑的这种构建一点儿也不妙，但是这个选项是能让您继续进行下去。
+
+  <p>
+    另一种适用情况是当您适用项目类型不执行软件构建，但执行某个批处理任务，或许是作为cron的替代。
+    在这种情况下，您可以适用此选项将相关目录映射为工作区，以便人们可以通过Jenkins网页查看文件。
+    您执行相关命令也可以更轻松。
+
+  <p>
+    如果您处于分布式构建环境中，除非将任务绑定到特定节点，否则Jenkins可能会将作业分配到不同的节点。
+    有时这是可取的，有时这是不可取的。另外，您可以将多个项目映射到同一工作区，但是如果这样做，请确保
+    项目同时执行时彼此不会有干扰。
+
+  <p>
+    如果使用相对路径，在节点上会从远端档案系统根目录开始算起；
+    在Master上则从<code>$JENKINS_HOME</code> 开始。
+</div>
\ No newline at end of file
diff --git a/war/src/main/webapp/help/run-config/description_zh_CN.html b/war/src/main/webapp/help/run-config/description_zh_CN.html
new file mode 100644
index 0000000000..0f2b15bdf4
--- /dev/null
+++ b/war/src/main/webapp/help/run-config/description_zh_CN.html
@@ -0,0 +1,3 @@
+<div>
+    该描述会在构建页面的顶部显示，以便让大家了解构建的内容。你可以使用任意HTML标签（或者配置好的标记语言）。
+</div>
diff --git a/war/src/main/webapp/help/run-config/displayName_zh_CN.html b/war/src/main/webapp/help/run-config/displayName_zh_CN.html
new file mode 100644
index 0000000000..5b28f02d05
--- /dev/null
+++ b/war/src/main/webapp/help/run-config/displayName_zh_CN.html
@@ -0,0 +1,3 @@
+<div>
+    设置后会替换默认的"#NNN"，并指向当前构建。设置为空则显示默认的。
+</div>
\ No newline at end of file
diff --git a/war/src/main/webapp/help/system-config/master-slave/clock_zh_CN.html b/war/src/main/webapp/help/system-config/master-slave/clock_zh_CN.html
new file mode 100644
index 0000000000..965cf9c448
--- /dev/null
+++ b/war/src/main/webapp/help/system-config/master-slave/clock_zh_CN.html
@@ -0,0 +1,4 @@
+<div>
+  对于一个构建任务来说，很多时候是对时钟敏感的。因此，如果Jenkins和运行构建的节点上时钟不一致的话，可能会引起诡异的问题。
+  可以考虑利用NTP来同步时钟。
+</div>
diff --git a/war/src/main/webapp/help/system-config/master-slave/demand/keepUpWhenActive_zh_CN.html b/war/src/main/webapp/help/system-config/master-slave/demand/keepUpWhenActive_zh_CN.html
new file mode 100644
index 0000000000..8b1f9a82eb
--- /dev/null
+++ b/war/src/main/webapp/help/system-config/master-slave/demand/keepUpWhenActive_zh_CN.html
@@ -0,0 +1,3 @@
+<div>
+  如果勾选，如果该节点上还有构建任务，即使该已经计划要下线，Jenkins还会等构建结束后再使之下线。
+</div>
diff --git a/war/src/main/webapp/help/system-config/master-slave/jnlp-tunnel_zh_CN.html b/war/src/main/webapp/help/system-config/master-slave/jnlp-tunnel_zh_CN.html
new file mode 100644
index 0000000000..514835865c
--- /dev/null
+++ b/war/src/main/webapp/help/system-config/master-slave/jnlp-tunnel_zh_CN.html
@@ -0,0 +1,15 @@
+<div>
+    当从节点通过JNLP启动后，节点会尝试与Jenkins指定的TCP端口连接，作为通讯通道。
+    但某些对安全敏感的网络可能会阻止该连接。
+    当Jenkins在一个负载均衡环境中运行时，也是有可能发生的，通过
+    <a href="http://www.serverwatch.com/tutorials/article.php/3290851">apache 反向代理</a>
+    到 <a href="http://en.wikipedia.org/wiki/Demilitarized_zone_(computing)">DMZ</a> 等等。
+
+    <p>
+    该通道选项，允许你指定其他的主机（或者端口），这对以上情况是很有用的。该字段的格式可以是"<tt>HOST:PORT</tt>"， "<tt>:PORT</tt>"，
+    或者"<tt>HOST:</tt>"。第一种格式下，JNLP 代理会连接指定的主机和端口，并且假设已经配置好了网络。
+
+    <p>
+    后面的两种格式，使用默认的主机名和端口号（主机名是Jenkins所运行的主机，TCP端口是Jenkins打开的端口）。在特殊情况下，<tt>HOST:</tt> format
+    这种格式是当Jenkins运行在反向代理环境下。
+</div>
\ No newline at end of file
diff --git a/war/src/main/webapp/help/system-config/master-slave/jnlpSecurity_zh_CN.html b/war/src/main/webapp/help/system-config/master-slave/jnlpSecurity_zh_CN.html
new file mode 100644
index 0000000000..ee0a2d4bed
--- /dev/null
+++ b/war/src/main/webapp/help/system-config/master-slave/jnlpSecurity_zh_CN.html
@@ -0,0 +1,42 @@
+<div>
+    控制 Jenkins 如何允许通过JNLP启动。
+
+    <dl>
+        <dt><b>
+            只能由“节点”页面启动。安全性启用时需要登录。
+        </b></dt>
+        <dd>
+            <em>这是预设也是最常用的设定。</em>
+            该模式下，Jenkins会在节点页面里显示JNLP启动链接。
+            在启用安全性的情况下，只有验证通过的用户才能看到链接。
+        </dd>
+
+        <dt><b>
+            由页面启动。如果启用安全设置的话需要登录。
+        </b></dt>
+        <dd>
+            此模式下，Jenkins提供JNLP的启动链接在节点界面和执行状态侧栏。
+            如果启用安全设置，只有验证通过的用户才能看到链接。
+        </dd>
+
+        <dt><b>
+            只能通过节点界面启动，永远不要求登录。
+        </b></dt>
+        <dd>
+            此模式下，Jenkins会在节点页面里显示JNLP启动链接。
+            不管节点是否离线都会显示链接。
+            <br />
+            <b>警告！</b> 这个模式是不安全性。所以节点可以被 <em> 任何能访问该服务器的人 </em>启动。
+            从节点可以在主节点上执行任意代码。  <b>不要使用该选项，除非你对风险很清楚</b>
+        </dd>
+
+        <!--dt><b>
+            由页面启动。不需要登录。
+        </b></dt>
+        <dd>
+            此模式下，Jenkins在节点页面和执行状态册栏提供JNLP启动链接。
+            不管节点是否在线都会显示该链接。
+        </dd-->
+
+    </dl>
+</div>
\ No newline at end of file
-- 
GitLab


From c816f9655b5594333e65c8dc68d13ecf5c75901f Mon Sep 17 00:00:00 2001
From: Devin Nusbaum <dwnusbaum@users.noreply.github.com>
Date: Sat, 3 Mar 2018 19:00:45 -0500
Subject: [PATCH 164/863] [JENKINS-22936] Move rename logic to AbstractItem
 (#3289)

* Move rename infrastructure to a dedicated page at the AbstractItem level

* Preserve existing translations where applicable

* Keep doDoRename method at Job level and remove unneeded compatibility page

* Fix tests

* Fix Javadoc

* Update existing rename tests to use new page

* Update test names for clarity

* Add since tag for newly introduced APIs

* Apply project naming strategy to all renamed items, not just jobs

* Use shorthand accessor

* Clean up Job#doDoRename and deprecate it

* Use new-style web method for doDoRename2

* Remove CheckForNull tag from void method and update Javadoc

* Change names to doConfirmRename and confirm-rename.jelly

* Rename index.jelly to action.jelly and use j:if tag correctly

* Update permission check and remove unused import

* Use new url and update method name in test

* Fix Javadoc

* Fix URL in JobTest

* Update Javadoc for AbstractItem#isNameEditable
---
 .../main/java/hudson/model/AbstractItem.java  | 111 ++++++++++++++++++
 core/src/main/java/hudson/model/Job.java      | 109 ++---------------
 .../main/java/jenkins/model/RenameAction.java |  70 +++++++++++
 .../confirm-rename.jelly}                     |  46 ++------
 .../confirm-rename.properties}                |   8 +-
 .../hudson/model/Job/configure.jelly          |   5 -
 .../hudson/model/Job/rename.properties        |  28 -----
 .../hudson/model/Job/rename_bg.properties     |  37 ------
 .../hudson/model/Job/rename_da.properties     |  28 -----
 .../hudson/model/Job/rename_de.properties     |  27 -----
 .../hudson/model/Job/rename_es.properties     |  28 -----
 .../hudson/model/Job/rename_fr.properties     |  25 ----
 .../hudson/model/Job/rename_it.properties     |   6 -
 .../hudson/model/Job/rename_ja.properties     |  27 -----
 .../hudson/model/Job/rename_pt_BR.properties  |  33 ------
 .../hudson/model/Job/rename_ru.properties     |   8 --
 .../hudson/model/Job/rename_sr.properties     |   8 --
 .../hudson/model/Job/rename_zh_CN.properties  |  28 -----
 .../hudson/model/Job/rename_zh_TW.properties  |  30 -----
 .../hudson/model/Messages.properties          |   6 +-
 .../hudson/model/Messages_bg.properties       |   5 +-
 .../hudson/model/Messages_da.properties       |   2 +
 .../hudson/model/Messages_de.properties       |   2 +
 .../hudson/model/Messages_es.properties       |   2 +
 .../hudson/model/Messages_it.properties       |   3 +-
 .../hudson/model/Messages_ja.properties       |   2 +
 .../hudson/model/Messages_pt_BR.properties    |   3 +
 .../hudson/model/Messages_ru.properties       |   3 +
 .../hudson/model/Messages_sr.properties       |   2 +
 .../hudson/model/Messages_zh_CN.properties    |   3 +
 .../hudson/model/Messages_zh_TW.properties    |   2 +
 .../jenkins/model/RenameAction/action.jelly   |  31 +++++
 .../java/hudson/model/AbstractItemTest.java   | 104 +++++++++++++++-
 test/src/test/java/hudson/model/JobTest.java  |  36 ++----
 34 files changed, 384 insertions(+), 484 deletions(-)
 create mode 100644 core/src/main/java/jenkins/model/RenameAction.java
 rename core/src/main/resources/hudson/model/{Job/rename.jelly => AbstractItem/confirm-rename.jelly} (51%)
 rename core/src/main/resources/hudson/model/{Job/rename_sv_SE.properties => AbstractItem/confirm-rename.properties} (87%)
 delete mode 100644 core/src/main/resources/hudson/model/Job/rename.properties
 delete mode 100644 core/src/main/resources/hudson/model/Job/rename_bg.properties
 delete mode 100644 core/src/main/resources/hudson/model/Job/rename_da.properties
 delete mode 100644 core/src/main/resources/hudson/model/Job/rename_de.properties
 delete mode 100644 core/src/main/resources/hudson/model/Job/rename_es.properties
 delete mode 100644 core/src/main/resources/hudson/model/Job/rename_fr.properties
 delete mode 100644 core/src/main/resources/hudson/model/Job/rename_it.properties
 delete mode 100644 core/src/main/resources/hudson/model/Job/rename_ja.properties
 delete mode 100644 core/src/main/resources/hudson/model/Job/rename_pt_BR.properties
 delete mode 100644 core/src/main/resources/hudson/model/Job/rename_ru.properties
 delete mode 100644 core/src/main/resources/hudson/model/Job/rename_sr.properties
 delete mode 100644 core/src/main/resources/hudson/model/Job/rename_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/Job/rename_zh_TW.properties
 create mode 100644 core/src/main/resources/jenkins/model/RenameAction/action.jelly

diff --git a/core/src/main/java/hudson/model/AbstractItem.java b/core/src/main/java/hudson/model/AbstractItem.java
index e06a3f1988..22e27022ea 100644
--- a/core/src/main/java/hudson/model/AbstractItem.java
+++ b/core/src/main/java/hudson/model/AbstractItem.java
@@ -36,12 +36,14 @@ import hudson.model.listeners.ItemListener;
 import hudson.model.listeners.SaveableListener;
 import hudson.model.queue.Tasks;
 import hudson.model.queue.WorkUnit;
+import hudson.security.ACLContext;
 import hudson.security.AccessControlled;
 import hudson.security.Permission;
 import hudson.security.ACL;
 import hudson.util.AlternativeUiTextProvider;
 import hudson.util.AlternativeUiTextProvider.Message;
 import hudson.util.AtomicFileWriter;
+import hudson.util.FormValidation;
 import hudson.util.IOUtils;
 import hudson.util.Secret;
 import java.util.Iterator;
@@ -72,12 +74,16 @@ import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 import javax.annotation.Nonnull;
 
+import org.acegisecurity.AccessDeniedException;
+import org.kohsuke.stapler.HttpResponse;
+import org.kohsuke.stapler.HttpResponses;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.StaplerResponse;
 import org.kohsuke.stapler.Stapler;
 import org.kohsuke.stapler.HttpDeletable;
 import org.kohsuke.args4j.Argument;
 import org.kohsuke.args4j.CmdLineException;
+import org.kohsuke.stapler.QueryParameter;
 import org.kohsuke.stapler.interceptor.RequirePOST;
 import org.xml.sax.SAXException;
 
@@ -228,6 +234,111 @@ public abstract class AbstractItem extends Actionable implements Item, HttpDelet
         this.name = name;
     }
 
+    /**
+     * Controls whether the default rename action is available for this item.
+     *
+     * @return whether {@link #name} can be modified by a user
+     * @see #checkRename
+     * @see #renameTo
+     * @since FIXME
+     */
+    public boolean isNameEditable() {
+        return false;
+    }
+
+    /**
+     * Renames this item
+     */
+    @RequirePOST
+    @Restricted(NoExternalUse.class)
+    public HttpResponse doConfirmRename(@QueryParameter String newName) throws IOException {
+        newName = newName == null ? null : newName.trim();
+        FormValidation validationError = doCheckNewName(newName);
+        if (validationError.kind != FormValidation.Kind.OK) {
+            throw new Failure(validationError.getMessage());
+        }
+
+        renameTo(newName);
+        // send to the new job page
+        // note we can't use getUrl() because that would pick up old name in the
+        // Ancestor.getUrl()
+        return HttpResponses.redirectTo("../" + newName);
+    }
+
+    /**
+     * Called by {@link #doConfirmRename} and {@code rename.jelly} to validate renames.
+     * @return {@link FormValidation#ok} if this item can be renamed as specified, otherwise
+     * {@link FormValidation#error} with a message explaining the problem.
+     */
+    @Restricted(NoExternalUse.class)
+    public @Nonnull FormValidation doCheckNewName(@QueryParameter String newName) {
+        // TODO: Create an Item.RENAME permission to use here, see JENKINS-18649.
+        if (!hasPermission(Item.CONFIGURE)) {
+            if (parent instanceof AccessControlled) {
+                ((AccessControlled)parent).checkPermission(Item.CREATE);
+            }
+            checkPermission(Item.DELETE);
+        }
+
+        newName = newName == null ? null : newName.trim();
+        try {
+            Jenkins.checkGoodName(newName);
+            assert newName != null; // Would have thrown Failure
+            Jenkins.get().getProjectNamingStrategy().checkName(newName);
+            checkIfNameIsUsed(newName);
+            checkRename(newName);
+        } catch (Failure e) {
+            return FormValidation.error(e.getMessage());
+        }
+        return FormValidation.ok();
+    }
+
+    /**
+     * Check new name for job
+     * @param newName - New name for job.
+     */
+    private void checkIfNameIsUsed(@Nonnull String newName) throws Failure {
+        try {
+            Item item = getParent().getItem(newName);
+            if (item != null) {
+                throw new Failure(Messages.AbstractItem_NewNameInUse(newName));
+            }
+            try (ACLContext ctx = ACL.as(ACL.SYSTEM)) {
+                item = getParent().getItem(newName);
+                if (item != null) {
+                    if (LOGGER.isLoggable(Level.FINE)) {
+                        LOGGER.log(Level.FINE, "Unable to rename the job {0}: name {1} is already in use. " +
+                                "User {2} has no {3} permission for existing job with the same name",
+                                new Object[] {this.getFullName(), newName, ctx.getPreviousContext().getAuthentication().getName(), Item.DISCOVER.name} );
+                    }
+                    // Don't explicitly mention that there is another item with the same name.
+                    throw new Failure(Messages.Jenkins_NotAllowedName(newName));
+                }
+            }
+        } catch(AccessDeniedException ex) {
+            if (LOGGER.isLoggable(Level.FINE)) {
+                LOGGER.log(Level.FINE, "Unable to rename the job {0}: name {1} is already in use. " +
+                        "User {2} has {3} permission, but no {4} for existing job with the same name",
+                        new Object[] {this.getFullName(), newName, User.current(), Item.DISCOVER.name, Item.READ.name} );
+            }
+            throw new Failure(Messages.AbstractItem_NewNameInUse(newName));
+        }
+    }
+
+    /**
+     * Allows subclasses to block renames for domain-specific reasons. Generic validation of the new name
+     * (e.g., null checking, checking for illegal characters, and checking that the name is not in use)
+     * always happens prior to calling this method.
+     *
+     * @param newName the new name for the item
+     * @throws Failure if the rename should be blocked
+     * @since FIXME
+     * @see Job#checkRename
+     */
+    protected void checkRename(@Nonnull String newName) throws Failure {
+
+    }
+
     /**
      * Renames this item.
      * Not all the Items need to support this operation, but if you decide to do so,
diff --git a/core/src/main/java/hudson/model/Job.java b/core/src/main/java/hudson/model/Job.java
index a5e477ede9..91f7b17d61 100644
--- a/core/src/main/java/hudson/model/Job.java
+++ b/core/src/main/java/hudson/model/Job.java
@@ -56,7 +56,6 @@ import hudson.util.DescribableList;
 import hudson.util.FormApply;
 import hudson.util.Graph;
 import hudson.util.ProcessTree;
-import hudson.util.QuotedStringTokenizer;
 import hudson.util.RunList;
 import hudson.util.ShiftedCategoryAxis;
 import hudson.util.StackedAreaRenderer2;
@@ -68,7 +67,6 @@ import java.awt.Color;
 import java.awt.Paint;
 import java.io.File;
 import java.io.IOException;
-import java.net.URLEncoder;
 import java.nio.file.Files;
 import java.util.ArrayList;
 import java.util.Calendar;
@@ -122,9 +120,6 @@ import org.kohsuke.stapler.interceptor.RequirePOST;
 
 import static javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST;
 import static javax.servlet.http.HttpServletResponse.SC_NO_CONTENT;
-import org.acegisecurity.AccessDeniedException;
-import org.acegisecurity.context.SecurityContext;
-import org.acegisecurity.context.SecurityContextHolder;
 
 /**
  * A job is an runnable entity under the monitoring of Hudson.
@@ -324,6 +319,7 @@ public abstract class Job<JobT extends Job<JobT, RunT>, RunT extends Run<JobT, R
     /**
      * Returns whether the name of this job can be changed by user.
      */
+    @Override
     public boolean isNameEditable() {
         return true;
     }
@@ -1356,39 +1352,17 @@ public abstract class Job<JobT extends Job<JobT, RunT>, RunT extends Run<JobT, R
             }
             ItemListener.fireOnUpdated(this);
 
-            String newName = req.getParameter("name");
             final ProjectNamingStrategy namingStrategy = Jenkins.getInstance().getProjectNamingStrategy();
-            if (validRename(name, newName)) {
-                newName = newName.trim();
-                // check this error early to avoid HTTP response splitting.
-                Jenkins.checkGoodName(newName);
-                namingStrategy.checkName(newName);
-                if (FormApply.isApply(req)) {
-                    FormApply.applyResponse("notificationBar.show(" + QuotedStringTokenizer.quote(Messages.Job_you_must_use_the_save_button_if_you_wish()) + ",notificationBar.WARNING)").generateResponse(req, rsp, null);
-                } else {
-                    rsp.sendRedirect("rename?newName=" + URLEncoder.encode(newName, "UTF-8"));
-                }
-            } else {
                 if(namingStrategy.isForceExistingJobs()){
                     namingStrategy.checkName(name);
                 }
                 FormApply.success(".").generateResponse(req, rsp, null);
-            }
         } catch (JSONException e) {
             LOGGER.log(Level.WARNING, "failed to parse " + json, e);
             sendError(e, req, rsp);
         }
     }
 
-    private boolean validRename(String oldName, String newName) {
-        if (newName == null) {
-            return false;
-        }
-        boolean noChange = oldName.equals(newName);
-        boolean spaceAdded = oldName.equals(newName.trim());
-        return !noChange && !spaceAdded;
-    }
-
     /**
      * Derived class can override this to perform additional config submission
      * work.
@@ -1586,32 +1560,25 @@ public abstract class Job<JobT extends Job<JobT, RunT>, RunT extends Run<JobT, R
 
     /**
      * Renames this job.
+     * @deprecated Exists for backwards compatibility, use {@link #doConfirmRename} instead.
      */
+    @Deprecated
     @RequirePOST
     public/* not synchronized. see renameTo() */void doDoRename(
             StaplerRequest req, StaplerResponse rsp) throws IOException,
             ServletException {
-
-        if (!hasPermission(CONFIGURE)) {
-            // rename is essentially delete followed by a create
-            checkPermission(CREATE);
-            checkPermission(DELETE);
-        }
-
         String newName = req.getParameter("newName");
-        Jenkins.checkGoodName(newName);
+        doConfirmRename(newName).generateResponse(req, rsp, null);
+    }
 
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    protected void checkRename(String newName) throws Failure {
         if (isBuilding()) {
-            // redirect to page explaining that we can't rename now
-            rsp.sendRedirect("rename?newName=" + URLEncoder.encode(newName, "UTF-8"));
-            return;
+            throw new Failure(Messages.Job_NoRenameWhileBuilding());
         }
-
-        renameTo(newName);
-        // send to the new job page
-        // note we can't use getUrl() because that would pick up old name in the
-        // Ancestor.getUrl()
-        rsp.sendRedirect2("../" + newName);
     }
 
     public void doRssAll(StaplerRequest req, StaplerResponse rsp)
@@ -1645,58 +1612,4 @@ public abstract class Job<JobT extends Job<JobT, RunT>, RunT extends Run<JobT, R
     }
 
     private final static HexStringConfidentialKey SERVER_COOKIE = new HexStringConfidentialKey(Job.class,"serverCookie",16);
-    
-    /**
-     * Check new name for job
-     * @param newName - New name for job
-     * @return {@code true} - if newName occupied and user has permissions for this job
-     *         {@code false} - if newName occupied and user hasn't permissions for this job
-     *         {@code null} - if newName didn't occupied
-     * 
-     * @throws Failure if the given name is not good
-     */
-    @CheckForNull
-    @Restricted(NoExternalUse.class)
-    public Boolean checkIfNameIsUsed(@Nonnull String newName) throws Failure{
-        
-        Item item = null;
-        Jenkins.checkGoodName(newName);
-        
-        try {
-            item = getParent().getItem(newName);
-        } catch(AccessDeniedException ex) {  
-            if (LOGGER.isLoggable(Level.FINE)) {
-                LOGGER.log(Level.FINE, "Unable to rename the job {0}: name {1} is already in use. " +
-                        "User {2} has {3} permission, but no {4} for existing job with the same name", 
-                        new Object[] {this.getFullName(), newName, User.current().getFullName(), Item.DISCOVER.name, Item.READ.name} );
-            }
-            return true;
-        }
-        
-        if (item != null) {
-            // User has Read permissions for existing job with the same name
-            return true;
-        } else {
-            SecurityContext initialContext = null;
-            try {
-                initialContext = hudson.security.ACL.impersonate(ACL.SYSTEM);
-                item = getParent().getItem(newName);
-
-                if (item != null) {
-                    if (LOGGER.isLoggable(Level.FINE)) {
-                        LOGGER.log(Level.FINE, "Unable to rename the job {0}: name {1} is already in use. " +
-                                "User {2} has no {3} permission for existing job with the same name", 
-                                new Object[] {this.getFullName(), newName, initialContext.getAuthentication().getName(), Item.DISCOVER.name} );
-                    }
-                    return false;
-                }
-
-            } finally {
-                if (initialContext != null) {
-                    SecurityContextHolder.setContext(initialContext);
-                }
-            }
-        }
-        return null;
-    }
 }
diff --git a/core/src/main/java/jenkins/model/RenameAction.java b/core/src/main/java/jenkins/model/RenameAction.java
new file mode 100644
index 0000000000..45ddbd5290
--- /dev/null
+++ b/core/src/main/java/jenkins/model/RenameAction.java
@@ -0,0 +1,70 @@
+/*
+ * The MIT License
+ *
+ * Copyright 2018 CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+package jenkins.model;
+
+import hudson.Extension;
+import hudson.model.AbstractItem;
+import hudson.model.Action;
+import java.util.Collection;
+import java.util.Collections;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+
+@Restricted(NoExternalUse.class)
+public class RenameAction implements Action {
+
+    @Override
+    public String getIconFileName() {
+        return "notepad.png";
+    }
+
+    @Override
+    public String getDisplayName() {
+        return "Rename";
+    }
+
+    @Override
+    public String getUrlName() {
+        return "confirm-rename";
+    }
+
+    @Extension
+    public static class TransientActionFactoryImpl extends TransientActionFactory<AbstractItem> {
+
+        @Override
+        public Class<AbstractItem> type() {
+            return AbstractItem.class;
+        }
+
+        @Override
+        public Collection<? extends Action> createFor(AbstractItem target) {
+            if (target.isNameEditable()) {
+                return Collections.singleton(new RenameAction());
+            } else {
+                return Collections.emptyList();
+            }
+        }
+    }
+}
diff --git a/core/src/main/resources/hudson/model/Job/rename.jelly b/core/src/main/resources/hudson/model/AbstractItem/confirm-rename.jelly
similarity index 51%
rename from core/src/main/resources/hudson/model/Job/rename.jelly
rename to core/src/main/resources/hudson/model/AbstractItem/confirm-rename.jelly
index 39c88032a4..86daf0d31b 100644
--- a/core/src/main/resources/hudson/model/Job/rename.jelly
+++ b/core/src/main/resources/hudson/model/AbstractItem/confirm-rename.jelly
@@ -1,7 +1,7 @@
 <!--
 The MIT License
 
-Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi, Seiji Sogabe
+Copyright 2018 CloudBees, Inc.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
@@ -22,43 +22,21 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 THE SOFTWARE.
 -->
 
-<!-- Rename project -->
 <?jelly escape-by-default='true'?>
 <j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form" xmlns:i="jelly:fmt">
-  <l:layout>
+  <l:layout title="${%Rename}">
     <st:include page="sidepanel.jelly" />
     <l:main-panel>
-      <j:set var="newName" value="${request.getParameter('newName')}" />
-      <j:set var="checkIfNameIsUsed" value="${it.checkIfNameIsUsed(newName)}" />
-      
-      <j:choose> 
-        <j:when test="${it.isBuilding()}">
-          ${%noRenameWhileBuilding}
-          <j:if test="${request.referer.endsWith('/configure')}">
-            <br/> ${%configWasSaved}
-          </j:if>
-        </j:when>
-        
-        <j:when test="${checkIfNameIsUsed != null and !it.name.equalsIgnoreCase(newName)}" >    
-          <j:if test="${checkIfNameIsUsed}" >
-            ${%newNameInUse(newName)}
-          </j:if>  
-          <j:if test="${!checkIfNameIsUsed}" >
-            ${%newNameNotValid(newName)}
-          </j:if>
-          <j:if test="${request.referer.endsWith('/configure')}">
-            <br/> ${%configWasSaved}
-          </j:if>
-        </j:when>
-        
-        <j:otherwise>
-          <form method="post" action="doRename">
-            ${%description(it.name, newName)}
-            <input type="hidden" name="newName" value="${newName}" />
-            <f:submit value="${%Yes}" />
-          </form>
-        </j:otherwise>
-      </j:choose>
+      <h1><l:icon class="icon-notepad icon-xlg"/> ${%DescribeRename(it.pronoun, it.name)}</h1>
+      <f:form method="post" action="confirmRename" name="config" tableClass="config-table scrollspy">
+        <f:entry title="${%NewName}">
+          <f:textbox name="newName" value="${it.name}" autocomplete="on" checkUrl="checkNewName" checkDependsOn="newName"/>
+        </f:entry>
+        <f:bottomButtonBar>
+          <f:submit value="${%Rename}" />
+        </f:bottomButtonBar>
+      </f:form>
+      <st:adjunct includes="lib.form.confirm" />
     </l:main-panel>
   </l:layout>
 </j:jelly>
diff --git a/core/src/main/resources/hudson/model/Job/rename_sv_SE.properties b/core/src/main/resources/hudson/model/AbstractItem/confirm-rename.properties
similarity index 87%
rename from core/src/main/resources/hudson/model/Job/rename_sv_SE.properties
rename to core/src/main/resources/hudson/model/AbstractItem/confirm-rename.properties
index fbadf7bcfe..bcdc4a32d7 100644
--- a/core/src/main/resources/hudson/model/Job/rename_sv_SE.properties
+++ b/core/src/main/resources/hudson/model/AbstractItem/confirm-rename.properties
@@ -1,6 +1,6 @@
 # The MIT License
 #
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
+# Copyright (c) 2018 CloudBees, Inc.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -20,6 +20,6 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-No=Nej
-Yes=Ja
-description=\u00C4r du s\u00E4ker att du vill \u00E4ndra namn ifr\u00E5n {0} till {1}?
+DescribeRename=Rename {0} {1}
+NewName=New Name
+Rename=Rename
diff --git a/core/src/main/resources/hudson/model/Job/configure.jelly b/core/src/main/resources/hudson/model/Job/configure.jelly
index ddf5467f8d..d875e4cced 100644
--- a/core/src/main/resources/hudson/model/Job/configure.jelly
+++ b/core/src/main/resources/hudson/model/Job/configure.jelly
@@ -44,11 +44,6 @@ THE SOFTWARE.
             <j:set var="descriptor" value="${it.descriptor}" />
             <j:set var="instance" value="${it}" />
 
-            <j:if test="${it.isNameEditable()}">
-              <f:entry title="${%name(it.pronoun)}">
-                <f:textbox name="name" value="${it.name}" autocomplete="on"/>
-              </f:entry>
-            </j:if>
             <f:entry title="${%Description}" help="${app.markupFormatter.helpUrl}">
               <f:textarea name="description" value="${it.description}" codemirror-mode="${app.markupFormatter.codeMirrorMode}" codemirror-config="${app.markupFormatter.codeMirrorConfig}" previewEndpoint="/markupFormatter/previewDescription"/>
             </f:entry>
diff --git a/core/src/main/resources/hudson/model/Job/rename.properties b/core/src/main/resources/hudson/model/Job/rename.properties
deleted file mode 100644
index 6ba2a21875..0000000000
--- a/core/src/main/resources/hudson/model/Job/rename.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi, Seiji Sogabe
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-noRenameWhileBuilding=Unable to rename a job while it is building.
-newNameInUse=The name {0} is already in use.
-newNameNotValid=The name {0} is not valid.
-configWasSaved=All other configuration options were saved.
-description=Are you sure about renaming {0} to {1}?
-Yes=Yes
diff --git a/core/src/main/resources/hudson/model/Job/rename_bg.properties b/core/src/main/resources/hudson/model/Job/rename_bg.properties
deleted file mode 100644
index cdc08c0d84..0000000000
--- a/core/src/main/resources/hudson/model/Job/rename_bg.properties
+++ /dev/null
@@ -1,37 +0,0 @@
-# The MIT License
-#
-# Bulgarian translation: Copyright (c) 2015, 2016, Alexander Shopov <ash@kambanaria.org>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-# The name {0} is already in use.
-newNameInUse=\
- \u0418\u043c\u0435\u0442\u043e \u201e{0}\u201c \u0435 \u0437\u0430\u0435\u0442\u043e.
-# Yes
-Yes=\
- \u0414\u0430
-# Unable to rename a job while it is building.
-noRenameWhileBuilding=\
- \u041d\u0435 \u043c\u043e\u0436\u0435 \u0434\u0430 \u043f\u0440\u0435\u0438\u043c\u0435\u043d\u0443\u0432\u0430\u0442\u0435 \u0437\u0430\u0434\u0430\u0447\u0430 \u043f\u043e \u0432\u0440\u0435\u043c\u0435 \u043d\u0430 \u043d\u0435\u0439\u043d\u043e\u0442\u043e \u0438\u0437\u0433\u0440\u0430\u0436\u0434\u0430\u043d\u0435 .
-# All other configuration options were saved.
-configWasSaved=\
- \u0412\u0441\u0438\u0447\u043a\u0438 \u0434\u0440\u0443\u0433\u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0441\u0430 \u0437\u0430\u043f\u0430\u0437\u0435\u043d\u0438.
-# Are you sure about renaming {0} to {1}?
-description=\
- \u0421\u0438\u0433\u0443\u0440\u043d\u0438 \u043b\u0438 \u0441\u0442\u0435, \u0447\u0435 \u0438\u0441\u043a\u0430\u0442\u0435 \u0434\u0430 \u043f\u0440\u0435\u0438\u043c\u0435\u043d\u0443\u0432\u0430\u0442\u0435 \u201e{0}\u201c \u043d\u0430 \u201e{1}\u201c?
diff --git a/core/src/main/resources/hudson/model/Job/rename_da.properties b/core/src/main/resources/hudson/model/Job/rename_da.properties
deleted file mode 100644
index c9e21f910d..0000000000
--- a/core/src/main/resources/hudson/model/Job/rename_da.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc. Kohsuke Kawaguchi. Knud Poulsen.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-noRenameWhileBuilding=Kan ikke omd\u00f8be et job imens det bygger
-Yes=Ja
-No=Nej
-configWasSaved=Alle andre konfigurationsindstillinger blev gemt.
-description=Er du sikker p\u00e5 at du vil omd\u00f8be {0} til {1}?
-newNameInUse=Navnet {0} er allerede i brug
diff --git a/core/src/main/resources/hudson/model/Job/rename_de.properties b/core/src/main/resources/hudson/model/Job/rename_de.properties
deleted file mode 100644
index 424d1ab66c..0000000000
--- a/core/src/main/resources/hudson/model/Job/rename_de.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi, Seiji Sogabe, Simon Wiest
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-description=M�chten Sie wirklich {0} in {1} umbenennen?
-Yes=Ja
-noRenameWhileBuilding=Ein Job kann nicht umbenannt werden, w�hrend er gebaut wird.
-configWasSaved=Alle anderen Konfigurationseinstellungen wurden �bernommen.
-newNameInUse=Der Name {0} wird bereits verwendet.
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/model/Job/rename_es.properties b/core/src/main/resources/hudson/model/Job/rename_es.properties
deleted file mode 100644
index 58c3c21f77..0000000000
--- a/core/src/main/resources/hudson/model/Job/rename_es.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi, Seiji Sogabe
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-noRenameWhileBuilding=No es posible renombrar un proyecto mientras se est� ejecutando.
-configWasSaved=Las dem�s opciones de configuraci�n s� se han guardado.
-description=�Est�s seguro de querer renombrar  {0} a {1}?
-Yes=S�
-No=No 
-newNameInUse=El nombre {0} ya existe.
diff --git a/core/src/main/resources/hudson/model/Job/rename_fr.properties b/core/src/main/resources/hudson/model/Job/rename_fr.properties
deleted file mode 100644
index 29757ddd9b..0000000000
--- a/core/src/main/resources/hudson/model/Job/rename_fr.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi, Eric Lefevre-Ardant
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-description=Voulez-vous vraiment renommer {0} en {1}?
-Yes=Oui
-No=Non
diff --git a/core/src/main/resources/hudson/model/Job/rename_it.properties b/core/src/main/resources/hudson/model/Job/rename_it.properties
deleted file mode 100644
index 1fddaaf905..0000000000
--- a/core/src/main/resources/hudson/model/Job/rename_it.properties
+++ /dev/null
@@ -1,6 +0,0 @@
-configWasSaved=Tutte le altre opzioni di configurazione sono state salvate.
-newNameNotValid=Il nome {0} non � valido.
-description=Rinominare {0} in {1}?
-noRenameWhileBuilding=Impossibile rinominare un processo finch� la sua compilazione � in corso.
-newNameInUse=Il nome {0} � gi� utilizzato.
-Yes=S�
diff --git a/core/src/main/resources/hudson/model/Job/rename_ja.properties b/core/src/main/resources/hudson/model/Job/rename_ja.properties
deleted file mode 100644
index 968dcd1ee6..0000000000
--- a/core/src/main/resources/hudson/model/Job/rename_ja.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi, Seiji Sogabe
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-noRenameWhileBuilding=\u30d3\u30eb\u30c9\u4e2d\u306b\u30b8\u30e7\u30d6\u540d\u3092\u5909\u66f4\u3067\u304d\u307e\u305b\u3093\u3002
-newNameInUse=\u30b8\u30e7\u30d6\u540d {0} \u306f\u3059\u3067\u306b\u4f7f\u7528\u3055\u308c\u3066\u3044\u307e\u3059\u3002
-configWasSaved=\u4ed6\u306e\u30aa\u30d7\u30b7\u30e7\u30f3\u306f\u3059\u3079\u3066\u4fdd\u5b58\u3055\u308c\u307e\u3057\u305f\u3002
-description={0}\u304b\u3089{1}\u306b\u5909\u66f4\u3057\u3066\u3088\u308d\u3057\u3044\u3067\u3059\u304b?
-Yes=\u306f\u3044
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/model/Job/rename_pt_BR.properties b/core/src/main/resources/hudson/model/Job/rename_pt_BR.properties
deleted file mode 100644
index 25b67038d3..0000000000
--- a/core/src/main/resources/hudson/model/Job/rename_pt_BR.properties
+++ /dev/null
@@ -1,33 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc., Cleiber Silva, Fernando Boaglio
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-# Unable to rename a job while it is building.
-noRenameWhileBuilding=N\u00e3o \u00e9 poss\u00edvel renomear enquanto o job est\u00e1 em constru\u00e7\u00e3o
-# Yes
-Yes=Sim
-# No
-# All other configuration options were saved.
-configWasSaved=Todas as outras op\u00e7\u00f5es de configura\u00e7\u00e3o foram salvas
-# Are you sure about renaming {0} to {1}?
-description=Tem certeza que quer renomear {0} para {1}?
-# The name {0} is already in use.
-newNameInUse=O nome {0} j\u00e1 esta em uso.
diff --git a/core/src/main/resources/hudson/model/Job/rename_ru.properties b/core/src/main/resources/hudson/model/Job/rename_ru.properties
deleted file mode 100644
index 1a9631708c..0000000000
--- a/core/src/main/resources/hudson/model/Job/rename_ru.properties
+++ /dev/null
@@ -1,8 +0,0 @@
-# This file is under the MIT License by authors
-
-No=\u041d\u0435\u0442
-Yes=\u0414\u0430
-description=\u0412\u044b \u0443\u0432\u0435\u0440\u0435\u043d\u044b, \u0447\u0442\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u0435\u0440\u0435\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u0442\u044c {0} \u0432 {1}?
-noRenameWhileBuilding=\u041d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u043f\u0435\u0440\u0435\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u0442\u044c \u0437\u0430\u0434\u0430\u0447\u0443 \u043f\u0440\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0431\u043e\u0440\u043a\u0430\u0445
-newNameInUse=\u0417\u0430\u0434\u0430\u0447\u0430 \u0441 \u0438\u043c\u0435\u043d\u0435\u043c {0} \u0443\u0436\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442.
-configWasSaved=\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u044b
diff --git a/core/src/main/resources/hudson/model/Job/rename_sr.properties b/core/src/main/resources/hudson/model/Job/rename_sr.properties
deleted file mode 100644
index 531c0a4225..0000000000
--- a/core/src/main/resources/hudson/model/Job/rename_sr.properties
+++ /dev/null
@@ -1,8 +0,0 @@
-# This file is under the MIT License by authors
-
-noRenameWhileBuilding=\u041D\u0438\u0458\u0435 \u043C\u043E\u0433\u0443\u045B\u0435 \u043F\u0440\u0435\u0438\u043C\u0435\u043D\u043E\u0432\u0430\u0442\u0438 \u0437\u0430\u0434\u0430\u0442\u0430\u043A \u0434\u043E\u043A \u0441\u0435 \u0433\u0440\u0430\u0434\u0438.
-configWasSaved=\u0421\u0432\u0430 \u043F\u043E\u0434\u0435\u0448\u0430\u0432\u0430\u045A\u0430 \u0441\u0443 \u0441\u0430\u0447\u0443\u0432\u0430\u043D\u0430.
-newNameInUse=\u0418\u043C\u0435 {0} \u0458\u0435 \u0437\u0430\u0443\u0437\u0435\u0442\u043E.
-description=\u0414\u0430 \u043B\u0438 \u0441\u0442\u0435 \u0441\u0438\u0433\u0443\u0440\u043D\u0438 \u0434\u0430 \u0436\u0435\u043B\u0438\u0442\u0435 \u0434\u0430 \u043F\u0440\u0435\u0438\u043C\u0435\u043D\u0443\u0458\u0435\u0442\u0435 "{0}" \u0443 "{1}"?
-Yes=\u0414\u0430
-No=\u041D\u0435
diff --git a/core/src/main/resources/hudson/model/Job/rename_zh_CN.properties b/core/src/main/resources/hudson/model/Job/rename_zh_CN.properties
deleted file mode 100644
index 0ddc3baefd..0000000000
--- a/core/src/main/resources/hudson/model/Job/rename_zh_CN.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-noRenameWhileBuilding=\u4E0D\u5141\u8BB8\u91CD\u547D\u540D\u6B63\u5728\u6784\u5EFA\u4E2D\u7684\u4EFB\u52A1\u3002
-newNameInUse=\u8BE5\u547D\u540D {0} \u5DF2\u7ECF\u88AB\u5360\u7528\u3002
-newNameNotValid=\u8BE5\u547D\u540D {0} \u4E0D\u5408\u6CD5\u3002
-configWasSaved=All other configuration options were saved.
-description=\u4F60\u786E\u5B9A\u628A {0} \u91CD\u547D\u540D\u4E3A {1}\uFF1F
-Yes=\u786E\u5B9A
diff --git a/core/src/main/resources/hudson/model/Job/rename_zh_TW.properties b/core/src/main/resources/hudson/model/Job/rename_zh_TW.properties
deleted file mode 100644
index efe780eb01..0000000000
--- a/core/src/main/resources/hudson/model/Job/rename_zh_TW.properties
+++ /dev/null
@@ -1,30 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2013, Chunghwa Telecom Co., Ltd., Pei-Tang Huang
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-configWasSaved=\u5176\u4ed6\u8a2d\u5b9a\u9078\u9805\u5df2\u88ab\u5132\u5b58\u3002
-
-noRenameWhileBuilding=\u4f5c\u696d\u5efa\u7f6e\u4e2d\uff0c\u7121\u6cd5\u6539\u540d\u3002
-newNameInUse={0} \u9019\u500b\u540d\u5b57\u5df2\u7d93\u88ab\u4f7f\u7528\u4e86\u3002
-
-description=\u4F60\u78BA\u5B9A\u8981\u5C07 {0} \u6539\u540D\u6210 {1}?
-Yes=\u662F
-No=\u5426
diff --git a/core/src/main/resources/hudson/model/Messages.properties b/core/src/main/resources/hudson/model/Messages.properties
index 600d509e98..3bc6f922bc 100644
--- a/core/src/main/resources/hudson/model/Messages.properties
+++ b/core/src/main/resources/hudson/model/Messages.properties
@@ -35,6 +35,7 @@ AbstractItem.TaskNoun=Build
 AbstractItem.BeingDeleted={0} is currently being deleted
 AbstractItem.FailureToStopBuilds=Failed to interrupt and stop {0,choice,1#{0,number,integer} build|1<{0,number,integer} \
   builds} of {1}
+AbstractItem.NewNameInUse=The name \u201c{0}\u201d is already in use.
 AbstractProject.AssignedLabelString_NoMatch_DidYouMean=There\u2019s no agent/cloud that matches this assignment. Did you mean \u2018{1}\u2019 instead of \u2018{0}\u2019?
 AbstractProject.NewBuildForWorkspace=Scheduling a new build to get a workspace.
 AbstractProject.AwaitingBuildForWorkspace=Awaiting build to get a workspace.
@@ -174,6 +175,7 @@ Item.CREATE.description=Create a new job.
 Item.DELETE.description=Delete a job.
 Item.CONFIGURE.description=Change the configuration of a job.
 Item.READ.description=See a job. (You may deny this permission but allow Discover to force an anonymous user to log in to see the job.)
+Item.RENAME.description=Rename a job.
 ItemGroupMixIn.may_not_copy_as_it_contains_secrets_and_=May not copy {0} as it contains secrets and {1} has {2}/{3} but not /{4}
 Job.AllRecentBuildFailed=All recent builds failed.
 Job.BuildStability=Build stability: {0}
@@ -181,7 +183,7 @@ Job.NOfMFailed={0} out of the last {1} builds failed.
 Job.NoRecentBuildFailed=No recent builds failed.
 Job.Pronoun=Project
 Job.minutes=mins
-
+Job.NoRenameWhileBuilding=Unable to rename a job while it is building.
 Job.you_must_use_the_save_button_if_you_wish=You must use the Save button if you wish to rename a job.
 Label.GroupOf=group of {0}
 Label.InvalidLabel=invalid label
@@ -383,7 +385,7 @@ BuildAuthorizationToken.InvalidTokenProvided=Invalid token provided.
 Jenkins.CheckDisplayName.NameNotUniqueWarning=The display name, "{0}", is used as a name by a job and could cause confusing search results.
 Jenkins.CheckDisplayName.DisplayNameNotUniqueWarning=The display name, "{0}", is already in use by another job and could cause confusion and delay.
 
-Jenkins.NotAllowedName="{0}" is not allowed name
+Jenkins.NotAllowedName=\u201c{0}\u201d is not an allowed name
 Jenkins.IsRestarting=Jenkins is restarting
 
 User.IllegalUsername="{0}" is prohibited as a username for security reasons.
diff --git a/core/src/main/resources/hudson/model/Messages_bg.properties b/core/src/main/resources/hudson/model/Messages_bg.properties
index 550cbf6034..d6bb585efd 100644
--- a/core/src/main/resources/hudson/model/Messages_bg.properties
+++ b/core/src/main/resources/hudson/model/Messages_bg.properties
@@ -37,6 +37,8 @@ AbstractItem.NoSuchJobExistsWithoutSuggestion=\
  \u041d\u0435 \u0441\u044a\u0449\u0435\u0441\u0442\u0432\u0443\u0432\u0430 \u0437\u0430\u0434\u0430\u0447\u0430 \u043d\u0430 \u0438\u043c\u0435 \u201e{0}\u201c.
 AbstractItem.Pronoun=\
  \u0415\u043b\u0435\u043c\u0435\u043d\u0442
+AbstractItem.NewNameInUse=\
+ \u0418\u043c\u0435\u0442\u043e \u201e{0}\u201c \u0435 \u0437\u0430\u0435\u0442\u043e.
 AbstractProject.NewBuildForWorkspace=\
  \u041d\u0430\u0441\u0440\u043e\u0447\u0432\u0430\u043d\u0435 \u043d\u0430 \u043d\u043e\u0432\u043e \u0438\u0437\u0433\u0440\u0430\u0436\u0434\u0430\u043d\u0435, \u0437\u0430 \u0434\u0430 \u0441\u0435 \u043f\u043e\u043b\u0443\u0447\u0438 \u0440\u0430\u0431\u043e\u0442\u043d\u043e \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u043e.
 AbstractProject.AwaitingBuildForWorkspace=\
@@ -260,7 +262,8 @@ Job.Pronoun=\
  \u041f\u0440\u043e\u0435\u043a\u0442
 Job.minutes=\
  \u043c\u0438\u043d.
-
+Job.NoRenameWhileBuilding=\
+ \u041d\u0435 \u043c\u043e\u0436\u0435 \u0434\u0430 \u043f\u0440\u0435\u0438\u043c\u0435\u043d\u0443\u0432\u0430\u0442\u0435 \u0437\u0430\u0434\u0430\u0447\u0430 \u043f\u043e \u0432\u0440\u0435\u043c\u0435 \u043d\u0430 \u043d\u0435\u0439\u043d\u043e\u0442\u043e \u0438\u0437\u0433\u0440\u0430\u0436\u0434\u0430\u043d\u0435 .
 Job.you_must_use_the_save_button_if_you_wish=\
  \u0417\u0430 \u0434\u0430 \u043f\u0440\u0435\u0438\u043c\u0435\u043d\u0443\u0432\u0430\u0442\u0435 \u0437\u0430\u0434\u0430\u0447\u0430, \u043d\u0430\u0442\u0438\u0441\u043d\u0435\u0442\u0435 \u0431\u0443\u0442\u043e\u043d\u0430 \u201e\u0417\u0430\u043f\u0430\u0437\u0432\u0430\u043d\u0435\u201c.
 Label.GroupOf=\
diff --git a/core/src/main/resources/hudson/model/Messages_da.properties b/core/src/main/resources/hudson/model/Messages_da.properties
index 32e1ecbe2c..4140fe9722 100644
--- a/core/src/main/resources/hudson/model/Messages_da.properties
+++ b/core/src/main/resources/hudson/model/Messages_da.properties
@@ -216,3 +216,5 @@ HealthReport.EmptyString=
 MultiStageTimeSeries.EMPTY_STRING=
 ManageJenkinsAction.DisplayName=Bestyr Jenkins
 ParametersDefinitionProperty.DisplayName=Dette byg er parameteriseret
+AbstractItem.NewNameInUse=Navnet {0} er allerede i brug
+Job.NoRenameWhileBuilding=Kan ikke omd\u00f8be et job imens det bygger
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/model/Messages_de.properties b/core/src/main/resources/hudson/model/Messages_de.properties
index 11523a03f3..70cd593b8b 100644
--- a/core/src/main/resources/hudson/model/Messages_de.properties
+++ b/core/src/main/resources/hudson/model/Messages_de.properties
@@ -29,6 +29,7 @@ AbstractBuild.KeptBecause=Aufbewahrt wegen {0}
 AbstractItem.NoSuchJobExists=Element \u201E{0}\u201C existiert nicht. Meinten Sie vielleicht \u201E{1}\u201C?
 AbstractItem.NoSuchJobExistsWithoutSuggestion=Es gibt kein Element \u201E{0}\u201C. 
 AbstractItem.Pronoun=Element
+AbstractItem.NewNameInUse=Der Name {0} wird bereits verwendet.
 AbstractProject.AssignedLabelString.InvalidBooleanExpression=Ung\u00FCltiger boolscher Ausdruck: \u201E{0}\u201C
 AbstractProject.AssignedLabelString.NoMatch=Es gibt keine Agenten oder Clouds, die diesen Label-Ausdruck bedienen.
 AbstractProject.AssignedLabelString_NoMatch_DidYouMean=Es gibt keine Knoten oder Clouds f\u00FCr diesen Ausdruck. Meinten Sie \u201E{1}\u201C statt \u201E{0}\u201C?
@@ -181,6 +182,7 @@ Job.NOfMFailed={0} der letzten {1} Builds schlug fehl.
 Job.NoRecentBuildFailed=In letzter Zeit schlug kein Build fehl.
 Job.Pronoun=Projekt
 Job.minutes=Minuten
+Job.NoRenameWhileBuilding=Ein Job kann nicht umbenannt werden, während er gebaut wird.
 Job.you_must_use_the_save_button_if_you_wish=Um das Projekt umzubennen, m\u00FCssen Sie die Schaltfl\u00E4che \u201ESpeichern\u201C verwenden.
 
 Label.GroupOf={0} Gruppe
diff --git a/core/src/main/resources/hudson/model/Messages_es.properties b/core/src/main/resources/hudson/model/Messages_es.properties
index 0d9c135727..6d82b5d1aa 100644
--- a/core/src/main/resources/hudson/model/Messages_es.properties
+++ b/core/src/main/resources/hudson/model/Messages_es.properties
@@ -25,6 +25,7 @@ AbstractBuild.BuildingOnMaster=Ejecutando en el nodo principal
 AbstractBuild.KeptBecause=Conservar porque {0}
 
 AbstractItem.NoSuchJobExists=La tarea ''{0}'' no existe. \u00bfQuiz\u00e1s quieras decir ''{1}''?
+AbstractItem.NewNameInUse=El nombre {0} ya existe.
 AbstractProject.NewBuildForWorkspace=Lanzando una nueva ejecuci\u00f3n para crear el espacio de trabajo.
 AbstractProject.Pronoun=Proyecto
 AbstractProject.Aborted=Cancelado
@@ -118,6 +119,7 @@ Job.NOfMFailed={0} de las {1} \u00faltimas ejecuciones fallaron.
 Job.NoRecentBuildFailed=No hay ejecuciones recientes con fallos.
 Job.Pronoun=Proyecto
 Job.minutes=Min
+Job.NoRenameWhileBuilding=No es posible renombrar un proyecto mientras se est� ejecutando.
 
 Label.GroupOf=grupo de {0}
 Label.InvalidLabel=etiqueta inv\u00e1lida
diff --git a/core/src/main/resources/hudson/model/Messages_it.properties b/core/src/main/resources/hudson/model/Messages_it.properties
index 939e4558b8..c009c0f344 100644
--- a/core/src/main/resources/hudson/model/Messages_it.properties
+++ b/core/src/main/resources/hudson/model/Messages_it.properties
@@ -34,6 +34,7 @@ AbstractItem.TaskNoun=Compilazione
 AbstractItem.BeingDeleted=Eliminazione di {0} in corso
 AbstractItem.FailureToStopBuilds=Interruzione e arresto {0,choice,1#{0,number,integer} \
 della compilazione|1<{0,number,integer} delle compilazioni} di {1} non riusciti
+AbstractItem.NewNameInUse=Il nome {0} � gi� utilizzato.
 AbstractProject.AssignedLabelString_NoMatch_DidYouMean=Non esiste alcun agente/cloud corrispondente a questo assegnamento. Forse si intendeva "{1}" anzich� "{0}"?
 AbstractProject.NewBuildForWorkspace=Pianificazione di una nuova compilazione per ottenere uno spazio di lavoro in corso.
 AbstractProject.AwaitingBuildForWorkspace=In attesa della compilazione per ottenere uno spazio di lavoro.
@@ -181,7 +182,7 @@ Job.NOfMFailed={0} delle ultime {1} compilazioni non sono riuscite.
 Job.NoRecentBuildFailed=Nessuna compilazione recente non riuscita.
 Job.Pronoun=Progetto
 Job.minutes=min
-
+Job.NoRenameWhileBuilding=Impossibile rinominare un processo finch� la sua compilazione � in corso.
 Job.you_must_use_the_save_button_if_you_wish=� necessario utilizzare il pulsante Salva se si desidera rinominare un processo.
 Label.GroupOf=gruppo di {0}
 Label.InvalidLabel=etichetta non valida
diff --git a/core/src/main/resources/hudson/model/Messages_ja.properties b/core/src/main/resources/hudson/model/Messages_ja.properties
index 5f98501187..5bb5a55d67 100644
--- a/core/src/main/resources/hudson/model/Messages_ja.properties
+++ b/core/src/main/resources/hudson/model/Messages_ja.properties
@@ -28,6 +28,7 @@ AbstractBuild.KeptBecause={0}\u306e\u305f\u3081\u3001\u4fdd\u5b58\u3057\u307e\u3
 
 AbstractItem.NoSuchJobExists=\u30b8\u30e7\u30d6''{0}''\u306f\u5b58\u5728\u3057\u307e\u305b\u3093\u3002''{1}''\u3067\u3059\u304b?
 AbstractItem.Pronoun=\u30b8\u30e7\u30d6
+AbstractItem.NewNameInUse=\u30b8\u30e7\u30d6\u540d {0} \u306f\u3059\u3067\u306b\u4f7f\u7528\u3055\u308c\u3066\u3044\u307e\u3059\u3002
 AbstractProject.NewBuildForWorkspace=\u65b0\u898f\u306e\u30d3\u30eb\u30c9\u3092\u5b9f\u884c\u3057\u3066\u3001\u30ef\u30fc\u30af\u30b9\u30da\u30fc\u30b9\u3092\u4f5c\u6210\u3057\u3066\u304f\u3060\u3055\u3044\u3002
 AbstractProject.AwaitingBuildForWorkspace=\u30ef\u30fc\u30af\u30b9\u30da\u30fc\u30b9\u304c\u7528\u610f\u3067\u304d\u308b\u307e\u3067\u30d3\u30eb\u30c9\u3092\u4fdd\u7559\u3057\u307e\u3059\u3002
 AbstractProject.Pronoun=\u30d7\u30ed\u30b8\u30a7\u30af\u30c8
@@ -140,6 +141,7 @@ Job.NOfMFailed=\u6700\u8fd1\u306e{1}\u500b\u4e2d\u3001{0}\u500b\u30d3\u30eb\u30c
 Job.NoRecentBuildFailed=\u6700\u8fd1\u306e\u30d3\u30eb\u30c9\u306f\u5931\u6557\u3057\u3066\u307e\u305b\u3093\u3002
 Job.Pronoun=\u30d7\u30ed\u30b8\u30a7\u30af\u30c8
 Job.minutes=\u5206
+Job.NoRenameWhileBuilding=\u30d3\u30eb\u30c9\u4e2d\u306b\u30b8\u30e7\u30d6\u540d\u3092\u5909\u66f4\u3067\u304d\u307e\u305b\u3093\u3002
 
 Label.GroupOf={0}
 Label.InvalidLabel=\u4e0d\u6b63\u306a\u30e9\u30d9\u30eb
diff --git a/core/src/main/resources/hudson/model/Messages_pt_BR.properties b/core/src/main/resources/hudson/model/Messages_pt_BR.properties
index 4dbe5bf086..ebdc773941 100644
--- a/core/src/main/resources/hudson/model/Messages_pt_BR.properties
+++ b/core/src/main/resources/hudson/model/Messages_pt_BR.properties
@@ -23,6 +23,8 @@
 AbstractBuild.BuildingRemotely=Construindo remotamente em {0}
 AbstractBuild.KeptBecause=mantido por causa de {0}
 
+AbstractItem.NewNameInUse=O nome {0} j\u00e1 esta em uso.
+
 AbstractProject.Pronoun=Projeto
 AbstractProject.Aborted=Abortado
 AbstractProject.Disabled=builds desabilitada
@@ -74,6 +76,7 @@ Job.NOfMFailed={0} das ultimas {1} builds falharam.
 Job.NoRecentBuildFailed=Nenhuma builds recente falhou.
 Job.Pronoun=Projeto
 Job.minutes=minutos
+Job.NoRenameWhileBuilding=N\u00e3o \u00e9 poss\u00edvel renomear enquanto o job est\u00e1 em constru\u00e7\u00e3o
 
 Queue.BlockedBy=Bloqueado por {0}
 Queue.InProgress=Uma builds j\u00e1 esta em progresso
diff --git a/core/src/main/resources/hudson/model/Messages_ru.properties b/core/src/main/resources/hudson/model/Messages_ru.properties
index 2b0130c8fd..bb551b4c91 100644
--- a/core/src/main/resources/hudson/model/Messages_ru.properties
+++ b/core/src/main/resources/hudson/model/Messages_ru.properties
@@ -23,6 +23,8 @@
 AbstractBuild.BuildingRemotely=\u0421\u043e\u0431\u0438\u0440\u0430\u0435\u0442\u0441\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u043d\u0430 {0}
 AbstractBuild.KeptBecause=\u0421\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u043e, \u043f\u043e\u0442\u043e\u043c\u0443 \u0447\u0442\u043e {0}
 
+AbstractItem.NewNameInUse=\u0417\u0430\u0434\u0430\u0447\u0430 \u0441 \u0438\u043c\u0435\u043d\u0435\u043c {0} \u0443\u0436\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442.
+
 AbstractProject.Pronoun=\u041f\u0440\u043e\u0435\u043a\u0442
 AbstractProject.Aborted=\u041f\u0440\u0435\u0440\u0432\u0430\u043d\u043e
 AbstractProject.Disabled=\u0421\u0431\u043e\u0440\u043a\u0430 \u043f\u0440\u0438\u043e\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0430
@@ -78,6 +80,7 @@ Job.NOfMFailed={0} \u0438\u0437 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438
 Job.NoRecentBuildFailed=\u0421\u0440\u0435\u0434\u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0441\u0431\u043e\u0440\u043e\u043a \u043f\u0440\u043e\u0432\u0430\u043b\u0438\u0432\u0448\u0438\u0445\u0441\u044f \u043d\u0435\u0442.
 Job.Pronoun=\u041f\u0440\u043e\u0435\u043a\u0442
 Job.minutes=\u043c\u0438\u043d
+Job.NoRenameWhileBuilding=\u041d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u043f\u0435\u0440\u0435\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u0442\u044c \u0437\u0430\u0434\u0430\u0447\u0443 \u043f\u0440\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0431\u043e\u0440\u043a\u0430\u0445
 
 Queue.BlockedBy=\u0417\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043e {0}
 Queue.InProgress=\u0421\u0431\u043e\u0440\u043a\u0430 \u0443\u0436\u0435 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435
diff --git a/core/src/main/resources/hudson/model/Messages_sr.properties b/core/src/main/resources/hudson/model/Messages_sr.properties
index 6a1b7ed6c3..3d6a308916 100644
--- a/core/src/main/resources/hudson/model/Messages_sr.properties
+++ b/core/src/main/resources/hudson/model/Messages_sr.properties
@@ -8,6 +8,7 @@ AbstractBuild.KeptBecause=\u041E\u0432\u043E \u0438\u0437\u0433\u0440\u0430\u043
 AbstractItem.NoSuchJobExists=\u041D\u0435 \u043F\u043E\u0441\u0442\u043E\u0458\u0438 \u0437\u0430\u0434\u0430\u0442\u0430\u043A "{0}". \u0414\u0430 \u043B\u0438 \u0441\u0442\u0435 \u0438\u043C\u0430\u043B\u0438 "{1}"?
 AbstractItem.NoSuchJobExistsWithoutSuggestion=\u041D\u0435 \u043F\u043E\u0441\u0442\u043E\u0458\u0438 \u0437\u0430\u0434\u0430\u0442\u0430\u043A \u0441\u0430 \u0438\u043C\u0435\u043D\u043E\u043C "{0}".
 AbstractItem.Pronoun=\u043E\u0431\u0458\u0435\u043A\u0430\u0442
+AbstractItem.NewNameInUse=\u0418\u043C\u0435 {0} \u0458\u0435 \u0437\u0430\u0443\u0437\u0435\u0442\u043E.
 AbstractProject.AssignedLabelString_NoMatch_DidYouMean=\u041D\u0435\u043C\u0430 \u0442\u0430\u043A\u0432\u043E\u0433 \u0430\u0433\u0435\u043D\u0442\u0430/cloud. \u0414\u0430 \u043B\u0438 \u0441\u0442\u0435 \u043C\u0438\u0441\u043B\u0438\u043B\u0438 "{1}" \u043D\u0430 \u0443\u043C\u0443 \u0443\u043C\u0435\u0441\u0442\u043E "{0}"?
 AbstractProject.NewBuildForWorkspace=\u0417\u0430\u043A\u0430\u0437\u0438\u0432\u0430\u045A\u0435 \u043D\u043E\u0432\u0435 \u0438\u0437\u0433\u0440\u0430\u0434\u045A\u0435 \u0434\u0430 \u0431\u0438 \u0441\u0435 \u0434\u043E\u0431\u0438\u043E \u043D\u043E\u0432\u0438 \u0440\u0430\u0434\u043D\u0438 \u043F\u0440\u043E\u0441\u0442\u043E\u0440.
 AbstractProject.Pronoun=\u041F\u0440\u043E\u0458\u0435\u043A\u0430\u0442
@@ -132,6 +133,7 @@ Job.NOfMFailed={0} \u043E\u0434 \u043F\u043E\u0441\u043B\u0435\u0434\u045A\u0438
 Job.NoRecentBuildFailed=\u0418\u0437\u043C\u0435\u045B\u0443 \u043D\u0430\u0458\u043D\u043E\u0432\u0438\u0458\u0438\u0445 \u0438\u0437\u0433\u0440\u0430\u0434\u045A\u0430 \u043D\u0435\u043C\u0430 \u043D\u0435\u0443\u0441\u043F\u0435\u0448\u043D\u0438\u0445.
 Job.Pronoun=\u041F\u0440\u043E\u0458\u0435\u043A\u0430\u0442
 Job.minutes=\u043C\u0438\u043D.
+Job.NoRenameWhileBuilding=\u041D\u0438\u0458\u0435 \u043C\u043E\u0433\u0443\u045B\u0435 \u043F\u0440\u0435\u0438\u043C\u0435\u043D\u043E\u0432\u0430\u0442\u0438 \u0437\u0430\u0434\u0430\u0442\u0430\u043A \u0434\u043E\u043A \u0441\u0435 \u0433\u0440\u0430\u0434\u0438.
 Job.you_must_use_the_save_button_if_you_wish=\u0414\u0430 \u043F\u0440\u0435\u0438\u043C\u0435\u043D\u0443\u0458\u0442\u0435 \u0437\u0430\u0434\u0430\u0442\u0430\u043A, \u043A\u043B\u0438\u043A\u043D\u0438\u0442\u0435 \u043D\u0430 \u0434\u0443\u0433\u043C\u0435 "\u0421\u0430\u0447\u0443\u0432\u0430\u0458".
 Label.GroupOf=\u0433\u0440\u0443\u043F\u0430 {0}
 Label.InvalidLabel=\u043D\u0435\u043F\u0440\u0430\u0432\u0438\u043B\u043D\u0430 \u043B\u0430\u0431\u0435\u043B\u0430
diff --git a/core/src/main/resources/hudson/model/Messages_zh_CN.properties b/core/src/main/resources/hudson/model/Messages_zh_CN.properties
index 15f139a58b..c72c791538 100644
--- a/core/src/main/resources/hudson/model/Messages_zh_CN.properties
+++ b/core/src/main/resources/hudson/model/Messages_zh_CN.properties
@@ -56,6 +56,7 @@ Node.Mode.EXCLUSIVE=\u53EA\u5141\u8BB8\u8FD0\u884C\u7ED1\u5B9A\u5230\u8FD9\u53F0
 MyView.DisplayName=\u6211\u7684\u89C6\u56FE
 
 AbstractItem.Pronoun=\u4EFB\u52A1
+AbstractItem.NewNameInUse=\u8BE5\u547D\u540D {0} \u5DF2\u7ECF\u88AB\u5360\u7528\u3002
 
 MyViewsProperty.DisplayName=\u6211\u7684\u89C6\u56FE
 MyViewsProperty.GlobalAction.DisplayName=\u6211\u7684\u89C6\u56FE
@@ -73,3 +74,5 @@ ChoiceParameterDefinition.DisplayName=\u9009\u9879\u53C2\u6570
 ChoiceParameterDefinition.MissingChoices=\u9700\u8981\u9009\u9879\u3002
 RunParameterDefinition.DisplayName=\u8FD0\u884C\u65F6\u53C2\u6570
 PasswordParameterDefinition.DisplayName=\u5BC6\u7801\u53C2\u6570
+
+Job.NoRenameWhileBuilding=\u4E0D\u5141\u8BB8\u91CD\u547D\u540D\u6B63\u5728\u6784\u5EFA\u4E2D\u7684\u4EFB\u52A1\u3002
diff --git a/core/src/main/resources/hudson/model/Messages_zh_TW.properties b/core/src/main/resources/hudson/model/Messages_zh_TW.properties
index c2b09dfa8f..dbf2b55745 100644
--- a/core/src/main/resources/hudson/model/Messages_zh_TW.properties
+++ b/core/src/main/resources/hudson/model/Messages_zh_TW.properties
@@ -29,6 +29,7 @@ AbstractBuild.KeptBecause=\u56e0\u70ba {0} \u800c\u4fdd\u7559
 
 AbstractItem.NoSuchJobExists=\u6c92\u6709 ''{0}'' \u4f5c\u696d\u3002\u60a8\u6307\u7684\u662f ''{1}'' \u55ce?
 AbstractItem.Pronoun=\u4f5c\u696d
+AbstractItem.NewNameInUse={0} \u9019\u500b\u540d\u5b57\u5df2\u7d93\u88ab\u4f7f\u7528\u4e86\u3002
 AbstractProject.NewBuildForWorkspace=\u6311\u500b\u6642\u9593\u5efa\u7f6e\uff0c\u5c31\u80fd\u7522\u751f\u5de5\u4f5c\u5340\u3002
 AbstractProject.AwaitingBuildForWorkspace=\u7b49\u5019\u5efa\u7f6e\u7522\u51fa\u5de5\u4f5c\u5340\u3002
 AbstractProject.Pronoun=\u5c08\u6848
@@ -141,6 +142,7 @@ Job.NOfMFailed=\u6700\u8fd1 {1} \u6b21\u5efa\u7f6e\u4e2d\u6709 {0} \u6b21\u5931\
 Job.NoRecentBuildFailed=\u6700\u8fd1\u5e7e\u6b21\u5efa\u7f6e\u90fd\u6c92\u6709\u5931\u6557\u3002
 Job.Pronoun=\u5c08\u6848
 Job.minutes=\u5206
+Job.NoRenameWhileBuilding=\u4f5c\u696d\u5efa\u7f6e\u4e2d\uff0c\u7121\u6cd5\u6539\u540d\u3002
 
 Label.GroupOf={0} \u7fa4\u7d44
 Label.InvalidLabel=\u6a19\u7c64\u7121\u6548
diff --git a/core/src/main/resources/jenkins/model/RenameAction/action.jelly b/core/src/main/resources/jenkins/model/RenameAction/action.jelly
new file mode 100644
index 0000000000..d298d56503
--- /dev/null
+++ b/core/src/main/resources/jenkins/model/RenameAction/action.jelly
@@ -0,0 +1,31 @@
+<!--
+The MIT License
+
+Copyright 2018 CloudBees, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:s="/lib/form">
+    <!-- TODO: Should use permission attribute after JENKINS-18649 -->
+    <j:if test="${it.hasPermission(it.CONFIGURE) or (it.parent.hasPermission(it.CREATE) and it.hasPermission(it.DELETE))}">
+      <l:task href="${url}/confirm-rename" icon="icon-notepad icon-md" enabled="${it.nameEditable}" title="${%Rename}"/>
+    </j:if>
+</j:jelly>
diff --git a/test/src/test/java/hudson/model/AbstractItemTest.java b/test/src/test/java/hudson/model/AbstractItemTest.java
index 267f8f3524..8f21cad726 100644
--- a/test/src/test/java/hudson/model/AbstractItemTest.java
+++ b/test/src/test/java/hudson/model/AbstractItemTest.java
@@ -1,12 +1,31 @@
 package hudson.model;
 
+import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
+import com.gargoylesoftware.htmlunit.HttpMethod;
+import com.gargoylesoftware.htmlunit.WebRequest;
+import com.gargoylesoftware.htmlunit.util.NameValuePair;
+import hudson.security.ACL;
+import hudson.security.ACLContext;
+import hudson.security.AccessDeniedException2;
+import hudson.util.FormValidation;
 import java.io.File;
+import java.net.URL;
+import java.util.Arrays;
 import jenkins.model.Jenkins;
+import jenkins.model.ProjectNamingStrategy;
 import org.apache.commons.io.FileUtils;
-import static org.junit.Assert.*;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.JenkinsRule.WebClient;
+import org.jvnet.hudson.test.MockAuthorizationStrategy;
+import org.jvnet.hudson.test.SleepBuilder;
+
+import static org.hamcrest.Matchers.equalTo;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotEquals;
+import static org.junit.Assert.assertThat;
+import static org.junit.Assert.fail;
 
 public class AbstractItemTest {
 
@@ -40,4 +59,87 @@ public class AbstractItemTest {
         assertEquals(b.getDescription(), b2.getDescription()); // but should have the same properties
     }
 
+    @Test
+    public void checkRenameValidity() throws Exception {
+        FreeStyleProject p = j.createFreeStyleProject("foo");
+        p.getBuildersList().add(new SleepBuilder(10));
+
+        assertThat(checkNameAndReturnError(p, ""), equalTo(Messages.Hudson_NoName()));
+        assertThat(checkNameAndReturnError(p, ".."), equalTo(Messages.Jenkins_NotAllowedName("..")));
+        assertThat(checkNameAndReturnError(p, "50%"), equalTo(Messages.Hudson_UnsafeChar('%')));
+        assertThat(checkNameAndReturnError(p, "foo"), equalTo(Messages.AbstractItem_NewNameInUse("foo")));
+
+        j.jenkins.setProjectNamingStrategy(new ProjectNamingStrategy.PatternProjectNamingStrategy("bar", "", false));
+        assertThat(checkNameAndReturnError(p, "foo1"), equalTo(jenkins.model.Messages.Hudson_JobNameConventionNotApplyed("foo1", "bar")));
+
+        p.scheduleBuild2(0).waitForStart();
+        assertThat(checkNameAndReturnError(p, "bar"), equalTo(Messages.Job_NoRenameWhileBuilding()));
+    }
+
+    @Test
+    public void checkRenamePermissions() throws Exception {
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        MockAuthorizationStrategy mas = new MockAuthorizationStrategy();
+        mas.grant(Item.CONFIGURE).everywhere().to("alice", "bob");
+        mas.grant(Item.READ).everywhere().to("alice");
+        j.jenkins.setAuthorizationStrategy(mas);
+        FreeStyleProject p = j.createFreeStyleProject("foo");
+
+        try (ACLContext unused = ACL.as(User.getById("alice", true))) {
+            assertThat(checkNameAndReturnError(p, "foo"), equalTo(Messages.AbstractItem_NewNameInUse("foo")));
+        }
+        try (ACLContext unused = ACL.as(User.getById("bob", true))) {
+            assertThat(checkNameAndReturnError(p, "foo"), equalTo(Messages.Jenkins_NotAllowedName("foo")));
+        }
+        try (ACLContext unused = ACL.as(User.getById("carol", true))) {
+            try {
+                p.doCheckNewName("foo");
+                fail("Expecting AccessDeniedException");
+            } catch (AccessDeniedException2 e) {
+                assertThat(e.permission, equalTo(Item.CREATE));
+            }
+        }
+    }
+
+    @Test
+    public void renameViaRestApi() throws Exception {
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        MockAuthorizationStrategy mas = new MockAuthorizationStrategy();
+        mas.grant(Item.READ, Jenkins.READ).everywhere().to("alice", "bob");
+        mas.grant(Item.CONFIGURE).everywhere().to("alice");
+        j.jenkins.setAuthorizationStrategy(mas);
+        FreeStyleProject p = j.createFreeStyleProject("foo");
+
+        WebClient w = j.createWebClient();
+        WebRequest wr = new WebRequest(w.createCrumbedUrl(p.getUrl() + "confirmRename"), HttpMethod.POST);
+        wr.setRequestParameters(Arrays.asList(new NameValuePair("newName", "bar")));
+        w.login("alice", "alice");
+        assertThat(getPath(w.getPage(wr).getUrl()), equalTo(p.getUrl()));
+        assertThat(p.getName(), equalTo("bar"));
+
+        wr = new WebRequest(w.createCrumbedUrl(p.getUrl() + "confirmRename"), HttpMethod.POST);
+        wr.setRequestParameters(Arrays.asList(new NameValuePair("newName", "baz")));
+        w.login("bob", "bob");
+        try {
+            assertThat(getPath(w.getPage(wr).getUrl()), equalTo(p.getUrl()));
+            fail("Expecting HTTP 403 Forbidden");
+        } catch (FailingHttpStatusCodeException e) {
+            assertThat(e.getStatusCode(), equalTo(403));
+        }
+        assertThat(p.getName(), equalTo("bar"));
+    }
+
+    private String checkNameAndReturnError(AbstractItem i, String newName) {
+        FormValidation fv = i.doCheckNewName(newName);
+        if (FormValidation.Kind.OK.equals(fv.kind)) {
+            throw new AssertionError("Expecting Failure");
+        } else {
+            return fv.getMessage();
+        }
+    }
+
+    private String getPath(URL u) {
+        return u.getPath().substring(j.contextPath.length() + 1);
+    }
+
 }
diff --git a/test/src/test/java/hudson/model/JobTest.java b/test/src/test/java/hudson/model/JobTest.java
index 58e14cdd33..922e7821b6 100644
--- a/test/src/test/java/hudson/model/JobTest.java
+++ b/test/src/test/java/hudson/model/JobTest.java
@@ -415,27 +415,27 @@ public class JobTest {
     @Issue("JENKINS-30502")
     @Test
     public void testRenameTrimsLeadingSpace() throws Exception {
-        tryRename("myJob1", " foo", "foo", false);
+        tryRename("myJob1", " foo", "foo");
     }
 
     @Issue("JENKINS-30502")
     @Test
     public void testRenameTrimsTrailingSpace() throws Exception {
-        tryRename("myJob2", "foo ", "foo", false);
+        tryRename("myJob2", "foo ", "foo");
     }
 
     @Issue("JENKINS-30502")
     @Test
     public void testAllowTrimmingByUser() throws Exception {
         assumeFalse("Unix-only test.", Functions.isWindows());
-        tryRename("myJob3 ", "myJob3", "myJob3", false);
+        tryRename("myJob3 ", "myJob3", "myJob3");
     }
 
     @Issue("JENKINS-30502")
     @Test
     public void testRenameWithLeadingSpaceTrimsLeadingSpace() throws Exception {
         assumeFalse("Unix-only test.", Functions.isWindows());
-        tryRename(" myJob4", " foo", "foo", false);
+        tryRename(" myJob4", " foo", "foo");
     }
 
     @Issue("JENKINS-30502")
@@ -443,7 +443,7 @@ public class JobTest {
     public void testRenameWithLeadingSpaceTrimsTrailingSpace()
             throws Exception {
         assumeFalse("Unix-only test.", Functions.isWindows());
-        tryRename(" myJob5", "foo ", "foo", false);
+        tryRename(" myJob5", "foo ", "foo");
     }
 
     @Issue("JENKINS-30502")
@@ -451,7 +451,7 @@ public class JobTest {
     public void testRenameWithTrailingSpaceTrimsTrailingSpace()
             throws Exception {
         assumeFalse("Unix-only test.", Functions.isWindows());
-        tryRename("myJob6 ", "foo ", "foo", false);
+        tryRename("myJob6 ", "foo ", "foo");
     }
 
     @Issue("JENKINS-30502")
@@ -459,14 +459,7 @@ public class JobTest {
     public void testRenameWithTrailingSpaceTrimsLeadingSpace()
             throws Exception {
         assumeFalse("Unix-only test.", Functions.isWindows());
-        tryRename("myJob7 ", " foo", "foo", false);
-    }
-
-    @Issue("JENKINS-30502")
-    @Test
-    public void testDoNotAutoTrimExistingUntrimmedNames() throws Exception {
-        assumeFalse("Unix-only test.", Functions.isWindows());
-        tryRename("myJob8 ", "myJob8 ", null, true);
+        tryRename("myJob7 ", " foo", "foo");
     }
 
     @Issue("JENKINS-35160")
@@ -492,24 +485,17 @@ public class JobTest {
     }
 
     private void tryRename(String initialName, String submittedName,
-            String correctResult, boolean shouldSkipConfirm) throws Exception {
+            String correctResult) throws Exception {
         j.jenkins.setCrumbIssuer(null);
 
         FreeStyleProject job = j.createFreeStyleProject(initialName);
         WebClient wc = j.createWebClient();
-        HtmlForm form = wc.getPage(job, "configure").getFormByName("config");
-        form.getInputByName("name").setValueAttribute(submittedName);
+        HtmlForm form = wc.getPage(job, "confirm-rename").getFormByName("config");
+        form.getInputByName("newName").setValueAttribute(submittedName);
         HtmlPage resultPage = j.submit(form);
 
-        String urlTemplate;
-        if (shouldSkipConfirm) {
-            urlTemplate = "/job/{0}/";
-        } else {
-            urlTemplate = "/job/{0}/rename?newName={1}";
-        }
-
         String urlString = MessageFormat.format(
-                urlTemplate, initialName, correctResult).replace(" ", "%20");
+                "/job/{0}/", correctResult).replace(" ", "%20");
 
         assertThat(resultPage.getUrl().toString(), endsWith(urlString));
     }
-- 
GitLab


From d9e1f383eae0fc4c303bc3d9a4cb5edcdf81dbfd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zden=C4=9Bk=20Soukup?= <soukup.z@email.cz>
Date: Sun, 4 Mar 2018 02:35:34 +0100
Subject: [PATCH 165/863] [JENKINS-43581] - Create new custom tool button
 should be on top (#2926)

* [JENKINS-43581] Create new custom tool button should be on top

* * [JENKINS-43581] Create new custom tool button should be on top

* * [JENKINS-43581] Create new custom tool button should be on top

* * [JENKINS-43581] Create new custom tool button should be on top
---
 .../tools/ToolInstallation/global.jelly       |   2 +-
 .../main/resources/lib/form/repeatable.jelly  |  13 +-
 .../lib/form/repeatable/repeatable.js         |  71 +++++-
 .../lib/form/repeatableProperty.jelly         |   8 +-
 .../test/java/lib/form/RepeatableTest.java    | 228 +++++++++++++++---
 .../testNestedRadioTopButton.jelly            |  54 +++++
 .../RepeatableTest/testNestedTopButton.jelly  |  55 +++++
 .../testNestedTopButtonInner.jelly            |  55 +++++
 .../testNestedTopButtonOuter.jelly            |  55 +++++
 .../testSimpleWithDeleteButton.jelly          |  50 ++++
 .../testSimpleWithDeleteButtonTopButton.jelly |  49 ++++
 11 files changed, 597 insertions(+), 43 deletions(-)
 create mode 100644 test/src/test/resources/lib/form/RepeatableTest/testNestedRadioTopButton.jelly
 create mode 100644 test/src/test/resources/lib/form/RepeatableTest/testNestedTopButton.jelly
 create mode 100644 test/src/test/resources/lib/form/RepeatableTest/testNestedTopButtonInner.jelly
 create mode 100644 test/src/test/resources/lib/form/RepeatableTest/testNestedTopButtonOuter.jelly
 create mode 100644 test/src/test/resources/lib/form/RepeatableTest/testSimpleWithDeleteButton.jelly
 create mode 100644 test/src/test/resources/lib/form/RepeatableTest/testSimpleWithDeleteButtonTopButton.jelly

diff --git a/core/src/main/resources/hudson/tools/ToolInstallation/global.jelly b/core/src/main/resources/hudson/tools/ToolInstallation/global.jelly
index 11c349a26a..265662ce90 100644
--- a/core/src/main/resources/hudson/tools/ToolInstallation/global.jelly
+++ b/core/src/main/resources/hudson/tools/ToolInstallation/global.jelly
@@ -28,7 +28,7 @@ THE SOFTWARE.
       <d:tag name="section">
         <f:entry title="${%title(descriptor.displayName)}" description="${%description(descriptor.displayName)}">
           <f:repeatable name="tool" var="instance" items="${descriptor.installations}"
-                        add="${%label.add(descriptor.displayName)}" header="${descriptor.displayName}">
+                        add="${%label.add(descriptor.displayName)}" header="${descriptor.displayName}" enableTopButton="true">
             <j:set var="toolDescriptor" value="${descriptor}" /><!-- to make this descriptor accessible from properties -->
             <table width="100%">
               <st:include page="config.jelly" from="${descriptor}" class="${descriptor.clazz}"/>
diff --git a/core/src/main/resources/lib/form/repeatable.jelly b/core/src/main/resources/lib/form/repeatable.jelly
index 13b0a8f3a1..c326bd1452 100644
--- a/core/src/main/resources/lib/form/repeatable.jelly
+++ b/core/src/main/resources/lib/form/repeatable.jelly
@@ -88,6 +88,12 @@ THE SOFTWARE.
       true if the default 'add' button (that adds a new copy) shouldn't be displayed.
       When you use this attribute,
     </st:attribute>
+    <st:attribute name="enableTopButton">
+      true if a new Add button, for adding new copy of repeatable item, should be displayed above repeatable form.
+      Display of top button depends also on number of items. If there is no item, only one button is displayed. When at least one item is present, there are two
+      buttons displayed (only when enableTopButton is true). One above and one below.
+      Top button adds item on top of repeatable form. Bottom button adds item on the bottom of repeatable form.
+    </st:attribute>
     <st:attribute name="add">
       If specified, this text will replace the standard "Add" text.
     </st:attribute>
@@ -99,7 +105,7 @@ THE SOFTWARE.
       For each item, add this header.
       This also activates drag&amp;drop (where the header is a grip).
     </st:attribute>
-    <st:attributeConstraints expr="((var,items,name?)|field),varStatus?,noAddButton?,add?,minimum?,header?"/>
+    <st:attributeConstraints expr="((var,items,name?)|field),varStatus?,noAddButton?,enableTopButton?,add?,minimum?,header?"/>
   </st:documentation>
 
 
@@ -122,7 +128,7 @@ THE SOFTWARE.
     </j:otherwise>
   </j:choose>
 
-  <div class="repeated-container${!empty(header)?' with-drag-drop':''}">
+  <div class="repeated-container${!empty(header)?' with-drag-drop':''}" enableTopButton="${attrs.enableTopButton}">
     <!-- The first DIV is the master copy. -->
     <div class="repeated-chunk to-be-removed" name="${name}">
       <j:if test="${!empty(header)}"><div class="dd-handle">${header}</div></j:if>
@@ -131,6 +137,9 @@ THE SOFTWARE.
         <d:invokeBody />
       </j:scope>
     </div>
+    <j:if test="${!empty(items) and !attrs.noAddButton and attrs.enableTopButton}">
+      <input type="button" value="${attrs.add?:'%Add'}" class="repeatable-add repeatable-add-top" />
+    </j:if>
     <!-- then populate them for each item -->
     <j:forEach var="loop" varStatus="loopStatus" items="${items}">
       <div class="repeated-chunk" name="${name}">
diff --git a/core/src/main/resources/lib/form/repeatable/repeatable.js b/core/src/main/resources/lib/form/repeatable/repeatable.js
index 41a330cc9d..05f8fc3060 100644
--- a/core/src/main/resources/lib/form/repeatable/repeatable.js
+++ b/core/src/main/resources/lib/form/repeatable/repeatable.js
@@ -13,6 +13,9 @@ var repeatableSupport = {
     // block name for structured HTML
     name : null,
 
+    // enable to display add button on top
+    enableTopButton : false,
+
     withDragDrop: false,
 
     // do the initialization
@@ -24,12 +27,21 @@ var repeatableSupport = {
         master.parentNode.removeChild(master);
         this.insertionPoint = $(insertionPoint);
         this.name = master.getAttribute("name");
+        if (this.container.getAttribute("enableTopButton") == "true") {
+            this.enableTopButton = true;
+        } else {
+            this.enableTopButton = false;
+        }
         this.update();
         this.withDragDrop = initContainerDD(container);
     },
 
     // insert one more block at the insertion position
-    expand : function() {
+    expand : function(addOnTop) {
+        if (addOnTop == null) {
+            addOnTop = false;
+        }
+
         // importNode isn't supported in IE.
         // nc = document.importNode(node,true);
         var nc = $(document.createElement("div"));
@@ -37,7 +49,14 @@ var repeatableSupport = {
         nc.setOpacity(0);
         nc.setAttribute("name",this.name);
         nc.innerHTML = this.blockHTML;
-        this.insertionPoint.parentNode.insertBefore(nc, this.insertionPoint);
+        if (!addOnTop) {
+            this.insertionPoint.parentNode.insertBefore(nc, this.insertionPoint);
+        } else if (this.enableTopButton) {
+            var children = $(this.container).childElements().findAll(function (n) {
+                return n.hasClassName("repeated-chunk");
+            });
+            this.container.insertBefore(nc, children[0]);
+        }
         if (this.withDragDrop) prepareDD(nc);
 
         new YAHOO.util.Anim(nc, {
@@ -55,15 +74,38 @@ var repeatableSupport = {
         });
 
         if(children.length==0) {
-            // noop
-        } else
-        if(children.length==1) {
-            children[0].className = "repeated-chunk first last only";
+            var addButtonElements = $(this.container).childElements().findAll(function (b) {
+                return b.hasClassName("repeatable-add");
+            });
+
+            if (addButtonElements.length == 2) {
+                var buttonElement = addButtonElements[0];
+                var parentOfButton = buttonElement.parentNode;
+                parentOfButton.removeChild(buttonElement);
+            }
         } else {
-            children[0].className = "repeated-chunk first";
-            for(var i=1; i<children.length-1; i++)
-                children[i].className = "repeated-chunk middle";
-            children[children.length-1].className = "repeated-chunk last";
+            if (children.length == 1) {
+                var addButtonElements = $(this.container).childElements().findAll(function (b) {
+                    return b.hasClassName("repeatable-add");
+                });
+
+                if (addButtonElements.length == 1 && this.enableTopButton) {
+                    var buttonElement = addButtonElements[0];
+                    var parentOfButton = buttonElement.parentNode;
+                    var addTopButton = document.createElement('input');
+                    addTopButton.type = 'button';
+                    addTopButton.value = buttonElement.textContent || buttonElement.innerText;
+                    addTopButton.className = 'repeatable-add repeatable-add-top';
+                    parentOfButton.insertBefore(addTopButton, parentOfButton.firstChild);
+                    Behaviour.applySubtree(addTopButton, true);
+                }
+                children[0].className = "repeated-chunk first last only";
+            } else {
+                children[0].className = "repeated-chunk first";
+                for (var i = 1; i < children.length - 1; i++)
+                    children[i].className = "repeated-chunk middle";
+                children[children.length - 1].className = "repeated-chunk last";
+            }
         }
     },
 
@@ -87,9 +129,14 @@ var repeatableSupport = {
 
     // called when 'add' button is clicked
     onAdd : function(n) {
-        while(n.tag==null)
+        var addOnTop = false;
+        while (n.tag == null) {
             n = n.parentNode;
-        n.tag.expand();
+            if (n.hasClassName("repeatable-add-top")) {
+                addOnTop = true;
+            }
+        }
+        n.tag.expand(addOnTop);
         // Hack to hide tool home when a new tool has some installers.
         var inputs = n.getElementsByTagName('INPUT');
         for (var i = 0; i < inputs.length; i++) {
diff --git a/core/src/main/resources/lib/form/repeatableProperty.jelly b/core/src/main/resources/lib/form/repeatableProperty.jelly
index 955f144348..bceab6d2f6 100644
--- a/core/src/main/resources/lib/form/repeatableProperty.jelly
+++ b/core/src/main/resources/lib/form/repeatableProperty.jelly
@@ -47,6 +47,12 @@ THE SOFTWARE.
       true if the default 'add' button (that adds a new copy) shouldn't be displayed.
       When you use this attribute,
     </st:attribute>
+    <st:attribute name="enableTopButton">
+      true if a new Add button, for adding new copy of repeatable item, should be displayed above repeatable form.
+      Display of top button depends also on number of items. If there is no item, only one button is displayed. When at least one item is present, there are two
+      buttons displayed (only when enableTopButton is true). One above and one below.
+      Top button adds item on top of repeatable form. Bottom button adds item on the bottom of repeatable form.
+    </st:attribute>
     <st:attribute name="add">
       If specified, this text will replace the standard "Add" text.
     </st:attribute>
@@ -61,7 +67,7 @@ THE SOFTWARE.
   </st:documentation>
 
 
-  <f:repeatable field="${attrs.field}" default="${attrs.default}" noAddButton="${attrs.noAddButton}" header="${attrs.header}" add="${attrs.add}">
+  <f:repeatable field="${attrs.field}" default="${attrs.default}" noAddButton="${attrs.noAddButton}" header="${attrs.header}" add="${attrs.add}" enableTopButton="${attrs.enableTopButton}">
     <table style="width:100%">
       <st:include page="config.jelly" class="${descriptor.clazz}" />
       <d:invokeBody/>
diff --git a/test/src/test/java/lib/form/RepeatableTest.java b/test/src/test/java/lib/form/RepeatableTest.java
index 353ae65792..2d1d8bd196 100644
--- a/test/src/test/java/lib/form/RepeatableTest.java
+++ b/test/src/test/java/lib/form/RepeatableTest.java
@@ -24,6 +24,7 @@
 package lib.form;
 
 import com.gargoylesoftware.htmlunit.ElementNotFoundException;
+import com.gargoylesoftware.htmlunit.html.HtmlButton;
 import com.gargoylesoftware.htmlunit.html.HtmlFormUtil;
 import com.gargoylesoftware.htmlunit.html.HtmlPage;
 import com.gargoylesoftware.htmlunit.html.HtmlForm;
@@ -65,26 +66,63 @@ public class RepeatableTest extends HudsonTestCase {
 
     // ========================================================================
 
-    private void doTestSimple() throws Exception {
-        HtmlPage p = createWebClient().goTo("self/testSimple");
-        HtmlForm f = p.getFormByName("config");
-        HtmlFormUtil.getButtonByCaption(f, "Add").click();
+    private void doTestSimple(HtmlForm f) throws Exception {
         f.getInputByValue("").setValueAttribute("value one");
-        HtmlFormUtil.getButtonByCaption(f, "Add").click();
+        getHtmlButton(f, "Add", false).click();
         f.getInputByValue("").setValueAttribute("value two");
-        HtmlFormUtil.getButtonByCaption(f, "Add").click();
+        getHtmlButton(f, "Add", false).click();
         f.getInputByValue("").setValueAttribute("value three");
         f.getInputsByName("bool").get(2).click();
         submit(f);
     }
 
     public void testSimple() throws Exception {
-        doTestSimple();
+        HtmlPage p = createWebClient().goTo("self/testSimple");
+        HtmlForm f = p.getFormByName("config");
+        getHtmlButton(f, "Add", true).click();
+        doTestSimple(f);
+
         assertEqualsJsonArray("[{\"bool\":false,\"txt\":\"value one\"},"
             + "{\"bool\":false,\"txt\":\"value two\"},{\"bool\":true,\"txt\":\"value three\"}]",
             formData.get("foos"));
     }
 
+    /**
+     * Test count of buttons in form
+     *
+     * @throws Exception
+     */
+    public void testSimpleCheckNumberOfButtons() throws Exception {
+        HtmlPage p = createWebClient().goTo("self/testSimpleWithDeleteButton");
+        HtmlForm f = p.getFormByName("config");
+        String buttonCaption = "Add";
+        assertEquals(1, getButtonsList(f, buttonCaption).size());
+        getHtmlButton(f, buttonCaption, true).click(); // click Add button
+        waitForJavaScript(p);
+        assertEquals(1, getButtonsList(f, buttonCaption).size()); // check that second Add button is not present
+        getHtmlButton(f, "Delete", true).click(); // click Delete button
+        waitForJavaScript(p);
+        assertEquals(1, getButtonsList(f, buttonCaption).size()); // check that only one Add button is in form
+    }
+    
+    /**
+     * Test count of buttons in form
+     *
+     * @throws Exception
+     */
+    public void testSimpleCheckNumberOfButtonsEnabledTopButton() throws Exception {
+        HtmlPage p = createWebClient().goTo("self/testSimpleWithDeleteButtonTopButton");
+        HtmlForm f = p.getFormByName("config");
+        String buttonCaption = "Add";
+        assertEquals(1, getButtonsList(f, buttonCaption).size());
+        getHtmlButton(f, buttonCaption, true).click(); // click Add button
+        waitForJavaScript(p);
+        assertEquals(2, getButtonsList(f, buttonCaption).size()); // check that second Add button was added into form
+        getHtmlButton(f, "Delete", true).click(); // click Delete button
+        waitForJavaScript(p);
+        assertEquals(1, getButtonsList(f, buttonCaption).size()); // check that only one Add button is in form
+    }
+
     // ========================================================================
 
     public static class Foo {
@@ -102,7 +140,10 @@ public class RepeatableTest extends HudsonTestCase {
 
     public void testSimple_ExistingData() throws Exception {
         addData();
-        doTestSimple();
+        HtmlPage p = createWebClient().goTo("self/testSimple");
+        HtmlForm f = p.getFormByName("config");
+        getHtmlButton(f, "Add", false).click();
+        doTestSimple(f);
         assertEqualsJsonArray("[{\"bool\":true,\"txt\":\"existing one\"},"
             + "{\"bool\":false,\"txt\":\"existing two\"},{\"bool\":true,\"txt\":\"value one\"},"
             + "{\"bool\":false,\"txt\":\"value two\"},{\"bool\":false,\"txt\":\"value three\"}]",
@@ -201,10 +242,10 @@ public class RepeatableTest extends HudsonTestCase {
     public void testRadio() throws Exception {
         HtmlPage p = createWebClient().goTo("self/testRadio");
         HtmlForm f = p.getFormByName("config");
-        HtmlFormUtil.getButtonByCaption(f, "Add").click();
+        getHtmlButton(f, "Add", true).click();
         f.getInputByValue("").setValueAttribute("txt one");
         f.getElementsByAttribute("INPUT", "type", "radio").get(1).click();
-        HtmlFormUtil.getButtonByCaption(f, "Add").click();
+        getHtmlButton(f, "Add", false).click();
         f.getInputByValue("").setValueAttribute("txt two");
         f.getElementsByAttribute("INPUT", "type", "radio").get(3).click();
         submit(f);
@@ -224,7 +265,7 @@ public class RepeatableTest extends HudsonTestCase {
         list.add(new FooRadio("three", "one"));
         HtmlPage p = createWebClient().goTo("self/testRadio");
         HtmlForm f = p.getFormByName("config");
-        HtmlFormUtil.getButtonByCaption(f, "Add").click();
+        getHtmlButton(f, "Add", false).click();
         f.getInputByValue("").setValueAttribute("txt 4");
         f.getElementsByAttribute("INPUT", "type", "radio").get(7).click();
         submit(f);
@@ -238,12 +279,12 @@ public class RepeatableTest extends HudsonTestCase {
     public void testRadioBlock() throws Exception {
         HtmlPage p = createWebClient().goTo("self/testRadioBlock");
         HtmlForm f = p.getFormByName("config");
-        HtmlFormUtil.getButtonByCaption(f, "Add").click();
+        getHtmlButton(f, "Add", true).click();
         f.getInputByValue("").setValueAttribute("txt one");
         f.getInputByValue("").setValueAttribute("avalue do not send");
         f.getElementsByAttribute("INPUT", "type", "radio").get(1).click();
         f.getInputByValue("").setValueAttribute("bvalue");
-        HtmlFormUtil.getButtonByCaption(f, "Add").click();
+        getHtmlButton(f, "Add", false).click();
         f.getInputByValue("").setValueAttribute("txt two");
         f.getElementsByAttribute("INPUT", "type", "radio").get(2).click();
         f.getInputByValue("").setValueAttribute("avalue two");
@@ -300,11 +341,11 @@ public class RepeatableTest extends HudsonTestCase {
     public void testDropdownList() throws Exception {
         HtmlPage p = createWebClient().goTo("self/testDropdownList");
         HtmlForm f = p.getFormByName("config");
-        HtmlFormUtil.getButtonByCaption(f, "Add").click();
+        getHtmlButton(f, "Add", true).click();
         waitForJavaScript(p);
         f.getInputByValue("").setValueAttribute("17"); // seeds
         f.getInputByValue("").setValueAttribute("pie"); // word
-        HtmlFormUtil.getButtonByCaption(f, "Add").click();
+        getHtmlButton(f, "Add", false).click();
         waitForJavaScript(p);
         // select banana in 2nd select element:
         ((HtmlSelect)f.getElementsByTagName("select").get(1)).getOption(1).click();
@@ -342,14 +383,14 @@ public class RepeatableTest extends HudsonTestCase {
         HtmlPage p = createWebClient().goTo("self/testNested");
         HtmlForm f = p.getFormByName("config");
         try {
-            clickButton(p, f, "Add");
+            clickButton(p, f, "Add", true);
             f.getInputByValue("").setValueAttribute("title one");
-            clickButton(p,f,"Add Foo");
+            clickButton(p,f,"Add Foo", true);
             f.getInputByValue("").setValueAttribute("txt one");
-            clickButton(p,f,"Add Foo");
+            clickButton(p,f,"Add Foo", false);
             f.getInputByValue("").setValueAttribute("txt two");
             f.getInputsByName("bool").get(1).click();
-            clickButton(p, f, "Add");
+            clickButton(p, f, "Add", false);
             f.getInputByValue("").setValueAttribute("title two");
             f.getElementsByTagName("button").get(1).click(); // 2nd "Add Foo" button
             f.getInputByValue("").setValueAttribute("txt 2.1");
@@ -363,8 +404,86 @@ public class RepeatableTest extends HudsonTestCase {
                      + "FooList:title two:[foo:txt 2.1:false]]", bindResult.toString());
     }
 
-    private void clickButton(HtmlPage p, HtmlForm f, String caption) throws IOException {
-        HtmlFormUtil.getButtonByCaption(f, caption).click();
+    /** Tests nested repeatable and use of @DataBoundConstructor to process formData */
+    public void testNestedEnabledTopButton() throws Exception {
+        HtmlPage p = createWebClient().goTo("self/testNestedTopButton");
+        HtmlForm f = p.getFormByName("config");
+        try {
+            clickButton(p, f, "Add", true);
+            f.getInputByValue("").setValueAttribute("title one");
+            clickButton(p,f,"Add Foo", true);
+            f.getInputByValue("").setValueAttribute("txt one");
+            clickButton(p,f,"Add Foo", false);
+            f.getInputByValue("").setValueAttribute("txt two");
+            f.getInputsByName("bool").get(1).click();
+            clickButton(p, f, "Add", false);
+            f.getInputByValue("").setValueAttribute("title two");
+            f.getElementsByTagName("button").get(3).click(); // 2nd "Add Foo" button
+            f.getInputByValue("").setValueAttribute("txt 2.1");
+        } catch (Exception e) {
+            System.err.println("HTML at time of failure:\n" + p.getBody().asXml());
+            throw e;
+        }
+        bindClass = FooList.class;
+        submit(f);
+        assertEquals("[FooList:title one:[foo:txt one:false,foo:txt two:true], "
+                     + "FooList:title two:[foo:txt 2.1:false]]", bindResult.toString());
+    }
+
+    /** Tests nested repeatable and use of @DataBoundConstructor to process formData */
+    public void testNestedEnabledTopButtonInner() throws Exception {
+        HtmlPage p = createWebClient().goTo("self/testNestedTopButtonInner");
+        HtmlForm f = p.getFormByName("config");
+        try {
+            clickButton(p, f, "Add", true);
+            f.getInputByValue("").setValueAttribute("title one");
+            clickButton(p,f,"Add Foo", true);
+            f.getInputByValue("").setValueAttribute("txt one");
+            clickButton(p,f,"Add Foo", false);
+            f.getInputByValue("").setValueAttribute("txt two");
+            f.getInputsByName("bool").get(1).click();
+            clickButton(p, f, "Add", false);
+            f.getInputByValue("").setValueAttribute("title two");
+            f.getElementsByTagName("button").get(2).click(); // 2nd "Add Foo" button
+            f.getInputByValue("").setValueAttribute("txt 2.1");
+        } catch (Exception e) {
+            System.err.println("HTML at time of failure:\n" + p.getBody().asXml());
+            throw e;
+        }
+        bindClass = FooList.class;
+        submit(f);
+        assertEquals("[FooList:title one:[foo:txt one:false,foo:txt two:true], "
+                     + "FooList:title two:[foo:txt 2.1:false]]", bindResult.toString());
+    }
+
+    /** Tests nested repeatable and use of @DataBoundConstructor to process formData */
+    public void testNestedEnabledTopButtonOuter() throws Exception {
+        HtmlPage p = createWebClient().goTo("self/testNestedTopButtonOuter");
+        HtmlForm f = p.getFormByName("config");
+        try {
+            clickButton(p, f, "Add", true);
+            f.getInputByValue("").setValueAttribute("title one");
+            clickButton(p,f,"Add Foo", true);
+            f.getInputByValue("").setValueAttribute("txt one");
+            clickButton(p,f,"Add Foo", false);
+            f.getInputByValue("").setValueAttribute("txt two");
+            f.getInputsByName("bool").get(1).click();
+            clickButton(p, f, "Add", false);
+            f.getInputByValue("").setValueAttribute("title two");
+            f.getElementsByTagName("button").get(2).click(); // 2nd "Add Foo" button
+            f.getInputByValue("").setValueAttribute("txt 2.1");
+        } catch (Exception e) {
+            System.err.println("HTML at time of failure:\n" + p.getBody().asXml());
+            throw e;
+        }
+        bindClass = FooList.class;
+        submit(f);
+        assertEquals("[FooList:title one:[foo:txt one:false,foo:txt two:true], "
+                     + "FooList:title two:[foo:txt 2.1:false]]", bindResult.toString());
+    }
+
+    private void clickButton(HtmlPage p, HtmlForm f, String caption, boolean isTopButton) throws IOException {
+        getHtmlButton(f, caption, isTopButton).click();
         waitForJavaScript(p);
     }
 
@@ -372,13 +491,11 @@ public class RepeatableTest extends HudsonTestCase {
         HtmlPage p = createWebClient().goTo("self/testNestedRadio");
         HtmlForm f = p.getFormByName("config");
         try {
-            clickButton(p, f, "Add");
+            clickButton(p, f, "Add", true);
             f.getElementsByAttribute("input", "type", "radio").get(1).click(); // outer=two
-            HtmlFormUtil.getButtonByCaption(f, "Add Moo").click();
-            waitForJavaScript(p);
+            clickButton(p, f, "Add Moo", true);
             f.getElementsByAttribute("input", "type", "radio").get(2).click(); // inner=inone
-            HtmlFormUtil.getButtonByCaption(f, "Add").click();
-            waitForJavaScript(p);
+            clickButton(p, f, "Add", false);
             f.getElementsByAttribute("input", "type", "radio").get(4).click(); // outer=one
             Thread.sleep(500);
             f.getElementsByTagName("button").get(1).click(); // 2nd "Add Moo" button
@@ -397,6 +514,33 @@ public class RepeatableTest extends HudsonTestCase {
                 formData.get("items"));
     }
 
+    public void testNestedRadioEnabledTopButton() throws Exception {
+        HtmlPage p = createWebClient().goTo("self/testNestedRadioTopButton");
+        HtmlForm f = p.getFormByName("config");
+        try {
+            clickButton(p, f, "Add", true);
+            f.getElementsByAttribute("input", "type", "radio").get(1).click(); // outer=two
+            clickButton(p, f, "Add Moo", true);
+            f.getElementsByAttribute("input", "type", "radio").get(2).click(); // inner=inone
+            clickButton(p, f, "Add", false);
+            f.getElementsByAttribute("input", "type", "radio").get(4).click(); // outer=one
+            Thread.sleep(500);
+            f.getElementsByTagName("button").get(3).click(); // 2nd "Add Moo" button
+            waitForJavaScript(p);
+            f.getElementsByAttribute("input", "type", "radio").get(7).click(); // inner=intwo
+            f.getElementsByTagName("button").get(4).click();
+            waitForJavaScript(p);
+            f.getElementsByAttribute("input", "type", "radio").get(8).click(); // inner=inone
+        } catch (Exception e) {
+            System.err.println("HTML at time of failure:\n" + p.getBody().asXml());
+            throw e;
+        }
+        submit(f);
+        assertEqualsJsonArray("[{\"moo\":{\"inner\":\"inone\"},\"outer\":\"two\"},"
+                + "{\"moo\":[{\"inner\":\"intwo\"},{\"inner\":\"inone\"}],\"outer\":\"one\"}]",
+                formData.get("items"));
+    }
+
     private void assertEqualsJsonArray(String golden, Object jsonArray) {
         assertEquals(JSONArray.fromObject(golden),jsonArray);
     }
@@ -411,6 +555,36 @@ public class RepeatableTest extends HudsonTestCase {
      * Also see {@link #jsDebugger} at that time to see the JavaScript callstack.
      */
     private void waitForJavaScript(HtmlPage p) {
-        p.getEnclosingWindow().getJobManager().waitForJobsStartingBefore(50);
+        p.getEnclosingWindow().getJobManager().waitForJobsStartingBefore(500);
+    }
+
+    /**
+     * Get one of HTML button from a form
+     *
+     * @param form form element
+     * @param buttonCaption button caption you are looking for
+     * @param isTopButton true to get top (first) Add button (buttonCaption) - adds form block
+     * on top of a form, false to get second Add button - adds form block on
+     * bottom of a form
+     * if there is only one button, it will be returned
+     * @return HTMLButton - one of Add buttons
+     */
+    private HtmlButton getHtmlButton(HtmlForm form, String buttonCaption, boolean isTopButton) {
+        List<?> buttons = getButtonsList(form, buttonCaption);
+        if (buttons.size() == 1) {
+            return (HtmlButton) buttons.get(0);
+        }
+        return (HtmlButton) buttons.get(isTopButton ? 0 : 1);
     }
+
+    /**
+     *
+     * @param form form element
+     * @param buttonCaption button caption you are looking for
+     * @return list of buttons
+     */
+    private List<?> getButtonsList(HtmlForm form, String buttonCaption) {
+        return form.getByXPath("//button[text() = '" + buttonCaption + "']");
+    }
+
 }
\ No newline at end of file
diff --git a/test/src/test/resources/lib/form/RepeatableTest/testNestedRadioTopButton.jelly b/test/src/test/resources/lib/form/RepeatableTest/testNestedRadioTopButton.jelly
new file mode 100644
index 0000000000..7333da4e24
--- /dev/null
+++ b/test/src/test/resources/lib/form/RepeatableTest/testNestedRadioTopButton.jelly
@@ -0,0 +1,54 @@
+<!--
+The MIT License
+
+Copyright (c) 2017 Zdenek Soukup
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
+<l:layout title="Testing radio block in repeatable">
+  <l:main-panel>
+    <f:form method="post" name="config" action="submitTest">
+      <f:repeatable var="item" items="${it.list}" name="items" enableTopButton="true">
+        <table>
+          <f:entry>
+            <f:radio name="outer" value="one"/> One
+            <f:radio name="outer" value="two"/> Two
+          </f:entry>
+          <f:nested>
+            <f:repeatable var="moo" items="${item.list}" add="Add Moo" enableTopButton="true">
+              <table>
+                <f:entry>
+                  <f:radio name="inner" value="inone"/>
+                  <f:radio name="inner" value="intwo"/>
+                </f:entry>
+              </table>
+            </f:repeatable>
+          </f:nested>
+        </table>
+      </f:repeatable>
+      <f:entry>
+        <f:submit value="submit"/>
+      </f:entry>
+    </f:form>
+  </l:main-panel>
+</l:layout>
+</j:jelly>
\ No newline at end of file
diff --git a/test/src/test/resources/lib/form/RepeatableTest/testNestedTopButton.jelly b/test/src/test/resources/lib/form/RepeatableTest/testNestedTopButton.jelly
new file mode 100644
index 0000000000..1212e8d54b
--- /dev/null
+++ b/test/src/test/resources/lib/form/RepeatableTest/testNestedTopButton.jelly
@@ -0,0 +1,55 @@
+<!--
+The MIT License
+
+Copyright (c) 2017 Zdenek Soukup
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
+<l:layout title="Testing radio block in repeatable">
+  <l:main-panel>
+    <f:form method="post" name="config" action="submitTest">
+      <f:repeatable var="item" items="${it.list}" name="items" enableTopButton="true">
+        <table>
+          <f:entry>
+            <f:textbox name="title" value="${item.title}"/>
+          </f:entry>
+          <f:nested>
+            <f:repeatable var="foo" items="${item.list}" add="Add Foo" enableTopButton="true">
+              <table>
+                <f:entry>
+                  <f:textbox name="txt" value="${foo.txt}"/>
+                </f:entry>
+                <f:entry>
+                  <f:checkbox name="bool" checked="${foo.bool}"/>
+                </f:entry>
+              </table>
+            </f:repeatable>
+          </f:nested>
+        </table>
+      </f:repeatable>
+      <f:entry>
+        <f:submit value="submit"/>
+      </f:entry>
+    </f:form>
+  </l:main-panel>
+</l:layout>
+</j:jelly>
\ No newline at end of file
diff --git a/test/src/test/resources/lib/form/RepeatableTest/testNestedTopButtonInner.jelly b/test/src/test/resources/lib/form/RepeatableTest/testNestedTopButtonInner.jelly
new file mode 100644
index 0000000000..781dc56dc2
--- /dev/null
+++ b/test/src/test/resources/lib/form/RepeatableTest/testNestedTopButtonInner.jelly
@@ -0,0 +1,55 @@
+<!--
+The MIT License
+
+Copyright (c) 2017 Zdenek Soukup
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
+<l:layout title="Testing radio block in repeatable">
+  <l:main-panel>
+    <f:form method="post" name="config" action="submitTest">
+      <f:repeatable var="item" items="${it.list}" name="items" enableTopButton="false">
+        <table>
+          <f:entry>
+            <f:textbox name="title" value="${item.title}"/>
+          </f:entry>
+          <f:nested>
+            <f:repeatable var="foo" items="${item.list}" add="Add Foo" enableTopButton="true">
+              <table>
+                <f:entry>
+                  <f:textbox name="txt" value="${foo.txt}"/>
+                </f:entry>
+                <f:entry>
+                  <f:checkbox name="bool" checked="${foo.bool}"/>
+                </f:entry>
+              </table>
+            </f:repeatable>
+          </f:nested>
+        </table>
+      </f:repeatable>
+      <f:entry>
+        <f:submit value="submit"/>
+      </f:entry>
+    </f:form>
+  </l:main-panel>
+</l:layout>
+</j:jelly>
\ No newline at end of file
diff --git a/test/src/test/resources/lib/form/RepeatableTest/testNestedTopButtonOuter.jelly b/test/src/test/resources/lib/form/RepeatableTest/testNestedTopButtonOuter.jelly
new file mode 100644
index 0000000000..21ea445019
--- /dev/null
+++ b/test/src/test/resources/lib/form/RepeatableTest/testNestedTopButtonOuter.jelly
@@ -0,0 +1,55 @@
+<!--
+The MIT License
+
+Copyright (c) 2017 Zdenek Soukup
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
+<l:layout title="Testing radio block in repeatable">
+  <l:main-panel>
+    <f:form method="post" name="config" action="submitTest">
+      <f:repeatable var="item" items="${it.list}" name="items" enableTopButton="true">
+        <table>
+          <f:entry>
+            <f:textbox name="title" value="${item.title}"/>
+          </f:entry>
+          <f:nested>
+            <f:repeatable var="foo" items="${item.list}" add="Add Foo" enableTopButton="false">
+              <table>
+                <f:entry>
+                  <f:textbox name="txt" value="${foo.txt}"/>
+                </f:entry>
+                <f:entry>
+                  <f:checkbox name="bool" checked="${foo.bool}"/>
+                </f:entry>
+              </table>
+            </f:repeatable>
+          </f:nested>
+        </table>
+      </f:repeatable>
+      <f:entry>
+        <f:submit value="submit"/>
+      </f:entry>
+    </f:form>
+  </l:main-panel>
+</l:layout>
+</j:jelly>
\ No newline at end of file
diff --git a/test/src/test/resources/lib/form/RepeatableTest/testSimpleWithDeleteButton.jelly b/test/src/test/resources/lib/form/RepeatableTest/testSimpleWithDeleteButton.jelly
new file mode 100644
index 0000000000..1d1c0d64d8
--- /dev/null
+++ b/test/src/test/resources/lib/form/RepeatableTest/testSimpleWithDeleteButton.jelly
@@ -0,0 +1,50 @@
+<!--
+The MIT License
+
+Copyright (c) 2004-2010, Sun Microsystems, Inc., Alan Harder
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
+<l:layout title="Testing radio block in repeatable">
+  <l:main-panel>
+    <f:form method="post" name="config" action="submitTest">
+      <f:repeatable var="foo" items="${it.list}" name="foos" minimum="${it.minimum}" enableTopButton="false">
+        <table>
+          <f:entry>
+            <f:textbox name="txt" value="${foo.txt}"/>
+          </f:entry>
+          <f:entry>
+            <f:checkbox name="bool" checked="${foo.bool}"/>
+          </f:entry>
+          <f:entry>
+            <f:repeatableDeleteButton />
+          </f:entry>
+        </table>
+      </f:repeatable>
+      <f:entry>
+        <f:submit value="submit"/>
+      </f:entry>
+    </f:form>
+  </l:main-panel>
+</l:layout>
+</j:jelly>
+
diff --git a/test/src/test/resources/lib/form/RepeatableTest/testSimpleWithDeleteButtonTopButton.jelly b/test/src/test/resources/lib/form/RepeatableTest/testSimpleWithDeleteButtonTopButton.jelly
new file mode 100644
index 0000000000..48a009199f
--- /dev/null
+++ b/test/src/test/resources/lib/form/RepeatableTest/testSimpleWithDeleteButtonTopButton.jelly
@@ -0,0 +1,49 @@
+<!--
+The MIT License
+
+Copyright (c) 2017 Zdenek Soukup
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
+<l:layout title="Testing radio block in repeatable">
+  <l:main-panel>
+    <f:form method="post" name="config" action="submitTest">
+      <f:repeatable var="foo" items="${it.list}" name="foos" minimum="${it.minimum}" enableTopButton="true">
+        <table>
+          <f:entry>
+            <f:textbox name="txt" value="${foo.txt}"/>
+          </f:entry>
+          <f:entry>
+            <f:checkbox name="bool" checked="${foo.bool}"/>
+          </f:entry>
+          <f:entry>
+            <f:repeatableDeleteButton />
+          </f:entry>
+        </table>
+      </f:repeatable>
+      <f:entry>
+        <f:submit value="submit"/>
+      </f:entry>
+    </f:form>
+  </l:main-panel>
+</l:layout>
+</j:jelly>
\ No newline at end of file
-- 
GitLab


From b0c5a86addf7eb0dbf84a5469380576e155eb151 Mon Sep 17 00:00:00 2001
From: Piush <piushkumar@users.noreply.github.com>
Date: Sun, 4 Mar 2018 06:11:23 -0500
Subject: [PATCH 166/863] [JENKINS-29470] - Prevent NPE in
 AbstractProject.checkout when agent disconnects during the build (#3094)

[JENKINS-29470] - Prevent NPE in AbstractProject.checkout when agent disconnects during the build
---
 core/src/main/java/hudson/model/AbstractProject.java | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/model/AbstractProject.java b/core/src/main/java/hudson/model/AbstractProject.java
index cbade0ebac..1cb3fcfbc7 100644
--- a/core/src/main/java/hudson/model/AbstractProject.java
+++ b/core/src/main/java/hudson/model/AbstractProject.java
@@ -1198,7 +1198,12 @@ public abstract class AbstractProject<P extends AbstractProject<P,R>,R extends A
             return true;    // no SCM
 
         FilePath workspace = build.getWorkspace();
-        workspace.mkdirs();
+        if(workspace!=null){
+            workspace.mkdirs();
+        } else {
+            throw new AbortException("Cannot checkout SCM, workspace is not defined");
+        }
+
 
         boolean r = scm.checkout(build, launcher, workspace, listener, changelogFile);
         if (r) {
-- 
GitLab


From 6c3a393fa9c86ab5cfda3574c6e853f40e97c874 Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Sun, 4 Mar 2018 21:37:11 +0800
Subject: [PATCH 167/863] Change default text from 'Ok' to 'Submit'

---
 core/src/main/resources/lib/form/submit.jelly            | 2 +-
 core/src/main/resources/lib/form/submit.properties       | 2 +-
 core/src/main/resources/lib/form/submit_zh_CN.properties | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/core/src/main/resources/lib/form/submit.jelly b/core/src/main/resources/lib/form/submit.jelly
index fce6a74687..9eb6324917 100644
--- a/core/src/main/resources/lib/form/submit.jelly
+++ b/core/src/main/resources/lib/form/submit.jelly
@@ -37,5 +37,5 @@ THE SOFTWARE.
       The text of the submit button. Something like "submit", "OK", etc.
     </s:attribute>
   </s:documentation>
-  <input type="submit" name="${attrs.name ?: 'Submit'}" value="${attrs.value ?: '%OK'}" class="submit-button primary" />
+  <input type="submit" name="${attrs.name ?: 'Submit'}" value="${attrs.value ?: '%Submit'}" class="submit-button primary" />
 </j:jelly>
diff --git a/core/src/main/resources/lib/form/submit.properties b/core/src/main/resources/lib/form/submit.properties
index 00c548c367..1a9641d5a9 100644
--- a/core/src/main/resources/lib/form/submit.properties
+++ b/core/src/main/resources/lib/form/submit.properties
@@ -20,4 +20,4 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-OK=OK
+Submit=Submit
diff --git a/core/src/main/resources/lib/form/submit_zh_CN.properties b/core/src/main/resources/lib/form/submit_zh_CN.properties
index eff139048d..5bc3d54334 100644
--- a/core/src/main/resources/lib/form/submit_zh_CN.properties
+++ b/core/src/main/resources/lib/form/submit_zh_CN.properties
@@ -20,4 +20,4 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-OK=\u786e\u5b9a
+Submit=\u63D0\u4EA4
-- 
GitLab


From 63885e664d6d953364db2229e6152cd58aedde37 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 5 Mar 2018 10:03:07 -0500
Subject: [PATCH 168/863] Typo noticed by @olivergondza.

---
 core/src/main/java/jenkins/util/VirtualFile.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/jenkins/util/VirtualFile.java b/core/src/main/java/jenkins/util/VirtualFile.java
index dcd8966908..96baa4f946 100644
--- a/core/src/main/java/jenkins/util/VirtualFile.java
+++ b/core/src/main/java/jenkins/util/VirtualFile.java
@@ -87,7 +87,7 @@ import org.apache.tools.ant.types.selectors.TokenizedPattern;
  * <p>Since some implementations may in fact use external file storage,
  * callers may request optional APIs to access those services more efficiently.
  * Otherwise, for example, a plugin copying a file
- * previously saved by {@link ArtifactManager} to an external storage servuce
+ * previously saved by {@link ArtifactManager} to an external storage service
  * which tunneled a stream from {@link #open} using {@link RemoteInputStream}
  * would wind up transferring the file from the service to the Jenkins master and then on to an agent.
  * Similarly, if {@link DirectoryBrowserSupport} rendered a link to an in-Jenkins URL,
-- 
GitLab


From 9dd5bd355dc090ed217d07530b4265e259a99622 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 5 Mar 2018 11:09:11 -0500
Subject: [PATCH 169/863] Fixing serialization of InstallState.

---
 .../java/jenkins/install/InstallState.java    | 64 ++++++++++++++++---
 .../jenkins/security/ClassFilterImpl.java     |  6 +-
 2 files changed, 58 insertions(+), 12 deletions(-)

diff --git a/core/src/main/java/jenkins/install/InstallState.java b/core/src/main/java/jenkins/install/InstallState.java
index 939c45f828..943421b56d 100644
--- a/core/src/main/java/jenkins/install/InstallState.java
+++ b/core/src/main/java/jenkins/install/InstallState.java
@@ -45,16 +45,36 @@ import org.apache.commons.lang.StringUtils;
  * @author <a href="mailto:tom.fennelly@gmail.com">tom.fennelly@gmail.com</a>
  */
 public class InstallState implements ExtensionPoint {
+
+    /**
+     * Only here for XStream compatibility.
+     * @see #readResolve
+     */
+    @Deprecated
+    @SuppressWarnings("MismatchedReadAndWriteOfArray")
+    private static final InstallState[] UNUSED_INNER_CLASSES = {
+        new InstallState("UNKNOWN", false) {},
+        new InstallState("INITIAL_SETUP_COMPLETED", false) {},
+        new InstallState("CREATE_ADMIN_USER", false) {},
+        new InstallState("INITIAL_SECURITY_SETUP", false) {},
+        new InstallState("RESTART", false) {},
+        new InstallState("DOWNGRADE", false) {},
+    };
+
     /**
      * Need InstallState != NEW for tests by default
      */
     @Extension
-    public static final InstallState UNKNOWN = new InstallState("UNKNOWN", true) {
+    public static final InstallState UNKNOWN = new Unknown();
+    private static class Unknown extends InstallState {
+        Unknown() {
+            super("UNKNOWN", true);
+        }
         @Override
         public void initializeState() {
             InstallUtil.proceedToNextStateFrom(this);
         }
-    };
+    }
     
     /**
      * After any setup / restart / etc. hooks are done, states should be running
@@ -66,7 +86,11 @@ public class InstallState implements ExtensionPoint {
      * The initial set up has been completed
      */
     @Extension
-    public static final InstallState INITIAL_SETUP_COMPLETED = new InstallState("INITIAL_SETUP_COMPLETED", true) {
+    public static final InstallState INITIAL_SETUP_COMPLETED = new InitialSetupCompleted();
+    private static final class InitialSetupCompleted extends InstallState {
+        InitialSetupCompleted() {
+            super("INITIAL_SETUP_COMPLETED", true);
+        }
         public void initializeState() {
             Jenkins j = Jenkins.getInstance();
             try {
@@ -82,7 +106,11 @@ public class InstallState implements ExtensionPoint {
      * Creating an admin user for an initial Jenkins install.
      */
     @Extension
-    public static final InstallState CREATE_ADMIN_USER = new InstallState("CREATE_ADMIN_USER", false) {
+    public static final InstallState CREATE_ADMIN_USER = new CreateAdminUser();
+    private static final class CreateAdminUser extends InstallState {
+        CreateAdminUser() {
+            super("CREATE_ADMIN_USER", false);
+        }
         public void initializeState() {
             Jenkins j = Jenkins.getInstance();
             // Skip this state if not using the security defaults
@@ -104,7 +132,11 @@ public class InstallState implements ExtensionPoint {
      * Security setup for a new Jenkins install.
      */
     @Extension
-    public static final InstallState INITIAL_SECURITY_SETUP = new InstallState("INITIAL_SECURITY_SETUP", false) {
+    public static final InstallState INITIAL_SECURITY_SETUP = new InitialSecuritySetup();
+    private static final class InitialSecuritySetup extends InstallState {
+        InitialSecuritySetup() {
+            super("INITIAL_SECURITY_SETUP", false);
+        }
         public void initializeState() {
             try {
                 Jenkins.getInstance().getSetupWizard().init(true);
@@ -126,7 +158,11 @@ public class InstallState implements ExtensionPoint {
      * Restart of an existing Jenkins install.
      */
     @Extension
-    public static final InstallState RESTART = new InstallState("RESTART", true) {
+    public static final InstallState RESTART = new Restart();
+    private static final class Restart extends InstallState {
+        Restart() {
+            super("RESTART", true);
+        }
         public void initializeState() {
             InstallUtil.saveLastExecVersion();
         }
@@ -142,7 +178,11 @@ public class InstallState implements ExtensionPoint {
      * Downgrade of an existing Jenkins install.
      */
     @Extension
-    public static final InstallState DOWNGRADE = new InstallState("DOWNGRADE", true) {
+    public static final InstallState DOWNGRADE = new Downgrade();
+    private static final class Downgrade extends InstallState {
+        Downgrade() {
+            super("DOWNGRADE", true);
+        }
         public void initializeState() {
             InstallUtil.saveLastExecVersion();
         }
@@ -161,7 +201,7 @@ public class InstallState implements ExtensionPoint {
      */
     public static final InstallState DEVELOPMENT = new InstallState("DEVELOPMENT", true);
 
-    private final boolean isSetupComplete;
+    private final transient boolean isSetupComplete;
     private final String name;
 
     public InstallState(@Nonnull String name, boolean isSetupComplete) {
@@ -174,7 +214,13 @@ public class InstallState implements ExtensionPoint {
      */
     public void initializeState() {
     }
-    
+
+    /**
+     * The actual class name is irrelevant; this is functionally an enum.
+     * <p>Creating a {@code writeReplace} does not help much since XStream then just saves:
+     * {@code <installState class="jenkins.install.InstallState$CreateAdminUser" resolves-to="jenkins.install.InstallState">}
+     * @see #UNUSED_INNER_CLASSES
+     */
     public Object readResolve() {
         // If we get invalid state from the configuration, fallback to unknown
         if (StringUtils.isBlank(name)) {
diff --git a/core/src/main/java/jenkins/security/ClassFilterImpl.java b/core/src/main/java/jenkins/security/ClassFilterImpl.java
index 4311587ed6..7dddab9fdb 100644
--- a/core/src/main/java/jenkins/security/ClassFilterImpl.java
+++ b/core/src/main/java/jenkins/security/ClassFilterImpl.java
@@ -157,11 +157,11 @@ public class ClassFilterImpl extends ClassFilter {
             String location = codeSource(c);
             if (location != null) {
                 if (c.isAnonymousClass()) { // e.g., pkg.Outer$1
-                    LOGGER.warning("JENKINS-49573: attempt to serialize anonymous " + c + " in " + location);
+                    LOGGER.warning("JENKINS-49573: attempt to (de-)serialize anonymous " + c + " in " + location);
                 } else if (c.isLocalClass()) { // e.g., pkg.Outer$1Local
-                    LOGGER.warning("JENKINS-49573: attempt to serialize local " + c + " in " + location);
+                    LOGGER.warning("JENKINS-49573: attempt to (de-)serialize local " + c + " in " + location);
                 } else if (c.isSynthetic()) { // e.g., pkg.Outer$$Lambda$1/12345678
-                    LOGGER.warning("JENKINS-49573: attempt to serialize synthetic " + c + " in " + location);
+                    LOGGER.warning("JENKINS-49573: attempt to (de-)serialize synthetic " + c + " in " + location);
                 }
                 if (isLocationWhitelisted(location)) {
                     LOGGER.log(Level.FINE, "permitting {0} due to its location in {1}", new Object[] {name, location});
-- 
GitLab


From 76058c77ad2a12943377c1abb993c8ba12e87766 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 5 Mar 2018 12:12:30 -0800
Subject: [PATCH 170/863] [maven-release-plugin] prepare release jenkins-2.110

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 006f183ac1..84789c75c6 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.110-SNAPSHOT</version>
+    <version>2.110</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 6f03e81ca2..f894f6bfac 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.110-SNAPSHOT</version>
+    <version>2.110</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 5915c55d00..30c3cbd322 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.110-SNAPSHOT</version>
+  <version>2.110</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.110</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 9d17a1f4e1..293d18346b 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.110-SNAPSHOT</version>
+    <version>2.110</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index b702a914f6..55324d6b75 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.110-SNAPSHOT</version>
+    <version>2.110</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 7add30c023590fbb3529c6ff5b555317c1717d3f Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 5 Mar 2018 12:12:30 -0800
Subject: [PATCH 171/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 84789c75c6..3c380545ad 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.110</version>
+    <version>2.111-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index f894f6bfac..944d6f0afe 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.110</version>
+    <version>2.111-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 30c3cbd322..6ca04fee1b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.110</version>
+  <version>2.111-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.110</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 293d18346b..889d462bfd 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.110</version>
+    <version>2.111-SNAPSHOT</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 55324d6b75..edbe273081 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.110</version>
+    <version>2.111-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From ff34532460d2ef50eee9f82cae9d983ea5095c58 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 5 Mar 2018 17:51:17 -0500
Subject: [PATCH 172/863] [JENKINS-39495] Defend against a null serialized
 ParametersAction.parameters.

---
 core/src/main/java/hudson/model/ParametersAction.java | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/model/ParametersAction.java b/core/src/main/java/hudson/model/ParametersAction.java
index 9f57a26830..9de8ef8dcd 100644
--- a/core/src/main/java/hudson/model/ParametersAction.java
+++ b/core/src/main/java/hudson/model/ParametersAction.java
@@ -87,7 +87,7 @@ public class ParametersAction implements RunAction2, Iterable<ParameterValue>, Q
 
     private Set<String> safeParameters;
 
-    private final List<ParameterValue> parameters;
+    private @Nonnull List<ParameterValue> parameters;
 
     private List<String> parameterDefinitionNames;
 
@@ -99,7 +99,7 @@ public class ParametersAction implements RunAction2, Iterable<ParameterValue>, Q
 
     private transient Run<?, ?> run;
 
-    public ParametersAction(List<ParameterValue> parameters) {
+    public ParametersAction(@Nonnull List<ParameterValue> parameters) {
         this.parameters = new ArrayList<>(parameters);
         String paramNames = SystemProperties.getString(SAFE_PARAMETERS_SYSTEM_PROPERTY_NAME);
         safeParameters = new TreeSet<>();
@@ -284,6 +284,9 @@ public class ParametersAction implements RunAction2, Iterable<ParameterValue>, Q
     }
 
     private Object readResolve() {
+        if (parameters == null) { // JENKINS-39495
+            parameters = Collections.emptyList();
+        }
         if (build != null)
             OldDataMonitor.report(build, "1.283");
         if (safeParameters == null) {
-- 
GitLab


From 898291b2336186185e8cd9e9c45d97e2df02e9c6 Mon Sep 17 00:00:00 2001
From: kshultzCB <kshultz@cloudbees.com>
Date: Tue, 6 Mar 2018 11:40:56 -0500
Subject: [PATCH 173/863] Very small readability change to some inline help

---
 war/src/main/webapp/help/parameter/run-project.html | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/war/src/main/webapp/help/parameter/run-project.html b/war/src/main/webapp/help/parameter/run-project.html
index 239784ea32..f6cfafe128 100644
--- a/war/src/main/webapp/help/parameter/run-project.html
+++ b/war/src/main/webapp/help/parameter/run-project.html
@@ -1,6 +1,6 @@
 <div>
     Defines the job from which the user can pick runs. The last run will be the default.
-    These parameters are exposed to build as environment variables:
+    These parameters are exposed to the build as environment variables:
 <pre>
 PARAMETER_NAME=<i>&lt;jenkins_url&gt;</i>/job/<i>&lt;job_name&gt;/&lt;run_number&gt;</i>/
 PARAMETER_NAME_JOBNAME=<i>&lt;job_name&gt;</i>
@@ -8,4 +8,4 @@ PARAMETER_NAME_NUMBER=<i>&lt;run_number&gt;</i>
 PARAMETER_NAME_NAME=<i>&lt;display_name&gt;</i>
 PARAMETER_NAME_RESULT=<i>&lt;run_result&gt;</i>
 </pre>
-</div>
\ No newline at end of file
+</div>
-- 
GitLab


From 48c95f5aee999a7fbf6d30f3a1e92eabf3723a02 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 7 Mar 2018 08:48:34 -0500
Subject: [PATCH 174/863] s/JENKINS-49573/JENKINS-49795/g in messages.

---
 core/src/main/java/jenkins/security/ClassFilterImpl.java | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/jenkins/security/ClassFilterImpl.java b/core/src/main/java/jenkins/security/ClassFilterImpl.java
index 7dddab9fdb..9bf2377e4b 100644
--- a/core/src/main/java/jenkins/security/ClassFilterImpl.java
+++ b/core/src/main/java/jenkins/security/ClassFilterImpl.java
@@ -157,11 +157,11 @@ public class ClassFilterImpl extends ClassFilter {
             String location = codeSource(c);
             if (location != null) {
                 if (c.isAnonymousClass()) { // e.g., pkg.Outer$1
-                    LOGGER.warning("JENKINS-49573: attempt to (de-)serialize anonymous " + c + " in " + location);
+                    LOGGER.warning("JENKINS-49795: attempt to (de-)serialize anonymous " + c + " in " + location);
                 } else if (c.isLocalClass()) { // e.g., pkg.Outer$1Local
-                    LOGGER.warning("JENKINS-49573: attempt to (de-)serialize local " + c + " in " + location);
+                    LOGGER.warning("JENKINS-49795: attempt to (de-)serialize local " + c + " in " + location);
                 } else if (c.isSynthetic()) { // e.g., pkg.Outer$$Lambda$1/12345678
-                    LOGGER.warning("JENKINS-49573: attempt to (de-)serialize synthetic " + c + " in " + location);
+                    LOGGER.warning("JENKINS-49795: attempt to (de-)serialize synthetic " + c + " in " + location);
                 }
                 if (isLocationWhitelisted(location)) {
                     LOGGER.log(Level.FINE, "permitting {0} due to its location in {1}", new Object[] {name, location});
-- 
GitLab


From 73b16084f93e5037a4f14f0d51fdfe465eff8efe Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 7 Mar 2018 14:52:34 -0500
Subject: [PATCH 175/863] [JENKINS-49994] Warn about Remoting serialization of
 anonymous inner classes and their ilk.

---
 cli/src/main/java/hudson/cli/Connection.java  |   3 +-
 core/src/main/java/hudson/FilePath.java       | 293 +++++++++++-------
 .../hudson/console/AnnotatedLargeText.java    |   3 +-
 .../main/java/hudson/console/ConsoleNote.java |   3 +-
 .../main/java/hudson/tasks/Fingerprinter.java |  94 +++---
 .../main/java/hudson/util/ProcessTree.java    |  12 +-
 .../jenkins/security/ClassFilterImpl.java     |  13 +-
 .../JnlpSlaveRestarterInstaller.java          | 102 +++---
 pom.xml                                       |   2 +-
 9 files changed, 301 insertions(+), 224 deletions(-)

diff --git a/cli/src/main/java/hudson/cli/Connection.java b/cli/src/main/java/hudson/cli/Connection.java
index 017051a64a..eacc567a7e 100644
--- a/cli/src/main/java/hudson/cli/Connection.java
+++ b/cli/src/main/java/hudson/cli/Connection.java
@@ -55,6 +55,7 @@ import java.security.Signature;
 import java.security.interfaces.DSAPublicKey;
 import java.security.interfaces.RSAPublicKey;
 import java.security.spec.X509EncodedKeySpec;
+import org.jenkinsci.remoting.util.AnonymousClassWarnings;
 
 /**
  * Used by Jenkins core only in deprecated Remoting-based CLI.
@@ -102,7 +103,7 @@ public class Connection {
      * Sends a serializable object.
      */
     public void writeObject(Object o) throws IOException {
-        ObjectOutputStream oos = new ObjectOutputStream(out);
+        ObjectOutputStream oos = AnonymousClassWarnings.checkingObjectOutputStream(out);
         oos.writeObject(o);
         // don't close oss, which will close the underlying stream
         // no need to flush either, given the way oos is implemented
diff --git a/core/src/main/java/hudson/FilePath.java b/core/src/main/java/hudson/FilePath.java
index 8f09e2ebaa..f387df93e6 100644
--- a/core/src/main/java/hudson/FilePath.java
+++ b/core/src/main/java/hudson/FilePath.java
@@ -88,7 +88,6 @@ import java.nio.file.attribute.PosixFilePermission;
 import java.nio.file.attribute.PosixFilePermissions;
 import java.util.ArrayList;
 import java.util.Arrays;
-import java.util.Collections;
 import java.util.Comparator;
 import java.util.EnumSet;
 import java.util.Enumeration;
@@ -1105,23 +1104,28 @@ public final class FilePath implements Serializable {
      * @since 1.522
      */
     public <V> Callable<V,IOException> asCallableWith(final FileCallable<V> task) {
-        return new Callable<V,IOException>() {
-            @Override
-            public V call() throws IOException {
-                try {
-                    return act(task);
-                } catch (InterruptedException e) {
-                    throw (IOException)new InterruptedIOException().initCause(e);
-                }
+        return new CallableWith<>(task);
+    }
+    private class CallableWith<V> implements Callable<V, IOException> {
+        private final FileCallable<V> task;
+        CallableWith(FileCallable<V> task) {
+            this.task = task;
+        }
+        @Override
+        public V call() throws IOException {
+            try {
+                return act(task);
+            } catch (InterruptedException e) {
+                throw (IOException)new InterruptedIOException().initCause(e);
             }
+        }
 
-            @Override
-            public void checkRoles(RoleChecker checker) throws SecurityException {
-                task.checkRoles(checker);
-            }
+        @Override
+        public void checkRoles(RoleChecker checker) throws SecurityException {
+            task.checkRoles(checker);
+        }
 
-            private static final long serialVersionUID = 1L;
-        };
+        private static final long serialVersionUID = 1L;
     }
 
     /**
@@ -1189,13 +1193,15 @@ public final class FilePath implements Serializable {
      * Deletes this directory, including all its contents recursively.
      */
     public void deleteRecursive() throws IOException, InterruptedException {
-        act(new SecureFileCallable<Void>() {
-            private static final long serialVersionUID = 1L;
-            public Void invoke(File f, VirtualChannel channel) throws IOException {
-                deleteRecursive(deleting(f));
-                return null;
-            }
-        });
+        act(new DeleteRecursive());
+    }
+    private class DeleteRecursive extends SecureFileCallable<Void> {
+        private static final long serialVersionUID = 1L;
+        @Override
+        public Void invoke(File f, VirtualChannel channel) throws IOException {
+            deleteRecursive(deleting(f));
+            return null;
+        }
     }
 
     /**
@@ -1375,30 +1381,42 @@ public final class FilePath implements Serializable {
      */
     public FilePath createTextTempFile(final String prefix, final String suffix, final String contents, final boolean inThisDirectory) throws IOException, InterruptedException {
         try {
-            return new FilePath(channel,act(new SecureFileCallable<String>() {
-                private static final long serialVersionUID = 1L;
-                public String invoke(File dir, VirtualChannel channel) throws IOException {
-                    if(!inThisDirectory)
-                        dir = new File(System.getProperty("java.io.tmpdir"));
-                    else
-                        mkdirs(dir);
+            return new FilePath(channel, act(new CreateTextTempFile(inThisDirectory, prefix, suffix, contents)));
+        } catch (IOException e) {
+            throw new IOException("Failed to create a temp file on "+remote,e);
+        }
+    }
+    private final class CreateTextTempFile extends SecureFileCallable<String> {
+        private static final long serialVersionUID = 1L;
+        private final boolean inThisDirectory;
+        private final String prefix;
+        private final String suffix;
+        private final String contents;
+        CreateTextTempFile(boolean inThisDirectory, String prefix, String suffix, String contents) {
+            this.inThisDirectory = inThisDirectory;
+            this.prefix = prefix;
+            this.suffix = suffix;
+            this.contents = contents;
+        }
+        @Override
+        public String invoke(File dir, VirtualChannel channel) throws IOException {
+            if(!inThisDirectory)
+                dir = new File(System.getProperty("java.io.tmpdir"));
+            else
+                mkdirs(dir);
 
-                    File f;
-                    try {
-                        f = creating(File.createTempFile(prefix, suffix, dir));
-                    } catch (IOException e) {
-                        throw new IOException("Failed to create a temporary directory in "+dir,e);
-                    }
+            File f;
+            try {
+                f = creating(File.createTempFile(prefix, suffix, dir));
+            } catch (IOException e) {
+                throw new IOException("Failed to create a temporary directory in "+dir,e);
+            }
 
-                    try (Writer w = new FileWriter(writing(f))) {
-                        w.write(contents);
-                    }
+            try (Writer w = new FileWriter(writing(f))) {
+                w.write(contents);
+            }
 
-                    return f.getAbsolutePath();
-                }
-            }));
-        } catch (IOException e) {
-            throw new IOException("Failed to create a temp file on "+remote,e);
+            return f.getAbsolutePath();
         }
     }
 
@@ -1456,15 +1474,17 @@ public final class FilePath implements Serializable {
      * @return true, for a modicum of compatibility
      */
     public boolean delete() throws IOException, InterruptedException {
-        act(new SecureFileCallable<Void>() {
-            private static final long serialVersionUID = 1L;
-            public Void invoke(File f, VirtualChannel channel) throws IOException {
-                Util.deleteFile(deleting(f));
-                return null;
-            }
-        });
+        act(new Delete());
         return true;
     }
+    private class Delete extends SecureFileCallable<Void> {
+        private static final long serialVersionUID = 1L;
+        @Override
+        public Void invoke(File f, VirtualChannel channel) throws IOException {
+            Util.deleteFile(deleting(f));
+            return null;
+        }
+    }
 
     /**
      * Checks if the file exists.
@@ -1486,12 +1506,14 @@ public final class FilePath implements Serializable {
      * @see #touch(long)
      */
     public long lastModified() throws IOException, InterruptedException {
-        return act(new SecureFileCallable<Long>() {
-            private static final long serialVersionUID = 1L;
-            public Long invoke(File f, VirtualChannel channel) throws IOException {
-                return stating(f).lastModified();
-            }
-        });
+        return act(new LastModified());
+    }
+    private class LastModified extends SecureFileCallable<Long> {
+        private static final long serialVersionUID = 1L;
+        @Override
+        public Long invoke(File f, VirtualChannel channel) throws IOException {
+            return stating(f).lastModified();
+        }
     }
 
     /**
@@ -1543,12 +1565,14 @@ public final class FilePath implements Serializable {
      * Checks if the file is a directory.
      */
     public boolean isDirectory() throws IOException, InterruptedException {
-        return act(new SecureFileCallable<Boolean>() {
-            private static final long serialVersionUID = 1L;
-            public Boolean invoke(File f, VirtualChannel channel) throws IOException {
-                return stating(f).isDirectory();
-            }
-        });
+        return act(new IsDirectory());
+    }
+    private final class IsDirectory extends SecureFileCallable<Boolean> {
+        private static final long serialVersionUID = 1L;
+        @Override
+        public Boolean invoke(File f, VirtualChannel channel) throws IOException {
+            return stating(f).isDirectory();
+        }
     }
     
     /**
@@ -1626,14 +1650,20 @@ public final class FilePath implements Serializable {
      */
     public void chmod(final int mask) throws IOException, InterruptedException {
         if(!isUnix() || mask==-1)   return;
-        act(new SecureFileCallable<Void>() {
-            private static final long serialVersionUID = 1L;
-            public Void invoke(File f, VirtualChannel channel) throws IOException {
-                _chmod(writing(f), mask);
+        act(new Chmod(mask));
+    }
+    private class Chmod extends SecureFileCallable<Void> {
+        private static final long serialVersionUID = 1L;
+        private final int mask;
+        Chmod(int mask) {
+            this.mask = mask;
+        }
+        @Override
+        public Void invoke(File f, VirtualChannel channel) throws IOException {
+            _chmod(writing(f), mask);
 
-                return null;
-            }
-        });
+            return null;
+        }
     }
 
     /**
@@ -1815,25 +1845,29 @@ public final class FilePath implements Serializable {
         }
 
         final Pipe p = Pipe.createRemoteToLocal();
-        actAsync(new SecureFileCallable<Void>() {
-            private static final long serialVersionUID = 1L;
-
-            @Override
-            public Void invoke(File f, VirtualChannel channel) throws IOException, InterruptedException {
-                try (InputStream fis = Files.newInputStream(reading(f).toPath());
-                     OutputStream out = p.getOut()) {
-                    org.apache.commons.io.IOUtils.copy(fis, out);
-                } catch (InvalidPathException e) {
-                    p.error(new IOException(e));
-                } catch (Exception x) {
-                    p.error(x);
-                }
-                return null;
-            }
-        });
+        actAsync(new Read(p));
 
         return p.getIn();
     }
+    private class Read extends SecureFileCallable<Void> {
+        private static final long serialVersionUID = 1L;
+        private final Pipe p;
+        Read(Pipe p) {
+            this.p = p;
+        }
+        @Override
+        public Void invoke(File f, VirtualChannel channel) throws IOException, InterruptedException {
+            try (InputStream fis = Files.newInputStream(reading(f).toPath());
+                    OutputStream out = p.getOut()) {
+                org.apache.commons.io.IOUtils.copy(fis, out);
+            } catch (InvalidPathException e) {
+                p.error(new IOException(e));
+            } catch (Exception x) {
+                p.error(x);
+            }
+            return null;
+        }
+    }
 
     /**
      * Reads this file from the specific offset.
@@ -1955,19 +1989,27 @@ public final class FilePath implements Serializable {
      * @since 1.105
      */
     public void write(final String content, final String encoding) throws IOException, InterruptedException {
-        act(new SecureFileCallable<Void>() {
-            private static final long serialVersionUID = 1L;
-            public Void invoke(File f, VirtualChannel channel) throws IOException {
-                mkdirs(f.getParentFile());
-                try (OutputStream fos = Files.newOutputStream(writing(f).toPath());
-                     Writer w = encoding != null ? new OutputStreamWriter(fos, encoding) : new OutputStreamWriter(fos)) {
-                    w.write(content);
-                } catch (InvalidPathException e) {
-                    throw new IOException(e);
-                }
-                return null;
+        act(new Write(encoding, content));
+    }
+    private class Write extends SecureFileCallable<Void> {
+        private static final long serialVersionUID = 1L;
+        private final String encoding;
+        private final String content;
+        Write(String encoding, String content) {
+            this.encoding = encoding;
+            this.content = content;
+        }
+        @Override
+        public Void invoke(File f, VirtualChannel channel) throws IOException {
+            mkdirs(f.getParentFile());
+            try (OutputStream fos = Files.newOutputStream(writing(f).toPath());
+                    Writer w = encoding != null ? new OutputStreamWriter(fos, encoding) : new OutputStreamWriter(fos)) {
+                w.write(content);
+            } catch (InvalidPathException e) {
+                throw new IOException(e);
             }
-        });
+            return null;
+        }
     }
 
     /**
@@ -2076,24 +2118,30 @@ public final class FilePath implements Serializable {
     public void copyTo(OutputStream os) throws IOException, InterruptedException {
         final OutputStream out = new RemoteOutputStream(os);
 
-        act(new SecureFileCallable<Void>() {
-            private static final long serialVersionUID = 4088559042349254141L;
-            public Void invoke(File f, VirtualChannel channel) throws IOException {
-                try (InputStream fis = Files.newInputStream(reading(f).toPath())) {
-                    org.apache.commons.io.IOUtils.copy(fis, out);
-                    return null;
-                } catch (InvalidPathException e) {
-                    throw new IOException(e);
-                } finally {
-                    out.close();
-                }
-            }
-        });
+        act(new CopyTo(out));
 
         // make sure the writes fully got delivered to 'os' before we return.
         // this is needed because I/O operation is asynchronous
         syncIO();
     }
+    private class CopyTo extends SecureFileCallable<Void> {
+        private static final long serialVersionUID = 4088559042349254141L;
+        private final OutputStream out;
+        CopyTo(OutputStream out) {
+            this.out = out;
+        }
+        @Override
+        public Void invoke(File f, VirtualChannel channel) throws IOException {
+            try (InputStream fis = Files.newInputStream(reading(f).toPath())) {
+                org.apache.commons.io.IOUtils.copy(fis, out);
+                return null;
+            } catch (InvalidPathException e) {
+                throw new IOException(e);
+            } finally {
+                out.close();
+            }
+        }
+    }
 
     /**
      * With fix to JENKINS-11251 (remoting 2.15), this is no longer necessary.
@@ -2265,14 +2313,7 @@ public final class FilePath implements Serializable {
             // remote -> local copy
             final Pipe pipe = Pipe.createRemoteToLocal();
 
-            Future<Integer> future = actAsync(new SecureFileCallable<Integer>() {
-                private static final long serialVersionUID = 1L;
-                public Integer invoke(File f, VirtualChannel channel) throws IOException {
-                    try (OutputStream out = pipe.getOut()) {
-                        return writeToTar(f, scanner, TarCompression.GZIP.compress(out));
-                    }
-                }
-            });
+            Future<Integer> future = actAsync(new CopyRecursiveRemoteToLocal(pipe, scanner));
             try {
                 readFromTar(remote + '/' + description,new File(target.remote),TarCompression.GZIP.extract(pipe.getIn()));
             } catch (IOException e) {// BuildException or IOException
@@ -2300,7 +2341,21 @@ public final class FilePath implements Serializable {
             }
         }
     }
-
+    private class CopyRecursiveRemoteToLocal extends SecureFileCallable<Integer> {
+        private static final long serialVersionUID = 1L;
+        private final Pipe pipe;
+        private final DirScanner scanner;
+        CopyRecursiveRemoteToLocal(Pipe pipe, DirScanner scanner) {
+            this.pipe = pipe;
+            this.scanner = scanner;
+        }
+        @Override
+        public Integer invoke(File f, VirtualChannel channel) throws IOException {
+            try (OutputStream out = pipe.getOut()) {
+                return writeToTar(f, scanner, TarCompression.GZIP.compress(out));
+            }
+        }
+    }
 
     /**
      * Writes files in 'this' directory to a tar stream.
diff --git a/core/src/main/java/hudson/console/AnnotatedLargeText.java b/core/src/main/java/hudson/console/AnnotatedLargeText.java
index 897661329c..edfab781f2 100644
--- a/core/src/main/java/hudson/console/AnnotatedLargeText.java
+++ b/core/src/main/java/hudson/console/AnnotatedLargeText.java
@@ -52,6 +52,7 @@ import com.jcraft.jzlib.GZIPInputStream;
 import com.jcraft.jzlib.GZIPOutputStream;
 
 import static java.lang.Math.abs;
+import org.jenkinsci.remoting.util.AnonymousClassWarnings;
 
 /**
  * Extension to {@link LargeText} that handles annotations by {@link ConsoleAnnotator}.
@@ -169,7 +170,7 @@ public class AnnotatedLargeText<T> extends LargeText {
 
         ByteArrayOutputStream baos = new ByteArrayOutputStream();
         Cipher sym = PASSING_ANNOTATOR.encrypt();
-        ObjectOutputStream oos = new ObjectOutputStream(new GZIPOutputStream(new CipherOutputStream(baos,sym)));
+        ObjectOutputStream oos = AnonymousClassWarnings.checkingObjectOutputStream(new GZIPOutputStream(new CipherOutputStream(baos,sym)));
         oos.writeLong(System.currentTimeMillis()); // send timestamp to prevent a replay attack
         oos.writeObject(caw.getConsoleAnnotator());
         oos.close();
diff --git a/core/src/main/java/hudson/console/ConsoleNote.java b/core/src/main/java/hudson/console/ConsoleNote.java
index c0b281c6ca..165e6d9ae7 100644
--- a/core/src/main/java/hudson/console/ConsoleNote.java
+++ b/core/src/main/java/hudson/console/ConsoleNote.java
@@ -54,6 +54,7 @@ import com.jcraft.jzlib.GZIPOutputStream;
 import hudson.remoting.ClassFilter;
 import jenkins.security.HMACConfidentialKey;
 import jenkins.util.SystemProperties;
+import org.jenkinsci.remoting.util.AnonymousClassWarnings;
 
 /**
  * Data that hangs off from a console output.
@@ -180,7 +181,7 @@ public abstract class ConsoleNote<T> implements Serializable, Describable<Consol
 
     private ByteArrayOutputStream encodeToBytes() throws IOException {
         ByteArrayOutputStream buf = new ByteArrayOutputStream();
-        try (ObjectOutputStream oos = new ObjectOutputStream(new GZIPOutputStream(buf))) {
+        try (ObjectOutputStream oos = AnonymousClassWarnings.checkingObjectOutputStream(new GZIPOutputStream(buf))) {
             oos.writeObject(this);
         }
 
diff --git a/core/src/main/java/hudson/tasks/Fingerprinter.java b/core/src/main/java/hudson/tasks/Fingerprinter.java
index fb45ef9cc2..c563180e01 100644
--- a/core/src/main/java/hudson/tasks/Fingerprinter.java
+++ b/core/src/main/java/hudson/tasks/Fingerprinter.java
@@ -188,59 +188,69 @@ public class Fingerprinter extends Recorder implements Serializable, DependencyD
         }
     }
 
-    private void record(Run<?,?> build, FilePath ws, TaskListener listener, Map<String,String> record, final String targets) throws IOException, InterruptedException {
-        final class Record implements Serializable {
-            final boolean produced;
-            final String relativePath;
-            final String fileName;
-            final String md5sum;
-
-            public Record(boolean produced, String relativePath, String fileName, String md5sum) {
-                this.produced = produced;
-                this.relativePath = relativePath;
-                this.fileName = fileName;
-                this.md5sum = md5sum;
-            }
-
-            Fingerprint addRecord(Run build) throws IOException {
-                FingerprintMap map = Jenkins.getInstance().getFingerprintMap();
-                return map.getOrCreate(produced?build:null, fileName, md5sum);
-            }
+    private static final class Record implements Serializable {
+
+        final boolean produced;
+        final String relativePath;
+        final String fileName;
+        final String md5sum;
+
+        public Record(boolean produced, String relativePath, String fileName, String md5sum) {
+            this.produced = produced;
+            this.relativePath = relativePath;
+            this.fileName = fileName;
+            this.md5sum = md5sum;
+        }
 
-            private static final long serialVersionUID = 1L;
+        Fingerprint addRecord(Run build) throws IOException {
+            FingerprintMap map = Jenkins.getInstance().getFingerprintMap();
+            return map.getOrCreate(produced?build:null, fileName, md5sum);
         }
 
-        final long buildTimestamp = build.getTimeInMillis();
+        private static final long serialVersionUID = 1L;
+    }
 
-        List<Record> records = ws.act(new MasterToSlaveFileCallable<List<Record>>() {
-            public List<Record> invoke(File baseDir, VirtualChannel channel) throws IOException {
-                List<Record> results = new ArrayList<Record>();
+    private static final class FindRecords extends MasterToSlaveFileCallable<List<Record>> {
 
-                FileSet src = Util.createFileSet(baseDir,targets);
+        private final String targets;
+        private final long buildTimestamp;
 
-                DirectoryScanner ds = src.getDirectoryScanner();
-                for( String f : ds.getIncludedFiles() ) {
-                    File file = new File(baseDir,f);
+        FindRecords(String targets, long buildTimestamp) {
+            this.targets = targets;
+            this.buildTimestamp = buildTimestamp;
+        }
 
-                    // consider the file to be produced by this build only if the timestamp
-                    // is newer than when the build has started.
-                    // 2000ms is an error margin since since VFAT only retains timestamp at 2sec precision
-                    boolean produced = buildTimestamp <= file.lastModified()+2000;
+        @Override
+        public List<Record> invoke(File baseDir, VirtualChannel channel) throws IOException {
+            List<Record> results = new ArrayList<Record>();
 
-                    try {
-                        results.add(new Record(produced,f,file.getName(),new FilePath(file).digest()));
-                    } catch (IOException e) {
-                        throw new IOException(Messages.Fingerprinter_DigestFailed(file),e);
-                    } catch (InterruptedException e) {
-                        throw new IOException(Messages.Fingerprinter_Aborted(),e);
-                    }
-                }
+            FileSet src = Util.createFileSet(baseDir,targets);
 
-                return results;
+            DirectoryScanner ds = src.getDirectoryScanner();
+            for( String f : ds.getIncludedFiles() ) {
+                File file = new File(baseDir,f);
+
+                // consider the file to be produced by this build only if the timestamp
+                // is newer than when the build has started.
+                // 2000ms is an error margin since since VFAT only retains timestamp at 2sec precision
+                boolean produced = buildTimestamp <= file.lastModified()+2000;
+
+                try {
+                    results.add(new Record(produced,f,file.getName(),new FilePath(file).digest()));
+                } catch (IOException e) {
+                    throw new IOException(Messages.Fingerprinter_DigestFailed(file),e);
+                } catch (InterruptedException e) {
+                    throw new IOException(Messages.Fingerprinter_Aborted(),e);
+                }
             }
-        });
 
-        for (Record r : records) {
+            return results;
+        }
+
+    }
+
+    private void record(Run<?,?> build, FilePath ws, TaskListener listener, Map<String,String> record, final String targets) throws IOException, InterruptedException {
+        for (Record r : ws.act(new FindRecords(targets, build.getTimeInMillis()))) {
             Fingerprint fp = r.addRecord(build);
             if(fp==null) {
                 listener.error(Messages.Fingerprinter_FailedFor(r.relativePath));
diff --git a/core/src/main/java/hudson/util/ProcessTree.java b/core/src/main/java/hudson/util/ProcessTree.java
index 95fe237fc3..f1503dd7ff 100644
--- a/core/src/main/java/hudson/util/ProcessTree.java
+++ b/core/src/main/java/hudson/util/ProcessTree.java
@@ -156,11 +156,7 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
             try {
                 VirtualChannel channelToMaster = SlaveComputer.getChannelToMaster();
                 if (channelToMaster!=null) {
-                    killers = channelToMaster.call(new SlaveToMasterCallable<List<ProcessKiller>, IOException>() {
-                        public List<ProcessKiller> call() throws IOException {
-                            return new ArrayList<ProcessKiller>(ProcessKiller.all());
-                        }
-                    });
+                    killers = channelToMaster.call(new ListAll());
                 } else {
                     // used in an environment that doesn't support talk-back to the master.
                     // let's do with what we have.
@@ -172,6 +168,12 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
             }
         return killers;
     }
+    private static class ListAll extends SlaveToMasterCallable<List<ProcessKiller>, IOException> {
+        @Override
+        public List<ProcessKiller> call() throws IOException {
+            return new ArrayList<>(ProcessKiller.all());
+        }
+    }
 
     /**
      * Represents a process.
diff --git a/core/src/main/java/jenkins/security/ClassFilterImpl.java b/core/src/main/java/jenkins/security/ClassFilterImpl.java
index 9bf2377e4b..5fb8dccf40 100644
--- a/core/src/main/java/jenkins/security/ClassFilterImpl.java
+++ b/core/src/main/java/jenkins/security/ClassFilterImpl.java
@@ -134,14 +134,14 @@ public class ClassFilterImpl extends ClassFilter {
             }
         }
         return cache.computeIfAbsent(_c, c -> {
-            if (ClassFilter.STANDARD.isBlacklisted(c)) { // currently never true: only the name overload is overridden
-                return true;
-            }
             String name = c.getName();
             if (Main.isUnitTest && (name.contains("$$EnhancerByMockitoWithCGLIB$$") || name.contains("$$FastClassByMockitoWithCGLIB$$") || name.startsWith("org.mockito."))) {
                 mockOff();
                 return false;
             }
+            if (ClassFilter.STANDARD.isBlacklisted(c)) { // currently never true, but may issue diagnostics
+                return true;
+            }
             if (c.isArray()) {
                 LOGGER.log(Level.FINE, "permitting {0} since it is an array", name);
                 return false;
@@ -156,13 +156,6 @@ public class ClassFilterImpl extends ClassFilter {
             }
             String location = codeSource(c);
             if (location != null) {
-                if (c.isAnonymousClass()) { // e.g., pkg.Outer$1
-                    LOGGER.warning("JENKINS-49795: attempt to (de-)serialize anonymous " + c + " in " + location);
-                } else if (c.isLocalClass()) { // e.g., pkg.Outer$1Local
-                    LOGGER.warning("JENKINS-49795: attempt to (de-)serialize local " + c + " in " + location);
-                } else if (c.isSynthetic()) { // e.g., pkg.Outer$$Lambda$1/12345678
-                    LOGGER.warning("JENKINS-49795: attempt to (de-)serialize synthetic " + c + " in " + location);
-                }
                 if (isLocationWhitelisted(location)) {
                     LOGGER.log(Level.FINE, "permitting {0} due to its location in {1}", new Object[] {name, location});
                     return false;
diff --git a/core/src/main/java/jenkins/slaves/restarter/JnlpSlaveRestarterInstaller.java b/core/src/main/java/jenkins/slaves/restarter/JnlpSlaveRestarterInstaller.java
index 1eb68dcc6f..e47cc39925 100644
--- a/core/src/main/java/jenkins/slaves/restarter/JnlpSlaveRestarterInstaller.java
+++ b/core/src/main/java/jenkins/slaves/restarter/JnlpSlaveRestarterInstaller.java
@@ -16,6 +16,7 @@ import java.io.Serializable;
 import java.util.ArrayList;
 import java.util.Iterator;
 import java.util.List;
+import java.util.concurrent.Callable;
 import java.util.logging.Logger;
 
 import static java.util.logging.Level.*;
@@ -34,67 +35,80 @@ import jenkins.security.MasterToSlaveCallable;
 public class JnlpSlaveRestarterInstaller extends ComputerListener implements Serializable {
     @Override
     public void onOnline(final Computer c, final TaskListener listener) throws IOException, InterruptedException {
-        MasterComputer.threadPoolForRemoting.submit(new java.util.concurrent.Callable<Void>() {
-            @Override
-            public Void call() throws Exception {
-                install(c, listener);
-                return null;
-            }
-        });
+        MasterComputer.threadPoolForRemoting.submit(new Install(c, listener));
+    }
+    private static class Install implements Callable<Void> {
+        private final Computer c;
+        private final TaskListener listener;
+        Install(Computer c, TaskListener listener) {
+            this.c = c;
+            this.listener = listener;
+        }
+        @Override
+        public Void call() throws Exception {
+            install(c, listener);
+            return null;
+        }
     }
 
-    private void install(Computer c, TaskListener listener) {
+    private static void install(Computer c, TaskListener listener) {
         try {
             final List<SlaveRestarter> restarters = new ArrayList<SlaveRestarter>(SlaveRestarter.all());
 
             VirtualChannel ch = c.getChannel();
             if (ch==null) return;  // defensive check
 
-            List<SlaveRestarter> effective = ch.call(new MasterToSlaveCallable<List<SlaveRestarter>, IOException>() {
-                public List<SlaveRestarter> call() throws IOException {
-                    Engine e = Engine.current();
-                    if (e == null) return null;    // not running under Engine
+            List<SlaveRestarter> effective = ch.call(new FindEffectiveRestarters(restarters));
 
-                    try {
-                        Engine.class.getMethod("addListener", EngineListener.class);
-                    } catch (NoSuchMethodException _) {
-                        return null;    // running with older version of remoting that doesn't support adding listener
-                    }
+            LOGGER.log(FINE, "Effective SlaveRestarter on {0}: {1}", new Object[] {c.getName(), effective});
+        } catch (Throwable e) {
+            Functions.printStackTrace(e, listener.error("Failed to install restarter"));
+        }
+    }
+    private static class FindEffectiveRestarters extends MasterToSlaveCallable<List<SlaveRestarter>, IOException> {
+        private final List<SlaveRestarter> restarters;
+        FindEffectiveRestarters(List<SlaveRestarter> restarters) {
+            this.restarters = restarters;
+        }
+        @Override
+        public List<SlaveRestarter> call() throws IOException {
+            Engine e = Engine.current();
+            if (e == null) return null;    // not running under Engine
 
-                    // filter out ones that doesn't apply
-                    for (Iterator<SlaveRestarter> itr = restarters.iterator(); itr.hasNext(); ) {
-                        SlaveRestarter r =  itr.next();
-                        if (!r.canWork())
-                            itr.remove();
-                    }
+            try {
+                Engine.class.getMethod("addListener", EngineListener.class);
+            } catch (NoSuchMethodException _) {
+                return null;    // running with older version of remoting that doesn't support adding listener
+            }
 
-                    e.addListener(new EngineListenerAdapter() {
-                        @Override
-                        public void onReconnect() {
+            // filter out ones that doesn't apply
+            for (Iterator<SlaveRestarter> itr = restarters.iterator(); itr.hasNext(); ) {
+                SlaveRestarter r =  itr.next();
+                if (!r.canWork())
+                    itr.remove();
+            }
+
+            e.addListener(new EngineListenerAdapter() {
+                @Override
+                public void onReconnect() {
+                    try {
+                        for (SlaveRestarter r : restarters) {
                             try {
-                                for (SlaveRestarter r : restarters) {
-                                    try {
-                                        LOGGER.info("Restarting agent via "+r);
-                                        r.restart();
-                                    } catch (Exception x) {
-                                        LOGGER.log(SEVERE, "Failed to restart agent with "+r, x);
-                                    }
-                                }
-                            } finally {
-                                // if we move on to the reconnection without restart,
-                                // don't let the current implementations kick in when the agent loses connection again
-                                restarters.clear();
+                                LOGGER.info("Restarting agent via "+r);
+                                r.restart();
+                            } catch (Exception x) {
+                                LOGGER.log(SEVERE, "Failed to restart agent with "+r, x);
                             }
                         }
-                    });
-
-                    return restarters;
+                    } finally {
+                        // if we move on to the reconnection without restart,
+                        // don't let the current implementations kick in when the agent loses connection again
+                        restarters.clear();
+                    }
                 }
             });
 
-            LOGGER.log(FINE, "Effective SlaveRestarter on {0}: {1}", new Object[] {c.getName(), effective});
-        } catch (Throwable e) {
-            Functions.printStackTrace(e, listener.error("Failed to install restarter"));
+            return restarters;
         }
     }
 
diff --git a/pom.xml b/pom.xml
index 6ca04fee1b..fd82cdb4ae 100644
--- a/pom.xml
+++ b/pom.xml
@@ -105,7 +105,7 @@ THE SOFTWARE.
     <maven-war-plugin.version>3.0.0</maven-war-plugin.version> <!-- JENKINS-47127 bump when 3.2.0 is out. Cf. MWAR-407 -->
 
     <!-- Minimum Remoting version, which is tested for API compatibility -->
-    <remoting.version>3.17</remoting.version>
+    <remoting.version>3.18-20180307.194815-1</remoting.version> <!-- TODO https://github.com/jenkinsci/remoting/pull/259 -->
     <remoting.minimum.supported.version>2.60</remoting.minimum.supported.version>
 
   </properties>
-- 
GitLab


From 145c606e83498ca39430d7d3969c50418b26b925 Mon Sep 17 00:00:00 2001
From: Daniel Trebbien <dtrebbien@gmail.com>
Date: Wed, 7 Mar 2018 15:02:52 -0800
Subject: [PATCH 176/863] Refactor TextFile.lines() (#3211)

* Refactor TextFile.lines()

Introduces a LinesStream utility class that is responsible for closing
the underlying file handle.

Switches to calling Files.newBufferedReader() instead of wrapping the
InputStream returned by Files.newInputStream() in a BufferedReader of
an InputStreamReader.

Creates the file reader at the time that lines() is invoked, instead of
at the time that iterator() of the returned Iterable is invoked. This
can help prevent confusion as to the cause of an exception, whether it's
because of a problem opening the file or reading from it.

* Delete a duplicate import and a now-unused import

* Introduce load2()

* Add a @Deprecated annotation
---
 core/src/main/java/hudson/util/TextFile.java  |  49 +++-----
 .../java/jenkins/security/s2m/ConfigFile.java |  45 +++++--
 .../java/jenkins/util/io/LinesStream.java     | 114 ++++++++++++++++++
 3 files changed, 165 insertions(+), 43 deletions(-)
 create mode 100644 core/src/main/java/jenkins/util/io/LinesStream.java

diff --git a/core/src/main/java/hudson/util/TextFile.java b/core/src/main/java/hudson/util/TextFile.java
index fcfd45604e..3ffbe0dad3 100644
--- a/core/src/main/java/hudson/util/TextFile.java
+++ b/core/src/main/java/hudson/util/TextFile.java
@@ -23,25 +23,23 @@
  */
 package hudson.util;
 
-import com.google.common.collect.*;
+import edu.umd.cs.findbugs.annotations.CreatesObligation;
 
 import hudson.Util;
+import jenkins.util.io.LinesStream;
 
 import java.nio.file.Files;
-import java.nio.file.InvalidPathException;
 import javax.annotation.Nonnull;
 import java.io.BufferedReader;
 import java.io.File;
 import java.io.FileReader;
 import java.io.IOException;
-import java.io.InputStreamReader;
 import java.io.PrintWriter;
 import java.io.RandomAccessFile;
 import java.io.Reader;
 import java.io.StringWriter;
 import java.nio.charset.Charset;
 import java.nio.charset.StandardCharsets;
-import java.util.Iterator;
 
 /**
  * Represents a text file.
@@ -51,9 +49,10 @@ import java.util.Iterator;
  * @author Kohsuke Kawaguchi
  */
 public class TextFile {
-    public final File file;
 
-    public TextFile(File file) {
+    public final @Nonnull File file;
+
+    public TextFile(@Nonnull File file) {
         this.file = file;
     }
 
@@ -82,36 +81,16 @@ public class TextFile {
     }
 
     /**
-     * Parse text file line by line.
+     * Creates a new {@link jenkins.util.io.LinesStream} of the file.
+     * <p>
+     * Note: The caller is responsible for closing the returned
+     * <code>LinesStream</code>.
+     * @throws IOException if the file cannot be converted to a
+     * {@link java.nio.file.Path} or if the file cannot be opened for reading
      */
-    public Iterable<String> lines() {
-        return new Iterable<String>() {
-            @Override
-            public Iterator<String> iterator() {
-                try {
-                    final BufferedReader in = new BufferedReader(new InputStreamReader(
-                            Files.newInputStream(file.toPath()),"UTF-8"));
-
-                    return new AbstractIterator<String>() {
-                        @Override
-                        protected String computeNext() {
-                            try {
-                                String r = in.readLine();
-                                if (r==null) {
-                                    in.close();
-                                    return endOfData();
-                                }
-                                return r;
-                            } catch (IOException e) {
-                                throw new RuntimeException(e);
-                            }
-                        }
-                    };
-                } catch (IOException | InvalidPathException e) {
-                    throw new RuntimeException(e);
-                }
-            }
-        };
+    @CreatesObligation
+    public @Nonnull LinesStream lines() throws IOException {
+        return new LinesStream(Util.fileToPath(file));
     }
 
     /**
diff --git a/core/src/main/java/jenkins/security/s2m/ConfigFile.java b/core/src/main/java/jenkins/security/s2m/ConfigFile.java
index 69d9358eed..ca32d0e763 100644
--- a/core/src/main/java/jenkins/security/s2m/ConfigFile.java
+++ b/core/src/main/java/jenkins/security/s2m/ConfigFile.java
@@ -3,6 +3,7 @@ package jenkins.security.s2m;
 import hudson.CopyOnWrite;
 import hudson.util.TextFile;
 import jenkins.model.Jenkins;
+import jenkins.util.io.LinesStream;
 
 import java.io.BufferedReader;
 import java.io.File;
@@ -26,15 +27,42 @@ abstract class ConfigFile<T,COL extends Collection<T>> extends TextFile {
     protected abstract COL create();
     protected abstract COL readOnly(COL base);
 
-    public synchronized void load() {
+    /**
+     * Loads the configuration from the configuration file.
+     * <p>
+     * This method is equivalent to {@link #load2()}, except that any
+     * {@link java.io.IOException} that occurs is wrapped as a
+     * {@link java.lang.RuntimeException}.
+     * <p>
+     * This method exists for source compatibility. Users should call
+     * {@link #load2()} instead.
+     * @deprecated use {@link #load2()} instead.
+     */
+    @Deprecated
+    public void load() {
+        try {
+            load2();
+        } catch (IOException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    /**
+     * Loads the configuration from the configuration file.
+     * @throws IOException if the configuration file could not be read.
+     * @since TODO
+     */
+    public synchronized void load2() throws IOException {
         COL result = create();
 
         if (exists()) {
-            for (String line : lines()) {
-                if (line.startsWith("#")) continue;   // comment
-                T r = parse(line);
-                if (r != null)
-                    result.add(r);
+            try (LinesStream stream = lines()) {
+                for (String line : stream) {
+                    if (line.startsWith("#")) continue;   // comment
+                    T r = parse(line);
+                    if (r != null)
+                        result.add(r);
+                }
             }
         }
 
@@ -63,7 +91,7 @@ abstract class ConfigFile<T,COL extends Collection<T>> extends TextFile {
         Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
 
         write(newContent);
-        load();
+        load2();
     }
 
     public synchronized void append(String additional) throws IOException {
@@ -79,8 +107,9 @@ abstract class ConfigFile<T,COL extends Collection<T>> extends TextFile {
         // load upon the first use
         if (parsed==null) {
             synchronized (this) {
-                if (parsed==null)
+                if (parsed==null) {
                     load();
+                }
             }
         }
         return parsed;
diff --git a/core/src/main/java/jenkins/util/io/LinesStream.java b/core/src/main/java/jenkins/util/io/LinesStream.java
new file mode 100644
index 0000000000..d0296ddf0a
--- /dev/null
+++ b/core/src/main/java/jenkins/util/io/LinesStream.java
@@ -0,0 +1,114 @@
+/*
+ * The MIT License
+ *
+ * Copyright 2018 Daniel Trebbien.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.util.io;
+
+import com.google.common.collect.AbstractIterator;
+
+import edu.umd.cs.findbugs.annotations.CleanupObligation;
+import edu.umd.cs.findbugs.annotations.DischargesObligation;
+
+import java.io.BufferedReader;
+import java.io.Closeable;
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.util.Iterator;
+
+import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
+
+/**
+ * Represents a stream over the lines of a text file.
+ * <p>
+ * Although <code>LinesStream</code> implements {@link java.lang.Iterable}, it
+ * is intended to be first used to initialize a resource in a try-with-resources
+ * statement and then iterated, as in:
+ * <pre>
+ *  try (LinesStream stream = new LinesStream(...)) {
+ *      for (String line : stream) {
+ *          ...
+ *      }
+ *  }
+ * </pre>
+ * This pattern ensures that the underlying file handle is closed properly.
+ * <p>
+ * Like {@link java.nio.file.DirectoryStream}, <code>LinesStream</code> supports
+ * creating at most one <code>Iterator</code>. Invoking {@link #iterator()} to
+ * obtain a second or subsequent <code>Iterator</code> throws
+ * <code>IllegalStateException</code>.
+ *
+ * @since TODO
+ */
+@CleanupObligation
+public class LinesStream implements Closeable, Iterable<String> {
+
+    private final @Nonnull BufferedReader in;
+    private transient @Nullable Iterator<String> iterator;
+
+    /**
+     * Opens the text file at <code>path</code> for reading using charset
+     * {@link java.nio.charset.StandardCharsets#UTF_8}.
+     * @param path Path to the file to open for reading.
+     * @throws IOException if the file at <code>path</code> cannot be opened for
+     * reading.
+     */
+    public LinesStream(@Nonnull Path path) throws IOException {
+        in = Files.newBufferedReader(path); // uses UTF-8 by default
+    }
+
+    @DischargesObligation
+    @Override
+    public void close() throws IOException {
+        in.close();
+    }
+
+    @Override
+    public Iterator<String> iterator() {
+        if (iterator!=null)
+            throw new IllegalStateException("Only one Iterator can be created.");
+
+        iterator = new AbstractIterator<String>() {
+            @Override
+            protected String computeNext() {
+                try {
+                    String r = in.readLine();
+                    if (r==null) {
+                        // Calling close() here helps ensure that the file
+                        // handle is closed even when LinesStream is being used
+                        // incorrectly, where it is iterated over without being
+                        // used to initialize a resource of a try-with-resources
+                        // statement.
+                        in.close();
+                        return endOfData();
+                    }
+                    return r;
+                } catch (IOException e) {
+                    throw new RuntimeException(e);
+                }
+            }
+        };
+
+        return iterator;
+    }
+}
-- 
GitLab


From 12031d7d59409186c8c36ac791736e475a883dc2 Mon Sep 17 00:00:00 2001
From: Literallie <git@l1t.li>
Date: Thu, 8 Mar 2018 00:06:57 +0100
Subject: [PATCH 177/863] [JENKINS-45387] Fix validation error displaying in
 setup wizard's "create first admin" form (#3116)

* [JENKINS-45387] Improve setup wizard account creation in security realm

This commit adds an additional account creation method to the
security realm, that allows to create a new user account (as the system)
and is intended to be used by the setup wizard.

The main difference to the existing method is that the new method does
not force the Stapler to send a response, but instead throws an
exception if invalid data is submitted. This allows to call this from
the setup wizard, and send the response there. (This is necessary
because the setup wizard method has a response return type and
there is no way to access the response already send in the realm)

Further, it splits the private createAccount() method for
clarity as well as to allow code reuse from the new method.

* [JENKINS-45387] Fix SetupWizard sending responses twice on create admin

This commit fixes an issue where the SetupWizard class would send
two responses (indirectly) when invalid form data was provided for
creating the first admin account.

* [Fix JENKINS-45387] Setup wizard not displaying first account errors

This commit fixes the setup wizard not displaying HTML error
responses upon first account creation.

Previously, it just froze (buttons were not re-enabled) and didn't
display responses. (Probably caused by XSS policies on the iframe)

* [JENKINS-45387] Add some @Restricted annotations

As per
https://github.com/jenkinsci/jenkins/pull/3116#discussion_r172031063
https://github.com/jenkinsci/jenkins/pull/3116#discussion_r172051979
---
 .../AccountCreationFailedException.java       | 40 ++++++++
 .../security/HudsonPrivateSecurityRealm.java  | 99 +++++++++++++++----
 .../java/jenkins/install/SetupWizard.java     | 74 +++++++-------
 war/src/main/js/pluginSetupWizardGui.js       | 54 +++++-----
 war/src/main/js/templates/firstUserPanel.hbs  |  2 +-
 5 files changed, 182 insertions(+), 87 deletions(-)
 create mode 100644 core/src/main/java/hudson/security/AccountCreationFailedException.java

diff --git a/core/src/main/java/hudson/security/AccountCreationFailedException.java b/core/src/main/java/hudson/security/AccountCreationFailedException.java
new file mode 100644
index 0000000000..bab5345db1
--- /dev/null
+++ b/core/src/main/java/hudson/security/AccountCreationFailedException.java
@@ -0,0 +1,40 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2017 Jenkins contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+package hudson.security;
+
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+
+/**
+ * Thrown if an account creation was attempted but failed due to invalid data being entered into a form.
+ *
+ * @author Philipp Nowak
+ */
+@Restricted(NoExternalUse.class)
+public class AccountCreationFailedException extends Exception {
+    public AccountCreationFailedException(String message) {
+        super(message);
+    }
+}
diff --git a/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java b/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
index 95ff998a2a..2344d1dc51 100644
--- a/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
+++ b/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
@@ -289,6 +289,26 @@ public class HudsonPrivateSecurityRealm extends AbstractPasswordBasedSecurityRea
         return u;
     }
 
+    /**
+     * Creates a user account. Intended to be called from the setup wizard.
+     * Note that this method does not check whether it is actually called from
+     * the setup wizard. This requires the {@link Jenkins#ADMINISTER} permission.
+     *
+     * @param req the request to retrieve input data from
+     * @return the created user account, never null
+     * @throws AccountCreationFailedException if account creation failed due to invalid form input
+     */
+    @Restricted(NoExternalUse.class)
+    public User createAccountFromSetupWizard(StaplerRequest req) throws IOException, AccountCreationFailedException {
+        checkPermission(Jenkins.ADMINISTER);
+        SignupInfo si = validateAccountCreationForm(req, false);
+        if (si.errorMessage != null) {
+            throw new AccountCreationFailedException(si.errorMessage);
+        } else {
+            return createAccount(si);
+        }
+    }
+
     /**
      * Creates a first admin user account.
      *
@@ -321,65 +341,102 @@ public class HudsonPrivateSecurityRealm extends AbstractPasswordBasedSecurityRea
     }
 
     /**
+     * @param req the request to get the form data from (is also used for redirection)
+     * @param rsp the response to use for forwarding if the creation fails
+     * @param validateCaptcha whether to attempt to validate a captcha in the request
+     * @param formView the view to redirect to if creation fails
+     *
      * @return
      *      null if failed. The browser is already redirected to retry by the time this method returns.
      *      a valid {@link User} object if the user creation was successful.
      */
-    private User createAccount(StaplerRequest req, StaplerResponse rsp, boolean selfRegistration, String formView) throws ServletException, IOException {
+    private User createAccount(StaplerRequest req, StaplerResponse rsp, boolean validateCaptcha, String formView) throws ServletException, IOException {
+        SignupInfo si = validateAccountCreationForm(req, validateCaptcha);
+
+        if (si.errorMessage != null) {
+            // failed. ask the user to try again.
+            req.getView(this, formView).forward(req, rsp);
+            return null;
+        }
+
+        return createAccount(si);
+    }
+
+    /**
+     * @param req              the request to process
+     * @param validateCaptcha  whether to attempt to validate a captcha in the request
+     *
+     * @return a {@link SignupInfo#SignupInfo(StaplerRequest) SignupInfo from given request}, with {@link
+     * SignupInfo#errorMessage} set to a non-null value if any of the supported fields are invalid
+     */
+    private SignupInfo validateAccountCreationForm(StaplerRequest req, boolean validateCaptcha) {
         // form field validation
         // this pattern needs to be generalized and moved to stapler
         SignupInfo si = new SignupInfo(req);
 
-        if(selfRegistration && !validateCaptcha(si.captcha))
+        if (validateCaptcha && !validateCaptcha(si.captcha)) {
             si.errorMessage = Messages.HudsonPrivateSecurityRealm_CreateAccount_TextNotMatchWordInImage();
+        }
 
-        if(si.password1 != null && !si.password1.equals(si.password2))
+        if (si.password1 != null && !si.password1.equals(si.password2)) {
             si.errorMessage = Messages.HudsonPrivateSecurityRealm_CreateAccount_PasswordNotMatch();
+        }
 
-        if(!(si.password1 != null && si.password1.length() != 0))
+        if (!(si.password1 != null && si.password1.length() != 0)) {
             si.errorMessage = Messages.HudsonPrivateSecurityRealm_CreateAccount_PasswordRequired();
+        }
 
-        if(si.username==null || si.username.length()==0)
+        if (si.username == null || si.username.length() == 0) {
             si.errorMessage = Messages.HudsonPrivateSecurityRealm_CreateAccount_UserNameRequired();
-        else {
+        } else {
             // do not create the user - we just want to check if the user already exists but is not a "login" user.
-            User user = User.getById(si.username, false); 
+            User user = User.getById(si.username, false);
             if (null != user)
                 // Allow sign up. SCM people has no such property.
                 if (user.getProperty(Details.class) != null)
                     si.errorMessage = Messages.HudsonPrivateSecurityRealm_CreateAccount_UserNameAlreadyTaken();
         }
 
-        if(si.fullname==null || si.fullname.length()==0)
+        if (si.fullname == null || si.fullname.length() == 0) {
             si.fullname = si.username;
+        }
 
-        if(isMailerPluginPresent() && (si.email==null || !si.email.contains("@")))
+        if (isMailerPluginPresent() && (si.email == null || !si.email.contains("@"))) {
             si.errorMessage = Messages.HudsonPrivateSecurityRealm_CreateAccount_InvalidEmailAddress();
+        }
 
-        if (! User.isIdOrFullnameAllowed(si.username)) {
+        if (!User.isIdOrFullnameAllowed(si.username)) {
             si.errorMessage = hudson.model.Messages.User_IllegalUsername(si.username);
         }
 
-        if (! User.isIdOrFullnameAllowed(si.fullname)) {
+        if (!User.isIdOrFullnameAllowed(si.fullname)) {
             si.errorMessage = hudson.model.Messages.User_IllegalFullname(si.fullname);
         }
+        req.setAttribute("data", si); // for error messages in the view
+        return si;
+    }
 
-        if(si.errorMessage!=null) {
-            // failed. ask the user to try again.
-            req.setAttribute("data",si);
-            req.getView(this, formView).forward(req,rsp);
-            return null;
+    /**
+     * Creates a new account from a valid signup info. A signup info is valid if its {@link SignupInfo#errorMessage}
+     * field is null.
+     *
+     * @param si the valid signup info to create an account from
+     * @return a valid {@link User} object created from given signup info
+     * @throws IllegalArgumentException if an invalid signup info is passed
+     */
+    private User createAccount(SignupInfo si) throws IOException {
+        if (si.errorMessage != null) {
+            throw new IllegalArgumentException("invalid signup info passed to createAccount(si): " + si.errorMessage);
         }
-
         // register the user
-        User user = createAccount(si.username,si.password1);
+        User user = createAccount(si.username, si.password1);
         user.setFullName(si.fullname);
-        if(isMailerPluginPresent()) {
+        if (isMailerPluginPresent()) {
             try {
                 // legacy hack. mail support has moved out to a separate plugin
                 Class<?> up = Jenkins.getInstance().pluginManager.uberClassLoader.loadClass("hudson.tasks.Mailer$UserProperty");
                 Constructor<?> c = up.getDeclaredConstructor(String.class);
-                user.addProperty((UserProperty)c.newInstance(si.email));
+                user.addProperty((UserProperty) c.newInstance(si.email));
             } catch (ReflectiveOperationException e) {
                 throw new RuntimeException(e);
             }
@@ -387,7 +444,7 @@ public class HudsonPrivateSecurityRealm extends AbstractPasswordBasedSecurityRea
         user.save();
         return user;
     }
-    
+
     @Restricted(NoExternalUse.class)
     public boolean isMailerPluginPresent() {
         try {
diff --git a/core/src/main/java/jenkins/install/SetupWizard.java b/core/src/main/java/jenkins/install/SetupWizard.java
index 6c70482369..67f68606b2 100644
--- a/core/src/main/java/jenkins/install/SetupWizard.java
+++ b/core/src/main/java/jenkins/install/SetupWizard.java
@@ -39,6 +39,7 @@ import hudson.model.PageDecorator;
 import hudson.model.UpdateCenter;
 import hudson.model.UpdateSite;
 import hudson.model.User;
+import hudson.security.AccountCreationFailedException;
 import hudson.security.FullControlOnceLoggedInAuthorizationStrategy;
 import hudson.security.HudsonPrivateSecurityRealm;
 import hudson.security.SecurityRealm;
@@ -240,49 +241,54 @@ public class SetupWizard extends PageDecorator {
      * Called during the initial setup to create an admin user
      */
     @RequirePOST
-    public HttpResponse doCreateAdminUser(StaplerRequest req, StaplerResponse rsp) throws IOException, ServletException {
+    @Restricted(NoExternalUse.class)
+    public HttpResponse doCreateAdminUser(StaplerRequest req, StaplerResponse rsp) throws IOException {
         Jenkins j = Jenkins.getInstance();
         j.checkPermission(Jenkins.ADMINISTER);
-        
+
         // This will be set up by default. if not, something changed, ok to fail
-        HudsonPrivateSecurityRealm securityRealm = (HudsonPrivateSecurityRealm)j.getSecurityRealm();
-        
+        HudsonPrivateSecurityRealm securityRealm = (HudsonPrivateSecurityRealm) j.getSecurityRealm();
+
         User admin = securityRealm.getUser(SetupWizard.initialSetupAdminUserName);
         try {
-            if(admin != null) {
+            if (admin != null) {
                 admin.delete(); // assume the new user may well be 'admin'
             }
-            
-            User u = securityRealm.createAccountByAdmin(req, rsp, "/jenkins/install/SetupWizard/setupWizardFirstUser.jelly", null);
-            if (u != null) {
-                if(admin != null) {
-                    admin = null;
-                }
-                
-                // Success! Delete the temporary password file:
-                try {
-                    getInitialAdminPasswordFile().delete();
-                } catch (InterruptedException e) {
-                    throw new IOException(e);
-                }
-                
-                InstallUtil.proceedToNextStateFrom(InstallState.CREATE_ADMIN_USER);
-                
-                // ... and then login
-                Authentication a = new UsernamePasswordAuthenticationToken(u.getId(),req.getParameter("password1"));
-                a = securityRealm.getSecurityComponents().manager.authenticate(a);
-                SecurityContextHolder.getContext().setAuthentication(a);
-                CrumbIssuer crumbIssuer = Jenkins.getInstance().getCrumbIssuer();
-                JSONObject data = new JSONObject();
-                if (crumbIssuer != null) {
-                    data.accumulate("crumbRequestField", crumbIssuer.getCrumbRequestField()).accumulate("crumb", crumbIssuer.getCrumb(req));
-                }
-                return HttpResponses.okJSON(data);
-            } else {
-                return HttpResponses.okJSON();
+
+            User newUser = securityRealm.createAccountFromSetupWizard(req);
+            if (admin != null) {
+                admin = null;
+            }
+
+            // Success! Delete the temporary password file:
+            try {
+                getInitialAdminPasswordFile().delete();
+            } catch (InterruptedException e) {
+                throw new IOException(e);
+            }
+
+            InstallUtil.proceedToNextStateFrom(InstallState.CREATE_ADMIN_USER);
+
+            // ... and then login
+            Authentication auth = new UsernamePasswordAuthenticationToken(newUser.getId(), req.getParameter("password1"));
+            auth = securityRealm.getSecurityComponents().manager.authenticate(auth);
+            SecurityContextHolder.getContext().setAuthentication(auth);
+            CrumbIssuer crumbIssuer = Jenkins.getInstance().getCrumbIssuer();
+            JSONObject data = new JSONObject();
+            if (crumbIssuer != null) {
+                data.accumulate("crumbRequestField", crumbIssuer.getCrumbRequestField()).accumulate("crumb", crumbIssuer.getCrumb(req));
             }
+            return HttpResponses.okJSON(data);
+        } catch (AccountCreationFailedException e) {
+            /*
+            Return Unprocessable Entity from WebDAV. While this is not technically in the HTTP/1.1 standard, browsers
+            seem to accept this. 400 Bad Request is technically inappropriate because that implies invalid *syntax*,
+            not incorrect data. The client only cares about it being >200 anyways.
+             */
+            rsp.setStatus(422);
+            return HttpResponses.forwardToView(securityRealm, "/jenkins/install/SetupWizard/setupWizardFirstUser.jelly");
         } finally {
-            if(admin != null) {
+            if (admin != null) {
                 admin.save(); // recreate this initial user if something failed
             }
         }
diff --git a/war/src/main/js/pluginSetupWizardGui.js b/war/src/main/js/pluginSetupWizardGui.js
index 2aac81ed33..2a97ce5b34 100644
--- a/war/src/main/js/pluginSetupWizardGui.js
+++ b/war/src/main/js/pluginSetupWizardGui.js
@@ -872,45 +872,37 @@ var createPluginSetupWizard = function(appendTarget) {
 			$c.slideDown();
 		}
 	};
-	
-	var handleStaplerSubmit = function(data) {
-		if(data.status && data.status > 200) {
-			// Nothing we can really do here
-			setPanel(errorPanel, { errorMessage: data.statusText });
-			return;
-		}
-		
-		try {
-			if(JSON.parse(data).status === 'ok') {
-				showStatePanel();
-				return;
-			}
-		} catch(e) {
-			// ignore JSON parsing issues, this may be HTML
+
+	var handleFirstUserResponseSuccess = function (data) {
+		if (data.status === 'ok') {
+			showStatePanel();
+		} else {
+			setPanel(errorPanel, {errorMessage: 'Error trying to create first user: ' + data.statusText});
 		}
-		// we get 200 OK
-		var responseText = data.responseText;
+	};
+
+	var handleFirstUserResponseError = function(res) {
+		// We're expecting a full HTML page to replace the form
+		// We can only replace the _whole_ iframe due to XSS rules
+		// https://stackoverflow.com/a/22913801/1117552
+		var responseText = res.responseText;
 		var $page = $(responseText);
-		var $errors = $page.find('.error');
-		if($errors.length > 0) {
-			var $main = $page.find('#main-panel').detach();
-			if($main.length > 0) {
-				responseText = responseText.replace(/body([^>]*)[>](.|[\r\n])+[<][/]body/,'body$1>'+$main.html()+'</body');
-			}
-			var doc = $('iframe[src]').contents()[0];
-			doc.open();
-			doc.write(responseText);
-			doc.close();
-		}
-		else {
-			showStatePanel();
+		var $main = $page.find('#main-panel').detach();
+		if($main.length > 0) {
+			responseText = responseText.replace(/body([^>]*)[>](.|[\r\n])+[<][/]body/,'body$1>'+$main.html()+'</body');
 		}
+		var doc = $('iframe#setup-first-user').contents()[0];
+		doc.open();
+		doc.write(responseText);
+		doc.close();
+		$('button').prop({disabled:false});
 	};
 	
 	// call to submit the firstuser
 	var saveFirstUser = function() {
 		$('button').prop({disabled:true});
-		securityConfig.saveFirstUser($('iframe[src]').contents().find('form:not(.no-json)'), handleStaplerSubmit, handleStaplerSubmit);
+		var $form = $('iframe#setup-first-user').contents().find('form:not(.no-json)');
+		securityConfig.saveFirstUser($form, handleFirstUserResponseSuccess, handleFirstUserResponseError);
 	};
 
 	var skipFirstUser = function() {
diff --git a/war/src/main/js/templates/firstUserPanel.hbs b/war/src/main/js/templates/firstUserPanel.hbs
index aeb3b9627c..0a635cb6c2 100644
--- a/war/src/main/js/templates/firstUserPanel.hbs
+++ b/war/src/main/js/templates/firstUserPanel.hbs
@@ -3,7 +3,7 @@
 </div>
 <div class="modal-body">
 	<div class="jumbotron welcome-panel security-panel">
-		<iframe src="{{baseUrl}}/setupWizard/setupWizardFirstUser"></iframe>
+		<iframe src="{{baseUrl}}/setupWizard/setupWizardFirstUser" id="setup-first-user"></iframe>
 	</div>
 </div>
 <div class="modal-footer">
-- 
GitLab


From aaae71af4bd2952efdc3462fde086faa6a604ee2 Mon Sep 17 00:00:00 2001
From: Daniel Trebbien <dtrebbien@gmail.com>
Date: Wed, 7 Mar 2018 15:53:53 -0800
Subject: [PATCH 178/863] [JENKINS-49971] Fix a race condition in
 Util.loadFile() (#3225)

* Fix a race condition in Util.loadFile()

If the file is deleted in between when its existence is checked and the
file is opened for reading, then the method will fail to return an empty
string.

* Switch to using FileUtils.readFileToString()
---
 core/src/main/java/hudson/Util.java | 66 +++++++++++++++++------------
 1 file changed, 40 insertions(+), 26 deletions(-)

diff --git a/core/src/main/java/hudson/Util.java b/core/src/main/java/hudson/Util.java
index 88f466077d..6848d25870 100644
--- a/core/src/main/java/hudson/Util.java
+++ b/core/src/main/java/hudson/Util.java
@@ -89,6 +89,9 @@ import javax.annotation.Nullable;
 import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
 
+import org.apache.commons.codec.digest.DigestUtils;
+import org.apache.commons.io.FileUtils;
+
 /**
  * Various utility methods that don't have more proper home.
  *
@@ -181,43 +184,54 @@ public class Util {
     }
 
     /**
-     * Loads the contents of a file into a string.
+     * Reads the entire contents of the text file at <code>logfile</code> into a
+     * string using the {@link Charset#defaultCharset() default charset} for
+     * decoding. If no such file exists, an empty string is returned.
+     * @param logfile The text file to read in its entirety.
+     * @return The entire text content of <code>logfile</code>.
+     * @throws IOException If an error occurs while reading the file.
+     * @deprecated call {@link #loadFile(java.io.File, java.nio.charset.Charset)}
+     * instead to specify the charset to use for decoding (preferably
+     * {@link java.nio.charset.StandardCharsets#UTF_8}).
      */
     @Nonnull
+    @Deprecated
     public static String loadFile(@Nonnull File logfile) throws IOException {
         return loadFile(logfile, Charset.defaultCharset());
     }
 
+    /**
+     * Reads the entire contents of the text file at <code>logfile</code> into a
+     * string using <code>charset</code> for decoding. If no such file exists,
+     * an empty string is returned.
+     * @param logfile The text file to read in its entirety.
+     * @param charset The charset to use for decoding the bytes in <code>logfile</code>.
+     * @return The entire text content of <code>logfile</code>.
+     * @throws IOException If an error occurs while reading the file.
+     */
     @Nonnull
     public static String loadFile(@Nonnull File logfile, @Nonnull Charset charset) throws IOException {
-        if(!logfile.exists())
-            return "";
-
-        StringBuilder str = new StringBuilder((int)logfile.length());
-
-        // We're not using Files.newBufferedReader() here because there is a
-        // difference in how an InputStreamReader constructed from a Charset and
-        // the reader returned by Files.newBufferedReader() handle malformed and
-        // unmappable byte sequences for the specified encoding; the latter is
-        // more picky and will throw a CharacterCodingException. See:
-        // https://issues.jenkins-ci.org/browse/JENKINS-49060?focusedCommentId=325989&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-325989
+        // Note: Until charset handling is resolved (e.g. by implementing
+        // https://issues.jenkins-ci.org/browse/JENKINS-48923 ), this method
+        // must be able to handle character encoding errors. As reported at
+        // https://issues.jenkins-ci.org/browse/JENKINS-49112 Run.getLog() calls
+        // loadFile() to fully read the generated log file. This file might
+        // contain unmappable and/or malformed byte sequences. We need to make
+        // sure that in such cases, no CharacterCodingException is thrown.
         //
-        // As reported at https://issues.jenkins-ci.org/browse/JENKINS-49112
-        // Run.getLog() calls loadFile() to fully read the generated log file.
-        // Until charset handling is resolved (e.g. by implementing
-        // https://issues.jenkins-ci.org/browse/JENKINS-48923 ), malformed
-        // bytes will need to be tolerated.
-        try (InputStream rawIn = Files.newInputStream(fileToPath(logfile));
-             Reader r = new BufferedReader(new InputStreamReader(rawIn, charset))) {
-            char[] buf = new char[1024];
-            int len;
-            while ((len = r.read(buf, 0, buf.length)) > 0)
-                str.append(buf, 0, len);
+        // One approach that cannot be used is to call Files.newBufferedReader()
+        // because there is a difference in how an InputStreamReader constructed
+        // from a Charset and the reader returned by Files.newBufferedReader()
+        // handle malformed and unmappable byte sequences for the specified
+        // encoding; the latter is more picky and will throw an exception.
+        // See: https://issues.jenkins-ci.org/browse/JENKINS-49060?focusedCommentId=325989&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-325989
+        try {
+            return FileUtils.readFileToString(logfile, charset);
+        } catch (FileNotFoundException e) {
+            return "";
         } catch (Exception e) {
-            throw new IOException("Failed to fully read " + logfile + " using charset " + charset.name(), e);
+            throw new IOException("Failed to fully read " + logfile, e);
         }
-
-        return str.toString();
     }
 
     /**
-- 
GitLab


From c84cbf32d15c173381e443040f0d2d5a254a784f Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Thu, 8 Mar 2018 15:35:35 +0100
Subject: [PATCH 179/863] Update to Parent POM 1.40 with configured FindBugs
 (#3308)

* Update to Parent POM 1.40 with configured FindBugs

* Used the released version of Parent POM, address comments from @dwnusbaum
---
 pom.xml | 29 ++++-------------------------
 1 file changed, 4 insertions(+), 25 deletions(-)

diff --git a/pom.xml b/pom.xml
index 6ca04fee1b..5e8df999e5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci</groupId>
     <artifactId>jenkins</artifactId>
-    <version>1.39</version>
+    <version>1.40</version>
   </parent>
 
   <groupId>org.jenkins-ci.main</groupId>
@@ -92,8 +92,6 @@ THE SOFTWARE.
     <matrix-project.version>1.4.1</matrix-project.version>
     <sorcerer.version>0.11</sorcerer.version>
     <animal.sniffer.skip>${skipTests}</animal.sniffer.skip>
-    <findbugs-maven-plugin.version>3.0.4</findbugs-maven-plugin.version>
-    <findbugs.failOnError>true</findbugs.failOnError>
     <access-modifier.version>1.12</access-modifier.version>
     <access-modifier-annotation.version>${access-modifier.version}</access-modifier-annotation.version> <!-- differing only where needed for timestamped snapshots -->
     <access-modifier-checker.version>${access-modifier.version}</access-modifier-checker.version>
@@ -108,6 +106,9 @@ THE SOFTWARE.
     <remoting.version>3.17</remoting.version>
     <remoting.minimum.supported.version>2.60</remoting.minimum.supported.version>
 
+    <findbugs.effort>Max</findbugs.effort>
+    <findbugs.threshold>High</findbugs.threshold>
+    <findbugs.excludeFilterFile>../src/findbugs/findbugs-excludes.xml</findbugs.excludeFilterFile>
   </properties>
 
   <!-- Note that the 'repositories' and 'pluginRepositories' blocks below are actually copy-pasted
@@ -492,28 +493,6 @@ THE SOFTWARE.
           <artifactId>antlr-maven-plugin</artifactId>
           <version>2.1</version>
         </plugin>
-        <plugin>
-          <groupId>org.codehaus.mojo</groupId>
-          <artifactId>findbugs-maven-plugin</artifactId>
-          <version>${findbugs-maven-plugin.version}</version>
-          <configuration>
-            <effort>Max</effort>
-            <threshold>High</threshold>
-            <!--Excludes file is located on the top level-->
-            <excludeFilterFile>../src/findbugs/findbugs-excludes.xml</excludeFilterFile>
-            <xmlOutput>true</xmlOutput>
-            <findbugsXmlOutput>false</findbugsXmlOutput>
-          </configuration>
-          <executions>
-            <execution>
-              <id>findbugs</id>
-              <goals>
-                <goal>check</goal>
-              </goals>
-              <phase>verify</phase>
-            </execution>
-          </executions>
-        </plugin>
         <plugin>
           <groupId>org.apache.maven.plugins</groupId>
           <artifactId>maven-pmd-plugin</artifactId>
-- 
GitLab


From 557ac5ea7411dd39dba44a07f499c1019872029c Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Fri, 9 Mar 2018 09:32:35 +0800
Subject: [PATCH 180/863] Move descriptionFrom's translate into 'submit'

---
 .../form/submit_bg.properties}                                    | 0
 .../form/submit_da.properties}                                    | 0
 .../form/submit_de.properties}                                    | 0
 .../form/submit_es.properties}                                    | 0
 .../form/submit_fr.properties}                                    | 0
 .../form/submit_it.properties}                                    | 0
 .../form/submit_ja.properties}                                    | 0
 .../form/submit_pl.properties}                                    | 0
 .../form/submit_pt_BR.properties}                                 | 0
 .../form/submit_sr.properties}                                    | 0
 .../form/submit_tr.properties}                                    | 0
 .../form/submit_zh_TW.properties}                                 | 0
 12 files changed, 0 insertions(+), 0 deletions(-)
 rename core/src/main/resources/{hudson/model/AbstractModelObject/descriptionForm_bg.properties => lib/form/submit_bg.properties} (100%)
 rename core/src/main/resources/{hudson/model/AbstractModelObject/descriptionForm_da.properties => lib/form/submit_da.properties} (100%)
 rename core/src/main/resources/{hudson/model/AbstractModelObject/descriptionForm_de.properties => lib/form/submit_de.properties} (100%)
 rename core/src/main/resources/{hudson/model/AbstractModelObject/descriptionForm_es.properties => lib/form/submit_es.properties} (100%)
 rename core/src/main/resources/{hudson/model/AbstractModelObject/descriptionForm_fr.properties => lib/form/submit_fr.properties} (100%)
 rename core/src/main/resources/{hudson/model/AbstractModelObject/descriptionForm_it.properties => lib/form/submit_it.properties} (100%)
 rename core/src/main/resources/{hudson/model/AbstractModelObject/descriptionForm_ja.properties => lib/form/submit_ja.properties} (100%)
 rename core/src/main/resources/{hudson/model/AbstractModelObject/descriptionForm_pl.properties => lib/form/submit_pl.properties} (100%)
 rename core/src/main/resources/{hudson/model/AbstractModelObject/descriptionForm_pt_BR.properties => lib/form/submit_pt_BR.properties} (100%)
 rename core/src/main/resources/{hudson/model/AbstractModelObject/descriptionForm_sr.properties => lib/form/submit_sr.properties} (100%)
 rename core/src/main/resources/{hudson/model/AbstractModelObject/descriptionForm_tr.properties => lib/form/submit_tr.properties} (100%)
 rename core/src/main/resources/{hudson/model/AbstractModelObject/descriptionForm_zh_TW.properties => lib/form/submit_zh_TW.properties} (100%)

diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_bg.properties b/core/src/main/resources/lib/form/submit_bg.properties
similarity index 100%
rename from core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_bg.properties
rename to core/src/main/resources/lib/form/submit_bg.properties
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_da.properties b/core/src/main/resources/lib/form/submit_da.properties
similarity index 100%
rename from core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_da.properties
rename to core/src/main/resources/lib/form/submit_da.properties
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_de.properties b/core/src/main/resources/lib/form/submit_de.properties
similarity index 100%
rename from core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_de.properties
rename to core/src/main/resources/lib/form/submit_de.properties
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_es.properties b/core/src/main/resources/lib/form/submit_es.properties
similarity index 100%
rename from core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_es.properties
rename to core/src/main/resources/lib/form/submit_es.properties
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_fr.properties b/core/src/main/resources/lib/form/submit_fr.properties
similarity index 100%
rename from core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_fr.properties
rename to core/src/main/resources/lib/form/submit_fr.properties
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_it.properties b/core/src/main/resources/lib/form/submit_it.properties
similarity index 100%
rename from core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_it.properties
rename to core/src/main/resources/lib/form/submit_it.properties
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_ja.properties b/core/src/main/resources/lib/form/submit_ja.properties
similarity index 100%
rename from core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_ja.properties
rename to core/src/main/resources/lib/form/submit_ja.properties
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_pl.properties b/core/src/main/resources/lib/form/submit_pl.properties
similarity index 100%
rename from core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_pl.properties
rename to core/src/main/resources/lib/form/submit_pl.properties
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_pt_BR.properties b/core/src/main/resources/lib/form/submit_pt_BR.properties
similarity index 100%
rename from core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_pt_BR.properties
rename to core/src/main/resources/lib/form/submit_pt_BR.properties
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_sr.properties b/core/src/main/resources/lib/form/submit_sr.properties
similarity index 100%
rename from core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_sr.properties
rename to core/src/main/resources/lib/form/submit_sr.properties
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_tr.properties b/core/src/main/resources/lib/form/submit_tr.properties
similarity index 100%
rename from core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_tr.properties
rename to core/src/main/resources/lib/form/submit_tr.properties
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_zh_TW.properties b/core/src/main/resources/lib/form/submit_zh_TW.properties
similarity index 100%
rename from core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm_zh_TW.properties
rename to core/src/main/resources/lib/form/submit_zh_TW.properties
-- 
GitLab


From f77d3de86183198d8dd33d95a43985ef371fa51f Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Fri, 9 Mar 2018 13:37:51 +0800
Subject: [PATCH 181/863] Remove submit custom label

---
 .../hudson/model/AbstractModelObject/descriptionForm.jelly      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm.jelly b/core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm.jelly
index 9891f09a18..8bb30e90ce 100644
--- a/core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm.jelly
+++ b/core/src/main/resources/hudson/model/AbstractModelObject/descriptionForm.jelly
@@ -39,7 +39,7 @@ THE SOFTWARE.
         </f:entry>
       </table>
       <div align="right">
-        <f:submit value="${%Submit}" />
+        <f:submit />
       </div>
     </form>
   </l:ajax>
-- 
GitLab


From f57b841fc8546d83a832fa79d915ea6d98a6f230 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Fri, 9 Mar 2018 12:20:24 -0500
Subject: [PATCH 182/863] access-modifier.version=1.13

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 6ca04fee1b..17f3636bfb 100644
--- a/pom.xml
+++ b/pom.xml
@@ -94,7 +94,7 @@ THE SOFTWARE.
     <animal.sniffer.skip>${skipTests}</animal.sniffer.skip>
     <findbugs-maven-plugin.version>3.0.4</findbugs-maven-plugin.version>
     <findbugs.failOnError>true</findbugs.failOnError>
-    <access-modifier.version>1.12</access-modifier.version>
+    <access-modifier.version>1.13</access-modifier.version>
     <access-modifier-annotation.version>${access-modifier.version}</access-modifier-annotation.version> <!-- differing only where needed for timestamped snapshots -->
     <access-modifier-checker.version>${access-modifier.version}</access-modifier-checker.version>
 
-- 
GitLab


From d94049cc713b31e20caf4e15b50ca7a72dbf1de1 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Fri, 9 Mar 2018 12:51:56 -0500
Subject: [PATCH 183/863] https://github.com/kohsuke/localizer/pull/11 actually
 works now.

---
 cli/src/main/java/hudson/cli/CLI.java          | 7 ++++++-
 core/src/main/java/hudson/cli/HelpCommand.java | 2 +-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/cli/src/main/java/hudson/cli/CLI.java b/cli/src/main/java/hudson/cli/CLI.java
index cbd3acd044..5da726be0e 100644
--- a/cli/src/main/java/hudson/cli/CLI.java
+++ b/cli/src/main/java/hudson/cli/CLI.java
@@ -809,9 +809,14 @@ public class CLI implements AutoCloseable {
         return authenticate(Collections.singleton(key));
     }
 
+    /** For access from {@code HelpCommand}. */
+    static String usage() {
+        return Messages.CLI_Usage();
+    }
+
     private static void printUsage(String msg) {
         if(msg!=null)   System.out.println(msg);
-        System.err.println(Messages.CLI_Usage());
+        System.err.println(usage());
     }
 
     static final Logger LOGGER = Logger.getLogger(CLI.class.getName());
diff --git a/core/src/main/java/hudson/cli/HelpCommand.java b/core/src/main/java/hudson/cli/HelpCommand.java
index 60fcc0970b..7b73c0b31d 100644
--- a/core/src/main/java/hudson/cli/HelpCommand.java
+++ b/core/src/main/java/hudson/cli/HelpCommand.java
@@ -53,7 +53,7 @@ public class HelpCommand extends CLICommand {
     protected int run() throws Exception {
         if (!Jenkins.getActiveInstance().hasPermission(Jenkins.READ)) {
             throw new AccessDeniedException("You must authenticate to access this Jenkins.\n"
-                    + hudson.cli.client.Messages.CLI_Usage());
+                    + CLI.usage());
         }
 
         if (command != null)
-- 
GitLab


From 7868cd6b934593380aec0db570521df2f1dff70f Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Fri, 9 Mar 2018 12:52:56 -0500
Subject: [PATCH 184/863] DoNotUse was a bit too strict for some purposes;
 switching to NoExternalUse.

---
 core/src/main/java/hudson/cli/DeleteBuildsCommand.java        | 4 ++--
 core/src/main/java/hudson/cli/ListChangesCommand.java         | 4 ++--
 core/src/main/java/jenkins/model/NewViewLink.java             | 4 ++--
 core/src/main/java/jenkins/security/CustomClassFilter.java    | 3 +--
 .../main/java/jenkins/security/s2m/DefaultFilePathFilter.java | 4 ++--
 core/src/main/java/jenkins/tasks/SimpleBuildStep.java         | 4 ++--
 6 files changed, 11 insertions(+), 12 deletions(-)

diff --git a/core/src/main/java/hudson/cli/DeleteBuildsCommand.java b/core/src/main/java/hudson/cli/DeleteBuildsCommand.java
index db86c433ab..bd1768786c 100644
--- a/core/src/main/java/hudson/cli/DeleteBuildsCommand.java
+++ b/core/src/main/java/hudson/cli/DeleteBuildsCommand.java
@@ -31,14 +31,14 @@ import java.io.PrintStream;
 import java.util.HashSet;
 import java.util.List;
 import org.kohsuke.accmod.Restricted;
-import org.kohsuke.accmod.restrictions.DoNotUse;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
 
 /**
  * Deletes builds records in a bulk.
  *
  * @author Kohsuke Kawaguchi
  */
-@Restricted(DoNotUse.class) // command implementation only
+@Restricted(NoExternalUse.class) // command implementation only
 @Extension
 public class DeleteBuildsCommand extends RunRangeCommand {
     @Override
diff --git a/core/src/main/java/hudson/cli/ListChangesCommand.java b/core/src/main/java/hudson/cli/ListChangesCommand.java
index 8da2000073..1b398bddad 100644
--- a/core/src/main/java/hudson/cli/ListChangesCommand.java
+++ b/core/src/main/java/hudson/cli/ListChangesCommand.java
@@ -15,14 +15,14 @@ import java.io.IOException;
 import java.io.PrintWriter;
 import java.util.List;
 import org.kohsuke.accmod.Restricted;
-import org.kohsuke.accmod.restrictions.DoNotUse;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
 
 /**
  * Retrieves a change list for the specified builds.
  *
  * @author Kohsuke Kawaguchi
  */
-@Restricted(DoNotUse.class) // command implementation only
+@Restricted(NoExternalUse.class) // command implementation only
 @Extension
 public class ListChangesCommand extends RunRangeCommand {
     @Override
diff --git a/core/src/main/java/jenkins/model/NewViewLink.java b/core/src/main/java/jenkins/model/NewViewLink.java
index 5f4e404167..618dc826df 100644
--- a/core/src/main/java/jenkins/model/NewViewLink.java
+++ b/core/src/main/java/jenkins/model/NewViewLink.java
@@ -9,10 +9,10 @@ import java.util.Collections;
 import java.util.List;
 
 import org.kohsuke.accmod.Restricted;
-import org.kohsuke.accmod.restrictions.DoNotUse;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
 
 @Extension
-@Restricted(DoNotUse.class)
+@Restricted(NoExternalUse.class)
 public class NewViewLink extends TransientViewActionFactory {
 
     @VisibleForTesting
diff --git a/core/src/main/java/jenkins/security/CustomClassFilter.java b/core/src/main/java/jenkins/security/CustomClassFilter.java
index 9292e6cee9..f73068f097 100644
--- a/core/src/main/java/jenkins/security/CustomClassFilter.java
+++ b/core/src/main/java/jenkins/security/CustomClassFilter.java
@@ -44,7 +44,6 @@ import jenkins.model.Jenkins;
 import jenkins.util.SystemProperties;
 import org.apache.commons.io.IOUtils;
 import org.kohsuke.accmod.Restricted;
-import org.kohsuke.accmod.restrictions.DoNotUse;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 
 /**
@@ -83,7 +82,7 @@ public interface CustomClassFilter extends ExtensionPoint {
      * Entries may also be preceded by {@code !} to blacklist.
      * Example: {@code -Dhudson.remoting.ClassFilter=com.google.common.collect.LinkedListMultimap,!com.acme.illadvised.YoloReflectionFactory$Handle}
      */
-    @Restricted(DoNotUse.class)
+    @Restricted(NoExternalUse.class)
     @Extension
     public class Static implements CustomClassFilter {
 
diff --git a/core/src/main/java/jenkins/security/s2m/DefaultFilePathFilter.java b/core/src/main/java/jenkins/security/s2m/DefaultFilePathFilter.java
index a35bfbe814..356445b76c 100644
--- a/core/src/main/java/jenkins/security/s2m/DefaultFilePathFilter.java
+++ b/core/src/main/java/jenkins/security/s2m/DefaultFilePathFilter.java
@@ -30,7 +30,7 @@ import hudson.remoting.ChannelBuilder;
 import jenkins.ReflectiveFilePathFilter;
 import jenkins.security.ChannelConfigurator;
 import org.kohsuke.accmod.Restricted;
-import org.kohsuke.accmod.restrictions.DoNotUse;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
 
 import java.io.File;
 import java.util.logging.Level;
@@ -39,7 +39,7 @@ import java.util.logging.Logger;
 /**
  * Blocks agents from writing to files on the master by default (and also provide the kill switch.)
  */
-@Restricted(DoNotUse.class) // impl
+@Restricted(NoExternalUse.class) // impl
 @Extension public class DefaultFilePathFilter extends ChannelConfigurator {
 
     /**
diff --git a/core/src/main/java/jenkins/tasks/SimpleBuildStep.java b/core/src/main/java/jenkins/tasks/SimpleBuildStep.java
index 640ea01aa2..83a6c5a9ce 100644
--- a/core/src/main/java/jenkins/tasks/SimpleBuildStep.java
+++ b/core/src/main/java/jenkins/tasks/SimpleBuildStep.java
@@ -52,7 +52,7 @@ import jenkins.model.DependencyDeclarer;
 import jenkins.model.RunAction2;
 import jenkins.model.TransientActionFactory;
 import org.kohsuke.accmod.Restricted;
-import org.kohsuke.accmod.restrictions.DoNotUse;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
 
 /**
  * A build step (like a {@link Builder} or {@link Publisher}) which may be called at an arbitrary time during a build (or multiple times), run, and be done.
@@ -103,7 +103,7 @@ public interface SimpleBuildStep extends BuildStep {
     }
 
     @SuppressWarnings("rawtypes")
-    @Restricted(DoNotUse.class)
+    @Restricted(NoExternalUse.class)
     @Extension
     public static final class LastBuildActionFactory extends TransientActionFactory<Job> {
 
-- 
GitLab


From e532099b08961c7248370948caa7c7c65a8afb9d Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Fri, 9 Mar 2018 14:49:35 -0500
Subject: [PATCH 185/863] remoting.version=3.18

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index ba2dd061f9..476e27a6e0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -103,7 +103,7 @@ THE SOFTWARE.
     <maven-war-plugin.version>3.0.0</maven-war-plugin.version> <!-- JENKINS-47127 bump when 3.2.0 is out. Cf. MWAR-407 -->
 
     <!-- Minimum Remoting version, which is tested for API compatibility -->
-    <remoting.version>3.18-20180307.194815-1</remoting.version> <!-- TODO https://github.com/jenkinsci/remoting/pull/259 -->
+    <remoting.version>3.18</remoting.version>
     <remoting.minimum.supported.version>2.60</remoting.minimum.supported.version>
 
     <findbugs.effort>Max</findbugs.effort>
-- 
GitLab


From 8492421ce10e05095d54fafa83dc05847fbb4737 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Fri, 9 Mar 2018 15:03:33 -0500
Subject: [PATCH 186/863] FilePath.exists is apparently called from
 LogRecorderManagerTest.loggingOnSlaves (though I cannot reproduce this).

---
 core/src/main/java/hudson/FilePath.java | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/core/src/main/java/hudson/FilePath.java b/core/src/main/java/hudson/FilePath.java
index f387df93e6..9b14501085 100644
--- a/core/src/main/java/hudson/FilePath.java
+++ b/core/src/main/java/hudson/FilePath.java
@@ -1490,12 +1490,14 @@ public final class FilePath implements Serializable {
      * Checks if the file exists.
      */
     public boolean exists() throws IOException, InterruptedException {
-        return act(new SecureFileCallable<Boolean>() {
-            private static final long serialVersionUID = 1L;
-            public Boolean invoke(File f, VirtualChannel channel) throws IOException {
-                return stating(f).exists();
-            }
-        });
+        return act(new Exists());
+    }
+    private class Exists extends SecureFileCallable<Boolean> {
+        private static final long serialVersionUID = 1L;
+        @Override
+        public Boolean invoke(File f, VirtualChannel channel) throws IOException {
+            return stating(f).exists();
+        }
     }
 
     /**
-- 
GitLab


From 0ffb87cbbb43f8ba3498467471d1746e3fb5b749 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Fri, 9 Mar 2018 15:12:19 -0500
Subject: [PATCH 187/863] Tests can attempt to serialize
 RetentionStrategy.NOOP.

---
 .../java/hudson/slaves/RetentionStrategy.java | 24 ++++++++-----------
 1 file changed, 10 insertions(+), 14 deletions(-)

diff --git a/core/src/main/java/hudson/slaves/RetentionStrategy.java b/core/src/main/java/hudson/slaves/RetentionStrategy.java
index 0e33a9dc6c..9eb95290c7 100644
--- a/core/src/main/java/hudson/slaves/RetentionStrategy.java
+++ b/core/src/main/java/hudson/slaves/RetentionStrategy.java
@@ -97,12 +97,7 @@ public abstract class RetentionStrategy<T extends Computer> extends AbstractDesc
      * @since 1.275
      */
     public void start(final @Nonnull T c) {
-        Queue.withLock(new Runnable() {
-            @Override
-            public void run() {
-                check(c);
-            }
-        });
+        Queue.withLock((Runnable) () -> check(c));
     }
 
     /**
@@ -123,26 +118,27 @@ public abstract class RetentionStrategy<T extends Computer> extends AbstractDesc
     /**
      * Dummy instance that doesn't do any attempt to retention.
      */
-    public static final RetentionStrategy<Computer> NOOP = new RetentionStrategy<Computer>() {
+    public static final RetentionStrategy<Computer> NOOP = new NoOp();
+    private static final class NoOp extends RetentionStrategy<Computer> {
         @GuardedBy("hudson.model.Queue.lock")
+        @Override
         public long check(Computer c) {
             return 60;
         }
-
         @Override
         public void start(Computer c) {
             c.connect(false);
         }
-
         @Override
         public Descriptor<RetentionStrategy<?>> getDescriptor() {
             return DESCRIPTOR;
         }
-
-        private final DescriptorImpl DESCRIPTOR = new DescriptorImpl();
-
-        class DescriptorImpl extends Descriptor<RetentionStrategy<?>> {}
-    };
+        private Object readResolve() {
+            return NOOP;
+        }
+        private static final DescriptorImpl DESCRIPTOR = new DescriptorImpl();
+        private static final class DescriptorImpl extends Descriptor<RetentionStrategy<?>> {}
+    }
 
     /**
      * Convenient singleton instance, since this {@link RetentionStrategy} is stateless.
-- 
GitLab


From 6232491965ab654ea9a020c3088421ce2d61705c Mon Sep 17 00:00:00 2001
From: Akbashev Alexander <mr.akbashev@gmail.com>
Date: Sat, 10 Mar 2018 01:47:18 +0100
Subject: [PATCH 188/863] Do not copy all build numbers in case of descending
 search (#3228)

[JENKINS-50056] - Do not copy all build numbers in case of descending search
---
 .../java/jenkins/model/lazy/AbstractLazyLoadRunMap.java  | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/core/src/main/java/jenkins/model/lazy/AbstractLazyLoadRunMap.java b/core/src/main/java/jenkins/model/lazy/AbstractLazyLoadRunMap.java
index a1f2eaecc3..b839866ac8 100644
--- a/core/src/main/java/jenkins/model/lazy/AbstractLazyLoadRunMap.java
+++ b/core/src/main/java/jenkins/model/lazy/AbstractLazyLoadRunMap.java
@@ -29,10 +29,9 @@ import hudson.model.RunMap;
 import java.io.File;
 import java.io.IOException;
 import java.util.AbstractMap;
-import java.util.ArrayList;
 import java.util.Collections;
 import java.util.Comparator;
-import java.util.List;
+import java.util.ListIterator;
 import java.util.Map;
 import java.util.NoSuchElementException;
 import java.util.Set;
@@ -336,9 +335,9 @@ public abstract class AbstractLazyLoadRunMap<R> extends AbstractMap<Integer,R> i
             return null;
         case DESC:
             // TODO again could be made more efficient
-            List<Integer> reversed = new ArrayList<Integer>(numberOnDisk);
-            Collections.reverse(reversed);
-            for (int m : reversed) {
+            ListIterator<Integer> iterator = numberOnDisk.listIterator(numberOnDisk.size());
+            while(iterator.hasPrevious()) {
+                int m = iterator.previous();
                 if (m > n) {
                     continue;
                 }
-- 
GitLab


From 8455bc432d62c9409f60b535f24a30c9ee7b59ed Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Sat, 10 Mar 2018 18:58:16 +0800
Subject: [PATCH 189/863] Remote unnecessary localization from
 editDescription.jelly

---
 .../AbstractModelObject/editDescription.jelly |  2 +-
 .../editDescription_bg.properties             | 24 -------------------
 .../editDescription_da.properties             | 23 ------------------
 .../editDescription_de.properties             |  1 -
 .../editDescription_es.properties             | 23 ------------------
 .../editDescription_fr.properties             | 23 ------------------
 .../editDescription_it.properties             |  1 -
 .../editDescription_ja.properties             | 23 ------------------
 .../editDescription_pl.properties             |  3 ---
 .../editDescription_pt_BR.properties          | 23 ------------------
 .../editDescription_ru.properties             | 23 ------------------
 .../editDescription_sr.properties             |  3 ---
 .../editDescription_tr.properties             | 23 ------------------
 .../editDescription_zh_CN.properties          |  3 ---
 .../editDescription_zh_TW.properties          | 23 ------------------
 15 files changed, 1 insertion(+), 220 deletions(-)
 delete mode 100644 core/src/main/resources/hudson/model/AbstractModelObject/editDescription_bg.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractModelObject/editDescription_da.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractModelObject/editDescription_de.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractModelObject/editDescription_es.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractModelObject/editDescription_fr.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractModelObject/editDescription_it.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractModelObject/editDescription_ja.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractModelObject/editDescription_pl.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractModelObject/editDescription_pt_BR.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractModelObject/editDescription_ru.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractModelObject/editDescription_sr.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractModelObject/editDescription_tr.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractModelObject/editDescription_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractModelObject/editDescription_zh_TW.properties

diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription.jelly b/core/src/main/resources/hudson/model/AbstractModelObject/editDescription.jelly
index 91940efa8d..54cf6494ad 100644
--- a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription.jelly
+++ b/core/src/main/resources/hudson/model/AbstractModelObject/editDescription.jelly
@@ -39,7 +39,7 @@ THE SOFTWARE.
                         codemirror-mode="${app.markupFormatter.codeMirrorMode}" codemirror-config="${app.markupFormatter.codeMirrorConfig}" previewEndpoint="/markupFormatter/previewDescription"/>
           </f:entry>
         </table>
-        <f:submit value="${%Submit}" />
+        <f:submit />
       </form>
     </l:main-panel>
   </l:layout>
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_bg.properties b/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_bg.properties
deleted file mode 100644
index ce43fb6569..0000000000
--- a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_bg.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Bulgarian translation: Copyright (c) 2015, 2016, Alexander Shopov <ash@kambanaria.org>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Submit=\
- \u0417\u0430\u043f\u0430\u0437\u0432\u0430\u043d\u0435
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_da.properties b/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_da.properties
deleted file mode 100644
index 3bdeaf1bbf..0000000000
--- a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_da.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc. Kohsuke Kawaguchi. Knud Poulsen.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Submit=Gem
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_de.properties b/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_de.properties
deleted file mode 100644
index abc47f4038..0000000000
--- a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_de.properties
+++ /dev/null
@@ -1 +0,0 @@
-Submit=�bernehmen
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_es.properties b/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_es.properties
deleted file mode 100644
index 5fffca2552..0000000000
--- a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_es.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Submit=Enviar
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_fr.properties b/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_fr.properties
deleted file mode 100644
index 526a39d3d0..0000000000
--- a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_fr.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi, Eric Lefevre-Ardant
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Submit=Envoyer
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_it.properties b/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_it.properties
deleted file mode 100644
index e86f33e771..0000000000
--- a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_it.properties
+++ /dev/null
@@ -1 +0,0 @@
-Submit=Invia
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_ja.properties b/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_ja.properties
deleted file mode 100644
index 71ba9fccbb..0000000000
--- a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_ja.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi, Seiji Sogabe
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Submit=\u4fdd\u5b58
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_pl.properties b/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_pl.properties
deleted file mode 100644
index 18411cab6f..0000000000
--- a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_pl.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-Submit=Zapisz
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_pt_BR.properties b/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_pt_BR.properties
deleted file mode 100644
index bedff77246..0000000000
--- a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_pt_BR.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc., Cleiber Silva
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Submit=Enviar
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_ru.properties b/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_ru.properties
deleted file mode 100644
index e421a45699..0000000000
--- a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_ru.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Submit=\u041F\u0440\u0438\u043C\u0435\u043D\u0438\u0442\u044C
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_sr.properties b/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_sr.properties
deleted file mode 100644
index c8e10fc8ec..0000000000
--- a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_sr.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-Submit=\u041F\u043E\u0434\u043D\u0435\u0441\u0438
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_tr.properties b/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_tr.properties
deleted file mode 100644
index 9bbde41249..0000000000
--- a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_tr.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi, Oguz Dag
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Submit=G\u00f6nder
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_zh_CN.properties b/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_zh_CN.properties
deleted file mode 100644
index 4da5732b2a..0000000000
--- a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_zh_CN.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-Submit=\u63D0\u4EA4
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_zh_TW.properties b/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_zh_TW.properties
deleted file mode 100644
index b93603b37c..0000000000
--- a/core/src/main/resources/hudson/model/AbstractModelObject/editDescription_zh_TW.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2013, Chunghwa Telecom Co., Ltd., Pei-Tang Huang
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Submit=\u9001\u51fa
-- 
GitLab


From 0dd91bbf8ce0f9b4f895e86087c3f008b683f98e Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Sat, 10 Mar 2018 19:02:50 +0800
Subject: [PATCH 190/863] Remote unnecessary localization from advanced.jelly

---
 .../hudson/PluginManager/advanced.jelly       |  2 +-
 .../PluginManager/advanced_bg.properties      | 20 +++++++++----------
 .../PluginManager/advanced_cs.properties      |  1 -
 .../PluginManager/advanced_da.properties      |  7 +++----
 .../PluginManager/advanced_de.properties      |  1 -
 .../PluginManager/advanced_es.properties      |  7 +++----
 .../PluginManager/advanced_fi.properties      |  1 -
 .../PluginManager/advanced_fr.properties      |  1 -
 .../PluginManager/advanced_hu.properties      |  1 -
 .../PluginManager/advanced_it.properties      |  3 +--
 .../PluginManager/advanced_ja.properties      | 17 ++++++++--------
 .../PluginManager/advanced_ko.properties      |  1 -
 .../PluginManager/advanced_lv.properties      |  1 -
 .../PluginManager/advanced_nb_NO.properties   |  1 -
 .../PluginManager/advanced_nl.properties      |  1 -
 .../PluginManager/advanced_pl.properties      |  1 -
 .../PluginManager/advanced_pt_BR.properties   |  9 ++++-----
 .../PluginManager/advanced_pt_PT.properties   |  1 -
 .../PluginManager/advanced_ru.properties      |  1 -
 .../PluginManager/advanced_sk.properties      |  1 -
 .../PluginManager/advanced_sr.properties      |  1 -
 .../PluginManager/advanced_sv_SE.properties   |  1 -
 .../PluginManager/advanced_tr.properties      | 11 +++++-----
 .../PluginManager/advanced_zh_CN.properties   |  1 -
 .../PluginManager/advanced_zh_TW.properties   | 15 +++++++-------
 25 files changed, 41 insertions(+), 66 deletions(-)

diff --git a/core/src/main/resources/hudson/PluginManager/advanced.jelly b/core/src/main/resources/hudson/PluginManager/advanced.jelly
index 362d28e9ca..2a959d5e6a 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced.jelly
+++ b/core/src/main/resources/hudson/PluginManager/advanced.jelly
@@ -73,7 +73,7 @@ THE SOFTWARE.
                   <f:textbox name="site" value="${app.updateCenter.getSite(app.updateCenter.ID_DEFAULT).url}" />
                 </f:entry>
                 <f:block>
-                  <f:submit value="${%Submit}" />
+                  <f:submit />
                 </f:block>
               </f:form>
               <j:set var="hasNonDefault" value="${false}"/>
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_bg.properties b/core/src/main/resources/hudson/PluginManager/advanced_bg.properties
index 3fc652c463..0fb4aa2df6 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_bg.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_bg.properties
@@ -21,23 +21,21 @@
 # THE SOFTWARE.
 
 File=\
- \u0424\u0430\u0439\u043b
+ \u0424\u0430\u0439\u043B
 HTTP\ Proxy\ Configuration=\
- \u0421\u044a\u0440\u0432\u044a\u0440-\u043f\u043e\u0441\u0440\u0435\u0434\u043d\u0438\u043a \u0437\u0430 HTTP
-Submit=\
- \u041f\u043e\u0442\u0432\u044a\u0440\u0436\u0434\u0430\u0432\u0430\u043d\u0435
+ \u0421\u044A\u0440\u0432\u044A\u0440-\u043F\u043E\u0441\u0440\u0435\u0434\u043D\u0438\u043A \u0437\u0430 HTTP
 Update\ Site=\
- \u041e\u0431\u043d\u043e\u0432\u044f\u0432\u0430\u043d\u0435 \u043d\u0430 \u0441\u0430\u0439\u0442\u0430
+ \u041E\u0431\u043D\u043E\u0432\u044F\u0432\u0430\u043D\u0435 \u043D\u0430 \u0441\u0430\u0439\u0442\u0430
 Upload=\
- \u041a\u0430\u0447\u0432\u0430\u043d\u0435
+ \u041A\u0430\u0447\u0432\u0430\u043D\u0435
 Upload\ Plugin=\
- \u041a\u0430\u0447\u0432\u0430\u043d\u0435 \u043d\u0430 \u043f\u0440\u0438\u0441\u0442\u0430\u0432\u043a\u0430
+ \u041A\u0430\u0447\u0432\u0430\u043D\u0435 \u043D\u0430 \u043F\u0440\u0438\u0441\u0442\u0430\u0432\u043A\u0430
 uploadtext=\
- \u041c\u043e\u0436\u0435 \u0434\u0430 \u043a\u0430\u0447\u0438\u0442\u0435 \u0444\u0430\u0439\u043b \u0432\u044a\u0432 \u0444\u043e\u0440\u043c\u0430\u0442 \u201e.hpi\u201c, \u0437\u0430 \u0434\u0430 \u0438\u043d\u0441\u0442\u0430\u043b\u0438\u0440\u0430\u0442\u0435 \u043f\u0440\u0438\u0441\u0442\u0430\u0432\u043a\u0430 \u0438\u0437\u0432\u044a\u043d\
- \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u043d\u043e\u0442\u043e \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435.
+ \u041C\u043E\u0436\u0435 \u0434\u0430 \u043A\u0430\u0447\u0438\u0442\u0435 \u0444\u0430\u0439\u043B \u0432\u044A\u0432 \u0444\u043E\u0440\u043C\u0430\u0442 \u201E.hpi\u201C, \u0437\u0430 \u0434\u0430 \u0438\u043D\u0441\u0442\u0430\u043B\u0438\u0440\u0430\u0442\u0435 \u043F\u0440\u0438\u0441\u0442\u0430\u0432\u043A\u0430 \u0438\u0437\u0432\u044A\u043D\
+ \u043E\u0444\u0438\u0446\u0438\u0430\u043B\u043D\u043E\u0442\u043E \u0445\u0440\u0430\u043D\u0438\u043B\u0438\u0449\u0435.
 Other\ Sites=\
- \u0414\u0440\u0443\u0433\u0438 \u0441\u0430\u0439\u0442\u043e\u0432\u0435
+ \u0414\u0440\u0443\u0433\u0438 \u0441\u0430\u0439\u0442\u043E\u0432\u0435
 Update\ Center=\
- \u0421\u0430\u0439\u0442 \u0437\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f
+ \u0421\u0430\u0439\u0442 \u0437\u0430 \u043E\u0431\u043D\u043E\u0432\u043B\u0435\u043D\u0438\u044F
 URL=\
  \u0410\u0434\u0440\u0435\u0441
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_cs.properties b/core/src/main/resources/hudson/PluginManager/advanced_cs.properties
index 4551fc7654..1d0183d743 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_cs.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_cs.properties
@@ -2,7 +2,6 @@
 
 File=Soubor
 HTTP\ Proxy\ Configuration=Nastaven\u00ED HTTP Proxy
-Submit=Odeslat
 Update\ Site=\u00DAlo\u017Ei\u0161t\u011B aktualizac\u00ED
 Upload=Nahr\u00E1t
 Upload\ Plugin=Nahr\u00E1t Plugin
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_da.properties b/core/src/main/resources/hudson/PluginManager/advanced_da.properties
index cea2ce412d..6d149c87fc 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_da.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_da.properties
@@ -22,14 +22,13 @@
 
 Update\ Site=Opdateringssite
 Password=Adgangskode
-Upload=L\u00e6g op
+Upload=L\u00E6g op
 User\ name=Brugernavn
 File=Fil
 URL=URL
 lastUpdated=Opdateringsinformation hentet: {0} dage siden
-uploadtext=Du kan l\u00e6gge en .hpi fil op for at installere en plugin fra udenfor det centrale plugin lager.
+uploadtext=Du kan l\u00E6gge en .hpi fil op for at installere en plugin fra udenfor det centrale plugin lager.
 Port=Port
 HTTP\ Proxy\ Configuration=HTTP proxykonfiguration
 Server=Server
-Upload\ Plugin=L\u00e6g plugin op
-Submit=Gem
+Upload\ Plugin=L\u00E6g plugin op
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_de.properties b/core/src/main/resources/hudson/PluginManager/advanced_de.properties
index d5b7ed5f20..d38b9767fe 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_de.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_de.properties
@@ -21,7 +21,6 @@
 # THE SOFTWARE.
 
 HTTP\ Proxy\ Configuration=HTTP-Proxy Konfiguration
-Submit=�bernehmen
 Upload\ Plugin=Plugin hochladen
 File=Datei
 Upload=Hochladen
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_es.properties b/core/src/main/resources/hudson/PluginManager/advanced_es.properties
index 1a5ebcf151..881f9874cd 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_es.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_es.properties
@@ -20,14 +20,13 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-lastUpdated=Informacion de actualizaci�n es de hace {0}.
+lastUpdated=Informacion de actualizaci\uFFFDn es de hace {0}.
 uploadtext=\
   Puedes subir un fichero .hpi para instalar un plugin que no este en el repositorio central.
-Submit=Enviar
 File=Archivo
 Upload\ Plugin=Subir un plugin
 Upload=Subir
-HTTP\ Proxy\ Configuration=Configuraci�n de proxy
-Update\ Site=Direcci�n para la actualizaci�n
+HTTP\ Proxy\ Configuration=Configuraci\uFFFDn de proxy
+Update\ Site=Direcci\uFFFDn para la actualizaci\uFFFDn
 URL=Url
 Update\ Center=Centro de actualizaciones
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_fi.properties b/core/src/main/resources/hudson/PluginManager/advanced_fi.properties
index e406d3c570..6604dfe06c 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_fi.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_fi.properties
@@ -25,7 +25,6 @@ HTTP\ Proxy\ Configuration=HTTP-v\u00E4lipalvelinasetukset
 Password=Salasana
 Port=Portti
 Server=Palvelin
-Submit=L\u00E4het\u00E4
 URL=URL
 Update\ Site=P\u00E4ivityssivusto
 Upload=Lataa
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_fr.properties b/core/src/main/resources/hudson/PluginManager/advanced_fr.properties
index 85763f7c7b..7e9c382c28 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_fr.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_fr.properties
@@ -21,7 +21,6 @@
 # THE SOFTWARE.
 
 HTTP\ Proxy\ Configuration=Configuration du proxy HTTP
-Submit=Soumettre
 Upload\ Plugin=Soumettre un plugin
 File=Fichier
 Update\ Site=Site de mise \u00E0 jour
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_hu.properties b/core/src/main/resources/hudson/PluginManager/advanced_hu.properties
index 01e7d77e9e..23f4e73419 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_hu.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_hu.properties
@@ -2,7 +2,6 @@
 
 File=\u00C1llom\u00E1ny
 HTTP\ Proxy\ Configuration=HTTP Proxy Be\u00E1ll\u00EDt\u00E1sok
-Submit=Elk\u00FCld
 Update\ Site=Friss\u00EDt\u00E9si Oldal
 Upload=Felt\u00F6lt
 Upload\ Plugin=Be\u00E9p\u00FCl\u0151 Felt\u00F6lt\u00E9se
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_it.properties b/core/src/main/resources/hudson/PluginManager/advanced_it.properties
index 560add8ba3..31a9263d9c 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_it.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_it.properties
@@ -21,12 +21,11 @@
 # THE SOFTWARE.
 
 HTTP\ Proxy\ Configuration=Configurazione proxy HTTP
-Submit=Invia
 URL=URL
 Update\ Site=Aggiorna sito
 Upload=Carica
 Upload\ Plugin=Carica plugin
-uploadtext=� possibile caricare un file .hpi per installare un plugin da una fonte esterna al repository plugin centrale.
+uploadtext=\uFFFD possibile caricare un file .hpi per installare un plugin da una fonte esterna al repository plugin centrale.
 Update\ Center=Centro aggiornamenti
 File=File
 Other\ Sites=Altri siti
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_ja.properties b/core/src/main/resources/hudson/PluginManager/advanced_ja.properties
index 149795c960..2f2ea0932c 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_ja.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_ja.properties
@@ -20,14 +20,13 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-HTTP\ Proxy\ Configuration=HTTP Proxy\u306e\u8a2d\u5b9a
-Submit=\u4fdd\u5b58
-Upload\ Plugin=\u30d7\u30e9\u30b0\u30a4\u30f3\u306e\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9
-Upload=\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9
-File=\u30d5\u30a1\u30a4\u30eb
+HTTP\ Proxy\ Configuration=HTTP Proxy\u306E\u8A2D\u5B9A
+Upload\ Plugin=\u30D7\u30E9\u30B0\u30A4\u30F3\u306E\u30A2\u30C3\u30D7\u30ED\u30FC\u30C9
+Upload=\u30A2\u30C3\u30D7\u30ED\u30FC\u30C9
+File=\u30D5\u30A1\u30A4\u30EB
 uploadtext=\
-   .hpi\u30d5\u30a1\u30a4\u30eb\u3092\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9\u3057\u3066\u3001\u30d7\u30e9\u30b0\u30a4\u30f3\u30ea\u30dd\u30b8\u30c8\u30ea\u4ee5\u5916\u304b\u3089\u30d7\u30e9\u30b0\u30a4\u30f3\u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3067\u304d\u307e\u3059\u3002
-Update\ Site=\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u30b5\u30a4\u30c8
+   .hpi\u30D5\u30A1\u30A4\u30EB\u3092\u30A2\u30C3\u30D7\u30ED\u30FC\u30C9\u3057\u3066\u3001\u30D7\u30E9\u30B0\u30A4\u30F3\u30EA\u30DD\u30B8\u30C8\u30EA\u4EE5\u5916\u304B\u3089\u30D7\u30E9\u30B0\u30A4\u30F3\u3092\u30A4\u30F3\u30B9\u30C8\u30FC\u30EB\u3067\u304D\u307E\u3059\u3002
+Update\ Site=\u30A2\u30C3\u30D7\u30C7\u30FC\u30C8\u30B5\u30A4\u30C8
 URL=URL
-Update\ Center=\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u30bb\u30f3\u30bf\u30fc
-Other\ Sites=\u4ed6\u30b5\u30a4\u30c8
+Update\ Center=\u30A2\u30C3\u30D7\u30C7\u30FC\u30C8\u30BB\u30F3\u30BF\u30FC
+Other\ Sites=\u4ED6\u30B5\u30A4\u30C8
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_ko.properties b/core/src/main/resources/hudson/PluginManager/advanced_ko.properties
index 18b829d7bd..d1146c4966 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_ko.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_ko.properties
@@ -25,7 +25,6 @@ HTTP\ Proxy\ Configuration=HTTP \uD504\uB85D\uC2DC \uC124\uC815
 Password=\uC554\uD638
 Port=\uD3EC\uD2B8
 Server=\uC11C\uBC84
-Submit=\uC800\uC7A5
 URL=\uC0AC\uC774\uD2B8\uACBD\uB85C
 Update\ Site=\uC5C5\uB370\uC774\uD2B8 \uC0AC\uC774\uD2B8
 Upload=\uC62C\uB9AC\uAE30
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_lv.properties b/core/src/main/resources/hudson/PluginManager/advanced_lv.properties
index 3e103e2a01..c5e1bac003 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_lv.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_lv.properties
@@ -2,7 +2,6 @@
 
 File=Fails
 HTTP\ Proxy\ Configuration=HTTP Starpniekservera konfigur\u0101cija
-Submit=Nos\u016Bt\u012Bt
 Update\ Site=Aug\u0161upl\u0101des vietne
 Upload=Aug\u0161upl\u0101d\u0113t
 Upload\ Plugin=Aug\u0161upl\u0101d\u0113t spraudni
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_nb_NO.properties b/core/src/main/resources/hudson/PluginManager/advanced_nb_NO.properties
index 5cec6ec57d..2ac5d17c50 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_nb_NO.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_nb_NO.properties
@@ -25,7 +25,6 @@ HTTP\ Proxy\ Configuration=HTTP mellomtjener konfigurasjon
 Password=Passord
 Port=Port
 Server=Server
-Submit=Lagre
 Upload=Last opp
 Upload\ Plugin=Last opp programtillegg
 User\ name=Brukernavn
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_nl.properties b/core/src/main/resources/hudson/PluginManager/advanced_nl.properties
index eddf5de998..f082f09c98 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_nl.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_nl.properties
@@ -29,6 +29,5 @@ User\ name=Gebruikersnaam
 URL=URL
 Upload=Uploaden
 HTTP\ Proxy\ Configuration=HTTP-proxyconfiguratie
-Submit=Versturen
 Upload\ Plugin=Plugin uploaden
 File=Bestand
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_pl.properties b/core/src/main/resources/hudson/PluginManager/advanced_pl.properties
index d930415d31..2bd68cd861 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_pl.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_pl.properties
@@ -22,7 +22,6 @@
 
 File=Plik
 HTTP\ Proxy\ Configuration=Konfiguracja HTTP Proxy
-Submit=Prze\u015Blij
 URL=Adres URL
 Update\ Site=Strona z aktualizacjami
 Upload=Prze\u015Blij
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_pt_BR.properties b/core/src/main/resources/hudson/PluginManager/advanced_pt_BR.properties
index 6de0e5b3be..27f20b4e17 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_pt_BR.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_pt_BR.properties
@@ -20,14 +20,13 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-lastUpdated=Informa\u00e7\u00e3o de atualiza\u00e7\u00e3o obtida: {0} atr\u00e1s
+lastUpdated=Informa\u00E7\u00E3o de atualiza\u00E7\u00E3o obtida: {0} atr\u00E1s
 uploadtext=Voc\u00EA pode fazer o upload de um arquivo .hpi para instalar um plugin fora do reposit\u00F3rio central.
-Update\ Site=Site de atualiza\u00e7\u00e3o
+Update\ Site=Site de atualiza\u00E7\u00E3o
 File=Arquivo
 Upload\ Plugin=Atualizar plugin
-HTTP\ Proxy\ Configuration=Configura\u00e7\u00e3o de Proxy/HTTP
+HTTP\ Proxy\ Configuration=Configura\u00E7\u00E3o de Proxy/HTTP
 URL=URL
 Upload=Upload
-Submit=Enviar
-Update\ Center=Central de atualiza\u00e7\u00f5es
+Update\ Center=Central de atualiza\u00E7\u00F5es
 Other\ Sites=Outros sites
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_pt_PT.properties b/core/src/main/resources/hudson/PluginManager/advanced_pt_PT.properties
index 5f2a622c91..e3be3112eb 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_pt_PT.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_pt_PT.properties
@@ -1,7 +1,6 @@
 # This file is under the MIT License by authors
 
 File=Ficheiro
-Submit=Enviar
 Update\ Site=Atualizar Site
 Upload=Enviar
 Upload\ Plugin=Enviar Plugin
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_ru.properties b/core/src/main/resources/hudson/PluginManager/advanced_ru.properties
index 98ef9a67d9..c04a6fe862 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_ru.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_ru.properties
@@ -25,7 +25,6 @@ HTTP\ Proxy\ Configuration=\u041A\u043E\u043D\u0444\u0438\u0433\u0443\u0440\u043
 Password=\u041F\u0430\u0440\u043E\u043B\u044C
 Port=\u041F\u043E\u0440\u0442
 Server=\u0421\u0435\u0440\u0432\u0435\u0440
-Submit=\u0421\u043E\u0445\u0440\u0430\u043D\u0438\u0442\u044C
 URL=\u0410\u0434\u0440\u0435\u0441 URL
 Update\ Site=\u0421\u0430\u0439\u0442 \u043E\u0431\u043D\u043E\u0432\u043B\u0435\u043D\u0438\u0439
 Upload=\u0417\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044C
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_sk.properties b/core/src/main/resources/hudson/PluginManager/advanced_sk.properties
index 2b35c4933a..5fda294bb9 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_sk.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_sk.properties
@@ -2,5 +2,4 @@
 
 File=S\u00FAbor
 HTTP\ Proxy\ Configuration=Konfigur\u00E1cia HTTP proxy
-Submit=Po\u0161li
 lastUpdated=Inform\u00E1cia o aktualiz\u00E1ci\u00E1ch z\u00EDskan\u00E1 pred: {0}
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_sr.properties b/core/src/main/resources/hudson/PluginManager/advanced_sr.properties
index 99f4d1a1e1..ec453b66ce 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_sr.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_sr.properties
@@ -2,7 +2,6 @@
 
 Update\ Center=\u0426\u0435\u043D\u0442\u0430\u0440 \u0437\u0430 \u0430\u0436\u0443\u0440\u0438\u0440\u0430\u045A\u0435
 HTTP\ Proxy\ Configuration=\u041F\u043E\u0441\u0442\u0430\u0432\u0459\u0430\u045A\u0435 HTTP Proxy
-Submit=\u041F\u043E\u0442\u0432\u0440\u0434\u0438
 Upload\ Plugin=\u041E\u0442\u043F\u0440\u0435\u043C\u0438 \u043C\u043E\u0434\u0443\u043B\u0443
 uploadtext=\u041C\u043E\u0436\u0435\u0442\u0435 \u043E\u0442\u043F\u0440\u0435\u043C\u0438\u0442\u0438 \u0434\u0430\u0442\u043E\u0442\u0435\u043A\u0443 \u0443 \u0444\u043E\u0440\u043C\u0430\u0442\u0443 ".hpi", \u0434\u0430 \u0431\u0438\u0441\u0442\u0435 \u0438\u043D\u0441\u0442\u0430\u043B\u0438\u0440\u0430\u043B\u0438 \u043C\u043E\u0434\u0443\u043B\u0443 \u0432\u0430\u043D\
 \u0446\u0435\u043D\u0442\u0440\u0430\u043B\u043D\u043E\u0433 \u0438\u0437\u0432\u043E\u0440\u0430 \u0437\u0430 \u043C\u043E\u0434\u0443\u043B\u0435.
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_sv_SE.properties b/core/src/main/resources/hudson/PluginManager/advanced_sv_SE.properties
index 10c631c442..7c6bae6e81 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_sv_SE.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_sv_SE.properties
@@ -25,7 +25,6 @@ HTTP\ Proxy\ Configuration=HTTP-proxykonfiguration
 Password=L\u00F6senord
 Port=Port
 Server=Server
-Submit=Skicka
 URL=URL
 Update\ Site=Updateringssajt
 Upload=Ladda upp
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_tr.properties b/core/src/main/resources/hudson/PluginManager/advanced_tr.properties
index daf9bed295..34bd395fc3 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_tr.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_tr.properties
@@ -20,12 +20,11 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-HTTP\ Proxy\ Configuration=HTTP Proxy Konfig\u00fcrasyonu
-Submit=G\u00f6nder
-Upload\ Plugin=Eklenti Y\u00fckle
+HTTP\ Proxy\ Configuration=HTTP Proxy Konfig\u00FCrasyonu
+Upload\ Plugin=Eklenti Y\u00FCkle
 uploadtext=\
-Merkezi eklenti repository''si d\u0131\u015f\u0131nda bir eklenti eklemek i\u00e7in .hpi dosyas\u0131n\u0131 y\u00fcklemeniz yeterli olacakt\u0131r.
+Merkezi eklenti repository''si d\u0131\u015F\u0131nda bir eklenti eklemek i\u00E7in .hpi dosyas\u0131n\u0131 y\u00FCklemeniz yeterli olacakt\u0131r.
 File=Dosya
 Update\ Site=G\u00FCncelleme sitesi
-Upload=Y\u00fckle
-lastUpdated=Al\u0131nan son g\u00fcncelleme bilgisi : {0} \u00f6nce
+Upload=Y\u00FCkle
+lastUpdated=Al\u0131nan son g\u00FCncelleme bilgisi : {0} \u00F6nce
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_zh_CN.properties b/core/src/main/resources/hudson/PluginManager/advanced_zh_CN.properties
index e76b4d3ea4..df08d3b54b 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_zh_CN.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_zh_CN.properties
@@ -25,7 +25,6 @@ HTTP\ Proxy\ Configuration=\u4EE3\u7406\u8BBE\u7F6E
 Password=\u5BC6\u7801
 Port=\u7AEF\u53E3
 Server=\u670D\u52A1\u5668
-Submit=\u63D0\u4EA4
 URL=URL
 Update\ Site=\u5347\u7EA7\u7AD9\u70B9
 Upload=\u4E0A\u4F20
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_zh_TW.properties b/core/src/main/resources/hudson/PluginManager/advanced_zh_TW.properties
index 299d2013bc..5a6a9c1420 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced_zh_TW.properties
+++ b/core/src/main/resources/hudson/PluginManager/advanced_zh_TW.properties
@@ -21,18 +21,17 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Update\ Center=\u66f4\u65b0\u4e2d\u5fc3
+Update\ Center=\u66F4\u65B0\u4E2D\u5FC3
 
 HTTP\ Proxy\ Configuration=HTTP Proxy\u8A2D\u5B9A
-Submit=\u9001\u51fa
 
-Upload\ Plugin=\u4e0a\u50b3\u5916\u639b\u7a0b\u5f0f
-uploadtext=\u60a8\u53ef\u4ee5\u624b\u52d5\u4e0a\u50b3 .hpi \u6a94\u6848\u4f86\u5b89\u88dd\u4e0d\u5728\u4e2d\u592e\u5132\u5b58\u5eab\u4e0a\u7684\u5916\u639b\u7a0b\u5f0f\u3002
-File=\u6a94\u6848
-Upload=\u4e0a\u50b3
+Upload\ Plugin=\u4E0A\u50B3\u5916\u639B\u7A0B\u5F0F
+uploadtext=\u60A8\u53EF\u4EE5\u624B\u52D5\u4E0A\u50B3 .hpi \u6A94\u6848\u4F86\u5B89\u88DD\u4E0D\u5728\u4E2D\u592E\u5132\u5B58\u5EAB\u4E0A\u7684\u5916\u639B\u7A0B\u5F0F\u3002
+File=\u6A94\u6848
+Upload=\u4E0A\u50B3
 
 Update\ Site=\u66F4\u65B0\u7DB2\u5740
 URL=URL
 
-Other\ Sites=\u5176\u4ed6\u7db2\u7ad9
-lastUpdated=\u66f4\u65b0\u8cc7\u8a0a\u53d6\u5f97\u6642\u9593: {0}\u4ee5\u524d
+Other\ Sites=\u5176\u4ED6\u7DB2\u7AD9
+lastUpdated=\u66F4\u65B0\u8CC7\u8A0A\u53D6\u5F97\u6642\u9593: {0}\u4EE5\u524D
-- 
GitLab


From d0ff04d476e144dbc7bbeb71b08614cb80913a05 Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Sat, 10 Mar 2018 19:06:28 +0800
Subject: [PATCH 191/863] Remote unnecessary localization from advanced.jelly

---
 core/src/main/resources/hudson/PluginManager/advanced.jelly | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/hudson/PluginManager/advanced.jelly b/core/src/main/resources/hudson/PluginManager/advanced.jelly
index 2a959d5e6a..9c06363f03 100644
--- a/core/src/main/resources/hudson/PluginManager/advanced.jelly
+++ b/core/src/main/resources/hudson/PluginManager/advanced.jelly
@@ -44,7 +44,7 @@ THE SOFTWARE.
                   <st:include from="${descriptor}" page="${descriptor.configPage}" />
                 </j:scope>
                 <f:block>
-                  <f:submit value="${%Submit}" />
+                  <f:submit />
                 </f:block>
               </f:form>
             </l:hasPermission>
-- 
GitLab


From ed8d905c2c3cdf8e68b3100c9521891761ef359e Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Sat, 10 Mar 2018 19:08:32 +0800
Subject: [PATCH 192/863] Remote unnecessary localization from levels.jelly

---
 .../hudson/logging/LogRecorderManager/levels.jelly |  2 +-
 .../LogRecorderManager/levels_bg.properties        | 14 ++++++--------
 .../LogRecorderManager/levels_da.properties        |  1 -
 .../LogRecorderManager/levels_de.properties        |  9 ++++-----
 .../LogRecorderManager/levels_es.properties        |  5 ++---
 .../LogRecorderManager/levels_fr.properties        |  1 -
 .../LogRecorderManager/levels_it.properties        |  3 +--
 .../LogRecorderManager/levels_ja.properties        |  1 -
 .../LogRecorderManager/levels_ko.properties        |  1 -
 .../LogRecorderManager/levels_pl.properties        |  1 -
 .../LogRecorderManager/levels_pt.properties        |  9 ++++-----
 .../LogRecorderManager/levels_pt_BR.properties     |  7 +++----
 .../LogRecorderManager/levels_ru.properties        |  1 -
 .../LogRecorderManager/levels_sr.properties        |  3 +--
 .../LogRecorderManager/levels_zh_CN.properties     |  1 -
 .../LogRecorderManager/levels_zh_TW.properties     | 11 +++++------
 16 files changed, 27 insertions(+), 43 deletions(-)

diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/levels.jelly b/core/src/main/resources/hudson/logging/LogRecorderManager/levels.jelly
index a115216e81..4a4de33506 100644
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/levels.jelly
+++ b/core/src/main/resources/hudson/logging/LogRecorderManager/levels.jelly
@@ -68,7 +68,7 @@ THE SOFTWARE.
         <option>all</option>
       </select>
       <st:nbsp/>
-      <f:submit value="${%Submit}"/>
+      <f:submit />
     </form>
   </l:main-panel>
 </l:layout>
diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_bg.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_bg.properties
index 1372aaaa67..14bc4ff268 100644
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_bg.properties
+++ b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_bg.properties
@@ -23,18 +23,16 @@
 # Logger with no name is the default logger. \ 
 # This level will be inherited by all loggers without a configured level.
 defaultLoggerMsg=\
- \u0416\u0443\u0440\u043d\u0430\u043b\u044a\u0442 \u0431\u0435\u0437 \u0438\u043c\u0435 \u0435 \u043f\u043e \u043f\u043e\u0434\u0440\u0430\u0437\u0431\u0438\u0440\u0430\u043d\u0435. \u041d\u0435\u0433\u043e\u0432\u043e\u0442\u043e \u043d\u0438\u0432\u043e \u0441\u0435 \u043d\u0430\u0441\u043b\u0435\u0434\u044f\u0432\u0430 \u043e\u0442 \u0432\u0441\u0438\u0447\u043a\u0438\
- \u0436\u0443\u0440\u043d\u0430\u043b\u0438 \u0431\u0435\u0437 \u0438\u0437\u0440\u0438\u0447\u043d\u043e \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u043e \u043d\u0438\u0432\u043e.
+ \u0416\u0443\u0440\u043D\u0430\u043B\u044A\u0442 \u0431\u0435\u0437 \u0438\u043C\u0435 \u0435 \u043F\u043E \u043F\u043E\u0434\u0440\u0430\u0437\u0431\u0438\u0440\u0430\u043D\u0435. \u041D\u0435\u0433\u043E\u0432\u043E\u0442\u043E \u043D\u0438\u0432\u043E \u0441\u0435 \u043D\u0430\u0441\u043B\u0435\u0434\u044F\u0432\u0430 \u043E\u0442 \u0432\u0441\u0438\u0447\u043A\u0438\
+ \u0436\u0443\u0440\u043D\u0430\u043B\u0438 \u0431\u0435\u0437 \u0438\u0437\u0440\u0438\u0447\u043D\u043E \u043D\u0430\u0441\u0442\u0440\u043E\u0435\u043D\u043E \u043D\u0438\u0432\u043E.
 Level=\
- \u041d\u0438\u0432\u043e
-Submit=\
- \u0417\u0430\u043f\u0430\u0437\u0432\u0430\u043d\u0435
+ \u041D\u0438\u0432\u043E
 Logger\ Configuration=\
- \u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u043d\u0430 \u0436\u0443\u0440\u043d\u0430\u043b\u0430
+ \u041D\u0430\u0441\u0442\u0440\u043E\u0439\u043A\u0438 \u043D\u0430 \u0436\u0443\u0440\u043D\u0430\u043B\u0430
 Adjust\ Levels=\
- \u041f\u0440\u043e\u043c\u044f\u043d\u0430 \u043d\u0430 \u043d\u0438\u0432\u0430\u0442\u0430
+ \u041F\u0440\u043E\u043C\u044F\u043D\u0430 \u043D\u0430 \u043D\u0438\u0432\u0430\u0442\u0430
 Name=\
- \u0418\u043c\u0435
+ \u0418\u043C\u0435
 # https://jenkins.io/redirect/log-levels
 url=\
  https://jenkins.io/redirect/log-levels
diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_da.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_da.properties
index 4b02925256..382913ca6e 100644
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_da.properties
+++ b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_da.properties
@@ -26,5 +26,4 @@ defaultLoggerMsg=Unavngiven logger er standardlogger. \
 Dette niveau vil nedarve til alle loggere uden et konfigurationsniveau.
 Name=Navn
 Adjust\ Levels=Juster niveau
-Submit=Gem
 Logger\ Configuration=Logger konfiguration
diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_de.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_de.properties
index 1a8a389aec..67c63809ce 100644
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_de.properties
+++ b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_de.properties
@@ -23,8 +23,7 @@
 Logger\ Configuration=Logger-Konfiguration
 url=https://jenkins.io/redirect/log-levels
 Name=Name
-Level=Priorit�t
-Submit=�bernehmen
-Adjust\ Levels=Priorit�ten (levels) anpassen
-defaultLoggerMsg=Der Logger ohne Namen ist der Default-Logger. Seine Priorit�t \
-  wird von allen Loggern �bernommen, f�r die keine Priorit�t explizit angegeben wurde.
\ No newline at end of file
+Level=Priorit\uFFFDt
+Adjust\ Levels=Priorit\uFFFDten (levels) anpassen
+defaultLoggerMsg=Der Logger ohne Namen ist der Default-Logger. Seine Priorit\uFFFDt \
+  wird von allen Loggern \uFFFDbernommen, f\uFFFDr die keine Priorit\uFFFDt explizit angegeben wurde.
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_es.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_es.properties
index aa803dda35..3aa52ced12 100644
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_es.properties
+++ b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_es.properties
@@ -22,9 +22,8 @@
 
 url=https://jenkins.io/redirect/log-levels
 Level=Nivel de log
-Logger\ Configuration=Configuraci�n del logger
-Submit=Enviar
+Logger\ Configuration=Configuraci\uFFFDn del logger
 Name=Nombre
 defaultLoggerMsg=Por defecto se usa un Logger sin mombre. \
- Este nivel ser� heredado por todos los loggers que no est�n configurados con un nivel de log.
+ Este nivel ser\uFFFD heredado por todos los loggers que no est\uFFFDn configurados con un nivel de log.
 Adjust\ Levels=Ajustar niveles de log.
diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_fr.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_fr.properties
index c30bb5735a..04402c73d1 100644
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_fr.properties
+++ b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_fr.properties
@@ -23,5 +23,4 @@
 Logger\ Configuration=Configuration du logger
 Name=Nom
 Level=Niveau
-Submit=Envoyer
 url=https://jenkins.io/redirect/log-levels
diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_it.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_it.properties
index 8f15d87798..7e27373cde 100644
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_it.properties
+++ b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_it.properties
@@ -4,6 +4,5 @@ Adjust\ Levels=Regola livelli
 Level=Livello
 Logger\ Configuration=Configurazione registro
 Name=Nome
-Submit=Invia
-defaultLoggerMsg=Il registro senza nome � quello predefinito. Questo livello sar� ereditato da tutti i registri senza un livello configurato.
+defaultLoggerMsg=Il registro senza nome \uFFFD quello predefinito. Questo livello sar\uFFFD ereditato da tutti i registri senza un livello configurato.
 url=https://jenkins.io/redirect/log-levels
diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_ja.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_ja.properties
index 2f8444273b..c2b79891c3 100644
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_ja.properties
+++ b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_ja.properties
@@ -23,7 +23,6 @@
 Logger\ Configuration=\u30ED\u30AC\u30FC\u306E\u8A2D\u5B9A
 Name=\u540D\u524D
 Level=\u30EC\u30D9\u30EB
-Submit=\u767B\u9332
 url=https://jenkins.io/redirect/log-levels
 defaultLoggerMsg=\u540D\u524D\u304C\u306A\u3044\u30ED\u30AC\u30FC\u306F\u30C7\u30D5\u30A9\u30EB\u30C8\u306E\u30ED\u30AC\u30FC\u3067\u3059\u3002\
  \u30C7\u30D5\u30A9\u30EB\u30C8\u306E\u30ED\u30AC\u30FC\u306E\u30EC\u30D9\u30EB\u306F\u3001\u8A2D\u5B9A\u3057\u306A\u304F\u3066\u3082\u5168\u3066\u306E\u30ED\u30AC\u30FC\u306B\u5F15\u304D\u7D99\u304C\u308C\u307E\u3059\u3002
diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_ko.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_ko.properties
index bc7562a493..10c5c84266 100644
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_ko.properties
+++ b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_ko.properties
@@ -4,6 +4,5 @@ Adjust\ Levels=\uB808\uBCA8 \uC870\uC815
 Level=\uB808\uBCA8
 Logger\ Configuration=\uB85C\uAC70 \uC124\uC815
 Name=\uC774\uB984
-Submit=\uC81C\uCD9C
 defaultLoggerMsg=\uC774\uB984\uC774 \uC5C6\uB294 Logger\uB294 \uAE30\uBCF8 Logger\uC785\uB2C8\uB2E4. \uB808\uBCA8\uC774 \uC124\uC815\uB418\uC9C0 \uC54A\uC740  \uBAA8\uB4E0 Logger\uB4E4\uC740 \uC774 \uB808\uBCA8\uC744 \uC0C1\uC18D\uD569\uB2C8\uB2E4. 
 url=https://jenkins.io/redirect/log-levels
diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_pl.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_pl.properties
index b8451f3f6f..f8a8992920 100644
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_pl.properties
+++ b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_pl.properties
@@ -4,5 +4,4 @@ Adjust\ Levels=Dopasuj poziomy
 Level=Poziom
 Logger\ Configuration=Konfiguracja rejestratora
 Name=Nazwa
-Submit=Zg\u0142o\u015B
 defaultLoggerMsg=Rejestrator bez nazwy jest domy\u015Blnym rejestratorem. Ten poziom b\u0119dzie dziedziczony przez wszystkie rejestratory bez skonfigurowanego poziomu.
diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_pt.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_pt.properties
index 9863626db1..18bb8983ed 100644
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_pt.properties
+++ b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_pt.properties
@@ -20,11 +20,10 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Adjust\ Levels=Ajustar n\u00edveis
+Adjust\ Levels=Ajustar n\u00EDveis
 url=https://jenkins.io/redirect/log-levels
-Submit=Enviar
-Logger\ Configuration=Configura\u00e7\u00e3o de logger
-defaultLoggerMsg=Um logger sem nome ser\u00e1 o logger padr\u00e3o. Esse n\u00edvel ser\u00e1 herdado por todos os loggers sem um n\u00edvel configurado.
-Level=N\u00edvel
+Logger\ Configuration=Configura\u00E7\u00E3o de logger
+defaultLoggerMsg=Um logger sem nome ser\u00E1 o logger padr\u00E3o. Esse n\u00EDvel ser\u00E1 herdado por todos os loggers sem um n\u00EDvel configurado.
+Level=N\u00EDvel
 Name=Nome
 
diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_pt_BR.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_pt_BR.properties
index 6be5520595..10df0f6b4c 100644
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_pt_BR.properties
+++ b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_pt_BR.properties
@@ -23,10 +23,9 @@
 Level=N\u00EDvel
 # Logger with no name is the default logger. \
 # This level will be inherited by all loggers without a configured level.
-defaultLoggerMsg=Logger padr\u00e3o \u00e9 o logger sem nome.
+defaultLoggerMsg=Logger padr\u00E3o \u00E9 o logger sem nome.
 Name=Nome
-Adjust\ Levels=Ajustar os n\u00edveis
-Submit=Enviar
-Logger\ Configuration=Configura\u00e7\u00e3o do Logger
+Adjust\ Levels=Ajustar os n\u00EDveis
+Logger\ Configuration=Configura\u00E7\u00E3o do Logger
 # https://jenkins.io/redirect/log-levels
 url=https://jenkins.io/redirect/log-levels
diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_ru.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_ru.properties
index b156024d81..057b15c304 100644
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_ru.properties
+++ b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_ru.properties
@@ -24,6 +24,5 @@ Adjust\ Levels=\u041D\u0430\u0441\u0442\u0440\u043E\u0439\u043A\u0430 \u0443\u04
 Level=\u0422\u0438\u043F\u044B \u0441\u043E\u0431\u044B\u0442\u0438\u0439
 Logger\ Configuration=\u041A\u043E\u043D\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044F \u0436\u0443\u0440\u043D\u0430\u043B\u0430
 Name=\u041D\u0430\u0438\u043C\u0435\u043D\u043E\u0432\u0430\u043D\u0438\u0435
-Submit=\u0421\u043E\u0445\u0440\u0430\u043D\u0438\u0442\u044C
 defaultLoggerMsg=\u0416\u0443\u0440\u043D\u0430\u043B \u0431\u0435\u0437 \u0438\u043C\u0435\u043D\u0438 \u0438\u0441\u043F\u043E\u043B\u044C\u0437\u0443\u0435\u0442\u0441\u044F \u043F\u043E-\u0443\u043C\u043E\u043B\u0447\u0430\u043D\u0438\u044E. \u0423\u0440\u043E\u0432\u0435\u043D\u044C \u0436\u0443\u0440\u043D\u0430\u043B\u0438\u0440\u043E\u0432\u0430\u043D\u0438\u044F \u0437\u0430\u0434\u0430\u043D\u043D\u044B\u0439 \u0434\u043B\u044F \u043D\u0435\u0433\u043E \u043D\u0430\u0441\u043B\u0435\u0434\u0443\u0435\u0442\u0441\u044F \u0432\u0441\u0435\u043C\u0438 \u0436\u0443\u0440\u043D\u0430\u043B\u0430\u043C\u0438, \u0434\u043B\u044F \u043A\u043E\u0442\u043E\u0440\u044B\u0445 \u0443\u0440\u043E\u0432\u0435\u043D\u044C \u0436\u0443\u0440\u043D\u0430\u043B\u0438\u0440\u043E\u0432\u0430\u043D\u0438\u044F \u043D\u0435 \u0437\u0430\u0434\u0430\u043D.
 url=https://jenkins.io/redirect/log-levels
diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_sr.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_sr.properties
index 059a02ebf2..a775c74c34 100644
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_sr.properties
+++ b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_sr.properties
@@ -5,5 +5,4 @@ url=https://jenkins.io/redirect/log-levels
 Name=\u0418\u043C\u0435
 Level=\u041D\u0438\u0432\u043E
 defaultLoggerMsg=\u041F\u0440\u0435\u043F\u0438\u0441\u0438\u0432\u0430\u0447 \u0431\u0435\u0437 \u0438\u043C\u0435\u043D\u0430 \u0458\u0435 \u0441\u0442\u0430\u043D\u0434\u0430\u0440\u0434\u043D\u0438 \u043F\u0440\u0435\u043F\u0438\u0441\u0438\u0432\u0430\u0447. \u0422\u0430\u0458 \u043D\u0438\u0432\u043E \u045B\u0435 \u0432\u0438\u0442\u0438 \u043D\u0430\u0441\u043B\u0435\u0452\u0435\u043D
-Adjust\ Levels=\u041F\u043E\u0434\u0435\u0441\u0438 \u043D\u0438\u0432\u043E\u0435
-Submit=\u041F\u043E\u0434\u043D\u0435\u0441\u0438
\ No newline at end of file
+Adjust\ Levels=\u041F\u043E\u0434\u0435\u0441\u0438 \u043D\u0438\u0432\u043E\u0435
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_zh_CN.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_zh_CN.properties
index a74842b77b..0199ddf459 100644
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_zh_CN.properties
+++ b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_zh_CN.properties
@@ -24,5 +24,4 @@ Adjust\ Levels=\u914D\u7F6E\u7EA7\u522B
 Level=\u7EA7\u522B
 Logger\ Configuration=\u65E5\u5FD7\u914D\u7F6E
 Name=\u540D\u79F0
-Submit=\u63D0\u4EA4
 defaultLoggerMsg=\u6CA1\u6709\u540D\u79F0\u7684\u662F\u9ED8\u8BA4\u65E5\u5FD7\u3002\u6240\u6709\u6CA1\u914D\u7F6E\u7EA7\u522B\u7684\u65E5\u5FD7\u5C06\u7EE7\u627F\u9ED8\u8BA4\u65E5\u5FD7
diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_zh_TW.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_zh_TW.properties
index 1ac8df73eb..2d47cd3533 100644
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_zh_TW.properties
+++ b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_zh_TW.properties
@@ -20,10 +20,9 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Adjust\ Levels=\u8abf\u6574\u7b49\u7d1a
-Level=\u7b49\u7d1a
-Logger\ Configuration=\u8a18\u9304\u5668\u8a2d\u5b9a
-Name=\u540d\u7a31
-Submit=\u9001\u51fa
-defaultLoggerMsg=\u6c92\u6709\u540d\u7a31\u7684\u8a18\u9304\u5668\u5c31\u662f\u9810\u8a2d\u8a18\u9304\u5668\u3002\u5b83\u7684\u7b49\u7d1a\u6703\u88ab\u6240\u6709\u6c92\u6709\u6307\u5b9a\u7b49\u7d1a\u7684\u8a18\u9304\u5668\u7e7c\u627f\u3002
+Adjust\ Levels=\u8ABF\u6574\u7B49\u7D1A
+Level=\u7B49\u7D1A
+Logger\ Configuration=\u8A18\u9304\u5668\u8A2D\u5B9A
+Name=\u540D\u7A31
+defaultLoggerMsg=\u6C92\u6709\u540D\u7A31\u7684\u8A18\u9304\u5668\u5C31\u662F\u9810\u8A2D\u8A18\u9304\u5668\u3002\u5B83\u7684\u7B49\u7D1A\u6703\u88AB\u6240\u6709\u6C92\u6709\u6307\u5B9A\u7B49\u7D1A\u7684\u8A18\u9304\u5668\u7E7C\u627F\u3002
 url=https://jenkins.io/redirect/log-levels
-- 
GitLab


From 4f33d8a827eba67f3947ef671a07febf0868c1f9 Mon Sep 17 00:00:00 2001
From: Ka-Wing <kawing.man@gmail.com>
Date: Sat, 10 Mar 2018 16:56:18 +0100
Subject: [PATCH 193/863] Improve dutch translation (#3323)

* Improved Dutch translations.

* Improved Dutch translations.

* Improved Dutch translations.

* Improved Dutch translations.
---
 .../hudson/PluginManager/available_nl.properties   |  2 +-
 .../hudson/PluginManager/installed_nl.properties   |  4 ++--
 .../logging/LogRecorder/delete_nl.properties       |  2 +-
 .../model/AbstractItem/noWorkspace_nl.properties   |  2 +-
 .../hudson/model/Computer/sidepanel_nl.properties  |  2 +-
 .../DirectoryBrowserSupport/dir_nl.properties      |  2 +-
 .../hudson/model/Fingerprint/index_nl.properties   |  4 ++--
 .../hudson/model/Job/buildTimeTrend_nl.properties  |  2 +-
 .../model/ListView/configure-entries_nl.properties |  2 +-
 .../model/ListView/newViewDetail_nl.properties     |  2 +-
 .../model/MyView/newViewDetail_nl.properties       |  2 +-
 .../hudson/model/Run/configure_nl.properties       |  2 +-
 .../hudson/model/Run/confirmDelete_nl.properties   |  2 +-
 .../hudson/model/Run/logKeep_nl.properties         |  4 ++--
 .../hudson/model/TaskAction/log_nl.properties      |  2 +-
 .../hudson/model/UpdateCenter/index_nl.properties  |  2 +-
 .../hudson/model/User/configure_nl.properties      |  2 +-
 .../hudson/model/View/builds_nl.properties         |  2 +-
 .../hudson/model/View/delete_nl.properties         |  2 +-
 .../config_nl.properties                           |  6 +++---
 .../index_nl.properties                            |  4 ++--
 .../_entryForm_nl.properties                       |  2 +-
 .../LegacySecurityRealm/config_nl.properties       |  2 +-
 .../hudson/security/Messages_nl.properties         |  6 +++---
 .../config_nl.properties                           |  2 +-
 .../config_nl.properties                           |  6 +++---
 .../slaves/SlaveComputer/sidepanel_nl.properties   |  4 ++--
 .../slaves/SlaveComputer/systemInfo_nl.properties  |  4 ++--
 .../resources/hudson/tasks/Messages_nl.properties  |  5 ++---
 .../tools/ToolInstallation/config_nl.properties    |  2 +-
 .../ZipExtractionInstaller/config_nl.properties    |  2 +-
 .../util/DoubleLaunchChecker/index_nl.properties   |  2 +-
 .../util/HudsonIsLoading/index_nl.properties       |  2 +-
 .../util/HudsonIsRestarting/index_nl.properties    |  2 +-
 .../index_nl.properties                            |  2 +-
 .../hudson/util/NoTempDir/index_nl.properties      |  4 ++--
 .../jenkins/management/Messages_nl.properties      |  2 +-
 .../model/Jenkins/fingerprintCheck_nl.properties   |  2 +-
 .../jenkins/model/Jenkins/legend_nl.properties     | 14 +++++++-------
 .../Jenkins/projectRelationship-help_nl.properties |  8 ++++----
 .../config_nl.properties                           |  2 +-
 .../resources/jenkins/model/Messages_nl.properties |  2 +-
 .../slaves/systemInfo/Messages_nl.properties       |  4 ++--
 .../resources/lib/form/serverTcpPort_nl.properties |  2 +-
 .../lib/hudson/artifactList_nl.properties          |  4 +++-
 .../lib/hudson/buildListTable_nl.properties        |  2 +-
 .../project/config-publishers2_nl.properties       |  4 ++--
 .../hudson/project/config-publishers_nl.properties |  2 +-
 .../lib/hudson/project/configurable_nl.properties  |  2 +-
 .../lib/layout/breadcrumbBar_nl.properties         |  4 ++--
 50 files changed, 78 insertions(+), 77 deletions(-)

diff --git a/core/src/main/resources/hudson/PluginManager/available_nl.properties b/core/src/main/resources/hudson/PluginManager/available_nl.properties
index d40785c365..5951113a3c 100644
--- a/core/src/main/resources/hudson/PluginManager/available_nl.properties
+++ b/core/src/main/resources/hudson/PluginManager/available_nl.properties
@@ -20,6 +20,6 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Updates=Nieuwere versies
+Updates=Updates
 Available=Beschikbaar
 Installed=Ge\u00EFnstalleerd
diff --git a/core/src/main/resources/hudson/PluginManager/installed_nl.properties b/core/src/main/resources/hudson/PluginManager/installed_nl.properties
index aa7cc81894..2133f18ddc 100644
--- a/core/src/main/resources/hudson/PluginManager/installed_nl.properties
+++ b/core/src/main/resources/hudson/PluginManager/installed_nl.properties
@@ -21,10 +21,10 @@
 # THE SOFTWARE.
 
 No\ plugins\ installed.=Er werd nog geen enkele plugin ge\u00EFnstalleerd.
-New\ plugins\ will\ take\ effect\ once\ you\ restart\ Jenkins=Neuw geregistreerde plugins worden pas actie na het herstarten van Jenkins.
+New\ plugins\ will\ take\ effect\ once\ you\ restart\ Jenkins=Nieuw geregistreerde plugins worden pas actief na het herstarten van Jenkins.
 Changes\ will\ take\ effect\ when\ you\ restart\ Jenkins=Uw wijzigingen zullen actief worden na het herstarten van Jenkins.
 Restart\ Once\ No\ Jobs\ Are\ Running=Opnieuw starten
-Uncheck\ to\ disable\ the\ plugin=Vink aan om de plugin te de-activeren.
+Uncheck\ to\ disable\ the\ plugin=Vink aan om de plugin te deactiveren.
 Enabled=Actief
 Name=Naam
 Version=Versie
diff --git a/core/src/main/resources/hudson/logging/LogRecorder/delete_nl.properties b/core/src/main/resources/hudson/logging/LogRecorder/delete_nl.properties
index fcb6492f48..5063bc68c3 100644
--- a/core/src/main/resources/hudson/logging/LogRecorder/delete_nl.properties
+++ b/core/src/main/resources/hudson/logging/LogRecorder/delete_nl.properties
@@ -20,5 +20,5 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Are\ you\ sure\ about\ deleting\ this\ log\ recorder?=Ben U zeker dat U deze logger wenst te verwijderen?
+Are\ you\ sure\ about\ deleting\ this\ log\ recorder?=Weet U zeker dat U deze logger wenst te verwijderen?
 Yes=Ja
diff --git a/core/src/main/resources/hudson/model/AbstractItem/noWorkspace_nl.properties b/core/src/main/resources/hudson/model/AbstractItem/noWorkspace_nl.properties
index 2e441f2040..0e2a65ed22 100644
--- a/core/src/main/resources/hudson/model/AbstractItem/noWorkspace_nl.properties
+++ b/core/src/main/resources/hudson/model/AbstractItem/noWorkspace_nl.properties
@@ -21,7 +21,7 @@
 # THE SOFTWARE.
 
 Error\:\ no\ workspace=Fout : geen werkplaats beschikbaar
-A\ project\ won't\ have\ any\ workspace\ until\ at\ least\ one\ build\ is\ performed.=Een project zal geen werkplaats hebben tot er op zijn mins \u00E9\u00E9n bouwpoging plaatsgevonden heeft.
+A\ project\ won't\ have\ any\ workspace\ until\ at\ least\ one\ build\ is\ performed.=Een project zal geen werkplaats hebben tot er op zijn minst \u00E9\u00E9n bouwpoging plaatsgevonden heeft.
 There's\ no\ workspace\ for\ this\ project.\ Possible\ reasons\ are\:=Er is geen werkplaats beschikbaar voor dit project. Mogelijke redenen zijn :
 The\ project\ was\ renamed\ recently\ and\ no\ build\ was\ done\ under\ the\ new\ name.=Dit project werd hernoemd en heeft nog bouwpoging plaats gevonden onder de nieuwe naam.
 li3=Het pad naar de werkplaats ({0}) werd buiten Jenkins verwijderd.
diff --git a/core/src/main/resources/hudson/model/Computer/sidepanel_nl.properties b/core/src/main/resources/hudson/model/Computer/sidepanel_nl.properties
index 654c2904d9..85b25eb54e 100644
--- a/core/src/main/resources/hudson/model/Computer/sidepanel_nl.properties
+++ b/core/src/main/resources/hudson/model/Computer/sidepanel_nl.properties
@@ -23,6 +23,6 @@
 Back\ to\ List=Terug naar overzicht
 Build\ History=Bouwhistorie
 Configure=Configureren
-Load\ Statistics=Belastings statistieken
+Load\ Statistics=Belastingsstatistieken
 Script\ Console=Scriptconsole
 Status=Status
diff --git a/core/src/main/resources/hudson/model/DirectoryBrowserSupport/dir_nl.properties b/core/src/main/resources/hudson/model/DirectoryBrowserSupport/dir_nl.properties
index 2150395623..a6ce4da665 100644
--- a/core/src/main/resources/hudson/model/DirectoryBrowserSupport/dir_nl.properties
+++ b/core/src/main/resources/hudson/model/DirectoryBrowserSupport/dir_nl.properties
@@ -20,6 +20,6 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-No\ files\ in\ directory=Geen bestanden in de directorie
+No\ files\ in\ directory=Geen bestanden in de map
 all\ files\ in\ zip=alle bestanden in een zip-archief
 view=weergeven
diff --git a/core/src/main/resources/hudson/model/Fingerprint/index_nl.properties b/core/src/main/resources/hudson/model/Fingerprint/index_nl.properties
index 0547594279..5f55c763e5 100644
--- a/core/src/main/resources/hudson/model/Fingerprint/index_nl.properties
+++ b/core/src/main/resources/hudson/model/Fingerprint/index_nl.properties
@@ -22,5 +22,5 @@
 
 introduced={0} geleden ge\u00EFntroduceerd
 outside\ Jenkins=buiten Jenkins
-This\ file\ has\ not\ been\ used\ anywhere\ else.=Dit bestand werd nog nergens anders gebruikt.
-This\ file\ has\ been\ used\ in\ the\ following\ places=Dit bestand werd op de volgende plaatsen gebruikt.
+This\ file\ has\ not\ been\ used\ anywhere\ else.=Dit bestand is nergens anders gebruikt.
+This\ file\ has\ been\ used\ in\ the\ following\ places=Dit bestand is op de volgende plaatsen gebruikt.
diff --git a/core/src/main/resources/hudson/model/Job/buildTimeTrend_nl.properties b/core/src/main/resources/hudson/model/Job/buildTimeTrend_nl.properties
index bac54ff829..32beabb317 100644
--- a/core/src/main/resources/hudson/model/Job/buildTimeTrend_nl.properties
+++ b/core/src/main/resources/hudson/model/Job/buildTimeTrend_nl.properties
@@ -25,4 +25,4 @@ title={0} Duurtrend van een bouwpoging
 Build=Bouwpoging
 Build\ Time\ Trend=Bouw tijd trend
 Duration=Duur
-More\ than\ 1\ builds\ are\ needed\ for\ the\ trend\ report.=Er dienen minsten 2 bouwpogingen plaatsgevonden te hebben, vooralleer een trendrapport kan opgesteld worden.
+More\ than\ 1\ builds\ are\ needed\ for\ the\ trend\ report.=Er dienen minstens 2 bouwpogingen plaats te hebben gevonden voordat een trendrapport kan opgesteld worden.
diff --git a/core/src/main/resources/hudson/model/ListView/configure-entries_nl.properties b/core/src/main/resources/hudson/model/ListView/configure-entries_nl.properties
index 32ca1bc849..f0a231f7a8 100644
--- a/core/src/main/resources/hudson/model/ListView/configure-entries_nl.properties
+++ b/core/src/main/resources/hudson/model/ListView/configure-entries_nl.properties
@@ -29,4 +29,4 @@ Job\ Filters=Bouwpoging Filters
 Jobs=Jobs
 Status\ Filter=Status Filter
 Use\ a\ regular\ expression\ to\ include\ jobs\ into\ the\ view=Gebruik een reguliere uitdrukking om jobs te selecteren voor het overzichtsscherm
-Regular\ expression=Reguliere uitdrukking
+Regular\ expression=Reguliere expressie
diff --git a/core/src/main/resources/hudson/model/ListView/newViewDetail_nl.properties b/core/src/main/resources/hudson/model/ListView/newViewDetail_nl.properties
index f554888906..cf16ead113 100644
--- a/core/src/main/resources/hudson/model/ListView/newViewDetail_nl.properties
+++ b/core/src/main/resources/hudson/model/ListView/newViewDetail_nl.properties
@@ -1,3 +1,3 @@
 # This file is under the MIT License by authors
 
-blurb=Toont items in een eenvoudig lijst formaat. Je kan kiezen welke bouw opdrachten te tonen zijn in welk overzicht.
+blurb=Toont items in een eenvoudig lijst formaat. Je kan kiezen welke bouwopdrachten te tonen zijn in welk overzicht.
diff --git a/core/src/main/resources/hudson/model/MyView/newViewDetail_nl.properties b/core/src/main/resources/hudson/model/MyView/newViewDetail_nl.properties
index 24567966a7..a714269114 100644
--- a/core/src/main/resources/hudson/model/MyView/newViewDetail_nl.properties
+++ b/core/src/main/resources/hudson/model/MyView/newViewDetail_nl.properties
@@ -1,3 +1,3 @@
 # This file is under the MIT License by authors
 
-blurb=Dit overzicht toont automatisch alle bouw opdrachten de huidige gebruiker toegang toe heeft.
+blurb=Dit overzicht toont automatisch alle bouwopdrachten waar de huidige gebruiker toegang tot heeft.
diff --git a/core/src/main/resources/hudson/model/Run/configure_nl.properties b/core/src/main/resources/hudson/model/Run/configure_nl.properties
index c5d14d628b..a9ad89fb54 100644
--- a/core/src/main/resources/hudson/model/Run/configure_nl.properties
+++ b/core/src/main/resources/hudson/model/Run/configure_nl.properties
@@ -23,4 +23,4 @@
 Description=Omschrijving
 DisplayName=Naam
 LOADING=LADEN
-Save=Bewaar
+Save=Opslaan
diff --git a/core/src/main/resources/hudson/model/Run/confirmDelete_nl.properties b/core/src/main/resources/hudson/model/Run/confirmDelete_nl.properties
index bc1c2ab8e4..f5a28e9d53 100644
--- a/core/src/main/resources/hudson/model/Run/confirmDelete_nl.properties
+++ b/core/src/main/resources/hudson/model/Run/confirmDelete_nl.properties
@@ -21,5 +21,5 @@
 # THE SOFTWARE.
 
 Warning=Waarschuwing
-Are\ you\ sure\ about\ deleting\ the\ build?=Bent u zeker dat deze bouwpoging verwijderd mag worden?
+Are\ you\ sure\ about\ deleting\ the\ build?=Weet u zeker dat deze bouwpoging verwijderd mag worden?
 Yes=Ja
diff --git a/core/src/main/resources/hudson/model/Run/logKeep_nl.properties b/core/src/main/resources/hudson/model/Run/logKeep_nl.properties
index ebc3d9e7cc..12e3a0f3d7 100644
--- a/core/src/main/resources/hudson/model/Run/logKeep_nl.properties
+++ b/core/src/main/resources/hudson/model/Run/logKeep_nl.properties
@@ -20,5 +20,5 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Don't\ keep\ this\ build\ forever=Deze bouwpoging niet eeuwig bijhouden.
-Keep\ this\ build\ forever=Bewaar deze Build eeuwig
+Don't\ keep\ this\ build\ forever=Deze bouwpoging niet voor altijd bijhouden.
+Keep\ this\ build\ forever=Bewaar deze bouwpoging voor altijd.
diff --git a/core/src/main/resources/hudson/model/TaskAction/log_nl.properties b/core/src/main/resources/hudson/model/TaskAction/log_nl.properties
index 49b4c79475..0d251dd05b 100644
--- a/core/src/main/resources/hudson/model/TaskAction/log_nl.properties
+++ b/core/src/main/resources/hudson/model/TaskAction/log_nl.properties
@@ -20,4 +20,4 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Clear\ error\ to\ retry=Fout verwijderen om opnieuw te proberen
+Clear\ error\ to\ retry=Verwijder fout om opnieuw te proberen
diff --git a/core/src/main/resources/hudson/model/UpdateCenter/index_nl.properties b/core/src/main/resources/hudson/model/UpdateCenter/index_nl.properties
index 90a06f16d1..13d1ba72a4 100644
--- a/core/src/main/resources/hudson/model/UpdateCenter/index_nl.properties
+++ b/core/src/main/resources/hudson/model/UpdateCenter/index_nl.properties
@@ -21,4 +21,4 @@
 # THE SOFTWARE.
 
 Installing\ Plugins/Upgrades=Plugins/upgrades installeren
-warning=Wanneer de installatie is gedaan, moet Jenkins herstart worden opdat de wijzigingen zouden toegepast worden.
+warning=Wanneer de installatie is gedaan, moet Jenkins herstart worden zodat de wijzigingen toegepast kunnen worden.
diff --git a/core/src/main/resources/hudson/model/User/configure_nl.properties b/core/src/main/resources/hudson/model/User/configure_nl.properties
index 858b4f1840..7756763a1a 100644
--- a/core/src/main/resources/hudson/model/User/configure_nl.properties
+++ b/core/src/main/resources/hudson/model/User/configure_nl.properties
@@ -22,4 +22,4 @@
 
 Full\ name=Uw naam
 Description=Omschrijving
-Save=Bewaar
+Save=Opslaan
diff --git a/core/src/main/resources/hudson/model/View/builds_nl.properties b/core/src/main/resources/hudson/model/View/builds_nl.properties
index 611ac055b0..7318782803 100644
--- a/core/src/main/resources/hudson/model/View/builds_nl.properties
+++ b/core/src/main/resources/hudson/model/View/builds_nl.properties
@@ -20,5 +20,5 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Export\ as\ plain\ XML=Exporteert als XML
+Export\ as\ plain\ XML=Exporteer als XML
 buildHistory=Overzicht bouwpogingen
diff --git a/core/src/main/resources/hudson/model/View/delete_nl.properties b/core/src/main/resources/hudson/model/View/delete_nl.properties
index 5b03942123..baa4c0b2fb 100644
--- a/core/src/main/resources/hudson/model/View/delete_nl.properties
+++ b/core/src/main/resources/hudson/model/View/delete_nl.properties
@@ -20,5 +20,5 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Are\ you\ sure\ about\ deleting\ the\ view?=Bent u zeker dat u deze overzichtstab wilt verwijderen?
+Are\ you\ sure\ about\ deleting\ the\ view?=Weet u zeker dat u deze overzichtstab wilt verwijderen?
 Yes=Ja
diff --git a/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/config_nl.properties b/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/config_nl.properties
index 79184d0961..237afcde2f 100644
--- a/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/config_nl.properties
+++ b/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/config_nl.properties
@@ -21,7 +21,7 @@
 # THE SOFTWARE.
 
 Global\ properties=Globale eigenschappen
-Home\ directory=Jenkins hoofdfolder
+Home\ directory=Jenkins hoofdmap
 System\ Message=Systeemboodschap
 Default\ view=Standaard view
 Master/Slave\ Support=Hoofd/Slaaf-node ondersteuning
@@ -33,10 +33,10 @@ slaves.description=\
 name=Naam
 launch\ command=Lanceer commando
 description=Omschrijving
-remote\ FS\ root=Hoofdfolder op het bestandssyteem op afstand
+remote\ FS\ root=Hoofdmap op het bestandssyteem op afstand
 statsBlurb=Help Jenkins verbeteren door het opsturen van anonieme gebruiksstatistieken en crashrapporten naar het Jenkinsproject.
 usage=Gebruik
 JDKs=JDKs
 JDK\ installations=Installatie JDKs
-List\ of\ JDK\ installations\ on\ this\ system=Lijst van de ge\u00EFnstalleerde JDKs op dit systeem
+List\ of\ JDK\ installations\ on\ this\ system=Lijst van ge\u00EFnstalleerde JDKs op dit systeem
 no.such.JDK=<span class=error>JDK bestaat niet op dit system</span>
diff --git a/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index_nl.properties b/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index_nl.properties
index 38a67ec667..de9c1bae48 100644
--- a/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index_nl.properties
+++ b/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index_nl.properties
@@ -25,5 +25,5 @@ Enable\ security=Activeer beveiliging
 Markup\ Formatter=
 Access\ Control=Toegangscontrole
 Security\ Realm=Beveiligingszone
-Authorization=Toelatingen
-Save=Bewaar
+Authorization=Authorisatie
+Save=Opslaan
diff --git a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/_entryForm_nl.properties b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/_entryForm_nl.properties
index ec635b9079..d0e41c9d23 100644
--- a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/_entryForm_nl.properties
+++ b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/_entryForm_nl.properties
@@ -1,7 +1,7 @@
 # This file is under the MIT License by authors
 
 Confirm\ password=Bevestig wachtwoord
-E-mail\ address=Emailadres
+E-mail\ address=E-mailadres
 Full\ name=Naam
 Password=Wachtwoord
 Username=Gebruikersnaam
diff --git a/core/src/main/resources/hudson/security/LegacySecurityRealm/config_nl.properties b/core/src/main/resources/hudson/security/LegacySecurityRealm/config_nl.properties
index 7ddc52fb73..29b1f6632a 100644
--- a/core/src/main/resources/hudson/security/LegacySecurityRealm/config_nl.properties
+++ b/core/src/main/resources/hudson/security/LegacySecurityRealm/config_nl.properties
@@ -1,4 +1,4 @@
 # This file is under the MIT License by authors
 
 Unprotected\ URLs=Onbeschermde URLs
-blurb=Deze URLs (en URLs met deze prefix plus een /) vereisen geen authentificatie. Configureer uw container indien mogelijk om deze requests direct naar Jenkins te sturen, zonder login. 
+blurb=Deze URLs (en URLs met deze prefix plus een /) vereisen geen authenticatie. Indien mogelijk, configureer uw container om deze requests direct naar Jenkins te sturen zonder te hoeven in te loggen.
diff --git a/core/src/main/resources/hudson/security/Messages_nl.properties b/core/src/main/resources/hudson/security/Messages_nl.properties
index 14a9af3ec4..1070161720 100644
--- a/core/src/main/resources/hudson/security/Messages_nl.properties
+++ b/core/src/main/resources/hudson/security/Messages_nl.properties
@@ -22,10 +22,10 @@
 
 LegacyAuthorizationStrategy.DisplayName=Legacy-mode
 
-HudsonPrivateSecurityRealm.Details.DisplayName=Paswoord
+HudsonPrivateSecurityRealm.Details.DisplayName=Wachtwoord
 HudsonPrivateSecurityRealm.Details.PasswordError=\
-  Het bevestigingspaswoord is niet gelijk aan het opgegeven paswoord. \
-  Gelieve erop toe te zien dat u tweemaal hetzelfde paswoord ingeeft.
+  Het bevestigingswachtwoord is niet gelijk aan het opgegeven wachtwoord. \
+  Gelieve erop toe te zien dat u tweemaal hetzelfde wachtwoord ingeeft.
 
 UserDetailsServiceProxy.UnableToQuery=Kon de gebruikersinformatie niet opvragen: {0}
 
diff --git a/core/src/main/resources/hudson/security/csrf/GlobalCrumbIssuerConfiguration/config_nl.properties b/core/src/main/resources/hudson/security/csrf/GlobalCrumbIssuerConfiguration/config_nl.properties
index 51d499a226..929e8bed0c 100644
--- a/core/src/main/resources/hudson/security/csrf/GlobalCrumbIssuerConfiguration/config_nl.properties
+++ b/core/src/main/resources/hudson/security/csrf/GlobalCrumbIssuerConfiguration/config_nl.properties
@@ -20,7 +20,7 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Prevent\ Cross\ Site\ Request\ Forgery\ exploits=Ga Cross-site Request Forgery exploits tegen
+Prevent\ Cross\ Site\ Request\ Forgery\ exploits=Voorkom Cross-site Request Forgery exploits
 Crumb\ Algorithm=Kruimelalgoritme
 Crumbs=Kruimels
 
diff --git a/core/src/main/resources/hudson/slaves/EnvironmentVariablesNodeProperty/config_nl.properties b/core/src/main/resources/hudson/slaves/EnvironmentVariablesNodeProperty/config_nl.properties
index 47de859a2b..6c03a4f70f 100644
--- a/core/src/main/resources/hudson/slaves/EnvironmentVariablesNodeProperty/config_nl.properties
+++ b/core/src/main/resources/hudson/slaves/EnvironmentVariablesNodeProperty/config_nl.properties
@@ -20,6 +20,6 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-List\ of\ variables=Lijst van sleutel-waarde-paren
-Name=naam
-Value=waarde
+List\ of\ variables=Lijst van variabelen
+Name=Naam
+Value=Waarde
diff --git a/core/src/main/resources/hudson/slaves/SlaveComputer/sidepanel_nl.properties b/core/src/main/resources/hudson/slaves/SlaveComputer/sidepanel_nl.properties
index a54d528dc3..3c9d6555ad 100644
--- a/core/src/main/resources/hudson/slaves/SlaveComputer/sidepanel_nl.properties
+++ b/core/src/main/resources/hudson/slaves/SlaveComputer/sidepanel_nl.properties
@@ -23,6 +23,6 @@
 Back\ to\ List=Terug naar de lijst
 Status=Status
 Build\ History=Overzicht bouwpogingen
-Log=Log
+Log=Logboek
 System\ Information=Systeeminformatie
-Disconnect=Loskoppelen
+Disconnect=Verbinding verbreken
diff --git a/core/src/main/resources/hudson/slaves/SlaveComputer/systemInfo_nl.properties b/core/src/main/resources/hudson/slaves/SlaveComputer/systemInfo_nl.properties
index ab617e0494..f9865fcd0a 100644
--- a/core/src/main/resources/hudson/slaves/SlaveComputer/systemInfo_nl.properties
+++ b/core/src/main/resources/hudson/slaves/SlaveComputer/systemInfo_nl.properties
@@ -20,5 +20,5 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Environment\ Variables=Omgevings variabelen
-System\ Properties=Systeem eigenschappen
+Environment\ Variables=Omgevingsvariabelen
+System\ Properties=Systeemeigenschappen
diff --git a/core/src/main/resources/hudson/tasks/Messages_nl.properties b/core/src/main/resources/hudson/tasks/Messages_nl.properties
index 7f05296625..9671731220 100644
--- a/core/src/main/resources/hudson/tasks/Messages_nl.properties
+++ b/core/src/main/resources/hudson/tasks/Messages_nl.properties
@@ -28,8 +28,7 @@ Ant.NotAntDirectory={0} is geen Ant folder
 Ant.ProjectConfigNeeded= Misschien dient u uw job te configureren om \u00e9\u00e9n van je Ant installaties te gebruiken?
 
 ArtifactArchiver.DisplayName=Archiveer de artefacten
-ArtifactArchiver.NoIncludes=Er werden geen artefacten voor archivering geconfigureerd.\nWaarschijnlijk werd geen bestands-selectiepatroon geconfigureerd. Gelieve dit te configureren.\n 
-Indien je alle bestanden in de werkplaats wenst te archiveren, gelieve dan "**" als patroon te configureren.
+ArtifactArchiver.NoIncludes=Er werden geen artefacten voor archivering geconfigureerd.\nWaarschijnlijk werd geen bestands-selectiepatroon geconfigureerd. Gelieve dit te configureren.\n Indien je alle bestanden in de werkplaats wenst te archiveren, gelieve dan "**" als patroon te configureren.
 ArtifactArchiver.NoMatchFound=Er werden geen artefacten gevonden die voldoen aan het bestands-selectiepatroon "{0}". Misschien dient U uw configuratie aan te passen?
 
 BatchFile.DisplayName=Voer Windows batch commando uit.
@@ -61,7 +60,7 @@ JavadocArchiver.Publishing=Javadoc wordt gepubliceerd
 JavadocArchiver.UnableToCopy=Kon Javadoc niet copi\u00ebren van {0} naar {1}
 
 Maven.DisplayName=Voer top-niveau Maven taken uit
-Maven.ExecFailed=uitvoer commando is gefaald 
+Maven.ExecFailed=uitvoer commando is gefaald
 Maven.NotMavenDirectory={0} is geen Maven folder
 Maven.NoExecutable=Kon geen uitvoerbaar bestand vinde in {0}
 Maven.NotADirectory={0} is geen folder
diff --git a/core/src/main/resources/hudson/tools/ToolInstallation/config_nl.properties b/core/src/main/resources/hudson/tools/ToolInstallation/config_nl.properties
index 01b489226e..f4fd8ecbea 100644
--- a/core/src/main/resources/hudson/tools/ToolInstallation/config_nl.properties
+++ b/core/src/main/resources/hudson/tools/ToolInstallation/config_nl.properties
@@ -1,3 +1,3 @@
 # This file is under the MIT License by authors
 
-Installation\ directory=Installatie directory
+Installation\ directory=Installatiemap
diff --git a/core/src/main/resources/hudson/tools/ZipExtractionInstaller/config_nl.properties b/core/src/main/resources/hudson/tools/ZipExtractionInstaller/config_nl.properties
index 73d983584a..6d995bac5b 100644
--- a/core/src/main/resources/hudson/tools/ZipExtractionInstaller/config_nl.properties
+++ b/core/src/main/resources/hudson/tools/ZipExtractionInstaller/config_nl.properties
@@ -20,5 +20,5 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Download\ URL\ for\ binary\ archive=Download-URL voor binair archief
+Download\ URL\ for\ binary\ archive=Download URL voor binair archief
 Subdirectory\ of\ extracted\ archive=Subdirectory van uitgepakt archief
diff --git a/core/src/main/resources/hudson/util/DoubleLaunchChecker/index_nl.properties b/core/src/main/resources/hudson/util/DoubleLaunchChecker/index_nl.properties
index 2f6949342c..83047c54f2 100644
--- a/core/src/main/resources/hudson/util/DoubleLaunchChecker/index_nl.properties
+++ b/core/src/main/resources/hudson/util/DoubleLaunchChecker/index_nl.properties
@@ -22,7 +22,7 @@
 
 Error=Fout
 message=\
-  Jenkins heeft meerdere instanties gedetecteerd, die dezelfde \ hoofdfolder ''{0}'' gebruiken.  \
+  Jenkins heeft meerdere instanties gedetecteerd, die dezelfde hoofdmap ''{0}'' gebruiken.  \
   Dit kan Jenkins onstabiel maken. \
  U loopt het risico geconfronteerd te worden met willekeurig foutief gedrag. \
   Gelieve dit probleem te corrigeren.
diff --git a/core/src/main/resources/hudson/util/HudsonIsLoading/index_nl.properties b/core/src/main/resources/hudson/util/HudsonIsLoading/index_nl.properties
index f67188d697..9020673e17 100644
--- a/core/src/main/resources/hudson/util/HudsonIsLoading/index_nl.properties
+++ b/core/src/main/resources/hudson/util/HudsonIsLoading/index_nl.properties
@@ -21,4 +21,4 @@
 # THE SOFTWARE.
 
 Please\ wait\ while\ Jenkins\ is\ getting\ ready\ to\ work=Jenkins is aan het opstarten. Gelieve even te wachten.
-Your\ browser\ will\ reload\ automatically\ when\ Jenkins\ is\ ready.=Uw browser zal uw vraag automatisch herbehandelen wanneer Jenkins volledig opgestart is.
+Your\ browser\ will\ reload\ automatically\ when\ Jenkins\ is\ ready.=Uw browser zal zich vernieuwen wanneer Jenkins gereed is.
diff --git a/core/src/main/resources/hudson/util/HudsonIsRestarting/index_nl.properties b/core/src/main/resources/hudson/util/HudsonIsRestarting/index_nl.properties
index 579159acbc..343d921365 100644
--- a/core/src/main/resources/hudson/util/HudsonIsRestarting/index_nl.properties
+++ b/core/src/main/resources/hudson/util/HudsonIsRestarting/index_nl.properties
@@ -21,4 +21,4 @@
 # THE SOFTWARE.
 
 Please\ wait\ while\ Jenkins\ is\ restarting=Jenkins wordt herstart. Gelieve even te wachten.
-Your\ browser\ will\ reload\ automatically\ when\ Jenkins\ is\ ready.=Uw browser zal uw vraag automatisch herbehandelen wanneer Jenkins volledig opgestart is.
+Your\ browser\ will\ reload\ automatically\ when\ Jenkins\ is\ ready.=Uw browser zal zich vernieuwen wanneer Jenkins gereed is.
diff --git a/core/src/main/resources/hudson/util/IncompatibleServletVersionDetected/index_nl.properties b/core/src/main/resources/hudson/util/IncompatibleServletVersionDetected/index_nl.properties
index 5678a1df60..1479f8f9b9 100644
--- a/core/src/main/resources/hudson/util/IncompatibleServletVersionDetected/index_nl.properties
+++ b/core/src/main/resources/hudson/util/IncompatibleServletVersionDetected/index_nl.properties
@@ -22,5 +22,5 @@
 
 Error=Fout
 errorMessage=\
-  Blijkbaar ondersteunt uw servlet container de servlet versie 2.4 niet!\
+  We merken dat uw servletcontainer de servlet versie 2.4 niet ondersteunt!\
 (De servlet api wordt vanuit volgend pad geladen. : {0})
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/util/NoTempDir/index_nl.properties b/core/src/main/resources/hudson/util/NoTempDir/index_nl.properties
index b53ae65410..d30aa6e24c 100644
--- a/core/src/main/resources/hudson/util/NoTempDir/index_nl.properties
+++ b/core/src/main/resources/hudson/util/NoTempDir/index_nl.properties
@@ -25,6 +25,6 @@ description=\
  Kon geen tijdelijk bestand creëeren!  De meest waarschijnlijke oorzaak\
 hiervoor is een verkeerde configuratie van de container.\
 De JVM werd geconfigureerd om volgende folder als tijdelijke \
-folder te gebruiken :{0}\
-Bestaat deze folder?  Is deze folder beschrijfbaar door de gebruiker\
+map te gebruiken :{0}\
+Bestaat deze map?  Is deze map wijzigbaar door de gebruiker\
  waarmee de container opgestart werd?
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/management/Messages_nl.properties b/core/src/main/resources/jenkins/management/Messages_nl.properties
index 4d53c72794..56492c525b 100644
--- a/core/src/main/resources/jenkins/management/Messages_nl.properties
+++ b/core/src/main/resources/jenkins/management/Messages_nl.properties
@@ -42,4 +42,4 @@ NodesLink.Description=Toevoegen, verwijderen, beheren en monitor van de verschil
 PluginsLink.Description=Voeg, verwijder, deactiveer of activeer plugins die de functionaliteit van Jenkins kunnen uitbreiden.
 ShutdownLink.DisplayName_cancel=Annuleer afsluiten
 ShutdownLink.DisplayName_prepare=Voorbereiden tot afsluiten
-ShutdownLink.Description=Stop met de uitvoering van nieuwe bouwpogingen, opdat het systeem uiteindelijk veilig kan afsluiten.
+ShutdownLink.Description=Stop met de uitvoering van nieuwe bouwpogingen, zodat het systeem uiteindelijk veilig kan afsluiten.
diff --git a/core/src/main/resources/jenkins/model/Jenkins/fingerprintCheck_nl.properties b/core/src/main/resources/jenkins/model/Jenkins/fingerprintCheck_nl.properties
index 0b90844761..86bb057ad4 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/fingerprintCheck_nl.properties
+++ b/core/src/main/resources/jenkins/model/Jenkins/fingerprintCheck_nl.properties
@@ -23,6 +23,6 @@
 Check\ File\ Fingerprint=Controleer de vingerafdruk van bestanden
 File\ to\ check=Te controleren bestand
 Check=Controleren
-description=Heb je een jar-bestand waarvan je de versie niet weet? <br/> Vind de versie door de vingerafdruk te controleren tegen de databank in Jenkins
+description=Heb je een jar-bestand waarvan je de versie niet weet? <br/> Vind de versie door de vingerafdruk in de database in Jenkins te zoeken.
 fingerprint.link=https://jenkins.io/redirect/fingerprint
 more\ details=meer details
diff --git a/core/src/main/resources/jenkins/model/Jenkins/legend_nl.properties b/core/src/main/resources/jenkins/model/Jenkins/legend_nl.properties
index 451665c66a..94f281d94d 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/legend_nl.properties
+++ b/core/src/main/resources/jenkins/model/Jenkins/legend_nl.properties
@@ -2,13 +2,13 @@
 
 blue=De laatste bouw was geslaagd.
 blue_anime=De laastste bouw was geslaagd. Een nieuwe bouw is bezig.
-grey=Het projekt is nooit eerder gebouwd, of is niet actief.
-grey_anime=De eerste bouw van het projekt is bezig.
-health-00to20=Project gezondheid is 20% of minder. Je kan de muis over het project icoon laten sweven voor een gedetaileerdere verklaring.
-health-21to40=Project gezondheid is tussen 20% en 40%. Je kan de muis over het project icoon laten sweven voor een gedetaileerdere verklaring.
-health-41to60=Project gezondheid is tussen 40% en 60%. Je kan de muis over het project icoon laten sweven voor een gedetaileerdere verklaring.
-health-61to80=Project gezondheid is tussen 60% en 80%. Je kan de muis over het project icoon laten sweven voor een gedetaileerdere verklaring.
-health-81plus=Project gezondheid is meer dan 80%. Je kan de muis over het project icoon laten sweven voor een gedetaileerdere verklaring.
+grey=Het project is nooit eerder gebouwd, of is niet actief.
+grey_anime=De eerste bouw van het project is bezig.
+health-00to20=Project gezondheid is 20% of minder. Je kan de muis over het projecticoon laten bewegen voor een gedetaileerdere verklaring.
+health-21to40=Project gezondheid is tussen 20% en 40%. Je kan de muis over het projecticoon laten bewegen voor een gedetaileerdere verklaring.
+health-41to60=Project gezondheid is tussen 40% en 60%. Je kan de muis over het projecticoon laten bewegen voor een gedetaileerdere verklaring.
+health-61to80=Project gezondheid is tussen 60% en 80%. Je kan de muis over het projecticoon laten bewegen voor een gedetaileerdere verklaring.
+health-81plus=Project gezondheid is meer dan 80%. Je kan de muis over het project icoon laten bewegen voor een gedetaileerdere verklaring.
 red=De laatste bouw faalde compleet.
 red_anime=De laatste bouw faalde compleet. Een nieuwe bouw is bezig.
 yellow=De laatste bouw was geslaagd maar instabiel. Dit is primair gebruikt voor het tonen van gefaalde tests.
diff --git a/core/src/main/resources/jenkins/model/Jenkins/projectRelationship-help_nl.properties b/core/src/main/resources/jenkins/model/Jenkins/projectRelationship-help_nl.properties
index 342018aebc..09800fd118 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/projectRelationship-help_nl.properties
+++ b/core/src/main/resources/jenkins/model/Jenkins/projectRelationship-help_nl.properties
@@ -22,11 +22,11 @@
 
 Title=Wat zijn projectrelaties?
 body=\
-  Wanneer je projecten ontwikkelt, die van elkaar afhankelijk zijn, kan Jenkins voor jou uitzoeken welke \
-  bouwpoging van een bovenliggend project, gebruikt wordt door een onderliggend project. Dit gebeurt aan \
+  Wanneer je projecten ontwikkelt die van elkaar afhankelijk zijn, kan Jenkins voor jou uitzoeken welke \
+  bouwpoging van een bovenliggend project gebruikt wordt door een onderliggend project. Dit gebeurt aan \
   de hand van de geregistreerd <a href="https://jenkins.io/redirect/fingerprint">elektronische vingerafdrukken</a> van \
-  de,door een bouwpoging, opgeleverde artefacten.
-For\ this\ feature\ to\ work,\ the\ following\ conditions\ need\ to\ be\ met\:=Aan volgende voorwaarden dient voldaan om met deze functionaliteit te werken:
+  de door een bouwpoging opgeleverde artefacten.
+For\ this\ feature\ to\ work,\ the\ following\ conditions\ need\ to\ be\ met\:=De volgende voorwaarden dienen voldaan te worden om met deze functionaliteit te werken:
 The\ upstream\ project\ records\ the\ fingerprints\ of\ its\ build\ artifacts=Het bovenliggende project registreert elektronische vingerafdrukken van zijn bouwartefacten.
 The\ downstream\ project\ records\ the\ fingerprints\ of\ the\ upstream\ files\ it\ uses=Het onderliggend project registreert de vingerafdrukken van de bestanden van het bovenliggende project
 The\ downstream\ project\ records\ the\ fingerprints\ of\ the\ upstream\ jar\ files\ it\ uses=Het onderliggende project registreert de elektronische vingerafdrukken van de gebruikte jar bestanden van bovenliggende projecten.
diff --git a/core/src/main/resources/jenkins/model/JenkinsLocationConfiguration/config_nl.properties b/core/src/main/resources/jenkins/model/JenkinsLocationConfiguration/config_nl.properties
index 3ab4377618..2c992cb902 100644
--- a/core/src/main/resources/jenkins/model/JenkinsLocationConfiguration/config_nl.properties
+++ b/core/src/main/resources/jenkins/model/JenkinsLocationConfiguration/config_nl.properties
@@ -20,5 +20,5 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-System\ Admin\ e-mail\ address=E-mail systeemadministrator
+System\ Admin\ e-mail\ address=E-mail systeembeheerder
 Jenkins\ URL=Jenkins URL
diff --git a/core/src/main/resources/jenkins/model/Messages_nl.properties b/core/src/main/resources/jenkins/model/Messages_nl.properties
index 80bb36bf42..3462e69fc7 100644
--- a/core/src/main/resources/jenkins/model/Messages_nl.properties
+++ b/core/src/main/resources/jenkins/model/Messages_nl.properties
@@ -23,7 +23,7 @@
 Hudson.BadPortNumber=Verkeerd poortnummer {0}
 Hudson.Computer.Caption=Hoofdnode
 Hudson.Computer.DisplayName=hoofdnode
-Hudson.ControlCodeNotAllowed=Geen controle codes toegelaten: {0}
+Hudson.ControlCodeNotAllowed=Geen controlecodes toegelaten: {0}
 Hudson.DisplayName=Jenkins
 Hudson.JobAlreadyExists=Een job met deze naam "{0}" bestaat reeds
 Hudson.NoJavaInPath=java is niet beschikbaar op uw pad. Misschien moet je een <a href=''{0}/configure''>JDK configureren</a>?
diff --git a/core/src/main/resources/jenkins/slaves/systemInfo/Messages_nl.properties b/core/src/main/resources/jenkins/slaves/systemInfo/Messages_nl.properties
index 86f0b78613..4a29060c35 100644
--- a/core/src/main/resources/jenkins/slaves/systemInfo/Messages_nl.properties
+++ b/core/src/main/resources/jenkins/slaves/systemInfo/Messages_nl.properties
@@ -20,5 +20,5 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-EnvVarsSlaveInfo.DisplayName=Omgevings variabelen
-SystemPropertySlaveInfo.DisplayName=Systeem eigenschappen
+EnvVarsSlaveInfo.DisplayName=Omgevingsvariabelen
+SystemPropertySlaveInfo.DisplayName=Systeemeigenschappen
diff --git a/core/src/main/resources/lib/form/serverTcpPort_nl.properties b/core/src/main/resources/lib/form/serverTcpPort_nl.properties
index a9bb580e18..c71481b51a 100644
--- a/core/src/main/resources/lib/form/serverTcpPort_nl.properties
+++ b/core/src/main/resources/lib/form/serverTcpPort_nl.properties
@@ -22,4 +22,4 @@
 
 Fixed=Vast
 Random=Willekeurig
-Disable=Gedesactiveerd
+Disable=Gedeactiveerd
diff --git a/core/src/main/resources/lib/hudson/artifactList_nl.properties b/core/src/main/resources/lib/hudson/artifactList_nl.properties
index 47b8a881e1..199a23f927 100644
--- a/core/src/main/resources/lib/hudson/artifactList_nl.properties
+++ b/core/src/main/resources/lib/hudson/artifactList_nl.properties
@@ -1,3 +1,5 @@
 # This file is under the MIT License by authors
 
-View=Uitklappen
+View=Overzicht
+Collapse\ all=Alles inklappen.
+Expand\ all=Alles uitvouwen.
\ No newline at end of file
diff --git a/core/src/main/resources/lib/hudson/buildListTable_nl.properties b/core/src/main/resources/lib/hudson/buildListTable_nl.properties
index e8568f09f6..d398d99f24 100644
--- a/core/src/main/resources/lib/hudson/buildListTable_nl.properties
+++ b/core/src/main/resources/lib/hudson/buildListTable_nl.properties
@@ -20,7 +20,7 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Click\ to\ center\ timeline\ on\ event=Klik om de tijdslijn op een gebeurtenis te centreren.
+Click\ to\ center\ timeline\ on\ event=Klik op de tijdslijn op een gebeurtenis te centreren.
 Console\ output=Console Uitvoer
 Time\ Since=Datum vanaf
 Status=Status
diff --git a/core/src/main/resources/lib/hudson/project/config-publishers2_nl.properties b/core/src/main/resources/lib/hudson/project/config-publishers2_nl.properties
index 66b54c7dfc..3139075a6e 100644
--- a/core/src/main/resources/lib/hudson/project/config-publishers2_nl.properties
+++ b/core/src/main/resources/lib/hudson/project/config-publishers2_nl.properties
@@ -20,5 +20,5 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Add\ post-build\ action=Toevoegen actie na bouwpoging
-Post-build\ Actions=Acties na bouwpoging
+Add\ post-build\ action=Actie toevoegen die na de bouwpoging uitgevoerd wordt
+Post-build\ Actions=Acties die na de bouwpoging uitgevoerd worden
diff --git a/core/src/main/resources/lib/hudson/project/config-publishers_nl.properties b/core/src/main/resources/lib/hudson/project/config-publishers_nl.properties
index 47c729ec9f..ae58ca6e69 100644
--- a/core/src/main/resources/lib/hudson/project/config-publishers_nl.properties
+++ b/core/src/main/resources/lib/hudson/project/config-publishers_nl.properties
@@ -20,4 +20,4 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Post-build\ Actions=Acties na bouwpoging
\ No newline at end of file
+Post-build\ Actions=Acties voor na de bouwpoging
\ No newline at end of file
diff --git a/core/src/main/resources/lib/hudson/project/configurable_nl.properties b/core/src/main/resources/lib/hudson/project/configurable_nl.properties
index 8bf8f3cb50..5bab50d81e 100644
--- a/core/src/main/resources/lib/hudson/project/configurable_nl.properties
+++ b/core/src/main/resources/lib/hudson/project/configurable_nl.properties
@@ -23,4 +23,4 @@
 Build\ scheduled=Bouw gepland
 delete={0} verwijderen
 Configure=Configureren
-delete.confirm=Ben je zeker van het verwijderen van de {0} {1}?
+delete.confirm=Weet u het zeker om {0} {1} te verwijderen?
diff --git a/core/src/main/resources/lib/layout/breadcrumbBar_nl.properties b/core/src/main/resources/lib/layout/breadcrumbBar_nl.properties
index 20e2dfabab..752f5c0cfe 100644
--- a/core/src/main/resources/lib/layout/breadcrumbBar_nl.properties
+++ b/core/src/main/resources/lib/layout/breadcrumbBar_nl.properties
@@ -1,5 +1,5 @@
 # This file is under the MIT License by authors
 
-DISABLE\ AUTO\ REFRESH=ZET AUTO VERVERSING UIT
+DISABLE\ AUTO\ REFRESH=ZET AUTOMATISCH VERNIEUWEN UIT
 
-ENABLE\ AUTO\ REFRESH=Automatisch herladen inschakelen
+ENABLE\ AUTO\ REFRESH=ZET AUTOMATISCH VERNIEUWEN AAN
-- 
GitLab


From 3fc392108ae382a4616964aa8bbb6b8cb9dff0dc Mon Sep 17 00:00:00 2001
From: Berno Langer <bernolanger@users.noreply.github.com>
Date: Sat, 10 Mar 2018 16:57:37 +0100
Subject: [PATCH 194/863] [JENKINS-48821] - Don't forget estimated duration of
 asynchronous jobs (#3329)

* Don't forget estimated duration of asynchronous jobs.

When jobs are executed, the estimated duration is calculated, memorized
and reseted when the job is finished.

But when the job is executed asynchronously (e.g. as for pipeline
scripts), the execution is just triggered. Therefore the estimated
duration should remain - and not be reseted after triggering.

JENKINS-48821: Time remaining for all pipeline jobs is N/A
JENKINS-49616: Estimated time remaining NA

* Reset cached estimated duration also when asynchronous job ends.
---
 core/src/main/java/hudson/model/Executor.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/model/Executor.java b/core/src/main/java/hudson/model/Executor.java
index e20f9a1eee..efb2cb67dc 100644
--- a/core/src/main/java/hudson/model/Executor.java
+++ b/core/src/main/java/hudson/model/Executor.java
@@ -459,7 +459,6 @@ public class Executor extends Thread implements ModelObject {
             if (asynchronousExecution == null) {
                 finish2();
             }
-            executableEstimatedDuration = DEFAULT_ESTIMATED_DURATION;
         }
     }
 
@@ -490,6 +489,7 @@ public class Executor extends Thread implements ModelObject {
         if (this instanceof OneOffExecutor) {
             owner.remove((OneOffExecutor) this);
         }
+        executableEstimatedDuration = DEFAULT_ESTIMATED_DURATION;
         queue.scheduleMaintenance();
     }
 
-- 
GitLab


From e7fbce371e11b470d78d159fdf0bc45d3688ac4a Mon Sep 17 00:00:00 2001
From: apetres <apetres@users.noreply.github.com>
Date: Sat, 10 Mar 2018 21:55:32 +0200
Subject: [PATCH 195/863] Allow disabling process killing on interruption
 (#3293)

* Allow disabling process killing on interuption

Plugins may want to do custom action when the execution of a remote process is interrupted. Currently it is not possible, because
the process started on a slave is killed on interruption.
My actual use case: https://groups.google.com/forum/#!msg/jenkinsci-dev/s6IkynOzdqE/2eFNKN9lAAAJ

My solution is to have a flag called killWhenInterrupted, set by default to true, which prevents process killing on the slave when unset.

* Invert killWhenInterrupted flag

* Add javadoc
---
 core/src/main/java/hudson/Launcher.java | 43 ++++++++++++++++++++-----
 core/src/main/java/hudson/Proc.java     | 23 +++++++++----
 2 files changed, 52 insertions(+), 14 deletions(-)

diff --git a/core/src/main/java/hudson/Launcher.java b/core/src/main/java/hudson/Launcher.java
index 432a5afe24..78013e9cb3 100644
--- a/core/src/main/java/hudson/Launcher.java
+++ b/core/src/main/java/hudson/Launcher.java
@@ -181,6 +181,12 @@ public abstract class Launcher {
          */
         protected boolean reverseStdin, reverseStdout, reverseStderr;
 
+        /**
+         * True to prevent killing the launched process when it is interrupted
+         * @since TODO
+         */
+        protected boolean dontKillWhenInterrupted;
+
         /**
          * Passes a white-space separated single-string command (like "cat abc def") and parse them
          * as a command argument. This method also handles quotes.
@@ -441,6 +447,22 @@ public abstract class Launcher {
             return this;
         }
 
+        /**
+         * Indicates that the launched process should not be killed when interrupted.
+         * It allows detecting the interruption on caller's side and do custom (cleanup) action while 
+         * the launched process is still running. 
+         * 
+         * <p>
+         * Note that the process can (and should) be killed
+         * via {@link Proc#kill()} when custom action is done.
+         * 
+         * @return {@code this}
+         * @since TODO
+         */
+        public ProcStarter dontKillWhenInterrupted() {
+            this.dontKillWhenInterrupted = true;
+            return this;
+        }
 
         /**
          * Starts the new process as configured.
@@ -926,7 +948,7 @@ public abstract class Launcher {
                     ps.reverseStdin ?LocalProc.SELFPUMP_INPUT:ps.stdin,
                     ps.reverseStdout?LocalProc.SELFPUMP_OUTPUT:ps.stdout,
                     ps.reverseStderr?LocalProc.SELFPUMP_OUTPUT:ps.stderr,
-                    toFile(ps.pwd));
+                    toFile(ps.pwd), ps.dontKillWhenInterrupted);
         }
 
         private File toFile(FilePath f) {
@@ -1049,7 +1071,8 @@ public abstract class Launcher {
             final String workDir = psPwd==null ? null : psPwd.getRemote();
 
             try {
-                return new ProcImpl(getChannel().call(new RemoteLaunchCallable(ps.commands, ps.masks, ps.envs, in, ps.reverseStdin, out, ps.reverseStdout, err, ps.reverseStderr, ps.quiet, workDir, listener)));
+                return new ProcImpl(getChannel().call(new RemoteLaunchCallable(ps.commands, ps.masks, ps.envs, in, ps.reverseStdin,
+                        out, ps.reverseStdout, err, ps.reverseStderr, ps.quiet, workDir, listener, ps.dontKillWhenInterrupted)));
             } catch (InterruptedException e) {
                 throw (IOException)new InterruptedIOException().initCause(e);
             }
@@ -1267,12 +1290,14 @@ public abstract class Launcher {
         private final @Nonnull TaskListener listener;
         private final boolean reverseStdin, reverseStdout, reverseStderr;
         private final boolean quiet;
-
-        RemoteLaunchCallable(@Nonnull List<String> cmd, @CheckForNull boolean[] masks, @CheckForNull String[] env, 
-                @CheckForNull InputStream in, boolean reverseStdin, 
-                @CheckForNull OutputStream out, boolean reverseStdout, 
-                @CheckForNull OutputStream err, boolean reverseStderr, 
-                boolean quiet, @CheckForNull String workDir, @Nonnull TaskListener listener) {
+        private final boolean dontKillWhenInterrupted;
+
+        RemoteLaunchCallable(@Nonnull List<String> cmd, @CheckForNull boolean[] masks, @CheckForNull String[] env,
+                @CheckForNull InputStream in, boolean reverseStdin,
+                @CheckForNull OutputStream out, boolean reverseStdout,
+                @CheckForNull OutputStream err, boolean reverseStderr,
+                boolean quiet, @CheckForNull String workDir,
+                @Nonnull TaskListener listener, boolean dontKillWhenInterrupted) {
             this.cmd = new ArrayList<>(cmd);
             this.masks = masks;
             this.env = env;
@@ -1285,6 +1310,7 @@ public abstract class Launcher {
             this.reverseStdout = reverseStdout;
             this.reverseStderr = reverseStderr;
             this.quiet = quiet;
+            this.dontKillWhenInterrupted = dontKillWhenInterrupted;
         }
 
         public RemoteProcess call() throws IOException {
@@ -1295,6 +1321,7 @@ public abstract class Launcher {
             if (reverseStdin)   ps.writeStdin();
             if (reverseStdout)  ps.readStdout();
             if (reverseStderr)  ps.readStderr();
+            if (dontKillWhenInterrupted) ps.dontKillWhenInterrupted();
 
             final Proc p = ps.start();
 
diff --git a/core/src/main/java/hudson/Proc.java b/core/src/main/java/hudson/Proc.java
index 26d74984cf..f23116a02c 100644
--- a/core/src/main/java/hudson/Proc.java
+++ b/core/src/main/java/hudson/Proc.java
@@ -64,6 +64,12 @@ import org.kohsuke.accmod.restrictions.NoExternalUse;
 public abstract class Proc {
     protected Proc() {}
 
+    /**
+     * Indicates that the process should not be killed on interruption.
+     * @since TODO
+     */
+    protected boolean dontKillWhenInterrupted;
+
     /**
      * Checks if the process is still alive.
      */
@@ -207,17 +213,17 @@ public abstract class Proc {
         }
 
         public LocalProc(String[] cmd,String[] env,InputStream in,OutputStream out, File workDir) throws IOException {
-            this(cmd,env,in,out,null,workDir);
+            this(cmd,env,in,out,null,workDir, true);
         }
 
         /**
          * @param err
          *      null to redirect stderr to stdout.
          */
-        public LocalProc(String[] cmd,String[] env,InputStream in,OutputStream out,OutputStream err,File workDir) throws IOException {
+        public LocalProc(String[] cmd,String[] env,InputStream in,OutputStream out,OutputStream err,File workDir, boolean dontKillWhenInterrupted) throws IOException {
             this( calcName(cmd),
                   stderr(environment(new ProcessBuilder(cmd),env).directory(workDir), err==null || err== SELFPUMP_OUTPUT),
-                  in, out, err );
+                  in, out, err, dontKillWhenInterrupted);
         }
 
         private static ProcessBuilder stderr(ProcessBuilder pb, boolean redirectError) {
@@ -237,10 +243,11 @@ public abstract class Proc {
             return pb;
         }
 
-        private LocalProc( String name, ProcessBuilder procBuilder, InputStream in, OutputStream out, OutputStream err ) throws IOException {
+        private LocalProc( String name, ProcessBuilder procBuilder, InputStream in, OutputStream out, OutputStream err, boolean dontKillWhenInterrupted ) throws IOException {
             Logger.getLogger(Proc.class.getName()).log(Level.FINE, "Running: {0}", name);
             this.name = name;
             this.out = out;
+            this.dontKillWhenInterrupted = dontKillWhenInterrupted;
             this.cookie = EnvVars.createCookie();
             procBuilder.environment().putAll(cookie);
             if (procBuilder.directory() != null && !procBuilder.directory().exists()) {
@@ -354,7 +361,9 @@ public abstract class Proc {
                 return r;
             } catch (InterruptedException e) {
                 // aborting. kill the process
-                destroy();
+                if (!dontKillWhenInterrupted) {
+                    destroy();
+                }
                 throw e;
             } finally {
                 t.setName(oldName);
@@ -462,7 +471,9 @@ public abstract class Proc {
                 return process.get();
             } catch (InterruptedException e) {
                 LOGGER.log(Level.FINE, String.format("Join operation has been interrupted for the process %s. Killing the process", this), e);
-                kill();
+                if (!dontKillWhenInterrupted) {
+                    kill();
+                }
                 throw e;
             } catch (ExecutionException e) {
                 if(e.getCause() instanceof IOException)
-- 
GitLab


From 86e510a92f5b3d910adcefd72b6f66da0416987a Mon Sep 17 00:00:00 2001
From: Devin Nusbaum <dwnusbaum@users.noreply.github.com>
Date: Sat, 10 Mar 2018 14:59:30 -0500
Subject: [PATCH 196/863] [JENKINS-49906] Use more specific and less urgent
 message when renaming (#3326)

* [JENKINS-49906] Use more specific and less urgent message when the name is unchanged

* [JENKINS-49906] Fix tests now that the error message is different
---
 core/src/main/java/hudson/model/AbstractItem.java        | 3 +++
 core/src/main/resources/hudson/model/Messages.properties | 1 +
 test/src/test/java/hudson/model/AbstractItemTest.java    | 9 ++++++---
 3 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/hudson/model/AbstractItem.java b/core/src/main/java/hudson/model/AbstractItem.java
index 22e27022ea..ffc627405d 100644
--- a/core/src/main/java/hudson/model/AbstractItem.java
+++ b/core/src/main/java/hudson/model/AbstractItem.java
@@ -284,6 +284,9 @@ public abstract class AbstractItem extends Actionable implements Item, HttpDelet
         try {
             Jenkins.checkGoodName(newName);
             assert newName != null; // Would have thrown Failure
+            if (newName.equals(name)) {
+                return FormValidation.warning(Messages.AbstractItem_NewNameUnchanged());
+            }
             Jenkins.get().getProjectNamingStrategy().checkName(newName);
             checkIfNameIsUsed(newName);
             checkRename(newName);
diff --git a/core/src/main/resources/hudson/model/Messages.properties b/core/src/main/resources/hudson/model/Messages.properties
index 3bc6f922bc..df9d52bf89 100644
--- a/core/src/main/resources/hudson/model/Messages.properties
+++ b/core/src/main/resources/hudson/model/Messages.properties
@@ -36,6 +36,7 @@ AbstractItem.BeingDeleted={0} is currently being deleted
 AbstractItem.FailureToStopBuilds=Failed to interrupt and stop {0,choice,1#{0,number,integer} build|1<{0,number,integer} \
   builds} of {1}
 AbstractItem.NewNameInUse=The name \u201c{0}\u201d is already in use.
+AbstractItem.NewNameUnchanged=The new name is the same as the current name.
 AbstractProject.AssignedLabelString_NoMatch_DidYouMean=There\u2019s no agent/cloud that matches this assignment. Did you mean \u2018{1}\u2019 instead of \u2018{0}\u2019?
 AbstractProject.NewBuildForWorkspace=Scheduling a new build to get a workspace.
 AbstractProject.AwaitingBuildForWorkspace=Awaiting build to get a workspace.
diff --git a/test/src/test/java/hudson/model/AbstractItemTest.java b/test/src/test/java/hudson/model/AbstractItemTest.java
index 8f21cad726..0c7171598b 100644
--- a/test/src/test/java/hudson/model/AbstractItemTest.java
+++ b/test/src/test/java/hudson/model/AbstractItemTest.java
@@ -63,11 +63,13 @@ public class AbstractItemTest {
     public void checkRenameValidity() throws Exception {
         FreeStyleProject p = j.createFreeStyleProject("foo");
         p.getBuildersList().add(new SleepBuilder(10));
+        j.createFreeStyleProject("foo-exists");
 
         assertThat(checkNameAndReturnError(p, ""), equalTo(Messages.Hudson_NoName()));
         assertThat(checkNameAndReturnError(p, ".."), equalTo(Messages.Jenkins_NotAllowedName("..")));
         assertThat(checkNameAndReturnError(p, "50%"), equalTo(Messages.Hudson_UnsafeChar('%')));
-        assertThat(checkNameAndReturnError(p, "foo"), equalTo(Messages.AbstractItem_NewNameInUse("foo")));
+        assertThat(checkNameAndReturnError(p, "foo"), equalTo(Messages.AbstractItem_NewNameUnchanged()));
+        assertThat(checkNameAndReturnError(p, "foo-exists"), equalTo(Messages.AbstractItem_NewNameInUse("foo-exists")));
 
         j.jenkins.setProjectNamingStrategy(new ProjectNamingStrategy.PatternProjectNamingStrategy("bar", "", false));
         assertThat(checkNameAndReturnError(p, "foo1"), equalTo(jenkins.model.Messages.Hudson_JobNameConventionNotApplyed("foo1", "bar")));
@@ -84,12 +86,13 @@ public class AbstractItemTest {
         mas.grant(Item.READ).everywhere().to("alice");
         j.jenkins.setAuthorizationStrategy(mas);
         FreeStyleProject p = j.createFreeStyleProject("foo");
+        j.createFreeStyleProject("foo-exists");
 
         try (ACLContext unused = ACL.as(User.getById("alice", true))) {
-            assertThat(checkNameAndReturnError(p, "foo"), equalTo(Messages.AbstractItem_NewNameInUse("foo")));
+            assertThat(checkNameAndReturnError(p, "foo-exists"), equalTo(Messages.AbstractItem_NewNameInUse("foo-exists")));
         }
         try (ACLContext unused = ACL.as(User.getById("bob", true))) {
-            assertThat(checkNameAndReturnError(p, "foo"), equalTo(Messages.Jenkins_NotAllowedName("foo")));
+            assertThat(checkNameAndReturnError(p, "foo-exists"), equalTo(Messages.Jenkins_NotAllowedName("foo-exists")));
         }
         try (ACLContext unused = ACL.as(User.getById("carol", true))) {
             try {
-- 
GitLab


From b7d47fbc1a0b6946090aba529c3d3c55067effe0 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sat, 10 Mar 2018 21:20:27 +0100
Subject: [PATCH 197/863] [JENKINS-38812] - Replace non-standard name
 processing with StringUtils

---
 .../model/AutoCompletionCandidates.java       | 29 +++++++++----------
 1 file changed, 13 insertions(+), 16 deletions(-)

diff --git a/core/src/main/java/hudson/model/AutoCompletionCandidates.java b/core/src/main/java/hudson/model/AutoCompletionCandidates.java
index f410633441..29ce16f4ca 100644
--- a/core/src/main/java/hudson/model/AutoCompletionCandidates.java
+++ b/core/src/main/java/hudson/model/AutoCompletionCandidates.java
@@ -38,6 +38,7 @@ import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
 import javax.annotation.CheckForNull;
+import org.apache.commons.lang.StringUtils;
 
 /**
  * Data representation of the auto-completion candidates.
@@ -118,36 +119,28 @@ public class AutoCompletionCandidates implements HttpResponse {
 
             @Override
             public void onItem(Item i) {
-                String n = contextualNameOf(i);
+                String itemName = contextualNameOf(i);
                 
                 //Check user's setting on whether to do case sensitive comparison, configured in user -> configure
                 //This is the same setting that is used by the global search field, should be consistent throughout
                 //the whole application.
-                boolean caseInsensitive = UserSearchProperty.isCaseInsensitive(); 
-                
-                String hay = n;
-                String needle = value;
-                
-                if(caseInsensitive) {
-                	hay = hay.toLowerCase();
-                	needle = needle.toLowerCase();
-                }
-                
-                if ((hay.startsWith(needle) || needle.startsWith(hay))
+                boolean caseInsensitive = UserSearchProperty.isCaseInsensitive();
+
+                if ((startsWithImpl(itemName, value, caseInsensitive) || startsWithImpl(value, itemName, caseInsensitive))
                     // 'foobar' is a valid candidate if the current value is 'foo'.
                     // Also, we need to visit 'foo' if the current value is 'foo/bar'
-                 && (needle.length()>hay.length() || !hay.substring(needle.length()).contains("/"))
+                 && (value.length()> itemName.length() || !itemName.substring(value.length()).contains("/"))
                     // but 'foobar/zot' isn't if the current value is 'foo'
                     // we'll first show 'foobar' and then wait for the user to type '/' to show the rest
                  && i.hasPermission(Item.READ)
                     // and read permission required
                 ) {
-                    if (type.isInstance(i) && hay.startsWith(needle))
-                        candidates.add(n);
+                    if (type.isInstance(i) && startsWithImpl(itemName, value, caseInsensitive))
+                        candidates.add(itemName);
 
                     // recurse
                     String oldPrefix = prefix;
-                    prefix = n;
+                    prefix = itemName;
                     super.onItem(i);
                     prefix = oldPrefix;
                 }
@@ -176,4 +169,8 @@ public class AutoCompletionCandidates implements HttpResponse {
 
         return candidates;
     }
+
+    private static boolean startsWithImpl(String str, String prefix, boolean ignoreCase) {
+        return ignoreCase ? StringUtils.startsWithIgnoreCase(str, prefix) : str.startsWith(prefix);
+    }
 }
-- 
GitLab


From 5e0e55335319f41e821c3b1423e69510c9c20559 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sat, 10 Mar 2018 21:54:43 +0100
Subject: [PATCH 198/863] [JENKINS-50064] - Suppress FindBugs warning in CLI,
 switch to the medium level

---
 cli/pom.xml                              | 10 ++++++++++
 cli/src/main/java/hudson/cli/SSHCLI.java |  3 +++
 2 files changed, 13 insertions(+)

diff --git a/cli/pom.xml b/cli/pom.xml
index 26b3089a14..e5483981cf 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -13,6 +13,11 @@
   <name>Jenkins cli</name>
   <description>Command line interface for Jenkins</description>
 
+  <properties>
+    <!-- TODO: remove once Medium level is set in the core (JENKINS-36716) -->
+    <findbugs.threshold>Medium</findbugs.threshold>
+  </properties>
+
   <dependencies>
     <dependency>
       <groupId>org.powermock</groupId>
@@ -67,6 +72,11 @@
       <artifactId>trilead-ssh2</artifactId>
       <version>build214-jenkins-1</version>
     </dependency>
+    <dependency>
+      <groupId>com.google.code.findbugs</groupId>
+      <artifactId>annotations</artifactId>
+      <scope>provided</scope>
+    </dependency>
   </dependencies>
 
   <build>
diff --git a/cli/src/main/java/hudson/cli/SSHCLI.java b/cli/src/main/java/hudson/cli/SSHCLI.java
index bdd6c2beb5..39dc9210a3 100644
--- a/cli/src/main/java/hudson/cli/SSHCLI.java
+++ b/cli/src/main/java/hudson/cli/SSHCLI.java
@@ -51,6 +51,8 @@ import org.apache.sshd.common.util.io.NoCloseInputStream;
 import org.apache.sshd.common.util.io.NoCloseOutputStream;
 import org.apache.sshd.common.util.security.SecurityUtils;
 
+import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
+
 /**
  * Implements SSH connection mode of {@link CLI}.
  * In a separate class to avoid any class loading of {@code sshd-core} when not using {@code -ssh} mode.
@@ -59,6 +61,7 @@ import org.apache.sshd.common.util.security.SecurityUtils;
  */
 class SSHCLI {
 
+    @SuppressFBWarnings(value = "RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE", justification = "Due to whatever reason FindBugs reports it fot try-with-resources")
     static int sshConnection(String jenkinsUrl, String user, List<String> args, PrivateKeyProvider provider, final boolean strictHostKey) throws IOException {
         Logger.getLogger(SecurityUtils.class.getName()).setLevel(Level.WARNING); // suppress: BouncyCastle not registered, using the default JCE provider
         URL url = new URL(jenkinsUrl + "login");
-- 
GitLab


From de86f325db7f2b85b1c9fe723309059a592a63ac Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sat, 10 Mar 2018 21:56:15 +0100
Subject: [PATCH 199/863] [JENKINS-36716] - Update Jenkins core to new FindBugs
 annotations from parent POM + refer the EPIC

---
 core/pom.xml | 3 ---
 pom.xml      | 1 +
 2 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/core/pom.xml b/core/pom.xml
index 17d307d07a..9ea21fa18e 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -42,8 +42,6 @@ THE SOFTWARE.
     <stapler.version>1.254</stapler.version>
     <spring.version>2.5.6.SEC03</spring.version>
     <groovy.version>2.4.11</groovy.version>
-    <!-- TODO: Actually many issues are being filtered by src/findbugs/findbugs-excludes.xml -->
-    <findbugs.failOnError>true</findbugs.failOnError>
   </properties>
 
   <dependencies>
@@ -600,7 +598,6 @@ THE SOFTWARE.
     <dependency>
       <groupId>com.google.code.findbugs</groupId>
       <artifactId>annotations</artifactId>
-      <version>3.0.0</version>
       <scope>provided</scope>
     </dependency>
 
diff --git a/pom.xml b/pom.xml
index 42b55ce764..bac75ef92a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -107,6 +107,7 @@ THE SOFTWARE.
     <remoting.version>3.17</remoting.version>
     <remoting.minimum.supported.version>2.60</remoting.minimum.supported.version>
 
+    <!-- TODO: JENKINS-36716 - Switch to Medium once FindBugs is cleaned up, 430 issues on Mar 10, 2018 -->
     <findbugs.effort>Max</findbugs.effort>
     <findbugs.threshold>High</findbugs.threshold>
     <findbugs.excludeFilterFile>../src/findbugs/findbugs-excludes.xml</findbugs.excludeFilterFile>
-- 
GitLab


From fe38050110ad58ddfc17c68f959821c0af366f19 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Sat, 10 Mar 2018 23:40:49 +0100
Subject: [PATCH 200/863] Revert "Allow disabling process killing on
 interruption (#3293)"

This reverts commit e7fbce371e11b470d78d159fdf0bc45d3688ac4a.
---
 core/src/main/java/hudson/Launcher.java | 43 +++++--------------------
 core/src/main/java/hudson/Proc.java     | 23 ++++---------
 2 files changed, 14 insertions(+), 52 deletions(-)

diff --git a/core/src/main/java/hudson/Launcher.java b/core/src/main/java/hudson/Launcher.java
index 78013e9cb3..432a5afe24 100644
--- a/core/src/main/java/hudson/Launcher.java
+++ b/core/src/main/java/hudson/Launcher.java
@@ -181,12 +181,6 @@ public abstract class Launcher {
          */
         protected boolean reverseStdin, reverseStdout, reverseStderr;
 
-        /**
-         * True to prevent killing the launched process when it is interrupted
-         * @since TODO
-         */
-        protected boolean dontKillWhenInterrupted;
-
         /**
          * Passes a white-space separated single-string command (like "cat abc def") and parse them
          * as a command argument. This method also handles quotes.
@@ -447,22 +441,6 @@ public abstract class Launcher {
             return this;
         }
 
-        /**
-         * Indicates that the launched process should not be killed when interrupted.
-         * It allows detecting the interruption on caller's side and do custom (cleanup) action while 
-         * the launched process is still running. 
-         * 
-         * <p>
-         * Note that the process can (and should) be killed
-         * via {@link Proc#kill()} when custom action is done.
-         * 
-         * @return {@code this}
-         * @since TODO
-         */
-        public ProcStarter dontKillWhenInterrupted() {
-            this.dontKillWhenInterrupted = true;
-            return this;
-        }
 
         /**
          * Starts the new process as configured.
@@ -948,7 +926,7 @@ public abstract class Launcher {
                     ps.reverseStdin ?LocalProc.SELFPUMP_INPUT:ps.stdin,
                     ps.reverseStdout?LocalProc.SELFPUMP_OUTPUT:ps.stdout,
                     ps.reverseStderr?LocalProc.SELFPUMP_OUTPUT:ps.stderr,
-                    toFile(ps.pwd), ps.dontKillWhenInterrupted);
+                    toFile(ps.pwd));
         }
 
         private File toFile(FilePath f) {
@@ -1071,8 +1049,7 @@ public abstract class Launcher {
             final String workDir = psPwd==null ? null : psPwd.getRemote();
 
             try {
-                return new ProcImpl(getChannel().call(new RemoteLaunchCallable(ps.commands, ps.masks, ps.envs, in, ps.reverseStdin,
-                        out, ps.reverseStdout, err, ps.reverseStderr, ps.quiet, workDir, listener, ps.dontKillWhenInterrupted)));
+                return new ProcImpl(getChannel().call(new RemoteLaunchCallable(ps.commands, ps.masks, ps.envs, in, ps.reverseStdin, out, ps.reverseStdout, err, ps.reverseStderr, ps.quiet, workDir, listener)));
             } catch (InterruptedException e) {
                 throw (IOException)new InterruptedIOException().initCause(e);
             }
@@ -1290,14 +1267,12 @@ public abstract class Launcher {
         private final @Nonnull TaskListener listener;
         private final boolean reverseStdin, reverseStdout, reverseStderr;
         private final boolean quiet;
-        private final boolean dontKillWhenInterrupted;
-
-        RemoteLaunchCallable(@Nonnull List<String> cmd, @CheckForNull boolean[] masks, @CheckForNull String[] env,
-                @CheckForNull InputStream in, boolean reverseStdin,
-                @CheckForNull OutputStream out, boolean reverseStdout,
-                @CheckForNull OutputStream err, boolean reverseStderr,
-                boolean quiet, @CheckForNull String workDir,
-                @Nonnull TaskListener listener, boolean dontKillWhenInterrupted) {
+
+        RemoteLaunchCallable(@Nonnull List<String> cmd, @CheckForNull boolean[] masks, @CheckForNull String[] env, 
+                @CheckForNull InputStream in, boolean reverseStdin, 
+                @CheckForNull OutputStream out, boolean reverseStdout, 
+                @CheckForNull OutputStream err, boolean reverseStderr, 
+                boolean quiet, @CheckForNull String workDir, @Nonnull TaskListener listener) {
             this.cmd = new ArrayList<>(cmd);
             this.masks = masks;
             this.env = env;
@@ -1310,7 +1285,6 @@ public abstract class Launcher {
             this.reverseStdout = reverseStdout;
             this.reverseStderr = reverseStderr;
             this.quiet = quiet;
-            this.dontKillWhenInterrupted = dontKillWhenInterrupted;
         }
 
         public RemoteProcess call() throws IOException {
@@ -1321,7 +1295,6 @@ public abstract class Launcher {
             if (reverseStdin)   ps.writeStdin();
             if (reverseStdout)  ps.readStdout();
             if (reverseStderr)  ps.readStderr();
-            if (dontKillWhenInterrupted) ps.dontKillWhenInterrupted();
 
             final Proc p = ps.start();
 
diff --git a/core/src/main/java/hudson/Proc.java b/core/src/main/java/hudson/Proc.java
index f23116a02c..26d74984cf 100644
--- a/core/src/main/java/hudson/Proc.java
+++ b/core/src/main/java/hudson/Proc.java
@@ -64,12 +64,6 @@ import org.kohsuke.accmod.restrictions.NoExternalUse;
 public abstract class Proc {
     protected Proc() {}
 
-    /**
-     * Indicates that the process should not be killed on interruption.
-     * @since TODO
-     */
-    protected boolean dontKillWhenInterrupted;
-
     /**
      * Checks if the process is still alive.
      */
@@ -213,17 +207,17 @@ public abstract class Proc {
         }
 
         public LocalProc(String[] cmd,String[] env,InputStream in,OutputStream out, File workDir) throws IOException {
-            this(cmd,env,in,out,null,workDir, true);
+            this(cmd,env,in,out,null,workDir);
         }
 
         /**
          * @param err
          *      null to redirect stderr to stdout.
          */
-        public LocalProc(String[] cmd,String[] env,InputStream in,OutputStream out,OutputStream err,File workDir, boolean dontKillWhenInterrupted) throws IOException {
+        public LocalProc(String[] cmd,String[] env,InputStream in,OutputStream out,OutputStream err,File workDir) throws IOException {
             this( calcName(cmd),
                   stderr(environment(new ProcessBuilder(cmd),env).directory(workDir), err==null || err== SELFPUMP_OUTPUT),
-                  in, out, err, dontKillWhenInterrupted);
+                  in, out, err );
         }
 
         private static ProcessBuilder stderr(ProcessBuilder pb, boolean redirectError) {
@@ -243,11 +237,10 @@ public abstract class Proc {
             return pb;
         }
 
-        private LocalProc( String name, ProcessBuilder procBuilder, InputStream in, OutputStream out, OutputStream err, boolean dontKillWhenInterrupted ) throws IOException {
+        private LocalProc( String name, ProcessBuilder procBuilder, InputStream in, OutputStream out, OutputStream err ) throws IOException {
             Logger.getLogger(Proc.class.getName()).log(Level.FINE, "Running: {0}", name);
             this.name = name;
             this.out = out;
-            this.dontKillWhenInterrupted = dontKillWhenInterrupted;
             this.cookie = EnvVars.createCookie();
             procBuilder.environment().putAll(cookie);
             if (procBuilder.directory() != null && !procBuilder.directory().exists()) {
@@ -361,9 +354,7 @@ public abstract class Proc {
                 return r;
             } catch (InterruptedException e) {
                 // aborting. kill the process
-                if (!dontKillWhenInterrupted) {
-                    destroy();
-                }
+                destroy();
                 throw e;
             } finally {
                 t.setName(oldName);
@@ -471,9 +462,7 @@ public abstract class Proc {
                 return process.get();
             } catch (InterruptedException e) {
                 LOGGER.log(Level.FINE, String.format("Join operation has been interrupted for the process %s. Killing the process", this), e);
-                if (!dontKillWhenInterrupted) {
-                    kill();
-                }
+                kill();
                 throw e;
             } catch (ExecutionException e) {
                 if(e.getCause() instanceof IOException)
-- 
GitLab


From fa54b49f3281d5e0a0bf2d7c64e417a3158bd6a8 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sun, 11 Mar 2018 01:00:52 +0100
Subject: [PATCH 201/863] [JENKINS-49737 ] - Update Extras Executable WAR to
 1.38 (#3336)

* [JENKINS-49737] - Update Extras Executable WAR to 1.38

* Use the released version of Extras Executable War 1.38
---
 war/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/war/pom.xml b/war/pom.xml
index 8ff55e2370..92b463f92c 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -49,7 +49,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>org.jenkins-ci</groupId>
       <artifactId>executable-war</artifactId>
-      <version>1.37</version>
+      <version>1.38</version>
       <scope>provided</scope>
     </dependency>
     <dependency>
-- 
GitLab


From 7ef9e6583cc16760cbd8b744e0e08d53d827370f Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sun, 11 Mar 2018 02:53:51 +0100
Subject: [PATCH 202/863] Amends #3211: Restore Source compatibility of
 hudson.util.TextFile#lines() (#3340)

* Amends #3211: Restore Source compatibility of hudson.util.TextFile#lines()

* Address comments from @dtrebbien
---
 core/src/main/java/hudson/util/TextFile.java    | 17 ++++++++++++++++-
 .../java/jenkins/security/s2m/ConfigFile.java   |  2 +-
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/util/TextFile.java b/core/src/main/java/hudson/util/TextFile.java
index 3ffbe0dad3..e9bb0c8b5a 100644
--- a/core/src/main/java/hudson/util/TextFile.java
+++ b/core/src/main/java/hudson/util/TextFile.java
@@ -80,6 +80,20 @@ public class TextFile {
         return out.toString();
     }
 
+    /**
+     * @throws RuntimeException in the case of {@link IOException} in {@link #linesStream()}
+     * @deprecated This method does not properly propagate errors and may lead to file descriptor leaks
+     *             if the collection is not fully iterated. Use {@link #linesStream()} instead.
+     */
+    @Deprecated
+    public @Nonnull Iterable<String> lines() {
+        try {
+            return linesStream();
+        } catch (IOException ex) {
+            throw new RuntimeException(ex);
+        }
+    }
+
     /**
      * Creates a new {@link jenkins.util.io.LinesStream} of the file.
      * <p>
@@ -87,9 +101,10 @@ public class TextFile {
      * <code>LinesStream</code>.
      * @throws IOException if the file cannot be converted to a
      * {@link java.nio.file.Path} or if the file cannot be opened for reading
+     * @since TODO
      */
     @CreatesObligation
-    public @Nonnull LinesStream lines() throws IOException {
+    public @Nonnull LinesStream linesStream() throws IOException {
         return new LinesStream(Util.fileToPath(file));
     }
 
diff --git a/core/src/main/java/jenkins/security/s2m/ConfigFile.java b/core/src/main/java/jenkins/security/s2m/ConfigFile.java
index ca32d0e763..f52b64d370 100644
--- a/core/src/main/java/jenkins/security/s2m/ConfigFile.java
+++ b/core/src/main/java/jenkins/security/s2m/ConfigFile.java
@@ -56,7 +56,7 @@ abstract class ConfigFile<T,COL extends Collection<T>> extends TextFile {
         COL result = create();
 
         if (exists()) {
-            try (LinesStream stream = lines()) {
+            try (LinesStream stream = linesStream()) {
                 for (String line : stream) {
                     if (line.startsWith("#")) continue;   // comment
                     T r = parse(line);
-- 
GitLab


From 1b6b5754a7bf264872b508736b80cc6f646429e2 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sun, 11 Mar 2018 13:06:20 +0100
Subject: [PATCH 203/863] Fix typo in the private
 Slave#reportLauncherCreateError() method name (#3341)

---
 core/src/main/java/hudson/model/Slave.java | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/core/src/main/java/hudson/model/Slave.java b/core/src/main/java/hudson/model/Slave.java
index cde11411fe..9b0a02b338 100644
--- a/core/src/main/java/hudson/model/Slave.java
+++ b/core/src/main/java/hudson/model/Slave.java
@@ -493,19 +493,19 @@ public abstract class Slave extends Node implements Serializable {
             // RemoteLauncher requires an active Channel instance to operate correctly
             final Channel channel = c.getChannel();
             if (channel == null) { 
-                reportLauncerCreateError("The agent has not been fully initialized yet",
+                reportLauncherCreateError("The agent has not been fully initialized yet",
                                          "No remoting channel to the agent OR it has not been fully initialized yet", listener);
                 return new Launcher.DummyLauncher(listener);
             }
             if (channel.isClosingOrClosed()) {
-                reportLauncerCreateError("The agent is being disconnected",
+                reportLauncherCreateError("The agent is being disconnected",
                                          "Remoting channel is either in the process of closing down or has closed down", listener);
                 return new Launcher.DummyLauncher(listener);
             }
             final Boolean isUnix = c.isUnix();
             if (isUnix == null) {
                 // isUnix is always set when the channel is not null, so it should never happen
-                reportLauncerCreateError("The agent has not been fully initialized yet",
+                reportLauncherCreateError("The agent has not been fully initialized yet",
                                          "Cannot determing if the agent is a Unix one, the System status request has not completed yet. " +
                                          "It is an invalid channel state, please report a bug to Jenkins if you see it.", 
                                          listener);
@@ -516,7 +516,7 @@ public abstract class Slave extends Node implements Serializable {
         }
     }
     
-    private void reportLauncerCreateError(@Nonnull String humanReadableMsg, @CheckForNull String exceptionDetails, @Nonnull TaskListener listener) {
+    private void reportLauncherCreateError(@Nonnull String humanReadableMsg, @CheckForNull String exceptionDetails, @Nonnull TaskListener listener) {
         String message = "Issue with creating launcher for agent " + name + ". " + humanReadableMsg;
         listener.error(message);
         if (LOGGER.isLoggable(Level.WARNING)) {
-- 
GitLab


From 9bc4c95d44a3538a4fb6dd67efecd2c6448c3664 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Sun, 11 Mar 2018 13:23:45 +0100
Subject: [PATCH 204/863] Revert "Merge pull request #3277 from
 uhafner/prototype-1.7.3"

This reverts commit 46510e2d2dfef1549d86345e8b765dfb686f11f0, reversing
changes made to 29f146c7c2861fc50522f2bfe183fcaef06713c7.
---
 war/src/main/webapp/scripts/prototype.js | 5688 ++++++++--------------
 1 file changed, 2091 insertions(+), 3597 deletions(-)

diff --git a/war/src/main/webapp/scripts/prototype.js b/war/src/main/webapp/scripts/prototype.js
index d636b1c52d..63644c0a5c 100644
--- a/war/src/main/webapp/scripts/prototype.js
+++ b/war/src/main/webapp/scripts/prototype.js
@@ -1,4 +1,4 @@
-/*  Prototype JavaScript framework, version 1.7.3
+/*  Prototype JavaScript framework, version 1.7
  *  (c) 2005-2010 Sam Stephenson
  *
  *  Prototype is freely distributable under the terms of an MIT-style license.
@@ -8,7 +8,7 @@
 
 var Prototype = {
 
-  Version: '1.7.3',
+  Version: '1.7',
 
   Browser: (function(){
     var ua = navigator.userAgent;
@@ -49,7 +49,7 @@ var Prototype = {
     })()
   },
 
-  ScriptFragment: '<script[^>]*>([\\S\\s]*?)<\/script\\s*>',
+  ScriptFragment: '<script[^>]*>([\\S\\s]*?)<\/script>',
   JSONFilter: /^\/\*-secure-([\s\S]*)\*\/\s*$/,
 
   emptyFunction: function() { },
@@ -59,6 +59,27 @@ var Prototype = {
 
 if (Prototype.Browser.MobileSafari)
   Prototype.BrowserFeatures.SpecificElementExtensions = false;
+
+
+var Abstract = { };
+
+
+var Try = {
+  these: function() {
+    var returnValue;
+
+    for (var i = 0, length = arguments.length; i < length; i++) {
+      var lambda = arguments[i];
+      try {
+        returnValue = lambda();
+        break;
+      } catch (e) { }
+    }
+
+    return returnValue;
+  }
+};
+
 /* Based on Alex Arnell's inheritance implementation. */
 
 var Class = (function() {
@@ -120,13 +141,8 @@ var Class = (function() {
           return function() { return ancestor[m].apply(this, arguments); };
         })(property).wrap(method);
 
-        value.valueOf = (function(method) {
-          return function() { return method.valueOf.call(method); };
-        })(method);
-
-        value.toString = (function(method) {
-          return function() { return method.toString.call(method); };
-        })(method);
+        value.valueOf = method.valueOf.bind(method);
+        value.toString = method.toString.bind(method);
       }
       this.prototype[property] = value;
     }
@@ -144,7 +160,6 @@ var Class = (function() {
 (function() {
 
   var _toString = Object.prototype.toString,
-      _hasOwnProperty = Object.prototype.hasOwnProperty,
       NULL_TYPE = 'Null',
       UNDEFINED_TYPE = 'Undefined',
       BOOLEAN_TYPE = 'Boolean',
@@ -162,18 +177,6 @@ var Class = (function() {
         JSON.stringify(0) === '0' &&
         typeof JSON.stringify(Prototype.K) === 'undefined';
 
-
-
-  var DONT_ENUMS = ['toString', 'toLocaleString', 'valueOf',
-   'hasOwnProperty', 'isPrototypeOf', 'propertyIsEnumerable', 'constructor'];
-
-  var IS_DONTENUM_BUGGY = (function(){
-    for (var p in { toString: 1 }) {
-      if (p === 'toString') return false;
-    }
-    return true;
-  })();
-
   function Type(o) {
     switch(o) {
       case null: return NULL_TYPE;
@@ -210,7 +213,9 @@ var Class = (function() {
   }
 
   function Str(key, holder, stack) {
-    var value = holder[key];
+    var value = holder[key],
+        type = typeof value;
+
     if (Type(value) === OBJECT_TYPE && typeof value.toJSON === 'function') {
       value = value.toJSON(key);
     }
@@ -230,7 +235,7 @@ var Class = (function() {
       case false: return 'false';
     }
 
-    var type = typeof value;
+    type = typeof value;
     switch (type) {
       case 'string':
         return value.inspect(true);
@@ -239,9 +244,7 @@ var Class = (function() {
       case 'object':
 
         for (var i = 0, length = stack.length; i < length; i++) {
-          if (stack[i] === value) {
-            throw new TypeError("Cyclic reference to '" + value + "' in object");
-          }
+          if (stack[i] === value) { throw new TypeError(); }
         }
         stack.push(value);
 
@@ -283,17 +286,10 @@ var Class = (function() {
     if (Type(object) !== OBJECT_TYPE) { throw new TypeError(); }
     var results = [];
     for (var property in object) {
-      if (_hasOwnProperty.call(object, property))
+      if (object.hasOwnProperty(property)) {
         results.push(property);
-    }
-
-    if (IS_DONTENUM_BUGGY) {
-      for (var i = 0; property = DONT_ENUMS[i]; i++) {
-        if (_hasOwnProperty.call(object, property))
-          results.push(property);
       }
     }
-
     return results;
   }
 
@@ -410,27 +406,13 @@ Object.extend(Function.prototype, (function() {
     return names.length == 1 && !names[0] ? [] : names;
   }
 
-
   function bind(context) {
-    if (arguments.length < 2 && Object.isUndefined(arguments[0]))
-      return this;
-
-    if (!Object.isFunction(this))
-      throw new TypeError("The object is not callable.");
-
-    var nop = function() {};
+    if (arguments.length < 2 && Object.isUndefined(arguments[0])) return this;
     var __method = this, args = slice.call(arguments, 1);
-
-    var bound = function() {
+    return function() {
       var a = merge(args, arguments);
-      var c = this instanceof bound ? this : context;
-      return __method.apply(c, a);
-    };
-
-    nop.prototype   = this.prototype;
-    bound.prototype = new nop();
-
-    return bound;
+      return __method.apply(context, a);
+    }
   }
 
   function bindAsEventListener(context) {
@@ -480,20 +462,16 @@ Object.extend(Function.prototype, (function() {
     };
   }
 
-  var extensions = {
+  return {
     argumentNames:       argumentNames,
+    bind:                bind,
     bindAsEventListener: bindAsEventListener,
     curry:               curry,
     delay:               delay,
     defer:               defer,
     wrap:                wrap,
     methodize:           methodize
-  };
-
-  if (!Function.prototype.bind)
-    extensions.bind = bind;
-
-  return extensions;
+  }
 })());
 
 
@@ -587,11 +565,6 @@ Object.extend(String.prototype, (function() {
     return function(match) { return template.evaluate(match) };
   }
 
-  function isNonEmptyRegExp(regexp) {
-    return regexp.source && regexp.source !== '(?:)';
-  }
-
-
   function gsub(pattern, replacement) {
     var result = '', source = this, match;
     replacement = prepareReplacement(replacement);
@@ -599,14 +572,13 @@ Object.extend(String.prototype, (function() {
     if (Object.isString(pattern))
       pattern = RegExp.escape(pattern);
 
-    if (!(pattern.length || isNonEmptyRegExp(pattern))) {
+    if (!(pattern.length || pattern.source)) {
       replacement = replacement('');
       return replacement + source.split('').join(replacement) + replacement;
     }
 
     while (source.length > 0) {
-      match = source.match(pattern)
-      if (match && match[0].length > 0) {
+      if (match = source.match(pattern)) {
         result += source.slice(0, match.index);
         result += String.interpret(replacement(match));
         source  = source.slice(match.index + match[0].length);
@@ -644,7 +616,7 @@ Object.extend(String.prototype, (function() {
   }
 
   function stripTags() {
-    return this.replace(/<\w+(\s+("[^"]*"|'[^']*'|[^>])+)?(\/)?>|<\/\w+>/gi, '');
+    return this.replace(/<\w+(\s+("[^"]*"|'[^']*'|[^>])+)?>|<\/\w+>/gi, '');
   }
 
   function stripScripts() {
@@ -660,7 +632,7 @@ Object.extend(String.prototype, (function() {
   }
 
   function evalScripts() {
-    return this.extractScripts().map(function(script) { return eval(script); });
+    return this.extractScripts().map(function(script) { return eval(script) });
   }
 
   function escapeHTML() {
@@ -681,10 +653,7 @@ Object.extend(String.prototype, (function() {
         var key = decodeURIComponent(pair.shift()),
             value = pair.length > 1 ? pair.join('=') : pair[0];
 
-        if (value != undefined) {
-          value = value.gsub('+', ' ');
-          value = decodeURIComponent(value);
-        }
+        if (value != undefined) value = decodeURIComponent(value);
 
         if (key in hash) {
           if (!Object.isArray(hash[key])) hash[key] = [hash[key]];
@@ -761,7 +730,7 @@ Object.extend(String.prototype, (function() {
 
   function evalJSON(sanitize) {
     var json = this.unfilterJSON(),
-        cx = /[\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff\u0000]/g;
+        cx = /[\u0000\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g;
     if (cx.test(json)) {
       json = json.replace(cx, function (a) {
         return '\\u' + ('0000' + a.charCodeAt(0).toString(16)).slice(-4);
@@ -782,17 +751,12 @@ Object.extend(String.prototype, (function() {
     return this.indexOf(pattern) > -1;
   }
 
-  function startsWith(pattern, position) {
-    position = Object.isNumber(position) ? position : 0;
-    return this.lastIndexOf(pattern, position) === position;
+  function startsWith(pattern) {
+    return this.lastIndexOf(pattern, 0) === 0;
   }
 
-  function endsWith(pattern, position) {
-    pattern = String(pattern);
-    position = Object.isNumber(position) ? position : this.length;
-    if (position < 0) position = 0;
-    if (position > this.length) position = this.length;
-    var d = position - pattern.length;
+  function endsWith(pattern) {
+    var d = this.length - pattern.length;
     return d >= 0 && this.indexOf(pattern, d) === d;
   }
 
@@ -835,8 +799,8 @@ Object.extend(String.prototype, (function() {
     isJSON:         isJSON,
     evalJSON:       NATIVE_JSON_PARSE_SUPPORT ? parseJSON : evalJSON,
     include:        include,
-    startsWith:     String.prototype.startsWith || startsWith,
-    endsWith:       String.prototype.endsWith || endsWith,
+    startsWith:     startsWith,
+    endsWith:       endsWith,
     empty:          empty,
     blank:          blank,
     interpolate:    interpolate
@@ -883,8 +847,11 @@ var $break = { };
 
 var Enumerable = (function() {
   function each(iterator, context) {
+    var index = 0;
     try {
-      this._each(iterator, context);
+      this._each(function(value) {
+        iterator.call(context, value, index++);
+      });
     } catch (e) {
       if (e != $break) throw e;
     }
@@ -903,9 +870,9 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var result = true;
     this.each(function(value, index) {
-      result = result && !!iterator.call(context, value, index, this);
+      result = result && !!iterator.call(context, value, index);
       if (!result) throw $break;
-    }, this);
+    });
     return result;
   }
 
@@ -913,9 +880,9 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var result = false;
     this.each(function(value, index) {
-      if (result = !!iterator.call(context, value, index, this))
+      if (result = !!iterator.call(context, value, index))
         throw $break;
-    }, this);
+    });
     return result;
   }
 
@@ -923,28 +890,28 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var results = [];
     this.each(function(value, index) {
-      results.push(iterator.call(context, value, index, this));
-    }, this);
+      results.push(iterator.call(context, value, index));
+    });
     return results;
   }
 
   function detect(iterator, context) {
     var result;
     this.each(function(value, index) {
-      if (iterator.call(context, value, index, this)) {
+      if (iterator.call(context, value, index)) {
         result = value;
         throw $break;
       }
-    }, this);
+    });
     return result;
   }
 
   function findAll(iterator, context) {
     var results = [];
     this.each(function(value, index) {
-      if (iterator.call(context, value, index, this))
+      if (iterator.call(context, value, index))
         results.push(value);
-    }, this);
+    });
     return results;
   }
 
@@ -957,14 +924,14 @@ var Enumerable = (function() {
 
     this.each(function(value, index) {
       if (filter.match(value))
-        results.push(iterator.call(context, value, index, this));
-    }, this);
+        results.push(iterator.call(context, value, index));
+    });
     return results;
   }
 
   function include(object) {
-    if (Object.isFunction(this.indexOf) && this.indexOf(object) != -1)
-      return true;
+    if (Object.isFunction(this.indexOf))
+      if (this.indexOf(object) != -1) return true;
 
     var found = false;
     this.each(function(value) {
@@ -986,8 +953,8 @@ var Enumerable = (function() {
 
   function inject(memo, iterator, context) {
     this.each(function(value, index) {
-      memo = iterator.call(context, memo, value, index, this);
-    }, this);
+      memo = iterator.call(context, memo, value, index);
+    });
     return memo;
   }
 
@@ -1002,10 +969,10 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var result;
     this.each(function(value, index) {
-      value = iterator.call(context, value, index, this);
+      value = iterator.call(context, value, index);
       if (result == null || value >= result)
         result = value;
-    }, this);
+    });
     return result;
   }
 
@@ -1013,10 +980,10 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var result;
     this.each(function(value, index) {
-      value = iterator.call(context, value, index, this);
+      value = iterator.call(context, value, index);
       if (result == null || value < result)
         result = value;
-    }, this);
+    });
     return result;
   }
 
@@ -1024,9 +991,9 @@ var Enumerable = (function() {
     iterator = iterator || Prototype.K;
     var trues = [], falses = [];
     this.each(function(value, index) {
-      (iterator.call(context, value, index, this) ?
+      (iterator.call(context, value, index) ?
         trues : falses).push(value);
-    }, this);
+    });
     return [trues, falses];
   }
 
@@ -1041,9 +1008,9 @@ var Enumerable = (function() {
   function reject(iterator, context) {
     var results = [];
     this.each(function(value, index) {
-      if (!iterator.call(context, value, index, this))
+      if (!iterator.call(context, value, index))
         results.push(value);
-    }, this);
+    });
     return results;
   }
 
@@ -1051,9 +1018,9 @@ var Enumerable = (function() {
     return this.map(function(value, index) {
       return {
         value: value,
-        criteria: iterator.call(context, value, index, this)
+        criteria: iterator.call(context, value, index)
       };
-    }, this).sort(function(left, right) {
+    }).sort(function(left, right) {
       var a = left.criteria, b = right.criteria;
       return a < b ? -1 : a > b ? 1 : 0;
     }).pluck('value');
@@ -1203,7 +1170,7 @@ Array.from = $A;
 
   function intersect(array) {
     return this.uniq().findAll(function(item) {
-      return array.indexOf(item) !== -1;
+      return array.detect(function(value) { return item === value });
     });
   }
 
@@ -1230,190 +1197,41 @@ Array.from = $A;
   }
 
   function indexOf(item, i) {
-    if (this == null) throw new TypeError();
-
-    var array = Object(this), length = array.length >>> 0;
-    if (length === 0) return -1;
-
-    i = Number(i);
-    if (isNaN(i)) {
-      i = 0;
-    } else if (i !== 0 && isFinite(i)) {
-      i = (i > 0 ? 1 : -1) * Math.floor(Math.abs(i));
-    }
-
-    if (i > length) return -1;
-
-    var k = i >= 0 ? i : Math.max(length - Math.abs(i), 0);
-    for (; k < length; k++)
-      if (k in array && array[k] === item) return k;
+    i || (i = 0);
+    var length = this.length;
+    if (i < 0) i = length + i;
+    for (; i < length; i++)
+      if (this[i] === item) return i;
     return -1;
   }
 
-
   function lastIndexOf(item, i) {
-    if (this == null) throw new TypeError();
-
-    var array = Object(this), length = array.length >>> 0;
-    if (length === 0) return -1;
-
-    if (!Object.isUndefined(i)) {
-      i = Number(i);
-      if (isNaN(i)) {
-        i = 0;
-      } else if (i !== 0 && isFinite(i)) {
-        i = (i > 0 ? 1 : -1) * Math.floor(Math.abs(i));
-      }
-    } else {
-      i = length;
-    }
-
-    var k = i >= 0 ? Math.min(i, length - 1) :
-     length - Math.abs(i);
-
-    for (; k >= 0; k--)
-      if (k in array && array[k] === item) return k;
-    return -1;
+    i = isNaN(i) ? this.length : (i < 0 ? this.length + i : i) + 1;
+    var n = this.slice(0, i).reverse().indexOf(item);
+    return (n < 0) ? n : i - n - 1;
   }
 
-  function concat(_) {
-    var array = [], items = slice.call(arguments, 0), item, n = 0;
-    items.unshift(this);
-    for (var i = 0, length = items.length; i < length; i++) {
-      item = items[i];
+  function concat() {
+    var array = slice.call(this, 0), item;
+    for (var i = 0, length = arguments.length; i < length; i++) {
+      item = arguments[i];
       if (Object.isArray(item) && !('callee' in item)) {
-        for (var j = 0, arrayLength = item.length; j < arrayLength; j++) {
-          if (j in item) array[n] = item[j];
-          n++;
-        }
+        for (var j = 0, arrayLength = item.length; j < arrayLength; j++)
+          array.push(item[j]);
       } else {
-        array[n++] = item;
+        array.push(item);
       }
     }
-    array.length = n;
     return array;
   }
 
-
-  function wrapNative(method) {
-    return function() {
-      if (arguments.length === 0) {
-        return method.call(this, Prototype.K);
-      } else if (arguments[0] === undefined) {
-        var args = slice.call(arguments, 1);
-        args.unshift(Prototype.K);
-        return method.apply(this, args);
-      } else {
-        return method.apply(this, arguments);
-      }
-    };
-  }
-
-
-  function map(iterator) {
-    if (this == null) throw new TypeError();
-    iterator = iterator || Prototype.K;
-
-    var object = Object(this);
-    var results = [], context = arguments[1], n = 0;
-
-    for (var i = 0, length = object.length >>> 0; i < length; i++) {
-      if (i in object) {
-        results[n] = iterator.call(context, object[i], i, object);
-      }
-      n++;
-    }
-    results.length = n;
-    return results;
-  }
-
-  if (arrayProto.map) {
-    map = wrapNative(Array.prototype.map);
-  }
-
-  function filter(iterator) {
-    if (this == null || !Object.isFunction(iterator))
-      throw new TypeError();
-
-    var object = Object(this);
-    var results = [], context = arguments[1], value;
-
-    for (var i = 0, length = object.length >>> 0; i < length; i++) {
-      if (i in object) {
-        value = object[i];
-        if (iterator.call(context, value, i, object)) {
-          results.push(value);
-        }
-      }
-    }
-    return results;
-  }
-
-  if (arrayProto.filter) {
-    filter = Array.prototype.filter;
-  }
-
-  function some(iterator) {
-    if (this == null) throw new TypeError();
-    iterator = iterator || Prototype.K;
-    var context = arguments[1];
-
-    var object = Object(this);
-    for (var i = 0, length = object.length >>> 0; i < length; i++) {
-      if (i in object && iterator.call(context, object[i], i, object)) {
-        return true;
-      }
-    }
-
-    return false;
-  }
-
-  if (arrayProto.some) {
-    some = wrapNative(Array.prototype.some);
-  }
-
-  function every(iterator) {
-    if (this == null) throw new TypeError();
-    iterator = iterator || Prototype.K;
-    var context = arguments[1];
-
-    var object = Object(this);
-    for (var i = 0, length = object.length >>> 0; i < length; i++) {
-      if (i in object && !iterator.call(context, object[i], i, object)) {
-        return false;
-      }
-    }
-
-    return true;
-  }
-
-  if (arrayProto.every) {
-    every = wrapNative(Array.prototype.every);
-  }
-
-
   Object.extend(arrayProto, Enumerable);
 
-  if (arrayProto.entries === Enumerable.entries) {
-    delete arrayProto.entries;
-  }
-
   if (!arrayProto._reverse)
     arrayProto._reverse = arrayProto.reverse;
 
   Object.extend(arrayProto, {
     _each:     _each,
-
-    map:       map,
-    collect:   map,
-    select:    filter,
-    filter:    filter,
-    findAll:   filter,
-    some:      some,
-    any:       some,
-    every:     every,
-    all:       every,
-
     clear:     clear,
     first:     first,
     last:      last,
@@ -1432,7 +1250,7 @@ Array.from = $A;
 
   var CONCAT_ARGUMENTS_BUGGY = (function() {
     return [].concat(arguments)[0][0] !== 1;
-  })(1,2);
+  })(1,2)
 
   if (CONCAT_ARGUMENTS_BUGGY) arrayProto.concat = concat;
 
@@ -1449,14 +1267,12 @@ var Hash = Class.create(Enumerable, (function() {
   }
 
 
-  function _each(iterator, context) {
-    var i = 0;
+  function _each(iterator) {
     for (var key in this._object) {
       var value = this._object[key], pair = [key, value];
       pair.key = key;
       pair.value = value;
-      iterator.call(context, pair, i);
-      i++;
+      iterator(pair);
     }
   }
 
@@ -1509,13 +1325,7 @@ var Hash = Class.create(Enumerable, (function() {
 
   function toQueryPair(key, value) {
     if (Object.isUndefined(value)) return key;
-
-    value = String.interpret(value);
-
-    value = value.gsub(/(\r)?\n/, '\r\n');
-    value = encodeURIComponent(value);
-    value = value.gsub(/%20/, '+');
-    return key + '=' + value;
+    return key + '=' + encodeURIComponent(String.interpret(value));
   }
 
   function toQueryString() {
@@ -1634,10 +1444,10 @@ var ObjectRange = Class.create(Enumerable, (function() {
     this.exclusive = exclusive;
   }
 
-  function _each(iterator, context) {
-    var value = this.start, i;
-    for (i = 0; this.include(value); i++) {
-      iterator.call(context, value, i);
+  function _each(iterator) {
+    var value = this.start;
+    while (this.include(value)) {
+      iterator(value);
       value = value.succ();
     }
   }
@@ -1659,25 +1469,6 @@ var ObjectRange = Class.create(Enumerable, (function() {
 
 
 
-var Abstract = { };
-
-
-var Try = {
-  these: function() {
-    var returnValue;
-
-    for (var i = 0, length = arguments.length; i < length; i++) {
-      var lambda = arguments[i];
-      try {
-        returnValue = lambda();
-        break;
-      } catch (e) { }
-    }
-
-    return returnValue;
-  }
-};
-
 var Ajax = {
   getTransport: function() {
     return Try.these(
@@ -1693,8 +1484,8 @@ var Ajax = {
 Ajax.Responders = {
   responders: [],
 
-  _each: function(iterator, context) {
-    this.responders._each(iterator, context);
+  _each: function(iterator) {
+    this.responders._each(iterator);
   },
 
   register: function(responder) {
@@ -1840,8 +1631,7 @@ Ajax.Request = Class.create(Ajax.Base, {
     }
 
     for (var name in headers)
-      if (headers[name] != null)
-        this.transport.setRequestHeader(name, headers[name]);
+      this.transport.setRequestHeader(name, headers[name]);
   },
 
   success: function() {
@@ -1978,12 +1768,7 @@ Ajax.Response = Class.create({
   _getHeaderJSON: function() {
     var json = this.getHeader('X-JSON');
     if (!json) return null;
-
-    try {
-      json = decodeURIComponent(escape(json));
-    } catch(e) {
-    }
-
+    json = decodeURIComponent(escape(json));
     try {
       return json.evalJSON(this.request.options.sanitizeJSON ||
         !this.request.isSameOrigin());
@@ -2084,51 +1869,54 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
   }
 });
 
-(function(GLOBAL) {
-
-  var UNDEFINED;
-  var SLICE = Array.prototype.slice;
-
-  var DIV = document.createElement('div');
 
-
-  function $(element) {
-    if (arguments.length > 1) {
-      for (var i = 0, elements = [], length = arguments.length; i < length; i++)
-        elements.push($(arguments[i]));
-      return elements;
-    }
-
-    if (Object.isString(element))
-      element = document.getElementById(element);
-    return Element.extend(element);
+function $(element) {
+  if (arguments.length > 1) {
+    for (var i = 0, elements = [], length = arguments.length; i < length; i++)
+      elements.push($(arguments[i]));
+    return elements;
   }
+  if (Object.isString(element))
+    element = document.getElementById(element);
+  return Element.extend(element);
+}
 
-  GLOBAL.$ = $;
+if (Prototype.BrowserFeatures.XPath) {
+  document._getElementsByXPath = function(expression, parentElement) {
+    var results = [];
+    var query = document.evaluate(expression, $(parentElement) || document,
+      null, XPathResult.ORDERED_NODE_SNAPSHOT_TYPE, null);
+    for (var i = 0, length = query.snapshotLength; i < length; i++)
+      results.push(Element.extend(query.snapshotItem(i)));
+    return results;
+  };
+}
 
+/*--------------------------------------------------------------------------*/
 
-  if (!GLOBAL.Node) GLOBAL.Node = {};
+if (!Node) var Node = { };
+
+if (!Node.ELEMENT_NODE) {
+  Object.extend(Node, {
+    ELEMENT_NODE: 1,
+    ATTRIBUTE_NODE: 2,
+    TEXT_NODE: 3,
+    CDATA_SECTION_NODE: 4,
+    ENTITY_REFERENCE_NODE: 5,
+    ENTITY_NODE: 6,
+    PROCESSING_INSTRUCTION_NODE: 7,
+    COMMENT_NODE: 8,
+    DOCUMENT_NODE: 9,
+    DOCUMENT_TYPE_NODE: 10,
+    DOCUMENT_FRAGMENT_NODE: 11,
+    NOTATION_NODE: 12
+  });
+}
 
-  if (!GLOBAL.Node.ELEMENT_NODE) {
-    Object.extend(GLOBAL.Node, {
-      ELEMENT_NODE:                1,
-      ATTRIBUTE_NODE:              2,
-      TEXT_NODE:                   3,
-      CDATA_SECTION_NODE:          4,
-      ENTITY_REFERENCE_NODE:       5,
-      ENTITY_NODE:                 6,
-      PROCESSING_INSTRUCTION_NODE: 7,
-      COMMENT_NODE:                8,
-      DOCUMENT_NODE:               9,
-      DOCUMENT_TYPE_NODE:         10,
-      DOCUMENT_FRAGMENT_NODE:     11,
-      NOTATION_NODE:              12
-    });
-  }
 
-  var ELEMENT_CACHE = {};
 
-  function shouldUseCreationCache(tagName, attributes) {
+(function(global) {
+  function shouldUseCache(tagName, attributes) {
     if (tagName === 'select') return false;
     if ('type' in attributes) return false;
     return true;
@@ -2138,11 +1926,12 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
     return false;
   })();
 
+  var element = global.Element;
 
-  var oldElement = GLOBAL.Element;
-  function Element(tagName, attributes) {
-    attributes = attributes || {};
+  global.Element = function(tagName, attributes) {
+    attributes = attributes || { };
     tagName = tagName.toLowerCase();
+    var cache = Element.cache;
 
     if (HAS_EXTENDED_CREATE_ELEMENT_SYNTAX && attributes.name) {
       tagName = '<' + tagName + ' name="' + attributes.name + '">';
@@ -2150,1212 +1939,1015 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
       return Element.writeAttribute(document.createElement(tagName), attributes);
     }
 
-    if (!ELEMENT_CACHE[tagName])
-      ELEMENT_CACHE[tagName] = Element.extend(document.createElement(tagName));
+    if (!cache[tagName]) cache[tagName] = Element.extend(document.createElement(tagName));
 
-    var node = shouldUseCreationCache(tagName, attributes) ?
-     ELEMENT_CACHE[tagName].cloneNode(false) : document.createElement(tagName);
+    var node = shouldUseCache(tagName, attributes) ?
+     cache[tagName].cloneNode(false) : document.createElement(tagName);
 
     return Element.writeAttribute(node, attributes);
-  }
-
-  GLOBAL.Element = Element;
-
-  Object.extend(GLOBAL.Element, oldElement || {});
-  if (oldElement) GLOBAL.Element.prototype = oldElement.prototype;
-
-  Element.Methods = { ByTag: {}, Simulated: {} };
+  };
 
-  var methods = {};
+  Object.extend(global.Element, element || { });
+  if (element) global.Element.prototype = element.prototype;
 
-  var INSPECT_ATTRIBUTES = { id: 'id', className: 'class' };
-  function inspect(element) {
-    element = $(element);
-    var result = '<' + element.tagName.toLowerCase();
+})(this);
 
-    var attribute, value;
-    for (var property in INSPECT_ATTRIBUTES) {
-      attribute = INSPECT_ATTRIBUTES[property];
-      value = (element[property] || '').toString();
-      if (value) result += ' ' + attribute + '=' + value.inspect(true);
-    }
+Element.idCounter = 1;
+Element.cache = { };
 
-    return result + '>';
+Element._purgeElement = function(element) {
+  var uid = element._prototypeUID;
+  if (uid) {
+    Element.stopObserving(element);
+    element._prototypeUID = void 0;
+    delete Element.Storage[uid];
   }
+}
 
-  methods.inspect = inspect;
-
-
-  function visible(element) {
-    return $(element).getStyle('display') !== 'none';
-  }
+Element.Methods = {
+  visible: function(element) {
+    return $(element).style.display != 'none';
+  },
 
-  function toggle(element, bool) {
+  toggle: function(element) {
     element = $(element);
-    if (typeof bool !== 'boolean')
-      bool = !Element.visible(element);
-    Element[bool ? 'show' : 'hide'](element);
-
+    Element[Element.visible(element) ? 'hide' : 'show'](element);
     return element;
-  }
+  },
 
-  function hide(element) {
+  hide: function(element) {
     element = $(element);
     element.style.display = 'none';
     return element;
-  }
+  },
 
-  function show(element) {
+  show: function(element) {
     element = $(element);
     element.style.display = '';
     return element;
-  }
-
-
-  Object.extend(methods, {
-    visible: visible,
-    toggle:  toggle,
-    hide:    hide,
-    show:    show
-  });
-
+  },
 
-  function remove(element) {
+  remove: function(element) {
     element = $(element);
     element.parentNode.removeChild(element);
     return element;
-  }
+  },
 
-  var SELECT_ELEMENT_INNERHTML_BUGGY = (function(){
-    var el = document.createElement("select"),
-        isBuggy = true;
-    el.innerHTML = "<option value=\"test\">test</option>";
-    if (el.options && el.options[0]) {
-      isBuggy = el.options[0].nodeName.toUpperCase() !== "OPTION";
-    }
-    el = null;
-    return isBuggy;
-  })();
+  update: (function(){
 
-  var TABLE_ELEMENT_INNERHTML_BUGGY = (function(){
-    try {
-      var el = document.createElement("table");
-      if (el && el.tBodies) {
-        el.innerHTML = "<tbody><tr><td>test</td></tr></tbody>";
-        var isBuggy = typeof el.tBodies[0] == "undefined";
-        el = null;
-        return isBuggy;
+    var SELECT_ELEMENT_INNERHTML_BUGGY = (function(){
+      var el = document.createElement("select"),
+          isBuggy = true;
+      el.innerHTML = "<option value=\"test\">test</option>";
+      if (el.options && el.options[0]) {
+        isBuggy = el.options[0].nodeName.toUpperCase() !== "OPTION";
       }
-    } catch (e) {
-      return true;
-    }
-  })();
-
-  var LINK_ELEMENT_INNERHTML_BUGGY = (function() {
-    try {
-      var el = document.createElement('div');
-      el.innerHTML = "<link />";
-      var isBuggy = (el.childNodes.length === 0);
       el = null;
       return isBuggy;
-    } catch(e) {
-      return true;
-    }
-  })();
+    })();
 
-  var ANY_INNERHTML_BUGGY = SELECT_ELEMENT_INNERHTML_BUGGY ||
-   TABLE_ELEMENT_INNERHTML_BUGGY || LINK_ELEMENT_INNERHTML_BUGGY;
+    var TABLE_ELEMENT_INNERHTML_BUGGY = (function(){
+      try {
+        var el = document.createElement("table");
+        if (el && el.tBodies) {
+          el.innerHTML = "<tbody><tr><td>test</td></tr></tbody>";
+          var isBuggy = typeof el.tBodies[0] == "undefined";
+          el = null;
+          return isBuggy;
+        }
+      } catch (e) {
+        return true;
+      }
+    })();
 
-  var SCRIPT_ELEMENT_REJECTS_TEXTNODE_APPENDING = (function () {
-    var s = document.createElement("script"),
-        isBuggy = false;
-    try {
-      s.appendChild(document.createTextNode(""));
-      isBuggy = !s.firstChild ||
-        s.firstChild && s.firstChild.nodeType !== 3;
-    } catch (e) {
-      isBuggy = true;
-    }
-    s = null;
-    return isBuggy;
-  })();
+    var LINK_ELEMENT_INNERHTML_BUGGY = (function() {
+      try {
+        var el = document.createElement('div');
+        el.innerHTML = "<link>";
+        var isBuggy = (el.childNodes.length === 0);
+        el = null;
+        return isBuggy;
+      } catch(e) {
+        return true;
+      }
+    })();
 
-  function update(element, content) {
-    element = $(element);
+    var ANY_INNERHTML_BUGGY = SELECT_ELEMENT_INNERHTML_BUGGY ||
+     TABLE_ELEMENT_INNERHTML_BUGGY || LINK_ELEMENT_INNERHTML_BUGGY;
 
-    var descendants = element.getElementsByTagName('*'),
-     i = descendants.length;
-    while (i--) purgeElement(descendants[i]);
+    var SCRIPT_ELEMENT_REJECTS_TEXTNODE_APPENDING = (function () {
+      var s = document.createElement("script"),
+          isBuggy = false;
+      try {
+        s.appendChild(document.createTextNode(""));
+        isBuggy = !s.firstChild ||
+          s.firstChild && s.firstChild.nodeType !== 3;
+      } catch (e) {
+        isBuggy = true;
+      }
+      s = null;
+      return isBuggy;
+    })();
 
-    if (content && content.toElement)
-      content = content.toElement();
 
-    if (Object.isElement(content))
-      return element.update().insert(content);
+    function update(element, content) {
+      element = $(element);
+      var purgeElement = Element._purgeElement;
 
+      var descendants = element.getElementsByTagName('*'),
+       i = descendants.length;
+      while (i--) purgeElement(descendants[i]);
 
-    content = Object.toHTML(content);
-    var tagName = element.tagName.toUpperCase();
+      if (content && content.toElement)
+        content = content.toElement();
 
-    if (tagName === 'SCRIPT' && SCRIPT_ELEMENT_REJECTS_TEXTNODE_APPENDING) {
-      element.text = content;
-      return element;
-    }
+      if (Object.isElement(content))
+        return element.update().insert(content);
 
-    if (ANY_INNERHTML_BUGGY) {
-      if (tagName in INSERTION_TRANSLATIONS.tags) {
-        while (element.firstChild)
-          element.removeChild(element.firstChild);
+      content = Object.toHTML(content);
 
-        var nodes = getContentFromAnonymousElement(tagName, content.stripScripts());
-        for (var i = 0, node; node = nodes[i]; i++)
-          element.appendChild(node);
+      var tagName = element.tagName.toUpperCase();
 
-      } else if (LINK_ELEMENT_INNERHTML_BUGGY && Object.isString(content) && content.indexOf('<link') > -1) {
-        while (element.firstChild)
-          element.removeChild(element.firstChild);
-
-        var nodes = getContentFromAnonymousElement(tagName,
-         content.stripScripts(), true);
+      if (tagName === 'SCRIPT' && SCRIPT_ELEMENT_REJECTS_TEXTNODE_APPENDING) {
+        element.text = content;
+        return element;
+      }
 
-        for (var i = 0, node; node = nodes[i]; i++)
-          element.appendChild(node);
-      } else {
+      if (ANY_INNERHTML_BUGGY) {
+        if (tagName in Element._insertionTranslations.tags) {
+          while (element.firstChild) {
+            element.removeChild(element.firstChild);
+          }
+          Element._getContentFromAnonymousElement(tagName, content.stripScripts())
+            .each(function(node) {
+              element.appendChild(node)
+            });
+        } else if (LINK_ELEMENT_INNERHTML_BUGGY && Object.isString(content) && content.indexOf('<link') > -1) {
+          while (element.firstChild) {
+            element.removeChild(element.firstChild);
+          }
+          var nodes = Element._getContentFromAnonymousElement(tagName, content.stripScripts(), true);
+          nodes.each(function(node) { element.appendChild(node) });
+        }
+        else {
+          element.innerHTML = content.stripScripts();
+        }
+      }
+      else {
         element.innerHTML = content.stripScripts();
       }
-    } else {
-      element.innerHTML = content.stripScripts();
+
+      content.evalScripts.bind(content).defer();
+      return element;
     }
 
-    content.evalScripts.bind(content).defer();
-    return element;
-  }
+    return update;
+  })(),
 
-  function replace(element, content) {
+  replace: function(element, content) {
     element = $(element);
-
-    if (content && content.toElement) {
-      content = content.toElement();
-    } else if (!Object.isElement(content)) {
+    if (content && content.toElement) content = content.toElement();
+    else if (!Object.isElement(content)) {
       content = Object.toHTML(content);
       var range = element.ownerDocument.createRange();
       range.selectNode(element);
       content.evalScripts.bind(content).defer();
       content = range.createContextualFragment(content.stripScripts());
     }
-
     element.parentNode.replaceChild(content, element);
     return element;
-  }
-
-  var INSERTION_TRANSLATIONS = {
-    before: function(element, node) {
-      element.parentNode.insertBefore(node, element);
-    },
-    top: function(element, node) {
-      element.insertBefore(node, element.firstChild);
-    },
-    bottom: function(element, node) {
-      element.appendChild(node);
-    },
-    after: function(element, node) {
-      element.parentNode.insertBefore(node, element.nextSibling);
-    },
-
-    tags: {
-      TABLE:  ['<table>',                '</table>',                   1],
-      TBODY:  ['<table><tbody>',         '</tbody></table>',           2],
-      TR:     ['<table><tbody><tr>',     '</tr></tbody></table>',      3],
-      TD:     ['<table><tbody><tr><td>', '</td></tr></tbody></table>', 4],
-      SELECT: ['<select>',               '</select>',                  1]
-    }
-  };
-
-  var tags = INSERTION_TRANSLATIONS.tags;
-
-  Object.extend(tags, {
-    THEAD: tags.TBODY,
-    TFOOT: tags.TBODY,
-    TH:    tags.TD
-  });
+  },
 
-  function replace_IE(element, content) {
+  insert: function(element, insertions) {
     element = $(element);
-    if (content && content.toElement)
-      content = content.toElement();
-    if (Object.isElement(content)) {
-      element.parentNode.replaceChild(content, element);
-      return element;
-    }
-
-    content = Object.toHTML(content);
-    var parent = element.parentNode, tagName = parent.tagName.toUpperCase();
 
-    if (tagName in INSERTION_TRANSLATIONS.tags) {
-      var nextSibling = Element.next(element);
-      var fragments = getContentFromAnonymousElement(
-       tagName, content.stripScripts());
-
-      parent.removeChild(element);
-
-      var iterator;
-      if (nextSibling)
-        iterator = function(node) { parent.insertBefore(node, nextSibling) };
-      else
-        iterator = function(node) { parent.appendChild(node); }
+    if (Object.isString(insertions) || Object.isNumber(insertions) ||
+        Object.isElement(insertions) || (insertions && (insertions.toElement || insertions.toHTML)))
+          insertions = {bottom:insertions};
 
-      fragments.each(iterator);
-    } else {
-      element.outerHTML = content.stripScripts();
-    }
+    var content, insert, tagName, childNodes;
 
-    content.evalScripts.bind(content).defer();
-    return element;
-  }
+    for (var position in insertions) {
+      content  = insertions[position];
+      position = position.toLowerCase();
+      insert = Element._insertionTranslations[position];
 
-  if ('outerHTML' in document.documentElement)
-    replace = replace_IE;
+      if (content && content.toElement) content = content.toElement();
+      if (Object.isElement(content)) {
+        insert(element, content);
+        continue;
+      }
 
-  function isContent(content) {
-    if (Object.isUndefined(content) || content === null) return false;
+      content = Object.toHTML(content);
 
-    if (Object.isString(content) || Object.isNumber(content)) return true;
-    if (Object.isElement(content)) return true;
-    if (content.toElement || content.toHTML) return true;
+      tagName = ((position == 'before' || position == 'after')
+        ? element.parentNode : element).tagName.toUpperCase();
 
-    return false;
-  }
+      childNodes = Element._getContentFromAnonymousElement(tagName, content.stripScripts());
 
-  function insertContentAt(element, content, position) {
-    position   = position.toLowerCase();
-    var method = INSERTION_TRANSLATIONS[position];
+      if (position == 'top' || position == 'after') childNodes.reverse();
+      childNodes.each(insert.curry(element));
 
-    if (content && content.toElement) content = content.toElement();
-    if (Object.isElement(content)) {
-      method(element, content);
-      return element;
+      content.evalScripts.bind(content).defer();
     }
 
-    content = Object.toHTML(content);
-    var tagName = ((position === 'before' || position === 'after') ?
-     element.parentNode : element).tagName.toUpperCase();
-
-    var childNodes = getContentFromAnonymousElement(tagName, content.stripScripts());
-
-    if (position === 'top' || position === 'after') childNodes.reverse();
-
-    for (var i = 0, node; node = childNodes[i]; i++)
-      method(element, node);
-
-    content.evalScripts.bind(content).defer();
-  }
-
-  function insert(element, insertions) {
-    element = $(element);
-
-    if (isContent(insertions))
-      insertions = { bottom: insertions };
-
-    for (var position in insertions)
-      insertContentAt(element, insertions[position], position);
-
     return element;
-  }
+  },
 
-  function wrap(element, wrapper, attributes) {
+  wrap: function(element, wrapper, attributes) {
     element = $(element);
-
-    if (Object.isElement(wrapper)) {
-      $(wrapper).writeAttribute(attributes || {});
-    } else if (Object.isString(wrapper)) {
-      wrapper = new Element(wrapper, attributes);
-    } else {
-      wrapper = new Element('div', wrapper);
-    }
-
+    if (Object.isElement(wrapper))
+      $(wrapper).writeAttribute(attributes || { });
+    else if (Object.isString(wrapper)) wrapper = new Element(wrapper, attributes);
+    else wrapper = new Element('div', wrapper);
     if (element.parentNode)
       element.parentNode.replaceChild(wrapper, element);
-
     wrapper.appendChild(element);
-
     return wrapper;
-  }
+  },
 
-  function cleanWhitespace(element) {
+  inspect: function(element) {
     element = $(element);
-    var node = element.firstChild;
-
-    while (node) {
-      var nextNode = node.nextSibling;
-      if (node.nodeType === Node.TEXT_NODE && !/\S/.test(node.nodeValue))
-        element.removeChild(node);
-      node = nextNode;
-    }
-    return element;
-  }
-
-  function empty(element) {
-    return $(element).innerHTML.blank();
-  }
-
-  function getContentFromAnonymousElement(tagName, html, force) {
-    var t = INSERTION_TRANSLATIONS.tags[tagName], div = DIV;
-
-    var workaround = !!t;
-    if (!workaround && force) {
-      workaround = true;
-      t = ['', '', 0];
-    }
-
-    if (workaround) {
-      div.innerHTML = '&#160;' + t[0] + html + t[1];
-      div.removeChild(div.firstChild);
-      for (var i = t[2]; i--; )
-        div = div.firstChild;
-    } else {
-      div.innerHTML = html;
-    }
-
-    return $A(div.childNodes);
-  }
-
-  function clone(element, deep) {
-    if (!(element = $(element))) return;
-    var clone = element.cloneNode(deep);
-    if (!HAS_UNIQUE_ID_PROPERTY) {
-      clone._prototypeUID = UNDEFINED;
-      if (deep) {
-        var descendants = Element.select(clone, '*'),
-         i = descendants.length;
-        while (i--)
-          descendants[i]._prototypeUID = UNDEFINED;
-      }
-    }
-    return Element.extend(clone);
-  }
-
-  function purgeElement(element) {
-    var uid = getUniqueElementID(element);
-    if (uid) {
-      Element.stopObserving(element);
-      if (!HAS_UNIQUE_ID_PROPERTY)
-        element._prototypeUID = UNDEFINED;
-      delete Element.Storage[uid];
-    }
-  }
-
-  function purgeCollection(elements) {
-    var i = elements.length;
-    while (i--)
-      purgeElement(elements[i]);
-  }
-
-  function purgeCollection_IE(elements) {
-    var i = elements.length, element, uid;
-    while (i--) {
-      element = elements[i];
-      uid = getUniqueElementID(element);
-      delete Element.Storage[uid];
-      delete Event.cache[uid];
-    }
-  }
-
-  if (HAS_UNIQUE_ID_PROPERTY) {
-    purgeCollection = purgeCollection_IE;
-  }
-
-
-  function purge(element) {
-    if (!(element = $(element))) return;
-    purgeElement(element);
-
-    var descendants = element.getElementsByTagName('*'),
-     i = descendants.length;
-
-    while (i--) purgeElement(descendants[i]);
-
-    return null;
-  }
-
-  Object.extend(methods, {
-    remove:  remove,
-    update:  update,
-    replace: replace,
-    insert:  insert,
-    wrap:    wrap,
-    cleanWhitespace: cleanWhitespace,
-    empty:   empty,
-    clone:   clone,
-    purge:   purge
-  });
-
-
+    var result = '<' + element.tagName.toLowerCase();
+    $H({'id': 'id', 'className': 'class'}).each(function(pair) {
+      var property = pair.first(),
+          attribute = pair.last(),
+          value = (element[property] || '').toString();
+      if (value) result += ' ' + attribute + '=' + value.inspect(true);
+    });
+    return result + '>';
+  },
 
-  function recursivelyCollect(element, property, maximumLength) {
+  recursivelyCollect: function(element, property, maximumLength) {
     element = $(element);
     maximumLength = maximumLength || -1;
     var elements = [];
 
     while (element = element[property]) {
-      if (element.nodeType === Node.ELEMENT_NODE)
+      if (element.nodeType == 1)
         elements.push(Element.extend(element));
-
-      if (elements.length === maximumLength) break;
+      if (elements.length == maximumLength)
+        break;
     }
 
     return elements;
-  }
-
+  },
 
-  function ancestors(element) {
-    return recursivelyCollect(element, 'parentNode');
-  }
+  ancestors: function(element) {
+    return Element.recursivelyCollect(element, 'parentNode');
+  },
 
-  function descendants(element) {
-    return Element.select(element, '*');
-  }
+  descendants: function(element) {
+    return Element.select(element, "*");
+  },
 
-  function firstDescendant(element) {
+  firstDescendant: function(element) {
     element = $(element).firstChild;
-    while (element && element.nodeType !== Node.ELEMENT_NODE)
-      element = element.nextSibling;
-
+    while (element && element.nodeType != 1) element = element.nextSibling;
     return $(element);
-  }
+  },
 
-  function immediateDescendants(element) {
+  immediateDescendants: function(element) {
     var results = [], child = $(element).firstChild;
-
     while (child) {
-      if (child.nodeType === Node.ELEMENT_NODE)
+      if (child.nodeType === 1) {
         results.push(Element.extend(child));
-
+      }
       child = child.nextSibling;
     }
-
     return results;
-  }
+  },
 
-  function previousSiblings(element) {
-    return recursivelyCollect(element, 'previousSibling');
-  }
+  previousSiblings: function(element, maximumLength) {
+    return Element.recursivelyCollect(element, 'previousSibling');
+  },
 
-  function nextSiblings(element) {
-    return recursivelyCollect(element, 'nextSibling');
-  }
+  nextSiblings: function(element) {
+    return Element.recursivelyCollect(element, 'nextSibling');
+  },
 
-  function siblings(element) {
+  siblings: function(element) {
     element = $(element);
-    var previous = previousSiblings(element),
-     next = nextSiblings(element);
-    return previous.reverse().concat(next);
-  }
+    return Element.previousSiblings(element).reverse()
+      .concat(Element.nextSiblings(element));
+  },
 
-  function match(element, selector) {
+  match: function(element, selector) {
     element = $(element);
-
     if (Object.isString(selector))
       return Prototype.Selector.match(element, selector);
-
     return selector.match(element);
-  }
+  },
 
+  up: function(element, expression, index) {
+    element = $(element);
+    if (arguments.length == 1) return $(element.parentNode);
+    var ancestors = Element.ancestors(element);
+    return Object.isNumber(expression) ? ancestors[expression] :
+      Prototype.Selector.find(ancestors, expression, index);
+  },
 
-  function _recursivelyFind(element, property, expression, index) {
-    element = $(element), expression = expression || 0, index = index || 0;
-    if (Object.isNumber(expression)) {
-      index = expression, expression = null;
-    }
+  down: function(element, expression, index) {
+    element = $(element);
+    if (arguments.length == 1) return Element.firstDescendant(element);
+    return Object.isNumber(expression) ? Element.descendants(element)[expression] :
+      Element.select(element, expression)[index || 0];
+  },
 
-    while (element = element[property]) {
-      if (element.nodeType !== 1) continue;
-      if (expression && !Prototype.Selector.match(element, expression))
-        continue;
-      if (--index >= 0) continue;
+  previous: function(element, expression, index) {
+    element = $(element);
+    if (Object.isNumber(expression)) index = expression, expression = false;
+    if (!Object.isNumber(index)) index = 0;
 
-      return Element.extend(element);
+    if (expression) {
+      return Prototype.Selector.find(element.previousSiblings(), expression, index);
+    } else {
+      return element.recursivelyCollect("previousSibling", index + 1)[index];
     }
-  }
-
+  },
 
-  function up(element, expression, index) {
+  next: function(element, expression, index) {
     element = $(element);
+    if (Object.isNumber(expression)) index = expression, expression = false;
+    if (!Object.isNumber(index)) index = 0;
 
-    if (arguments.length === 1) return $(element.parentNode);
-    return _recursivelyFind(element, 'parentNode', expression, index);
-  }
-
-  function down(element, expression, index) {
-    if (arguments.length === 1) return firstDescendant(element);
-    element = $(element), expression = expression || 0, index = index || 0;
-
-    if (Object.isNumber(expression))
-      index = expression, expression = '*';
-
-    var node = Prototype.Selector.select(expression, element)[index];
-    return Element.extend(node);
-  }
-
-  function previous(element, expression, index) {
-    return _recursivelyFind(element, 'previousSibling', expression, index);
-  }
+    if (expression) {
+      return Prototype.Selector.find(element.nextSiblings(), expression, index);
+    } else {
+      var maximumLength = Object.isNumber(index) ? index + 1 : 1;
+      return element.recursivelyCollect("nextSibling", index + 1)[index];
+    }
+  },
 
-  function next(element, expression, index) {
-    return _recursivelyFind(element, 'nextSibling', expression, index);
-  }
 
-  function select(element) {
+  select: function(element) {
     element = $(element);
-    var expressions = SLICE.call(arguments, 1).join(', ');
+    var expressions = Array.prototype.slice.call(arguments, 1).join(', ');
     return Prototype.Selector.select(expressions, element);
-  }
+  },
 
-  function adjacent(element) {
+  adjacent: function(element) {
     element = $(element);
-    var expressions = SLICE.call(arguments, 1).join(', ');
-    var siblings = Element.siblings(element), results = [];
-    for (var i = 0, sibling; sibling = siblings[i]; i++) {
-      if (Prototype.Selector.match(sibling, expressions))
-        results.push(sibling);
-    }
-
-    return results;
-  }
-
-  function descendantOf_DOM(element, ancestor) {
-    element = $(element), ancestor = $(ancestor);
-    if (!element || !ancestor) return false;
-    while (element = element.parentNode)
-      if (element === ancestor) return true;
-    return false;
-  }
-
-  function descendantOf_contains(element, ancestor) {
-    element = $(element), ancestor = $(ancestor);
-    if (!element || !ancestor) return false;
-    if (!ancestor.contains) return descendantOf_DOM(element, ancestor);
-    return ancestor.contains(element) && ancestor !== element;
-  }
-
-  function descendantOf_compareDocumentPosition(element, ancestor) {
-    element = $(element), ancestor = $(ancestor);
-    if (!element || !ancestor) return false;
-    return (element.compareDocumentPosition(ancestor) & 8) === 8;
-  }
-
-  var descendantOf;
-  if (DIV.compareDocumentPosition) {
-    descendantOf = descendantOf_compareDocumentPosition;
-  } else if (DIV.contains) {
-    descendantOf = descendantOf_contains;
-  } else {
-    descendantOf = descendantOf_DOM;
-  }
-
-
-  Object.extend(methods, {
-    recursivelyCollect:   recursivelyCollect,
-    ancestors:            ancestors,
-    descendants:          descendants,
-    firstDescendant:      firstDescendant,
-    immediateDescendants: immediateDescendants,
-    previousSiblings:     previousSiblings,
-    nextSiblings:         nextSiblings,
-    siblings:             siblings,
-    match:                match,
-    up:                   up,
-    down:                 down,
-    previous:             previous,
-    next:                 next,
-    select:               select,
-    adjacent:             adjacent,
-    descendantOf:         descendantOf,
-
-    getElementsBySelector: select,
-
-    childElements:         immediateDescendants
-  });
-
+    var expressions = Array.prototype.slice.call(arguments, 1).join(', ');
+    return Prototype.Selector.select(expressions, element.parentNode).without(element);
+  },
 
-  var idCounter = 1;
-  function identify(element) {
+  identify: function(element) {
     element = $(element);
     var id = Element.readAttribute(element, 'id');
     if (id) return id;
-
-    do { id = 'anonymous_element_' + idCounter++ } while ($(id));
-
+    do { id = 'anonymous_element_' + Element.idCounter++ } while ($(id));
     Element.writeAttribute(element, 'id', id);
     return id;
-  }
-
-
-  function readAttribute(element, name) {
-    return $(element).getAttribute(name);
-  }
+  },
 
-  function readAttribute_IE(element, name) {
+  readAttribute: function(element, name) {
     element = $(element);
-
-    var table = ATTRIBUTE_TRANSLATIONS.read;
-    if (table.values[name])
-      return table.values[name](element, name);
-
-    if (table.names[name]) name = table.names[name];
-
-    if (name.include(':')) {
-      if (!element.attributes || !element.attributes[name]) return null;
-      return element.attributes[name].value;
+    if (Prototype.Browser.IE) {
+      var t = Element._attributeTranslations.read;
+      if (t.values[name]) return t.values[name](element, name);
+      if (t.names[name]) name = t.names[name];
+      if (name.include(':')) {
+        return (!element.attributes || !element.attributes[name]) ? null :
+         element.attributes[name].value;
+      }
     }
-
-    return element.getAttribute(name);
-  }
-
-  function readAttribute_Opera(element, name) {
-    if (name === 'title') return element.title;
     return element.getAttribute(name);
-  }
-
-  var PROBLEMATIC_ATTRIBUTE_READING = (function() {
-    DIV.setAttribute('onclick', []);
-    var value = DIV.getAttribute('onclick');
-    var isFunction = Object.isArray(value);
-    DIV.removeAttribute('onclick');
-    return isFunction;
-  })();
-
-  if (PROBLEMATIC_ATTRIBUTE_READING) {
-    readAttribute = readAttribute_IE;
-  } else if (Prototype.Browser.Opera) {
-    readAttribute = readAttribute_Opera;
-  }
-
+  },
 
-  function writeAttribute(element, name, value) {
+  writeAttribute: function(element, name, value) {
     element = $(element);
-    var attributes = {}, table = ATTRIBUTE_TRANSLATIONS.write;
+    var attributes = { }, t = Element._attributeTranslations.write;
 
-    if (typeof name === 'object') {
-      attributes = name;
-    } else {
-      attributes[name] = Object.isUndefined(value) ? true : value;
-    }
+    if (typeof name == 'object') attributes = name;
+    else attributes[name] = Object.isUndefined(value) ? true : value;
 
     for (var attr in attributes) {
-      name = table.names[attr] || attr;
+      name = t.names[attr] || attr;
       value = attributes[attr];
-      if (table.values[attr]) {
-        value = table.values[attr](element, value);
-        if (Object.isUndefined(value)) continue;
-      }
+      if (t.values[attr]) name = t.values[attr](element, value);
       if (value === false || value === null)
         element.removeAttribute(name);
       else if (value === true)
         element.setAttribute(name, name);
       else element.setAttribute(name, value);
     }
-
     return element;
-  }
+  },
 
-  var PROBLEMATIC_HAS_ATTRIBUTE_WITH_CHECKBOXES = (function () {
-    if (!HAS_EXTENDED_CREATE_ELEMENT_SYNTAX) {
-      return false;
-    }
-    var checkbox = document.createElement('<input type="checkbox">');
-    checkbox.checked = true;
-    var node = checkbox.getAttributeNode('checked');
-    return !node || !node.specified;
-  })();
+  getHeight: function(element) {
+    return Element.getDimensions(element).height;
+  },
 
-  function hasAttribute(element, attribute) {
-    attribute = ATTRIBUTE_TRANSLATIONS.has[attribute] || attribute;
-    var node = $(element).getAttributeNode(attribute);
-    return !!(node && node.specified);
-  }
-
-  function hasAttribute_IE(element, attribute) {
-    if (attribute === 'checked') {
-      return element.checked;
-    }
-    return hasAttribute(element, attribute);
-  }
-
-  GLOBAL.Element.Methods.Simulated.hasAttribute =
-   PROBLEMATIC_HAS_ATTRIBUTE_WITH_CHECKBOXES ?
-   hasAttribute_IE : hasAttribute;
+  getWidth: function(element) {
+    return Element.getDimensions(element).width;
+  },
 
-  function classNames(element) {
+  classNames: function(element) {
     return new Element.ClassNames(element);
-  }
-
-  var regExpCache = {};
-  function getRegExpForClassName(className) {
-    if (regExpCache[className]) return regExpCache[className];
-
-    var re = new RegExp("(^|\\s+)" + className + "(\\s+|$)");
-    regExpCache[className] = re;
-    return re;
-  }
+  },
 
-  function hasClassName(element, className) {
+  hasClassName: function(element, className) {
     if (!(element = $(element))) return;
-
     var elementClassName = element.className;
+    return (elementClassName && elementClassName.length > 0 && (elementClassName == className ||
+      new RegExp("(^|\\s)" + className + "(\\s|$)").test(elementClassName)));
+  },
 
-    if (elementClassName.length === 0) return false;
-    if (elementClassName === className) return true;
-
-    return getRegExpForClassName(className).test(elementClassName);
-  }
-
-  function addClassName(element, className) {
+  addClassName: function(element, className) {
     if (!(element = $(element))) return;
-
-    if (!hasClassName(element, className))
+    if (!Element.hasClassName(element, className))
       element.className += (element.className ? ' ' : '') + className;
-
     return element;
-  }
+  },
 
-  function removeClassName(element, className) {
+  removeClassName: function(element, className) {
     if (!(element = $(element))) return;
-
     element.className = element.className.replace(
-     getRegExpForClassName(className), ' ').strip();
-
+      new RegExp("(^|\\s+)" + className + "(\\s+|$)"), ' ').strip();
     return element;
-  }
+  },
 
-  function toggleClassName(element, className, bool) {
+  toggleClassName: function(element, className) {
     if (!(element = $(element))) return;
+    return Element[Element.hasClassName(element, className) ?
+      'removeClassName' : 'addClassName'](element, className);
+  },
 
-    if (Object.isUndefined(bool))
-      bool = !hasClassName(element, className);
-
-    var method = Element[bool ? 'addClassName' : 'removeClassName'];
-    return method(element, className);
-  }
-
-  var ATTRIBUTE_TRANSLATIONS = {};
-
-  var classProp = 'className', forProp = 'for';
-
-  DIV.setAttribute(classProp, 'x');
-  if (DIV.className !== 'x') {
-    DIV.setAttribute('class', 'x');
-    if (DIV.className === 'x')
-      classProp = 'class';
-  }
+  cleanWhitespace: function(element) {
+    element = $(element);
+    var node = element.firstChild;
+    while (node) {
+      var nextNode = node.nextSibling;
+      if (node.nodeType == 3 && !/\S/.test(node.nodeValue))
+        element.removeChild(node);
+      node = nextNode;
+    }
+    return element;
+  },
 
-  var LABEL = document.createElement('label');
-  LABEL.setAttribute(forProp, 'x');
-  if (LABEL.htmlFor !== 'x') {
-    LABEL.setAttribute('htmlFor', 'x');
-    if (LABEL.htmlFor === 'x')
-      forProp = 'htmlFor';
-  }
-  LABEL = null;
+  empty: function(element) {
+    return $(element).innerHTML.blank();
+  },
 
-  function _getAttr(element, attribute) {
-    return element.getAttribute(attribute);
-  }
+  descendantOf: function(element, ancestor) {
+    element = $(element), ancestor = $(ancestor);
 
-  function _getAttr2(element, attribute) {
-    return element.getAttribute(attribute, 2);
-  }
+    if (element.compareDocumentPosition)
+      return (element.compareDocumentPosition(ancestor) & 8) === 8;
 
-  function _getAttrNode(element, attribute) {
-    var node = element.getAttributeNode(attribute);
-    return node ? node.value : '';
-  }
+    if (ancestor.contains)
+      return ancestor.contains(element) && ancestor !== element;
 
-  function _getFlag(element, attribute) {
-    return $(element).hasAttribute(attribute) ? attribute : null;
-  }
+    while (element = element.parentNode)
+      if (element == ancestor) return true;
 
-  DIV.onclick = Prototype.emptyFunction;
-  var onclickValue = DIV.getAttribute('onclick');
+    return false;
+  },
 
-  var _getEv;
+  scrollTo: function(element) {
+    element = $(element);
+    var pos = Element.cumulativeOffset(element);
+    window.scrollTo(pos[0], pos[1]);
+    return element;
+  },
 
-  if (String(onclickValue).indexOf('{') > -1) {
-    _getEv = function(element, attribute) {
-      var value = element.getAttribute(attribute);
-      if (!value) return null;
-      value = value.toString();
-      value = value.split('{')[1];
-      value = value.split('}')[0];
-      return value.strip();
-    };
-  }
-  else if (onclickValue === '') {
-    _getEv = function(element, attribute) {
-      var value = element.getAttribute(attribute);
-      if (!value) return null;
-      return value.strip();
-    };
-  }
+  getStyle: function(element, style) {
+    element = $(element);
+    style = style == 'float' ? 'cssFloat' : style.camelize();
+    var value = element.style[style];
+    if (!value || value == 'auto') {
+      var css = document.defaultView.getComputedStyle(element, null);
+      value = css ? css[style] : null;
+    }
+    if (style == 'opacity') return value ? parseFloat(value) : 1.0;
+    return value == 'auto' ? null : value;
+  },
 
-  ATTRIBUTE_TRANSLATIONS.read = {
-    names: {
-      'class':     classProp,
-      'className': classProp,
-      'for':       forProp,
-      'htmlFor':   forProp
-    },
+  getOpacity: function(element) {
+    return $(element).getStyle('opacity');
+  },
 
-    values: {
-      style: function(element) {
-        return element.style.cssText.toLowerCase();
-      },
-      title: function(element) {
-        return element.title;
-      }
+  setStyle: function(element, styles) {
+    element = $(element);
+    var elementStyle = element.style, match;
+    if (Object.isString(styles)) {
+      element.style.cssText += ';' + styles;
+      return styles.include('opacity') ?
+        element.setOpacity(styles.match(/opacity:\s*(\d?\.?\d*)/)[1]) : element;
     }
-  };
+    for (var property in styles)
+      if (property == 'opacity') element.setOpacity(styles[property]);
+      else
+        elementStyle[(property == 'float' || property == 'cssFloat') ?
+          (Object.isUndefined(elementStyle.styleFloat) ? 'cssFloat' : 'styleFloat') :
+            property] = styles[property];
 
-  ATTRIBUTE_TRANSLATIONS.write = {
-    names: {
-      className:   'class',
-      htmlFor:     'for',
-      cellpadding: 'cellPadding',
-      cellspacing: 'cellSpacing'
-    },
+    return element;
+  },
 
-    values: {
-      checked: function(element, value) {
-        value = !!value;
-        element.checked = value;
-        return value ? 'checked' : null;
-      },
+  setOpacity: function(element, value) {
+    element = $(element);
+    element.style.opacity = (value == 1 || value === '') ? '' :
+      (value < 0.00001) ? 0 : value;
+    return element;
+  },
 
-      style: function(element, value) {
-        element.style.cssText = value ? value : '';
+  makePositioned: function(element) {
+    element = $(element);
+    var pos = Element.getStyle(element, 'position');
+    if (pos == 'static' || !pos) {
+      element._madePositioned = true;
+      element.style.position = 'relative';
+      if (Prototype.Browser.Opera) {
+        element.style.top = 0;
+        element.style.left = 0;
       }
     }
-  };
-
-  ATTRIBUTE_TRANSLATIONS.has = { names: {} };
-
-  Object.extend(ATTRIBUTE_TRANSLATIONS.write.names,
-   ATTRIBUTE_TRANSLATIONS.read.names);
-
-  var CAMEL_CASED_ATTRIBUTE_NAMES = $w('colSpan rowSpan vAlign dateTime ' +
-   'accessKey tabIndex encType maxLength readOnly longDesc frameBorder');
-
-  for (var i = 0, attr; attr = CAMEL_CASED_ATTRIBUTE_NAMES[i]; i++) {
-    ATTRIBUTE_TRANSLATIONS.write.names[attr.toLowerCase()] = attr;
-    ATTRIBUTE_TRANSLATIONS.has.names[attr.toLowerCase()]   = attr;
-  }
-
-  Object.extend(ATTRIBUTE_TRANSLATIONS.read.values, {
-    href:        _getAttr2,
-    src:         _getAttr2,
-    type:        _getAttr,
-    action:      _getAttrNode,
-    disabled:    _getFlag,
-    checked:     _getFlag,
-    readonly:    _getFlag,
-    multiple:    _getFlag,
-    onload:      _getEv,
-    onunload:    _getEv,
-    onclick:     _getEv,
-    ondblclick:  _getEv,
-    onmousedown: _getEv,
-    onmouseup:   _getEv,
-    onmouseover: _getEv,
-    onmousemove: _getEv,
-    onmouseout:  _getEv,
-    onfocus:     _getEv,
-    onblur:      _getEv,
-    onkeypress:  _getEv,
-    onkeydown:   _getEv,
-    onkeyup:     _getEv,
-    onsubmit:    _getEv,
-    onreset:     _getEv,
-    onselect:    _getEv,
-    onchange:    _getEv
-  });
+    return element;
+  },
 
+  undoPositioned: function(element) {
+    element = $(element);
+    if (element._madePositioned) {
+      element._madePositioned = undefined;
+      element.style.position =
+        element.style.top =
+        element.style.left =
+        element.style.bottom =
+        element.style.right = '';
+    }
+    return element;
+  },
 
-  Object.extend(methods, {
-    identify:        identify,
-    readAttribute:   readAttribute,
-    writeAttribute:  writeAttribute,
-    classNames:      classNames,
-    hasClassName:    hasClassName,
-    addClassName:    addClassName,
-    removeClassName: removeClassName,
-    toggleClassName: toggleClassName
-  });
+  makeClipping: function(element) {
+    element = $(element);
+    if (element._overflow) return element;
+    element._overflow = Element.getStyle(element, 'overflow') || 'auto';
+    if (element._overflow !== 'hidden')
+      element.style.overflow = 'hidden';
+    return element;
+  },
 
+  undoClipping: function(element) {
+    element = $(element);
+    if (!element._overflow) return element;
+    element.style.overflow = element._overflow == 'auto' ? '' : element._overflow;
+    element._overflow = null;
+    return element;
+  },
 
-  function normalizeStyleName(style) {
-    if (style === 'float' || style === 'styleFloat')
-      return 'cssFloat';
-    return style.camelize();
-  }
+  clonePosition: function(element, source) {
+    var options = Object.extend({
+      setLeft:    true,
+      setTop:     true,
+      setWidth:   true,
+      setHeight:  true,
+      offsetTop:  0,
+      offsetLeft: 0
+    }, arguments[2] || { });
 
-  function normalizeStyleName_IE(style) {
-    if (style === 'float' || style === 'cssFloat')
-      return 'styleFloat';
-    return style.camelize();
-  }
+    source = $(source);
+    var p = Element.viewportOffset(source), delta = [0, 0], parent = null;
 
-  function setStyle(element, styles) {
     element = $(element);
-    var elementStyle = element.style, match;
 
-    if (Object.isString(styles)) {
-      elementStyle.cssText += ';' + styles;
-      if (styles.include('opacity')) {
-        var opacity = styles.match(/opacity:\s*(\d?\.?\d*)/)[1];
-        Element.setOpacity(element, opacity);
-      }
-      return element;
+    if (Element.getStyle(element, 'position') == 'absolute') {
+      parent = Element.getOffsetParent(element);
+      delta = Element.viewportOffset(parent);
     }
 
-    for (var property in styles) {
-      if (property === 'opacity') {
-        Element.setOpacity(element, styles[property]);
-      } else {
-        var value = styles[property];
-        if (property === 'float' || property === 'cssFloat') {
-          property = Object.isUndefined(elementStyle.styleFloat) ?
-           'cssFloat' : 'styleFloat';
-        }
-        elementStyle[property] = value;
-      }
+    if (parent == document.body) {
+      delta[0] -= document.body.offsetLeft;
+      delta[1] -= document.body.offsetTop;
     }
 
+    if (options.setLeft)   element.style.left  = (p[0] - delta[0] + options.offsetLeft) + 'px';
+    if (options.setTop)    element.style.top   = (p[1] - delta[1] + options.offsetTop) + 'px';
+    if (options.setWidth)  element.style.width = source.offsetWidth + 'px';
+    if (options.setHeight) element.style.height = source.offsetHeight + 'px';
     return element;
   }
+};
 
+Object.extend(Element.Methods, {
+  getElementsBySelector: Element.Methods.select,
 
-  function getStyle(element, style) {
-    element = $(element);
-    style = normalizeStyleName(style);
-
-    var value = element.style[style];
-    if (!value || value === 'auto') {
-      var css = document.defaultView.getComputedStyle(element, null);
-      value = css ? css[style] : null;
-    }
+  childElements: Element.Methods.immediateDescendants
+});
 
-    if (style === 'opacity') return value ? parseFloat(value) : 1.0;
-    return value === 'auto' ? null : value;
+Element._attributeTranslations = {
+  write: {
+    names: {
+      className: 'class',
+      htmlFor:   'for'
+    },
+    values: { }
   }
+};
 
-  function getStyle_Opera(element, style) {
-    switch (style) {
-      case 'height': case 'width':
-        if (!Element.visible(element)) return null;
+if (Prototype.Browser.Opera) {
+  Element.Methods.getStyle = Element.Methods.getStyle.wrap(
+    function(proceed, element, style) {
+      switch (style) {
+        case 'height': case 'width':
+          if (!Element.visible(element)) return null;
 
-        var dim = parseInt(getStyle(element, style), 10);
+          var dim = parseInt(proceed(element, style), 10);
 
-        if (dim !== element['offset' + style.capitalize()])
-          return dim + 'px';
+          if (dim !== element['offset' + style.capitalize()])
+            return dim + 'px';
 
-        return Element.measure(element, style);
+          var properties;
+          if (style === 'height') {
+            properties = ['border-top-width', 'padding-top',
+             'padding-bottom', 'border-bottom-width'];
+          }
+          else {
+            properties = ['border-left-width', 'padding-left',
+             'padding-right', 'border-right-width'];
+          }
+          return properties.inject(dim, function(memo, property) {
+            var val = proceed(element, property);
+            return val === null ? memo : memo - parseInt(val, 10);
+          }) + 'px';
+        default: return proceed(element, style);
+      }
+    }
+  );
 
-      default: return getStyle(element, style);
+  Element.Methods.readAttribute = Element.Methods.readAttribute.wrap(
+    function(proceed, element, attribute) {
+      if (attribute === 'title') return element.title;
+      return proceed(element, attribute);
     }
-  }
+  );
+}
 
-  function getStyle_IE(element, style) {
+else if (Prototype.Browser.IE) {
+  Element.Methods.getStyle = function(element, style) {
     element = $(element);
-    style = normalizeStyleName_IE(style);
-
+    style = (style == 'float' || style == 'cssFloat') ? 'styleFloat' : style.camelize();
     var value = element.style[style];
-    if (!value && element.currentStyle) {
-      value = element.currentStyle[style];
-    }
+    if (!value && element.currentStyle) value = element.currentStyle[style];
 
-    if (style === 'opacity') {
-      if (!STANDARD_CSS_OPACITY_SUPPORTED)
-        return getOpacity_IE(element);
-      else return value ? parseFloat(value) : 1.0;
+    if (style == 'opacity') {
+      if (value = (element.getStyle('filter') || '').match(/alpha\(opacity=(.*)\)/))
+        if (value[1]) return parseFloat(value[1]) / 100;
+      return 1.0;
     }
 
-    if (value === 'auto') {
-      if ((style === 'width' || style === 'height') && Element.visible(element))
-        return Element.measure(element, style) + 'px';
+    if (value == 'auto') {
+      if ((style == 'width' || style == 'height') && (element.getStyle('display') != 'none'))
+        return element['offset' + style.capitalize()] + 'px';
       return null;
     }
-
     return value;
-  }
+  };
 
-  function stripAlphaFromFilter_IE(filter) {
-    return (filter || '').replace(/alpha\([^\)]*\)/gi, '');
-  }
+  Element.Methods.setOpacity = function(element, value) {
+    function stripAlpha(filter){
+      return filter.replace(/alpha\([^\)]*\)/gi,'');
+    }
+    element = $(element);
+    var currentStyle = element.currentStyle;
+    if ((currentStyle && !currentStyle.hasLayout) ||
+      (!currentStyle && element.style.zoom == 'normal'))
+        element.style.zoom = 1;
 
-  function hasLayout_IE(element) {
-    if (!element.currentStyle || !element.currentStyle.hasLayout)
-      element.style.zoom = 1;
+    var filter = element.getStyle('filter'), style = element.style;
+    if (value == 1 || value === '') {
+      (filter = stripAlpha(filter)) ?
+        style.filter = filter : style.removeAttribute('filter');
+      return element;
+    } else if (value < 0.00001) value = 0;
+    style.filter = stripAlpha(filter) +
+      'alpha(opacity=' + (value * 100) + ')';
     return element;
-  }
+  };
 
-  var STANDARD_CSS_OPACITY_SUPPORTED = (function() {
-    DIV.style.cssText = "opacity:.55";
-    return /^0.55/.test(DIV.style.opacity);
-  })();
+  Element._attributeTranslations = (function(){
 
-  function setOpacity(element, value) {
-    element = $(element);
-    if (value == 1 || value === '') value = '';
-    else if (value < 0.00001) value = 0;
-    element.style.opacity = value;
-    return element;
-  }
+    var classProp = 'className',
+        forProp = 'for',
+        el = document.createElement('div');
 
-  function setOpacity_IE(element, value) {
-    if (STANDARD_CSS_OPACITY_SUPPORTED)
-      return setOpacity(element, value);
+    el.setAttribute(classProp, 'x');
+
+    if (el.className !== 'x') {
+      el.setAttribute('class', 'x');
+      if (el.className === 'x') {
+        classProp = 'class';
+      }
+    }
+    el = null;
 
-    element = hasLayout_IE($(element));
-    var filter = Element.getStyle(element, 'filter'),
-     style = element.style;
+    el = document.createElement('label');
+    el.setAttribute(forProp, 'x');
+    if (el.htmlFor !== 'x') {
+      el.setAttribute('htmlFor', 'x');
+      if (el.htmlFor === 'x') {
+        forProp = 'htmlFor';
+      }
+    }
+    el = null;
 
-    if (value == 1 || value === '') {
-      filter = stripAlphaFromFilter_IE(filter);
-      if (filter) style.filter = filter;
-      else style.removeAttribute('filter');
-      return element;
+    return {
+      read: {
+        names: {
+          'class':      classProp,
+          'className':  classProp,
+          'for':        forProp,
+          'htmlFor':    forProp
+        },
+        values: {
+          _getAttr: function(element, attribute) {
+            return element.getAttribute(attribute);
+          },
+          _getAttr2: function(element, attribute) {
+            return element.getAttribute(attribute, 2);
+          },
+          _getAttrNode: function(element, attribute) {
+            var node = element.getAttributeNode(attribute);
+            return node ? node.value : "";
+          },
+          _getEv: (function(){
+
+            var el = document.createElement('div'), f;
+            el.onclick = Prototype.emptyFunction;
+            var value = el.getAttribute('onclick');
+
+            if (String(value).indexOf('{') > -1) {
+              f = function(element, attribute) {
+                attribute = element.getAttribute(attribute);
+                if (!attribute) return null;
+                attribute = attribute.toString();
+                attribute = attribute.split('{')[1];
+                attribute = attribute.split('}')[0];
+                return attribute.strip();
+              };
+            }
+            else if (value === '') {
+              f = function(element, attribute) {
+                attribute = element.getAttribute(attribute);
+                if (!attribute) return null;
+                return attribute.strip();
+              };
+            }
+            el = null;
+            return f;
+          })(),
+          _flag: function(element, attribute) {
+            return $(element).hasAttribute(attribute) ? attribute : null;
+          },
+          style: function(element) {
+            return element.style.cssText.toLowerCase();
+          },
+          title: function(element) {
+            return element.title;
+          }
+        }
+      }
     }
+  })();
 
-    if (value < 0.00001) value = 0;
+  Element._attributeTranslations.write = {
+    names: Object.extend({
+      cellpadding: 'cellPadding',
+      cellspacing: 'cellSpacing'
+    }, Element._attributeTranslations.read.names),
+    values: {
+      checked: function(element, value) {
+        element.checked = !!value;
+      },
 
-    style.filter = stripAlphaFromFilter_IE(filter) +
-     ' alpha(opacity=' + (value * 100) + ')';
+      style: function(element, value) {
+        element.style.cssText = value ? value : '';
+      }
+    }
+  };
 
-    return element;
-  }
+  Element._attributeTranslations.has = {};
 
+  $w('colSpan rowSpan vAlign dateTime accessKey tabIndex ' +
+      'encType maxLength readOnly longDesc frameBorder').each(function(attr) {
+    Element._attributeTranslations.write.names[attr.toLowerCase()] = attr;
+    Element._attributeTranslations.has[attr.toLowerCase()] = attr;
+  });
 
-  function getOpacity(element) {
-    return Element.getStyle(element, 'opacity');
-  }
+  (function(v) {
+    Object.extend(v, {
+      href:        v._getAttr2,
+      src:         v._getAttr2,
+      type:        v._getAttr,
+      action:      v._getAttrNode,
+      disabled:    v._flag,
+      checked:     v._flag,
+      readonly:    v._flag,
+      multiple:    v._flag,
+      onload:      v._getEv,
+      onunload:    v._getEv,
+      onclick:     v._getEv,
+      ondblclick:  v._getEv,
+      onmousedown: v._getEv,
+      onmouseup:   v._getEv,
+      onmouseover: v._getEv,
+      onmousemove: v._getEv,
+      onmouseout:  v._getEv,
+      onfocus:     v._getEv,
+      onblur:      v._getEv,
+      onkeypress:  v._getEv,
+      onkeydown:   v._getEv,
+      onkeyup:     v._getEv,
+      onsubmit:    v._getEv,
+      onreset:     v._getEv,
+      onselect:    v._getEv,
+      onchange:    v._getEv
+    });
+  })(Element._attributeTranslations.read.values);
 
-  function getOpacity_IE(element) {
-    if (STANDARD_CSS_OPACITY_SUPPORTED)
-      return getOpacity(element);
+  if (Prototype.BrowserFeatures.ElementExtensions) {
+    (function() {
+      function _descendants(element) {
+        var nodes = element.getElementsByTagName('*'), results = [];
+        for (var i = 0, node; node = nodes[i]; i++)
+          if (node.tagName !== "!") // Filter out comment nodes.
+            results.push(node);
+        return results;
+      }
 
-    var filter = Element.getStyle(element, 'filter');
-    if (filter.length === 0) return 1.0;
-    var match = (filter || '').match(/alpha\(opacity=(.*)\)/i);
-    if (match && match[1]) return parseFloat(match[1]) / 100;
-    return 1.0;
+      Element.Methods.down = function(element, expression, index) {
+        element = $(element);
+        if (arguments.length == 1) return element.firstDescendant();
+        return Object.isNumber(expression) ? _descendants(element)[expression] :
+          Element.select(element, expression)[index || 0];
+      }
+    })();
   }
 
+}
 
-  Object.extend(methods, {
-    setStyle:   setStyle,
-    getStyle:   getStyle,
-    setOpacity: setOpacity,
-    getOpacity: getOpacity
-  });
-
-  if ('styleFloat' in DIV.style) {
-    methods.getStyle = getStyle_IE;
-    methods.setOpacity = setOpacity_IE;
-    methods.getOpacity = getOpacity_IE;
-  }
+else if (Prototype.Browser.Gecko && /rv:1\.8\.0/.test(navigator.userAgent)) {
+  Element.Methods.setOpacity = function(element, value) {
+    element = $(element);
+    element.style.opacity = (value == 1) ? 0.999999 :
+      (value === '') ? '' : (value < 0.00001) ? 0 : value;
+    return element;
+  };
+}
 
-  var UID = 0;
+else if (Prototype.Browser.WebKit) {
+  Element.Methods.setOpacity = function(element, value) {
+    element = $(element);
+    element.style.opacity = (value == 1 || value === '') ? '' :
+      (value < 0.00001) ? 0 : value;
+
+    if (value == 1)
+      if (element.tagName.toUpperCase() == 'IMG' && element.width) {
+        element.width++; element.width--;
+      } else try {
+        var n = document.createTextNode(' ');
+        element.appendChild(n);
+        element.removeChild(n);
+      } catch (e) { }
 
-  GLOBAL.Element.Storage = { UID: 1 };
+    return element;
+  };
+}
 
-  function getUniqueElementID(element) {
-    if (element === window) return 0;
+if ('outerHTML' in document.documentElement) {
+  Element.Methods.replace = function(element, content) {
+    element = $(element);
 
-    if (typeof element._prototypeUID === 'undefined')
-      element._prototypeUID = Element.Storage.UID++;
-    return element._prototypeUID;
-  }
+    if (content && content.toElement) content = content.toElement();
+    if (Object.isElement(content)) {
+      element.parentNode.replaceChild(content, element);
+      return element;
+    }
 
-  function getUniqueElementID_IE(element) {
-    if (element === window) return 0;
-    if (element == document) return 1;
-    return element.uniqueID;
-  }
+    content = Object.toHTML(content);
+    var parent = element.parentNode, tagName = parent.tagName.toUpperCase();
 
-  var HAS_UNIQUE_ID_PROPERTY = ('uniqueID' in DIV);
-  if (HAS_UNIQUE_ID_PROPERTY)
-    getUniqueElementID = getUniqueElementID_IE;
+    if (Element._insertionTranslations.tags[tagName]) {
+      var nextSibling = element.next(),
+          fragments = Element._getContentFromAnonymousElement(tagName, content.stripScripts());
+      parent.removeChild(element);
+      if (nextSibling)
+        fragments.each(function(node) { parent.insertBefore(node, nextSibling) });
+      else
+        fragments.each(function(node) { parent.appendChild(node) });
+    }
+    else element.outerHTML = content.stripScripts();
 
-  function getStorage(element) {
-    if (!(element = $(element))) return;
+    content.evalScripts.bind(content).defer();
+    return element;
+  };
+}
 
-    var uid = getUniqueElementID(element);
+Element._returnOffset = function(l, t) {
+  var result = [l, t];
+  result.left = l;
+  result.top = t;
+  return result;
+};
 
-    if (!Element.Storage[uid])
-      Element.Storage[uid] = $H();
+Element._getContentFromAnonymousElement = function(tagName, html, force) {
+  var div = new Element('div'),
+      t = Element._insertionTranslations.tags[tagName];
 
-    return Element.Storage[uid];
+  var workaround = false;
+  if (t) workaround = true;
+  else if (force) {
+    workaround = true;
+    t = ['', '', 0];
   }
 
-  function store(element, key, value) {
-    if (!(element = $(element))) return;
-    var storage = getStorage(element);
-    if (arguments.length === 2) {
-      storage.update(key);
-    } else {
-      storage.set(key, value);
+  if (workaround) {
+    div.innerHTML = '&nbsp;' + t[0] + html + t[1];
+    div.removeChild(div.firstChild);
+    for (var i = t[2]; i--; ) {
+      div = div.firstChild;
     }
-    return element;
   }
+  else {
+    div.innerHTML = html;
+  }
+  return $A(div.childNodes);
+};
 
-  function retrieve(element, key, defaultValue) {
-    if (!(element = $(element))) return;
-    var storage = getStorage(element), value = storage.get(key);
+Element._insertionTranslations = {
+  before: function(element, node) {
+    element.parentNode.insertBefore(node, element);
+  },
+  top: function(element, node) {
+    element.insertBefore(node, element.firstChild);
+  },
+  bottom: function(element, node) {
+    element.appendChild(node);
+  },
+  after: function(element, node) {
+    element.parentNode.insertBefore(node, element.nextSibling);
+  },
+  tags: {
+    TABLE:  ['<table>',                '</table>',                   1],
+    TBODY:  ['<table><tbody>',         '</tbody></table>',           2],
+    TR:     ['<table><tbody><tr>',     '</tr></tbody></table>',      3],
+    TD:     ['<table><tbody><tr><td>', '</td></tr></tbody></table>', 4],
+    SELECT: ['<select>',               '</select>',                  1]
+  }
+};
 
-    if (Object.isUndefined(value)) {
-      storage.set(key, defaultValue);
-      value = defaultValue;
-    }
+(function() {
+  var tags = Element._insertionTranslations.tags;
+  Object.extend(tags, {
+    THEAD: tags.TBODY,
+    TFOOT: tags.TBODY,
+    TH:    tags.TD
+  });
+})();
 
-    return value;
+Element.Methods.Simulated = {
+  hasAttribute: function(element, attribute) {
+    attribute = Element._attributeTranslations.has[attribute] || attribute;
+    var node = $(element).getAttributeNode(attribute);
+    return !!(node && node.specified);
   }
+};
 
+Element.Methods.ByTag = { };
 
-  Object.extend(methods, {
-    getStorage: getStorage,
-    store:      store,
-    retrieve:   retrieve
-  });
-
+Object.extend(Element, Element.Methods);
 
-  var Methods = {}, ByTag = Element.Methods.ByTag,
-   F = Prototype.BrowserFeatures;
+(function(div) {
 
-  if (!F.ElementExtensions && ('__proto__' in DIV)) {
-    GLOBAL.HTMLElement = {};
-    GLOBAL.HTMLElement.prototype = DIV['__proto__'];
-    F.ElementExtensions = true;
+  if (!Prototype.BrowserFeatures.ElementExtensions && div['__proto__']) {
+    window.HTMLElement = { };
+    window.HTMLElement.prototype = div['__proto__'];
+    Prototype.BrowserFeatures.ElementExtensions = true;
   }
 
-  function checkElementPrototypeDeficiency(tagName) {
-    if (typeof window.Element === 'undefined') return false;
-    if (!HAS_EXTENDED_CREATE_ELEMENT_SYNTAX) return false;
-    var proto = window.Element.prototype;
-    if (proto) {
-      var id = '_' + (Math.random() + '').slice(2),
-       el = document.createElement(tagName);
-      proto[id] = 'x';
-      var isBuggy = (el[id] !== 'x');
-      delete proto[id];
-      el = null;
-      return isBuggy;
-    }
+  div = null;
+
+})(document.createElement('div'));
 
+Element.extend = (function() {
+
+  function checkDeficiency(tagName) {
+    if (typeof window.Element != 'undefined') {
+      var proto = window.Element.prototype;
+      if (proto) {
+        var id = '_' + (Math.random()+'').slice(2),
+            el = document.createElement(tagName);
+        proto[id] = 'x';
+        var isBuggy = (el[id] !== 'x');
+        delete proto[id];
+        el = null;
+        return isBuggy;
+      }
+    }
     return false;
   }
 
-  var HTMLOBJECTELEMENT_PROTOTYPE_BUGGY =
-   checkElementPrototypeDeficiency('object');
-
   function extendElementWith(element, methods) {
     for (var property in methods) {
       var value = methods[property];
@@ -3364,52 +2956,98 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
     }
   }
 
-  var EXTENDED = {};
-  function elementIsExtended(element) {
-    var uid = getUniqueElementID(element);
-    return (uid in EXTENDED);
+  var HTMLOBJECTELEMENT_PROTOTYPE_BUGGY = checkDeficiency('object');
+
+  if (Prototype.BrowserFeatures.SpecificElementExtensions) {
+    if (HTMLOBJECTELEMENT_PROTOTYPE_BUGGY) {
+      return function(element) {
+        if (element && typeof element._extendedByPrototype == 'undefined') {
+          var t = element.tagName;
+          if (t && (/^(?:object|applet|embed)$/i.test(t))) {
+            extendElementWith(element, Element.Methods);
+            extendElementWith(element, Element.Methods.Simulated);
+            extendElementWith(element, Element.Methods.ByTag[t.toUpperCase()]);
+          }
+        }
+        return element;
+      }
+    }
+    return Prototype.K;
   }
 
-  function extend(element) {
-    if (!element || elementIsExtended(element)) return element;
-    if (element.nodeType !== Node.ELEMENT_NODE || element == window)
-      return element;
+  var Methods = { }, ByTag = Element.Methods.ByTag;
+
+  var extend = Object.extend(function(element) {
+    if (!element || typeof element._extendedByPrototype != 'undefined' ||
+        element.nodeType != 1 || element == window) return element;
 
     var methods = Object.clone(Methods),
-     tagName = element.tagName.toUpperCase();
+        tagName = element.tagName.toUpperCase();
 
     if (ByTag[tagName]) Object.extend(methods, ByTag[tagName]);
 
     extendElementWith(element, methods);
-    EXTENDED[getUniqueElementID(element)] = true;
-    return element;
-  }
 
-  function extend_IE8(element) {
-    if (!element || elementIsExtended(element)) return element;
+    element._extendedByPrototype = Prototype.emptyFunction;
+    return element;
 
-    var t = element.tagName;
-    if (t && (/^(?:object|applet|embed)$/i.test(t))) {
-      extendElementWith(element, Element.Methods);
-      extendElementWith(element, Element.Methods.Simulated);
-      extendElementWith(element, Element.Methods.ByTag[t.toUpperCase()]);
+  }, {
+    refresh: function() {
+      if (!Prototype.BrowserFeatures.ElementExtensions) {
+        Object.extend(Methods, Element.Methods);
+        Object.extend(Methods, Element.Methods.Simulated);
+      }
     }
+  });
 
-    return element;
+  extend.refresh();
+  return extend;
+})();
+
+if (document.documentElement.hasAttribute) {
+  Element.hasAttribute = function(element, attribute) {
+    return element.hasAttribute(attribute);
+  };
+}
+else {
+  Element.hasAttribute = Element.Methods.Simulated.hasAttribute;
+}
+
+Element.addMethods = function(methods) {
+  var F = Prototype.BrowserFeatures, T = Element.Methods.ByTag;
+
+  if (!methods) {
+    Object.extend(Form, Form.Methods);
+    Object.extend(Form.Element, Form.Element.Methods);
+    Object.extend(Element.Methods.ByTag, {
+      "FORM":     Object.clone(Form.Methods),
+      "INPUT":    Object.clone(Form.Element.Methods),
+      "SELECT":   Object.clone(Form.Element.Methods),
+      "TEXTAREA": Object.clone(Form.Element.Methods),
+      "BUTTON":   Object.clone(Form.Element.Methods)
+    });
   }
 
-  if (F.SpecificElementExtensions) {
-    extend = HTMLOBJECTELEMENT_PROTOTYPE_BUGGY ? extend_IE8 : Prototype.K;
+  if (arguments.length == 2) {
+    var tagName = methods;
+    methods = arguments[1];
   }
 
-  function addMethodsToTagName(tagName, methods) {
+  if (!tagName) Object.extend(Element.Methods, methods || { });
+  else {
+    if (Object.isArray(tagName)) tagName.each(extend);
+    else extend(tagName);
+  }
+
+  function extend(tagName) {
     tagName = tagName.toUpperCase();
-    if (!ByTag[tagName]) ByTag[tagName] = {};
-    Object.extend(ByTag[tagName], methods);
+    if (!Element.Methods.ByTag[tagName])
+      Element.Methods.ByTag[tagName] = { };
+    Object.extend(Element.Methods.ByTag[tagName], methods);
   }
 
-  function mergeMethods(destination, methods, onlyIfAbsent) {
-    if (Object.isUndefined(onlyIfAbsent)) onlyIfAbsent = false;
+  function copy(methods, destination, onlyIfAbsent) {
+    onlyIfAbsent = onlyIfAbsent || false;
     for (var property in methods) {
       var value = methods[property];
       if (!Object.isFunction(value)) continue;
@@ -3439,150 +3077,169 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
     if (window[klass]) return window[klass];
 
     var element = document.createElement(tagName),
-     proto = element['__proto__'] || element.constructor.prototype;
+        proto = element['__proto__'] || element.constructor.prototype;
 
     element = null;
     return proto;
   }
 
-  function addMethods(methods) {
-    if (arguments.length === 0) addFormMethods();
+  var elementPrototype = window.HTMLElement ? HTMLElement.prototype :
+   Element.prototype;
 
-    if (arguments.length === 2) {
-      var tagName = methods;
-      methods = arguments[1];
-    }
+  if (F.ElementExtensions) {
+    copy(Element.Methods, elementPrototype);
+    copy(Element.Methods.Simulated, elementPrototype, true);
+  }
 
-    if (!tagName) {
-      Object.extend(Element.Methods, methods || {});
-    } else {
-      if (Object.isArray(tagName)) {
-        for (var i = 0, tag; tag = tagName[i]; i++)
-          addMethodsToTagName(tag, methods);
-      } else {
-        addMethodsToTagName(tagName, methods);
-      }
+  if (F.SpecificElementExtensions) {
+    for (var tag in Element.Methods.ByTag) {
+      var klass = findDOMClass(tag);
+      if (Object.isUndefined(klass)) continue;
+      copy(T[tag], klass.prototype);
     }
+  }
 
-    var ELEMENT_PROTOTYPE = window.HTMLElement ? HTMLElement.prototype :
-     Element.prototype;
+  Object.extend(Element, Element.Methods);
+  delete Element.ByTag;
 
-    if (F.ElementExtensions) {
-      mergeMethods(ELEMENT_PROTOTYPE, Element.Methods);
-      mergeMethods(ELEMENT_PROTOTYPE, Element.Methods.Simulated, true);
-    }
+  if (Element.extend.refresh) Element.extend.refresh();
+  Element.cache = { };
+};
 
-    if (F.SpecificElementExtensions) {
-      for (var tag in Element.Methods.ByTag) {
-        var klass = findDOMClass(tag);
-        if (Object.isUndefined(klass)) continue;
-        mergeMethods(klass.prototype, ByTag[tag]);
-      }
-    }
 
-    Object.extend(Element, Element.Methods);
-    Object.extend(Element, Element.Methods.Simulated);
-    delete Element.ByTag;
-    delete Element.Simulated;
+document.viewport = {
 
-    Element.extend.refresh();
+  getDimensions: function() {
+    return { width: this.getWidth(), height: this.getHeight() };
+  },
 
-    ELEMENT_CACHE = {};
+  getScrollOffsets: function() {
+    return Element._returnOffset(
+      window.pageXOffset || document.documentElement.scrollLeft || document.body.scrollLeft,
+      window.pageYOffset || document.documentElement.scrollTop  || document.body.scrollTop);
   }
+};
 
-  Object.extend(GLOBAL.Element, {
-    extend:     extend,
-    addMethods: addMethods
-  });
+(function(viewport) {
+  var B = Prototype.Browser, doc = document, element, property = {};
 
-  if (extend === Prototype.K) {
-    GLOBAL.Element.extend.refresh = Prototype.emptyFunction;
-  } else {
-    GLOBAL.Element.extend.refresh = function() {
-      if (Prototype.BrowserFeatures.ElementExtensions) return;
-      Object.extend(Methods, Element.Methods);
-      Object.extend(Methods, Element.Methods.Simulated);
+  function getRootElement() {
+    if (B.WebKit && !doc.evaluate)
+      return document;
 
-      EXTENDED = {};
-    };
-  }
+    if (B.Opera && window.parseFloat(window.opera.version()) < 9.5)
+      return document.body;
 
-  function addFormMethods() {
-    Object.extend(Form, Form.Methods);
-    Object.extend(Form.Element, Form.Element.Methods);
-    Object.extend(Element.Methods.ByTag, {
-      "FORM":     Object.clone(Form.Methods),
-      "INPUT":    Object.clone(Form.Element.Methods),
-      "SELECT":   Object.clone(Form.Element.Methods),
-      "TEXTAREA": Object.clone(Form.Element.Methods),
-      "BUTTON":   Object.clone(Form.Element.Methods)
-    });
+    return document.documentElement;
   }
 
-  Element.addMethods(methods);
+  function define(D) {
+    if (!element) element = getRootElement();
+
+    property[D] = 'client' + D;
 
-  function destroyCache_IE() {
-    DIV = null;
-    ELEMENT_CACHE = null;
+    viewport['get' + D] = function() { return element[property[D]] };
+    return viewport['get' + D]();
   }
 
-  if (window.attachEvent)
-    window.attachEvent('onunload', destroyCache_IE);
+  viewport.getWidth  = define.curry('Width');
 
-})(this);
-(function() {
+  viewport.getHeight = define.curry('Height');
+})(document.viewport);
 
-  function toDecimal(pctString) {
-    var match = pctString.match(/^(\d+)%?$/i);
-    if (!match) return null;
-    return (Number(match[1]) / 100);
-  }
 
-  function getRawStyle(element, style) {
-    element = $(element);
+Element.Storage = {
+  UID: 1
+};
 
-    var value = element.style[style];
-    if (!value || value === 'auto') {
-      var css = document.defaultView.getComputedStyle(element, null);
-      value = css ? css[style] : null;
+Element.addMethods({
+  getStorage: function(element) {
+    if (!(element = $(element))) return;
+
+    var uid;
+    if (element === window) {
+      uid = 0;
+    } else {
+      if (typeof element._prototypeUID === "undefined")
+        element._prototypeUID = Element.Storage.UID++;
+      uid = element._prototypeUID;
     }
 
-    if (style === 'opacity') return value ? parseFloat(value) : 1.0;
-    return value === 'auto' ? null : value;
-  }
+    if (!Element.Storage[uid])
+      Element.Storage[uid] = $H();
 
-  function getRawStyle_IE(element, style) {
-    var value = element.style[style];
-    if (!value && element.currentStyle) {
-      value = element.currentStyle[style];
+    return Element.Storage[uid];
+  },
+
+  store: function(element, key, value) {
+    if (!(element = $(element))) return;
+
+    if (arguments.length === 2) {
+      Element.getStorage(element).update(key);
+    } else {
+      Element.getStorage(element).set(key, value);
+    }
+
+    return element;
+  },
+
+  retrieve: function(element, key, defaultValue) {
+    if (!(element = $(element))) return;
+    var hash = Element.getStorage(element), value = hash.get(key);
+
+    if (Object.isUndefined(value)) {
+      hash.set(key, defaultValue);
+      value = defaultValue;
     }
+
     return value;
-  }
+  },
 
-  function getContentWidth(element, context) {
-    var boxWidth = element.offsetWidth;
+  clone: function(element, deep) {
+    if (!(element = $(element))) return;
+    var clone = element.cloneNode(deep);
+    clone._prototypeUID = void 0;
+    if (deep) {
+      var descendants = Element.select(clone, '*'),
+          i = descendants.length;
+      while (i--) {
+        descendants[i]._prototypeUID = void 0;
+      }
+    }
+    return Element.extend(clone);
+  },
 
-    var bl = getPixelValue(element, 'borderLeftWidth',  context) || 0;
-    var br = getPixelValue(element, 'borderRightWidth', context) || 0;
-    var pl = getPixelValue(element, 'paddingLeft',      context) || 0;
-    var pr = getPixelValue(element, 'paddingRight',     context) || 0;
+  purge: function(element) {
+    if (!(element = $(element))) return;
+    var purgeElement = Element._purgeElement;
 
-    return boxWidth - bl - br - pl - pr;
-  }
+    purgeElement(element);
 
-  if (!Object.isUndefined(document.documentElement.currentStyle) && !Prototype.Browser.Opera) {
-    getRawStyle = getRawStyle_IE;
+    var descendants = element.getElementsByTagName('*'),
+     i = descendants.length;
+
+    while (i--) purgeElement(descendants[i]);
+
+    return null;
   }
+});
 
+(function() {
+
+  function toDecimal(pctString) {
+    var match = pctString.match(/^(\d+)%?$/i);
+    if (!match) return null;
+    return (Number(match[1]) / 100);
+  }
 
   function getPixelValue(value, property, context) {
     var element = null;
     if (Object.isElement(value)) {
       element = value;
-      value = getRawStyle(element, property);
+      value = element.getStyle(property);
     }
 
-    if (value === null || Object.isUndefined(value)) {
+    if (value === null) {
       return null;
     }
 
@@ -3605,12 +3262,14 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
 
     if (element && isPercentage) {
       context = context || element.parentNode;
-      var decimal = toDecimal(value), whole = null;
+      var decimal = toDecimal(value);
+      var whole = null;
+      var position = element.getStyle('position');
 
       var isHorizontal = property.include('left') || property.include('right') ||
        property.include('width');
 
-      var isVertical   = property.include('top') || property.include('bottom') ||
+      var isVertical =  property.include('top') || property.include('bottom') ||
         property.include('height');
 
       if (context === document.viewport) {
@@ -3634,12 +3293,14 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
   }
 
   function toCSSPixels(number) {
-    if (Object.isString(number) && number.endsWith('px'))
+    if (Object.isString(number) && number.endsWith('px')) {
       return number;
+    }
     return number + 'px';
   }
 
   function isDisplayed(element) {
+    var originalElement = element;
     while (element && element.parentNode) {
       var display = element.getStyle('display');
       if (display === 'none') {
@@ -3697,15 +3358,14 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
     },
 
     _begin: function() {
-      if (this._isPrepared()) return;
+      if (this._prepared) return;
 
       var element = this.element;
       if (isDisplayed(element)) {
-        this._setPrepared(true);
+        this._prepared = true;
         return;
       }
 
-
       var originalStyles = {
         position:   element.style.position   || '',
         width:      element.style.width      || '',
@@ -3715,30 +3375,30 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
 
       element.store('prototype_original_styles', originalStyles);
 
-      var position = getRawStyle(element, 'position'), width = element.offsetWidth;
+      var position = element.getStyle('position'),
+       width = element.getStyle('width');
 
-      if (width === 0 || width === null) {
+      if (width === "0px" || width === null) {
         element.style.display = 'block';
-        width = element.offsetWidth;
+        width = element.getStyle('width');
       }
 
       var context = (position === 'fixed') ? document.viewport :
        element.parentNode;
 
-      var tempStyles = {
+      element.setStyle({
+        position:   'absolute',
         visibility: 'hidden',
         display:    'block'
-      };
-
-      if (position !== 'fixed') tempStyles.position = 'absolute';
+      });
 
-      element.setStyle(tempStyles);
+      var positionedWidth = element.getStyle('width');
 
-      var positionedWidth = element.offsetWidth, newWidth;
+      var newWidth;
       if (width && (positionedWidth === width)) {
-        newWidth = getContentWidth(element, context);
+        newWidth = getPixelValue(element, 'width', context);
       } else if (position === 'absolute' || position === 'fixed') {
-        newWidth = getContentWidth(element, context);
+        newWidth = getPixelValue(element, 'width', context);
       } else {
         var parent = element.parentNode, pLayout = $(parent).getLayout();
 
@@ -3753,7 +3413,7 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
 
       element.setStyle({ width: newWidth + 'px' });
 
-      this._setPrepared(true);
+      this._prepared = true;
     },
 
     _end: function() {
@@ -3761,7 +3421,7 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
       var originalStyles = element.retrieve('prototype_original_styles');
       element.store('prototype_original_styles', null);
       element.setStyle(originalStyles);
-      this._setPrepared(false);
+      this._prepared = false;
     },
 
     _compute: function(property) {
@@ -3773,14 +3433,6 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
       return this._set(property, COMPUTATIONS[property].call(this, this.element));
     },
 
-    _isPrepared: function() {
-      return this.element.retrieve('prototype_element_layout_prepared', false);
-    },
-
-    _setPrepared: function(bool) {
-      return this.element.store('prototype_element_layout_prepared', bool);
-    },
-
     toObject: function() {
       var args = $A(arguments);
       var keys = (args.length === 0) ? Element.Layout.PROPERTIES :
@@ -3862,6 +3514,7 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
          pRight = this.get('padding-right');
 
         if (!this._preComputing) this._end();
+
         return bWidth - bLeft - bRight - pLeft - pRight;
       },
 
@@ -4052,14 +3705,6 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
     return $(element).getLayout().get(property);
   }
 
-  function getHeight(element) {
-    return Element.getDimensions(element).height;
-  }
-
-  function getWidth(element) {
-    return Element.getDimensions(element).width;
-  }
-
   function getDimensions(element) {
     element = $(element);
     var display = Element.getStyle(element, 'display');
@@ -4098,19 +3743,15 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
   function getOffsetParent(element) {
     element = $(element);
 
-    function selfOrBody(element) {
-      return isHtml(element) ? $(document.body) : $(element);
-    }
-
     if (isDocument(element) || isDetached(element) || isBody(element) || isHtml(element))
       return $(document.body);
 
     var isInline = (Element.getStyle(element, 'display') === 'inline');
-    if (!isInline && element.offsetParent) return selfOrBody(element.offsetParent);
+    if (!isInline && element.offsetParent) return $(element.offsetParent);
 
     while ((element = element.parentNode) && element !== document.body) {
       if (Element.getStyle(element, 'position') !== 'static') {
-        return selfOrBody(element);
+        return isHtml(element) ? $(document.body) : $(element);
       }
     }
 
@@ -4148,8 +3789,8 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
       }
     } while (element);
 
-    valueL -= layout.get('margin-left');
-    valueT -= layout.get('margin-top');
+    valueL -= layout.get('margin-top');
+    valueT -= layout.get('margin-left');
 
     return new Element.Offset(valueL, valueT);
   }
@@ -4157,24 +3798,17 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
   function cumulativeScrollOffset(element) {
     var valueT = 0, valueL = 0;
     do {
-      if (element === document.body) {
-        var bodyScrollNode = document.documentElement || document.body.parentNode || document.body;
-        valueT += !Object.isUndefined(window.pageYOffset) ? window.pageYOffset : bodyScrollNode.scrollTop || 0;
-        valueL += !Object.isUndefined(window.pageXOffset) ? window.pageXOffset : bodyScrollNode.scrollLeft || 0;
-        break;
-      } else {
-        valueT += element.scrollTop  || 0;
-        valueL += element.scrollLeft || 0;
-        element = element.parentNode;
-      }
+      valueT += element.scrollTop  || 0;
+      valueL += element.scrollLeft || 0;
+      element = element.parentNode;
     } while (element);
     return new Element.Offset(valueL, valueT);
   }
 
   function viewportOffset(forElement) {
+    element = $(element);
     var valueT = 0, valueL = 0, docBody = document.body;
 
-    forElement = $(forElement);
     var element = forElement;
     do {
       valueT += element.offsetTop  || 0;
@@ -4208,11 +3842,10 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
     var layout = element.getLayout();
 
     element.store('prototype_absolutize_original_styles', {
-      position: element.getStyle('position'),
-      left:     element.getStyle('left'),
-      top:      element.getStyle('top'),
-      width:    element.getStyle('width'),
-      height:   element.getStyle('height')
+      left:   element.getStyle('left'),
+      top:    element.getStyle('top'),
+      width:  element.getStyle('width'),
+      height: element.getStyle('height')
     });
 
     element.setStyle({
@@ -4239,142 +3872,6 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
     return element;
   }
 
-
-  function scrollTo(element) {
-    element = $(element);
-    var pos = Element.cumulativeOffset(element);
-    window.scrollTo(pos.left, pos.top);
-    return element;
-  }
-
-
-  function makePositioned(element) {
-    element = $(element);
-    var position = Element.getStyle(element, 'position'), styles = {};
-    if (position === 'static' || !position) {
-      styles.position = 'relative';
-      if (Prototype.Browser.Opera) {
-        styles.top  = 0;
-        styles.left = 0;
-      }
-      Element.setStyle(element, styles);
-      Element.store(element, 'prototype_made_positioned', true);
-    }
-    return element;
-  }
-
-  function undoPositioned(element) {
-    element = $(element);
-    var storage = Element.getStorage(element),
-     madePositioned = storage.get('prototype_made_positioned');
-
-    if (madePositioned) {
-      storage.unset('prototype_made_positioned');
-      Element.setStyle(element, {
-        position: '',
-        top:      '',
-        bottom:   '',
-        left:     '',
-        right:    ''
-      });
-    }
-    return element;
-  }
-
-  function makeClipping(element) {
-    element = $(element);
-
-    var storage = Element.getStorage(element),
-     madeClipping = storage.get('prototype_made_clipping');
-
-    if (Object.isUndefined(madeClipping)) {
-      var overflow = Element.getStyle(element, 'overflow');
-      storage.set('prototype_made_clipping', overflow);
-      if (overflow !== 'hidden')
-        element.style.overflow = 'hidden';
-    }
-
-    return element;
-  }
-
-  function undoClipping(element) {
-    element = $(element);
-    var storage = Element.getStorage(element),
-     overflow = storage.get('prototype_made_clipping');
-
-    if (!Object.isUndefined(overflow)) {
-      storage.unset('prototype_made_clipping');
-      element.style.overflow = overflow || '';
-    }
-
-    return element;
-  }
-
-  function clonePosition(element, source, options) {
-    options = Object.extend({
-      setLeft:    true,
-      setTop:     true,
-      setWidth:   true,
-      setHeight:  true,
-      offsetTop:  0,
-      offsetLeft: 0
-    }, options || {});
-
-    var docEl = document.documentElement;
-
-    source  = $(source);
-    element = $(element);
-    var p, delta, layout, styles = {};
-
-    if (options.setLeft || options.setTop) {
-      p = Element.viewportOffset(source);
-      delta = [0, 0];
-      if (Element.getStyle(element, 'position') === 'absolute') {
-        var parent = Element.getOffsetParent(element);
-        if (parent !== document.body) delta = Element.viewportOffset(parent);
-      }
-    }
-
-    function pageScrollXY() {
-      var x = 0, y = 0;
-      if (Object.isNumber(window.pageXOffset)) {
-        x = window.pageXOffset;
-        y = window.pageYOffset;
-      } else if (document.body && (document.body.scrollLeft || document.body.scrollTop)) {
-        x = document.body.scrollLeft;
-        y = document.body.scrollTop;
-      } else if (docEl && (docEl.scrollLeft || docEl.scrollTop)) {
-        x = docEl.scrollLeft;
-        y = docEl.scrollTop;
-      }
-      return { x: x, y: y };
-    }
-
-    var pageXY = pageScrollXY();
-
-
-    if (options.setWidth || options.setHeight) {
-      layout = Element.getLayout(source);
-    }
-
-    if (options.setLeft)
-      styles.left = (p[0] + pageXY.x - delta[0] + options.offsetLeft) + 'px';
-    if (options.setTop)
-      styles.top  = (p[1] + pageXY.y - delta[1] + options.offsetTop)  + 'px';
-
-    var currentLayout = element.getLayout();
-
-    if (options.setWidth) {
-      styles.width = layout.get('width')  + 'px';
-    }
-    if (options.setHeight) {
-      styles.height = layout.get('height') + 'px';
-    }
-
-    return Element.setStyle(element, styles);
-  }
-
-
   if (Prototype.Browser.IE) {
     getOffsetParent = getOffsetParent.wrap(
       function(proceed, element) {
@@ -4415,9 +3912,8 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
       do {
         valueT += element.offsetTop  || 0;
         valueL += element.offsetLeft || 0;
-        if (element.offsetParent == document.body) {
+        if (element.offsetParent == document.body)
           if (Element.getStyle(element, 'position') == 'absolute') break;
-        }
 
         element = element.offsetParent;
       } while (element);
@@ -4430,8 +3926,6 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
   Element.addMethods({
     getLayout:              getLayout,
     measure:                measure,
-    getWidth:               getWidth,
-    getHeight:              getHeight,
     getDimensions:          getDimensions,
     getOffsetParent:        getOffsetParent,
     cumulativeOffset:       cumulativeOffset,
@@ -4439,13 +3933,7 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
     cumulativeScrollOffset: cumulativeScrollOffset,
     viewportOffset:         viewportOffset,
     absolutize:             absolutize,
-    relativize:             relativize,
-    scrollTo:               scrollTo,
-    makePositioned:         makePositioned,
-    undoPositioned:         undoPositioned,
-    makeClipping:           makeClipping,
-    undoClipping:           undoClipping,
-    clonePosition:          clonePosition
+    relativize:             relativize
   });
 
   function isBody(element) {
@@ -4478,49 +3966,6 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
       }
     });
   }
-
-
-})();
-
-(function() {
-
-  var IS_OLD_OPERA = Prototype.Browser.Opera &&
-   (window.parseFloat(window.opera.version()) < 9.5);
-  var ROOT = null;
-  function getRootElement() {
-    if (ROOT) return ROOT;
-    ROOT = IS_OLD_OPERA ? document.body : document.documentElement;
-    return ROOT;
-  }
-
-  function getDimensions() {
-    return { width: this.getWidth(), height: this.getHeight() };
-  }
-
-  function getWidth() {
-    return getRootElement().clientWidth;
-  }
-
-  function getHeight() {
-    return getRootElement().clientHeight;
-  }
-
-  function getScrollOffsets() {
-    var x = window.pageXOffset || document.documentElement.scrollLeft ||
-     document.body.scrollLeft;
-    var y = window.pageYOffset || document.documentElement.scrollTop ||
-     document.body.scrollTop;
-
-    return new Element.Offset(x, y);
-  }
-
-  document.viewport = {
-    getDimensions:    getDimensions,
-    getWidth:         getWidth,
-    getHeight:        getHeight,
-    getScrollOffsets: getScrollOffsets
-  };
-
 })();
 window.$$ = function() {
   var expression = $A(arguments).join(', ');
@@ -4567,1775 +4012,982 @@ Prototype.Selector = (function() {
   };
 })();
 Prototype._original_property = window.Sizzle;
-
-;(function () {
-  function fakeDefine(fn) {
-    Prototype._actual_sizzle = fn();
-  }
-  fakeDefine.amd = true;
-
-  if (typeof define !== 'undefined' && define.amd) {
-    Prototype._original_define = define;
-    Prototype._actual_sizzle = null;
-    window.define = fakeDefine;
-  }
-})();
-
 /*!
- * Sizzle CSS Selector Engine v1.10.18
- * http://sizzlejs.com/
- *
- * Copyright 2013 jQuery Foundation, Inc. and other contributors
- * Released under the MIT license
- * http://jquery.org/license
- *
- * Date: 2014-02-05
+ * Sizzle CSS Selector Engine - v1.0
+ *  Copyright 2009, The Dojo Foundation
+ *  Released under the MIT, BSD, and GPL Licenses.
+ *  More information: http://sizzlejs.com/
  */
-(function( window ) {
-
-var i,
-	support,
-	Expr,
-	getText,
-	isXML,
-	compile,
-	select,
-	outermostContext,
-	sortInput,
-	hasDuplicate,
-
-	setDocument,
-	document,
-	docElem,
-	documentIsHTML,
-	rbuggyQSA,
-	rbuggyMatches,
-	matches,
-	contains,
-
-	expando = "sizzle" + -(new Date()),
-	preferredDoc = window.document,
-	dirruns = 0,
-	done = 0,
-	classCache = createCache(),
-	tokenCache = createCache(),
-	compilerCache = createCache(),
-	sortOrder = function( a, b ) {
-		if ( a === b ) {
-			hasDuplicate = true;
-		}
-		return 0;
-	},
-
-	strundefined = typeof undefined,
-	MAX_NEGATIVE = 1 << 31,
-
-	hasOwn = ({}).hasOwnProperty,
-	arr = [],
-	pop = arr.pop,
-	push_native = arr.push,
-	push = arr.push,
-	slice = arr.slice,
-	indexOf = arr.indexOf || function( elem ) {
-		var i = 0,
-			len = this.length;
-		for ( ; i < len; i++ ) {
-			if ( this[i] === elem ) {
-				return i;
-			}
-		}
-		return -1;
-	},
-
-	booleans = "checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|ismap|loop|multiple|open|readonly|required|scoped",
-
-
-	whitespace = "[\\x20\\t\\r\\n\\f]",
-	characterEncoding = "(?:\\\\.|[\\w-]|[^\\x00-\\xa0])+",
-
-	identifier = characterEncoding.replace( "w", "w#" ),
-
-	attributes = "\\[" + whitespace + "*(" + characterEncoding + ")" + whitespace +
-		"*(?:([*^$|!~]?=)" + whitespace + "*(?:(['\"])((?:\\\\.|[^\\\\])*?)\\3|(" + identifier + ")|)|)" + whitespace + "*\\]",
-
-	pseudos = ":(" + characterEncoding + ")(?:\\(((['\"])((?:\\\\.|[^\\\\])*?)\\3|((?:\\\\.|[^\\\\()[\\]]|" + attributes.replace( 3, 8 ) + ")*)|.*)\\)|)",
-
-	rtrim = new RegExp( "^" + whitespace + "+|((?:^|[^\\\\])(?:\\\\.)*)" + whitespace + "+$", "g" ),
-
-	rcomma = new RegExp( "^" + whitespace + "*," + whitespace + "*" ),
-	rcombinators = new RegExp( "^" + whitespace + "*([>+~]|" + whitespace + ")" + whitespace + "*" ),
-
-	rattributeQuotes = new RegExp( "=" + whitespace + "*([^\\]'\"]*?)" + whitespace + "*\\]", "g" ),
-
-	rpseudo = new RegExp( pseudos ),
-	ridentifier = new RegExp( "^" + identifier + "$" ),
+(function(){
 
-	matchExpr = {
-		"ID": new RegExp( "^#(" + characterEncoding + ")" ),
-		"CLASS": new RegExp( "^\\.(" + characterEncoding + ")" ),
-		"TAG": new RegExp( "^(" + characterEncoding.replace( "w", "w*" ) + ")" ),
-		"ATTR": new RegExp( "^" + attributes ),
-		"PSEUDO": new RegExp( "^" + pseudos ),
-		"CHILD": new RegExp( "^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\(" + whitespace +
-			"*(even|odd|(([+-]|)(\\d*)n|)" + whitespace + "*(?:([+-]|)" + whitespace +
-			"*(\\d+)|))" + whitespace + "*\\)|)", "i" ),
-		"bool": new RegExp( "^(?:" + booleans + ")$", "i" ),
-		"needsContext": new RegExp( "^" + whitespace + "*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\(" +
-			whitespace + "*((?:-\\d)?\\d*)" + whitespace + "*\\)|)(?=[^-]|$)", "i" )
-	},
-
-	rinputs = /^(?:input|select|textarea|button)$/i,
-	rheader = /^h\d$/i,
-
-	rnative = /^[^{]+\{\s*\[native \w/,
-
-	rquickExpr = /^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,
-
-	rsibling = /[+~]/,
-	rescape = /'|\\/g,
-
-	runescape = new RegExp( "\\\\([\\da-f]{1,6}" + whitespace + "?|(" + whitespace + ")|.)", "ig" ),
-	funescape = function( _, escaped, escapedWhitespace ) {
-		var high = "0x" + escaped - 0x10000;
-		return high !== high || escapedWhitespace ?
-			escaped :
-			high < 0 ?
-				String.fromCharCode( high + 0x10000 ) :
-				String.fromCharCode( high >> 10 | 0xD800, high & 0x3FF | 0xDC00 );
-	};
-
-try {
-	push.apply(
-		(arr = slice.call( preferredDoc.childNodes )),
-		preferredDoc.childNodes
-	);
-	arr[ preferredDoc.childNodes.length ].nodeType;
-} catch ( e ) {
-	push = { apply: arr.length ?
-
-		function( target, els ) {
-			push_native.apply( target, slice.call(els) );
-		} :
-
-		function( target, els ) {
-			var j = target.length,
-				i = 0;
-			while ( (target[j++] = els[i++]) ) {}
-			target.length = j - 1;
-		}
-	};
-}
-
-function Sizzle( selector, context, results, seed ) {
-	var match, elem, m, nodeType,
-		i, groups, old, nid, newContext, newSelector;
+var chunker = /((?:\((?:\([^()]+\)|[^()]+)+\)|\[(?:\[[^[\]]*\]|['"][^'"]*['"]|[^[\]'"]+)+\]|\\.|[^ >+~,(\[\\]+)+|[>+~])(\s*,\s*)?((?:.|\r|\n)*)/g,
+	done = 0,
+	toString = Object.prototype.toString,
+	hasDuplicate = false,
+	baseHasDuplicate = true;
 
-	if ( ( context ? context.ownerDocument || context : preferredDoc ) !== document ) {
-		setDocument( context );
-	}
+[0, 0].sort(function(){
+	baseHasDuplicate = false;
+	return 0;
+});
 
-	context = context || document;
+var Sizzle = function(selector, context, results, seed) {
 	results = results || [];
+	var origContext = context = context || document;
 
-	if ( !selector || typeof selector !== "string" ) {
-		return results;
-	}
-
-	if ( (nodeType = context.nodeType) !== 1 && nodeType !== 9 ) {
+	if ( context.nodeType !== 1 && context.nodeType !== 9 ) {
 		return [];
 	}
 
-	if ( documentIsHTML && !seed ) {
-
-		if ( (match = rquickExpr.exec( selector )) ) {
-			if ( (m = match[1]) ) {
-				if ( nodeType === 9 ) {
-					elem = context.getElementById( m );
-					if ( elem && elem.parentNode ) {
-						if ( elem.id === m ) {
-							results.push( elem );
-							return results;
-						}
-					} else {
-						return results;
-					}
-				} else {
-					if ( context.ownerDocument && (elem = context.ownerDocument.getElementById( m )) &&
-						contains( context, elem ) && elem.id === m ) {
-						results.push( elem );
-						return results;
-					}
-				}
-
-			} else if ( match[2] ) {
-				push.apply( results, context.getElementsByTagName( selector ) );
-				return results;
-
-			} else if ( (m = match[3]) && support.getElementsByClassName && context.getElementsByClassName ) {
-				push.apply( results, context.getElementsByClassName( m ) );
-				return results;
-			}
-		}
-
-		if ( support.qsa && (!rbuggyQSA || !rbuggyQSA.test( selector )) ) {
-			nid = old = expando;
-			newContext = context;
-			newSelector = nodeType === 9 && selector;
-
-			if ( nodeType === 1 && context.nodeName.toLowerCase() !== "object" ) {
-				groups = tokenize( selector );
-
-				if ( (old = context.getAttribute("id")) ) {
-					nid = old.replace( rescape, "\\$&" );
-				} else {
-					context.setAttribute( "id", nid );
-				}
-				nid = "[id='" + nid + "'] ";
-
-				i = groups.length;
-				while ( i-- ) {
-					groups[i] = nid + toSelector( groups[i] );
-				}
-				newContext = rsibling.test( selector ) && testContext( context.parentNode ) || context;
-				newSelector = groups.join(",");
-			}
-
-			if ( newSelector ) {
-				try {
-					push.apply( results,
-						newContext.querySelectorAll( newSelector )
-					);
-					return results;
-				} catch(qsaError) {
-				} finally {
-					if ( !old ) {
-						context.removeAttribute("id");
-					}
-				}
-			}
-		}
-	}
-
-	return select( selector.replace( rtrim, "$1" ), context, results, seed );
-}
-
-/**
- * Create key-value caches of limited size
- * @returns {Function(string, Object)} Returns the Object data after storing it on itself with
- *	property name the (space-suffixed) string and (if the cache is larger than Expr.cacheLength)
- *	deleting the oldest entry
- */
-function createCache() {
-	var keys = [];
-
-	function cache( key, value ) {
-		if ( keys.push( key + " " ) > Expr.cacheLength ) {
-			delete cache[ keys.shift() ];
-		}
-		return (cache[ key + " " ] = value);
-	}
-	return cache;
-}
-
-/**
- * Mark a function for special use by Sizzle
- * @param {Function} fn The function to mark
- */
-function markFunction( fn ) {
-	fn[ expando ] = true;
-	return fn;
-}
-
-/**
- * Support testing using an element
- * @param {Function} fn Passed the created div and expects a boolean result
- */
-function assert( fn ) {
-	var div = document.createElement("div");
-
-	try {
-		return !!fn( div );
-	} catch (e) {
-		return false;
-	} finally {
-		if ( div.parentNode ) {
-			div.parentNode.removeChild( div );
-		}
-		div = null;
+	if ( !selector || typeof selector !== "string" ) {
+		return results;
 	}
-}
 
-/**
- * Adds the same handler for all of the specified attrs
- * @param {String} attrs Pipe-separated list of attributes
- * @param {Function} handler The method that will be applied
- */
-function addHandle( attrs, handler ) {
-	var arr = attrs.split("|"),
-		i = attrs.length;
+	var parts = [], m, set, checkSet, check, mode, extra, prune = true, contextXML = isXML(context),
+		soFar = selector;
 
-	while ( i-- ) {
-		Expr.attrHandle[ arr[i] ] = handler;
-	}
-}
+	while ( (chunker.exec(""), m = chunker.exec(soFar)) !== null ) {
+		soFar = m[3];
 
-/**
- * Checks document order of two siblings
- * @param {Element} a
- * @param {Element} b
- * @returns {Number} Returns less than 0 if a precedes b, greater than 0 if a follows b
- */
-function siblingCheck( a, b ) {
-	var cur = b && a,
-		diff = cur && a.nodeType === 1 && b.nodeType === 1 &&
-			( ~b.sourceIndex || MAX_NEGATIVE ) -
-			( ~a.sourceIndex || MAX_NEGATIVE );
-
-	if ( diff ) {
-		return diff;
-	}
+		parts.push( m[1] );
 
-	if ( cur ) {
-		while ( (cur = cur.nextSibling) ) {
-			if ( cur === b ) {
-				return -1;
-			}
+		if ( m[2] ) {
+			extra = m[3];
+			break;
 		}
 	}
 
-	return a ? 1 : -1;
-}
+	if ( parts.length > 1 && origPOS.exec( selector ) ) {
+		if ( parts.length === 2 && Expr.relative[ parts[0] ] ) {
+			set = posProcess( parts[0] + parts[1], context );
+		} else {
+			set = Expr.relative[ parts[0] ] ?
+				[ context ] :
+				Sizzle( parts.shift(), context );
 
-/**
- * Returns a function to use in pseudos for input types
- * @param {String} type
- */
-function createInputPseudo( type ) {
-	return function( elem ) {
-		var name = elem.nodeName.toLowerCase();
-		return name === "input" && elem.type === type;
-	};
-}
+			while ( parts.length ) {
+				selector = parts.shift();
 
-/**
- * Returns a function to use in pseudos for buttons
- * @param {String} type
- */
-function createButtonPseudo( type ) {
-	return function( elem ) {
-		var name = elem.nodeName.toLowerCase();
-		return (name === "input" || name === "button") && elem.type === type;
-	};
-}
+				if ( Expr.relative[ selector ] )
+					selector += parts.shift();
 
-/**
- * Returns a function to use in pseudos for positionals
- * @param {Function} fn
- */
-function createPositionalPseudo( fn ) {
-	return markFunction(function( argument ) {
-		argument = +argument;
-		return markFunction(function( seed, matches ) {
-			var j,
-				matchIndexes = fn( [], seed.length, argument ),
-				i = matchIndexes.length;
-
-			while ( i-- ) {
-				if ( seed[ (j = matchIndexes[i]) ] ) {
-					seed[j] = !(matches[j] = seed[j]);
-				}
+				set = posProcess( selector, set );
 			}
-		});
-	});
-}
-
-/**
- * Checks a node for validity as a Sizzle context
- * @param {Element|Object=} context
- * @returns {Element|Object|Boolean} The input node if acceptable, otherwise a falsy value
- */
-function testContext( context ) {
-	return context && typeof context.getElementsByTagName !== strundefined && context;
-}
-
-support = Sizzle.support = {};
-
-/**
- * Detects XML nodes
- * @param {Element|Object} elem An element or a document
- * @returns {Boolean} True iff elem is a non-HTML XML node
- */
-isXML = Sizzle.isXML = function( elem ) {
-	var documentElement = elem && (elem.ownerDocument || elem).documentElement;
-	return documentElement ? documentElement.nodeName !== "HTML" : false;
-};
-
-/**
- * Sets document-related variables once based on the current document
- * @param {Element|Object} [doc] An element or document object to use to set the document
- * @returns {Object} Returns the current document
- */
-setDocument = Sizzle.setDocument = function( node ) {
-	var hasCompare,
-		doc = node ? node.ownerDocument || node : preferredDoc,
-		parent = doc.defaultView;
-
-	if ( doc === document || doc.nodeType !== 9 || !doc.documentElement ) {
-		return document;
-	}
-
-	document = doc;
-	docElem = doc.documentElement;
-
-	documentIsHTML = !isXML( doc );
-
-	if ( parent && parent !== parent.top ) {
-		if ( parent.addEventListener ) {
-			parent.addEventListener( "unload", function() {
-				setDocument();
-			}, false );
-		} else if ( parent.attachEvent ) {
-			parent.attachEvent( "onunload", function() {
-				setDocument();
-			});
 		}
-	}
-
-	/* Attributes
-	---------------------------------------------------------------------- */
-
-	support.attributes = assert(function( div ) {
-		div.className = "i";
-		return !div.getAttribute("className");
-	});
-
-	/* getElement(s)By*
-	---------------------------------------------------------------------- */
-
-	support.getElementsByTagName = assert(function( div ) {
-		div.appendChild( doc.createComment("") );
-		return !div.getElementsByTagName("*").length;
-	});
-
-	support.getElementsByClassName = rnative.test( doc.getElementsByClassName ) && assert(function( div ) {
-		div.innerHTML = "<div class='a'></div><div class='a i'></div>";
-
-		div.firstChild.className = "i";
-		return div.getElementsByClassName("i").length === 2;
-	});
-
-	support.getById = assert(function( div ) {
-		docElem.appendChild( div ).id = expando;
-		return !doc.getElementsByName || !doc.getElementsByName( expando ).length;
-	});
-
-	if ( support.getById ) {
-		Expr.find["ID"] = function( id, context ) {
-			if ( typeof context.getElementById !== strundefined && documentIsHTML ) {
-				var m = context.getElementById( id );
-				return m && m.parentNode ? [m] : [];
-			}
-		};
-		Expr.filter["ID"] = function( id ) {
-			var attrId = id.replace( runescape, funescape );
-			return function( elem ) {
-				return elem.getAttribute("id") === attrId;
-			};
-		};
 	} else {
-		delete Expr.find["ID"];
-
-		Expr.filter["ID"] =  function( id ) {
-			var attrId = id.replace( runescape, funescape );
-			return function( elem ) {
-				var node = typeof elem.getAttributeNode !== strundefined && elem.getAttributeNode("id");
-				return node && node.value === attrId;
-			};
-		};
-	}
-
-	Expr.find["TAG"] = support.getElementsByTagName ?
-		function( tag, context ) {
-			if ( typeof context.getElementsByTagName !== strundefined ) {
-				return context.getElementsByTagName( tag );
-			}
-		} :
-		function( tag, context ) {
-			var elem,
-				tmp = [],
-				i = 0,
-				results = context.getElementsByTagName( tag );
-
-			if ( tag === "*" ) {
-				while ( (elem = results[i++]) ) {
-					if ( elem.nodeType === 1 ) {
-						tmp.push( elem );
-					}
-				}
-
-				return tmp;
-			}
-			return results;
-		};
-
-	Expr.find["CLASS"] = support.getElementsByClassName && function( className, context ) {
-		if ( typeof context.getElementsByClassName !== strundefined && documentIsHTML ) {
-			return context.getElementsByClassName( className );
+		if ( !seed && parts.length > 1 && context.nodeType === 9 && !contextXML &&
+				Expr.match.ID.test(parts[0]) && !Expr.match.ID.test(parts[parts.length - 1]) ) {
+			var ret = Sizzle.find( parts.shift(), context, contextXML );
+			context = ret.expr ? Sizzle.filter( ret.expr, ret.set )[0] : ret.set[0];
 		}
-	};
-
-	/* QSA/matchesSelector
-	---------------------------------------------------------------------- */
-
-
-	rbuggyMatches = [];
-
-	rbuggyQSA = [];
-
-	if ( (support.qsa = rnative.test( doc.querySelectorAll )) ) {
-		assert(function( div ) {
-			div.innerHTML = "<select t=''><option selected=''></option></select>";
-
-			if ( div.querySelectorAll("[t^='']").length ) {
-				rbuggyQSA.push( "[*^$]=" + whitespace + "*(?:''|\"\")" );
-			}
-
-			if ( !div.querySelectorAll("[selected]").length ) {
-				rbuggyQSA.push( "\\[" + whitespace + "*(?:value|" + booleans + ")" );
-			}
-
-			if ( !div.querySelectorAll(":checked").length ) {
-				rbuggyQSA.push(":checked");
-			}
-		});
-
-		assert(function( div ) {
-			var input = doc.createElement("input");
-			input.setAttribute( "type", "hidden" );
-			div.appendChild( input ).setAttribute( "name", "D" );
 
-			if ( div.querySelectorAll("[name=d]").length ) {
-				rbuggyQSA.push( "name" + whitespace + "*[*^$|!~]?=" );
-			}
+		if ( context ) {
+			var ret = seed ?
+				{ expr: parts.pop(), set: makeArray(seed) } :
+				Sizzle.find( parts.pop(), parts.length === 1 && (parts[0] === "~" || parts[0] === "+") && context.parentNode ? context.parentNode : context, contextXML );
+			set = ret.expr ? Sizzle.filter( ret.expr, ret.set ) : ret.set;
 
-			if ( !div.querySelectorAll(":enabled").length ) {
-				rbuggyQSA.push( ":enabled", ":disabled" );
+			if ( parts.length > 0 ) {
+				checkSet = makeArray(set);
+			} else {
+				prune = false;
 			}
 
-			div.querySelectorAll("*,:x");
-			rbuggyQSA.push(",.*:");
-		});
-	}
-
-	if ( (support.matchesSelector = rnative.test( (matches = docElem.webkitMatchesSelector ||
-		docElem.mozMatchesSelector ||
-		docElem.oMatchesSelector ||
-		docElem.msMatchesSelector) )) ) {
-
-		assert(function( div ) {
-			support.disconnectedMatch = matches.call( div, "div" );
-
-			matches.call( div, "[s!='']:x" );
-			rbuggyMatches.push( "!=", pseudos );
-		});
-	}
+			while ( parts.length ) {
+				var cur = parts.pop(), pop = cur;
 
-	rbuggyQSA = rbuggyQSA.length && new RegExp( rbuggyQSA.join("|") );
-	rbuggyMatches = rbuggyMatches.length && new RegExp( rbuggyMatches.join("|") );
-
-	/* Contains
-	---------------------------------------------------------------------- */
-	hasCompare = rnative.test( docElem.compareDocumentPosition );
-
-	contains = hasCompare || rnative.test( docElem.contains ) ?
-		function( a, b ) {
-			var adown = a.nodeType === 9 ? a.documentElement : a,
-				bup = b && b.parentNode;
-			return a === bup || !!( bup && bup.nodeType === 1 && (
-				adown.contains ?
-					adown.contains( bup ) :
-					a.compareDocumentPosition && a.compareDocumentPosition( bup ) & 16
-			));
-		} :
-		function( a, b ) {
-			if ( b ) {
-				while ( (b = b.parentNode) ) {
-					if ( b === a ) {
-						return true;
-					}
+				if ( !Expr.relative[ cur ] ) {
+					cur = "";
+				} else {
+					pop = parts.pop();
 				}
-			}
-			return false;
-		};
-
-	/* Sorting
-	---------------------------------------------------------------------- */
-
-	sortOrder = hasCompare ?
-	function( a, b ) {
-
-		if ( a === b ) {
-			hasDuplicate = true;
-			return 0;
-		}
-
-		var compare = !a.compareDocumentPosition - !b.compareDocumentPosition;
-		if ( compare ) {
-			return compare;
-		}
-
-		compare = ( a.ownerDocument || a ) === ( b.ownerDocument || b ) ?
-			a.compareDocumentPosition( b ) :
 
-			1;
-
-		if ( compare & 1 ||
-			(!support.sortDetached && b.compareDocumentPosition( a ) === compare) ) {
+				if ( pop == null ) {
+					pop = context;
+				}
 
-			if ( a === doc || a.ownerDocument === preferredDoc && contains(preferredDoc, a) ) {
-				return -1;
+				Expr.relative[ cur ]( checkSet, pop, contextXML );
 			}
-			if ( b === doc || b.ownerDocument === preferredDoc && contains(preferredDoc, b) ) {
-				return 1;
-			}
-
-			return sortInput ?
-				( indexOf.call( sortInput, a ) - indexOf.call( sortInput, b ) ) :
-				0;
-		}
-
-		return compare & 4 ? -1 : 1;
-	} :
-	function( a, b ) {
-		if ( a === b ) {
-			hasDuplicate = true;
-			return 0;
-		}
-
-		var cur,
-			i = 0,
-			aup = a.parentNode,
-			bup = b.parentNode,
-			ap = [ a ],
-			bp = [ b ];
-
-		if ( !aup || !bup ) {
-			return a === doc ? -1 :
-				b === doc ? 1 :
-				aup ? -1 :
-				bup ? 1 :
-				sortInput ?
-				( indexOf.call( sortInput, a ) - indexOf.call( sortInput, b ) ) :
-				0;
-
-		} else if ( aup === bup ) {
-			return siblingCheck( a, b );
-		}
-
-		cur = a;
-		while ( (cur = cur.parentNode) ) {
-			ap.unshift( cur );
-		}
-		cur = b;
-		while ( (cur = cur.parentNode) ) {
-			bp.unshift( cur );
-		}
-
-		while ( ap[i] === bp[i] ) {
-			i++;
+		} else {
+			checkSet = parts = [];
 		}
-
-		return i ?
-			siblingCheck( ap[i], bp[i] ) :
-
-			ap[i] === preferredDoc ? -1 :
-			bp[i] === preferredDoc ? 1 :
-			0;
-	};
-
-	return doc;
-};
-
-Sizzle.matches = function( expr, elements ) {
-	return Sizzle( expr, null, null, elements );
-};
-
-Sizzle.matchesSelector = function( elem, expr ) {
-	if ( ( elem.ownerDocument || elem ) !== document ) {
-		setDocument( elem );
-	}
-
-	expr = expr.replace( rattributeQuotes, "='$1']" );
-
-	if ( support.matchesSelector && documentIsHTML &&
-		( !rbuggyMatches || !rbuggyMatches.test( expr ) ) &&
-		( !rbuggyQSA     || !rbuggyQSA.test( expr ) ) ) {
-
-		try {
-			var ret = matches.call( elem, expr );
-
-			if ( ret || support.disconnectedMatch ||
-					elem.document && elem.document.nodeType !== 11 ) {
-				return ret;
-			}
-		} catch(e) {}
-	}
-
-	return Sizzle( expr, document, null, [elem] ).length > 0;
-};
-
-Sizzle.contains = function( context, elem ) {
-	if ( ( context.ownerDocument || context ) !== document ) {
-		setDocument( context );
 	}
-	return contains( context, elem );
-};
 
-Sizzle.attr = function( elem, name ) {
-	if ( ( elem.ownerDocument || elem ) !== document ) {
-		setDocument( elem );
+	if ( !checkSet ) {
+		checkSet = set;
 	}
 
-	var fn = Expr.attrHandle[ name.toLowerCase() ],
-		val = fn && hasOwn.call( Expr.attrHandle, name.toLowerCase() ) ?
-			fn( elem, name, !documentIsHTML ) :
-			undefined;
-
-	return val !== undefined ?
-		val :
-		support.attributes || !documentIsHTML ?
-			elem.getAttribute( name ) :
-			(val = elem.getAttributeNode(name)) && val.specified ?
-				val.value :
-				null;
-};
-
-Sizzle.error = function( msg ) {
-	throw new Error( "Syntax error, unrecognized expression: " + msg );
-};
-
-/**
- * Document sorting and removing duplicates
- * @param {ArrayLike} results
- */
-Sizzle.uniqueSort = function( results ) {
-	var elem,
-		duplicates = [],
-		j = 0,
-		i = 0;
-
-	hasDuplicate = !support.detectDuplicates;
-	sortInput = !support.sortStable && results.slice( 0 );
-	results.sort( sortOrder );
-
-	if ( hasDuplicate ) {
-		while ( (elem = results[i++]) ) {
-			if ( elem === results[ i ] ) {
-				j = duplicates.push( i );
-			}
-		}
-		while ( j-- ) {
-			results.splice( duplicates[ j ], 1 );
-		}
+	if ( !checkSet ) {
+		throw "Syntax error, unrecognized expression: " + (cur || selector);
 	}
 
-	sortInput = null;
-
-	return results;
-};
-
-/**
- * Utility function for retrieving the text value of an array of DOM nodes
- * @param {Array|Element} elem
- */
-getText = Sizzle.getText = function( elem ) {
-	var node,
-		ret = "",
-		i = 0,
-		nodeType = elem.nodeType;
-
-	if ( !nodeType ) {
-		while ( (node = elem[i++]) ) {
-			ret += getText( node );
-		}
-	} else if ( nodeType === 1 || nodeType === 9 || nodeType === 11 ) {
-		if ( typeof elem.textContent === "string" ) {
-			return elem.textContent;
-		} else {
-			for ( elem = elem.firstChild; elem; elem = elem.nextSibling ) {
-				ret += getText( elem );
-			}
-		}
-	} else if ( nodeType === 3 || nodeType === 4 ) {
-		return elem.nodeValue;
-	}
-
-	return ret;
-};
-
-Expr = Sizzle.selectors = {
-
-	cacheLength: 50,
-
-	createPseudo: markFunction,
-
-	match: matchExpr,
-
-	attrHandle: {},
-
-	find: {},
-
-	relative: {
-		">": { dir: "parentNode", first: true },
-		" ": { dir: "parentNode" },
-		"+": { dir: "previousSibling", first: true },
-		"~": { dir: "previousSibling" }
-	},
-
-	preFilter: {
-		"ATTR": function( match ) {
-			match[1] = match[1].replace( runescape, funescape );
-
-			match[3] = ( match[4] || match[5] || "" ).replace( runescape, funescape );
-
-			if ( match[2] === "~=" ) {
-				match[3] = " " + match[3] + " ";
-			}
-
-			return match.slice( 0, 4 );
-		},
-
-		"CHILD": function( match ) {
-			/* matches from matchExpr["CHILD"]
-				1 type (only|nth|...)
-				2 what (child|of-type)
-				3 argument (even|odd|\d*|\d*n([+-]\d+)?|...)
-				4 xn-component of xn+y argument ([+-]?\d*n|)
-				5 sign of xn-component
-				6 x of xn-component
-				7 sign of y-component
-				8 y of y-component
-			*/
-			match[1] = match[1].toLowerCase();
-
-			if ( match[1].slice( 0, 3 ) === "nth" ) {
-				if ( !match[3] ) {
-					Sizzle.error( match[0] );
-				}
-
-				match[4] = +( match[4] ? match[5] + (match[6] || 1) : 2 * ( match[3] === "even" || match[3] === "odd" ) );
-				match[5] = +( ( match[7] + match[8] ) || match[3] === "odd" );
-
-			} else if ( match[3] ) {
-				Sizzle.error( match[0] );
-			}
-
-			return match;
-		},
-
-		"PSEUDO": function( match ) {
-			var excess,
-				unquoted = !match[5] && match[2];
-
-			if ( matchExpr["CHILD"].test( match[0] ) ) {
-				return null;
+	if ( toString.call(checkSet) === "[object Array]" ) {
+		if ( !prune ) {
+			results.push.apply( results, checkSet );
+		} else if ( context && context.nodeType === 1 ) {
+			for ( var i = 0; checkSet[i] != null; i++ ) {
+				if ( checkSet[i] && (checkSet[i] === true || checkSet[i].nodeType === 1 && contains(context, checkSet[i])) ) {
+					results.push( set[i] );
+				}
+			}
+		} else {
+			for ( var i = 0; checkSet[i] != null; i++ ) {
+				if ( checkSet[i] && checkSet[i].nodeType === 1 ) {
+					results.push( set[i] );
+				}
 			}
+		}
+	} else {
+		makeArray( checkSet, results );
+	}
+
+	if ( extra ) {
+		Sizzle( extra, origContext, results, seed );
+		Sizzle.uniqueSort( results );
+	}
 
-			if ( match[3] && match[4] !== undefined ) {
-				match[2] = match[4];
+	return results;
+};
 
-			} else if ( unquoted && rpseudo.test( unquoted ) &&
-				(excess = tokenize( unquoted, true )) &&
-				(excess = unquoted.indexOf( ")", unquoted.length - excess ) - unquoted.length) ) {
+Sizzle.uniqueSort = function(results){
+	if ( sortOrder ) {
+		hasDuplicate = baseHasDuplicate;
+		results.sort(sortOrder);
 
-				match[0] = match[0].slice( 0, excess );
-				match[2] = unquoted.slice( 0, excess );
+		if ( hasDuplicate ) {
+			for ( var i = 1; i < results.length; i++ ) {
+				if ( results[i] === results[i-1] ) {
+					results.splice(i--, 1);
+				}
 			}
-
-			return match.slice( 0, 3 );
 		}
-	},
-
-	filter: {
-
-		"TAG": function( nodeNameSelector ) {
-			var nodeName = nodeNameSelector.replace( runescape, funescape ).toLowerCase();
-			return nodeNameSelector === "*" ?
-				function() { return true; } :
-				function( elem ) {
-					return elem.nodeName && elem.nodeName.toLowerCase() === nodeName;
-				};
-		},
+	}
 
-		"CLASS": function( className ) {
-			var pattern = classCache[ className + " " ];
+	return results;
+};
 
-			return pattern ||
-				(pattern = new RegExp( "(^|" + whitespace + ")" + className + "(" + whitespace + "|$)" )) &&
-				classCache( className, function( elem ) {
-					return pattern.test( typeof elem.className === "string" && elem.className || typeof elem.getAttribute !== strundefined && elem.getAttribute("class") || "" );
-				});
-		},
+Sizzle.matches = function(expr, set){
+	return Sizzle(expr, null, null, set);
+};
 
-		"ATTR": function( name, operator, check ) {
-			return function( elem ) {
-				var result = Sizzle.attr( elem, name );
+Sizzle.find = function(expr, context, isXML){
+	var set, match;
 
-				if ( result == null ) {
-					return operator === "!=";
-				}
-				if ( !operator ) {
-					return true;
-				}
+	if ( !expr ) {
+		return [];
+	}
 
-				result += "";
-
-				return operator === "=" ? result === check :
-					operator === "!=" ? result !== check :
-					operator === "^=" ? check && result.indexOf( check ) === 0 :
-					operator === "*=" ? check && result.indexOf( check ) > -1 :
-					operator === "$=" ? check && result.slice( -check.length ) === check :
-					operator === "~=" ? ( " " + result + " " ).indexOf( check ) > -1 :
-					operator === "|=" ? result === check || result.slice( 0, check.length + 1 ) === check + "-" :
-					false;
-			};
-		},
+	for ( var i = 0, l = Expr.order.length; i < l; i++ ) {
+		var type = Expr.order[i], match;
 
-		"CHILD": function( type, what, argument, first, last ) {
-			var simple = type.slice( 0, 3 ) !== "nth",
-				forward = type.slice( -4 ) !== "last",
-				ofType = what === "of-type";
-
-			return first === 1 && last === 0 ?
-
-				function( elem ) {
-					return !!elem.parentNode;
-				} :
-
-				function( elem, context, xml ) {
-					var cache, outerCache, node, diff, nodeIndex, start,
-						dir = simple !== forward ? "nextSibling" : "previousSibling",
-						parent = elem.parentNode,
-						name = ofType && elem.nodeName.toLowerCase(),
-						useCache = !xml && !ofType;
-
-					if ( parent ) {
-
-						if ( simple ) {
-							while ( dir ) {
-								node = elem;
-								while ( (node = node[ dir ]) ) {
-									if ( ofType ? node.nodeName.toLowerCase() === name : node.nodeType === 1 ) {
-										return false;
-									}
-								}
-								start = dir = type === "only" && !start && "nextSibling";
-							}
-							return true;
-						}
+		if ( (match = Expr.leftMatch[ type ].exec( expr )) ) {
+			var left = match[1];
+			match.splice(1,1);
 
-						start = [ forward ? parent.firstChild : parent.lastChild ];
+			if ( left.substr( left.length - 1 ) !== "\\" ) {
+				match[1] = (match[1] || "").replace(/\\/g, "");
+				set = Expr.find[ type ]( match, context, isXML );
+				if ( set != null ) {
+					expr = expr.replace( Expr.match[ type ], "" );
+					break;
+				}
+			}
+		}
+	}
 
-						if ( forward && useCache ) {
-							outerCache = parent[ expando ] || (parent[ expando ] = {});
-							cache = outerCache[ type ] || [];
-							nodeIndex = cache[0] === dirruns && cache[1];
-							diff = cache[0] === dirruns && cache[2];
-							node = nodeIndex && parent.childNodes[ nodeIndex ];
+	if ( !set ) {
+		set = context.getElementsByTagName("*");
+	}
 
-							while ( (node = ++nodeIndex && node && node[ dir ] ||
+	return {set: set, expr: expr};
+};
 
-								(diff = nodeIndex = 0) || start.pop()) ) {
+Sizzle.filter = function(expr, set, inplace, not){
+	var old = expr, result = [], curLoop = set, match, anyFound,
+		isXMLFilter = set && set[0] && isXML(set[0]);
 
-								if ( node.nodeType === 1 && ++diff && node === elem ) {
-									outerCache[ type ] = [ dirruns, nodeIndex, diff ];
-									break;
-								}
-							}
+	while ( expr && set.length ) {
+		for ( var type in Expr.filter ) {
+			if ( (match = Expr.match[ type ].exec( expr )) != null ) {
+				var filter = Expr.filter[ type ], found, item;
+				anyFound = false;
 
-						} else if ( useCache && (cache = (elem[ expando ] || (elem[ expando ] = {}))[ type ]) && cache[0] === dirruns ) {
-							diff = cache[1];
+				if ( curLoop == result ) {
+					result = [];
+				}
 
-						} else {
-							while ( (node = ++nodeIndex && node && node[ dir ] ||
-								(diff = nodeIndex = 0) || start.pop()) ) {
+				if ( Expr.preFilter[ type ] ) {
+					match = Expr.preFilter[ type ]( match, curLoop, inplace, result, not, isXMLFilter );
 
-								if ( ( ofType ? node.nodeName.toLowerCase() === name : node.nodeType === 1 ) && ++diff ) {
-									if ( useCache ) {
-										(node[ expando ] || (node[ expando ] = {}))[ type ] = [ dirruns, diff ];
-									}
+					if ( !match ) {
+						anyFound = found = true;
+					} else if ( match === true ) {
+						continue;
+					}
+				}
 
-									if ( node === elem ) {
-										break;
-									}
+				if ( match ) {
+					for ( var i = 0; (item = curLoop[i]) != null; i++ ) {
+						if ( item ) {
+							found = filter( item, match, i, curLoop );
+							var pass = not ^ !!found;
+
+							if ( inplace && found != null ) {
+								if ( pass ) {
+									anyFound = true;
+								} else {
+									curLoop[i] = false;
 								}
+							} else if ( pass ) {
+								result.push( item );
+								anyFound = true;
 							}
 						}
+					}
+				}
 
-						diff -= last;
-						return diff === first || ( diff % first === 0 && diff / first >= 0 );
+				if ( found !== undefined ) {
+					if ( !inplace ) {
+						curLoop = result;
 					}
-				};
-		},
 
-		"PSEUDO": function( pseudo, argument ) {
-			var args,
-				fn = Expr.pseudos[ pseudo ] || Expr.setFilters[ pseudo.toLowerCase() ] ||
-					Sizzle.error( "unsupported pseudo: " + pseudo );
+					expr = expr.replace( Expr.match[ type ], "" );
 
-			if ( fn[ expando ] ) {
-				return fn( argument );
-			}
+					if ( !anyFound ) {
+						return [];
+					}
 
-			if ( fn.length > 1 ) {
-				args = [ pseudo, pseudo, "", argument ];
-				return Expr.setFilters.hasOwnProperty( pseudo.toLowerCase() ) ?
-					markFunction(function( seed, matches ) {
-						var idx,
-							matched = fn( seed, argument ),
-							i = matched.length;
-						while ( i-- ) {
-							idx = indexOf.call( seed, matched[i] );
-							seed[ idx ] = !( matches[ idx ] = matched[i] );
-						}
-					}) :
-					function( elem ) {
-						return fn( elem, 0, args );
-					};
+					break;
+				}
 			}
-
-			return fn;
 		}
-	},
 
-	pseudos: {
-		"not": markFunction(function( selector ) {
-			var input = [],
-				results = [],
-				matcher = compile( selector.replace( rtrim, "$1" ) );
-
-			return matcher[ expando ] ?
-				markFunction(function( seed, matches, context, xml ) {
-					var elem,
-						unmatched = matcher( seed, null, xml, [] ),
-						i = seed.length;
-
-					while ( i-- ) {
-						if ( (elem = unmatched[i]) ) {
-							seed[i] = !(matches[i] = elem);
-						}
-					}
-				}) :
-				function( elem, context, xml ) {
-					input[0] = elem;
-					matcher( input, null, xml, results );
-					return !results.pop();
-				};
-		}),
-
-		"has": markFunction(function( selector ) {
-			return function( elem ) {
-				return Sizzle( selector, elem ).length > 0;
-			};
-		}),
-
-		"contains": markFunction(function( text ) {
-			return function( elem ) {
-				return ( elem.textContent || elem.innerText || getText( elem ) ).indexOf( text ) > -1;
-			};
-		}),
-
-		"lang": markFunction( function( lang ) {
-			if ( !ridentifier.test(lang || "") ) {
-				Sizzle.error( "unsupported lang: " + lang );
+		if ( expr == old ) {
+			if ( anyFound == null ) {
+				throw "Syntax error, unrecognized expression: " + expr;
+			} else {
+				break;
 			}
-			lang = lang.replace( runescape, funescape ).toLowerCase();
-			return function( elem ) {
-				var elemLang;
-				do {
-					if ( (elemLang = documentIsHTML ?
-						elem.lang :
-						elem.getAttribute("xml:lang") || elem.getAttribute("lang")) ) {
-
-						elemLang = elemLang.toLowerCase();
-						return elemLang === lang || elemLang.indexOf( lang + "-" ) === 0;
-					}
-				} while ( (elem = elem.parentNode) && elem.nodeType === 1 );
-				return false;
-			};
-		}),
-
-		"target": function( elem ) {
-			var hash = window.location && window.location.hash;
-			return hash && hash.slice( 1 ) === elem.id;
-		},
-
-		"root": function( elem ) {
-			return elem === docElem;
-		},
-
-		"focus": function( elem ) {
-			return elem === document.activeElement && (!document.hasFocus || document.hasFocus()) && !!(elem.type || elem.href || ~elem.tabIndex);
-		},
+		}
 
-		"enabled": function( elem ) {
-			return elem.disabled === false;
-		},
+		old = expr;
+	}
 
-		"disabled": function( elem ) {
-			return elem.disabled === true;
-		},
+	return curLoop;
+};
 
-		"checked": function( elem ) {
-			var nodeName = elem.nodeName.toLowerCase();
-			return (nodeName === "input" && !!elem.checked) || (nodeName === "option" && !!elem.selected);
-		},
+var Expr = Sizzle.selectors = {
+	order: [ "ID", "NAME", "TAG" ],
+	match: {
+		ID: /#((?:[\w\u00c0-\uFFFF-]|\\.)+)/,
+		CLASS: /\.((?:[\w\u00c0-\uFFFF-]|\\.)+)/,
+		NAME: /\[name=['"]*((?:[\w\u00c0-\uFFFF-]|\\.)+)['"]*\]/,
+		ATTR: /\[\s*((?:[\w\u00c0-\uFFFF-]|\\.)+)\s*(?:(\S?=)\s*(['"]*)(.*?)\3|)\s*\]/,
+		TAG: /^((?:[\w\u00c0-\uFFFF\*-]|\\.)+)/,
+		CHILD: /:(only|nth|last|first)-child(?:\((even|odd|[\dn+-]*)\))?/,
+		POS: /:(nth|eq|gt|lt|first|last|even|odd)(?:\((\d*)\))?(?=[^-]|$)/,
+		PSEUDO: /:((?:[\w\u00c0-\uFFFF-]|\\.)+)(?:\((['"]*)((?:\([^\)]+\)|[^\2\(\)]*)+)\2\))?/
+	},
+	leftMatch: {},
+	attrMap: {
+		"class": "className",
+		"for": "htmlFor"
+	},
+	attrHandle: {
+		href: function(elem){
+			return elem.getAttribute("href");
+		}
+	},
+	relative: {
+		"+": function(checkSet, part, isXML){
+			var isPartStr = typeof part === "string",
+				isTag = isPartStr && !/\W/.test(part),
+				isPartStrNotTag = isPartStr && !isTag;
 
-		"selected": function( elem ) {
-			if ( elem.parentNode ) {
-				elem.parentNode.selectedIndex;
+			if ( isTag && !isXML ) {
+				part = part.toUpperCase();
 			}
 
-			return elem.selected === true;
-		},
+			for ( var i = 0, l = checkSet.length, elem; i < l; i++ ) {
+				if ( (elem = checkSet[i]) ) {
+					while ( (elem = elem.previousSibling) && elem.nodeType !== 1 ) {}
 
-		"empty": function( elem ) {
-			for ( elem = elem.firstChild; elem; elem = elem.nextSibling ) {
-				if ( elem.nodeType < 6 ) {
-					return false;
+					checkSet[i] = isPartStrNotTag || elem && elem.nodeName === part ?
+						elem || false :
+						elem === part;
 				}
 			}
-			return true;
-		},
 
-		"parent": function( elem ) {
-			return !Expr.pseudos["empty"]( elem );
+			if ( isPartStrNotTag ) {
+				Sizzle.filter( part, checkSet, true );
+			}
 		},
+		">": function(checkSet, part, isXML){
+			var isPartStr = typeof part === "string";
 
-		"header": function( elem ) {
-			return rheader.test( elem.nodeName );
-		},
+			if ( isPartStr && !/\W/.test(part) ) {
+				part = isXML ? part : part.toUpperCase();
 
-		"input": function( elem ) {
-			return rinputs.test( elem.nodeName );
-		},
+				for ( var i = 0, l = checkSet.length; i < l; i++ ) {
+					var elem = checkSet[i];
+					if ( elem ) {
+						var parent = elem.parentNode;
+						checkSet[i] = parent.nodeName === part ? parent : false;
+					}
+				}
+			} else {
+				for ( var i = 0, l = checkSet.length; i < l; i++ ) {
+					var elem = checkSet[i];
+					if ( elem ) {
+						checkSet[i] = isPartStr ?
+							elem.parentNode :
+							elem.parentNode === part;
+					}
+				}
 
-		"button": function( elem ) {
-			var name = elem.nodeName.toLowerCase();
-			return name === "input" && elem.type === "button" || name === "button";
+				if ( isPartStr ) {
+					Sizzle.filter( part, checkSet, true );
+				}
+			}
 		},
+		"": function(checkSet, part, isXML){
+			var doneName = done++, checkFn = dirCheck;
 
-		"text": function( elem ) {
-			var attr;
-			return elem.nodeName.toLowerCase() === "input" &&
-				elem.type === "text" &&
+			if ( !/\W/.test(part) ) {
+				var nodeCheck = part = isXML ? part : part.toUpperCase();
+				checkFn = dirNodeCheck;
+			}
 
-				( (attr = elem.getAttribute("type")) == null || attr.toLowerCase() === "text" );
+			checkFn("parentNode", part, doneName, checkSet, nodeCheck, isXML);
 		},
+		"~": function(checkSet, part, isXML){
+			var doneName = done++, checkFn = dirCheck;
 
-		"first": createPositionalPseudo(function() {
-			return [ 0 ];
-		}),
+			if ( typeof part === "string" && !/\W/.test(part) ) {
+				var nodeCheck = part = isXML ? part : part.toUpperCase();
+				checkFn = dirNodeCheck;
+			}
 
-		"last": createPositionalPseudo(function( matchIndexes, length ) {
-			return [ length - 1 ];
-		}),
+			checkFn("previousSibling", part, doneName, checkSet, nodeCheck, isXML);
+		}
+	},
+	find: {
+		ID: function(match, context, isXML){
+			if ( typeof context.getElementById !== "undefined" && !isXML ) {
+				var m = context.getElementById(match[1]);
+				return m ? [m] : [];
+			}
+		},
+		NAME: function(match, context, isXML){
+			if ( typeof context.getElementsByName !== "undefined" ) {
+				var ret = [], results = context.getElementsByName(match[1]);
 
-		"eq": createPositionalPseudo(function( matchIndexes, length, argument ) {
-			return [ argument < 0 ? argument + length : argument ];
-		}),
+				for ( var i = 0, l = results.length; i < l; i++ ) {
+					if ( results[i].getAttribute("name") === match[1] ) {
+						ret.push( results[i] );
+					}
+				}
 
-		"even": createPositionalPseudo(function( matchIndexes, length ) {
-			var i = 0;
-			for ( ; i < length; i += 2 ) {
-				matchIndexes.push( i );
+				return ret.length === 0 ? null : ret;
 			}
-			return matchIndexes;
-		}),
+		},
+		TAG: function(match, context){
+			return context.getElementsByTagName(match[1]);
+		}
+	},
+	preFilter: {
+		CLASS: function(match, curLoop, inplace, result, not, isXML){
+			match = " " + match[1].replace(/\\/g, "") + " ";
 
-		"odd": createPositionalPseudo(function( matchIndexes, length ) {
-			var i = 1;
-			for ( ; i < length; i += 2 ) {
-				matchIndexes.push( i );
+			if ( isXML ) {
+				return match;
 			}
-			return matchIndexes;
-		}),
 
-		"lt": createPositionalPseudo(function( matchIndexes, length, argument ) {
-			var i = argument < 0 ? argument + length : argument;
-			for ( ; --i >= 0; ) {
-				matchIndexes.push( i );
+			for ( var i = 0, elem; (elem = curLoop[i]) != null; i++ ) {
+				if ( elem ) {
+					if ( not ^ (elem.className && (" " + elem.className + " ").indexOf(match) >= 0) ) {
+						if ( !inplace )
+							result.push( elem );
+					} else if ( inplace ) {
+						curLoop[i] = false;
+					}
+				}
 			}
-			return matchIndexes;
-		}),
 
-		"gt": createPositionalPseudo(function( matchIndexes, length, argument ) {
-			var i = argument < 0 ? argument + length : argument;
-			for ( ; ++i < length; ) {
-				matchIndexes.push( i );
+			return false;
+		},
+		ID: function(match){
+			return match[1].replace(/\\/g, "");
+		},
+		TAG: function(match, curLoop){
+			for ( var i = 0; curLoop[i] === false; i++ ){}
+			return curLoop[i] && isXML(curLoop[i]) ? match[1] : match[1].toUpperCase();
+		},
+		CHILD: function(match){
+			if ( match[1] == "nth" ) {
+				var test = /(-?)(\d*)n((?:\+|-)?\d*)/.exec(
+					match[2] == "even" && "2n" || match[2] == "odd" && "2n+1" ||
+					!/\D/.test( match[2] ) && "0n+" + match[2] || match[2]);
+
+				match[2] = (test[1] + (test[2] || 1)) - 0;
+				match[3] = test[3] - 0;
 			}
-			return matchIndexes;
-		})
-	}
-};
-
-Expr.pseudos["nth"] = Expr.pseudos["eq"];
-
-for ( i in { radio: true, checkbox: true, file: true, password: true, image: true } ) {
-	Expr.pseudos[ i ] = createInputPseudo( i );
-}
-for ( i in { submit: true, reset: true } ) {
-	Expr.pseudos[ i ] = createButtonPseudo( i );
-}
-
-function setFilters() {}
-setFilters.prototype = Expr.filters = Expr.pseudos;
-Expr.setFilters = new setFilters();
-
-function tokenize( selector, parseOnly ) {
-	var matched, match, tokens, type,
-		soFar, groups, preFilters,
-		cached = tokenCache[ selector + " " ];
 
-	if ( cached ) {
-		return parseOnly ? 0 : cached.slice( 0 );
-	}
+			match[0] = done++;
 
-	soFar = selector;
-	groups = [];
-	preFilters = Expr.preFilter;
+			return match;
+		},
+		ATTR: function(match, curLoop, inplace, result, not, isXML){
+			var name = match[1].replace(/\\/g, "");
 
-	while ( soFar ) {
+			if ( !isXML && Expr.attrMap[name] ) {
+				match[1] = Expr.attrMap[name];
+			}
 
-		if ( !matched || (match = rcomma.exec( soFar )) ) {
-			if ( match ) {
-				soFar = soFar.slice( match[0].length ) || soFar;
+			if ( match[2] === "~=" ) {
+				match[4] = " " + match[4] + " ";
 			}
-			groups.push( (tokens = []) );
-		}
 
-		matched = false;
+			return match;
+		},
+		PSEUDO: function(match, curLoop, inplace, result, not){
+			if ( match[1] === "not" ) {
+				if ( ( chunker.exec(match[3]) || "" ).length > 1 || /^\w/.test(match[3]) ) {
+					match[3] = Sizzle(match[3], null, null, curLoop);
+				} else {
+					var ret = Sizzle.filter(match[3], curLoop, inplace, true ^ not);
+					if ( !inplace ) {
+						result.push.apply( result, ret );
+					}
+					return false;
+				}
+			} else if ( Expr.match.POS.test( match[0] ) || Expr.match.CHILD.test( match[0] ) ) {
+				return true;
+			}
 
-		if ( (match = rcombinators.exec( soFar )) ) {
-			matched = match.shift();
-			tokens.push({
-				value: matched,
-				type: match[0].replace( rtrim, " " )
-			});
-			soFar = soFar.slice( matched.length );
+			return match;
+		},
+		POS: function(match){
+			match.unshift( true );
+			return match;
 		}
-
-		for ( type in Expr.filter ) {
-			if ( (match = matchExpr[ type ].exec( soFar )) && (!preFilters[ type ] ||
-				(match = preFilters[ type ]( match ))) ) {
-				matched = match.shift();
-				tokens.push({
-					value: matched,
-					type: type,
-					matches: match
-				});
-				soFar = soFar.slice( matched.length );
-			}
+	},
+	filters: {
+		enabled: function(elem){
+			return elem.disabled === false && elem.type !== "hidden";
+		},
+		disabled: function(elem){
+			return elem.disabled === true;
+		},
+		checked: function(elem){
+			return elem.checked === true;
+		},
+		selected: function(elem){
+			elem.parentNode.selectedIndex;
+			return elem.selected === true;
+		},
+		parent: function(elem){
+			return !!elem.firstChild;
+		},
+		empty: function(elem){
+			return !elem.firstChild;
+		},
+		has: function(elem, i, match){
+			return !!Sizzle( match[3], elem ).length;
+		},
+		header: function(elem){
+			return /h\d/i.test( elem.nodeName );
+		},
+		text: function(elem){
+			return "text" === elem.type;
+		},
+		radio: function(elem){
+			return "radio" === elem.type;
+		},
+		checkbox: function(elem){
+			return "checkbox" === elem.type;
+		},
+		file: function(elem){
+			return "file" === elem.type;
+		},
+		password: function(elem){
+			return "password" === elem.type;
+		},
+		submit: function(elem){
+			return "submit" === elem.type;
+		},
+		image: function(elem){
+			return "image" === elem.type;
+		},
+		reset: function(elem){
+			return "reset" === elem.type;
+		},
+		button: function(elem){
+			return "button" === elem.type || elem.nodeName.toUpperCase() === "BUTTON";
+		},
+		input: function(elem){
+			return /input|select|textarea|button/i.test(elem.nodeName);
 		}
-
-		if ( !matched ) {
-			break;
+	},
+	setFilters: {
+		first: function(elem, i){
+			return i === 0;
+		},
+		last: function(elem, i, match, array){
+			return i === array.length - 1;
+		},
+		even: function(elem, i){
+			return i % 2 === 0;
+		},
+		odd: function(elem, i){
+			return i % 2 === 1;
+		},
+		lt: function(elem, i, match){
+			return i < match[3] - 0;
+		},
+		gt: function(elem, i, match){
+			return i > match[3] - 0;
+		},
+		nth: function(elem, i, match){
+			return match[3] - 0 == i;
+		},
+		eq: function(elem, i, match){
+			return match[3] - 0 == i;
 		}
-	}
-
-	return parseOnly ?
-		soFar.length :
-		soFar ?
-			Sizzle.error( selector ) :
-			tokenCache( selector, groups ).slice( 0 );
-}
-
-function toSelector( tokens ) {
-	var i = 0,
-		len = tokens.length,
-		selector = "";
-	for ( ; i < len; i++ ) {
-		selector += tokens[i].value;
-	}
-	return selector;
-}
-
-function addCombinator( matcher, combinator, base ) {
-	var dir = combinator.dir,
-		checkNonElements = base && dir === "parentNode",
-		doneName = done++;
-
-	return combinator.first ?
-		function( elem, context, xml ) {
-			while ( (elem = elem[ dir ]) ) {
-				if ( elem.nodeType === 1 || checkNonElements ) {
-					return matcher( elem, context, xml );
+	},
+	filter: {
+		PSEUDO: function(elem, match, i, array){
+			var name = match[1], filter = Expr.filters[ name ];
+
+			if ( filter ) {
+				return filter( elem, i, match, array );
+			} else if ( name === "contains" ) {
+				return (elem.textContent || elem.innerText || "").indexOf(match[3]) >= 0;
+			} else if ( name === "not" ) {
+				var not = match[3];
+
+				for ( var i = 0, l = not.length; i < l; i++ ) {
+					if ( not[i] === elem ) {
+						return false;
+					}
 				}
-			}
-		} :
 
-		function( elem, context, xml ) {
-			var oldCache, outerCache,
-				newCache = [ dirruns, doneName ];
+				return true;
+			}
+		},
+		CHILD: function(elem, match){
+			var type = match[1], node = elem;
+			switch (type) {
+				case 'only':
+				case 'first':
+					while ( (node = node.previousSibling) )  {
+						if ( node.nodeType === 1 ) return false;
+					}
+					if ( type == 'first') return true;
+					node = elem;
+				case 'last':
+					while ( (node = node.nextSibling) )  {
+						if ( node.nodeType === 1 ) return false;
+					}
+					return true;
+				case 'nth':
+					var first = match[2], last = match[3];
 
-			if ( xml ) {
-				while ( (elem = elem[ dir ]) ) {
-					if ( elem.nodeType === 1 || checkNonElements ) {
-						if ( matcher( elem, context, xml ) ) {
-							return true;
-						}
+					if ( first == 1 && last == 0 ) {
+						return true;
 					}
-				}
-			} else {
-				while ( (elem = elem[ dir ]) ) {
-					if ( elem.nodeType === 1 || checkNonElements ) {
-						outerCache = elem[ expando ] || (elem[ expando ] = {});
-						if ( (oldCache = outerCache[ dir ]) &&
-							oldCache[ 0 ] === dirruns && oldCache[ 1 ] === doneName ) {
-
-							return (newCache[ 2 ] = oldCache[ 2 ]);
-						} else {
-							outerCache[ dir ] = newCache;
-
-							if ( (newCache[ 2 ] = matcher( elem, context, xml )) ) {
-								return true;
+
+					var doneName = match[0],
+						parent = elem.parentNode;
+
+					if ( parent && (parent.sizcache !== doneName || !elem.nodeIndex) ) {
+						var count = 0;
+						for ( node = parent.firstChild; node; node = node.nextSibling ) {
+							if ( node.nodeType === 1 ) {
+								node.nodeIndex = ++count;
 							}
 						}
+						parent.sizcache = doneName;
 					}
-				}
-			}
-		};
-}
 
-function elementMatcher( matchers ) {
-	return matchers.length > 1 ?
-		function( elem, context, xml ) {
-			var i = matchers.length;
-			while ( i-- ) {
-				if ( !matchers[i]( elem, context, xml ) ) {
-					return false;
-				}
+					var diff = elem.nodeIndex - last;
+					if ( first == 0 ) {
+						return diff == 0;
+					} else {
+						return ( diff % first == 0 && diff / first >= 0 );
+					}
 			}
-			return true;
-		} :
-		matchers[0];
-}
-
-function multipleContexts( selector, contexts, results ) {
-	var i = 0,
-		len = contexts.length;
-	for ( ; i < len; i++ ) {
-		Sizzle( selector, contexts[i], results );
-	}
-	return results;
-}
+		},
+		ID: function(elem, match){
+			return elem.nodeType === 1 && elem.getAttribute("id") === match;
+		},
+		TAG: function(elem, match){
+			return (match === "*" && elem.nodeType === 1) || elem.nodeName === match;
+		},
+		CLASS: function(elem, match){
+			return (" " + (elem.className || elem.getAttribute("class")) + " ")
+				.indexOf( match ) > -1;
+		},
+		ATTR: function(elem, match){
+			var name = match[1],
+				result = Expr.attrHandle[ name ] ?
+					Expr.attrHandle[ name ]( elem ) :
+					elem[ name ] != null ?
+						elem[ name ] :
+						elem.getAttribute( name ),
+				value = result + "",
+				type = match[2],
+				check = match[4];
+
+			return result == null ?
+				type === "!=" :
+				type === "=" ?
+				value === check :
+				type === "*=" ?
+				value.indexOf(check) >= 0 :
+				type === "~=" ?
+				(" " + value + " ").indexOf(check) >= 0 :
+				!check ?
+				value && result !== false :
+				type === "!=" ?
+				value != check :
+				type === "^=" ?
+				value.indexOf(check) === 0 :
+				type === "$=" ?
+				value.substr(value.length - check.length) === check :
+				type === "|=" ?
+				value === check || value.substr(0, check.length + 1) === check + "-" :
+				false;
+		},
+		POS: function(elem, match, i, array){
+			var name = match[2], filter = Expr.setFilters[ name ];
 
-function condense( unmatched, map, filter, context, xml ) {
-	var elem,
-		newUnmatched = [],
-		i = 0,
-		len = unmatched.length,
-		mapped = map != null;
-
-	for ( ; i < len; i++ ) {
-		if ( (elem = unmatched[i]) ) {
-			if ( !filter || filter( elem, context, xml ) ) {
-				newUnmatched.push( elem );
-				if ( mapped ) {
-					map.push( i );
-				}
+			if ( filter ) {
+				return filter( elem, i, match, array );
 			}
 		}
 	}
+};
 
-	return newUnmatched;
-}
-
-function setMatcher( preFilter, selector, matcher, postFilter, postFinder, postSelector ) {
-	if ( postFilter && !postFilter[ expando ] ) {
-		postFilter = setMatcher( postFilter );
-	}
-	if ( postFinder && !postFinder[ expando ] ) {
-		postFinder = setMatcher( postFinder, postSelector );
-	}
-	return markFunction(function( seed, results, context, xml ) {
-		var temp, i, elem,
-			preMap = [],
-			postMap = [],
-			preexisting = results.length,
-
-			elems = seed || multipleContexts( selector || "*", context.nodeType ? [ context ] : context, [] ),
+var origPOS = Expr.match.POS;
 
-			matcherIn = preFilter && ( seed || !selector ) ?
-				condense( elems, preMap, preFilter, context, xml ) :
-				elems,
+for ( var type in Expr.match ) {
+	Expr.match[ type ] = new RegExp( Expr.match[ type ].source + /(?![^\[]*\])(?![^\(]*\))/.source );
+	Expr.leftMatch[ type ] = new RegExp( /(^(?:.|\r|\n)*?)/.source + Expr.match[ type ].source );
+}
 
-			matcherOut = matcher ?
-				postFinder || ( seed ? preFilter : preexisting || postFilter ) ?
+var makeArray = function(array, results) {
+	array = Array.prototype.slice.call( array, 0 );
 
-					[] :
+	if ( results ) {
+		results.push.apply( results, array );
+		return results;
+	}
 
-					results :
-				matcherIn;
+	return array;
+};
 
-		if ( matcher ) {
-			matcher( matcherIn, matcherOut, context, xml );
-		}
+try {
+	Array.prototype.slice.call( document.documentElement.childNodes, 0 );
 
-		if ( postFilter ) {
-			temp = condense( matcherOut, postMap );
-			postFilter( temp, [], context, xml );
+} catch(e){
+	makeArray = function(array, results) {
+		var ret = results || [];
 
-			i = temp.length;
-			while ( i-- ) {
-				if ( (elem = temp[i]) ) {
-					matcherOut[ postMap[i] ] = !(matcherIn[ postMap[i] ] = elem);
+		if ( toString.call(array) === "[object Array]" ) {
+			Array.prototype.push.apply( ret, array );
+		} else {
+			if ( typeof array.length === "number" ) {
+				for ( var i = 0, l = array.length; i < l; i++ ) {
+					ret.push( array[i] );
+				}
+			} else {
+				for ( var i = 0; array[i]; i++ ) {
+					ret.push( array[i] );
 				}
 			}
 		}
 
-		if ( seed ) {
-			if ( postFinder || preFilter ) {
-				if ( postFinder ) {
-					temp = [];
-					i = matcherOut.length;
-					while ( i-- ) {
-						if ( (elem = matcherOut[i]) ) {
-							temp.push( (matcherIn[i] = elem) );
-						}
-					}
-					postFinder( null, (matcherOut = []), temp, xml );
-				}
+		return ret;
+	};
+}
 
-				i = matcherOut.length;
-				while ( i-- ) {
-					if ( (elem = matcherOut[i]) &&
-						(temp = postFinder ? indexOf.call( seed, elem ) : preMap[i]) > -1 ) {
+var sortOrder;
 
-						seed[temp] = !(results[temp] = elem);
-					}
-				}
+if ( document.documentElement.compareDocumentPosition ) {
+	sortOrder = function( a, b ) {
+		if ( !a.compareDocumentPosition || !b.compareDocumentPosition ) {
+			if ( a == b ) {
+				hasDuplicate = true;
 			}
+			return 0;
+		}
 
-		} else {
-			matcherOut = condense(
-				matcherOut === results ?
-					matcherOut.splice( preexisting, matcherOut.length ) :
-					matcherOut
-			);
-			if ( postFinder ) {
-				postFinder( null, results, matcherOut, xml );
-			} else {
-				push.apply( results, matcherOut );
+		var ret = a.compareDocumentPosition(b) & 4 ? -1 : a === b ? 0 : 1;
+		if ( ret === 0 ) {
+			hasDuplicate = true;
+		}
+		return ret;
+	};
+} else if ( "sourceIndex" in document.documentElement ) {
+	sortOrder = function( a, b ) {
+		if ( !a.sourceIndex || !b.sourceIndex ) {
+			if ( a == b ) {
+				hasDuplicate = true;
 			}
+			return 0;
 		}
-	});
-}
-
-function matcherFromTokens( tokens ) {
-	var checkContext, matcher, j,
-		len = tokens.length,
-		leadingRelative = Expr.relative[ tokens[0].type ],
-		implicitRelative = leadingRelative || Expr.relative[" "],
-		i = leadingRelative ? 1 : 0,
-
-		matchContext = addCombinator( function( elem ) {
-			return elem === checkContext;
-		}, implicitRelative, true ),
-		matchAnyContext = addCombinator( function( elem ) {
-			return indexOf.call( checkContext, elem ) > -1;
-		}, implicitRelative, true ),
-		matchers = [ function( elem, context, xml ) {
-			return ( !leadingRelative && ( xml || context !== outermostContext ) ) || (
-				(checkContext = context).nodeType ?
-					matchContext( elem, context, xml ) :
-					matchAnyContext( elem, context, xml ) );
-		} ];
-
-	for ( ; i < len; i++ ) {
-		if ( (matcher = Expr.relative[ tokens[i].type ]) ) {
-			matchers = [ addCombinator(elementMatcher( matchers ), matcher) ];
-		} else {
-			matcher = Expr.filter[ tokens[i].type ].apply( null, tokens[i].matches );
 
-			if ( matcher[ expando ] ) {
-				j = ++i;
-				for ( ; j < len; j++ ) {
-					if ( Expr.relative[ tokens[j].type ] ) {
-						break;
-					}
-				}
-				return setMatcher(
-					i > 1 && elementMatcher( matchers ),
-					i > 1 && toSelector(
-						tokens.slice( 0, i - 1 ).concat({ value: tokens[ i - 2 ].type === " " ? "*" : "" })
-					).replace( rtrim, "$1" ),
-					matcher,
-					i < j && matcherFromTokens( tokens.slice( i, j ) ),
-					j < len && matcherFromTokens( (tokens = tokens.slice( j )) ),
-					j < len && toSelector( tokens )
-				);
+		var ret = a.sourceIndex - b.sourceIndex;
+		if ( ret === 0 ) {
+			hasDuplicate = true;
+		}
+		return ret;
+	};
+} else if ( document.createRange ) {
+	sortOrder = function( a, b ) {
+		if ( !a.ownerDocument || !b.ownerDocument ) {
+			if ( a == b ) {
+				hasDuplicate = true;
 			}
-			matchers.push( matcher );
+			return 0;
 		}
-	}
-
-	return elementMatcher( matchers );
-}
 
-function matcherFromGroupMatchers( elementMatchers, setMatchers ) {
-	var bySet = setMatchers.length > 0,
-		byElement = elementMatchers.length > 0,
-		superMatcher = function( seed, context, xml, results, outermost ) {
-			var elem, j, matcher,
-				matchedCount = 0,
-				i = "0",
-				unmatched = seed && [],
-				setMatched = [],
-				contextBackup = outermostContext,
-				elems = seed || byElement && Expr.find["TAG"]( "*", outermost ),
-				dirrunsUnique = (dirruns += contextBackup == null ? 1 : Math.random() || 0.1),
-				len = elems.length;
-
-			if ( outermost ) {
-				outermostContext = context !== document && context;
-			}
+		var aRange = a.ownerDocument.createRange(), bRange = b.ownerDocument.createRange();
+		aRange.setStart(a, 0);
+		aRange.setEnd(a, 0);
+		bRange.setStart(b, 0);
+		bRange.setEnd(b, 0);
+		var ret = aRange.compareBoundaryPoints(Range.START_TO_END, bRange);
+		if ( ret === 0 ) {
+			hasDuplicate = true;
+		}
+		return ret;
+	};
+}
 
-			for ( ; i !== len && (elem = elems[i]) != null; i++ ) {
-				if ( byElement && elem ) {
-					j = 0;
-					while ( (matcher = elementMatchers[j++]) ) {
-						if ( matcher( elem, context, xml ) ) {
-							results.push( elem );
-							break;
-						}
-					}
-					if ( outermost ) {
-						dirruns = dirrunsUnique;
-					}
-				}
+(function(){
+	var form = document.createElement("div"),
+		id = "script" + (new Date).getTime();
+	form.innerHTML = "<a name='" + id + "'/>";
 
-				if ( bySet ) {
-					if ( (elem = !matcher && elem) ) {
-						matchedCount--;
-					}
+	var root = document.documentElement;
+	root.insertBefore( form, root.firstChild );
 
-					if ( seed ) {
-						unmatched.push( elem );
-					}
-				}
+	if ( !!document.getElementById( id ) ) {
+		Expr.find.ID = function(match, context, isXML){
+			if ( typeof context.getElementById !== "undefined" && !isXML ) {
+				var m = context.getElementById(match[1]);
+				return m ? m.id === match[1] || typeof m.getAttributeNode !== "undefined" && m.getAttributeNode("id").nodeValue === match[1] ? [m] : undefined : [];
 			}
+		};
 
-			matchedCount += i;
-			if ( bySet && i !== matchedCount ) {
-				j = 0;
-				while ( (matcher = setMatchers[j++]) ) {
-					matcher( unmatched, setMatched, context, xml );
-				}
+		Expr.filter.ID = function(elem, match){
+			var node = typeof elem.getAttributeNode !== "undefined" && elem.getAttributeNode("id");
+			return elem.nodeType === 1 && node && node.nodeValue === match;
+		};
+	}
 
-				if ( seed ) {
-					if ( matchedCount > 0 ) {
-						while ( i-- ) {
-							if ( !(unmatched[i] || setMatched[i]) ) {
-								setMatched[i] = pop.call( results );
-							}
-						}
-					}
+	root.removeChild( form );
+	root = form = null; // release memory in IE
+})();
 
-					setMatched = condense( setMatched );
-				}
+(function(){
+
+	var div = document.createElement("div");
+	div.appendChild( document.createComment("") );
 
-				push.apply( results, setMatched );
+	if ( div.getElementsByTagName("*").length > 0 ) {
+		Expr.find.TAG = function(match, context){
+			var results = context.getElementsByTagName(match[1]);
 
-				if ( outermost && !seed && setMatched.length > 0 &&
-					( matchedCount + setMatchers.length ) > 1 ) {
+			if ( match[1] === "*" ) {
+				var tmp = [];
 
-					Sizzle.uniqueSort( results );
+				for ( var i = 0; results[i]; i++ ) {
+					if ( results[i].nodeType === 1 ) {
+						tmp.push( results[i] );
+					}
 				}
-			}
 
-			if ( outermost ) {
-				dirruns = dirrunsUnique;
-				outermostContext = contextBackup;
+				results = tmp;
 			}
 
-			return unmatched;
+			return results;
 		};
+	}
 
-	return bySet ?
-		markFunction( superMatcher ) :
-		superMatcher;
-}
+	div.innerHTML = "<a href='#'></a>";
+	if ( div.firstChild && typeof div.firstChild.getAttribute !== "undefined" &&
+			div.firstChild.getAttribute("href") !== "#" ) {
+		Expr.attrHandle.href = function(elem){
+			return elem.getAttribute("href", 2);
+		};
+	}
 
-compile = Sizzle.compile = function( selector, match /* Internal Use Only */ ) {
-	var i,
-		setMatchers = [],
-		elementMatchers = [],
-		cached = compilerCache[ selector + " " ];
+	div = null; // release memory in IE
+})();
 
-	if ( !cached ) {
-		if ( !match ) {
-			match = tokenize( selector );
-		}
-		i = match.length;
-		while ( i-- ) {
-			cached = matcherFromTokens( match[i] );
-			if ( cached[ expando ] ) {
-				setMatchers.push( cached );
-			} else {
-				elementMatchers.push( cached );
-			}
+if ( document.querySelectorAll ) (function(){
+	var oldSizzle = Sizzle, div = document.createElement("div");
+	div.innerHTML = "<p class='TEST'></p>";
+
+	if ( div.querySelectorAll && div.querySelectorAll(".TEST").length === 0 ) {
+		return;
+	}
+
+	Sizzle = function(query, context, extra, seed){
+		context = context || document;
+
+		if ( !seed && context.nodeType === 9 && !isXML(context) ) {
+			try {
+				return makeArray( context.querySelectorAll(query), extra );
+			} catch(e){}
 		}
 
-		cached = compilerCache( selector, matcherFromGroupMatchers( elementMatchers, setMatchers ) );
+		return oldSizzle(query, context, extra, seed);
+	};
 
-		cached.selector = selector;
+	for ( var prop in oldSizzle ) {
+		Sizzle[ prop ] = oldSizzle[ prop ];
 	}
-	return cached;
-};
-
-/**
- * A low-level selection function that works with Sizzle's compiled
- *  selector functions
- * @param {String|Function} selector A selector or a pre-compiled
- *  selector function built with Sizzle.compile
- * @param {Element} context
- * @param {Array} [results]
- * @param {Array} [seed] A set of elements to match against
- */
-select = Sizzle.select = function( selector, context, results, seed ) {
-	var i, tokens, token, type, find,
-		compiled = typeof selector === "function" && selector,
-		match = !seed && tokenize( (selector = compiled.selector || selector) );
 
-	results = results || [];
+	div = null; // release memory in IE
+})();
 
-	if ( match.length === 1 ) {
+if ( document.getElementsByClassName && document.documentElement.getElementsByClassName ) (function(){
+	var div = document.createElement("div");
+	div.innerHTML = "<div class='test e'></div><div class='test'></div>";
 
-		tokens = match[0] = match[0].slice( 0 );
-		if ( tokens.length > 2 && (token = tokens[0]).type === "ID" &&
-				support.getById && context.nodeType === 9 && documentIsHTML &&
-				Expr.relative[ tokens[1].type ] ) {
+	if ( div.getElementsByClassName("e").length === 0 )
+		return;
 
-			context = ( Expr.find["ID"]( token.matches[0].replace(runescape, funescape), context ) || [] )[0];
-			if ( !context ) {
-				return results;
+	div.lastChild.className = "e";
 
-			} else if ( compiled ) {
-				context = context.parentNode;
-			}
+	if ( div.getElementsByClassName("e").length === 1 )
+		return;
 
-			selector = selector.slice( tokens.shift().value.length );
+	Expr.order.splice(1, 0, "CLASS");
+	Expr.find.CLASS = function(match, context, isXML) {
+		if ( typeof context.getElementsByClassName !== "undefined" && !isXML ) {
+			return context.getElementsByClassName(match[1]);
 		}
+	};
 
-		i = matchExpr["needsContext"].test( selector ) ? 0 : tokens.length;
-		while ( i-- ) {
-			token = tokens[i];
+	div = null; // release memory in IE
+})();
 
-			if ( Expr.relative[ (type = token.type) ] ) {
-				break;
+function dirNodeCheck( dir, cur, doneName, checkSet, nodeCheck, isXML ) {
+	var sibDir = dir == "previousSibling" && !isXML;
+	for ( var i = 0, l = checkSet.length; i < l; i++ ) {
+		var elem = checkSet[i];
+		if ( elem ) {
+			if ( sibDir && elem.nodeType === 1 ){
+				elem.sizcache = doneName;
+				elem.sizset = i;
 			}
-			if ( (find = Expr.find[ type ]) ) {
-				if ( (seed = find(
-					token.matches[0].replace( runescape, funescape ),
-					rsibling.test( tokens[0].type ) && testContext( context.parentNode ) || context
-				)) ) {
-
-					tokens.splice( i, 1 );
-					selector = seed.length && toSelector( tokens );
-					if ( !selector ) {
-						push.apply( results, seed );
-						return results;
-					}
+			elem = elem[dir];
+			var match = false;
 
+			while ( elem ) {
+				if ( elem.sizcache === doneName ) {
+					match = checkSet[elem.sizset];
 					break;
 				}
+
+				if ( elem.nodeType === 1 && !isXML ){
+					elem.sizcache = doneName;
+					elem.sizset = i;
+				}
+
+				if ( elem.nodeName === cur ) {
+					match = elem;
+					break;
+				}
+
+				elem = elem[dir];
 			}
+
+			checkSet[i] = match;
 		}
 	}
+}
 
-	( compiled || compile( selector, match ) )(
-		seed,
-		context,
-		!documentIsHTML,
-		results,
-		rsibling.test( selector ) && testContext( context.parentNode ) || context
-	);
-	return results;
-};
-
+function dirCheck( dir, cur, doneName, checkSet, nodeCheck, isXML ) {
+	var sibDir = dir == "previousSibling" && !isXML;
+	for ( var i = 0, l = checkSet.length; i < l; i++ ) {
+		var elem = checkSet[i];
+		if ( elem ) {
+			if ( sibDir && elem.nodeType === 1 ) {
+				elem.sizcache = doneName;
+				elem.sizset = i;
+			}
+			elem = elem[dir];
+			var match = false;
 
-support.sortStable = expando.split("").sort( sortOrder ).join("") === expando;
+			while ( elem ) {
+				if ( elem.sizcache === doneName ) {
+					match = checkSet[elem.sizset];
+					break;
+				}
 
-support.detectDuplicates = !!hasDuplicate;
+				if ( elem.nodeType === 1 ) {
+					if ( !isXML ) {
+						elem.sizcache = doneName;
+						elem.sizset = i;
+					}
+					if ( typeof cur !== "string" ) {
+						if ( elem === cur ) {
+							match = true;
+							break;
+						}
 
-setDocument();
+					} else if ( Sizzle.filter( cur, [elem] ).length > 0 ) {
+						match = elem;
+						break;
+					}
+				}
 
-support.sortDetached = assert(function( div1 ) {
-	return div1.compareDocumentPosition( document.createElement("div") ) & 1;
-});
+				elem = elem[dir];
+			}
 
-if ( !assert(function( div ) {
-	div.innerHTML = "<a href='#'></a>";
-	return div.firstChild.getAttribute("href") === "#" ;
-}) ) {
-	addHandle( "type|href|height|width", function( elem, name, isXML ) {
-		if ( !isXML ) {
-			return elem.getAttribute( name, name.toLowerCase() === "type" ? 1 : 2 );
+			checkSet[i] = match;
 		}
-	});
+	}
 }
 
-if ( !support.attributes || !assert(function( div ) {
-	div.innerHTML = "<input/>";
-	div.firstChild.setAttribute( "value", "" );
-	return div.firstChild.getAttribute( "value" ) === "";
-}) ) {
-	addHandle( "value", function( elem, name, isXML ) {
-		if ( !isXML && elem.nodeName.toLowerCase() === "input" ) {
-			return elem.defaultValue;
-		}
-	});
-}
+var contains = document.compareDocumentPosition ?  function(a, b){
+	return a.compareDocumentPosition(b) & 16;
+} : function(a, b){
+	return a !== b && (a.contains ? a.contains(b) : true);
+};
 
-if ( !assert(function( div ) {
-	return div.getAttribute("disabled") == null;
-}) ) {
-	addHandle( booleans, function( elem, name, isXML ) {
-		var val;
-		if ( !isXML ) {
-			return elem[ name ] === true ? name.toLowerCase() :
-					(val = elem.getAttributeNode( name )) && val.specified ?
-					val.value :
-				null;
-		}
-	});
-}
+var isXML = function(elem){
+	return elem.nodeType === 9 && elem.documentElement.nodeName !== "HTML" ||
+		!!elem.ownerDocument && elem.ownerDocument.documentElement.nodeName !== "HTML";
+};
 
-if ( typeof define === "function" && define.amd ) {
-	define(function() { return Sizzle; });
-} else if ( typeof module !== "undefined" && module.exports ) {
-	module.exports = Sizzle;
-} else {
-	window.Sizzle = Sizzle;
-}
+var posProcess = function(selector, context){
+	var tmpSet = [], later = "", match,
+		root = context.nodeType ? [context] : context;
+
+	while ( (match = Expr.match.PSEUDO.exec( selector )) ) {
+		later += match[0];
+		selector = selector.replace( Expr.match.PSEUDO, "" );
+	}
 
-})( window );
+	selector = Expr.relative[selector] ? selector + "*" : selector;
 
-;(function() {
-  if (typeof Sizzle !== 'undefined') {
-    return;
-  }
+	for ( var i = 0, l = root.length; i < l; i++ ) {
+		Sizzle( selector, root[i], tmpSet );
+	}
+
+	return Sizzle.filter( later, tmpSet );
+};
+
+
+window.Sizzle = Sizzle;
 
-  if (typeof define !== 'undefined' && define.amd) {
-    window.Sizzle = Prototype._actual_sizzle;
-    window.define = Prototype._original_define;
-    delete Prototype._actual_sizzle;
-    delete Prototype._original_define;
-  } else if (typeof module !== 'undefined' && module.exports) {
-    window.Sizzle = module.exports;
-    module.exports = {};
-  }
 })();
 
 ;(function(engine) {
@@ -6374,23 +5026,15 @@ var Form = {
       accumulator = function(result, key, value) {
         if (key in result) {
           if (!Object.isArray(result[key])) result[key] = [result[key]];
-          result[key] = result[key].concat(value);
+          result[key].push(value);
         } else result[key] = value;
         return result;
       };
     } else {
       initial = '';
-      accumulator = function(result, key, values) {
-        if (!Object.isArray(values)) {values = [values];}
-        if (!values.length) {return result;}
-        var encodedKey = encodeURIComponent(key).gsub(/%20/, '+');
-        return result + (result ? "&" : "") + values.map(function (value) {
-          value = value.gsub(/(\r)?\n/, '\r\n');
-          value = encodeURIComponent(value);
-          value = value.gsub(/%20/, '+');
-          return encodedKey + "=" + value;
-        }).join("&");
-      };
+      accumulator = function(result, key, value) {
+        return result + (result ? '&' : '') + encodeURIComponent(key) + '=' + encodeURIComponent(value);
+      }
     }
 
     return elements.inject(initial, function(result, element) {
@@ -6411,16 +5055,19 @@ Form.Methods = {
     return Form.serializeElements(Form.getElements(form), options);
   },
 
-
   getElements: function(form) {
-    var elements = $(form).getElementsByTagName('*');
-    var element, results = [], serializers = Form.Element.Serializers;
-
+    var elements = $(form).getElementsByTagName('*'),
+        element,
+        arr = [ ],
+        serializers = Form.Element.Serializers;
     for (var i = 0; element = elements[i]; i++) {
-      if (serializers[element.tagName.toLowerCase()])
-        results.push(Element.extend(element));
+      arr.push(element);
     }
-    return results;
+    return arr.inject([], function(elements, child) {
+      if (serializers[child.tagName.toLowerCase()])
+        elements.push(Element.extend(child));
+      return elements;
+    })
   },
 
   getInputs: function(form, typeName, name) {
@@ -6739,11 +5386,7 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
     return Form.serialize(this.element);
   }
 });
-(function(GLOBAL) {
-  var DIV = document.createElement('div');
-  var docEl = document.documentElement;
-  var MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED = 'onmouseenter' in docEl
-   && 'onmouseleave' in docEl;
+(function() {
 
   var Event = {
     KEY_BACKSPACE: 8,
@@ -6759,9 +5402,16 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
     KEY_END:      35,
     KEY_PAGEUP:   33,
     KEY_PAGEDOWN: 34,
-    KEY_INSERT:   45
+    KEY_INSERT:   45,
+
+    cache: {}
   };
 
+  var docEl = document.documentElement;
+  var MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED = 'onmouseenter' in docEl
+    && 'onmouseleave' in docEl;
+
+
 
   var isIELegacyEvent = function(event) { return false; };
 
@@ -6817,10 +5467,6 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
   function isRightClick(event)  { return _isButton(event, 2) }
 
   function element(event) {
-    return Element.extend(_element(event));
-  }
-
-  function _element(event) {
     event = Event.extend(event);
 
     var node = event.target, type = event.type,
@@ -6833,15 +5479,20 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
             node = currentTarget;
     }
 
-    return node.nodeType == Node.TEXT_NODE ? node.parentNode : node;
+    if (node.nodeType == Node.TEXT_NODE)
+      node = node.parentNode;
+
+    return Element.extend(node);
   }
 
   function findElement(event, expression) {
-    var element = _element(event), selector = Prototype.Selector;
-    if (!expression) return Element.extend(element);
+    var element = Event.element(event);
+
+    if (!expression) return element;
     while (element) {
-      if (Object.isElement(element) && selector.match(element, expression))
+      if (Object.isElement(element) && Prototype.Selector.match(element, expression)) {
         return Element.extend(element);
+      }
       element = element.parentNode;
     }
   }
@@ -6953,268 +5604,198 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
     Object.extend(Event.prototype, methods);
   }
 
-  var EVENT_TRANSLATIONS = {
-    mouseenter: 'mouseover',
-    mouseleave: 'mouseout'
-  };
-
-  function getDOMEventName(eventName) {
-    return EVENT_TRANSLATIONS[eventName] || eventName;
-  }
-
-  if (MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED)
-    getDOMEventName = Prototype.K;
+  function _createResponder(element, eventName, handler) {
+    var registry = Element.retrieve(element, 'prototype_event_registry');
 
-  function getUniqueElementID(element) {
-    if (element === window) return 0;
+    if (Object.isUndefined(registry)) {
+      CACHE.push(element);
+      registry = Element.retrieve(element, 'prototype_event_registry', $H());
+    }
 
-    if (typeof element._prototypeUID === 'undefined')
-      element._prototypeUID = Element.Storage.UID++;
-    return element._prototypeUID;
-  }
+    var respondersForEvent = registry.get(eventName);
+    if (Object.isUndefined(respondersForEvent)) {
+      respondersForEvent = [];
+      registry.set(eventName, respondersForEvent);
+    }
 
-  function getUniqueElementID_IE(element) {
-    if (element === window) return 0;
-    if (element == document) return 1;
-    return element.uniqueID;
-  }
+    if (respondersForEvent.pluck('handler').include(handler)) return false;
 
-  if ('uniqueID' in DIV)
-    getUniqueElementID = getUniqueElementID_IE;
+    var responder;
+    if (eventName.include(":")) {
+      responder = function(event) {
+        if (Object.isUndefined(event.eventName))
+          return false;
 
-  function isCustomEvent(eventName) {
-    return eventName.include(':');
-  }
+        if (event.eventName !== eventName)
+          return false;
 
-  Event._isCustomEvent = isCustomEvent;
+        Event.extend(event, element);
+        handler.call(element, event);
+      };
+    } else {
+      if (!MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED &&
+       (eventName === "mouseenter" || eventName === "mouseleave")) {
+        if (eventName === "mouseenter" || eventName === "mouseleave") {
+          responder = function(event) {
+            Event.extend(event, element);
+
+            var parent = event.relatedTarget;
+            while (parent && parent !== element) {
+              try { parent = parent.parentNode; }
+              catch(e) { parent = element; }
+            }
+
+            if (parent === element) return;
+
+            handler.call(element, event);
+          };
+        }
+      } else {
+        responder = function(event) {
+          Event.extend(event, element);
+          handler.call(element, event);
+        };
+      }
+    }
 
-  function getOrCreateRegistryFor(element, uid) {
-    var CACHE = GLOBAL.Event.cache;
-    if (Object.isUndefined(uid))
-      uid = getUniqueElementID(element);
-    if (!CACHE[uid]) CACHE[uid] = { element: element };
-    return CACHE[uid];
+    responder.handler = handler;
+    respondersForEvent.push(responder);
+    return responder;
   }
 
-  function destroyRegistryForElement(element, uid) {
-    if (Object.isUndefined(uid))
-      uid = getUniqueElementID(element);
-    delete GLOBAL.Event.cache[uid];
+  function _destroyCache() {
+    for (var i = 0, length = CACHE.length; i < length; i++) {
+      Event.stopObserving(CACHE[i]);
+      CACHE[i] = null;
+    }
   }
 
+  var CACHE = [];
 
-  function register(element, eventName, handler) {
-    var registry = getOrCreateRegistryFor(element);
-    if (!registry[eventName]) registry[eventName] = [];
-    var entries = registry[eventName];
-
-    var i = entries.length;
-    while (i--)
-      if (entries[i].handler === handler) return null;
+  if (Prototype.Browser.IE)
+    window.attachEvent('onunload', _destroyCache);
 
-    var uid = getUniqueElementID(element);
-    var responder = GLOBAL.Event._createResponder(uid, eventName, handler);
-    var entry = {
-      responder: responder,
-      handler:   handler
-    };
-
-    entries.push(entry);
-    return entry;
-  }
-
-  function unregister(element, eventName, handler) {
-    var registry = getOrCreateRegistryFor(element);
-    var entries = registry[eventName] || [];
-
-    var i = entries.length, entry;
-    while (i--) {
-      if (entries[i].handler === handler) {
-        entry = entries[i];
-        break;
-      }
-    }
+  if (Prototype.Browser.WebKit)
+    window.addEventListener('unload', Prototype.emptyFunction, false);
 
-    if (entry) {
-      var index = entries.indexOf(entry);
-      entries.splice(index, 1);
-    }
 
-    if (entries.length === 0) {
-      delete registry[eventName];
-      if (Object.keys(registry).length === 1 && ('element' in registry))
-        destroyRegistryForElement(element);
-    }
+  var _getDOMEventName = Prototype.K,
+      translations = { mouseenter: "mouseover", mouseleave: "mouseout" };
 
-    return entry;
+  if (!MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED) {
+    _getDOMEventName = function(eventName) {
+      return (translations[eventName] || eventName);
+    };
   }
 
-
   function observe(element, eventName, handler) {
     element = $(element);
-    var entry = register(element, eventName, handler);
-
-    if (entry === null) return element;
 
-    var responder = entry.responder;
-    if (isCustomEvent(eventName))
-      observeCustomEvent(element, eventName, responder);
-    else
-      observeStandardEvent(element, eventName, responder);
+    var responder = _createResponder(element, eventName, handler);
 
-    return element;
-  }
+    if (!responder) return element;
 
-  function observeStandardEvent(element, eventName, responder) {
-    var actualEventName = getDOMEventName(eventName);
-    if (element.addEventListener) {
-      element.addEventListener(actualEventName, responder, false);
+    if (eventName.include(':')) {
+      if (element.addEventListener)
+        element.addEventListener("dataavailable", responder, false);
+      else {
+        element.attachEvent("ondataavailable", responder);
+        element.attachEvent("onlosecapture", responder);
+      }
     } else {
-      element.attachEvent('on' + actualEventName, responder);
-    }
-  }
+      var actualEventName = _getDOMEventName(eventName);
 
-  function observeCustomEvent(element, eventName, responder) {
-    if (element.addEventListener) {
-      element.addEventListener('dataavailable', responder, false);
-    } else {
-      element.attachEvent('ondataavailable', responder);
-      element.attachEvent('onlosecapture',   responder);
+      if (element.addEventListener)
+        element.addEventListener(actualEventName, responder, false);
+      else
+        element.attachEvent("on" + actualEventName, responder);
     }
+
+    return element;
   }
 
   function stopObserving(element, eventName, handler) {
     element = $(element);
-    var handlerGiven = !Object.isUndefined(handler),
-     eventNameGiven = !Object.isUndefined(eventName);
 
-    if (!eventNameGiven && !handlerGiven) {
-      stopObservingElement(element);
-      return element;
-    }
+    var registry = Element.retrieve(element, 'prototype_event_registry');
+    if (!registry) return element;
 
-    if (!handlerGiven) {
-      stopObservingEventName(element, eventName);
+    if (!eventName) {
+      registry.each( function(pair) {
+        var eventName = pair.key;
+        stopObserving(element, eventName);
+      });
       return element;
     }
 
-    var entry = unregister(element, eventName, handler);
+    var responders = registry.get(eventName);
+    if (!responders) return element;
 
-    if (!entry) return element;
-    removeEvent(element, eventName, entry.responder);
-    return element;
-  }
+    if (!handler) {
+      responders.each(function(r) {
+        stopObserving(element, eventName, r.handler);
+      });
+      return element;
+    }
 
-  function stopObservingStandardEvent(element, eventName, responder) {
-    var actualEventName = getDOMEventName(eventName);
-    if (element.removeEventListener) {
-      element.removeEventListener(actualEventName, responder, false);
-    } else {
-      element.detachEvent('on' + actualEventName, responder);
+    var i = responders.length, responder;
+    while (i--) {
+      if (responders[i].handler === handler) {
+        responder = responders[i];
+        break;
+      }
     }
-  }
+    if (!responder) return element;
 
-  function stopObservingCustomEvent(element, eventName, responder) {
-    if (element.removeEventListener) {
-      element.removeEventListener('dataavailable', responder, false);
+    if (eventName.include(':')) {
+      if (element.removeEventListener)
+        element.removeEventListener("dataavailable", responder, false);
+      else {
+        element.detachEvent("ondataavailable", responder);
+        element.detachEvent("onlosecapture", responder);
+      }
     } else {
-      element.detachEvent('ondataavailable', responder);
-      element.detachEvent('onlosecapture',   responder);
+      var actualEventName = _getDOMEventName(eventName);
+      if (element.removeEventListener)
+        element.removeEventListener(actualEventName, responder, false);
+      else
+        element.detachEvent('on' + actualEventName, responder);
     }
-  }
 
+    registry.set(eventName, responders.without(responder));
 
-
-  function stopObservingElement(element) {
-    var uid = getUniqueElementID(element), registry = GLOBAL.Event.cache[uid];
-    if (!registry) return;
-
-    destroyRegistryForElement(element, uid);
-
-    var entries, i;
-    for (var eventName in registry) {
-      if (eventName === 'element') continue;
-
-      entries = registry[eventName];
-      i = entries.length;
-      while (i--)
-        removeEvent(element, eventName, entries[i].responder);
-    }
+    return element;
   }
 
-  function stopObservingEventName(element, eventName) {
-    var registry = getOrCreateRegistryFor(element);
-    var entries = registry[eventName];
-    if (entries) {
-      delete registry[eventName];
-    }
+  function fire(element, eventName, memo, bubble) {
+    element = $(element);
 
-    entries = entries || [];
+    if (Object.isUndefined(bubble))
+      bubble = true;
 
-    var i = entries.length;
-    while (i--)
-      removeEvent(element, eventName, entries[i].responder);
+    if (element == document && document.createEvent && !element.dispatchEvent)
+      element = document.documentElement;
 
-    for (var name in registry) {
-      if (name === 'element') continue;
-      return; // There is another registered event
+    var event;
+    if (document.createEvent) {
+      event = document.createEvent('HTMLEvents');
+      event.initEvent('dataavailable', bubble, true);
+    } else {
+      event = document.createEventObject();
+      event.eventType = bubble ? 'ondataavailable' : 'onlosecapture';
     }
 
-    destroyRegistryForElement(element);
-  }
-
+    event.eventName = eventName;
+    event.memo = memo || { };
 
-  function removeEvent(element, eventName, handler) {
-    if (isCustomEvent(eventName))
-      stopObservingCustomEvent(element, eventName, handler);
+    if (document.createEvent)
+      element.dispatchEvent(event);
     else
-      stopObservingStandardEvent(element, eventName, handler);
-  }
-
-
+      element.fireEvent(event.eventType, event);
 
-  function getFireTarget(element) {
-    if (element !== document) return element;
-    if (document.createEvent && !element.dispatchEvent)
-      return document.documentElement;
-    return element;
-  }
-
-  function fire(element, eventName, memo, bubble) {
-    element = getFireTarget($(element));
-    if (Object.isUndefined(bubble)) bubble = true;
-    memo = memo || {};
-
-    var event = fireEvent(element, eventName, memo, bubble);
     return Event.extend(event);
   }
 
-  function fireEvent_DOM(element, eventName, memo, bubble) {
-    var event = document.createEvent('HTMLEvents');
-    event.initEvent('dataavailable', bubble, true);
-
-    event.eventName = eventName;
-    event.memo = memo;
-
-    element.dispatchEvent(event);
-    return event;
-  }
-
-  function fireEvent_IE(element, eventName, memo, bubble) {
-    var event = document.createEventObject();
-    event.eventType = bubble ? 'ondataavailable' : 'onlosecapture';
-
-    event.eventName = eventName;
-    event.memo = memo;
-
-    element.fireEvent(event.eventType, event);
-    return event;
-  }
-
-  var fireEvent = document.createEvent ? fireEvent_DOM : fireEvent_IE;
-
-
-
   Event.Handler = Class.create({
     initialize: function(element, eventName, selector, callback) {
       this.element   = $(element);
@@ -7224,7 +5805,6 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
       this.handler   = this.handleEvent.bind(this);
     },
 
-
     start: function() {
       Event.observe(this.element, this.eventName, this.handler);
       return this;
@@ -7281,145 +5861,59 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
     loaded:        false
   });
 
-  if (GLOBAL.Event) Object.extend(window.Event, Event);
-  else GLOBAL.Event = Event;
-
-  GLOBAL.Event.cache = {};
-
-  function destroyCache_IE() {
-    GLOBAL.Event.cache = null;
-  }
-
-  if (window.attachEvent)
-    window.attachEvent('onunload', destroyCache_IE);
-
-  DIV = null;
-  docEl = null;
-})(this);
-
-(function(GLOBAL) {
-  /* Code for creating leak-free event responders is based on work by
-   John-David Dalton. */
-
-  var docEl = document.documentElement;
-  var MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED = 'onmouseenter' in docEl
-    && 'onmouseleave' in docEl;
-
-  function isSimulatedMouseEnterLeaveEvent(eventName) {
-    return !MOUSEENTER_MOUSELEAVE_EVENTS_SUPPORTED &&
-     (eventName === 'mouseenter' || eventName === 'mouseleave');
-  }
-
-  function createResponder(uid, eventName, handler) {
-    if (Event._isCustomEvent(eventName))
-      return createResponderForCustomEvent(uid, eventName, handler);
-    if (isSimulatedMouseEnterLeaveEvent(eventName))
-      return createMouseEnterLeaveResponder(uid, eventName, handler);
-
-    return function(event) {
-      if (!Event.cache) return;
-
-      var element = Event.cache[uid].element;
-      Event.extend(event, element);
-      handler.call(element, event);
-    };
-  }
-
-  function createResponderForCustomEvent(uid, eventName, handler) {
-    return function(event) {
-      var cache = Event.cache[uid];
-      var element =  cache && cache.element;
-
-      if (Object.isUndefined(event.eventName))
-        return false;
-
-      if (event.eventName !== eventName)
-        return false;
-
-      Event.extend(event, element);
-      handler.call(element, event);
-    };
-  }
-
-  function createMouseEnterLeaveResponder(uid, eventName, handler) {
-    return function(event) {
-      var element = Event.cache[uid].element;
-
-      Event.extend(event, element);
-      var parent = event.relatedTarget;
-
-      while (parent && parent !== element) {
-        try { parent = parent.parentNode; }
-        catch(e) { parent = element; }
-      }
-
-      if (parent === element) return;
-      handler.call(element, event);
-    }
-  }
-
-  GLOBAL.Event._createResponder = createResponder;
-  docEl = null;
-})(this);
+  if (window.Event) Object.extend(window.Event, Event);
+  else window.Event = Event;
+})();
 
-(function(GLOBAL) {
+(function() {
   /* Support for the DOMContentLoaded event is based on work by Dan Webb,
      Matthias Miller, Dean Edwards, John Resig, and Diego Perini. */
 
-  var TIMER;
+  var timer;
 
   function fireContentLoadedEvent() {
     if (document.loaded) return;
-    if (TIMER) window.clearTimeout(TIMER);
+    if (timer) window.clearTimeout(timer);
     document.loaded = true;
     document.fire('dom:loaded');
   }
 
   function checkReadyState() {
     if (document.readyState === 'complete') {
-      document.detachEvent('onreadystatechange', checkReadyState);
+      document.stopObserving('readystatechange', checkReadyState);
       fireContentLoadedEvent();
     }
   }
 
   function pollDoScroll() {
-    try {
-      document.documentElement.doScroll('left');
-    } catch (e) {
-      TIMER = pollDoScroll.defer();
+    try { document.documentElement.doScroll('left'); }
+    catch(e) {
+      timer = pollDoScroll.defer();
       return;
     }
-
-    fireContentLoadedEvent();
-  }
-
-
-  if (document.readyState === 'complete') {
     fireContentLoadedEvent();
-    return;
   }
 
   if (document.addEventListener) {
     document.addEventListener('DOMContentLoaded', fireContentLoadedEvent, false);
   } else {
-    document.attachEvent('onreadystatechange', checkReadyState);
-    if (window == top) TIMER = pollDoScroll.defer();
+    document.observe('readystatechange', checkReadyState);
+    if (window == top)
+      timer = pollDoScroll.defer();
   }
 
   Event.observe(window, 'load', fireContentLoadedEvent);
-})(this);
-
+})();
 
 Element.addMethods();
+
 /*------------------------------- DEPRECATED -------------------------------*/
 
 Hash.toQueryString = Object.toQueryString;
 
 var Toggle = { display: Element.toggle };
 
-Element.addMethods({
-  childOf: Element.Methods.descendantOf
-});
+Element.Methods.childOf = Element.Methods.descendantOf;
 
 var Insertion = {
   Before: function(element, content) {
@@ -7561,10 +6055,10 @@ Element.ClassNames.prototype = {
     this.element = $(element);
   },
 
-  _each: function(iterator, context) {
+  _each: function(iterator) {
     this.element.className.split(/\s+/).select(function(name) {
       return name.length > 0;
-    })._each(iterator, context);
+    })._each(iterator);
   },
 
   set: function(className) {
-- 
GitLab


From bd7fd304a7bc93b4efc1c8f88887e262aa329b86 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Sun, 10 Sep 2017 06:56:44 +0200
Subject: [PATCH 205/863] [JENKINS-26143] Make choice parameter work with
 choices list in pipeline

---
 .../model/ChoiceParameterDefinition.java      | 74 ++++++++++++++++++-
 1 file changed, 72 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/model/ChoiceParameterDefinition.java b/core/src/main/java/hudson/model/ChoiceParameterDefinition.java
index f175bd001b..4d88f0d403 100644
--- a/core/src/main/java/hudson/model/ChoiceParameterDefinition.java
+++ b/core/src/main/java/hudson/model/ChoiceParameterDefinition.java
@@ -2,6 +2,9 @@ package hudson.model;
 
 import hudson.util.FormValidation;
 import org.jenkinsci.Symbol;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+import org.kohsuke.stapler.DataBoundSetter;
 import org.kohsuke.stapler.QueryParameter;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.DataBoundConstructor;
@@ -10,7 +13,10 @@ import org.apache.commons.lang.StringUtils;
 import net.sf.json.JSONObject;
 import hudson.Extension;
 
+import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
 import java.util.ArrayList;
+import java.util.Collection;
 import java.util.List;
 import java.util.Arrays;
 
@@ -24,7 +30,7 @@ public class ChoiceParameterDefinition extends SimpleParameterDefinition {
     public static final String CHOICES_DELIMETER = CHOICES_DELIMITER;
 
 
-    private final List<String> choices;
+    private /* quasi-final */ List<String> choices;
     private final String defaultValue;
 
     public static boolean areValidChoices(String choices) {
@@ -32,7 +38,6 @@ public class ChoiceParameterDefinition extends SimpleParameterDefinition {
         return !StringUtils.isEmpty(strippedChoices) && strippedChoices.split(CHOICES_DELIMITER).length > 0;
     }
 
-    @DataBoundConstructor
     public ChoiceParameterDefinition(String name, String choices, String description) {
         super(name, description);
         this.choices = Arrays.asList(choices.split(CHOICES_DELIMITER));
@@ -51,6 +56,58 @@ public class ChoiceParameterDefinition extends SimpleParameterDefinition {
         this.defaultValue = defaultValue;
     }
 
+    /**
+     *
+     * @param name
+     * @param description
+     *
+     * @since TODO
+     */
+    @DataBoundConstructor
+    @Restricted(NoExternalUse.class) // there are specific constructors with String and List arguments for 'choices'
+    public ChoiceParameterDefinition(String name, String description) {
+        super(name, description);
+        this.choices = new ArrayList<>();
+        this.defaultValue = null;
+    }
+
+    /**
+     * Set the list of choices. Legal arguments are String (in which case the arguments gets split into lines) and Collection
+     * which sets the list of legal parameters to the String representations of the argument's non-null entries.
+     *
+     * See JENKINS-26143 for background.
+     *
+     * This retains the compatibility with the legacy String 'choices' parameter, while supporting the list type as generated
+     * by the snippet generator.
+     *
+     * @param choices String or Collection representing this parameter definition's possible values.
+     *
+     * @since TODO
+     *
+     */
+    @DataBoundSetter
+    @Restricted(NoExternalUse.class) // this is terrible enough without being used anywhere
+    public void setChoices(Object choices) {
+        if (choices instanceof String) {
+            setChoicesText((String) choices);
+            return;
+        }
+        if (choices instanceof Collection) {
+            this.choices = new ArrayList<>();
+            for (Object o : (Collection) choices) {
+                if (o != null) {
+                    this.choices.add(o.toString());
+                }
+            }
+            return;
+        }
+        throw new IllegalArgumentException("expected String or Collection, but got " + choices);
+    }
+
+    private void setChoicesText(String choices) {
+        this.choices = Arrays.asList(choices.split(CHOICES_DELIMITER));
+    }
+
     @Override
     public ParameterDefinition copyWithDefaultValue(ParameterValue defaultValue) {
         if (defaultValue instanceof StringParameterValue) {
@@ -104,6 +161,19 @@ public class ChoiceParameterDefinition extends SimpleParameterDefinition {
             return "/help/parameter/choice.html";
         }
 
+        @Override
+        /*
+         * We need this for JENKINS-26143 -- reflective creation cannot handle setChoices(Object). See that method for context.
+         */
+        public ParameterDefinition newInstance(@Nullable StaplerRequest req, @Nonnull JSONObject formData) throws FormException {
+            String name = formData.getString("name");
+            String desc = formData.getString("description");
+            String choiceText = formData.getString("choices");
+            ChoiceParameterDefinition parameterDefinition = new ChoiceParameterDefinition(name, desc);
+            parameterDefinition.setChoicesText(choiceText);
+            return parameterDefinition;
+        }
+
         /**
          * Checks if parameterized build choices are valid.
          */
-- 
GitLab


From 7b8e4b1e093550dc8ca1f3664ed161e9c24a93db Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Sun, 11 Mar 2018 23:33:17 +0100
Subject: [PATCH 206/863] Address review comments

---
 .../model/ChoiceParameterDefinition.java       | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/core/src/main/java/hudson/model/ChoiceParameterDefinition.java b/core/src/main/java/hudson/model/ChoiceParameterDefinition.java
index 4d88f0d403..327ef2eb88 100644
--- a/core/src/main/java/hudson/model/ChoiceParameterDefinition.java
+++ b/core/src/main/java/hudson/model/ChoiceParameterDefinition.java
@@ -40,7 +40,7 @@ public class ChoiceParameterDefinition extends SimpleParameterDefinition {
 
     public ChoiceParameterDefinition(String name, String choices, String description) {
         super(name, description);
-        this.choices = Arrays.asList(choices.split(CHOICES_DELIMITER));
+        setChoicesText(choices);
         defaultValue = null;
     }
 
@@ -57,9 +57,10 @@ public class ChoiceParameterDefinition extends SimpleParameterDefinition {
     }
 
     /**
+     * Databound constructor for reflective instantiation.
      *
-     * @param name
-     * @param description
+     * @param name parameter name
+     * @param description parameter description
      *
      * @since TODO
      */
@@ -93,15 +94,16 @@ public class ChoiceParameterDefinition extends SimpleParameterDefinition {
             return;
         }
         if (choices instanceof Collection) {
-            this.choices = new ArrayList<>();
+            ArrayList<String> newChoices = new ArrayList<>();
             for (Object o : (Collection) choices) {
                 if (o != null) {
-                    this.choices.add(o.toString());
+                    newChoices.add(o.toString());
                 }
             }
+            this.choices = newChoices;
             return;
         }
-        throw new IllegalArgumentException("expected String or Collection, but got " + choices);
+        throw new IllegalArgumentException("expected String or Collection, but got " + choices.getClass().getName());
     }
 
     private void setChoicesText(String choices) {
@@ -169,9 +171,7 @@ public class ChoiceParameterDefinition extends SimpleParameterDefinition {
             String name = formData.getString("name");
             String desc = formData.getString("description");
             String choiceText = formData.getString("choices");
-            ChoiceParameterDefinition parameterDefinition = new ChoiceParameterDefinition(name, desc);
-            parameterDefinition.setChoicesText(choiceText);
-            return parameterDefinition;
+            return new ChoiceParameterDefinition(name, choiceText, desc);
         }
 
         /**
-- 
GitLab


From 46d60c92356730e7ca3d3cc9578b26c921d43096 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 11 Mar 2018 21:51:54 -0700
Subject: [PATCH 207/863] [maven-release-plugin] prepare release jenkins-2.111

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 26b3089a14..3c03ad9f3d 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.111-SNAPSHOT</version>
+    <version>2.111</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 17d307d07a..0581b9507b 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.111-SNAPSHOT</version>
+    <version>2.111</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 98e99a7321..5fa88a0f05 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.111-SNAPSHOT</version>
+  <version>2.111</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.111</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 48482eca4f..c9b66bc1bc 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.111-SNAPSHOT</version>
+    <version>2.111</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 92b463f92c..1f4a80c039 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.111-SNAPSHOT</version>
+    <version>2.111</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From dcad69dda84493136092bb089846d13f6395c7e2 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 11 Mar 2018 21:51:54 -0700
Subject: [PATCH 208/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 3c03ad9f3d..e94bade269 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.111</version>
+    <version>2.112-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 0581b9507b..9341f03f89 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.111</version>
+    <version>2.112-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 5fa88a0f05..17ec1c559d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.111</version>
+  <version>2.112-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.111</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index c9b66bc1bc..3b90d1d1bb 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.111</version>
+    <version>2.112-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 1f4a80c039..61f0656487 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.111</version>
+    <version>2.112-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 5082ebce87cfa6cc4e61820a5d85cfccde45fd3a Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Mon, 12 Mar 2018 17:17:49 +0100
Subject: [PATCH 209/863] Add parent loggers to autocompletion

---
 core/src/main/java/hudson/logging/LogRecorder.java | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/hudson/logging/LogRecorder.java b/core/src/main/java/hudson/logging/LogRecorder.java
index 7313778df0..43bd774a95 100644
--- a/core/src/main/java/hudson/logging/LogRecorder.java
+++ b/core/src/main/java/hudson/logging/LogRecorder.java
@@ -41,6 +41,7 @@ import hudson.util.RingBufferLogHandler;
 import hudson.util.XStream2;
 import jenkins.security.MasterToSlaveCallable;
 import net.sf.json.JSONObject;
+import org.apache.commons.lang.StringUtils;
 import org.kohsuke.stapler.*;
 import org.kohsuke.stapler.interceptor.RequirePOST;
 
@@ -87,14 +88,21 @@ public class LogRecorder extends AbstractModelObject implements Saveable {
 
     @Restricted(NoExternalUse.class)
     public AutoCompletionCandidates doAutoCompleteLoggerName(@QueryParameter String value) {
-        AutoCompletionCandidates candidates = new AutoCompletionCandidates();
+        List<String> candidateNames = new ArrayList<>();
         Enumeration<String> loggerNames = LogManager.getLogManager().getLoggerNames();
+        String lowercaseValue = value.toLowerCase(Locale.ENGLISH);
         while (loggerNames.hasMoreElements()) {
             String loggerName = loggerNames.nextElement();
-            if (loggerName.toLowerCase(Locale.ENGLISH).contains(value.toLowerCase(Locale.ENGLISH))) {
-                candidates.add(loggerName);
+            String[] loggerNameParts = loggerName.split("[.]");
+            for (int i = 0 ; i < loggerNameParts.length ; i++) {
+                String loggerNamePrefix = StringUtils.join(Arrays.copyOf(loggerNameParts, i+1), ".");
+                if (loggerNamePrefix.toLowerCase(Locale.ENGLISH).contains(lowercaseValue) && !candidateNames.contains(loggerNamePrefix)) {
+                    candidateNames.add(loggerNamePrefix);
+                }
             }
         }
+        AutoCompletionCandidates candidates = new AutoCompletionCandidates();
+        candidates.add(candidateNames.toArray(new String[0]));
         return candidates;
     }
 
-- 
GitLab


From 72f1957fecf111a9b46d1a1e044cf3ef4013dbf7 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 12 Mar 2018 12:44:16 -0400
Subject: [PATCH 210/863] Adapted to RemoteInvocationHandler$RPCRequest
 signature changes.

---
 test/src/test/java/jenkins/security/Security232Test.java | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/test/src/test/java/jenkins/security/Security232Test.java b/test/src/test/java/jenkins/security/Security232Test.java
index 65e0ea05d4..9d1ce1e647 100644
--- a/test/src/test/java/jenkins/security/Security232Test.java
+++ b/test/src/test/java/jenkins/security/Security232Test.java
@@ -96,13 +96,13 @@ public class Security232Test {
 
             Class<?> reqClass = Class.forName("hudson.remoting.RemoteInvocationHandler$RPCRequest");
 
-            Constructor<?> reqCons = reqClass.getDeclaredConstructor(int.class, Method.class, Object[].class);
+            Constructor<?> reqCons = reqClass.getDeclaredConstructor(int.class, Method.class, Object[].class, ClassLoader.class, boolean.class);
             reqCons.setAccessible(true);
 
             Object getJarLoader = reqCons
                     .newInstance(1, Class.forName("hudson.remoting.IChannel").getMethod("getProperty", Object.class), new Object[] {
                         JarLoader.class.getName() + ".ours"
-            });
+            }, null, true);
 
             Object call = c.call((Callable<Object,Exception>) getJarLoader);
             InvocationHandler remote = Proxy.getInvocationHandler(call);
@@ -130,7 +130,7 @@ public class Security232Test {
             Object o = reqCons
                     .newInstance(oid, JarLoader.class.getMethod("isPresentOnRemote", Class.forName("hudson.remoting.Checksum")), new Object[] {
                         uro,
-            });
+            }, null, true);
 
             try {
                 c.call((Callable<Object,Exception>) o);
-- 
GitLab


From dcf22ca809671f19cfc2d1d10537b7bb5cf56e8d Mon Sep 17 00:00:00 2001
From: James Nord <jnord+github@cloudbees.com>
Date: Mon, 12 Mar 2018 16:49:30 +0000
Subject: [PATCH 211/863] [JENKINS-50124] restore AbstractTaskListeners
 serialVersionUID.

If a subclass was serialized (default java serialization) then the
changes do push down the method to the interface would break
deserialisation when in reality the classes are still compatable.

Restoring the compatability by hard coding the serialVersionUID to what
it was before the change.
---
 core/src/main/java/hudson/util/AbstractTaskListener.java | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/core/src/main/java/hudson/util/AbstractTaskListener.java b/core/src/main/java/hudson/util/AbstractTaskListener.java
index b40cfde838..bb02e99cd0 100644
--- a/core/src/main/java/hudson/util/AbstractTaskListener.java
+++ b/core/src/main/java/hudson/util/AbstractTaskListener.java
@@ -13,4 +13,7 @@ import org.kohsuke.accmod.restrictions.NoExternalUse;
 @Restricted(NoExternalUse.class)
 @RestrictedSince("2.91")
 public abstract class AbstractTaskListener implements TaskListener {
+
+    private static final long serialVersionUID = 7217626701881006422L;
+
 }
-- 
GitLab


From f0e56875d08b436a6c7f8e23afca7e59c55d33fc Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Mon, 12 Mar 2018 18:26:04 +0100
Subject: [PATCH 212/863] [JENKINS-26143] Apparently only List is allowed

---
 .../main/java/hudson/model/ChoiceParameterDefinition.java  | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/core/src/main/java/hudson/model/ChoiceParameterDefinition.java b/core/src/main/java/hudson/model/ChoiceParameterDefinition.java
index 327ef2eb88..d5b6000591 100644
--- a/core/src/main/java/hudson/model/ChoiceParameterDefinition.java
+++ b/core/src/main/java/hudson/model/ChoiceParameterDefinition.java
@@ -16,7 +16,6 @@ import hudson.Extension;
 import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
 import java.util.ArrayList;
-import java.util.Collection;
 import java.util.List;
 import java.util.Arrays;
 
@@ -93,9 +92,9 @@ public class ChoiceParameterDefinition extends SimpleParameterDefinition {
             setChoicesText((String) choices);
             return;
         }
-        if (choices instanceof Collection) {
+        if (choices instanceof List) {
             ArrayList<String> newChoices = new ArrayList<>();
-            for (Object o : (Collection) choices) {
+            for (Object o : (List) choices) {
                 if (o != null) {
                     newChoices.add(o.toString());
                 }
@@ -103,7 +102,7 @@ public class ChoiceParameterDefinition extends SimpleParameterDefinition {
             this.choices = newChoices;
             return;
         }
-        throw new IllegalArgumentException("expected String or Collection, but got " + choices.getClass().getName());
+        throw new IllegalArgumentException("expected String or List, but got " + choices.getClass().getName());
     }
 
     private void setChoicesText(String choices) {
-- 
GitLab


From 41c006d5ed11daf5eeac7bb1424599cdfad1d8ee Mon Sep 17 00:00:00 2001
From: Raul Arabaolaza <rarabaolaza@cloudbees.com>
Date: Tue, 13 Mar 2018 10:26:05 +0100
Subject: [PATCH 213/863] [JENKINS-49269] Run ATH SmokeTest category on core
 builds

---
 Jenkinsfile | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/Jenkinsfile b/Jenkinsfile
index 9c4b4efbba..c1531236e1 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -43,6 +43,8 @@ for(i = 0; i < buildTypes.size(); i++) {
                             if(isUnix()) {
                                 sh mvnCmd
                                 sh 'test `git status --short | tee /dev/stderr | wc --bytes` -eq 0'
+                                // Stash for ATH run
+                                stash name: "metadata", includes: "essentials.yml"
                             } else {
                                 bat mvnCmd
                             }
@@ -69,6 +71,18 @@ for(i = 0; i < buildTypes.size(); i++) {
 builds.failFast = failFast
 parallel builds
 
+if (buildTypes.contains("linux")) {
+    node("linux") {
+        unstash "metadata"
+        unarchive mapping: ['war/target/linux-jenkins.war': 'jenkins.war']
+        def fileUrl = "file://" + pwd() + "/jenkins.war"
+        def metadataPath = pwd() + "/essentials.yml"
+        dir("ath") {
+            runATH(jenkins: fileUrl, metadataFile: metadataPath)
+        }
+    }
+}
+
 // This method sets up the Maven and JDK tools, puts them in the environment along
 // with whatever other arbitrary environment variables we passed in, and runs the
 // body we passed in within that environment.
-- 
GitLab


From bdf82bcb0fa2192afddb925eb4b6ec17a63dffc9 Mon Sep 17 00:00:00 2001
From: Raul Arabaolaza <rarabaolaza@cloudbees.com>
Date: Tue, 13 Mar 2018 10:26:44 +0100
Subject: [PATCH 214/863] [JENKINS-49269] Metadata file for ath runs

---
 essentials.yml | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 essentials.yml

diff --git a/essentials.yml b/essentials.yml
new file mode 100644
index 0000000000..2d7cecab3e
--- /dev/null
+++ b/essentials.yml
@@ -0,0 +1,4 @@
+---
+ath:
+  useLocalSnapshots: false
+  athRevision: "b36f2d27fdaa3f7ce73f0179ddbd26a6d7fa05fc"
\ No newline at end of file
-- 
GitLab


From e0f24a4076fd86973d29a3aa18c6edde20657245 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Tue, 13 Mar 2018 16:24:53 +0100
Subject: [PATCH 215/863] Use a LinkedHashSet to maintain insertion order while
 saving contains check

---
 core/src/main/java/hudson/logging/LogRecorder.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/logging/LogRecorder.java b/core/src/main/java/hudson/logging/LogRecorder.java
index 43bd774a95..8502cc0339 100644
--- a/core/src/main/java/hudson/logging/LogRecorder.java
+++ b/core/src/main/java/hudson/logging/LogRecorder.java
@@ -88,7 +88,7 @@ public class LogRecorder extends AbstractModelObject implements Saveable {
 
     @Restricted(NoExternalUse.class)
     public AutoCompletionCandidates doAutoCompleteLoggerName(@QueryParameter String value) {
-        List<String> candidateNames = new ArrayList<>();
+        Set<String> candidateNames = new LinkedHashSet<>();
         Enumeration<String> loggerNames = LogManager.getLogManager().getLoggerNames();
         String lowercaseValue = value.toLowerCase(Locale.ENGLISH);
         while (loggerNames.hasMoreElements()) {
@@ -96,7 +96,7 @@ public class LogRecorder extends AbstractModelObject implements Saveable {
             String[] loggerNameParts = loggerName.split("[.]");
             for (int i = 0 ; i < loggerNameParts.length ; i++) {
                 String loggerNamePrefix = StringUtils.join(Arrays.copyOf(loggerNameParts, i+1), ".");
-                if (loggerNamePrefix.toLowerCase(Locale.ENGLISH).contains(lowercaseValue) && !candidateNames.contains(loggerNamePrefix)) {
+                if (loggerNamePrefix.toLowerCase(Locale.ENGLISH).contains(lowercaseValue)) {
                     candidateNames.add(loggerNamePrefix);
                 }
             }
-- 
GitLab


From 122ce9a048624bd7fc33b80318543a904ace2300 Mon Sep 17 00:00:00 2001
From: Raul Arabaolaza <rarabaolaza@cloudbees.com>
Date: Wed, 14 Mar 2018 11:24:14 +0100
Subject: [PATCH 216/863] [JENKINS-49269] Fix jenkinsfile and use latest commit
 of ath

---
 Jenkinsfile    | 26 +++++++++++++++-----------
 essentials.yml |  2 +-
 2 files changed, 16 insertions(+), 12 deletions(-)

diff --git a/Jenkinsfile b/Jenkinsfile
index c1531236e1..a09cb2656e 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -43,8 +43,6 @@ for(i = 0; i < buildTypes.size(); i++) {
                             if(isUnix()) {
                                 sh mvnCmd
                                 sh 'test `git status --short | tee /dev/stderr | wc --bytes` -eq 0'
-                                // Stash for ATH run
-                                stash name: "metadata", includes: "essentials.yml"
                             } else {
                                 bat mvnCmd
                             }
@@ -68,21 +66,27 @@ for(i = 0; i < buildTypes.size(); i++) {
     }
 }
 
-builds.failFast = failFast
-parallel builds
-
-if (buildTypes.contains("linux")) {
+builds.ath = {
     node("linux") {
-        unstash "metadata"
-        unarchive mapping: ['war/target/linux-jenkins.war': 'jenkins.war']
-        def fileUrl = "file://" + pwd() + "/jenkins.war"
-        def metadataPath = pwd() + "/essentials.yml"
+        def fileUri
+        def metadataPath
+        dir("sources") {
+            checkout scm
+            sh "mvn -DskipTests -am -pl war package -Dmaven.repo.local=${pwd tmp: true}/m2repo -s settings-azure.xml"
+            dir("war/target") {
+                fileUri = "file://" + pwd() + "/jenkins.war"
+            }
+            metadataPath = pwd() + "/essentials.yml"
+        }
         dir("ath") {
-            runATH(jenkins: fileUrl, metadataFile: metadataPath)
+            runATH jenkins: fileUri, metadataFile: metadataPath
         }
     }
 }
 
+builds.failFast = failFast
+parallel builds
+
 // This method sets up the Maven and JDK tools, puts them in the environment along
 // with whatever other arbitrary environment variables we passed in, and runs the
 // body we passed in within that environment.
diff --git a/essentials.yml b/essentials.yml
index 2d7cecab3e..ef5ef15f07 100644
--- a/essentials.yml
+++ b/essentials.yml
@@ -1,4 +1,4 @@
 ---
 ath:
   useLocalSnapshots: false
-  athRevision: "b36f2d27fdaa3f7ce73f0179ddbd26a6d7fa05fc"
\ No newline at end of file
+  athRevision: "06caf67d37d945ec5228a80d73714fac692c28d3"
\ No newline at end of file
-- 
GitLab


From 36e9eb03445fcd1779927773c5e29c38739a2cde Mon Sep 17 00:00:00 2001
From: Raul Arabaolaza <rarabaolaza@cloudbees.com>
Date: Wed, 14 Mar 2018 15:02:20 +0100
Subject: [PATCH 217/863] [JENKINS-49269] Use correct maven env to buld war for
 ATH

---
 Jenkinsfile | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/Jenkinsfile b/Jenkinsfile
index a09cb2656e..2ec14417cc 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -72,7 +72,10 @@ builds.ath = {
         def metadataPath
         dir("sources") {
             checkout scm
-            sh "mvn -DskipTests -am -pl war package -Dmaven.repo.local=${pwd tmp: true}/m2repo -s settings-azure.xml"
+            withMavenEnv(["JAVA_OPTS=-Xmx1536m -Xms512m",
+                          "MAVEN_OPTS=-Xmx1536m -Xms512m"]) {
+                sh "mvn -DskipTests -am -pl war package -Dmaven.repo.local=${pwd tmp: true}/m2repo -s settings-azure.xml"
+            }
             dir("war/target") {
                 fileUri = "file://" + pwd() + "/jenkins.war"
             }
-- 
GitLab


From 7b9fa0248a982b22df7ad208ec57627b97a3dcdb Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 14 Mar 2018 13:17:59 -0400
Subject: [PATCH 218/863] Another use of ExtensionList.lookupSingleton.

---
 core/src/main/java/jenkins/triggers/ReverseBuildTrigger.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/jenkins/triggers/ReverseBuildTrigger.java b/core/src/main/java/jenkins/triggers/ReverseBuildTrigger.java
index 1c341bbd17..3058274ceb 100644
--- a/core/src/main/java/jenkins/triggers/ReverseBuildTrigger.java
+++ b/core/src/main/java/jenkins/triggers/ReverseBuildTrigger.java
@@ -241,7 +241,7 @@ public final class ReverseBuildTrigger extends Trigger<Job> implements Dependenc
     @Extension public static final class RunListenerImpl extends RunListener<Run> {
 
         static RunListenerImpl get() {
-            return ExtensionList.lookup(RunListener.class).get(RunListenerImpl.class);
+            return ExtensionList.lookupSingleton(RunListenerImpl.class);
         }
 
         private Map<Job,Collection<ReverseBuildTrigger>> upstream2Trigger;
-- 
GitLab


From d32b9b1d167643714146dd7bf48c058216274158 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 14 Mar 2018 14:08:20 -0400
Subject: [PATCH 219/863] @oleg-nenashev suggests documenting behavior of
 VirtualFile.mode on symlinks.

---
 core/src/main/java/hudson/util/IOUtils.java      | 2 +-
 core/src/main/java/jenkins/util/VirtualFile.java | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/util/IOUtils.java b/core/src/main/java/hudson/util/IOUtils.java
index 5022dc021f..2bcdf90acb 100644
--- a/core/src/main/java/hudson/util/IOUtils.java
+++ b/core/src/main/java/hudson/util/IOUtils.java
@@ -117,7 +117,7 @@ public class IOUtils {
      * execute permissions for the owner, group, and others, i.e. the max return value
      * is 0777. Consider using {@link Files#getPosixFilePermissions} instead if you only
      * care about access permissions.
-     *
+     * <p>If the file is symlink, the mode is that of the link target, not the link itself.
      * @return a file mode, or -1 if not on Unix
      * @throws PosixException if the file could not be statted, e.g. broken symlink
      */
diff --git a/core/src/main/java/jenkins/util/VirtualFile.java b/core/src/main/java/jenkins/util/VirtualFile.java
index 96baa4f946..278c61acd8 100644
--- a/core/src/main/java/jenkins/util/VirtualFile.java
+++ b/core/src/main/java/jenkins/util/VirtualFile.java
@@ -246,6 +246,7 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
 
     /**
      * Gets the file’s Unix mode, if meaningful.
+     * If the file is symlink (see {@link #readLink}), the mode is that of the link target, not the link itself.
      * @return for example, 0644 ~ {@code rw-r--r--}; -1 by default, meaning unknown or inapplicable
      * @throws IOException if checking the mode failed
      * @since FIXME
-- 
GitLab


From beea2aaf2142fa861266f9bfa33d08a8710c3fb1 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 14 Mar 2018 16:32:02 -0400
Subject: [PATCH 220/863] More details on toURI and toExternalURL.

---
 core/src/main/java/jenkins/util/VirtualFile.java | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/jenkins/util/VirtualFile.java b/core/src/main/java/jenkins/util/VirtualFile.java
index 278c61acd8..6a88e24b47 100644
--- a/core/src/main/java/jenkins/util/VirtualFile.java
+++ b/core/src/main/java/jenkins/util/VirtualFile.java
@@ -113,10 +113,11 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
     /**
      * Gets a URI.
      * Should at least uniquely identify this virtual file within its root, but not necessarily globally.
-     * <p>When {@link #toExternalURL} is implemented, it is natural but not required to use that same value here.
+     * <p>When {@link #toExternalURL} is implemented, that same value could be used here,
+     * unless some sort of authentication is also embedded.
      * @return a URI (need not be absolute)
      */
-    public abstract URI toURI();
+    public abstract @Nonnull URI toURI();
 
     /**
      * Gets the parent file.
@@ -340,6 +341,8 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
      * <p>Any necessary authentication must be encoded somehow into the URL itself;
      * do not include any tokens or other authentication which might allow access to unrelated files
      * (for example {@link ArtifactManager} builds from a different job).
+     * The URL might be valid for only a limited amount of time or even only a single use;
+     * this method should be called anew every time an external URL is required.
      * <p>Generally this will be harder to implement than {@link #asRemotable},
      * which would have the opportunity to perform arbitrary preparation for {@link #open}
      * such as negotiating session authentication.
-- 
GitLab


From edeaeeab905accc082899709fd509f27dfd363e4 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Thu, 15 Mar 2018 13:57:21 +0100
Subject: [PATCH 221/863] More improvements to logging autocomplete

---
 .../main/java/hudson/logging/LogRecorder.java | 46 +++++++++++++++----
 1 file changed, 38 insertions(+), 8 deletions(-)

diff --git a/core/src/main/java/hudson/logging/LogRecorder.java b/core/src/main/java/hudson/logging/LogRecorder.java
index 8502cc0339..367c26a8b7 100644
--- a/core/src/main/java/hudson/logging/LogRecorder.java
+++ b/core/src/main/java/hudson/logging/LogRecorder.java
@@ -88,18 +88,48 @@ public class LogRecorder extends AbstractModelObject implements Saveable {
 
     @Restricted(NoExternalUse.class)
     public AutoCompletionCandidates doAutoCompleteLoggerName(@QueryParameter String value) {
+        if (value == null) {
+            return new AutoCompletionCandidates();
+        }
+
+        // get names of all actual loggers known to Jenkins
         Set<String> candidateNames = new LinkedHashSet<>();
-        Enumeration<String> loggerNames = LogManager.getLogManager().getLoggerNames();
-        String lowercaseValue = value.toLowerCase(Locale.ENGLISH);
-        while (loggerNames.hasMoreElements()) {
-            String loggerName = loggerNames.nextElement();
+        Enumeration<String> loggerNamesEnumeration = LogManager.getLogManager().getLoggerNames();
+        SortedSet<String> loggerNames = new TreeSet<>();
+        while (loggerNamesEnumeration.hasMoreElements()) {
+            loggerNames.add(loggerNamesEnumeration.nextElement());
+        }
+
+        // now look for package prefixes that make sense to offer for autocompletion:
+        // Only prefixes that match multiple loggers will be shown.
+        // Example: 'org' will show 'org', because there's org.apache, org.jenkinsci, etc.
+        // 'io' might only show 'io.jenkins.plugins' rather than 'io' if all loggers starting with 'io' start with 'io.jenkins.plugins'.
+        HashSet<String> seenPrefixes = new HashSet<>();
+        HashSet<String> relevantPrefixes = new HashSet<>();
+        for (String loggerName : loggerNames) {
             String[] loggerNameParts = loggerName.split("[.]");
-            for (int i = 0 ; i < loggerNameParts.length ; i++) {
-                String loggerNamePrefix = StringUtils.join(Arrays.copyOf(loggerNameParts, i+1), ".");
-                if (loggerNamePrefix.toLowerCase(Locale.ENGLISH).contains(lowercaseValue)) {
-                    candidateNames.add(loggerNamePrefix);
+            int prefixLength = 0;
+            for (int i = loggerNameParts.length - 1; i > 0; i--) {
+                String loggerNamePrefix = StringUtils.join(Arrays.copyOf(loggerNameParts, i + 1), ".");
+                if (seenPrefixes.contains(loggerNamePrefix)) {
+                    relevantPrefixes.add(loggerNamePrefix);
+                } else {
+                    seenPrefixes.add(loggerNamePrefix);
+                }
+            }
+        }
+        loggerNames.addAll(relevantPrefixes);
+        candidateNames.addAll(loggerNames);
+
+        for (String part : value.split("[ ]+")) {
+            HashSet<String> partCandidates = new HashSet<>();
+            String lowercaseValue = part.toLowerCase(Locale.ENGLISH);
+            for (String loggerName : loggerNames) {
+                if (loggerName.toLowerCase(Locale.ENGLISH).contains(lowercaseValue)) {
+                    partCandidates.add(loggerName);
                 }
             }
+            candidateNames.retainAll(partCandidates);
         }
         AutoCompletionCandidates candidates = new AutoCompletionCandidates();
         candidates.add(candidateNames.toArray(new String[0]));
-- 
GitLab


From 896ea22295c699644ffdf372430a11653c840c4b Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Thu, 15 Mar 2018 10:56:34 -0700
Subject: [PATCH 222/863] [maven-release-plugin] prepare release
 jenkins-2.107.1

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index df60b493dd..7c2bf64f83 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.1-SNAPSHOT</version>
+    <version>2.107.1</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 953c499198..de1d7f5a1d 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.1-SNAPSHOT</version>
+    <version>2.107.1</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 135a9f2b34..70085403eb 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.107.1-SNAPSHOT</version>
+  <version>2.107.1</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.107.1</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 15e24b1994..17f4bdd9a4 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.1-SNAPSHOT</version>
+    <version>2.107.1</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 931171425d..1972322ebf 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.1-SNAPSHOT</version>
+    <version>2.107.1</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 876b9151f273a3fd24abec717cb8301cc77b7c15 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Thu, 15 Mar 2018 10:56:34 -0700
Subject: [PATCH 223/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 7c2bf64f83..c0c4be6b23 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.1</version>
+    <version>2.107.2-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index de1d7f5a1d..4b10848e0c 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.1</version>
+    <version>2.107.2-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 70085403eb..7b04434647 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.107.1</version>
+  <version>2.107.2-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.107.1</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 17f4bdd9a4..2de0eea9ba 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.1</version>
+    <version>2.107.2-SNAPSHOT</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 1972322ebf..b3e9c243ac 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.1</version>
+    <version>2.107.2-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 87bb02b4faf1a85983f54d67e4f457e75600ac3d Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Fri, 16 Mar 2018 13:30:16 +0100
Subject: [PATCH 224/863] Suggest all parent loggers that are relevant

Parent loggers will be suggested in auto completion iff they
include two or more child, grand-child, etc. loggers, and there
is no more specific parent logger that includes the same number
of descendants.
---
 .../main/java/hudson/logging/LogRecorder.java | 54 +++++++++++--------
 .../java/hudson/logging/LogRecorderTest.java  | 35 ++++++++++++
 2 files changed, 66 insertions(+), 23 deletions(-)

diff --git a/core/src/main/java/hudson/logging/LogRecorder.java b/core/src/main/java/hudson/logging/LogRecorder.java
index 367c26a8b7..9343ab790f 100644
--- a/core/src/main/java/hudson/logging/LogRecorder.java
+++ b/core/src/main/java/hudson/logging/LogRecorder.java
@@ -23,6 +23,7 @@
  */
 package hudson.logging;
 
+import com.google.common.annotations.VisibleForTesting;
 import com.thoughtworks.xstream.XStream;
 import hudson.BulkChange;
 import hudson.Extension;
@@ -87,44 +88,51 @@ public class LogRecorder extends AbstractModelObject implements Saveable {
     }
 
     @Restricted(NoExternalUse.class)
-    public AutoCompletionCandidates doAutoCompleteLoggerName(@QueryParameter String value) {
-        if (value == null) {
-            return new AutoCompletionCandidates();
-        }
-
-        // get names of all actual loggers known to Jenkins
-        Set<String> candidateNames = new LinkedHashSet<>();
-        Enumeration<String> loggerNamesEnumeration = LogManager.getLogManager().getLoggerNames();
-        SortedSet<String> loggerNames = new TreeSet<>();
-        while (loggerNamesEnumeration.hasMoreElements()) {
-            loggerNames.add(loggerNamesEnumeration.nextElement());
-        }
+    @VisibleForTesting
+    public static Set<String> getAutoCompletionCandidates(List<String> loggerNamesList) {
+        Set<String> loggerNames = new HashSet<>(loggerNamesList);
 
         // now look for package prefixes that make sense to offer for autocompletion:
         // Only prefixes that match multiple loggers will be shown.
         // Example: 'org' will show 'org', because there's org.apache, org.jenkinsci, etc.
         // 'io' might only show 'io.jenkins.plugins' rather than 'io' if all loggers starting with 'io' start with 'io.jenkins.plugins'.
-        HashSet<String> seenPrefixes = new HashSet<>();
-        HashSet<String> relevantPrefixes = new HashSet<>();
+        HashMap<String, Integer> seenPrefixes = new HashMap<>();
+        SortedSet<String> relevantPrefixes = new TreeSet<>();
         for (String loggerName : loggerNames) {
             String[] loggerNameParts = loggerName.split("[.]");
-            int prefixLength = 0;
-            for (int i = loggerNameParts.length - 1; i > 0; i--) {
-                String loggerNamePrefix = StringUtils.join(Arrays.copyOf(loggerNameParts, i + 1), ".");
-                if (seenPrefixes.contains(loggerNamePrefix)) {
+
+            String longerPrefix = null;
+            for (int i = loggerNameParts.length; i > 0; i--) {
+                String loggerNamePrefix = StringUtils.join(Arrays.copyOf(loggerNameParts, i), ".");
+                seenPrefixes.put(loggerNamePrefix, seenPrefixes.getOrDefault(loggerNamePrefix, 0) + 1);
+                if (longerPrefix == null) {
+                    relevantPrefixes.add(loggerNamePrefix); // actual logger name
+                    longerPrefix = loggerNamePrefix;
+                    continue;
+                }
+
+                if (seenPrefixes.get(loggerNamePrefix) > seenPrefixes.get(longerPrefix)) {
                     relevantPrefixes.add(loggerNamePrefix);
-                } else {
-                    seenPrefixes.add(loggerNamePrefix);
                 }
+                longerPrefix = loggerNamePrefix;
             }
         }
-        loggerNames.addAll(relevantPrefixes);
-        candidateNames.addAll(loggerNames);
+        return relevantPrefixes;
+    }
+
+    @Restricted(NoExternalUse.class)
+    public AutoCompletionCandidates doAutoCompleteLoggerName(@QueryParameter String value) {
+        if (value == null) {
+            return new AutoCompletionCandidates();
+        }
+
+        // get names of all actual loggers known to Jenkins
+        Set<String> candidateNames = new LinkedHashSet<>(getAutoCompletionCandidates(Collections.list(LogManager.getLogManager().getLoggerNames())));
 
         for (String part : value.split("[ ]+")) {
             HashSet<String> partCandidates = new HashSet<>();
             String lowercaseValue = part.toLowerCase(Locale.ENGLISH);
-            for (String loggerName : loggerNames) {
+            for (String loggerName : candidateNames) {
                 if (loggerName.toLowerCase(Locale.ENGLISH).contains(lowercaseValue)) {
                     partCandidates.add(loggerName);
                 }
diff --git a/core/src/test/java/hudson/logging/LogRecorderTest.java b/core/src/test/java/hudson/logging/LogRecorderTest.java
index 6ff4618dd0..394a8f42e9 100644
--- a/core/src/test/java/hudson/logging/LogRecorderTest.java
+++ b/core/src/test/java/hudson/logging/LogRecorderTest.java
@@ -25,6 +25,9 @@
 package hudson.logging;
 
 import java.io.IOException;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Set;
 import java.util.logging.Level;
 import java.util.logging.LogRecord;
 import org.junit.Test;
@@ -126,4 +129,36 @@ public class LogRecorderTest {
         return new LogRecorder.Target(target, Level.INFO).matches(r);
     }
 
+    @Test
+    public void autocompletionTest() throws Exception {
+        List<String> loggers = Arrays.asList(
+                "com.company.whatever.Foo", "com.foo.Bar", "com.foo.Baz",
+                "org.example.app.Main", "org.example.app.impl.xml.Parser", "org.example.app.impl.xml.Validator");
+
+        Set<String> candidates = LogRecorder.getAutoCompletionCandidates(loggers);
+
+        isCandidate(candidates, "com");
+        isCandidate(candidates, "com.company.whatever.Foo");
+        isCandidate(candidates, "com.foo");
+        isCandidate(candidates, "com.foo.Bar");
+        isCandidate(candidates, "com.foo.Baz");
+        isCandidate(candidates, "org.example.app");
+        isCandidate(candidates, "org.example.app.Main");
+        isCandidate(candidates, "org.example.app.impl.xml");
+        isCandidate(candidates, "org.example.app.impl.xml.Parser");
+        isCandidate(candidates, "org.example.app.impl.xml.Validator");
+
+        isNotCandidate(candidates, "org");
+        isNotCandidate(candidates, "org.example");
+
+        assertEquals("expected number of items", 10, candidates.size());
+    }
+
+    private static void isCandidate(Set<String> candidates, String candidate) {
+        assertTrue(candidate, candidates.contains(candidate));
+    }
+    private static void isNotCandidate(Set<String> candidates, String candidate) {
+        assertFalse(candidate, candidates.contains(candidate));
+    }
+
 }
-- 
GitLab


From 7223632a06a8679b86c862400accdf5bdb83aff7 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Fri, 16 Mar 2018 17:01:02 -0400
Subject: [PATCH 225/863] Should not attempt to call VirtualFile.child with the
 empty string.

---
 core/src/main/java/hudson/model/DirectoryBrowserSupport.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/model/DirectoryBrowserSupport.java b/core/src/main/java/hudson/model/DirectoryBrowserSupport.java
index f5f1080373..5b32d5b755 100644
--- a/core/src/main/java/hudson/model/DirectoryBrowserSupport.java
+++ b/core/src/main/java/hudson/model/DirectoryBrowserSupport.java
@@ -216,7 +216,7 @@ public final class DirectoryBrowserSupport implements HttpResponse {
         String rest = _rest.toString();
 
         // this is the base file/directory
-        VirtualFile baseFile = root.child(base);
+        VirtualFile baseFile = base.isEmpty() ? root : root.child(base);
 
         if(baseFile.isDirectory()) {
             if(zip) {
-- 
GitLab


From f0819d2585bdf212ca1928146d1fa8e50cc3025c Mon Sep 17 00:00:00 2001
From: Devin Nusbaum <dwnusbaum@users.noreply.github.com>
Date: Fri, 16 Mar 2018 18:29:52 -0400
Subject: [PATCH 226/863] [JENKINS-22367] Split JDKInstaller to a plugin
 (#3301)

* [JENKINS-22367] Preparation for split of JDKInstaller to a plugin

* Add split-plugins entry and pending update to war/pom.xml

* Update jdk-tool plugin description

* Fix Findbugs warnings

* Update to HttpComponents Client 4.5

* Preserve formatting in translations of Messages.properties

* Preserve ISO-8859-1 encoding for properties

* Break cycle between jdk-tool and apache-httpcomponents-client-4-api

* Update version numbers after merge

* Add warning for the download from java.sun.com JDK installer

* Fix issues introduced when cleaning up Findbugs errors in 9dbf833

* Use warning class for error message and adjust message text

* Revert "Update to HttpComponents Client 4.5"

This reverts commit 9dbf8334c47eceecea916e105784d4f90415e3c3.

* Findbugs

* Remove JenkinsRule from test that does not use it

* Update version numbers after merge

* Warn when unexpected exceptions are thrown and update new plugin urls

* Update to 2.109-SNAPSHOT

* Address review feedback

* Update to 2.111-SNAPSHOT

* Try to use the agent's default charset to copy the install log

* Update to 2.112-SNAPSHOT

* Remove local module and use snapshot of jdk-tool

* Update to jdk-tool:1.0
---
 core/src/main/java/hudson/model/JDK.java      |  22 +-
 .../main/java/hudson/tools/JDKInstaller.java  | 967 ------------------
 .../DescriptorImpl/credentialOK.jelly         |  34 -
 .../DescriptorImpl/credentialOK_bg.properties |  26 -
 .../DescriptorImpl/credentialOK_de.properties |   4 -
 .../DescriptorImpl/credentialOK_es.properties |  24 -
 .../DescriptorImpl/credentialOK_it.properties |  24 -
 .../DescriptorImpl/credentialOK_ja.properties |  25 -
 .../credentialOK_pt_BR.properties             |   4 -
 .../DescriptorImpl/credentialOK_sr.properties |   4 -
 .../credentialOK_zh_TW.properties             |  24 -
 .../DescriptorImpl/enterCredential.jelly      |  52 -
 .../DescriptorImpl/enterCredential.properties |  23 -
 .../enterCredential_bg.properties             |  34 -
 .../enterCredential_de.properties             |   7 -
 .../enterCredential_es.properties             |  28 -
 .../enterCredential_it.properties             |  27 -
 .../enterCredential_ja.properties             |  28 -
 .../enterCredential_pt_BR.properties          |  28 -
 .../enterCredential_sr.properties             |   7 -
 .../enterCredential_zh_TW.properties          |  27 -
 .../hudson/tools/JDKInstaller/config.jelly    |  50 -
 .../tools/JDKInstaller/config_bg.properties   |  26 -
 .../tools/JDKInstaller/config_ca.properties   |   4 -
 .../tools/JDKInstaller/config_da.properties   |  24 -
 .../tools/JDKInstaller/config_de.properties   |   3 -
 .../JDKInstaller/config_en_GB.properties      |   3 -
 .../tools/JDKInstaller/config_es.properties   |  24 -
 .../tools/JDKInstaller/config_fi.properties   |   3 -
 .../tools/JDKInstaller/config_fr.properties   |  24 -
 .../tools/JDKInstaller/config_he.properties   |   4 -
 .../tools/JDKInstaller/config_it.properties   |   4 -
 .../tools/JDKInstaller/config_ja.properties   |  26 -
 .../tools/JDKInstaller/config_lt.properties   |   4 -
 .../tools/JDKInstaller/config_lv.properties   |   3 -
 .../tools/JDKInstaller/config_nl.properties   |  24 -
 .../tools/JDKInstaller/config_pl.properties   |   3 -
 .../JDKInstaller/config_pt_BR.properties      |  24 -
 .../JDKInstaller/config_pt_PT.properties      |   4 -
 .../tools/JDKInstaller/config_ru.properties   |  24 -
 .../tools/JDKInstaller/config_sk.properties   |   3 -
 .../tools/JDKInstaller/config_sr.properties   |   4 -
 .../JDKInstaller/config_sv_SE.properties      |  24 -
 .../JDKInstaller/config_zh_CN.properties      |   2 -
 .../JDKInstaller/config_zh_TW.properties      |  25 -
 .../hudson/tools/Messages.properties          |   6 -
 .../hudson/tools/Messages_bg.properties       |  16 -
 .../hudson/tools/Messages_da.properties       |   5 -
 .../hudson/tools/Messages_de.properties       |   6 -
 .../hudson/tools/Messages_es.properties       |   6 -
 .../hudson/tools/Messages_it.properties       |   6 -
 .../hudson/tools/Messages_ja.properties       |   7 -
 .../hudson/tools/Messages_pt_BR.properties    |  12 -
 .../hudson/tools/Messages_sr.properties       |   6 -
 .../hudson/tools/Messages_zh_CN.properties    |   5 -
 .../hudson/tools/Messages_zh_TW.properties    |   6 -
 .../resources/jenkins/split-plugin-cycles.txt |   2 +
 .../main/resources/jenkins/split-plugins.txt  |   2 +
 .../hudson/model/DownloadServiceTest.java     |  19 -
 .../java/hudson/tools/JDKInstallerTest.java   | 121 ---
 .../model/hudson.tools.JDKInstaller1.json     |  69 --
 .../model/hudson.tools.JDKInstaller2.json     |  46 -
 .../model/hudson.tools.JDKInstaller3.json     |  69 --
 .../hudson.tools.JDKInstallerResult.json      | 107 --
 war/pom.xml                                   |   6 +
 65 files changed, 29 insertions(+), 2251 deletions(-)
 delete mode 100644 core/src/main/java/hudson/tools/JDKInstaller.java
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK.jelly
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_bg.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_de.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_es.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_it.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_ja.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_pt_BR.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_sr.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_zh_TW.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential.jelly
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_bg.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_de.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_es.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_it.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_ja.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_pt_BR.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_sr.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_zh_TW.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config.jelly
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config_bg.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config_ca.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config_da.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config_de.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config_en_GB.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config_es.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config_fi.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config_fr.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config_he.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config_it.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config_ja.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config_lt.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config_lv.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config_nl.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config_pl.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config_pt_BR.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config_pt_PT.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config_ru.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config_sk.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config_sr.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config_sv_SE.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/tools/JDKInstaller/config_zh_TW.properties
 delete mode 100644 test/src/test/java/hudson/tools/JDKInstallerTest.java
 delete mode 100644 test/src/test/resources/hudson/model/hudson.tools.JDKInstaller1.json
 delete mode 100644 test/src/test/resources/hudson/model/hudson.tools.JDKInstaller2.json
 delete mode 100644 test/src/test/resources/hudson/model/hudson.tools.JDKInstaller3.json
 delete mode 100644 test/src/test/resources/hudson/model/hudson.tools.JDKInstallerResult.json

diff --git a/core/src/main/java/hudson/model/JDK.java b/core/src/main/java/hudson/model/JDK.java
index b04376eb74..abcb1a9f74 100644
--- a/core/src/main/java/hudson/model/JDK.java
+++ b/core/src/main/java/hudson/model/JDK.java
@@ -32,16 +32,20 @@ import hudson.EnvVars;
 import hudson.slaves.NodeSpecific;
 import hudson.tools.ToolInstallation;
 import hudson.tools.ToolDescriptor;
+import hudson.tools.ToolInstaller;
 import hudson.tools.ToolProperty;
-import hudson.tools.JDKInstaller;
 import hudson.util.XStream2;
 
 import java.io.File;
 import java.io.IOException;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.InvocationTargetException;
 import java.util.Map;
 import java.util.List;
 import java.util.Arrays;
 import java.util.Collections;
+import java.util.logging.Level;
+import java.util.logging.Logger;
 
 import jenkins.model.Jenkins;
 import org.jenkinsci.Symbol;
@@ -183,8 +187,18 @@ public final class JDK extends ToolInstallation implements NodeSpecific<JDK>, En
         }
 
         @Override
-        public List<JDKInstaller> getDefaultInstallers() {
-            return Collections.singletonList(new JDKInstaller(null,false));
+        public List<? extends ToolInstaller> getDefaultInstallers() {
+            try {
+                Class<? extends ToolInstaller> jdkInstallerClass = Jenkins.getInstance().getPluginManager()
+                        .uberClassLoader.loadClass("hudson.tools.JDKInstaller").asSubclass(ToolInstaller.class);
+                Constructor<? extends ToolInstaller> constructor = jdkInstallerClass.getConstructor(String.class, boolean.class);
+                return Collections.singletonList(constructor.newInstance(null, false));
+            } catch (ClassNotFoundException e) {
+                return Collections.emptyList();
+            } catch (Exception e) {
+                LOGGER.log(Level.WARNING, "Unable to get default installer", e);
+                return Collections.emptyList();
+            }
         }
 
         /**
@@ -211,4 +225,6 @@ public final class JDK extends ToolInstallation implements NodeSpecific<JDK>, En
             return ((JDK)obj).javaHome;
         }
     }
+
+    private static final Logger LOGGER = Logger.getLogger(JDK.class.getName());
 }
diff --git a/core/src/main/java/hudson/tools/JDKInstaller.java b/core/src/main/java/hudson/tools/JDKInstaller.java
deleted file mode 100644
index ce4f9f2eeb..0000000000
--- a/core/src/main/java/hudson/tools/JDKInstaller.java
+++ /dev/null
@@ -1,967 +0,0 @@
-/*
- * The MIT License
- *
- * Copyright (c) 2009-2010, Sun Microsystems, Inc., CloudBees, Inc.
- *
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included in
- * all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
- * THE SOFTWARE.
- */
-package hudson.tools;
-
-import hudson.AbortException;
-import hudson.Extension;
-import hudson.FilePath;
-import hudson.Launcher;
-import hudson.Launcher.ProcStarter;
-import hudson.ProxyConfiguration;
-import hudson.Util;
-import hudson.model.DownloadService.Downloadable;
-import hudson.model.JDK;
-import hudson.model.Node;
-import hudson.model.TaskListener;
-import hudson.util.ArgumentListBuilder;
-import hudson.util.FormValidation;
-import hudson.util.HttpResponses;
-import hudson.util.Secret;
-import java.io.OutputStream;
-import java.nio.file.Files;
-import java.nio.file.InvalidPathException;
-import jenkins.model.Jenkins;
-import jenkins.security.MasterToSlaveCallable;
-import net.sf.json.JSONObject;
-import net.sf.json.JsonConfig;
-import org.apache.commons.httpclient.Cookie;
-import org.apache.commons.httpclient.HttpClient;
-import org.apache.commons.httpclient.HttpMethodBase;
-import org.apache.commons.httpclient.URI;
-import org.apache.commons.httpclient.UsernamePasswordCredentials;
-import org.apache.commons.httpclient.auth.AuthScope;
-import org.apache.commons.httpclient.methods.GetMethod;
-import org.apache.commons.httpclient.methods.PostMethod;
-import org.apache.commons.httpclient.protocol.Protocol;
-import org.apache.commons.io.IOUtils;
-import org.jenkinsci.Symbol;
-import org.kohsuke.stapler.DataBoundConstructor;
-import org.kohsuke.stapler.HttpResponse;
-import org.kohsuke.stapler.QueryParameter;
-import org.kohsuke.stapler.Stapler;
-
-import javax.servlet.ServletException;
-import java.io.ByteArrayInputStream;
-import java.io.DataInputStream;
-import java.io.File;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.io.OutputStreamWriter;
-import java.io.PrintStream;
-import java.net.URL;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Locale;
-import java.util.logging.Logger;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-
-import static hudson.tools.JDKInstaller.Preference.*;
-import org.kohsuke.stapler.interceptor.RequirePOST;
-
-/**
- * Install JDKs from java.sun.com.
- *
- * @author Kohsuke Kawaguchi
- * @since 1.305
- */
-public class JDKInstaller extends ToolInstaller {
-
-    static {
-        // this socket factory will not attempt to bind to the client interface
-        Protocol.registerProtocol("http", new Protocol("http", new hudson.util.NoClientBindProtocolSocketFactory(), 80));
-        Protocol.registerProtocol("https", new Protocol("https", new hudson.util.NoClientBindSSLProtocolSocketFactory(), 443));
-    }
-
-    /**
-     * The release ID that Sun assigns to each JDK, such as "jdk-6u13-oth-JPR@CDS-CDS_Developer"
-     *
-     * <p>
-     * This ID can be seen in the "ProductRef" query parameter of the download page, like
-     * https://cds.sun.com/is-bin/INTERSHOP.enfinity/WFS/CDS-CDS_Developer-Site/en_US/-/USD/ViewProductDetail-Start?ProductRef=jdk-6u13-oth-JPR@CDS-CDS_Developer
-     */
-    public final String id;
-
-    /**
-     * We require that the user accepts the license by clicking a checkbox, to make up for the part
-     * that we auto-accept cds.sun.com license click through.
-     */
-    public final boolean acceptLicense;
-
-    @DataBoundConstructor
-    public JDKInstaller(String id, boolean acceptLicense) {
-        super(null);
-        this.id = id;
-        this.acceptLicense = acceptLicense;
-    }
-
-    public FilePath performInstallation(ToolInstallation tool, Node node, TaskListener log) throws IOException, InterruptedException {
-        FilePath expectedLocation = preferredLocation(tool, node);
-        PrintStream out = log.getLogger();
-        try {
-            if(!acceptLicense) {
-                out.println(Messages.JDKInstaller_UnableToInstallUntilLicenseAccepted());
-                return expectedLocation;
-            }
-            // already installed?
-            FilePath marker = expectedLocation.child(".installedByHudson");
-            if (marker.exists() && marker.readToString().equals(id)) {
-                return expectedLocation;
-            }
-            expectedLocation.deleteRecursive();
-            expectedLocation.mkdirs();
-
-            Platform p = Platform.of(node);
-            URL url = locate(log, p, CPU.of(node));
-
-//            out.println("Downloading "+url);
-            FilePath file = expectedLocation.child(p.bundleFileName);
-            file.copyFrom(url);
-
-            // JDK6u13 on Windows doesn't like path representation like "/tmp/foo", so make it a strict platform native format by doing 'absolutize'
-            install(node.createLauncher(log), p, new FilePathFileSystem(node), log, expectedLocation.absolutize().getRemote(), file.getRemote());
-
-            // successfully installed
-            file.delete();
-            marker.write(id, null);
-
-        } catch (DetectionFailedException e) {
-            out.println("JDK installation skipped: "+e.getMessage());
-        }
-
-        return expectedLocation;
-    }
-
-    /**
-     * Performs the JDK installation to a system, provided that the bundle was already downloaded.
-     *
-     * @param launcher
-     *      Used to launch processes on the system.
-     * @param p
-     *      Platform of the system. This determines how the bundle is installed.
-     * @param fs
-     *      Abstraction of the file system manipulation on this system.
-     * @param log
-     *      Where the output from the installation will be written.
-     * @param expectedLocation
-     *      Path to install JDK to. Must be absolute and in the native file system notation.
-     * @param jdkBundle
-     *      Path to the installed JDK bundle. (The bundle to download can be determined by {@link #locate(TaskListener, Platform, CPU)} call.)
-     */
-    public void install(Launcher launcher, Platform p, FileSystem fs, TaskListener log, String expectedLocation, String jdkBundle) throws IOException, InterruptedException {
-        PrintStream out = log.getLogger();
-
-        out.println("Installing "+ jdkBundle);
-        FilePath parent = new FilePath(launcher.getChannel(), expectedLocation).getParent();
-        switch (p) {
-        case LINUX:
-        case SOLARIS:
-            // JDK on Unix up to 6 was distributed as shell script installer, but in JDK7 it switched to a plain tgz.
-            // so check if the file is gzipped, and if so, treat it accordingly
-            byte[] header = new byte[2];
-            {
-                try (InputStream is = fs.read(jdkBundle);
-                     DataInputStream in = new DataInputStream(is)) {
-                    in.readFully(header);
-                }
-            }
-
-            ProcStarter starter;
-            if (header[0]==0x1F && header[1]==(byte)0x8B) {// gzip
-                starter = launcher.launch().cmds("tar", "xvzf", jdkBundle);
-            } else {
-                fs.chmod(jdkBundle,0755);
-                starter = launcher.launch().cmds(jdkBundle, "-noregister");
-            }
-
-            int exit = starter
-                    .stdin(new ByteArrayInputStream("yes".getBytes())).stdout(out)
-                    .pwd(new FilePath(launcher.getChannel(), expectedLocation)).join();
-            if (exit != 0)
-                throw new AbortException(Messages.JDKInstaller_FailedToInstallJDK(exit));
-
-            // JDK creates its own sub-directory, so pull them up
-            List<String> paths = fs.listSubDirectories(expectedLocation);
-            for (Iterator<String> itr = paths.iterator(); itr.hasNext();) {
-                String s =  itr.next();
-                if (!s.matches("j(2s)?dk.*"))
-                    itr.remove();
-            }
-            if(paths.size()!=1)
-                throw new AbortException("Failed to find the extracted JDKs: "+paths);
-
-            // remove the intermediate directory
-            fs.pullUp(expectedLocation+'/'+paths.get(0),expectedLocation);
-            break;
-        case WINDOWS:
-            /*
-                Windows silent installation is full of bad know-how.
-
-                On Windows, command line argument to a process at the OS level is a single string,
-                not a string array like POSIX. When we pass arguments as string array, JRE eventually
-                turn it into a single string with adding quotes to "the right place". Unfortunately,
-                with the strange argument layout of InstallShield (like /v/qn" INSTALLDIR=foobar"),
-                it appears that the escaping done by JRE gets in the way, and prevents the installation.
-                Presumably because of this, my attempt to use /q/vn" INSTALLDIR=foo" didn't work with JDK5.
-
-                I tried to locate exactly how InstallShield parses the arguments (and why it uses
-                awkward option like /qn, but couldn't find any. Instead, experiments revealed that
-                "/q/vn ARG ARG ARG" works just as well. This is presumably due to the Visual C++ runtime library
-                (which does single string -> string array conversion to invoke the main method in most Win32 process),
-                and this consistently worked on JDK5 and JDK4.
-
-                Some of the official documentations are available at
-                - http://java.sun.com/j2se/1.5.0/sdksilent.html
-                - http://java.sun.com/j2se/1.4.2/docs/guide/plugin/developer_guide/silent.html
-             */
-
-            expectedLocation = expectedLocation.trim();
-            if (expectedLocation.endsWith("\\")) {
-                // Prevent a trailing slash from escaping quotes
-                expectedLocation = expectedLocation.substring(0, expectedLocation.length() - 1);
-            }
-            String logFile = parent.createTempFile("install", "log").getRemote();
-
-
-            ArgumentListBuilder args = new ArgumentListBuilder();
-            assert (new File(expectedLocation).exists()) : expectedLocation
-                    + " must exist, otherwise /L will cause the installer to fail with error 1622";
-            if (isJava15() || isJava14()) {
-                // Installer uses InstallShield.
-                args.add("CMD.EXE", "/C");
-
-                // see http://docs.oracle.com/javase/1.5.0/docs/guide/deployment/deployment-guide/silent.html
-                // CMD.EXE /C must be followed by a single parameter (do not split it!)
-                args.add(jdkBundle + " /s /v\"/qn REBOOT=ReallySuppress INSTALLDIR=\\\""
-                        + expectedLocation + "\\\" /L \\\"" + logFile + "\\\"\"");
-            } else {
-                // Installed uses Windows Installer (MSI)
-                args.add(jdkBundle, "/s");
-
-                // Create a private JRE by omitting "PublicjreFeature"
-                // @see http://docs.oracle.com/javase/7/docs/webnotes/install/windows/jdk-installation-windows.html#jdk-silent-installation
-                args.add("ADDLOCAL=\"ToolsFeature\"",
-                        "REBOOT=ReallySuppress", "INSTALLDIR=" + expectedLocation,
-                        "/L",  logFile);
-            }
-            int r = launcher.launch().cmds(args).stdout(out)
-                    .pwd(new FilePath(launcher.getChannel(), expectedLocation)).join();
-            if (r != 0) {
-                out.println(Messages.JDKInstaller_FailedToInstallJDK(r));
-                // log file is in UTF-16
-                try (InputStreamReader in = new InputStreamReader(fs.read(logFile), "UTF-16")) {
-                    IOUtils.copy(in, new OutputStreamWriter(out));
-                }
-                throw new AbortException();
-            }
-
-            fs.delete(logFile);
-
-            break;
-
-        case OSX:
-            // Mount the DMG distribution bundle
-            FilePath dmg = parent.createTempDir("jdk", "dmg");
-            exit = launcher.launch()
-                    .cmds("hdiutil", "attach", "-puppetstrings", "-mountpoint", dmg.getRemote(), jdkBundle)
-                    .stdout(log)
-                    .join();
-            if (exit != 0)
-                throw new AbortException(Messages.JDKInstaller_FailedToInstallJDK(exit));
-
-            // expand the installation PKG
-            FilePath[] list = dmg.list("*.pkg");
-            if (list.length != 1) {
-                log.getLogger().println("JDK dmg bundle does not contain expected pkg installer");
-                throw new AbortException(Messages.JDKInstaller_FailedToInstallJDK(exit));
-            }
-            String installer = list[0].getRemote();
-
-            FilePath pkg = parent.createTempDir("jdk", "pkg");
-            pkg.deleteRecursive(); // pkgutil fails if target directory exists
-            exit = launcher.launch()
-                    .cmds("pkgutil", "--expand", installer, pkg.getRemote())
-                    .stdout(log)
-                    .join();
-            if (exit != 0)
-                throw new AbortException(Messages.JDKInstaller_FailedToInstallJDK(exit));
-
-            exit = launcher.launch()
-                    .cmds("umount", dmg.getRemote())
-                    .stdout(log)
-                    .join();
-            if (exit != 0)
-                throw new AbortException(Messages.JDKInstaller_FailedToInstallJDK(exit));
-
-            // We only want the actual JDK sub-package, which "Payload" is actually a tar.gz archive
-            list = pkg.list("jdk*.pkg/Payload");
-            if (list.length != 1) {
-                log.getLogger().println("JDK pkg installer does not contain expected JDK Payload archive");
-                throw new AbortException(Messages.JDKInstaller_FailedToInstallJDK(exit));
-            }
-            String payload = list[0].getRemote();
-            exit = launcher.launch()
-                    .pwd(parent).cmds("tar", "xzf", payload)
-                    .stdout(log)
-                    .join();
-            if (exit != 0)
-                throw new AbortException(Messages.JDKInstaller_FailedToInstallJDK(exit));
-
-            parent.child("Contents/Home").moveAllChildrenTo(new FilePath(launcher.getChannel(), expectedLocation));
-            parent.child("Contents").deleteRecursive();
-
-            pkg.deleteRecursive();
-            dmg.deleteRecursive();
-            break;
-        }
-    }
-
-    private boolean isJava15() {
-        return id.contains("-1.5");
-    }
-
-    private boolean isJava14() {
-        return id.contains("-1.4");
-    }
-
-    /**
-     * Abstraction of the file system to perform JDK installation.
-     * Consider {@link JDKInstaller.FilePathFileSystem} as the canonical documentation of the contract.
-     */
-    public interface FileSystem {
-        void delete(String file) throws IOException, InterruptedException;
-        void chmod(String file,int mode) throws IOException, InterruptedException;
-        InputStream read(String file) throws IOException, InterruptedException;
-        /**
-         * List sub-directories of the given directory and just return the file name portion.
-         */
-        List<String> listSubDirectories(String dir) throws IOException, InterruptedException;
-        void pullUp(String from, String to) throws IOException, InterruptedException;
-    }
-
-    /*package*/ static final class FilePathFileSystem implements FileSystem {
-        private final Node node;
-
-        FilePathFileSystem(Node node) {
-            this.node = node;
-        }
-
-        public void delete(String file) throws IOException, InterruptedException {
-            $(file).delete();
-        }
-
-        public void chmod(String file, int mode) throws IOException, InterruptedException {
-            $(file).chmod(mode);
-        }
-
-        public InputStream read(String file) throws IOException, InterruptedException {
-            return $(file).read();
-        }
-
-        public List<String> listSubDirectories(String dir) throws IOException, InterruptedException {
-            List<String> r = new ArrayList<String>();
-            for( FilePath f : $(dir).listDirectories())
-                r.add(f.getName());
-            return r;
-        }
-
-        public void pullUp(String from, String to) throws IOException, InterruptedException {
-            $(from).moveAllChildrenTo($(to));
-        }
-
-        private FilePath $(String file) {
-            return node.createPath(file);
-        }
-    }
-
-    /**
-     * This is where we locally cache this JDK.
-     */
-    private File getLocalCacheFile(Platform platform, CPU cpu) {
-        return new File(Jenkins.getInstance().getRootDir(),"cache/jdks/"+platform+"/"+cpu+"/"+id);
-    }
-
-    /**
-     * Performs a license click through and obtains the one-time URL for downloading bits.
-     */
-    public URL locate(TaskListener log, Platform platform, CPU cpu) throws IOException {
-        File cache = getLocalCacheFile(platform, cpu);
-        if (cache.exists() && cache.length()>1*1024*1024) return cache.toURL(); // if the file is too small, don't trust it. In the past, the download site served error message in 200 status code
-
-        log.getLogger().println("Installing JDK "+id);
-        JDKFamilyList families = JDKList.all().get(JDKList.class).toList();
-        if (families.isEmpty())
-            throw new IOException("JDK data is empty.");
-
-        JDKRelease release = families.getRelease(id);
-        if (release==null)
-            throw new IOException("Unable to find JDK with ID="+id);
-
-        JDKFile primary=null,secondary=null;
-        for (JDKFile f : release.files) {
-            String vcap = f.name.toUpperCase(Locale.ENGLISH);
-
-            // JDK files have either 'windows', 'linux', or 'solaris' in its name, so that allows us to throw
-            // away unapplicable stuff right away
-            if(!platform.is(vcap))
-                continue;
-
-            switch (cpu.accept(vcap)) {
-            case PRIMARY:   primary = f;break;
-            case SECONDARY: secondary=f;break;
-            case UNACCEPTABLE:  break;
-            }
-        }
-
-        if(primary==null)   primary=secondary;
-        if(primary==null)
-            throw new AbortException("Couldn't find the right download for "+platform+" and "+ cpu +" combination");
-        LOGGER.fine("Platform choice:"+primary);
-
-        log.getLogger().println("Downloading JDK from "+primary.filepath);
-
-        HttpClient hc = new HttpClient();
-        hc.getParams().setParameter("http.useragent","Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)");
-        ProxyConfiguration jpc = Jenkins.getInstance().proxy;
-        if(jpc != null) {
-            hc.getHostConfiguration().setProxy(jpc.name, jpc.port);
-            if(jpc.getUserName() != null)
-                hc.getState().setProxyCredentials(AuthScope.ANY,new UsernamePasswordCredentials(jpc.getUserName(),jpc.getPassword()));
-        }
-
-        int authCount=0, totalPageCount=0;  // counters for avoiding infinite loop
-
-        HttpMethodBase m = new GetMethod(primary.filepath);
-        hc.getState().addCookie(new Cookie(".oracle.com","gpw_e24",".", "/", -1, false));
-        hc.getState().addCookie(new Cookie(".oracle.com","oraclelicense","accept-securebackup-cookie", "/", -1, false));
-        try {
-            while (true) {
-                if (totalPageCount++>16) // looping too much
-                    throw new IOException("Unable to find the login form");
-
-                LOGGER.fine("Requesting " + m.getURI());
-                int r = hc.executeMethod(m);
-                if (r/100==3) {
-                    // redirect?
-                    String loc = m.getResponseHeader("Location").getValue();
-                    m.releaseConnection();
-                    m = new GetMethod(loc);
-                    continue;
-                }
-                if (r!=200)
-                    throw new IOException("Failed to request " + m.getURI() +" exit code="+r);
-
-                if (m.getURI().getHost().equals("login.oracle.com")) {
-                    /* Oracle switched from old to new, and then back to old. This code should work for either.
-                     * Old Login flow:
-                     * 1. /mysso/signon.jsp: Form for username + password: Submit actions is:
-                     * 2. /oam/server/sso/auth_cred_submit: Returns a 302 to:
-                     * 3. https://edelivery.oracle.com/osso_login_success: Returns a 302 to the download.
-                     * New Login flow:
-                     * 1. /oaam_server/oamLoginPage.jsp: Form for username + password. Submit action is:
-                     * 2. /oaam_server/login.do: Returns a 302 to:
-                     * 3. /oaam_server/loginAuth.do: After 2 seconds, JS sets window.location to:
-                     * 4. /oaam_server/authJump.do: Contains a single form with hidden inputs and JS that submits the form to:
-                     * 5. /oam/server/dap/cred_submit: Returns a 302 to:
-                     * 6. https://edelivery.oracle.com/osso_login_success: Returns a 302 to the download.
-                     */
-                    if (m.getURI().getPath().contains("/loginAuth.do")) {
-                        try {
-                            Thread.sleep(2000);
-                            m.releaseConnection();
-                            m = new GetMethod(new URI(m.getURI(), "/oaam_server/authJump.do?jump=false", true).toString());
-                            continue;
-                        } catch (InterruptedException x) {
-                            throw new IOException("Interrupted while logging in", x);
-                        }
-                    }
-
-                    LOGGER.fine("Appears to be a login page");
-                    String resp = IOUtils.toString(m.getResponseBodyAsStream(), m.getResponseCharSet());
-                    m.releaseConnection();
-                    Matcher pm = Pattern.compile("<form .*?action=\"([^\"]*)\".*?</form>", Pattern.DOTALL).matcher(resp);
-                    if (!pm.find())
-                        throw new IllegalStateException("Unable to find a form in the response:\n"+resp);
-
-                    String form = pm.group();
-                    PostMethod post = new PostMethod(
-                            new URL(new URL(m.getURI().getURI()),pm.group(1)).toExternalForm());
-
-                    if (m.getURI().getPath().contains("/authJump.do")) {
-                        m = post;
-                        continue;
-                    }
-
-                    String u = getDescriptor().getUsername();
-                    Secret p = getDescriptor().getPassword();
-                    if (u==null || p==null) {
-                        log.hyperlink(getCredentialPageUrl(),"Oracle now requires Oracle account to download previous versions of JDK. Please specify your Oracle account username/password.\n");
-                        throw new AbortException("Unable to install JDK unless a valid Oracle account username/password is provided in the system configuration.");
-                    }
-
-                    for (String fragment : form.split("<input")) {
-                        String n = extractAttribute(fragment,"name");
-                        String v = extractAttribute(fragment,"value");
-                        if (n==null || v==null)     continue;
-                        if (n.equals("userid") || n.equals("ssousername"))
-                            v = u;
-                        if (n.equals("pass") || n.equals("password")) {
-                            v = p.getPlainText();
-                            if (authCount++ > 3) {
-                                log.hyperlink(getCredentialPageUrl(),"Your Oracle account doesn't appear valid. Please specify a valid username/password\n");
-                                throw new AbortException("Unable to install JDK unless a valid username/password is provided.");
-                            }
-                        }
-                        post.addParameter(n, v);
-                    }
-
-                    m = post;
-                } else {
-                    log.getLogger().println("Downloading " + m.getResponseContentLength() + " bytes");
-
-                    // download to a temporary file and rename it in to handle concurrency and failure correctly,
-                    File tmp = new File(cache.getPath()+".tmp");
-                    try {
-                        tmp.getParentFile().mkdirs();
-                        try (OutputStream out = Files.newOutputStream(tmp.toPath())) {
-                            IOUtils.copy(m.getResponseBodyAsStream(), out);
-                        } catch (InvalidPathException e) {
-                            throw new IOException(e);
-                        }
-
-                        tmp.renameTo(cache);
-                        return cache.toURL();
-                    } finally {
-                        tmp.delete();
-                    }
-                }
-            }
-        } finally {
-            m.releaseConnection();
-        }
-    }
-
-    private static String extractAttribute(String s, String name) {
-        String h = name + "=\"";
-        int si = s.indexOf(h);
-        if (si<0)   return null;
-        int ei = s.indexOf('\"',si+h.length());
-        return s.substring(si+h.length(),ei);
-    }
-
-    private String getCredentialPageUrl() {
-        return "/"+getDescriptor().getDescriptorUrl()+"/enterCredential";
-    }
-
-    public enum Preference {
-        PRIMARY, SECONDARY, UNACCEPTABLE
-    }
-
-    /**
-     * Supported platform.
-     */
-    public enum Platform {
-        LINUX("jdk.sh"), SOLARIS("jdk.sh"), WINDOWS("jdk.exe"), OSX("jdk.dmg");
-
-        /**
-         * Choose the file name suitable for the downloaded JDK bundle.
-         */
-        public final String bundleFileName;
-
-        Platform(String bundleFileName) {
-            this.bundleFileName = bundleFileName;
-        }
-
-        public boolean is(String line) {
-            return line.contains(name());
-        }
-
-        /**
-         * Determines the platform of the given node.
-         */
-        public static Platform of(Node n) throws IOException,InterruptedException,DetectionFailedException {
-            return n.getChannel().call(new GetCurrentPlatform());
-        }
-
-        public static Platform current() throws DetectionFailedException {
-            String arch = System.getProperty("os.name").toLowerCase(Locale.ENGLISH);
-            if(arch.contains("linux"))  return LINUX;
-            if(arch.contains("windows"))   return WINDOWS;
-            if(arch.contains("sun") || arch.contains("solaris"))    return SOLARIS;
-            if(arch.contains("mac")) return OSX;
-            throw new DetectionFailedException("Unknown CPU name: "+arch);
-        }
-
-        static class GetCurrentPlatform extends MasterToSlaveCallable<Platform,DetectionFailedException> {
-            private static final long serialVersionUID = 1L;
-            public Platform call() throws DetectionFailedException {
-                return current();
-            }
-        }
-
-    }
-
-    /**
-     * CPU type.
-     */
-    public enum CPU {
-        i386, amd64, Sparc, Itanium;
-
-        /**
-         * In JDK5u3, I see platform like "Linux AMD64", while JDK6u3 refers to "Linux x64", so
-         * just use "64" for locating bits.
-         */
-        public Preference accept(String line) {
-            switch (this) {
-            // these two guys are totally incompatible with everything else, so no fallback
-            case Sparc:     return must(line.contains("SPARC"));
-            case Itanium:   return must(line.contains("IA64"));
-
-            // 64bit Solaris, Linux, and Windows can all run 32bit executable, so fall back to 32bit if 64bit bundle is not found
-            case amd64:
-                if(line.contains("SPARC") || line.contains("IA64"))  return UNACCEPTABLE;
-                if(line.contains("64"))     return PRIMARY;
-                return SECONDARY;
-            case i386:
-                if(line.contains("64") || line.contains("SPARC") || line.contains("IA64"))     return UNACCEPTABLE;
-                return PRIMARY;
-            }
-            return UNACCEPTABLE;
-        }
-
-        private static Preference must(boolean b) {
-             return b ? PRIMARY : UNACCEPTABLE;
-        }
-
-        /**
-         * Determines the CPU of the given node.
-         */
-        public static CPU of(Node n) throws IOException,InterruptedException, DetectionFailedException {
-            return n.getChannel().call(new GetCurrentCPU());
-        }
-
-        /**
-         * Determines the CPU of the current JVM.
-         *
-         * http://lopica.sourceforge.net/os.html was useful in writing this code.
-         */
-        public static CPU current() throws DetectionFailedException {
-            String arch = System.getProperty("os.arch").toLowerCase(Locale.ENGLISH);
-            if(arch.contains("sparc"))  return Sparc;
-            if(arch.contains("ia64"))   return Itanium;
-            if(arch.contains("amd64") || arch.contains("86_64"))    return amd64;
-            if(arch.contains("86"))    return i386;
-            throw new DetectionFailedException("Unknown CPU architecture: "+arch);
-        }
-
-        static class GetCurrentCPU extends MasterToSlaveCallable<CPU,DetectionFailedException> {
-            private static final long serialVersionUID = 1L;
-            public CPU call() throws DetectionFailedException {
-                return current();
-            }
-        }
-
-    }
-
-    /**
-     * Indicates the failure to detect the OS or CPU.
-     */
-    private static final class DetectionFailedException extends Exception {
-        private DetectionFailedException(String message) {
-            super(message);
-        }
-    }
-
-    public static final class JDKFamilyList {
-        public JDKFamily[] data = new JDKFamily[0];
-        public int version;
-
-        public boolean isEmpty() {
-            for (JDKFamily f : data) {
-                if (f.releases.length>0)
-                    return false;
-            }
-            return true;
-        }
-
-        public JDKRelease getRelease(String productCode) {
-            for (JDKFamily f : data) {
-                for (JDKRelease r : f.releases) {
-                    if (r.matchesId(productCode))
-                        return r;
-                }
-            }
-            return null;
-        }
-    }
-
-    public static final class JDKFamily {
-        public String name;
-        public JDKRelease[] releases;
-    }
-
-    public static final class JDKRelease {
-        /**
-         * the list of {@link JDKFile}s
-         */
-        public JDKFile[] files;
-        /**
-         * the license path
-         */
-        public String licpath;
-        /**
-         * the license title
-         */
-        public String lictitle;
-        /**
-         * This maps to the former product code, like "jdk-6u13-oth-JPR"
-         */
-        public String name;
-        /**
-         * This is human readable.
-         */
-        public String title;
-
-        /**
-         * We used to use IDs like "jdk-6u13-oth-JPR@CDS-CDS_Developer", but Oracle switched to just "jdk-6u13-oth-JPR".
-         * This method matches if the specified string matches the name, and it accepts both the old and the new format.
-         */
-        public boolean matchesId(String rhs) {
-            return rhs!=null && (rhs.equals(name) || rhs.startsWith(name+"@"));
-        }
-    }
-
-    public static final class JDKFile {
-        public String filepath;
-        public String name;
-        public String title;
-    }
-
-    @Override
-    public DescriptorImpl getDescriptor() {
-        return (DescriptorImpl)super.getDescriptor();
-    }
-
-    @Extension @Symbol("jdkInstaller")
-    public static final class DescriptorImpl extends ToolInstallerDescriptor<JDKInstaller> {
-        private String username;
-        private Secret password;
-
-        public DescriptorImpl() {
-            load();
-        }
-
-        public String getDisplayName() {
-            return Messages.JDKInstaller_DescriptorImpl_displayName();
-        }
-
-        @Override
-        public boolean isApplicable(Class<? extends ToolInstallation> toolType) {
-            return toolType==JDK.class;
-        }
-
-        public String getUsername() {
-            return username;
-        }
-
-        public Secret getPassword() {
-            return password;
-        }
-
-        public FormValidation doCheckId(@QueryParameter String value) {
-            if (Util.fixEmpty(value) == null)
-                return FormValidation.error(Messages.JDKInstaller_DescriptorImpl_doCheckId()); // improve message
-            return FormValidation.ok();
-        }
-
-        /**
-         * List of installable JDKs.
-         * @return never null.
-         */
-        public List<JDKFamily> getInstallableJDKs() throws IOException {
-            return Arrays.asList(JDKList.all().get(JDKList.class).toList().data);
-        }
-
-        public FormValidation doCheckAcceptLicense(@QueryParameter boolean value) {
-            if (username==null || password==null)
-                return FormValidation.errorWithMarkup(Messages.JDKInstaller_RequireOracleAccount(Stapler.getCurrentRequest().getContextPath()+'/'+getDescriptorUrl()+"/enterCredential"));
-            if (value) {
-                return FormValidation.ok();
-            } else {
-                return FormValidation.error(Messages.JDKInstaller_DescriptorImpl_doCheckAcceptLicense());
-            }
-        }
-
-        /**
-         * Submits the Oracle account username/password.
-         */
-        @RequirePOST
-        public HttpResponse doPostCredential(@QueryParameter String username, @QueryParameter String password) throws IOException, ServletException {
-            Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
-            this.username = username;
-            this.password = Secret.fromString(password);
-            save();
-            return HttpResponses.redirectTo("credentialOK");
-        }
-    }
-
-    /**
-     * JDK list.
-     */
-    @Extension @Symbol("jdk")
-    public static final class JDKList extends Downloadable {
-        public JDKList() {
-            super(JDKInstaller.class);
-        }
-
-        public JDKFamilyList toList() throws IOException {
-            JSONObject d = getData();
-            if(d==null) return new JDKFamilyList();
-            return (JDKFamilyList)JSONObject.toBean(d,JDKFamilyList.class);
-        }
-
-        /**
-         * {@inheritDoc}
-         */
-        @Override
-        public JSONObject reduce (List<JSONObject> jsonObjectList) {
-            List<JDKFamily> reducedFamilies = new LinkedList<>();
-            int version = 0;
-            JsonConfig jsonConfig = new JsonConfig();
-            jsonConfig.registerPropertyExclusion(JDKFamilyList.class, "empty");
-            jsonConfig.setRootClass(JDKFamilyList.class);
-            //collect all JDKFamily objects from the multiple json objects
-            for (JSONObject jsonJdkFamilyList : jsonObjectList) {
-                JDKFamilyList jdkFamilyList = (JDKFamilyList)JSONObject.toBean(jsonJdkFamilyList, jsonConfig);
-                if (version == 0) {
-                    //we set as version the version of the first update center
-                    version = jdkFamilyList.version;
-                }
-                JDKFamily[] jdkFamilies = jdkFamilyList.data;
-                reducedFamilies.addAll(Arrays.asList(jdkFamilies));
-            }
-            //we  iterate on the list and reduce it until there are no more duplicates
-            //this could be made recursive
-            while (hasDuplicates(reducedFamilies, "name")) {
-                //create a temporary list to store the tmp result
-                List<JDKFamily> tmpReducedFamilies = new LinkedList<>();
-                //we need to skip the processed families
-                boolean processed [] = new boolean[reducedFamilies.size()];
-                for (int i = 0; i < reducedFamilies.size(); i ++ ) {
-                    if (processed [i] == true) {
-                        continue;
-                    }
-                    JDKFamily data1 = reducedFamilies.get(i);
-                    boolean hasDuplicate = false;
-                    for (int j = i + 1; j < reducedFamilies.size(); j ++ ) {
-                        JDKFamily data2 = reducedFamilies.get(j);
-                        //if we found a duplicate we need to merge the families
-                        if (data1.name.equals(data2.name)) {
-                            hasDuplicate = true;
-                            processed [j] = true;
-                            JDKFamily reducedData = reduceData(data1.name, new LinkedList<JDKRelease>(Arrays.asList(data1.releases)), new LinkedList<JDKRelease>(Arrays.asList(data2.releases)));
-                            tmpReducedFamilies.add(reducedData);
-                            //after the first duplicate has been found we break the loop since the duplicates are
-                            //processed two by two
-                            break;
-                        }
-                    }
-                    //if no duplicate has been found we just insert the whole family in the tmp list
-                    if (!hasDuplicate) {
-                        tmpReducedFamilies.add(data1);
-                    }
-                }
-                reducedFamilies = tmpReducedFamilies;
-            }
-            JDKFamilyList jdkFamilyList = new JDKFamilyList();
-            jdkFamilyList.version = version;
-            jdkFamilyList.data = new JDKFamily[reducedFamilies.size()];
-            reducedFamilies.toArray(jdkFamilyList.data);
-            JSONObject reducedJdkFamilyList = JSONObject.fromObject(jdkFamilyList, jsonConfig);
-            //return the list with no duplicates
-            return reducedJdkFamilyList;
-        }
-
-        private JDKFamily reduceData(String name, List<JDKRelease> releases1, List<JDKRelease> releases2) {
-            LinkedList<JDKRelease> reducedReleases = new LinkedList<>();
-            for (Iterator<JDKRelease> iterator = releases1.iterator(); iterator.hasNext(); ) {
-                JDKRelease release1 = iterator.next();
-                boolean hasDuplicate = false;
-                for (Iterator<JDKRelease> iterator2 = releases2.iterator(); iterator2.hasNext(); ) {
-                    JDKRelease release2 = iterator2.next();
-                    if (release1.name.equals(release2.name)) {
-                        hasDuplicate = true;
-                        JDKRelease reducedRelease = reduceReleases(release1, new LinkedList<JDKFile>(Arrays.asList(release1.files)), new LinkedList<JDKFile>(Arrays.asList(release2.files)));
-                        iterator2.remove();
-                        reducedReleases.add(reducedRelease);
-                        //we assume that in one release list there are no duplicates so we stop at the first one
-                        break;
-                    }
-                }
-                if (!hasDuplicate) {
-                    reducedReleases.add(release1);
-                }
-            }
-            reducedReleases.addAll(releases2);
-            JDKFamily reducedFamily = new JDKFamily();
-            reducedFamily.name = name;
-            reducedFamily.releases = new JDKRelease[reducedReleases.size()];
-            reducedReleases.toArray(reducedFamily.releases);
-            return reducedFamily;
-        }
-
-        private JDKRelease reduceReleases(JDKRelease release, List<JDKFile> files1, List<JDKFile> files2) {
-            LinkedList<JDKFile> reducedFiles = new LinkedList<>();
-            for (Iterator<JDKFile> iterator1 = files1.iterator(); iterator1.hasNext(); ) {
-                JDKFile file1 = iterator1.next();
-                for (Iterator<JDKFile> iterator2 = files2.iterator(); iterator2.hasNext(); ) {
-                    JDKFile file2 = iterator2.next();
-                    if (file1.name.equals(file2.name)) {
-                        iterator2.remove();
-                        //we assume the in one file list there are no duplicates so we break after we find the
-                        //first match
-                        break;
-                    }
-                }
-            }
-            reducedFiles.addAll(files1);
-            reducedFiles.addAll(files2);
-
-            JDKRelease jdkRelease = new JDKRelease();
-            jdkRelease.files = new JDKFile[reducedFiles.size()];
-            reducedFiles.toArray(jdkRelease.files);
-            jdkRelease.name = release.name;
-            jdkRelease.licpath = release.licpath;
-            jdkRelease.lictitle = release.lictitle;
-            jdkRelease.title = release.title;
-            return jdkRelease;
-        }
-    }
-
-    private static final Logger LOGGER = Logger.getLogger(JDKInstaller.class.getName());
-}
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK.jelly b/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK.jelly
deleted file mode 100644
index c4a094a65e..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK.jelly
+++ /dev/null
@@ -1,34 +0,0 @@
-<!--
-The MIT License
-
-Copyright (c) 2011, CloudBees, Inc.
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.
--->
-<?jelly escape-by-default='true'?>
-<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form" xmlns:i="jelly:fmt">
-  <l:layout title="${%Credential is saved}">
-    <l:main-panel>
-      <p>
-        ${%Credential is saved}
-      </p>
-      <input type="button" value="${%Close}" class="yui-button" onclick="window.close()" />
-    </l:main-panel>
-  </l:layout>
-</j:jelly>
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_bg.properties b/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_bg.properties
deleted file mode 100644
index c9a4c88d9e..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_bg.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Bulgarian translation: Copyright (c) 2016, Alexander Shopov <ash@kambanaria.org>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Credential\ is\ saved=\
- \u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f\u0442\u0430 \u0435 \u0437\u0430\u043f\u0430\u0437\u0435\u043d\u0430
-Close=\
- \u0417\u0430\u0442\u0432\u0430\u0440\u044f\u043d\u0435
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_de.properties b/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_de.properties
deleted file mode 100644
index 655d59a10b..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_de.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is under the MIT License by authors
-
-Close=Schlie\u00DFen
-Credential\ is\ saved=Zugangsdaten gespeichert
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_es.properties b/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_es.properties
deleted file mode 100644
index 67f1788a2b..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_es.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-, Kohsuke Kawaguchi, Sun Microsystems, Inc., and a number of other of contributers
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Close=Cerrar
-Credential\ is\ saved=La credencial se ha guardado
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_it.properties b/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_it.properties
deleted file mode 100644
index 65bf7f41ba..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_it.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-, Kohsuke Kawaguchi, Sun Microsystems, Inc., and a number of other of contributors
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Credential\ is\ saved=Credenziali salvate
-Close=Chiudi
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_ja.properties b/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_ja.properties
deleted file mode 100644
index 4bd382d6cd..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_ja.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2011, CloudBees, Inc. Seiji Sogabe
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Credential\ is\ saved=\u8a8d\u8a3c\u60c5\u5831\u3092\u4fdd\u5b58\u3057\u307e\u3057\u305f\u3002
-Close=\u9589\u3058\u308b
-
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_pt_BR.properties b/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_pt_BR.properties
deleted file mode 100644
index 7c48f45d69..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_pt_BR.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is under the MIT License by authors
-
-Close=Fechar
-Credential\ is\ saved=Senha est\u00E1 salva
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_sr.properties b/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_sr.properties
deleted file mode 100644
index fef7da6755..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_sr.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is under the MIT License by authors
-
-Credential\ is\ saved=\u0421\u0430\u0447\u0443\u0432\u0430\u043D\u043E \u0458\u0435 \u0430\u043A\u0440\u0435\u0434\u0438\u0442\u0438\u0432\u0430\u0442
-Close=\u0417\u0430\u0432\u0440\u0448\u0438
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_zh_TW.properties b/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_zh_TW.properties
deleted file mode 100644
index 6fe8c3aa75..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/credentialOK_zh_TW.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2013, Chunghwa Telecom Co., Ltd., Pei-Tang Huang
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Credential\ is\ saved=\u8a8d\u8b49\u8cc7\u6599\u5df2\u5132\u5b58
-Close=\u95dc\u9589
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential.jelly b/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential.jelly
deleted file mode 100644
index 0bd42bc9a2..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential.jelly
+++ /dev/null
@@ -1,52 +0,0 @@
-<!--
-The MIT License
-
-Copyright (c) 2011, CloudBees, Inc.
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.
--->
-<?jelly escape-by-default='true'?>
-<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
-  <l:layout title="${%Enter Your Oracle Account}">
-    <l:main-panel>
-
-      <h1>
-        <l:icon class="icon-secure icon-xlg"/>
-        ${%Enter Your Oracle Account}
-      </h1>
-      <p>
-        ${%description}
-      </p>
-      <f:form method="post" action="postCredential" name="postCredential">
-        <j:set var="descriptor" value="${it}" />
-
-        <f:entry title="${%Username}">
-          <f:textbox name="username"/>
-        </f:entry>
-        <f:entry title="${%Password}">
-          <f:password name="password"/>
-        </f:entry>
-
-        <f:block>
-          <f:submit value="${%OK}" style="margin-top:1em;"/>
-        </f:block>
-      </f:form>
-    </l:main-panel>
-  </l:layout>
-</j:jelly>
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential.properties b/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential.properties
deleted file mode 100644
index b71d56349f..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2011, CloudBees, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-description=To access older versions of JDK, you need to have <a href="https://jenkins.io/redirect/oracle-account-signup">Oracle Account</a>.
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_bg.properties b/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_bg.properties
deleted file mode 100644
index fa475cad59..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_bg.properties
+++ /dev/null
@@ -1,34 +0,0 @@
-# The MIT License
-#
-# Bulgarian translation: Copyright (c) 2016, 2017, Alexander Shopov <ash@kambanaria.org>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-# To access older versions of JDK, you need to have <a href="https://jenkins.io/redirect/oracle-account-signup">Oracle Account</a>.
-description=\
- \u0414\u043e\u0441\u0442\u044a\u043f\u044a\u0442 \u0434\u043e \u043f\u043e-\u0441\u0442\u0430\u0440\u0438 \u0432\u0435\u0440\u0441\u0438\u0438 \u043d\u0430 JDK \u0438\u0437\u0438\u0441\u043a\u0432\u0430 \u0434\u0430 \u0438\u043c\u0430\u0442\u0435\
- <a href="https://jenkins.io/redirect/oracle-account-signup">\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u044f \u043a\u044a\u043c Oracle</a>.
-OK=\
- \u0414\u043e\u0431\u0440\u0435
-Enter\ Your\ Oracle\ Account=\
- \u0412\u044a\u0432\u0435\u0434\u0435\u0442\u0435 \u0434\u0430\u043d\u043d\u0438\u0442\u0435 \u0437\u0430 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u044f\u0442\u0430 \u0432\u0438 \u043a\u044a\u043c Oracle
-Password=\
- \u041f\u0430\u0440\u043e\u043b\u0430
-Username=\
- \u0418\u043c\u0435 \u043d\u0430 \u043f\u043e\u0442\u0440\u0435\u0431\u0438\u0442\u0435\u043b
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_de.properties b/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_de.properties
deleted file mode 100644
index 672bfce5c0..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_de.properties
+++ /dev/null
@@ -1,7 +0,0 @@
-# This file is under the MIT License by authors
-
-Enter\ Your\ Oracle\ Account=Bitte Oracle-Account eintragen
-OK=Ok
-Password=Passwort
-Username=Benutzername
-description=Um \u00E4ltere Versionen des JDKs zu erlangen, ben\u00F6tigen Sie einen <a href="https://jenkins.io/redirect/oracle-account-signup">Oracle Account</a>.
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_es.properties b/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_es.properties
deleted file mode 100644
index 7d6223c69f..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_es.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-, Kohsuke Kawaguchi, Sun Microsystems, Inc., and a number of other of contributers
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Password=Contrase�a
-Username=Usuario
-# To access older versions of JDK, you need to have <a href="https://jenkins.io/redirect/oracle-account-signup">Oracle Account</a>.
-description=Desafortunadamente Oracle exige que para descargar antiguas versiones del JDK uses una <a href="https://jenkins.io/redirect/oracle-account-signup">Cuenta de Oracle</a>.
-Enter\ Your\ Oracle\ Account=Introduce un usuario y contrase�a v�lidos
-OK=Aceptar
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_it.properties b/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_it.properties
deleted file mode 100644
index bbfeef5056..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_it.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-, Kohsuke Kawaguchi, Sun Microsystems, Inc., and a number of other of contributors
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Password=Password
-OK=OK
-description=Per ottenere accesso alle versioni meno recenti del JDK � necessario disporre di un <a href="https://jenkins.io/redirect/oracle-account-signup">account Oracle</a>.
-Enter\ Your\ Oracle\ Account=Inserire le credenziali del proprio account Oracle
-Username=Nome utente
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_ja.properties b/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_ja.properties
deleted file mode 100644
index 219b0f8127..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_ja.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2012, CloudBees, Inc. Seiji Sogabe
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Enter\ Your\ Oracle\ Account=Oracle\u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u5165\u529b
-Username=\u30e6\u30fc\u30b6\u540d
-Password=\u30d1\u30b9\u30ef\u30fc\u30c9
-description=\
-  JDK\u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3059\u308b\u306b\u306f\u3001<a href="https://jenkins.io/redirect/oracle-account-signup">Oracle\u306e\u30a2\u30ab\u30a6\u30f3\u30c8</a>\u304c\u5fc5\u8981\u3067\u3059\u3002
-OK=OK
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_pt_BR.properties b/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_pt_BR.properties
deleted file mode 100644
index 92d284a351..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_pt_BR.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-, Kohsuke Kawaguchi, Sun Microsystems, Inc., and a number of other of contributers
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Username=Usu\u00e1rio
-Password=Senha
-OK=OK
-Enter\ Your\ Oracle\ Account=Informe sua conta da Oracle
-# To access older versions of JDK, you need to have <a href="https://jenkins.io/redirect/oracle-account-signup">Oracle Account</a>.
-description=Para acessar vers\u00f5es antigas do JDK, voc\u00ea deve possuir uma <a href="https://jenkins.io/redirect/oracle-account-signup">conta da Oracle</a>.
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_sr.properties b/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_sr.properties
deleted file mode 100644
index c77ad735c4..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_sr.properties
+++ /dev/null
@@ -1,7 +0,0 @@
-# This file is under the MIT License by authors
-
-Enter\ Your\ Oracle\ Account=\u0423\u043D\u0435\u0441\u0438\u0442\u0435 \u0432\u0430\u0448 Oracle \u043D\u0430\u043B\u043E\u0433
-description=\u0414\u0430 \u043F\u0440\u0438\u0441\u0442\u0443\u043F\u0438\u0442\u0435 \u0441\u0442\u0430\u0440\u0438\u0458\u0438\u043C \u0432\u0435\u0440\u0437\u0438\u0458\u0430\u043C\u0430 JDK, \u043C\u043E\u0440\u0430\u0442\u0435 \u0438\u043C\u0430\u0442\u0438 <a href="https://jenkins.io/redirect/oracle-account-signup">Oracle \u043D\u0430\u043B\u043E\u0433</a>.
-Username=\u041A\u043E\u0440\u0438\u0441\u043D\u0438\u0447\u043A\u043E \u0438\u043C\u0435
-Password=\u041B\u043E\u0437\u0438\u043D\u043A\u0430
-OK=\u0423\u0440\u0435\u0434\u0443
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_zh_TW.properties b/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_zh_TW.properties
deleted file mode 100644
index a3262debbe..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/DescriptorImpl/enterCredential_zh_TW.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2013, Chunghwa Telecom Co., Ltd., Pei-Tang Huang
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Enter\ Your\ Oracle\ Account=\u8f38\u5165\u60a8\u7684 Oracle \u5e33\u865f
-description=\u60a8\u8981\u6709 <a href="https://jenkins.io/redirect/oracle-account-signup">Oracle \u5e33\u865f</a>\u624d\u80fd\u62ff\u5230\u820a\u7248 JDK\u3002
-Username=\u4f7f\u7528\u8005\u540d\u7a31
-Password=\u5bc6\u78bc
-OK=\u78ba\u5b9a
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config.jelly b/core/src/main/resources/hudson/tools/JDKInstaller/config.jelly
deleted file mode 100644
index 83d22dbd9b..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config.jelly
+++ /dev/null
@@ -1,50 +0,0 @@
-<!--
-The MIT License
-
-Copyright (c) 2009, Sun Microsystems, Inc., CloudBees, Inc.
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.
--->
-<?jelly escape-by-default='true'?>
-<j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form">
-  <!-- TODO t:label? -->
-  <f:entry title="${%Version}" field="id">
-    <j:choose>
-      <j:set var="jdks" value="${descriptor.installableJDKs}"/>
-      <j:when test="${empty(jdks)}">
-        <!-- if JDK list is not available, fall back to text box -->
-        <f:textbox />
-      </j:when>
-      <j:otherwise>
-        <select name="_.id">
-          <j:forEach var="family" items="${jdks}">
-            <optgroup label="${family.name}">
-              <j:forEach var="jdk" items="${family.releases}">
-                <f:option value="${jdk.name}" selected="${jdk.matchesId(instance.id)}">${jdk.title}</f:option>
-              </j:forEach>
-            </optgroup>
-          </j:forEach>
-        </select>
-      </j:otherwise>
-    </j:choose>
-  </f:entry>
-  <f:entry title="" field="acceptLicense">
-    <f:checkbox title="${%I agree to the Java SE Development Kit License Agreement}"/>
-  </f:entry>
-</j:jelly>
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config_bg.properties b/core/src/main/resources/hudson/tools/JDKInstaller/config_bg.properties
deleted file mode 100644
index a538c952b1..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config_bg.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Bulgarian translation: Copyright (c) 2016, Alexander Shopov <ash@kambanaria.org>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-I\ agree\ to\ the\ Java\ SE\ Development\ Kit\ License\ Agreement=\
- \u041f\u0440\u0438\u0435\u043c\u0430\u043c \u043b\u0438\u0446\u0435\u043d\u0437\u043d\u043e\u0442\u043e \u0441\u043f\u043e\u0440\u0430\u0437\u0443\u043c\u0435\u043d\u0438\u0435 \u043d\u0430 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0442\u0430 \u0437\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u0446\u0438 \u043d\u0430 Java SE
-Version=\
- \u0412\u0435\u0440\u0441\u0438\u044f
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config_ca.properties b/core/src/main/resources/hudson/tools/JDKInstaller/config_ca.properties
deleted file mode 100644
index 66a7996365..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config_ca.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is under the MIT License by authors
-
-I\ agree\ to\ the\ Java\ SE\ Development\ Kit\ License\ Agreement=Accepto les condicions de la llic\u00E8ncia de Java SE Development Kit
-Version=Versi\u00F3
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config_da.properties b/core/src/main/resources/hudson/tools/JDKInstaller/config_da.properties
deleted file mode 100644
index 6249f91df8..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config_da.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc. Kohsuke Kawaguchi. Knud Poulsen.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-I\ agree\ to\ the\ Java\ SE\ Development\ Kit\ License\ Agreement=Jeg accepterer Java SE Development Kit Licens Aftalen
-Version=Version
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config_de.properties b/core/src/main/resources/hudson/tools/JDKInstaller/config_de.properties
deleted file mode 100644
index bbb3853e3a..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config_de.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-Version=Version
-I\ agree\ to\ the\ Java\ SE\ Development\ Kit\ License\ Agreement=\
-  Ich stimme der Lizenzvereinbarung des Java SE Development Kits zu
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config_en_GB.properties b/core/src/main/resources/hudson/tools/JDKInstaller/config_en_GB.properties
deleted file mode 100644
index b68ce95323..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config_en_GB.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-I\ agree\ to\ the\ Java\ SE\ Development\ Kit\ License\ Agreement=I agree to the Java SE Development Kit Licence Agreement
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config_es.properties b/core/src/main/resources/hudson/tools/JDKInstaller/config_es.properties
deleted file mode 100644
index 82f1ac18fa..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config_es.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Version=Versi�n
-I\ agree\ to\ the\ Java\ SE\ Development\ Kit\ License\ Agreement=Estoy deacuerdo con el acuerdo de licencia de kit de desarrollo de ''Java SE''
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config_fi.properties b/core/src/main/resources/hudson/tools/JDKInstaller/config_fi.properties
deleted file mode 100644
index 52f34d7f98..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config_fi.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-Version=Versio
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config_fr.properties b/core/src/main/resources/hudson/tools/JDKInstaller/config_fr.properties
deleted file mode 100644
index 2b39a726ae..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config_fr.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-I\ agree\ to\ the\ Java\ SE\ Development\ Kit\ License\ Agreement=J''approuve l''accord de licence Java SE Development Kit
-Version=Version
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config_he.properties b/core/src/main/resources/hudson/tools/JDKInstaller/config_he.properties
deleted file mode 100644
index 11379f478e..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config_he.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is under the MIT License by authors
-
-I\ agree\ to\ the\ Java\ SE\ Development\ Kit\ License\ Agreement=\u05D0\u05E0\u05D9 \u05DE\u05E1\u05DB\u05D9\u05DD \u05DC\u05EA\u05E0\u05D0\u05D9 \u05D4\u05E8\u05D9\u05E9\u05D9\u05D5\u05DF \u05E9\u05DC Java SE Development Kit
-Version=\u05D2\u05D9\u05E8\u05E1\u05D0
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config_it.properties b/core/src/main/resources/hudson/tools/JDKInstaller/config_it.properties
deleted file mode 100644
index 717778a20d..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config_it.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is under the MIT License by authors
-
-I\ agree\ to\ the\ Java\ SE\ Development\ Kit\ License\ Agreement=Accetto il Contratto di Licenza di Java SE Development Kit
-Version=Versione
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config_ja.properties b/core/src/main/resources/hudson/tools/JDKInstaller/config_ja.properties
deleted file mode 100644
index 5a2e6b2737..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config_ja.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2009, Sun Microsystems, Inc., Seiji Sogabe
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Version=\u30D0\u30FC\u30B8\u30E7\u30F3
-I\ agree\ to\ the\ Java\ SE\ Development\ Kit\ License\ Agreement=\
- Java SE Development Kit\u306E\u4F7F\u7528\u8A31\u8AFE\u306B\u540C\u610F\u3059\u308B
-
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config_lt.properties b/core/src/main/resources/hudson/tools/JDKInstaller/config_lt.properties
deleted file mode 100644
index 9f493071ba..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config_lt.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is under the MIT License by authors
-
-I\ agree\ to\ the\ Java\ SE\ Development\ Kit\ License\ Agreement=Sutinku su Java SE Development Kit licenzija
-Version=Versija
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config_lv.properties b/core/src/main/resources/hudson/tools/JDKInstaller/config_lv.properties
deleted file mode 100644
index 9f68930374..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config_lv.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-I\ agree\ to\ the\ Java\ SE\ Development\ Kit\ License\ Agreement=Es piekr\u012Btu JAVA SE Izstr\u0101des R\u012Bku Licences L\u012Bgumam
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config_nl.properties b/core/src/main/resources/hudson/tools/JDKInstaller/config_nl.properties
deleted file mode 100644
index b6e78396fc..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config_nl.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-I\ agree\ to\ the\ Java\ SE\ Development\ Kit\ License\ Agreement=Ik ga akkoord met de Java SE Development Kit gebruiksovereenkomst
-Version=Versie
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config_pl.properties b/core/src/main/resources/hudson/tools/JDKInstaller/config_pl.properties
deleted file mode 100644
index 20bb0b1dfc..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config_pl.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-Version=Wersja
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config_pt_BR.properties b/core/src/main/resources/hudson/tools/JDKInstaller/config_pt_BR.properties
deleted file mode 100644
index a0eea3eb9e..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config_pt_BR.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc., Cleiber Silva
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Version=Vers\u00e3o
-I\ agree\ to\ the\ Java\ SE\ Development\ Kit\ License\ Agreement=Eu concordo com a licen\u00e7a do Java SE Development Kit
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config_pt_PT.properties b/core/src/main/resources/hudson/tools/JDKInstaller/config_pt_PT.properties
deleted file mode 100644
index 7488995900..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config_pt_PT.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is under the MIT License by authors
-
-I\ agree\ to\ the\ Java\ SE\ Development\ Kit\ License\ Agreement=Aceito os termos da Licen\u00E7a de Utiliza\u00E7\u00E3o do Java SE Development Kit
-Version=Vers\u00E3o
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config_ru.properties b/core/src/main/resources/hudson/tools/JDKInstaller/config_ru.properties
deleted file mode 100644
index 222a4d37bf..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config_ru.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-I\ agree\ to\ the\ Java\ SE\ Development\ Kit\ License\ Agreement=\u042F \u0441\u043E\u0433\u043B\u0430\u0441\u0435\u043D \u0441 \u043B\u0438\u0446\u0435\u043D\u0437\u0438\u043E\u043D\u043D\u044B\u043C \u0441\u043E\u0433\u043B\u0430\u0448\u0435\u043D\u0438\u0435\u043C Java SE Development Kit 
-Version=\u0412\u0435\u0440\u0441\u0438\u044F
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config_sk.properties b/core/src/main/resources/hudson/tools/JDKInstaller/config_sk.properties
deleted file mode 100644
index 73175d4e39..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config_sk.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-Version=Verzia
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config_sr.properties b/core/src/main/resources/hudson/tools/JDKInstaller/config_sr.properties
deleted file mode 100644
index 5d1762543a..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config_sr.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is under the MIT License by authors
-
-Version=\u0412\u0435\u0440\u0437\u0438\u0458\u0430
-I\ agree\ to\ the\ Java\ SE\ Development\ Kit\ License\ Agreement=\u041F\u0440\u0438\u0441\u0442\u0430\u0458\u0435\u043C \u043D\u0430 \u0443\u0433\u043E\u0432\u043E\u0440 \u043E \u043B\u0438\u0446\u0435\u043D\u0446\u0438 Java SE Development Kit
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config_sv_SE.properties b/core/src/main/resources/hudson/tools/JDKInstaller/config_sv_SE.properties
deleted file mode 100644
index 04c972dcfc..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config_sv_SE.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-I\ agree\ to\ the\ Java\ SE\ Development\ Kit\ License\ Agreement=Jag samtycker till Java SE Development Kit 
-Version=Version
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config_zh_CN.properties b/core/src/main/resources/hudson/tools/JDKInstaller/config_zh_CN.properties
deleted file mode 100644
index 8a93bead72..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config_zh_CN.properties
+++ /dev/null
@@ -1,2 +0,0 @@
-Version=\u7248\u672c
-I\ agree\ to\ the\ Java\ SE\ Development\ Kit\ License\ Agreement=\u6211\u540C\u610F Java SE Development Kit \u7684\u8BB8\u53EF\u534F\u8BAE
diff --git a/core/src/main/resources/hudson/tools/JDKInstaller/config_zh_TW.properties b/core/src/main/resources/hudson/tools/JDKInstaller/config_zh_TW.properties
deleted file mode 100644
index c17db00834..0000000000
--- a/core/src/main/resources/hudson/tools/JDKInstaller/config_zh_TW.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2013, Sun Microsystems, Inc., Chunghwa Telecom Co., Ltd.,
-# and Pei-Tang Huang
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Version=\u7248\u672c
-I\ agree\ to\ the\ Java\ SE\ Development\ Kit\ License\ Agreement=\u6211\u540c\u610f Jave SE \u958b\u767c\u5957\u4ef6\u6388\u6b0a\u5354\u8b70\u5167\u5bb9
diff --git a/core/src/main/resources/hudson/tools/Messages.properties b/core/src/main/resources/hudson/tools/Messages.properties
index a59e064de7..5eeb9f12f0 100644
--- a/core/src/main/resources/hudson/tools/Messages.properties
+++ b/core/src/main/resources/hudson/tools/Messages.properties
@@ -25,16 +25,10 @@ CommandInstaller.DescriptorImpl.displayName=Run Shell Command
 CommandInstaller.no_command=Must provide a command to run.
 CommandInstaller.no_toolHome=Must provide a tool home directory.
 BatchCommandInstaller.DescriptorImpl.displayName=Run Batch Command
-JDKInstaller.FailedToInstallJDK=Failed to install JDK. Exit code={0}
-JDKInstaller.RequireOracleAccount=Installing JDK requires Oracle account. <a href="{0}" target="_new">Please enter your username/password</a>
-JDKInstaller.UnableToInstallUntilLicenseAccepted=Unable to auto-install JDK until the license is accepted.
 ZipExtractionInstaller.DescriptorImpl.displayName=Extract *.zip/*.tar.gz
 ZipExtractionInstaller.bad_connection=Server rejected connection.
 ZipExtractionInstaller.malformed_url=Malformed URL.
 ZipExtractionInstaller.could_not_connect=Could not connect to URL.
 InstallSourceProperty.DescriptorImpl.displayName=Install automatically
-JDKInstaller.DescriptorImpl.displayName=Install from java.sun.com
-JDKInstaller.DescriptorImpl.doCheckId=Define JDK ID
-JDKInstaller.DescriptorImpl.doCheckAcceptLicense=You must agree to the license to download the JDK.
 ToolDescriptor.NotADirectory={0} is not a directory on the Jenkins master (but perhaps it exists on some agents)
 CannotBeInstalled=Installer "{0}" cannot be used to install "{1}" on the node "{2}"
diff --git a/core/src/main/resources/hudson/tools/Messages_bg.properties b/core/src/main/resources/hudson/tools/Messages_bg.properties
index 15217e34b4..018cd21787 100644
--- a/core/src/main/resources/hudson/tools/Messages_bg.properties
+++ b/core/src/main/resources/hudson/tools/Messages_bg.properties
@@ -30,16 +30,6 @@ CommandInstaller.no_toolHome=\
  \u0422\u0440\u044f\u0431\u0432\u0430 \u0434\u0430 \u0443\u043a\u0430\u0436\u0435\u0442\u0435 \u043c\u0435\u0441\u0442\u043e\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u0438\u0435\u0442\u043e \u043d\u0430 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0438\u0442\u0435
 BatchCommandInstaller.DescriptorImpl.displayName=\
  \u0418\u0437\u043f\u044a\u043b\u043d\u0435\u043d\u0438\u0435 \u043d\u0430 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432 \u0444\u0430\u0439\u043b
-JDKInstaller.FailedToInstallJDK=\
- \u041d\u0435\u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0438\u043d\u0441\u0442\u0430\u043b\u0438\u0440\u0430\u043d\u0435 \u043d\u0430 JDK (\u0440\u0430\u0437\u0432\u043e\u0439\u043d\u0438\u0442\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0438 \u0437\u0430 Java). \u0418\u0437\u0445\u043e\u0434\u043d\u0438\u044f\u0442 \u043a\u043e\u0434\
- \u0435 {0}
-JDKInstaller.RequireOracleAccount=\
- \u0418\u043d\u0441\u0442\u0430\u043b\u0438\u0440\u0430\u043d\u0435\u0442\u043e \u043d\u0430 JDK (\u0440\u0430\u0437\u0432\u043e\u0439\u043d\u0438\u0442\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0438 \u0437\u0430 Java) \u0438\u0437\u0438\u0441\u043a\u0432\u0430 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u044f\
- \u043a\u044a\u043c Oracle. <a href="{0}" target="_new">\u0412\u044a\u0432\u0435\u0434\u0435\u0442\u0435 \u043f\u043e\u0442\u0440\u0435\u0431\u0438\u0442\u0435\u043b\u0441\u043a\u043e\u0442\u043e \u0441\u0438 \u0438\u043c\u0435 \u0438\
- \u043f\u0430\u0440\u043e\u043b\u0430\u0442\u0430</a>
-JDKInstaller.UnableToInstallUntilLicenseAccepted=\
- \u0422\u0440\u044f\u0431\u0432\u0430 \u0434\u0430 \u043f\u0440\u0438\u0435\u043c\u0435\u0442\u0435 \u043b\u0438\u0446\u0435\u043d\u0437\u0430 \u0437\u0430 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u043d\u043e\u0442\u043e \u0438\u043d\u0441\u0442\u0430\u043b\u0438\u0440\u0430\u043d\u0435 \u043d\u0430 JDK (\u0440\u0430\u0437\u0432\u043e\u0439\u043d\u0438\u0442\u0435\
- \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0438 \u0437\u0430 Java).
 ZipExtractionInstaller.DescriptorImpl.displayName=\
  \u0420\u0430\u0437\u0430\u0440\u0445\u0438\u0432\u0438\u0440\u0430\u043d\u0435 \u043d\u0430 \u0444\u0430\u0439\u043b\u043e\u0432\u0435\u0442\u0435 \u0441 \u0440\u0430\u0437\u0448\u0438\u0440\u0435\u043d\u0438\u0435 *.zip/*.tar.gz
 ZipExtractionInstaller.bad_connection=\
@@ -50,12 +40,6 @@ ZipExtractionInstaller.could_not_connect=\
  \u041d\u0435\u0443\u0441\u043f\u0435\u0448\u043d\u0430 \u0432\u0440\u044a\u0437\u043a\u0430 \u043a\u044a\u043c \u0430\u0434\u0440\u0435\u0441\u0430.
 InstallSourceProperty.DescriptorImpl.displayName=\
  \u0410\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u043d\u043e \u0438\u043d\u0441\u0442\u0430\u043b\u0438\u0440\u0430\u043d\u0435
-JDKInstaller.DescriptorImpl.displayName=\
- \u0418\u043d\u0441\u0442\u0430\u043b\u0438\u0440\u0430\u043d\u0435 \u043e\u0442 \u0430\u0434\u0440\u0435\u0441\u0430 java.sun.com
-JDKInstaller.DescriptorImpl.doCheckId=\
- \u0423\u043a\u0430\u0437\u0432\u0430\u043d\u0435 \u043d\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u0430 \u043d\u0430 JDK (\u0440\u0430\u0437\u0432\u043e\u0439\u043d\u0438\u0442\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0438 \u0437\u0430 Java)
-JDKInstaller.DescriptorImpl.doCheckAcceptLicense=\
- \u0422\u0440\u044f\u0431\u0432\u0430 \u0434\u0430 \u043f\u0440\u0438\u0435\u043c\u0435\u0442\u0435 \u043b\u0438\u0446\u0435\u043d\u0437\u0430, \u0437\u0430 \u0434\u0430 \u0441\u0432\u0430\u043b\u0438\u0442\u0435 JDK (\u0440\u0430\u0437\u0432\u043e\u0439\u043d\u0438\u0442\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0438 \u0437\u0430 Java).
 # {0} is not a directory on the Jenkins master (but perhaps it exists on some agents)
 ToolDescriptor.NotADirectory=\
  \u201e{0}\u201c \u043d\u0435 \u0435 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u044f \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u043d\u0438\u044f \u043a\u043e\u043c\u043f\u044e\u0442\u044a\u0440 \u043d\u0430 Jenkins, \u043d\u043e \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e \u0441\u044a\u0449\u0435\u0441\u0442\u0432\u0443\u0432\u0430\
diff --git a/core/src/main/resources/hudson/tools/Messages_da.properties b/core/src/main/resources/hudson/tools/Messages_da.properties
index ac8f0e4967..f9921b790a 100644
--- a/core/src/main/resources/hudson/tools/Messages_da.properties
+++ b/core/src/main/resources/hudson/tools/Messages_da.properties
@@ -20,17 +20,12 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-JDKInstaller.UnableToInstallUntilLicenseAccepted=Kan ikke auto-installere JDK''en f\u00f8r licensen er accepteret.
 ZipExtractionInstaller.bad_connection=Server afviste forbindelsen.
 ZipExtractionInstaller.DescriptorImpl.displayName=Udtr\u00e6k fra *.zip/*.tar.gz arkiv
 CommandInstaller.DescriptorImpl.displayName=K\u00f8r kommando
 ZipExtractionInstaller.could_not_connect=Kunne ikke forbinde til URL.
 InstallSourceProperty.DescriptorImpl.displayName=Installer automatisk
 ToolLocationNodeProperty.displayName=V\u00e6rkt\u00f8jsplaceringer
-JDKInstaller.DescriptorImpl.doCheckAcceptLicense=Du skal acceptere licensen for at hente JDK''en.
 CommandInstaller.no_command=Der skal angives en kommando der skal k\u00f8res.
 ZipExtractionInstaller.malformed_url=Vanskabt URL
 CommandInstaller.no_toolHome=Der skal angives et v\u00e6rkt\u00f8jshjemmedirektorie
-JDKInstaller.DescriptorImpl.displayName=Installer fra java.sun.com
-JDKInstaller.FailedToInstallJDK=Kunne ikke installere JDK. Exit kode={0}
-JDKInstaller.DescriptorImpl.doCheckId=Definer JDK ID
diff --git a/core/src/main/resources/hudson/tools/Messages_de.properties b/core/src/main/resources/hudson/tools/Messages_de.properties
index c4ae69317a..2966103216 100644
--- a/core/src/main/resources/hudson/tools/Messages_de.properties
+++ b/core/src/main/resources/hudson/tools/Messages_de.properties
@@ -30,11 +30,5 @@ ZipExtractionInstaller.bad_connection=Der Server verweigerte den Verbindungsaufb
 ZipExtractionInstaller.malformed_url=Ung\u00FCltige URL
 ZipExtractionInstaller.could_not_connect=URL konnte nicht kontaktiert werden.
 InstallSourceProperty.DescriptorImpl.displayName=Automatisch installieren
-JDKInstaller.DescriptorImpl.displayName=Installiere von java.sun.com
-JDKInstaller.DescriptorImpl.doCheckId=JDK-ID definieren
-JDKInstaller.DescriptorImpl.doCheckAcceptLicense=Sie m\u00FCssen der Lizenzvereinbarung zustimmen, um das JDK herunterzuladen.
-JDKInstaller.FailedToInstallJDK=JDK konnte nicht installiert werden.
-JDKInstaller.RequireOracleAccount=F\u00FCr die Installation des JDK ben\u00F6tigen Sie einen Oracle Account. <a href\="{0}" target\="_new">Bitte geben Sie Benutzername/Passwort ein</a>
-JDKInstaller.UnableToInstallUntilLicenseAccepted=JDK kann nicht automatisch installiert werden, solange die Lizenzvereinbarung nicht akzeptiert wurde. 
 CannotBeInstalled=Das Installationsverfahren \u201E{0}\u201C kann nicht verwendet werden, um \u201E{1}\u201C auf dem Knoten \u201E{2}\u201C zu installieren.
 ToolDescriptor.NotADirectory=Das Verzeichnis {0} existiert nicht auf dem Master-Knoten (aber vielleicht auf Agenten)
diff --git a/core/src/main/resources/hudson/tools/Messages_es.properties b/core/src/main/resources/hudson/tools/Messages_es.properties
index 054be9f4dc..080b0c31da 100644
--- a/core/src/main/resources/hudson/tools/Messages_es.properties
+++ b/core/src/main/resources/hudson/tools/Messages_es.properties
@@ -24,14 +24,8 @@ ToolLocationNodeProperty.displayName=Localizaci
 CommandInstaller.DescriptorImpl.displayName=Ejecutar comando 
 CommandInstaller.no_command=Debes especificar el comando para ejecutar.
 CommandInstaller.no_toolHome=Debes especificar el directorio raiz de la herramienta.
-JDKInstaller.FailedToInstallJDK=Fallo al installar el JDK
-JDKInstaller.UnableToInstallUntilLicenseAccepted=No se puede instalar el JDK hasta que se acepte la licencia de uso.
 ZipExtractionInstaller.DescriptorImpl.displayName=Extraer *.zip/*.tar.gz
 ZipExtractionInstaller.bad_connection=El servidor rechaz� la conexi�n
 ZipExtractionInstaller.malformed_url=Direcci�n web incorrecta.
 ZipExtractionInstaller.could_not_connect=No se puede conectar a la direcci�n
 InstallSourceProperty.DescriptorImpl.displayName=Instalar autom�ticamente
-JDKInstaller.DescriptorImpl.displayName=Instalar desde java.sun.com
-JDKInstaller.DescriptorImpl.doCheckId=Definir un identificador para el JDK
-JDKInstaller.DescriptorImpl.doCheckAcceptLicense=Debes aceptar la licencia si quieres descargar el JDK.
-JDKInstaller.RequireOracleAccount=Desafortunadamente, para instalar el JDK se necesita una cuenta en Oracle. <a href="{0}" target="_new">Introduce un usuario y contrase�a v�lidos</a>
diff --git a/core/src/main/resources/hudson/tools/Messages_it.properties b/core/src/main/resources/hudson/tools/Messages_it.properties
index 35fc555853..d592b3a8f1 100644
--- a/core/src/main/resources/hudson/tools/Messages_it.properties
+++ b/core/src/main/resources/hudson/tools/Messages_it.properties
@@ -23,18 +23,12 @@
 CommandInstaller.no_command=� necessario fornire un comando da eseguire.
 CannotBeInstalled=Il programma di installazione "{0}" non pu� essere utilizzato per installare "{1}" sul nodo "{2}"
 BatchCommandInstaller.DescriptorImpl.displayName=Esegui comando batch
-JDKInstaller.RequireOracleAccount=L''installazione di un JDK richiede un account Oracle. <a href="{0}" target="_new">Immettere i propri nome utente/password</a>
 ZipExtractionInstaller.malformed_url=URL malformato.
 ZipExtractionInstaller.DescriptorImpl.displayName=Estrai *.zip/*.tar.gz
 ZipExtractionInstaller.could_not_connect=Impossibile connettersi all''URL.
 CommandInstaller.no_toolHome=� necessario fornire la directory home dello strumento.
-JDKInstaller.DescriptorImpl.doCheckId=Definisci ID JDK
 ToolLocationNodeProperty.displayName=Percorsi strumenti
 CommandInstaller.DescriptorImpl.displayName=Esegui comando shell
-JDKInstaller.DescriptorImpl.doCheckAcceptLicense=� necessario accettare la licenza per scaricare il JDK.
 ToolDescriptor.NotADirectory={0} non � una directory sul nodo master Jenkins (ma forse esiste su alcuni agenti)
 ZipExtractionInstaller.bad_connection=Il server ha rifiutato la connessione.
-JDKInstaller.UnableToInstallUntilLicenseAccepted=Impossibile installare automaticamente il JDK fino all''accettazione della licenza.
 InstallSourceProperty.DescriptorImpl.displayName=Installa automaticamente
-JDKInstaller.FailedToInstallJDK=Installazione del JDK non riuscita. Codice d''uscita={0}
-JDKInstaller.DescriptorImpl.displayName=Installa da java.sun.com
diff --git a/core/src/main/resources/hudson/tools/Messages_ja.properties b/core/src/main/resources/hudson/tools/Messages_ja.properties
index 2e82dec80a..35b7fa20d0 100644
--- a/core/src/main/resources/hudson/tools/Messages_ja.properties
+++ b/core/src/main/resources/hudson/tools/Messages_ja.properties
@@ -25,15 +25,8 @@ CommandInstaller.DescriptorImpl.displayName=\u30b3\u30de\u30f3\u30c9\u5b9f\u884c
 CommandInstaller.no_command=\u5b9f\u884c\u3059\u308b\u30b3\u30de\u30f3\u30c9\u3092\u6307\u5b9a\u3057\u3066\u304f\u3060\u3055\u3044\u3002
 CommandInstaller.no_toolHome=\u30c4\u30fc\u30eb\u306e\u30db\u30fc\u30e0\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u3092\u6307\u5b9a\u3057\u3066\u304f\u3060\u3055\u3044\u3002
 BatchCommandInstaller.DescriptorImpl.displayName=\u30d0\u30c3\u30c1\u30b3\u30de\u30f3\u30c9\u3092\u8d77\u52d5\u3057\u307e\u3059\u3002
-JDKInstaller.FailedToInstallJDK=JDK\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u306b\u5931\u6557\u3057\u307e\u3057\u305f\u3002Exit code={0}
-JDKInstaller.UnableToInstallUntilLicenseAccepted=\u4f7f\u7528\u8a31\u8afe\u306b\u540c\u610f\u3057\u306a\u3044\u3068\u81ea\u52d5\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3067\u304d\u307e\u305b\u3093\u3002
-JDKInstaller.RequireOracleAccount=\
-  JDK\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u306b\u306fOracle\u306e\u30a2\u30ab\u30a6\u30f3\u30c8\u304c\u5fc5\u8981\u3067\u3059\u3002<a href="{0}" target="_new">\u30e6\u30fc\u30b6\u30fc\u540d\u3068\u30d1\u30b9\u30ef\u30fc\u30c9\u3092\u5165\u529b\u3057\u3066\u304f\u3060\u3055\u3044\u3002</a>
 ZipExtractionInstaller.DescriptorImpl.displayName=*.zip/*.tar.gz\u5c55\u958b
 ZipExtractionInstaller.bad_connection=\u30b5\u30fc\u30d0\u304c\u63a5\u7d9a\u3092\u62d2\u5426\u3057\u307e\u3057\u305f\u3002
 ZipExtractionInstaller.malformed_url=URL\u306e\u5f62\u5f0f\u304c\u8aa4\u3063\u3066\u3044\u307e\u3059\u3002
 ZipExtractionInstaller.could_not_connect=URL\u306b\u63a5\u7d9a\u3067\u304d\u307e\u305b\u3093\u3002
 InstallSourceProperty.DescriptorImpl.displayName=\u81ea\u52d5\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb
-JDKInstaller.DescriptorImpl.displayName=java.sun.com\u304b\u3089\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb
-JDKInstaller.DescriptorImpl.doCheckId=JDK\u306eID\u3092\u5b9a\u7fa9\u3057\u3066\u304f\u3060\u3055\u3044\u3002
-JDKInstaller.DescriptorImpl.doCheckAcceptLicense=JDK\u3092\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3059\u308b\u306b\u306f\u4f7f\u7528\u8a31\u8afe\u306b\u540c\u610f\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002
diff --git a/core/src/main/resources/hudson/tools/Messages_pt_BR.properties b/core/src/main/resources/hudson/tools/Messages_pt_BR.properties
index b69eff530a..ea3c2cf280 100644
--- a/core/src/main/resources/hudson/tools/Messages_pt_BR.properties
+++ b/core/src/main/resources/hudson/tools/Messages_pt_BR.properties
@@ -28,28 +28,16 @@ ZipExtractionInstaller.could_not_connect=N\u00e3o foi poss\u00edvel pode conecta
 ToolLocationNodeProperty.displayName=Ferramentas locais
 # Must provide a command to run.
 CommandInstaller.no_command=Forne\u00e7a um comando para ser executado
-# Install from java.sun.com
-JDKInstaller.DescriptorImpl.displayName=Instalar de java.sun.com
-# Failed to install JDK
-JDKInstaller.FailedToInstallJDK=Falha ao instalar o JDK
-# Define JDK ID
-JDKInstaller.DescriptorImpl.doCheckId=Definir ID do JDK
-# Unable to auto-install JDK until the license is accepted.
-JDKInstaller.UnableToInstallUntilLicenseAccepted=N\u00e3o \u00e9 poss\u00edvel de auto-instalar o JDK at\u00e9 que a licen\u00e7a seja aceita
 # Server rejected connection.
 ZipExtractionInstaller.bad_connection=Conex\u00e3o rejeitada pelo servidor
 # Run Command
 CommandInstaller.DescriptorImpl.displayName=Executar comando
 # Install automatically
 InstallSourceProperty.DescriptorImpl.displayName=Instalar automaticamente
-# You must agree to the license to download the JDK.
-JDKInstaller.DescriptorImpl.doCheckAcceptLicense=\u00c9 necess\u00e1rio aceitar o termo de licen\u00e7a para baixar o JDK.
 # Malformed URL.
 ZipExtractionInstaller.malformed_url=URL n\u00e3o reconhecida.
 # Must provide a tool home directory.
 CommandInstaller.no_toolHome=\u00c9 necess\u00e1rio fornecer um diret\u00f3rio home para a ferramenta.
-# Installing JDK requires Oracle account. <a href="{0}" target="_new">Please enter your username/password</a>
-JDKInstaller.RequireOracleAccount=Instalar o JDK exige uma conta na Oracle. <a href="{0}" target="_new">Por favor informe seu usu\u00e1ro/senha</a>
 # Run Batch Command
 BatchCommandInstaller.DescriptorImpl.displayName=Executar comando em lotes
 
diff --git a/core/src/main/resources/hudson/tools/Messages_sr.properties b/core/src/main/resources/hudson/tools/Messages_sr.properties
index 4266f9e180..518234dec4 100644
--- a/core/src/main/resources/hudson/tools/Messages_sr.properties
+++ b/core/src/main/resources/hudson/tools/Messages_sr.properties
@@ -5,15 +5,9 @@ CommandInstaller.DescriptorImpl.displayName=\u0418\u0437\u0432\u0440\u0448\u0438
 CommandInstaller.no_command=\u041C\u043E\u0440\u0430\u0442\u0435 \u043D\u0430\u0432\u0435\u0441\u0442\u0438 \u043A\u043E\u043C\u0430\u043D\u0434\u0443 \u0437\u0430 \u0438\u0437\u0432\u0440\u0448\u0430\u0432\u0430\u045A\u0435
 CommandInstaller.no_toolHome=\u041C\u043E\u0440\u0430\u0442\u0435 \u043D\u0430\u0432\u0435\u0441\u0442\u0438 \u0433\u043B\u0430\u0432\u043D\u0438 \u0434\u0438\u0440\u0435\u043A\u0442\u043E\u0440\u0438\u0458\u0443\u043C \u0437\u0430 \u0430\u043B\u0430\u0442\u0435.
 BatchCommandInstaller.DescriptorImpl.displayName=\u0418\u0437\u0432\u0440\u0448\u0438 batch \u043A\u043E\u043C\u0430\u043D\u0434\u0443
-JDKInstaller.FailedToInstallJDK=\u0418\u043D\u0441\u0442\u0430\u043B\u0438\u0440\u0430\u045A\u0435 JDK \u043D\u0438\u0458\u0435 \u0443\u0441\u043F\u0435\u043B\u043E. Exit code={0}
-JDKInstaller.RequireOracleAccount=\u0418\u043D\u0441\u0442\u0430\u043B\u0438\u0440\u0430\u045A\u0435 JDK-\u0430 \u0437\u0430\u0445\u0442\u0435\u0432\u0430 Oracle \u043D\u0430\u043B\u043E\u0433. <a href="{0}" target="_new">\u041C\u043E\u043B\u0438\u043C\u043E \u0443\u043D\u0435\u0441\u0438\u0442\u0435 \u043A\u043E\u0440\u0438\u0438\u0441\u043D\u0438\u0447\u043A\u043E \u0438\u043C\u0435/\u043B\u043E\u0437\u0438\u043D\u043A\u0443</a>
-JDKInstaller.UnableToInstallUntilLicenseAccepted=\u041C\u043E\u0440\u0430\u0442\u0435 \u043F\u0440\u0438\u0445\u0432\u0430\u0442\u0438\u0442\u0438 \u043B\u0438\u0446\u0435\u043D\u0446\u0443 \u0437\u0430 \u0430\u0443\u0442\u043E\u043C\u0430\u0442\u0438\u0447\u043A\u0443 \u0438\u043D\u0441\u0442\u0430\u043B\u0430\u0446\u0438\u0458\u0443 JDK-\u0430.
 ZipExtractionInstaller.DescriptorImpl.displayName=\u0420\u0430\u0441\u043A\u043F\u0430\u043A\u0443\u0458 *.zip/*.tar.gz
 ZipExtractionInstaller.malformed_url=\u041D\u0435\u043F\u0440\u0430\u0432\u0438\u043B\u043D\u0430 URL \u0430\u0434\u0440\u0435\u0441\u0430.
 ZipExtractionInstaller.bad_connection=\u0421\u0435\u0440\u0432\u0435\u0440 \u0458\u0435 \u043E\u0434\u0431\u0438\u043E \u043F\u043E\u0432\u0435\u0437\u0438\u0432\u0430\u045A\u0435.
 ZipExtractionInstaller.could_not_connect=\u041D\u0438\u0458\u0435 \u043C\u043E\u0433\u043B\u043E \u0443\u0441\u043F\u043E\u0441\u0442\u0430\u0432\u0438\u0442\u0438 \u0432\u0435\u0437\u0443 \u0441\u0430 URL-\u0430\u0434\u0440\u0435\u0441\u043E\u043C.
 InstallSourceProperty.DescriptorImpl.displayName=\u0418\u043D\u0441\u0442\u0430\u043B\u0438\u0440\u0430\u0458 \u0430\u0443\u0442\u043E\u043C\u0430\u0442\u0441\u043A\u043E
-JDKInstaller.DescriptorImpl.displayName=\u0418\u043D\u0441\u0442\u0430\u043B\u0438\u0440\u0430\u0458 \u0441\u0430 \u0430\u0434\u0440\u0435\u0441\u0435 java.sun.com
-JDKInstaller.DescriptorImpl.doCheckId=\u041D\u0430\u0432\u0435\u0434\u0438 JDK ID
-JDKInstaller.DescriptorImpl.doCheckAcceptLicense=\u041C\u043E\u0440\u0430\u0442\u0435 \u043F\u0440\u0438\u0445\u0432\u0430\u0442\u0438\u0442\u0438 \u043B\u0438\u0446\u0435\u043D\u0446\u0443 \u0434\u0430 \u043F\u0440\u0435\u0443\u0437\u043C\u0435\u0442\u0435 JDK.
 ToolDescriptor.NotADirectory={0} \u043D\u0438\u0458\u0435 \u0434\u0438\u0440\u0435\u043A\u0442\u043E\u0440\u0438\u0458\u0443\u043C \u043D\u0430 Jenkins \u043C\u0430\u0448\u0438\u043D\u0438 (\u0430\u043B\u0438 \u043C\u043E\u0433\u0443\u045B\u0435 \u0434\u0430 \u043F\u043E\u0441\u0442\u043E\u0458\u0438 \u043D\u0430 \u043D\u0435\u043A\u0438\u043C \u043E\u0434 \u0430\u0433\u0435\u043D\u0430\u0442\u0430)
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/tools/Messages_zh_CN.properties b/core/src/main/resources/hudson/tools/Messages_zh_CN.properties
index c3d894769d..6a6451e149 100644
--- a/core/src/main/resources/hudson/tools/Messages_zh_CN.properties
+++ b/core/src/main/resources/hudson/tools/Messages_zh_CN.properties
@@ -24,13 +24,8 @@ ToolLocationNodeProperty.displayName=\u5DE5\u5177\u4F4D\u7F6E
 CommandInstaller.DescriptorImpl.displayName=\u8FD0\u884C\u547D\u4EE4
 CommandInstaller.no_command=\u5FC5\u987B\u63D0\u4F9B\u4E00\u4E2A\u8FD0\u884C\u547D\u4EE4.
 CommandInstaller.no_toolHome=\u5FC5\u987B\u63D0\u4F9B\u4E00\u4E2A\u5DE5\u5177\u6839\u76EE\u5F55.
-JDKInstaller.FailedToInstallJDK=\u5B89\u88C5JDK\u5931\u8D25. \u9519\u8BEF\u4EE3\u7801={0}
-JDKInstaller.UnableToInstallUntilLicenseAccepted=\u6CA1\u6709\u63A5\u53D7\u8BB8\u53EF\u4E4B\u524D\u4E0D\u80FD\u591F\u81EA\u52A8\u5B89\u88C5.
 ZipExtractionInstaller.DescriptorImpl.displayName=\u89E3\u538B *.zip/*.tar.gz
 ZipExtractionInstaller.bad_connection=\u670D\u52A1\u5668\u62D2\u7EDD\u94FE\u63A5.
 ZipExtractionInstaller.malformed_url=\u9519\u8BEF\u7684URL.
 ZipExtractionInstaller.could_not_connect=\u4E0D\u80FD\u94FE\u63A5URL.
 InstallSourceProperty.DescriptorImpl.displayName=\u81EA\u52A8\u5B89\u88C5
-JDKInstaller.DescriptorImpl.displayName=\u4ECE java.sun.com\u5B89\u88C5
-JDKInstaller.DescriptorImpl.doCheckId=\u5B9A\u4E49JDK ID
-JDKInstaller.DescriptorImpl.doCheckAcceptLicense=\u4F60\u5FC5\u987B\u63A5\u53D7\u8BB8\u53EF\u624D\u80FD\u4E0B\u8F7DJDK.
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/tools/Messages_zh_TW.properties b/core/src/main/resources/hudson/tools/Messages_zh_TW.properties
index 800de55010..10156f9d77 100644
--- a/core/src/main/resources/hudson/tools/Messages_zh_TW.properties
+++ b/core/src/main/resources/hudson/tools/Messages_zh_TW.properties
@@ -24,14 +24,8 @@ ToolLocationNodeProperty.displayName=\u5de5\u5177\u4f4d\u7f6e
 CommandInstaller.DescriptorImpl.displayName=\u57f7\u884c\u6307\u4ee4
 CommandInstaller.no_command=\u5fc5\u9808\u63d0\u4f9b\u6307\u4ee4\u624d\u80fd\u57f7\u884c\u3002
 CommandInstaller.no_toolHome=\u5fc5\u9808\u63d0\u4f9b\u5de5\u5177\u4e3b\u76ee\u9304\u3002
-JDKInstaller.FailedToInstallJDK=JDK \u5b89\u88dd\u5931\u6557\u3002\u7d50\u675f\u4ee3\u78bc={0}
-JDKInstaller.RequireOracleAccount=\u9700\u8981 Oracle \u5e33\u865f\u624d\u80fd\u5b89\u88dd JDK\u3002<a href="{0}" target="_new">\u8acb\u8f38\u5165\u60a8\u7684\u4f7f\u7528\u8005\u540d\u7a31\u53ca\u5bc6\u78bc</a>
-JDKInstaller.UnableToInstallUntilLicenseAccepted=\u9664\u975e\u6388\u53d7\u6388\u6b0a\uff0c\u5426\u5247\u7121\u6cd5\u81ea\u52d5\u5b89\u88dd JDK\u3002
 ZipExtractionInstaller.DescriptorImpl.displayName=\u89e3\u58d3\u7e2e *.zip/*.tar.gz
 ZipExtractionInstaller.bad_connection=\u9023\u7dda\u88ab\u4f3a\u670d\u5668\u62d2\u7d55\u3002
 ZipExtractionInstaller.malformed_url=URL \u4e0d\u6b63\u78ba\u3002
 ZipExtractionInstaller.could_not_connect=\u9023\u4e0d\u5230 URL\u3002
 InstallSourceProperty.DescriptorImpl.displayName=\u81ea\u52d5\u5b89\u88dd
-JDKInstaller.DescriptorImpl.displayName=\u7531 java.sun.com \u5b89\u88dd
-JDKInstaller.DescriptorImpl.doCheckId=\u5b9a\u7fa9 JDK ID
-JDKInstaller.DescriptorImpl.doCheckAcceptLicense=\u60a8\u5fc5\u9808\u540c\u610f\u6388\u6b0a\u624d\u80fd\u4e0b\u8f09 JDK\u3002
diff --git a/core/src/main/resources/jenkins/split-plugin-cycles.txt b/core/src/main/resources/jenkins/split-plugin-cycles.txt
index 8c7871ef91..cfa589d969 100644
--- a/core/src/main/resources/jenkins/split-plugin-cycles.txt
+++ b/core/src/main/resources/jenkins/split-plugin-cycles.txt
@@ -10,3 +10,5 @@ script-security command-launcher
 script-security matrix-auth
 script-security matrix-project
 script-security windows-slaves
+
+apache-httpcomponents-client-4-api jdk-tool
diff --git a/core/src/main/resources/jenkins/split-plugins.txt b/core/src/main/resources/jenkins/split-plugins.txt
index 6717492736..3014a382c3 100644
--- a/core/src/main/resources/jenkins/split-plugins.txt
+++ b/core/src/main/resources/jenkins/split-plugins.txt
@@ -17,3 +17,5 @@ junit 1.577 1.0
 bouncycastle-api 2.16 2.16.0
 # JENKINS-47393
 command-launcher 2.86 1.0
+# JENKINS-22367
+jdk-tool 2.112 1.0
diff --git a/test/src/test/java/hudson/model/DownloadServiceTest.java b/test/src/test/java/hudson/model/DownloadServiceTest.java
index 9ded01620a..003f615724 100644
--- a/test/src/test/java/hudson/model/DownloadServiceTest.java
+++ b/test/src/test/java/hudson/model/DownloadServiceTest.java
@@ -10,7 +10,6 @@ import java.util.TreeSet;
 
 import hudson.tasks.Maven;
 import hudson.tools.DownloadFromUrlInstaller;
-import hudson.tools.JDKInstaller;
 import hudson.tools.ToolInstallation;
 import jenkins.model.DownloadSettings;
 import net.sf.json.JSONObject;
@@ -112,24 +111,6 @@ public class DownloadServiceTest extends HudsonTestCase {
         assertEquals(reducedJson, expectedResultJson);
     }
 
-    public void testReduceFunctionWithJDKJsons() throws Exception {
-        URL resource1 = DownloadServiceTest.class.getResource("hudson.tools.JDKInstaller1.json");
-        URL resource2 = DownloadServiceTest.class.getResource("hudson.tools.JDKInstaller2.json");
-        URL resource3 = DownloadServiceTest.class.getResource("hudson.tools.JDKInstaller3.json");
-        JSONObject json1 = JSONObject.fromObject(DownloadService.loadJSON(resource1));
-        JSONObject json2 = JSONObject.fromObject(DownloadService.loadJSON(resource2));
-        JSONObject json3 = JSONObject.fromObject(DownloadService.loadJSON(resource3));
-        List<JSONObject> jsonObjectList = new ArrayList<>();
-        jsonObjectList.add(json1);
-        jsonObjectList.add(json2);
-        jsonObjectList.add(json3);
-        JDKInstaller.JDKList downloadable = new JDKInstaller.JDKList();
-        JSONObject reducedJson = downloadable.reduce(jsonObjectList);
-        URL expectedResult = DownloadServiceTest.class.getResource("hudson.tools.JDKInstallerResult.json");
-        JSONObject expectedResultJson = JSONObject.fromObject(DownloadService.loadJSON(expectedResult));
-        assertEquals(reducedJson, expectedResultJson);
-    }
-
     public void testReduceFunctionWithNotDefaultSchemaJsons() throws Exception {
         URL resource1 = DownloadServiceTest.class.getResource("hudson.plugins.cmake.CmakeInstaller1.json");
         URL resource2 = DownloadServiceTest.class.getResource("hudson.plugins.cmake.CmakeInstaller2.json");
diff --git a/test/src/test/java/hudson/tools/JDKInstallerTest.java b/test/src/test/java/hudson/tools/JDKInstallerTest.java
deleted file mode 100644
index 934db79523..0000000000
--- a/test/src/test/java/hudson/tools/JDKInstallerTest.java
+++ /dev/null
@@ -1,121 +0,0 @@
-package hudson.tools;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-
-import com.gargoylesoftware.htmlunit.html.HtmlForm;
-import com.gargoylesoftware.htmlunit.html.HtmlFormUtil;
-import com.gargoylesoftware.htmlunit.html.HtmlPage;
-import hudson.tools.JDKInstaller.DescriptorImpl;
-
-import java.io.InputStream;
-import java.nio.file.Files;
-import org.junit.Assume;
-import org.junit.Before;
-import org.junit.Rule;
-import org.junit.Test;
-import hudson.model.JDK;
-import hudson.model.TaskListener;
-import hudson.util.StreamTaskListener;
-import hudson.tools.JDKInstaller.Platform;
-import hudson.FilePath;
-import hudson.Functions;
-import hudson.Launcher.LocalLauncher;
-
-import java.io.File;
-import java.util.Arrays;
-import java.util.Properties;
-import java.util.logging.Logger;
-
-import org.junit.rules.TemporaryFolder;
-import org.jvnet.hudson.test.JenkinsRule;
-
-/**
- * @author Kohsuke Kawaguchi
- */
-public class JDKInstallerTest {
-
-    @Rule
-    public JenkinsRule j = new JenkinsRule();
-
-    @Rule
-    public TemporaryFolder tmp = new TemporaryFolder();
-
-    @Before
-    public void setUp() throws Exception {
-        File f = new File(new File(System.getProperty("user.home")),".jenkins-ci.org");
-        if (!f.exists()) {
-            LOGGER.warning(f+" doesn't exist. Skipping JDK installation tests");
-        } else {
-            Properties prop = new Properties();
-            try (InputStream in = Files.newInputStream(f.toPath())) {
-                prop.load(in);
-                String u = prop.getProperty("oracle.userName");
-                String p = prop.getProperty("oracle.password");
-                if (u==null || p==null) {
-                    LOGGER.warning(f+" doesn't contain oracle.userName and oracle.password. Skipping JDK installation tests.");
-                } else {
-                    DescriptorImpl d = j.jenkins.getDescriptorByType(DescriptorImpl.class);
-                    d.doPostCredential(u,p);
-                }
-            }
-        }
-    }
-
-    @Test
-    public void enterCredential() throws Exception {
-        HtmlPage p = j.createWebClient().goTo("descriptorByName/hudson.tools.JDKInstaller/enterCredential");
-        HtmlForm form = p.getFormByName("postCredential");
-        form.getInputByName("username").setValueAttribute("foo");
-        form.getInputByName("password").setValueAttribute("bar");
-        HtmlFormUtil.submit(form, null);
-
-        DescriptorImpl d = j.jenkins.getDescriptorByType(DescriptorImpl.class);
-        assertEquals("foo",d.getUsername());
-        assertEquals("bar",d.getPassword().getPlainText());
-    }
-
-    /**
-     * Tests the configuration round trip.
-     */
-    @Test
-    public void configRoundtrip() throws Exception {
-        JDKInstaller installer = new JDKInstaller("jdk-6u13-oth-JPR@CDS-CDS_Developer", true);
-
-        j.jenkins.getJDKs().add(new JDK("test",tmp.getRoot().getAbsolutePath(), Arrays.asList(
-                new InstallSourceProperty(Arrays.<ToolInstaller>asList(installer)))));
-
-        j.submit(j.createWebClient().goTo("configureTools").getFormByName("config"));
-
-        JDK jdk = j.jenkins.getJDK("test");
-        InstallSourceProperty isp = jdk.getProperties().get(InstallSourceProperty.class);
-        assertEquals(1,isp.installers.size());
-        j.assertEqualBeans(installer, isp.installers.get(JDKInstaller.class), "id,acceptLicense");
-    }
-
-    /**
-     * Fake installation on Unix.
-     */
-    @Test
-    public void fakeUnixInstall() throws Exception {
-        Assume.assumeFalse("If we're on Windows, don't bother doing this", Functions.isWindows());
-
-        File bundle = File.createTempFile("fake-jdk-by-hudson","sh");
-        try {
-            new FilePath(bundle).write(
-                    "#!/bin/bash -ex\n" +
-                    "mkdir -p jdk1.6.0_dummy/bin\n" +
-                    "touch jdk1.6.0_dummy/bin/java","ASCII");
-            TaskListener l = StreamTaskListener.fromStdout();
-
-            new JDKInstaller("",true).install(new LocalLauncher(l),Platform.LINUX,
-                    new JDKInstaller.FilePathFileSystem(j.jenkins),l,tmp.getRoot().getPath(),bundle.getPath());
-
-            assertTrue(new File(tmp.getRoot(),"bin/java").exists());
-        } finally {
-            bundle.delete();
-        }
-    }
-
-    private static final Logger LOGGER = Logger.getLogger(JDKInstallerTest.class.getName());
-}
diff --git a/test/src/test/resources/hudson/model/hudson.tools.JDKInstaller1.json b/test/src/test/resources/hudson/model/hudson.tools.JDKInstaller1.json
deleted file mode 100644
index e5fc0dfd7e..0000000000
--- a/test/src/test/resources/hudson/model/hudson.tools.JDKInstaller1.json
+++ /dev/null
@@ -1,69 +0,0 @@
-downloadService.post('hudson.tools.JDKInstaller',{
-  "data": [
-    {
-      "name": "JDK 8",
-      "releases": [
-        {
-          "files": [
-            {
-              "filepath": "http://download.oracle.com/otn-pub/java/jdk/8u66-b17/jdk-8u66-linux-i586.tar.gz",
-              "name": "jdk-8u66-linux-i586.tar.gz",
-              "title": "Linux x86"
-            },
-            {
-              "filepath": "http://download.oracle.com/otn-pub/java/jdk/8u66-b17/jdk-8u66-macosx-x64.dmg",
-              "name": "jdk-8u66-macosx-x64.dmg",
-              "title": "Mac OS X x64"
-            }
-          ],
-          "licpath": "/technetwork/java/javase/terms/license",
-          "lictitle": "Oracle Binary Code License Agreement for Java SE",
-          "name": "jdk-8u66-oth-JPR",
-          "title": "Java SE Development Kit 8u66"
-        },
-        {
-          "files": [
-            {
-              "filepath": "http://download.oracle.com/otn-pub/java/jdk/8u65-b17/jdk-8u65-linux-arm32-vfp-hflt.tar.gz",
-              "name": "jdk-8u65-linux-arm32-vfp-hflt.tar.gz",
-              "title": "Linux ARM v6/v7 Hard Float ABI"
-            },
-            {
-              "filepath": "http://download.oracle.com/otn-pub/java/jdk/8u65-b17/jdk-8u65-linux-arm64-vfp-hflt.tar.gz",
-              "name": "jdk-8u65-linux-arm64-vfp-hflt.tar.gz",
-              "title": "Linux ARM v8 Hard Float ABI"
-            }
-          ],
-          "licpath": "/technetwork/java/javase/terms/license",
-          "lictitle": "Oracle Binary Code License Agreement for Java SE",
-          "name": "jdk-8u65-oth-JPR",
-          "title": "Java SE Development Kit 8u65"
-        }
-      ]
-    },
-    {
-      "name": "JDK 7",
-      "releases": [
-        {
-          "files": [
-            {
-              "filepath": "http://download.oracle.com/otn-pub/java/jdk/7u80-b15/jdk-7u80-linux-i586.tar.gz",
-              "name": "jdk-7u80-linux-i586.tar.gz",
-              "title": "Linux x86"
-            },
-            {
-              "filepath": "http://download.oracle.com/otn-pub/java/jdk/7u80-b15/jdk-7u80-linux-x64.tar.gz",
-              "name": "jdk-7u80-linux-x64.tar.gz",
-              "title": "Linux x64"
-            }
-          ],
-          "licpath": "/technetwork/java/javase/terms/license",
-          "lictitle": "Oracle Binary Code License Agreement for Java SE",
-          "name": "jdk-7u80-oth-JPR",
-          "title": "Java SE Development Kit 7u80"
-        }
-      ]
-    }
-  ],
-  "version": 2
-}
\ No newline at end of file
diff --git a/test/src/test/resources/hudson/model/hudson.tools.JDKInstaller2.json b/test/src/test/resources/hudson/model/hudson.tools.JDKInstaller2.json
deleted file mode 100644
index 199342841f..0000000000
--- a/test/src/test/resources/hudson/model/hudson.tools.JDKInstaller2.json
+++ /dev/null
@@ -1,46 +0,0 @@
-downloadService.post('hudson.tools.JDKInstaller',{
-"data": [
-    {
-      "name": "JDK 8",
-      "releases": [
-        {
-          "files": [
-            {
-              "filepath": "http://download.oracle1.com/otn-pub/java/jdk/8u66-b17/jdk-8u66-linux-i586.tar.gz",
-              "name": "jdk-8u66-linux-i586.tar.gz",
-              "title": "Linux x86"
-            },
-            {
-              "filepath": "http://download.oracle.com/otn-pub/java/jdk/8u66-b17/jdk-8u66-linux-x64.tar.gz",
-              "name": "jdk-8u66-linux-x64.tar.gz",
-              "title": "Linux x64"
-            },
-            {
-              "filepath": "http://download.oracle.com/otn-pub/java/jdk/8u66-b17/jdk-8u66-macosx-x64.dmg",
-              "name": "jdk-8u66-macosx-x64.dmg",
-              "title": "Mac OS X x64"
-            }
-          ],
-          "licpath": "/technetwork/java/javase/terms/license",
-          "lictitle": "Oracle Binary Code License Agreement for Java SE",
-          "name": "jdk-8u66-oth-JPR",
-          "title": "Java SE Development Kit 8u66"
-        },
-        {
-          "files": [
-            {
-              "filepath": "http://download.oracle.com/otn-pub/java/jdk/8u65-b17/jdk-8u65-linux-arm32-vfp-hflt.tar.gz",
-              "name": "jdk-8u65-linux-arm32-vfp-hflt.tar.gz",
-              "title": "Linux ARM v6/v7 Hard Float ABI"
-            }
-          ],
-          "licpath": "/technetwork/java/javase/terms/license",
-          "lictitle": "Oracle Binary Code License Agreement for Java SE",
-          "name": "jdk-8u65-oth-JPR",
-          "title": "Java SE Development Kit 8u65"
-        }
-      ]
-    }
-  ],
-  "version": 2
-}
\ No newline at end of file
diff --git a/test/src/test/resources/hudson/model/hudson.tools.JDKInstaller3.json b/test/src/test/resources/hudson/model/hudson.tools.JDKInstaller3.json
deleted file mode 100644
index c9472a4511..0000000000
--- a/test/src/test/resources/hudson/model/hudson.tools.JDKInstaller3.json
+++ /dev/null
@@ -1,69 +0,0 @@
-downloadService.post('hudson.tools.JDKInstaller',{
-"data": [
-    {
-      "name": "JDK 8",
-      "releases": [
-        {
-          "files": [
-            {
-              "filepath": "http://download.oracle2.com/otn-pub/java/jdk/8u66-b17/jdk-8u66-linux-i586.tar.gz",
-              "name": "jdk-8u66-linux-i586.tar.gz",
-              "title": "Linux x86"
-            },
-            {
-            "filepath": "http://download.oracle.com/otn-pub/java/jdk/8u66-b17/jdk-8u66-solaris-x64.tar.gz",
-            "name": "jdk-8u66-solaris-x64.tar.gz",
-            "title": "Solaris x64"
-            },
-            {
-            "filepath": "http://download.oracle.com/otn-pub/java/jdk/8u66-b18/jdk-8u66-windows-i586.exe",
-            "name": "jdk-8u66-windows-i586.exe",
-            "title": "Windows x86"
-            }
-          ],
-          "licpath": "/technetwork/java/javase/terms/license",
-          "lictitle": "Oracle Binary Code License Agreement for Java SE",
-          "name": "jdk-8u66-oth-JPR",
-          "title": "Java SE Development Kit 8u66"
-        },
-        {
-          "files": [
-            {
-              "filepath": "http://download.oracle.com/otn-pub/java/jdk/8u65-b17/jdk-8u65-linux-arm32-vfp-hflt.tar.gz",
-              "name": "jdk-8u65-linux-arm32-vfp-hflt.tar.gz",
-              "title": "Linux ARM v6/v7 Hard Float ABI"
-            }
-          ],
-          "licpath": "/technetwork/java/javase/terms/license",
-          "lictitle": "Oracle Binary Code License Agreement for Java SE",
-          "name": "jdk-8u65-oth-JPR",
-          "title": "Java SE Development Kit 8u65"
-        }
-      ]
-    },
-    {
-      "name": "JDK 6",
-      "releases":       [
-        {
-          "files":           [
-            {
-              "filepath": "http://download.oracle.com/otn/java/jdk/6u45-b06/jdk-6u45-linux-i586.bin",
-              "name": "jdk-6u45-linux-i586.bin",
-              "title": "Linux x86"
-            },
-            {
-              "filepath": "http://download.oracle.com/otn/java/jdk/6u45-b06/jdk-6u45-linux-ia64.bin",
-              "name": "jdk-6u45-linux-ia64.bin",
-              "title": "Linux Intel Itanium"
-            }
-          ],
-          "licpath": "/technetwork/java/javase/downloads/java-se-archive-license-1382604.html",
-          "lictitle": "Oracle Binary Code License Agreement for Java SE",
-          "name": "jdk-6u45-oth-JPR",
-          "title": "Java SE Development Kit 6u45"
-        }
-      ],
-    }
-  ],
-  "version": 3
-}
\ No newline at end of file
diff --git a/test/src/test/resources/hudson/model/hudson.tools.JDKInstallerResult.json b/test/src/test/resources/hudson/model/hudson.tools.JDKInstallerResult.json
deleted file mode 100644
index 07cbf97214..0000000000
--- a/test/src/test/resources/hudson/model/hudson.tools.JDKInstallerResult.json
+++ /dev/null
@@ -1,107 +0,0 @@
-downloadService.post('hudson.tools.JDKInstaller',{
-  "data": [
-    {
-      "name": "JDK 8",
-      "releases": [
-        {
-          "files": [
-            {
-              "filepath": "http://download.oracle.com/otn-pub/java/jdk/8u66-b17/jdk-8u66-linux-i586.tar.gz",
-              "name": "jdk-8u66-linux-i586.tar.gz",
-              "title": "Linux x86"
-            },
-            {
-              "filepath": "http://download.oracle.com/otn-pub/java/jdk/8u66-b17/jdk-8u66-macosx-x64.dmg",
-              "name": "jdk-8u66-macosx-x64.dmg",
-              "title": "Mac OS X x64"
-            },
-            {
-            "filepath": "http://download.oracle.com/otn-pub/java/jdk/8u66-b17/jdk-8u66-linux-x64.tar.gz",
-            "name": "jdk-8u66-linux-x64.tar.gz",
-            "title": "Linux x64"
-            },
-            {
-            "filepath": "http://download.oracle.com/otn-pub/java/jdk/8u66-b17/jdk-8u66-solaris-x64.tar.gz",
-            "name": "jdk-8u66-solaris-x64.tar.gz",
-            "title": "Solaris x64"
-            },
-            {
-            "filepath": "http://download.oracle.com/otn-pub/java/jdk/8u66-b18/jdk-8u66-windows-i586.exe",
-            "name": "jdk-8u66-windows-i586.exe",
-            "title": "Windows x86"
-            }
-          ],
-          "licpath": "/technetwork/java/javase/terms/license",
-          "lictitle": "Oracle Binary Code License Agreement for Java SE",
-          "name": "jdk-8u66-oth-JPR",
-          "title": "Java SE Development Kit 8u66"
-        },
-        {
-          "files": [
-            {
-              "filepath": "http://download.oracle.com/otn-pub/java/jdk/8u65-b17/jdk-8u65-linux-arm32-vfp-hflt.tar.gz",
-              "name": "jdk-8u65-linux-arm32-vfp-hflt.tar.gz",
-              "title": "Linux ARM v6/v7 Hard Float ABI"
-            },
-            {
-              "filepath": "http://download.oracle.com/otn-pub/java/jdk/8u65-b17/jdk-8u65-linux-arm64-vfp-hflt.tar.gz",
-              "name": "jdk-8u65-linux-arm64-vfp-hflt.tar.gz",
-              "title": "Linux ARM v8 Hard Float ABI"
-            }
-          ],
-          "licpath": "/technetwork/java/javase/terms/license",
-          "lictitle": "Oracle Binary Code License Agreement for Java SE",
-          "name": "jdk-8u65-oth-JPR",
-          "title": "Java SE Development Kit 8u65"
-        }
-      ]
-    },
-    {
-      "name": "JDK 7",
-      "releases": [
-        {
-          "files": [
-            {
-              "filepath": "http://download.oracle.com/otn-pub/java/jdk/7u80-b15/jdk-7u80-linux-i586.tar.gz",
-              "name": "jdk-7u80-linux-i586.tar.gz",
-              "title": "Linux x86"
-            },
-            {
-              "filepath": "http://download.oracle.com/otn-pub/java/jdk/7u80-b15/jdk-7u80-linux-x64.tar.gz",
-              "name": "jdk-7u80-linux-x64.tar.gz",
-              "title": "Linux x64"
-            }
-          ],
-          "licpath": "/technetwork/java/javase/terms/license",
-          "lictitle": "Oracle Binary Code License Agreement for Java SE",
-          "name": "jdk-7u80-oth-JPR",
-          "title": "Java SE Development Kit 7u80"
-        }
-      ]
-    },
-    {
-      "name": "JDK 6",
-      "releases":       [
-        {
-          "files":           [
-            {
-              "filepath": "http://download.oracle.com/otn/java/jdk/6u45-b06/jdk-6u45-linux-i586.bin",
-              "name": "jdk-6u45-linux-i586.bin",
-              "title": "Linux x86"
-            },
-            {
-              "filepath": "http://download.oracle.com/otn/java/jdk/6u45-b06/jdk-6u45-linux-ia64.bin",
-              "name": "jdk-6u45-linux-ia64.bin",
-              "title": "Linux Intel Itanium"
-            }
-          ],
-          "licpath": "/technetwork/java/javase/downloads/java-se-archive-license-1382604.html",
-          "lictitle": "Oracle Binary Code License Agreement for Java SE",
-          "name": "jdk-6u45-oth-JPR",
-          "title": "Java SE Development Kit 6u45"
-        }
-      ],
-    }
-  ],
-  "version": 2
-}
\ No newline at end of file
diff --git a/war/pom.xml b/war/pom.xml
index 61f0656487..5f69644e44 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -408,6 +408,12 @@ THE SOFTWARE.
                   <version>1.0</version>
                   <type>hpi</type>
                 </artifactItem>
+                <artifactItem>
+                  <groupId>org.jenkins-ci.plugins</groupId>
+                  <artifactId>jdk-tool</artifactId>
+                  <version>1.0</version>
+                  <type>hpi</type>
+                </artifactItem>
               </artifactItems>
               <outputDirectory>${project.build.directory}/${project.build.finalName}/WEB-INF/detached-plugins</outputDirectory>
               <stripVersion>true</stripVersion>
-- 
GitLab


From 4c6228dcbce46faddf6f16beaa1369176f2dde3d Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Sat, 17 Mar 2018 19:47:51 +0800
Subject: [PATCH 227/863] Add Chinese translation for global configuration

---
 .../UsageStatistics/global_zh_CN.properties   | 26 +++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 core/src/main/resources/hudson/model/UsageStatistics/global_zh_CN.properties

diff --git a/core/src/main/resources/hudson/model/UsageStatistics/global_zh_CN.properties b/core/src/main/resources/hudson/model/UsageStatistics/global_zh_CN.properties
new file mode 100644
index 0000000000..8d58e6568d
--- /dev/null
+++ b/core/src/main/resources/hudson/model/UsageStatistics/global_zh_CN.properties
@@ -0,0 +1,26 @@
+# The MIT License
+# 
+# Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi
+# 
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+# 
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Usage\ Statistics=\u4f7f\u7528\u7edf\u8ba1
+statsBlurb=\
+  \u901a\u8fc7\u53d1\u9001\u533f\u540d\u7684\u4f7f\u7528\u4fe1\u606f\u4ee5\u53ca\u7a0b\u5e8f\u5d29\u6e83\u62a5\u544a\u6765\u5e2e\u52a9Jenkins\u505a\u7684\u66f4\u597d\u3002
+
-- 
GitLab


From 414272f53be0e80e51d59fc9491ee7134d07a2ca Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Sat, 17 Mar 2018 19:49:01 +0800
Subject: [PATCH 228/863] Add Chinese translation for global configuration

---
 .../config_zh_CN.properties                   | 28 +++++++++++++++++++
 .../jenkins/model/Jenkins/configure.jelly     |  2 +-
 .../model/Jenkins/configure_bg.properties     |  2 --
 .../model/Jenkins/configure_de.properties     |  1 -
 .../model/Jenkins/configure_fr.properties     |  1 -
 .../model/Jenkins/configure_it.properties     |  1 -
 .../model/Jenkins/configure_lt.properties     |  1 -
 .../model/Jenkins/configure_pl.properties     |  1 -
 .../model/Jenkins/configure_ru.properties     |  1 -
 .../model/Jenkins/configure_sr.properties     |  1 -
 .../jenkins/model/Messages_zh_CN.properties   |  3 ++
 11 files changed, 32 insertions(+), 10 deletions(-)
 create mode 100644 core/src/main/resources/jenkins/management/AdministrativeMonitorsConfiguration/config_zh_CN.properties

diff --git a/core/src/main/resources/jenkins/management/AdministrativeMonitorsConfiguration/config_zh_CN.properties b/core/src/main/resources/jenkins/management/AdministrativeMonitorsConfiguration/config_zh_CN.properties
new file mode 100644
index 0000000000..0b9eae01ae
--- /dev/null
+++ b/core/src/main/resources/jenkins/management/AdministrativeMonitorsConfiguration/config_zh_CN.properties
@@ -0,0 +1,28 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Administrative\ monitors\ configuration=\u7ba1\u7406\u76d1\u63a7\u914d\u7f6e
+Administrative\ monitors=\u7ba1\u7406\u76d1\u63a7
+Enabled\ administrative\ monitors=\u542f\u7528\u7684\u7ba1\u7406\u76d1\u63a7
+blurb = \u7ba1\u7406\u76d1\u63a7\u662f\u5c55\u793a\u7ed9\u7ba1\u7406\u5458\u7684\u5173\u4e8eJenkins\u5b9e\u4f8b\u72b6\u6001\u7684\u8b66\u544a\u4fe1\u606f\u3002 \
+  \u901a\u5e38\u5efa\u8bae\u542f\u7528\u6240\u6709\u7684\u914d\u7f6e\uff0c\u4f46\u5982\u679c\u4f60\u5bf9\u7279\u5b9a\u7684\u8b66\u544a\u4e0d\u5173\u5fc3\uff0c\u53ef\u4ee5 \
+  \u53d6\u6d88\u9009\u62e9\uff0c\u7136\u540e\u5c31\u4e0d\u4f1a\u518d\u663e\u793a\u4e86\u3002
diff --git a/core/src/main/resources/jenkins/model/Jenkins/configure.jelly b/core/src/main/resources/jenkins/model/Jenkins/configure.jelly
index e95226abb1..fee18794ff 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/configure.jelly
+++ b/core/src/main/resources/jenkins/model/Jenkins/configure.jelly
@@ -62,7 +62,7 @@ THE SOFTWARE.
 
       <f:bottomButtonBar>
         <f:submit value="${%Save}" />
-        <f:apply value="${%Apply}"/>
+        <f:apply />
       </f:bottomButtonBar>
     </f:form>
     <st:adjunct includes="lib.form.confirm" />
diff --git a/core/src/main/resources/jenkins/model/Jenkins/configure_bg.properties b/core/src/main/resources/jenkins/model/Jenkins/configure_bg.properties
index dac6a7bdc1..073c3f90ad 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/configure_bg.properties
+++ b/core/src/main/resources/jenkins/model/Jenkins/configure_bg.properties
@@ -34,5 +34,3 @@ Configure\ System=\
  \u041d\u0430\u0441\u0442\u0440\u043e\u0439\u0432\u0430\u043d\u0435 \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0442\u0430
 Save=\
  \u0417\u0430\u043f\u0430\u0437\u0432\u0430\u043d\u0435
-Apply=\
- \u041f\u0440\u0438\u043b\u0430\u0433\u0430\u043d\u0435
diff --git a/core/src/main/resources/jenkins/model/Jenkins/configure_de.properties b/core/src/main/resources/jenkins/model/Jenkins/configure_de.properties
index d7f2d5c3d8..4350cb8175 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/configure_de.properties
+++ b/core/src/main/resources/jenkins/model/Jenkins/configure_de.properties
@@ -28,4 +28,3 @@ Workspace\ Root\ Directory=Workspace Wurzelverzeichnis
 Build\ Record\ Root\ Directory=Verzeichnis f\u00FCr aufgezeichnete Builds
 
 Configure\ System=Systemkonfiguration
-Apply=\u00DCbernehmen
diff --git a/core/src/main/resources/jenkins/model/Jenkins/configure_fr.properties b/core/src/main/resources/jenkins/model/Jenkins/configure_fr.properties
index 8683592c01..8321029643 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/configure_fr.properties
+++ b/core/src/main/resources/jenkins/model/Jenkins/configure_fr.properties
@@ -24,6 +24,5 @@ Home\ directory=R\u00E9pertoire Home
 System\ Message=Message du syst\u00E8me
 Workspace\ Root\ Directory=R\u00E9pertoire racine de l''espace de travail (workspace)
 Save=Enregistrer
-Apply=Appliquer
 Build\ Record\ Root\ Directory=R\u00E9pertoire racine des constructions
 LOADING=CHARGEMENT
diff --git a/core/src/main/resources/jenkins/model/Jenkins/configure_it.properties b/core/src/main/resources/jenkins/model/Jenkins/configure_it.properties
index 6eb7c9388c..41501729b7 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/configure_it.properties
+++ b/core/src/main/resources/jenkins/model/Jenkins/configure_it.properties
@@ -7,4 +7,3 @@ Workspace\ Root\ Directory=Directory radice spazio di lavoro
 Configure\ System=Configura sistema
 Save=Salva
 Build\ Record\ Root\ Directory=Directory radice record di compilazione
-Apply=Applica
diff --git a/core/src/main/resources/jenkins/model/Jenkins/configure_lt.properties b/core/src/main/resources/jenkins/model/Jenkins/configure_lt.properties
index 371e6713db..7afe01e4c5 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/configure_lt.properties
+++ b/core/src/main/resources/jenkins/model/Jenkins/configure_lt.properties
@@ -5,4 +5,3 @@ Workspace\ Root\ Directory=Darbastalio \u0161akninis aplankas
 Build\ Record\ Root\ Directory=Vykdymo \u012fra\u0161o \u0161akninis aplankas
 Configure\ System=Konfig\u016bruoti sistem\u0105
 Save=\u012era\u0161yti
-Apply=Pritaikyti
diff --git a/core/src/main/resources/jenkins/model/Jenkins/configure_pl.properties b/core/src/main/resources/jenkins/model/Jenkins/configure_pl.properties
index 2f392154fc..b38192a79f 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/configure_pl.properties
+++ b/core/src/main/resources/jenkins/model/Jenkins/configure_pl.properties
@@ -25,5 +25,4 @@ LOADING=Wczytywanie
 System\ Message=Komunikat systemowy
 Workspace\ Root\ Directory=Katalog bazowy przestrzeni roboczej
 Save=Zapisz
-Apply=Zastosuj
 Configure\ System=Skonfiguruj system
diff --git a/core/src/main/resources/jenkins/model/Jenkins/configure_ru.properties b/core/src/main/resources/jenkins/model/Jenkins/configure_ru.properties
index dd7942dd69..9d9cff33ee 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/configure_ru.properties
+++ b/core/src/main/resources/jenkins/model/Jenkins/configure_ru.properties
@@ -1,4 +1,3 @@
-Apply=\u041f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c
 Configure\ System=\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b
 Home\ directory=\u0414\u043e\u043c\u0430\u0448\u043d\u044f\u044f \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u044f
 System\ Message=\u0421\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0435 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435
diff --git a/core/src/main/resources/jenkins/model/Jenkins/configure_sr.properties b/core/src/main/resources/jenkins/model/Jenkins/configure_sr.properties
index c6e2ed9255..91b1da13f7 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/configure_sr.properties
+++ b/core/src/main/resources/jenkins/model/Jenkins/configure_sr.properties
@@ -7,4 +7,3 @@ System\ Message=\u0421\u0438\u0441\u0442\u0435\u043C\u0441\u043A\u0430 \u043F\u0
 Workspace\ Root\ Directory=\u0413\u043B\u0430\u0432\u043D\u0438 \u0434\u0438\u0440\u0435\u043A\u0442\u043E\u0440\u0438\u0458\u0443\u043C \u0440\u0430\u0434\u043D\u043E\u0433 \u043F\u0440\u043E\u0441\u0442\u043E\u0440\u0430
 Configure\ System=\u041F\u043E\u0434\u0435\u0448\u0430\u0432\u0430\u045A\u0435 \u0441\u0438\u0441\u0442\u0435\u043C\u043E\u043C
 Save=\u0421\u0430\u0447\u0443\u0432\u0430\u0458
-Apply=\u041F\u0440\u0438\u043C\u0435\u043D\u0438
diff --git a/core/src/main/resources/jenkins/model/Messages_zh_CN.properties b/core/src/main/resources/jenkins/model/Messages_zh_CN.properties
index 72e1bc8efc..8b2b0b4e64 100644
--- a/core/src/main/resources/jenkins/model/Messages_zh_CN.properties
+++ b/core/src/main/resources/jenkins/model/Messages_zh_CN.properties
@@ -34,6 +34,9 @@ CLI.shutdown.shortDescription=\u7ACB\u523B\u5173\u95EDJenkins
 CLI.disable-job.shortDescription=\u7981\u7528\u4EFB\u52A1
 CLI.enable-job.shortDescription=\u542F\u7528\u4EFB\u52A1
 
+Mailer.Address.Not.Configured=\u6ca1\u6709\u914d\u7f6e\u90ae\u7bb1\u5730\u5740 <nobody@nowhere>
+Mailer.Localhost.Error=\u8bf7\u8f93\u5165\u4e00\u4e2a\u5408\u6cd5\u7684\u4e3b\u673a\u540d\uff0c\u800c\u4e0d\u662flocalhost
+
 DefaultProjectNamingStrategy.DisplayName=\u9ED8\u8BA4
 
 PatternProjectNamingStrategy.DisplayName=\u6A21\u5F0F
-- 
GitLab


From 1a6412b93b937f8180c4c757fa0a6d335efb39a3 Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Sat, 17 Mar 2018 20:33:46 +0800
Subject: [PATCH 229/863] Copyright fixed

---
 .../hudson/model/UsageStatistics/global_zh_CN.properties        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/hudson/model/UsageStatistics/global_zh_CN.properties b/core/src/main/resources/hudson/model/UsageStatistics/global_zh_CN.properties
index 8d58e6568d..a41c11606c 100644
--- a/core/src/main/resources/hudson/model/UsageStatistics/global_zh_CN.properties
+++ b/core/src/main/resources/hudson/model/UsageStatistics/global_zh_CN.properties
@@ -1,6 +1,6 @@
 # The MIT License
 # 
-# Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi
+# Copyright (c) 2018, suren <zxjlwt@126.com>
 # 
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
-- 
GitLab


From d0ed3ecf5f0b1f926e8d8c96ba3a94fb68d9ba0d Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Sat, 17 Mar 2018 21:17:54 +0800
Subject: [PATCH 230/863] Move configure.jelly's other language translate for
 'apply' into 'apply.jelly'

---
 .../resources/lib/form/apply_bg.properties    | 23 +++++++++++++++++++
 .../resources/lib/form/apply_de.properties    | 23 +++++++++++++++++++
 .../resources/lib/form/apply_fr.properties    | 23 +++++++++++++++++++
 .../resources/lib/form/apply_it.properties    | 23 +++++++++++++++++++
 .../resources/lib/form/apply_lt.properties    | 23 +++++++++++++++++++
 .../resources/lib/form/apply_pl.properties    | 23 +++++++++++++++++++
 .../resources/lib/form/apply_ru.properties    | 23 +++++++++++++++++++
 .../resources/lib/form/apply_sr.properties    | 23 +++++++++++++++++++
 8 files changed, 184 insertions(+)
 create mode 100644 core/src/main/resources/lib/form/apply_bg.properties
 create mode 100644 core/src/main/resources/lib/form/apply_de.properties
 create mode 100644 core/src/main/resources/lib/form/apply_fr.properties
 create mode 100644 core/src/main/resources/lib/form/apply_it.properties
 create mode 100644 core/src/main/resources/lib/form/apply_lt.properties
 create mode 100644 core/src/main/resources/lib/form/apply_pl.properties
 create mode 100644 core/src/main/resources/lib/form/apply_ru.properties
 create mode 100644 core/src/main/resources/lib/form/apply_sr.properties

diff --git a/core/src/main/resources/lib/form/apply_bg.properties b/core/src/main/resources/lib/form/apply_bg.properties
new file mode 100644
index 0000000000..348a9c1d7f
--- /dev/null
+++ b/core/src/main/resources/lib/form/apply_bg.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018 suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Apply=\u041f\u0440\u0438\u043b\u0430\u0433\u0430\u043d\u0435
diff --git a/core/src/main/resources/lib/form/apply_de.properties b/core/src/main/resources/lib/form/apply_de.properties
new file mode 100644
index 0000000000..f99838fcea
--- /dev/null
+++ b/core/src/main/resources/lib/form/apply_de.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018 suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Apply=\u00DCbernehmen
diff --git a/core/src/main/resources/lib/form/apply_fr.properties b/core/src/main/resources/lib/form/apply_fr.properties
new file mode 100644
index 0000000000..40bfaa3bb4
--- /dev/null
+++ b/core/src/main/resources/lib/form/apply_fr.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018 suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Apply=Appliquer
diff --git a/core/src/main/resources/lib/form/apply_it.properties b/core/src/main/resources/lib/form/apply_it.properties
new file mode 100644
index 0000000000..6dc178b3f5
--- /dev/null
+++ b/core/src/main/resources/lib/form/apply_it.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018 suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Apply=Applica
diff --git a/core/src/main/resources/lib/form/apply_lt.properties b/core/src/main/resources/lib/form/apply_lt.properties
new file mode 100644
index 0000000000..dc42eaf6cc
--- /dev/null
+++ b/core/src/main/resources/lib/form/apply_lt.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018 suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Apply=Pritaikyti
diff --git a/core/src/main/resources/lib/form/apply_pl.properties b/core/src/main/resources/lib/form/apply_pl.properties
new file mode 100644
index 0000000000..7d4ec43049
--- /dev/null
+++ b/core/src/main/resources/lib/form/apply_pl.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018 suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Apply=Zastosuj
diff --git a/core/src/main/resources/lib/form/apply_ru.properties b/core/src/main/resources/lib/form/apply_ru.properties
new file mode 100644
index 0000000000..10e61d1882
--- /dev/null
+++ b/core/src/main/resources/lib/form/apply_ru.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018 suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Apply=\u041f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c
diff --git a/core/src/main/resources/lib/form/apply_sr.properties b/core/src/main/resources/lib/form/apply_sr.properties
new file mode 100644
index 0000000000..0456d1517b
--- /dev/null
+++ b/core/src/main/resources/lib/form/apply_sr.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018 suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Apply=\u041F\u0440\u0438\u043C\u0435\u043D\u0438
-- 
GitLab


From d3da85305c471ec6848f2df2d2cc466b2a833ac9 Mon Sep 17 00:00:00 2001
From: phoenix384 <phoenix384@gmx.de>
Date: Sat, 17 Mar 2018 20:04:33 +0100
Subject: [PATCH 231/863] German translation for Rename (#3334)

* German translation for Rename

* Update confirm-rename_de.properties
---
 .../hudson/model/AbstractItem/confirm-rename_de.properties     | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 core/src/main/resources/hudson/model/AbstractItem/confirm-rename_de.properties

diff --git a/core/src/main/resources/hudson/model/AbstractItem/confirm-rename_de.properties b/core/src/main/resources/hudson/model/AbstractItem/confirm-rename_de.properties
new file mode 100644
index 0000000000..8fd89ed115
--- /dev/null
+++ b/core/src/main/resources/hudson/model/AbstractItem/confirm-rename_de.properties
@@ -0,0 +1,3 @@
+DescribeRename={0} {1} umbenennen
+NewName=Neuer Name
+Rename=Umbenennen
-- 
GitLab


From db034758e09a4a7cab98e65ec1084be0e1205e70 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 16 Feb 2018 18:31:05 +0100
Subject: [PATCH 232/863] [JENKINS-49565] - Update Jenkins CLI to Mina SSHD
 Core 1.7.0

(cherry picked from commit 36f7fc0d925338a2642553ec7e7a0eda938fb3f6)
---
 cli/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index c0c4be6b23..a486cdf879 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -54,7 +54,7 @@
     <dependency>
       <groupId>org.apache.sshd</groupId>
       <artifactId>sshd-core</artifactId>
-      <version>1.6.0</version>
+      <version>1.7.0</version>
       <optional>true</optional> <!-- do not expose to core -->
     </dependency>
     <dependency>
-- 
GitLab


From 20d44c5aa750f6fece96f83f0f7ed519e9df2e54 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sun, 18 Feb 2018 14:22:15 +0100
Subject: [PATCH 233/863] Merge pull request #3294 from dwnusbaum/JENKINS-34712

[JENKINS-34712] Always show the master node when it is offline

(cherry picked from commit b67a30f8daff936c91fd54b90bef6c366707a8f1)
---
 core/src/main/resources/lib/hudson/executors.jelly | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/lib/hudson/executors.jelly b/core/src/main/resources/lib/hudson/executors.jelly
index 86f12dffc4..578808d47f 100644
--- a/core/src/main/resources/lib/hudson/executors.jelly
+++ b/core/src/main/resources/lib/hudson/executors.jelly
@@ -129,7 +129,7 @@ THE SOFTWARE.
       <j:forEach var="c" items="${computers}">
         <j:set var="cDisplayExecutors" value="${c.displayExecutors}"/>
         <tr>
-          <j:if test="${computersSize gt 1 and !cDisplayExecutors.isEmpty()}">
+          <j:if test="${(computersSize gt 1 and !cDisplayExecutors.isEmpty()) or (c.node == app and c.offline)}">
             <th class="pane" colspan="3">
               <local:computerCaption title="${c.displayName}" />
             </th>
-- 
GitLab


From 8ece20cf1201119eecab0e753b6a5b03cde58528 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 19 Mar 2018 10:55:50 -0700
Subject: [PATCH 234/863] [maven-release-plugin] prepare release jenkins-2.112

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index b47edc1852..6cbdd7b885 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.112-SNAPSHOT</version>
+    <version>2.112</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 0b0fc61ee2..735e859905 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.112-SNAPSHOT</version>
+    <version>2.112</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index b7e19994cf..39135c8751 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.112-SNAPSHOT</version>
+  <version>2.112</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.112</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 3b90d1d1bb..a70d9e82b2 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.112-SNAPSHOT</version>
+    <version>2.112</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 5f69644e44..4172260b94 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.112-SNAPSHOT</version>
+    <version>2.112</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From ca61ed7e3545671175d331d1ecd4c80ab445c387 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 19 Mar 2018 10:55:50 -0700
Subject: [PATCH 235/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 6cbdd7b885..b4114d904f 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.112</version>
+    <version>2.113-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 735e859905..ce4de3a920 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.112</version>
+    <version>2.113-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 39135c8751..844cbf9243 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.112</version>
+  <version>2.113-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.112</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index a70d9e82b2..2e918d046f 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.112</version>
+    <version>2.113-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 4172260b94..bc0ca50405 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.112</version>
+    <version>2.113-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 7b9a3e4448a8f57a67d8379a5bc1dbe6f5868eee Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 19 Mar 2018 16:57:15 -0400
Subject: [PATCH 236/863] [JENKINS-50237] Pick up Remoting with automatic
 ProxyException; and avoid BuildException to begin with.

---
 core/src/main/java/hudson/FilePath.java     |  8 ++-
 pom.xml                                     |  2 +-
 test/src/test/java/hudson/FilePathTest.java | 59 +++++++++++++++++++++
 3 files changed, 67 insertions(+), 2 deletions(-)
 create mode 100644 test/src/test/java/hudson/FilePathTest.java

diff --git a/core/src/main/java/hudson/FilePath.java b/core/src/main/java/hudson/FilePath.java
index 9b14501085..2f21b2cd5d 100644
--- a/core/src/main/java/hudson/FilePath.java
+++ b/core/src/main/java/hudson/FilePath.java
@@ -138,6 +138,7 @@ import static hudson.Util.fixEmpty;
 import static hudson.Util.isSymlink;
 
 import java.util.Collections;
+import org.apache.tools.ant.BuildException;
         
 /**
  * {@link File} like object with remoting support.
@@ -1829,7 +1830,12 @@ public final class FilePath implements Serializable {
             throw new IOException("Expecting Ant GLOB pattern, but saw '"+includes+"'. See http://ant.apache.org/manual/Types/fileset.html for syntax");
         FileSet fs = Util.createFileSet(dir,includes,excludes);
         fs.setDefaultexcludes(defaultExcludes);
-        DirectoryScanner ds = fs.getDirectoryScanner(new Project());
+        DirectoryScanner ds;
+        try {
+            ds = fs.getDirectoryScanner(new Project());
+        } catch (BuildException x) {
+            throw new IOException(x.getMessage());
+        }
         String[] files = ds.getIncludedFiles();
         return files;
     }
diff --git a/pom.xml b/pom.xml
index 844cbf9243..c5544b74bb 100644
--- a/pom.xml
+++ b/pom.xml
@@ -104,7 +104,7 @@ THE SOFTWARE.
     <maven-war-plugin.version>3.0.0</maven-war-plugin.version> <!-- JENKINS-47127 bump when 3.2.0 is out. Cf. MWAR-407 -->
 
     <!-- Minimum Remoting version, which is tested for API compatibility -->
-    <remoting.version>3.18</remoting.version>
+    <remoting.version>3.19-20180319.205443-1</remoting.version> <!-- TODO https://github.com/jenkinsci/remoting/pull/263 -->
     <remoting.minimum.supported.version>2.60</remoting.minimum.supported.version>
 
     <!-- TODO: JENKINS-36716 - Switch to Medium once FindBugs is cleaned up, 430 issues on Mar 10, 2018 -->
diff --git a/test/src/test/java/hudson/FilePathTest.java b/test/src/test/java/hudson/FilePathTest.java
new file mode 100644
index 0000000000..bc5dfd3f4d
--- /dev/null
+++ b/test/src/test/java/hudson/FilePathTest.java
@@ -0,0 +1,59 @@
+/*
+ * The MIT License
+ *
+ * Copyright 2018 CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+package hudson;
+
+import hudson.model.Node;
+import org.apache.tools.ant.DirectoryScanner;
+import static org.hamcrest.Matchers.*;
+import org.junit.Test;
+import static org.junit.Assert.*;
+import org.junit.Rule;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+
+public class FilePathTest {
+
+    @Rule
+    public JenkinsRule r = new JenkinsRule();
+
+    @Issue("JENKINS-50237")
+    @Test
+    public void listGlob() throws Exception {
+        for (Node n : new Node[] {r.jenkins, r.createOnlineSlave()}) {
+            FilePath d = n.getRootPath().child("globbing");
+            FilePath exists = d.child("dir/exists");
+            exists.write("", null);
+            assertThat(d.list("**/exists"), arrayContainingInAnyOrder(exists));
+            assertThat(d.list("**/nonexistent"), emptyArray());
+            FilePath nonexistentDir = d.child("nonexistentDir");
+            try {
+                assertThat("if it works at all, should be empty", nonexistentDir.list("**"), emptyArray());
+            } catch (Exception x) {
+                assertThat(x.toString(), containsString(nonexistentDir.getRemote() + DirectoryScanner.DOES_NOT_EXIST_POSTFIX));
+            }
+        }
+    }
+
+}
-- 
GitLab


From 198850a120fed452be7f5cb27dab17385900bae7 Mon Sep 17 00:00:00 2001
From: Raul Arabaolaza <rarabaolaza@cloudbees.com>
Date: Tue, 20 Mar 2018 14:56:25 +0100
Subject: [PATCH 237/863] [JENKINS-49269] Cautious deleteDir

---
 Jenkinsfile | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Jenkinsfile b/Jenkinsfile
index 2ec14417cc..eaee7decb7 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -68,6 +68,8 @@ for(i = 0; i < buildTypes.size(); i++) {
 
 builds.ath = {
     node("linux") {
+        // Just to be safe
+        deleteDir()
         def fileUri
         def metadataPath
         dir("sources") {
-- 
GitLab


From 8112f37b4323f9f5c1e916fcc00a16097a50f03a Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Tue, 20 Mar 2018 10:09:20 -0400
Subject: [PATCH 238/863] Passing for me locally?

---
 .../jenkins/security/s2m/DefaultFilePathFilterTest.java   | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/test/src/test/java/jenkins/security/s2m/DefaultFilePathFilterTest.java b/test/src/test/java/jenkins/security/s2m/DefaultFilePathFilterTest.java
index c7e3883b4a..7998e5de4d 100644
--- a/test/src/test/java/jenkins/security/s2m/DefaultFilePathFilterTest.java
+++ b/test/src/test/java/jenkins/security/s2m/DefaultFilePathFilterTest.java
@@ -25,13 +25,13 @@
 package jenkins.security.s2m;
 
 import hudson.FilePath;
+import hudson.Functions;
 import hudson.model.Slave;
 import hudson.remoting.Callable;
 import java.io.File;
-import java.io.PrintWriter;
-import java.io.StringWriter;
 
 import org.jenkinsci.remoting.RoleChecker;
+import static org.hamcrest.Matchers.*;
 import org.junit.Before;
 import org.junit.Test;
 import static org.junit.Assert.*;
@@ -67,9 +67,7 @@ public class DefaultFilePathFilterTest {
             // good
 
             // make sure that the stack trace contains the call site info to help assist diagnosis
-            StringWriter sw = new StringWriter();
-            x.printStackTrace(new PrintWriter(sw));
-            assertTrue(sw.toString().contains(DefaultFilePathFilterTest.class.getName()+".remotePath"));
+            assertThat(Functions.printThrowable(x), containsString(DefaultFilePathFilterTest.class.getName()+".remotePath"));
         }
         assertFalse(reverse.exists());
         DefaultFilePathFilter.BYPASS = true;
-- 
GitLab


From 0c872c749513fb87e1166d5067ed36c1e64b5bef Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Mon, 19 Mar 2018 17:30:33 +0100
Subject: [PATCH 239/863] [JENKINS-50237] - Whitelist
 org.apache.tools.ant.Location for serialization

(cherry picked from commit 300fbc3715f1f96a67300e22ab2dc3a7f1556746)
---
 core/src/main/resources/jenkins/security/whitelisted-classes.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/src/main/resources/jenkins/security/whitelisted-classes.txt b/core/src/main/resources/jenkins/security/whitelisted-classes.txt
index 48a9b5db69..1f69b062c2 100644
--- a/core/src/main/resources/jenkins/security/whitelisted-classes.txt
+++ b/core/src/main/resources/jenkins/security/whitelisted-classes.txt
@@ -152,6 +152,7 @@ net.bull.javamelody.internal.model.TomcatInformations
 org.acegisecurity.userdetails.User
 org.apache.commons.fileupload.disk.DiskFileItem
 org.apache.commons.fileupload.util.FileItemHeadersImpl
+org.apache.tools.ant.Location
 
 # TODO remove when git-client 2.7.1+ is widely adopted
 org.eclipse.jgit.lib.ObjectId
-- 
GitLab


From f3053efdecbac933b2ebfb752b57a7e6825b31c0 Mon Sep 17 00:00:00 2001
From: Steve Arch <sarch@cloudbees.com>
Date: Tue, 20 Mar 2018 17:16:59 +0000
Subject: [PATCH 240/863] [JENKINS-50296] Run ThreadPoolForRemoting as SYSTEM

---
 core/src/main/java/hudson/model/Computer.java | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/hudson/model/Computer.java b/core/src/main/java/hudson/model/Computer.java
index a16b96e8f5..55452e6eb1 100644
--- a/core/src/main/java/hudson/model/Computer.java
+++ b/core/src/main/java/hudson/model/Computer.java
@@ -30,7 +30,6 @@ import hudson.EnvVars;
 import hudson.Extension;
 import hudson.Launcher.ProcStarter;
 import hudson.slaves.Cloud;
-import jenkins.util.SystemProperties;
 import hudson.Util;
 import hudson.cli.declarative.CLIResolver;
 import hudson.console.AnnotatedLargeText;
@@ -65,7 +64,9 @@ import hudson.util.Futures;
 import hudson.util.NamingThreadFactory;
 import jenkins.model.Jenkins;
 import jenkins.util.ContextResettingExecutorService;
+import jenkins.util.SystemProperties;
 import jenkins.security.MasterToSlaveCallable;
+import jenkins.security.ImpersonatingExecutorService;
 
 import org.apache.commons.lang.StringUtils;
 import org.jenkins.ui.icon.Icon;
@@ -1352,9 +1353,11 @@ public /*transient*/ abstract class Computer extends Actionable implements Acces
     }
 
     public static final ExecutorService threadPoolForRemoting = new ContextResettingExecutorService(
+        new ImpersonatingExecutorService(
             Executors.newCachedThreadPool(
-                    new ExceptionCatchingThreadFactory(
-                            new NamingThreadFactory(new DaemonThreadFactory(), "Computer.threadPoolForRemoting"))));
+                new ExceptionCatchingThreadFactory(
+                    new NamingThreadFactory(
+                        new DaemonThreadFactory(), "Computer.threadPoolForRemoting"))), ACL.SYSTEM));
 
 //
 //
-- 
GitLab


From df6d291d06e1a339d388a909191961711b49708c Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Tue, 20 Mar 2018 17:22:59 -0400
Subject: [PATCH 241/863] Picking up fix caught by DefaultFilePathFilterTest.

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index c5544b74bb..fd7f3b3aa1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -104,7 +104,7 @@ THE SOFTWARE.
     <maven-war-plugin.version>3.0.0</maven-war-plugin.version> <!-- JENKINS-47127 bump when 3.2.0 is out. Cf. MWAR-407 -->
 
     <!-- Minimum Remoting version, which is tested for API compatibility -->
-    <remoting.version>3.19-20180319.205443-1</remoting.version> <!-- TODO https://github.com/jenkinsci/remoting/pull/263 -->
+    <remoting.version>3.19-20180320.212209-2</remoting.version> <!-- TODO https://github.com/jenkinsci/remoting/pull/263 -->
     <remoting.minimum.supported.version>2.60</remoting.minimum.supported.version>
 
     <!-- TODO: JENKINS-36716 - Switch to Medium once FindBugs is cleaned up, 430 issues on Mar 10, 2018 -->
-- 
GitLab


From 6b5c5d3ef3cce17223e7b07e5df4242436585cc5 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Wed, 21 Mar 2018 11:48:24 +0100
Subject: [PATCH 242/863] Address using Daniel's comments (first part) -
 improve UI/UX using repeat instead of advanced - placeholder "Default Token"
 is transformed into a real default "unique" name after generation and can be
 renamed - remove trigger of Old Data Monitor (custom monitor not yet started)
 - log (finer) the stack trace in case of deprecated call to getApiToken() -
 reduce warning to fine for deprecated usage - change the "deprecated" token
 value to "This user currently does not have a legacy token" - in case we
 revoke the legacy token from the store, the plain legacy token is now shown
 as "Legacy token was revoked" - improve confirm.js to allow developer to
 specify part of form that are not expecting confirm behavior

---
 .../jenkins/security/ApiTokenProperty.java    |  24 +--
 .../security/ApiTokenProperty/config.jelly    | 149 ++++++++++--------
 .../ApiTokenProperty/config.properties        |   3 +-
 .../security/ApiTokenProperty/resources.css   |  62 +++++---
 .../security/ApiTokenProperty/resources.js    |  61 +++++--
 .../jenkins/security/Messages.properties      |   3 +-
 core/src/main/resources/lib/form/confirm.js   |  48 ++++--
 .../resources/lib/form/validateButton.jelly   |   6 +-
 .../main/webapp/scripts/hudson-behavior.js    |   3 +
 9 files changed, 236 insertions(+), 123 deletions(-)

diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index e948f28f02..f9c45357da 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -50,8 +50,10 @@ import org.kohsuke.stapler.StaplerResponse;
 
 import java.io.IOException;
 import java.security.SecureRandom;
+import java.text.SimpleDateFormat;
 import java.util.Collection;
 import java.util.Collections;
+import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.logging.Level;
@@ -144,7 +146,10 @@ public class ApiTokenProperty extends UserProperty {
     @Nonnull
     @SuppressFBWarnings("NP_NONNULL_RETURN_VIOLATION")
     public String getApiToken() {
-        LOGGER.log(Level.WARNING, "Deprecated usage of getApiToken");
+        LOGGER.log(Level.FINE, "Deprecated usage of getApiToken");
+        if(LOGGER.isLoggable(Level.FINER)){
+            LOGGER.log(Level.FINER, "Deprecated usage of getApiToken (trace)", new Exception());
+        }
         return hasPermissionToSeeToken()
                 ? getApiTokenInsecure()
                 : Messages.ApiTokenProperty_ChangeToken_TokenIsHidden();
@@ -154,7 +159,7 @@ public class ApiTokenProperty extends UserProperty {
     @Restricted(NoExternalUse.class)
     /*package*/ String getApiTokenInsecure() {
         if(apiToken == null){
-            return "deprecated";
+            return Messages.ApiTokenProperty_NoLegacyToken();
         }
 
         String p = apiToken.getPlainText();
@@ -263,7 +268,7 @@ public class ApiTokenProperty extends UserProperty {
         // just to keep the same level of security
         user.checkPermission(Jenkins.ADMINISTER);
 
-        LOGGER.log(Level.WARNING, "Deprecated usage of changeApiToken");
+        LOGGER.log(Level.FINE, "Deprecated usage of changeApiToken");
 
         _changeApiToken();
         tokenStore.generateTokenFromLegacy(apiToken);
@@ -288,9 +293,6 @@ public class ApiTokenProperty extends UserProperty {
             // support legacy configuration
             if (apiTokenProperty.apiToken != null) {
                 apiTokenProperty.tokenStore.generateTokenFromLegacy(apiTokenProperty.apiToken);
-                //TODO save will allow the save of the hash of the legacy token 
-                // addition of a message could be nice in that API to provide more feedback to administrators
-                OldDataMonitor.report(context, "@since TODO");
             }
         }
     }
@@ -373,7 +375,7 @@ public class ApiTokenProperty extends UserProperty {
             // you are the user or you have ADMINISTER permission
             u.checkPermission(Jenkins.ADMINISTER);
 
-            LOGGER.log(Level.WARNING, "Deprecated action /changeToken used, consider using /generateNewToken instead");
+            LOGGER.log(Level.FINE, "Deprecated action /changeToken used, consider using /generateNewToken instead");
 
             ApiTokenProperty p = u.getProperty(ApiTokenProperty.class);
             if (p == null) {
@@ -396,8 +398,11 @@ public class ApiTokenProperty extends UserProperty {
                 return HttpResponses.forbidden();
             }
             
+            final String tokenName;
             if (StringUtils.isBlank(newTokenName)) {
-                return HttpResponses.errorJSON("The name cannot be empty");
+                tokenName = String.format("Token created on %s", new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssZ").format(new Date()));
+            }else{
+                tokenName = newTokenName;
             }
             
             ApiTokenProperty p = u.getProperty(ApiTokenProperty.class);
@@ -406,11 +411,12 @@ public class ApiTokenProperty extends UserProperty {
                 u.addProperty(p);
             }
             
-            ApiTokenStore.TokenIdAndPlainValue tokenIdAndPlainValue = p.tokenStore.generateNewToken(newTokenName);
+            ApiTokenStore.TokenIdAndPlainValue tokenIdAndPlainValue = p.tokenStore.generateNewToken(tokenName);
             u.save();
             
             return HttpResponses.okJSON(new HashMap<String, String>() {{ 
                 put("tokenId", tokenIdAndPlainValue.tokenId); 
+                put("tokenName", tokenName); 
                 put("tokenValue", tokenIdAndPlainValue.plainValue); 
             }});
         }
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
index 8e0e45bc2b..9ae4692983 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
@@ -28,81 +28,96 @@ THE SOFTWARE.
     <st:adjunct includes="jenkins.security.ApiTokenProperty.resources"/>
     
     <f:entry title="${%CurrentTokens(instance.tokenList.size())}" help="${descriptor.getHelpFile('tokenStore')}">
-        <ul class="token-list">
-            <j:forEach var="token" items="${instance.tokenList}">
-                <j:set var="legacyClazz" value="" />
-                <j:if test="${token.isLegacy()}">
-                    <j:set var="legacyClazz" value="legacy-token" />
-                </j:if>
-                <li class="token-list-item ${legacyClazz}" name="tokenStore">
-                    <input type="hidden" class="token-uuid-input" name="tokenUuid" value="${token.uuid}" />
-                    <f:textbox clazz="token-name" name="tokenName" value="${token.name}" />
-    
-                    <j:if test="${token.isLegacy()}">
-                        <l:icon class="icon-warning icon-sm" title="${%LegacyToken}"/>
-                    </j:if>
-                    
-                    <j:set var="daysOld" value="${token.numDaysCreation}" />
-                    <j:set var="oldClazz" value="age-ok" />
-                    <j:if test="${daysOld > 180}">
-                        <j:set var="oldClazz" value="age-mmmh" />
-                        <j:if test="${daysOld > 360}">
-                            <j:set var="oldClazz" value="age-argh" />
-                        </j:if>
-                    </j:if>
-                    <span class="token-creation ${oldClazz}">${%TokenCreation(daysOld)}</span>
-                    
-                    <span class="to-right">
-                        <j:set var="useCounter" value="${token.useCounter}" />
-                        <j:choose>
-                            <j:when test="${useCounter > 0}">
-                                <span class="token-use-counter">
-                                    ${%TokenLastUse(useCounter, token.numDaysUse)}
-                                </span>
-                            </j:when>
-                            <j:otherwise>
-                                <span class="token-use-counter">
-                                    <strong title="${%TokenNeverUsed.Title}">
-                                        <l:icon class="icon-warning icon-sm"/>
-                                        ${%TokenNeverUsed}
-                                    </strong>
-                                </span>
-                            </j:otherwise>
-                        </j:choose>
-                        <a href="#" onclick="return revokeToken(this)" class="token-revoke"
-                                    data-confirm="${%ConfirmRevokeSingle}"
-                                    data-target-url="${descriptor.descriptorFullUrl}/revoke">
-                            <l:icon class="icon-text-error icon-sm"/>
-                        </a>
-                    </span>
-                </li>
-            </j:forEach>
-            <li class="token-list-item list-empty">
+        <div class="token-list ignore-confirm-panel">
+            <div class="token-list-item token-list-empty-item ${instance.tokenList.isEmpty() ? '' : 'hidden-message'}">
                 <div class="list-empty-message">${%NoTokenYet}</div>
-            </li>
-        </ul>
+            </div>
+            <f:repeatable name="tokenStore" var="token" items="${instance.tokenList}" minimum="0"
+                          noAddButton="${!descriptor.hasCurrentUserRightToGenerateNewToken(it)}">
+                <j:choose>
+                    <j:when test="${token!=null}">
+                        <j:set var="legacyClazz" value="" />
+                        <j:if test="${token.isLegacy()}">
+                            <j:set var="legacyClazz" value="legacy-token" />
+                        </j:if>
+                        <div class="token-list-item token-list-existing-item ${legacyClazz}">
+                            <input type="hidden" class="token-uuid-input" name="tokenUuid" value="${token.uuid}" />
+                            <f:textbox clazz="token-name" name="tokenName" value="${token.name}" />
+                
+                            <j:if test="${token.isLegacy()}">
+                                <l:icon class="icon-warning icon-sm" title="${%LegacyToken}"/>
+                            </j:if>
+                
+                            <j:set var="daysOld" value="${token.numDaysCreation}" />
+                            <j:set var="oldClazz" value="age-ok" />
+                            <j:if test="${daysOld > 180}">
+                                <j:set var="oldClazz" value="age-mmmh" />
+                                <j:if test="${daysOld > 360}">
+                                    <j:set var="oldClazz" value="age-argh" />
+                                </j:if>
+                            </j:if>
+                            <span class="token-creation ${oldClazz}">${%TokenCreation(daysOld)}</span>
+                
+                            <span class="to-right">
+                                <j:set var="useCounter" value="${token.useCounter}" />
+                                <j:choose>
+                                    <j:when test="${useCounter > 0}">
+                                        <span class="token-use-counter">
+                                            ${%TokenLastUse(useCounter, token.numDaysUse)}
+                                        </span>
+                                    </j:when>
+                                    <j:otherwise>
+                                        <span class="token-use-counter">
+                                            <strong title="${%TokenNeverUsed.Title}">
+                                                <l:icon class="icon-warning icon-sm"/>
+                                                ${%TokenNeverUsed}
+                                            </strong>
+                                        </span>
+                                    </j:otherwise>
+                                </j:choose>
+                                <a href="#" onclick="return revokeToken(this)" class="token-revoke"
+                                   data-message-if-legacy-revoked="${%RevokedToken}"
+                                   data-confirm="${%ConfirmRevokeSingle}"
+                                   data-target-url="${descriptor.descriptorFullUrl}/revoke">
+                                    <l:icon class="icon-text-error icon-sm"/>
+                                </a>
+                            </span>
+                        </div>
+                    </j:when>
+                    <j:otherwise>
+                        <div class="token-list-item token-list-new-item">
+                            <input type="hidden" class="token-uuid-input" name="tokenUuid" value="${token.uuid}" />
+                            <f:textbox name="tokenName" placeholder="${%Default name}" 
+                                       style="width: 40%; display: inline-block"/>
+                            <f:textbox name="newTokenValue" value="token-value-will-be-displayed-here" 
+                                       clazz="fixed-width json-ignore" readonly="readonly" 
+                                       style="width: 40%; display: none" />
+                            <span class="yui-button token-save" style="vertical-align: baseline;">
+                                <button type="button" tabindex="0" data-target-url="${descriptor.descriptorFullUrl}/generateNewToken" onclick="saveApiToken(this)">Save</button>
+                            </span>
+                            <span class="token-cancel">
+                                <f:repeatableDeleteButton value="${%Cancel}" />
+                            </span>
+                            <a href="#" onclick="return revokeToken(this)" class="token-revoke hidden-button"
+                               data-confirm="${%ConfirmRevokeSingle}"
+                               data-target-url="${descriptor.descriptorFullUrl}/revoke">
+                                <l:icon class="icon-text-error icon-sm"/>
+                            </a>
+                            <div class="error" style="margin-top: 5px; display: none;"><!-- filled in case of error --></div>
+                            <div class="warning" style="margin-top: 5px;">${%TokenDisplayedOnce}</div>
+                        </div>
+                    </j:otherwise>
+                </j:choose>
+            </f:repeatable>
+        </div>
     </f:entry>
-
-    <j:if test="${descriptor.hasCurrentUserRightToGenerateNewToken(it)}">
-        <f:advanced title="${%Generate new API Token}" align="left">
-            <f:entry title="New Token">
-                <f:textbox name="newTokenName" placeholder="${%Default name}" style="width: 40%; display: inline-block"/>
-                <f:textbox id="newTokenValue" value="token-value-will-be-displayed-here" clazz="fixed-width" readonly="readonly" style="width: 40%; display: none" />
-                <span class="yui-button token-save" style="vertical-align: baseline;">
-                    <button type="button" tabindex="0" data-target-url="${descriptor.descriptorFullUrl}/generateNewToken" onclick="saveApiToken(this)">Save</button>
-                </span>
-                <div class="error" style="margin-top: 5px; display: none;"><!-- filled in case of error --></div>
-                <div class="warning" style="margin-top: 5px;">${%TokenDisplayedOnce}</div>
-            </f:entry>
-        </f:advanced>
-    </j:if>
     
     <j:if test="${descriptor.mustDisplayLegacyApiToken(it)}">
         <f:advanced title="${%Show Legacy API Token}" align="left">
             <f:entry title="${%Legacy API Token}" field="apiToken">
                 <f:readOnlyTextbox id="apiToken" />
             </f:entry>
-            <f:validateButton title="${%Change API Token}" method="changeToken" />
+            <f:validateButton title="${%Change API Token}" method="changeToken" clazz="ignore-confirm-panel"/>
         </f:advanced>
     </j:if>
 </j:jelly>
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
index 993ccfef3a..003d69b6fb 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
@@ -4,7 +4,8 @@ TokenLastUse=Used <b>{0}</b> time(s), last time was <b>{1}</b> day(s) ago
 TokenNeverUsed=Never used
 TokenNeverUsed.Title=If you do not plan to use it, we strongly advice you to revoke it for security reasons
 ConfirmRevokeSingle=Are you sure you want to revoke this token ? Applications that are using it will be not able to connect anymore.
-CurrentTokens=Current tokens
+CurrentTokens=Current token(s)
 TokenCreation=Created {0} day(s) ago
 RenameToken=Save the new name of the token
 LegacyToken=We strongly recommend you to revoke this Legacy API Token as it is not as secure as the others
+RevokedToken=Legacy token was revoked
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css
index 80723549e0..a54b6b567e 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css
@@ -21,69 +21,81 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  * THE SOFTWARE.
  */
-ul.token-list{
+.token-list{
     /* reset to get rid of browser default */
     margin: 0;
     padding: 0;
     
     max-width: 700px;
-    list-style: none;
     border: 1px solid #cccccc;
     border-radius: 3px;
 } 
 
-ul.token-list li.token-list-item {
+.token-list .token-list-item {
     min-height: inherit;
-    padding: 10px;
+    padding: 8px 10px;
     font-size: 13px;
     line-height: 26px;
 }
-ul.token-list li.token-list-item.legacy-token {
-    padding: 8px 5px 8px 5px;
+.token-list .token-list-item.legacy-token {
+    padding: 6px 5px 6px 5px;
     border: 2px solid #ffe262;
     border-left-width: 5px;
     border-right-width: 5px;
 }
-ul.token-list li.token-list-item.list-empty {
-    display: none;
-}
-ul.token-list li.token-list-item.list-empty:first-child {
+
+.token-list .token-list-empty-item {
     display: block;
 }
-ul.token-list li.token-list-item.list-empty .list-empty-message {
-    padding: 0 10px;
+.token-list .token-list-empty-item.hidden-message {
+    display: none;
 }
 
-/* 
- * trick to display the "empty list" message when the list is directly empty
- * or even after removing the last element 
- */
-ul.token-list li.token-list-item .token-name-input{
+.token-list .token-list-item .token-name-input{
     font-weight: bold;
 }
-ul.token-list li.token-list-item .token-creation{
+.token-list .token-list-item .token-creation{
     margin-left: 5px;
     font-size: 90%;
 }
-ul.token-list li.token-list-item .token-creation.age-ok{
+.token-list .token-list-item .token-creation.age-ok{
     color: #6d7680;
 }
-ul.token-list li.token-list-item .token-creation.age-mmmh{
+.token-list .token-list-item .token-creation.age-mmmh{
     color: #e09307;
 }
-ul.token-list li.token-list-item .token-creation.age-argh{
+.token-list .token-list-item .token-creation.age-argh{
     color: #de6868;
 }
-ul.token-list li.token-list-item .token-hide{
+.token-list .token-list-item .token-hide{
     display: none;
 }
-ul.token-list li.token-list-item .to-right{
+.token-list .token-list-item .to-right{
     float: right;
 }
-ul.token-list li.token-list-item .token-use-counter{
+.token-list .token-list-item .token-use-counter{
     font-size: 90%;
     color: #6d7680;
 }
-ul.token-list li.token-list-item .token-revoke{
+.token-list .token-list-item .token-revoke{
     margin-left: 10px;
 }
+.token-list .token-list-new-item .token-revoke{
+    float: right;
+    line-height: 32px;
+}
+.token-list .token-list-new-item .token-revoke.hidden-button{
+    display: none;
+}
+.token-list .token-list-new-item .token-cancel.hidden-button{
+    display: none;
+}
+.token-list .token-list-new-item .token-cancel .yui-button{
+    vertical-align: baseline;
+}
+.token-list .repeated-chunk {
+    border-width: 0;
+}
+.token-list .repeatable-add{
+    margin: 6px 6px 3px 6px;
+}
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js
index 01028f5844..a7bf733cd0 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js
@@ -22,20 +22,29 @@
  * THE SOFTWARE.
  */
 function revokeToken(anchorRevoke){
-    var listItemParent = anchorRevoke.up('.token-list-item');
+    var repeatedChunk = anchorRevoke.up('.repeated-chunk');
+    var tokenList = repeatedChunk.up('.token-list');
     var confirmMessage = anchorRevoke.attributes['data-confirm'].value;
     var targetUrl = anchorRevoke.attributes['data-target-url'].value;
     
-    var inputUuid = listItemParent.querySelector('input.token-uuid-input');
+    var inputUuid = repeatedChunk.querySelector('input.token-uuid-input');
     var tokenId = inputUuid.value;
 
-    console.warn('revokeToken');
     if(confirm(confirmMessage)){
         new Ajax.Request(targetUrl, {
             method: "post",
             parameters: {tokenId: tokenId},
             onSuccess: function(rsp,_) {
-                listItemParent.remove();
+                if(repeatedChunk.querySelectorAll('.legacy-token').length > 0){
+                    // we are revoking the legacy token
+                    var messageIfLegacyRevoked = anchorRevoke.attributes['data-message-if-legacy-revoked'].value;
+                    
+                    var legacyInput = document.getElementById('apiToken');
+                    legacyInput.value = messageIfLegacyRevoked;
+                }
+                repeatedChunk.remove();
+                adjustTokenEmptyListMessage(tokenList);
+                
             }
         });
     }
@@ -50,8 +59,9 @@ function saveApiToken(button){
     }
     button.addClassName('request-pending');
     var targetUrl = button.attributes['data-target-url'].value;
-    var rowParent = button.up('tr');
-    var nameInput = rowParent.querySelector('[name="newTokenName"]');
+    var repeatedChunk = button.up('.repeated-chunk ');
+    var tokenList = repeatedChunk.up('.token-list');
+    var nameInput = repeatedChunk.querySelector('[name="tokenName"]');
     var tokenName = nameInput.value;
     
     new Ajax.Request(targetUrl, {
@@ -59,7 +69,7 @@ function saveApiToken(button){
         parameters: {"newTokenName": tokenName},
         onSuccess: function(rsp,_) {
             var json = rsp.responseJSON;
-            var errorSpan = rowParent.querySelector('.error');
+            var errorSpan = repeatedChunk.querySelector('.error');
             if(json.status === 'error'){
                 errorSpan.style.display = 'block';
                 errorSpan.innerHTML = json.message;
@@ -68,16 +78,49 @@ function saveApiToken(button){
             }else{
                 errorSpan.style.display = 'none';
                 
-                nameInput.setAttribute('readonly', 'readonly');
+                var tokenName = json.data.tokenName;
+                // in case the name was empty, the application will propose a default one
+                nameInput.value = tokenName;
                 
                 var tokenValue = json.data.tokenValue;
-                var valueInput = rowParent.querySelector('#newTokenValue');
+                var valueInput = repeatedChunk.querySelector('[name="newTokenValue"]');
                 valueInput.value = tokenValue;
+                
+                var tokenUuid = json.data.tokenId;
+                var uuidInput = repeatedChunk.querySelector('[name="tokenUuid"]');
+                uuidInput.value = tokenUuid;
+                
                 valueInput.style.display = 'inline-block';
 
                 // we do not want to allow user to create twice a token using same name by mistake
                 button.remove();
+                
+                var revokeButton = repeatedChunk.querySelector('.token-revoke');
+                revokeButton.removeClassName('hidden-button');
+                
+                var cancelButton = repeatedChunk.querySelector('.token-cancel');
+                cancelButton.addClassName('hidden-button')
+                
+                repeatedChunk.addClassName('token-list-fresh-item');
+                
+                adjustTokenEmptyListMessage(tokenList);
             }
         }
     });
 }
+
+function adjustTokenEmptyListMessage(tokenList){
+    var emptyListMessage = tokenList.querySelector('.token-list-empty-item');
+
+    // number of token that are already existing or freshly created
+    var numOfToken = tokenList.querySelectorAll('.token-list-existing-item, .token-list-fresh-item').length;
+    if(numOfToken >= 1){
+        if(!emptyListMessage.hasClassName('hidden-message')){
+            emptyListMessage.addClassName('hidden-message');
+        }
+    }else{
+        if(emptyListMessage.hasClassName('hidden-message')){
+            emptyListMessage.removeClassName('hidden-message');
+        }
+    }
+}
diff --git a/core/src/main/resources/jenkins/security/Messages.properties b/core/src/main/resources/jenkins/security/Messages.properties
index f6e4f71fc6..65e16e1c2e 100644
--- a/core/src/main/resources/jenkins/security/Messages.properties
+++ b/core/src/main/resources/jenkins/security/Messages.properties
@@ -26,7 +26,8 @@ ApiTokenProperty.ChangeToken.Success=<div>Updated. See the new token in the fiel
 ApiTokenProperty.ChangeToken.SuccessHidden=<div>Updated. You need to login as the user to see the token</div>
 ApiTokenProperty.NewTokenGenerated=<div class="success">Token generated! <code>The value will not be displayed </code>anymore, please save it.</div>
 ApiTokenProperty.LegacyTokenName=Legacy Token
-ApiTokenPropertyDisabledDefaultAdministrativeMonitor.displayName=Legacy API Token  not generated by default
+ApiTokenProperty.NoLegacyToken=This user currently does not have a legacy token
+ApiTokenPropertyDisabledDefaultAdministrativeMonitor.displayName=Legacy API Token not generated by default
 ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor.displayName=Legacy API Token can be created even without existing
 RekeySecretAdminMonitor.DisplayName=Re-keying
 UpdateSiteWarningsMonitor.DisplayName=Update Site Warnings
diff --git a/core/src/main/resources/lib/form/confirm.js b/core/src/main/resources/lib/form/confirm.js
index 64f40eb267..025b6f4bb0 100644
--- a/core/src/main/resources/lib/form/confirm.js
+++ b/core/src/main/resources/lib/form/confirm.js
@@ -15,6 +15,20 @@
         return errorMessage;
       }
     }
+    
+    function isIgnoringConfirm(element){
+      if(element.hasClassName('ignore-confirm')){
+        return true;
+      }
+      // to allow sub-section of the form to ignore confirm
+      // especially useful for "pure" JavaScript area
+      var ignorePanel = element.up('.ignore-confirm-panel');
+      if(ignorePanel){
+        return true;
+      }
+      
+      return false;
+    }
 
     function isModifyingButton(btn) {
       // TODO don't consider hetero list 'add' buttons
@@ -27,6 +41,10 @@
         // don't consider 'advanced' buttons
         return false;
       }
+      
+      if(isIgnoringConfirm(btn)){
+        return false;
+      }
 
       // default to true
       return true;
@@ -45,35 +63,45 @@
       var buttons = configForm.getElementsByTagName("button");
       var name;
       for ( var i = 0; i < buttons.length; i++) {
-        name = buttons[i].parentNode.parentNode.getAttribute('name');
+        var button = buttons[i];
+        name = button.parentNode.parentNode.getAttribute('name');
         if (name == "Submit" || name == "Apply" || name == "OK") {
-          $(buttons[i]).on('click', function() {
+          $(button).on('click', function() {
             needToConfirm = false;
           });
         } else {
-          if (isModifyingButton(buttons[i])) {
-            $(buttons[i]).on('click', confirm);
+          if (isModifyingButton(button)) {
+            $(button).on('click', confirm);
           }
         }
       }
 
       var inputs = configForm.getElementsByTagName("input");
       for ( var i = 0; i < inputs.length; i++) {
-        if (inputs[i].type == 'checkbox' || inputs[i].type == 'radio') {
-          $(inputs[i]).on('click', confirm);
-        } else {
-          $(inputs[i]).on('input', confirm);
+        var input = inputs[i];
+        if(!isIgnoringConfirm(input)){
+          if (input.type == 'checkbox' || input.type == 'radio') {
+            $(input).on('click', confirm);
+          } else {
+            $(input).on('input', confirm);
+          }
         }
       }
 
       inputs = configForm.getElementsByTagName("select");
       for ( var i = 0; i < inputs.length; i++) {
-        $(inputs[i]).on('change', confirm);
+        var input = inputs[i];
+        if(!isIgnoringConfirm(input)){
+          $(input).on('change', confirm);
+        }
       }
 
       inputs = configForm.getElementsByTagName("textarea");
       for ( var i = 0; i < inputs.length; i++) {
-        $(inputs[i]).on('input', confirm);
+        var input = inputs[i];
+        if(!isIgnoringConfirm(input)){
+          $(input).on('input', confirm);
+        }
       }
     }
 
diff --git a/core/src/main/resources/lib/form/validateButton.jelly b/core/src/main/resources/lib/form/validateButton.jelly
index a0cdbfe432..28e7c1af20 100644
--- a/core/src/main/resources/lib/form/validateButton.jelly
+++ b/core/src/main/resources/lib/form/validateButton.jelly
@@ -45,10 +45,14 @@ THE SOFTWARE.
     <st:attribute name="with">
       ','-separated list of fields that are sent to the server.
     </st:attribute>
+    <st:attribute name="clazz">
+      Additional CSS class(es) to add (such as client-side validation clazz="required",
+      "number" or "positive-number"; these may be combined, as clazz="required number").
+    </st:attribute>
   </st:documentation>
   <f:entry>
     <div style="float:right">
-      <input type="button" value="${title}" class="yui-button validate-button" onclick="validateButton('${descriptor.descriptorFullUrl}/${method}','${with}',this)" />
+      <input type="button" value="${title}" class="yui-button validate-button ${attrs.clazz}" onclick="validateButton('${descriptor.descriptorFullUrl}/${method}','${with}',this)" />
     </div>
     <div style="display:none;">
       <img src="${imagesURL}/spinner.gif" /> ${attrs.progress}
diff --git a/war/src/main/webapp/scripts/hudson-behavior.js b/war/src/main/webapp/scripts/hudson-behavior.js
index aedbb069fc..ac956537ee 100644
--- a/war/src/main/webapp/scripts/hudson-behavior.js
+++ b/war/src/main/webapp/scripts/hudson-behavior.js
@@ -2515,6 +2515,9 @@ function buildFormTree(form) {
                 jsonElement = e;
                 continue;
             }
+            if(e.hasClassName('json-ignore')){
+                continue;
+            }
             if(e.tagName=="FIELDSET")
                 continue;
             if(e.tagName=="SELECT" && e.multiple) {
-- 
GitLab


From 44e15410fa023108c3544a6b3bd763439e3e6920 Mon Sep 17 00:00:00 2001
From: Steve Arch <sarch@cloudbees.com>
Date: Wed, 21 Mar 2018 10:36:35 +0000
Subject: [PATCH 243/863] [JENKINS-50296] Added test case

---
 .../src/test/java/hudson/model/ComputerTest.java | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/core/src/test/java/hudson/model/ComputerTest.java b/core/src/test/java/hudson/model/ComputerTest.java
index 6a87193f3f..ed34eca69d 100644
--- a/core/src/test/java/hudson/model/ComputerTest.java
+++ b/core/src/test/java/hudson/model/ComputerTest.java
@@ -1,9 +1,18 @@
 package hudson.model;
 
 import hudson.FilePath;
+import hudson.security.ACL;
+import jenkins.model.Jenkins;
+import org.acegisecurity.Authentication;
 import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
 
 import java.io.File;
+import java.util.concurrent.ExecutionException;
+import java.util.concurrent.Future;
+
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.is;
 
 /**
  * @author Kohsuke Kawaguchi
@@ -28,4 +37,11 @@ public class ComputerTest {
             dir.deleteRecursive();
         }
     }
+
+    @Issue("JENKINS-42556")
+    @Test
+    public void testThreadPoolForRemotingActsAsSystemUser() throws InterruptedException, ExecutionException {
+        Future<Authentication> job = Computer.threadPoolForRemoting.submit(Jenkins::getAuthentication);
+        assertThat(job.get(), is(ACL.SYSTEM));
+    }
 }
-- 
GitLab


From 7b4c7c29e6359246424a5e3bcb706e31370f0dff Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Wed, 21 Mar 2018 13:43:18 +0100
Subject: [PATCH 244/863] avoid submitting the plain token value if the user
 submit the form when there is a new token freshly saved - also remove the
 "json-ignore" which is no more required with this new approach

---
 .../jenkins/security/ApiTokenProperty/config.jelly    |  6 ++----
 .../jenkins/security/ApiTokenProperty/resources.css   | 11 +++++++++++
 .../jenkins/security/ApiTokenProperty/resources.js    |  9 +++++----
 war/src/main/webapp/scripts/hudson-behavior.js        |  3 ---
 4 files changed, 18 insertions(+), 11 deletions(-)

diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
index 9ae4692983..b5bca96b5a 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
@@ -87,11 +87,9 @@ THE SOFTWARE.
                     <j:otherwise>
                         <div class="token-list-item token-list-new-item">
                             <input type="hidden" class="token-uuid-input" name="tokenUuid" value="${token.uuid}" />
-                            <f:textbox name="tokenName" placeholder="${%Default name}" 
+                            <f:textbox name="tokenName" clazz="token-name" placeholder="${%Default name}" 
                                        style="width: 40%; display: inline-block"/>
-                            <f:textbox name="newTokenValue" value="token-value-will-be-displayed-here" 
-                                       clazz="fixed-width json-ignore" readonly="readonly" 
-                                       style="width: 40%; display: none" />
+                            <span class="new-token-value" style="width: 40%; margin-right: 2px; display: none"><!--will be filled by javascript--></span>
                             <span class="yui-button token-save" style="vertical-align: baseline;">
                                 <button type="button" tabindex="0" data-target-url="${descriptor.descriptorFullUrl}/generateNewToken" onclick="saveApiToken(this)">Save</button>
                             </span>
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css
index a54b6b567e..78f8359930 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css
@@ -93,6 +93,17 @@
 .token-list .token-list-new-item .token-cancel .yui-button{
     vertical-align: baseline;
 }
+.token-list .token-list-new-item .token-name{
+    width: 40%; 
+    display: inline-block;
+    margin-right: 2px;
+}
+.token-list .token-list-new-item .new-token-value{
+    width: 40%; 
+    display: none;
+    font-family: monospace;
+    font-size: 14px;
+}
 .token-list .repeated-chunk {
     border-width: 0;
 }
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js
index a7bf733cd0..b5b5e2cd56 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js
@@ -83,14 +83,15 @@ function saveApiToken(button){
                 nameInput.value = tokenName;
                 
                 var tokenValue = json.data.tokenValue;
-                var valueInput = repeatedChunk.querySelector('[name="newTokenValue"]');
-                valueInput.value = tokenValue;
+                var tokenValueSpan = repeatedChunk.querySelector('.new-token-value');
+                // add '&nbsp;' before the token to avoid double click that focus the input instead of the token
+                // because the html tags are glued without space by jelly
+                tokenValueSpan.innerText = '\xA0' + tokenValue;
+                tokenValueSpan.style.display = 'inline-block';
                 
                 var tokenUuid = json.data.tokenId;
                 var uuidInput = repeatedChunk.querySelector('[name="tokenUuid"]');
                 uuidInput.value = tokenUuid;
-                
-                valueInput.style.display = 'inline-block';
 
                 // we do not want to allow user to create twice a token using same name by mistake
                 button.remove();
diff --git a/war/src/main/webapp/scripts/hudson-behavior.js b/war/src/main/webapp/scripts/hudson-behavior.js
index ac956537ee..aedbb069fc 100644
--- a/war/src/main/webapp/scripts/hudson-behavior.js
+++ b/war/src/main/webapp/scripts/hudson-behavior.js
@@ -2515,9 +2515,6 @@ function buildFormTree(form) {
                 jsonElement = e;
                 continue;
             }
-            if(e.hasClassName('json-ignore')){
-                continue;
-            }
             if(e.tagName=="FIELDSET")
                 continue;
             if(e.tagName=="SELECT" && e.multiple) {
-- 
GitLab


From a7a3cc3f882b1460512c71b6b06372b2ae6374f3 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Wed, 21 Mar 2018 14:12:39 +0100
Subject: [PATCH 245/863] change from javascript &nbsp; to the correct jelly
 tag thx to Daniel

---
 .../resources/jenkins/security/ApiTokenProperty/config.jelly  | 1 +
 .../resources/jenkins/security/ApiTokenProperty/resources.css | 1 -
 .../resources/jenkins/security/ApiTokenProperty/resources.js  | 4 +---
 3 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
index b5bca96b5a..492981349d 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
@@ -89,6 +89,7 @@ THE SOFTWARE.
                             <input type="hidden" class="token-uuid-input" name="tokenUuid" value="${token.uuid}" />
                             <f:textbox name="tokenName" clazz="token-name" placeholder="${%Default name}" 
                                        style="width: 40%; display: inline-block"/>
+                            <st:nbsp /><!-- without this non-breakable space, double click on the div will put the focus on the input -->
                             <span class="new-token-value" style="width: 40%; margin-right: 2px; display: none"><!--will be filled by javascript--></span>
                             <span class="yui-button token-save" style="vertical-align: baseline;">
                                 <button type="button" tabindex="0" data-target-url="${descriptor.descriptorFullUrl}/generateNewToken" onclick="saveApiToken(this)">Save</button>
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css
index 78f8359930..89aa78aee1 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css
@@ -96,7 +96,6 @@
 .token-list .token-list-new-item .token-name{
     width: 40%; 
     display: inline-block;
-    margin-right: 2px;
 }
 .token-list .token-list-new-item .new-token-value{
     width: 40%; 
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js
index b5b5e2cd56..a3082c9751 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js
@@ -84,9 +84,7 @@ function saveApiToken(button){
                 
                 var tokenValue = json.data.tokenValue;
                 var tokenValueSpan = repeatedChunk.querySelector('.new-token-value');
-                // add '&nbsp;' before the token to avoid double click that focus the input instead of the token
-                // because the html tags are glued without space by jelly
-                tokenValueSpan.innerText = '\xA0' + tokenValue;
+                tokenValueSpan.innerText = tokenValue;
                 tokenValueSpan.style.display = 'inline-block';
                 
                 var tokenUuid = json.data.tokenId;
-- 
GitLab


From 7948315142cd8ac82ee69ab42416ea8af574860b Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 21 Mar 2018 16:21:42 -0400
Subject: [PATCH 246/863] [JENKINS-46386] Make SystemProperties safe to call
 from agent JVMs.

---
 .../java/jenkins/util/SystemProperties.java   | 64 +++++++++++--------
 .../jenkins/util/SystemPropertiesTest.java    |  2 +-
 war/src/main/webapp/WEB-INF/web.xml           |  2 +-
 3 files changed, 38 insertions(+), 30 deletions(-)

diff --git a/core/src/main/java/jenkins/util/SystemProperties.java b/core/src/main/java/jenkins/util/SystemProperties.java
index 374c4e3ffe..7eecb20975 100644
--- a/core/src/main/java/jenkins/util/SystemProperties.java
+++ b/core/src/main/java/jenkins/util/SystemProperties.java
@@ -24,7 +24,6 @@
 package jenkins.util;
 
 import edu.umd.cs.findbugs.annotations.CheckForNull;
-import edu.umd.cs.findbugs.annotations.Nullable;
 import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
 import hudson.EnvVars;
 import java.util.logging.Level;
@@ -67,34 +66,40 @@ import org.kohsuke.accmod.restrictions.NoExternalUse;
  */
 //TODO: Define a correct design of this engine later. Should be accessible in libs (remoting, stapler) and Jenkins modules too
 @Restricted(NoExternalUse.class)
-public class SystemProperties implements ServletContextListener, OnMaster {
-    // this class implements ServletContextListener and is declared in WEB-INF/web.xml
+public class SystemProperties {
 
-    /**
-     * The ServletContext to get the "init" parameters from.
-     */
-    @CheckForNull
-    private static ServletContext theContext;
+    // declared in WEB-INF/web.xml
+    public static final class Listener implements ServletContextListener, OnMaster {
+
+        /**
+         * The ServletContext to get the "init" parameters from.
+         */
+        @CheckForNull
+        private static ServletContext theContext;
+
+        /**
+         * Called by the servlet container to initialize the {@link ServletContext}.
+         */
+        @Override
+        @SuppressFBWarnings(value = "ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD",
+                justification = "Currently Jenkins instance may have one ond only one context")
+        public void contextInitialized(ServletContextEvent event) {
+            theContext = event.getServletContext();
+        }
+
+        @Override
+        public void contextDestroyed(ServletContextEvent event) {
+            theContext = null;
+        }
+
+    }
 
     /**
      * Logger.
      */
     private static final Logger LOGGER = Logger.getLogger(SystemProperties.class.getName());
 
-    /**
-     * Public for the servlet container.
-     */
-    public SystemProperties() {}
-
-    /**
-     * Called by the servlet container to initialize the {@link ServletContext}.
-     */
-    @Override
-    @SuppressFBWarnings(value = "ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD",
-            justification = "Currently Jenkins instance may have one ond only one context")
-    public void contextInitialized(ServletContextEvent event) {
-        theContext = event.getServletContext();
-    }
+    private SystemProperties() {}
 
     /**
      * Gets the system property indicated by the specified key.
@@ -373,9 +378,16 @@ public class SystemProperties implements ServletContextListener, OnMaster {
 
     @CheckForNull
     private static String tryGetValueFromContext(String key) {
-        if (StringUtils.isNotBlank(key) && theContext != null) {
+        if (!JenkinsJVM.isJenkinsJVM()) {
+            return null;
+        }
+        return doTryGetValueFromContext(key);
+    }
+
+    private static String doTryGetValueFromContext(String key) {
+        if (StringUtils.isNotBlank(key) && Listener.theContext != null) {
             try {
-                String value = theContext.getInitParameter(key);
+                String value = Listener.theContext.getInitParameter(key);
                 if (value != null) {
                     return value;
                 }
@@ -387,8 +399,4 @@ public class SystemProperties implements ServletContextListener, OnMaster {
         return null;
     }
 
-    @Override
-    public void contextDestroyed(ServletContextEvent event) {
-        // nothing to do
-    }
 }
diff --git a/test/src/test/java/jenkins/util/SystemPropertiesTest.java b/test/src/test/java/jenkins/util/SystemPropertiesTest.java
index 4a751d0a08..0a16536556 100644
--- a/test/src/test/java/jenkins/util/SystemPropertiesTest.java
+++ b/test/src/test/java/jenkins/util/SystemPropertiesTest.java
@@ -46,7 +46,7 @@ public class SystemPropertiesTest {
     
     @Before
     public void setUp() {
-        new SystemProperties().contextInitialized(new ServletContextEvent(j.jenkins.servletContext));
+        new SystemProperties.Listener().contextInitialized(new ServletContextEvent(j.jenkins.servletContext));
     }
     
     @Test
diff --git a/war/src/main/webapp/WEB-INF/web.xml b/war/src/main/webapp/WEB-INF/web.xml
index e12eab9811..2810415583 100644
--- a/war/src/main/webapp/WEB-INF/web.xml
+++ b/war/src/main/webapp/WEB-INF/web.xml
@@ -153,7 +153,7 @@ THE SOFTWARE.
 
   <listener>
     <!-- Must be before WebAppMain in order to initialize the context before the first use of this class. -->
-    <listener-class>jenkins.util.SystemProperties</listener-class>
+    <listener-class>jenkins.util.SystemProperties$Listener</listener-class>
   </listener>
   <listener>
     <listener-class>hudson.WebAppMain</listener-class>
-- 
GitLab


From b5ed977bbca76f0ff1cd09ea9767d876e98aa64e Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Thu, 22 Mar 2018 09:13:11 +0100
Subject: [PATCH 247/863] [JENKINS-50324] User without READ cannot logout - or
 even ask who they are

---
 core/src/main/java/hudson/cli/CLICommand.java |  2 +-
 .../test/java/hudson/cli/CLIActionTest.java   | 26 +++++++++++++++++++
 2 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/cli/CLICommand.java b/core/src/main/java/hudson/cli/CLICommand.java
index 5efbaf3a33..37ddbb0619 100644
--- a/core/src/main/java/hudson/cli/CLICommand.java
+++ b/core/src/main/java/hudson/cli/CLICommand.java
@@ -273,7 +273,7 @@ public abstract class CLICommand implements ExtensionPoint, Cloneable {
             if (auth==Jenkins.ANONYMOUS)
                 auth = loadStoredAuthentication();
             sc.setAuthentication(auth); // run the CLI with the right credential
-            if (!(this instanceof LoginCommand || this instanceof HelpCommand))
+            if (!(this instanceof LoginCommand || this instanceof LogoutCommand || this instanceof HelpCommand || this instanceof WhoAmICommand))
                 Jenkins.getActiveInstance().checkPermission(Jenkins.READ);
             return run();
         } catch (CmdLineException e) {
diff --git a/test/src/test/java/hudson/cli/CLIActionTest.java b/test/src/test/java/hudson/cli/CLIActionTest.java
index 0c29a2d86e..351eb7d26a 100644
--- a/test/src/test/java/hudson/cli/CLIActionTest.java
+++ b/test/src/test/java/hudson/cli/CLIActionTest.java
@@ -269,6 +269,32 @@ public class CLIActionTest {
         assertEquals(0, proc.join());
     }
 
+    @Test
+    @Issue("JENKINS-50324")
+    public void userWithoutReadCanLogout() throws Exception {
+        String userWithRead = "userWithRead";
+        String userWithoutRead = "userWithoutRead";
+        
+        File jar = tmp.newFile("jenkins-cli.jar");
+        FileUtils.copyURLToFile(j.jenkins.getJnlpJars("jenkins-cli.jar").getURL(), jar);
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        j.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy()
+                .grant(Jenkins.ADMINISTER).everywhere().to(ADMIN)
+                .grant(Jenkins.READ).everywhere().to(userWithRead)
+                // nothing to userWithoutRead
+        );
+    
+        checkCanLogout(jar, ADMIN);
+        checkCanLogout(jar, userWithRead);
+        checkCanLogout(jar, userWithoutRead);
+    }
+    
+    private void checkCanLogout(File cliJar, String userLoginAndPassword) throws Exception {
+        assertExitCode(0, false, cliJar, "-remoting", "login", "--username", userLoginAndPassword, "--password", userLoginAndPassword);
+        assertExitCode(0, false, cliJar, "-remoting", "who-am-i");
+        assertExitCode(0, false, cliJar, "-remoting", "logout");
+    }
+    
     @TestExtension("encodingAndLocale")
     public static class TestDiagnosticCommand extends CLICommand {
 
-- 
GitLab


From 41a0d6388d7d731ce677e772e156a94df044ef43 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Thu, 22 Mar 2018 11:24:31 +0100
Subject: [PATCH 248/863] add migration test using localData - also add test on
 the generate api call

---
 .../jenkins/security/ApiTokenProperty.java    |   9 +-
 .../jenkins/security/Messages.properties      |   1 +
 .../ApiTokenPropertyConfigurationTest.java    |  63 ++++
 .../security/ApiTokenPropertyTest.java        | 299 ++++++++++++++++++
 .../migrationFromLegacyToken.zip              | Bin 0 -> 1696 bytes
 5 files changed, 370 insertions(+), 2 deletions(-)
 create mode 100644 test/src/test/java/jenkins/security/ApiTokenPropertyConfigurationTest.java
 create mode 100644 test/src/test/resources/jenkins/security/ApiTokenPropertyTest/migrationFromLegacyToken.zip

diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index f9c45357da..4295b01cee 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -367,7 +367,7 @@ public class ApiTokenProperty extends UserProperty {
         }
 
         /**
-         * @deprecated use {@link #doGenerateNewToken(User, StaplerResponse, String)} instead
+         * @deprecated use {@link #doGenerateNewToken(User, String)} instead
          */
         @Deprecated
         @RequirePOST
@@ -377,6 +377,11 @@ public class ApiTokenProperty extends UserProperty {
 
             LOGGER.log(Level.FINE, "Deprecated action /changeToken used, consider using /generateNewToken instead");
 
+            if(!mustDisplayLegacyApiToken(u)){
+                // user does not have legacy token and the capability to create one without an existing one is disabled
+                return HttpResponses.html(Messages.ApiTokenProperty_ChangeToken_CapabilityNotAllowed());
+            }
+
             ApiTokenProperty p = u.getProperty(ApiTokenProperty.class);
             if (p == null) {
                 p = forceNewInstance(u, true);
@@ -393,7 +398,7 @@ public class ApiTokenProperty extends UserProperty {
         }
 
         @RequirePOST
-        public HttpResponse doGenerateNewToken(@AncestorInPath User u, StaplerResponse rsp, @QueryParameter String newTokenName) throws IOException {
+        public HttpResponse doGenerateNewToken(@AncestorInPath User u, @QueryParameter String newTokenName) throws IOException {
             if(!hasCurrentUserRightToGenerateNewToken(u)){
                 return HttpResponses.forbidden();
             }
diff --git a/core/src/main/resources/jenkins/security/Messages.properties b/core/src/main/resources/jenkins/security/Messages.properties
index 65e16e1c2e..3afacbd956 100644
--- a/core/src/main/resources/jenkins/security/Messages.properties
+++ b/core/src/main/resources/jenkins/security/Messages.properties
@@ -24,6 +24,7 @@ ApiTokenProperty.DisplayName=API Token
 ApiTokenProperty.ChangeToken.TokenIsHidden=Token is hidden
 ApiTokenProperty.ChangeToken.Success=<div>Updated. See the new token in the field above</div>
 ApiTokenProperty.ChangeToken.SuccessHidden=<div>Updated. You need to login as the user to see the token</div>
+ApiTokenProperty.ChangeToken.CapabilityNotAllowed=<div>Capability to generate a legacy token without an existing one is currently disabled in the security configuration</div>
 ApiTokenProperty.NewTokenGenerated=<div class="success">Token generated! <code>The value will not be displayed </code>anymore, please save it.</div>
 ApiTokenProperty.LegacyTokenName=Legacy Token
 ApiTokenProperty.NoLegacyToken=This user currently does not have a legacy token
diff --git a/test/src/test/java/jenkins/security/ApiTokenPropertyConfigurationTest.java b/test/src/test/java/jenkins/security/ApiTokenPropertyConfigurationTest.java
new file mode 100644
index 0000000000..1f4cf92005
--- /dev/null
+++ b/test/src/test/java/jenkins/security/ApiTokenPropertyConfigurationTest.java
@@ -0,0 +1,63 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.security;
+
+import hudson.model.User;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotEquals;
+import static org.junit.Assert.assertNull;
+
+public class ApiTokenPropertyConfigurationTest {
+    
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+    
+    @Test
+    @Issue("JENKINS-32776")
+    public void newUserTokenConfiguration() throws Exception {
+        ApiTokenPropertyConfiguration config = ApiTokenPropertyConfiguration.get();
+        
+        config.setTokenGenerationOnCreationEnabled(true);
+        {
+            User userWith = User.getById("userWith", true);
+            ApiTokenProperty withToken = userWith.getProperty(ApiTokenProperty.class);
+            assertEquals(1, withToken.getTokenList().size());
+            
+            String withTokenValue = withToken.getApiToken();
+            assertNotEquals(Messages.ApiTokenProperty_NoLegacyToken(), withTokenValue);
+        }
+        
+        config.setTokenGenerationOnCreationEnabled(false);
+        {
+            User userWithout = User.getById("userWithout", true);
+            ApiTokenProperty withoutToken = userWithout.getProperty(ApiTokenProperty.class);
+            assertNull(withoutToken);
+        }
+    }
+}
diff --git a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
index 9ee062019a..bd3f0abd7b 100644
--- a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
+++ b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
@@ -1,14 +1,23 @@
 package jenkins.security;
 
+import static org.hamcrest.Matchers.is;
+import static org.hamcrest.xml.HasXPath.hasXPath;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotEquals;
+import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertSame;
+import static org.junit.Assert.assertThat;
 import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
 
+import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
 import com.gargoylesoftware.htmlunit.HttpMethod;
+import com.gargoylesoftware.htmlunit.Page;
 import com.gargoylesoftware.htmlunit.WebRequest;
 import com.gargoylesoftware.htmlunit.html.HtmlForm;
 import com.gargoylesoftware.htmlunit.html.HtmlPage;
+import com.gargoylesoftware.htmlunit.xml.XmlPage;
 import hudson.Util;
 import hudson.model.Cause;
 import hudson.model.FreeStyleProject;
@@ -18,15 +27,21 @@ import hudson.security.ACLContext;
 import java.net.URL;
 
 import jenkins.model.Jenkins;
+import net.sf.json.JSONObject;
 import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.JenkinsRule;
 import org.jvnet.hudson.test.JenkinsRule.WebClient;
 
+import java.util.Collection;
+import java.util.List;
 import java.util.concurrent.Callable;
+import java.util.function.Predicate;
+import java.util.stream.Collectors;
 import javax.annotation.Nonnull;
 import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.recipes.LocalData;
 
 /**
  * @author Kohsuke Kawaguchi
@@ -164,4 +179,288 @@ public class ApiTokenPropertyTest {
         wc.withBasicApiToken(u);
         return wc;
     }
+    
+    @Test
+    @Issue("JENKINS-32776")
+    public void generateNewTokenWithoutName() throws Exception {
+        j.jenkins.setCrumbIssuer(null);
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+    
+        // user is still able to connect with legacy token
+        User admin = User.getById("admin", true);
+    
+        WebClient wc = j.createWebClient();
+        wc.withBasicCredentials("admin", "admin");
+        
+        GenerateNewTokenResponse token1 = generateNewToken(wc, "admin", "");
+        assertNotEquals("", token1.tokenName.trim());
+        
+        GenerateNewTokenResponse token2 = generateNewToken(wc, "admin", "New Token");
+        assertEquals("New Token", token2.tokenName);
+    }
+    
+    @Test
+    @LocalData
+    @Issue("JENKINS-32776")
+    public void migrationFromLegacyToken() throws Exception {
+        j.jenkins.setCrumbIssuer(null);
+        
+        // user is still able to connect with legacy token
+        User admin = User.getById("admin", false);
+        assertNotNull("Admin user not configured correctly in local data", admin);
+        ApiTokenProperty apiTokenProperty = admin.getProperty(ApiTokenProperty.class);
+        
+        WebClient wc = j.createWebClient();
+        wc.withBasicCredentials("admin", "admin");
+        checkUserIsConnected(wc);
+        
+        // 7be8e81ad5a350fa3f3e2acfae4adb14
+        String localLegacyToken = apiTokenProperty.getApiTokenInsecure();
+        wc = j.createWebClient();
+        wc.withBasicCredentials("admin", localLegacyToken);
+        checkUserIsConnected(wc);
+        
+        // can still renew it after (using API)
+        assertEquals(1, apiTokenProperty.getTokenList().size());
+        apiTokenProperty.changeApiToken();
+        assertEquals(1, apiTokenProperty.getTokenList().size());
+        String newLegacyToken = apiTokenProperty.getApiTokenInsecure();
+        
+        // use the new legacy api token
+        wc = j.createWebClient();
+        wc.withBasicCredentials("admin", newLegacyToken);
+        checkUserIsConnected(wc);
+        
+        // but previous one is not more usable
+        wc = j.createWebClient();
+        wc.withBasicCredentials("admin", localLegacyToken);
+        checkUserIsNotConnected(wc);
+        
+        // ===== new system =====
+        
+        // revoke the legacy
+        Collection<ApiTokenStore.HashedToken> tokenList = apiTokenProperty.getTokenList();
+        List<ApiTokenStore.HashedToken> legacyTokenList = tokenList.stream()
+                .filter(ApiTokenStore.HashedToken::isLegacy)
+                .collect(Collectors.toList());
+        assertEquals(1, legacyTokenList.size());
+        ApiTokenStore.HashedToken legacyToken = legacyTokenList.get(0);
+        String legacyUuid = legacyToken.getUuid();
+    
+        wc = j.createWebClient();
+        wc.withBasicCredentials("admin", newLegacyToken);
+        revokeToken(wc, "admin", legacyUuid);
+        
+        assertEquals(0, apiTokenProperty.getTokenList().size());
+        
+        // check it does not work any more
+        wc = j.createWebClient();
+        wc.withBasicCredentials("admin", newLegacyToken);
+        checkUserIsNotConnected(wc);
+    
+        wc = j.createWebClient();
+        wc.withBasicCredentials("admin", localLegacyToken);
+        checkUserIsNotConnected(wc);
+    
+        // ensure the user can still connect using its username / password
+        wc = j.createWebClient();
+        wc.withBasicCredentials("admin", "admin");
+        checkUserIsConnected(wc);
+        
+        // generate new token with the new system
+        wc = j.createWebClient();
+        wc.login("admin", "admin");
+        GenerateNewTokenResponse newToken = generateNewToken(wc, "admin", "New Token");
+        
+        // use the new one
+        wc = j.createWebClient();
+        wc.withBasicCredentials("admin", newToken.tokenValue);
+        checkUserIsConnected(wc);
+    }
+    
+    private void checkUserIsConnected(WebClient wc) throws Exception {
+        XmlPage xmlPage = wc.goToXml("whoAmI/api/xml");
+        assertThat(xmlPage, hasXPath("//name", is("admin")));
+        assertThat(xmlPage, hasXPath("//anonymous", is("false")));
+        assertThat(xmlPage, hasXPath("//authenticated", is("true")));
+        assertThat(xmlPage, hasXPath("//authority", is("authenticated")));
+    }
+    
+    private void checkUserIsNotConnected(WebClient wc) throws Exception {
+        try{
+            wc.goToXml("whoAmI/api/xml");
+            fail();
+        }
+        catch(FailingHttpStatusCodeException e){
+            assertEquals(401, e.getStatusCode());
+        }
+    }
+    
+    @Test
+    @Issue("JENKINS-32776")
+    public void legacyTokenChange() throws Exception {
+        j.jenkins.setCrumbIssuer(null);
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        
+        ApiTokenPropertyConfiguration config = ApiTokenPropertyConfiguration.get();
+        
+        config.setTokenGenerationOnCreationEnabled(true);
+        
+        User user = User.getById("user", true);
+        WebClient wc = j.createWebClient();
+        wc.withBasicCredentials("user", "user");
+        ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
+        
+        { // with one legacy token, we can change it using web UI or direct internal call
+            String currentLegacyToken = apiTokenProperty.getApiToken();
+            assertEquals(1, apiTokenProperty.getTokenList().size());
+            
+            config.setCreationOfLegacyTokenEnabled(true);
+            {
+                // change using web UI
+                changeLegacyToken(wc, "user", true);
+                String newLegacyToken = apiTokenProperty.getApiToken();
+                assertNotEquals(newLegacyToken, currentLegacyToken);
+                
+                // change using internal call
+                apiTokenProperty.changeApiToken();
+                String newLegacyToken2 = apiTokenProperty.getApiToken();
+                assertNotEquals(newLegacyToken2, newLegacyToken);
+                assertNotEquals(newLegacyToken2, currentLegacyToken);
+                
+                currentLegacyToken = newLegacyToken2;
+            }
+            
+            config.setCreationOfLegacyTokenEnabled(false);
+            {
+                // change using web UI
+                changeLegacyToken(wc, "user", true);
+                String newLegacyToken = apiTokenProperty.getApiToken();
+                assertNotEquals(newLegacyToken, currentLegacyToken);
+                
+                // change using internal call
+                apiTokenProperty.changeApiToken();
+                String newLegacyToken2 = apiTokenProperty.getApiToken();
+                assertNotEquals(newLegacyToken2, newLegacyToken);
+                assertNotEquals(newLegacyToken2, currentLegacyToken);
+            }
+        }
+        { // but without any legacy token, the direct internal call remains but web UI depends on config
+            revokeAllToken(wc, user);
+    
+            checkCombinationWithConfigAndMethodForLegacyTokenCreation(config, wc, user);
+        }
+        {// only the legacy token have impact on that capability
+            generateNewToken(wc, "user", "New token");
+    
+            checkCombinationWithConfigAndMethodForLegacyTokenCreation(config, wc, user);
+        }
+    }
+    
+    private void checkCombinationWithConfigAndMethodForLegacyTokenCreation(
+            ApiTokenPropertyConfiguration config, WebClient wc, User user
+    ) throws Exception {
+        ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
+        
+        config.setCreationOfLegacyTokenEnabled(true);
+        {
+            {// change using web UI
+                changeLegacyToken(wc, "user", true);
+                String newLegacyToken = apiTokenProperty.getApiToken();
+                assertNotEquals(newLegacyToken, Messages.ApiTokenProperty_ChangeToken_CapabilityNotAllowed());
+            }
+            revokeLegacyToken(wc, user);
+        
+            // always possible
+            changeTokenByDirectCall(apiTokenProperty);
+            revokeLegacyToken(wc, user);
+        }
+    
+        revokeAllToken(wc, user);
+    
+        config.setCreationOfLegacyTokenEnabled(false);
+        {
+            {// change not possible using web UI
+                changeLegacyToken(wc, "user", false);
+                String newLegacyToken = apiTokenProperty.getApiToken();
+                assertEquals(newLegacyToken, Messages.ApiTokenProperty_NoLegacyToken());
+            }
+            revokeLegacyToken(wc, user);
+        
+            // always possible
+            changeTokenByDirectCall(apiTokenProperty);
+            revokeLegacyToken(wc, user);
+        }
+    }
+    
+    private void changeTokenByDirectCall(ApiTokenProperty apiTokenProperty) throws Exception {
+        apiTokenProperty.changeApiToken();
+        String newLegacyToken = apiTokenProperty.getApiToken();
+        assertNotEquals(newLegacyToken, Messages.ApiTokenProperty_ChangeToken_CapabilityNotAllowed());
+    }
+    
+    private void revokeAllToken(WebClient wc, User user) throws Exception {
+        revokeAllTokenUsingFilter(wc, user, it -> true);
+    }
+    
+    private void revokeLegacyToken(WebClient wc, User user) throws Exception {
+        revokeAllTokenUsingFilter(wc, user, ApiTokenStore.HashedToken::isLegacy);
+    }
+    
+    private void revokeAllTokenUsingFilter(WebClient wc, User user, Predicate<ApiTokenStore.HashedToken> filter) throws Exception {
+        ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
+        List<String> uuidList = apiTokenProperty.getTokenList().stream()
+                .filter(filter)
+                .map(ApiTokenStore.HashedToken::getUuid)
+                .collect(Collectors.toList());
+        for(String uuid : uuidList){
+            revokeToken(wc, user.getId(), uuid);
+        }
+    }
+    
+    private void revokeToken(WebClient wc, String login, String tokenUuid) throws Exception {
+        WebRequest request = new WebRequest(
+                new URL(j.getURL(), "user/" + login + "/descriptorByName/" + ApiTokenProperty.class.getName() + "/revoke/?tokenId=" + tokenUuid),
+                HttpMethod.POST
+        );
+        Page p = wc.getPage(request);
+        assertEquals(200, p.getWebResponse().getStatusCode());
+    }
+    
+    private void changeLegacyToken(WebClient wc, String login, boolean success) throws Exception {
+        WebRequest request = new WebRequest(
+                new URL(j.getURL(), "user/" + login + "/descriptorByName/" + ApiTokenProperty.class.getName() + "/changeToken/"),
+                HttpMethod.POST
+        );
+        Page p = wc.getPage(request);
+        assertEquals(200, p.getWebResponse().getStatusCode());
+        if(success){
+            assertFalse(p.getWebResponse().getContentAsString().contains(Messages.ApiTokenProperty_ChangeToken_CapabilityNotAllowed()));
+        }else{
+            assertTrue(p.getWebResponse().getContentAsString().contains(Messages.ApiTokenProperty_ChangeToken_CapabilityNotAllowed()));
+        }
+    }
+    
+    public static class GenerateNewTokenResponse {
+        public String tokenId;
+        public String tokenName;
+        public String tokenValue;
+    }
+    
+    private GenerateNewTokenResponse generateNewToken(WebClient wc, String login, String tokenName) throws Exception {
+        WebRequest request = new WebRequest(
+                new URL(j.getURL(), "user/" + login + "/descriptorByName/" + ApiTokenProperty.class.getName() + "/generateNewToken/?newTokenName=" + tokenName),
+                HttpMethod.POST
+        );
+        Page p = wc.getPage(request);
+        assertEquals(200, p.getWebResponse().getStatusCode());
+        
+        String response = p.getWebResponse().getContentAsString();
+        JSONObject responseJson = JSONObject.fromObject(response);
+        Object result = responseJson.getJSONObject("data").toBean(GenerateNewTokenResponse.class);
+        return (GenerateNewTokenResponse) result;
+    }
+    
+    
+    // test no token are generated for new user with the global configuration set to false
 }
diff --git a/test/src/test/resources/jenkins/security/ApiTokenPropertyTest/migrationFromLegacyToken.zip b/test/src/test/resources/jenkins/security/ApiTokenPropertyTest/migrationFromLegacyToken.zip
new file mode 100644
index 0000000000000000000000000000000000000000..ec7a3a92265bd46515c2a1f43a60ffa185c5945c
GIT binary patch
literal 1696
zcmWIWW@Zs#U|`^2SWsK)^Zy2O=`KbFhJ0oQ1}>mza(-S~X1ZQQZcb^Cum58MfxX|u
zT`qd1^7l?&G*zIechTK<MGJCWxaRoUi0Jpl<}APP_iMJb-VzQK?~{8fKYva8a5P(c
zl5ED|sdIX}*GQ-<NFUvC=gcwl*Y_uH{>Uo%@OYo3>PZbxgU4<6xD!;fcRo3mmGzTP
z%&Tbi7RN?m;YpccB0rbJO$)8v8KtfseYX6{Ar*Vq%XjuZ($Vxgzr6BO`o?*80@==9
zF7M&HXeT`VSde1Y>q9mV6oZ@JZnF>FE&3o}we^7)%D0MDa~uE6x_@qc*wv(cG07qV
z^CfG2dQ-2Ti(mNik4(y|70$PXqmDM{gkSIe#I-n~VvBKr^|WVY^3{?`^Bk>zuQ2)l
zd`i%!Z(Rq|=9@H08GBb}8VfUT`egiRyR;<7flF}@ng2?y$k^{yD*0xW_+B};C4uvI
zoSBuMvR#!wMB@5CLy0X`TH*`#ztPm&EqLl`XD;Wi<{$s>6mAgBSSRtb@!|y@^Ft4h
z9x+RL92Ycks?!~-`1eJAUzHr?`)8<0$vN!yZjGFks<9_-=J&0;ZQj5B=3EncH1^Iy
z@i%%~mR8BfC>|83n7!dn!<MO+rakeSoqS|6%U*UzgID_(J7<294}iun14CX(i4QPR
z;eZXuDlJYeD%MA+(Tp!eQNsgQlbDj5nFm+N!SJlQ)aSV3Z{Iac3=CC3qr}iuBGS&%
zP~YNPz_jx`++d2N-^K<959>pc<}K$hICxw#nckPAuP{M1d=lgG%m3qUIv7kyxwNvq
zx%~UvUvDq3JMi3le(Ey?QPDlq^rMc}u<g*cIdy#NpS!t_f9TZb$v+He+|q9(X~QM?
z+pT7U?D^#~i^Z+^susj}GUsO9lvujfLdrw1;fhE|j?{6HA3a5>ng!0Dr74z-dqs^O
z{1r8dddM?r4fD7B^amE_!qw}<($D>I)SW(kxoqsKFs`@%mc-3>zZ~|uQ01xdt9e`2
zYgetf6Sv#ulU|+6+Fvhg<EOH1e&l>`|Jp6H_i|Z$ef4I|mpdYxkNe%oW_#?q_8a@+
z>HO<vEaDHc&3W0Sad%2f_J=tE{w;-4jC@j4nsQS-bCxc(WSl)i<iV_6N1h~a`Ia~7
zf}hy6E9^@<<!>DI`dGX*W^LH1tCN-7ZXbxgThpRCuVtRlolmXoXI{B}7ZGdkWtsHL
zMeSgUj=`<(ITJox*kAqRSJ}SNB2n6mVdDb@V?AZBtDD|WJej7_<1ovzE$Z5)fKR6v
z%}ugd<|J{rW4VXwLcvt2Cr>YREN%_?)?vV!cIo?_cFkr1ryH&7V=`ZqamVGV=BaGY
zeA1;g_gU}7YNf;}lS=r1y(-LAsh4aHOZu)lcXp-py1nKOGyZ?x!8a>l+uUsj3gS6l
zZta+LWBxM#bv;afRl}8bCMjOm&{bQZ6?1dftCD$Md{0xN_};s+<V`o%llt5J{(67w
z@_6%J!>pFLYy;NPTsPI&;_bcl&v#e{)E-J)(aC2nb>Ygh9ZiNp8XqpKezbRPcdJbF
z>)fK1PlabaX-U)7ogS!tFW!4)XKDJo^SwWE?GtX#&fS`K{z0i?P+IIanQXiN-{-z{
z6n?qR;qa5M3AMhp4^HL$mkHyDK7GOG^TPW7757%k+-HowYvA?I=O0smHzSh>1FjNL
z1)O&n85F=Ya{0&w6=P(OU|7q|^;h)ZWk&VaY$!CsY;1WEVm1SV0MP75z%m$;Gm*{h
zeWdFbaNsf{jCM}F?f-QBWkzIkG4n67xop6^3NaUwn~_cb|0^?r8R%*leY^tQbZmJZ
qIYbQ5Oh=Re$o3qc39(1XHv?=Rj1KT-1r<mPEI?QV^uGWrhz9^%b*qQ~

literal 0
HcmV?d00001

-- 
GitLab


From 7961badd9af9aa15144e4c4442d2fb1f81545ed6 Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Thu, 22 Mar 2018 11:49:29 +0100
Subject: [PATCH 249/863] [JENKINS-50164] Remove UI option to modify WS and
 builds locations

Test (almost) only: checking the previous behaviour is preserved, and
the system property is accounted for when set.
---
 core/src/main/java/jenkins/model/Jenkins.java | 31 +++++-
 .../model/JenkinsInitializationTest.java      | 98 +++++++++++++++++++
 2 files changed, 127 insertions(+), 2 deletions(-)
 create mode 100644 test/src/test/java/jenkins/model/JenkinsInitializationTest.java

diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index 15a4edce00..ce0570f509 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -399,7 +399,7 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
      * This value will be variable-expanded as per {@link #expandVariablesForDirectory}.
      * @see #getWorkspaceFor(TopLevelItem)
      */
-    private String workspaceDir = "${ITEM_ROOTDIR}/"+WORKSPACE_DIRNAME;
+    private String workspaceDir = OLD_DEFAULT_WORKSPACES_DIR;
 
     /**
      * Root directory for the builds.
@@ -846,7 +846,7 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
 
             if (!new File(root,"jobs").exists()) {
                 // if this is a fresh install, use more modern default layout that's consistent with agents
-                workspaceDir = "${JENKINS_HOME}/workspace/${ITEM_FULL_NAME}";
+                workspaceDir = DEFAULT_WORKSPACES_DIR;
             }
 
             // doing this early allows InitStrategy to set environment upfront
@@ -2404,6 +2404,11 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
         return DEFAULT_BUILDS_DIR.equals(buildsDir);
     }
 
+    @Restricted(NoExternalUse.class)
+    boolean isDefaultWorkspaceDir() {
+        return OLD_DEFAULT_WORKSPACES_DIR.equals(workspaceDir) || DEFAULT_WORKSPACES_DIR.equals(workspaceDir);
+    }
+
     private File expandVariablesForDirectory(String base, Item item) {
         return new File(expandVariablesForDirectory(base, item.getFullName(), item.getRootDir().getPath()));
     }
@@ -5054,6 +5059,28 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
      * @see #getRawBuildsDir()
      */
     private static final String DEFAULT_BUILDS_DIR = "${ITEM_ROOTDIR}/builds";
+    /**
+     * Old layout for workspaces.
+     * @see #DEFAULT_WORKSPACES_DIR
+     */
+    private static final String OLD_DEFAULT_WORKSPACES_DIR = "${ITEM_ROOTDIR}/" + WORKSPACE_DIRNAME;
+
+    /**
+     * Default value for the workspace's directories layout.
+     */
+    private static final String DEFAULT_WORKSPACES_DIR = "${JENKINS_HOME}/workspace/${ITEM_FULL_NAME}";
+
+    /**
+     * System property name to set {@link #buildsDir}.
+     * @see #getRawBuildsDir()
+     */
+    public static final String BUILDS_DIR_PROP = Jenkins.class.getName() + ".BUILDS_DIR";
+
+    /**
+     * System property name to set {@link #workspaceDir}.
+     * @see #getRawWorkspaceDir()
+     */
+    public static final String WORKSPACES_DIR_PROP = Jenkins.class.getName() + ".WORKSPACES_DIR";
 
     /**
      * Automatically try to launch an agent when Jenkins is initialized or a new agent computer is created.
diff --git a/test/src/test/java/jenkins/model/JenkinsInitializationTest.java b/test/src/test/java/jenkins/model/JenkinsInitializationTest.java
new file mode 100644
index 0000000000..f7d523b370
--- /dev/null
+++ b/test/src/test/java/jenkins/model/JenkinsInitializationTest.java
@@ -0,0 +1,98 @@
+package jenkins.model;
+
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runners.model.Statement;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.LoggerRule;
+import org.jvnet.hudson.test.RestartableJenkinsRule;
+
+import java.util.LinkedHashMap;
+import java.util.Map;
+import java.util.logging.Level;
+import java.util.stream.Stream;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+@Issue("JENKINS-50164")
+public class JenkinsInitializationTest {
+
+    private static final Map<String, String> PROPS_TO_RESTORE = new LinkedHashMap<>();
+    @Rule
+    public RestartableJenkinsRule story = new RestartableJenkinsRule();
+
+    @Rule
+    public LoggerRule loggerRule = new LoggerRule();
+
+    @BeforeClass
+    public static void beforeClass() {
+        Stream.of(Jenkins.BUILDS_DIR_PROP, Jenkins.WORKSPACES_DIR_PROP)
+                .forEach(property -> PROPS_TO_RESTORE.put(property, System.getProperty(property)));
+    }
+
+    @AfterClass
+    public static void afterClass() {
+        PROPS_TO_RESTORE.forEach((k, v) -> {
+            if (v == null) {
+                System.clearProperty(k);
+            } else {
+                System.setProperty(k, v);
+            }
+        });
+    }
+
+    @Test
+    public void buildsDir() throws Exception {
+        loggerRule.record(Jenkins.class, Level.WARNING).capture(10);
+        story.addStep(new Statement() {
+            @Override
+            public void evaluate() throws Throwable {
+                assertTrue(Jenkins.get().isDefaultBuildDir());
+                System.setProperty("jenkins.model.Jenkins.BUILDS_DIR", "blah");
+                assertFalse(logWasFound("Changing builds directories from "));
+            }
+        });
+
+        story.addStep(new Statement() {
+            @Override
+            public void evaluate() throws Throwable {
+                assertFalse(Jenkins.get().isDefaultBuildDir());
+                assertEquals("blah", story.j.getInstance().getRawBuildsDir());
+                assertTrue(logWasFound("Changing builds directories from "));
+            }
+        });
+    }
+
+    @Test
+    public void workspacesDir() throws Exception {
+        loggerRule.record(Jenkins.class, Level.WARNING).capture(10);
+        story.addStep(new Statement() {
+            @Override
+            public void evaluate() throws Throwable {
+                assertTrue(Jenkins.get().isDefaultWorkspaceDir());
+                System.setProperty("jenkins.model.Jenkins.WORKSPACES_DIR", "bluh");
+                assertFalse(logWasFound("Changing workspaces directories from "));
+            }
+        });
+
+        story.addStep(new Statement() {
+            @Override
+            public void evaluate() throws Throwable {
+                assertFalse(Jenkins.get().isDefaultBuildDir());
+                assertEquals("bluh", story.j.getInstance().getRawWorkspaceDir());
+                assertTrue(logWasFound("Changing workspaces directories from "));
+            }
+        });
+    }
+
+    private boolean logWasFound(String searched) {
+        return loggerRule.getRecords().stream()
+                .anyMatch(record -> record.getMessage().contains(searched));
+    }
+
+
+}
-- 
GitLab


From cce49e7b3cba50bd46e5b8d6c6d3182f398bc277 Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Thu, 22 Mar 2018 12:23:17 +0100
Subject: [PATCH 250/863] [JENKINS-50164] Remove UI option to modify WS and
 builds locations

Add necessary code to fix tests, and make the UI readonly.
---
 core/src/main/java/jenkins/model/Jenkins.java | 19 +++++++++++++++++++
 .../jenkins/model/Jenkins/configure.jelly     |  6 +++---
 .../model/Jenkins/help-rawBuildsDir.html      |  7 ++++++-
 .../model/Jenkins/help-rawWorkspaceDir.html   |  6 ++++++
 4 files changed, 34 insertions(+), 4 deletions(-)

diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index ce0570f509..4ec4a96b95 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -3040,6 +3040,25 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
             // load from disk
             cfg.unmarshal(Jenkins.this);
         }
+
+        setBuildsAndWorkspacesDir();
+    }
+
+    private void setBuildsAndWorkspacesDir() {
+        String newBuildsDir = SystemProperties.getString(BUILDS_DIR_PROP);
+        if (newBuildsDir != null && !buildsDir.equals(newBuildsDir)) {
+            LOGGER.log(Level.WARNING, "Changing builds directories from {0} to {1}. Beware that no automated data migration will occur.",
+                       new String[]{buildsDir, newBuildsDir});
+            buildsDir = newBuildsDir;
+        }
+
+        String newWorkspacesDir = SystemProperties.getString(WORKSPACES_DIR_PROP);
+        if (newWorkspacesDir != null && !workspaceDir.equals(newBuildsDir)) {
+            LOGGER.log(Level.WARNING, "Changing workspaces directories from {0} to {1}. Beware that no automated data migration will occur.",
+                       new String[]{workspaceDir, newWorkspacesDir});
+            workspaceDir = newWorkspacesDir;
+        }
+
     }
 
     private synchronized TaskBuilder loadTasks() throws IOException {
diff --git a/core/src/main/resources/jenkins/model/Jenkins/configure.jelly b/core/src/main/resources/jenkins/model/Jenkins/configure.jelly
index e95226abb1..32f87e43c6 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/configure.jelly
+++ b/core/src/main/resources/jenkins/model/Jenkins/configure.jelly
@@ -40,11 +40,11 @@ THE SOFTWARE.
         ${it.rootDir}
       </f:entry>
       <f:advanced>
-        <f:entry field="rawWorkspaceDir" title="${%Workspace Root Directory}">
-          <f:textbox/>
+        <f:entry field="rawWorkspaceDir" title="${%Workspace Root Directory}" >
+          <f:textbox readonly="readonly" />
         </f:entry>
         <f:entry field="rawBuildsDir" title="${%Build Record Root Directory}">
-          <f:textbox/>
+          <f:textbox readonly="readonly"/>
         </f:entry>
       </f:advanced>
       <f:entry title="${%System Message}" help="/help/system-config/systemMessage.html">
diff --git a/core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir.html b/core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir.html
index ebe0002239..7fd19290c0 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir.html
+++ b/core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir.html
@@ -1,6 +1,11 @@
 <div>
-    Specifies where Jenkins will store build records on the file system. This
+    <p><strong>This value is only modifiable using a system property.
+        To do so, pass <code>-Djenkins.model.Jenkins.BUILDS_DIR="the_value"</code>
+        to the Jenkins JVM options during startup.</strong>
+    </p>
+    <p>Specifies where Jenkins will store build records on the file system. This
     includes the console output and other metadata generated by a build.
+    </p>
     <p>
     This value may include the following variables:
     <ul>
diff --git a/core/src/main/resources/jenkins/model/Jenkins/help-rawWorkspaceDir.html b/core/src/main/resources/jenkins/model/Jenkins/help-rawWorkspaceDir.html
index 0249a88dd4..38ddd245d8 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/help-rawWorkspaceDir.html
+++ b/core/src/main/resources/jenkins/model/Jenkins/help-rawWorkspaceDir.html
@@ -1,7 +1,13 @@
 <div>
+    <p><strong>This value is only modifiable using a system property.
+        To do so, pass <code>-Djenkins.model.Jenkins.WORKSPACES_DIR="the_value"</code>
+        to the Jenkins JVM options during startup.</strong>
+    </p>
+    <p>
     Specifies where Jenkins will store workspaces for builds that are executed
     on the master.<br>
     It has no effect on builds that are executed on agents.
+    </p>
     <p>
     This value may include the following variables:
     <ul>
-- 
GitLab


From 52abfad941f1d4a33548b9d84e765be7d869e7ae Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Thu, 22 Mar 2018 14:28:37 +0100
Subject: [PATCH 251/863] [JENKINS-50237, JENKINS-49618] - Update Jenkins
 Remoting to 3.19

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index fd7f3b3aa1..168422f104 100644
--- a/pom.xml
+++ b/pom.xml
@@ -104,7 +104,7 @@ THE SOFTWARE.
     <maven-war-plugin.version>3.0.0</maven-war-plugin.version> <!-- JENKINS-47127 bump when 3.2.0 is out. Cf. MWAR-407 -->
 
     <!-- Minimum Remoting version, which is tested for API compatibility -->
-    <remoting.version>3.19-20180320.212209-2</remoting.version> <!-- TODO https://github.com/jenkinsci/remoting/pull/263 -->
+    <remoting.version>3.19</remoting.version>
     <remoting.minimum.supported.version>2.60</remoting.minimum.supported.version>
 
     <!-- TODO: JENKINS-36716 - Switch to Medium once FindBugs is cleaned up, 430 issues on Mar 10, 2018 -->
-- 
GitLab


From 99734308fedd45c105fdda1e88581f87e24ab2bd Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Thu, 22 Mar 2018 16:34:45 +0100
Subject: [PATCH 252/863] Make package visible to avoid public usage

---
 core/src/main/java/jenkins/model/Jenkins.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index 4ec4a96b95..6332164dc7 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -5093,13 +5093,13 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
      * System property name to set {@link #buildsDir}.
      * @see #getRawBuildsDir()
      */
-    public static final String BUILDS_DIR_PROP = Jenkins.class.getName() + ".BUILDS_DIR";
+    static final String BUILDS_DIR_PROP = Jenkins.class.getName() + ".BUILDS_DIR";
 
     /**
      * System property name to set {@link #workspaceDir}.
      * @see #getRawWorkspaceDir()
      */
-    public static final String WORKSPACES_DIR_PROP = Jenkins.class.getName() + ".WORKSPACES_DIR";
+    static final String WORKSPACES_DIR_PROP = Jenkins.class.getName() + ".WORKSPACES_DIR";
 
     /**
      * Automatically try to launch an agent when Jenkins is initialized or a new agent computer is created.
-- 
GitLab


From fa9326c6527ed2967531e5ad2af77cb9da6dbbb4 Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Thu, 22 Mar 2018 16:35:44 +0100
Subject: [PATCH 253/863] workspaceDir & buildDir not modifiable anymore from
 the UI!

---
 core/src/main/java/jenkins/model/Jenkins.java | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index 6332164dc7..7240d971f5 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -3659,9 +3659,6 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
 
             JSONObject json = req.getSubmittedForm();
 
-            workspaceDir = json.getString("rawWorkspaceDir");
-            buildsDir = json.getString("rawBuildsDir");
-
             systemMessage = Util.nullify(req.getParameter("system_message"));
 
             boolean result = true;
-- 
GitLab


From 819aeeb9b9b70b1dfa2f52ce13f65c7826c8f673 Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Thu, 22 Mar 2018 16:36:58 +0100
Subject: [PATCH 254/863] Remove the whole UI for buildsDir and workspaceDir

---
 .../jenkins/model/Jenkins/configure.jelly     |  8 -----
 .../model/Jenkins/help-rawBuildsDir.html      | 33 -----------------
 .../model/Jenkins/help-rawBuildsDir_bg.html   | 29 ---------------
 .../model/Jenkins/help-rawBuildsDir_it.html   | 31 ----------------
 .../model/Jenkins/help-rawBuildsDir_ja.html   | 14 --------
 .../Jenkins/help-rawBuildsDir_zh_TW.html      | 13 -------
 .../model/Jenkins/help-rawWorkspaceDir.html   | 36 -------------------
 .../Jenkins/help-rawWorkspaceDir_bg.html      | 30 ----------------
 .../Jenkins/help-rawWorkspaceDir_it.html      | 32 -----------------
 .../Jenkins/help-rawWorkspaceDir_ja.html      | 14 --------
 10 files changed, 240 deletions(-)
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir.html
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir_bg.html
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir_it.html
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir_ja.html
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir_zh_TW.html
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/help-rawWorkspaceDir.html
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/help-rawWorkspaceDir_bg.html
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/help-rawWorkspaceDir_it.html
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/help-rawWorkspaceDir_ja.html

diff --git a/core/src/main/resources/jenkins/model/Jenkins/configure.jelly b/core/src/main/resources/jenkins/model/Jenkins/configure.jelly
index 32f87e43c6..c083fdb3d4 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/configure.jelly
+++ b/core/src/main/resources/jenkins/model/Jenkins/configure.jelly
@@ -39,14 +39,6 @@ THE SOFTWARE.
       <f:entry title="${%Home directory}" help="/help/system-config/homeDirectory.html">
         ${it.rootDir}
       </f:entry>
-      <f:advanced>
-        <f:entry field="rawWorkspaceDir" title="${%Workspace Root Directory}" >
-          <f:textbox readonly="readonly" />
-        </f:entry>
-        <f:entry field="rawBuildsDir" title="${%Build Record Root Directory}">
-          <f:textbox readonly="readonly"/>
-        </f:entry>
-      </f:advanced>
       <f:entry title="${%System Message}" help="/help/system-config/systemMessage.html">
         <f:textarea name="system_message" value="${it.systemMessage}"
                     codemirror-mode="${app.markupFormatter.codeMirrorMode}" codemirror-config="${app.markupFormatter.codeMirrorConfig}" previewEndpoint="/markupFormatter/previewDescription"/>
diff --git a/core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir.html b/core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir.html
deleted file mode 100644
index 7fd19290c0..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir.html
+++ /dev/null
@@ -1,33 +0,0 @@
-<div>
-    <p><strong>This value is only modifiable using a system property.
-        To do so, pass <code>-Djenkins.model.Jenkins.BUILDS_DIR="the_value"</code>
-        to the Jenkins JVM options during startup.</strong>
-    </p>
-    <p>Specifies where Jenkins will store build records on the file system. This
-    includes the console output and other metadata generated by a build.
-    </p>
-    <p>
-    This value may include the following variables:
-    <ul>
-        <li><tt>${JENKINS_HOME}</tt> &mdash; Absolute path of the Jenkins home
-            directory
-        <li><tt>${ITEM_ROOTDIR}</tt> &mdash; Absolute path of the directory
-            where Jenkins stores the configuration and related metadata for a
-            given job
-        <li><tt>${ITEM_FULL_NAME}</tt> &mdash; The full name of a given job,
-            which may be slash-separated, e.g. <tt>foo/bar</tt> for the job
-            <tt>bar</tt> in folder <tt>foo</tt>
-    </ul>
-    The value must include <tt>${ITEM_ROOTDIR}</tt> or
-    <tt>${ITEM_FULL_NAME}</tt>, so that each job can store its build records
-    separately.
-    <p>
-    Changing this value allows you to store build records on a larger, but
-    slower disk, rather than on the same disk where builds are executed.
-    <p>
-    Any changes to this value will take effect as soon as this configuration
-    page is saved, but note that Jenkins will not automatically migrate any data
-    from the current build record root directory.
-    <p>
-    The default value is <tt>${ITEM_ROOTDIR}/builds</tt>.
-</div>
diff --git a/core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir_bg.html b/core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir_bg.html
deleted file mode 100644
index ff240d9d76..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir_bg.html
+++ /dev/null
@@ -1,29 +0,0 @@
-<div>
-    Указва мястото във файловата система, където Jenkins ще запазва
-    записите за изгражданията. Това включва изхода от конзолата, както и другите
-    метаданни, които се генерират при изграждане.
-    <p>
-    Стойността може да включва следните променливи:
-    <ul>
-        <li><tt>${JENKINS_HOME}</tt> — абсолютният път до домашната директория
-            на Jenkins;
-        <li><tt>${ITEM_ROOTDIR}</tt> — абсолютният път до директорията, в която
-            Jenkins запазва настройките и свързаните метаданни за определено
-            задание;
-        <li><tt>${ITEM_FULL_NAME}</tt> — пълното име на заданието, което може да
-            съдържа наклонени черти, напр. <tt>foo/bar</tt> за заданието
-            <tt>bar</tt> в папка <tt>foo</tt>
-    </ul>
-    Стойността трябва да включва <tt>${ITEM_ROOTDIR}</tt> или
-    <tt>${ITEM_FULL_NAME}</tt>, за да може всяко задание да запазва записите за
-    изгражданията отделно.
-    <p>
-    Можете да промените стойността, за да държите записите на по-голям, но
-    по-бавен диск в сравнение с този, на който се извършват изгражданията.
-    <p>
-    Промените по стойността ще влязат в сила веднага след подаването на тази
-    страница с настройки. Jenkins няма автоматично да мигрира каквито и да е
-    данни от текущата директория за изграждане.
-    <p>
-    Стандартната стойност е <tt>${ITEM_ROOTDIR}/builds</tt>.
-</div>
diff --git a/core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir_it.html b/core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir_it.html
deleted file mode 100644
index f1bd4dc29a..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir_it.html
+++ /dev/null
@@ -1,31 +0,0 @@
-<div>
-    Specifica la directory in cui Jenkins salverà i record di compilazione sul
-    filesystem. Essi includono l'output della console e gli altri metadati
-    generati da una compilazione.
-    <p>
-    Questo valore può includere le seguenti variabili:
-    <ul>
-        <li><tt>${JENKINS_HOME}</tt> &mdash; Percorso assoluto della directory
-            home di Jenkins
-        <li><tt>${ITEM_ROOTDIR}</tt> &mdash; Percorso assoluto della directory
-            in cui Jenkins salva la configurazione e i metadati correlati per
-            un dato processo
-        <li><tt>${ITEM_FULL_NAME}</tt> &mdash; Il nome completo di un dato
-            processo; può essere separato da barre, ad es. <tt>pippo/pluto</tt>
-            per il processo <tt>pluto</tt> nella cartella <tt>pippo</tt>
-    </ul>
-    Il valore deve includere <tt>${ITEM_ROOTDIR}</tt> o
-    <tt>${ITEM_FULL_NAME}</tt> in modo che ogni processo possa salvare
-    separatamente i propri record di compilazione.
-    <p>
-    La modifica di questo valore consente di salvare i record di compilazione
-    su un disco di maggiori dimensioni, ma più lento, anziché sullo stesso
-    disco su cui vengono eseguite le compilazioni.
-    <p>
-    Le modifiche a questo valore avranno effetto non appena questa pagina di
-    configurazione sarà stata salvata, ma si noti che Jenkins non migrerà
-    automaticamente i dati dalla directory radice corrente dei record di
-    compilazione.
-    <p>
-    Il valore predefinito è <tt>${ITEM_ROOTDIR}/builds</tt>.
-</div>
diff --git a/core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir_ja.html b/core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir_ja.html
deleted file mode 100644
index 070d6be636..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir_ja.html
+++ /dev/null
@@ -1,14 +0,0 @@
-<div>
-    過去のビルドのデータを保存する場所を指定します。
-    次の変数を使用して場所を指定することができます。
-
-    <ul>
-        <li><tt>${JENKINS_HOME}</tt> &mdash; Jenkinsのホームディレクトリ
-        <li><tt>${ITEM_ROOTDIR}</tt> &mdash; ワークスペースを配置するジョブのルートディレクトリ
-        <li><tt>${ITEM_FULL_NAME}</tt> &mdash; "foo/bar"のように、'/'区切りのジョブ名
-    </ul>
-
-    <p>
-    例えば、この値を変更することで、JENKINS_HOMEを可用性の高いバックアップされたドライブに配置しつつ、
-    ビルドのデータを大きいけれど遅いディスクに配置することも可能です。    
-    デフォルト値は、<tt>${ITEM_ROOTDIR}/builds</tt>です。
diff --git a/core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir_zh_TW.html b/core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir_zh_TW.html
deleted file mode 100644
index 8e55b40f0d..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/help-rawBuildsDir_zh_TW.html
+++ /dev/null
@@ -1,13 +0,0 @@
-<div>
-    設定 Jenkins 存放過去建置記錄的地方。可以使用下列變數:
-
-    <ul>
-        <li><code>${JENKINS_HOME}</code> &mdash; Jenkins 主目錄。
-        <li><code>${ITEM_ROOTDIR}</code> &mdash; 作業根目錄，也就是放預設工作區的地方。
-        <li><code>${ITEM_FULL_NAME}</code> &mdash; 用 '/' 隔開的作業名稱，例如 "foo/bar"。
-    </ul>
-
-    <p>
-    舉例來說，您可以將建置記錄放在較大但是沒那麼快的磁碟，而把 JENKINS_HOME 留在穩定且定期會備份的磁碟上。
-    預設值是 <code>${ITEM_ROOTDIR}/builds</code>。
-</div>
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/model/Jenkins/help-rawWorkspaceDir.html b/core/src/main/resources/jenkins/model/Jenkins/help-rawWorkspaceDir.html
deleted file mode 100644
index 38ddd245d8..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/help-rawWorkspaceDir.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<div>
-    <p><strong>This value is only modifiable using a system property.
-        To do so, pass <code>-Djenkins.model.Jenkins.WORKSPACES_DIR="the_value"</code>
-        to the Jenkins JVM options during startup.</strong>
-    </p>
-    <p>
-    Specifies where Jenkins will store workspaces for builds that are executed
-    on the master.<br>
-    It has no effect on builds that are executed on agents.
-    </p>
-    <p>
-    This value may include the following variables:
-    <ul>
-        <li><tt>${JENKINS_HOME}</tt> &mdash; Absolute path of the Jenkins home
-            directory
-        <li><tt>${ITEM_ROOTDIR}</tt> &mdash; Absolute path of the directory
-            where Jenkins stores the configuration and related metadata for a
-            given job
-        <li><tt>${ITEM_FULL_NAME}</tt> &mdash; The full name of a given job,
-            which may be slash-separated, e.g. <tt>foo/bar</tt> for the job
-            <tt>bar</tt> in folder <tt>foo</tt>
-    </ul>
-    The value should normally include <tt>${ITEM_ROOTDIR}</tt> or
-    <tt>${ITEM_FULL_NAME}</tt>, otherwise different jobs will end up sharing the
-    same workspace.
-    <p>
-    As builds tend to be disk I/O intensive, changing this value enables you to
-    put build workspaces on faster storage hardware, such as SSDs or even RAM
-    disks.
-    <p>
-    Any changes to this value will take effect as soon as this configuration
-    page is saved, but note that Jenkins will not automatically migrate any data
-    from the current workspace root directory.
-    <p>
-    The default value is <tt>${JENKINS_HOME}/workspace/${ITEM_FULLNAME}</tt>.
-</div>
diff --git a/core/src/main/resources/jenkins/model/Jenkins/help-rawWorkspaceDir_bg.html b/core/src/main/resources/jenkins/model/Jenkins/help-rawWorkspaceDir_bg.html
deleted file mode 100644
index 75967f9c18..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/help-rawWorkspaceDir_bg.html
+++ /dev/null
@@ -1,30 +0,0 @@
-<div>
-    Указва мястото във файловата система, където Jenkins ще запазва
-    изгражданията на основния компютър.<br>
-    Това не влияе на подчинените компютри.
-    <p>
-    Стойността може да включва следните променливи:
-    <ul>
-        <li><tt>${JENKINS_HOME}</tt> — абсолютният път до домашната директория
-            на Jenkins;
-        <li><tt>${ITEM_ROOTDIR}</tt> — абсолютният път до директорията, в която
-            Jenkins запазва настройките и свързаните метаданни за определено
-            задание;
-        <li><tt>${ITEM_FULL_NAME}</tt> — пълното име на заданието, което може да
-            съдържа наклонени черти, напр. <tt>foo/bar</tt> за заданието
-            <tt>bar</tt> в папка <tt>foo</tt>
-    </ul>
-    Стойността трябва да включва <tt>${ITEM_ROOTDIR}</tt> или
-    <tt>${ITEM_FULL_NAME}</tt>, за да може всяко задание да запазва
-    изгражданията отделно.
-    <p>
-    Понеже при изгражданията доминират входно-изходните операции, може да
-    смените стойността, за да ползвате по-бърз хардуер като SSDs или дори
-    дискове в RAM паметта.
-    <p>
-    Промените по стойността ще влязат в сила веднага след подаването на тази
-    страница с настройки. Jenkins няма автоматично да мигрира каквито и да е
-    данни от текущата директория за изграждане.
-    <p>
-    Стандартната стойност е <tt>${JENKINS_HOME}/workspace/${ITEM_FULLNAME}</tt>.
-</div>
diff --git a/core/src/main/resources/jenkins/model/Jenkins/help-rawWorkspaceDir_it.html b/core/src/main/resources/jenkins/model/Jenkins/help-rawWorkspaceDir_it.html
deleted file mode 100644
index 007d2df2c4..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/help-rawWorkspaceDir_it.html
+++ /dev/null
@@ -1,32 +0,0 @@
-<div>
-    Specifica la directory in cui Jenkins salverà gli spazi di lavoro per le
-    compilazioni eseguite sul master.<br>
-    Non ha influenza sulle compilazioni eseguite sugli agenti.
-    <p>
-    Questo valore può includere le seguenti variabili:
-    <ul>
-        <li><tt>${JENKINS_HOME}</tt> &mdash; Percorso assoluto della directory
-            home di Jenkins
-        <li><tt>${ITEM_ROOTDIR}</tt> &mdash; Percorso assoluto della directory
-            in cui Jenkins salva la configurazione e i metadati correlati per
-            un dato processo
-        <li><tt>${ITEM_FULL_NAME}</tt> &mdash; Il nome completo di un dato
-            processo; può essere separato da barre, ad es. <tt>pippo/pluto</tt>
-            per il processo <tt>pluto</tt> nella cartella <tt>pippo</tt>
-    </ul>
-    Il valore di norma dovrebbe includere <tt>${ITEM_ROOTDIR}</tt> o
-    <tt>${ITEM_FULL_NAME}</tt>, altrimenti processi differenti si ritroveranno
-    a condividere il medesimo spazio di lavoro.
-    <p>
-    Dal momento che le compilazioni tendono ad utilizzare in modo elevato l'I/O
-    su disco, la modifica di questo valore consente di spostare gli spazi di
-    lavoro delle compilazioni su periferiche di archiviazione più veloci, come
-    SSD o perfino dischi RAM.
-    <p>
-    Le modifiche a questo valore avranno effetto non appena questa pagina di
-    configurazione sarà stata salvata, ma si noti che Jenkins non migrerà
-    automaticamente i dati dalla directory radice corrente dello spazio di
-    lavoro.
-    <p>
-    Il valore predefinito è <tt>${JENKINS_HOME}/workspace/${ITEM_FULL_NAME}</tt>.
-</div>
diff --git a/core/src/main/resources/jenkins/model/Jenkins/help-rawWorkspaceDir_ja.html b/core/src/main/resources/jenkins/model/Jenkins/help-rawWorkspaceDir_ja.html
deleted file mode 100644
index 6967b33ac6..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/help-rawWorkspaceDir_ja.html
+++ /dev/null
@@ -1,14 +0,0 @@
-<div>
-    マスターノード上のジョブのワークスペースを配置する場所を指定します。
-    次の変数を使用して場所を指定することができます。
-
-    <ul>
-        <li><tt>${JENKINS_HOME}</tt> &mdash; Jenkinsのホームディレクトリ
-        <li><tt>${ITEM_ROOTDIR}</tt> &mdash; ワークスペースを配置するジョブのルートディレクトリ
-        <li><tt>${ITEM_FULL_NAME}</tt> &mdash; "foo/bar"のように、'/'区切りのジョブ名
-    </ul>
-
-    <p>
-    この値を変更することで、ワークスペースをSSD、SCSIあるいはRAMディスク上にワークスペースを配置することができます。
-    デフォルト値は、<tt>${JENKINS_HOME}/workspace/${ITEM_FULLNAME}</tt>です。
-</div>
-- 
GitLab


From 34bff661f2485c7adf6534d4bc1f2d7cfa566b55 Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Thu, 22 Mar 2018 16:37:23 +0100
Subject: [PATCH 255/863] Lambda-ify

---
 .../model/JenkinsInitializationTest.java      | 48 +++++++------------
 1 file changed, 18 insertions(+), 30 deletions(-)

diff --git a/test/src/test/java/jenkins/model/JenkinsInitializationTest.java b/test/src/test/java/jenkins/model/JenkinsInitializationTest.java
index f7d523b370..59fd857972 100644
--- a/test/src/test/java/jenkins/model/JenkinsInitializationTest.java
+++ b/test/src/test/java/jenkins/model/JenkinsInitializationTest.java
@@ -4,7 +4,6 @@ import org.junit.AfterClass;
 import org.junit.BeforeClass;
 import org.junit.Rule;
 import org.junit.Test;
-import org.junit.runners.model.Statement;
 import org.jvnet.hudson.test.Issue;
 import org.jvnet.hudson.test.LoggerRule;
 import org.jvnet.hudson.test.RestartableJenkinsRule;
@@ -48,44 +47,33 @@ public class JenkinsInitializationTest {
     @Test
     public void buildsDir() throws Exception {
         loggerRule.record(Jenkins.class, Level.WARNING).capture(10);
-        story.addStep(new Statement() {
-            @Override
-            public void evaluate() throws Throwable {
-                assertTrue(Jenkins.get().isDefaultBuildDir());
-                System.setProperty("jenkins.model.Jenkins.BUILDS_DIR", "blah");
-                assertFalse(logWasFound("Changing builds directories from "));
-            }
+        story.then(steps -> {
+            assertTrue(Jenkins.get().isDefaultBuildDir());
+            System.setProperty("jenkins.model.Jenkins.BUILDS_DIR", "blah");
+            assertFalse(JenkinsInitializationTest.this.logWasFound("Changing builds directories from "));
         });
 
-        story.addStep(new Statement() {
-            @Override
-            public void evaluate() throws Throwable {
-                assertFalse(Jenkins.get().isDefaultBuildDir());
-                assertEquals("blah", story.j.getInstance().getRawBuildsDir());
-                assertTrue(logWasFound("Changing builds directories from "));
-            }
-        });
+        story.then(step -> {
+                       assertFalse(Jenkins.get().isDefaultBuildDir());
+                       assertEquals("blah", story.j.getInstance().getRawBuildsDir());
+                       assertTrue(logWasFound("Changing builds directories from "));
+                   }
+        );
     }
 
     @Test
     public void workspacesDir() throws Exception {
         loggerRule.record(Jenkins.class, Level.WARNING).capture(10);
-        story.addStep(new Statement() {
-            @Override
-            public void evaluate() throws Throwable {
-                assertTrue(Jenkins.get().isDefaultWorkspaceDir());
-                System.setProperty("jenkins.model.Jenkins.WORKSPACES_DIR", "bluh");
-                assertFalse(logWasFound("Changing workspaces directories from "));
-            }
+        story.then(step -> {
+            assertTrue(Jenkins.get().isDefaultWorkspaceDir());
+            System.setProperty("jenkins.model.Jenkins.WORKSPACES_DIR", "bluh");
+            assertFalse(logWasFound("Changing workspaces directories from "));
         });
 
-        story.addStep(new Statement() {
-            @Override
-            public void evaluate() throws Throwable {
-                assertFalse(Jenkins.get().isDefaultBuildDir());
-                assertEquals("bluh", story.j.getInstance().getRawWorkspaceDir());
-                assertTrue(logWasFound("Changing workspaces directories from "));
-            }
+        story.then(step -> {
+            assertFalse(Jenkins.get().isDefaultBuildDir());
+            assertEquals("bluh", story.j.getInstance().getRawWorkspaceDir());
+            assertTrue(logWasFound("Changing workspaces directories from "));
         });
     }
 
-- 
GitLab


From 770c70a90d60fa98e0d673bbd8bdbdc4373bfe06 Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Thu, 22 Mar 2018 16:37:33 +0100
Subject: [PATCH 256/863] Better javadoc

---
 core/src/main/java/jenkins/model/Jenkins.java | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index 7240d971f5..6f68db7fb5 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -5083,6 +5083,7 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
 
     /**
      * Default value for the workspace's directories layout.
+     * @see #workspaceDir
      */
     private static final String DEFAULT_WORKSPACES_DIR = "${JENKINS_HOME}/workspace/${ITEM_FULL_NAME}";
 
-- 
GitLab


From 36fe2399e3522b45b4cf22eb207f9fac904ee4d0 Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Thu, 22 Mar 2018 17:19:15 +0100
Subject: [PATCH 257/863] Log always as INFO minimum, WARNING if values were
 changed

---
 core/src/main/java/jenkins/model/Jenkins.java |  6 ++-
 .../model/JenkinsInitializationTest.java      | 43 +++++++++++++++----
 2 files changed, 40 insertions(+), 9 deletions(-)

diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index 6f68db7fb5..20e863635e 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -3050,13 +3050,17 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
             LOGGER.log(Level.WARNING, "Changing builds directories from {0} to {1}. Beware that no automated data migration will occur.",
                        new String[]{buildsDir, newBuildsDir});
             buildsDir = newBuildsDir;
+        } else if (!isDefaultBuildDir()) {
+            LOGGER.log(Level.INFO, "Using non default builds directories: {0}.", buildsDir);
         }
 
         String newWorkspacesDir = SystemProperties.getString(WORKSPACES_DIR_PROP);
-        if (newWorkspacesDir != null && !workspaceDir.equals(newBuildsDir)) {
+        if (newWorkspacesDir != null && !workspaceDir.equals(newWorkspacesDir)) {
             LOGGER.log(Level.WARNING, "Changing workspaces directories from {0} to {1}. Beware that no automated data migration will occur.",
                        new String[]{workspaceDir, newWorkspacesDir});
             workspaceDir = newWorkspacesDir;
+        } else if (!isDefaultWorkspaceDir()) {
+            LOGGER.log(Level.INFO, "Using non default workspaces directories: {0}.", workspaceDir);
         }
 
     }
diff --git a/test/src/test/java/jenkins/model/JenkinsInitializationTest.java b/test/src/test/java/jenkins/model/JenkinsInitializationTest.java
index 59fd857972..3e5c5513da 100644
--- a/test/src/test/java/jenkins/model/JenkinsInitializationTest.java
+++ b/test/src/test/java/jenkins/model/JenkinsInitializationTest.java
@@ -46,41 +46,68 @@ public class JenkinsInitializationTest {
 
     @Test
     public void buildsDir() throws Exception {
-        loggerRule.record(Jenkins.class, Level.WARNING).capture(10);
+        loggerRule.record(Jenkins.class, Level.WARNING)
+                .record(Jenkins.class, Level.INFO)
+                .capture(100);
+
+        story.then(step -> {
+                       assertFalse(logWasFound("Using non default builds directories"));
+                   }
+        );
+
         story.then(steps -> {
-            assertTrue(Jenkins.get().isDefaultBuildDir());
+            assertTrue(story.j.getInstance().isDefaultBuildDir());
             System.setProperty("jenkins.model.Jenkins.BUILDS_DIR", "blah");
             assertFalse(JenkinsInitializationTest.this.logWasFound("Changing builds directories from "));
         });
 
         story.then(step -> {
-                       assertFalse(Jenkins.get().isDefaultBuildDir());
+                       assertFalse(story.j.getInstance().isDefaultBuildDir());
                        assertEquals("blah", story.j.getInstance().getRawBuildsDir());
                        assertTrue(logWasFound("Changing builds directories from "));
                    }
         );
+
+        story.then(step -> {
+                       assertTrue(logWasFound("Using non default builds directories"));
+                   }
+        );
     }
 
     @Test
     public void workspacesDir() throws Exception {
-        loggerRule.record(Jenkins.class, Level.WARNING).capture(10);
+        loggerRule.record(Jenkins.class, Level.WARNING)
+                .record(Jenkins.class, Level.INFO)
+                .capture(1000);
+
+        story.then(step -> {
+                       assertFalse(logWasFound("Using non default workspaces directories"));
+                   }
+        );
+
         story.then(step -> {
-            assertTrue(Jenkins.get().isDefaultWorkspaceDir());
+            assertTrue(story.j.getInstance().isDefaultWorkspaceDir());
             System.setProperty("jenkins.model.Jenkins.WORKSPACES_DIR", "bluh");
             assertFalse(logWasFound("Changing workspaces directories from "));
         });
 
         story.then(step -> {
-            assertFalse(Jenkins.get().isDefaultBuildDir());
+            assertFalse(story.j.getInstance().isDefaultWorkspaceDir());
             assertEquals("bluh", story.j.getInstance().getRawWorkspaceDir());
             assertTrue(logWasFound("Changing workspaces directories from "));
         });
+
+
+        story.then(step -> {
+                       assertFalse(story.j.getInstance().isDefaultWorkspaceDir());
+                       assertTrue(logWasFound("Using non default workspaces directories"));
+                   }
+        );
+
     }
 
     private boolean logWasFound(String searched) {
         return loggerRule.getRecords().stream()
                 .anyMatch(record -> record.getMessage().contains(searched));
     }
-
-
 }
-- 
GitLab


From 32bac4b33668b3db5501447ba6b7dfcf27f81b51 Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Thu, 22 Mar 2018 17:23:42 +0100
Subject: [PATCH 258/863] save() if fields were touched

---
 core/src/main/java/jenkins/model/Jenkins.java | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index 20e863635e..2e9030c4c6 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -3044,12 +3044,14 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
         setBuildsAndWorkspacesDir();
     }
 
-    private void setBuildsAndWorkspacesDir() {
+    private void setBuildsAndWorkspacesDir() throws IOException {
+        boolean mustSave = false;
         String newBuildsDir = SystemProperties.getString(BUILDS_DIR_PROP);
         if (newBuildsDir != null && !buildsDir.equals(newBuildsDir)) {
             LOGGER.log(Level.WARNING, "Changing builds directories from {0} to {1}. Beware that no automated data migration will occur.",
                        new String[]{buildsDir, newBuildsDir});
             buildsDir = newBuildsDir;
+            mustSave = true;
         } else if (!isDefaultBuildDir()) {
             LOGGER.log(Level.INFO, "Using non default builds directories: {0}.", buildsDir);
         }
@@ -3059,10 +3061,15 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
             LOGGER.log(Level.WARNING, "Changing workspaces directories from {0} to {1}. Beware that no automated data migration will occur.",
                        new String[]{workspaceDir, newWorkspacesDir});
             workspaceDir = newWorkspacesDir;
+            mustSave = true;
         } else if (!isDefaultWorkspaceDir()) {
             LOGGER.log(Level.INFO, "Using non default workspaces directories: {0}.", workspaceDir);
         }
 
+        if (mustSave) {
+            save();
+        }
+
     }
 
     private synchronized TaskBuilder loadTasks() throws IOException {
-- 
GitLab


From e068f242adfd6fa4040cef97c371a7731ea95b51 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Thu, 22 Mar 2018 14:55:11 -0400
Subject: [PATCH 259/863] =?UTF-8?q?Try=20to=20prevent=20NullPointerExcepti?=
 =?UTF-8?q?on=E2=80=99s=20during=20Jenkins=20shutdown.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 core/src/main/java/hudson/model/Computer.java       |  3 +++
 core/src/main/java/hudson/model/Executor.java       |  2 +-
 core/src/main/java/hudson/model/Queue.java          | 13 ++++++++++---
 .../main/java/hudson/util/PluginServletFilter.java  |  6 +++++-
 4 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/core/src/main/java/hudson/model/Computer.java b/core/src/main/java/hudson/model/Computer.java
index a16b96e8f5..932ac96aba 100644
--- a/core/src/main/java/hudson/model/Computer.java
+++ b/core/src/main/java/hudson/model/Computer.java
@@ -904,6 +904,9 @@ public /*transient*/ abstract class Computer extends Actionable implements Acces
     }
 
     private void addNewExecutorIfNecessary() {
+        if (Jenkins.getInstanceOrNull() == null) {
+            return;
+        }
         Set<Integer> availableNumbers  = new HashSet<Integer>();
         for (int i = 0; i < numExecutors; i++)
             availableNumbers.add(i);
diff --git a/core/src/main/java/hudson/model/Executor.java b/core/src/main/java/hudson/model/Executor.java
index efb2cb67dc..8c02d8ff64 100644
--- a/core/src/main/java/hudson/model/Executor.java
+++ b/core/src/main/java/hudson/model/Executor.java
@@ -144,7 +144,7 @@ public class Executor extends Thread implements ModelObject {
     public Executor(@Nonnull Computer owner, int n) {
         super("Executor #"+n+" for "+owner.getDisplayName());
         this.owner = owner;
-        this.queue = Jenkins.getInstance().getQueue();
+        this.queue = Jenkins.get().getQueue();
         this.number = n;
     }
 
diff --git a/core/src/main/java/hudson/model/Queue.java b/core/src/main/java/hudson/model/Queue.java
index 7e59e52117..a7b9dcc762 100644
--- a/core/src/main/java/hudson/model/Queue.java
+++ b/core/src/main/java/hudson/model/Queue.java
@@ -459,6 +459,9 @@ public class Queue extends ResourceController implements Saveable {
      */
     public void save() {
         if(BulkChange.contains(this))  return;
+        if (Jenkins.getInstanceOrNull() == null) {
+            return;
+        }
 
         XmlFile queueFile = new XmlFile(XSTREAM, getXMLQueueFile());
         lock.lock();
@@ -504,11 +507,11 @@ public class Queue extends ResourceController implements Saveable {
     }
 
     private File getQueueFile() {
-        return new File(Jenkins.getInstance().getRootDir(), "queue.txt");
+        return new File(Jenkins.get().getRootDir(), "queue.txt");
     }
 
     /*package*/ File getXMLQueueFile() {
-        return new File(Jenkins.getInstance().getRootDir(), "queue.xml");
+        return new File(Jenkins.get().getRootDir(), "queue.xml");
     }
 
     /**
@@ -1450,6 +1453,10 @@ public class Queue extends ResourceController implements Saveable {
      * and it also gets invoked periodically (see {@link Queue.MaintainTask}.)
      */
     public void maintain() {
+        Jenkins jenkins = Jenkins.getInstanceOrNull();
+        if (jenkins == null) {
+            return;
+        }
         lock.lock();
         try { try {
 
@@ -1460,7 +1467,7 @@ public class Queue extends ResourceController implements Saveable {
 
             {// update parked (and identify any pending items whose executor has disappeared)
                 List<BuildableItem> lostPendings = new ArrayList<BuildableItem>(pendings);
-                for (Computer c : Jenkins.getInstance().getComputers()) {
+                for (Computer c : jenkins.getComputers()) {
                     for (Executor e : c.getExecutors()) {
                         if (e.isInterrupted()) {
                             // JENKINS-28840 we will deadlock if we try to touch this executor while interrupt flag set
diff --git a/core/src/main/java/hudson/util/PluginServletFilter.java b/core/src/main/java/hudson/util/PluginServletFilter.java
index 7f7172240a..08ab061511 100644
--- a/core/src/main/java/hudson/util/PluginServletFilter.java
+++ b/core/src/main/java/hudson/util/PluginServletFilter.java
@@ -166,7 +166,11 @@ public class PluginServletFilter implements Filter, ExtensionPoint {
 
     @Restricted(NoExternalUse.class)
     public static void cleanUp() {
-        PluginServletFilter instance = getInstance(Jenkins.getInstance().servletContext);
+        Jenkins jenkins = Jenkins.getInstanceOrNull();
+        if (jenkins == null) {
+            return;
+        }
+        PluginServletFilter instance = getInstance(jenkins.servletContext);
         if (instance != null) {
             // While we could rely on the current implementation of list being a CopyOnWriteArrayList
             // safer to just take an explicit copy of the list and operate on the copy
-- 
GitLab


From d09fc3a5521ad3fba446e36002ef4fc58d5f9bf9 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Wed, 14 Feb 2018 20:31:35 +0100
Subject: [PATCH 260/863] Merge pull request #3286 from
 vStone/feature/JENKINS-49496-dutch-translation-security-fix

[JENKINS-49498]: Fix poorly translated sign-up string (dutch)

(cherry picked from commit 59bfe03ebe70eafaeb057aa0a0c0184e2097a8c9)
---
 .../security/HudsonPrivateSecurityRealm/config_nl.properties    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/config_nl.properties b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/config_nl.properties
index b0d875026f..b2202d9d9e 100644
--- a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/config_nl.properties
+++ b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/config_nl.properties
@@ -20,4 +20,4 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Allow\ users\ to\ sign\ up=Sta gebruikers toe in te loggen
+Allow\ users\ to\ sign\ up=Sta gebruikers toe zichzelf te registreren
-- 
GitLab


From 96c52d901bda669eea6eff7c4f57e7032be1e4d5 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sat, 24 Feb 2018 11:40:53 +0100
Subject: [PATCH 261/863] Merge pull request #3303 from recena/JENKINS-49634

[JENKINS-49634] Wrong escaping of quotes in the Setup Wizard

(cherry picked from commit dcb1bcd540ae2b5612f31335ba2bd80a65203303)
---
 .../install/pluginSetupWizard.properties      |  6 +-
 .../install/pluginSetupWizard_it.properties   | 57 +++++++++----------
 2 files changed, 31 insertions(+), 32 deletions(-)

diff --git a/core/src/main/resources/jenkins/install/pluginSetupWizard.properties b/core/src/main/resources/jenkins/install/pluginSetupWizard.properties
index 01ab65a992..ff6ff7e931 100644
--- a/core/src/main/resources/jenkins/install/pluginSetupWizard.properties
+++ b/core/src/main/resources/jenkins/install/pluginSetupWizard.properties
@@ -39,12 +39,12 @@ installWizard_installComplete_installComplete_restartRequiredNotSupportedMessage
 installWizard_installComplete_restartLabel=Restart
 installWizard_installIncomplete_title=Resume Installation
 installWizard_installIncomplete_banner=Resume Installation
-installWizard_installIncomplete_message=Jenkins was restarted during installation and some plugins didn''t seem to get installed.
+installWizard_installIncomplete_message=Jenkins was restarted during installation and some plugins did not seem to get installed.
 installWizard_installIncomplete_resumeInstallationButtonLabel=Resume
 installWizard_saveFirstUser=Save and Finish
 installWizard_skipFirstUser=Continue as admin
 installWizard_firstUserSkippedMessage=<div class="alert alert-warning fade in">\
-You''ve skipped creating an admin user. To log in, use the username: "admin" and \
+You have skipped creating an admin user. To log in, use the username: "admin" and \
 the administrator password you used to access the setup wizard.\
 </div>
 installWizard_addFirstUser_title=Getting Started
@@ -63,7 +63,7 @@ installWizard_continue=Continue
 installWizard_retry=Retry
 installWizard_upgradePanel_title=Upgrade
 installWizard_upgradePanel_banner=Welcome to Jenkins {0}!
-installWizard_upgradePanel_message=Jenkins {0} includes some great new features that we think you''ll love, install these additional plugins to take advantage of them!
+installWizard_upgradePanel_message=Jenkins {0} includes some great new features that we think you will love, install these additional plugins to take advantage of them!
 installWizard_upgradePanel_skipRecommendedPlugins=No thanks
 installWizard_upgradeComplete_title=Upgrade
 installWizard_pluginsInstalled_banner=Welcome to Jenkins {0}!
diff --git a/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties b/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties
index 3f0df826dc..88bd823565 100644
--- a/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties
+++ b/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties
@@ -1,52 +1,51 @@
 installWizard_welcomePanel_title=Per iniziare
 installWizard_welcomePanel_banner=Personalizza Jenkins
-installWizard_welcomePanel_message=I plugin estendono Jenkins con funzionalit� aggiuntive per far fronte a molte necessit� differenti.
+installWizard_welcomePanel_message=I plugin estendono Jenkins con funzionalit\u00E0 aggiuntive per far fronte a molte necessit\u00E0 differenti.
 installWizard_welcomePanel_recommendedActionTitle=Installa plugin consigliati
-installWizard_welcomePanel_recommendedActionDetails=Installa i plugin che la comunit� di Jenkins ritiene maggiormente utili.
+installWizard_welcomePanel_recommendedActionDetails=Installa i plugin che la comunit\u00E0 di Jenkins ritiene maggiormente utili.
 installWizard_welcomePanel_customizeActionTitle=Seleziona i plugin da installare
-installWizard_welcomePanel_customizeActionDetails=Seleziona e installa i plugin pi� adatti per le proprie necessit�.
-installWizard_jenkinsVersionTitle=Jenkins 
+installWizard_welcomePanel_customizeActionDetails=Seleziona e installa i plugin pi\u00F9 adatti per le proprie necessit\u00E0.
+installWizard_jenkinsVersionTitle=Jenkins
 installWizard_offline_title=Non in linea
-installWizard_offline_message=Sembra che quest''istanza di Jenkins non sia in linea. \
+installWizard_offline_message=Sembra che questa istanza di Jenkins non sia in linea. \
 <p style="font-size:18px; margin-top: 6%"> \
-Per informazioni sull''installazione di Jenkins in assenza di una connessione a Internet, si veda la \
-<a href="https://jenkins.io/redirect/offline-installation" target="_blank">documentazione sull''installazione non in linea di Jenkins</a>. <br/><br/> \
-� possibile scegliere di continuare configurando un proxy o ignorando l''installazione dei plugin. \
-</p>
-installWizard_error_header=Si � verificato un errore
-installWizard_error_message=Si � verificato un errore durante l''installazione:
+Per informazioni sul processo di installazione Jenkins in assenza di una connessione a Internet, si veda la \
+<a href="https://jenkins.io/redirect/offline-installation" target="_blank">relativa documentazione</a>. <br/><br/> \
+\u00C8 possibile scegliere di continuare configurando un proxy o saltando la parte di installazione dei plugins.</p>
+installWizard_error_header=Si \u00E8 verificato un errore
+installWizard_error_message=Si \u00E8 verificato un errore durante il processo di installazione:
 installWizard_error_connection=Impossibile connettersi a Jenkins
-installWizard_error_restartNotSupported=Il riavvio non � supportato, riavviare manualmente quest''istanza
+installWizard_error_restartNotSupported=Il riavvio non \u00E8 supportato, riavviare manualmente questa istanza
 installWizard_installCustom_title=Per iniziare
 installWizard_installCustom_selectAll=Tutti
 installWizard_installCustom_selectNone=Nessuno
 installWizard_installCustom_selectRecommended=Suggeriti
 installWizard_installCustom_selected=Selezionati
 installWizard_installCustom_dependenciesPrefix=Dipendenze
-installWizard_installCustom_pluginListDesc=Si noti che qui non viene visualizzato l''elenco completo dei plugin. � possibile installare plugin aggiuntivi nel <strong>Gestore plugin</strong> una volta completata l''installazione iniziale. <a href="https://jenkins.io/redirect/installation-wizard" target="_blank">Si veda il Wiki per ulteriori informazioni</a>.
+installWizard_installCustom_pluginListDesc=Si noti che qui non viene visualizzata la lista completa di plugins. \u00C8 possibile installare plugin aggiuntivi nel <strong>Gestore plugin</strong> una volta completata la fase di installazione iniziale. <a href="https://jenkins.io/redirect/installation-wizard" target="_blank">Si veda il Wiki per ulteriori informazioni</a>.
 installWizard_goBack=Indietro
 installWizard_goInstall=Installa
 installWizard_installing_title=Per iniziare
 installWizard_installing_detailsLink=Dettagli...
 installWizard_installComplete_title=Per iniziare
-installWizard_installComplete_banner=Jenkins � pronto!
-installWizard_installComplete_bannerRestart=Jenkins � quasi pronto!
-installWizard_pluginsInstalled_message=L''installazione dei plugin � stata completata.
-installWizard_installComplete_message=L''installazione di Jenkins � stata completata.
+installWizard_installComplete_banner=Jenkins \u00E8 pronto!
+installWizard_installComplete_bannerRestart=Jenkins \u00E8 quasi pronto!
+installWizard_pluginsInstalled_message=Installazione dei plugins completata.
+installWizard_installComplete_message=Installazione di Jenkins completata.
 installWizard_installComplete_finishButtonLabel=Inizia a utilizzare Jenkins
-installWizard_installComplete_installComplete_restartRequiredMessage=L''installazione di Jenkins � stata completata, ma alcuni plugin richiedono il riavvio di Jenkins.
-installWizard_installComplete_installComplete_restartRequiredNotSupportedMessage=L''installazione di Jenkins � stata completata, ma alcuni plugin richiedono il riavvio di Jenkins e sembra che quest''istanza non supporti il riavvio automatico. Riavviare manualmente quest''istanza ora per completare l''installazione.
+installWizard_installComplete_installComplete_restartRequiredMessage=Installazione di Jenkins completata, ma alcuni plugin richiedono il riavvio di Jenkins.
+installWizard_installComplete_installComplete_restartRequiredNotSupportedMessage=Installazione di Jenkins completata, ma alcuni plugin richiedono il riavvio di Jenkins e sembra che questa istanza non supporti il riavvio automatico. Riavviare manualmente questa istanza ora per completare l''installazione.
 installWizard_installComplete_restartLabel=Riavvia
 installWizard_installIncomplete_title=Riprendi installazione
 installWizard_installIncomplete_banner=Riprendi installazione
-installWizard_installIncomplete_message=Jenkins � stato riavviato durante l''installazione e sembra che alcuni plugin non siano stati installati.
+installWizard_installIncomplete_message=Jenkins \u00E8 stato riavviato durante il processo di installazione e sembra che alcuni plugin non siano stati installati.
 installWizard_installIncomplete_resumeInstallationButtonLabel=Riprendi
 installWizard_saveFirstUser=Salva e finisci
 installWizard_skipFirstUser=Continua come amministratore
 installWizard_firstUserSkippedMessage=<div class="alert alert-warning fade in">\
-Si � ignorata la creazione di un utente amministratore. Per eseguire l''accesso, \
-utilizzare il nome utente ''admin'' e la password di amministratore utilizzata \
-per accedere alla procedura guidata di installazione.\
+Si \u00E8 ignorata la creazione di un utente amministratore. Per accedere, \
+utilizzare il nome utente <pre>admin</pre> e la password di amministratore utilizzata \
+durante la procedura guidata di installazione.\
 </div>
 installWizard_addFirstUser_title=Per iniziare
 installWizard_configureProxy_label=Configura proxy
@@ -58,21 +57,21 @@ installWizard_installIncomplete_dependenciesLabel=Dipendenze
 installWizard_installingConsole_dependencyIndicatorNote=** - dipendenza obbligatoria
 installWizard_websiteLinkLabel=Sito Web
 installWizard_pluginInstallFailure_title=Errori di installazione
-installWizard_pluginInstallFailure_message=Alcuni plugin non sono stati installati correttamente, � possibile riprovare ad installarli o continuare mantenendo i plugin la cui installazione non � riuscita
+installWizard_pluginInstallFailure_message=Alcuni plugin non sono stati installati correttamente, \u00E8 possibile riprovare ad installarli o continuare mantenendo i plugin la cui installazione non \u00E8 riuscita
 installWizard_continue=Continua
 installWizard_retry=Riprova
 installWizard_upgradePanel_title=Aggiorna
 installWizard_upgradePanel_banner=Benvenuto in Jenkins {0}!
-installWizard_upgradePanel_message=Jenkins {0} include nuove funzionalit� che pensiamo possano piacere, si installino questi plugin aggiuntivi per sfruttarle!
+installWizard_upgradePanel_message=Jenkins {0} include nuove funzionalit\u00E0 che pensiamo possano piacere, si installino questi plugin aggiuntivi per sfruttarle!
 installWizard_upgradePanel_skipRecommendedPlugins=No, grazie
 installWizard_upgradeComplete_title=Aggiorna
 installWizard_pluginsInstalled_banner=Benvenuto in Jenkins {0}!
-installWizard_upgradeComplete_message=Congratulazioni! Si � effettuato l''aggiornamento a Jenkins {0}.</p><p>Per saperne di pi� sulle sue nuove funzionalit�, si visiti <a target="_blank" href="https://jenkins.io/2.0/">il sito Web di Jenkins</a>!
+installWizard_upgradeComplete_message=Congratulazioni! Si \u00E8 effettuato l'aggiornamento a Jenkins {0}.</p><p>Per saperne di pi\u00F9 sulle sue nuove funzionalit\u00E0, si visiti <a target="_blank" href="https://jenkins.io/2.0/">il sito Web di Jenkins</a>!
 installWizard_upgradeSkipped_title=Aggiorna
-installWizard_upgradeSkipped_banner=Funzionalit� non installate
+installWizard_upgradeSkipped_banner=Funzionalit\u00E0 non installate
 installWizard_upgradeSkipped_message=<div class="alert alert-warning fade in">I plugin consigliati non saranno installati.</div> \
-<p style="padding: 0 4px">� possibile installare le nuove funzionalit� anche dal Gestore plugin nel caso in cui si cambi idea.</p> \
-<p style="padding: 0 4px">Si scopra come queste nuove funzionalit� possano migliorare l''esperienza Jenkins \
+<p style="padding: 0 4px">\u00C8 possibile installare le nuove funzionalit\u00E0 anche dal Gestore plugin nel caso in cui si cambi idea.</p> \
+<p style="padding: 0 4px">Si scopra come queste nuove funzionalit\u00E0 possano migliorare l'esperienza Jenkins \
 <a target="_blank" href="https://jenkins.io/2.0/">visitando la pagina iniziale</a>.</p>
 installWizard_upgrading_title=Installazione plugin in corso
 installWizard_upgradeComplete_finishButtonLabel=Fine
-- 
GitLab


From 8c975f11c5a366b1693ed2be04e184a714cf2f84 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20Gond=C5=BEa?= <ogondza@gmail.com>
Date: Fri, 23 Feb 2018 20:30:37 +0100
Subject: [PATCH 262/863] [FIX JENKINS-30909] Make sure queue is persisted
 reliably (#3244)

* [FIX JENKINS-30909] Make sure queue is persisted reliably

* Fix tests on Windows

* Ensure Saver is thread-safe

(cherry picked from commit 72a7529a119b2be6b3ff93d63688ee6973404236)
---
 core/src/main/java/hudson/model/Queue.java    |  78 ++++++-
 test/pom.xml                                  |   2 +-
 .../java/hudson/model/QueueRestartTest.java   |  89 ++++++++
 .../src/test/java/hudson/model/QueueTest.java |  19 ++
 .../model/QueueTest/load_queue_xml/config.xml |  48 +++++
 .../load_queue_xml/jobs/a/config.xml          |  18 ++
 .../load_queue_xml/jobs/b/config.xml          |  18 ++
 .../load_queue_xml/jobs/c/config.xml          |  18 ++
 .../load_queue_xml/jobs/d/config.xml          |  18 ++
 .../load_queue_xml/jobs/e/config.xml          |  18 ++
 .../load_queue_xml/jobs/f/config.xml          |  18 ++
 .../load_queue_xml/jobs/g/config.xml          |  18 ++
 .../load_queue_xml/jobs/h/config.xml          |  18 ++
 .../load_queue_xml/jobs/i/config.xml          |  18 ++
 .../load_queue_xml/jobs/j/config.xml          |  18 ++
 .../load_queue_xml/jobs/k/config.xml          |  18 ++
 .../model/QueueTest/load_queue_xml/queue.xml  | 193 ++++++++++++++++++
 17 files changed, 625 insertions(+), 2 deletions(-)
 create mode 100644 test/src/test/java/hudson/model/QueueRestartTest.java
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/a/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/b/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/c/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/d/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/e/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/f/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/g/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/h/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/i/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/j/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/k/config.xml
 create mode 100644 test/src/test/resources/hudson/model/QueueTest/load_queue_xml/queue.xml

diff --git a/core/src/main/java/hudson/model/Queue.java b/core/src/main/java/hudson/model/Queue.java
index 6ad10d5f81..7e59e52117 100644
--- a/core/src/main/java/hudson/model/Queue.java
+++ b/core/src/main/java/hudson/model/Queue.java
@@ -24,10 +24,12 @@
  */
 package hudson.model;
 
+import com.google.common.annotations.VisibleForTesting;
 import com.google.common.cache.Cache;
 import com.google.common.cache.CacheBuilder;
 import com.infradna.tool.bridge_method_injector.WithBridgeMethods;
 import hudson.BulkChange;
+import hudson.Extension;
 import hudson.ExtensionList;
 import hudson.ExtensionPoint;
 import hudson.Util;
@@ -64,7 +66,10 @@ import hudson.model.queue.WorkUnitContext;
 import hudson.security.ACL;
 import hudson.security.AccessControlled;
 import java.nio.file.Files;
+
+import hudson.util.Futures;
 import jenkins.security.QueueItemAuthenticatorProvider;
+import jenkins.util.SystemProperties;
 import jenkins.util.Timer;
 import hudson.triggers.SafeTimerTask;
 import java.util.concurrent.TimeUnit;
@@ -93,7 +98,6 @@ import java.util.NoSuchElementException;
 import java.util.Set;
 import java.util.TreeSet;
 import java.util.concurrent.Callable;
-import java.util.concurrent.TimeUnit;
 import java.util.concurrent.Future;
 import java.util.concurrent.atomic.AtomicLong;
 import java.util.concurrent.locks.Condition;
@@ -102,6 +106,7 @@ import java.util.logging.Level;
 import java.util.logging.Logger;
 
 import javax.annotation.Nonnull;
+import javax.annotation.concurrent.GuardedBy;
 import javax.servlet.ServletException;
 
 import jenkins.model.Jenkins;
@@ -3009,4 +3014,75 @@ public class Queue extends ResourceController implements Saveable {
     public static void init(Jenkins h) {
         h.getQueue().load();
     }
+
+    /**
+     * Schedule <tt>Queue.save()</tt> call for near future once items change. Ignore all changes until the time the save
+     * takes place.
+     *
+     * Once queue is restored after a crash, items stages might not be accurate until the next #maintain() - this is not
+     * a problem as the items will be reshuffled first and then scheduled during the next maintainance cycle.
+     *
+     * Implementation note: Queue.load() calls QueueListener hooks for every item deserialized that can hammer the persistance
+     * on load. The problem is avoided by delaying the actual save for the time long enough for queue to load so the save
+     * operations will collapse into one. Also, items are persisted as buildable or blocked in vast majority of cases and
+     * those stages does not trigger the save here.
+     */
+    @Extension
+    @Restricted(NoExternalUse.class)
+    public static final class Saver extends QueueListener implements Runnable {
+
+        /**
+         * All negative values will disable periodic saving.
+         */
+        @VisibleForTesting
+        /*package*/ static /*final*/ int DELAY_SECONDS = SystemProperties.getInteger("hudson.model.Queue.Saver.DELAY_SECONDS", 60);
+
+        private final Object lock = new Object();
+        @GuardedBy("lock")
+        private Future<?> nextSave;
+
+        @Override
+        public void onEnterWaiting(WaitingItem wi) {
+            push();
+        }
+
+        @Override
+        public void onLeft(Queue.LeftItem li) {
+            push();
+        }
+
+        private void push() {
+            if (DELAY_SECONDS < 0) return;
+
+            synchronized (lock) {
+                // Can be done or canceled in case of a bug or external intervention - do not allow it to hang there forever
+                if (nextSave != null && !(nextSave.isDone() || nextSave.isCancelled())) return;
+                nextSave = Timer.get().schedule(this, DELAY_SECONDS, TimeUnit.SECONDS);
+            }
+        }
+
+        @Override
+        public void run() {
+            try {
+                Jenkins j = Jenkins.getInstanceOrNull();
+                if (j != null) {
+                    j.getQueue().save();
+                }
+            } finally {
+                synchronized (lock) {
+                    nextSave = null;
+                }
+            }
+        }
+
+        @VisibleForTesting @Restricted(NoExternalUse.class)
+        /*package*/ @Nonnull Future<?> getNextSave() {
+            synchronized (lock) {
+                return nextSave == null
+                        ? Futures.precomputed(null)
+                        : nextSave
+                ;
+            }
+        }
+    }
 }
diff --git a/test/pom.xml b/test/pom.xml
index 2de0eea9ba..80167d7e3f 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -53,7 +53,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>${project.groupId}</groupId>
       <artifactId>jenkins-test-harness</artifactId>
-      <version>2.32</version>
+      <version>2.33</version>
       <scope>test</scope>
       <exclusions>
         <exclusion>
diff --git a/test/src/test/java/hudson/model/QueueRestartTest.java b/test/src/test/java/hudson/model/QueueRestartTest.java
new file mode 100644
index 0000000000..2ba10b2ddd
--- /dev/null
+++ b/test/src/test/java/hudson/model/QueueRestartTest.java
@@ -0,0 +1,89 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) Red Hat, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package hudson.model;
+
+import hudson.ExtensionList;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runners.model.Statement;
+import org.jvnet.hudson.test.RestartableJenkinsRule;
+
+import java.io.IOException;
+import java.util.concurrent.TimeUnit;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+public class QueueRestartTest {
+
+    @Rule
+    public RestartableJenkinsRule j = new RestartableJenkinsRule();
+
+    @Test
+    public void persistQueueOnRestart() {
+        j.addStep(new Statement() {
+            @Override public void evaluate() throws Throwable {
+                Queue.Saver.DELAY_SECONDS = 24 * 60 * 60; // Avoid period save as we are after the explicit one
+                scheduleSomeBuild();
+                assertBuildIsScheduled();
+            }
+        });
+        j.addStep(new Statement() {
+            @Override public void evaluate() {
+                assertBuildIsScheduled();
+            }
+        });
+    }
+
+    @Test
+    public void persistQueueOnCrash() {
+        j.addStepWithDirtyShutdown(new Statement() {
+            @Override public void evaluate() throws Throwable {
+                Queue.Saver.DELAY_SECONDS = 0; // Call Queue#save() on every queue modification simulating time has passed before crash
+                scheduleSomeBuild();
+                assertBuildIsScheduled();
+
+                // Save have no delay though is not synchronous
+                ExtensionList.lookup(Queue.Saver.class).get(0).getNextSave().get(3, TimeUnit.SECONDS);
+
+                assertTrue("queue.xml does not exist", j.j.jenkins.getQueue().getXMLQueueFile().exists());
+            }
+        });
+        j.addStep(new Statement() {
+            @Override public void evaluate() {
+                assertBuildIsScheduled();
+            }
+        });
+    }
+
+    private void assertBuildIsScheduled() {
+        assertEquals(1, j.j.jenkins.getQueue().getItems().length);
+    }
+
+    private void scheduleSomeBuild() throws IOException {
+        FreeStyleProject p = j.j.createFreeStyleProject();
+        p.setAssignedLabel(Label.get("waitforit"));
+        p.scheduleBuild2(0);
+    }
+}
diff --git a/test/src/test/java/hudson/model/QueueTest.java b/test/src/test/java/hudson/model/QueueTest.java
index 689b63e5ae..bc18c08e5f 100644
--- a/test/src/test/java/hudson/model/QueueTest.java
+++ b/test/src/test/java/hudson/model/QueueTest.java
@@ -46,6 +46,7 @@ import hudson.model.Queue.BlockedItem;
 import hudson.model.Queue.Executable;
 import hudson.model.Queue.WaitingItem;
 import hudson.model.labels.LabelExpression;
+import hudson.model.listeners.SaveableListener;
 import hudson.model.queue.CauseOfBlockage;
 import hudson.model.queue.QueueTaskDispatcher;
 import hudson.model.queue.QueueTaskFuture;
@@ -1018,4 +1019,22 @@ public class QueueTest {
 
         assertEquals(expected.getShortDescription(), actual.getShortDescription());
     }
+
+    @Test @LocalData
+    public void load_queue_xml() {
+        Queue q = r.getInstance().getQueue();
+        Queue.Item[] items = q.getItems();
+        assertEquals(Arrays.asList(items).toString(), 11, items.length);
+        assertEquals("Loading the queue should not generate saves", 0, QueueSaveSniffer.count);
+    }
+
+    @TestExtension("load_queue_xml")
+    public static final class QueueSaveSniffer extends SaveableListener {
+        private static int count = 0;
+        @Override public void onChange(Saveable o, XmlFile file) {
+            if (o instanceof Queue) {
+                count++;
+            }
+        }
+    }
 }
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/config.xml
new file mode 100644
index 0000000000..d18cae81c5
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/config.xml
@@ -0,0 +1,48 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<hudson>
+  <disabledAdministrativeMonitors/>
+  <version>2.103-SNAPSHOT (private-01/18/2018 15:13 GMT-ogondza)</version>
+  <installState class="jenkins.install.InstallState$5">
+    <isSetupComplete>true</isSetupComplete>
+    <name>RESTART</name>
+  </installState>
+  <numExecutors>2</numExecutors>
+  <mode>NORMAL</mode>
+  <useSecurity>true</useSecurity>
+  <authorizationStrategy class="hudson.security.AuthorizationStrategy$Unsecured"/>
+  <securityRealm class="hudson.security.HudsonPrivateSecurityRealm">
+    <disableSignup>true</disableSignup>
+    <enableCaptcha>false</enableCaptcha>
+  </securityRealm>
+  <disableRememberMe>false</disableRememberMe>
+  <projectNamingStrategy class="jenkins.model.ProjectNamingStrategy$DefaultProjectNamingStrategy"/>
+  <workspaceDir>${JENKINS_HOME}/workspace/${ITEM_FULL_NAME}</workspaceDir>
+  <buildsDir>${ITEM_ROOTDIR}/builds</buildsDir>
+  <markupFormatter class="hudson.markup.EscapedMarkupFormatter"/>
+  <jdks/>
+  <viewsTabBar class="hudson.views.DefaultViewsTabBar"/>
+  <myViewsTabBar class="hudson.views.DefaultMyViewsTabBar"/>
+  <clouds/>
+  <scmCheckoutRetryCount>0</scmCheckoutRetryCount>
+  <views>
+    <hudson.model.AllView>
+      <owner class="hudson" reference="../../.."/>
+      <name>all</name>
+      <filterExecutors>false</filterExecutors>
+      <filterQueue>false</filterQueue>
+      <properties class="hudson.model.View$PropertyList"/>
+    </hudson.model.AllView>
+  </views>
+  <primaryView>all</primaryView>
+  <slaveAgentPort>-1</slaveAgentPort>
+  <disabledAgentProtocols>
+    <string>JNLP-connect</string>
+    <string>JNLP2-connect</string>
+  </disabledAgentProtocols>
+  <label></label>
+  <crumbIssuer class="hudson.security.csrf.DefaultCrumbIssuer">
+    <excludeClientIPFromCrumb>false</excludeClientIPFromCrumb>
+  </crumbIssuer>
+  <nodeProperties/>
+  <globalNodeProperties/>
+</hudson>
\ No newline at end of file
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/a/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/a/config.xml
new file mode 100644
index 0000000000..bbb41344ac
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/a/config.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties/>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>false</canRoam>
+  <assignedNode>!master</assignedNode>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders/>
+  <publishers/>
+  <buildWrappers/>
+</project>
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/b/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/b/config.xml
new file mode 100644
index 0000000000..bbb41344ac
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/b/config.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties/>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>false</canRoam>
+  <assignedNode>!master</assignedNode>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders/>
+  <publishers/>
+  <buildWrappers/>
+</project>
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/c/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/c/config.xml
new file mode 100644
index 0000000000..bbb41344ac
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/c/config.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties/>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>false</canRoam>
+  <assignedNode>!master</assignedNode>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders/>
+  <publishers/>
+  <buildWrappers/>
+</project>
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/d/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/d/config.xml
new file mode 100644
index 0000000000..bbb41344ac
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/d/config.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties/>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>false</canRoam>
+  <assignedNode>!master</assignedNode>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders/>
+  <publishers/>
+  <buildWrappers/>
+</project>
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/e/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/e/config.xml
new file mode 100644
index 0000000000..bbb41344ac
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/e/config.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties/>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>false</canRoam>
+  <assignedNode>!master</assignedNode>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders/>
+  <publishers/>
+  <buildWrappers/>
+</project>
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/f/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/f/config.xml
new file mode 100644
index 0000000000..bbb41344ac
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/f/config.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties/>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>false</canRoam>
+  <assignedNode>!master</assignedNode>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders/>
+  <publishers/>
+  <buildWrappers/>
+</project>
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/g/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/g/config.xml
new file mode 100644
index 0000000000..bbb41344ac
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/g/config.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties/>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>false</canRoam>
+  <assignedNode>!master</assignedNode>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders/>
+  <publishers/>
+  <buildWrappers/>
+</project>
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/h/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/h/config.xml
new file mode 100644
index 0000000000..bbb41344ac
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/h/config.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties/>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>false</canRoam>
+  <assignedNode>!master</assignedNode>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders/>
+  <publishers/>
+  <buildWrappers/>
+</project>
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/i/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/i/config.xml
new file mode 100644
index 0000000000..bbb41344ac
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/i/config.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties/>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>false</canRoam>
+  <assignedNode>!master</assignedNode>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders/>
+  <publishers/>
+  <buildWrappers/>
+</project>
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/j/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/j/config.xml
new file mode 100644
index 0000000000..bbb41344ac
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/j/config.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties/>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>false</canRoam>
+  <assignedNode>!master</assignedNode>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders/>
+  <publishers/>
+  <buildWrappers/>
+</project>
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/k/config.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/k/config.xml
new file mode 100644
index 0000000000..bbb41344ac
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/jobs/k/config.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties/>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>false</canRoam>
+  <assignedNode>!master</assignedNode>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders/>
+  <publishers/>
+  <buildWrappers/>
+</project>
diff --git a/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/queue.xml b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/queue.xml
new file mode 100644
index 0000000000..cf854c0522
--- /dev/null
+++ b/test/src/test/resources/hudson/model/QueueTest/load_queue_xml/queue.xml
@@ -0,0 +1,193 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<hudson.model.Queue_-State>
+  <counter>17</counter>
+  <items>
+    <hudson.model.Queue_-BuildableItem>
+      <actions>
+        <hudson.model.CauseAction>
+          <causeBag class="linked-hash-map">
+            <entry>
+              <hudson.model.Cause_-UserIdCause/>
+              <int>1</int>
+            </entry>
+          </causeBag>
+        </hudson.model.CauseAction>
+      </actions>
+      <id>17</id>
+      <task class="hudson.model.FreeStyleProject">k</task>
+      <inQueueSince>1516354024440</inQueueSince>
+      <buildableStartMilliseconds>1516354024440</buildableStartMilliseconds>
+      <isPending>false</isPending>
+    </hudson.model.Queue_-BuildableItem>
+    <hudson.model.Queue_-BuildableItem>
+      <actions>
+        <hudson.model.CauseAction>
+          <causeBag class="linked-hash-map">
+            <entry>
+              <hudson.model.Cause_-UserIdCause/>
+              <int>1</int>
+            </entry>
+          </causeBag>
+        </hudson.model.CauseAction>
+      </actions>
+      <id>16</id>
+      <task class="hudson.model.FreeStyleProject">j</task>
+      <inQueueSince>1516354003647</inQueueSince>
+      <buildableStartMilliseconds>1516354003648</buildableStartMilliseconds>
+      <isPending>false</isPending>
+    </hudson.model.Queue_-BuildableItem>
+    <hudson.model.Queue_-BuildableItem>
+      <actions>
+        <hudson.model.CauseAction>
+          <causeBag class="linked-hash-map">
+            <entry>
+              <hudson.model.Cause_-UserIdCause/>
+              <int>1</int>
+            </entry>
+          </causeBag>
+        </hudson.model.CauseAction>
+      </actions>
+      <id>15</id>
+      <task class="hudson.model.FreeStyleProject">i</task>
+      <inQueueSince>1516354001887</inQueueSince>
+      <buildableStartMilliseconds>1516354001888</buildableStartMilliseconds>
+      <isPending>false</isPending>
+    </hudson.model.Queue_-BuildableItem>
+    <hudson.model.Queue_-BuildableItem>
+      <actions>
+        <hudson.model.CauseAction>
+          <causeBag class="linked-hash-map">
+            <entry>
+              <hudson.model.Cause_-UserIdCause/>
+              <int>1</int>
+            </entry>
+          </causeBag>
+        </hudson.model.CauseAction>
+      </actions>
+      <id>14</id>
+      <task class="hudson.model.FreeStyleProject">h</task>
+      <inQueueSince>1516353999191</inQueueSince>
+      <buildableStartMilliseconds>1516353999192</buildableStartMilliseconds>
+      <isPending>false</isPending>
+    </hudson.model.Queue_-BuildableItem>
+    <hudson.model.Queue_-BuildableItem>
+      <actions>
+        <hudson.model.CauseAction>
+          <causeBag class="linked-hash-map">
+            <entry>
+              <hudson.model.Cause_-UserIdCause/>
+              <int>1</int>
+            </entry>
+          </causeBag>
+        </hudson.model.CauseAction>
+      </actions>
+      <id>13</id>
+      <task class="hudson.model.FreeStyleProject">g</task>
+      <inQueueSince>1516353998031</inQueueSince>
+      <buildableStartMilliseconds>1516353998032</buildableStartMilliseconds>
+      <isPending>false</isPending>
+    </hudson.model.Queue_-BuildableItem>
+    <hudson.model.Queue_-BuildableItem>
+      <actions>
+        <hudson.model.CauseAction>
+          <causeBag class="linked-hash-map">
+            <entry>
+              <hudson.model.Cause_-UserIdCause/>
+              <int>1</int>
+            </entry>
+          </causeBag>
+        </hudson.model.CauseAction>
+      </actions>
+      <id>12</id>
+      <task class="hudson.model.FreeStyleProject">f</task>
+      <inQueueSince>1516353996504</inQueueSince>
+      <buildableStartMilliseconds>1516353996504</buildableStartMilliseconds>
+      <isPending>false</isPending>
+    </hudson.model.Queue_-BuildableItem>
+    <hudson.model.Queue_-BuildableItem>
+      <actions>
+        <hudson.model.CauseAction>
+          <causeBag class="linked-hash-map">
+            <entry>
+              <hudson.model.Cause_-UserIdCause/>
+              <int>1</int>
+            </entry>
+          </causeBag>
+        </hudson.model.CauseAction>
+      </actions>
+      <id>11</id>
+      <task class="hudson.model.FreeStyleProject">e</task>
+      <inQueueSince>1516353995471</inQueueSince>
+      <buildableStartMilliseconds>1516353995472</buildableStartMilliseconds>
+      <isPending>false</isPending>
+    </hudson.model.Queue_-BuildableItem>
+    <hudson.model.Queue_-BuildableItem>
+      <actions>
+        <hudson.model.CauseAction>
+          <causeBag class="linked-hash-map">
+            <entry>
+              <hudson.model.Cause_-UserIdCause/>
+              <int>1</int>
+            </entry>
+          </causeBag>
+        </hudson.model.CauseAction>
+      </actions>
+      <id>10</id>
+      <task class="hudson.model.FreeStyleProject">d</task>
+      <inQueueSince>1516353993872</inQueueSince>
+      <buildableStartMilliseconds>1516353993873</buildableStartMilliseconds>
+      <isPending>false</isPending>
+    </hudson.model.Queue_-BuildableItem>
+    <hudson.model.Queue_-BuildableItem>
+      <actions>
+        <hudson.model.CauseAction>
+          <causeBag class="linked-hash-map">
+            <entry>
+              <hudson.model.Cause_-UserIdCause/>
+              <int>1</int>
+            </entry>
+          </causeBag>
+        </hudson.model.CauseAction>
+      </actions>
+      <id>9</id>
+      <task class="hudson.model.FreeStyleProject">c</task>
+      <inQueueSince>1516353991671</inQueueSince>
+      <buildableStartMilliseconds>1516353991672</buildableStartMilliseconds>
+      <isPending>false</isPending>
+    </hudson.model.Queue_-BuildableItem>
+    <hudson.model.Queue_-BuildableItem>
+      <actions>
+        <hudson.model.CauseAction>
+          <causeBag class="linked-hash-map">
+            <entry>
+              <hudson.model.Cause_-UserIdCause/>
+              <int>1</int>
+            </entry>
+          </causeBag>
+        </hudson.model.CauseAction>
+      </actions>
+      <id>8</id>
+      <task class="hudson.model.FreeStyleProject">b</task>
+      <inQueueSince>1516353989177</inQueueSince>
+      <buildableStartMilliseconds>1516353989177</buildableStartMilliseconds>
+      <isPending>false</isPending>
+    </hudson.model.Queue_-BuildableItem>
+    <hudson.model.Queue_-BuildableItem>
+      <actions>
+        <hudson.model.CauseAction>
+          <causeBag class="linked-hash-map">
+            <entry>
+              <hudson.model.Cause_-UserIdCause/>
+              <int>1</int>
+            </entry>
+          </causeBag>
+        </hudson.model.CauseAction>
+      </actions>
+      <id>7</id>
+      <task class="hudson.model.FreeStyleProject">a</task>
+      <inQueueSince>1516353986148</inQueueSince>
+      <buildableStartMilliseconds>1516353986151</buildableStartMilliseconds>
+      <isPending>false</isPending>
+    </hudson.model.Queue_-BuildableItem>
+  </items>
+</hudson.model.Queue_-State>
\ No newline at end of file
-- 
GitLab


From e43f90b256914fb091a7718d34985ef543833768 Mon Sep 17 00:00:00 2001
From: Carl-Frederik Hallberg <nightwalker85@gmail.com>
Date: Wed, 28 Feb 2018 11:44:36 +0100
Subject: [PATCH 263/863] [JENKINS-49788] Added ConcurrentLinkedQueue to
 whitelisted classes. (#3315)

(cherry picked from commit e5f61e29e260688d7d73339202c22ca199535018)
---
 core/src/main/resources/jenkins/security/whitelisted-classes.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/src/main/resources/jenkins/security/whitelisted-classes.txt b/core/src/main/resources/jenkins/security/whitelisted-classes.txt
index 68b07e4643..48a9b5db69 100644
--- a/core/src/main/resources/jenkins/security/whitelisted-classes.txt
+++ b/core/src/main/resources/jenkins/security/whitelisted-classes.txt
@@ -122,6 +122,7 @@ java.util.TreeSet
 java.util.UUID
 java.util.Vector
 java.util.concurrent.ConcurrentHashMap
+java.util.concurrent.ConcurrentLinkedQueue
 java.util.concurrent.ConcurrentSkipListMap
 java.util.concurrent.CopyOnWriteArrayList
 java.util.concurrent.CopyOnWriteArraySet
-- 
GitLab


From 805a7ab57d4d25f8c5565c5af0b16b36a780a8c9 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 2 Mar 2018 10:22:29 +0100
Subject: [PATCH 264/863] [JENKINS-49596] - Update Winstone to 4.1.2 (#3307)

* [JENKINS-49596] - Update Winstone to 4.1.1

* [JENKINS-49596] - Pick 4.1.2 with extended session eviction defaults

(cherry picked from commit 852ecdc5f2a7802fa74f425bd17ba028f787b2c1)
---
 war/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/war/pom.xml b/war/pom.xml
index b3e9c243ac..135b08b626 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -89,7 +89,7 @@ THE SOFTWARE.
       -->
       <groupId>org.jenkins-ci</groupId>
       <artifactId>winstone</artifactId>
-      <version>4.1</version>
+      <version>4.1.2</version>
       <scope>test</scope>
     </dependency>
     <dependency>
-- 
GitLab


From ff59e4bf14b43b1f424f916323be130226a9b92b Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Tue, 27 Feb 2018 18:39:43 +0100
Subject: [PATCH 265/863] [JENKINS-49642] Fix proxy view recursion

(cherry picked from commit 9054e2211ed62dac944b745099b0361d3962e4ba)
---
 core/src/main/java/hudson/model/ProxyView.java | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/core/src/main/java/hudson/model/ProxyView.java b/core/src/main/java/hudson/model/ProxyView.java
index 795b94ba86..a879dfd0b0 100644
--- a/core/src/main/java/hudson/model/ProxyView.java
+++ b/core/src/main/java/hudson/model/ProxyView.java
@@ -91,6 +91,11 @@ public class ProxyView extends View implements StaplerFallback {
         return getProxiedView().contains(item);
     }
 
+    @Override
+    public TopLevelItem getItem(String name) {
+        return getProxiedView().getItem(name);
+    }
+
     @Override
     protected void submit(StaplerRequest req) throws IOException, ServletException, FormException {
         String proxiedViewName = req.getSubmittedForm().getString("proxiedViewName");
-- 
GitLab


From 9fb75bb4c6a7a43e472abae919fd32eef1983b92 Mon Sep 17 00:00:00 2001
From: Piush <piushkumar@users.noreply.github.com>
Date: Sun, 4 Mar 2018 06:11:23 -0500
Subject: [PATCH 266/863] [JENKINS-29470] - Prevent NPE in
 AbstractProject.checkout when agent disconnects during the build (#3094)

[JENKINS-29470] - Prevent NPE in AbstractProject.checkout when agent disconnects during the build

(cherry picked from commit b0c5a86addf7eb0dbf84a5469380576e155eb151)
---
 core/src/main/java/hudson/model/AbstractProject.java | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/model/AbstractProject.java b/core/src/main/java/hudson/model/AbstractProject.java
index cbade0ebac..1cb3fcfbc7 100644
--- a/core/src/main/java/hudson/model/AbstractProject.java
+++ b/core/src/main/java/hudson/model/AbstractProject.java
@@ -1198,7 +1198,12 @@ public abstract class AbstractProject<P extends AbstractProject<P,R>,R extends A
             return true;    // no SCM
 
         FilePath workspace = build.getWorkspace();
-        workspace.mkdirs();
+        if(workspace!=null){
+            workspace.mkdirs();
+        } else {
+            throw new AbortException("Cannot checkout SCM, workspace is not defined");
+        }
+
 
         boolean r = scm.checkout(build, launcher, workspace, listener, changelogFile);
         if (r) {
-- 
GitLab


From 9b69208f7e4aca3f5970e71343571e575d803f4d Mon Sep 17 00:00:00 2001
From: Akbashev Alexander <mr.akbashev@gmail.com>
Date: Sat, 10 Mar 2018 01:47:18 +0100
Subject: [PATCH 267/863] Do not copy all build numbers in case of descending
 search (#3228)

[JENKINS-50056] - Do not copy all build numbers in case of descending search

(cherry picked from commit 6232491965ab654ea9a020c3088421ce2d61705c)
---
 .../java/jenkins/model/lazy/AbstractLazyLoadRunMap.java  | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/core/src/main/java/jenkins/model/lazy/AbstractLazyLoadRunMap.java b/core/src/main/java/jenkins/model/lazy/AbstractLazyLoadRunMap.java
index a1f2eaecc3..b839866ac8 100644
--- a/core/src/main/java/jenkins/model/lazy/AbstractLazyLoadRunMap.java
+++ b/core/src/main/java/jenkins/model/lazy/AbstractLazyLoadRunMap.java
@@ -29,10 +29,9 @@ import hudson.model.RunMap;
 import java.io.File;
 import java.io.IOException;
 import java.util.AbstractMap;
-import java.util.ArrayList;
 import java.util.Collections;
 import java.util.Comparator;
-import java.util.List;
+import java.util.ListIterator;
 import java.util.Map;
 import java.util.NoSuchElementException;
 import java.util.Set;
@@ -336,9 +335,9 @@ public abstract class AbstractLazyLoadRunMap<R> extends AbstractMap<Integer,R> i
             return null;
         case DESC:
             // TODO again could be made more efficient
-            List<Integer> reversed = new ArrayList<Integer>(numberOnDisk);
-            Collections.reverse(reversed);
-            for (int m : reversed) {
+            ListIterator<Integer> iterator = numberOnDisk.listIterator(numberOnDisk.size());
+            while(iterator.hasPrevious()) {
+                int m = iterator.previous();
                 if (m > n) {
                     continue;
                 }
-- 
GitLab


From 1400918ddaef45470720e60d4d1dbfd2f6ac78d4 Mon Sep 17 00:00:00 2001
From: Berno Langer <bernolanger@users.noreply.github.com>
Date: Sat, 10 Mar 2018 16:57:37 +0100
Subject: [PATCH 268/863] [JENKINS-48821] - Don't forget estimated duration of
 asynchronous jobs (#3329)

* Don't forget estimated duration of asynchronous jobs.

When jobs are executed, the estimated duration is calculated, memorized
and reseted when the job is finished.

But when the job is executed asynchronously (e.g. as for pipeline
scripts), the execution is just triggered. Therefore the estimated
duration should remain - and not be reseted after triggering.

JENKINS-48821: Time remaining for all pipeline jobs is N/A
JENKINS-49616: Estimated time remaining NA

* Reset cached estimated duration also when asynchronous job ends.

(cherry picked from commit 3fc392108ae382a4616964aa8bbb6b8cb9dff0dc)
---
 core/src/main/java/hudson/model/Executor.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/model/Executor.java b/core/src/main/java/hudson/model/Executor.java
index e20f9a1eee..efb2cb67dc 100644
--- a/core/src/main/java/hudson/model/Executor.java
+++ b/core/src/main/java/hudson/model/Executor.java
@@ -459,7 +459,6 @@ public class Executor extends Thread implements ModelObject {
             if (asynchronousExecution == null) {
                 finish2();
             }
-            executableEstimatedDuration = DEFAULT_ESTIMATED_DURATION;
         }
     }
 
@@ -490,6 +489,7 @@ public class Executor extends Thread implements ModelObject {
         if (this instanceof OneOffExecutor) {
             owner.remove((OneOffExecutor) this);
         }
+        executableEstimatedDuration = DEFAULT_ESTIMATED_DURATION;
         queue.scheduleMaintenance();
     }
 
-- 
GitLab


From 115612bbf5582f2351e4d1a0dfbb3ffbbcdbba9a Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 5 Mar 2018 17:51:17 -0500
Subject: [PATCH 269/863] [JENKINS-39495] Defend against a null serialized
 ParametersAction.parameters.

(cherry picked from commit ff34532460d2ef50eee9f82cae9d983ea5095c58)
---
 core/src/main/java/hudson/model/ParametersAction.java | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/model/ParametersAction.java b/core/src/main/java/hudson/model/ParametersAction.java
index a262ae6adb..b5fe85a795 100644
--- a/core/src/main/java/hudson/model/ParametersAction.java
+++ b/core/src/main/java/hudson/model/ParametersAction.java
@@ -87,7 +87,7 @@ public class ParametersAction implements RunAction2, Iterable<ParameterValue>, Q
 
     private Set<String> safeParameters;
 
-    private final List<ParameterValue> parameters;
+    private @Nonnull List<ParameterValue> parameters;
 
     private List<String> parameterDefinitionNames;
 
@@ -99,7 +99,7 @@ public class ParametersAction implements RunAction2, Iterable<ParameterValue>, Q
 
     private transient Run<?, ?> run;
 
-    public ParametersAction(List<ParameterValue> parameters) {
+    public ParametersAction(@Nonnull List<ParameterValue> parameters) {
         this.parameters = new ArrayList<>(parameters);
         String paramNames = SystemProperties.getString(SAFE_PARAMETERS_SYSTEM_PROPERTY_NAME);
         safeParameters = new TreeSet<>();
@@ -284,6 +284,9 @@ public class ParametersAction implements RunAction2, Iterable<ParameterValue>, Q
     }
 
     private Object readResolve() {
+        if (parameters == null) { // JENKINS-39495
+            parameters = Collections.emptyList();
+        }
         if (build != null)
             OldDataMonitor.report(build, "1.283");
         if (safeParameters == null) {
-- 
GitLab


From d95766fb09c4305ee25b8cd2ce307d1511d2c4a3 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Fri, 23 Mar 2018 15:18:35 +0100
Subject: [PATCH 270/863] - change package (better hierarchy) - correct small
 text when instance is null - add monitor

---
 .../java/jenkins/install/UpgradeWizard.java   |   2 +-
 .../jenkins/security/ApiTokenProperty.java    |  32 +++-
 .../ApiTokenPropertyConfiguration.java        |   5 +-
 ...yDisabledDefaultAdministrativeMonitor.java |   2 +-
 ...EnabledNewLegacyAdministrativeMonitor.java |   2 +-
 .../{ => apitoken}/ApiTokenStore.java         |  41 ++--
 .../LegacyApiTokenAdministrativeMonitor.java  | 175 ++++++++++++++++++
 .../security/ApiTokenProperty/config.jelly    |  23 ++-
 .../ApiTokenProperty/config.properties        |   2 +-
 .../security/ApiTokenProperty/resources.js    |   8 +-
 .../jenkins/security/Messages.properties      |   2 -
 .../config.jelly                              |   2 +-
 .../help-creationOfLegacyTokenDisabled.html   |   0
 ...elp-tokenGenerationOnCreationDisabled.html |   0
 .../message.jelly                             |   4 +-
 .../message.properties                        |   0
 .../message.jelly                             |   4 +-
 .../message.properties                        |   0
 .../manage.jelly                              | 162 ++++++++++++++++
 .../manage.properties                         |  33 ++++
 .../message.jelly                             |  29 +++
 .../message.properties                        |   3 +
 .../resources.css                             |  56 ++++++
 .../resources.js                              | 137 ++++++++++++++
 .../security/apitoken/Messages.properties     |  24 +++
 .../bugs/JnlpAccessWithSecuredHudsonTest.java |   2 +-
 .../test/java/hudson/cli/CLIActionTest.java   |   4 +-
 .../HudsonHomeDiskUsageMonitorTest.java       |   2 +-
 .../src/test/java/hudson/model/ItemsTest.java |   5 +-
 test/src/test/java/hudson/model/JobTest.java  |   2 +-
 .../PasswordParameterDefinitionTest.java      |   2 +-
 .../src/test/java/hudson/model/QueueTest.java |   2 +-
 test/src/test/java/hudson/model/UserTest.java |   2 +-
 .../HudsonPrivateSecurityRealmTest.java       |   2 +-
 .../test/java/hudson/security/LoginTest.java  |   2 +-
 .../util/RobustReflectionConverterTest.java   |   2 +-
 .../test/java/jenkins/model/JenkinsTest.java  |   7 +-
 .../security/ApiCrumbExclusionTest.java       |   2 +-
 .../security/ApiTokenPropertyTest.java        |   2 +
 .../security/BasicHeaderProcessorTest.java    |   1 +
 .../ApiTokenPropertyConfigurationTest.java    |   8 +-
 test/src/test/java/lib/form/PasswordTest.java |   2 +-
 .../migrationFromLegacyToken.zip              | Bin
 43 files changed, 733 insertions(+), 64 deletions(-)
 rename core/src/main/java/jenkins/security/{ => apitoken}/ApiTokenPropertyConfiguration.java (95%)
 rename core/src/main/java/jenkins/security/{ => apitoken}/ApiTokenPropertyDisabledDefaultAdministrativeMonitor.java (98%)
 rename core/src/main/java/jenkins/security/{ => apitoken}/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor.java (98%)
 rename core/src/main/java/jenkins/security/{ => apitoken}/ApiTokenStore.java (93%)
 create mode 100644 core/src/main/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor.java
 rename core/src/main/resources/jenkins/security/{ => apitoken}/ApiTokenPropertyConfiguration/config.jelly (97%)
 rename core/src/main/resources/jenkins/security/{ => apitoken}/ApiTokenPropertyConfiguration/help-creationOfLegacyTokenDisabled.html (100%)
 rename core/src/main/resources/jenkins/security/{ => apitoken}/ApiTokenPropertyConfiguration/help-tokenGenerationOnCreationDisabled.html (100%)
 rename core/src/main/resources/jenkins/security/{ => apitoken}/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.jelly (95%)
 rename core/src/main/resources/jenkins/security/{ => apitoken}/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.properties (100%)
 rename core/src/main/resources/jenkins/security/{ => apitoken}/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.jelly (95%)
 rename core/src/main/resources/jenkins/security/{ => apitoken}/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.properties (100%)
 create mode 100644 core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
 create mode 100644 core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
 create mode 100644 core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message.jelly
 create mode 100644 core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message.properties
 create mode 100644 core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/resources.css
 create mode 100644 core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/resources.js
 create mode 100644 core/src/main/resources/jenkins/security/apitoken/Messages.properties
 rename test/src/test/java/jenkins/security/{ => apitoken}/ApiTokenPropertyConfigurationTest.java (89%)
 rename test/src/test/resources/jenkins/security/{ => apitoken}/ApiTokenPropertyTest/migrationFromLegacyToken.zip (100%)

diff --git a/core/src/main/java/jenkins/install/UpgradeWizard.java b/core/src/main/java/jenkins/install/UpgradeWizard.java
index dd52ccaca9..09e0ea7d2d 100644
--- a/core/src/main/java/jenkins/install/UpgradeWizard.java
+++ b/core/src/main/java/jenkins/install/UpgradeWizard.java
@@ -11,7 +11,7 @@ import java.util.logging.Logger;
 import javax.inject.Provider;
 import javax.servlet.http.HttpSession;
 
-import jenkins.security.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
 import org.apache.commons.io.FileUtils;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index 4295b01cee..26a830ffa1 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -27,8 +27,9 @@ import com.thoughtworks.xstream.converters.UnmarshallingContext;
 import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
 import hudson.Extension;
 import hudson.Util;
-import hudson.diagnosis.OldDataMonitor;
 import hudson.util.XStream2;
+import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenStore;
 import jenkins.util.SystemProperties;
 import hudson.model.Descriptor.FormException;
 import hudson.model.User;
@@ -155,6 +156,14 @@ public class ApiTokenProperty extends UserProperty {
                 : Messages.ApiTokenProperty_ChangeToken_TokenIsHidden();
     }
     
+    /**
+     * Determine if the legacy token is still present
+     */
+    @Restricted(NoExternalUse.class)
+    public boolean hasLegacyToken(){
+        return apiToken != null;
+    }
+    
     @Nonnull
     @Restricted(NoExternalUse.class)
     /*package*/ String getApiTokenInsecure() {
@@ -271,7 +280,7 @@ public class ApiTokenProperty extends UserProperty {
         LOGGER.log(Level.FINE, "Deprecated usage of changeApiToken");
 
         _changeApiToken();
-        tokenStore.generateTokenFromLegacy(apiToken);
+        tokenStore.regenerateTokenFromLegacy(apiToken);
         
         user.save();
     }
@@ -282,7 +291,20 @@ public class ApiTokenProperty extends UserProperty {
         RANDOM.nextBytes(random);
         apiToken = Secret.fromString(Util.toHexString(random));
     }
-
+    
+    /**
+     * Does not revoke the token stored in the store
+     */
+    @Restricted(NoExternalUse.class)
+    public void deleteApiToken(){
+        this.apiToken = null;
+    }
+    
+    @Restricted(NoExternalUse.class)
+    public ApiTokenStore getTokenStore() {
+        return tokenStore;
+    }
+    
     public static class ConverterImpl extends XStream2.PassthruConverter<ApiTokenProperty> {
         public ConverterImpl(XStream2 xstream) {
             super(xstream);
@@ -303,6 +325,10 @@ public class ApiTokenProperty extends UserProperty {
         public String getDisplayName() {
             return Messages.ApiTokenProperty_DisplayName();
         }
+        
+        public String getNoLegacyToken(){
+            return Messages.ApiTokenProperty_NoLegacyToken();
+        }
 
         /**
          * New approach:
diff --git a/core/src/main/java/jenkins/security/ApiTokenPropertyConfiguration.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyConfiguration.java
similarity index 95%
rename from core/src/main/java/jenkins/security/ApiTokenPropertyConfiguration.java
rename to core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyConfiguration.java
index 55a779f8c7..ab2d8d1eb0 100644
--- a/core/src/main/java/jenkins/security/ApiTokenPropertyConfiguration.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyConfiguration.java
@@ -21,15 +21,12 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  * THE SOFTWARE.
  */
-package jenkins.security;
+package jenkins.security.apitoken;
 
 import hudson.Extension;
 import jenkins.model.GlobalConfiguration;
 import jenkins.model.GlobalConfigurationCategory;
-import jenkins.model.Jenkins;
 import org.jenkinsci.Symbol;
-import org.kohsuke.accmod.Restricted;
-import org.kohsuke.accmod.restrictions.NoExternalUse;
 
 /**
  * Configuration for the new token generation when a user is created
diff --git a/core/src/main/java/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor.java
similarity index 98%
rename from core/src/main/java/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor.java
rename to core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor.java
index 1f9c951a80..b5afdca805 100644
--- a/core/src/main/java/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor.java
@@ -21,7 +21,7 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  * THE SOFTWARE.
  */
-package jenkins.security;
+package jenkins.security.apitoken;
 
 import hudson.Extension;
 import hudson.model.AdministrativeMonitor;
diff --git a/core/src/main/java/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor.java
similarity index 98%
rename from core/src/main/java/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor.java
rename to core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor.java
index 4b062422e7..2cae664d08 100644
--- a/core/src/main/java/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor.java
@@ -21,7 +21,7 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  * THE SOFTWARE.
  */
-package jenkins.security;
+package jenkins.security.apitoken;
 
 import hudson.Extension;
 import hudson.model.AdministrativeMonitor;
diff --git a/core/src/main/java/jenkins/security/ApiTokenStore.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
similarity index 93%
rename from core/src/main/java/jenkins/security/ApiTokenStore.java
rename to core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
index 75ff2c9f74..f621adcb3b 100644
--- a/core/src/main/java/jenkins/security/ApiTokenStore.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
@@ -21,13 +21,13 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  * THE SOFTWARE.
  */
-package jenkins.security;
+package jenkins.security.apitoken;
 
 import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
 import hudson.Util;
 import hudson.diagnosis.OldDataMonitor;
 import hudson.util.Secret;
-import jenkins.util.SystemProperties;
+import jenkins.security.Messages;
 import net.sf.json.JSONObject;
 import org.apache.commons.lang.StringUtils;
 
@@ -44,9 +44,7 @@ import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Comparator;
 import java.util.Date;
-import java.util.HashMap;
 import java.util.Iterator;
-import java.util.LinkedList;
 import java.util.List;
 import java.util.Locale;
 import java.util.Map;
@@ -63,9 +61,9 @@ public class ApiTokenStore {
             Comparator.comparing(hashedToken -> hashedToken.getName().toLowerCase(Locale.ENGLISH));
     
     private static final int TOKEN_LENGTH_V2 = 34;
-    /** two hex-characters */
-    private static final String LEGACY_VERSION = "01";
-    private static final String HASH_VERSION = "02";
+    /** two hex-characters, avoid starting with 0 to avoid troubles */
+    private static final String LEGACY_VERSION = "10";
+    private static final String HASH_VERSION = "11";
     
     private static final String HASH_ALGORITHM = "SHA-256";
     
@@ -120,6 +118,12 @@ public class ApiTokenStore {
     }
     
     public synchronized void generateTokenFromLegacy(@Nonnull Secret newLegacyApiToken) {
+        if(tokenList.stream().noneMatch(HashedToken::isLegacy)){
+            regenerateTokenFromLegacy(newLegacyApiToken);
+        }
+    }
+    
+    public synchronized void regenerateTokenFromLegacy(@Nonnull Secret newLegacyApiToken) {
         deleteAllLegacyTokens();
         addLegacyToken(newLegacyApiToken);
     }
@@ -326,23 +330,38 @@ public class ApiTokenStore {
             return MessageDigest.isEqual(hashFromHex, hashedBytes);
         }
         
+        // used by Jelly view
         public String getName() {
             return name;
         }
-        
+    
+        // used by Jelly view
         public int getUseCounter() {
             return useCounter == null ? 0 : useCounter;
         }
-        
+    
+        // used by Jelly view
+        public Date getLastUseDate() {
+            return lastUseDate;
+        }
+    
+        // used by Jelly view
         public long getNumDaysUse() {
             return lastUseDate == null ? 0 : computeDeltaDays(lastUseDate.toInstant(), Instant.now());
         }
-        
+    
+        // used by Jelly view
+        public Date getCreationDate() {
+            return creationDate;
+        }
+    
+        // used by Jelly view
         public long getNumDaysCreation() {
             // should not happen but just in case
             return creationDate == null ? 0 : computeDeltaDays(creationDate.toInstant(), Instant.now());
         }
-        
+    
+        // used by Jelly view
         public String getUuid() {
             return this.uuid;
         }
diff --git a/core/src/main/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor.java b/core/src/main/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor.java
new file mode 100644
index 0000000000..0f8e14df98
--- /dev/null
+++ b/core/src/main/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor.java
@@ -0,0 +1,175 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.security.apitoken;
+
+import hudson.Extension;
+import hudson.model.AdministrativeMonitor;
+import hudson.model.Api;
+import hudson.model.User;
+import hudson.node_monitors.AbstractAsyncNodeMonitorDescriptor;
+import hudson.util.HttpResponses;
+import jenkins.security.ApiTokenProperty;
+import org.jenkinsci.Symbol;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+import org.kohsuke.stapler.HttpRedirect;
+import org.kohsuke.stapler.HttpResponse;
+import org.kohsuke.stapler.QueryParameter;
+import org.kohsuke.stapler.interceptor.RequirePOST;
+import org.kohsuke.stapler.json.JsonBody;
+
+import javax.annotation.CheckForNull;
+import java.io.IOException;
+import java.util.Date;
+import java.util.List;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+import java.util.stream.Collectors;
+
+/**
+ * Monitor the list of users that still have legacy token
+ */
+@Extension
+@Symbol("legacyApiTokenUsage")
+@Restricted(NoExternalUse.class)
+public class LegacyApiTokenAdministrativeMonitor extends AdministrativeMonitor {
+    private static final Logger LOGGER = Logger.getLogger(AbstractAsyncNodeMonitorDescriptor.class.getName());
+    
+    public LegacyApiTokenAdministrativeMonitor() {
+        super("legacyApiToken");
+    }
+    
+    @Override
+    public String getDisplayName() {
+        return Messages.LegacyApiTokenAdministrativeMonitor_displayName();
+    }
+    
+    @Override
+    public boolean isActivated() {
+        return User.getAll().stream()
+                .anyMatch(user -> {
+                    ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
+                    return (apiTokenProperty != null && apiTokenProperty.hasLegacyToken());
+                });
+    }
+    
+    public HttpResponse doIndex() throws IOException {
+        return new HttpRedirect("manage");
+    }
+    
+    @Restricted(NoExternalUse.class)
+    public List<User> getImpactedUserList() {
+        return User.getAll().stream()
+                .filter(user -> {
+                    ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
+                    return (apiTokenProperty != null && apiTokenProperty.hasLegacyToken());
+                })
+                .collect(Collectors.toList());
+    }
+    
+    @Restricted(NoExternalUse.class)
+    public @CheckForNull ApiTokenStore.HashedToken getLegacyTokenOf(User user) {
+        ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
+        ApiTokenStore.HashedToken legacyToken = apiTokenProperty.getTokenList().stream()
+                .filter(ApiTokenStore.HashedToken::isLegacy)
+                .findFirst()
+                .orElse(null);
+        return legacyToken;
+    }
+    
+    /**
+     * Determine if the user has at least one "new" token that was created after the last use of the legacy token
+     */
+    @Restricted(NoExternalUse.class)
+    public boolean hasFreshToken(User user, ApiTokenStore.HashedToken legacyToken) {
+        ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
+        return apiTokenProperty.getTokenList().stream()
+                .filter(token -> !token.isLegacy())
+                .anyMatch(token -> {
+                    Date creationDate = token.getCreationDate();
+                    Date lastUseDate = legacyToken.getLastUseDate();
+                    if (lastUseDate == null) {
+                        lastUseDate = legacyToken.getCreationDate();
+                    }
+                    return creationDate != null && lastUseDate != null && creationDate.after(lastUseDate);
+                });
+    }
+    
+    /**
+     * Determine if the user has at least one "new" token that was used after the last use of the legacy token
+     */
+    @Restricted(NoExternalUse.class)
+    public boolean hasMoreRecentlyUsedToken(User user, ApiTokenStore.HashedToken legacyToken) {
+        if(legacyToken == null){
+            return false;
+        }
+        ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
+        return apiTokenProperty.getTokenList().stream()
+                .filter(token -> !token.isLegacy())
+                .anyMatch(token -> {
+                    Date currentLastUseDate = token.getLastUseDate();
+                    Date legacyLastUseDate = legacyToken.getLastUseDate();
+                    if (legacyLastUseDate == null) {
+                        legacyLastUseDate = legacyToken.getCreationDate();
+                    }
+                    return currentLastUseDate != null && legacyLastUseDate != null && currentLastUseDate.after(legacyLastUseDate);
+                });
+    }
+    
+    @RequirePOST
+    public HttpResponse doRevokeAllSelected(@JsonBody RevokeAllSelectedModel content) throws IOException {
+        for (RevokeAllSelectedUserAndUuid value : content.values) {
+            User user = User.getById(value.userId, false);
+            if (user == null) {
+                LOGGER.log(Level.INFO, "User not found id={0}", value.userId);
+            } else {
+                ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
+                if(apiTokenProperty == null){
+                    LOGGER.log(Level.INFO, "User without apiTokenProperty found id={0}", value.userId);
+                }else{
+                    ApiTokenStore.HashedToken revokedToken = apiTokenProperty.getTokenStore().revokeToken(value.uuid);
+                    if(revokedToken == null){
+                        LOGGER.log(Level.INFO, "User without selected token id={0}, tokenId={1}", new Object[]{value.userId, value.uuid});
+                    }else{
+                        apiTokenProperty.deleteApiToken();
+                        user.save();
+                        LOGGER.log(Level.INFO, "Revocation success for user id={0}, tokenId={1}", new Object[]{value.userId, value.uuid});
+                    }
+                }
+            }
+        }
+        return HttpResponses.ok();
+    }
+    
+    @Restricted(NoExternalUse.class)
+    public static final class RevokeAllSelectedModel {
+        public RevokeAllSelectedUserAndUuid[] values;
+    }
+    
+    @Restricted(NoExternalUse.class)
+    public static final class RevokeAllSelectedUserAndUuid {
+        public String userId;
+        public String uuid;
+    }
+}
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
index 492981349d..83aece0d28 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
@@ -24,15 +24,15 @@ THE SOFTWARE.
 -->
 
 <?jelly escape-by-default='true'?>
-<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:f="/lib/form" xmlns:l="/lib/layout">
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:f="/lib/form" xmlns:l="/lib/layout" xmlns:i="jelly:fmt">
     <st:adjunct includes="jenkins.security.ApiTokenProperty.resources"/>
-    
     <f:entry title="${%CurrentTokens(instance.tokenList.size())}" help="${descriptor.getHelpFile('tokenStore')}">
         <div class="token-list ignore-confirm-panel">
-            <div class="token-list-item token-list-empty-item ${instance.tokenList.isEmpty() ? '' : 'hidden-message'}">
+            <j:set var="tokenList" value="${instance.tokenList}" />
+            <div class="token-list-item token-list-empty-item ${tokenList == null || tokenList.isEmpty() ? '' : 'hidden-message'}">
                 <div class="list-empty-message">${%NoTokenYet}</div>
             </div>
-            <f:repeatable name="tokenStore" var="token" items="${instance.tokenList}" minimum="0"
+            <f:repeatable name="tokenStore" var="token" items="${tokenList}" minimum="0"
                           noAddButton="${!descriptor.hasCurrentUserRightToGenerateNewToken(it)}">
                 <j:choose>
                     <j:when test="${token!=null}">
@@ -56,13 +56,21 @@ THE SOFTWARE.
                                     <j:set var="oldClazz" value="age-argh" />
                                 </j:if>
                             </j:if>
-                            <span class="token-creation ${oldClazz}">${%TokenCreation(daysOld)}</span>
+                            <j:set var="creationDateFormat" value="${%NoLastUse}" />
+                            <j:if test="${token.creationDate != null}">
+                                <i:formatDate var="creationDateFormat" value="${token.creationDate}" type="both" dateStyle="medium" timeStyle="medium" />
+                            </j:if>
+                            <span class="token-creation ${oldClazz}" title="${creationDateFormat}">${%TokenCreation(daysOld)}</span>
                 
                             <span class="to-right">
                                 <j:set var="useCounter" value="${token.useCounter}" />
                                 <j:choose>
                                     <j:when test="${useCounter > 0}">
-                                        <span class="token-use-counter">
+                                        <j:set var="lastUseDateFormat" value="${%NoLastUse}" />
+                                        <j:if test="${token.lastUseDate != null}">
+                                            <i:formatDate var="lastUseDateFormat" value="${token.lastUseDate}" type="both" dateStyle="medium" timeStyle="medium" />
+                                        </j:if>
+                                        <span class="token-use-counter" title="${lastUseDateFormat}">
                                             ${%TokenLastUse(useCounter, token.numDaysUse)}
                                         </span>
                                     </j:when>
@@ -110,11 +118,10 @@ THE SOFTWARE.
             </f:repeatable>
         </div>
     </f:entry>
-    
     <j:if test="${descriptor.mustDisplayLegacyApiToken(it)}">
         <f:advanced title="${%Show Legacy API Token}" align="left">
             <f:entry title="${%Legacy API Token}" field="apiToken">
-                <f:readOnlyTextbox id="apiToken" />
+                <f:readOnlyTextbox id="apiToken" value="${descriptor.noLegacyToken}"/>
             </f:entry>
             <f:validateButton title="${%Change API Token}" method="changeToken" clazz="ignore-confirm-panel"/>
         </f:advanced>
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
index 003d69b6fb..aa04216af1 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
@@ -8,4 +8,4 @@ CurrentTokens=Current token(s)
 TokenCreation=Created {0} day(s) ago
 RenameToken=Save the new name of the token
 LegacyToken=We strongly recommend you to revoke this Legacy API Token as it is not as secure as the others
-RevokedToken=Legacy token was revoked
\ No newline at end of file
+NoLegacyToken=The user does not have a legacy token
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js
index a3082c9751..1534bdd06d 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js
@@ -24,8 +24,8 @@
 function revokeToken(anchorRevoke){
     var repeatedChunk = anchorRevoke.up('.repeated-chunk');
     var tokenList = repeatedChunk.up('.token-list');
-    var confirmMessage = anchorRevoke.attributes['data-confirm'].value;
-    var targetUrl = anchorRevoke.attributes['data-target-url'].value;
+    var confirmMessage = anchorRevoke.getAttribute('data-confirm');
+    var targetUrl = anchorRevoke.getAttribute('data-target-url');
     
     var inputUuid = repeatedChunk.querySelector('input.token-uuid-input');
     var tokenId = inputUuid.value;
@@ -37,7 +37,7 @@ function revokeToken(anchorRevoke){
             onSuccess: function(rsp,_) {
                 if(repeatedChunk.querySelectorAll('.legacy-token').length > 0){
                     // we are revoking the legacy token
-                    var messageIfLegacyRevoked = anchorRevoke.attributes['data-message-if-legacy-revoked'].value;
+                    var messageIfLegacyRevoked = anchorRevoke.getAttribute('data-message-if-legacy-revoked');
                     
                     var legacyInput = document.getElementById('apiToken');
                     legacyInput.value = messageIfLegacyRevoked;
@@ -58,7 +58,7 @@ function saveApiToken(button){
         return;
     }
     button.addClassName('request-pending');
-    var targetUrl = button.attributes['data-target-url'].value;
+    var targetUrl = button.getAttribute('data-target-url');
     var repeatedChunk = button.up('.repeated-chunk ');
     var tokenList = repeatedChunk.up('.token-list');
     var nameInput = repeatedChunk.querySelector('[name="tokenName"]');
diff --git a/core/src/main/resources/jenkins/security/Messages.properties b/core/src/main/resources/jenkins/security/Messages.properties
index 3afacbd956..b74f76c49d 100644
--- a/core/src/main/resources/jenkins/security/Messages.properties
+++ b/core/src/main/resources/jenkins/security/Messages.properties
@@ -28,7 +28,5 @@ ApiTokenProperty.ChangeToken.CapabilityNotAllowed=<div>Capability to generate a
 ApiTokenProperty.NewTokenGenerated=<div class="success">Token generated! <code>The value will not be displayed </code>anymore, please save it.</div>
 ApiTokenProperty.LegacyTokenName=Legacy Token
 ApiTokenProperty.NoLegacyToken=This user currently does not have a legacy token
-ApiTokenPropertyDisabledDefaultAdministrativeMonitor.displayName=Legacy API Token not generated by default
-ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor.displayName=Legacy API Token can be created even without existing
 RekeySecretAdminMonitor.DisplayName=Re-keying
 UpdateSiteWarningsMonitor.DisplayName=Update Site Warnings
diff --git a/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/config.jelly b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config.jelly
similarity index 97%
rename from core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/config.jelly
rename to core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config.jelly
index 32bb1b166b..5680a857d8 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/config.jelly
+++ b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config.jelly
@@ -2,7 +2,7 @@
 <!--
 The MIT License
 
-Copyright 2018 CloudBees, Inc.
+Copyright (c) 2018, CloudBees, Inc.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
diff --git a/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-creationOfLegacyTokenDisabled.html b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-creationOfLegacyTokenDisabled.html
similarity index 100%
rename from core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-creationOfLegacyTokenDisabled.html
rename to core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-creationOfLegacyTokenDisabled.html
diff --git a/core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-tokenGenerationOnCreationDisabled.html b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-tokenGenerationOnCreationDisabled.html
similarity index 100%
rename from core/src/main/resources/jenkins/security/ApiTokenPropertyConfiguration/help-tokenGenerationOnCreationDisabled.html
rename to core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-tokenGenerationOnCreationDisabled.html
diff --git a/core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.jelly b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.jelly
similarity index 95%
rename from core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.jelly
rename to core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.jelly
index 004d73c999..bcae352386 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.jelly
+++ b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.jelly
@@ -1,7 +1,7 @@
 <!--
 The MIT License
 
-Copyright (c) 2017, CloudBees, Inc.
+Copyright (c) 2018, CloudBees, Inc.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
@@ -28,6 +28,6 @@ THE SOFTWARE.
             <f:submit name="yes" value="${%Disable legacy generation by default}"/>
             <f:submit name="no" value="${%Dismiss}"/>
         </form>
-        ${%warningMessage(rootURL)}
+        ${%warningMessage}
     </div>
 </j:jelly>
diff --git a/core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.properties b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.properties
similarity index 100%
rename from core/src/main/resources/jenkins/security/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.properties
rename to core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.properties
diff --git a/core/src/main/resources/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.jelly b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.jelly
similarity index 95%
rename from core/src/main/resources/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.jelly
rename to core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.jelly
index 8aa1bd3d08..bb25a29b2e 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.jelly
+++ b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.jelly
@@ -1,7 +1,7 @@
 <!--
 The MIT License
 
-Copyright (c) 2017, CloudBees, Inc.
+Copyright (c) 2018, CloudBees, Inc.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
@@ -28,6 +28,6 @@ THE SOFTWARE.
             <f:submit name="yes" value="${%Disable that capability}"/>
             <f:submit name="no" value="${%Dismiss}"/>
         </form>
-        ${%warningMessage(rootURL)}
+        ${%warningMessage}
     </div>
 </j:jelly>
diff --git a/core/src/main/resources/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.properties b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.properties
similarity index 100%
rename from core/src/main/resources/jenkins/security/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.properties
rename to core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.properties
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
new file mode 100644
index 0000000000..63bd68f97f
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
@@ -0,0 +1,162 @@
+<!--
+The MIT License
+
+Copyright (c) 2018, CloudBees, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" 
+         xmlns:t="/lib/hudson" xmlns:f="/lib/form" xmlns:i="jelly:fmt">
+    <st:adjunct includes="jenkins.security.apitoken.LegacyApiTokenAdministrativeMonitor.resources"/>
+    <l:layout title="${%title}">
+        <st:include page="sidepanel.jelly" it="${app}"/>
+        <l:main-panel>
+            <div class="legacy-token-usage">
+                
+                <h1>${%title}</h1>
+                <p>${%contextMessage}</p>
+                <p>${%recommendationMessage}</p>
+                
+                <j:set var="userList" value="${it.impactedUserList}"/>
+                <table class="pane bigtable align-th-left">
+                    <tr>
+                        <th width="1%"><!-- checkbox --></th>
+                        <th>${%UserId}</th>
+                        <th>${%UserFullName}</th>
+                        <th>${%TokenName}</th>
+                        <th>${%NumDaysSinceCreation}</th>
+                        <th>${%NumOfUse}</th>
+                        <th>${%NumDaysSinceLastUse}</th>
+                        <th title="${%HasFreshToken_tooltip}">
+                            ${%HasFreshToken}
+                            <l:icon class="icon-help icon-sm"/>
+                        </th>
+                        <th title="${%HasMoreRecentlyUsedToken_tooltip}">
+                            ${%HasMoreRecentlyUsedToken}
+                            <l:icon class="icon-help icon-sm"/>
+                        </th>
+                    </tr>
+                    <j:choose>
+                        <j:when test="${!userList.isEmpty()}">
+                            <j:forEach var="user" items="${userList}">
+                                <j:set var="legacyToken" value="${it.getLegacyTokenOf(user)}"/>
+        
+                                <j:set var="creationDateFormat" value="${%NoCreationDate}" />
+                                <j:if test="${legacyToken.creationDate != null}">
+                                    <i:formatDate var="creationDateFormat" value="${legacyToken.creationDate}" type="both" dateStyle="medium" timeStyle="medium" />
+                                </j:if>
+                                
+                                <j:set var="lastUseDateFormat" value="${%NoLastUse}" />
+                                <j:if test="${legacyToken.lastUseDate != null}">
+                                    <i:formatDate var="lastUseDateFormat" value="${legacyToken.lastUseDate}" type="both" dateStyle="medium" timeStyle="medium" />
+                                </j:if>
+        
+                                <j:set var="hasFreshToken"
+                                       value="${it.hasFreshToken(user, legacyToken)}"/>
+        
+                                <j:set var="hasMoreRecentlyUsedToken"
+                                       value="${it.hasMoreRecentlyUsedToken(user, legacyToken)}"/>
+                                
+                                <j:if test="${legacyToken != null}">
+                                    <tr>
+                                        <td>
+                                            <!--future actions-->
+                                            <input type="checkbox" value="" name="revoke" 
+                                                   data-user-id="${user.id}" 
+                                                   data-uuid="${legacyToken.uuid}"
+                                                   class="token-to-revoke ${hasFreshToken ? 'fresh-token' : ''} ${hasMoreRecentlyUsedToken ? 'recent-token' : ''}" />
+                                        </td>
+                                        <td>
+                                            ${user.id}
+                                        </td>
+                                        <td>
+                                            ${user.fullName}
+                                        </td>
+                                        <td>
+                                            ${legacyToken.name}
+                                        </td>
+                                        <td title="${creationDateFormat}">
+                                            ${legacyToken.numDaysCreation}
+                                        </td>
+                                        <td>
+                                            ${legacyToken.useCounter}
+                                        </td>
+                                        <td title="${lastUseDateFormat}">
+                                            ${legacyToken.numDaysUse}
+                                        </td>
+                                        <td>
+                                            <j:choose>
+                                                <j:when test="${hasFreshToken}">
+                                                    <l:icon class="icon-accept icon-sm"/>
+                                                </j:when>
+                                                <j:otherwise>
+                                                    <l:icon class="icon-warning icon-sm"/>
+                                                </j:otherwise>
+                                            </j:choose>
+                                        </td>
+                                        <td>
+                                            <j:choose>
+                                                <j:when test="${hasMoreRecentlyUsedToken}">
+                                                    <l:icon class="icon-accept icon-sm"/>
+                                                </j:when>
+                                                <j:otherwise>
+                                                    <l:icon class="icon-warning icon-sm"/>
+                                                </j:otherwise>
+                                            </j:choose>
+                                        </td>
+                                    </tr>
+                                </j:if>
+                                <!-- else: the user revoked its legacy token between the list computation and the display -->
+                            </j:forEach>
+                        </j:when>
+                        <j:otherwise>
+                            <tr>
+                                <td colspan="9">
+                                    <div class="no-token">
+                                        ${%NoImpactedUser}
+                                    </div>
+                                </td>
+                            </tr>
+                        </j:otherwise>
+                    </j:choose>
+                </table>
+    
+                <div class="selection-panel">
+                    Select:
+                    <a href="#" class="action" onclick="selectAll(this);return false;">all</a>
+                    <a href="#" class="action" onclick="selectFresh(this);return false;">only fresh</a>
+                    <a href="#" class="action" onclick="selectRecent(this);return false;">only recent</a>
+                </div>
+    
+                <div class="action-panel">
+                    <span class="yui-button">
+                        <button class="action-revoke-selected" onclick="confirmAndRevokeAllSelected(this);" 
+                                data-url="${rootURL}/${it.url}/revokeAllSelected"
+                                data-confirm-template="${%RevokeAllSelected_confirm}" 
+                                data-nothing-selected="${%RevokeAllSelected_nothing}">
+                            ${%RevokeAllSelected}
+                        </button>
+                    </span>
+                </div>
+            </div>
+        </l:main-panel>
+    </l:layout>
+</j:jelly>
+
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
new file mode 100644
index 0000000000..1267ce75d9
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
@@ -0,0 +1,33 @@
+title=Manage Legacy API Token usage
+contextMessage=The following users are using Legacy API Token. \
+As that old system stores the credentials in a recoverable format, it is strongly advised to migrate to the new system.<br /> \
+In previous versions of Jenkins, the creation of a new user implied to the generation of an Legacy API Token. \
+Often majority of users are not using that token and so provide a larger potential attack surface than required.<br /> \
+From now, the automatic generation of token is determined by configuration.
+recommendationMessage=For such reasons, we recommend to: \
+<ul>\
+  <li>revoke the tokens that were never used and</li>\
+  <li>ask users that are effectively using their legacy token to generate a new token using the new system and revoking the legacy one</li>\
+</ul>
+UserId=User Id
+UserFullName=User full name
+TokenName=Token name
+NumDaysSinceCreation=Days since creation
+NumOfUse=# of use
+NumDaysSinceLastUse=Days since last use
+HasFreshToken=Fresh token?
+HasFreshToken_tooltip=A fresh token is a token from the new system \
+that was created after the last use of the legacy token. \n\n\
+Also it is important to notice that legacy token's creation date is reset \n\
+every time the instance is restarted if they were never saved before. So it was never used, the date is not really accurate.
+HasMoreRecentlyUsedToken=Recent token?
+HasMoreRecentlyUsedToken_tooltip=A recently used token is a token from the new system \
+that was used the last time after the last use of the legacy token. \n\n\
+Also it is important to notice that legacy token's creation date is reset \n\
+every time the instance is restarted if they were never saved before.
+NoImpactedUser=There is no users with legacy token
+NoCreationDate=There is no creation date for that token
+NoLastUse=There is no last use date for that token
+RevokeAllSelected=Revoke the selected token(s)
+RevokeAllSelected_confirm=Are you sure about revoking all %num% selected token(s)
+RevokeAllSelected_nothing=No token is selected, please select at least one to do the revocation
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message.jelly b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message.jelly
new file mode 100644
index 0000000000..05c3d67341
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message.jelly
@@ -0,0 +1,29 @@
+<!--
+The MIT License
+
+Copyright (c) 2018, CloudBees, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core">
+    <div class="alert alert-warning">
+        ${%warningMessage(rootURL, it.url)}
+    </div>
+</j:jelly>
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message.properties b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message.properties
new file mode 100644
index 0000000000..9c771e99e3
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message.properties
@@ -0,0 +1,3 @@
+warningMessage=There are users that are still using Legacy API Token. \
+  That system is not as secured as the new one because it stores the token in a recoverable manner on the disk. <br />\
+  See <a href="{0}/{1}/manage">list of impacted users</a>.
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/resources.css b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/resources.css
new file mode 100644
index 0000000000..b1c66b8394
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/resources.css
@@ -0,0 +1,56 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+.legacy-token-usage table.align-th-left th {
+    text-align: left;
+}
+
+.legacy-token-usage table .no-token {
+    padding: 8px 12px;
+    font-style: italic;
+}
+.legacy-token-usage table tr.selected {
+    background-color: #f9f8de;
+}
+
+.legacy-token-usage .selection-panel{
+    margin-top: 8px;
+}
+
+.legacy-token-usage .selection-panel .action{
+    margin-left: 4px;
+    margin-right: 4px;
+    text-decoration: none;
+    color: #204A87;
+}
+.legacy-token-usage .selection-panel .action:hover{
+    text-decoration: underline;
+}
+.legacy-token-usage .selection-panel .action:visited{
+    /* avoid visited behavior */
+    color: #204A87;
+}
+
+.legacy-token-usage .action-panel{
+    margin-top: 8px;
+}
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/resources.js b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/resources.js
new file mode 100644
index 0000000000..6b598e0ce5
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/resources.js
@@ -0,0 +1,137 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+function selectAll(anchor){
+    var parent = anchor.up('.legacy-token-usage');
+    var allCheckBoxes = parent.querySelectorAll('.token-to-revoke');
+    var concernedCheckBoxes = allCheckBoxes;
+    
+    checkTheDesiredOne(allCheckBoxes, concernedCheckBoxes);
+}
+
+function selectFresh(anchor){
+    var parent = anchor.up('.legacy-token-usage');
+    var allCheckBoxes = parent.querySelectorAll('.token-to-revoke');
+    var concernedCheckBoxes = parent.querySelectorAll('.token-to-revoke.fresh-token');
+    
+    checkTheDesiredOne(allCheckBoxes, concernedCheckBoxes);
+}
+
+function selectRecent(anchor){
+    var parent = anchor.up('.legacy-token-usage');
+    var allCheckBoxes = parent.querySelectorAll('.token-to-revoke');
+    var concernedCheckBoxes = parent.querySelectorAll('.token-to-revoke.recent-token');
+    
+    checkTheDesiredOne(allCheckBoxes, concernedCheckBoxes);
+}
+
+function checkTheDesiredOne(allCheckBoxes, concernedCheckBoxes){
+    var mustCheck = false;
+    concernedCheckBoxes.forEach(function(checkbox){
+        if(!checkbox.checked){
+            mustCheck = true;
+        }
+    });
+    
+    allCheckBoxes.forEach(function(checkbox){
+        checkbox.checked = false;
+    });
+    
+    concernedCheckBoxes.forEach(function(checkbox){
+        checkbox.checked = mustCheck;
+    });
+    
+    allCheckBoxes.forEach(onCheckChanged);
+}
+
+function confirmAndRevokeAllSelected(button){
+    var parent = button.up('.legacy-token-usage');
+    var allCheckBoxes = parent.querySelectorAll('.token-to-revoke');
+    var allCheckedCheckBoxes = [];
+    for(var i = 0; i < allCheckBoxes.length ; i++){
+        var checkBox = allCheckBoxes[i];
+        if(checkBox.checked){
+            allCheckedCheckBoxes.push(checkBox);
+        }
+    }
+    
+    if(allCheckedCheckBoxes.length == 0){
+        var nothingSelected = button.getAttribute('data-nothing-selected');
+        alert(nothingSelected);
+    }else{
+        var confirmMessageTemplate = button.getAttribute('data-confirm-template');
+        var confirmMessage = confirmMessageTemplate.replace('%num%', allCheckedCheckBoxes.length);
+        if(confirm(confirmMessage)){
+            var url = button.getAttribute('data-url');
+            var selectedValues = [];
+            allCheckedCheckBoxes.forEach(function(c){
+                var userId = c.getAttribute('data-user-id');
+                var uuid = c.getAttribute('data-uuid');
+                selectedValues.push({userId: userId, uuid: uuid});
+            });
+            var params = {values: selectedValues}
+            new Ajax.Request(url, {
+                postBody: Object.toJSON(params),
+                contentType:"application/json",
+                encoding:"UTF-8",
+                onComplete: function(rsp) {
+                    window.location.reload();
+                }
+            });
+        }
+    }
+}
+
+function onLineClicked(event){
+    var line = this;
+    var checkBox = line.querySelector('.token-to-revoke');
+    // to allow click on checkbox to act normally
+    if(event.target === checkBox){
+        return;
+    }
+    checkBox.checked = !checkBox.checked;
+    onCheckChanged(checkBox);
+}
+
+function onCheckChanged(checkBox){
+    var line = checkBox.up('tr');
+    if(checkBox.checked){
+        line.addClassName('selected');
+    }else{
+        line.removeClassName('selected');
+    }
+}
+
+(function(){
+    document.addEventListener("DOMContentLoaded", function() {
+        var allLines = document.querySelectorAll('.legacy-token-usage table tr');
+        allLines.forEach(function(line){
+            line.onclick = onLineClicked;
+        });
+        
+        var allCheckBoxes = document.querySelectorAll('.token-to-revoke');
+        allCheckBoxes.forEach(function(checkBox){
+            checkBox.onchange = function(){ onCheckChanged(checkBox); };
+        });
+    });
+})()
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/security/apitoken/Messages.properties b/core/src/main/resources/jenkins/security/apitoken/Messages.properties
new file mode 100644
index 0000000000..0916b34f0f
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/apitoken/Messages.properties
@@ -0,0 +1,24 @@
+# The MIT License
+#
+# Copyright (c) 2018, CloudBees, Inc.
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+ApiTokenPropertyDisabledDefaultAdministrativeMonitor.displayName=Legacy API Token not generated by default
+ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor.displayName=Legacy API Token can be created even without existing
+LegacyApiTokenAdministrativeMonitor.displayName=Legacy API Token usage
diff --git a/test/src/test/java/hudson/bugs/JnlpAccessWithSecuredHudsonTest.java b/test/src/test/java/hudson/bugs/JnlpAccessWithSecuredHudsonTest.java
index 6b89696d1c..524c8263e2 100644
--- a/test/src/test/java/hudson/bugs/JnlpAccessWithSecuredHudsonTest.java
+++ b/test/src/test/java/hudson/bugs/JnlpAccessWithSecuredHudsonTest.java
@@ -37,7 +37,7 @@ import hudson.slaves.JNLPLauncher;
 import hudson.slaves.RetentionStrategy;
 import hudson.slaves.DumbSlave;
 import hudson.util.StreamTaskListener;
-import jenkins.security.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
 import jenkins.security.MasterToSlaveCallable;
 import jenkins.security.s2m.AdminWhitelistRule;
 import org.dom4j.Document;
diff --git a/test/src/test/java/hudson/cli/CLIActionTest.java b/test/src/test/java/hudson/cli/CLIActionTest.java
index 5e2684d165..b0f1a3c55b 100644
--- a/test/src/test/java/hudson/cli/CLIActionTest.java
+++ b/test/src/test/java/hudson/cli/CLIActionTest.java
@@ -28,7 +28,7 @@ import java.util.concurrent.TimeUnit;
 import java.util.logging.Level;
 import jenkins.model.Jenkins;
 import jenkins.security.ApiTokenProperty;
-import jenkins.security.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
 import jenkins.util.FullDuplexHttpService;
 import jenkins.util.Timer;
 import org.apache.commons.io.FileUtils;
@@ -36,7 +36,7 @@ import org.apache.commons.io.output.TeeOutputStream;
 import org.codehaus.groovy.runtime.Security218;
 import static org.hamcrest.Matchers.containsString;
 import static org.junit.Assert.*;
-import org.junit.Ignore;
+
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.TemporaryFolder;
diff --git a/test/src/test/java/hudson/diagnosis/HudsonHomeDiskUsageMonitorTest.java b/test/src/test/java/hudson/diagnosis/HudsonHomeDiskUsageMonitorTest.java
index 24ac6f19d3..d159fe090d 100644
--- a/test/src/test/java/hudson/diagnosis/HudsonHomeDiskUsageMonitorTest.java
+++ b/test/src/test/java/hudson/diagnosis/HudsonHomeDiskUsageMonitorTest.java
@@ -12,7 +12,7 @@ import com.gargoylesoftware.htmlunit.util.NameValuePair;
 import hudson.model.User;
 import hudson.security.GlobalMatrixAuthorizationStrategy;
 import jenkins.model.Jenkins;
-import jenkins.security.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
diff --git a/test/src/test/java/hudson/model/ItemsTest.java b/test/src/test/java/hudson/model/ItemsTest.java
index bd1574ecc7..847d663b44 100644
--- a/test/src/test/java/hudson/model/ItemsTest.java
+++ b/test/src/test/java/hudson/model/ItemsTest.java
@@ -34,14 +34,13 @@ import hudson.cli.CLICommandInvoker;
 import hudson.cli.CopyJobCommand;
 import hudson.cli.CreateJobCommand;
 import hudson.security.ACL;
-import hudson.security.csrf.CrumbIssuer;
+
 import java.io.ByteArrayInputStream;
 import java.io.File;
-import java.io.IOException;
 import java.net.URL;
 import java.util.Arrays;
 import jenkins.model.Jenkins;
-import jenkins.security.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
 import org.acegisecurity.context.SecurityContext;
 import org.acegisecurity.context.SecurityContextHolder;
 import org.apache.commons.httpclient.HttpStatus;
diff --git a/test/src/test/java/hudson/model/JobTest.java b/test/src/test/java/hudson/model/JobTest.java
index dc39a9d88d..d3fca63f67 100644
--- a/test/src/test/java/hudson/model/JobTest.java
+++ b/test/src/test/java/hudson/model/JobTest.java
@@ -52,7 +52,7 @@ import java.util.concurrent.CountDownLatch;
 
 import jenkins.model.ProjectNamingStrategy;
 
-import jenkins.security.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
 import org.hamcrest.Matchers;
 import org.junit.Rule;
 import org.junit.Test;
diff --git a/test/src/test/java/hudson/model/PasswordParameterDefinitionTest.java b/test/src/test/java/hudson/model/PasswordParameterDefinitionTest.java
index d93c393eaf..7861cca4b0 100644
--- a/test/src/test/java/hudson/model/PasswordParameterDefinitionTest.java
+++ b/test/src/test/java/hudson/model/PasswordParameterDefinitionTest.java
@@ -31,7 +31,7 @@ import java.io.IOException;
 import jenkins.model.Jenkins;
 import static org.junit.Assert.assertEquals;
 
-import jenkins.security.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
diff --git a/test/src/test/java/hudson/model/QueueTest.java b/test/src/test/java/hudson/model/QueueTest.java
index 7fb9c974b3..3b3a67fd0b 100644
--- a/test/src/test/java/hudson/model/QueueTest.java
+++ b/test/src/test/java/hudson/model/QueueTest.java
@@ -72,7 +72,7 @@ import hudson.util.OneShotEvent;
 import hudson.util.XStream2;
 import jenkins.model.BlockedBecauseOfBuildInProgress;
 import jenkins.model.Jenkins;
-import jenkins.security.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
 import jenkins.security.QueueItemAuthenticatorConfiguration;
 import jenkins.triggers.ReverseBuildTrigger;
 import org.acegisecurity.Authentication;
diff --git a/test/src/test/java/hudson/model/UserTest.java b/test/src/test/java/hudson/model/UserTest.java
index db918bd537..493391b2b7 100644
--- a/test/src/test/java/hudson/model/UserTest.java
+++ b/test/src/test/java/hudson/model/UserTest.java
@@ -56,7 +56,7 @@ import jenkins.model.IdStrategy;
 import jenkins.model.Jenkins;
 import jenkins.security.ApiTokenProperty;
 
-import jenkins.security.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
 import org.acegisecurity.AccessDeniedException;
 import org.acegisecurity.Authentication;
 import org.acegisecurity.AuthenticationException;
diff --git a/test/src/test/java/hudson/security/HudsonPrivateSecurityRealmTest.java b/test/src/test/java/hudson/security/HudsonPrivateSecurityRealmTest.java
index 81e52c8939..1705a6143a 100644
--- a/test/src/test/java/hudson/security/HudsonPrivateSecurityRealmTest.java
+++ b/test/src/test/java/hudson/security/HudsonPrivateSecurityRealmTest.java
@@ -50,7 +50,7 @@ import static org.hamcrest.Matchers.is;
 import static org.hamcrest.xml.HasXPath.hasXPath;
 import static org.junit.Assert.*;
 
-import jenkins.security.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
 import jenkins.security.SecurityListener;
 import org.apache.commons.lang.StringUtils;
 import org.junit.Before;
diff --git a/test/src/test/java/hudson/security/LoginTest.java b/test/src/test/java/hudson/security/LoginTest.java
index 82ef6531ce..7e6ba0d452 100644
--- a/test/src/test/java/hudson/security/LoginTest.java
+++ b/test/src/test/java/hudson/security/LoginTest.java
@@ -12,7 +12,7 @@ import com.gargoylesoftware.htmlunit.html.HtmlForm;
 import com.gargoylesoftware.htmlunit.html.HtmlCheckBoxInput;
 
 import hudson.model.User;
-import jenkins.security.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.JenkinsRule;
diff --git a/test/src/test/java/hudson/util/RobustReflectionConverterTest.java b/test/src/test/java/hudson/util/RobustReflectionConverterTest.java
index 1adbc4264b..d01f8aa4cc 100644
--- a/test/src/test/java/hudson/util/RobustReflectionConverterTest.java
+++ b/test/src/test/java/hudson/util/RobustReflectionConverterTest.java
@@ -45,7 +45,7 @@ import java.util.Map;
 import jenkins.model.Jenkins;
 import static org.junit.Assert.*;
 
-import jenkins.security.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
 import net.sf.json.JSONObject;
 
 import org.junit.Rule;
diff --git a/test/src/test/java/jenkins/model/JenkinsTest.java b/test/src/test/java/jenkins/model/JenkinsTest.java
index dcac9db475..3952fa6e9a 100644
--- a/test/src/test/java/jenkins/model/JenkinsTest.java
+++ b/test/src/test/java/jenkins/model/JenkinsTest.java
@@ -23,10 +23,8 @@
  */
 package jenkins.model;
 
-import static hudson.init.InitMilestone.*;
 import static org.hamcrest.MatcherAssert.assertThat;
 import static org.hamcrest.Matchers.containsString;
-import static org.hamcrest.Matchers.greaterThan;
 import static org.hamcrest.Matchers.equalTo;
 import static org.hamcrest.Matchers.hasItem;
 import static org.hamcrest.Matchers.not;
@@ -45,7 +43,6 @@ import com.gargoylesoftware.htmlunit.WebResponse;
 import com.gargoylesoftware.htmlunit.html.HtmlForm;
 import com.gargoylesoftware.htmlunit.html.HtmlPage;
 
-import hudson.init.Initializer;
 import hudson.maven.MavenModuleSet;
 import hudson.maven.MavenModuleSetBuild;
 import hudson.model.Computer;
@@ -67,7 +64,7 @@ import hudson.util.FormValidation;
 import hudson.util.VersionNumber;
 
 import jenkins.AgentProtocol;
-import jenkins.security.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
@@ -87,7 +84,7 @@ import java.net.URL;
 import java.util.Collections;
 import java.util.HashSet;
 import java.util.Set;
-import java.util.logging.Logger;
+
 import org.jvnet.hudson.test.MockAuthorizationStrategy;
 
 import javax.annotation.CheckForNull;
diff --git a/test/src/test/java/jenkins/security/ApiCrumbExclusionTest.java b/test/src/test/java/jenkins/security/ApiCrumbExclusionTest.java
index 53cf8ce0a7..034a63b568 100644
--- a/test/src/test/java/jenkins/security/ApiCrumbExclusionTest.java
+++ b/test/src/test/java/jenkins/security/ApiCrumbExclusionTest.java
@@ -34,7 +34,7 @@ import hudson.model.UnprotectedRootAction;
 import hudson.model.User;
 import hudson.security.csrf.DefaultCrumbIssuer;
 import hudson.util.HttpResponses;
-import hudson.util.Scrambler;
+import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
diff --git a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
index bd3f0abd7b..5fe57c2306 100644
--- a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
+++ b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
@@ -27,6 +27,8 @@ import hudson.security.ACLContext;
 import java.net.URL;
 
 import jenkins.model.Jenkins;
+import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenStore;
 import net.sf.json.JSONObject;
 import org.junit.Before;
 import org.junit.Rule;
diff --git a/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java b/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java
index f7156ce513..bfce1b46f4 100644
--- a/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java
+++ b/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java
@@ -7,6 +7,7 @@ import hudson.ExtensionList;
 import hudson.model.UnprotectedRootAction;
 import hudson.model.User;
 import hudson.util.HttpResponses;
+import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
 import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
diff --git a/test/src/test/java/jenkins/security/ApiTokenPropertyConfigurationTest.java b/test/src/test/java/jenkins/security/apitoken/ApiTokenPropertyConfigurationTest.java
similarity index 89%
rename from test/src/test/java/jenkins/security/ApiTokenPropertyConfigurationTest.java
rename to test/src/test/java/jenkins/security/apitoken/ApiTokenPropertyConfigurationTest.java
index 1f4cf92005..7e76f6543b 100644
--- a/test/src/test/java/jenkins/security/ApiTokenPropertyConfigurationTest.java
+++ b/test/src/test/java/jenkins/security/apitoken/ApiTokenPropertyConfigurationTest.java
@@ -21,9 +21,13 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  * THE SOFTWARE.
  */
-package jenkins.security;
+package jenkins.security.apitoken;
 
 import hudson.model.User;
+import jenkins.security.ApiTokenProperty;
+import jenkins.security.Messages;
+import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
+import org.junit.Assert;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
@@ -50,7 +54,7 @@ public class ApiTokenPropertyConfigurationTest {
             assertEquals(1, withToken.getTokenList().size());
             
             String withTokenValue = withToken.getApiToken();
-            assertNotEquals(Messages.ApiTokenProperty_NoLegacyToken(), withTokenValue);
+            Assert.assertNotEquals(Messages.ApiTokenProperty_NoLegacyToken(), withTokenValue);
         }
         
         config.setTokenGenerationOnCreationEnabled(false);
diff --git a/test/src/test/java/lib/form/PasswordTest.java b/test/src/test/java/lib/form/PasswordTest.java
index aac0019c00..bac9abf1f0 100644
--- a/test/src/test/java/lib/form/PasswordTest.java
+++ b/test/src/test/java/lib/form/PasswordTest.java
@@ -40,7 +40,7 @@ import java.util.Locale;
 import java.util.regex.Pattern;
 
 import jenkins.model.Jenkins;
-import jenkins.security.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
 import org.acegisecurity.Authentication;
 import static org.hamcrest.Matchers.containsString;
 import static org.hamcrest.Matchers.not;
diff --git a/test/src/test/resources/jenkins/security/ApiTokenPropertyTest/migrationFromLegacyToken.zip b/test/src/test/resources/jenkins/security/apitoken/ApiTokenPropertyTest/migrationFromLegacyToken.zip
similarity index 100%
rename from test/src/test/resources/jenkins/security/ApiTokenPropertyTest/migrationFromLegacyToken.zip
rename to test/src/test/resources/jenkins/security/apitoken/ApiTokenPropertyTest/migrationFromLegacyToken.zip
-- 
GitLab


From 3d9b6f3ffdb72e82ce3724ed25046dae6e245905 Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Fri, 23 Mar 2018 14:56:33 +0100
Subject: [PATCH 271/863] Move and refactor test as now the UI is not anymore

---
 .../hudson/model/AbstractProjectTest.java     |  54 ----
 ...insBuildsAndWorkspacesDirectoriesTest.java | 241 ++++++++++++++++++
 .../model/JenkinsInitializationTest.java      | 113 --------
 .../test/java/jenkins/model/JenkinsTest.java  |  16 --
 4 files changed, 241 insertions(+), 183 deletions(-)
 create mode 100644 test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java
 delete mode 100644 test/src/test/java/jenkins/model/JenkinsInitializationTest.java

diff --git a/test/src/test/java/hudson/model/AbstractProjectTest.java b/test/src/test/java/hudson/model/AbstractProjectTest.java
index bbde800484..0cb25cc194 100644
--- a/test/src/test/java/hudson/model/AbstractProjectTest.java
+++ b/test/src/test/java/hudson/model/AbstractProjectTest.java
@@ -331,60 +331,6 @@ public class AbstractProjectTest {
         assert job.lastBuild != null;
     }
      */
-    @Test
-    @Issue("JENKINS-17137")
-    public void externalBuildDirectorySymlinks() throws Exception {
-        Assume.assumeFalse(Functions.isWindows()); // symlinks may not be available
-        HtmlForm form = j.createWebClient().goTo("configure").getFormByName("config");
-        File builds = j.createTmpDir();
-        form.getInputByName("_.rawBuildsDir").setValueAttribute(builds.toString() + "/${ITEM_FULL_NAME}");
-        j.submit(form);
-        assertEquals(builds.toString() + "/${ITEM_FULL_NAME}", j.jenkins.getRawBuildsDir());
-        FreeStyleProject p = j.jenkins.createProject(MockFolder.class, "d").createProject(FreeStyleProject.class, "p");
-        FreeStyleBuild b1 = p.scheduleBuild2(0).get();
-        File link = new File(p.getRootDir(), "lastStable");
-        assertTrue(link.exists());
-        assertEquals(resolveAll(link).getAbsolutePath(), b1.getRootDir().getAbsolutePath());
-        FreeStyleBuild b2 = p.scheduleBuild2(0).get();
-        assertTrue(link.exists());
-        assertEquals(resolveAll(link).getAbsolutePath(), b2.getRootDir().getAbsolutePath());
-        b2.delete();
-        assertTrue(link.exists());
-        assertEquals(resolveAll(link).getAbsolutePath(), b1.getRootDir().getAbsolutePath());
-        b1.delete();
-        assertFalse(link.exists());
-    }
-
-    private File resolveAll(File link) throws InterruptedException, IOException {
-        while (true) {
-            File f = Util.resolveSymlinkToFile(link);
-            if (f == null) {
-                return link;
-            }
-            link = f;
-        }
-    }
-
-    @Test
-    @Issue("JENKINS-17138")
-    public void externalBuildDirectoryRenameDelete() throws Exception {
-        HtmlForm form = j.createWebClient().goTo("configure").getFormByName("config");
-        File builds = j.createTmpDir();
-        form.getInputByName("_.rawBuildsDir").setValueAttribute(builds.toString() + "/${ITEM_FULL_NAME}");
-        j.submit(form);
-        assertEquals(builds.toString() + "/${ITEM_FULL_NAME}", j.jenkins.getRawBuildsDir());
-        FreeStyleProject p = j.jenkins.createProject(MockFolder.class, "d").createProject(FreeStyleProject.class, "prj");
-        FreeStyleBuild b = p.scheduleBuild2(0).get();
-        File oldBuildDir = new File(builds, "d/prj");
-        assertEquals(new File(oldBuildDir, b.getId()), b.getRootDir());
-        assertTrue(b.getRootDir().isDirectory());
-        p.renameTo("proj");
-        File newBuildDir = new File(builds, "d/proj");
-        assertEquals(new File(newBuildDir, b.getId()), b.getRootDir());
-        assertTrue(b.getRootDir().isDirectory());
-        p.delete();
-        assertFalse(b.getRootDir().isDirectory());
-    }
 
     @Test
     @Issue("JENKINS-18678")
diff --git a/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java b/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java
new file mode 100644
index 0000000000..1a76c3103d
--- /dev/null
+++ b/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java
@@ -0,0 +1,241 @@
+package jenkins.model;
+
+import com.gargoylesoftware.htmlunit.html.HtmlForm;
+import hudson.Functions;
+import hudson.Util;
+import hudson.maven.MavenModuleSet;
+import hudson.maven.MavenModuleSetBuild;
+import hudson.model.FreeStyleBuild;
+import hudson.model.FreeStyleProject;
+import org.junit.After;
+import org.junit.Assume;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.ExtractResourceSCM;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.LoggerRule;
+import org.jvnet.hudson.test.MockFolder;
+import org.jvnet.hudson.test.RestartableJenkinsRule;
+
+import java.io.File;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.LinkedHashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.logging.Level;
+import java.util.stream.Stream;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+/**
+ * Since JENKINS-50164, Jenkins#workspacesDir and Jenkins#buildsDir had their associated UI deleted.
+ * So instead of configuring through the UI, we now have to use sysprops for this.
+ * <p>
+ * So this test class uses a {@link RestartableJenkinsRule} to check the behaviour of this sysprop being
+ * present or not between two restarts.
+ *
+ * @since TODO
+ */
+public class JenkinsBuildsAndWorkspacesDirectoriesTest {
+
+    private static final Map<String, String> PROPS_TO_RESTORE = new LinkedHashMap<>();
+    private static final String LOG_WHEN_CHANGING_BUILDS_DIR = "Changing builds directories from ";
+
+    @Rule
+    public RestartableJenkinsRule story = new RestartableJenkinsRule();
+
+    @Rule
+    public LoggerRule loggerRule = new LoggerRule();
+
+    @Before
+    public void before() {
+        Stream.of(Jenkins.BUILDS_DIR_PROP, Jenkins.WORKSPACES_DIR_PROP)
+                .forEach(System::clearProperty);
+    }
+
+    @After
+    public void after() {
+        Stream.of(Jenkins.BUILDS_DIR_PROP, Jenkins.WORKSPACES_DIR_PROP)
+                .forEach(System::clearProperty);
+    }
+
+    @Issue("JENKINS-50164")
+    @Test
+    public void buildsDir() throws Exception {
+        loggerRule.record(Jenkins.class, Level.WARNING)
+                .record(Jenkins.class, Level.INFO)
+                .capture(100);
+
+        story.then(step -> {
+                       assertFalse(logWasFound("Using non default builds directories"));
+                   }
+        );
+
+        story.then(steps -> {
+            assertTrue(story.j.getInstance().isDefaultBuildDir());
+            setBuildsDirProperty("blah");
+            assertFalse(JenkinsBuildsAndWorkspacesDirectoriesTest.this.logWasFound(LOG_WHEN_CHANGING_BUILDS_DIR));
+        });
+
+        story.then(step -> {
+                       assertFalse(story.j.getInstance().isDefaultBuildDir());
+                       assertEquals("blah", story.j.getInstance().getRawBuildsDir());
+                       assertTrue(logWasFound("Changing builds directories from "));
+                   }
+        );
+
+        story.then(step -> assertTrue(logWasFound("Using non default builds directories"))
+        );
+    }
+
+    @Issue("JENKINS-50164")
+    @Test
+    public void workspacesDir() throws Exception {
+        loggerRule.record(Jenkins.class, Level.WARNING)
+                .record(Jenkins.class, Level.INFO)
+                .capture(1000);
+
+        story.then(step -> assertFalse(logWasFound("Using non default workspaces directories")));
+
+        story.then(step -> {
+            assertTrue(story.j.getInstance().isDefaultWorkspaceDir());
+            final String workspacesDir = "bluh";
+            setWorkspacesDirProperty(workspacesDir);
+            assertFalse(logWasFound("Changing workspaces directories from "));
+        });
+
+        story.then(step -> {
+            assertFalse(story.j.getInstance().isDefaultWorkspaceDir());
+            assertEquals("bluh", story.j.getInstance().getRawWorkspaceDir());
+            assertTrue(logWasFound("Changing workspaces directories from "));
+        });
+
+
+        story.then(step -> {
+                       assertFalse(story.j.getInstance().isDefaultWorkspaceDir());
+                       assertTrue(logWasFound("Using non default workspaces directories"));
+                   }
+        );
+
+    }
+
+    private void setWorkspacesDirProperty(String workspacesDir) {
+        System.setProperty("jenkins.model.Jenkins.WORKSPACES_DIR", workspacesDir);
+    }
+
+    private void setBuildsDirProperty(String buildsDir) {
+        System.setProperty("jenkins.model.Jenkins.BUILDS_DIR", buildsDir);
+    }
+
+    private boolean logWasFound(String searched) {
+        return loggerRule.getRecords().stream()
+                .anyMatch(record -> record.getMessage().contains(searched));
+    }
+
+    @Test
+    @Issue("JENKINS-12251")
+    public void testItemFullNameExpansion() throws Exception {
+        loggerRule.record(Jenkins.class, Level.WARNING)
+                .record(Jenkins.class, Level.INFO)
+                .capture(1000);
+
+        story.then(steps -> {
+            assertTrue(story.j.getInstance().isDefaultBuildDir());
+            assertTrue(story.j.getInstance().isDefaultWorkspaceDir());
+            setBuildsDirProperty("${JENKINS_HOME}/test12251_builds/${ITEM_FULL_NAME}");
+            setWorkspacesDirProperty("${JENKINS_HOME}/test12251_ws/${ITEM_FULL_NAME}");
+        });
+
+        story.then(steps -> {
+            assertTrue(JenkinsBuildsAndWorkspacesDirectoriesTest.this.logWasFound("Changing builds directories from "));
+            assertFalse(story.j.getInstance().isDefaultBuildDir());
+            assertFalse(story.j.getInstance().isDefaultWorkspaceDir());
+
+            // build a dummy project
+            MavenModuleSet m = story.j.jenkins.createProject(MavenModuleSet.class, "p");
+            m.setScm(new ExtractResourceSCM(getClass().getResource("/simple-projects.zip")));
+            MavenModuleSetBuild b = m.scheduleBuild2(0).get();
+
+            // make sure these changes are effective
+            assertTrue(b.getWorkspace().getRemote().contains("test12251_ws"));
+            assertTrue(b.getRootDir().toString().contains("test12251_builds"));
+        });
+
+    }
+
+    @Test
+    @Issue("JENKINS-17138")
+    public void externalBuildDirectoryRenameDelete() throws Exception {
+
+        // Hack to get String builds usable in lambda below
+        final List<String> builds = new ArrayList<>();
+
+        story.then(steps -> {
+            builds.add(story.j.createTmpDir().toString());
+            assertTrue(story.j.getInstance().isDefaultBuildDir());
+            setBuildsDirProperty(builds.get(0) + "/${ITEM_FULL_NAME}");
+        });
+
+        story.then(steps -> {
+            assertEquals(builds.get(0) + "/${ITEM_FULL_NAME}", story.j.jenkins.getRawBuildsDir());
+            FreeStyleProject p = story.j.jenkins.createProject(MockFolder.class, "d").createProject(FreeStyleProject.class, "prj");
+            FreeStyleBuild b = p.scheduleBuild2(0).get();
+            File oldBuildDir = new File(builds.get(0), "d/prj");
+            assertEquals(new File(oldBuildDir, b.getId()), b.getRootDir());
+            assertTrue(b.getRootDir().isDirectory());
+            p.renameTo("proj");
+            File newBuildDir = new File(builds.get(0), "d/proj");
+            assertEquals(new File(newBuildDir, b.getId()), b.getRootDir());
+            assertTrue(b.getRootDir().isDirectory());
+            p.delete();
+            assertFalse(b.getRootDir().isDirectory());
+        });
+    }
+
+    @Test
+    @Issue("JENKINS-17137")
+    public void externalBuildDirectorySymlinks() throws Exception {
+        Assume.assumeFalse(Functions.isWindows()); // symlinks may not be available
+
+        // Hack to get String builds usable in lambda below
+        final List<String> builds = new ArrayList<>();
+
+        story.then(steps ->  {
+            builds.add(story.j.createTmpDir().toString());
+            setBuildsDirProperty(builds.get(0) + "/${ITEM_FULL_NAME}");
+        });
+
+        story.then(steps -> {
+
+            assertEquals(builds.get(0) + "/${ITEM_FULL_NAME}", story.j.jenkins.getRawBuildsDir());
+            FreeStyleProject p = story.j.jenkins.createProject(MockFolder.class, "d").createProject(FreeStyleProject.class, "p");
+            FreeStyleBuild b1 = p.scheduleBuild2(0).get();
+            File link = new File(p.getRootDir(), "lastStable");
+            assertTrue(link.exists());
+            assertEquals(resolveAll(link).getAbsolutePath(), b1.getRootDir().getAbsolutePath());
+            FreeStyleBuild b2 = p.scheduleBuild2(0).get();
+            assertTrue(link.exists());
+            assertEquals(resolveAll(link).getAbsolutePath(), b2.getRootDir().getAbsolutePath());
+            b2.delete();
+            assertTrue(link.exists());
+            assertEquals(resolveAll(link).getAbsolutePath(), b1.getRootDir().getAbsolutePath());
+            b1.delete();
+            assertFalse(link.exists());
+        });
+    }
+
+    private File resolveAll(File link) throws InterruptedException, IOException {
+        while (true) {
+            File f = Util.resolveSymlinkToFile(link);
+            if (f == null) {
+                return link;
+            }
+            link = f;
+        }
+    }
+
+}
diff --git a/test/src/test/java/jenkins/model/JenkinsInitializationTest.java b/test/src/test/java/jenkins/model/JenkinsInitializationTest.java
deleted file mode 100644
index 3e5c5513da..0000000000
--- a/test/src/test/java/jenkins/model/JenkinsInitializationTest.java
+++ /dev/null
@@ -1,113 +0,0 @@
-package jenkins.model;
-
-import org.junit.AfterClass;
-import org.junit.BeforeClass;
-import org.junit.Rule;
-import org.junit.Test;
-import org.jvnet.hudson.test.Issue;
-import org.jvnet.hudson.test.LoggerRule;
-import org.jvnet.hudson.test.RestartableJenkinsRule;
-
-import java.util.LinkedHashMap;
-import java.util.Map;
-import java.util.logging.Level;
-import java.util.stream.Stream;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-
-@Issue("JENKINS-50164")
-public class JenkinsInitializationTest {
-
-    private static final Map<String, String> PROPS_TO_RESTORE = new LinkedHashMap<>();
-    @Rule
-    public RestartableJenkinsRule story = new RestartableJenkinsRule();
-
-    @Rule
-    public LoggerRule loggerRule = new LoggerRule();
-
-    @BeforeClass
-    public static void beforeClass() {
-        Stream.of(Jenkins.BUILDS_DIR_PROP, Jenkins.WORKSPACES_DIR_PROP)
-                .forEach(property -> PROPS_TO_RESTORE.put(property, System.getProperty(property)));
-    }
-
-    @AfterClass
-    public static void afterClass() {
-        PROPS_TO_RESTORE.forEach((k, v) -> {
-            if (v == null) {
-                System.clearProperty(k);
-            } else {
-                System.setProperty(k, v);
-            }
-        });
-    }
-
-    @Test
-    public void buildsDir() throws Exception {
-        loggerRule.record(Jenkins.class, Level.WARNING)
-                .record(Jenkins.class, Level.INFO)
-                .capture(100);
-
-        story.then(step -> {
-                       assertFalse(logWasFound("Using non default builds directories"));
-                   }
-        );
-
-        story.then(steps -> {
-            assertTrue(story.j.getInstance().isDefaultBuildDir());
-            System.setProperty("jenkins.model.Jenkins.BUILDS_DIR", "blah");
-            assertFalse(JenkinsInitializationTest.this.logWasFound("Changing builds directories from "));
-        });
-
-        story.then(step -> {
-                       assertFalse(story.j.getInstance().isDefaultBuildDir());
-                       assertEquals("blah", story.j.getInstance().getRawBuildsDir());
-                       assertTrue(logWasFound("Changing builds directories from "));
-                   }
-        );
-
-        story.then(step -> {
-                       assertTrue(logWasFound("Using non default builds directories"));
-                   }
-        );
-    }
-
-    @Test
-    public void workspacesDir() throws Exception {
-        loggerRule.record(Jenkins.class, Level.WARNING)
-                .record(Jenkins.class, Level.INFO)
-                .capture(1000);
-
-        story.then(step -> {
-                       assertFalse(logWasFound("Using non default workspaces directories"));
-                   }
-        );
-
-        story.then(step -> {
-            assertTrue(story.j.getInstance().isDefaultWorkspaceDir());
-            System.setProperty("jenkins.model.Jenkins.WORKSPACES_DIR", "bluh");
-            assertFalse(logWasFound("Changing workspaces directories from "));
-        });
-
-        story.then(step -> {
-            assertFalse(story.j.getInstance().isDefaultWorkspaceDir());
-            assertEquals("bluh", story.j.getInstance().getRawWorkspaceDir());
-            assertTrue(logWasFound("Changing workspaces directories from "));
-        });
-
-
-        story.then(step -> {
-                       assertFalse(story.j.getInstance().isDefaultWorkspaceDir());
-                       assertTrue(logWasFound("Using non default workspaces directories"));
-                   }
-        );
-
-    }
-
-    private boolean logWasFound(String searched) {
-        return loggerRule.getRecords().stream()
-                .anyMatch(record -> record.getMessage().contains(searched));
-    }
-}
diff --git a/test/src/test/java/jenkins/model/JenkinsTest.java b/test/src/test/java/jenkins/model/JenkinsTest.java
index 833230dbe8..a888e356a1 100644
--- a/test/src/test/java/jenkins/model/JenkinsTest.java
+++ b/test/src/test/java/jenkins/model/JenkinsTest.java
@@ -275,22 +275,6 @@ public class JenkinsTest {
         }
     }
     
-    @Test @Issue("JENKINS-12251")
-    public void testItemFullNameExpansion() throws Exception {
-        HtmlForm f = j.createWebClient().goTo("configure").getFormByName("config");
-        f.getInputByName("_.rawBuildsDir").setValueAttribute("${JENKINS_HOME}/test12251_builds/${ITEM_FULL_NAME}");
-        f.getInputByName("_.rawWorkspaceDir").setValueAttribute("${JENKINS_HOME}/test12251_ws/${ITEM_FULL_NAME}");
-        j.submit(f);
-
-        // build a dummy project
-        MavenModuleSet m = j.jenkins.createProject(MavenModuleSet.class, "p");
-        m.setScm(new ExtractResourceSCM(getClass().getResource("/simple-projects.zip")));
-        MavenModuleSetBuild b = m.scheduleBuild2(0).get();
-
-        // make sure these changes are effective
-        assertTrue(b.getWorkspace().getRemote().contains("test12251_ws"));
-        assertTrue(b.getRootDir().toString().contains("test12251_builds"));
-    }
 
     /**
      * Makes sure access to "/foobar" for UnprotectedRootAction gets through.
-- 
GitLab


From 7d13e179c9df453b0d6ad4e52acce0d54d61746a Mon Sep 17 00:00:00 2001
From: Steve Arch <sarch@cloudbees.com>
Date: Fri, 23 Mar 2018 15:49:40 +0000
Subject: [PATCH 272/863] [JENKINS-50296] Had used wrong issue number

---
 core/src/test/java/hudson/model/ComputerTest.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/test/java/hudson/model/ComputerTest.java b/core/src/test/java/hudson/model/ComputerTest.java
index ed34eca69d..7fc7be9c81 100644
--- a/core/src/test/java/hudson/model/ComputerTest.java
+++ b/core/src/test/java/hudson/model/ComputerTest.java
@@ -38,7 +38,7 @@ public class ComputerTest {
         }
     }
 
-    @Issue("JENKINS-42556")
+    @Issue("JENKINS-50296")
     @Test
     public void testThreadPoolForRemotingActsAsSystemUser() throws InterruptedException, ExecutionException {
         Future<Authentication> job = Computer.threadPoolForRemoting.submit(Jenkins::getAuthentication);
-- 
GitLab


From 90fd89ff67e881e5efbc7085defbc0be674a92c8 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Fri, 23 Mar 2018 16:47:53 -0400
Subject: [PATCH 273/863] Use run(Callable) from the default list(String,
 String, boolean) so it can run efficiently without an override.

---
 .../main/java/jenkins/util/VirtualFile.java   | 31 +++++++++++++------
 1 file changed, 22 insertions(+), 9 deletions(-)

diff --git a/core/src/main/java/jenkins/util/VirtualFile.java b/core/src/main/java/jenkins/util/VirtualFile.java
index 6a88e24b47..77d5615787 100644
--- a/core/src/main/java/jenkins/util/VirtualFile.java
+++ b/core/src/main/java/jenkins/util/VirtualFile.java
@@ -56,6 +56,7 @@ import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
 import jenkins.MasterToSlaveFileCallable;
 import jenkins.model.ArtifactManager;
+import jenkins.security.MasterToSlaveCallable;
 import org.apache.tools.ant.DirectoryScanner;
 import org.apache.tools.ant.types.AbstractFileSet;
 import org.apache.tools.ant.types.selectors.SelectorUtils;
@@ -177,7 +178,7 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
 
     /**
      * Lists recursive files of this directory with pattern matching.
-     * <p>The default implementation calls {@link #list()} recursively and applies filtering to the result.
+     * <p>The default implementation calls {@link #list()} recursively inside {@link #run} and applies filtering to the result.
      * Implementations may wish to override this more efficiently.
      * @param includes comma-separated Ant-style globs as per {@link Util#createFileSet(File, String, String)} using {@code /} as a path separator;
      *                 the empty string means <em>no matches</em> (use {@link SelectorUtils#DEEP_TREE_MATCH} if you want to match everything except some excludes)
@@ -188,8 +189,7 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
      * @since FIXME
      */
     public @Nonnull Collection<String> list(@Nonnull String includes, @CheckForNull String excludes, boolean useDefaultExcludes) throws IOException {
-        List<String> r = new ArrayList<>();
-        collectFiles(r, "");
+        Collection<String> r = run(new CollectFiles(this));
         List<TokenizedPattern> includePatterns = patterns(includes);
         List<TokenizedPattern> excludePatterns = patterns(excludes);
         if (useDefaultExcludes) {
@@ -202,12 +202,25 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
             return includePatterns.stream().anyMatch(patt -> patt.matchPath(path, true)) && !excludePatterns.stream().anyMatch(patt -> patt.matchPath(path, true));
         }).collect(Collectors.toSet());
     }
-    private void collectFiles(Collection<String> names, String prefix) throws IOException {
-        for (VirtualFile child : list()) {
-            if (child.isFile()) {
-                names.add(prefix + child.getName());
-            } else if (child.isDirectory()) {
-                child.collectFiles(names, prefix + child.getName() + "/");
+    private static final class CollectFiles extends MasterToSlaveCallable<Collection<String>, IOException> {
+        private static final long serialVersionUID = 1;
+        private final VirtualFile root;
+        CollectFiles(VirtualFile root) {
+            this.root = root;
+        }
+        @Override
+        public Collection<String> call() throws IOException {
+            List<String> r = new ArrayList<>();
+            collectFiles(root, r, "");
+            return r;
+        }
+        private static void collectFiles(VirtualFile d, Collection<String> names, String prefix) throws IOException {
+            for (VirtualFile child : d.list()) {
+                if (child.isFile()) {
+                    names.add(prefix + child.getName());
+                } else if (child.isDirectory()) {
+                    collectFiles(child, names, prefix + child.getName() + "/");
+                }
             }
         }
     }
-- 
GitLab


From 34f9586f5edb3dfe7769c451e5e8ab05aadcc882 Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Fri, 23 Mar 2018 22:36:26 +0100
Subject: [PATCH 274/863] [JENKINS-50291] Customize where Async[A]PeriodicWork
 tasks are logged

---
 .../java/hudson/model/AsyncAperiodicWork.java |  2 +-
 .../java/hudson/model/AsyncPeriodicWork.java  |  2 +-
 .../java/hudson/triggers/SafeTimerTask.java   | 36 +++++++++
 .../hudson/triggers/SafeTimerTaskTest.java    | 76 +++++++++++++++++++
 4 files changed, 114 insertions(+), 2 deletions(-)
 create mode 100644 test/src/test/java/hudson/triggers/SafeTimerTaskTest.java

diff --git a/core/src/main/java/hudson/model/AsyncAperiodicWork.java b/core/src/main/java/hudson/model/AsyncAperiodicWork.java
index 1d295fa716..6e720c1419 100644
--- a/core/src/main/java/hudson/model/AsyncAperiodicWork.java
+++ b/core/src/main/java/hudson/model/AsyncAperiodicWork.java
@@ -200,7 +200,7 @@ public abstract class AsyncAperiodicWork extends AperiodicWork {
      * Determines the log file that records the result of this task.
      */
     protected File getLogFile() {
-        return new File(Jenkins.getActiveInstance().getRootDir(),"logs/tasks/"+name+".log");
+        return new File(getLogsRoot(), "/tasks/" + name + ".log");
     }
 
     /**
diff --git a/core/src/main/java/hudson/model/AsyncPeriodicWork.java b/core/src/main/java/hudson/model/AsyncPeriodicWork.java
index f3ffcc6497..324d1853ee 100644
--- a/core/src/main/java/hudson/model/AsyncPeriodicWork.java
+++ b/core/src/main/java/hudson/model/AsyncPeriodicWork.java
@@ -183,7 +183,7 @@ public abstract class AsyncPeriodicWork extends PeriodicWork {
      * Determines the log file that records the result of this task.
      */
     protected File getLogFile() {
-        return new File(Jenkins.getActiveInstance().getRootDir(),"logs/tasks/"+name+".log");
+        return new File(getLogsRoot(), "/tasks/" + name + ".log");
     }
     
     /**
diff --git a/core/src/main/java/hudson/triggers/SafeTimerTask.java b/core/src/main/java/hudson/triggers/SafeTimerTask.java
index e47dfc61e6..dada64109e 100644
--- a/core/src/main/java/hudson/triggers/SafeTimerTask.java
+++ b/core/src/main/java/hudson/triggers/SafeTimerTask.java
@@ -24,11 +24,18 @@
 package hudson.triggers;
 
 import hudson.model.AperiodicWork;
+import hudson.model.AsyncAperiodicWork;
+import hudson.model.AsyncPeriodicWork;
 import hudson.model.PeriodicWork;
 import hudson.security.ACL;
+
+import java.io.File;
 import java.util.TimerTask;
 import java.util.logging.Level;
 import java.util.logging.Logger;
+
+import jenkins.model.Jenkins;
+import jenkins.util.SystemProperties;
 import jenkins.util.Timer;
 import org.acegisecurity.context.SecurityContext;
 import org.acegisecurity.context.SecurityContextHolder;
@@ -43,6 +50,14 @@ import org.acegisecurity.context.SecurityContextHolder;
  * @since 1.124
  */
 public abstract class SafeTimerTask extends TimerTask {
+
+    /**
+     * System property to change the location where tasks logging should be sent.
+     * <p><strong>Beware: changing it while Jenkins is running gives no guarantee logs will be sent to the new location
+     * until it is restarted.</strong></p>
+     */
+    static final String TASKS_LOGS_ROOT_PATH_PROPERTY = SafeTimerTask.class.getName()+".TASKS_LOGS_ROOT_PATH";
+
     public final void run() {
         // background activity gets system credential,
         // just like executors get it.
@@ -58,5 +73,26 @@ public abstract class SafeTimerTask extends TimerTask {
 
     protected abstract void doRun() throws Exception;
 
+
+    /**
+     * The root path that should be used to put logs related to the tasks running in Jenkins.
+     *
+     * @see AsyncAperiodicWork#getLogFile()
+     * @see AsyncPeriodicWork#getLogFile()
+     * @return the path where the logs should be put.
+     * @since TODO
+     */
+    public static File getLogsRoot() {
+        String tagsLogsPath = SystemProperties.getString(TASKS_LOGS_ROOT_PATH_PROPERTY);
+        if (tagsLogsPath == null) {
+            return new File(Jenkins.get().getRootDir(), "logs");
+        } else {
+            LOGGER.log(Level.INFO,
+                       "Using non default root path for tasks logging: {0}. (Beware: no automated migration if you change or remove it again)",
+                       TASKS_LOGS_ROOT_PATH_PROPERTY);
+            return new File(tagsLogsPath);
+        }
+    }
+
     private static final Logger LOGGER = Logger.getLogger(SafeTimerTask.class.getName());
 }
diff --git a/test/src/test/java/hudson/triggers/SafeTimerTaskTest.java b/test/src/test/java/hudson/triggers/SafeTimerTaskTest.java
new file mode 100644
index 0000000000..e111661a9d
--- /dev/null
+++ b/test/src/test/java/hudson/triggers/SafeTimerTaskTest.java
@@ -0,0 +1,76 @@
+package hudson.triggers;
+
+import hudson.model.AsyncPeriodicWork;
+import hudson.model.TaskListener;
+import org.junit.After;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.TemporaryFolder;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.LoggerRule;
+import org.jvnet.hudson.test.TestExtension;
+
+import java.io.File;
+import java.io.IOException;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+
+public class SafeTimerTaskTest {
+
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+
+    @Rule
+    public TemporaryFolder folder = new TemporaryFolder();
+
+    @Rule
+    public LoggerRule loggerRule = new LoggerRule();
+
+    @After
+    public void tearDown() throws Exception {
+        System.clearProperty(SafeTimerTask.TASKS_LOGS_ROOT_PATH_PROPERTY);
+    }
+
+    @Issue("JENKINS-50291")
+    @Test
+    public void changeLogsRoot() throws Exception {
+        assertNull(System.getProperty(SafeTimerTask.TASKS_LOGS_ROOT_PATH_PROPERTY));
+
+        File temporaryFolder = folder.newFolder();
+
+        // Check historical default value
+        final File logsRoot = new File(j.jenkins.getRootDir(), "logs/tasks");
+
+        // Give some time for the logs to arrive
+        Thread.sleep(3 * LogSpammer.RECURRENCE_PERIOD);
+
+        assertTrue(logsRoot.exists());
+        assertTrue(logsRoot.isDirectory());
+
+        System.setProperty(SafeTimerTask.TASKS_LOGS_ROOT_PATH_PROPERTY, temporaryFolder.toString());
+        assertEquals(temporaryFolder.toString(), SafeTimerTask.getLogsRoot().toString());
+    }
+
+    @TestExtension
+    public static class LogSpammer extends AsyncPeriodicWork {
+
+        public static final long RECURRENCE_PERIOD = 50L;
+
+        public LogSpammer() {
+            super("wut");
+        }
+
+        @Override
+        protected void execute(TaskListener listener) throws IOException, InterruptedException {
+            listener.getLogger().println("blah");
+        }
+
+        @Override
+        public long getRecurrencePeriod() {
+            return RECURRENCE_PERIOD;
+        }
+    }
+}
\ No newline at end of file
-- 
GitLab


From 9b75cd28f6db3b057cc8da5c8d85bf1cac3375ae Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Fri, 23 Mar 2018 18:09:42 -0400
Subject: [PATCH 275/863] Making Run.getArtifactsUpTo call VirtualFile.run.

---
 .../hudson/model/DirectoryBrowserSupport.java |  1 +
 core/src/main/java/hudson/model/Run.java      | 89 ++++++++++++++++---
 2 files changed, 79 insertions(+), 11 deletions(-)

diff --git a/core/src/main/java/hudson/model/DirectoryBrowserSupport.java b/core/src/main/java/hudson/model/DirectoryBrowserSupport.java
index 5b32d5b755..504eaba0d1 100644
--- a/core/src/main/java/hudson/model/DirectoryBrowserSupport.java
+++ b/core/src/main/java/hudson/model/DirectoryBrowserSupport.java
@@ -366,6 +366,7 @@ public final class DirectoryBrowserSupport implements HttpResponse {
     private static void zip(OutputStream outputStream, VirtualFile dir, String glob) throws IOException {
         try (ZipOutputStream zos = new ZipOutputStream(outputStream)) {
             zos.setEncoding(System.getProperty("file.encoding")); // TODO JENKINS-20663 make this overridable via query parameter
+            // TODO consider using run(Callable) here
             for (String n : dir.list(glob.isEmpty() ? "**" : glob, null, /* TODO what is the user expectation? */true)) {
                 String relativePath;
                 if (glob.length() == 0) {
diff --git a/core/src/main/java/hudson/model/Run.java b/core/src/main/java/hudson/model/Run.java
index f7e11b1c65..879a5bd402 100644
--- a/core/src/main/java/hudson/model/Run.java
+++ b/core/src/main/java/hudson/model/Run.java
@@ -73,6 +73,7 @@ import java.io.OutputStream;
 import java.io.PrintWriter;
 import java.io.RandomAccessFile;
 import java.io.Reader;
+import java.io.Serializable;
 import java.nio.charset.Charset;
 import java.text.DateFormat;
 import java.text.SimpleDateFormat;
@@ -108,6 +109,7 @@ import jenkins.model.RunAction2;
 import jenkins.model.StandardArtifactManager;
 import jenkins.model.lazy.BuildReference;
 import jenkins.model.lazy.LazyBuildMixIn;
+import jenkins.security.MasterToSlaveCallable;
 import jenkins.util.VirtualFile;
 import jenkins.util.io.OnMaster;
 import net.sf.json.JSONObject;
@@ -1090,12 +1092,16 @@ public abstract class Run <JobT extends Job<JobT,RunT>,RunT extends Run<JobT,Run
      * @return The list can be empty but never null
      */ 
     public @Nonnull List<Artifact> getArtifactsUpTo(int artifactsNumber) {
-        ArtifactList r = new ArtifactList();
+        SerializableArtifactList sal;
+        VirtualFile root = getArtifactManager().root();
         try {
-            addArtifacts(getArtifactManager().root(), "", "", r, null, artifactsNumber);
+            sal = root.run(new AddArtifacts(root, artifactsNumber));
         } catch (IOException x) {
             LOGGER.log(Level.WARNING, null, x);
+            sal = new SerializableArtifactList();
         }
+        ArtifactList r = new ArtifactList();
+        r.updateFrom(sal);
         r.computeDisplayName();
         return r;
     }
@@ -1109,9 +1115,25 @@ public abstract class Run <JobT extends Job<JobT,RunT>,RunT extends Run<JobT,Run
         return !getArtifactsUpTo(1).isEmpty();
     }
 
-    private int addArtifacts(@Nonnull VirtualFile dir, 
+    private static final class AddArtifacts extends MasterToSlaveCallable<SerializableArtifactList, IOException> {
+        private static final long serialVersionUID = 1L;
+        private final VirtualFile root;
+        private final int artifactsNumber;
+        AddArtifacts(VirtualFile root, int artifactsNumber) {
+            this.root = root;
+            this.artifactsNumber = artifactsNumber;
+        }
+        @Override
+        public SerializableArtifactList call() throws IOException {
+            SerializableArtifactList sal = new SerializableArtifactList();
+            addArtifacts(root, "", "", sal, null, artifactsNumber);
+            return sal;
+        }
+    }
+
+    private static int addArtifacts(@Nonnull VirtualFile dir,
             @Nonnull String path, @Nonnull String pathHref, 
-            @Nonnull ArtifactList r, @Nonnull Artifact parent, int upTo) throws IOException {
+            @Nonnull SerializableArtifactList r, @Nonnull SerializableArtifact parent, int upTo) throws IOException {
         VirtualFile[] kids = dir.list();
         Arrays.sort(kids);
 
@@ -1122,26 +1144,26 @@ public abstract class Run <JobT extends Job<JobT,RunT>,RunT extends Run<JobT,Run
             String childHref = pathHref + Util.rawEncode(child);
             String length = sub.isFile() ? String.valueOf(sub.length()) : "";
             boolean collapsed = (kids.length==1 && parent!=null);
-            Artifact a;
+            SerializableArtifact a;
             if (collapsed) {
                 // Collapse single items into parent node where possible:
-                a = new Artifact(parent.getFileName() + '/' + child, childPath,
+                a = new SerializableArtifact(parent.name + '/' + child, childPath,
                                  sub.isDirectory() ? null : childHref, length,
-                                 parent.getTreeNodeId());
+                                 parent.treeNodeId);
                 r.tree.put(a, r.tree.remove(parent));
             } else {
                 // Use null href for a directory:
-                a = new Artifact(child, childPath,
+                a = new SerializableArtifact(child, childPath,
                                  sub.isDirectory() ? null : childHref, length,
                                  "n" + ++r.idSeq);
-                r.tree.put(a, parent!=null ? parent.getTreeNodeId() : null);
+                r.tree.put(a, parent!=null ? parent.treeNodeId : null);
             }
             if (sub.isDirectory()) {
                 n += addArtifacts(sub, childPath + '/', childHref + '/', r, a, upTo-n);
                 if (n>=upTo) break;
             } else {
                 // Don't store collapsed path in ArrayList (for correct data in external API)
-                r.add(collapsed ? new Artifact(child, a.relativePath, a.href, length, a.treeNodeId) : a);
+                r.add(collapsed ? new SerializableArtifact(child, a.relativePath, a.href, length, a.treeNodeId) : a);
                 if (++n>=upTo) break;
             }
         }
@@ -1159,6 +1181,30 @@ public abstract class Run <JobT extends Job<JobT,RunT>,RunT extends Run<JobT,Run
     public static final int TREE_CUTOFF = Integer.parseInt(SystemProperties.getString("hudson.model.Run.ArtifactList.treeCutoff", "40"));
 
     // ..and then "too many"
+    
+    /** {@link Run.Artifact} without the implicit link to {@link Run} */
+    private static final class SerializableArtifact implements Serializable {
+        private static final long serialVersionUID = 1L;
+        final String name;
+        final String relativePath;
+        final String href;
+        final String length;
+        final String treeNodeId;
+        SerializableArtifact(String name, String relativePath, String href, String length, String treeNodeId) {
+            this.name = name;
+            this.relativePath = relativePath;
+            this.href = href;
+            this.length = length;
+            this.treeNodeId = treeNodeId;
+        }
+    }
+
+    /** {@link Run.ArtifactList} without the implicit link to {@link Run} */
+    private static final class SerializableArtifactList extends ArrayList<SerializableArtifact> {
+        private static final long serialVersionUID = 1L;
+        private LinkedHashMap<SerializableArtifact, String> tree = new LinkedHashMap<>();
+        private int idSeq = 0;
+    }
 
     public final class ArtifactList extends ArrayList<Artifact> {
         private static final long serialVersionUID = 1L;
@@ -1167,7 +1213,24 @@ public abstract class Run <JobT extends Job<JobT,RunT>,RunT extends Run<JobT,Run
          * Contains Artifact objects for directories and files (the ArrayList contains only files).
          */
         private LinkedHashMap<Artifact,String> tree = new LinkedHashMap<Artifact,String>();
-        private int idSeq = 0;
+
+        void updateFrom(SerializableArtifactList clone) {
+            Map<String, Artifact> artifacts = new HashMap<>(); // need to share objects between tree and list, since computeDisplayName mutates displayPath
+            for (SerializableArtifact sa : clone) {
+                Artifact a = new Artifact(sa);
+                artifacts.put(a.relativePath, a);
+                add(a);
+            }
+            tree = new LinkedHashMap<>();
+            for (Map.Entry<SerializableArtifact, String> entry : clone.tree.entrySet()) {
+                SerializableArtifact sa = entry.getKey();
+                Artifact a = artifacts.get(sa.relativePath);
+                if (a == null) {
+                    a = new Artifact(sa);
+                }
+                tree.put(a, entry.getValue());
+            }
+        }
 
         public Map<Artifact,String> getTree() {
             return tree;
@@ -1282,6 +1345,10 @@ public abstract class Run <JobT extends Job<JobT,RunT>,RunT extends Run<JobT,Run
          */
         private String length;
 
+        Artifact(SerializableArtifact clone) {
+            this(clone.name, clone.relativePath, clone.href, clone.length, clone.treeNodeId);
+        }
+
         /*package for test*/ Artifact(String name, String relativePath, String href, String len, String treeNodeId) {
             this.name = name;
             this.relativePath = relativePath;
-- 
GitLab


From a30ada790779f61faec3f02dcee03ca54e4a472e Mon Sep 17 00:00:00 2001
From: Sorin Sbarnea <ssbarnea@users.noreply.github.com>
Date: Sat, 24 Mar 2018 11:09:34 +0000
Subject: [PATCH 276/863] [JENKINS-47020] - Improve job search experience
 (#3324)

* Increase search results limit from 20 to 100

Signed-off-by: Sorin Sbarnea <ssbarnea@redhat.com>

* Enlarge search box size

Increase the max number of results from 10 to 25.
Increase width of results from 25em to 35em
in order to suit longer job names.

This still fits even small 13" screens and improves
user experience.

Signed-off-by: Sorin Sbarnea <ssbarnea@redhat.com>
---
 core/src/main/java/hudson/search/Search.java                  | 2 +-
 .../main/resources/hudson/search/Search/search-failed.jelly   | 4 ++--
 war/src/main/webapp/css/style.css                             | 2 +-
 war/src/main/webapp/scripts/hudson-behavior.js                | 1 +
 4 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/core/src/main/java/hudson/search/Search.java b/core/src/main/java/hudson/search/Search.java
index 627d77fafb..be9edf7c96 100644
--- a/core/src/main/java/hudson/search/Search.java
+++ b/core/src/main/java/hudson/search/Search.java
@@ -140,7 +140,7 @@ public class Search {
     public SearchResult getSuggestions(StaplerRequest req, String query) {
         Set<String> paths = new HashSet<String>();  // paths already added, to control duplicates
         SearchResultImpl r = new SearchResultImpl();
-        int max = req.hasParameter("max") ? Integer.parseInt(req.getParameter("max")) : 20;
+        int max = req.hasParameter("max") ? Integer.parseInt(req.getParameter("max")) : 100;
         SearchableModelObject smo = findClosestSearchableModelObject(req);
         for (SuggestedItem i : suggest(makeSuggestIndex(req), query, smo)) {
             if(r.size()>=max) {
diff --git a/core/src/main/resources/hudson/search/Search/search-failed.jelly b/core/src/main/resources/hudson/search/Search/search-failed.jelly
index df50cd1a4f..da02086828 100644
--- a/core/src/main/resources/hudson/search/Search/search-failed.jelly
+++ b/core/src/main/resources/hudson/search/Search/search-failed.jelly
@@ -48,8 +48,8 @@ THE SOFTWARE.
             </j:forEach>
           </ol>
             <j:if test="${items.hasMoreResults()}">
-                <j:set var="max" value="${request.hasParameter('max')?request.getParameter('max'):20}"/>
-                <em>result has been truncated, <a href="?q=${it.encodeQuery(q)}&amp;max=${max+20}">see 20 more</a></em>
+                <j:set var="max" value="${request.hasParameter('max')?request.getParameter('max'):100}"/>
+                <em>result has been truncated, <a href="?q=${it.encodeQuery(q)}&amp;max=${max+100}">see 100 more</a></em>
             </j:if>
         </j:otherwise>
       </j:choose>
diff --git a/war/src/main/webapp/css/style.css b/war/src/main/webapp/css/style.css
index 879b68390a..d698e65359 100644
--- a/war/src/main/webapp/css/style.css
+++ b/war/src/main/webapp/css/style.css
@@ -1493,7 +1493,7 @@ DIV.yahooTree td {
 
 #search-box-completion .yui-ac-content {
   border: 1px solid black;
-  width:25em;
+  width:35em;
   background-color: white;
   overflow: hidden;
 }
diff --git a/war/src/main/webapp/scripts/hudson-behavior.js b/war/src/main/webapp/scripts/hudson-behavior.js
index aedbb069fc..22e3706fc3 100644
--- a/war/src/main/webapp/scripts/hudson-behavior.js
+++ b/war/src/main/webapp/scripts/hudson-behavior.js
@@ -2373,6 +2373,7 @@ function createSearchBox(searchURL) {
     ac.typeAhead = false;
     ac.autoHighlight = false;
     ac.formatResult = ac.formatEscapedResult;
+    ac.maxResultsDisplayed = 25;
 
     var box   = $("search-box");
     var sizer = $("search-box-sizer");
-- 
GitLab


From d0ff4135e9fbe86faf2caeb28c9e180b406eb6d1 Mon Sep 17 00:00:00 2001
From: ikedam <devld@ikedam.jp>
Date: Sun, 2 Feb 2014 13:42:40 +0900
Subject: [PATCH 277/863] [FIXED JENKINS-21613] combobox now recovers
 form.onsubmit to the one just before override.

---
 war/src/main/webapp/scripts/combobox.js | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/war/src/main/webapp/scripts/combobox.js b/war/src/main/webapp/scripts/combobox.js
index 825867537e..66d541cae0 100644
--- a/war/src/main/webapp/scripts/combobox.js
+++ b/war/src/main/webapp/scripts/combobox.js
@@ -88,6 +88,7 @@ function ComboBox(idOrField, callback, config) {
 		alert("You have specified an invalid id for the field you want to turn into a combo box");
 	this.dropdown = document.createElement("div");
 	this.isDropdownShowing = false;
+	this.oldonsubmit = null;
 	
 	// configure the dropdown div
 	this.dropdown.className = "comboBoxList";
@@ -111,11 +112,11 @@ function ComboBox(idOrField, callback, config) {
 			this.setSelectionRange(length, length);
 		}
 	}
-	this.field.form.oldonsubmit = this.field.form.onsubmit;
 	this.field.onfocus = function() {
+		this.comboBox.oldonsubmit = this.form.onsubmit;
 		this.form.onsubmit = function() {
 			if (self.isDropdownShowing) return false;
-			if (this.oldonsubmit) this.oldonsubmit();
+			if (self.oldonsubmit) self.oldonsubmit.call(this);
 			return true;
 		};
 		// repopulate and display the dropdown
@@ -124,7 +125,7 @@ function ComboBox(idOrField, callback, config) {
 	this.field.onblur = function() {
 		var cb = this.comboBox;
 		this.hideTimeout = setTimeout(function() { cb.hideDropdown(); }, 100);
-                this.form.onsubmit = this.form.oldonsubmit;
+		this.form.onsubmit = cb.oldonsubmit;
 	}
 	
 	// privileged methods
-- 
GitLab


From 99592e0a84d9dc6bbda457040f91719aa153dfec Mon Sep 17 00:00:00 2001
From: James Nord <jnord+github@cloudbees.com>
Date: Mon, 12 Mar 2018 16:49:30 +0000
Subject: [PATCH 278/863] [JENKINS-50124] restore AbstractTaskListeners
 serialVersionUID.

If a subclass was serialized (default java serialization) then the
changes do push down the method to the interface would break
deserialisation when in reality the classes are still compatable.

Restoring the compatability by hard coding the serialVersionUID to what
it was before the change.

(cherry picked from commit dcf22ca809671f19cfc2d1d10537b7bb5cf56e8d)
---
 core/src/main/java/hudson/util/AbstractTaskListener.java | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/core/src/main/java/hudson/util/AbstractTaskListener.java b/core/src/main/java/hudson/util/AbstractTaskListener.java
index b40cfde838..bb02e99cd0 100644
--- a/core/src/main/java/hudson/util/AbstractTaskListener.java
+++ b/core/src/main/java/hudson/util/AbstractTaskListener.java
@@ -13,4 +13,7 @@ import org.kohsuke.accmod.restrictions.NoExternalUse;
 @Restricted(NoExternalUse.class)
 @RestrictedSince("2.91")
 public abstract class AbstractTaskListener implements TaskListener {
+
+    private static final long serialVersionUID = 7217626701881006422L;
+
 }
-- 
GitLab


From aa799e39ad904183d1da3105b8b3267c7348cd71 Mon Sep 17 00:00:00 2001
From: Daniel Trebbien <dtrebbien@gmail.com>
Date: Wed, 7 Mar 2018 15:53:53 -0800
Subject: [PATCH 279/863] [JENKINS-49971] Fix a race condition in
 Util.loadFile() (#3225)

* Fix a race condition in Util.loadFile()

If the file is deleted in between when its existence is checked and the
file is opened for reading, then the method will fail to return an empty
string.

* Switch to using FileUtils.readFileToString()

(cherry picked from commit aaae71af4bd2952efdc3462fde086faa6a604ee2)
---
 core/src/main/java/hudson/Util.java | 66 +++++++++++++++++------------
 1 file changed, 40 insertions(+), 26 deletions(-)

diff --git a/core/src/main/java/hudson/Util.java b/core/src/main/java/hudson/Util.java
index ce381d7a0a..d71301ee7a 100644
--- a/core/src/main/java/hudson/Util.java
+++ b/core/src/main/java/hudson/Util.java
@@ -87,6 +87,9 @@ import javax.annotation.Nullable;
 
 import org.apache.commons.codec.digest.DigestUtils;
 
+import org.apache.commons.codec.digest.DigestUtils;
+import org.apache.commons.io.FileUtils;
+
 /**
  * Various utility methods that don't have more proper home.
  *
@@ -179,43 +182,54 @@ public class Util {
     }
 
     /**
-     * Loads the contents of a file into a string.
+     * Reads the entire contents of the text file at <code>logfile</code> into a
+     * string using the {@link Charset#defaultCharset() default charset} for
+     * decoding. If no such file exists, an empty string is returned.
+     * @param logfile The text file to read in its entirety.
+     * @return The entire text content of <code>logfile</code>.
+     * @throws IOException If an error occurs while reading the file.
+     * @deprecated call {@link #loadFile(java.io.File, java.nio.charset.Charset)}
+     * instead to specify the charset to use for decoding (preferably
+     * {@link java.nio.charset.StandardCharsets#UTF_8}).
      */
     @Nonnull
+    @Deprecated
     public static String loadFile(@Nonnull File logfile) throws IOException {
         return loadFile(logfile, Charset.defaultCharset());
     }
 
+    /**
+     * Reads the entire contents of the text file at <code>logfile</code> into a
+     * string using <code>charset</code> for decoding. If no such file exists,
+     * an empty string is returned.
+     * @param logfile The text file to read in its entirety.
+     * @param charset The charset to use for decoding the bytes in <code>logfile</code>.
+     * @return The entire text content of <code>logfile</code>.
+     * @throws IOException If an error occurs while reading the file.
+     */
     @Nonnull
     public static String loadFile(@Nonnull File logfile, @Nonnull Charset charset) throws IOException {
-        if(!logfile.exists())
-            return "";
-
-        StringBuilder str = new StringBuilder((int)logfile.length());
-
-        // We're not using Files.newBufferedReader() here because there is a
-        // difference in how an InputStreamReader constructed from a Charset and
-        // the reader returned by Files.newBufferedReader() handle malformed and
-        // unmappable byte sequences for the specified encoding; the latter is
-        // more picky and will throw a CharacterCodingException. See:
-        // https://issues.jenkins-ci.org/browse/JENKINS-49060?focusedCommentId=325989&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-325989
+        // Note: Until charset handling is resolved (e.g. by implementing
+        // https://issues.jenkins-ci.org/browse/JENKINS-48923 ), this method
+        // must be able to handle character encoding errors. As reported at
+        // https://issues.jenkins-ci.org/browse/JENKINS-49112 Run.getLog() calls
+        // loadFile() to fully read the generated log file. This file might
+        // contain unmappable and/or malformed byte sequences. We need to make
+        // sure that in such cases, no CharacterCodingException is thrown.
         //
-        // As reported at https://issues.jenkins-ci.org/browse/JENKINS-49112
-        // Run.getLog() calls loadFile() to fully read the generated log file.
-        // Until charset handling is resolved (e.g. by implementing
-        // https://issues.jenkins-ci.org/browse/JENKINS-48923 ), malformed
-        // bytes will need to be tolerated.
-        try (InputStream rawIn = Files.newInputStream(fileToPath(logfile));
-             Reader r = new BufferedReader(new InputStreamReader(rawIn, charset))) {
-            char[] buf = new char[1024];
-            int len;
-            while ((len = r.read(buf, 0, buf.length)) > 0)
-                str.append(buf, 0, len);
+        // One approach that cannot be used is to call Files.newBufferedReader()
+        // because there is a difference in how an InputStreamReader constructed
+        // from a Charset and the reader returned by Files.newBufferedReader()
+        // handle malformed and unmappable byte sequences for the specified
+        // encoding; the latter is more picky and will throw an exception.
+        // See: https://issues.jenkins-ci.org/browse/JENKINS-49060?focusedCommentId=325989&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-325989
+        try {
+            return FileUtils.readFileToString(logfile, charset);
+        } catch (FileNotFoundException e) {
+            return "";
         } catch (Exception e) {
-            throw new IOException("Failed to fully read " + logfile + " using charset " + charset.name(), e);
+            throw new IOException("Failed to fully read " + logfile, e);
         }
-
-        return str.toString();
     }
 
     /**
-- 
GitLab


From 52e2f4ee8482c806a6bdc9f4136516ac9f3c3cb1 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 25 Mar 2018 18:29:00 -0700
Subject: [PATCH 280/863] [maven-release-plugin] prepare release jenkins-2.113

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index b4114d904f..fbc94e3604 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.113-SNAPSHOT</version>
+    <version>2.113</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index ce4de3a920..0ef73b237b 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.113-SNAPSHOT</version>
+    <version>2.113</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 168422f104..44eb2a21a1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.113-SNAPSHOT</version>
+  <version>2.113</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.113</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 2e918d046f..a9d8b1294b 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.113-SNAPSHOT</version>
+    <version>2.113</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index bc0ca50405..b569bfc711 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.113-SNAPSHOT</version>
+    <version>2.113</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From a0c080f55233a1273282a720b5246954e203197a Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 25 Mar 2018 18:29:00 -0700
Subject: [PATCH 281/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index fbc94e3604..645b225215 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.113</version>
+    <version>2.114-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 0ef73b237b..44d05fa146 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.113</version>
+    <version>2.114-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 44eb2a21a1..5545718723 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.113</version>
+  <version>2.114-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.113</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index a9d8b1294b..9b5587f431 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.113</version>
+    <version>2.114-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index b569bfc711..6887d9802c 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.113</version>
+    <version>2.114-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 9f599911f6125cd69dc45718a4bbf79644be74e8 Mon Sep 17 00:00:00 2001
From: Vincent Latombe <vincent@latombe.net>
Date: Mon, 26 Mar 2018 09:38:33 +0200
Subject: [PATCH 282/863] [JENKINS-49401] Move Setup Wizard initialization
 logic to the init reactor. (#3282)

This way, it is guaranteed Jenkins.save() has never been called before
the SetupWizard is executed, and computation of the initial Setup Wizard
state will be correct.

Since the SetupWizard is now executed before reaching the COMPLETED
milestone, a Jenkins.save() call has been added in order to persist any
configuration change done in prior phases.
---
 core/src/main/java/jenkins/model/Jenkins.java | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index 15a4edce00..4d7611e9f7 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -918,9 +918,7 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
             if(KILL_AFTER_LOAD)
                 // TODO cleanUp?
                 System.exit(0);
-
-            setupWizard = new SetupWizard();
-            getInstallState().initializeState();
+            save();
 
             launchTcpSlaveAgentListener();
 
@@ -3146,6 +3144,9 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
                 // auto register root actions
                 for (Action a : getExtensionList(RootAction.class))
                     if (!actions.contains(a)) actions.add(a);
+
+                setupWizard = new SetupWizard();
+                getInstallState().initializeState();
             }
         });
 
-- 
GitLab


From 5d4a76d28423dea1aedbb7ee73e9444a834b2ff9 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 26 Feb 2018 10:48:02 -0500
Subject: [PATCH 283/863] [JENKINS-49573] Fix bad serialization of
 ParametersAction.parameterDefinitionNames.

(cherry picked part of commit fcae9bb59881a8878774e4ebbe563935ed1382b4)
---
 core/src/main/java/hudson/model/ParametersAction.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/model/ParametersAction.java b/core/src/main/java/hudson/model/ParametersAction.java
index b5fe85a795..9de8ef8dcd 100644
--- a/core/src/main/java/hudson/model/ParametersAction.java
+++ b/core/src/main/java/hudson/model/ParametersAction.java
@@ -299,7 +299,7 @@ public class ParametersAction implements RunAction2, Iterable<ParameterValue>, Q
     public void onAttached(Run<?, ?> r) {
         ParametersDefinitionProperty p = r.getParent().getProperty(ParametersDefinitionProperty.class);
         if (p != null) {
-            this.parameterDefinitionNames = p.getParameterDefinitionNames();
+            this.parameterDefinitionNames = new ArrayList<>(p.getParameterDefinitionNames());
         } else {
             this.parameterDefinitionNames = Collections.emptyList();
         }
-- 
GitLab


From f3a1c41c1281aaef8c39c4f7889775bd75c65a82 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Mon, 26 Mar 2018 16:16:30 +0200
Subject: [PATCH 284/863] - add unit test for the monitoring page (include
 filter work) - correct placement of stapler:adjunct to avoid putting <link>
 before the html tag - decrease the javascript version required to run
 resources.js (for unit test) - re-move the zip file due the package migration
 that was done on it but was not required

---
 .../jenkins/security/ApiTokenProperty.java    |   3 +-
 .../security/ApiTokenProperty/config.jelly    |   2 +-
 .../manage.jelly                              |  12 +-
 .../manage.properties                         |   2 +-
 .../resources.js                              |  51 ++-
 ...gacyApiTokenAdministrativeMonitorTest.java | 376 ++++++++++++++++++
 .../migrationFromLegacyToken.zip              | Bin
 7 files changed, 417 insertions(+), 29 deletions(-)
 create mode 100644 test/src/test/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitorTest.java
 rename test/src/test/resources/jenkins/security/{apitoken => }/ApiTokenPropertyTest/migrationFromLegacyToken.zip (100%)

diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index 26a830ffa1..ecf124d9aa 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -346,8 +346,7 @@ public class ApiTokenProperty extends UserProperty {
          */
         public ApiTokenProperty newInstance(User user) {
             if (!ApiTokenPropertyConfiguration.get().isTokenGenerationOnCreationEnabled()) {
-                // recommended way
-                return null;
+                return forceNewInstance(user, false);
             }
 
             return forceNewInstance(user, true);
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
index 83aece0d28..f00194b36d 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
@@ -121,7 +121,7 @@ THE SOFTWARE.
     <j:if test="${descriptor.mustDisplayLegacyApiToken(it)}">
         <f:advanced title="${%Show Legacy API Token}" align="left">
             <f:entry title="${%Legacy API Token}" field="apiToken">
-                <f:readOnlyTextbox id="apiToken" value="${descriptor.noLegacyToken}"/>
+                <f:readOnlyTextbox id="apiToken" default="${descriptor.noLegacyToken}"/>
             </f:entry>
             <f:validateButton title="${%Change API Token}" method="changeToken" clazz="ignore-confirm-panel"/>
         </f:advanced>
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
index 63bd68f97f..48d4b1b0fb 100644
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
@@ -24,8 +24,8 @@ THE SOFTWARE.
 <?jelly escape-by-default='true'?>
 <j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" 
          xmlns:t="/lib/hudson" xmlns:f="/lib/form" xmlns:i="jelly:fmt">
-    <st:adjunct includes="jenkins.security.apitoken.LegacyApiTokenAdministrativeMonitor.resources"/>
     <l:layout title="${%title}">
+        <st:adjunct includes="jenkins.security.apitoken.LegacyApiTokenAdministrativeMonitor.resources"/>
         <st:include page="sidepanel.jelly" it="${app}"/>
         <l:main-panel>
             <div class="legacy-token-usage">
@@ -104,20 +104,20 @@ THE SOFTWARE.
                                         <td>
                                             <j:choose>
                                                 <j:when test="${hasFreshToken}">
-                                                    <l:icon class="icon-accept icon-sm"/>
+                                                    <l:icon class="icon-accept icon-sm" alt="${%Fresh token}"/>
                                                 </j:when>
                                                 <j:otherwise>
-                                                    <l:icon class="icon-warning icon-sm"/>
+                                                    <l:icon class="icon-warning icon-sm" alt="${%No fresh token}"/>
                                                 </j:otherwise>
                                             </j:choose>
                                         </td>
                                         <td>
                                             <j:choose>
                                                 <j:when test="${hasMoreRecentlyUsedToken}">
-                                                    <l:icon class="icon-accept icon-sm"/>
+                                                    <l:icon class="icon-accept icon-sm" alt="${%Recently used token}"/>
                                                 </j:when>
                                                 <j:otherwise>
-                                                    <l:icon class="icon-warning icon-sm"/>
+                                                    <l:icon class="icon-warning icon-sm" alt="${%No recently used token}"/>
                                                 </j:otherwise>
                                             </j:choose>
                                         </td>
@@ -127,7 +127,7 @@ THE SOFTWARE.
                             </j:forEach>
                         </j:when>
                         <j:otherwise>
-                            <tr>
+                            <tr class="no-token-line">
                                 <td colspan="9">
                                     <div class="no-token">
                                         ${%NoImpactedUser}
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
index 1267ce75d9..52b7a61c49 100644
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
@@ -25,7 +25,7 @@ HasMoreRecentlyUsedToken_tooltip=A recently used token is a token from the new s
 that was used the last time after the last use of the legacy token. \n\n\
 Also it is important to notice that legacy token's creation date is reset \n\
 every time the instance is restarted if they were never saved before.
-NoImpactedUser=There is no users with legacy token
+NoImpactedUser=There are no users with legacy token
 NoCreationDate=There is no creation date for that token
 NoLastUse=There is no last use date for that token
 RevokeAllSelected=Revoke the selected token(s)
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/resources.js b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/resources.js
index 6b598e0ce5..8286fd8dc7 100644
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/resources.js
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/resources.js
@@ -47,21 +47,27 @@ function selectRecent(anchor){
 
 function checkTheDesiredOne(allCheckBoxes, concernedCheckBoxes){
     var mustCheck = false;
-    concernedCheckBoxes.forEach(function(checkbox){
-        if(!checkbox.checked){
+    for(var i = 0; i < concernedCheckBoxes.length ; i++){
+        var checkBox = concernedCheckBoxes[i];
+        if(!checkBox.checked){
             mustCheck = true;
         }
-    });
+    }
     
-    allCheckBoxes.forEach(function(checkbox){
-        checkbox.checked = false;
-    });
+    for(var i = 0; i < allCheckBoxes.length ; i++){
+        var checkBox = allCheckBoxes[i];
+        checkBox.checked = false;
+    }
     
-    concernedCheckBoxes.forEach(function(checkbox){
-        checkbox.checked = mustCheck;
-    });
+    for(var i = 0; i < concernedCheckBoxes.length ; i++){
+        var checkBox = concernedCheckBoxes[i];
+        checkBox.checked = mustCheck;
+    }
     
-    allCheckBoxes.forEach(onCheckChanged);
+    for(var i = 0; i < allCheckBoxes.length ; i++){
+        var checkBox = allCheckBoxes[i];
+        onCheckChanged(checkBox);
+    }
 }
 
 function confirmAndRevokeAllSelected(button){
@@ -84,11 +90,14 @@ function confirmAndRevokeAllSelected(button){
         if(confirm(confirmMessage)){
             var url = button.getAttribute('data-url');
             var selectedValues = [];
-            allCheckedCheckBoxes.forEach(function(c){
-                var userId = c.getAttribute('data-user-id');
-                var uuid = c.getAttribute('data-uuid');
+            
+            for(var i = 0; i < allCheckedCheckBoxes.length ; i++){
+                var checkBox = allCheckedCheckBoxes[i];
+                var userId = checkBox.getAttribute('data-user-id');
+                var uuid = checkBox.getAttribute('data-uuid');
                 selectedValues.push({userId: userId, uuid: uuid});
-            });
+            }
+            
             var params = {values: selectedValues}
             new Ajax.Request(url, {
                 postBody: Object.toJSON(params),
@@ -125,13 +134,17 @@ function onCheckChanged(checkBox){
 (function(){
     document.addEventListener("DOMContentLoaded", function() {
         var allLines = document.querySelectorAll('.legacy-token-usage table tr');
-        allLines.forEach(function(line){
-            line.onclick = onLineClicked;
-        });
+        for(var i = 0; i < allLines.length; i++){
+            var line = allLines[i];
+            if(!line.hasClassName('no-token-line')){
+                line.onclick = onLineClicked;
+            }
+        }
         
         var allCheckBoxes = document.querySelectorAll('.token-to-revoke');
-        allCheckBoxes.forEach(function(checkBox){
+        for(var i = 0; i < allCheckBoxes.length; i++){
+            var checkBox = allCheckBoxes[i];
             checkBox.onchange = function(){ onCheckChanged(checkBox); };
-        });
+        }
     });
 })()
\ No newline at end of file
diff --git a/test/src/test/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitorTest.java b/test/src/test/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitorTest.java
new file mode 100644
index 0000000000..bad41c5997
--- /dev/null
+++ b/test/src/test/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitorTest.java
@@ -0,0 +1,376 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.security.apitoken;
+
+import com.gargoylesoftware.htmlunit.Page;
+import com.gargoylesoftware.htmlunit.html.DomNodeList;
+import com.gargoylesoftware.htmlunit.html.HtmlAnchor;
+import com.gargoylesoftware.htmlunit.html.HtmlButton;
+import com.gargoylesoftware.htmlunit.html.HtmlDivision;
+import com.gargoylesoftware.htmlunit.html.HtmlElement;
+import com.gargoylesoftware.htmlunit.html.HtmlElementUtil;
+import com.gargoylesoftware.htmlunit.html.HtmlPage;
+import hudson.model.AdministrativeMonitor;
+import hudson.model.User;
+import jenkins.security.ApiTokenProperty;
+import org.apache.commons.lang.StringUtils;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.JenkinsRule;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+public class LegacyApiTokenAdministrativeMonitorTest {
+    
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+    
+    @Test
+    public void isActive() throws Exception {
+        ApiTokenPropertyConfiguration config = ApiTokenPropertyConfiguration.get();
+        config.setCreationOfLegacyTokenEnabled(true);
+        config.setTokenGenerationOnCreationEnabled(false);
+        
+        // user created without legacy token
+        User user = User.getById("user", true);
+        ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
+        assertFalse(apiTokenProperty.hasLegacyToken());
+        
+        LegacyApiTokenAdministrativeMonitor monitor = j.jenkins.getExtensionList(AdministrativeMonitor.class).get(LegacyApiTokenAdministrativeMonitor.class);
+        assertFalse(monitor.isActivated());
+        
+        ApiTokenStore.TokenIdAndPlainValue tokenInfo = apiTokenProperty.getTokenStore().generateNewToken("Not Legacy");
+        // "new" token does not trigger the monitor
+        assertFalse(monitor.isActivated());
+        
+        apiTokenProperty.getTokenStore().revokeToken(tokenInfo.tokenId);
+        assertFalse(monitor.isActivated());
+        
+        apiTokenProperty.changeApiToken();
+        assertTrue(monitor.isActivated());
+    }
+    
+    @Test
+    public void listOfUserWithLegacyTokenIsCorrect() throws Exception {
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        
+        ApiTokenPropertyConfiguration config = ApiTokenPropertyConfiguration.get();
+        config.setCreationOfLegacyTokenEnabled(true);
+        config.setTokenGenerationOnCreationEnabled(false);
+        
+        LegacyApiTokenAdministrativeMonitor monitor = j.jenkins.getExtensionList(AdministrativeMonitor.class).get(LegacyApiTokenAdministrativeMonitor.class);
+        JenkinsRule.WebClient wc = j.createWebClient();
+        
+        int numToken = 0;
+        int numFreshToken = 0;
+        int numRecentToken = 0;
+        
+        {// no user
+            checkUserWithLegacyTokenListIsEmpty(wc, monitor);
+        }
+        {// with user without any token
+            User user = User.getById("user", true);
+            ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
+            assertFalse(apiTokenProperty.hasLegacyToken());
+            
+            checkUserWithLegacyTokenListIsEmpty(wc, monitor);
+        }
+        {// with user with token but without legacy token
+            User user = User.getById("user", true);
+            ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
+            assertFalse(apiTokenProperty.hasLegacyToken());
+            
+            apiTokenProperty.getTokenStore().generateNewToken("Not legacy");
+            
+            checkUserWithLegacyTokenListIsEmpty(wc, monitor);
+            checkUserWithLegacyTokenListHasSizeOf(wc, monitor, numToken, numFreshToken, numRecentToken);
+        }
+        {// one user with just legacy token
+            createUserWithToken(true, false, false);
+            
+            numToken++;
+            
+            checkUserWithLegacyTokenListHasSizeOf(wc, monitor, numToken, numFreshToken, numRecentToken);
+        }
+        {// one user with a fresh token
+            // fresh = created after the last use of the legacy token (or its creation)
+            createUserWithToken(true, true, false);
+            
+            numToken++;
+            numFreshToken++;
+            
+            checkUserWithLegacyTokenListHasSizeOf(wc, monitor, numToken, numFreshToken, numRecentToken);
+        }
+        {// one user with a recent token (that is not fresh)
+            // recent = last use after the last use of the legacy token (or its creation)
+            createUserWithToken(true, false, true);
+            
+            numToken++;
+            numRecentToken++;
+            
+            checkUserWithLegacyTokenListHasSizeOf(wc, monitor, numToken, numFreshToken, numRecentToken);
+        }
+        {// one user with a fresh + recent token
+            createUserWithToken(true, true, true);
+            
+            numToken++;
+            numFreshToken++;
+            numRecentToken++;
+            
+            checkUserWithLegacyTokenListHasSizeOf(wc, monitor, numToken, numFreshToken, numRecentToken);
+        }
+    }
+    
+    @Test
+    public void monitorManagePageFilterAreWorking() throws Exception {
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        
+        ApiTokenPropertyConfiguration config = ApiTokenPropertyConfiguration.get();
+        config.setCreationOfLegacyTokenEnabled(true);
+        config.setTokenGenerationOnCreationEnabled(false);
+        
+        // create 1 user with legacy, 2 with fresh, 3 with recent and 4 with fresh+recent
+        prepareUsersForFilters();
+        
+        LegacyApiTokenAdministrativeMonitor monitor = j.jenkins.getExtensionList(AdministrativeMonitor.class).get(LegacyApiTokenAdministrativeMonitor.class);
+        JenkinsRule.WebClient wc = j.createWebClient();
+        
+        HtmlPage page = wc.goTo(monitor.getUrl() + "/manage");
+        checkUserWithLegacyTokenListHasSizeOf(page, 1 + 2 + 3 + 4, 2 + 4, 3 + 4);
+        
+        HtmlElement document = page.getDocumentElement();
+        HtmlElement filterDiv = document.getOneHtmlElementByAttribute("div", "class", "selection-panel");
+        DomNodeList<HtmlElement> filters = filterDiv.getElementsByTagName("a");
+        assertEquals(3, filters.size());
+        HtmlAnchor filterAll = (HtmlAnchor) filters.get(0);
+        HtmlAnchor filterOnlyFresh = (HtmlAnchor) filters.get(1);
+        HtmlAnchor filterOnlyRecent = (HtmlAnchor) filters.get(2);
+        
+        { // test just the filterAll
+            checkNumberOfSelectedTr(document, 0);
+            
+            HtmlElementUtil.click(filterAll);
+            checkNumberOfSelectedTr(document, 1 + 2 + 3 + 4);
+            
+            HtmlElementUtil.click(filterAll);
+            checkNumberOfSelectedTr(document, 0);
+        }
+        { // test just the filterOnlyFresh
+            HtmlElementUtil.click(filterOnlyFresh);
+            checkNumberOfSelectedTr(document, 2 + 4);
+            
+            HtmlElementUtil.click(filterOnlyFresh);
+            checkNumberOfSelectedTr(document, 0);
+        }
+        { // test just the filterOnlyRecent
+            HtmlElementUtil.click(filterOnlyRecent);
+            checkNumberOfSelectedTr(document, 3 + 4);
+            
+            HtmlElementUtil.click(filterOnlyRecent);
+            checkNumberOfSelectedTr(document, 0);
+        }
+        { // test interaction
+            HtmlElementUtil.click(filterOnlyFresh);
+            checkNumberOfSelectedTr(document, 2 + 4);
+            
+            // the 4 (recent+fresh) are still selected
+            HtmlElementUtil.click(filterOnlyRecent);
+            checkNumberOfSelectedTr(document, 3 + 4);
+            
+            HtmlElementUtil.click(filterAll);
+            checkNumberOfSelectedTr(document, 1 + 2 + 3 + 4);
+        }
+    }
+    
+    private void prepareUsersForFilters() throws Exception {
+        // 1 user with just legacy token
+        createUserWithToken(true, false, false);
+        
+        // 2 users fresh but not recent
+        createUserWithToken(true, true, false);
+        createUserWithToken(true, true, false);
+        
+        // 3 users recent but not fresh
+        createUserWithToken(true, false, true);
+        createUserWithToken(true, false, true);
+        createUserWithToken(true, false, true);
+        
+        // 4 users fresh and recent
+        createUserWithToken(true, true, true);
+        createUserWithToken(true, true, true);
+        createUserWithToken(true, true, true);
+        createUserWithToken(true, true, true);
+    }
+    
+    private void checkNumberOfSelectedTr(HtmlElement document, int expectedCount) {
+        DomNodeList<HtmlElement> trList = document.getElementsByTagName("tr");
+        long amount = trList.stream().filter(htmlElement -> htmlElement.getAttribute("class").contains("selected")).count();
+        assertEquals(expectedCount, amount);
+    }
+    
+    @Test
+    public void monitorManagePageCanRevokeToken() throws Exception {
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        
+        ApiTokenPropertyConfiguration config = ApiTokenPropertyConfiguration.get();
+        config.setCreationOfLegacyTokenEnabled(true);
+        config.setTokenGenerationOnCreationEnabled(false);
+        
+        // create 1 user with legacy, 2 with fresh, 3 with recent and 4 with fresh+recent
+        prepareUsersForFilters();
+        
+        LegacyApiTokenAdministrativeMonitor monitor = j.jenkins.getExtensionList(AdministrativeMonitor.class).get(LegacyApiTokenAdministrativeMonitor.class);
+        assertTrue(monitor.isActivated());
+        
+        JenkinsRule.WebClient wc = j.createWebClient();
+        
+        HtmlPage page = wc.goTo(monitor.getUrl() + "/manage");
+        checkUserWithLegacyTokenListHasSizeOf(page, 1 + 2 + 3 + 4, 2 + 4, 3 + 4);
+        
+        {// select 2
+            HtmlAnchor filterOnlyFresh = getFilterByIndex(page, 1);
+            HtmlElementUtil.click(filterOnlyFresh);
+        }
+        // revoke them
+        HtmlButton revokeSelected = getRevokeSelected(page);
+        HtmlElementUtil.click(revokeSelected);
+        
+        HtmlPage newPage = checkUserWithLegacyTokenListHasSizeOf(wc, monitor, 1 + 3, 0, 3);
+        assertTrue(monitor.isActivated());
+        
+        {// select 1 + 3
+            HtmlAnchor filterAll = getFilterByIndex(newPage, 0);
+            HtmlElementUtil.click(filterAll);
+        }
+        // revoke them
+        revokeSelected = getRevokeSelected(newPage);
+        HtmlElementUtil.click(revokeSelected);
+        checkUserWithLegacyTokenListHasSizeOf(wc, monitor, 0, 0, 0);
+        assertFalse(monitor.isActivated());
+    }
+    
+    private HtmlAnchor getFilterByIndex(HtmlPage page, int index) {
+        HtmlElement document = page.getDocumentElement();
+        HtmlDivision filterDiv = document.getOneHtmlElementByAttribute("div", "class", "selection-panel");
+        DomNodeList<HtmlElement> filters = filterDiv.getElementsByTagName("a");
+        assertEquals(3, filters.size());
+        
+        HtmlAnchor filter = (HtmlAnchor) filters.get(index);
+        assertNotNull(filter);
+        return filter;
+    }
+    
+    private HtmlButton getRevokeSelected(HtmlPage page) {
+        HtmlElement document = page.getDocumentElement();
+        HtmlButton revokeSelected = document.getOneHtmlElementByAttribute("button", "class", "action-revoke-selected");
+        assertNotNull(revokeSelected);
+        return revokeSelected;
+    }
+    
+    private void checkUserWithLegacyTokenListIsEmpty(JenkinsRule.WebClient wc, LegacyApiTokenAdministrativeMonitor monitor) throws Exception {
+        HtmlPage page = wc.goTo(monitor.getUrl() + "/manage");
+        String pageContent = page.getWebResponse().getContentAsString();
+        assertTrue(pageContent.contains("no-token-line"));
+    }
+    
+    private HtmlPage checkUserWithLegacyTokenListHasSizeOf(
+            JenkinsRule.WebClient wc, LegacyApiTokenAdministrativeMonitor monitor,
+            int countOfToken, int countOfFreshToken, int countOfRecentToken) throws Exception {
+        HtmlPage page = wc.goTo(monitor.getUrl() + "/manage");
+        checkUserWithLegacyTokenListHasSizeOf(page, countOfToken, countOfFreshToken, countOfRecentToken);
+        return page;
+    }
+    
+    private void checkUserWithLegacyTokenListHasSizeOf(
+            Page page,
+            int countOfToken, int countOfFreshToken, int countOfRecentToken) throws Exception {
+        String pageContent = page.getWebResponse().getContentAsString();
+        
+        int actualCountOfToken = StringUtils.countMatches(pageContent, "token-to-revoke");
+        assertEquals(countOfToken, actualCountOfToken);
+        
+        int actualCountOfFreshToken = StringUtils.countMatches(pageContent, "fresh-token");
+        assertEquals(countOfFreshToken, actualCountOfFreshToken);
+        
+        int actualCountOfRecentToken = StringUtils.countMatches(pageContent, "recent-token");
+        assertEquals(countOfRecentToken, actualCountOfRecentToken);
+    }
+    
+    private void simulateUseOfLegacyToken(User user) throws Exception {
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.withBasicApiToken(user);
+        
+        wc.goTo("whoAmI");
+    }
+    
+    private void simulateUseOfToken(User user, String tokenPlainValue) throws Exception {
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.withBasicCredentials(user.getId(), tokenPlainValue);
+        
+        wc.goTo("whoAmI");
+    }
+    
+    private int nextId = 0;
+    
+    private User createUserWithToken(boolean legacy, boolean fresh, boolean recent) throws Exception {
+        User user = User.getById(String.format("user %b %b %b %d", legacy, fresh, recent, nextId++), true);
+        if (!legacy) {
+            return user;
+        }
+        
+        ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
+        apiTokenProperty.changeApiToken();
+        
+        if (fresh) {
+            if (recent) {
+                simulateUseOfLegacyToken(user);
+                Thread.sleep(1);
+                
+                ApiTokenStore.TokenIdAndPlainValue tokenInfo = apiTokenProperty.getTokenStore().generateNewToken("Fresh and recent token");
+                simulateUseOfToken(user, tokenInfo.plainValue);
+            } else {
+                simulateUseOfLegacyToken(user);
+                Thread.sleep(1);
+                
+                apiTokenProperty.getTokenStore().generateNewToken("Fresh token");
+            }
+        } else {
+            if (recent) {
+                ApiTokenStore.TokenIdAndPlainValue tokenInfo = apiTokenProperty.getTokenStore().generateNewToken("Recent token");
+                Thread.sleep(1);
+                
+                simulateUseOfLegacyToken(user);
+                Thread.sleep(1);
+                
+                simulateUseOfToken(user, tokenInfo.plainValue);
+            }
+            //else: no other token to generate
+        }
+        
+        return user;
+    }
+}
diff --git a/test/src/test/resources/jenkins/security/apitoken/ApiTokenPropertyTest/migrationFromLegacyToken.zip b/test/src/test/resources/jenkins/security/ApiTokenPropertyTest/migrationFromLegacyToken.zip
similarity index 100%
rename from test/src/test/resources/jenkins/security/apitoken/ApiTokenPropertyTest/migrationFromLegacyToken.zip
rename to test/src/test/resources/jenkins/security/ApiTokenPropertyTest/migrationFromLegacyToken.zip
-- 
GitLab


From 9f8b5d691e3d11d65625497a1b876e1d47c466d0 Mon Sep 17 00:00:00 2001
From: Raul Arabaolaza <rarabaolaza@cloudbees.com>
Date: Mon, 26 Mar 2018 17:42:19 +0200
Subject: [PATCH 285/863] [JENKINS-50405] Run the entire thing in docker &&
 highmem node

---
 Jenkinsfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Jenkinsfile b/Jenkinsfile
index eaee7decb7..20ac0b0b63 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -67,7 +67,7 @@ for(i = 0; i < buildTypes.size(); i++) {
 }
 
 builds.ath = {
-    node("linux") {
+    node("docker&&highmem") {
         // Just to be safe
         deleteDir()
         def fileUri
-- 
GitLab


From a277b58adca24068347d952c85288470a09b611c Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Mon, 19 Mar 2018 17:30:33 +0100
Subject: [PATCH 286/863] [JENKINS-50237] - Whitelist
 org.apache.tools.ant.Location for serialization

(cherry picked from commit 300fbc3715f1f96a67300e22ab2dc3a7f1556746)
---
 core/src/main/resources/jenkins/security/whitelisted-classes.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/src/main/resources/jenkins/security/whitelisted-classes.txt b/core/src/main/resources/jenkins/security/whitelisted-classes.txt
index 48a9b5db69..1f69b062c2 100644
--- a/core/src/main/resources/jenkins/security/whitelisted-classes.txt
+++ b/core/src/main/resources/jenkins/security/whitelisted-classes.txt
@@ -152,6 +152,7 @@ net.bull.javamelody.internal.model.TomcatInformations
 org.acegisecurity.userdetails.User
 org.apache.commons.fileupload.disk.DiskFileItem
 org.apache.commons.fileupload.util.FileItemHeadersImpl
+org.apache.tools.ant.Location
 
 # TODO remove when git-client 2.7.1+ is widely adopted
 org.eclipse.jgit.lib.ObjectId
-- 
GitLab


From 2090468d82e49345519a2457f1d1e7426f01540b Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 26 Mar 2018 18:37:45 -0400
Subject: [PATCH 287/863] Using new beta annotation.

---
 core/src/main/java/jenkins/util/VirtualFile.java | 7 +++++++
 pom.xml                                          | 7 ++++---
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/jenkins/util/VirtualFile.java b/core/src/main/java/jenkins/util/VirtualFile.java
index 77d5615787..9427bbd85e 100644
--- a/core/src/main/java/jenkins/util/VirtualFile.java
+++ b/core/src/main/java/jenkins/util/VirtualFile.java
@@ -62,6 +62,8 @@ import org.apache.tools.ant.types.AbstractFileSet;
 import org.apache.tools.ant.types.selectors.SelectorUtils;
 import org.apache.tools.ant.types.selectors.TokenizedPath;
 import org.apache.tools.ant.types.selectors.TokenizedPattern;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.Beta;
 
 /**
  * Abstraction over {@link File}, {@link FilePath}, or other items such as network resources or ZIP entries.
@@ -149,6 +151,7 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
      * @throws IOException if reading the link, or even determining whether this file is a link, failed
      * @since FIXME
      */
+    @Restricted(Beta.class)
     public @CheckForNull String readLink() throws IOException {
         return null;
     }
@@ -188,6 +191,7 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
      * @throws IOException if this is not a directory, or listing was not possible for some other reason
      * @since FIXME
      */
+    @Restricted(Beta.class)
     public @Nonnull Collection<String> list(@Nonnull String includes, @CheckForNull String excludes, boolean useDefaultExcludes) throws IOException {
         Collection<String> r = run(new CollectFiles(this));
         List<TokenizedPattern> includePatterns = patterns(includes);
@@ -265,6 +269,7 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
      * @throws IOException if checking the mode failed
      * @since FIXME
      */
+    @Restricted(Beta.class)
     public int mode() throws IOException {
         return -1;
     }
@@ -342,6 +347,7 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
      * @since FIXME
      * @see #toExternalURL
      */
+    @Restricted(Beta.class)
     public @CheckForNull VirtualFile asRemotable() {
         return null;
     }
@@ -364,6 +370,7 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
      * @see #toURI
      * @see #asRemotable
      */
+    @Restricted(Beta.class)
     public @CheckForNull URL toExternalURL() throws IOException {
         return null;
     }
diff --git a/pom.xml b/pom.xml
index 5545718723..d468f98f4e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -93,9 +93,10 @@ THE SOFTWARE.
     <matrix-project.version>1.4.1</matrix-project.version>
     <sorcerer.version>0.11</sorcerer.version>
     <animal.sniffer.skip>${skipTests}</animal.sniffer.skip>
-    <access-modifier.version>1.13</access-modifier.version>
-    <access-modifier-annotation.version>${access-modifier.version}</access-modifier-annotation.version> <!-- differing only where needed for timestamped snapshots -->
-    <access-modifier-checker.version>${access-modifier.version}</access-modifier-checker.version>
+    <access-modifier.version>1.14-SNAPSHOT</access-modifier.version> <!-- TODO https://github.com/kohsuke/access-modifier/pull/11 -->
+    <!-- After release, would just be ${access-modifier.version}: -->
+    <access-modifier-annotation.version>1.14-20180326.221427-2</access-modifier-annotation.version>
+    <access-modifier-checker.version>1.14-20180326.221430-2</access-modifier-checker.version>
 
     <java.level>8</java.level>
 
-- 
GitLab


From 3a6a05e5183ce013f355784a1ddb529d7183192c Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Tue, 27 Mar 2018 11:46:17 +0200
Subject: [PATCH 288/863] ApiTokenStore is now saved / loaded from a file aside
 config.xml in user folder - this allows the stats to be incremented without
 changing the config.xml of the user

---
 core/src/main/java/hudson/model/User.java     |  10 +-
 .../jenkins/security/ApiTokenProperty.java    |  51 +++------
 .../security/apitoken/ApiTokenStore.java      | 103 ++++++++++++++----
 .../ApiTokenPropertyConfigurationTest.java    |  16 ++-
 4 files changed, 117 insertions(+), 63 deletions(-)

diff --git a/core/src/main/java/hudson/model/User.java b/core/src/main/java/hudson/model/User.java
index 148526ca1d..6c21563337 100644
--- a/core/src/main/java/hudson/model/User.java
+++ b/core/src/main/java/hudson/model/User.java
@@ -764,6 +764,10 @@ public class User extends AbstractModelObject implements AccessControlled, Descr
     public @Override String toString() {
         return fullName;
     }
+    
+    public File getUserFolder(){
+        return getUserFolderFor(this.id);
+    }
 
     /**
      * The file we save our configuration.
@@ -773,7 +777,11 @@ public class User extends AbstractModelObject implements AccessControlled, Descr
     }
 
     private static final File getConfigFileFor(String id) {
-        return new File(getRootDir(), idStrategy().filenameOf(id) +"/config.xml");
+        return new File(getUserFolderFor(id), "config.xml");
+    }
+    
+    private static File getUserFolderFor(String id){
+        return new File(getRootDir(), idStrategy().filenameOf(id));
     }
 
     private static File getUnsanitizedLegacyConfigFileFor(String id) {
diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index ecf124d9aa..c473deddde 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -23,11 +23,9 @@
  */
 package jenkins.security;
 
-import com.thoughtworks.xstream.converters.UnmarshallingContext;
 import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
 import hudson.Extension;
 import hudson.Util;
-import hudson.util.XStream2;
 import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
 import jenkins.security.apitoken.ApiTokenStore;
 import jenkins.util.SystemProperties;
@@ -104,21 +102,22 @@ public class ApiTokenProperty extends UserProperty {
             SystemProperties.getBoolean(ApiTokenProperty.class.getName() + ".adminCanGenerateNewTokens");
 
     private volatile Secret apiToken;
-    private ApiTokenStore tokenStore;
+    // stored aside
+    private transient ApiTokenStore tokenStore;
     
     @DataBoundConstructor
     public ApiTokenProperty() {
-        this.init();
     }
     
-    public ApiTokenProperty readResolve() {
-        this.init();
-        return this;
-    }
+    @Override 
+    protected void setUser(User u) {
+        super.setUser(u);
     
-    private void init() {
         if (this.tokenStore == null) {
-            this.tokenStore = new ApiTokenStore();
+            this.tokenStore = ApiTokenStore.load(user.getUserFolder());
+        }
+        if(this.apiToken != null){
+            this.tokenStore.generateTokenFromLegacy(this.apiToken);
         }
     }
     
@@ -129,10 +128,7 @@ public class ApiTokenProperty extends UserProperty {
     /*package*/ ApiTokenProperty(@CheckForNull String seed) {
         if(seed != null){
             apiToken = Secret.fromString(seed);
-            tokenStore = new ApiTokenStore();
-            tokenStore.generateTokenFromLegacy(apiToken);
         }
-        this.init();
     }
 
     /**
@@ -189,11 +185,7 @@ public class ApiTokenProperty extends UserProperty {
         // as the legacy token (if existing) are also stored there
         boolean matchFound = tokenStore.doesContainToken(token);
         if (matchFound) {
-            try {
-                user.save();
-            } catch (IOException e) {
-                LOGGER.log(Level.WARNING, "Error saving the user after token match", e);
-            }
+            tokenStore.save();
         }
         
         return matchFound;
@@ -236,6 +228,7 @@ public class ApiTokenProperty extends UserProperty {
         Object tokenStoreData = form.get("tokenStore");
         Map<String, JSONObject> tokenStoreTypedData = convertToTokenMap(tokenStoreData);
         this.tokenStore.reconfigure(tokenStoreTypedData);
+        this.tokenStore.save();
         return this;
     }
     
@@ -281,7 +274,8 @@ public class ApiTokenProperty extends UserProperty {
 
         _changeApiToken();
         tokenStore.regenerateTokenFromLegacy(apiToken);
-        
+    
+        tokenStore.save();
         user.save();
     }
     
@@ -304,20 +298,6 @@ public class ApiTokenProperty extends UserProperty {
     public ApiTokenStore getTokenStore() {
         return tokenStore;
     }
-    
-    public static class ConverterImpl extends XStream2.PassthruConverter<ApiTokenProperty> {
-        public ConverterImpl(XStream2 xstream) {
-            super(xstream);
-        }
-        
-        @Override
-        protected void callback(ApiTokenProperty apiTokenProperty, UnmarshallingContext context) {
-            // support legacy configuration
-            if (apiTokenProperty.apiToken != null) {
-                apiTokenProperty.tokenStore.generateTokenFromLegacy(apiTokenProperty.apiToken);
-            }
-        }
-    }
 
     @Extension
     @Symbol("apiToken")
@@ -410,6 +390,8 @@ public class ApiTokenProperty extends UserProperty {
             ApiTokenProperty p = u.getProperty(ApiTokenProperty.class);
             if (p == null) {
                 p = forceNewInstance(u, true);
+                p.setUser(u);
+                p.tokenStore.save();
                 u.addProperty(p);
             } else {
                 // even if the user does not have legacy token, this method let some legacy system to regenerate one
@@ -442,6 +424,7 @@ public class ApiTokenProperty extends UserProperty {
             }
             
             ApiTokenStore.TokenIdAndPlainValue tokenIdAndPlainValue = p.tokenStore.generateNewToken(tokenName);
+            p.tokenStore.save();
             u.save();
             
             return HttpResponses.okJSON(new HashMap<String, String>() {{ 
@@ -475,6 +458,7 @@ public class ApiTokenProperty extends UserProperty {
                 // that could potentially happens between instance restart, the uuid stored in the page are no more valid
                 return HttpResponses.errorJSON("No token found, try refreshing the page");
             }
+            p.tokenStore.save();
             u.save();
             
             return HttpResponses.ok();
@@ -501,6 +485,7 @@ public class ApiTokenProperty extends UserProperty {
                 // if the user revoked the API Token, we can delete it
                 p.apiToken = null;
             }
+            p.tokenStore.save();
             u.save();
             
             return HttpResponses.ok();
diff --git a/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
index f621adcb3b..4a0b066450 100644
--- a/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
@@ -24,8 +24,11 @@
 package jenkins.security.apitoken;
 
 import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
+import hudson.BulkChange;
 import hudson.Util;
-import hudson.diagnosis.OldDataMonitor;
+import hudson.XmlFile;
+import hudson.model.Saveable;
+import hudson.model.listeners.SaveableListener;
 import hudson.util.Secret;
 import jenkins.security.Messages;
 import net.sf.json.JSONObject;
@@ -34,6 +37,8 @@ import org.apache.commons.lang.StringUtils;
 import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
 import javax.annotation.concurrent.Immutable;
+import java.io.File;
+import java.io.IOException;
 import java.nio.charset.StandardCharsets;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
@@ -53,8 +58,8 @@ import java.util.logging.Level;
 import java.util.logging.Logger;
 import java.util.stream.Collectors;
 
-public class ApiTokenStore {
-    private static final Logger LOGGER = Logger.getLogger(OldDataMonitor.class.getName());
+public class ApiTokenStore implements Saveable {
+    private static final Logger LOGGER = Logger.getLogger(ApiTokenStore.class.getName());
     private static final SecureRandom RANDOM = new SecureRandom();
     
     private static final Comparator<HashedToken> SORT_BY_LOWERCASED_NAME =
@@ -69,10 +74,16 @@ public class ApiTokenStore {
     
     private List<HashedToken> tokenList;
     
+    private transient File parent;
+    
     public ApiTokenStore() {
         this.init();
     }
     
+    public void setParent(File parent) {
+        this.parent = parent;
+    }
+    
     public ApiTokenStore readResolve() {
         this.init();
         return this;
@@ -118,7 +129,7 @@ public class ApiTokenStore {
     }
     
     public synchronized void generateTokenFromLegacy(@Nonnull Secret newLegacyApiToken) {
-        if(tokenList.stream().noneMatch(HashedToken::isLegacy)){
+        if (tokenList.stream().noneMatch(HashedToken::isLegacy)) {
             regenerateTokenFromLegacy(newLegacyApiToken);
         }
     }
@@ -158,7 +169,7 @@ public class ApiTokenStore {
         HashedToken token = HashedToken.buildNew(name, hashValue);
         
         this.addToken(token);
-    
+        
         return new TokenIdAndPlainValue(token.uuid, tokenTheUserWillUse);
     }
     
@@ -172,7 +183,7 @@ public class ApiTokenStore {
         // ascii is sufficient for hex-format
         return hashedBytes(secretValueInPlainText.getBytes(StandardCharsets.US_ASCII));
     }
-
+    
     private @Nonnull byte[] hashedBytes(byte[] tokenBytes) {
         MessageDigest digest;
         try {
@@ -217,25 +228,25 @@ public class ApiTokenStore {
     private boolean searchMatch(String plainToken) {
         byte[] hashedBytes = plainSecretToHashBytes(plainToken);
         for (HashedToken token : tokenList) {
-            if(token.match(hashedBytes)){
+            if (token.match(hashedBytes)) {
                 token.incrementUse();
                 return true;
             }
         }
-
+        
         return false;
     }
     
     public synchronized @CheckForNull HashedToken revokeToken(@Nonnull String tokenUuid) {
-        for (Iterator<HashedToken> iterator = tokenList.iterator(); iterator.hasNext();) {
+        for (Iterator<HashedToken> iterator = tokenList.iterator(); iterator.hasNext(); ) {
             HashedToken token = iterator.next();
             if (token.uuid.equals(tokenUuid)) {
                 iterator.remove();
-
+                
                 return token;
             }
         }
-
+        
         return null;
     }
     
@@ -246,11 +257,58 @@ public class ApiTokenStore {
                 return true;
             }
         }
-
+        
         LOGGER.log(Level.FINER, "The target token for rename does not exist, for uuid = {0}, with desired name = {1}", new Object[]{tokenUuid, newName});
         return false;
     }
     
+    /**
+     * Saves the configuration info to the disk.
+     */
+    @Override
+    public synchronized void save() {
+        if (BulkChange.contains(this))
+            return;
+        
+        XmlFile configFile = getConfigFile(parent);
+        try {
+            configFile.write(this);
+            SaveableListener.fireOnChange(this, configFile);
+        } catch (IOException e) {
+            LOGGER.log(Level.WARNING, "Failed to save " + configFile, e);
+        }
+    }
+    
+    /**
+     * Loads the data from the disk into this object.
+     *
+     * <p>
+     * The constructor of the derived class must call this method.
+     * (If we do that in the base class, the derived class won't
+     * get a chance to set default values.)
+     */
+    public static synchronized ApiTokenStore load(File parent) {
+        XmlFile file = getConfigFile(parent);
+        ApiTokenStore apiTokenStore;
+        if (file.exists()) {
+            try {
+                apiTokenStore = (ApiTokenStore) file.unmarshal(ApiTokenStore.class);
+            } catch (IOException e) {
+                LOGGER.log(Level.WARNING, "Failed to load " + file, e);
+                apiTokenStore = new ApiTokenStore();
+            }
+        } else {
+            apiTokenStore = new ApiTokenStore();
+        }
+        
+        apiTokenStore.setParent(parent);
+        return apiTokenStore;
+    }
+    
+    protected static XmlFile getConfigFile(File parent) {
+        return new XmlFile(new File(parent, "apiTokenStore.xml"));
+    }
+    
     /**
      * [2: version][32: real token]
      */
@@ -271,7 +329,7 @@ public class ApiTokenStore {
     public static class TokenIdAndPlainValue {
         public final String tokenId;
         public final String plainValue;
-    
+        
         public TokenIdAndPlainValue(String tokenId, String plainValue) {
             this.tokenId = tokenId;
             this.plainValue = plainValue;
@@ -318,14 +376,13 @@ public class ApiTokenStore {
         
         public boolean match(byte[] hashedBytes) {
             byte[] hashFromHex;
-            try{
+            try {
                 hashFromHex = Util.fromHexString(value.hash);
-            }
-            catch(NumberFormatException e){
+            } catch (NumberFormatException e) {
                 LOGGER.log(Level.INFO, "The API token with name=[{0}] is not in hex-format and so cannot be used", name);
                 return false;
             }
-
+            
             // String.equals() is not constant-time but this method is. No link between correctness and time spent
             return MessageDigest.isEqual(hashFromHex, hashedBytes);
         }
@@ -334,33 +391,33 @@ public class ApiTokenStore {
         public String getName() {
             return name;
         }
-    
+        
         // used by Jelly view
         public int getUseCounter() {
             return useCounter == null ? 0 : useCounter;
         }
-    
+        
         // used by Jelly view
         public Date getLastUseDate() {
             return lastUseDate;
         }
-    
+        
         // used by Jelly view
         public long getNumDaysUse() {
             return lastUseDate == null ? 0 : computeDeltaDays(lastUseDate.toInstant(), Instant.now());
         }
-    
+        
         // used by Jelly view
         public Date getCreationDate() {
             return creationDate;
         }
-    
+        
         // used by Jelly view
         public long getNumDaysCreation() {
             // should not happen but just in case
             return creationDate == null ? 0 : computeDeltaDays(creationDate.toInstant(), Instant.now());
         }
-    
+        
         // used by Jelly view
         public String getUuid() {
             return this.uuid;
diff --git a/test/src/test/java/jenkins/security/apitoken/ApiTokenPropertyConfigurationTest.java b/test/src/test/java/jenkins/security/apitoken/ApiTokenPropertyConfigurationTest.java
index 7e76f6543b..413fcbbe82 100644
--- a/test/src/test/java/jenkins/security/apitoken/ApiTokenPropertyConfigurationTest.java
+++ b/test/src/test/java/jenkins/security/apitoken/ApiTokenPropertyConfigurationTest.java
@@ -26,7 +26,6 @@ package jenkins.security.apitoken;
 import hudson.model.User;
 import jenkins.security.ApiTokenProperty;
 import jenkins.security.Messages;
-import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
 import org.junit.Assert;
 import org.junit.Rule;
 import org.junit.Test;
@@ -34,8 +33,8 @@ import org.jvnet.hudson.test.Issue;
 import org.jvnet.hudson.test.JenkinsRule;
 
 import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNotEquals;
-import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
 
 public class ApiTokenPropertyConfigurationTest {
     
@@ -51,17 +50,22 @@ public class ApiTokenPropertyConfigurationTest {
         {
             User userWith = User.getById("userWith", true);
             ApiTokenProperty withToken = userWith.getProperty(ApiTokenProperty.class);
+            assertTrue(withToken.hasLegacyToken());
             assertEquals(1, withToken.getTokenList().size());
             
-            String withTokenValue = withToken.getApiToken();
-            Assert.assertNotEquals(Messages.ApiTokenProperty_NoLegacyToken(), withTokenValue);
+            String tokenValue = withToken.getApiToken();
+            Assert.assertNotEquals(Messages.ApiTokenProperty_NoLegacyToken(), tokenValue);
         }
         
         config.setTokenGenerationOnCreationEnabled(false);
         {
             User userWithout = User.getById("userWithout", true);
             ApiTokenProperty withoutToken = userWithout.getProperty(ApiTokenProperty.class);
-            assertNull(withoutToken);
+            assertFalse(withoutToken.hasLegacyToken());
+            assertEquals(0, withoutToken.getTokenList().size());
+            
+            String tokenValue = withoutToken.getApiToken();
+            Assert.assertEquals(Messages.ApiTokenProperty_NoLegacyToken(), tokenValue);
         }
     }
 }
-- 
GitLab


From 774388598e1bf861330c29470484d7957d86fe69 Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Tue, 27 Mar 2018 11:55:13 +0200
Subject: [PATCH 289/863] Add to check removing sysprop keeps the previous
 value

Addressing @jtnord's concern/following use case:

* Custom build/workspace are set in existing Jenkins config (from version
  without this change)
* Jenkins is upgraded
* Jenkins config is saved
* configuration should not be reset - existing custom values should be
  retained until they set the system property
---
 ...insBuildsAndWorkspacesDirectoriesTest.java | 56 ++++++++++++++++---
 .../fromPreviousCustomSetup/README.adoc       | 13 +++++
 .../fromPreviousCustomSetup/config.xml        | 49 ++++++++++++++++
 3 files changed, 111 insertions(+), 7 deletions(-)
 create mode 100644 test/src/test/resources/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest/fromPreviousCustomSetup/README.adoc
 create mode 100644 test/src/test/resources/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest/fromPreviousCustomSetup/config.xml

diff --git a/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java b/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java
index 1a76c3103d..b3e3c7f8a7 100644
--- a/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java
+++ b/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java
@@ -1,12 +1,13 @@
 package jenkins.model;
 
-import com.gargoylesoftware.htmlunit.html.HtmlForm;
 import hudson.Functions;
 import hudson.Util;
+import hudson.init.InitMilestone;
 import hudson.maven.MavenModuleSet;
 import hudson.maven.MavenModuleSetBuild;
 import hudson.model.FreeStyleBuild;
 import hudson.model.FreeStyleProject;
+import org.apache.commons.io.FileUtils;
 import org.junit.After;
 import org.junit.Assume;
 import org.junit.Before;
@@ -17,6 +18,7 @@ import org.jvnet.hudson.test.Issue;
 import org.jvnet.hudson.test.LoggerRule;
 import org.jvnet.hudson.test.MockFolder;
 import org.jvnet.hudson.test.RestartableJenkinsRule;
+import org.jvnet.hudson.test.recipes.LocalData;
 
 import java.io.File;
 import java.io.IOException;
@@ -27,8 +29,10 @@ import java.util.Map;
 import java.util.logging.Level;
 import java.util.stream.Stream;
 
+import static org.hamcrest.CoreMatchers.containsString;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertThat;
 import static org.junit.Assert.assertTrue;
 
 /**
@@ -42,7 +46,6 @@ import static org.junit.Assert.assertTrue;
  */
 public class JenkinsBuildsAndWorkspacesDirectoriesTest {
 
-    private static final Map<String, String> PROPS_TO_RESTORE = new LinkedHashMap<>();
     private static final String LOG_WHEN_CHANGING_BUILDS_DIR = "Changing builds directories from ";
 
     @Rule
@@ -53,12 +56,15 @@ public class JenkinsBuildsAndWorkspacesDirectoriesTest {
 
     @Before
     public void before() {
-        Stream.of(Jenkins.BUILDS_DIR_PROP, Jenkins.WORKSPACES_DIR_PROP)
-                .forEach(System::clearProperty);
+        clearSystemProperties();
     }
 
     @After
     public void after() {
+        clearSystemProperties();
+    }
+
+    private void clearSystemProperties() {
         Stream.of(Jenkins.BUILDS_DIR_PROP, Jenkins.WORKSPACES_DIR_PROP)
                 .forEach(System::clearProperty);
     }
@@ -120,6 +126,43 @@ public class JenkinsBuildsAndWorkspacesDirectoriesTest {
                        assertTrue(logWasFound("Using non default workspaces directories"));
                    }
         );
+    }
+
+    @Issue("JENKINS-50164")
+    @LocalData
+    @Test
+    public void fromPreviousCustomSetup() {
+        // check starting point and change config for next run
+        final String newBuildsDirValueBySysprop = "bling/${ITEM_ROOTDIR}/bluh";
+        story.then(j -> {
+            assertEquals("${ITEM_ROOTDIR}/ze-previous-custom-builds", j.jenkins.getRawBuildsDir());
+            setBuildsDirProperty(newBuildsDirValueBySysprop);
+        });
+
+        // Check the sysprop setting was taken in account
+        story.then(j -> {
+            assertEquals(newBuildsDirValueBySysprop, j.jenkins.getRawBuildsDir());
+
+            // ** HACK AROUND JENKINS-50422: manually restarting ** //
+            // Check the disk (cannot just restart normally with the rule, )
+            assertThat(FileUtils.readFileToString(new File(j.jenkins.getRootDir(), "config.xml")),
+                       containsString("<buildsDir>" + newBuildsDirValueBySysprop + "</buildsDir>"));
+
+            String rootDirBeforeRestart = j.jenkins.getRootDir().toString();
+            clearSystemProperties();
+            j.jenkins.restart();
+
+            int maxLoops = 50;
+            while (j.jenkins.getInitLevel() != InitMilestone.COMPLETED && maxLoops-- > 0) {
+                Thread.sleep(300);
+            }
+
+            assertEquals(rootDirBeforeRestart, j.jenkins.getRootDir().toString());
+            assertThat(FileUtils.readFileToString(new File(j.jenkins.getRootDir(), "config.xml")),
+                       containsString("<buildsDir>" + newBuildsDirValueBySysprop + "</buildsDir>"));
+            assertEquals(newBuildsDirValueBySysprop, j.jenkins.getRawBuildsDir());
+            // ** END HACK ** //
+        });
 
     }
 
@@ -204,7 +247,7 @@ public class JenkinsBuildsAndWorkspacesDirectoriesTest {
         // Hack to get String builds usable in lambda below
         final List<String> builds = new ArrayList<>();
 
-        story.then(steps ->  {
+        story.then(steps -> {
             builds.add(story.j.createTmpDir().toString());
             setBuildsDirProperty(builds.get(0) + "/${ITEM_FULL_NAME}");
         });
@@ -237,5 +280,4 @@ public class JenkinsBuildsAndWorkspacesDirectoriesTest {
             link = f;
         }
     }
-
-}
+}
\ No newline at end of file
diff --git a/test/src/test/resources/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest/fromPreviousCustomSetup/README.adoc b/test/src/test/resources/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest/fromPreviousCustomSetup/README.adoc
new file mode 100644
index 0000000000..297f281591
--- /dev/null
+++ b/test/src/test/resources/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest/fromPreviousCustomSetup/README.adoc
@@ -0,0 +1,13 @@
+= Description of the intent of that setup
+
+The goal of this dataset is to configure a custom directory layout for workspaces and builds.
+This for use with @LocalData to test JENKINS-50164
+
+Specifically, the config.xml should contain:
+
+```
+<workspaceDir>${JENKINS_HOME}/previous-custom-workspace/${ITEM_FULL_NAME}</workspaceDir>
+<buildsDir>${ITEM_ROOTDIR}/ze-previous-custom-builds</buildsDir>
+```
+
+
diff --git a/test/src/test/resources/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest/fromPreviousCustomSetup/config.xml b/test/src/test/resources/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest/fromPreviousCustomSetup/config.xml
new file mode 100644
index 0000000000..230b8e49f0
--- /dev/null
+++ b/test/src/test/resources/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest/fromPreviousCustomSetup/config.xml
@@ -0,0 +1,49 @@
+<?xml version='1.1' encoding='UTF-8'?>
+<hudson>
+  <disabledAdministrativeMonitors/>
+  <version>2.112</version>
+  <installState>
+    <name>RUNNING</name>
+  </installState>
+  <numExecutors>2</numExecutors>
+  <mode>NORMAL</mode>
+  <useSecurity>true</useSecurity>
+  <authorizationStrategy class="hudson.security.FullControlOnceLoggedInAuthorizationStrategy">
+    <denyAnonymousReadAccess>true</denyAnonymousReadAccess>
+  </authorizationStrategy>
+  <securityRealm class="hudson.security.HudsonPrivateSecurityRealm">
+    <disableSignup>true</disableSignup>
+    <enableCaptcha>false</enableCaptcha>
+  </securityRealm>
+  <disableRememberMe>false</disableRememberMe>
+  <projectNamingStrategy class="jenkins.model.ProjectNamingStrategy$DefaultProjectNamingStrategy"/>
+  <workspaceDir>${JENKINS_HOME}/previous-custom-workspace/${ITEM_FULL_NAME}</workspaceDir>
+  <buildsDir>${ITEM_ROOTDIR}/ze-previous-custom-builds</buildsDir>
+  <jdks/>
+  <viewsTabBar class="hudson.views.DefaultViewsTabBar"/>
+  <myViewsTabBar class="hudson.views.DefaultMyViewsTabBar"/>
+  <clouds/>
+  <quietPeriod>5</quietPeriod>
+  <scmCheckoutRetryCount>0</scmCheckoutRetryCount>
+  <views>
+    <hudson.model.AllView>
+      <owner class="hudson" reference="../../.."/>
+      <name>all</name>
+      <filterExecutors>false</filterExecutors>
+      <filterQueue>false</filterQueue>
+      <properties class="hudson.model.View$PropertyList"/>
+    </hudson.model.AllView>
+  </views>
+  <primaryView>all</primaryView>
+  <slaveAgentPort>-1</slaveAgentPort>
+  <disabledAgentProtocols>
+    <string>JNLP-connect</string>
+    <string>JNLP2-connect</string>
+  </disabledAgentProtocols>
+  <label></label>
+  <crumbIssuer class="hudson.security.csrf.DefaultCrumbIssuer">
+    <excludeClientIPFromCrumb>false</excludeClientIPFromCrumb>
+  </crumbIssuer>
+  <nodeProperties/>
+  <globalNodeProperties/>
+</hudson>
\ No newline at end of file
-- 
GitLab


From c50d808de154a9409fc4ea1bdfd9e2ec81919143 Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Tue, 27 Mar 2018 14:41:30 +0200
Subject: [PATCH 290/863] Use a property name that does not imply it is only
 about tasks logging

When indeed it is not only about those.
---
 core/src/main/java/hudson/triggers/SafeTimerTask.java     | 8 ++++----
 test/src/test/java/hudson/triggers/SafeTimerTaskTest.java | 6 +++---
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/core/src/main/java/hudson/triggers/SafeTimerTask.java b/core/src/main/java/hudson/triggers/SafeTimerTask.java
index dada64109e..5531e293f1 100644
--- a/core/src/main/java/hudson/triggers/SafeTimerTask.java
+++ b/core/src/main/java/hudson/triggers/SafeTimerTask.java
@@ -52,11 +52,11 @@ import org.acegisecurity.context.SecurityContextHolder;
 public abstract class SafeTimerTask extends TimerTask {
 
     /**
-     * System property to change the location where tasks logging should be sent.
+     * System property to change the location where (tasks) logging should be sent.
      * <p><strong>Beware: changing it while Jenkins is running gives no guarantee logs will be sent to the new location
      * until it is restarted.</strong></p>
      */
-    static final String TASKS_LOGS_ROOT_PATH_PROPERTY = SafeTimerTask.class.getName()+".TASKS_LOGS_ROOT_PATH";
+    static final String LOGS_ROOT_PATH_PROPERTY = SafeTimerTask.class.getName()+".logsTargetDir";
 
     public final void run() {
         // background activity gets system credential,
@@ -83,13 +83,13 @@ public abstract class SafeTimerTask extends TimerTask {
      * @since TODO
      */
     public static File getLogsRoot() {
-        String tagsLogsPath = SystemProperties.getString(TASKS_LOGS_ROOT_PATH_PROPERTY);
+        String tagsLogsPath = SystemProperties.getString(LOGS_ROOT_PATH_PROPERTY);
         if (tagsLogsPath == null) {
             return new File(Jenkins.get().getRootDir(), "logs");
         } else {
             LOGGER.log(Level.INFO,
                        "Using non default root path for tasks logging: {0}. (Beware: no automated migration if you change or remove it again)",
-                       TASKS_LOGS_ROOT_PATH_PROPERTY);
+                       LOGS_ROOT_PATH_PROPERTY);
             return new File(tagsLogsPath);
         }
     }
diff --git a/test/src/test/java/hudson/triggers/SafeTimerTaskTest.java b/test/src/test/java/hudson/triggers/SafeTimerTaskTest.java
index e111661a9d..8a2c0088db 100644
--- a/test/src/test/java/hudson/triggers/SafeTimerTaskTest.java
+++ b/test/src/test/java/hudson/triggers/SafeTimerTaskTest.java
@@ -31,13 +31,13 @@ public class SafeTimerTaskTest {
 
     @After
     public void tearDown() throws Exception {
-        System.clearProperty(SafeTimerTask.TASKS_LOGS_ROOT_PATH_PROPERTY);
+        System.clearProperty(SafeTimerTask.LOGS_ROOT_PATH_PROPERTY);
     }
 
     @Issue("JENKINS-50291")
     @Test
     public void changeLogsRoot() throws Exception {
-        assertNull(System.getProperty(SafeTimerTask.TASKS_LOGS_ROOT_PATH_PROPERTY));
+        assertNull(System.getProperty(SafeTimerTask.LOGS_ROOT_PATH_PROPERTY));
 
         File temporaryFolder = folder.newFolder();
 
@@ -50,7 +50,7 @@ public class SafeTimerTaskTest {
         assertTrue(logsRoot.exists());
         assertTrue(logsRoot.isDirectory());
 
-        System.setProperty(SafeTimerTask.TASKS_LOGS_ROOT_PATH_PROPERTY, temporaryFolder.toString());
+        System.setProperty(SafeTimerTask.LOGS_ROOT_PATH_PROPERTY, temporaryFolder.toString());
         assertEquals(temporaryFolder.toString(), SafeTimerTask.getLogsRoot().toString());
     }
 
-- 
GitLab


From 58b875359ec55d0f7a1b2b2f3f12302e291a32be Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Tue, 27 Mar 2018 16:32:30 +0200
Subject: [PATCH 291/863] Disable fromPreviousCustomSetup on Windows

Because I use restart and it's not supported there.
---
 .../model/JenkinsBuildsAndWorkspacesDirectoriesTest.java | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java b/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java
index b3e3c7f8a7..462e2d1cbb 100644
--- a/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java
+++ b/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java
@@ -9,7 +9,6 @@ import hudson.model.FreeStyleBuild;
 import hudson.model.FreeStyleProject;
 import org.apache.commons.io.FileUtils;
 import org.junit.After;
-import org.junit.Assume;
 import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
@@ -23,9 +22,7 @@ import org.jvnet.hudson.test.recipes.LocalData;
 import java.io.File;
 import java.io.IOException;
 import java.util.ArrayList;
-import java.util.LinkedHashMap;
 import java.util.List;
-import java.util.Map;
 import java.util.logging.Level;
 import java.util.stream.Stream;
 
@@ -34,6 +31,7 @@ import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertThat;
 import static org.junit.Assert.assertTrue;
+import static org.junit.Assume.assumeFalse;
 
 /**
  * Since JENKINS-50164, Jenkins#workspacesDir and Jenkins#buildsDir had their associated UI deleted.
@@ -132,6 +130,9 @@ public class JenkinsBuildsAndWorkspacesDirectoriesTest {
     @LocalData
     @Test
     public void fromPreviousCustomSetup() {
+
+        assumeFalse(Functions.isWindows()); // Default Windows lifecycle does not support restart.
+
         // check starting point and change config for next run
         final String newBuildsDirValueBySysprop = "bling/${ITEM_ROOTDIR}/bluh";
         story.then(j -> {
@@ -242,7 +243,7 @@ public class JenkinsBuildsAndWorkspacesDirectoriesTest {
     @Test
     @Issue("JENKINS-17137")
     public void externalBuildDirectorySymlinks() throws Exception {
-        Assume.assumeFalse(Functions.isWindows()); // symlinks may not be available
+        assumeFalse(Functions.isWindows()); // symlinks may not be available
 
         // Hack to get String builds usable in lambda below
         final List<String> builds = new ArrayList<>();
-- 
GitLab


From 8a252809920ccaf704cc5c1fd7bccd8f2dadac5d Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Wed, 28 Mar 2018 10:31:09 +0200
Subject: [PATCH 292/863] [JENKINS-50439] Pick-up executable-war 1.39

---
 war/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/war/pom.xml b/war/pom.xml
index 6887d9802c..36b566df2b 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -49,7 +49,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>org.jenkins-ci</groupId>
       <artifactId>executable-war</artifactId>
-      <version>1.38</version>
+      <version>1.39</version>
       <scope>provided</scope>
     </dependency>
     <dependency>
-- 
GitLab


From 2c1fdd26990b417a4e57fdaaa7fb30ddc2a9be17 Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Wed, 28 Mar 2018 10:07:32 +0200
Subject: [PATCH 293/863] Name sysprops more consistently with others

https://wiki.jenkins.io/display/JENKINS/Features+controlled+by+system+properties
---
 core/src/main/java/jenkins/model/Jenkins.java                 | 4 ++--
 .../model/JenkinsBuildsAndWorkspacesDirectoriesTest.java      | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index 2e9030c4c6..e9235835cc 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -5102,13 +5102,13 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
      * System property name to set {@link #buildsDir}.
      * @see #getRawBuildsDir()
      */
-    static final String BUILDS_DIR_PROP = Jenkins.class.getName() + ".BUILDS_DIR";
+    static final String BUILDS_DIR_PROP = Jenkins.class.getName() + ".buildsDir";
 
     /**
      * System property name to set {@link #workspaceDir}.
      * @see #getRawWorkspaceDir()
      */
-    static final String WORKSPACES_DIR_PROP = Jenkins.class.getName() + ".WORKSPACES_DIR";
+    static final String WORKSPACES_DIR_PROP = Jenkins.class.getName() + ".workspacesDir";
 
     /**
      * Automatically try to launch an agent when Jenkins is initialized or a new agent computer is created.
diff --git a/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java b/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java
index 462e2d1cbb..7f6d6c4502 100644
--- a/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java
+++ b/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java
@@ -168,11 +168,11 @@ public class JenkinsBuildsAndWorkspacesDirectoriesTest {
     }
 
     private void setWorkspacesDirProperty(String workspacesDir) {
-        System.setProperty("jenkins.model.Jenkins.WORKSPACES_DIR", workspacesDir);
+        System.setProperty(Jenkins.WORKSPACES_DIR_PROP, workspacesDir);
     }
 
     private void setBuildsDirProperty(String buildsDir) {
-        System.setProperty("jenkins.model.Jenkins.BUILDS_DIR", buildsDir);
+        System.setProperty(Jenkins.BUILDS_DIR_PROP, buildsDir);
     }
 
     private boolean logWasFound(String searched) {
-- 
GitLab


From b2cdcf02186f83683169eae16423f8c9e6c579f7 Mon Sep 17 00:00:00 2001
From: Devin Nusbaum <d.w.nusbaum@gmail.com>
Date: Wed, 28 Mar 2018 09:36:52 -0400
Subject: [PATCH 294/863] [JENKINS-44402] Workaround to make cancel shutdown
 work when loaded by AJAX

---
 core/src/main/resources/lib/hudson/queue.jelly | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/src/main/resources/lib/hudson/queue.jelly b/core/src/main/resources/lib/hudson/queue.jelly
index 010fffb949..d38462218d 100644
--- a/core/src/main/resources/lib/hudson/queue.jelly
+++ b/core/src/main/resources/lib/hudson/queue.jelly
@@ -46,6 +46,7 @@ THE SOFTWARE.
     </j:otherwise>
   </j:choose>
   <l:pane title="${title}" width="2" id="buildQueue">
+    <st:adjunct includes="lib.form.link.link"/>
     <j:if test="${app.quietingDown}">
       <tr>
         <td class="pane" colspan="2" style="white-space: normal;">
-- 
GitLab


From f513419c76ab6d81f95ed66c0d90f98686783b52 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sun, 11 Mar 2018 01:00:52 +0100
Subject: [PATCH 295/863] [JENKINS-49737 ] - Update Extras Executable WAR to
 1.38 (#3336)

* [JENKINS-49737] - Update Extras Executable WAR to 1.38

* Use the released version of Extras Executable War 1.38

(cherry picked from commit fa54b49f3281d5e0a0bf2d7c64e417a3158bd6a8)
---
 war/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/war/pom.xml b/war/pom.xml
index 135b08b626..3d411bd395 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -49,7 +49,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>org.jenkins-ci</groupId>
       <artifactId>executable-war</artifactId>
-      <version>1.37</version>
+      <version>1.38</version>
       <scope>provided</scope>
     </dependency>
     <dependency>
-- 
GitLab


From 07d18cfd6d336a2b7cc0a78e120d9739a5d4e1d1 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Wed, 28 Mar 2018 22:56:07 +0200
Subject: [PATCH 296/863] [SECURITY-759]

---
 .../lib/form/expandableTextbox.jelly          |   2 +-
 .../resources/lib/form/validateButton.jelly   |   2 +-
 .../lib/layout/confirmationLink.jelly         |   4 +-
 .../resources/lib/layout/stopButton.jelly     |   8 +-
 .../java/lib/form/ExpandableTextboxTest.java  | 101 ++++++++-
 .../java/lib/form/ValidateButtonTest.java     | 182 +++++++++++++---
 .../java/lib/layout/ConfirmationLinkTest.java | 205 ++++++++++++++++++
 .../test/java/lib/layout/StopButtonTest.java  | 150 +++++++++++++
 .../TestRootAction/index.jelly                |  33 +++
 .../NoInjectionArePossible/index.jelly        |  43 ++++
 .../index.jelly}                              |   2 +-
 .../TestRootAction/index.jelly                |  35 +++
 .../StopButtonTest/TestRootAction/index.jelly |  33 +++
 13 files changed, 761 insertions(+), 39 deletions(-)
 create mode 100644 test/src/test/java/lib/layout/ConfirmationLinkTest.java
 create mode 100644 test/src/test/java/lib/layout/StopButtonTest.java
 create mode 100644 test/src/test/resources/lib/form/ExpandableTextboxTest/TestRootAction/index.jelly
 create mode 100644 test/src/test/resources/lib/form/ValidateButtonTest/NoInjectionArePossible/index.jelly
 rename test/src/test/resources/lib/form/ValidateButtonTest/{test1.jelly => TestValidateIsCalled/index.jelly} (93%)
 create mode 100644 test/src/test/resources/lib/layout/ConfirmationLinkTest/TestRootAction/index.jelly
 create mode 100644 test/src/test/resources/lib/layout/StopButtonTest/TestRootAction/index.jelly

diff --git a/core/src/main/resources/lib/form/expandableTextbox.jelly b/core/src/main/resources/lib/form/expandableTextbox.jelly
index ebc32ca70c..b9ba1b5c85 100644
--- a/core/src/main/resources/lib/form/expandableTextbox.jelly
+++ b/core/src/main/resources/lib/form/expandableTextbox.jelly
@@ -75,7 +75,7 @@ THE SOFTWARE.
               <j:mute>${customizedFields.add(name)}</j:mute>
             </j:if>
           </td><td width="1">
-            <input type="button" value="&#x25BC;" onclick="expandTextArea(this,'textarea.${name}')"
+            <input type="button" value="&#x25BC;" onclick="expandTextArea(this,'textarea.${h.jsStringEscape(name)}')"
                 tooltip="${%tooltip}"/>
           </td>
         </tr>
diff --git a/core/src/main/resources/lib/form/validateButton.jelly b/core/src/main/resources/lib/form/validateButton.jelly
index a0cdbfe432..d6959c094a 100644
--- a/core/src/main/resources/lib/form/validateButton.jelly
+++ b/core/src/main/resources/lib/form/validateButton.jelly
@@ -48,7 +48,7 @@ THE SOFTWARE.
   </st:documentation>
   <f:entry>
     <div style="float:right">
-      <input type="button" value="${title}" class="yui-button validate-button" onclick="validateButton('${descriptor.descriptorFullUrl}/${method}','${with}',this)" />
+      <input type="button" value="${title}" class="yui-button validate-button" onclick="validateButton('${descriptor.descriptorFullUrl}/${h.jsStringEscape(method)}','${h.jsStringEscape(with)}',this)" />
     </div>
     <div style="display:none;">
       <img src="${imagesURL}/spinner.gif" /> ${attrs.progress}
diff --git a/core/src/main/resources/lib/layout/confirmationLink.jelly b/core/src/main/resources/lib/layout/confirmationLink.jelly
index f295c82dab..ef2d7bb561 100644
--- a/core/src/main/resources/lib/layout/confirmationLink.jelly
+++ b/core/src/main/resources/lib/layout/confirmationLink.jelly
@@ -31,7 +31,7 @@ THE SOFTWARE.
         <st:attribute name="href" use="required">
             The URL to go to.
         </st:attribute>
-        <st:attribute name="post">
+        <st:attribute name="post" type="boolean">
             Use POST rather than GET (recommended).
         </st:attribute>
         <st:attribute name="message" use="required">
@@ -42,7 +42,7 @@ THE SOFTWARE.
         </st:attribute>
     </st:documentation>
     <j:set var="id" value="${h.generateId()}"/>
-    <a href="#" class="${class}" onclick="confirmPOST_${id}(${post ?: 'false'}, '${attrs.href}', '${h.jsStringEscape(message)}')"><d:invokeBody/></a>
+    <a href="#" class="${class}" onclick="confirmPOST_${id}(${post ? 'true' : 'false'}, '${h.jsStringEscape(attrs.href)}', '${h.jsStringEscape(message)}')"><d:invokeBody/></a>
     <script>
         function confirmPOST_${id}(post, href, message) {
             if (confirm(message)) {
diff --git a/core/src/main/resources/lib/layout/stopButton.jelly b/core/src/main/resources/lib/layout/stopButton.jelly
index 4fc6b6a127..dc9f041b9d 100644
--- a/core/src/main/resources/lib/layout/stopButton.jelly
+++ b/core/src/main/resources/lib/layout/stopButton.jelly
@@ -39,13 +39,13 @@ THE SOFTWARE.
     </st:documentation>
     <j:choose>
       <j:when test="${confirm == null}">
-        <a class="stop-button-link" href="${href}" onclick='new Ajax.Request("${href}"); return false;'>
-          <l:icon class="icon-stop icon-sm"/>
+        <a class="stop-button-link" href="${href}" onclick='new Ajax.Request("${h.jsStringEscape(href)}"); return false;'>
+          <l:icon class="icon-stop icon-sm" alt="${alt}"/>
         </a>
       </j:when>
       <j:otherwise>
-          <a class="stop-button-link" href="${href}" onclick='if(confirm("${confirm}"))new Ajax.Request("${href}"); return false;'>
-            <l:icon class="icon-stop icon-sm"/>
+          <a class="stop-button-link" href="${href}" onclick='if(confirm("${h.jsStringEscape(confirm)}"))new Ajax.Request("${h.jsStringEscape(href)}"); return false;'>
+            <l:icon class="icon-stop icon-sm" alt="${alt}"/>
           </a>
       </j:otherwise>
     </j:choose>
diff --git a/test/src/test/java/lib/form/ExpandableTextboxTest.java b/test/src/test/java/lib/form/ExpandableTextboxTest.java
index 75f24b9177..2889c02b29 100644
--- a/test/src/test/java/lib/form/ExpandableTextboxTest.java
+++ b/test/src/test/java/lib/form/ExpandableTextboxTest.java
@@ -24,39 +24,130 @@
 package lib.form;
 
 import static com.gargoylesoftware.htmlunit.HttpMethod.POST;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
 import com.gargoylesoftware.htmlunit.Page;
 import com.gargoylesoftware.htmlunit.WebRequest;
+import com.gargoylesoftware.htmlunit.html.DomNodeList;
+import com.gargoylesoftware.htmlunit.html.HtmlAnchor;
+import com.gargoylesoftware.htmlunit.html.HtmlButton;
+import com.gargoylesoftware.htmlunit.html.HtmlButtonInput;
+import com.gargoylesoftware.htmlunit.html.HtmlElement;
+import com.gargoylesoftware.htmlunit.html.HtmlElementUtil;
 import com.gargoylesoftware.htmlunit.html.HtmlPage;
+import hudson.model.UnprotectedRootAction;
+import hudson.util.HttpResponses;
+import lib.layout.ConfirmationLinkTest;
+import org.junit.Assert;
+import org.junit.Rule;
+import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
 import org.jvnet.hudson.test.HudsonTestCase;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.TestExtension;
+import org.kohsuke.stapler.HttpResponse;
+import org.kohsuke.stapler.StaplerRequest;
+import org.kohsuke.stapler.WebMethod;
 import org.w3c.dom.NodeList;
 
+import javax.annotation.CheckForNull;
+
 /**
  * @author Kohsuke Kawaguchi
  */
-public class ExpandableTextboxTest extends HudsonTestCase {
+public class ExpandableTextboxTest {
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+    
     @Issue("JENKINS-2816")
+    @Test
     public void testMultiline() throws Exception {
         // because attribute values are normalized, it's not very easy to encode multi-line string as @value. So let's use the system message here.
-        jenkins.setSystemMessage("foo\nbar\nzot");
+        j.jenkins.setSystemMessage("foo\nbar\nzot");
         HtmlPage page = evaluateAsHtml("<l:layout><l:main-panel><table><j:set var='instance' value='${it}'/><f:expandableTextbox field='systemMessage' /></table></l:main-panel></l:layout>");
         // System.out.println(page.getWebResponse().getContentAsString());
 
         NodeList textareas = page.getElementsByTagName("textarea");
         assertEquals(1, textareas.getLength());
-        assertEquals(jenkins.getSystemMessage(),textareas.item(0).getTextContent());
+        assertEquals(j.jenkins.getSystemMessage(),textareas.item(0).getTextContent());
     }
 
     /**
      * Evaluates the literal Jelly script passed as a parameter as HTML and returns the page.
      */
     protected HtmlPage evaluateAsHtml(String jellyScript) throws Exception {
-        HudsonTestCase.WebClient wc = new WebClient();
-        
+        JenkinsRule.WebClient wc = j.createWebClient();
         WebRequest req = new WebRequest(wc.createCrumbedUrl("eval"), POST);
         req.setEncodingType(null);
         req.setRequestBody("<j:jelly xmlns:j='jelly:core' xmlns:st='jelly:stapler' xmlns:l='/lib/layout' xmlns:f='/lib/form'>"+jellyScript+"</j:jelly>");
         Page page = wc.getPage(req);
         return (HtmlPage) page;
     }
+    
+    @Test
+    public void noInjectionArePossible() throws Exception {
+        TestRootAction testParams = j.jenkins.getExtensionList(UnprotectedRootAction.class).get(TestRootAction.class);
+        assertNotNull(testParams);
+    
+        checkRegularCase(testParams);
+        checkInjectionInName(testParams);
+    }
+    
+    private void checkRegularCase(TestRootAction testParams) throws Exception {
+        testParams.paramName = "testName";
+        
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        HtmlPage p = wc.goTo("test");
+        
+        HtmlElementUtil.click(getExpandButton(p));
+        assertNotEquals("hacked", p.getTitleText());
+    }
+    
+    private void checkInjectionInName(TestRootAction testParams) throws Exception {
+        testParams.paramName = "testName',document.title='hacked'+'";
+        
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        HtmlPage p = wc.goTo("test");
+        
+        HtmlElementUtil.click(getExpandButton(p));
+        assertNotEquals("hacked", p.getTitleText());
+    }
+    
+    private HtmlButtonInput getExpandButton(HtmlPage page){
+        DomNodeList<HtmlElement> buttons = page.getElementById("test-panel").getElementsByTagName("input");
+        // the first one is the text input
+        assertEquals(2, buttons.size());
+        return (HtmlButtonInput) buttons.get(1);
+    }
+    
+    @TestExtension("noInjectionArePossible")
+    public static final class TestRootAction implements UnprotectedRootAction {
+        
+        public String paramName;
+        
+        @Override
+        public @CheckForNull String getIconFileName() {
+            return null;
+        }
+        
+        @Override
+        public @CheckForNull String getDisplayName() {
+            return null;
+        }
+        
+        @Override
+        public String getUrlName() {
+            return "test";
+        }
+        
+        @WebMethod(name = "submit")
+        public HttpResponse doSubmit(StaplerRequest request) {
+            return HttpResponses.plainText("method:" + request.getMethod());
+        }
+    }
 }
diff --git a/test/src/test/java/lib/form/ValidateButtonTest.java b/test/src/test/java/lib/form/ValidateButtonTest.java
index 503a5c9693..f1f09b4e0a 100644
--- a/test/src/test/java/lib/form/ValidateButtonTest.java
+++ b/test/src/test/java/lib/form/ValidateButtonTest.java
@@ -23,53 +23,185 @@
  */
 package lib.form;
 
+import com.gargoylesoftware.htmlunit.html.DomNodeList;
 import com.gargoylesoftware.htmlunit.html.HtmlButton;
+import com.gargoylesoftware.htmlunit.html.HtmlElement;
 import com.gargoylesoftware.htmlunit.html.HtmlElementUtil;
 import com.gargoylesoftware.htmlunit.html.HtmlFormUtil;
-import org.jvnet.hudson.test.HudsonTestCase;
+import hudson.model.UnprotectedRootAction;
+import jenkins.model.Jenkins;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.TestExtension;
 import org.kohsuke.stapler.QueryParameter;
 import hudson.model.Describable;
 import hudson.model.Descriptor;
 import hudson.Extension;
 import com.gargoylesoftware.htmlunit.html.HtmlPage;
+import org.kohsuke.stapler.StaplerRequest;
+
+import javax.annotation.CheckForNull;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.assertFalse;
 
 /**
  *
  *
  * @author Kohsuke Kawaguchi
  */
-public class ValidateButtonTest extends HudsonTestCase implements Describable<ValidateButtonTest> {
+public class ValidateButtonTest {
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
 
-    public void test1() throws Exception {
-        DescriptorImpl d = getDescriptor();
+    @Test
+    public void testValidateIsCalled() throws Exception {
+        TestValidateIsCalled.DescriptorImpl d = j.jenkins.getDescriptorByType(TestValidateIsCalled.DescriptorImpl.class);
+        assertNotNull(d);
+        
         d.test1Outcome = new Exception(); // if doValidateTest1() doesn't get invoked, we want to know.
-        HtmlPage p = createWebClient().goTo("self/test1");
+        HtmlPage p = j.createWebClient().goTo("test");
         HtmlButton button = HtmlFormUtil.getButtonByCaption(p.getFormByName("config"), "test");
         HtmlElementUtil.click(button);
+        
         if (d.test1Outcome!=null)
             throw d.test1Outcome;
     }
-
-    public DescriptorImpl getDescriptor() {
-        return jenkins.getDescriptorByType(DescriptorImpl.class);
+    
+    @TestExtension("testValidateIsCalled")
+    public static final class TestValidateIsCalled implements Describable<TestValidateIsCalled>, UnprotectedRootAction {
+        @Override
+        public @CheckForNull String getIconFileName() {
+            return null;
+        }
+    
+        @Override
+        public @CheckForNull String getDisplayName() {
+            return null;
+        }
+    
+        @Override
+        public String getUrlName() {
+            return "test";
+        }
+    
+        public DescriptorImpl getDescriptor() {
+            return Jenkins.getInstance().getDescriptorByType(DescriptorImpl.class);
+        }
+    
+        @Extension
+        public static final class DescriptorImpl extends Descriptor<TestValidateIsCalled> {
+            private Exception test1Outcome;
+    
+            public void doValidateTest1(@QueryParameter("a") String a, @QueryParameter("b") boolean b,
+                                        @QueryParameter("c") boolean c, @QueryParameter("d") String d,
+                                        @QueryParameter("e") String e) {
+                try {
+                    assertEquals("avalue",a);
+                    assertTrue(b);
+                    assertFalse(c);
+                    assertEquals("dvalue",d);
+                    assertEquals("e2",e);
+                    test1Outcome = null;
+                } catch (Exception t) {
+                    test1Outcome = t;
+                }
+            }
+        }
     }
-
-    @Extension
-    public static final class DescriptorImpl extends Descriptor<ValidateButtonTest> {
-        private Exception test1Outcome;
-
-        public void doValidateTest1(@QueryParameter("a") String a, @QueryParameter("b") boolean b,
-                                    @QueryParameter("c") boolean c, @QueryParameter("d") String d,
-                                    @QueryParameter("e") String e) {
-            try {
-                assertEquals("avalue",a);
-                assertTrue(b);
-                assertFalse(c);
-                assertEquals("dvalue",d);
-                assertEquals("e2",e);
-                test1Outcome = null;
-            } catch (Exception t) {
-                test1Outcome = t;
+    
+    @Test
+    public void noInjectionArePossible() throws Exception {
+        NoInjectionArePossible.DescriptorImpl d = j.jenkins.getDescriptorByType(NoInjectionArePossible.DescriptorImpl.class);
+        assertNotNull(d);
+    
+        checkRegularCase(d);
+        checkInjectionInMethod(d);
+        checkInjectionInWith(d);
+    }
+    
+    private void checkRegularCase(NoInjectionArePossible.DescriptorImpl descriptor) throws Exception {
+        descriptor.paramMethod = "validateInjection";
+        descriptor.paramWith = "a,b";
+        
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        HtmlPage p = wc.goTo("test");
+        
+        descriptor.wasCalled = false;
+        HtmlElementUtil.click(getValidateButton(p));
+        assertNotEquals("hacked", p.getTitleText());
+        assertTrue(descriptor.wasCalled);
+    }
+    
+    private void checkInjectionInMethod(NoInjectionArePossible.DescriptorImpl descriptor) throws Exception {
+        descriptor.paramMethod = "validateInjection',document.title='hacked'+'";
+        descriptor.paramWith = "a,b";
+        
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        HtmlPage p = wc.goTo("test");
+        
+        // no check on wasCalled because the button that is expected by the method is not passed (arguments are shifted due to the injection)
+        HtmlElementUtil.click(getValidateButton(p));
+        assertNotEquals("hacked", p.getTitleText());
+    }
+    
+    
+    private void checkInjectionInWith(NoInjectionArePossible.DescriptorImpl descriptor) throws Exception {
+        descriptor.paramMethod = "validateInjection";
+        descriptor.paramWith = "a,b',document.title='hacked'+'";
+        
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        HtmlPage p = wc.goTo("test");
+        
+        descriptor.wasCalled = false;
+        HtmlElementUtil.click(getValidateButton(p));
+        assertNotEquals("hacked", p.getTitleText());
+        assertTrue(descriptor.wasCalled);
+    }
+    
+    private HtmlButton getValidateButton(HtmlPage page){
+        DomNodeList<HtmlElement> buttons = page.getElementById("test-panel").getElementsByTagName("button");
+        assertEquals(1, buttons.size());
+        return (HtmlButton) buttons.get(0);
+    }
+    
+    @TestExtension("noInjectionArePossible")
+    public static final class NoInjectionArePossible implements Describable<NoInjectionArePossible>, UnprotectedRootAction {
+        @Override
+        public @CheckForNull String getIconFileName() {
+            return null;
+        }
+        
+        @Override
+        public @CheckForNull String getDisplayName() {
+            return null;
+        }
+        
+        @Override
+        public String getUrlName() {
+            return "test";
+        }
+        
+        public DescriptorImpl getDescriptor() {
+            return Jenkins.getInstance().getDescriptorByType(DescriptorImpl.class);
+        }
+        
+        @Extension
+        public static final class DescriptorImpl extends Descriptor<NoInjectionArePossible> {
+            private boolean wasCalled = false;
+            
+            public String paramMethod = "validateInjection";
+            public String paramWith = null;
+            
+            public void doValidateInjection(StaplerRequest request) {
+                wasCalled = true;
             }
         }
     }
diff --git a/test/src/test/java/lib/layout/ConfirmationLinkTest.java b/test/src/test/java/lib/layout/ConfirmationLinkTest.java
new file mode 100644
index 0000000000..bdacea2bfc
--- /dev/null
+++ b/test/src/test/java/lib/layout/ConfirmationLinkTest.java
@@ -0,0 +1,205 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package lib.layout;
+
+import com.gargoylesoftware.htmlunit.Page;
+import com.gargoylesoftware.htmlunit.html.DomNodeList;
+import com.gargoylesoftware.htmlunit.html.HtmlAnchor;
+import com.gargoylesoftware.htmlunit.html.HtmlElement;
+import com.gargoylesoftware.htmlunit.html.HtmlElementUtil;
+import com.gargoylesoftware.htmlunit.html.HtmlPage;
+import hudson.model.UnprotectedRootAction;
+import hudson.util.HttpResponses;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.TestExtension;
+import org.kohsuke.stapler.HttpResponse;
+import org.kohsuke.stapler.StaplerRequest;
+import org.kohsuke.stapler.WebMethod;
+
+import javax.annotation.CheckForNull;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+public class ConfirmationLinkTest {
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+    
+    private static final String hrefPayload = "',document.title='hacked'+'";
+    private static final String messagePayload = "',document.title='hacked'+'";
+    private static final String postPayload = "document.title='hacked'";
+    
+    @Test
+    public void noInjectionArePossible() throws Exception {
+        TestRootAction testParams = j.jenkins.getExtensionList(UnprotectedRootAction.class).get(TestRootAction.class);
+        assertNotNull(testParams);
+
+        checkRegularCase(testParams);
+        checkRegularCasePost(testParams);
+        checkInjectionInHref(testParams);
+        checkInjectionInMessage(testParams);
+        checkInjectionInPost(testParams);
+    }
+    
+    private void checkRegularCase(TestRootAction testParams) throws Exception {
+        testParams.paramHref = "#";
+        testParams.paramMessage = "Message to confirm the click";
+        testParams.paramClass = null;
+        testParams.paramPost = null;
+        
+        HtmlPage p = j.createWebClient().goTo("test");
+        assertTrue(p.getWebResponse().getContentAsString().contains("Message to confirm the click"));
+    }
+    
+    private void checkRegularCasePost(TestRootAction testParams) throws Exception {
+        testParams.paramHref = "submit";
+        testParams.paramMessage = "Message to confirm the click";
+        testParams.paramClass = null;
+        
+        testParams.paramPost = true;
+        assertMethodPostAfterClick();
+    
+        testParams.paramPost = "true";
+        assertMethodPostAfterClick();
+    
+        testParams.paramPost = "TruE";
+        assertMethodPostAfterClick();
+    
+        testParams.paramPost = false;
+        assertMethodGetAfterClick();
+    
+        testParams.paramPost = "false";
+        assertMethodGetAfterClick();
+        
+        testParams.paramPost = "any other string";
+        assertMethodGetAfterClick();
+    }
+    
+    private void assertMethodGetAfterClick() throws Exception {
+        Page pageAfterClick = getPageAfterClick();
+        assertTrue(pageAfterClick.getWebResponse().getContentAsString().contains("method:GET"));
+    }
+    
+    private void assertMethodPostAfterClick() throws Exception {
+        Page pageAfterClick = getPageAfterClick();
+        assertTrue(pageAfterClick.getWebResponse().getContentAsString().contains("method:POST"));
+    }
+    
+    private Page getPageAfterClick() throws Exception {
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        HtmlPage p = wc.goTo("test");
+    
+        return HtmlElementUtil.click(getClickableLink(p));
+    }
+    
+    private void checkInjectionInHref(TestRootAction testParams) throws Exception {
+        testParams.paramHref = hrefPayload;
+        testParams.paramMessage = "Message to confirm the click";
+        testParams.paramClass = null;
+        testParams.paramPost = null;
+        
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        HtmlPage p = wc.goTo("test");
+        
+        Page pageAfterClick = HtmlElementUtil.click(getClickableLink(p));
+        assertNotEquals("hacked", p.getTitleText());
+        assertTrue(p.getWebResponse().getContentAsString().contains("Message to confirm the click"));
+        // the url it clicks on is escaped and so does not exist
+        assertEquals(404, pageAfterClick.getWebResponse().getStatusCode());
+    }
+    
+    private void checkInjectionInMessage(TestRootAction testParams) throws Exception {
+        testParams.paramHref = "#";
+        testParams.paramMessage = messagePayload;
+        testParams.paramClass = null;
+        testParams.paramPost = null;
+        
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        HtmlPage p = wc.goTo("test");
+    
+        Page pageAfterClick = HtmlElementUtil.click(getClickableLink(p));
+        assertNotEquals("hacked", p.getTitleText());
+        // the url is normally the same page so it's ok
+        assertEquals(200, pageAfterClick.getWebResponse().getStatusCode());
+    }
+    
+    private void checkInjectionInPost(TestRootAction testParams) throws Exception {
+        testParams.paramHref = "#";
+        testParams.paramMessage = "Message to confirm the click";
+        testParams.paramClass = null;
+        testParams.paramPost = postPayload;
+        
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        HtmlPage p = wc.goTo("test");
+        
+        Page pageAfterClick = HtmlElementUtil.click(getClickableLink(p));
+        assertNotEquals("hacked", p.getTitleText());
+        assertTrue(p.getWebResponse().getContentAsString().contains("Message to confirm the click"));
+        // the url is normally the same page so it's ok
+        assertEquals(200, pageAfterClick.getWebResponse().getStatusCode());
+    }
+    
+    private HtmlAnchor getClickableLink(HtmlPage page){
+        DomNodeList<HtmlElement> anchors = page.getElementById("test-panel").getElementsByTagName("a");
+        assertEquals(1, anchors.size());
+        return (HtmlAnchor) anchors.get(0);
+    }
+    
+    @TestExtension("noInjectionArePossible")
+    public static final class TestRootAction implements UnprotectedRootAction {
+        
+        public String paramHref = "";
+        public String paramMessage = "";
+        public String paramClass;
+        public Object paramPost;
+        
+        @Override
+        public @CheckForNull String getIconFileName() {
+            return null;
+        }
+        
+        @Override
+        public @CheckForNull String getDisplayName() {
+            return null;
+        }
+        
+        @Override
+        public String getUrlName() {
+            return "test";
+        }
+        
+        @WebMethod(name = "submit")
+        public HttpResponse doSubmit(StaplerRequest request) {
+            return HttpResponses.plainText("method:" + request.getMethod());
+        }
+    }
+}
diff --git a/test/src/test/java/lib/layout/StopButtonTest.java b/test/src/test/java/lib/layout/StopButtonTest.java
new file mode 100644
index 0000000000..913c15ec56
--- /dev/null
+++ b/test/src/test/java/lib/layout/StopButtonTest.java
@@ -0,0 +1,150 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package lib.layout;
+
+import com.gargoylesoftware.htmlunit.html.DomNodeList;
+import com.gargoylesoftware.htmlunit.html.HtmlAnchor;
+import com.gargoylesoftware.htmlunit.html.HtmlElement;
+import com.gargoylesoftware.htmlunit.html.HtmlElementUtil;
+import com.gargoylesoftware.htmlunit.html.HtmlPage;
+import hudson.model.UnprotectedRootAction;
+import hudson.util.HttpResponses;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.TestExtension;
+import org.kohsuke.stapler.HttpResponse;
+import org.kohsuke.stapler.StaplerRequest;
+import org.kohsuke.stapler.WebMethod;
+
+import javax.annotation.CheckForNull;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+public class StopButtonTest {
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+    
+    private static final String hrefPayload = "\",document.title='hacked',\"";
+    private static final String postPayload = "\",document.title='hacked',\"";
+    
+    @Test
+    public void noInjectionArePossible() throws Exception {
+        TestRootAction testParams = j.jenkins.getExtensionList(UnprotectedRootAction.class).get(TestRootAction.class);
+        assertNotNull(testParams);
+
+        checkRegularCase(testParams);
+        checkInjectionInHref(testParams);
+        checkInjectionInHrefWithConfirm(testParams);
+        checkInjectionInConfirm(testParams);
+    }
+    
+    private void checkRegularCase(TestRootAction testParams) throws Exception {
+        testParams.paramHref = "#";
+        testParams.paramAlt = "Message to confirm the click";
+        testParams.paramConfirm = null;
+        
+        HtmlPage p = j.createWebClient().goTo("test");
+        assertTrue(p.getWebResponse().getContentAsString().contains("Message to confirm the click"));
+    }
+    
+    private void checkInjectionInHref(TestRootAction testParams) throws Exception {
+        testParams.paramHref = hrefPayload;
+        testParams.paramAlt = "Alternative text for icon";
+        testParams.paramConfirm = null;
+        
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        HtmlPage p = wc.goTo("test");
+    
+        HtmlElementUtil.click(getStopLink(p));
+        assertNotEquals("hacked", p.getTitleText());
+        assertTrue(p.getWebResponse().getContentAsString().contains("Alternative text for icon"));
+    }
+    
+    private void checkInjectionInHrefWithConfirm(TestRootAction testParams) throws Exception {
+        testParams.paramHref = hrefPayload;
+        testParams.paramAlt = "Alternative text for icon";
+        testParams.paramConfirm = "Confirm message";
+        
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        HtmlPage p = wc.goTo("test");
+    
+        HtmlElementUtil.click(getStopLink(p));
+        assertNotEquals("hacked", p.getTitleText());
+        assertTrue(p.getWebResponse().getContentAsString().contains("Alternative text for icon"));
+    }
+    
+    private void checkInjectionInConfirm(TestRootAction testParams) throws Exception {
+        testParams.paramHref = "#";
+        testParams.paramAlt = "Alternative text for icon";
+        testParams.paramConfirm = postPayload;
+        
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        HtmlPage p = wc.goTo("test");
+    
+        HtmlElementUtil.click(getStopLink(p));
+        assertNotEquals("hacked", p.getTitleText());
+        assertTrue(p.getWebResponse().getContentAsString().contains("Alternative text for icon"));
+    }
+    
+    private HtmlAnchor getStopLink(HtmlPage page){
+        DomNodeList<HtmlElement> anchors = page.getElementById("test-panel").getElementsByTagName("a");
+        assertEquals(1, anchors.size());
+        return (HtmlAnchor) anchors.get(0);
+    }
+    
+    @TestExtension("noInjectionArePossible")
+    public static class TestRootAction implements UnprotectedRootAction {
+        
+        public String paramHref = "";
+        public String paramAlt = "";
+        public String paramConfirm;
+        
+        @Override
+        public @CheckForNull String getIconFileName() {
+            return null;
+        }
+        
+        @Override
+        public @CheckForNull String getDisplayName() {
+            return null;
+        }
+        
+        @Override
+        public @CheckForNull String getUrlName() {
+            return "test";
+        }
+        
+        @WebMethod(name = "submit")
+        public HttpResponse doSubmit(StaplerRequest request) {
+            return HttpResponses.plainText("method:" + request.getMethod());
+        }
+    }
+}
diff --git a/test/src/test/resources/lib/form/ExpandableTextboxTest/TestRootAction/index.jelly b/test/src/test/resources/lib/form/ExpandableTextboxTest/TestRootAction/index.jelly
new file mode 100644
index 0000000000..84f1310733
--- /dev/null
+++ b/test/src/test/resources/lib/form/ExpandableTextboxTest/TestRootAction/index.jelly
@@ -0,0 +1,33 @@
+<!--
+The MIT License
+
+Copyright (c) 2018, CloudBees, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form" xmlns:l="/lib/layout">
+    <l:layout title="Try to inject javascript inside confirmationLink">
+        <l:main-panel>
+            <div id="test-panel">
+                <f:expandableTextbox name="${it.paramName}" />
+            </div>
+        </l:main-panel>
+    </l:layout>
+</j:jelly>
\ No newline at end of file
diff --git a/test/src/test/resources/lib/form/ValidateButtonTest/NoInjectionArePossible/index.jelly b/test/src/test/resources/lib/form/ValidateButtonTest/NoInjectionArePossible/index.jelly
new file mode 100644
index 0000000000..ddead9cb1a
--- /dev/null
+++ b/test/src/test/resources/lib/form/ValidateButtonTest/NoInjectionArePossible/index.jelly
@@ -0,0 +1,43 @@
+<!--
+The MIT License
+
+Copyright (c) 2018, CloudBees, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:l="/lib/layout" xmlns:f="/lib/form">
+    <l:layout title="Try to inject javascript inside validateButton">
+        <l:main-panel>
+            <div id="test-panel">
+                <f:form method="post" name="config" action="thisFormWillNotBeSubmitted">
+                    <!--<j:set var="instance" value="${it}" />-->
+                    <j:set var="descriptor" value="${it.descriptor}" />
+                    <f:entry title="a title">
+                        <f:textbox name="a" value="avalue" />
+                    </f:entry>
+                    <f:entry title="b title">
+                        <f:textbox name="b" value="bvalue" />
+                    </f:entry>
+                    <f:validateButton title="test" method="${descriptor.paramMethod}" with="${descriptor.paramWith}" />
+                </f:form>
+            </div>
+        </l:main-panel>
+    </l:layout>
+</j:jelly>
\ No newline at end of file
diff --git a/test/src/test/resources/lib/form/ValidateButtonTest/test1.jelly b/test/src/test/resources/lib/form/ValidateButtonTest/TestValidateIsCalled/index.jelly
similarity index 93%
rename from test/src/test/resources/lib/form/ValidateButtonTest/test1.jelly
rename to test/src/test/resources/lib/form/ValidateButtonTest/TestValidateIsCalled/index.jelly
index 98a8773dc7..f7e998c3ee 100644
--- a/test/src/test/resources/lib/form/ValidateButtonTest/test1.jelly
+++ b/test/src/test/resources/lib/form/ValidateButtonTest/TestValidateIsCalled/index.jelly
@@ -26,7 +26,7 @@ THE SOFTWARE.
   Config page
 -->
 <?jelly escape-by-default='true'?>
-<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
+<j:jelly xmlns:j="jelly:core" xmlns:l="/lib/layout" xmlns:f="/lib/form">
 <l:layout title="Testing the effect of validateButton">
   <l:main-panel>
     <f:form method="post" name="config" action="thisFormWillNotBeSubmitted">
diff --git a/test/src/test/resources/lib/layout/ConfirmationLinkTest/TestRootAction/index.jelly b/test/src/test/resources/lib/layout/ConfirmationLinkTest/TestRootAction/index.jelly
new file mode 100644
index 0000000000..a2cd4b7904
--- /dev/null
+++ b/test/src/test/resources/lib/layout/ConfirmationLinkTest/TestRootAction/index.jelly
@@ -0,0 +1,35 @@
+<!--
+The MIT License
+
+Copyright (c) 2018, CloudBees, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:l="/lib/layout">
+    <l:layout title="Try to inject javascript inside confirmationLink">
+        <l:main-panel>
+            <div id="test-panel">
+                <l:confirmationLink href="${it.paramHref}" message="${it.paramMessage}" class="${it.paramClass}" post="${it.paramPost}">
+                    link name
+                </l:confirmationLink>
+            </div>
+        </l:main-panel>
+    </l:layout>
+</j:jelly>
\ No newline at end of file
diff --git a/test/src/test/resources/lib/layout/StopButtonTest/TestRootAction/index.jelly b/test/src/test/resources/lib/layout/StopButtonTest/TestRootAction/index.jelly
new file mode 100644
index 0000000000..df4b58366d
--- /dev/null
+++ b/test/src/test/resources/lib/layout/StopButtonTest/TestRootAction/index.jelly
@@ -0,0 +1,33 @@
+<!--
+The MIT License
+
+Copyright (c) 2018, CloudBees, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:l="/lib/layout">
+    <l:layout title="Try to inject javascript inside stopButton">
+        <l:main-panel>
+            <div id="test-panel">
+                <l:stopButton href="${it.paramHref}" alt="${it.paramAlt}" confirm="${it.paramConfirm}" />
+            </div>
+        </l:main-panel>
+    </l:layout>
+</j:jelly>
\ No newline at end of file
-- 
GitLab


From 69a784bb8d2c5a021d225eda2d392fb081c1169e Mon Sep 17 00:00:00 2001
From: Devin Nusbaum <d.w.nusbaum@gmail.com>
Date: Wed, 28 Mar 2018 22:57:18 +0200
Subject: [PATCH 297/863] [SECURITY-754]

---
 core/src/main/java/hudson/cli/CLICommand.java |  2 +
 .../cli/handlers/ViewOptionHandler.java       |  5 ++-
 .../cli/handlers/ViewOptionHandlerTest.java   | 10 ++++-
 .../test/java/hudson/cli/CLIActionTest.java   | 38 ++++++++++++++++---
 4 files changed, 46 insertions(+), 9 deletions(-)

diff --git a/core/src/main/java/hudson/cli/CLICommand.java b/core/src/main/java/hudson/cli/CLICommand.java
index d507662037..847e749dac 100644
--- a/core/src/main/java/hudson/cli/CLICommand.java
+++ b/core/src/main/java/hudson/cli/CLICommand.java
@@ -264,6 +264,8 @@ public abstract class CLICommand implements ExtensionPoint, Cloneable {
             sc.setAuthentication(getTransportAuthentication());
             new ClassParser().parse(authenticator,p);
 
+            if (!(this instanceof LoginCommand || this instanceof LogoutCommand || this instanceof HelpCommand))
+                Jenkins.getActiveInstance().checkPermission(Jenkins.READ);
             p.parseArgument(args.toArray(new String[args.size()]));
             Authentication auth = authenticator.authenticate();
             if (auth==Jenkins.ANONYMOUS)
diff --git a/core/src/main/java/hudson/cli/handlers/ViewOptionHandler.java b/core/src/main/java/hudson/cli/handlers/ViewOptionHandler.java
index 729d6f571b..e1888db0e1 100644
--- a/core/src/main/java/hudson/cli/handlers/ViewOptionHandler.java
+++ b/core/src/main/java/hudson/cli/handlers/ViewOptionHandler.java
@@ -103,12 +103,13 @@ public class ViewOptionHandler extends OptionHandler<View> {
             String viewName = tok.nextToken();
 
             view = group.getView(viewName);
-            if (view == null)
+            if (view == null) {
+                group.checkPermission(View.READ);
                 throw new IllegalArgumentException(String.format(
                         "No view named %s inside view %s",
                         viewName, group.getDisplayName()
                 ));
-
+            }
             view.checkPermission(View.READ);
             if (view instanceof ViewGroup) {
                 group = (ViewGroup) view;
diff --git a/core/src/test/java/hudson/cli/handlers/ViewOptionHandlerTest.java b/core/src/test/java/hudson/cli/handlers/ViewOptionHandlerTest.java
index 1f17d89d77..38639ea21d 100644
--- a/core/src/test/java/hudson/cli/handlers/ViewOptionHandlerTest.java
+++ b/core/src/test/java/hudson/cli/handlers/ViewOptionHandlerTest.java
@@ -31,10 +31,12 @@ import static org.mockito.Mockito.verifyZeroInteractions;
 import static org.mockito.Mockito.when;
 import hudson.model.ViewGroup;
 import hudson.model.View;
-
+import hudson.security.ACL;
+import hudson.security.Permission;
 import jenkins.model.Jenkins;
 
 import org.acegisecurity.AccessDeniedException;
+import org.acegisecurity.Authentication;
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
@@ -83,6 +85,12 @@ public class ViewOptionHandlerTest {
         PowerMockito.when(Jenkins.getActiveInstance()).thenReturn(jenkins);
         when(jenkins.getView("outer")).thenReturn(outer);
         when(jenkins.getDisplayName()).thenReturn("Jenkins");
+        when(jenkins.getACL()).thenReturn(new ACL() {
+            @Override
+            public boolean hasPermission(Authentication a, Permission p) {
+                return true;
+            }
+        });
     }
 
     @Test public void resolveTopLevelView() throws Exception {
diff --git a/test/src/test/java/hudson/cli/CLIActionTest.java b/test/src/test/java/hudson/cli/CLIActionTest.java
index 62ab20ce38..589101b48d 100644
--- a/test/src/test/java/hudson/cli/CLIActionTest.java
+++ b/test/src/test/java/hudson/cli/CLIActionTest.java
@@ -8,6 +8,7 @@ import com.google.common.collect.Lists;
 import hudson.Functions;
 import hudson.Launcher;
 import hudson.Proc;
+import hudson.model.AllView;
 import hudson.model.Item;
 import hudson.model.User;
 import hudson.remoting.Channel;
@@ -148,17 +149,17 @@ public class CLIActionTest {
         j.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy().grant(Jenkins.ADMINISTER).everywhere().to(ADMIN));
         j.createFreeStyleProject("p");
         // CLICommand with @Argument:
-        assertExitCode(3, false, jar, "-remoting", "get-job", "p"); // IllegalArgumentException from GenericItemOptionHandler
-        assertExitCode(3, false, jar, "get-job", "p"); // ditto under new protocol
-        assertExitCode(3, false, jar, "-remoting", "get-job", "--username", ADMIN, "--password", ADMIN, "p"); // JENKINS-12543: too late
-        assertExitCode(3, false, jar, "get-job", "--username", ADMIN, "--password", ADMIN, "p"); // same
+        assertExitCode(6, false, jar, "-remoting", "get-job", "p"); // SECURITY-754 requires Overall/Read for nearly all CLICommands.
+        assertExitCode(6, false, jar, "get-job", "p"); // ditto under new protocol
+        assertExitCode(6, false, jar, "-remoting", "get-job", "--username", ADMIN, "--password", ADMIN, "p"); // SECURITY-754 and JENKINS-12543: too late
+        assertExitCode(6, false, jar, "get-job", "--username", ADMIN, "--password", ADMIN, "p"); // same
         assertExitCode(0, false, jar, "-remoting", "login", "--username", ADMIN, "--password", ADMIN);
         try {
-            assertExitCode(3, false, jar, "-remoting", "get-job", "p"); // ClientAuthenticationCache also used too late
+            assertExitCode(6, false, jar, "-remoting", "get-job", "p"); // SECURITY-754: ClientAuthenticationCache also used too late
         } finally {
             assertExitCode(0, false, jar, "-remoting", "logout");
         }
-        assertExitCode(3, true, jar, "-remoting", "get-job", "p"); // does not work with API tokens
+        assertExitCode(6, true, jar, "-remoting", "get-job", "p"); // SECURITY-754: does not work with API tokens
         assertExitCode(0, true, jar, "get-job", "p"); // but does under new protocol
         // @CLIMethod:
         assertExitCode(6, false, jar, "-remoting", "disable-job", "p"); // AccessDeniedException from CLIRegisterer?
@@ -283,6 +284,31 @@ public class CLIActionTest {
         assertEquals(0, proc.join());
     }
 
+    @Issue("SECURITY-754")
+    @Test
+    public void noPreAuthOptionHandlerInfoLeak() throws Exception {
+        File jar = tmp.newFile("jenkins-cli.jar");
+        FileUtils.copyURLToFile(j.jenkins.getJnlpJars("jenkins-cli.jar").getURL(), jar);
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        j.jenkins.addView(new AllView("v1"));
+        j.jenkins.addNode(j.createSlave("n1", null, null));
+        j.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy().grant(Jenkins.ADMINISTER).everywhere().to(ADMIN));
+        // No anonymous read access
+        assertExitCode(6, false, jar, "get-view", "v1");
+        assertExitCode(6, false, jar, "get-view", "v2"); // Error code 3 before SECURITY-754
+        assertExitCode(6, false, jar, "get-node", "n1");
+        assertExitCode(6, false, jar, "get-node", "n2"); // Error code 3 before SECURITY-754
+        // Authenticated with no read access
+        assertExitCode(6, false, jar, "-auth", "user:user", "get-view", "v1");
+        assertExitCode(6, false, jar, "-auth", "user:user", "get-view", "v2"); // Error code 3 before SECURITY-754
+        assertExitCode(6, false, jar, "-auth", "user:user", "get-node", "n1");
+        assertExitCode(6, false, jar, "-auth", "user:user", "get-node", "n2"); // Error code 3 before SECURITY-754
+        // Anonymous read access
+        j.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy().grant(Jenkins.ADMINISTER).everywhere().to(ADMIN).grant(Jenkins.READ, Item.READ).everywhere().toEveryone());
+        assertExitCode(6, false, jar, "get-view", "v1");
+        assertExitCode(6, false, jar, "get-view", "v2"); // Error code 3 before SECURITY-754
+    }
+
     @TestExtension("encodingAndLocale")
     public static class TestDiagnosticCommand extends CLICommand {
 
-- 
GitLab


From 8521b8bf1970cf00dd30831796e29f23e5b884c9 Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Thu, 29 Mar 2018 12:14:42 +0200
Subject: [PATCH 298/863] Check buildsDir value and fail Jenkins startup if
 wrong

---
 .../java/jenkins/model/InvalidBuildsDir.java  | 16 ++++
 core/src/main/java/jenkins/model/Jenkins.java | 95 +++++++++++--------
 .../jenkins/model/JenkinsDescriptorTest.java  | 86 -----------------
 test/pom.xml                                  |  2 +-
 ...insBuildsAndWorkspacesDirectoriesTest.java | 86 ++++++++++++++++-
 5 files changed, 153 insertions(+), 132 deletions(-)
 create mode 100644 core/src/main/java/jenkins/model/InvalidBuildsDir.java
 delete mode 100644 core/src/test/java/jenkins/model/JenkinsDescriptorTest.java

diff --git a/core/src/main/java/jenkins/model/InvalidBuildsDir.java b/core/src/main/java/jenkins/model/InvalidBuildsDir.java
new file mode 100644
index 0000000000..7e9b8f348d
--- /dev/null
+++ b/core/src/main/java/jenkins/model/InvalidBuildsDir.java
@@ -0,0 +1,16 @@
+package jenkins.model;
+
+import hudson.util.BootFailure;
+
+public class InvalidBuildsDir extends BootFailure {
+    private String message;
+
+    public InvalidBuildsDir(String message) {
+        this.message = message;
+    }
+
+    @Override
+    public String getMessage() {
+        return message;
+    }
+}
diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index e9235835cc..d9c9af7974 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -27,6 +27,7 @@
 package jenkins.model;
 
 import antlr.ANTLRException;
+import com.google.common.annotations.VisibleForTesting;
 import com.google.common.collect.ImmutableMap;
 import com.google.common.collect.ImmutableSet;
 import com.google.common.collect.Lists;
@@ -2137,46 +2138,6 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
             return FormValidation.validateNonNegativeInteger(value);
         }
 
-        public FormValidation doCheckRawBuildsDir(@QueryParameter String value) {
-            // do essentially what expandVariablesForDirectory does, without an Item
-            String replacedValue = expandVariablesForDirectory(value,
-                    "doCheckRawBuildsDir-Marker:foo",
-                    Jenkins.getInstance().getRootDir().getPath() + "/jobs/doCheckRawBuildsDir-Marker$foo");
-
-            File replacedFile = new File(replacedValue);
-            if (!replacedFile.isAbsolute()) {
-                return FormValidation.error(value + " does not resolve to an absolute path");
-            }
-
-            if (!replacedValue.contains("doCheckRawBuildsDir-Marker")) {
-                return FormValidation.error(value + " does not contain ${ITEM_FULL_NAME} or ${ITEM_ROOTDIR}, cannot distinguish between projects");
-            }
-
-            if (replacedValue.contains("doCheckRawBuildsDir-Marker:foo")) {
-                // make sure platform can handle colon
-                try {
-                    File tmp = File.createTempFile("Jenkins-doCheckRawBuildsDir", "foo:bar");
-                    tmp.delete();
-                } catch (IOException e) {
-                    return FormValidation.error(value + " contains ${ITEM_FULLNAME} but your system does not support it (JENKINS-12251). Use ${ITEM_FULL_NAME} instead");
-                }
-            }
-
-            File d = new File(replacedValue);
-            if (!d.isDirectory()) {
-                // if dir does not exist (almost guaranteed) need to make sure nearest existing ancestor can be written to
-                d = d.getParentFile();
-                while (!d.exists()) {
-                    d = d.getParentFile();
-                }
-                if (!d.canWrite()) {
-                    return FormValidation.error(value + " does not exist and probably cannot be created");
-                }
-            }
-
-            return FormValidation.ok();
-        }
-
         // to route /descriptor/FQCN/xxx to getDescriptor(FQCN).xxx
         public Object getDynamic(String token) {
             return Jenkins.getInstance().getDescriptor(token);
@@ -3041,13 +3002,21 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
             cfg.unmarshal(Jenkins.this);
         }
 
-        setBuildsAndWorkspacesDir();
+        try {
+            checkRawBuildsDir(buildsDir);
+            setBuildsAndWorkspacesDir();
+        } catch (InvalidBuildsDir invalidBuildsDir) {
+            throw new IOException(invalidBuildsDir);
+        }
+
     }
 
-    private void setBuildsAndWorkspacesDir() throws IOException {
+    private void setBuildsAndWorkspacesDir() throws IOException, InvalidBuildsDir {
         boolean mustSave = false;
         String newBuildsDir = SystemProperties.getString(BUILDS_DIR_PROP);
         if (newBuildsDir != null && !buildsDir.equals(newBuildsDir)) {
+
+            checkRawBuildsDir(newBuildsDir);
             LOGGER.log(Level.WARNING, "Changing builds directories from {0} to {1}. Beware that no automated data migration will occur.",
                        new String[]{buildsDir, newBuildsDir});
             buildsDir = newBuildsDir;
@@ -3069,7 +3038,49 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
         if (mustSave) {
             save();
         }
+    }
+
+    /**
+     * @param value
+     */
+    @VisibleForTesting
+    /*private*/ static void checkRawBuildsDir(String value) throws InvalidBuildsDir {
+
+        // do essentially what expandVariablesForDirectory does, without an Item
+        String replacedValue = expandVariablesForDirectory(value,
+                                                           "doCheckRawBuildsDir-Marker:foo",
+                                                           Jenkins.getInstance().getRootDir().getPath() + "/jobs/doCheckRawBuildsDir-Marker$foo");
+
+        File replacedFile = new File(replacedValue);
+        if (!replacedFile.isAbsolute()) {
+            throw new InvalidBuildsDir(value + " does not resolve to an absolute path");
+        }
+
+        if (!replacedValue.contains("doCheckRawBuildsDir-Marker")) {
+            throw new InvalidBuildsDir(value + " does not contain ${ITEM_FULL_NAME} or ${ITEM_ROOTDIR}, cannot distinguish between projects");
+        }
+
+        if (replacedValue.contains("doCheckRawBuildsDir-Marker:foo")) {
+            // make sure platform can handle colon
+            try {
+                File tmp = File.createTempFile("Jenkins-doCheckRawBuildsDir", "foo:bar");
+                tmp.delete();
+            } catch (IOException e) {
+                throw new InvalidBuildsDir(value +  " contains ${ITEM_FULLNAME} but your system does not support it (JENKINS-12251). Use ${ITEM_FULL_NAME} instead");
+            }
+        }
 
+        File d = new File(replacedValue);
+        if (!d.isDirectory()) {
+            // if dir does not exist (almost guaranteed) need to make sure nearest existing ancestor can be written to
+            d = d.getParentFile();
+            while (!d.exists()) {
+                d = d.getParentFile();
+            }
+            if (!d.canWrite()) {
+                throw new InvalidBuildsDir(value +  " does not exist and probably cannot be created");
+            }
+        }
     }
 
     private synchronized TaskBuilder loadTasks() throws IOException {
diff --git a/core/src/test/java/jenkins/model/JenkinsDescriptorTest.java b/core/src/test/java/jenkins/model/JenkinsDescriptorTest.java
deleted file mode 100644
index 5c0e5fb863..0000000000
--- a/core/src/test/java/jenkins/model/JenkinsDescriptorTest.java
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * The MIT License
- *
- * Copyright (c) 2014 Daniel Beck
- *
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included in
- * all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
- * THE SOFTWARE.
- */
-package jenkins.model;
-
-import hudson.util.FormValidation;
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.mockito.Mock;
-import org.mockito.MockitoAnnotations;
-import org.powermock.api.mockito.PowerMockito;
-import org.powermock.core.classloader.annotations.PrepareForTest;
-import org.powermock.modules.junit4.PowerMockRunner;
-
-import java.io.File;
-
-import static org.junit.Assert.assertTrue;
-import static org.mockito.Matchers.anyString;
-import static org.mockito.Mockito.when;
-
-@RunWith(PowerMockRunner.class)
-public class JenkinsDescriptorTest {
-
-    @Mock
-    Jenkins jenkins;
-
-    @Before
-    public void setUp() throws Exception {
-        MockitoAnnotations.initMocks(this);
-    }
-
-    private FormValidation checkBuildsDir(String buildsDir) {
-        return Jenkins.DescriptorImpl.INSTANCE.doCheckRawBuildsDir(buildsDir);
-    }
-
-    private boolean isOK(String buildsDir) {
-        return checkBuildsDir(buildsDir).kind == FormValidation.Kind.OK;
-    }
-
-    private boolean isError(String buildsDir) {
-        return checkBuildsDir(buildsDir).kind == FormValidation.Kind.ERROR;
-    }
-
-    @Test
-    @PrepareForTest(Jenkins.class)
-    public void testBuildDirValidation() {
-        PowerMockito.mockStatic(Jenkins.class);
-        PowerMockito.when(Jenkins.getInstance()).thenReturn(jenkins);
-        PowerMockito.when(Jenkins.expandVariablesForDirectory(anyString(), anyString(), anyString())).thenCallRealMethod();
-        when(jenkins.getRootDir()).thenReturn(new File(".").getAbsoluteFile());
-
-        assertTrue(isOK("$JENKINS_HOME/foo/$ITEM_FULL_NAME"));
-        assertTrue(isOK("${ITEM_ROOTDIR}/builds"));
-
-        assertTrue(isError("$JENKINS_HOME"));
-        assertTrue(isError("$JENKINS_HOME/builds"));
-        assertTrue(isError("$ITEM_FULL_NAME"));
-        assertTrue(isError("/path/to/builds"));
-        assertTrue(isError("/invalid/$JENKINS_HOME"));
-        assertTrue(isError("relative/ITEM_FULL_NAME"));
-
-        // TODO test literal absolute paths (e.g. /foo/$ITEM_FULL_NAME), ITEM_FULLNAME
-    }
-
-}
\ No newline at end of file
diff --git a/test/pom.xml b/test/pom.xml
index 2e918d046f..54bc586740 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -53,7 +53,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>${project.groupId}</groupId>
       <artifactId>jenkins-test-harness</artifactId>
-      <version>2.33</version>
+      <version>2.35-20180329.095418-3</version>
       <scope>test</scope>
       <exclusions>
         <exclusion>
diff --git a/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java b/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java
index 7f6d6c4502..baf3ae1416 100644
--- a/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java
+++ b/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java
@@ -22,6 +22,7 @@ import org.jvnet.hudson.test.recipes.LocalData;
 import java.io.File;
 import java.io.IOException;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.List;
 import java.util.logging.Level;
 import java.util.stream.Stream;
@@ -31,6 +32,7 @@ import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertThat;
 import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
 import static org.junit.Assume.assumeFalse;
 
 /**
@@ -67,6 +69,84 @@ public class JenkinsBuildsAndWorkspacesDirectoriesTest {
                 .forEach(System::clearProperty);
     }
 
+    @Issue("JENKINS-50164")
+    @Test
+    public void badValueForBuildsDir() {
+        story.then((rule) -> {
+            final List<String> badValues = Arrays.asList(
+                    "blah",
+                    "$JENKINS_HOME",
+                    "$JENKINS_HOME/builds",
+                    "$ITEM_FULL_NAME",
+                    "/path/to/builds",
+                    "/invalid/$JENKINS_HOME",
+                    "relative/ITEM_FULL_NAME",
+                    "/foo/$ITEM_FULL_NAME",
+                    "/$ITEM_FULLNAME");
+
+            for (String badValue : badValues) {
+                try {
+                    Jenkins.checkRawBuildsDir(badValue);
+                    fail(badValue + " should have been rejected");
+                } catch (InvalidBuildsDir invalidBuildsDir) {
+                    // expected failure
+                }
+            }
+        });
+    }
+
+    @Issue("JENKINS-50164")
+    @Test
+    public void goodValueForBuildsDir() {
+        story.then((rule) -> {
+            final List<String> badValues = Arrays.asList(
+                    "$JENKINS_HOME/foo/$ITEM_FULL_NAME",
+                    "${ITEM_ROOTDIR}/builds");
+
+            for (String goodValue : badValues) {
+                Jenkins.checkRawBuildsDir(goodValue);
+            }
+        });
+    }
+
+    @Issue("JENKINS-50164")
+    @Test
+    public void jenkinsDoesNotStartWithBadSysProp() {
+
+        loggerRule.record(Jenkins.class, Level.WARNING)
+                .record(Jenkins.class, Level.INFO)
+                .capture(100);
+
+        story.then(rule -> {
+            assertTrue(story.j.getInstance().isDefaultBuildDir());
+            setBuildsDirProperty("/bluh");
+        });
+
+        story.thenDoesNotStart();
+    }
+
+    @Issue("JENKINS-50164")
+    @Test
+    public void jenkinsDoesNotStartWithScrewedUpConfigXml() {
+
+        loggerRule.record(Jenkins.class, Level.WARNING)
+                .record(Jenkins.class, Level.INFO)
+                .capture(100);
+
+        story.then(rule -> {
+
+            assertTrue(story.j.getInstance().isDefaultBuildDir());
+
+            // Now screw up the value by writing into the file directly, like one could do using external XML manipulation tools
+            final File configFile = new File(rule.jenkins.getRootDir(), "config.xml");
+            final String screwedUp = FileUtils.readFileToString(configFile).
+                    replaceFirst("<buildsDir>.*</buildsDir>", "<buildsDir>eeeeeeeeek</buildsDir>");
+            FileUtils.write(configFile, screwedUp);
+        });
+
+        story.thenDoesNotStart();
+    }
+
     @Issue("JENKINS-50164")
     @Test
     public void buildsDir() throws Exception {
@@ -81,13 +161,13 @@ public class JenkinsBuildsAndWorkspacesDirectoriesTest {
 
         story.then(steps -> {
             assertTrue(story.j.getInstance().isDefaultBuildDir());
-            setBuildsDirProperty("blah");
+            setBuildsDirProperty("$JENKINS_HOME/plouf/$ITEM_FULL_NAME/bluh");
             assertFalse(JenkinsBuildsAndWorkspacesDirectoriesTest.this.logWasFound(LOG_WHEN_CHANGING_BUILDS_DIR));
         });
 
         story.then(step -> {
                        assertFalse(story.j.getInstance().isDefaultBuildDir());
-                       assertEquals("blah", story.j.getInstance().getRawBuildsDir());
+                       assertEquals("$JENKINS_HOME/plouf/$ITEM_FULL_NAME/bluh", story.j.getInstance().getRawBuildsDir());
                        assertTrue(logWasFound("Changing builds directories from "));
                    }
         );
@@ -134,7 +214,7 @@ public class JenkinsBuildsAndWorkspacesDirectoriesTest {
         assumeFalse(Functions.isWindows()); // Default Windows lifecycle does not support restart.
 
         // check starting point and change config for next run
-        final String newBuildsDirValueBySysprop = "bling/${ITEM_ROOTDIR}/bluh";
+        final String newBuildsDirValueBySysprop = "/tmp/${ITEM_ROOTDIR}/bluh";
         story.then(j -> {
             assertEquals("${ITEM_ROOTDIR}/ze-previous-custom-builds", j.jenkins.getRawBuildsDir());
             setBuildsDirProperty(newBuildsDirValueBySysprop);
-- 
GitLab


From 22629729b31507c279b4971d9d983bde3a473dc5 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Thu, 29 Mar 2018 14:28:06 +0200
Subject: [PATCH 299/863] Fix the CLI tests for logout of user without READ
 permission

---
 core/src/main/java/hudson/cli/CLICommand.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/cli/CLICommand.java b/core/src/main/java/hudson/cli/CLICommand.java
index 329356ac49..d5535a700f 100644
--- a/core/src/main/java/hudson/cli/CLICommand.java
+++ b/core/src/main/java/hudson/cli/CLICommand.java
@@ -268,7 +268,7 @@ public abstract class CLICommand implements ExtensionPoint, Cloneable {
             sc.setAuthentication(getTransportAuthentication());
             new ClassParser().parse(authenticator,p);
 
-            if (!(this instanceof LoginCommand || this instanceof LogoutCommand || this instanceof HelpCommand))
+            if (!(this instanceof LoginCommand || this instanceof LogoutCommand || this instanceof HelpCommand || this instanceof WhoAmICommand))
                 Jenkins.getActiveInstance().checkPermission(Jenkins.READ);
             p.parseArgument(args.toArray(new String[args.size()]));
             Authentication auth = authenticator.authenticate();
-- 
GitLab


From c82620dca9ebe9d4e1d6eecc4c1fd878532c9a62 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Sat, 31 Mar 2018 19:06:21 +0200
Subject: [PATCH 300/863] Minimize readResolve visibility (#2567)

* Minimize readResolve visibility

* Relax visibility from private to protected
---
 core/src/main/java/hudson/ProxyConfiguration.java             | 2 +-
 core/src/main/java/hudson/model/MyViewsProperty.java          | 3 +++
 core/src/main/java/hudson/scm/NullChangeLogParser.java        | 2 +-
 core/src/main/java/hudson/tasks/ArtifactArchiver.java         | 4 ++--
 core/src/main/java/jenkins/install/InstallState.java          | 2 +-
 test/src/test/java/hudson/model/RunMapTest.java               | 2 +-
 test/src/test/java/hudson/triggers/TriggerTest.java           | 2 +-
 .../test/java/hudson/util/RobustReflectionConverterTest.java  | 2 +-
 8 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/core/src/main/java/hudson/ProxyConfiguration.java b/core/src/main/java/hudson/ProxyConfiguration.java
index d8c0d032af..b8ba5bdf3f 100644
--- a/core/src/main/java/hudson/ProxyConfiguration.java
+++ b/core/src/main/java/hudson/ProxyConfiguration.java
@@ -204,7 +204,7 @@ public final class ProxyConfiguration extends AbstractDescribableImpl<ProxyConfi
         SaveableListener.fireOnChange(this, config);
     }
 
-    public Object readResolve() {
+    private Object readResolve() {
         if (secretPassword == null)
             // backward compatibility : get scrambled password and store it encrypted
             secretPassword = Secret.fromString(Scrambler.descramble(password));
diff --git a/core/src/main/java/hudson/model/MyViewsProperty.java b/core/src/main/java/hudson/model/MyViewsProperty.java
index 379b37d15d..c7852d926d 100644
--- a/core/src/main/java/hudson/model/MyViewsProperty.java
+++ b/core/src/main/java/hudson/model/MyViewsProperty.java
@@ -47,6 +47,8 @@ import net.sf.json.JSONObject;
 
 import org.acegisecurity.AccessDeniedException;
 import org.jenkinsci.Symbol;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
 import org.kohsuke.stapler.DataBoundConstructor;
 import org.kohsuke.stapler.HttpRedirect;
 import org.kohsuke.stapler.HttpResponse;
@@ -87,6 +89,7 @@ public class MyViewsProperty extends UserProperty implements ModifiableViewGroup
         this(null);
     }
 
+    @Restricted(NoExternalUse.class)
     public Object readResolve() {
         if (views == null)
             // this shouldn't happen, but an error in 1.319 meant the last view could be deleted
diff --git a/core/src/main/java/hudson/scm/NullChangeLogParser.java b/core/src/main/java/hudson/scm/NullChangeLogParser.java
index 19f6aeceb7..d78a03cce3 100644
--- a/core/src/main/java/hudson/scm/NullChangeLogParser.java
+++ b/core/src/main/java/hudson/scm/NullChangeLogParser.java
@@ -41,7 +41,7 @@ public class NullChangeLogParser extends ChangeLogParser {
         return ChangeLogSet.createEmpty(build);
     }
     
-    public Object readResolve() {
+    protected Object readResolve() {
         return INSTANCE;
     }
 }
diff --git a/core/src/main/java/hudson/tasks/ArtifactArchiver.java b/core/src/main/java/hudson/tasks/ArtifactArchiver.java
index 32be646aa6..b90fe33a3a 100644
--- a/core/src/main/java/hudson/tasks/ArtifactArchiver.java
+++ b/core/src/main/java/hudson/tasks/ArtifactArchiver.java
@@ -141,9 +141,9 @@ public class ArtifactArchiver extends Recorder implements SimpleBuildStep {
     }
 
     // Backwards compatibility for older builds
-    @SuppressFBWarnings(value = "RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE", 
+    @SuppressFBWarnings(value = "RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE",
             justification = "Null checks in readResolve are valid since we deserialize and upgrade objects")
-    public Object readResolve() {
+    protected Object readResolve() {
         if (allowEmptyArchive == null) {
             this.allowEmptyArchive = SystemProperties.getBoolean(ArtifactArchiver.class.getName()+".warnOnEmpty");
         }
diff --git a/core/src/main/java/jenkins/install/InstallState.java b/core/src/main/java/jenkins/install/InstallState.java
index 943421b56d..dc6f9dc534 100644
--- a/core/src/main/java/jenkins/install/InstallState.java
+++ b/core/src/main/java/jenkins/install/InstallState.java
@@ -221,7 +221,7 @@ public class InstallState implements ExtensionPoint {
      * {@code <installState class="jenkins.install.InstallState$CreateAdminUser" resolves-to="jenkins.install.InstallState">}
      * @see #UNUSED_INNER_CLASSES
      */
-    public Object readResolve() {
+    protected Object readResolve() {
         // If we get invalid state from the configuration, fallback to unknown
         if (StringUtils.isBlank(name)) {
             LOGGER.log(Level.WARNING, "Read install state with blank name: ''{0}''. It will be ignored", name);
diff --git a/test/src/test/java/hudson/model/RunMapTest.java b/test/src/test/java/hudson/model/RunMapTest.java
index 3d555f2691..bfa4529ee9 100644
--- a/test/src/test/java/hudson/model/RunMapTest.java
+++ b/test/src/test/java/hudson/model/RunMapTest.java
@@ -98,7 +98,7 @@ public class RunMapTest {
     }
 
     public static class BombAction extends InvisibleAction {
-        public Object readResolve() {
+        private Object readResolve() {
             bombed = true;
             throw new NullPointerException();
         }
diff --git a/test/src/test/java/hudson/triggers/TriggerTest.java b/test/src/test/java/hudson/triggers/TriggerTest.java
index 48679ff669..c915da8007 100644
--- a/test/src/test/java/hudson/triggers/TriggerTest.java
+++ b/test/src/test/java/hudson/triggers/TriggerTest.java
@@ -71,7 +71,7 @@ public class TriggerTest {
 
         // Override Trigger#readResolve so this one is not called
         @Override
-        public Object readResolve() {
+        protected Object readResolve() {
             return this;
         }
 
diff --git a/test/src/test/java/hudson/util/RobustReflectionConverterTest.java b/test/src/test/java/hudson/util/RobustReflectionConverterTest.java
index d728e053f1..2eef414668 100644
--- a/test/src/test/java/hudson/util/RobustReflectionConverterTest.java
+++ b/test/src/test/java/hudson/util/RobustReflectionConverterTest.java
@@ -100,7 +100,7 @@ public class RobustReflectionConverterTest {
             return ACCEPT_KEYWORD.equals(keyword);
         }
         
-        public Object readResolve() throws Exception {
+        private Object readResolve() throws Exception {
             if (!ACL.SYSTEM.equals(Jenkins.getAuthentication())) {
                 // called via REST / CLI with authentication
                 if (!isAcceptable()) {
-- 
GitLab


From 7983ec1309364a80abdcaa8dbfd342b9e0cc2425 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 1 Apr 2018 16:15:39 -0700
Subject: [PATCH 301/863] [maven-release-plugin] prepare release jenkins-2.114

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 645b225215..75b67d0914 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.114-SNAPSHOT</version>
+    <version>2.114</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 44d05fa146..85eba5ba79 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.114-SNAPSHOT</version>
+    <version>2.114</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 5545718723..0051a82116 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.114-SNAPSHOT</version>
+  <version>2.114</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.114</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 9b5587f431..274c9e5298 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.114-SNAPSHOT</version>
+    <version>2.114</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 36b566df2b..c525c6ee8e 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.114-SNAPSHOT</version>
+    <version>2.114</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 7f311c113bda50862a26534ff50884089da5c41b Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 1 Apr 2018 16:15:39 -0700
Subject: [PATCH 302/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 75b67d0914..560191bb54 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.114</version>
+    <version>2.115-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 85eba5ba79..ac6459627e 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.114</version>
+    <version>2.115-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 0051a82116..c8651d69ad 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.114</version>
+  <version>2.115-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.114</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 274c9e5298..811bc5f8f7 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.114</version>
+    <version>2.115-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index c525c6ee8e..5ec28e4a4b 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.114</version>
+    <version>2.115-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 434ddbdcf7fd60dc526c175a547e5fd3aaaef70f Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Mon, 2 Apr 2018 16:37:36 +0200
Subject: [PATCH 303/863] Use released version of jenkins-test-harness

---
 test/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/pom.xml b/test/pom.xml
index 54bc586740..643266ade7 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -53,7 +53,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>${project.groupId}</groupId>
       <artifactId>jenkins-test-harness</artifactId>
-      <version>2.35-20180329.095418-3</version>
+      <version>2.36</version>
       <scope>test</scope>
       <exclusions>
         <exclusion>
-- 
GitLab


From 547fd6fe6ef2823d04a1517fb08f6d714ff4423a Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 2 Apr 2018 15:55:40 -0400
Subject: [PATCH 304/863] Removing VirtualFile.asRemotable in favor of
 toExternalURL.

---
 core/src/main/java/hudson/FilePath.java       | 23 +++++++++++++++
 .../main/java/jenkins/util/VirtualFile.java   | 28 ++-----------------
 2 files changed, 26 insertions(+), 25 deletions(-)

diff --git a/core/src/main/java/hudson/FilePath.java b/core/src/main/java/hudson/FilePath.java
index 2f21b2cd5d..49f6037655 100644
--- a/core/src/main/java/hudson/FilePath.java
+++ b/core/src/main/java/hudson/FilePath.java
@@ -139,6 +139,7 @@ import static hudson.Util.isSymlink;
 
 import java.util.Collections;
 import org.apache.tools.ant.BuildException;
+import org.kohsuke.accmod.restrictions.Beta;
         
 /**
  * {@link File} like object with remoting support.
@@ -903,6 +904,28 @@ public final class FilePath implements Serializable {
         }
     }
 
+    /**
+     * Copies the content of a URL to a remote file.
+     * Unlike {@link #copyFrom} this will not transfer content over a Remoting channel.
+     * @since FIXME
+     */
+    @Restricted(Beta.class)
+    public void copyFromRemotely(URL url) throws IOException, InterruptedException {
+        act(new CopyFromRemotely(url));
+    }
+    private final class CopyFromRemotely extends MasterToSlaveFileCallable<Void> {
+        private static final long serialVersionUID = 1;
+        private final URL url;
+        CopyFromRemotely(URL url) {
+            this.url = url;
+        }
+        @Override
+        public Void invoke(File f, VirtualChannel channel) throws IOException, InterruptedException {
+            copyFrom(url);
+            return null;
+        }
+    }
+
     /**
      * Replaces the content of this file by the data from the given {@link InputStream}.
      *
diff --git a/core/src/main/java/jenkins/util/VirtualFile.java b/core/src/main/java/jenkins/util/VirtualFile.java
index 9427bbd85e..e59ad888bd 100644
--- a/core/src/main/java/jenkins/util/VirtualFile.java
+++ b/core/src/main/java/jenkins/util/VirtualFile.java
@@ -95,8 +95,7 @@ import org.kohsuke.accmod.restrictions.Beta;
  * would wind up transferring the file from the service to the Jenkins master and then on to an agent.
  * Similarly, if {@link DirectoryBrowserSupport} rendered a link to an in-Jenkins URL,
  * a large file could be transferred from the service to the Jenkins master and then on to the browser.
- * To avoid this overhead, callers may check whether an implementation
- * supports {@link #asRemotable} and/or {@link #toExternalURL}.
+ * To avoid this overhead, callers may check whether an implementation supports {@link #toExternalURL}.
  *
  * @see DirectoryBrowserSupport
  * @see FilePath
@@ -334,24 +333,6 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
         return callable.call();
     }
 
-    /**
-     * Optionally produces a variant of this handle which may be safely passed over a Remoting {@link Channel}.
-     * This would allow remote nodes such as agents to make calls such as {@link #open}
-     * and be assured of the most efficient possible access.
-     * Otherwise, all calls must be made on the node originally producing this object,
-     * and the caller must arrange for transport of the result.
-     * <p>Note that the result of {@link #forFilePath} does <em>not</em> implement this method,
-     * since a {@link FilePath} may only be transferred over the channel on which it was created.
-     * It cannot, for example, be used to represent a workspace file from one agent on another agent.
-     * @return this object or a variant which may be passed over a {@link Channel}, or null if there is no such support
-     * @since FIXME
-     * @see #toExternalURL
-     */
-    @Restricted(Beta.class)
-    public @CheckForNull VirtualFile asRemotable() {
-        return null;
-    }
-
     /**
      * Optionally obtains a URL which may be used to retrieve file contents from any process on any node.
      * For example, given cloud storage this might produce a permalink to the file.
@@ -360,15 +341,12 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
      * <p>Any necessary authentication must be encoded somehow into the URL itself;
      * do not include any tokens or other authentication which might allow access to unrelated files
      * (for example {@link ArtifactManager} builds from a different job).
-     * The URL might be valid for only a limited amount of time or even only a single use;
+     * Authentication should be limited to download, not upload or any other modifications.
+     * <p>The URL might be valid for only a limited amount of time or even only a single use;
      * this method should be called anew every time an external URL is required.
-     * <p>Generally this will be harder to implement than {@link #asRemotable},
-     * which would have the opportunity to perform arbitrary preparation for {@link #open}
-     * such as negotiating session authentication.
      * @return an externally usable URL like {@code https://gist.githubusercontent.com/ACCT/GISTID/raw/COMMITHASH/FILE}, or null if there is no such support
      * @since FIXME
      * @see #toURI
-     * @see #asRemotable
      */
     @Restricted(Beta.class)
     public @CheckForNull URL toExternalURL() throws IOException {
-- 
GitLab


From a54d49b634e2cdd2fc11ab0021a1865630fc339e Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Tue, 3 Apr 2018 11:29:16 -0400
Subject: [PATCH 305/863] access-modifier.version=1.14

---
 pom.xml | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/pom.xml b/pom.xml
index ac3afe1489..722c99acb5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -93,10 +93,9 @@ THE SOFTWARE.
     <matrix-project.version>1.4.1</matrix-project.version>
     <sorcerer.version>0.11</sorcerer.version>
     <animal.sniffer.skip>${skipTests}</animal.sniffer.skip>
-    <access-modifier.version>1.14-SNAPSHOT</access-modifier.version> <!-- TODO https://github.com/kohsuke/access-modifier/pull/11 -->
-    <!-- After release, would just be ${access-modifier.version}: -->
-    <access-modifier-annotation.version>1.14-20180326.221427-2</access-modifier-annotation.version>
-    <access-modifier-checker.version>1.14-20180326.221430-2</access-modifier-checker.version>
+    <access-modifier.version>1.14</access-modifier.version>
+    <access-modifier-annotation.version>${access-modifier.version}</access-modifier-annotation.version> <!-- differing only where needed for timestamped snapshots -->
+    <access-modifier-checker.version>${access-modifier.version}</access-modifier-checker.version>
 
     <java.level>8</java.level>
 
-- 
GitLab


From fb4d9ed80b507c8d687054dc7b0b81a0637b5a96 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20Gond=C5=BEa?= <ogondza@gmail.com>
Date: Wed, 4 Apr 2018 13:03:54 +0200
Subject: [PATCH 306/863] Pull in ATH smoke tests at least

---
 Jenkinsfile | 25 ++++++++++++++++++++++++-
 1 file changed, 24 insertions(+), 1 deletion(-)

diff --git a/Jenkinsfile b/Jenkinsfile
index 5d2a10435f..20ac0b0b63 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -13,7 +13,7 @@
 def runTests = true
 def failFast = false
 
-properties([buildDiscarder(logRotator(numToKeepStr: '50', artifactNumToKeepStr: '20'))])
+properties([buildDiscarder(logRotator(numToKeepStr: '50', artifactNumToKeepStr: '20')), durabilityHint('PERFORMANCE_OPTIMIZED')])
 
 // see https://github.com/jenkins-infra/documentation/blob/master/ci.adoc for information on what node types are available
 def buildTypes = ['Linux', 'Windows']
@@ -66,6 +66,29 @@ for(i = 0; i < buildTypes.size(); i++) {
     }
 }
 
+builds.ath = {
+    node("docker&&highmem") {
+        // Just to be safe
+        deleteDir()
+        def fileUri
+        def metadataPath
+        dir("sources") {
+            checkout scm
+            withMavenEnv(["JAVA_OPTS=-Xmx1536m -Xms512m",
+                          "MAVEN_OPTS=-Xmx1536m -Xms512m"]) {
+                sh "mvn -DskipTests -am -pl war package -Dmaven.repo.local=${pwd tmp: true}/m2repo -s settings-azure.xml"
+            }
+            dir("war/target") {
+                fileUri = "file://" + pwd() + "/jenkins.war"
+            }
+            metadataPath = pwd() + "/essentials.yml"
+        }
+        dir("ath") {
+            runATH jenkins: fileUri, metadataFile: metadataPath
+        }
+    }
+}
+
 builds.failFast = failFast
 parallel builds
 
-- 
GitLab


From 65261813265bda0afe339ff2f5000b0ec86f87f9 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <Wadeck@users.noreply.github.com>
Date: Wed, 4 Apr 2018 14:00:34 +0200
Subject: [PATCH 307/863] Developer API: Add new HttpResponses#errorJSON()
 methods (#3379)

Developer API: Add new HttpResponses#errorJSON() methods
---
 .../main/java/hudson/util/HttpResponses.java  | 24 +++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/core/src/main/java/hudson/util/HttpResponses.java b/core/src/main/java/hudson/util/HttpResponses.java
index d6b8fb2257..8c4bdeda9a 100644
--- a/core/src/main/java/hudson/util/HttpResponses.java
+++ b/core/src/main/java/hudson/util/HttpResponses.java
@@ -100,6 +100,30 @@ public class HttpResponses extends org.kohsuke.stapler.HttpResponses {
         return new JSONObjectResponse().error(message);
     }
 
+    /**
+     * Set the response as an error response plus some data.
+     * @param message The error "message" set on the response.
+     * @param data The data.
+     * @return {@code this} object.
+     *
+     * @since TODO
+     */
+    public static HttpResponse errorJSON(@Nonnull String message, @Nonnull JSONObject data) {
+        return new JSONObjectResponse(data).error(message);
+    }
+
+    /**
+     * Set the response as an error response plus some data.
+     * @param message The error "message" set on the response.
+     * @param data The data.
+     * @return {@code this} object.
+     *
+     * @since TODO
+     */
+    public static HttpResponse errorJSON(@Nonnull String message, @Nonnull JSONArray data) {
+        return new JSONObjectResponse(data).error(message);
+    }
+
     /**
      * {@link net.sf.json.JSONObject} response.
      *
-- 
GitLab


From e2c2e35cc5c2b2672eb3f6d6969178688ac78d9c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20Gond=C5=BEa?= <ogondza@gmail.com>
Date: Fri, 6 Apr 2018 10:19:46 +0200
Subject: [PATCH 308/863] [JENKINS-50585] Explicitly declared core builds
 against ATH smoke tests only

---
 essentials.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/essentials.yml b/essentials.yml
index ef5ef15f07..c1d2a77dcc 100644
--- a/essentials.yml
+++ b/essentials.yml
@@ -1,4 +1,6 @@
 ---
 ath:
   useLocalSnapshots: false
-  athRevision: "06caf67d37d945ec5228a80d73714fac692c28d3"
\ No newline at end of file
+  athRevision: "06caf67d37d945ec5228a80d73714fac692c28d3"
+  categories:
+    - org.jenkinsci.test.acceptance.junit.SmokeTest
-- 
GitLab


From a17422ca3d1575f1df123e1871fa111993fd7dac Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Fri, 6 Apr 2018 11:06:55 +0200
Subject: [PATCH 309/863] Change the name of the classes for ignore the confirm
 popup

---
 .../resources/jenkins/security/ApiTokenProperty/config.jelly  | 4 ++--
 core/src/main/resources/lib/form/confirm.js                   | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
index f00194b36d..a66a3d9d32 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
@@ -27,7 +27,7 @@ THE SOFTWARE.
 <j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:f="/lib/form" xmlns:l="/lib/layout" xmlns:i="jelly:fmt">
     <st:adjunct includes="jenkins.security.ApiTokenProperty.resources"/>
     <f:entry title="${%CurrentTokens(instance.tokenList.size())}" help="${descriptor.getHelpFile('tokenStore')}">
-        <div class="token-list ignore-confirm-panel">
+        <div class="token-list ignore-dirty-panel">
             <j:set var="tokenList" value="${instance.tokenList}" />
             <div class="token-list-item token-list-empty-item ${tokenList == null || tokenList.isEmpty() ? '' : 'hidden-message'}">
                 <div class="list-empty-message">${%NoTokenYet}</div>
@@ -123,7 +123,7 @@ THE SOFTWARE.
             <f:entry title="${%Legacy API Token}" field="apiToken">
                 <f:readOnlyTextbox id="apiToken" default="${descriptor.noLegacyToken}"/>
             </f:entry>
-            <f:validateButton title="${%Change API Token}" method="changeToken" clazz="ignore-confirm-panel"/>
+            <f:validateButton title="${%Change API Token}" method="changeToken" clazz="ignore-dirty-panel"/>
         </f:advanced>
     </j:if>
 </j:jelly>
diff --git a/core/src/main/resources/lib/form/confirm.js b/core/src/main/resources/lib/form/confirm.js
index 025b6f4bb0..688631b39b 100644
--- a/core/src/main/resources/lib/form/confirm.js
+++ b/core/src/main/resources/lib/form/confirm.js
@@ -17,12 +17,12 @@
     }
     
     function isIgnoringConfirm(element){
-      if(element.hasClassName('ignore-confirm')){
+      if(element.hasClassName('ignore-dirty')){
         return true;
       }
       // to allow sub-section of the form to ignore confirm
       // especially useful for "pure" JavaScript area
-      var ignorePanel = element.up('.ignore-confirm-panel');
+      var ignorePanel = element.up('.ignore-dirty-panel');
       if(ignorePanel){
         return true;
       }
-- 
GitLab


From 75df729a66415625c949e8f3fab09879aa7e38e3 Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Fri, 6 Apr 2018 11:37:19 +0200
Subject: [PATCH 310/863] Log the message only once in INFO level

Without this, we will see this log more and more as plugins
start using this to put their logs at the right place.
---
 .../main/java/hudson/triggers/SafeTimerTask.java    | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/triggers/SafeTimerTask.java b/core/src/main/java/hudson/triggers/SafeTimerTask.java
index 5531e293f1..e2cc7eb8b0 100644
--- a/core/src/main/java/hudson/triggers/SafeTimerTask.java
+++ b/core/src/main/java/hudson/triggers/SafeTimerTask.java
@@ -58,6 +58,12 @@ public abstract class SafeTimerTask extends TimerTask {
      */
     static final String LOGS_ROOT_PATH_PROPERTY = SafeTimerTask.class.getName()+".logsTargetDir";
 
+    /**
+     * Local marker to know if the information about using non default root directory for logs has already been logged at least once.
+     * @see #LOGS_ROOT_PATH_PROPERTY
+     */
+    private static boolean ALREADY_LOGGED = false;
+
     public final void run() {
         // background activity gets system credential,
         // just like executors get it.
@@ -87,9 +93,14 @@ public abstract class SafeTimerTask extends TimerTask {
         if (tagsLogsPath == null) {
             return new File(Jenkins.get().getRootDir(), "logs");
         } else {
-            LOGGER.log(Level.INFO,
+            Level logLevel = Level.INFO;
+            if (ALREADY_LOGGED) {
+                logLevel = Level.FINE;
+            }
+            LOGGER.log(logLevel,
                        "Using non default root path for tasks logging: {0}. (Beware: no automated migration if you change or remove it again)",
                        LOGS_ROOT_PATH_PROPERTY);
+            ALREADY_LOGGED = true;
             return new File(tagsLogsPath);
         }
     }
-- 
GitLab


From 2d742765129c36a1919db3ebe61df72b20497a98 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20Gond=C5=BEa?= <ogondza@gmail.com>
Date: Fri, 6 Apr 2018 13:02:11 +0200
Subject: [PATCH 311/863] Run ATH as a part of tests

---
 essentials.yml | 6 ++++++
 1 file changed, 6 insertions(+)
 create mode 100644 essentials.yml

diff --git a/essentials.yml b/essentials.yml
new file mode 100644
index 0000000000..2d1b1090de
--- /dev/null
+++ b/essentials.yml
@@ -0,0 +1,6 @@
+---
+ath:
+  useLocalSnapshots: false
+  athRevision: "06caf67d37d945ec5228a80d73714fac692c28d3"
+  tests:
+    - '*'
-- 
GitLab


From 70c408cedf429ce79fdec8998635f58b4f7a02ca Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Sat, 7 Apr 2018 15:46:43 +0200
Subject: [PATCH 312/863] [FIXED JENKINS-25910] Sort nodes for label for UI
 (#1498)

* [FIXED JENKINS-25910] Sort nodes for label for UI

* [JENKINS-25910] Sort Jenkins master at beginning

* Consistent sort order

* [JENKINS-25910] Instead use dedicated UI support method
---
 core/src/main/java/hudson/model/Label.java    | 22 ++++++++++++++++++-
 .../resources/hudson/model/Label/index.jelly  |  2 +-
 2 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/model/Label.java b/core/src/main/java/hudson/model/Label.java
index 0c26057765..606068104e 100644
--- a/core/src/main/java/hudson/model/Label.java
+++ b/core/src/main/java/hudson/model/Label.java
@@ -49,6 +49,8 @@ import jenkins.model.Jenkins;
 import jenkins.model.ModelObjectWithChildren;
 import org.acegisecurity.context.SecurityContext;
 import org.acegisecurity.context.SecurityContextHolder;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.DoNotUse;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.StaplerResponse;
 import org.kohsuke.stapler.export.Exported;
@@ -58,6 +60,7 @@ import java.io.StringReader;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
+import java.util.Comparator;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Set;
@@ -196,6 +199,16 @@ public abstract class Label extends Actionable implements Comparable<Label>, Mod
         return nodes.size() == 1 && nodes.iterator().next().getSelfLabel() == this;
     }
 
+    private static class NodeSorter implements Comparator<Node> {
+        @Override
+        public int compare(Node o1, Node o2) {
+            if (o1 == o2) {
+                return 0;
+            }
+            return o1 instanceof Jenkins ? -1 : (o2 instanceof Jenkins ? 1 : o1.getNodeName().compareTo(o2.getNodeName()));
+        }
+    }
+
     /**
      * Gets all {@link Node}s that belong to this label.
      */
@@ -204,7 +217,7 @@ public abstract class Label extends Actionable implements Comparable<Label>, Mod
         Set<Node> nodes = this.nodes;
         if(nodes!=null) return nodes;
 
-        Set<Node> r = new HashSet<Node>();
+        Set<Node> r = new HashSet<>();
         Jenkins h = Jenkins.getInstance();
         if(this.matches(h))
             r.add(h);
@@ -215,6 +228,13 @@ public abstract class Label extends Actionable implements Comparable<Label>, Mod
         return this.nodes = Collections.unmodifiableSet(r);
     }
 
+    @Restricted(DoNotUse.class) // Jelly
+    public Set<Node> getSortedNodes() {
+        Set<Node> r = new TreeSet<>(new NodeSorter());
+        r.addAll(getNodes());
+        return r;
+    }
+
     /**
      * Gets all {@link Cloud}s that can launch for this label.
      */
diff --git a/core/src/main/resources/hudson/model/Label/index.jelly b/core/src/main/resources/hudson/model/Label/index.jelly
index 10b239fd63..a5b4ea43ad 100644
--- a/core/src/main/resources/hudson/model/Label/index.jelly
+++ b/core/src/main/resources/hudson/model/Label/index.jelly
@@ -42,7 +42,7 @@ THE SOFTWARE.
 
       <div>
         <h2>${%Nodes}</h2>
-        <j:forEach var="n" items="${it.nodes}">
+        <j:forEach var="n" items="${it.sortedNodes}">
           <j:set var="c" value="${app.getComputer(n.nodeName)}"/>
           <j:set var="url" value="${rootURL}/${c.url}"/>
           <nobr>
-- 
GitLab


From bcab1f086f8a307f934499c32da346ad88a64adb Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 8 Apr 2018 13:00:36 -0700
Subject: [PATCH 313/863] [INFRA-1502] bake the new UC root CA.

The current UC root CA will expire in 2021. Since this key certificate
is baked into jenkins.war, it needs a plenty of time to rotate. I think
two years window would be sufficient, but since I looked, we might as
well start now.

The new key is also now 4096 bits, upgraded from previous 2048 bits.

I've also used the opportunity to remove old hudson-community root CA,
which was used during the transition period from me leaving Sun and the
birth of Jenkins. It's been long since we stopped using this cert, so no
need to honor it anymore.
---
 .../update-center-rootCAs/hudson-community    | 28 ---------------
 .../hudson-community.txt                      |  1 -
 .../jenkins-update-center-root-ca-2           | 34 +++++++++++++++++++
 .../jenkins-update-center-root-ca-2.txt       |  2 ++
 4 files changed, 36 insertions(+), 29 deletions(-)
 delete mode 100644 war/src/main/webapp/WEB-INF/update-center-rootCAs/hudson-community
 delete mode 100644 war/src/main/webapp/WEB-INF/update-center-rootCAs/hudson-community.txt
 create mode 100644 war/src/main/webapp/WEB-INF/update-center-rootCAs/jenkins-update-center-root-ca-2
 create mode 100644 war/src/main/webapp/WEB-INF/update-center-rootCAs/jenkins-update-center-root-ca-2.txt

diff --git a/war/src/main/webapp/WEB-INF/update-center-rootCAs/hudson-community b/war/src/main/webapp/WEB-INF/update-center-rootCAs/hudson-community
deleted file mode 100644
index 3e249a32d1..0000000000
--- a/war/src/main/webapp/WEB-INF/update-center-rootCAs/hudson-community
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIE1jCCA76gAwIBAgIJAImLL4rgC+O7MA0GCSqGSIb3DQEBBQUAMIGiMQswCQYD
-VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEUMBIGA1UEBxMLU2FudGEgQ2xh
-cmExFzAVBgNVBAoTDkh1ZHNvbiBwcm9qZWN0MRcwFQYDVQQLEw5IdWRzb24gUm9v
-dCBDQTEXMBUGA1UEAxMOSHVkc29uIFJvb3QgQ0ExHTAbBgkqhkiG9w0BCQEWDmh1
-ZHNvbkBzdW4uY29tMB4XDTA5MTAyNTE3NTI0MFoXDTE5MTAyMzE3NTI0MFowgaIx
-CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRQwEgYDVQQHEwtTYW50
-YSBDbGFyYTEXMBUGA1UEChMOSHVkc29uIHByb2plY3QxFzAVBgNVBAsTDkh1ZHNv
-biBSb290IENBMRcwFQYDVQQDEw5IdWRzb24gUm9vdCBDQTEdMBsGCSqGSIb3DQEJ
-ARYOaHVkc29uQHN1bi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQCp1h/pnrYRAGK6nse+3d2W4xshInJwwnR/1D3NwBLA9xs/DOrlxX96b8CbXNoW
-DGc7DpvlwpKfnhOx2jgT5/Jf3bbwQdIntXp9DPQyYLFzekNBZyd3aRySgODpdRW0
-nHcNtQWqn7jvMfu16njUer0x+ipPDCMxOvEZCSjYKrok2PUlQhN/BeS3av9vxSPi
-3FDhDukYimzhiuZiteXb1oij67FBWdI3cYAsQmU1KJyxBwLJ44cLmfLf0I1Sl6Tz
-XcTiSAYvxLogf/ESYtchBjdvmEupv611HWYjbdi4XnjW0tj+NzOcaEcsDC6f5BSt
-TxSJ3T69pIpNZjjxHNMHB01vAgMBAAGjggELMIIBBzAdBgNVHQ4EFgQUUaZC6oV8
-pWg5kT4VoAkNH5etnF8wgdcGA1UdIwSBzzCBzIAUUaZC6oV8pWg5kT4VoAkNH5et
-nF+hgaikgaUwgaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRQw
-EgYDVQQHEwtTYW50YSBDbGFyYTEXMBUGA1UEChMOSHVkc29uIHByb2plY3QxFzAV
-BgNVBAsTDkh1ZHNvbiBSb290IENBMRcwFQYDVQQDEw5IdWRzb24gUm9vdCBDQTEd
-MBsGCSqGSIb3DQEJARYOaHVkc29uQHN1bi5jb22CCQCJiy+K4AvjuzAMBgNVHRME
-BTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAYAYVICF98VHVt/0L8MjxKtuHNjZ2q
-5Wius5tT+uWufer5y083YGlnQzch/622NNR14koJMioD0FR3XqEGeakJexB3hj3K
-Iqp7+nkqFcjZycujGTsix6zJ8Mwc2lHbCTt5EZsr5YYzeT6IWbeOofsRBsqA1Ygc
-L6pT0oFf1nl+RKxa0EANj6RO9fOjAp9cTndZjynvE8J8S1RDPC98IRmSCiwZKCQc
-9KE6D+Sk9XZO3pff6NGo8DA1MOoMGB8lxXWZxMvqkaZdB6UTnvWsvPvpqwFA/mj0
-M/hYpqAOSqTttQMLuQBuYj5YbPjh0843azZXP5xm62TK+E+q7sdedeuA
------END CERTIFICATE-----
diff --git a/war/src/main/webapp/WEB-INF/update-center-rootCAs/hudson-community.txt b/war/src/main/webapp/WEB-INF/update-center-rootCAs/hudson-community.txt
deleted file mode 100644
index a2db540657..0000000000
--- a/war/src/main/webapp/WEB-INF/update-center-rootCAs/hudson-community.txt
+++ /dev/null
@@ -1 +0,0 @@
-This root CA is used to hand out certificates to the community members, allowing people to run update centers without using an expensive regular certificates from vendors like VeriSign.
diff --git a/war/src/main/webapp/WEB-INF/update-center-rootCAs/jenkins-update-center-root-ca-2 b/war/src/main/webapp/WEB-INF/update-center-rootCAs/jenkins-update-center-root-ca-2
new file mode 100644
index 0000000000..62a3140029
--- /dev/null
+++ b/war/src/main/webapp/WEB-INF/update-center-rootCAs/jenkins-update-center-root-ca-2
@@ -0,0 +1,34 @@
+-----BEGIN CERTIFICATE-----
+MIIF6TCCA9GgAwIBAgIJAODsOx91KoaMMA0GCSqGSIb3DQEBCwUAMIGKMQswCQYD
+VQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTERMA8GA1UEBwwIU2FuIEpvc2Ux
+GDAWBgNVBAoMD0plbmtpbnMgUHJvamVjdDEaMBgGA1UEAwwRS29oc3VrZSBLYXdh
+Z3VjaGkxHTAbBgkqhkiG9w0BCQEWDmtrQGtvaHN1a2Uub3JnMB4XDTE4MDQwODE5
+NTcxMFoXDTI4MDQwNTE5NTcxMFowgYoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApD
+YWxpZm9ybmlhMREwDwYDVQQHDAhTYW4gSm9zZTEYMBYGA1UECgwPSmVua2lucyBQ
+cm9qZWN0MRowGAYDVQQDDBFLb2hzdWtlIEthd2FndWNoaTEdMBsGCSqGSIb3DQEJ
+ARYOa2tAa29oc3VrZS5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
+AQDFlDbPDKOdbqNdxTdVUkCsSAqbl/K+c0Q9BR43P1KUsUbKnNlZalibgE0clduz
+W75lwH7Qt7qqNXJIy4qR3ETS45fxgtg2lJdVCOV0i3PhigdyBWbHmD7/ER/LTAfN
+Z2HOOrujZ3giz6vo2eTluNk4zmIW8YBaf6j67GyWMd1Mnx/t6G7DWvZRXQS7HSXt
+mPsbBzDB4Z6WdIlR5EYsqnw55Lb0h2Bh4RWg6RWL9Vxxc4z+EUT8hH2VBLbm5sAJ
+avS5kgCZM72VqREdxb7LleqgetLC9WJ3wGoW6RmrCMIN9Ast5WGI91JE1VQh7i8y
+AZG626hJp/Ax4P0kIQ3nySV+/kzQB1i8kuhRq6pBcVU7flETw44ENaVXJ7IUE3YK
+QghgwDW0Mf5+oSG+t4atOBFxy0VudOLoQ8AHUgsotLMzGOwOluxEunymiSL1AK0V
+7FIXg5tWlcXLvZaY2PQSttvSklYxHjoH+JuiazrOjqu96iLSEyY7JVZ5X2/D2Nv7
+T9JPTvdu1H3vtzr32qbMWV7hAqCR3hSDGCHmmuRDJ5CM4G4G5vQ1XE4dRfzBt+5m
+68ecwRGFp8C2byF5Wn1LyFrYs/uHp99TL/DMpqXBfc9z7oQZI2zzPmji5dC9qnD3
+P5+k2ksuEURK8AJAf5f17sjUfsjQAPSUMaKVKzmrszL2PQIDAQABo1AwTjAdBgNV
+HQ4EFgQUEcbl1DAt6VXGAbVrUHLSNn60AYcwHwYDVR0jBBgwFoAUEcbl1DAt6VXG
+AbVrUHLSNn60AYcwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAVBiW
+OrRdGBUKd/Gyb+qdFq3q0YtmfARw3TfO0rL9rtjU6S4aOo+XcmM8TbjHrxnBd0Wx
+2rQhtkZQPcu45LCUYMmseFMM36T4ahDKwrI6l0uJKvGO7W3gg26GP9A7D0x9KpYL
+QemVbwzpG9pQyJJOE+VmgFK1Bk3bDZu9m7FFi2NRmgexvRPS1tpl5WPFRnGY7Duv
+xPAVey33cKxa4malrFdxjI4WiVdtqQu+GPcN6WNJfPhYxeWlcyQGCxqprLLdoG0l
+ncd95evObgj0y6STY7/x29hRguYOnXnOYpJB53Iaard34gL8JV34gyCBkfy48eOD
+D9rw/kdQYUhyxLQnoCS2q4Ueyk/mtnAs/eUE/aFoD0ElX/5CAzL8ZbrRTKgwqmB5
+yP8Wgd/G8du3kRtTWaSc19Wdr6hFOaCfXgvyJvl/S5XaFyJF2lotKdM6O3EGdTOF
+b10ZJSYa/6o6Y4CY4P2J3WHF8uyBPpH92p/csbt4nqPIdQWm0/KGsy2Hr7z+QYvc
+V1ipjxDLCj/RVPRuoGHVeW61Q9FEhatDgryYAq3VWOfazLHE5W/JHZQkcpDJLNdN
+2EWvSD3/jxFUuqbWCBmiy8klzUzN97tKGLDSAsxgW2J+kydvL8souNl+cVV/ttlT
+T1JjZA8VNmdlKiPqf4S9u/kTAojeLB9zU0cTSW0=
+-----END CERTIFICATE-----
diff --git a/war/src/main/webapp/WEB-INF/update-center-rootCAs/jenkins-update-center-root-ca-2.txt b/war/src/main/webapp/WEB-INF/update-center-rootCAs/jenkins-update-center-root-ca-2.txt
new file mode 100644
index 0000000000..0e0f681d1c
--- /dev/null
+++ b/war/src/main/webapp/WEB-INF/update-center-rootCAs/jenkins-update-center-root-ca-2.txt
@@ -0,0 +1,2 @@
+Root CA for the Jenkins community. Used to generate official update center.
+This is the v2 key generated in preparation for the expiration of the v1 key.
-- 
GitLab


From 0a8f961c297491f0993f573c39fe437c5dfd4f20 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 9 Apr 2018 08:50:27 -0700
Subject: [PATCH 314/863] [maven-release-plugin] prepare release jenkins-2.115

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 560191bb54..d68976ed21 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.115-SNAPSHOT</version>
+    <version>2.115</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index ac6459627e..19fb632bba 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.115-SNAPSHOT</version>
+    <version>2.115</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index c8651d69ad..6235776ea6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.115-SNAPSHOT</version>
+  <version>2.115</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.115</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 811bc5f8f7..165ee467f3 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.115-SNAPSHOT</version>
+    <version>2.115</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 5ec28e4a4b..fdd948458d 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.115-SNAPSHOT</version>
+    <version>2.115</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From db48500fb8be4c4fd59c1ded088fe48025d4735d Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 9 Apr 2018 08:50:27 -0700
Subject: [PATCH 315/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d68976ed21..c5bbdf47c4 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.115</version>
+    <version>2.116-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 19fb632bba..867030da4a 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.115</version>
+    <version>2.116-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 6235776ea6..22d4818b94 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.115</version>
+  <version>2.116-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.115</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 165ee467f3..03b821ca3e 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.115</version>
+    <version>2.116-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index fdd948458d..1c3f263960 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.115</version>
+    <version>2.116-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 711b89d535c6df28812be685aeeca21841091d37 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 9 Apr 2018 13:39:14 -0700
Subject: [PATCH 316/863] [maven-release-plugin] prepare release
 jenkins-2.107.2

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index a486cdf879..7bfd65133f 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.2-SNAPSHOT</version>
+    <version>2.107.2</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 4b10848e0c..13f3871c80 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.2-SNAPSHOT</version>
+    <version>2.107.2</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 7b04434647..b22c5bf7d0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.107.2-SNAPSHOT</version>
+  <version>2.107.2</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.107.2</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 80167d7e3f..76bd74d2c0 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.2-SNAPSHOT</version>
+    <version>2.107.2</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 3d411bd395..21fc61aedb 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.2-SNAPSHOT</version>
+    <version>2.107.2</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 15f901bc4cab41b3132185558752a9d5c9e78679 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 9 Apr 2018 13:39:14 -0700
Subject: [PATCH 317/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 7bfd65133f..37a2d405c9 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.2</version>
+    <version>2.107.3-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 13f3871c80..9bb4289755 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.2</version>
+    <version>2.107.3-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index b22c5bf7d0..d59c514303 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.107.2</version>
+  <version>2.107.3-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.107.2</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 76bd74d2c0..f61be09ff5 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.2</version>
+    <version>2.107.3-SNAPSHOT</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 21fc61aedb..8425ca42b5 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.2</version>
+    <version>2.107.3-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 9c4c4627d06cb0f60ae37ee259eadb14de07a6d2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=94=90=E6=98=8E?= <hummerstudio@163.com>
Date: Tue, 10 Apr 2018 10:00:29 +0800
Subject: [PATCH 318/863] fix translation error
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

"连接"应为“链接”
---
 .../main/resources/hudson/model/Job/permalinks_zh_CN.properties | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/hudson/model/Job/permalinks_zh_CN.properties b/core/src/main/resources/hudson/model/Job/permalinks_zh_CN.properties
index f7ce595cdf..e5d6f08317 100644
--- a/core/src/main/resources/hudson/model/Job/permalinks_zh_CN.properties
+++ b/core/src/main/resources/hudson/model/Job/permalinks_zh_CN.properties
@@ -20,6 +20,6 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Permalinks=\u76F8\u5173\u8FDE\u63A5
+Permalinks=\u76F8\u5173\u94FE\u63A5
 Restrict\ where\ this\ project\ can\ be\ run=\u9650\u5236\u9879\u76EE\u7684\u8FD0\u884C\u8282\u70B9
 Label\ Expression=\u6807\u7B7E\u8868\u8FBE\u5F0F
-- 
GitLab


From 2e4b7cdb80c5b13df4f20b842a2c2b0c961594a8 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 9 Apr 2018 20:00:28 -0700
Subject: [PATCH 319/863] [maven-release-plugin] prepare release jenkins-2.116

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index c5bbdf47c4..27b9cde975 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.116-SNAPSHOT</version>
+    <version>2.116</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 867030da4a..817df454ba 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.116-SNAPSHOT</version>
+    <version>2.116</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 22d4818b94..90508d9b31 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.116-SNAPSHOT</version>
+  <version>2.116</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.116</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 03b821ca3e..659d7ac4fe 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.116-SNAPSHOT</version>
+    <version>2.116</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 1c3f263960..6fd6fc842a 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.116-SNAPSHOT</version>
+    <version>2.116</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 1fef68ec3e165bdefff3cb398638a6fa0dba67e1 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 9 Apr 2018 20:00:28 -0700
Subject: [PATCH 320/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 27b9cde975..0fb0dedce6 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.116</version>
+    <version>2.117-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 817df454ba..da228319b2 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.116</version>
+    <version>2.117-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 90508d9b31..018197223c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.116</version>
+  <version>2.117-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.116</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 659d7ac4fe..4f6a4b33e6 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.116</version>
+    <version>2.117-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 6fd6fc842a..01ea9cee2e 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.116</version>
+    <version>2.117-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From eb44e1ff7e33aa4639d32b7df034a9715be0e710 Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Wed, 11 Apr 2018 15:08:19 +0800
Subject: [PATCH 321/863] Add Chinese translation for Rename action.

---
 .../confirm-rename_zh_CN.properties           | 25 +++++++++++++++++++
 .../RenameAction/action_zh_CN.properties      | 23 +++++++++++++++++
 2 files changed, 48 insertions(+)
 create mode 100644 core/src/main/resources/hudson/model/AbstractItem/confirm-rename_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/model/RenameAction/action_zh_CN.properties

diff --git a/core/src/main/resources/hudson/model/AbstractItem/confirm-rename_zh_CN.properties b/core/src/main/resources/hudson/model/AbstractItem/confirm-rename_zh_CN.properties
new file mode 100644
index 0000000000..67fed55f7c
--- /dev/null
+++ b/core/src/main/resources/hudson/model/AbstractItem/confirm-rename_zh_CN.properties
@@ -0,0 +1,25 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+DescribeRename=\u91cd\u547d\u540d {0} {1}
+NewName=\u65b0\u540d\u79f0
+Rename=\u91cd\u547d\u540d
diff --git a/core/src/main/resources/jenkins/model/RenameAction/action_zh_CN.properties b/core/src/main/resources/jenkins/model/RenameAction/action_zh_CN.properties
new file mode 100644
index 0000000000..758882859f
--- /dev/null
+++ b/core/src/main/resources/jenkins/model/RenameAction/action_zh_CN.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Rename=\u91cd\u547d\u540d
-- 
GitLab


From e4f2ed89dbafa9173c73f3909c5ea867b9468cb0 Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Thu, 12 Apr 2018 15:00:47 +0800
Subject: [PATCH 322/863] Add Chinese translation for abstract project

---
 .../AbstractItem/noWorkspace_zh_CN.properties |  7 ++
 .../hudson/scm/Messages_zh_CN.properties      | 26 +++++++
 .../ArtifactArchiver/config_zh_CN.properties  |  5 ++
 .../tasks/BatchFile/config_zh_CN.properties   |  1 +
 .../BuildTrigger/config_zh_CN.properties      |  2 +
 .../Fingerprinter/config_zh_CN.properties     | 23 ++++++
 .../tasks/Maven/config_zh_CN.properties       | 32 ++++++++
 .../hudson/tasks/Messages_zh_CN.properties    | 78 +++++++++++++++++++
 .../tasks/Shell/config_zh_CN.properties       | 25 ++++++
 .../hudson/triggers/Messages_zh_CN.properties | 36 +++++++++
 .../BuildAction/index_zh_CN.properties        | 26 +++++++
 .../SCMAction/index_zh_CN.properties          |  2 +-
 .../SCMTrigger/config_zh_CN.properties        |  1 +
 .../SCMTrigger/global_zh_CN.properties        | 24 ++++++
 .../config-details_zh_CN.properties           | 23 ++++++
 .../triggers/Messages_zh_CN.properties        | 24 ++++++
 .../config_zh_CN.properties                   | 26 +++++++
 17 files changed, 360 insertions(+), 1 deletion(-)
 create mode 100644 core/src/main/resources/hudson/scm/Messages_zh_CN.properties
 create mode 100644 core/src/main/resources/hudson/tasks/Fingerprinter/config_zh_CN.properties
 create mode 100644 core/src/main/resources/hudson/tasks/Maven/config_zh_CN.properties
 create mode 100644 core/src/main/resources/hudson/tasks/Messages_zh_CN.properties
 create mode 100644 core/src/main/resources/hudson/tasks/Shell/config_zh_CN.properties
 create mode 100644 core/src/main/resources/hudson/triggers/Messages_zh_CN.properties
 create mode 100644 core/src/main/resources/hudson/triggers/SCMTrigger/BuildAction/index_zh_CN.properties
 create mode 100644 core/src/main/resources/hudson/triggers/SCMTrigger/global_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/model/BuildDiscarderProperty/config-details_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/triggers/Messages_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/triggers/ReverseBuildTrigger/config_zh_CN.properties

diff --git a/core/src/main/resources/hudson/model/AbstractItem/noWorkspace_zh_CN.properties b/core/src/main/resources/hudson/model/AbstractItem/noWorkspace_zh_CN.properties
index cb9247d617..44e806f922 100644
--- a/core/src/main/resources/hudson/model/AbstractItem/noWorkspace_zh_CN.properties
+++ b/core/src/main/resources/hudson/model/AbstractItem/noWorkspace_zh_CN.properties
@@ -24,3 +24,10 @@ Error\:\ no\ workspace=\u9519\u8BEF\uFF1A\u6CA1\u6709\u5DE5\u4F5C\u7A7A\u95F4
 There's\ no\ workspace\ for\ this\ project.\ Possible\ reasons\ are\:=\u6B64\u9879\u76EE\u6CA1\u6709\u5DE5\u4F5C\u7A7A\u95F4\u3002\u53EF\u80FD\u7684\u539F\u56E0\u5982\u4E0B\uFF1A
 li3=\u6B64\u5DE5\u4F5C\u7A7A\u95F4\u7684\u76EE\u5F55({0})\u5728Jenkins\u4E4B\u5916\u88AB\u79FB\u9664
 text=<a href="{0}/{1}build">\u6267\u884C\u6784\u5EFA</a>\u4F7FJenkins\u521B\u5EFA\u5DE5\u4F5C\u533A
+A\ project\ won't\ have\ any\ workspace\ until\ at\ least\ one\ build\ is\ performed.=\u5de5\u7a0b\u81f3\u5c11\u6267\u884c\u8fc7\u4e00\u6b21\u624d\u4f1a\u6709\u5de5\u4f5c\u7a7a\u95f4\u3002
+The\ project\ was\ renamed\ recently\ and\ no\ build\ was\ done\ under\ the\ new\ name.=\
+  \u5f53\u524d\u5de5\u7a0b\u6700\u8fd1\u91cd\u547d\u540d\u8fc7\uff0c\u800c\u4e14\u4e4b\u540e\u6ca1\u6709\u6784\u5efa\u8fc7\u3002
+The\ agent\ this\ project\ has\ run\ on\ for\ the\ last\ time\ was\ removed.=\
+  \u6700\u8fd1\u8fd0\u884c\u4e86\u5f53\u524d\u5de5\u7a0b\u7684\u8282\u70b9\u88ab\u79fb\u9664\u3002
+The\ workspace\ was\ wiped\ out\ and\ no\ build\ has\ been\ done\ since\ then.=\
+  \u5de5\u4f5c\u7a7a\u95f4\u6e05\u7a7a\u540e\u6ca1\u6709\u518d\u6b21\u6784\u5efa\u3002
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/scm/Messages_zh_CN.properties b/core/src/main/resources/hudson/scm/Messages_zh_CN.properties
new file mode 100644
index 0000000000..1068a5a268
--- /dev/null
+++ b/core/src/main/resources/hudson/scm/Messages_zh_CN.properties
@@ -0,0 +1,26 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+NullSCM.DisplayName=\u65e0
+SCM.Permissions.Title=SCM
+SCM.TagPermission.Description=\
+  \u8be5\u6743\u9650\u5141\u8bb8\u7528\u6237\u5728\u4ee3\u7801\u5e93\u4e2d\u7ed9\u6307\u5b9a\u7684\u6784\u5efa\u521b\u5efa\u65b0\u7684\u6807\u7b7e
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/tasks/ArtifactArchiver/config_zh_CN.properties b/core/src/main/resources/hudson/tasks/ArtifactArchiver/config_zh_CN.properties
index 93a85cee7b..092c8dcf29 100644
--- a/core/src/main/resources/hudson/tasks/ArtifactArchiver/config_zh_CN.properties
+++ b/core/src/main/resources/hudson/tasks/ArtifactArchiver/config_zh_CN.properties
@@ -22,3 +22,8 @@
 
 Excludes=\u4e0d\u5305\u542b
 Files\ to\ archive=\u7528\u4e8e\u5b58\u6863\u7684\u6587\u4ef6
+allowEmptyArchive=\u5f52\u6863\u4e3a\u7a7a\u65f6\u4e0d\u5f15\u8d77\u6784\u5efa\u5931\u8d25
+onlyIfSuccessful=\u53ea\u6709\u6784\u5efa\u6210\u529f\u65f6\u5f52\u6863
+Fingerprint\ all\ archived\ artifacts=\u8bb0\u5f55\u6240\u6709\u5f52\u6863\u6210\u54c1\u7684\u6307\u7eb9
+defaultExcludes=\u4f7f\u7528\u9ed8\u8ba4\u7684\u6392\u9664
+caseSensitive=\u5305\u542b\u548c\u6392\u9664\u6a21\u5f0f\u5927\u5c0f\u5199\u654f\u611f
diff --git a/core/src/main/resources/hudson/tasks/BatchFile/config_zh_CN.properties b/core/src/main/resources/hudson/tasks/BatchFile/config_zh_CN.properties
index 0ae2866a5e..41ec23db58 100644
--- a/core/src/main/resources/hudson/tasks/BatchFile/config_zh_CN.properties
+++ b/core/src/main/resources/hudson/tasks/BatchFile/config_zh_CN.properties
@@ -22,3 +22,4 @@
 
 Command=\u547D\u4EE4
 description=\u53C2\u9605 <a href="{0}/env-vars.html" target=_new>\u53EF\u7528\u73AF\u5883\u53D8\u91CF\u5217\u8868</a>
+ERRORLEVEL\ to\ set\ build\ unstable=\u8bbe\u7f6e\u4e3a\u6784\u5efa\u4e0d\u7a33\u5b9a\u65f6\u7684\u9000\u51fa\u7801
diff --git a/core/src/main/resources/hudson/tasks/BuildTrigger/config_zh_CN.properties b/core/src/main/resources/hudson/tasks/BuildTrigger/config_zh_CN.properties
index eb304144f5..33980b1beb 100644
--- a/core/src/main/resources/hudson/tasks/BuildTrigger/config_zh_CN.properties
+++ b/core/src/main/resources/hudson/tasks/BuildTrigger/config_zh_CN.properties
@@ -21,4 +21,6 @@
 # THE SOFTWARE.
 
 Projects\ to\ build=\u8981\u6784\u5EFA\u7684\u9879\u76EE
+Trigger\ only\ if\ build\ is\ stable=\u53ea\u6709\u6784\u5efa\u7a33\u5b9a\u65f6\u89e6\u53d1
 Trigger\ even\ if\ the\ build\ is\ unstable=\u5728\u6784\u5EFA\u4E0D\u7A33\u5B9A\u65F6\u4F9D\u7136\u89E6\u53D1
+Trigger\ even\ if\ the\ build\ fails=\u5373\u4f7f\u6784\u5efa\u5931\u8d25\u65f6\u4e5f\u4f1a\u89e6\u53d1
diff --git a/core/src/main/resources/hudson/tasks/Fingerprinter/config_zh_CN.properties b/core/src/main/resources/hudson/tasks/Fingerprinter/config_zh_CN.properties
new file mode 100644
index 0000000000..1307cef9f5
--- /dev/null
+++ b/core/src/main/resources/hudson/tasks/Fingerprinter/config_zh_CN.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Files\ to\ fingerprint=\u9700\u8981\u8bb0\u5f55\u6307\u7eb9\u7684\u6587\u4ef6
diff --git a/core/src/main/resources/hudson/tasks/Maven/config_zh_CN.properties b/core/src/main/resources/hudson/tasks/Maven/config_zh_CN.properties
new file mode 100644
index 0000000000..194842f59b
--- /dev/null
+++ b/core/src/main/resources/hudson/tasks/Maven/config_zh_CN.properties
@@ -0,0 +1,32 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Default=\u9ed8\u8ba4
+JVM\ Options=Java\u865a\u62df\u673a\u53c2\u6570
+Settings\ file=\u914d\u7f6e\u6587\u4ef6
+Goals=\u76ee\u6807
+POM=POM
+Global\ Settings\ file=\u5168\u5c40\u914d\u7f6e\u6587\u4ef6
+Use\ private\ Maven\ repository=\u4f7f\u7528Maven\u79c1\u6709\u4ed3\u5e93
+Properties=\u5c5e\u6027
+Maven\ Version=Maven \u7248\u672c
+Inject\ build\ variables=\u6ce8\u5165\u6784\u5efa\u53d8\u91cf
diff --git a/core/src/main/resources/hudson/tasks/Messages_zh_CN.properties b/core/src/main/resources/hudson/tasks/Messages_zh_CN.properties
new file mode 100644
index 0000000000..4f86fe4287
--- /dev/null
+++ b/core/src/main/resources/hudson/tasks/Messages_zh_CN.properties
@@ -0,0 +1,78 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Ant.DisplayName=\u8c03\u7528 Ant
+Ant.ExecFailed=\u547d\u4ee4\u6267\u884c\u5931\u8d25\u3002
+Ant.ExecutableNotFound=\u5728\u4f60\u6240\u9009\u7684 Ant \u76ee\u5f55 "{0}" \u4e2d\u627e\u4e0d\u5230\u53ef\u6267\u884c\u811a\u672c
+Ant.GlobalConfigNeeded=\u4f60\u53ef\u80fd\u9700\u8981\u914d\u7f6e Ant \u5b89\u88c5\u76ee\u5f55\uff1f
+Ant.NotADirectory={0} \u4e0d\u662f\u76ee\u5f55
+Ant.NotAntDirectory={0} \u4f3c\u4e4e\u4e0d\u662f Ant \u76ee\u5f55
+Ant.ProjectConfigNeeded=\u4f60\u53ef\u80fd\u9700\u8981\u5728\u4efb\u52a1\u4e2d\u9009\u62e9\u5df2\u7ecf\u914d\u7f6e\u597d\u7684\u5b89\u88c5\u76ee\u5f55\uff1f
+
+ArtifactArchiver.ARCHIVING_ARTIFACTS=\u5f52\u6863\u6210\u54c1
+ArtifactArchiver.DisplayName=\u5f52\u6863\u6210\u54c1
+ArtifactArchiver.SkipBecauseOnlyIfSuccessful=\u7531\u4e8e\u6784\u5efa\u5931\u8d25\u800c\u8df3\u8fc7\u5f52\u6863
+ArtifactArchiver.NoMatchFound=\u6839\u636e\u6587\u4ef6\u6a21\u5f0f "{0}"\u65e0\u6cd5\u5339\u914d\u5230\u6210\u54c1\u3002\u662f\u5426\u914d\u7f6e\u6709\u8bef\uff1f
+
+BatchFile.DisplayName=\u6267\u884c Windows \u6279\u5904\u7406\u547d\u4ee4
+BatchFile.invalid_exit_code_range=\u975e\u6cd5\u7684\u9000\u51fa\u7801: {0}\u3002\u8bf7\u67e5\u770b\u5e2e\u52a9
+BatchFile.invalid_exit_code_zero=\u9000\u51fa\u7801\u4e3a0\u65f6\u5ffd\u7565\uff0c\u4e0d\u4f1a\u4f7f\u5f97\u6784\u5efa\u4e0d\u7a33\u5b9a
+
+BuildTrigger.Disabled={0} \u88ab\u7981\u7528\u3002\u89e6\u53d1\u88ab\u8df3\u8fc7
+BuildTrigger.DisplayName=\u6784\u5efa\u5176\u4ed6\u5de5\u7a0b
+BuildTrigger.InQueue={0} \u5df2\u7ecf\u5728\u961f\u5217\u4e2d
+BuildTrigger.NoSuchProject=\u6ca1\u6709\u8fd9\u4e2a\u5de5\u7a0b \u2018{0}\u2019\u3002 \u4f60\u6307\u5b9a\u662f \u2018{1}\u2019?
+BuildTrigger.NoProjectSpecified=\u6ca1\u6709\u6307\u5b9a\u5de5\u7a0b
+BuildTrigger.NotBuildable={0} \u4e0d\u53ef\u6784\u5efa
+BuildTrigger.Triggering=\u89e6\u53d1\u65b0\u7684\u6784\u5efa {0}
+BuildTrigger.you_have_no_permission_to_build_=\u4f60\u6ca1\u6709\u6784\u5efa {0} \u7684\u6743\u9650
+
+CommandInterpreter.CommandFailed=\u547d\u4ee4\u6267\u884c\u5931\u8d25
+CommandInterpreter.UnableToDelete=\u65e0\u6cd5\u5220\u9664\u811a\u672c\u6587\u4ef6 {0}
+CommandInterpreter.UnableToProduceScript=\u4e0d\u80fd\u591f\u4ea7\u751f\u811a\u672c\u6587\u4ef6
+
+Fingerprinter.Aborted=\u4e2d\u6b62
+Fingerprinter.Action.DisplayName=\u67e5\u770b\u6307\u7eb9
+Fingerprinter.DigestFailed=\u8ba1\u7b97 {0} \u7684\u6458\u8981\u5931\u8d25
+Fingerprinter.DisplayName=\u8bb0\u5f55\u6587\u4ef6\u7684\u6307\u7eb9\u7528\u4e8e\u8ffd\u8e2a
+Fingerprinter.Failed=\u8bb0\u5f55\u6307\u7eb9\u5931\u8d25
+Fingerprinter.FailedFor=\u8bb0\u5f55 {0} \u7684\u6307\u7eb9\u5931\u8d25
+Fingerprinter.Recording=\u8bb0\u5f55\u6307\u7eb9
+
+InstallFromApache=\u4ece Apache \u5b89\u88c5
+
+JavadocArchiver.DisplayName=\u53d1\u5e03 Javadoc
+JavadocArchiver.DisplayName.Generic=\u6587\u6863
+JavadocArchiver.DisplayName.Javadoc=Javadoc
+TestJavadocArchiver.DisplayName.Javadoc=\u6d4b\u8bd5 Javadoc
+JavadocArchiver.NoMatchFound=\u5728 {0}: {1} \u4e2d\u627e\u4e0d\u5230 JavaDoc
+JavadocArchiver.Publishing=\u53d1\u5e03 Javadoc
+JavadocArchiver.UnableToCopy=\u65e0\u6cd5\u4ece {0} \u62f7\u8d1d Javadoc \u5230 {1}
+
+Maven.DisplayName=\u8c03\u7528\u9876\u5c42 Maven \u76ee\u6807
+Maven.ExecFailed=\u547d\u4ee4\u6267\u884c\u5931\u8d25
+Maven.NotMavenDirectory={0} \u4f3c\u4e4e\u4e0d\u662f\u4e00\u4e2a Maven \u76ee\u5f55
+Maven.NoExecutable=\u5728 {0} \u4e2d\u627e\u4e0d\u5230\u4efb\u4f55\u53ef\u6267\u884c\u811a\u672c
+
+Shell.DisplayName=\u6267\u884c shell
+Shell.invalid_exit_code_range=\u975e\u6cd5\u7684\u9000\u51fa\u7801: {0}\u3002\u8bf7\u67e5\u770b\u5e2e\u52a9
+Shell.invalid_exit_code_zero=\u9000\u51fa\u7801\u4e3a0\u65f6\u5ffd\u7565\uff0c\u4e0d\u4f1a\u4f7f\u5f97\u6784\u5efa\u4e0d\u7a33\u5b9a
diff --git a/core/src/main/resources/hudson/tasks/Shell/config_zh_CN.properties b/core/src/main/resources/hudson/tasks/Shell/config_zh_CN.properties
new file mode 100644
index 0000000000..0d3c0ae02a
--- /dev/null
+++ b/core/src/main/resources/hudson/tasks/Shell/config_zh_CN.properties
@@ -0,0 +1,25 @@
+# The MIT License
+# 
+# Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi
+# 
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+# 
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Command=\u547d\u4ee4
+description=\u67e5\u770b <a href="{0}/env-vars.html" target=_new>\u53ef\u7528\u7684\u73af\u5883\u53d8\u91cf\u5217\u8868</a>
+Exit\ code\ to\ set\ build\ unstable=\u8bbe\u7f6e\u4e3a\u6784\u5efa\u4e0d\u7a33\u5b9a\u65f6\u7684\u9000\u51fa\u7801
diff --git a/core/src/main/resources/hudson/triggers/Messages_zh_CN.properties b/core/src/main/resources/hudson/triggers/Messages_zh_CN.properties
new file mode 100644
index 0000000000..447ed23da3
--- /dev/null
+++ b/core/src/main/resources/hudson/triggers/Messages_zh_CN.properties
@@ -0,0 +1,36 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+SCMTrigger.DisplayName=\u8f6e\u8be2 SCM
+SCMTrigger.getDisplayName={0} \u8f6e\u8be2\u65e5\u5fd7
+SCMTrigger.BuildAction.DisplayName=\u8f6e\u8be2\u65e5\u5fd7
+SCMTrigger.no_schedules_no_hooks=\u63d0\u4ea4\u540e\u7684\u94a9\u5b50\u88ab\u5ffd\u7565\uff0c\u5e76\u4e14\u65e0\u8ba1\u5212\uff0c\u56e0\u6b64 SCM \u53d8\u66f4\u4e5f\u4e0d\u4f1a\u8fd0\u884c
+SCMTrigger.no_schedules_hooks=\u65e0\u8ba1\u5212\uff0c\u56e0\u6b64\u53ea\u6709\u88ab post-commit \u94a9\u5b50\u89e6\u53d1\u540e\u8fd0\u884c
+SCMTrigger.SCMTriggerCause.ShortDescription=\u7531 SCM \u53d8\u66f4\u542f\u52a8
+TimerTrigger.DisplayName=\u5b9a\u65f6\u6784\u5efa
+TimerTrigger.MissingWhitespace=\u5728 * \u548c * \u4e4b\u95f4\u7f3a\u5c11\u7a7a\u683c\u3002
+TimerTrigger.no_schedules_so_will_never_run=\u65e0\u8ba1\u5212\u56e0\u6b64\u4e0d\u4f1a\u8fd0\u884c
+TimerTrigger.TimerTriggerCause.ShortDescription=\u7531\u5b9a\u65f6\u5668\u542f\u52a8
+TimerTrigger.would_last_have_run_at_would_next_run_at=\u4e0a\u6b21\u8fd0\u884c\u7684\u65f6\u95f4 {0}; \u4e0b\u6b21\u8fd0\u884c\u7684\u65f6\u95f4 {1}.
+TimerTrigger.the_specified_cron_tab_is_rare_or_impossible=\u8be5\u8ba1\u5212\u53ea\u4f1a\u5339\u914d\u65e5\u671f\uff08\u4f8b\u5982\uff1a2\u670829\u65e5\uff09\u800c\u4e0d\u662f\uff08\u516d\u670831\u65e5\uff09\uff0c\u56e0\u6b64\u8be5\u4efb\u52a1\u5f88\u5c11\u88ab\u89e6\u53d1\u3002
+Trigger.init=\u4e3a\u89e6\u53d1\u5668\u521d\u59cb\u5316\u5b9a\u65f6\u5668
+SCMTrigger.AdministrativeMonitorImpl.DisplayName=SCM \u8f6e\u8be2\u7ebf\u7a0b\u8fc7\u591a
diff --git a/core/src/main/resources/hudson/triggers/SCMTrigger/BuildAction/index_zh_CN.properties b/core/src/main/resources/hudson/triggers/SCMTrigger/BuildAction/index_zh_CN.properties
new file mode 100644
index 0000000000..56e0951381
--- /dev/null
+++ b/core/src/main/resources/hudson/triggers/SCMTrigger/BuildAction/index_zh_CN.properties
@@ -0,0 +1,26 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+blurb=\
+  \u8be5\u9875\u9762\u6355\u83b7\u5df2\u89e6\u53d1\u6784\u5efa\u7684\u8f6e\u8be2\u65e5\u5fd7\u3002
+Polling\ Log=\u8f6e\u8be2\u65e5\u5fd7
+View\ as\ plain\ text=\u4ee5\u666e\u901a\u6587\u672c\u7684\u65b9\u5f0f\u67e5\u770b
diff --git a/core/src/main/resources/hudson/triggers/SCMTrigger/SCMAction/index_zh_CN.properties b/core/src/main/resources/hudson/triggers/SCMTrigger/SCMAction/index_zh_CN.properties
index 6a139eb916..3a75fb402c 100644
--- a/core/src/main/resources/hudson/triggers/SCMTrigger/SCMAction/index_zh_CN.properties
+++ b/core/src/main/resources/hudson/triggers/SCMTrigger/SCMAction/index_zh_CN.properties
@@ -1,3 +1,3 @@
 # This file is under the MIT License by authors
 
-title=9999999999999
+title={0}
diff --git a/core/src/main/resources/hudson/triggers/SCMTrigger/config_zh_CN.properties b/core/src/main/resources/hudson/triggers/SCMTrigger/config_zh_CN.properties
index 3e87810019..f583bfb3f4 100644
--- a/core/src/main/resources/hudson/triggers/SCMTrigger/config_zh_CN.properties
+++ b/core/src/main/resources/hudson/triggers/SCMTrigger/config_zh_CN.properties
@@ -21,3 +21,4 @@
 # THE SOFTWARE.
 
 Schedule=\u65E5\u7A0B\u8868
+Ignore\ post-commit\ hooks=\u5ffd\u7565\u94a9\u5b50 post-commit
diff --git a/core/src/main/resources/hudson/triggers/SCMTrigger/global_zh_CN.properties b/core/src/main/resources/hudson/triggers/SCMTrigger/global_zh_CN.properties
new file mode 100644
index 0000000000..0f3dc59368
--- /dev/null
+++ b/core/src/main/resources/hudson/triggers/SCMTrigger/global_zh_CN.properties
@@ -0,0 +1,24 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Max\ \#\ of\ concurrent\ polling=\u6700\u5927\u8f6e\u8be2\u5e76\u53d1\u6570
+SCM\ Polling=SCM \u8f6e\u8be2
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/model/BuildDiscarderProperty/config-details_zh_CN.properties b/core/src/main/resources/jenkins/model/BuildDiscarderProperty/config-details_zh_CN.properties
new file mode 100644
index 0000000000..0e354ef513
--- /dev/null
+++ b/core/src/main/resources/jenkins/model/BuildDiscarderProperty/config-details_zh_CN.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Strategy=\u7b56\u7565
diff --git a/core/src/main/resources/jenkins/triggers/Messages_zh_CN.properties b/core/src/main/resources/jenkins/triggers/Messages_zh_CN.properties
new file mode 100644
index 0000000000..dbb4c03aa9
--- /dev/null
+++ b/core/src/main/resources/jenkins/triggers/Messages_zh_CN.properties
@@ -0,0 +1,24 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+ReverseBuildTrigger.build_after_other_projects_are_built=\u5176\u4ed6\u5de5\u7a0b\u6784\u5efa\u540e\u89e6\u53d1
+SCMTriggerItem.PollingVetoed=SCM \u8f6e\u8be2\u88ab {0} \u7981\u6b62
diff --git a/core/src/main/resources/jenkins/triggers/ReverseBuildTrigger/config_zh_CN.properties b/core/src/main/resources/jenkins/triggers/ReverseBuildTrigger/config_zh_CN.properties
new file mode 100644
index 0000000000..f8cd64654e
--- /dev/null
+++ b/core/src/main/resources/jenkins/triggers/ReverseBuildTrigger/config_zh_CN.properties
@@ -0,0 +1,26 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Trigger\ even\ if\ the\ build\ is\ unstable=\u5373\u4f7f\u6784\u5efa\u4e0d\u7a33\u5b9a\u65f6\u4e5f\u4f1a\u89e6\u53d1
+Projects\ to\ watch=\u5173\u6ce8\u7684\u9879\u76ee
+Trigger\ only\ if\ build\ is\ stable=\u53ea\u6709\u6784\u5efa\u7a33\u5b9a\u65f6\u89e6\u53d1
+Trigger\ even\ if\ the\ build\ fails=\u5373\u4f7f\u6784\u5efa\u5931\u8d25\u65f6\u4e5f\u4f1a\u89e6\u53d1
-- 
GitLab


From 7c23884c5979c9bebb4bbb7bfa64726bd05c163b Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Thu, 12 Apr 2018 09:45:30 +0200
Subject: [PATCH 323/863] [FIX JENKINS-50748] Handle null arg to jsStringEscape

---
 core/src/main/java/hudson/Functions.java | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/src/main/java/hudson/Functions.java b/core/src/main/java/hudson/Functions.java
index 8462b88994..d416b61095 100644
--- a/core/src/main/java/hudson/Functions.java
+++ b/core/src/main/java/hudson/Functions.java
@@ -1379,6 +1379,7 @@ public class Functions {
     }
 
     public static String jsStringEscape(String s) {
+        if (s == null) return null;
         StringBuilder buf = new StringBuilder();
         for( int i=0; i<s.length(); i++ ) {
             char ch = s.charAt(i);
-- 
GitLab


From 5e8cd50dcbc22d5dfd1e7f907bd658048d6769be Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Thu, 12 Apr 2018 09:45:30 +0200
Subject: [PATCH 324/863] [JENKINS-50748] Handle null arg to jsStringEscape

(cherry picked from commit 7c23884c5979c9bebb4bbb7bfa64726bd05c163b)
---
 core/src/main/java/hudson/Functions.java | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/src/main/java/hudson/Functions.java b/core/src/main/java/hudson/Functions.java
index 8462b88994..d416b61095 100644
--- a/core/src/main/java/hudson/Functions.java
+++ b/core/src/main/java/hudson/Functions.java
@@ -1379,6 +1379,7 @@ public class Functions {
     }
 
     public static String jsStringEscape(String s) {
+        if (s == null) return null;
         StringBuilder buf = new StringBuilder();
         for( int i=0; i<s.length(); i++ ) {
             char ch = s.charAt(i);
-- 
GitLab


From 591c7407d67306479aa8fda756ec5f1e29807e72 Mon Sep 17 00:00:00 2001
From: Mark Waite <mark.earl.waite@gmail.com>
Date: Thu, 12 Apr 2018 11:38:48 -0600
Subject: [PATCH 325/863] Expand contraction in message

Simpler to expand the contraction in the message so that "it's" becomes
"it is" than it is to identify the correct combination of characters to
embed a single quote into a property file.
---
 .../src/main/resources/hudson/node_monitors/Messages.properties | 2 +-
 .../resources/hudson/node_monitors/Messages_pt_BR.properties    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/src/main/resources/hudson/node_monitors/Messages.properties b/core/src/main/resources/hudson/node_monitors/Messages.properties
index 00b905cf66..658a75aeb9 100644
--- a/core/src/main/resources/hudson/node_monitors/Messages.properties
+++ b/core/src/main/resources/hudson/node_monitors/Messages.properties
@@ -26,7 +26,7 @@ DiskSpaceMonitor.MarkedOffline=Making {0} offline temporarily due to the lack of
 DiskSpaceMonitor.MarkedOnline=Putting {0} back online as there is enough disk space again
 DiskSpaceMonitor.DisplayName=Free Disk Space
 ResponseTimeMonitor.DisplayName=Response Time
-ResponseTimeMonitor.MarkedOffline=Making {0} offline because it\u2019s not responding
+ResponseTimeMonitor.MarkedOffline=Making {0} offline because it is not responding
 ResponseTimeMonitor.TimeOut=Timed out for last {0} attempts
 SwapSpaceMonitor.DisplayName=Free Swap Space
 TemporarySpaceMonitor.DisplayName=Free Temp Space
diff --git a/core/src/main/resources/hudson/node_monitors/Messages_pt_BR.properties b/core/src/main/resources/hudson/node_monitors/Messages_pt_BR.properties
index 5f7378571e..ee3fe55606 100644
--- a/core/src/main/resources/hudson/node_monitors/Messages_pt_BR.properties
+++ b/core/src/main/resources/hudson/node_monitors/Messages_pt_BR.properties
@@ -33,7 +33,7 @@ ResponseTimeMonitor.DisplayName=Tempo de resposta
 DiskSpaceMonitor.MarkedOffline=Temporariamente indispon\u00edvel por falta de espa\u00e7o em disco
 # Free Swap Space
 SwapSpaceMonitor.DisplayName=Espa\u00e7o de swap livre
-# Making {0} offline temporarily because it''s not responding
+# Making {0} offline temporarily because it is not responding
 ResponseTimeMonitor.MarkedOffline= Indispon\u00edvel temporariamente por que n\u00e3o est\u00e1 respondendo
 # Not yet
 AbstractNodeMonitorDescriptor.NoDataYet=Nada ainda
-- 
GitLab


From 4019ff53e70bd97bb3e512ebcf8376fdc2506de5 Mon Sep 17 00:00:00 2001
From: suren <zxjlwt@126.com>
Date: Fri, 13 Apr 2018 16:24:19 +0800
Subject: [PATCH 326/863] Add Chinese translation for installer page

---
 .../jenkins/install/pluginSetupWizard_zh_CN.properties          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/jenkins/install/pluginSetupWizard_zh_CN.properties b/core/src/main/resources/jenkins/install/pluginSetupWizard_zh_CN.properties
index 06da10006b..7032aae00f 100644
--- a/core/src/main/resources/jenkins/install/pluginSetupWizard_zh_CN.properties
+++ b/core/src/main/resources/jenkins/install/pluginSetupWizard_zh_CN.properties
@@ -41,7 +41,7 @@ installWizard_error_connection=\u65e0\u6cd5\u8fde\u63a5\u5230jenkins
 installWizard_error_restartNotSupported=\u4e0d\u652f\u6301\u81ea\u52a8\u91cd\u542f\uff0c\u8bf7\u624b\u52a8\u91cd\u542f\u8be5\u5b9e\u4f8b
 installWizard_installCustom_title=\u65b0\u624b\u5165\u95e8
 installWizard_installCustom_selectAll=\u5168\u90e8
-installWizard_installCustom_selectNone=None
+installWizard_installCustom_selectNone=\u65e0
 installWizard_installCustom_selectRecommended=\u5efa\u8bae
 installWizard_installCustom_selected=\u5df2\u9009\u62e9
 installWizard_installCustom_dependenciesPrefix=\u4f9d\u8d56
-- 
GitLab


From 905ab43dbe162cf52ffa2060fd5353e13c8eb5a5 Mon Sep 17 00:00:00 2001
From: suren <zxjlwt@126.com>
Date: Fri, 13 Apr 2018 16:27:56 +0800
Subject: [PATCH 327/863] Typo fixed

---
 .../pluginSetupWizard_zh_CN.properties        | 32 +++++++++----------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/core/src/main/resources/jenkins/install/pluginSetupWizard_zh_CN.properties b/core/src/main/resources/jenkins/install/pluginSetupWizard_zh_CN.properties
index 7032aae00f..ca1b4b0bda 100644
--- a/core/src/main/resources/jenkins/install/pluginSetupWizard_zh_CN.properties
+++ b/core/src/main/resources/jenkins/install/pluginSetupWizard_zh_CN.properties
@@ -22,22 +22,22 @@
 # THE SOFTWARE.
 
 installWizard_welcomePanel_title=\u65b0\u624b\u5165\u95e8
-installWizard_welcomePanel_banner=\u81ea\u5b9a\u4e49jenkins
-installWizard_welcomePanel_message=\u63d2\u4ef6\u901a\u8fc7\u9644\u52a0\u7279\u6027\u6765\u6269\u5c55jenkins\u4ee5\u6ee1\u8db3\u4e0d\u540c\u7684\u9700\u6c42\u3002
+installWizard_welcomePanel_banner=\u81ea\u5b9a\u4e49Jenkins
+installWizard_welcomePanel_message=\u63d2\u4ef6\u901a\u8fc7\u9644\u52a0\u7279\u6027\u6765\u6269\u5c55Jenkins\u4ee5\u6ee1\u8db3\u4e0d\u540c\u7684\u9700\u6c42\u3002
 installWizard_welcomePanel_recommendedActionTitle=\u5b89\u88c5\u63a8\u8350\u7684\u63d2\u4ef6
-installWizard_welcomePanel_recommendedActionDetails=\u5b89\u88c5jenkins\u793e\u533a\u63a8\u8350\u7684\u63d2\u4ef6\u3002
+installWizard_welcomePanel_recommendedActionDetails=\u5b89\u88c5Jenkins\u793e\u533a\u63a8\u8350\u7684\u63d2\u4ef6\u3002
 installWizard_welcomePanel_customizeActionTitle=\u9009\u62e9\u63d2\u4ef6\u6765\u5b89\u88c5
 installWizard_welcomePanel_customizeActionDetails=\u9009\u62e9\u5e76\u5b89\u88c5\u6700\u9002\u5408\u7684\u63d2\u4ef6\u3002
 installWizard_jenkinsVersionTitle=Jenkins 
 installWizard_offline_title=\u79bb\u7ebf
-installWizard_offline_message=\u8be5jenkins\u5b9e\u4f8b\u4f3c\u4e4e\u5df2\u79bb\u7ebf\u3002\
+installWizard_offline_message=\u8be5Jenkins\u5b9e\u4f8b\u4f3c\u4e4e\u5df2\u79bb\u7ebf\u3002\
 <p style="font-size:18px; margin-top: 6%"> \
-\u53c2\u8003 <a href="https://jenkins.io/redirect/offline-installation" target="_blank">\u79bb\u7ebfjenkins\u5b89\u88c5\u6587\u6863</a>\u4e86\u89e3\u672a\u63a5\u5165\u4e92\u8054\u7f51\u65f6\u5b89\u88c5jenkins\u7684\u66f4\u591a\u4fe1\u606f\u3002<br/><br/> \
+\u53c2\u8003 <a href="https://jenkins.io/redirect/offline-installation" target="_blank">\u79bb\u7ebfJenkins\u5b89\u88c5\u6587\u6863</a>\u4e86\u89e3\u672a\u63a5\u5165\u4e92\u8054\u7f51\u65f6\u5b89\u88c5Jenkins\u7684\u66f4\u591a\u4fe1\u606f\u3002<br/><br/> \
 \u53ef\u4ee5\u901a\u8fc7\u914d\u7f6e\u4e00\u4e2a\u4ee3\u7406\u6216\u8df3\u8fc7\u63d2\u4ef6\u5b89\u88c5\u6765\u9009\u62e9\u7ee7\u7eed\u3002\
 </p>
 installWizard_error_header=\u51fa\u73b0\u4e00\u4e2a\u9519\u8bef
 installWizard_error_message=\u5b89\u88c5\u8fc7\u7a0b\u4e2d\u51fa\u73b0\u4e00\u4e2a\u9519\u8bef\uff1a
-installWizard_error_connection=\u65e0\u6cd5\u8fde\u63a5\u5230jenkins
+installWizard_error_connection=\u65e0\u6cd5\u8fde\u63a5\u5230Jenkins
 installWizard_error_restartNotSupported=\u4e0d\u652f\u6301\u81ea\u52a8\u91cd\u542f\uff0c\u8bf7\u624b\u52a8\u91cd\u542f\u8be5\u5b9e\u4f8b
 installWizard_installCustom_title=\u65b0\u624b\u5165\u95e8
 installWizard_installCustom_selectAll=\u5168\u90e8
@@ -54,14 +54,14 @@ installWizard_installComplete_title=\u65b0\u624b\u5165\u95e8
 installWizard_installComplete_banner=Jenkins\u5df2\u5c31\u7eea\uff01
 installWizard_installComplete_bannerRestart=Jenkins\u5373\u5c06\u5c31\u7eea\uff01
 installWizard_pluginsInstalled_message=\u63d2\u4ef6\u5b89\u88c5\u5df2\u5b8c\u6210\u3002
-installWizard_installComplete_message=jenkins\u5b89\u88c5\u5df2\u5b8c\u6210\u3002
-installWizard_installComplete_finishButtonLabel=\u5f00\u59cb\u4f7f\u7528jenkins
-installWizard_installComplete_installComplete_restartRequiredMessage=jenkins\u5b89\u88c5\u5df2\u5b8c\u6210\uff0c\u4f46\u90e8\u5206\u63d2\u4ef6\u9700\u8981\u91cd\u542fjenkins\u3002
-installWizard_installComplete_installComplete_restartRequiredNotSupportedMessage=jenkins\u5b89\u88c5\u5df2\u5b8c\u6210\uff0c\u4f46\u90e8\u5206\u63d2\u4ef6\u9700\u8981\u91cd\u542fjenkins\uff0c\u8be5\u5b9e\u4f8b\u4f3c\u4e4e\u4e0d\u652f\u6301\u81ea\u52a8\u91cd\u542f\u3002\u8bf7\u73b0\u5728\u624b\u52a8\u91cd\u542f\u5b9e\u4f8b\u4ee5\u5b8c\u6210\u5b89\u88c5\u3002
+installWizard_installComplete_message=Jenkins\u5b89\u88c5\u5df2\u5b8c\u6210\u3002
+installWizard_installComplete_finishButtonLabel=\u5f00\u59cb\u4f7f\u7528Jenkins
+installWizard_installComplete_installComplete_restartRequiredMessage=Jenkins\u5b89\u88c5\u5df2\u5b8c\u6210\uff0c\u4f46\u90e8\u5206\u63d2\u4ef6\u9700\u8981\u91cd\u542fJenkins\u3002
+installWizard_installComplete_installComplete_restartRequiredNotSupportedMessage=Jenkins\u5b89\u88c5\u5df2\u5b8c\u6210\uff0c\u4f46\u90e8\u5206\u63d2\u4ef6\u9700\u8981\u91cd\u542fJenkins\uff0c\u8be5\u5b9e\u4f8b\u4f3c\u4e4e\u4e0d\u652f\u6301\u81ea\u52a8\u91cd\u542f\u3002\u8bf7\u73b0\u5728\u624b\u52a8\u91cd\u542f\u5b9e\u4f8b\u4ee5\u5b8c\u6210\u5b89\u88c5\u3002
 installWizard_installComplete_restartLabel=\u91cd\u542f
 installWizard_installIncomplete_title=\u6062\u590d\u5b89\u88c5
 installWizard_installIncomplete_banner=\u6062\u590d\u5b89\u88c5
-installWizard_installIncomplete_message=jenkins\u5728\u5b89\u88c5\u8fc7\u7a0b\u5df2\u91cd\u542f\uff0c\u90e8\u5206\u63d2\u4ef6\u4f3c\u4e4e\u672a\u5b89\u88c5\u3002
+installWizard_installIncomplete_message=Jenkins\u5728\u5b89\u88c5\u8fc7\u7a0b\u5df2\u91cd\u542f\uff0c\u90e8\u5206\u63d2\u4ef6\u4f3c\u4e4e\u672a\u5b89\u88c5\u3002
 installWizard_installIncomplete_resumeInstallationButtonLabel=\u6062\u590d
 installWizard_saveFirstUser=\u4fdd\u5b58\u5e76\u5b8c\u6210
 installWizard_skipFirstUser=\u4f7f\u7528admin\u8d26\u6237\u7ee7\u7eed
@@ -83,16 +83,16 @@ installWizard_pluginInstallFailure_message=\u90e8\u5206\u63d2\u4ef6\u5b89\u88c5\
 installWizard_continue=\u7ee7\u7eed
 installWizard_retry=\u91cd\u8bd5
 installWizard_upgradePanel_title=\u66f4\u65b0
-installWizard_upgradePanel_banner=\u6b22\u8fce\u4f7f\u7528jenkins {0} \uff01
-installWizard_upgradePanel_message=jenkins {0} \u5305\u62ec\u4e00\u4e9b\u4e0d\u9519\u7684\u65b0\u7279\u6027\uff0c\u6211\u4eec\u8ba4\u4e3a\u4f60\u53ef\u80fd\u4f1a\u559c\u6b22\uff0c\u5b89\u88c5\u8fd9\u4e9b\u9644\u52a0\u63d2\u4ef6\u6765\u4f53\u9a8c\uff01
+installWizard_upgradePanel_banner=\u6b22\u8fce\u4f7f\u7528Jenkins {0} \uff01
+installWizard_upgradePanel_message=Jenkins {0} \u5305\u62ec\u4e00\u4e9b\u4e0d\u9519\u7684\u65b0\u7279\u6027\uff0c\u6211\u4eec\u8ba4\u4e3a\u4f60\u53ef\u80fd\u4f1a\u559c\u6b22\uff0c\u5b89\u88c5\u8fd9\u4e9b\u9644\u52a0\u63d2\u4ef6\u6765\u4f53\u9a8c\uff01
 installWizard_upgradePanel_skipRecommendedPlugins=\u4e0d\uff0c\u8c22\u8c22
 installWizard_upgradeComplete_title=\u66f4\u65b0
-installWizard_pluginsInstalled_banner=\u6b22\u8fce\u4f7f\u7528jenkins {0} \uff01
-installWizard_upgradeComplete_message=\u606d\u559c\uff01\u4f60\u5df2\u66f4\u65b0\u5230jenkins {0} \u3002</p><p>\u8bbf\u95ee<a target="_blank" href="https://jenkins.io/2.0/">jenkins\u7f51\u7ad9</a>\u4e86\u89e3\u66f4\u591a\u65b0\u7279\u6027\u7684\u4fe1\u606f\u3002
+installWizard_pluginsInstalled_banner=\u6b22\u8fce\u4f7f\u7528Jenkins {0} \uff01
+installWizard_upgradeComplete_message=\u606d\u559c\uff01\u4f60\u5df2\u66f4\u65b0\u5230Jenkins {0} \u3002</p><p>\u8bbf\u95ee<a target="_blank" href="https://jenkins.io/2.0/">Jenkins\u7f51\u7ad9</a>\u4e86\u89e3\u66f4\u591a\u65b0\u7279\u6027\u7684\u4fe1\u606f\u3002
 installWizard_upgradeSkipped_title=\u66f4\u65b0
 installWizard_upgradeSkipped_banner=\u7279\u6027\u672a\u5b89\u88c5
 installWizard_upgradeSkipped_message=<div class="alert alert-warning fade in">\u5efa\u8bae\u7684\u63d2\u4ef6\u5c06\u4e0d\u88ab\u5b89\u88c5\u3002</div> \
 <p style="padding: 0 4px">\u5982\u679c\u4f60\u6539\u53d8\u4e3b\u610f\u4e86\uff0c\u8fd8\u53ef\u4ee5\u4ece\u63d2\u4ef6\u7ba1\u7406\u5668\u5b89\u88c5\u65b0\u7279\u6027\u3002</p>\
-<p style="padding: 0 4px">\u8bbf\u95ee<a target="_blank" href="https://jenkins.io/2.0/">jenkins\u5b98\u7f51</a>\uff0c\u4e86\u89e3\u8fd9\u4e9b\u65b0\u7279\u6027\u5982\u4f55\u63d0\u5347jenkins\u4f53\u9a8c\u3002</p>
+<p style="padding: 0 4px">\u8bbf\u95ee<a target="_blank" href="https://jenkins.io/2.0/">Jenkins\u5b98\u7f51</a>\uff0c\u4e86\u89e3\u8fd9\u4e9b\u65b0\u7279\u6027\u5982\u4f55\u63d0\u5347Jenkins\u4f53\u9a8c\u3002</p>
 installWizard_upgrading_title=\u6b63\u5728\u5b89\u88c5\u63d2\u4ef6
 installWizard_upgradeComplete_finishButtonLabel=\u5b8c\u6210
-- 
GitLab


From 5e9b51ad5c6a05ffa751f1a19e1fd6e48ab7e5bc Mon Sep 17 00:00:00 2001
From: suren <zxjlwt@126.com>
Date: Fri, 13 Apr 2018 16:35:42 +0800
Subject: [PATCH 328/863] Ignore file war/yarn-error.log

---
 .gitignore | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.gitignore b/.gitignore
index 60ba89065c..3cde4d575d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -49,4 +49,5 @@ jenkins_*.changes
 *.zip
 push-build.sh
 war/node_modules/
+war/yarn-error.log
 .java-version
-- 
GitLab


From 925096ef2bf0b69df218363a0b81ff0ab7ded67e Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sat, 14 Apr 2018 19:12:41 +0200
Subject: [PATCH 329/863] Winstone 4.2: Update Jetty from 9.4.5 to 9.4.8
 (#3378)

* Winstone 4.2: Update Jetty from 9.4.5 to 9.4.8

* Use the released version of Winstone 4.2
---
 war/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/war/pom.xml b/war/pom.xml
index 01ea9cee2e..673a02c8db 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -89,7 +89,7 @@ THE SOFTWARE.
       -->
       <groupId>org.jenkins-ci</groupId>
       <artifactId>winstone</artifactId>
-      <version>4.1.2</version>
+      <version>4.2</version>
       <scope>test</scope>
     </dependency>
     <dependency>
-- 
GitLab


From 6c4976fa98ffb48377156d1595c64806a31fec5f Mon Sep 17 00:00:00 2001
From: suren <zxjlwt@126.com>
Date: Sun, 15 Apr 2018 01:16:14 +0800
Subject: [PATCH 330/863] Add Chinese translation for basic entry (#3368)

* Add Chinese translation for basic entry

* Delete the comment to avoid error.
---
 .../hudson/model/Messages_zh_CN.properties    | 318 +++++++++++++++++-
 1 file changed, 303 insertions(+), 15 deletions(-)

diff --git a/core/src/main/resources/hudson/model/Messages_zh_CN.properties b/core/src/main/resources/hudson/model/Messages_zh_CN.properties
index c72c791538..943fe0ce7d 100644
--- a/core/src/main/resources/hudson/model/Messages_zh_CN.properties
+++ b/core/src/main/resources/hudson/model/Messages_zh_CN.properties
@@ -1,7 +1,7 @@
 # The MIT License
 # 
 # Copyright (c) 2004-2010, Sun Microsystems, Inc., Kohsuke Kawaguchi,
-# Eric Lefevre-Ardant, Erik Ramfelt, Seiji Sogabe, id:cactusman
+# Eric Lefevre-Ardant, Erik Ramfelt, Seiji Sogabe, id:cactusman, suren
 # 
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -21,10 +21,57 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-FreeStyleProject.DisplayName=\u6784\u5EFA\u4E00\u4E2A\u81EA\u7531\u98CE\u683C\u7684\u8F6F\u4EF6\u9879\u76EE
-FreeStyleProject.Description=\u8FD9\u662FJenkins\u7684\u4E3B\u8981\u529F\u80FD.Jenkins\u5C06\u4F1A\u7ED3\u5408\u4EFB\u4F55SCM\u548C\u4EFB\u4F55\u6784\u5EFA\u7CFB\u7EDF\u6765\u6784\u5EFA\u4F60\u7684\u9879\u76EE, \u751A\u81F3\u53EF\u4EE5\u6784\u5EFA\u8F6F\u4EF6\u4EE5\u5916\u7684\u7CFB\u7EDF.
+AbstractBuild.BuildingRemotely=\u5728\u8fdc\u7a0b\u8282\u70b9 {0} \u4e0a\u6784\u5efa
+AbstractBuild.BuildingOnMaster=\u5728 master \u4e0a\u6784\u5efa
+AbstractBuild_Building=\u6784\u5efa\u4e2d
+AbstractBuild.BuildingInWorkspace=\ \u5728\u5de5\u4f5c\u7a7a\u95f4 {0} \u4e2d
+AbstractBuild.KeptBecause=\u672c\u6b21\u6784\u5efa\u7531\u4e8e {0} \u88ab\u4fdd\u7559\u3002
 
-HealthReport.EmptyString=
+AbstractItem.NoSuchJobExists=\u4efb\u52a1 \u2018{0}\u2019 \u4e0d\u5b58\u5728\u3002\u53ef\u80fd\u662f \u2018{1}\u2019?
+AbstractItem.NoSuchJobExistsWithoutSuggestion=\u4efb\u52a1 \u2018{0}\u2019 \u4e0d\u5b58\u5728\u3002
+AbstractItem.Pronoun=\u4EFB\u52A1
+AbstractItem.TaskNoun=\u6784\u5efa
+AbstractItem.BeingDeleted={0} \u5df2\u7ecf\u88ab\u5220\u9664
+AbstractItem.NewNameInUse=\u8BE5\u547D\u540D {0} \u5DF2\u7ECF\u88AB\u5360\u7528\u3002
+AbstractItem.NewNameUnchanged=\u65b0\u540d\u79f0\u548c\u5f53\u524d\u7684\u4e00\u6837\u3002
+AbstractProject.AssignedLabelString_NoMatch_DidYouMean=\u6ca1\u6709\u5339\u914d\u7684\u4ee3\u7406\u6216\u8005\u4e91\u670d\u52a1\u3002\u4f60\u53ef\u80fd\u60f3\u8981\u7684\u662f \u2018{1}\u2019 \u800c\u4e0d\u662f \u2018{0}\u2019?
+AbstractProject.NewBuildForWorkspace=\u8ba1\u5212\u4e00\u4e2a\u65b0\u7684\u6784\u5efa\u6765\u83b7\u53d6\u5de5\u4f5c\u7a7a\u95f4\u3002
+AbstractProject.AwaitingBuildForWorkspace=\u7b49\u5f85\u6784\u5efa\u6765\u83b7\u53d6\u5de5\u4f5c\u7a7a\u95f4\u3002
+AbstractProject.AwaitingWorkspaceToComeOnline=\u6211\u4eec\u9700\u8981\u8ba1\u5212\u4e00\u4e2a\u65b0\u7684\u6784\u5efa\u6765\u83b7\u53d6\u5de5\u4f5c\u7a7a\u95f4\uff0c\u4f46\u5ef6\u8fdf\u4e86 {0}\u6beb\u79d2\uff0c\u5f88\u5feb\u5c31\u4f1a\u53d8\u6210\u53ef\u7528\u7684\u3002
+AbstractProject.Pronoun=\u5de5\u7a0b
+AbstractProject.Aborted=\u4e2d\u6b62
+AbstractProject.UpstreamBuildInProgress=\u4e0a\u6e38\u5de5\u7a0b {0} \u6b63\u5728\u6784\u5efa\u4e2d\u3002
+AbstractProject.DownstreamBuildInProgress=\u4e0b\u6e38\u5de5\u7a0b {0} \u6b63\u5728\u6784\u5efa\u4e2d\u3002
+AbstractProject.Disabled=\u7981\u6b62\u6784\u5efa
+AbstractProject.NoBuilds=\u6ca1\u6709\u5df2\u7ecf\u5b58\u5728\u7684\u6784\u5efa\uff0c\u8ba1\u5212\u4e00\u4e2a\u65b0\u7684\u3002
+AbstractProject.NoSCM=\u65e0 SCM
+AbstractProject.NoWorkspace=\u6ca1\u6709\u53ef\u7528\u7684\u5de5\u4f5c\u7a7a\u95f4\uff0c\u56e0\u6b64\u65e0\u6cd5\u68c0\u67e5\u66f4\u65b0\u3002
+AbstractProject.WorkspaceTitle=\u5de5\u4f5c\u7a7a\u95f4 {0}
+AbstractProject.WorkspaceTitleOnComputer=\u8282\u70b9 {1} \u4e0a\u7684\u5de5\u4f5c\u7a7a\u95f4 {0}
+AbstractProject.PollingABorted=SCM \u8f6e\u8be2\u88ab\u4e2d\u6b62
+
+AbstractProject.PollingVetoed=SCM\u8f6e\u5bfb\u88ab{0}\u4e2d\u65ad
+AbstractProject.ScmAborted=SCM \u68c0\u51fa\u88ab\u4e2d\u6b62
+AbstractProject.WorkspaceOffline=\u5de5\u4f5c\u7a7a\u95f4\u79bb\u7ebf\u3002
+
+AbstractProject.BuildPermission.Description=\
+  \u8be5\u6743\u9650\u5141\u8bb8\u542f\u52a8\u4e00\u4e2a\u65b0\u7684\u6784\u5efa\u4efb\u52a1\u3002
+AbstractProject.WorkspacePermission.Description=\
+  \u8be5\u6743\u9650\u5141\u8bb8\u83b7\u53d6Jenkins\u6267\u884c\u6784\u5efa\u4efb\u52a1\u65f6\u68c0\u51fa\u7684\u5de5\u4f5c\u7a7a\u95f4\u5185\u5bb9\u3002\u5982\u679c\u4f60\u4e0d\u5e0c\u671b\u7528\u6237\u8bbf\u95ee\u5de5\u4f5c\u7a7a\u95f4\u4e2d\u7684\u6587\u4ef6\uff08\u4f8b\u5982\uff1aSCM\u68c0\u51fa\u7684\u6e90\u7801\u6216\u8005\u6784\u5efa\u7684\u4e2d\u95f4\u4ea7\u7269\uff09\uff0c\u4f60\u53ef\u4ee5\u53d6\u6d88\u8be5\u6743\u9650\u3002
+AbstractProject.ExtendedReadPermission.Description=\
+  \u8be5\u6743\u9650\u6388\u4e88\u9879\u76ee\u914d\u7f6e\u7684\u53ea\u8bfb\u8bbf\u95ee\u3002\u8bf7\u6ce8\u610f\uff0c\u4f60\u6784\u5efa\u8fc7\u7a0b\u4e2d\u7684\u654f\u611f\u4fe1\u606f\uff0c\u4f8b\u5982\u5bc6\u7801\uff0c\u5c31\u4f1a\u88ab\u66b4\u9732\u3002
+AbstractProject.DiscoverPermission.Description=\
+  \u8be5\u6743\u9650\u5141\u8bb8\u67e5\u627e\u4efb\u52a1\u3002\u6bd4\u8bfb\u53d6\u7684\u6743\u9650\u4f4e\uff0c\u5f53\u7528\u6237\u8bd5\u56fe\u8bbf\u95ee\u4efb\u52a1\u65f6\u4f1a\u91cd\u5b9a\u5411\u5230\u767b\u5f55\u9875\u9762\u3002\u5982\u679c\u6ca1\u6709\u8be5\u6743\u9650\uff0c\u5c31\u4e0d\u80fd\u67e5\u627e\u5de5\u7a0b\u540d\u79f0\uff0c\u5e76\u4f1a\u5f97\u5230404\u9519\u8bef\u3002
+AbstractProject.WipeOutPermission.Description=\
+  \u8be5\u6743\u9650\u5141\u8bb8\u6e05\u7a7a\u5de5\u4f5c\u7a7a\u95f4
+AbstractProject.CancelPermission.Description=\u8be5\u6743\u9650\u5141\u8bb8\u53d6\u6d88\u8ba1\u5212\u6216\u7ec8\u6b62\u8fd0\u884c\u4e2d\u7684\u6784\u5efa\u4efb\u52a1\u3002
+AbstractProject.AssignedLabelString.InvalidBooleanExpression=\
+  \u975e\u6cd5\u7684\u5e03\u5c14\u503c\u8868\u8fbe\u5f0f: {0}
+AbstractProject.AssignedLabelString.NoMatch=\u81ea\u5b9a\u4e49\u5de5\u4f5c\u7a7a\u95f4\u4e3a\u7a7a\u3002\u6ca1\u6709\u627e\u5230\u5339\u914d\u7684\u4ee3\u7406\u6216\u8005\u4e91\u63d0\u4f9b\u5546\u3002
+AbstractProject.CustomWorkspaceEmpty=\u81ea\u5b9a\u4e49\u5de5\u4f5c\u7a7a\u95f4\u4e3a\u7a7a\u3002
+
+Api.MultipleMatch=XPath "{0}" \u5339\u914d\u5230\u8282\u70b9 {1} \u3002XPath\u53ef\u4ee5\u5339\u914d\u5230\u4e00\u4e2a\uff0c\u6216\u8005\u4f7f\u7528\u53c2\u6570"wrapper"\u5728\u8ddf\u5143\u7d20\u4e0b\u5305\u88f9\u7740\u3002
+Api.NoXPathMatch=XPath {0} \u4e0d\u5339\u914d
 
 BallColor.Aborted=\u5DF2\u7EC8\u6B62
 BallColor.Disabled=\u7981\u7528
@@ -35,10 +82,113 @@ BallColor.Pending=\u7B49\u5F85
 BallColor.Success=\u6210\u529F
 BallColor.Unstable=\u4E0D\u7A33\u5B9A
 
+Build.post_build_steps_failed=\u6784\u5efa\u540e\u7684\u6b65\u9aa4\u5931\u8d25
+
+BuildAuthorizationToken.InvalidTokenProvided=\u63d0\u4f9b\u7684token\u975e\u6cd5\u3002
+
+CLI.clear-queue.shortDescription=\u6e05\u9664\u6784\u5efa\u961f\u5217\u3002
+CLI.online-node.shortDescription=\u7ee7\u7eed\u4f7f\u7528\u8282\u70b9\u6267\u884c\u6784\u5efa\u4efb\u52a1\uff0c\u66ff\u4ee3\u65e9\u671f\u7684\u547d\u4ee4"offline-node"\u3002
+
+Computer.Caption=\u4ee3\u7406 {0}
+Computer.NoSuchSlaveExists=\u4ee3\u7406 "{0}" \u4e0d\u5b58\u5728\u3002\u53ef\u80fd\u662f "{1}"?
+Computer.NoSuchSlaveExistsWithoutAdvice=\u4ee3\u7406 "{0}" \u4e0d\u5b58\u5728\u3002
+Computer.Permissions.Title=\u4ee3\u7406
+Computer.ExtendedReadPermission.Description=\u8be5\u6743\u9650\u5141\u8bb8\u7528\u6237\u8bfb\u53d6\u4ee3\u7406\u914d\u7f6e\u3002
+Computer.ConfigurePermission.Description=\u8be5\u6743\u9650\u5141\u8bb8\u7528\u6237\u914d\u7f6e\u4ee3\u7406\u3002
+Computer.DeletePermission.Description=\u8be5\u6743\u9650\u5141\u8bb8\u7528\u6237\u5220\u9664\u5df2\u5b58\u5728\u7684\u4ee3\u7406\u3002
+Computer.CreatePermission.Description=\u8be5\u6743\u9650\u5141\u8bb8\u7528\u6237\u521b\u5efa\u4ee3\u7406\u3002
+Computer.ConnectPermission.Description=\u8be5\u6743\u9650\u5141\u8bb8\u7528\u6237\u8fde\u63a5\u4ee3\u7406\u6216\u8005\u8ba9\u4ee3\u7406\u4e0a\u7ebf\u3002
+Computer.DisconnectPermission.Description=\u8be5\u6743\u9650\u5141\u8bb8\u7528\u6237\u65ad\u5f00\u6216\u8005\u4e34\u65f6\u4e0b\u7ebf\u4ee3\u7406\u3002
+Computer.BuildPermission.Description=\u8be5\u6743\u9650\u5141\u8bb8\u7528\u6237\u5728\u4ee3\u7406\u4e0a\u5141\u8bb8\u4efb\u52a1\u3002
+Computer.BadChannel=\u4ee3\u7406\u8282\u70b9\u79bb\u7ebf\u6216\u8005\u4e0d\u662f\u4e00\u4e2a\u8fdc\u7a0b\u901a\u9053\uff08\u4f8b\u5982\uff1amaster\u8282\u70b9\uff09\u3002
+
+ComputerSet.NoSuchSlave=\u6ca1\u6709\u8fd9\u6837\u7684\u4ee3\u7406: {0}
+ComputerSet.SlaveAlreadyExists=\u4ee3\u7406 \u2018{0}\u2019 \u5df2\u7ecf\u5b58\u5728
+ComputerSet.SpecifySlaveToCopy=\u6307\u5b9a\u8981\u62f7\u8d1d\u7684\u4ee3\u7406
+ComputerSet.DisplayName=\u8282\u70b9\u5217\u8868
+
+Descriptor.From=(\u4ece <a href="{1}">{0}</a>)
+
+Executor.NotAvailable=\u4e0d\u53ef\u7528
+
+FreeStyleProject.DisplayName=\u6784\u5EFA\u4E00\u4E2A\u81EA\u7531\u98CE\u683C\u7684\u8F6F\u4EF6\u9879\u76EE
+FreeStyleProject.Description=\u8FD9\u662FJenkins\u7684\u4E3B\u8981\u529F\u80FD.Jenkins\u5C06\u4F1A\u7ED3\u5408\u4EFB\u4F55SCM\u548C\u4EFB\u4F55\u6784\u5EFA\u7CFB\u7EDF\u6765\u6784\u5EFA\u4F60\u7684\u9879\u76EE, \u751A\u81F3\u53EF\u4EE5\u6784\u5EFA\u8F6F\u4EF6\u4EE5\u5916\u7684\u7CFB\u7EDF.
+
+HealthReport.EmptyString=
+
+Hudson.BadPortNumber=\u7aef\u53e3\u53f7\u9519\u8bef {0}
+Hudson.Computer.Caption=Master
+Hudson.Computer.DisplayName=master
+Hudson.ControlCodeNotAllowed=\u4e0d\u5141\u8bb8\u63a7\u5236\u7801: {0}
+Hudson.DisplayName=Jenkins
+Hudson.JobAlreadyExists=\u4efb\u52a1\u540d \u2018{0}\u2019 \u5df2\u5b58\u5728
+Hudson.NoJavaInPath=java \u4e0d\u5728\u4f60\u7684\u73af\u5883\u53d8\u91cf PATH \u4e2d\u3002\u4f60\u53ef\u80fd\u9700\u8981 <a href="{0}/configure">\u914d\u7f6e JDKs</a>?
+Hudson.NoName=\u6ca1\u6709\u6307\u5b9a\u540d\u79f0
+Hudson.NoSuchDirectory=\u76ee\u5f55\u4e0d\u5b58\u5728: {0}
+Hudson.NodeBeingRemoved=\u8282\u70b9\u5df2\u7ecf\u88ab\u79fb\u9664
+Hudson.NotAPlugin={0} \u4e0d\u662f Jenkins \u63d2\u4ef6
+Hudson.NotJDKDir={0} \u4e0d\u662f JDK \u76ee\u5f55
+Hudson.Permissions.Title=\u5168\u90e8
+Hudson.USER_CONTENT_README=\u8be5\u76ee\u5f55\u4e2d\u7684\u6587\u4ef6\u53ef\u4ee5\u901a\u8fc7 http://yourjenkins/userContent/ \u8bbf\u95ee
+Hudson.UnsafeChar=\u2018{0}\u2019 \u662f\u4e00\u4e2a\u4e0d\u5b89\u5168\u7684\u5b57\u7b26
+Hudson.ViewAlreadyExists=\u89c6\u56fe\u540d "{0}" \u5df2\u5b58\u5728
+Hudson.ViewName=\u6240\u6709
+Hudson.NotANumber=\u4e0d\u662f\u4e00\u4e2a\u6570\u5b57
+Hudson.NotAPositiveNumber=\u4e0d\u662f\u4e00\u4e2a\u6b63\u6570
+Hudson.NotANonNegativeNumber=\u4e0d\u662f\u4e00\u4e2a\u8d1f\u6570
+Hudson.NotANegativeNumber=\u4e0d\u662f\u4e00\u4e2a\u8d1f\u6570
+Hudson.MustBeAtLeast=\u5fc5\u987b\u5927\u4e8e\u7b49\u4e8e {0}
+Hudson.MustBeAtMost=\u5fc5\u987b\u5c0f\u4e8e\u7b49\u4e8e {0}
+Hudson.NotUsesUTF8ToDecodeURL=\
+  \u4f60\u7684\u5bb9\u5668\u6ca1\u6709\u4f7f\u7528UTF-8\u89e3\u7801URL\u5730\u5740\u3002\u5982\u679c\u4f60\u4f7f\u7528\u4e86\u975eASCII\u5b57\u7b26\u4f5c\u4e3a\u4efb\u52a1\u540d\u79f0\u7b49\uff0c\u53ef\u80fd\u4f1a\u6709\u95ee\u9898\u3002 \
+  \u67e5\u770b <a href="https://jenkins.io/redirect/configuring-servlet-containers">\u5bb9\u5668</a> \u548c \
+  <a href="/redirect/troubleshooting/utf8-url-decoding">Tomcat i18n</a> \u83b7\u53d6\u66f4\u591a\u8be6\u60c5\u3002
+Hudson.AdministerPermission.Description=\
+  \u8be5\u6743\u9650\u5141\u8bb8\u4fee\u6539\u7cfb\u7edf\u7ea7\u522b\u7684\u914d\u7f6e\uff0c\u4e5f\u5c31\u662f\u6267\u884c\u9ad8\u5ea6\u654f\u611f\u7684\u64cd\u4f5c\uff0c\u4f8b\u5982\u6302\u8f7d\u672c\u5730\u7cfb\u7edf\u8bbf\u95ee\uff08\u8fd9\u5c31\u8d4b\u4e88\u4e86\u57fa\u672c\u7684\u64cd\u4f5c\u7cfb\u7edf\u6743\u9650\uff09
+Hudson.ReadPermission.Description=\
+  \u8bfb\u6743\u9650\u5bf9\u4e8e\u67e5\u770bJenkins\u7684\u5927\u90e8\u5206\u9875\u9762\u662f\u5fc5\u9700\u7684\u3002\u5f53\u4f60\u4e0d\u5e0c\u671b\u672a\u8ba4\u8bc1\u7684\u7528\u6237\u770b\u5230Jenkins\u9875\u9762\u65f6\uff0c\u8be5\u6743\u9650\u5c31\u5f88\u6709\u7528\uff1a\u4ece\u533f\u540d\u7528\u6237\u4e2d\u53d6\u6d88\u8be5\u6743\u9650\uff0c \
+  \u7136\u540e\u7ed9\u53d7\u8ba4\u8bc1\u7684\u7528\u6237\u8d4b\u4e88\u8be5\u6743\u9650\u3002
+Hudson.RunScriptsPermission.Description=\
+  \u5728Jenkins\u8fdb\u7a0b\u4e2d\u8981\u8fd0\u884c\u811a\u672c\u65f6\u9700\u8981\u8be5\u6743\u9650\uff0c\u4f8b\u5982\uff1a\u901a\u8fc7Groovy\u63a7\u5236\u53f0\u83b7\u53d6\u547d\u4ee4\u884c\u3002
+Hudson.NodeDescription=Jenkins\u7684master\u8282\u70b9
+
 Item.Permissions.Title=\u4EFB\u52A1
 Item.CREATE.description=\u521B\u5EFA\u65B0\u7684\u4EFB\u52A1\u3002
 Item.DELETE.description=\u5220\u9664\u4EFB\u52A1\u3002
 Item.CONFIGURE.description=\u4FEE\u6539\u4EFB\u52A1\u7684\u914D\u7F6E\u3002
+Item.READ.description=\u67e5\u770b\u4efb\u52a1\u3002\uff08\u53ef\u4ee5\u62d2\u7edd\u8be5\u6743\u9650\uff0c\u4f46\u5141\u8bb8\u53d1\u73b0\uff0c\u8feb\u4f7f\u533f\u540d\u7528\u6237\u767b\u5f55\u5230\u770b\u5230\u4efb\u52a1\uff09
+Item.RENAME.description=\u91cd\u547d\u540d\u4efb\u52a1\u3002
+ItemGroupMixIn.may_not_copy_as_it_contains_secrets_and_=\u53ef\u80fd\u4e0d\u62f7\u8d1d {0} \u4f5c\u4e3a\u5b83\u7684\u5bb9\u5668\u5bc6\u94a5\uff0c\u5e76\u4e14 {1} \u6709 {2}/{3} \u4f46\u6ca1\u6709 /{4}
+
+Job.AllRecentBuildFailed=\u6700\u8fd1\u6240\u6709\u7684\u6784\u5efa\u90fd\u5931\u8d25\u4e86\u3002
+Job.BuildStability=\u6784\u5efa\u7a33\u5b9a\u6027: {0}
+Job.NOfMFailed=\u6700\u8fd1 {1} \u6b21\u6784\u5efa\u4e2d\u6709 {0} \u6b21\u5931\u8d25\u3002
+Job.NoRecentBuildFailed=\u6700\u8fd1\u6ca1\u6709\u5931\u8d25\u7684\u6784\u5efa\u3002
+Job.Pronoun=\u5de5\u7a0b
+Job.minutes=\u5206
+Job.NoRenameWhileBuilding=\u4E0D\u5141\u8BB8\u91CD\u547D\u540D\u6B63\u5728\u6784\u5EFA\u4E2D\u7684\u4EFB\u52A1\u3002
+Job.you_must_use_the_save_button_if_you_wish=\u5982\u679c\u60f3\u8981\u91cd\u547d\u540d\u4efb\u52a1\u4f60\u5fc5\u987b\u70b9\u51fb\u4fdd\u5b58\u6309\u94ae\u3002
+
+Label.GroupOf=\u4e00\u7ec4 {0}
+Label.InvalidLabel=\u975e\u6cd5\u7684\u6807\u7b7e
+Label.ProvisionedFrom={0} \u7684\u4f9b\u5e94
+
+ManageJenkinsAction.DisplayName=\u7CFB\u7EDF\u7BA1\u7406
+MultiStageTimeSeries.EMPTY_STRING=
+
+Queue.AllNodesOffline=\u5e26\u6709\u6807\u7b7e \u2018{0}\u2019 \u7684\u6240\u6709\u8282\u70b9\u90fd\u79bb\u7ebf
+Queue.LabelHasNoNodes=\u6ca1\u6709\u5e26\u6709\u6807\u7b7e \u2018{0}\u2019 \u7684\u8282\u70b9
+Queue.BlockedBy=\u88ab {0} \u963b\u65ad
+Queue.HudsonIsAboutToShutDown=Jenkins \u51c6\u5907\u5173\u95ed
+Queue.InProgress=\u6784\u5efa\u6b63\u5728\u8fdb\u884c\u4e2d
+Queue.InQuietPeriod=\u5904\u4e8e\u9759\u9ed8\u671f\u3002\u622a\u6b62 {0}
+Queue.NodeOffline={0} \u5df2\u7ecf\u79bb\u7ebf
+Queue.Unknown=\u672a\u77e5
+Queue.WaitingForNextAvailableExecutor=\u7b49\u5f85\u4e0b\u4e00\u4e2a\u53ef\u7528\u7684\u6267\u884c\u5668
+Queue.WaitingForNextAvailableExecutorOn=\u5728 {0} \u4e0a\u7b49\u5f85\u4e0b\u4e00\u4e2a\u53ef\u7528\u7684\u6267\u884c\u5668
+Queue.init=\u6062\u590d\u6784\u5efa\u961f\u5217
+Queue.node_has_been_removed_from_configuration={0} \u5df2\u7ecf\u4ece\u914d\u7f6e\u4e2d\u79fb\u9664
+Queue.executor_slot_already_in_use=\u6267\u884c\u5668\u5df2\u7ecf\u88ab\u4f7f\u7528
 
 ResultTrend.Aborted=\u5DF2\u7EC8\u6B62
 ResultTrend.Failure=\u5931\u8D25
@@ -50,22 +200,113 @@ ResultTrend.StillUnstable=\u4ECD\u7136\u4E0D\u7A33\u5B9A
 ResultTrend.Success=\u6210\u529F
 ResultTrend.Unstable=\u4E0D\u7A33\u5B9A
 
-Node.Mode.NORMAL=\u5C3D\u53EF\u80FD\u7684\u4F7F\u7528\u8FD9\u4E2A\u8282\u70B9
-Node.Mode.EXCLUSIVE=\u53EA\u5141\u8BB8\u8FD0\u884C\u7ED1\u5B9A\u5230\u8FD9\u53F0\u673A\u5668\u7684Job
+Run._is_waiting_for_a_checkpoint_on_={0} \u5728\u7b49\u5f85\u68c0\u67e5\u70b9 {1}
+Run.BuildAborted=\u6784\u5efa\u88ab\u4e2d\u65ad
+Run.MarkedExplicitly=\u8be5\u8bb0\u5f55\u660e\u786e\u6807\u8bb0\u4e3a\u4fdd\u7559\u3002
+Run.Permissions.Title=\u8fd0\u884c
+Run.running_as_=\u4f5c\u4e3a {0} \u8fd0\u884c
+Run.UnableToDelete=\u65e0\u6cd5\u5220\u9664 {0}: {1}
+Run.DeletePermission.Description=\u8be5\u6743\u9650\u5141\u8bb8\u7528\u6237\u4ece\u6784\u5efa\u5386\u53f2\u4e2d\u624b\u52a8\u5220\u9664\u6307\u5b9a\u7684\u8bb0\u5f55
+Run.UpdatePermission.Description=\u8be5\u6743\u9650\u5141\u8bb8\u7528\u6237\u4fee\u6539\u4e00\u6b21\u6784\u5efa\u7684\u63cf\u8ff0\u6216\u8005\u5176\u4ed6\u5c5e\u6027\uff0c\u4f8b\u5982\uff1a\u63cf\u8ff0\u6784\u5efa\u5931\u8d25\u7684\u539f\u56e0\u3002
+Run.ArtifactsPermission.Description=\u8be5\u6743\u9650\u6388\u4e88\u83b7\u53d6\u6784\u5efa\u6210\u54c1\u7684\u80fd\u529b\u3002\u5982\u679c\u4f60\u4e0d\u60f3\u8ba9\u7528\u6237\u8bbf\u95ee\u6210\u54c1\uff0c\u53ef\u4ee5\u53d6\u6d88\u8be5\u6743\u9650\u3002
+Run.InProgressDuration={0} \u5e76\u8ba1\u6570\u4e2d
+Run.NotStartedYet=\u6ca1\u5f00\u59cb
+Run.ArtifactsBrowserTitle={0} {1} \u7684\u6210\u54c1
 
-MyView.DisplayName=\u6211\u7684\u89C6\u56FE
+Run.Summary.Stable=\u7a33\u5b9a
+Run.Summary.Unstable=\u4e0d\u7a33\u5b9a
+Run.Summary.Aborted=\u4e2d\u65ad
+Run.Summary.NotBuilt=\u672a\u6784\u5efa
+Run.Summary.BackToNormal=\u8fd4\u56de\u5230\u6b63\u5e38
+Run.Summary.BrokenForALongTime=\u65ad\u5f00\u5f88\u957f\u65f6\u95f4
+Run.Summary.BrokenSinceThisBuild=\u81ea\u4ece\u8fd9\u6b21\u6784\u5efa\u540e\u65ad\u5f00
+Run.Summary.BrokenSince=\u81ea\u4ece\u6784\u5efa {0} \u540e\u65ad\u5f00
+Run.Summary.Unknown=\u672a\u77e5
 
-AbstractItem.Pronoun=\u4EFB\u52A1
-AbstractItem.NewNameInUse=\u8BE5\u547D\u540D {0} \u5DF2\u7ECF\u88AB\u5360\u7528\u3002
+Slave.InvalidConfig.Executors=\u4ee3\u7406\u914d\u7f6e\u4e0d\u5408\u6cd5 {0} \u3002\u6267\u884c\u5668\u6570\u4e0d\u5408\u6cd5\u3002
+Slave.InvalidConfig.NoName=\u4ee3\u7406\u914d\u7f6e\u4e0d\u5408\u6cd5\uff0c\u540d\u79f0\u4e3a\u7a7a
+Slave.Network.Mounted.File.System.Warning=\u4f60\u786e\u5b9a\u8981\u4f7f\u7528\u7f51\u7edc\u6302\u8f7d\u6587\u4ef6\u7cfb\u7edf\u4f5c\u4e3a\u6587\u4ef6\u7cfb\u7edf\u7684\u6839\u5417\uff1f\u6ce8\u610f\u8be5\u76ee\u5f55\u65e0\u9700\u5bf9master\u53ef\u89c1\u3002
+Slave.Remote.Director.Mandatory=\u8fdc\u7a0b\u76ee\u5f55\u662f\u5fc5\u586b\u9879
+Slave.Terminated={0} \u4ee3\u7406\u88ab\u7ec8\u6b62
+Slave.Remote.Relative.Path.Warning=\u4f60\u786e\u5b9a\u8981\u4f7f\u7528\u76f8\u5bf9\u8def\u5f84\u4f5c\u4e3a\u6587\u4ef6\u7cfb\u7edf\u7684\u6839\u5417\uff1f\u6ce8\u610f\uff0c\u8981\u786e\u4fdd\u60a8\u6240\u9009\u62e9\u7684\u542f\u52a8\u5668\u63d0\u4f9b\u4e86\u4e00\u81f4\u7684\u5f53\u524d\u5de5\u4f5c\u76ee\u5f55\u3002\u5f3a\u70c8\u5efa\u8bae\u4f7f\u7528\u7edd\u5bf9\u8def\u5f84\u3002
+Slave.UnixSlave=\u8fd9\u662f\u4e00\u4e2aUnix\u4ee3\u7406
+Slave.WindowsSlave=\u8fd9\u662f\u4e00\u4e2aWindows\u4ee3\u7406
 
-MyViewsProperty.DisplayName=\u6211\u7684\u89C6\u56FE
-MyViewsProperty.GlobalAction.DisplayName=\u6211\u7684\u89C6\u56FE
+TopLevelItemDescriptor.NotApplicableIn=\u9009\u9879 {0} \u5728 {1} \u4e2d\u4e0d\u5408\u9002
 
-ManageJenkinsAction.DisplayName=\u7CFB\u7EDF\u7BA1\u7406
-ParametersDefinitionProperty.DisplayName=\u53C2\u6570\u5316\u6784\u5EFA\u8FC7\u7A0B
-ListView.DisplayName=\u7B80\u5355\u89C6\u56FE
+UpdateCenter.DownloadButNotActivated=\u4e0b\u8f7d\u6210\u529f\uff0c\u4e0b\u6b21\u542f\u52a8\u65f6\u751f\u6548
+UpdateCenter.n_a=\u4e0d\u53ef\u7528
+
+View.Permissions.Title=\u89c6\u56fe
+View.CreatePermission.Description=\u8be5\u6743\u9650\u5141\u8bb8\u7528\u6237\u521b\u5efa\u65b0\u7684\u89c6\u56fe\u3002
+View.DeletePermission.Description=\u8be5\u6743\u9650\u5141\u8bb8\u7528\u6237\u5220\u9664\u5df2\u6709\u7684\u89c6\u56fe\u3002
+View.ConfigurePermission.Description=\u8be5\u6743\u9650\u5141\u8bb8\u7528\u6237\u6539\u53d8\u89c6\u56fe\u7684\u914d\u7f6e\u3002
+View.ReadPermission.Description=\u8be5\u6743\u9650\u5141\u8bb8\u7528\u6237\u67e5\u770b\u89c6\u56fe\uff08\u5141\u8bb8\u8bfb\u53d6\u8bbf\u95ee\uff09\u3002
+View.MissingMode=\u6ca1\u6709\u6307\u5b9a\u89c6\u56fe\u7c7b\u578b
+View.DisplayNameNotUniqueWarning=\u663e\u793a\u540d\u79f0, "{0}", \u5df2\u7ecf\u88ab\u5176\u4ed6\u89c6\u56fe\u4f7f\u7528\uff0c\u5e76\u53ef\u80fd\u5f15\u8d77\u6df7\u4e71\u3002
+
+UpdateCenter.DisplayName=\u66f4\u65b0\u4e2d\u5fc3
+UpdateCenter.Status.CheckingInternet=\u68c0\u67e5\u7f51\u7edc\u8fde\u63a5
+UpdateCenter.Status.CheckingJavaNet=\u68c0\u67e5\u66f4\u65b0\u4e2d\u5fc3\u8fde\u63a5
+UpdateCenter.Status.Success=\u6210\u529f
+UpdateCenter.Status.UnknownHostException=\
+  <span class=error>\u89e3\u6790\u4e3b\u673a\u540d {0}. \
+  \u5931\u8d25\u3002\u4f60\u53ef\u80fd\u9700\u8981 <a href="../pluginManager/advanced">\u914d\u7f6eHTTP\u4ee3\u7406\uff1f</a></span>
+UpdateCenter.Status.ConnectionFailed=\
+  <span class=error>\u65e0\u6cd5\u8fde\u63a5 {0}. \
+  \u3002\u4f60\u53ef\u80fd\u9700\u8981 <a href="../pluginManager/advanced">\u914d\u7f6eHTTP\u4ee3\u7406\uff1f</a></span>
+UpdateCenter.init=\u521d\u59cb\u5316\u66f4\u65b0\u4e2d\u5fc3
+UpdateCenter.CoreUpdateMonitor.DisplayName=Jenkins\u66f4\u65b0\u901a\u77e5
+
+UpdateCenter.PluginCategory.android=\u5b89\u5353\u5f00\u53d1
+UpdateCenter.PluginCategory.builder=\u6784\u5efa\u5de5\u5177
+UpdateCenter.PluginCategory.buildwrapper=\u6784\u5efa\u5305\u88c5
+UpdateCenter.PluginCategory.cli=\u547d\u4ee4\u884c\u63a5\u53e3
+UpdateCenter.PluginCategory.cloud=\u4e91\u63d0\u4f9b\u5546
+UpdateCenter.PluginCategory.cluster=\u96c6\u7fa4\u7ba1\u7406\u548c\u5206\u5e03\u5f0f\u6784\u5efa
+UpdateCenter.PluginCategory.database=\u6570\u636e\u5e93
+UpdateCenter.PluginCategory.deployment=\u5f00\u53d1
+UpdateCenter.PluginCategory.devops=DevOps
+UpdateCenter.PluginCategory.dotnet=.NET \u5f00\u53d1
+UpdateCenter.PluginCategory.external=\u5916\u90e8\u5de5\u5177\u96c6\u6210
+UpdateCenter.PluginCategory.groovy-related=Groovy\u76f8\u5173
+UpdateCenter.PluginCategory.ios=iOS \u5f00\u53d1
+UpdateCenter.PluginCategory.library=\u63d2\u4ef6\u5e93\uff08\u88ab\u5176\u4ed6\u63d2\u4ef6\u4f7f\u7528\uff09
+UpdateCenter.PluginCategory.listview-column=\u89c6\u56fe\u5217
+UpdateCenter.PluginCategory.maven=Maven
+UpdateCenter.PluginCategory.misc=\u6742\u9879
+UpdateCenter.PluginCategory.notifier=\u6784\u5efa\u901a\u77e5
+UpdateCenter.PluginCategory.page-decorator=\u9875\u9762\u88c5\u9970\u5668
+UpdateCenter.PluginCategory.parameter=\u6784\u5efa\u53c2\u6570
+UpdateCenter.PluginCategory.post-build=\u5176\u4ed6\u6784\u5efa\u540e\u52a8\u4f5c
+UpdateCenter.PluginCategory.python=Python \u5f00\u53d1
+UpdateCenter.PluginCategory.report=\u6784\u5efa\u62a5\u544a
+UpdateCenter.PluginCategory.ruby=Ruby \u5f00\u53d1
+UpdateCenter.PluginCategory.runcondition=\u7528\u4e8e\u8fd0\u884c\u6761\u4ef6\u7684\u63d2\u4ef6
+UpdateCenter.PluginCategory.scala=Scala \u5f00\u53d1
+UpdateCenter.PluginCategory.scm=\u6e90\u7801\u7ba1\u7406
+UpdateCenter.PluginCategory.scm-related=\u6e90\u7801\u7ba1\u7406\u76f8\u5173
+UpdateCenter.PluginCategory.security=\u5b89\u5168
+UpdateCenter.PluginCategory.slaves=\u4ee3\u7406\u542f\u52a8\u5668\u548c\u63a7\u5236\u5668
+UpdateCenter.PluginCategory.test=\u6d4b\u8bd5
+UpdateCenter.PluginCategory.trigger=\u6784\u5efa\u89e6\u53d1\u5668
+UpdateCenter.PluginCategory.ui=\u7528\u6237\u754c\u9762
+UpdateCenter.PluginCategory.upload=\u6210\u54c1\u4e0a\u4f20
+UpdateCenter.PluginCategory.user=\u8ba4\u8bc1\u548c\u7528\u6237\u7ba1\u7406
+UpdateCenter.PluginCategory.view=\u89c6\u56fe
+UpdateCenter.PluginCategory.must-be-labeled=\u672a\u5206\u7c7b
+UpdateCenter.PluginCategory.unrecognized=Misc ({0})
+
+Permalink.LastBuild=\u6700\u8fd1\u4e00\u6b21\u6784\u5efa
+Permalink.LastStableBuild=\u6700\u8fd1\u7a33\u5b9a\u6784\u5efa
+Permalink.LastUnstableBuild=\u6700\u8fd1\u4e0d\u7a33\u5b9a\u7684\u6784\u5efa
+Permalink.LastUnsuccessfulBuild=\u6700\u8fd1\u672a\u6210\u529f\u7684\u6784\u5efa
+Permalink.LastSuccessfulBuild=\u6700\u8fd1\u6210\u529f\u7684\u6784\u5efa
+Permalink.LastFailedBuild=\u6700\u8fd1\u5931\u8d25\u7684\u6784\u5efa
+Permalink.LastCompletedBuild=\u6700\u8fd1\u5b8c\u6210\u7684\u6784\u5efa
 
 ParameterAction.DisplayName=\u53C2\u6570
+ParametersDefinitionProperty.DisplayName=\u53C2\u6570\u5316\u6784\u5EFA\u8FC7\u7A0B
 StringParameterDefinition.DisplayName=\u5B57\u7B26\u53C2\u6570
 TextParameterDefinition.DisplayName=\u6587\u672C\u53C2\u6570
 FileParameterDefinition.DisplayName=\u6587\u4EF6\u53C2\u6570
@@ -75,4 +316,51 @@ ChoiceParameterDefinition.MissingChoices=\u9700\u8981\u9009\u9879\u3002
 RunParameterDefinition.DisplayName=\u8FD0\u884C\u65F6\u53C2\u6570
 PasswordParameterDefinition.DisplayName=\u5BC6\u7801\u53C2\u6570
 
-Job.NoRenameWhileBuilding=\u4E0D\u5141\u8BB8\u91CD\u547D\u540D\u6B63\u5728\u6784\u5EFA\u4E2D\u7684\u4EFB\u52A1\u3002
+Node.BecauseNodeIsReserved={0} \u662f\u5bf9\u4efb\u52a1\u4fdd\u7559\u7684\uff0c\u7528\u4e8e\u5339\u914d\u6807\u7b7e\u8868\u8fbe\u5f0f
+Node.BecauseNodeIsNotAcceptingTasks={0} \u4e0d\u63a5\u53d7\u4efb\u52a1
+Node.LabelMissing={0} \u6ca1\u6709\u6807\u7b7e {1}
+Node.LackingBuildPermission={0} \u5728 {1} \u4e0a\u8fd0\u884c\u7f3a\u5c11\u6743\u9650
+Node.Mode.NORMAL=\u5C3D\u53EF\u80FD\u7684\u4F7F\u7528\u8FD9\u4E2A\u8282\u70B9
+Node.Mode.EXCLUSIVE=\u53EA\u5141\u8BB8\u8FD0\u884C\u7ED1\u5B9A\u5230\u8FD9\u53F0\u673A\u5668\u7684Job
+
+ListView.DisplayName=\u5217\u8868\u89c6\u56fe
+
+MyView.DisplayName=\u6211\u7684\u89C6\u56FE
+
+MyViewsProperty.DisplayName=\u6211\u7684\u89C6\u56FE
+MyViewsProperty.GlobalAction.DisplayName=\u6211\u7684\u89C6\u56FE
+MyViewsProperty.ViewExistsCheck.NotExist=\u4ee5 {0} \u547d\u540d\u7684\u89c6\u56fe\u4e0d\u5b58\u5728
+MyViewsProperty.ViewExistsCheck.AlreadyExists=\u4ee5 {0} \u547d\u540d\u7684\u89c6\u56fe\u5df2\u7ecf\u5b58\u5728
+
+LoadStatistics.Legends.DefinedExecutors=\u660e\u786e\u7684\u6267\u884c\u5668
+LoadStatistics.Legends.OnlineExecutors=\u5728\u7ebf\u7684\u6267\u884c\u5668
+LoadStatistics.Legends.ConnectingExecutors=\u8fde\u63a5\u4e2d\u7684\u6267\u884c\u5668
+LoadStatistics.Legends.TotalExecutors=\u6240\u6709\u7684\u6267\u884c\u5668
+LoadStatistics.Legends.BusyExecutors=\u5fd9\u788c\u7684\u6267\u884c\u5668
+LoadStatistics.Legends.IdleExecutors=\u7a7a\u95f2\u7684\u6267\u884c\u5668
+LoadStatistics.Legends.AvailableExecutors=\u53ef\u7528\u7684\u6267\u884c\u5668
+LoadStatistics.Legends.QueueLength=\u961f\u5217\u957f\u5ea6
+
+Cause.LegacyCodeCause.ShortDescription=\u7531\u9057\u7559\u529f\u80fd\u542f\u52a8\uff0c\u6ca1\u6709\u76f8\u5173\u4fe1\u606f
+Cause.UpstreamCause.ShortDescription=\u7531\u4e0a\u6e38\u5de5\u7a0b "{0}" \u542f\u52a8\uff0c\u6784\u5efa\u53f7\u4e3a {1}
+Cause.UpstreamCause.CausedBy=\u6700\u521d\u5f15\u8d77\u7684:
+Cause.UserCause.ShortDescription=\u7531\u7528\u6237 {0} \u542f\u52a8
+Cause.UserIdCause.ShortDescription=\u7531\u7528\u6237 {0} \u542f\u52a8
+Cause.RemoteCause.ShortDescription=\u7531\u8fdc\u7a0b\u4e3b\u673a {0} \u542f\u52a8
+Cause.RemoteCause.ShortDescriptionWithNote=\u7531\u8fdc\u7a0b\u4e3b\u673a {0} \u542f\u52a8 \u5907\u6ce8: {1}
+
+ProxyView.NoSuchViewExists=\u5168\u5c40\u89c6\u56fe {0} \u4e0d\u5b58\u5728
+ProxyView.DisplayName=\u5305\u62ec\u5168\u5c40\u89c6\u56fe
+
+CLI.restart.shortDescription=\u91cd\u542fJenkins
+CLI.safe-restart.shortDescription=\u5b89\u5168\u5730\u91cd\u542fJenkins
+CLI.keep-build.shortDescription=\u6c38\u4e45\u4fdd\u7559\u8fd9\u6b21\u6784\u5efa\u3002
+
+Jenkins.CheckDisplayName.NameNotUniqueWarning=\u663e\u793a\u7684\u540d\u79f0, "{0}", \u4f5c\u4e3a\u4efb\u52a1\u7684\u540d\u79f0\uff0c\u53ef\u80fd\u4f1a\u5728\u641c\u7d22\u7ed3\u679c\u4e2d\u5f15\u8d77\u56f0\u60d1\u3002
+Jenkins.CheckDisplayName.DisplayNameNotUniqueWarning=\u663e\u793a\u7684\u540d\u79f0, "{0}", \u5df2\u7ecf\u88ab\u5176\u4ed6\u4efb\u52a1\u4f7f\u7528\uff0c\u5e76\u4e14\u53ef\u80fd\u5f15\u8d77\u56f0\u60d1\u3001\u5ef6\u8fdf\u3002
+
+Jenkins.NotAllowedName=\u201c{0}\u201d \u4e3a\u4e0d\u5141\u8bb8\u7684\u540d\u79f0
+Jenkins.IsRestarting=Jenkins\u6b63\u5728\u91cd\u542f
+
+User.IllegalUsername="{0}" \u51fa\u4e8e\u5b89\u5168\u8003\u8651\u662f\u4e0d\u88ab\u5141\u8bb8\u7684\u7528\u6237\u540d\u3002
+User.IllegalFullname="{0}" \u51fa\u4e8e\u5b89\u5168\u8003\u8651\u662f\u4e0d\u88ab\u5141\u8bb8\u7684\u5168\u540d\u3002
-- 
GitLab


From 9557da32a3550bd98acc9d04728547fcd98b8a15 Mon Sep 17 00:00:00 2001
From: Devin Nusbaum <dwnusbaum@users.noreply.github.com>
Date: Sat, 14 Apr 2018 16:57:27 -0400
Subject: [PATCH 331/863] [JENKINS-50599] Make Nodes#addNode fail atomically
 (#3383)

* Reproduce JENKINS-50599

* Make Nodes#addNode fail atomically

* Simplify rollback logic and add some tests

* Fix typo

* Rename lambda parameters to clarify that they are intentionally ignored

* Catch RuntimeException as well
---
 core/src/main/java/jenkins/model/Nodes.java   | 19 +++-
 .../test/java/jenkins/model/NodesTest.java    | 99 +++++++++++++++++++
 2 files changed, 116 insertions(+), 2 deletions(-)
 create mode 100644 test/src/test/java/jenkins/model/NodesTest.java

diff --git a/core/src/main/java/jenkins/model/Nodes.java b/core/src/main/java/jenkins/model/Nodes.java
index 2b1116bb86..24f9ac7431 100644
--- a/core/src/main/java/jenkins/model/Nodes.java
+++ b/core/src/main/java/jenkins/model/Nodes.java
@@ -127,7 +127,8 @@ public class Nodes implements Saveable {
      * @throws IOException if the list of nodes could not be persisted.
      */
     public void addNode(final @Nonnull Node node) throws IOException {
-        if (node != nodes.get(node.getNodeName())) {
+        Node oldNode = nodes.get(node.getNodeName());
+        if (node != oldNode) {
             // TODO we should not need to lock the queue for adding nodes but until we have a way to update the
             // computer list for just the new node
             Queue.withLock(new Runnable() {
@@ -139,7 +140,21 @@ public class Nodes implements Saveable {
                 }
             });
             // TODO there is a theoretical race whereby the node instance is updated/removed after lock release
-            persistNode(node);
+            try {
+                persistNode(node);
+            } catch (IOException | RuntimeException e) {
+                // JENKINS-50599: If persisting the node throws an exception, we need to remove the node from
+                // memory before propagating the exception.
+                Queue.withLock(new Runnable() {
+                    @Override
+                    public void run() {
+                        nodes.compute(node.getNodeName(), (ignoredNodeName, ignoredNode) -> oldNode);
+                        jenkins.updateComputerList();
+                        jenkins.trimLabels();
+                    }
+                });
+                throw e;
+            }
             NodeListener.fireOnCreated(node);
         }
     }
diff --git a/test/src/test/java/jenkins/model/NodesTest.java b/test/src/test/java/jenkins/model/NodesTest.java
new file mode 100644
index 0000000000..8e81a98a43
--- /dev/null
+++ b/test/src/test/java/jenkins/model/NodesTest.java
@@ -0,0 +1,99 @@
+/*
+ * The MIT License
+ *
+ * Copyright 2018 CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+package jenkins.model;
+
+import hudson.model.Descriptor;
+import hudson.model.Node;
+import hudson.model.Slave;
+import hudson.slaves.ComputerLauncher;
+import java.io.IOException;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+
+import static org.hamcrest.Matchers.containsString;
+import static org.hamcrest.Matchers.nullValue;
+import static org.hamcrest.Matchers.sameInstance;
+import static org.junit.Assert.assertThat;
+import static org.junit.Assert.fail;
+
+public class NodesTest {
+
+    @Rule
+    public JenkinsRule r = new JenkinsRule();
+
+    @Test
+    @Issue("JENKINS-50599")
+    public void addNodeShouldFailAtomically() throws Exception {
+        InvalidNode node = new InvalidNode("foo", "temp", r.createComputerLauncher(null));
+        try {
+            r.jenkins.addNode(node);
+            fail("Adding the node should have thrown an exception during serialization");
+        } catch (IOException e) {
+            String className = InvalidNode.class.getName();
+            assertThat("The exception should be from failing to serialize the node",
+                    e.getMessage(), containsString("Failed to serialize " + className + "#cl for class " + className));
+        }
+        assertThat("The node should not exist since #addNode threw an exception",
+                r.jenkins.getNode("foo"), nullValue());
+    }
+
+    @Test
+    @Issue("JENKINS-50599")
+    public void addNodeShouldFailAtomicallyWhenReplacingNode() throws Exception {
+        Node oldNode = r.createSlave("foo", "", null);
+        r.jenkins.addNode(oldNode);
+        InvalidNode newNode = new InvalidNode("foo", "temp", r.createComputerLauncher(null));
+        try {
+            r.jenkins.addNode(newNode);
+            fail("Adding the node should have thrown an exception during serialization");
+        } catch (IOException e) {
+            String className = InvalidNode.class.getName();
+            assertThat("The exception should be from failing to serialize the node",
+                    e.getMessage(), containsString("Failed to serialize " + className + "#cl for class " + className));
+        }
+        assertThat("The old node should still exist since #addNode threw an exception",
+                r.jenkins.getNode("foo"), sameInstance(oldNode));
+    }
+
+    @Test
+    public void addNodeShouldReplaceExistingNode() throws Exception {
+        Node oldNode = r.createSlave("foo", "", null);
+        r.jenkins.addNode(oldNode);
+        Node newNode = r.createSlave("foo", "", null);
+        r.jenkins.addNode(newNode);
+        assertThat(r.jenkins.getNode("foo"), sameInstance(newNode));
+    }
+
+    private static class InvalidNode extends Slave {
+        // JEP-200 whitelist changes prevent this field (and thus instances of this class) from being serialized.
+        private ClassLoader cl = InvalidNode.class.getClassLoader();
+
+        public InvalidNode(String name, String remoteFS, ComputerLauncher launcher) throws Descriptor.FormException, IOException {
+            super(name, remoteFS, launcher);
+        }
+    }
+}
-- 
GitLab


From 9316cee9e0beb5ea2de2ffdfdead8c7dd22609ec Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 15 Apr 2018 03:07:48 -0700
Subject: [PATCH 332/863] [maven-release-plugin] prepare release jenkins-2.117

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 0fb0dedce6..b5bb2c0a7a 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.117-SNAPSHOT</version>
+    <version>2.117</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index da228319b2..283de24209 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.117-SNAPSHOT</version>
+    <version>2.117</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 018197223c..d1fcf381df 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.117-SNAPSHOT</version>
+  <version>2.117</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.117</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f6a4b33e6..f9447f54e4 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.117-SNAPSHOT</version>
+    <version>2.117</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 673a02c8db..8101ca6e7d 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.117-SNAPSHOT</version>
+    <version>2.117</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From dc4ab1196e12715009c4a40a813b7d8426b71a1d Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 15 Apr 2018 03:07:48 -0700
Subject: [PATCH 333/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index b5bb2c0a7a..472f0b72a2 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.117</version>
+    <version>2.118-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 283de24209..f81dc113b8 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.117</version>
+    <version>2.118-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index d1fcf381df..5f6b5a4ed0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.117</version>
+  <version>2.118-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.117</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index f9447f54e4..d21b87139b 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.117</version>
+    <version>2.118-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 8101ca6e7d..2926b9fd72 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.117</version>
+    <version>2.118-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From c2484892889b849726f9babf0ae2914423b052dd Mon Sep 17 00:00:00 2001
From: Sylvestre Ledru <sylvestre@debian.org>
Date: Tue, 17 Apr 2018 10:02:36 +0200
Subject: [PATCH 334/863] Improve the french translation: 'pas bonne' isn't a
 great wording

---
 .../diagnosis/ReverseProxySetupMonitor/message_fr.properties    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/hudson/diagnosis/ReverseProxySetupMonitor/message_fr.properties b/core/src/main/resources/hudson/diagnosis/ReverseProxySetupMonitor/message_fr.properties
index 232c302baf..c79851bbb6 100644
--- a/core/src/main/resources/hudson/diagnosis/ReverseProxySetupMonitor/message_fr.properties
+++ b/core/src/main/resources/hudson/diagnosis/ReverseProxySetupMonitor/message_fr.properties
@@ -22,4 +22,4 @@
 
 Dismiss=Annuler
 More\ Info=Plus d\u2019informations
-blurb=La configuration de votre proxy inverse n''est pas bonne
+blurb=La configuration de votre proxy inverse est incorrecte.
-- 
GitLab


From d132b6d812f667fef332067192eae7665d6a78cb Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Wed, 18 Apr 2018 16:12:40 +0200
Subject: [PATCH 335/863] Update Remoting to 3.20 in order to refresh the code
 signing certificate

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 5f6b5a4ed0..cc99d22365 100644
--- a/pom.xml
+++ b/pom.xml
@@ -104,7 +104,7 @@ THE SOFTWARE.
     <maven-war-plugin.version>3.0.0</maven-war-plugin.version> <!-- JENKINS-47127 bump when 3.2.0 is out. Cf. MWAR-407 -->
 
     <!-- Minimum Remoting version, which is tested for API compatibility -->
-    <remoting.version>3.19</remoting.version>
+    <remoting.version>3.20</remoting.version>
     <remoting.minimum.supported.version>2.60</remoting.minimum.supported.version>
 
     <!-- TODO: JENKINS-36716 - Switch to Medium once FindBugs is cleaned up, 430 issues on Mar 10, 2018 -->
-- 
GitLab


From a5e9cbd731722d7594da77a6fddd10a800172c0a Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Wed, 18 Apr 2018 18:30:49 +0200
Subject: [PATCH 336/863] [JENKINS-48347] - Update WinP from 1.25 to 1.26 to
 pick the weblogic fix

---
 core/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/pom.xml b/core/pom.xml
index f81dc113b8..ccd4981125 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -515,7 +515,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>org.jvnet.winp</groupId>
       <artifactId>winp</artifactId>
-      <version>1.25</version>
+      <version>1.26</version>
     </dependency>
     <dependency>
       <groupId>org.jenkins-ci</groupId>
-- 
GitLab


From 20bf0055b58cc4b033708e6888d0986386319f88 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Wed, 18 Apr 2018 19:20:35 +0200
Subject: [PATCH 337/863] Fix Remoting version comments in pom.xml

---
 pom.xml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index cc99d22365..90f596daa7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -103,8 +103,9 @@ THE SOFTWARE.
 
     <maven-war-plugin.version>3.0.0</maven-war-plugin.version> <!-- JENKINS-47127 bump when 3.2.0 is out. Cf. MWAR-407 -->
 
-    <!-- Minimum Remoting version, which is tested for API compatibility -->
+    <!-- Bundled Remoting version -->
     <remoting.version>3.20</remoting.version>
+    <!-- Minimum Remoting version, which is tested for API compatibility -->
     <remoting.minimum.supported.version>2.60</remoting.minimum.supported.version>
 
     <!-- TODO: JENKINS-36716 - Switch to Medium once FindBugs is cleaned up, 430 issues on Mar 10, 2018 -->
-- 
GitLab


From 8a2f9865e8dfc4b25de603b693dcc09a99be85af Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Thu, 22 Mar 2018 09:13:11 +0100
Subject: [PATCH 338/863] [JENKINS-50324] User without READ cannot logout - or
 even ask who they are

(cherry picked from commit b5ed977bbca76f0ff1cd09ea9767d876e98aa64e)
---
 core/src/main/java/hudson/cli/CLICommand.java |  2 +-
 .../test/java/hudson/cli/CLIActionTest.java   | 26 +++++++++++++++++++
 2 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/cli/CLICommand.java b/core/src/main/java/hudson/cli/CLICommand.java
index 854368711d..329356ac49 100644
--- a/core/src/main/java/hudson/cli/CLICommand.java
+++ b/core/src/main/java/hudson/cli/CLICommand.java
@@ -275,7 +275,7 @@ public abstract class CLICommand implements ExtensionPoint, Cloneable {
             if (auth==Jenkins.ANONYMOUS)
                 auth = loadStoredAuthentication();
             sc.setAuthentication(auth); // run the CLI with the right credential
-            if (!(this instanceof LoginCommand || this instanceof HelpCommand))
+            if (!(this instanceof LoginCommand || this instanceof LogoutCommand || this instanceof HelpCommand || this instanceof WhoAmICommand))
                 Jenkins.getActiveInstance().checkPermission(Jenkins.READ);
             return run();
         } catch (CmdLineException e) {
diff --git a/test/src/test/java/hudson/cli/CLIActionTest.java b/test/src/test/java/hudson/cli/CLIActionTest.java
index 98ec72a536..c4be2a8bb0 100644
--- a/test/src/test/java/hudson/cli/CLIActionTest.java
+++ b/test/src/test/java/hudson/cli/CLIActionTest.java
@@ -295,6 +295,32 @@ public class CLIActionTest {
         assertExitCode(6, false, jar, "get-view", "v2"); // Error code 3 before SECURITY-754
     }
 
+    @Test
+    @Issue("JENKINS-50324")
+    public void userWithoutReadCanLogout() throws Exception {
+        String userWithRead = "userWithRead";
+        String userWithoutRead = "userWithoutRead";
+        
+        File jar = tmp.newFile("jenkins-cli.jar");
+        FileUtils.copyURLToFile(j.jenkins.getJnlpJars("jenkins-cli.jar").getURL(), jar);
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        j.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy()
+                .grant(Jenkins.ADMINISTER).everywhere().to(ADMIN)
+                .grant(Jenkins.READ).everywhere().to(userWithRead)
+                // nothing to userWithoutRead
+        );
+    
+        checkCanLogout(jar, ADMIN);
+        checkCanLogout(jar, userWithRead);
+        checkCanLogout(jar, userWithoutRead);
+    }
+    
+    private void checkCanLogout(File cliJar, String userLoginAndPassword) throws Exception {
+        assertExitCode(0, false, cliJar, "-remoting", "login", "--username", userLoginAndPassword, "--password", userLoginAndPassword);
+        assertExitCode(0, false, cliJar, "-remoting", "who-am-i");
+        assertExitCode(0, false, cliJar, "-remoting", "logout");
+    }
+    
     @TestExtension("encodingAndLocale")
     public static class TestDiagnosticCommand extends CLICommand {
 
-- 
GitLab


From f5a2401c8a38b4c51e5dc5a7542326aa25343143 Mon Sep 17 00:00:00 2001
From: Vincent Latombe <vincent@latombe.net>
Date: Mon, 26 Mar 2018 09:38:33 +0200
Subject: [PATCH 339/863] [JENKINS-49401] Move Setup Wizard initialization
 logic to the init reactor. (#3282)

This way, it is guaranteed Jenkins.save() has never been called before
the SetupWizard is executed, and computation of the initial Setup Wizard
state will be correct.

Since the SetupWizard is now executed before reaching the COMPLETED
milestone, a Jenkins.save() call has been added in order to persist any
configuration change done in prior phases.

(cherry picked from commit 9f599911f6125cd69dc45718a4bbf79644be74e8)
---
 core/src/main/java/jenkins/model/Jenkins.java | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index 15a4edce00..4d7611e9f7 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -918,9 +918,7 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
             if(KILL_AFTER_LOAD)
                 // TODO cleanUp?
                 System.exit(0);
-
-            setupWizard = new SetupWizard();
-            getInstallState().initializeState();
+            save();
 
             launchTcpSlaveAgentListener();
 
@@ -3146,6 +3144,9 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
                 // auto register root actions
                 for (Action a : getExtensionList(RootAction.class))
                     if (!actions.contains(a)) actions.add(a);
+
+                setupWizard = new SetupWizard();
+                getInstallState().initializeState();
             }
         });
 
-- 
GitLab


From 615c3b1f616b9ba4aa5dd2c348b61b3546edf882 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 21 Mar 2018 16:21:42 -0400
Subject: [PATCH 340/863] [JENKINS-46386] Make SystemProperties safe to call
 from agent JVMs.

(cherry picked from commit 7948315142cd8ac82ee69ab42416ea8af574860b)
---
 .../java/jenkins/util/SystemProperties.java   | 64 +++++++++++--------
 .../jenkins/util/SystemPropertiesTest.java    |  2 +-
 war/src/main/webapp/WEB-INF/web.xml           |  2 +-
 3 files changed, 38 insertions(+), 30 deletions(-)

diff --git a/core/src/main/java/jenkins/util/SystemProperties.java b/core/src/main/java/jenkins/util/SystemProperties.java
index 374c4e3ffe..7eecb20975 100644
--- a/core/src/main/java/jenkins/util/SystemProperties.java
+++ b/core/src/main/java/jenkins/util/SystemProperties.java
@@ -24,7 +24,6 @@
 package jenkins.util;
 
 import edu.umd.cs.findbugs.annotations.CheckForNull;
-import edu.umd.cs.findbugs.annotations.Nullable;
 import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
 import hudson.EnvVars;
 import java.util.logging.Level;
@@ -67,34 +66,40 @@ import org.kohsuke.accmod.restrictions.NoExternalUse;
  */
 //TODO: Define a correct design of this engine later. Should be accessible in libs (remoting, stapler) and Jenkins modules too
 @Restricted(NoExternalUse.class)
-public class SystemProperties implements ServletContextListener, OnMaster {
-    // this class implements ServletContextListener and is declared in WEB-INF/web.xml
+public class SystemProperties {
 
-    /**
-     * The ServletContext to get the "init" parameters from.
-     */
-    @CheckForNull
-    private static ServletContext theContext;
+    // declared in WEB-INF/web.xml
+    public static final class Listener implements ServletContextListener, OnMaster {
+
+        /**
+         * The ServletContext to get the "init" parameters from.
+         */
+        @CheckForNull
+        private static ServletContext theContext;
+
+        /**
+         * Called by the servlet container to initialize the {@link ServletContext}.
+         */
+        @Override
+        @SuppressFBWarnings(value = "ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD",
+                justification = "Currently Jenkins instance may have one ond only one context")
+        public void contextInitialized(ServletContextEvent event) {
+            theContext = event.getServletContext();
+        }
+
+        @Override
+        public void contextDestroyed(ServletContextEvent event) {
+            theContext = null;
+        }
+
+    }
 
     /**
      * Logger.
      */
     private static final Logger LOGGER = Logger.getLogger(SystemProperties.class.getName());
 
-    /**
-     * Public for the servlet container.
-     */
-    public SystemProperties() {}
-
-    /**
-     * Called by the servlet container to initialize the {@link ServletContext}.
-     */
-    @Override
-    @SuppressFBWarnings(value = "ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD",
-            justification = "Currently Jenkins instance may have one ond only one context")
-    public void contextInitialized(ServletContextEvent event) {
-        theContext = event.getServletContext();
-    }
+    private SystemProperties() {}
 
     /**
      * Gets the system property indicated by the specified key.
@@ -373,9 +378,16 @@ public class SystemProperties implements ServletContextListener, OnMaster {
 
     @CheckForNull
     private static String tryGetValueFromContext(String key) {
-        if (StringUtils.isNotBlank(key) && theContext != null) {
+        if (!JenkinsJVM.isJenkinsJVM()) {
+            return null;
+        }
+        return doTryGetValueFromContext(key);
+    }
+
+    private static String doTryGetValueFromContext(String key) {
+        if (StringUtils.isNotBlank(key) && Listener.theContext != null) {
             try {
-                String value = theContext.getInitParameter(key);
+                String value = Listener.theContext.getInitParameter(key);
                 if (value != null) {
                     return value;
                 }
@@ -387,8 +399,4 @@ public class SystemProperties implements ServletContextListener, OnMaster {
         return null;
     }
 
-    @Override
-    public void contextDestroyed(ServletContextEvent event) {
-        // nothing to do
-    }
 }
diff --git a/test/src/test/java/jenkins/util/SystemPropertiesTest.java b/test/src/test/java/jenkins/util/SystemPropertiesTest.java
index 4a751d0a08..0a16536556 100644
--- a/test/src/test/java/jenkins/util/SystemPropertiesTest.java
+++ b/test/src/test/java/jenkins/util/SystemPropertiesTest.java
@@ -46,7 +46,7 @@ public class SystemPropertiesTest {
     
     @Before
     public void setUp() {
-        new SystemProperties().contextInitialized(new ServletContextEvent(j.jenkins.servletContext));
+        new SystemProperties.Listener().contextInitialized(new ServletContextEvent(j.jenkins.servletContext));
     }
     
     @Test
diff --git a/war/src/main/webapp/WEB-INF/web.xml b/war/src/main/webapp/WEB-INF/web.xml
index e12eab9811..2810415583 100644
--- a/war/src/main/webapp/WEB-INF/web.xml
+++ b/war/src/main/webapp/WEB-INF/web.xml
@@ -153,7 +153,7 @@ THE SOFTWARE.
 
   <listener>
     <!-- Must be before WebAppMain in order to initialize the context before the first use of this class. -->
-    <listener-class>jenkins.util.SystemProperties</listener-class>
+    <listener-class>jenkins.util.SystemProperties$Listener</listener-class>
   </listener>
   <listener>
     <listener-class>hudson.WebAppMain</listener-class>
-- 
GitLab


From 2d3cbeca9b8d2146bb36292798f528e9dd7e5a2f Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 8 Apr 2018 13:00:36 -0700
Subject: [PATCH 341/863] [INFRA-1502] bake the new UC root CA.

The current UC root CA will expire in 2021. Since this key certificate
is baked into jenkins.war, it needs a plenty of time to rotate. I think
two years window would be sufficient, but since I looked, we might as
well start now.

The new key is also now 4096 bits, upgraded from previous 2048 bits.

I've also used the opportunity to remove old hudson-community root CA,
which was used during the transition period from me leaving Sun and the
birth of Jenkins. It's been long since we stopped using this cert, so no
need to honor it anymore.

(cherry picked from commit bcab1f086f8a307f934499c32da346ad88a64adb)
---
 .../update-center-rootCAs/hudson-community    | 28 ---------------
 .../hudson-community.txt                      |  1 -
 .../jenkins-update-center-root-ca-2           | 34 +++++++++++++++++++
 .../jenkins-update-center-root-ca-2.txt       |  2 ++
 4 files changed, 36 insertions(+), 29 deletions(-)
 delete mode 100644 war/src/main/webapp/WEB-INF/update-center-rootCAs/hudson-community
 delete mode 100644 war/src/main/webapp/WEB-INF/update-center-rootCAs/hudson-community.txt
 create mode 100644 war/src/main/webapp/WEB-INF/update-center-rootCAs/jenkins-update-center-root-ca-2
 create mode 100644 war/src/main/webapp/WEB-INF/update-center-rootCAs/jenkins-update-center-root-ca-2.txt

diff --git a/war/src/main/webapp/WEB-INF/update-center-rootCAs/hudson-community b/war/src/main/webapp/WEB-INF/update-center-rootCAs/hudson-community
deleted file mode 100644
index 3e249a32d1..0000000000
--- a/war/src/main/webapp/WEB-INF/update-center-rootCAs/hudson-community
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIE1jCCA76gAwIBAgIJAImLL4rgC+O7MA0GCSqGSIb3DQEBBQUAMIGiMQswCQYD
-VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEUMBIGA1UEBxMLU2FudGEgQ2xh
-cmExFzAVBgNVBAoTDkh1ZHNvbiBwcm9qZWN0MRcwFQYDVQQLEw5IdWRzb24gUm9v
-dCBDQTEXMBUGA1UEAxMOSHVkc29uIFJvb3QgQ0ExHTAbBgkqhkiG9w0BCQEWDmh1
-ZHNvbkBzdW4uY29tMB4XDTA5MTAyNTE3NTI0MFoXDTE5MTAyMzE3NTI0MFowgaIx
-CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRQwEgYDVQQHEwtTYW50
-YSBDbGFyYTEXMBUGA1UEChMOSHVkc29uIHByb2plY3QxFzAVBgNVBAsTDkh1ZHNv
-biBSb290IENBMRcwFQYDVQQDEw5IdWRzb24gUm9vdCBDQTEdMBsGCSqGSIb3DQEJ
-ARYOaHVkc29uQHN1bi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQCp1h/pnrYRAGK6nse+3d2W4xshInJwwnR/1D3NwBLA9xs/DOrlxX96b8CbXNoW
-DGc7DpvlwpKfnhOx2jgT5/Jf3bbwQdIntXp9DPQyYLFzekNBZyd3aRySgODpdRW0
-nHcNtQWqn7jvMfu16njUer0x+ipPDCMxOvEZCSjYKrok2PUlQhN/BeS3av9vxSPi
-3FDhDukYimzhiuZiteXb1oij67FBWdI3cYAsQmU1KJyxBwLJ44cLmfLf0I1Sl6Tz
-XcTiSAYvxLogf/ESYtchBjdvmEupv611HWYjbdi4XnjW0tj+NzOcaEcsDC6f5BSt
-TxSJ3T69pIpNZjjxHNMHB01vAgMBAAGjggELMIIBBzAdBgNVHQ4EFgQUUaZC6oV8
-pWg5kT4VoAkNH5etnF8wgdcGA1UdIwSBzzCBzIAUUaZC6oV8pWg5kT4VoAkNH5et
-nF+hgaikgaUwgaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRQw
-EgYDVQQHEwtTYW50YSBDbGFyYTEXMBUGA1UEChMOSHVkc29uIHByb2plY3QxFzAV
-BgNVBAsTDkh1ZHNvbiBSb290IENBMRcwFQYDVQQDEw5IdWRzb24gUm9vdCBDQTEd
-MBsGCSqGSIb3DQEJARYOaHVkc29uQHN1bi5jb22CCQCJiy+K4AvjuzAMBgNVHRME
-BTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAYAYVICF98VHVt/0L8MjxKtuHNjZ2q
-5Wius5tT+uWufer5y083YGlnQzch/622NNR14koJMioD0FR3XqEGeakJexB3hj3K
-Iqp7+nkqFcjZycujGTsix6zJ8Mwc2lHbCTt5EZsr5YYzeT6IWbeOofsRBsqA1Ygc
-L6pT0oFf1nl+RKxa0EANj6RO9fOjAp9cTndZjynvE8J8S1RDPC98IRmSCiwZKCQc
-9KE6D+Sk9XZO3pff6NGo8DA1MOoMGB8lxXWZxMvqkaZdB6UTnvWsvPvpqwFA/mj0
-M/hYpqAOSqTttQMLuQBuYj5YbPjh0843azZXP5xm62TK+E+q7sdedeuA
------END CERTIFICATE-----
diff --git a/war/src/main/webapp/WEB-INF/update-center-rootCAs/hudson-community.txt b/war/src/main/webapp/WEB-INF/update-center-rootCAs/hudson-community.txt
deleted file mode 100644
index a2db540657..0000000000
--- a/war/src/main/webapp/WEB-INF/update-center-rootCAs/hudson-community.txt
+++ /dev/null
@@ -1 +0,0 @@
-This root CA is used to hand out certificates to the community members, allowing people to run update centers without using an expensive regular certificates from vendors like VeriSign.
diff --git a/war/src/main/webapp/WEB-INF/update-center-rootCAs/jenkins-update-center-root-ca-2 b/war/src/main/webapp/WEB-INF/update-center-rootCAs/jenkins-update-center-root-ca-2
new file mode 100644
index 0000000000..62a3140029
--- /dev/null
+++ b/war/src/main/webapp/WEB-INF/update-center-rootCAs/jenkins-update-center-root-ca-2
@@ -0,0 +1,34 @@
+-----BEGIN CERTIFICATE-----
+MIIF6TCCA9GgAwIBAgIJAODsOx91KoaMMA0GCSqGSIb3DQEBCwUAMIGKMQswCQYD
+VQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTERMA8GA1UEBwwIU2FuIEpvc2Ux
+GDAWBgNVBAoMD0plbmtpbnMgUHJvamVjdDEaMBgGA1UEAwwRS29oc3VrZSBLYXdh
+Z3VjaGkxHTAbBgkqhkiG9w0BCQEWDmtrQGtvaHN1a2Uub3JnMB4XDTE4MDQwODE5
+NTcxMFoXDTI4MDQwNTE5NTcxMFowgYoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApD
+YWxpZm9ybmlhMREwDwYDVQQHDAhTYW4gSm9zZTEYMBYGA1UECgwPSmVua2lucyBQ
+cm9qZWN0MRowGAYDVQQDDBFLb2hzdWtlIEthd2FndWNoaTEdMBsGCSqGSIb3DQEJ
+ARYOa2tAa29oc3VrZS5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
+AQDFlDbPDKOdbqNdxTdVUkCsSAqbl/K+c0Q9BR43P1KUsUbKnNlZalibgE0clduz
+W75lwH7Qt7qqNXJIy4qR3ETS45fxgtg2lJdVCOV0i3PhigdyBWbHmD7/ER/LTAfN
+Z2HOOrujZ3giz6vo2eTluNk4zmIW8YBaf6j67GyWMd1Mnx/t6G7DWvZRXQS7HSXt
+mPsbBzDB4Z6WdIlR5EYsqnw55Lb0h2Bh4RWg6RWL9Vxxc4z+EUT8hH2VBLbm5sAJ
+avS5kgCZM72VqREdxb7LleqgetLC9WJ3wGoW6RmrCMIN9Ast5WGI91JE1VQh7i8y
+AZG626hJp/Ax4P0kIQ3nySV+/kzQB1i8kuhRq6pBcVU7flETw44ENaVXJ7IUE3YK
+QghgwDW0Mf5+oSG+t4atOBFxy0VudOLoQ8AHUgsotLMzGOwOluxEunymiSL1AK0V
+7FIXg5tWlcXLvZaY2PQSttvSklYxHjoH+JuiazrOjqu96iLSEyY7JVZ5X2/D2Nv7
+T9JPTvdu1H3vtzr32qbMWV7hAqCR3hSDGCHmmuRDJ5CM4G4G5vQ1XE4dRfzBt+5m
+68ecwRGFp8C2byF5Wn1LyFrYs/uHp99TL/DMpqXBfc9z7oQZI2zzPmji5dC9qnD3
+P5+k2ksuEURK8AJAf5f17sjUfsjQAPSUMaKVKzmrszL2PQIDAQABo1AwTjAdBgNV
+HQ4EFgQUEcbl1DAt6VXGAbVrUHLSNn60AYcwHwYDVR0jBBgwFoAUEcbl1DAt6VXG
+AbVrUHLSNn60AYcwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAVBiW
+OrRdGBUKd/Gyb+qdFq3q0YtmfARw3TfO0rL9rtjU6S4aOo+XcmM8TbjHrxnBd0Wx
+2rQhtkZQPcu45LCUYMmseFMM36T4ahDKwrI6l0uJKvGO7W3gg26GP9A7D0x9KpYL
+QemVbwzpG9pQyJJOE+VmgFK1Bk3bDZu9m7FFi2NRmgexvRPS1tpl5WPFRnGY7Duv
+xPAVey33cKxa4malrFdxjI4WiVdtqQu+GPcN6WNJfPhYxeWlcyQGCxqprLLdoG0l
+ncd95evObgj0y6STY7/x29hRguYOnXnOYpJB53Iaard34gL8JV34gyCBkfy48eOD
+D9rw/kdQYUhyxLQnoCS2q4Ueyk/mtnAs/eUE/aFoD0ElX/5CAzL8ZbrRTKgwqmB5
+yP8Wgd/G8du3kRtTWaSc19Wdr6hFOaCfXgvyJvl/S5XaFyJF2lotKdM6O3EGdTOF
+b10ZJSYa/6o6Y4CY4P2J3WHF8uyBPpH92p/csbt4nqPIdQWm0/KGsy2Hr7z+QYvc
+V1ipjxDLCj/RVPRuoGHVeW61Q9FEhatDgryYAq3VWOfazLHE5W/JHZQkcpDJLNdN
+2EWvSD3/jxFUuqbWCBmiy8klzUzN97tKGLDSAsxgW2J+kydvL8souNl+cVV/ttlT
+T1JjZA8VNmdlKiPqf4S9u/kTAojeLB9zU0cTSW0=
+-----END CERTIFICATE-----
diff --git a/war/src/main/webapp/WEB-INF/update-center-rootCAs/jenkins-update-center-root-ca-2.txt b/war/src/main/webapp/WEB-INF/update-center-rootCAs/jenkins-update-center-root-ca-2.txt
new file mode 100644
index 0000000000..0e0f681d1c
--- /dev/null
+++ b/war/src/main/webapp/WEB-INF/update-center-rootCAs/jenkins-update-center-root-ca-2.txt
@@ -0,0 +1,2 @@
+Root CA for the Jenkins community. Used to generate official update center.
+This is the v2 key generated in preparation for the expiration of the v1 key.
-- 
GitLab


From d8ef16e422df6177dfc16679ab17001f536af47b Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Fri, 20 Apr 2018 14:26:22 +0200
Subject: [PATCH 342/863] Update javadoc & clarify parameter name

---
 core/src/main/java/jenkins/model/Jenkins.java | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index d9c9af7974..d3f7453e52 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -3041,23 +3041,24 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
     }
 
     /**
-     * @param value
+     * Checks the correctness of the newBuildsDirValue for use as {@link #buildsDir}.
+     * @param newBuildsDirValue the candidate newBuildsDirValue for updating {@link #buildsDir}.
      */
     @VisibleForTesting
-    /*private*/ static void checkRawBuildsDir(String value) throws InvalidBuildsDir {
+    /*private*/ static void checkRawBuildsDir(String newBuildsDirValue) throws InvalidBuildsDir {
 
         // do essentially what expandVariablesForDirectory does, without an Item
-        String replacedValue = expandVariablesForDirectory(value,
+        String replacedValue = expandVariablesForDirectory(newBuildsDirValue,
                                                            "doCheckRawBuildsDir-Marker:foo",
                                                            Jenkins.getInstance().getRootDir().getPath() + "/jobs/doCheckRawBuildsDir-Marker$foo");
 
         File replacedFile = new File(replacedValue);
         if (!replacedFile.isAbsolute()) {
-            throw new InvalidBuildsDir(value + " does not resolve to an absolute path");
+            throw new InvalidBuildsDir(newBuildsDirValue + " does not resolve to an absolute path");
         }
 
         if (!replacedValue.contains("doCheckRawBuildsDir-Marker")) {
-            throw new InvalidBuildsDir(value + " does not contain ${ITEM_FULL_NAME} or ${ITEM_ROOTDIR}, cannot distinguish between projects");
+            throw new InvalidBuildsDir(newBuildsDirValue + " does not contain ${ITEM_FULL_NAME} or ${ITEM_ROOTDIR}, cannot distinguish between projects");
         }
 
         if (replacedValue.contains("doCheckRawBuildsDir-Marker:foo")) {
@@ -3066,7 +3067,7 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
                 File tmp = File.createTempFile("Jenkins-doCheckRawBuildsDir", "foo:bar");
                 tmp.delete();
             } catch (IOException e) {
-                throw new InvalidBuildsDir(value +  " contains ${ITEM_FULLNAME} but your system does not support it (JENKINS-12251). Use ${ITEM_FULL_NAME} instead");
+                throw new InvalidBuildsDir(newBuildsDirValue +  " contains ${ITEM_FULLNAME} but your system does not support it (JENKINS-12251). Use ${ITEM_FULL_NAME} instead");
             }
         }
 
@@ -3078,7 +3079,7 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
                 d = d.getParentFile();
             }
             if (!d.canWrite()) {
-                throw new InvalidBuildsDir(value +  " does not exist and probably cannot be created");
+                throw new InvalidBuildsDir(newBuildsDirValue +  " does not exist and probably cannot be created");
             }
         }
     }
-- 
GitLab


From 84e423d77a220341bd0471432f736e45a0f7ce84 Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Fri, 20 Apr 2018 14:28:19 +0200
Subject: [PATCH 343/863] Make the potential skip reason bubble up

---
 .../model/JenkinsBuildsAndWorkspacesDirectoriesTest.java        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java b/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java
index baf3ae1416..2051c1a26a 100644
--- a/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java
+++ b/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java
@@ -211,7 +211,7 @@ public class JenkinsBuildsAndWorkspacesDirectoriesTest {
     @Test
     public void fromPreviousCustomSetup() {
 
-        assumeFalse(Functions.isWindows()); // Default Windows lifecycle does not support restart.
+        assumeFalse("Default Windows lifecycle does not support restart.", Functions.isWindows());
 
         // check starting point and change config for next run
         final String newBuildsDirValueBySysprop = "/tmp/${ITEM_ROOTDIR}/bluh";
-- 
GitLab


From c4fc9098bff82689acda39da5f3e98a16393a633 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <Wadeck@users.noreply.github.com>
Date: Sat, 21 Apr 2018 10:31:38 +0200
Subject: [PATCH 344/863] Taglib docs: Add the checkMethod attribute to textbox
 (#3396)

* Add the checkMethod attribute to textbox
- better discovery capability for the plugin maintainers and core developers

* Address Daniel's comment about the possible values

* Address Devin's comment about the documentation content
---
 core/src/main/resources/lib/form/textarea.jelly | 5 +++--
 core/src/main/resources/lib/form/textbox.jelly  | 4 ++++
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/core/src/main/resources/lib/form/textarea.jelly b/core/src/main/resources/lib/form/textarea.jelly
index 76bf19b644..4104fa8159 100644
--- a/core/src/main/resources/lib/form/textarea.jelly
+++ b/core/src/main/resources/lib/form/textarea.jelly
@@ -51,8 +51,9 @@ THE SOFTWARE.
       If @field is specified, this will be inferred automatically,
       which is the recommended approach.
     </st:attribute>
-    <st:attribute name="checkMethod">
-      If specified, the HTTP method to use for input field will be checked (via AJAX)
+    <st:attribute name="checkMethod" use="optional" type="String">
+      Specify 'post' (must be lowercase) to change the HTTP method used for the AJAX requests to @checkUrl from a GET to a POST.
+      If any other value is specified then requests will use GET.
     </st:attribute>
     <st:attribute name="codemirror-mode">
       Turns this text area into CodeMirror-assisted code editing text area.
diff --git a/core/src/main/resources/lib/form/textbox.jelly b/core/src/main/resources/lib/form/textbox.jelly
index 3cf9f00492..0f6cf0ea21 100644
--- a/core/src/main/resources/lib/form/textbox.jelly
+++ b/core/src/main/resources/lib/form/textbox.jelly
@@ -64,6 +64,10 @@ THE SOFTWARE.
       If @field is specified, this will be inferred automatically,
       which is the recommended approach.
     </st:attribute>
+    <st:attribute name="checkMethod" use="optional" type="String">
+      Specify 'post' (must be lowercase) to change the HTTP method used for the AJAX requests to @checkUrl from a GET to a POST. 
+      If any other value is specified then requests will use GET.
+    </st:attribute>
     <st:attribute name="autoCompleteDelimChar">
       A single character that can be used as a delimiter for autocompletion. Normal
       autocomplete will replace the entire content of the text box with the autocomplete
-- 
GitLab


From d6800ac9eb12307a01aab1ab4199adff503f6c31 Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Sun, 22 Apr 2018 19:32:37 +0800
Subject: [PATCH 345/863] Add Chinese translation for slave

---
 .../model/Computer/_api_zh_CN.properties      | 23 ++++++++++++++++
 .../model/Computer/index_zh_CN.properties     |  4 ++-
 .../Computer/markOffline_zh_CN.properties     | 25 +++++++++++++++++
 .../Computer/setOfflineCause_zh_CN.properties | 25 +++++++++++++++++
 .../model/Computer/sidepanel_zh_CN.properties |  3 ++-
 .../model/ComputerSet/_new_zh_CN.properties   |  1 +
 .../model/ComputerSet/index_zh_CN.properties  |  3 ++-
 .../ComputerSet/sidepanel_zh_CN.properties    |  4 +--
 .../ComputerLauncher/main_zh_CN.properties    | 26 ++++++++++++++++++
 .../newInstanceDetail_zh_CN.properties        | 25 +++++++++++++++++
 .../JNLPLauncher/config_zh_CN.properties      | 24 +++++++++++++++++
 .../JNLPLauncher/help-vmargs_zh_CN.html       |  5 ++++
 .../slaves/JNLPLauncher/main_zh_CN.properties |  9 ++++++-
 .../hudson/slaves/Messages_zh_CN.properties   |  2 +-
 .../model/Jenkins/MasterComputer/_api.jelly   |  2 +-
 .../MasterComputer/_api_zh_CN.properties      | 23 ++++++++++++++++
 .../Jenkins/load-statistics_zh_CN.properties  | 23 ++++++++++++++++
 .../jenkins/slaves/Messages_zh_CN.properties  | 27 +++++++++++++++++++
 .../config_zh_CN.properties                   | 26 ++++++++++++++++++
 .../help-disabled_zh_CN.html                  |  4 +++
 .../help-failIfWorkDirIsMissing_zh_CN.html    |  3 +++
 .../help-internalDir_zh_CN.html               |  3 +++
 .../help-workDirPath_zh_CN.html               |  3 +++
 .../systemInfo/Messages_zh_CN.properties      | 26 ++++++++++++++++++
 24 files changed, 311 insertions(+), 8 deletions(-)
 create mode 100644 core/src/main/resources/hudson/model/Computer/_api_zh_CN.properties
 create mode 100644 core/src/main/resources/hudson/model/Computer/markOffline_zh_CN.properties
 create mode 100644 core/src/main/resources/hudson/model/Computer/setOfflineCause_zh_CN.properties
 create mode 100644 core/src/main/resources/hudson/slaves/ComputerLauncher/main_zh_CN.properties
 create mode 100644 core/src/main/resources/hudson/slaves/DumbSlave/newInstanceDetail_zh_CN.properties
 create mode 100644 core/src/main/resources/hudson/slaves/JNLPLauncher/config_zh_CN.properties
 create mode 100644 core/src/main/resources/hudson/slaves/JNLPLauncher/help-vmargs_zh_CN.html
 create mode 100644 core/src/main/resources/jenkins/model/Jenkins/MasterComputer/_api_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/model/Jenkins/load-statistics_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/slaves/Messages_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/config_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/help-disabled_zh_CN.html
 create mode 100644 core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/help-failIfWorkDirIsMissing_zh_CN.html
 create mode 100644 core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/help-internalDir_zh_CN.html
 create mode 100644 core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/help-workDirPath_zh_CN.html
 create mode 100644 core/src/main/resources/jenkins/slaves/systemInfo/Messages_zh_CN.properties

diff --git a/core/src/main/resources/hudson/model/Computer/_api_zh_CN.properties b/core/src/main/resources/hudson/model/Computer/_api_zh_CN.properties
new file mode 100644
index 0000000000..fe83665bdf
--- /dev/null
+++ b/core/src/main/resources/hudson/model/Computer/_api_zh_CN.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Load\ Statistics=\u8d1f\u8f7d\u7edf\u8ba1
diff --git a/core/src/main/resources/hudson/model/Computer/index_zh_CN.properties b/core/src/main/resources/hudson/model/Computer/index_zh_CN.properties
index ecb166e08c..a6f6a29eff 100644
--- a/core/src/main/resources/hudson/model/Computer/index_zh_CN.properties
+++ b/core/src/main/resources/hudson/model/Computer/index_zh_CN.properties
@@ -1,6 +1,6 @@
 # The MIT License
 #
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
+# Copyright (c) 2004-2018, Sun Microsystems, Inc, suren <zxjlwt@126.com>.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -24,3 +24,5 @@ Labels:=\u6807\u7B7E
 None=\u65E0
 submit.not.temporarilyOffline=\u4E34\u65F6\u65AD\u5F00\u6B64\u8282\u70B9
 title.projects_tied_on=\u5173\u8054\u5230{0}\u7684\u9879\u76EE
+submit.temporarilyOffline=\u4e0a\u7ebf\u8282\u70b9
+submit.updateOfflineCause=\u66f4\u65b0\u4e0b\u7ebf\u539f\u56e0
diff --git a/core/src/main/resources/hudson/model/Computer/markOffline_zh_CN.properties b/core/src/main/resources/hudson/model/Computer/markOffline_zh_CN.properties
new file mode 100644
index 0000000000..99ee4b527e
--- /dev/null
+++ b/core/src/main/resources/hudson/model/Computer/markOffline_zh_CN.properties
@@ -0,0 +1,25 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+title=\u8ba9 {0} \u4e0b\u7ebf
+blurb=\u4f60\u53ef\u4ee5\u89e3\u91ca\u4f7f\u8be5\u8282\u70b9\u4e0b\u7ebf\u7684\u539f\u56e0\uff08\u975e\u5fc5\u586b\uff09\uff0c\u4ee5\u4fbf\u8ba9\u5176\u4ed6\u4eba\u4e86\u89e3\uff1a
+submit=\u8ba9\u8be5\u8282\u70b9\u4e34\u65f6\u4e0b\u7ebf
diff --git a/core/src/main/resources/hudson/model/Computer/setOfflineCause_zh_CN.properties b/core/src/main/resources/hudson/model/Computer/setOfflineCause_zh_CN.properties
new file mode 100644
index 0000000000..d33512a105
--- /dev/null
+++ b/core/src/main/resources/hudson/model/Computer/setOfflineCause_zh_CN.properties
@@ -0,0 +1,25 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+title=\u8bbe\u7f6e {0} \u4e0b\u7ebf\u539f\u56e0
+blurb=\u4f60\u53ef\u4ee5\u8bbe\u7f6e\u6216\u8005\u66f4\u65b0\u8be5\u8282\u70b9\u4e0b\u7ebf\u7684\u539f\u56e0\uff0c\u4ee5\u4fbf\u8ba9\u5176\u4ed6\u4eba\u4e86\u89e3\uff1a
+submit=\u66f4\u65b0\u539f\u56e0
diff --git a/core/src/main/resources/hudson/model/Computer/sidepanel_zh_CN.properties b/core/src/main/resources/hudson/model/Computer/sidepanel_zh_CN.properties
index 0861540bb9..4757829803 100644
--- a/core/src/main/resources/hudson/model/Computer/sidepanel_zh_CN.properties
+++ b/core/src/main/resources/hudson/model/Computer/sidepanel_zh_CN.properties
@@ -1,6 +1,6 @@
 # The MIT License
 #
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
+# Copyright (c) 2004-2018, Sun Microsystems, Inc, suren <zxjlwt@126.com>.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -26,3 +26,4 @@ Configure=\u914D\u7F6E\u4ECE\u8282\u70B9
 Load\ Statistics=\u8d1f\u8f7d\u7edf\u8ba1
 Script\ Console=\u811a\u672c\u547d\u4ee4\u884c
 Status=\u72b6\u6001
+Delete\ Agent=\u5220\u9664\u8282\u70b9
diff --git a/core/src/main/resources/hudson/model/ComputerSet/_new_zh_CN.properties b/core/src/main/resources/hudson/model/ComputerSet/_new_zh_CN.properties
index 79d34d46af..08b2b7be72 100644
--- a/core/src/main/resources/hudson/model/ComputerSet/_new_zh_CN.properties
+++ b/core/src/main/resources/hudson/model/ComputerSet/_new_zh_CN.properties
@@ -2,3 +2,4 @@
 
 Name=\u540D\u5B57
 Name\ is\ mandatory=\u540D\u79F0\uFF08\u5FC5\u586B\uFF09
+Save=\u4fdd\u5b58
diff --git a/core/src/main/resources/hudson/model/ComputerSet/index_zh_CN.properties b/core/src/main/resources/hudson/model/ComputerSet/index_zh_CN.properties
index 25d63958ff..ca6e959922 100644
--- a/core/src/main/resources/hudson/model/ComputerSet/index_zh_CN.properties
+++ b/core/src/main/resources/hudson/model/ComputerSet/index_zh_CN.properties
@@ -1,6 +1,6 @@
 # The MIT License
 #
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
+# Copyright (c) 2004-2018, Sun Microsystems, Inc, suren <zxjlwt@126.com>.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -20,6 +20,7 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
+Nodes=\u8282\u70b9\u5217\u8868
 Configure=\u8BBE\u7F6E
 Data\ obtained=\u83B7\u53D6\u5230\u7684\u6570\u636E
 Name=\u540D\u79F0
diff --git a/core/src/main/resources/hudson/model/ComputerSet/sidepanel_zh_CN.properties b/core/src/main/resources/hudson/model/ComputerSet/sidepanel_zh_CN.properties
index c823d04e2c..0b167ecd6d 100644
--- a/core/src/main/resources/hudson/model/ComputerSet/sidepanel_zh_CN.properties
+++ b/core/src/main/resources/hudson/model/ComputerSet/sidepanel_zh_CN.properties
@@ -1,6 +1,6 @@
 # The MIT License
 #
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
+# Copyright (c) 2004-2018, Sun Microsystems, Inc, suren <zxjlwt@126.com>.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -20,7 +20,7 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Back\ to\ Dashboard=\u8fd4\u56de
+Back\ to\ Dashboard=\u8fd4\u56de\u5de5\u4f5c\u53f0
 Manage\ Jenkins=\u7cfb\u7edf\u7ba1\u7406
 Configure=\u914D\u7F6E
 New\ Node=\u65b0\u5efa\u8282\u70b9
diff --git a/core/src/main/resources/hudson/slaves/ComputerLauncher/main_zh_CN.properties b/core/src/main/resources/hudson/slaves/ComputerLauncher/main_zh_CN.properties
new file mode 100644
index 0000000000..9b685ac70c
--- /dev/null
+++ b/core/src/main/resources/hudson/slaves/ComputerLauncher/main_zh_CN.properties
@@ -0,0 +1,26 @@
+# The MIT License
+#
+# Copyright (c) 2018 suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+launchingDescription=\u8be5\u8282\u70b9\u5df2\u7ecf\u542f\u52a8\u3002
+See\ log\ for\ more\ details=\u66f4\u591a\u4fe1\u606f\u8bf7\u67e5\u770b\u65e5\u5fd7
+Relaunch\ agent=\u91cd\u542f\u4ee3\u7406
+Launch\ agent=\u542f\u52a8\u4ee3\u7406
diff --git a/core/src/main/resources/hudson/slaves/DumbSlave/newInstanceDetail_zh_CN.properties b/core/src/main/resources/hudson/slaves/DumbSlave/newInstanceDetail_zh_CN.properties
new file mode 100644
index 0000000000..f1e1f47dab
--- /dev/null
+++ b/core/src/main/resources/hudson/slaves/DumbSlave/newInstanceDetail_zh_CN.properties
@@ -0,0 +1,25 @@
+# The MIT License
+# 
+# Copyright (c) 2004-2018, Sun Microsystems, Inc., Kohsuke Kawaguchi,
+#   suren <zxjlwt@126.com>
+# 
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+# 
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+detail=\
+  \u6dfb\u52a0\u4e00\u4e2a\u666e\u901a\u3001\u56fa\u5b9a\u7684\u8282\u70b9\u5230Jenkins\u3002\u4e4b\u6240\u4ee5\u53eb\u505a\u201c\u56fa\u5b9a\u201d\uff0c\u662f\u56e0\u4e3aJenkins\u6ca1\u7ed9\u8fd9\u79cd\u8282\u70b9\u63d0\u4f9b\u66f4\u9ad8\u7ea7\u7684\u96c6\u6210\u65b9\u5f0f\uff0c\u4f8b\u5982\uff1a\u52a8\u6001\u914d\u7f6e\u3002\u6ca1\u6709\u5176\u4ed6\u7c7b\u578b\u80fd\u9009\u62e9\u7684\u8bdd\u53ef\u4ee5\u9009\u62e9\u8be5\u7c7b\u578b\uff1b\u4f8b\u5982\uff0c\u4f60\u5728\u6dfb\u52a0\u4e0d\u53d7Jenkins\u7ba1\u7406\u7684\u7269\u7406\u673a\u3001\u865a\u62df\u673a\u7b49\u7b49\u3002
diff --git a/core/src/main/resources/hudson/slaves/JNLPLauncher/config_zh_CN.properties b/core/src/main/resources/hudson/slaves/JNLPLauncher/config_zh_CN.properties
new file mode 100644
index 0000000000..feb6df4894
--- /dev/null
+++ b/core/src/main/resources/hudson/slaves/JNLPLauncher/config_zh_CN.properties
@@ -0,0 +1,24 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+JVM\ options=JVM \u9009\u9879
+Tunnel\ connection\ through=Tunnel \u8fde\u63a5\u4f4d\u7f6e
diff --git a/core/src/main/resources/hudson/slaves/JNLPLauncher/help-vmargs_zh_CN.html b/core/src/main/resources/hudson/slaves/JNLPLauncher/help-vmargs_zh_CN.html
new file mode 100644
index 0000000000..7ea86c5025
--- /dev/null
+++ b/core/src/main/resources/hudson/slaves/JNLPLauncher/help-vmargs_zh_CN.html
@@ -0,0 +1,5 @@
+<div>
+    如果代理的Java虚拟机启动时需要附加参数，例如 "-Xmx256m"，可以在这里设置。
+    <a href="http://java.sun.com/javase/technologies/hotspot/vmoptions.jsp" target="_new">这里</a>
+    列出了所有可用的参数。
+</div>
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/slaves/JNLPLauncher/main_zh_CN.properties b/core/src/main/resources/hudson/slaves/JNLPLauncher/main_zh_CN.properties
index 1f1a4b8bdc..cf34147ccd 100644
--- a/core/src/main/resources/hudson/slaves/JNLPLauncher/main_zh_CN.properties
+++ b/core/src/main/resources/hudson/slaves/JNLPLauncher/main_zh_CN.properties
@@ -1,6 +1,6 @@
 # The MIT License
 #
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
+# Copyright (c) 2004-2018, Sun Microsystems, Inc, suren <zxjlwt@126.com> .
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -20,4 +20,11 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
+slaveAgentPort.disabled=\u4ece\u8282\u70b9\u7aef\u53e3\u88ab\u7981\u7528
+configure.link.text=\u914d\u7f6e\u94fe\u63a5
+Connect\ agent\ to\ Jenkins\ one\ of\ these\ ways\:=\u8282\u70b9\u8fde\u63a5Jenkins\u7684\u65b9\u5f0f\u5982\u4e0b\uff1a
+launch\ agent=\u542f\u52a8\u8282\u70b9
+Launch\ agent\ from\ browser=\u5728\u6d4f\u89c8\u5668\u4e2d\u542f\u52a8\u8282\u70b9
+Run\ from\ agent\ command\ line\:=\u5728\u547d\u4ee4\u884c\u4e2d\u542f\u52a8\u8282\u70b9
+Or\ if\ the\ agent\ is\ headless\:=\u6216\u8005\uff0c\u5f53\u8282\u70b9\u662f\u65e0\u754c\u9762\u7684\u8bdd
 Connected\ via\ JNLP\ agent.=\u5DF2\u901A\u8FC7JNLP Agent\u8FDE\u63A5
diff --git a/core/src/main/resources/hudson/slaves/Messages_zh_CN.properties b/core/src/main/resources/hudson/slaves/Messages_zh_CN.properties
index c8ef214cd4..3c136db31f 100644
--- a/core/src/main/resources/hudson/slaves/Messages_zh_CN.properties
+++ b/core/src/main/resources/hudson/slaves/Messages_zh_CN.properties
@@ -28,7 +28,7 @@ JNLPLauncher.displayName=\u901A\u8FC7Java Web\u542F\u52A8\u4EE3\u7406
 ComputerLauncher.unexpectedError=\u542F\u52A8\u4EE3\u7406\u662F\u51FA\u73B0\u4F4D\u7F6E\u9519\u8BEF\u3002\u8FD9\u53EF\u80FD\u662FJenkins\u7684\u95EE\u9898\u3002
 ComputerLauncher.abortedLaunch=\u4EE3\u7406\u542F\u52A8\u8FC7\u7A0B\u88AB\u4E2D\u6B62\u3002
 CommandLauncher.NoLaunchCommand=\u6CA1\u6709\u6307\u5B9A\u542F\u52A8\u547D\u4EE4
-DumbSlave.displayName=\u56FA\u5B9A\u4EE3\u7406
+DumbSlave.displayName=\u56fa\u5b9a\u8282\u70b9
 NodeProvisioner.EmptyString=
 OfflineCause.LaunchFailed=\u7531\u4E8E\u4EE3\u7406\u542F\u52A8\u8FC7\u7A0B\u5931\u8D25\u5BFC\u81F4\u7684\u79BB\u7EBF\u3002
 OfflineCause.connection_was_broken_=\u8FDE\u63A5\u65AD\u5F00\uFF1A{0}
diff --git a/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/_api.jelly b/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/_api.jelly
index e38f41caa6..a1478f66ea 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/_api.jelly
+++ b/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/_api.jelly
@@ -24,7 +24,7 @@ THE SOFTWARE.
 
 <?jelly escape-by-default='true'?>
 <j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form" xmlns:i="jelly:fmt">
-  <h2>Load Statistics</h2>
+  <h2>${%Load Statistics}</h2>
   <p>
     Load statistics of this computer has <a href="../loadStatistics/api/">its own separate API</a>.
   </p>
diff --git a/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/_api_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/_api_zh_CN.properties
new file mode 100644
index 0000000000..fe83665bdf
--- /dev/null
+++ b/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/_api_zh_CN.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Load\ Statistics=\u8d1f\u8f7d\u7edf\u8ba1
diff --git a/core/src/main/resources/jenkins/model/Jenkins/load-statistics_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/load-statistics_zh_CN.properties
new file mode 100644
index 0000000000..fe83665bdf
--- /dev/null
+++ b/core/src/main/resources/jenkins/model/Jenkins/load-statistics_zh_CN.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Load\ Statistics=\u8d1f\u8f7d\u7edf\u8ba1
diff --git a/core/src/main/resources/jenkins/slaves/Messages_zh_CN.properties b/core/src/main/resources/jenkins/slaves/Messages_zh_CN.properties
new file mode 100644
index 0000000000..9e43a06aa0
--- /dev/null
+++ b/core/src/main/resources/jenkins/slaves/Messages_zh_CN.properties
@@ -0,0 +1,27 @@
+# The MIT License
+#
+# Copyright 2018 suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+JnlpSlaveAgentProtocol.displayName=Java Web Start Agent Protocol/1 (\u5f03\u7528\uff0c\u672a\u52a0\u5bc6)
+JnlpSlaveAgentProtocol2.displayName=Java Web Start Agent Protocol/2 (\u5f03\u7528\uff0c\u672a\u52a0\u5bc6)
+JnlpSlaveAgentProtocol3.displayName=Java Web Start Agent Protocol/3 (\u5f03\u7528\uff0c\u57fa\u7840\u52a0\u5bc6)
+JnlpSlaveAgentProtocol4.displayName=Java Web Start Agent Protocol/4 (TLS \u52a0\u5bc6)
+DeprecatedAgentProtocolMonitor.displayName=\u5df2\u5f03\u7528\u7684\u4ee3\u7406\u534f\u8bae\u76d1\u63a7
diff --git a/core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/config_zh_CN.properties b/core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/config_zh_CN.properties
new file mode 100644
index 0000000000..ba7b9b5022
--- /dev/null
+++ b/core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/config_zh_CN.properties
@@ -0,0 +1,26 @@
+# The MIT License
+#
+# Copyright (c) 2018 suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Disable\ WorkDir=\u7981\u7528\u5de5\u4f5c\u76ee\u5f55
+Fail\ if\ workspace\ is\ missing=\u5f53\u5de5\u4f5c\u76ee\u5f55\u7f3a\u5931\u65f6\u5931\u8d25
+Internal\ data\ directory=\u5185\u90e8\u6570\u636e\u76ee\u5f55
+Custom\ WorkDir\ path=\u81ea\u5b9a\u4e49\u5de5\u4f5c\u76ee\u5f55
diff --git a/core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/help-disabled_zh_CN.html b/core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/help-disabled_zh_CN.html
new file mode 100644
index 0000000000..dac1751904
--- /dev/null
+++ b/core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/help-disabled_zh_CN.html
@@ -0,0 +1,4 @@
+<div>
+  允许禁用该代理的 <a href="https://github.com/jenkinsci/remoting/blob/master/docs/workDir.md">远程工作目录</a> 。
+  这种情况，代理会以旧版本模式下运行，而且默认没有日志记录。
+</div>
diff --git a/core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/help-failIfWorkDirIsMissing_zh_CN.html b/core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/help-failIfWorkDirIsMissing_zh_CN.html
new file mode 100644
index 0000000000..29f0821ea7
--- /dev/null
+++ b/core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/help-failIfWorkDirIsMissing_zh_CN.html
@@ -0,0 +1,3 @@
+<div>
+  勾选后，如果目标目录不存在的话，那么代理启动过程会失败。该选项用于检测基础设施的问题，例如挂载失败。
+</div>
diff --git a/core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/help-internalDir_zh_CN.html b/core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/help-internalDir_zh_CN.html
new file mode 100644
index 0000000000..7629487b34
--- /dev/null
+++ b/core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/help-internalDir_zh_CN.html
@@ -0,0 +1,3 @@
+<div>
+  定义内部数据的存储目录。该目录会在远程工作目录内创建。
+</div>
diff --git a/core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/help-workDirPath_zh_CN.html b/core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/help-workDirPath_zh_CN.html
new file mode 100644
index 0000000000..e3d0c6338d
--- /dev/null
+++ b/core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/help-workDirPath_zh_CN.html
@@ -0,0 +1,3 @@
+<div>
+  如果定义了自定义远程工作目录，就不会使用代理的根目录。该选项目前无法使用环境变量，建议使用绝对路径。
+</div>
diff --git a/core/src/main/resources/jenkins/slaves/systemInfo/Messages_zh_CN.properties b/core/src/main/resources/jenkins/slaves/systemInfo/Messages_zh_CN.properties
new file mode 100644
index 0000000000..4f8fd058e0
--- /dev/null
+++ b/core/src/main/resources/jenkins/slaves/systemInfo/Messages_zh_CN.properties
@@ -0,0 +1,26 @@
+# The MIT License
+#
+# Copyright (c) 2018 suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+SystemPropertySlaveInfo.DisplayName=\u7cfb\u7edf\u5c5e\u6027
+EnvVarsSlaveInfo.DisplayName=\u73af\u5883\u53d8\u91cf
+ThreadDumpSlaveInfo.DisplayName=\u7ebf\u7a0b\u8f6c\u5b58
+ClassLoaderStatisticsSlaveInfo.DisplayName=\u8fdc\u7a0b\u7c7b\u52a0\u8f7d\u7edf\u8ba1
-- 
GitLab


From f2606c25446a83f9d2a5267ae5bd0fdc1b5c5320 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 22 Apr 2018 17:15:40 -0700
Subject: [PATCH 346/863] [maven-release-plugin] prepare release jenkins-2.118

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 472f0b72a2..ed290a1e9f 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.118-SNAPSHOT</version>
+    <version>2.118</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index ccd4981125..53a040339b 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.118-SNAPSHOT</version>
+    <version>2.118</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index c5e1629b60..1d97db31d3 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.118-SNAPSHOT</version>
+  <version>2.118</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.118</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index d21b87139b..a497d1b16e 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.118-SNAPSHOT</version>
+    <version>2.118</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 2926b9fd72..9967559fcc 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.118-SNAPSHOT</version>
+    <version>2.118</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From b92db0f04e64cdd7a815bd78a5dd3dd4cd7ead7c Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 22 Apr 2018 17:15:41 -0700
Subject: [PATCH 347/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index ed290a1e9f..41214c492d 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.118</version>
+    <version>2.119-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 53a040339b..f2744c8e2c 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.118</version>
+    <version>2.119-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 1d97db31d3..3bf44bf837 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.118</version>
+  <version>2.119-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.118</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index a497d1b16e..bb05318b1e 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.118</version>
+    <version>2.119-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 9967559fcc..d0eaf3e73f 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.118</version>
+    <version>2.119-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From e2abc734dace7181b9c9357d0a741e72afa3ad12 Mon Sep 17 00:00:00 2001
From: Marcos Bento <marcos_bento@programmingresearch.com>
Date: Mon, 23 Apr 2018 09:44:53 +0100
Subject: [PATCH 348/863] Whitelist java.util.EnumMap

---
 core/src/main/resources/jenkins/security/whitelisted-classes.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/src/main/resources/jenkins/security/whitelisted-classes.txt b/core/src/main/resources/jenkins/security/whitelisted-classes.txt
index 1f69b062c2..2769458c36 100644
--- a/core/src/main/resources/jenkins/security/whitelisted-classes.txt
+++ b/core/src/main/resources/jenkins/security/whitelisted-classes.txt
@@ -102,6 +102,7 @@ java.util.Collections$UnmodifiableSortedSet
 
 java.util.Date
 java.util.EnumMap
+java.util.EnumSet
 java.util.GregorianCalendar
 java.util.HashMap
 java.util.HashSet
-- 
GitLab


From 909f55b77da1d4a0a16a818fe592504538e49430 Mon Sep 17 00:00:00 2001
From: Vincent Latombe <vincent@latombe.net>
Date: Mon, 23 Apr 2018 15:23:41 +0200
Subject: [PATCH 349/863] [JENKINS-50767] Control crumb issuer proxy
 compatibility through system property (#3389)

-Djenkins.model.Jenkins.crumbIssuerProxyCompatibility=true enables proxy compatibility on startup
---
 core/src/main/java/jenkins/install/SetupWizard.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/jenkins/install/SetupWizard.java b/core/src/main/java/jenkins/install/SetupWizard.java
index 67f68606b2..e36fd1808b 100644
--- a/core/src/main/java/jenkins/install/SetupWizard.java
+++ b/core/src/main/java/jenkins/install/SetupWizard.java
@@ -137,7 +137,7 @@ public class SetupWizard extends PageDecorator {
                     jenkins.setAgentProtocols(newProtocols);
                     
                     // require a crumb issuer
-                    jenkins.setCrumbIssuer(new DefaultCrumbIssuer(false));
+                    jenkins.setCrumbIssuer(new DefaultCrumbIssuer(SystemProperties.getBoolean(Jenkins.class.getName() + ".crumbIssuerProxyCompatibility",false)));
     
                     // set master -> slave security:
                     jenkins.getInjector().getInstance(AdminWhitelistRule.class)
-- 
GitLab


From 6876eaa7f846279fbbc23cfd2ef353841a08d66f Mon Sep 17 00:00:00 2001
From: Devin Nusbaum <d.w.nusbaum@gmail.com>
Date: Wed, 28 Mar 2018 09:36:52 -0400
Subject: [PATCH 350/863] [JENKINS-44402] Workaround to make cancel shutdown
 work when loaded by AJAX

(cherry picked from commit b2cdcf02186f83683169eae16423f8c9e6c579f7)
---
 core/src/main/resources/lib/hudson/queue.jelly | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/src/main/resources/lib/hudson/queue.jelly b/core/src/main/resources/lib/hudson/queue.jelly
index 010fffb949..d38462218d 100644
--- a/core/src/main/resources/lib/hudson/queue.jelly
+++ b/core/src/main/resources/lib/hudson/queue.jelly
@@ -46,6 +46,7 @@ THE SOFTWARE.
     </j:otherwise>
   </j:choose>
   <l:pane title="${title}" width="2" id="buildQueue">
+    <st:adjunct includes="lib.form.link.link"/>
     <j:if test="${app.quietingDown}">
       <tr>
         <td class="pane" colspan="2" style="white-space: normal;">
-- 
GitLab


From e10e98f85408164048350b0f924b63e279624d26 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Tue, 24 Apr 2018 11:02:20 +0200
Subject: [PATCH 351/863] Merge pull request #3403 from
 marcosbento/whitelist_enumset

[JENKINS-50939] - Whitelist java.util.EnumSet

(cherry picked from commit e511ff832a24350bc43045abbac5f4070bfb376b)
---
 core/src/main/resources/jenkins/security/whitelisted-classes.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/src/main/resources/jenkins/security/whitelisted-classes.txt b/core/src/main/resources/jenkins/security/whitelisted-classes.txt
index 1f69b062c2..2769458c36 100644
--- a/core/src/main/resources/jenkins/security/whitelisted-classes.txt
+++ b/core/src/main/resources/jenkins/security/whitelisted-classes.txt
@@ -102,6 +102,7 @@ java.util.Collections$UnmodifiableSortedSet
 
 java.util.Date
 java.util.EnumMap
+java.util.EnumSet
 java.util.GregorianCalendar
 java.util.HashMap
 java.util.HashSet
-- 
GitLab


From fc6137873956ef1645dccd1ff3688dbf42dff7d5 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Tue, 24 Apr 2018 14:39:57 +0200
Subject: [PATCH 352/863] [JENKINS-50616] - Add org.jruby.RubyNil to the
 whitelist (#3404)

* [JENKINS-50616] - Add org.jruby.RubyNil to the whitelist

* [JENKINS-50616] - Fix the typo in the comment
---
 .../resources/jenkins/security/whitelisted-classes.txt   | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/core/src/main/resources/jenkins/security/whitelisted-classes.txt b/core/src/main/resources/jenkins/security/whitelisted-classes.txt
index 2769458c36..3ad58670b6 100644
--- a/core/src/main/resources/jenkins/security/whitelisted-classes.txt
+++ b/core/src/main/resources/jenkins/security/whitelisted-classes.txt
@@ -175,7 +175,13 @@ org.jenkinsci.jruby.JRubyMapper$DynamicProxy
 org.jenkinsci.lib.xtrigger.XTriggerCause
 org.jenkinsci.lib.xtrigger.XTriggerCauseAction
 
-# TODO remove (also XStream2.BlacklistedTypesConverter.JRUBY_PROXY) when https://github.com/jenkinsci/ruby-runtime-plugin/pull/5 is widely adopted
+# TODO remove (also XStream2.BlacklistedTypesConverter.JRUBY_PROXY) when Ruby Runtime is fixed
+# Related PRs:
+#   - https://github.com/jenkinsci/ruby-runtime-plugin/pull/5,
+#   - https://github.com/jenkinsci/ruby-runtime-plugin/pull/6
+#
+# oleg-nenashev in PR#6 we are trying to get help from last maintainers due to the plugin codebase splitbrain.
+#               It is required to fix JENKINS-50616 in a proper way for 2.107.x
 org.jruby.RubyArray
 org.jruby.RubyBignum
 org.jruby.RubyBoolean
@@ -183,6 +189,7 @@ org.jruby.RubyBoolean$False
 org.jruby.RubyBoolean$True
 org.jruby.RubyFixnum
 org.jruby.RubyHash
+org.jruby.RubyNil
 org.jruby.RubyObject
 org.jruby.RubyString
 org.jruby.RubySymbol
-- 
GitLab


From 97a76e6344c6470bec14cf6574986a07be8e48e6 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Tue, 24 Apr 2018 10:19:47 -0400
Subject: [PATCH 353/863] Simplify Jenkins.installState serial form to avoid
 relying on readResolve.

---
 .../java/jenkins/install/InstallState.java    |  2 ++
 core/src/main/java/jenkins/model/Jenkins.java | 19 ++++++++++++-------
 2 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/core/src/main/java/jenkins/install/InstallState.java b/core/src/main/java/jenkins/install/InstallState.java
index dc6f9dc534..e77faec568 100644
--- a/core/src/main/java/jenkins/install/InstallState.java
+++ b/core/src/main/java/jenkins/install/InstallState.java
@@ -220,7 +220,9 @@ public class InstallState implements ExtensionPoint {
      * <p>Creating a {@code writeReplace} does not help much since XStream then just saves:
      * {@code <installState class="jenkins.install.InstallState$CreateAdminUser" resolves-to="jenkins.install.InstallState">}
      * @see #UNUSED_INNER_CLASSES
+     * @deprecated Should no longer be used, as {@link Jenkins} now saves only {@link #name}.
      */
+    @Deprecated
     protected Object readResolve() {
         // If we get invalid state from the configuration, fallback to unknown
         if (StringUtils.isBlank(name)) {
diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index 1d200ebd2a..4709c99c5b 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -328,6 +328,9 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
     /**
      * The Jenkins instance startup type i.e. NEW, UPGRADE etc
      */
+    private String installStateName;
+
+    @Deprecated
     private InstallState installState;
     
     /**
@@ -1014,10 +1017,12 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
     @Nonnull
     @Restricted(NoExternalUse.class)
     public InstallState getInstallState() {
-        if (installState == null || installState.name() == null) {
-            return InstallState.UNKNOWN;
+        if (installState != null) {
+            installStateName = installState.name();
+            installState = null;
         }
-        return installState;
+        InstallState is = installStateName != null ? InstallState.valueOf(installStateName) : InstallState.UNKNOWN;
+        return is != null ? is : InstallState.UNKNOWN;
     }
 
     /**
@@ -1026,10 +1031,10 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
      */
     @Restricted(NoExternalUse.class)
     public void setInstallState(@Nonnull InstallState newState) {
-        InstallState prior = installState;
-        installState = newState;
-        LOGGER.log(Main.isDevelopmentMode ? Level.INFO : Level.FINE, "Install state transitioning from: {0} to : {1}", new Object[] { prior, installState });
-        if (!newState.equals(prior)) {
+        String prior = installStateName;
+        installStateName = newState.name();
+        LOGGER.log(Main.isDevelopmentMode ? Level.INFO : Level.FINE, "Install state transitioning from: {0} to : {1}", new Object[] { prior, installStateName });
+        if (!installStateName.equals(prior)) {
             getSetupWizard().onInstallStateUpdate(newState);
             newState.initializeState();
         }
-- 
GitLab


From a16779e4e24bcc884427325a4692c60484a87389 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Tue, 24 Apr 2018 14:39:57 +0200
Subject: [PATCH 354/863] [JENKINS-50616] - Add org.jruby.RubyNil to the
 whitelist (#3404)

* [JENKINS-50616] - Add org.jruby.RubyNil to the whitelist

* [JENKINS-50616] - Fix the typo in the comment

(cherry picked from commit fc6137873956ef1645dccd1ff3688dbf42dff7d5)
---
 .../resources/jenkins/security/whitelisted-classes.txt   | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/core/src/main/resources/jenkins/security/whitelisted-classes.txt b/core/src/main/resources/jenkins/security/whitelisted-classes.txt
index 2769458c36..3ad58670b6 100644
--- a/core/src/main/resources/jenkins/security/whitelisted-classes.txt
+++ b/core/src/main/resources/jenkins/security/whitelisted-classes.txt
@@ -175,7 +175,13 @@ org.jenkinsci.jruby.JRubyMapper$DynamicProxy
 org.jenkinsci.lib.xtrigger.XTriggerCause
 org.jenkinsci.lib.xtrigger.XTriggerCauseAction
 
-# TODO remove (also XStream2.BlacklistedTypesConverter.JRUBY_PROXY) when https://github.com/jenkinsci/ruby-runtime-plugin/pull/5 is widely adopted
+# TODO remove (also XStream2.BlacklistedTypesConverter.JRUBY_PROXY) when Ruby Runtime is fixed
+# Related PRs:
+#   - https://github.com/jenkinsci/ruby-runtime-plugin/pull/5,
+#   - https://github.com/jenkinsci/ruby-runtime-plugin/pull/6
+#
+# oleg-nenashev in PR#6 we are trying to get help from last maintainers due to the plugin codebase splitbrain.
+#               It is required to fix JENKINS-50616 in a proper way for 2.107.x
 org.jruby.RubyArray
 org.jruby.RubyBignum
 org.jruby.RubyBoolean
@@ -183,6 +189,7 @@ org.jruby.RubyBoolean$False
 org.jruby.RubyBoolean$True
 org.jruby.RubyFixnum
 org.jruby.RubyHash
+org.jruby.RubyNil
 org.jruby.RubyObject
 org.jruby.RubyString
 org.jruby.RubySymbol
-- 
GitLab


From 6eea1e97840b5623829b2c1fd2e363c045bdc230 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Wed, 25 Apr 2018 23:37:50 +0200
Subject: [PATCH 355/863] [SECURITY-794]

---
 .../hudson/tools/ZipExtractionInstaller.java  |   5 +
 .../tools/ZipExtractionInstaller/config.jelly |   2 +-
 .../tools/ZipExtractionInstallerTest.java     | 183 ++++++++++++++++++
 3 files changed, 189 insertions(+), 1 deletion(-)
 create mode 100644 test/src/test/java/hudson/tools/ZipExtractionInstallerTest.java

diff --git a/core/src/main/java/hudson/tools/ZipExtractionInstaller.java b/core/src/main/java/hudson/tools/ZipExtractionInstaller.java
index ba91cfe457..af9bffda11 100644
--- a/core/src/main/java/hudson/tools/ZipExtractionInstaller.java
+++ b/core/src/main/java/hudson/tools/ZipExtractionInstaller.java
@@ -42,9 +42,11 @@ import java.net.MalformedURLException;
 import java.net.URL;
 import java.net.URLConnection;
 
+import jenkins.model.Jenkins;
 import org.jenkinsci.Symbol;
 import org.kohsuke.stapler.DataBoundConstructor;
 import org.kohsuke.stapler.QueryParameter;
+import org.kohsuke.stapler.interceptor.RequirePOST;
 
 /**
  * Installs a tool into the Hudson working area by downloading and unpacking a ZIP file.
@@ -95,7 +97,10 @@ public class ZipExtractionInstaller extends ToolInstaller {
             return Messages.ZipExtractionInstaller_DescriptorImpl_displayName();
         }
 
+        @RequirePOST
         public FormValidation doCheckUrl(@QueryParameter String value) {
+            Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
+            
             try {
                 URLConnection conn = ProxyConfiguration.open(new URL(value));
                 conn.connect();
diff --git a/core/src/main/resources/hudson/tools/ZipExtractionInstaller/config.jelly b/core/src/main/resources/hudson/tools/ZipExtractionInstaller/config.jelly
index 952041a19f..dc5212de08 100644
--- a/core/src/main/resources/hudson/tools/ZipExtractionInstaller/config.jelly
+++ b/core/src/main/resources/hudson/tools/ZipExtractionInstaller/config.jelly
@@ -25,7 +25,7 @@ THE SOFTWARE.
 <j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form" xmlns:st="jelly:stapler" xmlns:t="/hudson/tools">
     <t:label />
     <f:entry title="${%Download URL for binary archive}" field="url">
-        <f:textbox/>
+        <f:textbox checkMethod="post"/>
     </f:entry>
     <f:entry title="${%Subdirectory of extracted archive}" field="subdir">
         <f:textbox/>
diff --git a/test/src/test/java/hudson/tools/ZipExtractionInstallerTest.java b/test/src/test/java/hudson/tools/ZipExtractionInstallerTest.java
new file mode 100644
index 0000000000..e1e882d10f
--- /dev/null
+++ b/test/src/test/java/hudson/tools/ZipExtractionInstallerTest.java
@@ -0,0 +1,183 @@
+/*
+ * The MIT License
+ *
+ * Copyright 2018 CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package hudson.tools;
+
+import com.gargoylesoftware.htmlunit.HttpMethod;
+import com.gargoylesoftware.htmlunit.InteractivePage;
+import com.gargoylesoftware.htmlunit.WebRequest;
+import com.gargoylesoftware.htmlunit.html.HtmlPage;
+import com.gargoylesoftware.htmlunit.html.HtmlTextInput;
+import com.gargoylesoftware.htmlunit.javascript.JavaScriptEngine;
+import com.gargoylesoftware.htmlunit.javascript.host.xml.XMLHttpRequest;
+import hudson.model.JDK;
+import hudson.model.User;
+import hudson.util.FormValidation;
+import jenkins.model.Jenkins;
+import net.sourceforge.htmlunit.corejs.javascript.Function;
+import net.sourceforge.htmlunit.corejs.javascript.Scriptable;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.TemporaryFolder;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.MockAuthorizationStrategy;
+
+import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
+import java.lang.reflect.Field;
+import java.net.URL;
+import java.net.URLDecoder;
+import java.net.URLEncoder;
+import java.nio.charset.StandardCharsets;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+
+import static org.hamcrest.Matchers.containsString;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertThat;
+import static org.junit.Assert.fail;
+
+public class ZipExtractionInstallerTest {
+    
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+    
+    @Rule
+    public TemporaryFolder tmp = new TemporaryFolder();
+    
+    @Test
+    @Issue("SECURITY-794")
+    public void onlyAdminCanReachTheDoCheck() throws Exception {
+        final String ADMIN = "admin";
+        final String USER = "user";
+        
+        j.jenkins.setCrumbIssuer(null);
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        j.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy()
+                .grant(Jenkins.ADMINISTER).everywhere().to(ADMIN)
+                .grant(Jenkins.READ).everywhere().to(USER)
+        );
+        
+        User.getById(ADMIN, true);
+        User.getById(USER, true);
+        
+        WebRequest request = new WebRequest(new URL(j.getURL() + "descriptorByName/hudson.tools.ZipExtractionInstaller/checkUrl"), HttpMethod.POST);
+        request.setRequestBody(URLEncoder.encode("value=https://www.google.com", StandardCharsets.UTF_8.name()));
+        
+        JenkinsRule.WebClient adminWc = j.createWebClient();
+        adminWc.login(ADMIN);
+        assertEquals(200, adminWc.getPage(request).getWebResponse().getStatusCode());
+        
+        JenkinsRule.WebClient userWc = j.createWebClient();
+        userWc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        userWc.login(USER);
+        assertEquals(403, userWc.getPage(request).getWebResponse().getStatusCode());
+    }
+    
+    @Test
+    @Issue("SECURITY-794")
+    public void roundtrip() throws Exception {
+        final String VALID_URL = "https://www.google.com";
+        final String INVALID_URL = "only-crappy-letters";
+        
+        ZipExtractionInstaller installer = new ZipExtractionInstaller("", VALID_URL, "");
+        
+        j.jenkins.getJDKs().add(new JDK("test", tmp.getRoot().getAbsolutePath(), Arrays.asList(
+                new InstallSourceProperty(Arrays.<ToolInstaller>asList(installer)))));
+        
+        JenkinsRule.WebClient wc = j.createWebClient();
+        
+        SpyingJavaScriptEngine jsEngine = new SpyingJavaScriptEngine(wc, "ZipExtractionInstaller/checkUrl", HttpMethod.POST);
+        wc.setJavaScriptEngine(jsEngine);
+        
+        HtmlPage page = wc.goTo("configureTools");
+        
+        XMLHttpRequest lastRequest = jsEngine.getLastRequest();
+        String body = URLDecoder.decode(getPrivateWebRequestField(lastRequest).getRequestBody(), "UTF-8");
+        assertThat(body, containsString(VALID_URL));
+        assertEquals(FormValidation.ok().renderHtml(), lastRequest.getResponseText());
+        
+        HtmlTextInput urlInput = page.getDocumentElement().getOneHtmlElementByAttribute("input", "value", VALID_URL);
+        urlInput.setAttribute("value", INVALID_URL);
+        j.submit(page.getFormByName("config"));
+        
+        JDK jdk = j.jenkins.getJDK("test");
+        InstallSourceProperty isp = jdk.getProperties().get(InstallSourceProperty.class);
+        assertEquals(1, isp.installers.size());
+        assertEquals(INVALID_URL, isp.installers.get(ZipExtractionInstaller.class).getUrl());
+        
+        wc.goTo("configureTools");
+        
+        lastRequest = jsEngine.getLastRequest();
+        body = URLDecoder.decode(getPrivateWebRequestField(lastRequest).getRequestBody(), "UTF-8");
+        assertThat(body, containsString(INVALID_URL));
+        assertThat(lastRequest.getResponseText(), containsString(Messages.ZipExtractionInstaller_malformed_url()));
+    }
+    
+    private class SpyingJavaScriptEngine extends JavaScriptEngine {
+        private List<XMLHttpRequest> storedRequests = new ArrayList<>();
+        private String urlToMatch;
+        private HttpMethod method;
+        
+        SpyingJavaScriptEngine(JenkinsRule.WebClient wc, @Nullable String urlToMatch, @Nullable HttpMethod method) {
+            super(wc);
+            this.urlToMatch = urlToMatch;
+            this.method = method;
+        }
+        
+        @Override
+        public Object callFunction(InteractivePage page, Function function, Scriptable scope, Scriptable thisObject, Object[] args) {
+            if (thisObject instanceof XMLHttpRequest) {
+                try {
+                    WebRequest request = getPrivateWebRequestField((XMLHttpRequest) thisObject);
+                    boolean correctUrl = urlToMatch == null || request.getUrl().toString().contains(urlToMatch);
+                    boolean correctMethod = method == null || request.getHttpMethod().equals(method);
+                    if (correctUrl && correctMethod) {
+                        if (((XMLHttpRequest) thisObject).getReadyState() == 4) {
+                            storedRequests.add((XMLHttpRequest) thisObject);
+                        }
+                    }
+                } catch (NoSuchFieldException | IllegalAccessException e) {
+                    e.printStackTrace();
+                }
+            }
+            return super.callFunction(page, function, scope, thisObject, args);
+        }
+        
+        @Nonnull
+        public XMLHttpRequest getLastRequest() {
+            if (storedRequests.isEmpty()) {
+                fail("There is no available requests for the proposed url/method");
+            }
+            return storedRequests.get(storedRequests.size() - 1);
+        }
+    }
+    
+    private static WebRequest getPrivateWebRequestField(XMLHttpRequest xmlHttpRequest) throws NoSuchFieldException, IllegalAccessException {
+        Field webRequest_Field = XMLHttpRequest.class.getDeclaredField("webRequest_");
+        webRequest_Field.setAccessible(true);
+        return (WebRequest) webRequest_Field.get(xmlHttpRequest);
+    }
+}
-- 
GitLab


From de7aaab441151fb1760855fec83681c6a8756a45 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Wed, 25 Apr 2018 23:39:43 +0200
Subject: [PATCH 356/863] [SECURITY-786]

---
 .../security/HudsonPrivateSecurityRealm.java  |  24 ++++
 .../hudson/security/Messages.properties       |   2 +
 .../HudsonPrivateSecurityRealmTest.java       | 129 +++++++++++++++++-
 3 files changed, 154 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java b/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
index b82e8b70d0..c787e352f2 100644
--- a/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
+++ b/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
@@ -64,6 +64,7 @@ import org.kohsuke.stapler.interceptor.RequirePOST;
 import org.mindrot.jbcrypt.BCrypt;
 import org.springframework.dao.DataAccessException;
 
+import javax.annotation.Nonnull;
 import javax.servlet.Filter;
 import javax.servlet.FilterChain;
 import javax.servlet.FilterConfig;
@@ -95,6 +96,15 @@ import org.kohsuke.accmod.restrictions.NoExternalUse;
  * @author Kohsuke Kawaguchi
  */
 public class HudsonPrivateSecurityRealm extends AbstractPasswordBasedSecurityRealm implements ModelObject, AccessControlled {
+    private static /* not final */ String ID_REGEX = System.getProperty(HudsonPrivateSecurityRealm.class.getName() + ".ID_REGEX");
+    
+    /**
+     * Default REGEX for the user ID check in case the ID_REGEX is not set
+     * It allows A-Za-z0-9 + "_-"
+     * in Java {@code \w} is equivalent to {@code [A-Za-z0-9_]} (take care of "_")
+     */
+    private static final String DEFAULT_ID_REGEX = "^[\\w-]+$";
+    
     /**
      * If true, sign up is not allowed.
      * <p>
@@ -338,6 +348,12 @@ public class HudsonPrivateSecurityRealm extends AbstractPasswordBasedSecurityRea
 
         if(si.username==null || si.username.length()==0)
             si.errorMessage = Messages.HudsonPrivateSecurityRealm_CreateAccount_UserNameRequired();
+        else if(!containsOnlyAcceptableCharacters(si.username))
+            if(ID_REGEX == null){
+                si.errorMessage = Messages.HudsonPrivateSecurityRealm_CreateAccount_UserNameInvalidCharacters();
+            }else{
+                si.errorMessage = Messages.HudsonPrivateSecurityRealm_CreateAccount_UserNameInvalidCharactersCustom(ID_REGEX);
+            }
         else {
             // do not create the user - we just want to check if the user already exists but is not a "login" user.
             User user = User.getById(si.username, false); 
@@ -385,6 +401,14 @@ public class HudsonPrivateSecurityRealm extends AbstractPasswordBasedSecurityRea
         return user;
     }
     
+    private boolean containsOnlyAcceptableCharacters(@Nonnull String value){
+        if(ID_REGEX == null){
+            return value.matches(DEFAULT_ID_REGEX);
+        }else{
+            return value.matches(ID_REGEX);
+        }
+    }
+    
     @Restricted(NoExternalUse.class)
     public boolean isMailerPluginPresent() {
         try {
diff --git a/core/src/main/resources/hudson/security/Messages.properties b/core/src/main/resources/hudson/security/Messages.properties
index 086cc59afb..951a1bfbc5 100644
--- a/core/src/main/resources/hudson/security/Messages.properties
+++ b/core/src/main/resources/hudson/security/Messages.properties
@@ -37,6 +37,8 @@ HudsonPrivateSecurityRealm.CreateAccount.TextNotMatchWordInImage=Text didn't mat
 HudsonPrivateSecurityRealm.CreateAccount.PasswordNotMatch=Password didn't match
 HudsonPrivateSecurityRealm.CreateAccount.PasswordRequired=Password is required
 HudsonPrivateSecurityRealm.CreateAccount.UserNameRequired=User name is required
+HudsonPrivateSecurityRealm.CreateAccount.UserNameInvalidCharacters=User name must only contain alphanumeric characters, underscore and dash
+HudsonPrivateSecurityRealm.CreateAccount.UserNameInvalidCharactersCustom=User name must match the following expression: {0}
 HudsonPrivateSecurityRealm.CreateAccount.InvalidEmailAddress=Invalid e-mail address
 HudsonPrivateSecurityRealm.CreateAccount.UserNameAlreadyTaken=User name is already taken
 
diff --git a/test/src/test/java/hudson/security/HudsonPrivateSecurityRealmTest.java b/test/src/test/java/hudson/security/HudsonPrivateSecurityRealmTest.java
index 258a47c474..db7666f630 100644
--- a/test/src/test/java/hudson/security/HudsonPrivateSecurityRealmTest.java
+++ b/test/src/test/java/hudson/security/HudsonPrivateSecurityRealmTest.java
@@ -2,15 +2,21 @@ package hudson.security;
 
 import static hudson.security.HudsonPrivateSecurityRealm.CLASSIC;
 import static hudson.security.HudsonPrivateSecurityRealm.PASSWORD_ENCODER;
+import static org.hamcrest.Matchers.containsString;
+import static org.hamcrest.Matchers.not;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertTrue;
 import static org.junit.Assert.assertThat;
 import static org.hamcrest.Matchers.is;
 import static org.hamcrest.xml.HasXPath.hasXPath;
 
 import java.io.UnsupportedEncodingException;
+import java.lang.reflect.Field;
 
+import hudson.security.pages.SignupPage;
+import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
@@ -34,6 +40,13 @@ public class HudsonPrivateSecurityRealmTest {
     @Rule
     public JenkinsRule j = new JenkinsRule();
 
+    @Before
+    public void setup() throws Exception {
+        Field field = HudsonPrivateSecurityRealm.class.getDeclaredField("ID_REGEX");
+        field.setAccessible(true);
+        field.set(null, null);
+    }
+
     /**
      * Tests the data compatibility with Hudson before 1.283.
      * Starting 1.283, passwords are now stored hashed.
@@ -170,5 +183,119 @@ public class HudsonPrivateSecurityRealmTest {
         String authHeader = "Basic " + auth;
         return authHeader;
     }
-
+    
+    @Issue("SECURITY-786")
+    @Test
+    public void controlCharacterAreNoMoreValid() throws Exception {
+        HudsonPrivateSecurityRealm securityRealm = new HudsonPrivateSecurityRealm(true, false, null);
+        j.jenkins.setSecurityRealm(securityRealm);
+        
+        String password = "testPwd";
+        String email = "test@test.com";
+        int i = 0;
+        
+        // regular case = only accepting a-zA-Z0-9 + "-_"
+        checkUserCanBeCreatedWith(securityRealm, "test" + i, password, "Test" + i, email);
+        assertNotNull(User.getById("test" + i, false));
+        i++;
+        checkUserCanBeCreatedWith(securityRealm, "te-st_123" + i, password, "Test" + i, email);
+        assertNotNull(User.getById("te-st_123" + i, false));
+        i++;
+        {// user id that contains invalid characters
+            checkUserCannotBeCreatedWith(securityRealm, "test " + i, password, "Test" + i, email);
+            i++;
+            checkUserCannotBeCreatedWith(securityRealm, "te@st" + i, password, "Test" + i, email);
+            i++;
+            checkUserCannotBeCreatedWith(securityRealm, "test.com" + i, password, "Test" + i, email);
+            i++;
+            checkUserCannotBeCreatedWith(securityRealm, "test,com" + i, password, "Test" + i, email);
+            i++;
+            checkUserCannotBeCreatedWith(securityRealm, "test,com" + i, password, "Test" + i, email);
+            i++;
+            checkUserCannotBeCreatedWith(securityRealm, "testécom" + i, password, "Test" + i, email);
+            i++;
+            checkUserCannotBeCreatedWith(securityRealm, "Stargåte" + i, password, "Test" + i, email);
+            i++;
+            checkUserCannotBeCreatedWith(securityRealm, "te\u0000st" + i, password, "Test" + i, email);
+            i++;
+        }
+    }
+    
+    @Issue("SECURITY-786")
+    @Test
+    public void controlCharacterAreNoMoreValid_CustomRegex() throws Exception {
+        HudsonPrivateSecurityRealm securityRealm = new HudsonPrivateSecurityRealm(true, false, null);
+        j.jenkins.setSecurityRealm(securityRealm);
+        
+        String currentRegex = "^[A-Z]+[0-9]*$";
+        
+        Field field = HudsonPrivateSecurityRealm.class.getDeclaredField("ID_REGEX");
+        field.setAccessible(true);
+        field.set(null, currentRegex);
+        
+        String password = "testPwd";
+        String email = "test@test.com";
+        int i = 0;
+        
+        // regular case = only accepting a-zA-Z0-9 + "-_"
+        checkUserCanBeCreatedWith(securityRealm, "TEST" + i, password, "Test" + i, email);
+        assertNotNull(User.getById("TEST" + i, false));
+        i++;
+        checkUserCanBeCreatedWith(securityRealm, "TEST123" + i, password, "Test" + i, email);
+        assertNotNull(User.getById("TEST123" + i, false));
+        i++;
+        {// user id that do not follow custom regex
+            checkUserCannotBeCreatedWith_custom(securityRealm, "test " + i, password, "Test" + i, email, currentRegex);
+            i++;
+            checkUserCannotBeCreatedWith_custom(securityRealm, "@" + i, password, "Test" + i, email, currentRegex);
+            i++;
+            checkUserCannotBeCreatedWith_custom(securityRealm, "T2A" + i, password, "Test" + i, email, currentRegex);
+            i++;
+        }
+        { // we can even change regex on the fly
+            currentRegex = "^[0-9]*$";
+            field.set(null, currentRegex);
+    
+            checkUserCanBeCreatedWith(securityRealm, "125213" + i, password, "Test" + i, email);
+            assertNotNull(User.getById("125213" + i, false));
+            i++;
+            checkUserCannotBeCreatedWith_custom(securityRealm, "TEST12" + i, password, "Test" + i, email, currentRegex);
+            i++;
+        }
+    }
+    
+    private void checkUserCanBeCreatedWith(HudsonPrivateSecurityRealm securityRealm, String id, String password, String fullName, String email) throws Exception {
+        JenkinsRule.WebClient wc = j.createWebClient();
+        SignupPage signup = new SignupPage(wc.goTo("signup"));
+        signup.enterUsername(id);
+        signup.enterPassword(password);
+        signup.enterFullName(fullName);
+        signup.enterEmail(email);
+        HtmlPage success = signup.submit(j);
+        assertThat(success.getElementById("main-panel").getTextContent(), containsString("Success"));
+    }
+    
+    private void checkUserCannotBeCreatedWith(HudsonPrivateSecurityRealm securityRealm, String id, String password, String fullName, String email) throws Exception {
+        JenkinsRule.WebClient wc = j.createWebClient();
+        SignupPage signup = new SignupPage(wc.goTo("signup"));
+        signup.enterUsername(id);
+        signup.enterPassword(password);
+        signup.enterFullName(fullName);
+        signup.enterEmail(email);
+        HtmlPage success = signup.submit(j);
+        assertThat(success.getElementById("main-panel").getTextContent(), not(containsString("Success")));
+        assertThat(success.getElementById("main-panel").getTextContent(), containsString(Messages.HudsonPrivateSecurityRealm_CreateAccount_UserNameInvalidCharacters()));
+    }
+    
+    private void checkUserCannotBeCreatedWith_custom(HudsonPrivateSecurityRealm securityRealm, String id, String password, String fullName, String email, String regex) throws Exception {
+        JenkinsRule.WebClient wc = j.createWebClient();
+        SignupPage signup = new SignupPage(wc.goTo("signup"));
+        signup.enterUsername(id);
+        signup.enterPassword(password);
+        signup.enterFullName(fullName);
+        signup.enterEmail(email);
+        HtmlPage success = signup.submit(j);
+        assertThat(success.getElementById("main-panel").getTextContent(), not(containsString("Success")));
+        assertThat(success.getElementById("main-panel").getTextContent(), containsString(regex));
+    }
 }
-- 
GitLab


From 809916b59b7c7678dc3c1c76338452121fed1424 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Wed, 25 Apr 2018 23:40:33 +0200
Subject: [PATCH 357/863] [SECURITY-771]

---
 .../java/hudson/cli/ListPluginsCommand.java   |  4 +-
 .../hudson/cli/ListPluginsCommandTest.java    | 79 +++++++++++++++++++
 2 files changed, 82 insertions(+), 1 deletion(-)
 create mode 100644 test/src/test/java/hudson/cli/ListPluginsCommandTest.java

diff --git a/core/src/main/java/hudson/cli/ListPluginsCommand.java b/core/src/main/java/hudson/cli/ListPluginsCommand.java
index 99c926cdaf..faa35dfa67 100644
--- a/core/src/main/java/hudson/cli/ListPluginsCommand.java
+++ b/core/src/main/java/hudson/cli/ListPluginsCommand.java
@@ -47,7 +47,9 @@ public class ListPluginsCommand extends CLICommand {
     public String name;
 
     protected int run() {
-        Jenkins h = Jenkins.getActiveInstance();
+        Jenkins h = Jenkins.getInstance();
+        h.checkPermission(Jenkins.ADMINISTER);
+        
         PluginManager pluginManager = h.getPluginManager();
 
         if (this.name != null) {
diff --git a/test/src/test/java/hudson/cli/ListPluginsCommandTest.java b/test/src/test/java/hudson/cli/ListPluginsCommandTest.java
new file mode 100644
index 0000000000..530fa8875f
--- /dev/null
+++ b/test/src/test/java/hudson/cli/ListPluginsCommandTest.java
@@ -0,0 +1,79 @@
+/*
+ * The MIT License
+ *
+ * Copyright 2018 CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package hudson.cli;
+
+import jenkins.model.Jenkins;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+
+import static org.hamcrest.Matchers.containsString;
+import static org.hamcrest.Matchers.not;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertThat;
+
+public class ListPluginsCommandTest {
+    
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+    
+    @Test
+    public void listPluginsExpectedUsage() throws Exception {
+        assertNull(j.jenkins.getPluginManager().getPlugin("token-macro"));
+        CLICommandInvoker.Result result = new CLICommandInvoker(j, new ListPluginsCommand())
+                .invoke();
+        assertThat(result, CLICommandInvoker.Matcher.succeeded());
+        assertThat(result, CLICommandInvoker.Matcher.hasNoStandardOutput());
+        assertThat(result.stdout(), not(containsString("token-macro")));
+        
+        assertThat(new CLICommandInvoker(j, new InstallPluginCommand()).
+                        withStdin(ListPluginsCommandTest.class.getResourceAsStream("/plugins/token-macro.hpi")).
+                        invokeWithArgs("-name", "token-macro", "-deploy", "="),
+                CLICommandInvoker.Matcher.succeeded());
+        assertNotNull(j.jenkins.getPluginManager().getPlugin("token-macro"));
+        
+        result = new CLICommandInvoker(j, new ListPluginsCommand())
+                .invoke()
+        ;
+        assertThat(result, CLICommandInvoker.Matcher.succeeded());
+        assertThat(result.stdout(), containsString("token-macro"));
+    }
+    
+    @Test
+    @Issue("SECURITY-771")
+    public void onlyAccessibleForAdmin() throws Exception {
+        CLICommandInvoker.Result result = new CLICommandInvoker(j, new ListPluginsCommand())
+                .authorizedTo(Jenkins.READ)
+                .invoke();
+        assertThat(result, CLICommandInvoker.Matcher.failedWith(6 /* not authorized */));
+        
+        result = new CLICommandInvoker(j, new ListPluginsCommand())
+                .authorizedTo(Jenkins.ADMINISTER)
+                .invoke()
+        ;
+        assertThat(result, CLICommandInvoker.Matcher.succeeded());
+    }
+}
-- 
GitLab


From 7c5b41bfd5d8004f82684a9168dd627e20ea5f35 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Wed, 25 Apr 2018 23:40:56 +0200
Subject: [PATCH 358/863] [SECURITY-771]

---
 .../resources/hudson/AboutJenkins/index.jelly |  2 +-
 .../test/java/hudson/AboutJenkinsTest.java    | 72 +++++++++++++++++++
 2 files changed, 73 insertions(+), 1 deletion(-)
 create mode 100644 test/src/test/java/hudson/AboutJenkinsTest.java

diff --git a/core/src/main/resources/hudson/AboutJenkins/index.jelly b/core/src/main/resources/hudson/AboutJenkins/index.jelly
index 68e063af6d..cc668b1f64 100644
--- a/core/src/main/resources/hudson/AboutJenkins/index.jelly
+++ b/core/src/main/resources/hudson/AboutJenkins/index.jelly
@@ -26,7 +26,7 @@ THE SOFTWARE.
 <?jelly escape-by-default='true'?>
 <j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:s="/lib/form">
 
-  <l:layout norefresh="true" type="one-column" title="${%about(app.VERSION)}">
+  <l:layout permission="${app.ADMINISTER}" norefresh="true" type="one-column" title="${%about(app.VERSION)}">
 
     <l:main-panel>
     <div class="container-fluid">
diff --git a/test/src/test/java/hudson/AboutJenkinsTest.java b/test/src/test/java/hudson/AboutJenkinsTest.java
new file mode 100644
index 0000000000..7972aa1021
--- /dev/null
+++ b/test/src/test/java/hudson/AboutJenkinsTest.java
@@ -0,0 +1,72 @@
+/*
+ * The MIT License
+ *
+ * Copyright 2018 CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package hudson;
+
+import com.gargoylesoftware.htmlunit.html.HtmlPage;
+import jenkins.model.Jenkins;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.MockAuthorizationStrategy;
+
+import static org.hamcrest.Matchers.containsString;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertThat;
+
+public class AboutJenkinsTest {
+    
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+    
+    @Test
+    @Issue("SECURITY-771")
+    public void onlyAdminCanReadAbout() throws Exception {
+        final String ADMIN = "admin";
+        final String USER = "user";
+        
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        j.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy()
+                .grant(Jenkins.ADMINISTER).everywhere().to(ADMIN)
+                .grant(Jenkins.READ).everywhere().to(USER)
+        );
+        
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        
+        { // user cannot see it
+            wc.login(USER);
+            HtmlPage page = wc.goTo("about/");
+            assertEquals(403, page.getWebResponse().getStatusCode());
+        }
+        
+        { // admin can access it
+            wc.login(ADMIN);
+            HtmlPage page = wc.goTo("about/");
+            assertEquals(200, page.getWebResponse().getStatusCode());
+            assertThat(page.getWebResponse().getContentAsString(), containsString("Mavenized dependencies"));
+        }
+    }
+    
+}
-- 
GitLab


From 5cf0a77d44310523b763698f67d645c1f2427f30 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Wed, 25 Apr 2018 23:42:19 +0200
Subject: [PATCH 359/863] [SECURITY-788]

---
 core/src/main/java/hudson/FilePath.java       |  19 ++-
 .../main/java/jenkins/SoloFilePathFilter.java |  20 ++-
 core/src/test/java/hudson/FilePathTest.java   |   4 +-
 .../security/s2m/AdminFilePathFilterTest.java | 145 ++++++++++++++++++
 4 files changed, 175 insertions(+), 13 deletions(-)

diff --git a/core/src/main/java/hudson/FilePath.java b/core/src/main/java/hudson/FilePath.java
index cd3fa60451..8f112f1886 100644
--- a/core/src/main/java/hudson/FilePath.java
+++ b/core/src/main/java/hudson/FilePath.java
@@ -214,9 +214,14 @@ public final class FilePath implements Serializable {
      * This is used to determine whether we are running on the master or the agent.
      */
     private transient VirtualChannel channel;
-
-    // since the platform of the agent might be different, can't use java.io.File
-    private final String remote;
+    
+    /**
+     * Represent the path to the file in the master or the agent
+     * Since the platform of the agent might be different, can't use java.io.File
+     *
+     * The field could not be final since it's modified in {@link #readResolve()}
+     */
+    private /*final*/ String remote;
 
     /**
      * If this {@link FilePath} is deserialized to handle file access request from a remote computer,
@@ -264,6 +269,11 @@ public final class FilePath implements Serializable {
         this.remote = normalize(resolvePathIfRelative(base, rel));
     }
 
+    private Object readResolve() {
+        this.remote = normalize(this.remote);
+        return this;
+    }
+
     private String resolvePathIfRelative(@Nonnull FilePath base, @Nonnull String rel) {
         if(isAbsolute(rel)) return rel;
         if(base.isUnix()) {
@@ -291,7 +301,8 @@ public final class FilePath implements Serializable {
      * {@link File#getParent()} etc cannot handle ".." and "." in the path component very well,
      * so remove them.
      */
-    private static String normalize(@Nonnull String path) {
+    @Restricted(NoExternalUse.class)
+    public static String normalize(@Nonnull String path) {
         StringBuilder buf = new StringBuilder();
         // Check for prefix designating absolute path
         Matcher m = ABSOLUTE_PREFIX_PATTERN.matcher(path);
diff --git a/core/src/main/java/jenkins/SoloFilePathFilter.java b/core/src/main/java/jenkins/SoloFilePathFilter.java
index ce13575982..aa0ebbefc8 100644
--- a/core/src/main/java/jenkins/SoloFilePathFilter.java
+++ b/core/src/main/java/jenkins/SoloFilePathFilter.java
@@ -1,5 +1,7 @@
 package jenkins;
 
+import hudson.FilePath;
+
 import javax.annotation.Nullable;
 import java.io.File;
 
@@ -31,39 +33,43 @@ public final class SoloFilePathFilter extends FilePathFilter {
             throw new SecurityException("agent may not " + op + " " + f+"\nSee https://jenkins.io/redirect/security-144 for more details");
         return true;
     }
+    
+    private File normalize(File file){
+        return new File(FilePath.normalize(file.getAbsolutePath()));
+    }
 
     @Override
     public boolean read(File f) throws SecurityException {
-        return noFalse("read",f,base.read(f));
+        return noFalse("read",f,base.read(normalize(f)));
     }
 
     @Override
     public boolean write(File f) throws SecurityException {
-        return noFalse("write",f,base.write(f));
+        return noFalse("write",f,base.write(normalize(f)));
     }
 
     @Override
     public boolean symlink(File f) throws SecurityException {
-        return noFalse("symlink",f,base.write(f));
+        return noFalse("symlink",f,base.write(normalize(f)));
     }
 
     @Override
     public boolean mkdirs(File f) throws SecurityException {
-        return noFalse("mkdirs",f,base.mkdirs(f));
+        return noFalse("mkdirs",f,base.mkdirs(normalize(f)));
     }
 
     @Override
     public boolean create(File f) throws SecurityException {
-        return noFalse("create",f,base.create(f));
+        return noFalse("create",f,base.create(normalize(f)));
     }
 
     @Override
     public boolean delete(File f) throws SecurityException {
-        return noFalse("delete",f,base.delete(f));
+        return noFalse("delete",f,base.delete(normalize(f)));
     }
 
     @Override
     public boolean stat(File f) throws SecurityException {
-        return noFalse("stat",f,base.stat(f));
+        return noFalse("stat",f,base.stat(normalize(f)));
     }
 }
diff --git a/core/src/test/java/hudson/FilePathTest.java b/core/src/test/java/hudson/FilePathTest.java
index 3608318286..257f10d32c 100644
--- a/core/src/test/java/hudson/FilePathTest.java
+++ b/core/src/test/java/hudson/FilePathTest.java
@@ -599,7 +599,7 @@ public class FilePathTest {
             when(con.getResponseCode())
                 .thenReturn(HttpURLConnection.HTTP_NOT_MODIFIED);
 
-            assertFalse(d.installIfNecessaryFrom(url, null, null));
+            assertFalse(d.installIfNecessaryFrom(url, null, "message if failed"));
 
             verify(con).setIfModifiedSince(123000);
     }
@@ -618,7 +618,7 @@ public class FilePathTest {
             when(con.getInputStream())
               .thenReturn(someZippedContent());
 
-            assertTrue(d.installIfNecessaryFrom(url, null, null));
+            assertTrue(d.installIfNecessaryFrom(url, null, "message if failed"));
     }
 
     @Issue("JENKINS-26196")
diff --git a/test/src/test/java/jenkins/security/s2m/AdminFilePathFilterTest.java b/test/src/test/java/jenkins/security/s2m/AdminFilePathFilterTest.java
index 80d137d6a2..37af2825c0 100644
--- a/test/src/test/java/jenkins/security/s2m/AdminFilePathFilterTest.java
+++ b/test/src/test/java/jenkins/security/s2m/AdminFilePathFilterTest.java
@@ -25,8 +25,17 @@
 package jenkins.security.s2m;
 
 import java.io.File;
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.io.StringWriter;
+import java.lang.reflect.Field;
 import javax.inject.Inject;
 import static org.junit.Assert.*;
+
+import hudson.FilePath;
+import hudson.model.Slave;
+import hudson.remoting.Callable;
+import org.jenkinsci.remoting.RoleChecker;
 import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
@@ -57,5 +66,141 @@ public class AdminFilePathFilterTest {
         assertFalse(rule.checkFileAccess("write", new File(buildDir, "program.dat")));
         assertFalse(rule.checkFileAccess("write", new File(buildDir, "workflow/23.xml")));
     }
+    
+    @Test
+    public void slaveCannotReadFileFromSecrets_butCanFromUserContent() throws Exception {
+        Slave s = r.createOnlineSlave();
+        FilePath root = r.jenkins.getRootPath();
+        
+        { // agent can read userContent folder
+            FilePath rootUserContentFolder = root.child("userContent");
+            FilePath rootTargetPublic = rootUserContentFolder.child("target_public.txt");
+            rootTargetPublic.write("target_public", null);
+            checkSlave_can_readFile(s, rootTargetPublic);
+        }
+        
+        { // agent cannot read files inside secrets
+            FilePath rootSecretFolder = root.child("secrets");
+            FilePath rootTargetPrivate = rootSecretFolder.child("target_private.txt");
+            rootTargetPrivate.write("target_private", null);
+            
+            checkSlave_cannot_readFile(s, rootTargetPrivate);
+        }
+        
+        rule.setMasterKillSwitch(true);
+    
+        { // with the master kill switch activated, agent can read files inside secrets
+            FilePath rootSecretFolder = root.child("secrets");
+            FilePath rootTargetPrivate = rootSecretFolder.child("target_private.txt");
+        
+            checkSlave_can_readFile(s, rootTargetPrivate);
+        }
+    }
+    
+    private static class ReadFileS2MCallable implements Callable<String,Exception> {
+        private final FilePath p;
+        ReadFileS2MCallable(FilePath p) {
+            this.p = p;
+        }
+        @Override
+        public String call() throws Exception {
+            assertTrue(p.isRemote());
+            return p.readToString();
+        }
+        @Override
+        public void checkRoles(RoleChecker checker) throws SecurityException {
+            // simulate legacy Callable impls
+            throw new NoSuchMethodError();
+        }
+    }
+    
+    @Test
+    @Issue("SECURITY-788")
+    public void slaveCannotUse_dotDotSlashStuff_toBypassRestriction() throws Exception {
+        Slave s = r.createOnlineSlave();
+        FilePath root = r.jenkins.getRootPath();
+    
+        { // use ../ to access a non-restricted folder
+            FilePath rootUserContentFolder = root.child("userContent");
+            FilePath rootTargetPublic = rootUserContentFolder.child("target_public.txt");
+            rootTargetPublic.write("target_public", null);
+
+            FilePath dotDotSlashTargetPublic = root.child("logs/target_public.txt");
+            replaceRemote(dotDotSlashTargetPublic, "logs", "logs/../userContent");
 
+            checkSlave_can_readFile(s, dotDotSlashTargetPublic);
+        }
+        
+        { // use ../ to try to bypass the rules
+            FilePath rootSecretFolder = root.child("secrets");
+            FilePath rootTargetPrivate = rootSecretFolder.child("target_private.txt");
+            rootTargetPrivate.write("target_private", null);
+            
+            FilePath dotDotSlashTargetPrivate = root.child("userContent/target_private.txt");
+            replaceRemote(dotDotSlashTargetPrivate, "userContent", "userContent/../secrets");
+        
+            checkSlave_cannot_readFile(s, dotDotSlashTargetPrivate);
+        }
+    }
+    
+    @Test
+    @Issue("SECURITY-788")
+    public void slaveCannotUse_encodedCharacters_toBypassRestriction() throws Exception {
+        Slave s = r.createOnlineSlave();
+        FilePath root = r.jenkins.getRootPath();
+        
+        // \u002e is the Unicode of . and is interpreted directly by Java as .
+        
+        { // use ../ to access a non-restricted folder
+            FilePath rootUserContentFolder = root.child("userContent");
+            FilePath rootTargetPublic = rootUserContentFolder.child("target_public.txt");
+            rootTargetPublic.write("target_public", null);
+            
+            FilePath dotDotSlashTargetPublic = root.child("logs/target_public.txt");
+            replaceRemote(dotDotSlashTargetPublic, "logs", "logs/\u002e\u002e/userContent");
+            
+            checkSlave_can_readFile(s, dotDotSlashTargetPublic);
+        }
+        
+        { // use ../ to try to bypass the rules
+            FilePath rootSecretFolder = root.child("secrets");
+            FilePath rootTargetPrivate = rootSecretFolder.child("target_private.txt");
+            rootTargetPrivate.write("target_private", null);
+            
+            FilePath dotDotSlashTargetPrivate = root.child("userContent/target_private.txt");
+            replaceRemote(dotDotSlashTargetPrivate, "userContent", "userContent/\u002e\u002e/secrets");
+            
+            checkSlave_cannot_readFile(s, dotDotSlashTargetPrivate);
+        }
+    }
+    
+    private void checkSlave_can_readFile(Slave s, FilePath target) throws Exception {
+        // slave can read file from userContent
+        String content = s.getChannel().call(new ReadFileS2MCallable(target));
+        // and the master can directly reach it
+        assertEquals(target.readToString(), content);
+    }
+    
+    private void checkSlave_cannot_readFile(Slave s, FilePath target) throws Exception {
+        try {
+            s.getChannel().call(new ReadFileS2MCallable(target));
+            fail("Slave should not be able to read file in " + target.getRemote());
+        } catch (IOException e){
+            Throwable t = e.getCause();
+            assertTrue(t instanceof SecurityException);
+            SecurityException se = (SecurityException) t;
+            StringWriter sw = new StringWriter();
+            se.printStackTrace(new PrintWriter(sw));
+            assertTrue(sw.toString().contains("agent may not read"));
+        }
+    }
+    
+    // to bypass the normalization done in constructor
+    private void replaceRemote(FilePath p, String before, String after) throws Exception {
+        Field field = FilePath.class.getDeclaredField("remote");
+        field.setAccessible(true);
+        String currentRemote = (String) field.get(p);
+        String newRemote = currentRemote.replace(before, after);
+        field.set(p, newRemote);
+    }
 }
-- 
GitLab


From df137f099ec2000a00946fc307503d42269970d6 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Thu, 26 Apr 2018 10:39:53 +0200
Subject: [PATCH 360/863] Fix the CLI test failure

---
 core/src/main/java/hudson/cli/CLICommand.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/cli/CLICommand.java b/core/src/main/java/hudson/cli/CLICommand.java
index 329356ac49..d5535a700f 100644
--- a/core/src/main/java/hudson/cli/CLICommand.java
+++ b/core/src/main/java/hudson/cli/CLICommand.java
@@ -268,7 +268,7 @@ public abstract class CLICommand implements ExtensionPoint, Cloneable {
             sc.setAuthentication(getTransportAuthentication());
             new ClassParser().parse(authenticator,p);
 
-            if (!(this instanceof LoginCommand || this instanceof LogoutCommand || this instanceof HelpCommand))
+            if (!(this instanceof LoginCommand || this instanceof LogoutCommand || this instanceof HelpCommand || this instanceof WhoAmICommand))
                 Jenkins.getActiveInstance().checkPermission(Jenkins.READ);
             p.parseArgument(args.toArray(new String[args.size()]));
             Authentication auth = authenticator.authenticate();
-- 
GitLab


From aaa068a3050438bd4e3c61241d18defe497297ef Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jochen=20F=C3=BCrbacher?= <jochen.fuerbacher@1und1.de>
Date: Thu, 26 Apr 2018 10:45:01 +0200
Subject: [PATCH 361/863] Fixed encoding in German translation (log recorder
 levels)

---
 .../logging/LogRecorderManager/levels_de.properties       | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_de.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_de.properties
index 67c63809ce..6917971793 100644
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_de.properties
+++ b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_de.properties
@@ -23,7 +23,7 @@
 Logger\ Configuration=Logger-Konfiguration
 url=https://jenkins.io/redirect/log-levels
 Name=Name
-Level=Priorit\uFFFDt
-Adjust\ Levels=Priorit\uFFFDten (levels) anpassen
-defaultLoggerMsg=Der Logger ohne Namen ist der Default-Logger. Seine Priorit\uFFFDt \
-  wird von allen Loggern \uFFFDbernommen, f\uFFFDr die keine Priorit\uFFFDt explizit angegeben wurde.
\ No newline at end of file
+Level=Priorit\u00e4t
+Adjust\ Levels=Priorit\u00e4ten (levels) anpassen
+defaultLoggerMsg=Der Logger ohne Namen ist der Default-Logger. Seine Priorit\u00e4t \
+  wird von allen Loggern \u00fcbernommen, f\u00fcr die keine Priorit\u00e4t explizit angegeben wurde.
\ No newline at end of file
-- 
GitLab


From 3a124bfdb68daaec5050597c6f15e35a850d2cca Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jochen=20F=C3=BCrbacher?= <jochen.fuerbacher@1und1.de>
Date: Thu, 26 Apr 2018 12:28:55 +0200
Subject: [PATCH 362/863] Fixed regression of ed8d905

---
 .../hudson/logging/LogRecorderManager/levels_es.properties    | 4 ++--
 .../hudson/logging/LogRecorderManager/levels_it.properties    | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_es.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_es.properties
index 3aa52ced12..b0619b2434 100644
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_es.properties
+++ b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_es.properties
@@ -22,8 +22,8 @@
 
 url=https://jenkins.io/redirect/log-levels
 Level=Nivel de log
-Logger\ Configuration=Configuraci\uFFFDn del logger
+Logger\ Configuration=Configuraci\u00f3n del logger
 Name=Nombre
 defaultLoggerMsg=Por defecto se usa un Logger sin mombre. \
- Este nivel ser\uFFFD heredado por todos los loggers que no est\uFFFDn configurados con un nivel de log.
+ Este nivel ser\u00e0 heredado por todos los loggers que no est\u00e9n configurados con un nivel de log.
 Adjust\ Levels=Ajustar niveles de log.
diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_it.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_it.properties
index 7e27373cde..e34d443d08 100644
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_it.properties
+++ b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_it.properties
@@ -4,5 +4,5 @@ Adjust\ Levels=Regola livelli
 Level=Livello
 Logger\ Configuration=Configurazione registro
 Name=Nome
-defaultLoggerMsg=Il registro senza nome \uFFFD quello predefinito. Questo livello sar\uFFFD ereditato da tutti i registri senza un livello configurato.
+defaultLoggerMsg=Il registro senza nome \u00e8 quello predefinito. Questo livello sar\u00e0 ereditato da tutti i registri senza un livello configurato.
 url=https://jenkins.io/redirect/log-levels
-- 
GitLab


From 6dc32977fc6772a2e18452672d69b8b93ea3e832 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Sat, 17 Mar 2018 13:50:58 +0100
Subject: [PATCH 363/863] Add support for SHA-256/512 in update site metadata

---
 .../main/java/hudson/model/UpdateCenter.java  | 172 ++++++++++++++---
 .../main/java/hudson/model/UpdateSite.java    |  26 +++
 .../jenkins/util/JSONSignatureValidator.java  | 182 +++++++++++++-----
 .../java/hudson/model/UpdateCenterTest.java   | 143 ++++++++++++++
 4 files changed, 453 insertions(+), 70 deletions(-)

diff --git a/core/src/main/java/hudson/model/UpdateCenter.java b/core/src/main/java/hudson/model/UpdateCenter.java
index 109efb9d37..f928aa163d 100644
--- a/core/src/main/java/hudson/model/UpdateCenter.java
+++ b/core/src/main/java/hudson/model/UpdateCenter.java
@@ -23,6 +23,7 @@
  */
 package hudson.model;
 
+import com.google.common.annotations.VisibleForTesting;
 import hudson.BulkChange;
 import hudson.Extension;
 import hudson.ExtensionPoint;
@@ -37,6 +38,7 @@ import jenkins.util.SystemProperties;
 import hudson.Util;
 import hudson.XmlFile;
 import static hudson.init.InitMilestone.PLUGINS_STARTED;
+import static java.util.logging.Level.INFO;
 import static java.util.logging.Level.WARNING;
 
 import hudson.init.Initializer;
@@ -51,7 +53,6 @@ import hudson.util.DaemonThreadFactory;
 import hudson.util.FormValidation;
 import hudson.util.HttpResponses;
 import hudson.util.NamingThreadFactory;
-import hudson.util.IOException2;
 import hudson.util.PersistedList;
 import hudson.util.XStream2;
 import jenkins.MissingDependencyException;
@@ -64,6 +65,7 @@ import net.sf.json.JSONObject;
 import org.acegisecurity.Authentication;
 import org.acegisecurity.context.SecurityContext;
 import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.codec.binary.Hex;
 import org.apache.commons.io.input.CountingInputStream;
 import org.apache.commons.io.output.NullOutputStream;
 import org.jenkinsci.Symbol;
@@ -1107,12 +1109,15 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
          */
         public File download(DownloadJob job, URL src) throws IOException {
             MessageDigest sha1 = null;
+            MessageDigest sha256 = null;
+            MessageDigest sha512 = null;
             try {
+                // Java spec says SHA-1 and SHA-256 exist, and SHA-512 might not, so one try/catch block should be fine
                 sha1 = MessageDigest.getInstance("SHA-1");
-            } catch (NoSuchAlgorithmException ignored) {
-                // Irrelevant as the Java spec says SHA-1 must exist. Still, if this fails
-                // the DownloadJob will just have computedSha1 = null and that is expected
-                // to be handled by caller
+                sha256 = MessageDigest.getInstance("SHA-256");
+                sha512 = MessageDigest.getInstance("SHA-512");
+            } catch (NoSuchAlgorithmException nsa) {
+                LOGGER.log(Level.WARNING, "Failed to instantiate message digest algorithm, may only have weak or no verification of downloaded file", nsa);
             }
 
             URLConnection con = null;
@@ -1135,7 +1140,10 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
                 String oldName = t.getName();
                 t.setName(oldName + ": " + src);
                 try (OutputStream _out = Files.newOutputStream(tmp.toPath());
-                     OutputStream out = sha1 != null ? new DigestOutputStream(_out, sha1) : _out;
+                     OutputStream out =
+                             sha1 != null ? new DigestOutputStream(
+                                     sha256 != null ? new DigestOutputStream(
+                                             sha512 != null ? new DigestOutputStream(_out, sha512) : _out, sha256) : _out, sha1) : _out;
                      InputStream in = con.getInputStream();
                      CountingInputStream cin = new CountingInputStream(in)) {
                     while ((len = cin.read(buf)) >= 0) {
@@ -1159,6 +1167,14 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
                     byte[] digest = sha1.digest();
                     job.computedSHA1 = Base64.encodeBase64String(digest);
                 }
+                if (sha256 != null) {
+                    byte[] digest = sha256.digest();
+                    job.computedSHA256 = Hex.encodeHexString(digest);
+                }
+                if (sha512 != null) {
+                    byte[] digest = sha512.digest();
+                    job.computedSHA512 = Hex.encodeHexString(digest);
+                }
                 return tmp;
             } catch (IOException e) {
                 // assist troubleshooting in case of e.g. "too many redirects" by printing actual URL
@@ -1169,7 +1185,7 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
                     // Also, since it involved name resolution, it'd be an expensive operation.
                     extraMessage = " (redirected to: " + con.getURL() + ")";
                 }
-                throw new IOException2("Failed to download from "+src+extraMessage,e);
+                throw new IOException("Failed to download from "+src+extraMessage,e);
             }
         }
 
@@ -1589,11 +1605,18 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
             status = new Success();
         }
     }
+
+    @Restricted(NoExternalUse.class)
+    /*package*/ interface WithComputedChecksums {
+        String getComputedSHA1();
+        String getComputedSHA256();
+        String getComputedSHA512();
+    }
     
     /**
      * Base class for a job that downloads a file from the Jenkins project.
      */
-    public abstract class DownloadJob extends UpdateCenterJob {
+    public abstract class DownloadJob extends UpdateCenterJob implements WithComputedChecksums {
         /**
          * Immutable object representing the current state of this job.
          */
@@ -1620,16 +1643,41 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
 
         /**
          * During download, an attempt is made to compute the SHA-1 checksum of the file.
+         * This is the base64 encoded SHA-1 checksum.
          *
          * @since 1.641
          */
         @CheckForNull
-        protected String getComputedSHA1() {
+        public String getComputedSHA1() {
             return computedSHA1;
         }
 
         private String computedSHA1;
 
+        /**
+         * Hex encoded SHA-256 checksum of the downloaded file, if it could be computed.
+         *
+         * @since TODO
+         */
+        @CheckForNull
+        public String getComputedSHA256() {
+            return computedSHA256;
+        }
+
+        private String computedSHA256;
+
+        /**
+         *Hex encoded SHA-512 checksum of the downloaded file, if it could be computed.
+         *
+         * @since TODO
+         */
+        @CheckForNull
+        public String getComputedSHA512() {
+            return computedSHA512;
+        }
+
+        private String computedSHA512;
+
         private Authentication authentication;
 
         /**
@@ -1794,22 +1842,94 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
     }
 
     /**
-     * If expectedSHA1 is non-null, ensure that actualSha1 is the same value, otherwise throw.
-     *
-     * Utility method for InstallationJob and HudsonUpgradeJob.
+     * Compare the provided values and return the appropriate {@link VerificationResult}.
      *
-     * @throws IOException when checksums don't match, or actual checksum was null.
      */
-    private void verifyChecksums(String expectedSHA1, String actualSha1, File downloadedFile) throws IOException {
-        if (expectedSHA1 != null) {
-            if (actualSha1 == null) {
-                // refuse to install if SHA-1 could not be computed
+    private static VerificationResult verifyChecksums(String expectedDigest, String actualDigest, boolean caseSensitive) {
+        if (expectedDigest == null) {
+            return VerificationResult.NOT_PROVIDED;
+        }
+
+        if (actualDigest == null) {
+            return VerificationResult.NOT_COMPUTED;
+        }
+
+        if (caseSensitive ? expectedDigest.equals(actualDigest) : expectedDigest.equalsIgnoreCase(actualDigest)) {
+            return VerificationResult.PASS;
+        }
+
+        return VerificationResult.FAIL;
+    }
+
+    private static enum VerificationResult {
+        PASS,
+        NOT_PROVIDED,
+        NOT_COMPUTED,
+        FAIL
+    }
+
+    /**
+     * Throws an {@code IOException} with a message about {@code actual} not matching {@code expected} for {@code file} when using {@code algorithm}.
+     */
+    private static void throwVerificationFailure(String expected, String actual, File file, String algorithm) throws IOException {
+        throw new IOException("Downloaded file " + file.getAbsolutePath() + " does not match expected " + algorithm + ", expected '" + expected + "', actual '" + actual + "'");
+    }
+
+    /**
+     * Implements the checksum verification logic with fallback to weaker algorithm for {@link DownloadJob}.
+     * @param job The job downloading the file to check
+     * @param entry The metadata entry for the file to check
+     * @param file The downloaded file
+     * @throws IOException thrown when one of the checks failed, or no checksum could be computed.
+     */
+    @VisibleForTesting
+    @Restricted(NoExternalUse.class)
+    /* package */ static void verifyChecksums(WithComputedChecksums job, UpdateSite.Entry entry, File file) throws IOException {
+        VerificationResult result512 = verifyChecksums(entry.getSha512(), job.getComputedSHA512(), false);
+        switch (result512) {
+            case PASS:
+                // this has passed but no real reason not to check the others
+                break;
+            case FAIL:
+                throwVerificationFailure(entry.getSha512(), job.getComputedSHA512(), file, "SHA-512");
+            case NOT_COMPUTED:
+                LOGGER.log(WARNING, "Attempt to verify a downloaded file (" + file.getName() + ") using SHA-512 failed since it could not be computed. Falling back to weaker algorithms. Update your JRE.");
+                break;
+            case NOT_PROVIDED:
+                LOGGER.log(INFO, "Attempt to verify a downloaded file (" + file.getName() + ") using SHA-512 failed since your configured update site does not provide this checksum. Falling back to weaker algorithms.");
+                break;
+        }
+
+        VerificationResult result256 = verifyChecksums(entry.getSha256(), job.getComputedSHA256(), false);
+        switch (result256) {
+            case PASS:
+                // this has passed but no real reason not to check the others
+                break;
+            case FAIL:
+                throwVerificationFailure(entry.getSha256(), job.getComputedSHA256(), file, "SHA-256");
+            case NOT_COMPUTED:
+            case NOT_PROVIDED:
+                // we've probably already complained once, and if not, we've passed SHA-512.
+                break;
+        }
+
+        VerificationResult result1 = verifyChecksums(entry.getSha1(), job.getComputedSHA1(), true);
+        switch (result1) {
+            case PASS:
+                return;
+            case FAIL:
+                throwVerificationFailure(entry.getSha1(), job.getComputedSHA1(), file, "SHA-1");
+            case NOT_COMPUTED:
+                // we need to make sure that at least one of the checks has passed, otherwise this is a problem
+                if (result256 == VerificationResult.PASS || result512 == VerificationResult.PASS) {
+                    return;
+                }
                 throw new IOException("Failed to compute SHA-1 of downloaded file, refusing installation");
-            }
-            if (!expectedSHA1.equals(actualSha1)) {
-                throw new IOException("Downloaded file " + downloadedFile.getAbsolutePath() + " does not match expected SHA-1, expected '" + expectedSHA1 + "', actual '" + actualSha1 + "'");
-                // keep 'downloadedFile' around for investigating what's going on
-            }
+            case NOT_PROVIDED:
+                if (result256 == VerificationResult.PASS || result512 == VerificationResult.PASS) {
+                    return;
+                }
+                throw new IOException("Unable to confirm integrity of downloaded file, refusing installation");
         }
     }
 
@@ -1959,8 +2079,9 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
          */
         @Override
         protected void replace(File dst, File src) throws IOException {
-
-            verifyChecksums(plugin.getSha1(), getComputedSHA1(), src);
+            if (!site.getId().equals(ID_UPLOAD)) {
+                verifyChecksums(this, plugin, src);
+            }
 
             File bak = Util.changeExtension(dst, ".bak");
             bak.delete();
@@ -2094,8 +2215,7 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
 
         @Override
         protected void replace(File dst, File src) throws IOException {
-            String expectedSHA1 = site.getData().core.getSha1();
-            verifyChecksums(expectedSHA1, getComputedSHA1(), src);
+            verifyChecksums(this, site.getData().core, src);
             Lifecycle.get().rewriteHudsonWar(src);
         }
     }
diff --git a/core/src/main/java/hudson/model/UpdateSite.java b/core/src/main/java/hudson/model/UpdateSite.java
index 5771bf1e54..e695c48607 100644
--- a/core/src/main/java/hudson/model/UpdateSite.java
+++ b/core/src/main/java/hudson/model/UpdateSite.java
@@ -616,6 +616,12 @@ public class UpdateSite {
         @Restricted(NoExternalUse.class)
         /* final */ String sha1;
 
+        @Restricted(NoExternalUse.class)
+        /* final */ String sha256;
+
+        @Restricted(NoExternalUse.class)
+        /* final */ String sha512;
+
         public Entry(String sourceId, JSONObject o) {
             this(sourceId, o, null);
         }
@@ -628,6 +634,8 @@ public class UpdateSite {
             // Trim this to prevent issues when the other end used Base64.encodeBase64String that added newlines
             // to the end in old commons-codec. Not the case on updates.jenkins-ci.org, but let's be safe.
             this.sha1 = Util.fixEmptyAndTrim(o.optString("sha1"));
+            this.sha256 = Util.fixEmptyAndTrim(o.optString("sha256"));
+            this.sha512 = Util.fixEmptyAndTrim(o.optString("sha512"));
 
             String url = o.getString("url");
             if (!URI.create(url).isAbsolute()) {
@@ -649,6 +657,24 @@ public class UpdateSite {
             return sha1;
         }
 
+        /**
+         * The hex string encoded SHA-256 checksum of the file.
+         * Can be null if not provided by the update site.
+         * @since TODO
+         */
+        public String getSha256() {
+            return sha256;
+        }
+
+        /**
+         * The hex string encoded SHA-512 checksum of the file.
+         * Can be null if not provided by the update site.
+         * @since TODO
+         */
+        public String getSha512() {
+            return sha512;
+        }
+
         /**
          * Checks if the specified "current version" is older than the version of this entry.
          *
diff --git a/core/src/main/java/jenkins/util/JSONSignatureValidator.java b/core/src/main/java/jenkins/util/JSONSignatureValidator.java
index 1d23b70984..b45f1d5e65 100644
--- a/core/src/main/java/jenkins/util/JSONSignatureValidator.java
+++ b/core/src/main/java/jenkins/util/JSONSignatureValidator.java
@@ -2,10 +2,15 @@ package jenkins.util;
 
 import com.trilead.ssh2.crypto.Base64;
 import hudson.util.FormValidation;
+
+import java.io.UnsupportedEncodingException;
 import java.nio.file.Files;
 import java.nio.file.InvalidPathException;
 import jenkins.model.Jenkins;
 import net.sf.json.JSONObject;
+import org.apache.commons.codec.DecoderException;
+import org.apache.commons.codec.binary.Hex;
+import org.apache.commons.io.Charsets;
 import org.apache.commons.io.output.NullOutputStream;
 import org.apache.commons.io.output.TeeOutputStream;
 import org.jvnet.hudson.crypto.CertificateUtil;
@@ -20,7 +25,9 @@ import java.io.OutputStreamWriter;
 import java.security.DigestOutputStream;
 import java.security.GeneralSecurityException;
 import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
 import java.security.Signature;
+import java.security.SignatureException;
 import java.security.cert.Certificate;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateExpiredException;
@@ -78,64 +85,151 @@ public class JSONSignatureValidator {
                 CertificateUtil.validatePath(certs, loadTrustAnchors(cf));
             }
 
-            // this is for computing a digest to check sanity
-            MessageDigest sha1 = MessageDigest.getInstance("SHA1");
-            DigestOutputStream dos = new DigestOutputStream(new NullOutputStream(),sha1);
-
-            // this is for computing a signature
-            Signature sig = Signature.getInstance("SHA1withRSA");
             if (certs.isEmpty()) {
                 return FormValidation.error("No certificate found in %s. Cannot verify the signature", name);
-            } else {    
-                sig.initVerify(certs.get(0));
-            }
-            SignatureOutputStream sos = new SignatureOutputStream(sig);
-
-            // until JENKINS-11110 fix, UC used to serve invalid digest (and therefore unverifiable signature)
-            // that only covers the earlier portion of the file. This was caused by the lack of close() call
-            // in the canonical writing, which apparently leave some bytes somewhere that's not flushed to
-            // the digest output stream. This affects Jenkins [1.424,1,431].
-            // Jenkins 1.432 shipped with the "fix" (1eb0c64abb3794edce29cbb1de50c93fa03a8229) that made it
-            // compute the correct digest, but it breaks all the existing UC json metadata out there. We then
-            // quickly discovered ourselves in the catch-22 situation. If we generate UC with the correct signature,
-            // it'll cut off [1.424,1.431] from the UC. But if we don't, we'll cut off [1.432,*).
-            //
-            // In 1.433, we revisited 1eb0c64abb3794edce29cbb1de50c93fa03a8229 so that the original "digest"/"signature"
-            // pair continues to be generated in a buggy form, while "correct_digest"/"correct_signature" are generated
-            // correctly.
-            //
-            // Jenkins should ignore "digest"/"signature" pair. Accepting it creates a vulnerability that allows
-            // the attacker to inject a fragment at the end of the json.
-            o.writeCanonical(new OutputStreamWriter(new TeeOutputStream(dos,sos),"UTF-8")).close();
-
-            // did the digest match? this is not a part of the signature validation, but if we have a bug in the c14n
-            // (which is more likely than someone tampering with update center), we can tell
-            String computedDigest = new String(Base64.encode(sha1.digest()));
-            String providedDigest = signature.optString("correct_digest");
-            if (providedDigest==null) {
-                return FormValidation.error("No correct_digest parameter in "+name+". This metadata appears to be old.");
             }
-            if (!computedDigest.equalsIgnoreCase(providedDigest)) {
-                String msg = "Digest mismatch: computed=" + computedDigest + " vs expected=" + providedDigest + " in " + name;
-                if (LOGGER.isLoggable(Level.SEVERE)) {
-                    LOGGER.severe(msg);
-                    LOGGER.severe(o.toString(2));
+
+            // check the better digest first
+            FormValidation resultSha512 = null;
+            try {
+                MessageDigest digest = MessageDigest.getInstance("SHA-512");
+                Signature sig = Signature.getInstance("SHA512withRSA");
+                sig.initVerify(certs.get(0));
+                resultSha512 = checkSpecificSignature(o, signature, digest, "correct_digest512", sig, "correct_signature512", "SHA-512");
+                switch (resultSha512.kind) {
+                    case ERROR:
+                        return resultSha512;
+                    case WARNING:
+                        LOGGER.log(Level.INFO, "JSON data source '" + name + "' does not provide a SHA-512 content checksum or signature. Looking for SHA-1.");
+                        break;
+                    case OK:
+                        // fall through
                 }
-                return FormValidation.error(msg);
+            } catch (NoSuchAlgorithmException nsa) {
+                LOGGER.log(Level.WARNING, "Failed to verify potential SHA-512 digest/signature, falling back to SHA-1", nsa);
             }
 
-            String providedSignature = signature.getString("correct_signature");
-            if (!sig.verify(Base64.decode(providedSignature.toCharArray()))) {
-                return FormValidation.error("Signature in the update center doesn't match with the certificate in "+name);
+            // if we get here, SHA-512 passed, wasn't provided, or the JRE is terrible.
+
+            MessageDigest digest = MessageDigest.getInstance("SHA1");
+            Signature sig = Signature.getInstance("SHA1withRSA");
+            sig.initVerify(certs.get(0));
+            FormValidation resultSha1 = checkSpecificSignature(o, signature, digest, "correct_digest", sig, "correct_signature", "SHA-1");
+
+            switch (resultSha1.kind) {
+                case ERROR:
+                    return resultSha1;
+                case WARNING:
+                    if (resultSha512.kind == FormValidation.Kind.WARNING) {
+                        // neither signature provided
+                        return FormValidation.error("No correct_signature or correct_signature512 entry found in '" + name + "'.");
+                    }
+                case OK:
+                    // fall through
             }
 
             if (warning!=null)  return warning;
             return FormValidation.ok();
         } catch (GeneralSecurityException e) {
-            return FormValidation.error(e,"Signature verification failed in "+name);
+            return FormValidation.error(e, "Signature verification failed in "+name);
         }
     }
 
+
+    /**
+     * Computes the specified {@code digest} and {@code signature} for the provided {@code json} object and checks whether they match {@code digestEntry} and {@signatureEntry} in the provided {@code signatureJson} object.
+     *
+     * @param json the full update-center.json content
+     * @param signatureJson signature block from update-center.json
+     * @param digest digest to compute
+     * @param digestEntry key of the digest entry in {@code signatureJson} to check
+     * @param signature signature to compute
+     * @param signatureEntry key of the signature entry in {@code signatureJson} to check
+     * @param digestName name of the digest used for log/error messages
+     * @return {@link FormValidation.Kind#WARNING} if digest or signature are not provided, {@link FormValidation.Kind#OK} if check is successful, {@link FormValidation.Kind#ERROR} otherwise.
+     * @throws IOException if this somehow fails to write the canonical JSON representation to an in-memory stream.
+     */
+    private FormValidation checkSpecificSignature(JSONObject json, JSONObject signatureJson, MessageDigest digest, String digestEntry, Signature signature, String signatureEntry, String digestName) throws IOException {
+        // this is for computing a digest to check sanity
+        DigestOutputStream dos = new DigestOutputStream(new NullOutputStream(), digest);
+        SignatureOutputStream sos = new SignatureOutputStream(signature);
+
+        String providedDigest = signatureJson.optString(digestEntry, null);
+        if (providedDigest == null) {
+            return FormValidation.warning("No '" + digestEntry + "' found");
+        }
+
+        String providedSignature = signatureJson.optString(signatureEntry, null);
+        if (providedSignature == null) {
+            return FormValidation.warning("No '" + signatureEntry + "' found");
+        }
+
+        // until JENKINS-11110 fix, UC used to serve invalid digest (and therefore unverifiable signature)
+        // that only covers the earlier portion of the file. This was caused by the lack of close() call
+        // in the canonical writing, which apparently leave some bytes somewhere that's not flushed to
+        // the digest output stream. This affects Jenkins [1.424,1,431].
+        // Jenkins 1.432 shipped with the "fix" (1eb0c64abb3794edce29cbb1de50c93fa03a8229) that made it
+        // compute the correct digest, but it breaks all the existing UC json metadata out there. We then
+        // quickly discovered ourselves in the catch-22 situation. If we generate UC with the correct signature,
+        // it'll cut off [1.424,1.431] from the UC. But if we don't, we'll cut off [1.432,*).
+        //
+        // In 1.433, we revisited 1eb0c64abb3794edce29cbb1de50c93fa03a8229 so that the original "digest"/"signature"
+        // pair continues to be generated in a buggy form, while "correct_digest"/"correct_signature" are generated
+        // correctly.
+        //
+        // Jenkins should ignore "digest"/"signature" pair. Accepting it creates a vulnerability that allows
+        // the attacker to inject a fragment at the end of the json.
+        json.writeCanonical(new OutputStreamWriter(new TeeOutputStream(dos,sos), Charsets.UTF_8)).close();
+
+        // did the digest match? this is not a part of the signature validation, but if we have a bug in the c14n
+        // (which is more likely than someone tampering with update center), we can tell
+
+        if (!digestMatches(digest.digest(), providedDigest)) {
+            String msg = digestName + " digest mismatch: expected=" + providedDigest + " in '" + name + "'";
+            if (LOGGER.isLoggable(Level.SEVERE)) {
+                LOGGER.severe(msg);
+                LOGGER.severe(json.toString(2));
+            }
+            return FormValidation.error(msg);
+        }
+
+        if (!verifySignature(signature, providedSignature)) {
+            return FormValidation.error(digestName + " based signature in the update center doesn't match with the certificate in '"+name + "'");
+        }
+
+        return FormValidation.ok();
+    }
+
+    /**
+     * Utility method supporting both possible signature formats: Base64 and Hex
+     */
+    private boolean verifySignature(Signature signature, String providedSignature) {
+        try {
+            if (signature.verify(Base64.decode(providedSignature.toCharArray()))) {
+                return true;
+            }
+        } catch (SignatureException|IOException ignore) {
+            // ignore
+        }
+
+        try {
+            if (signature.verify(Hex.decodeHex(providedSignature.toCharArray()))) {
+                return true;
+            }
+        } catch (SignatureException|DecoderException ignore) {
+            // ignore
+        }
+        return false;
+    }
+
+    /**
+     * Utility method supporting both possible digest formats: Base64 and Hex
+     */
+    private boolean digestMatches(byte[] digest, String providedDigest) {
+        return providedDigest.equalsIgnoreCase(Hex.encodeHexString(digest)) || providedDigest.equalsIgnoreCase(new String(Base64.encode(digest)));
+    }
+
+
     protected Set<TrustAnchor> loadTrustAnchors(CertificateFactory cf) throws IOException {
         // if we trust default root CAs, we end up trusting anyone who has a valid certificate,
         // which isn't useful at all
diff --git a/core/src/test/java/hudson/model/UpdateCenterTest.java b/core/src/test/java/hudson/model/UpdateCenterTest.java
index 5d21e77b3f..cdb412f27f 100644
--- a/core/src/test/java/hudson/model/UpdateCenterTest.java
+++ b/core/src/test/java/hudson/model/UpdateCenterTest.java
@@ -1,9 +1,17 @@
 package hudson.model;
 
+import net.sf.json.JSONObject;
 import org.junit.Test;
 
+import java.io.File;
+import java.io.IOException;
+import java.util.Locale;
+
 import static org.hamcrest.CoreMatchers.is;
+import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertThat;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
 
 public class UpdateCenterTest {
 
@@ -41,4 +49,139 @@ public class UpdateCenterTest {
                 "file://./foo.jar!update-center.json").toExternalForm(),
                 is("file://./foo.jar!update-center.json"));
     }
+
+    @Test
+    public void noChecksums() {
+        try {
+            UpdateCenter.verifyChecksums(new MockDownloadJob(null, null, null), buildEntryWithExpectedChecksums(null, null, null), new File("example"));
+            fail();
+        } catch (IOException ex) {
+            assertEquals("Unable to confirm integrity of downloaded file, refusing installation", ex.getMessage());
+        }
+    }
+
+    @Test
+    public void sha1Match() throws Exception {
+        UpdateCenter.verifyChecksums(
+                new MockDownloadJob(EMPTY_SHA1, null, null),
+                buildEntryWithExpectedChecksums(EMPTY_SHA1, null, null), new File("example"));
+    }
+
+    @Test
+    public void sha1Mismatch() {
+        try {
+            UpdateCenter.verifyChecksums(
+                    new MockDownloadJob(EMPTY_SHA1.replace('k', 'f'), null, null),
+                    buildEntryWithExpectedChecksums(EMPTY_SHA1, null, null), new File("example"));
+            fail();
+        } catch (IOException ex) {
+            assertTrue(ex.getMessage().contains("does not match expected SHA-1, expected '2jmj7l5rSw0yVb/vlWAYkK/YBwk=', actual '2jmj7l5rSw0yVb/vlWAYfK/YBwf='"));
+        }
+    }
+
+    @Test
+    public void sha512ProvidedOnly() throws IOException {
+        UpdateCenter.verifyChecksums(
+                new MockDownloadJob(EMPTY_SHA1, EMPTY_SHA256, EMPTY_SHA512),
+                buildEntryWithExpectedChecksums(null, null, EMPTY_SHA512), new File("example"));
+    }
+
+    @Test
+    public void sha512and256IgnoreCase() throws IOException {
+        UpdateCenter.verifyChecksums(
+                new MockDownloadJob(EMPTY_SHA1, EMPTY_SHA256.toUpperCase(Locale.US), EMPTY_SHA512.toUpperCase(Locale.US)),
+                buildEntryWithExpectedChecksums(null, EMPTY_SHA256, EMPTY_SHA512), new File("example"));
+    }
+
+    @Test
+    public void sha1DoesNotIgnoreCase() {
+        try {
+            UpdateCenter.verifyChecksums(
+                    new MockDownloadJob(EMPTY_SHA1, EMPTY_SHA256, EMPTY_SHA512),
+                    buildEntryWithExpectedChecksums(EMPTY_SHA1.toUpperCase(Locale.US), null, null), new File("example"));
+            fail();
+        } catch (Exception e) {
+            assertTrue(e.getMessage().contains("does not match expected SHA-1, expected '2JMJ7L5RSW0YVB/VLWAYKK/YBWK=', actual '2jmj7l5rSw0yVb/vlWAYkK/YBwk='"));
+        }
+
+    }
+
+    @Test
+    public void noOverlapForComputedAndProvidedChecksums() {
+        try {
+            UpdateCenter.verifyChecksums(
+                    new MockDownloadJob(EMPTY_SHA1, EMPTY_SHA256, null),
+                    buildEntryWithExpectedChecksums(null, null, EMPTY_SHA512), new File("example"));
+            fail();
+        } catch (Exception e) {
+            assertTrue(e.getMessage().equals("Unable to confirm integrity of downloaded file, refusing installation"));
+        }
+    }
+
+    @Test
+    public void noOverlapForComputedAndProvidedChecksumsForSpecIncompliantJVM() {
+        try {
+            UpdateCenter.verifyChecksums(
+                    new MockDownloadJob(EMPTY_SHA1, null, null),
+                    buildEntryWithExpectedChecksums(null, EMPTY_SHA256, EMPTY_SHA512), new File("example"));
+            fail();
+        } catch (Exception e) {
+            assertTrue(e.getMessage().equals("Unable to confirm integrity of downloaded file, refusing installation"));
+        }
+    }
+
+
+    private static String EMPTY_SHA1 = "2jmj7l5rSw0yVb/vlWAYkK/YBwk=";
+    private static String EMPTY_SHA256 = "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
+    private static String EMPTY_SHA512 = "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e";
+
+    private static UpdateSite.Entry buildEntryWithExpectedChecksums(String expectedSHA1, String expectedSHA256, String expectedSHA512) {
+        JSONObject o = new JSONObject();
+        o.put("name", "unnamed");
+        o.put("version", "unspecified");
+        o.put("url", "https://example.invalid");
+        if (expectedSHA1 != null) {
+            o.put("sha1", expectedSHA1);
+        }
+        if (expectedSHA256 != null) {
+            o.put("sha256", expectedSHA256);
+        }
+        if (expectedSHA512 != null) {
+            o.put("sha512", expectedSHA512);
+        }
+        return new MockEntry(o);
+    }
+
+    private static class MockEntry extends UpdateSite.Entry {
+
+        MockEntry(JSONObject o) {
+            // needs name, version, url, optionally sha1, sha256, sha512
+            super("default", o);
+        }
+    }
+
+    private static class MockDownloadJob implements UpdateCenter.WithComputedChecksums {
+
+        private final String computedSHA1;
+        private final String computedSHA256;
+        private final String computedSHA512;
+
+        public MockDownloadJob(String computedSHA1, String computedSHA256, String computedSHA512) {
+            this.computedSHA1 = computedSHA1;
+            this.computedSHA256 = computedSHA256;
+            this.computedSHA512 = computedSHA512;
+        }
+
+        public String getComputedSHA1() {
+            return this.computedSHA1;
+        }
+
+        public String getComputedSHA256() {
+            return computedSHA256;
+        }
+
+        public String getComputedSHA512() {
+            return computedSHA512;
+        }
+    }
 }
-- 
GitLab


From 17b94a044a03e49ca7f4a87af69a993354ec0df1 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <Wadeck@users.noreply.github.com>
Date: Thu, 26 Apr 2018 16:58:29 +0200
Subject: [PATCH 364/863] [JENKINS-31661] Check the root url (Admin monitor +
 Wizard) (#3082)

* [JENKINS-31661] Add an administrative monitor to check the root url configuration
- add the monitor + test

* - corrections requested by Oleg in code review

* - add a field to fill during SetupWizard for the rootUrl (default value using javascript but editable)
- WIP : missing the translation

* - revert whitespace change

* - little refactoring of js methods

* - translation added

* - modification requested during PR by Jesse

* - renaming proposed by Keith

* - rework to have a new page in the SetupWizard for the root URL

* Correct relevant non-conflicting merge changes

* - in case of skip => also skip the instance configuration
- terminate => finish (+ uppercase)
- replace double single quotes
- add help message in the wizard to inform admins
- correct the installState serialization problem
- update working (admin monitor + wizard)

* address Daniel's comment
- skip all steps will show two messages instead of one (like before when clicking on skip twice)
- skip => not now
- remove margin and adjust padding for the wizard forms
- add the "if possible"

* address Arnaud's comment on the sauter vs passer

* address Liam's comment

* correct previous commit typo

* correct previous commit typo (2)

* add blank end line

* address James' comment

* address Daniel's comment

* address Devin's comment
- implement error management in the wizard
- provide different message in the monitor in case of null / invalid url
- add an helper to validate URL (even with _ in domain)
- add @Restricted

* - also update the monitor test to be consistent with its new behavior

* address Devin's comments

* correct header files

* include relevant classes for the url validation from commons-validator:1.6

* Move Apache classes in a more standard package
---
 .../main/java/hudson/util/HttpResponses.java  |   26 +-
 .../diagnostics/RootUrlNotSetMonitor.java     |   66 +
 .../java/jenkins/install/InstallState.java    |   44 +-
 .../java/jenkins/install/InstallUtil.java     |   47 +-
 .../java/jenkins/install/SetupWizard.java     |   81 +-
 .../model/JenkinsLocationConfiguration.java   |   18 +-
 .../validator/routines/DomainValidator.java   | 2072 +++++++++++++++++
 .../routines/InetAddressValidator.java        |  196 ++
 .../validator/routines/RegexValidator.java    |  237 ++
 .../validator/routines/UrlValidator.java      |  551 +++++
 .../src/main/java/jenkins/util/UrlHelper.java |   58 +
 .../jenkins/diagnostics/Messages.properties   |    1 +
 .../RootUrlNotSetMonitor/message.jelly        |   36 +
 .../RootUrlNotSetMonitor/message.properties   |    6 +
 .../jenkins/install/Messages.properties       |   24 +
 .../setupWizardConfigureInstance.jelly        |  122 +
 .../setupWizardConfigureInstance.properties   |    6 +
 ...setupWizardConfigureInstance_fr.properties |    2 +
 .../SetupWizard/setupWizardFirstUser.jelly    |    4 +-
 .../setupWizardFirstUser.properties           |    2 +-
 .../setupWizardFirstUser_fr.properties        |    2 +-
 .../install/pluginSetupWizard.properties      |   16 +-
 .../install/pluginSetupWizard_fr.properties   |   24 +-
 .../test/java/jenkins/util/UrlHelperTest.java |   44 +
 .../diagnostics/RootUrlNotSetMonitorTest.java |   64 +
 war/src/main/js/api/securityConfig.js         |   21 +-
 war/src/main/js/pluginSetupWizardGui.js       |  100 +-
 .../main/js/templates/configureInstance.hbs   |   18 +
 28 files changed, 3807 insertions(+), 81 deletions(-)
 create mode 100644 core/src/main/java/jenkins/diagnostics/RootUrlNotSetMonitor.java
 create mode 100644 core/src/main/java/jenkins/org/apache/commons/validator/routines/DomainValidator.java
 create mode 100644 core/src/main/java/jenkins/org/apache/commons/validator/routines/InetAddressValidator.java
 create mode 100644 core/src/main/java/jenkins/org/apache/commons/validator/routines/RegexValidator.java
 create mode 100644 core/src/main/java/jenkins/org/apache/commons/validator/routines/UrlValidator.java
 create mode 100644 core/src/main/java/jenkins/util/UrlHelper.java
 create mode 100644 core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message.jelly
 create mode 100644 core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message.properties
 create mode 100644 core/src/main/resources/jenkins/install/Messages.properties
 create mode 100644 core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance.jelly
 create mode 100644 core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance.properties
 create mode 100644 core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance_fr.properties
 create mode 100644 core/src/test/java/jenkins/util/UrlHelperTest.java
 create mode 100644 test/src/test/java/jenkins/diagnostics/RootUrlNotSetMonitorTest.java
 create mode 100644 war/src/main/js/templates/configureInstance.hbs

diff --git a/core/src/main/java/hudson/util/HttpResponses.java b/core/src/main/java/hudson/util/HttpResponses.java
index 8c4bdeda9a..2616533f9c 100644
--- a/core/src/main/java/hudson/util/HttpResponses.java
+++ b/core/src/main/java/hudson/util/HttpResponses.java
@@ -89,16 +89,28 @@ public class HttpResponses extends org.kohsuke.stapler.HttpResponses {
         return new JSONObjectResponse(data);
     }
 
-        /**
-         * Set the response as an error response.
-         * @param message The error "message" set on the response.
-         * @return {@code this} object.
-         *
-         * @since 2.0
-         */
+    /**
+     * Set the response as an error response.
+     * @param message The error "message" set on the response.
+     * @return {@code this} object.
+     *
+     * @since 2.0
+     */
     public static HttpResponse errorJSON(@Nonnull String message) {
         return new JSONObjectResponse().error(message);
     }
+    
+    /**
+     * Set the response as an error response plus some data.
+     * @param message The error "message" set on the response.
+     * @param data The data.
+     * @return {@code this} object.
+     *
+     * @since TODO
+     */
+    public static HttpResponse errorJSON(@Nonnull String message, @Nonnull Map<?,?> data) {
+        return new JSONObjectResponse(data).error(message);
+    }
 
     /**
      * Set the response as an error response plus some data.
diff --git a/core/src/main/java/jenkins/diagnostics/RootUrlNotSetMonitor.java b/core/src/main/java/jenkins/diagnostics/RootUrlNotSetMonitor.java
new file mode 100644
index 0000000000..3e9a245f73
--- /dev/null
+++ b/core/src/main/java/jenkins/diagnostics/RootUrlNotSetMonitor.java
@@ -0,0 +1,66 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.diagnostics;
+
+import hudson.Extension;
+import hudson.model.AdministrativeMonitor;
+import jenkins.model.JenkinsLocationConfiguration;
+import jenkins.util.UrlHelper;
+import org.jenkinsci.Symbol;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+
+/**
+ * Jenkins root URL is required for a lot of operations in both core and plugins.
+ * There is a default behavior (infer the URL from the request object), but inaccurate in some scenarios.
+ * Normally this root URL is set during SetupWizard phase, this monitor is there to ensure that behavior.
+ * Potential exceptions are the dev environment, if someone disable the wizard or
+ * the administrator put an empty string on the configuration page.
+ *
+ * @since TODO
+ */
+@Extension
+@Symbol("rootUrlNotSet")
+@Restricted(NoExternalUse.class)
+public class RootUrlNotSetMonitor extends AdministrativeMonitor {
+    @Override
+    public String getDisplayName() {
+        return Messages.RootUrlNotSetMonitor_DisplayName();
+    }
+
+    @Override
+    public boolean isActivated() {
+        JenkinsLocationConfiguration loc = JenkinsLocationConfiguration.get();
+        return loc != null && (
+                loc.getUrl() == null || !UrlHelper.isValidRootUrl(loc.getUrl())
+        );
+    }
+    
+    // used by jelly to determined if it's a null url or invalid one
+    @Restricted(NoExternalUse.class)
+    public boolean isUrlNull(){
+        JenkinsLocationConfiguration loc = JenkinsLocationConfiguration.get();
+        return loc != null && loc.getUrl() == null;
+    }
+}
diff --git a/core/src/main/java/jenkins/install/InstallState.java b/core/src/main/java/jenkins/install/InstallState.java
index dc6f9dc534..0e69ac60cd 100644
--- a/core/src/main/java/jenkins/install/InstallState.java
+++ b/core/src/main/java/jenkins/install/InstallState.java
@@ -32,6 +32,7 @@ import hudson.ExtensionPoint;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 import jenkins.model.Jenkins;
+import jenkins.model.JenkinsLocationConfiguration;
 import org.apache.commons.lang.StringUtils;
 /**
  * Jenkins install state.
@@ -47,7 +48,13 @@ import org.apache.commons.lang.StringUtils;
 public class InstallState implements ExtensionPoint {
 
     /**
-     * Only here for XStream compatibility.
+     * Only here for XStream compatibility. <p>
+     * 
+     * Please DO NOT ADD ITEM TO THIS LIST. <p>
+     * If you add an item here, the deserialization process will break 
+     * because it is used for serialized state like "jenkins.install.InstallState$4" 
+     * before the change from anonymous class to named class. If you need to add a new InstallState, you can just add a new inner named class but nothing to change in this list.
+     * 
      * @see #readResolve
      */
     @Deprecated
@@ -92,7 +99,7 @@ public class InstallState implements ExtensionPoint {
             super("INITIAL_SETUP_COMPLETED", true);
         }
         public void initializeState() {
-            Jenkins j = Jenkins.getInstance();
+            Jenkins j = Jenkins.get();
             try {
                 j.getSetupWizard().completeSetup();
             } catch (Exception e) {
@@ -100,7 +107,7 @@ public class InstallState implements ExtensionPoint {
             }
             j.setInstallState(RUNNING);
         }
-    };
+    }
     
     /**
      * Creating an admin user for an initial Jenkins install.
@@ -112,14 +119,29 @@ public class InstallState implements ExtensionPoint {
             super("CREATE_ADMIN_USER", false);
         }
         public void initializeState() {
-            Jenkins j = Jenkins.getInstance();
+            Jenkins j = Jenkins.get();
             // Skip this state if not using the security defaults
             // e.g. in an init script set up security already
             if (!j.getSetupWizard().isUsingSecurityDefaults()) {
                 InstallUtil.proceedToNextStateFrom(this);
             }
         }
-    };
+    }
+    
+    @Extension
+    public static final InstallState CONFIGURE_INSTANCE = new ConfigureInstance();
+    private static final class ConfigureInstance extends InstallState {
+        ConfigureInstance() {
+            super("CONFIGURE_INSTANCE", false);
+        }
+        public void initializeState() {
+            // Skip this state if a boot script already configured the root URL
+            // in case we add more fields in this page, this should be adapted
+            if (StringUtils.isNotBlank(JenkinsLocationConfiguration.getOrDie().getUrl())) {
+                InstallUtil.proceedToNextStateFrom(this);
+            }
+        }
+    }
     
     /**
      * New Jenkins install. The user has kicked off the process of installing an
@@ -139,14 +161,14 @@ public class InstallState implements ExtensionPoint {
         }
         public void initializeState() {
             try {
-                Jenkins.getInstance().getSetupWizard().init(true);
+                Jenkins.get().getSetupWizard().init(true);
             } catch (Exception e) {
                 throw new RuntimeException(e);
             }
 
             InstallUtil.proceedToNextStateFrom(INITIAL_SECURITY_SETUP);
         }
-    };
+    }
     
     /**
      * New Jenkins install.
@@ -166,7 +188,7 @@ public class InstallState implements ExtensionPoint {
         public void initializeState() {
             InstallUtil.saveLastExecVersion();
         }
-    };
+    }
     
     /**
      * Upgrade of an existing Jenkins install.
@@ -186,7 +208,7 @@ public class InstallState implements ExtensionPoint {
         public void initializeState() {
             InstallUtil.saveLastExecVersion();
         }
-    };
+    }
     
     private static final Logger LOGGER = Logger.getLogger(InstallState.class.getName());
     
@@ -202,6 +224,10 @@ public class InstallState implements ExtensionPoint {
     public static final InstallState DEVELOPMENT = new InstallState("DEVELOPMENT", true);
 
     private final transient boolean isSetupComplete;
+
+    /**
+     * Link with the pluginSetupWizardGui.js map: "statsHandlers"
+     */
     private final String name;
 
     public InstallState(@Nonnull String name, boolean isSetupComplete) {
diff --git a/core/src/main/java/jenkins/install/InstallUtil.java b/core/src/main/java/jenkins/install/InstallUtil.java
index 48b8d33ab6..7552f9fa35 100644
--- a/core/src/main/java/jenkins/install/InstallUtil.java
+++ b/core/src/main/java/jenkins/install/InstallUtil.java
@@ -101,37 +101,30 @@ public class InstallUtil {
     /**
      * Returns the next state during a transition from the current install state
      */
-    /*package*/ static InstallState getNextInstallState(final InstallState current) {
+    /*package*/ static InstallState getNextInstallState(InstallState current) {
         List<Function<Provider<InstallState>,InstallState>> installStateFilterChain = new ArrayList<>();
-        for (final InstallStateFilter setupExtension : InstallStateFilter.all()) {
-            installStateFilterChain.add(new Function<Provider<InstallState>, InstallState>() {
-                @Override
-                public InstallState apply(Provider<InstallState> next) {
-                    return setupExtension.getNextInstallState(current, next);
-                }
-            });
+        for (InstallStateFilter setupExtension : InstallStateFilter.all()) {
+            installStateFilterChain.add(next -> setupExtension.getNextInstallState(current, next));
         }
         // Terminal condition: getNextState() on the current install state
-        installStateFilterChain.add(new Function<Provider<InstallState>, InstallState>() {
-            @Override
-            public InstallState apply(Provider<InstallState> input) {
-                // Initially, install state is unknown and 
-                // needs to be determined
-                if (current == null || InstallState.UNKNOWN.equals(current)) {
-                    return getDefaultInstallState();
-                }
-                final Map<InstallState, InstallState> states = new HashMap<InstallState, InstallState>();
-                {
-                    states.put(InstallState.CREATE_ADMIN_USER, InstallState.INITIAL_SETUP_COMPLETED);
-                    states.put(InstallState.INITIAL_PLUGINS_INSTALLING, InstallState.CREATE_ADMIN_USER);
-                    states.put(InstallState.INITIAL_SECURITY_SETUP, InstallState.NEW);
-                    states.put(InstallState.RESTART, InstallState.RUNNING);
-                    states.put(InstallState.UPGRADE, InstallState.INITIAL_SETUP_COMPLETED);
-                    states.put(InstallState.DOWNGRADE, InstallState.INITIAL_SETUP_COMPLETED);
-                    states.put(InstallState.INITIAL_SETUP_COMPLETED, InstallState.RUNNING);
-                }
-                return states.get(current);
+        installStateFilterChain.add(input -> {
+            // Initially, install state is unknown and 
+            // needs to be determined
+            if (current == null || InstallState.UNKNOWN.equals(current)) {
+                return getDefaultInstallState();
+            }
+            Map<InstallState, InstallState> states = new HashMap<>();
+            {
+                states.put(InstallState.CONFIGURE_INSTANCE, InstallState.INITIAL_SETUP_COMPLETED);
+                states.put(InstallState.CREATE_ADMIN_USER, InstallState.CONFIGURE_INSTANCE);
+                states.put(InstallState.INITIAL_PLUGINS_INSTALLING, InstallState.CREATE_ADMIN_USER);
+                states.put(InstallState.INITIAL_SECURITY_SETUP, InstallState.NEW);
+                states.put(InstallState.RESTART, InstallState.RUNNING);
+                states.put(InstallState.UPGRADE, InstallState.INITIAL_SETUP_COMPLETED);
+                states.put(InstallState.DOWNGRADE, InstallState.INITIAL_SETUP_COMPLETED);
+                states.put(InstallState.INITIAL_SETUP_COMPLETED, InstallState.RUNNING);
             }
+            return states.get(current);
         });
         
         ProviderChain<InstallState> chain = new ProviderChain<>(installStateFilterChain.iterator());
diff --git a/core/src/main/java/jenkins/install/SetupWizard.java b/core/src/main/java/jenkins/install/SetupWizard.java
index e36fd1808b..b9cd417e83 100644
--- a/core/src/main/java/jenkins/install/SetupWizard.java
+++ b/core/src/main/java/jenkins/install/SetupWizard.java
@@ -4,7 +4,9 @@ import static org.apache.commons.io.FileUtils.readFileToString;
 import static org.apache.commons.lang.StringUtils.defaultIfBlank;
 
 import java.io.IOException;
+import java.util.HashMap;
 import java.util.Locale;
+import java.util.Map;
 import java.util.UUID;
 import java.util.logging.Level;
 import java.util.logging.Logger;
@@ -20,7 +22,9 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletRequestWrapper;
 import javax.servlet.http.HttpServletResponse;
 
+import jenkins.model.JenkinsLocationConfiguration;
 import jenkins.util.SystemProperties;
+import jenkins.util.UrlHelper;
 import org.acegisecurity.Authentication;
 import org.acegisecurity.context.SecurityContextHolder;
 import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
@@ -28,6 +32,7 @@ import org.acegisecurity.userdetails.UsernameNotFoundException;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 import org.kohsuke.stapler.HttpResponse;
+import org.kohsuke.stapler.QueryParameter;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.StaplerResponse;
 
@@ -92,7 +97,7 @@ public class SetupWizard extends PageDecorator {
      * Initialize the setup wizard, this will process any current state initializations
      */
     /*package*/ void init(boolean newInstall) throws IOException, InterruptedException {
-        Jenkins jenkins = Jenkins.getInstance();
+        Jenkins jenkins = Jenkins.get();
         
         if(newInstall) {
             // this was determined to be a new install, don't run the update wizard here
@@ -196,14 +201,14 @@ public class SetupWizard extends PageDecorator {
             throw new RuntimeException("Unable to remove PluginServletFilter for the SetupWizard", e);
         }
     }
-
+ 
     /**
      * Indicates a generated password should be used - e.g. this is a new install, no security realm set up
      */
     @SuppressWarnings("unused") // used by jelly
     public boolean isUsingSecurityToken() {
         try {
-            return !Jenkins.getInstance().getInstallState().isSetupComplete()
+            return !Jenkins.get().getInstallState().isSetupComplete()
                     && isUsingSecurityDefaults();
         } catch (Exception e) {
             // ignore
@@ -217,7 +222,7 @@ public class SetupWizard extends PageDecorator {
      * Other settings are irrelevant.
      */
     /*package*/ boolean isUsingSecurityDefaults() {
-        Jenkins j = Jenkins.getInstance();
+        Jenkins j = Jenkins.get();
         if (j.getSecurityRealm() instanceof HudsonPrivateSecurityRealm) {
             HudsonPrivateSecurityRealm securityRealm = (HudsonPrivateSecurityRealm)j.getSecurityRealm();
             try {
@@ -244,6 +249,7 @@ public class SetupWizard extends PageDecorator {
     @Restricted(NoExternalUse.class)
     public HttpResponse doCreateAdminUser(StaplerRequest req, StaplerResponse rsp) throws IOException {
         Jenkins j = Jenkins.getInstance();
+
         j.checkPermission(Jenkins.ADMINISTER);
 
         // This will be set up by default. if not, something changed, ok to fail
@@ -293,6 +299,51 @@ public class SetupWizard extends PageDecorator {
             }
         }
     }
+    
+    @RequirePOST
+    @Restricted(NoExternalUse.class)
+    public HttpResponse doConfigureInstance(StaplerRequest req, @QueryParameter String rootUrl) {
+        Jenkins.get().checkPermission(Jenkins.ADMINISTER);
+        
+        Map<String, String> errors = new HashMap<>();
+        // pre-check data
+        checkRootUrl(errors, rootUrl);
+        
+        if(!errors.isEmpty()){
+            return HttpResponses.errorJSON(Messages.SetupWizard_ConfigureInstance_ValidationErrors(), errors);
+        }
+        
+        // use the parameters to configure the instance
+        useRootUrl(errors, rootUrl);
+        
+        if(!errors.isEmpty()){
+            return HttpResponses.errorJSON(Messages.SetupWizard_ConfigureInstance_ValidationErrors(), errors);
+        }
+        
+        InstallUtil.proceedToNextStateFrom(InstallState.CONFIGURE_INSTANCE);
+
+        CrumbIssuer crumbIssuer = Jenkins.get().getCrumbIssuer();
+        JSONObject data = new JSONObject();
+        if (crumbIssuer != null) {
+            data.accumulate("crumbRequestField", crumbIssuer.getCrumbRequestField()).accumulate("crumb", crumbIssuer.getCrumb(req));
+        }
+        return HttpResponses.okJSON(data);
+    }
+    
+    private void checkRootUrl(Map<String, String> errors, @CheckForNull String rootUrl){
+        if(rootUrl == null){
+            errors.put("rootUrl", Messages.SetupWizard_ConfigureInstance_RootUrl_Empty());
+            return;
+        }
+        if(!UrlHelper.isValidRootUrl(rootUrl)){
+            errors.put("rootUrl", Messages.SetupWizard_ConfigureInstance_RootUrl_Invalid());
+        }
+    }
+    
+    private void useRootUrl(Map<String, String> errors, @CheckForNull String rootUrl){
+        LOGGER.log(Level.FINE, "Root URL set during SetupWizard to {0}", new Object[]{ rootUrl });
+        JenkinsLocationConfiguration.getOrDie().setUrl(rootUrl);
+    }
 
     /*package*/ void setCurrentLevel(VersionNumber v) throws IOException {
         FileUtils.writeStringToFile(getUpdateStateFile(), v.toString());
@@ -304,7 +355,7 @@ public class SetupWizard extends PageDecorator {
      * This file records the version number that the installation has upgraded to.
      */
     /*package*/ static File getUpdateStateFile() {
-        return new File(Jenkins.getInstance().getRootDir(),"jenkins.install.UpgradeWizard.state");
+        return new File(Jenkins.get().getRootDir(),"jenkins.install.UpgradeWizard.state");
     }
     
     /**
@@ -333,9 +384,9 @@ public class SetupWizard extends PageDecorator {
      */
     @Restricted(DoNotUse.class) // WebOnly
     public HttpResponse doPlatformPluginList() throws IOException {
-        jenkins.install.SetupWizard setupWizard = Jenkins.getInstance().getSetupWizard();
+        SetupWizard setupWizard = Jenkins.get().getSetupWizard();
         if (setupWizard != null) {
-            if (InstallState.UPGRADE.equals(Jenkins.getInstance().getInstallState())) {
+            if (InstallState.UPGRADE.equals(Jenkins.get().getInstallState())) {
                 JSONArray initialPluginData = getPlatformPluginUpdates();
                 if(initialPluginData != null) {
                     return HttpResponses.okJSON(initialPluginData);
@@ -357,7 +408,7 @@ public class SetupWizard extends PageDecorator {
     @Restricted(DoNotUse.class) // WebOnly
     public HttpResponse doRestartStatus() throws IOException {
         JSONObject response = new JSONObject();
-        Jenkins jenkins = Jenkins.getInstance();
+        Jenkins jenkins = Jenkins.get();
         response.put("restartRequired", jenkins.getUpdateCenter().isRestartRequiredForCompletion());
         response.put("restartSupported", jenkins.getLifecycle().canRestart());
         return HttpResponses.okJSON(response);
@@ -383,9 +434,9 @@ public class SetupWizard extends PageDecorator {
      */
     @CheckForNull
     /*package*/ JSONArray getPlatformPluginList() {
-        Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
+        Jenkins.get().checkPermission(Jenkins.ADMINISTER);
         JSONArray initialPluginList = null;
-        updateSiteList: for (UpdateSite updateSite : Jenkins.getInstance().getUpdateCenter().getSiteList()) {
+        updateSiteList: for (UpdateSite updateSite : Jenkins.get().getUpdateCenter().getSiteList()) {
             String updateCenterJsonUrl = updateSite.getUrl();
             String suggestedPluginUrl = updateCenterJsonUrl.replace("/update-center.json", "/platform-plugins.json");
             try {
@@ -429,7 +480,7 @@ public class SetupWizard extends PageDecorator {
      * Get the platform plugins added in the version range
      */
     /*package*/ JSONArray getPlatformPluginsForUpdate(VersionNumber from, VersionNumber to) {
-        Jenkins jenkins = Jenkins.getInstance();
+        Jenkins jenkins = Jenkins.get();
         JSONArray pluginCategories = JSONArray.fromObject(getPlatformPluginList().toString());
         for (Iterator<?> categoryIterator = pluginCategories.iterator(); categoryIterator.hasNext();) {
             Object category = categoryIterator.next();
@@ -486,7 +537,7 @@ public class SetupWizard extends PageDecorator {
      * Gets the file used to store the initial admin password
      */
     public FilePath getInitialAdminPasswordFile() {
-        return Jenkins.getInstance().getRootPath().child("secrets/initialAdminPassword");
+        return Jenkins.get().getRootPath().child("secrets/initialAdminPassword");
     }
 
     /**
@@ -499,7 +550,7 @@ public class SetupWizard extends PageDecorator {
     }
     
     /*package*/ void completeSetup() throws IOException, ServletException {
-        Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
+        Jenkins.get().checkPermission(Jenkins.ADMINISTER);
         InstallUtil.saveLastExecVersion();
         setCurrentLevel(Jenkins.getVersion());
         InstallUtil.proceedToNextStateFrom(InstallState.INITIAL_SETUP_COMPLETED);
@@ -561,7 +612,7 @@ public class SetupWizard extends PageDecorator {
                     ((HttpServletResponse) response).sendRedirect(req.getContextPath() + "/");
                     return;
                 } else if (req.getRequestURI().equals(req.getContextPath() + "/")) {
-                    Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
+                    Jenkins.get().checkPermission(Jenkins.ADMINISTER);
                     chain.doFilter(new HttpServletRequestWrapper(req) {
                         public String getRequestURI() {
                             return getContextPath() + "/setupWizard/";
@@ -583,7 +634,7 @@ public class SetupWizard extends PageDecorator {
      * Sets up the Setup Wizard filter if the current state requires it.
      */
     private void checkFilter() {
-        if (!Jenkins.getInstance().getInstallState().isSetupComplete()) {
+        if (!Jenkins.get().getInstallState().isSetupComplete()) {
             setUpFilter();
         }
     }
diff --git a/core/src/main/java/jenkins/model/JenkinsLocationConfiguration.java b/core/src/main/java/jenkins/model/JenkinsLocationConfiguration.java
index b7390ad3d3..9f15cd918e 100644
--- a/core/src/main/java/jenkins/model/JenkinsLocationConfiguration.java
+++ b/core/src/main/java/jenkins/model/JenkinsLocationConfiguration.java
@@ -6,6 +6,8 @@ import hudson.XmlFile;
 import hudson.util.FormValidation;
 import hudson.util.XStream2;
 import org.jenkinsci.Symbol;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
 import org.kohsuke.stapler.QueryParameter;
 
 import javax.mail.internet.AddressException;
@@ -50,6 +52,18 @@ public class JenkinsLocationConfiguration extends GlobalConfiguration {
     public static @CheckForNull JenkinsLocationConfiguration get() {
         return GlobalConfiguration.all().get(JenkinsLocationConfiguration.class);
     }
+    
+    /**
+     * Gets local configuration. For explanation when it could die, see {@link #get()}
+     */
+    @Restricted(NoExternalUse.class)
+    public static @Nonnull JenkinsLocationConfiguration getOrDie(){
+        JenkinsLocationConfiguration config = JenkinsLocationConfiguration.get();
+        if (config == null) {
+            throw new IllegalStateException("JenkinsLocationConfiguration instance is missing. Probably the Jenkins instance is not fully loaded at this time.");
+        }
+        return config;
+    }
 
     public JenkinsLocationConfiguration() {
         load();
@@ -63,7 +77,7 @@ public class JenkinsLocationConfiguration extends GlobalConfiguration {
         if(!file.exists()) {
             XStream2 xs = new XStream2();
             xs.addCompatibilityAlias("hudson.tasks.Mailer$DescriptorImpl",JenkinsLocationConfiguration.class);
-            file = new XmlFile(xs,new File(Jenkins.getInstance().getRootDir(),"hudson.tasks.Mailer.xml"));
+            file = new XmlFile(xs,new File(Jenkins.get().getRootDir(),"hudson.tasks.Mailer.xml"));
             if (file.exists()) {
                 try {
                     file.unmarshal(this);
@@ -125,7 +139,7 @@ public class JenkinsLocationConfiguration extends GlobalConfiguration {
      */
     private void updateSecureSessionFlag() {
         try {
-            ServletContext context = Jenkins.getInstance().servletContext;
+            ServletContext context = Jenkins.get().servletContext;
             Method m;
             try {
                 m = context.getClass().getMethod("getSessionCookieConfig");
diff --git a/core/src/main/java/jenkins/org/apache/commons/validator/routines/DomainValidator.java b/core/src/main/java/jenkins/org/apache/commons/validator/routines/DomainValidator.java
new file mode 100644
index 0000000000..bd3a8da924
--- /dev/null
+++ b/core/src/main/java/jenkins/org/apache/commons/validator/routines/DomainValidator.java
@@ -0,0 +1,2072 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/* Copied from commons-validator:commons-validator:1.6, with [PATCH] modifications */
+package jenkins.org.apache.commons.validator.routines;
+
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+
+import java.io.Serializable;
+import java.net.IDN;
+import java.util.Arrays;
+import java.util.Locale;
+
+/**
+ * <p><b>Domain name</b> validation routines.</p>
+ *
+ * <p>
+ * This validator provides methods for validating Internet domain names
+ * and top-level domains.
+ * </p>
+ *
+ * <p>Domain names are evaluated according
+ * to the standards <a href="http://www.ietf.org/rfc/rfc1034.txt">RFC1034</a>,
+ * section 3, and <a href="http://www.ietf.org/rfc/rfc1123.txt">RFC1123</a>,
+ * section 2.1. No accommodation is provided for the specialized needs of
+ * other applications; if the domain name has been URL-encoded, for example,
+ * validation will fail even though the equivalent plaintext version of the
+ * same name would have passed.
+ * </p>
+ *
+ * <p>
+ * Validation is also provided for top-level domains (TLDs) as defined and
+ * maintained by the Internet Assigned Numbers Authority (IANA):
+ * </p>
+ *
+ *   <ul>
+ *     <li>{@link #isValidInfrastructureTld} - validates infrastructure TLDs
+ *         (<code>.arpa</code>, etc.)</li>
+ *     <li>{@link #isValidGenericTld} - validates generic TLDs
+ *         (<code>.com, .org</code>, etc.)</li>
+ *     <li>{@link #isValidCountryCodeTld} - validates country code TLDs
+ *         (<code>.us, .uk, .cn</code>, etc.)</li>
+ *   </ul>
+ *
+ * <p>
+ * (<b>NOTE</b>: This class does not provide IP address lookup for domain names or
+ * methods to ensure that a given domain name matches a specific IP; see
+ * {@link java.net.InetAddress} for that functionality.)
+ * </p>
+ *
+ * @version $Revision: 1781829 $
+ * @since Validator 1.4
+ */
+//[PATCH]
+@Restricted(NoExternalUse.class)
+// end of [PATCH]
+public class DomainValidator implements Serializable {
+    
+    private static final int MAX_DOMAIN_LENGTH = 253;
+    
+    private static final String[] EMPTY_STRING_ARRAY = new String[0];
+    
+    private static final long serialVersionUID = -4407125112880174009L;
+    
+    // Regular expression strings for hostnames (derived from RFC2396 and RFC 1123)
+    
+    // RFC2396: domainlabel   = alphanum | alphanum *( alphanum | "-" ) alphanum
+    // Max 63 characters
+    private static final String DOMAIN_LABEL_REGEX = "\\p{Alnum}(?>[\\p{Alnum}-]{0,61}\\p{Alnum})?";
+    
+    // RFC2396 toplabel = alpha | alpha *( alphanum | "-" ) alphanum
+    // Max 63 characters
+    private static final String TOP_LABEL_REGEX = "\\p{Alpha}(?>[\\p{Alnum}-]{0,61}\\p{Alnum})?";
+    
+    // RFC2396 hostname = *( domainlabel "." ) toplabel [ "." ]
+    // Note that the regex currently requires both a domain label and a top level label, whereas
+    // the RFC does not. This is because the regex is used to detect if a TLD is present.
+    // If the match fails, input is checked against DOMAIN_LABEL_REGEX (hostnameRegex)
+    // RFC1123 sec 2.1 allows hostnames to start with a digit
+    private static final String DOMAIN_NAME_REGEX =
+            "^(?:" + DOMAIN_LABEL_REGEX + "\\.)+" + "(" + TOP_LABEL_REGEX + ")\\.?$";
+    
+    private final boolean allowLocal;
+    
+    /**
+     * Singleton instance of this validator, which
+     *  doesn't consider local addresses as valid.
+     */
+    private static final DomainValidator DOMAIN_VALIDATOR = new DomainValidator(false);
+    
+    /**
+     * Singleton instance of this validator, which does
+     *  consider local addresses valid.
+     */
+    private static final DomainValidator DOMAIN_VALIDATOR_WITH_LOCAL = new DomainValidator(true);
+    
+    /**
+     * RegexValidator for matching domains.
+     */
+    private final RegexValidator domainRegex =
+            new RegexValidator(DOMAIN_NAME_REGEX);
+    /**
+     * RegexValidator for matching a local hostname
+     */
+    // RFC1123 sec 2.1 allows hostnames to start with a digit
+    private final RegexValidator hostnameRegex =
+            new RegexValidator(DOMAIN_LABEL_REGEX);
+    
+    /**
+     * Returns the singleton instance of this validator. It
+     *  will not consider local addresses as valid.
+     * @return the singleton instance of this validator
+     */
+    public static synchronized DomainValidator getInstance() {
+        inUse = true;
+        return DOMAIN_VALIDATOR;
+    }
+    
+    /**
+     * Returns the singleton instance of this validator,
+     *  with local validation as required.
+     * @param allowLocal Should local addresses be considered valid?
+     * @return the singleton instance of this validator
+     */
+    public static synchronized DomainValidator getInstance(boolean allowLocal) {
+        inUse = true;
+        if(allowLocal) {
+            return DOMAIN_VALIDATOR_WITH_LOCAL;
+        }
+        return DOMAIN_VALIDATOR;
+    }
+    
+    /** Private constructor. */
+    private DomainValidator(boolean allowLocal) {
+        this.allowLocal = allowLocal;
+    }
+    
+    /**
+     * Returns true if the specified <code>String</code> parses
+     * as a valid domain name with a recognized top-level domain.
+     * The parsing is case-insensitive.
+     * @param domain the parameter to check for domain name syntax
+     * @return true if the parameter is a valid domain name
+     */
+    public boolean isValid(String domain) {
+        if (domain == null) {
+            return false;
+        }
+        domain = unicodeToASCII(domain);
+        // hosts must be equally reachable via punycode and Unicode;
+        // Unicode is never shorter than punycode, so check punycode
+        // if domain did not convert, then it will be caught by ASCII
+        // checks in the regexes below
+        if (domain.length() > MAX_DOMAIN_LENGTH) {
+            return false;
+        }
+        String[] groups = domainRegex.match(domain);
+        if (groups != null && groups.length > 0) {
+            return isValidTld(groups[0]);
+        }
+        return allowLocal && hostnameRegex.isValid(domain);
+    }
+    
+    // package protected for unit test access
+    // must agree with isValidRootUrl() above
+    final boolean isValidDomainSyntax(String domain) {
+        if (domain == null) {
+            return false;
+        }
+        domain = unicodeToASCII(domain);
+        // hosts must be equally reachable via punycode and Unicode;
+        // Unicode is never shorter than punycode, so check punycode
+        // if domain did not convert, then it will be caught by ASCII
+        // checks in the regexes below
+        if (domain.length() > MAX_DOMAIN_LENGTH) {
+            return false;
+        }
+        String[] groups = domainRegex.match(domain);
+        return (groups != null && groups.length > 0)
+                || hostnameRegex.isValid(domain);
+    }
+    
+    /**
+     * Returns true if the specified <code>String</code> matches any
+     * IANA-defined top-level domain. Leading dots are ignored if present.
+     * The search is case-insensitive.
+     * @param tld the parameter to check for TLD status, not null
+     * @return true if the parameter is a TLD
+     */
+    public boolean isValidTld(String tld) {
+        tld = unicodeToASCII(tld);
+        if(allowLocal && isValidLocalTld(tld)) {
+            return true;
+        }
+        return isValidInfrastructureTld(tld)
+                || isValidGenericTld(tld)
+                || isValidCountryCodeTld(tld);
+    }
+    
+    /**
+     * Returns true if the specified <code>String</code> matches any
+     * IANA-defined infrastructure top-level domain. Leading dots are
+     * ignored if present. The search is case-insensitive.
+     * @param iTld the parameter to check for infrastructure TLD status, not null
+     * @return true if the parameter is an infrastructure TLD
+     */
+    public boolean isValidInfrastructureTld(String iTld) {
+        final String key = chompLeadingDot(unicodeToASCII(iTld).toLowerCase(Locale.ENGLISH));
+        return arrayContains(INFRASTRUCTURE_TLDS, key);
+    }
+    
+    /**
+     * Returns true if the specified <code>String</code> matches any
+     * IANA-defined generic top-level domain. Leading dots are ignored
+     * if present. The search is case-insensitive.
+     * @param gTld the parameter to check for generic TLD status, not null
+     * @return true if the parameter is a generic TLD
+     */
+    public boolean isValidGenericTld(String gTld) {
+        final String key = chompLeadingDot(unicodeToASCII(gTld).toLowerCase(Locale.ENGLISH));
+        return (arrayContains(GENERIC_TLDS, key) || arrayContains(genericTLDsPlus, key))
+                && !arrayContains(genericTLDsMinus, key);
+    }
+    
+    /**
+     * Returns true if the specified <code>String</code> matches any
+     * IANA-defined country code top-level domain. Leading dots are
+     * ignored if present. The search is case-insensitive.
+     * @param ccTld the parameter to check for country code TLD status, not null
+     * @return true if the parameter is a country code TLD
+     */
+    public boolean isValidCountryCodeTld(String ccTld) {
+        final String key = chompLeadingDot(unicodeToASCII(ccTld).toLowerCase(Locale.ENGLISH));
+        return (arrayContains(COUNTRY_CODE_TLDS, key) || arrayContains(countryCodeTLDsPlus, key))
+                && !arrayContains(countryCodeTLDsMinus, key);
+    }
+    
+    /**
+     * Returns true if the specified <code>String</code> matches any
+     * widely used "local" domains (localhost or localdomain). Leading dots are
+     * ignored if present. The search is case-insensitive.
+     * @param lTld the parameter to check for local TLD status, not null
+     * @return true if the parameter is an local TLD
+     */
+    public boolean isValidLocalTld(String lTld) {
+        final String key = chompLeadingDot(unicodeToASCII(lTld).toLowerCase(Locale.ENGLISH));
+        return arrayContains(LOCAL_TLDS, key);
+    }
+    
+    private String chompLeadingDot(String str) {
+        if (str.startsWith(".")) {
+            return str.substring(1);
+        }
+        return str;
+    }
+    
+    // ---------------------------------------------
+    // ----- TLDs defined by IANA
+    // ----- Authoritative and comprehensive list at:
+    // ----- http://data.iana.org/TLD/tlds-alpha-by-domain.txt
+    
+    // Note that the above list is in UPPER case.
+    // The code currently converts strings to lower case (as per the tables below)
+    
+    // IANA also provide an HTML list at http://www.iana.org/domains/root/db
+    // Note that this contains several country code entries which are NOT in
+    // the text file. These all have the "Not assigned" in the "Sponsoring Organisation" column
+    // For example (as of 2015-01-02):
+    // .bl  country-code    Not assigned
+    // .um  country-code    Not assigned
+    
+    // WARNING: this array MUST be sorted, otherwise it cannot be searched reliably using binary search
+    private static final String[] INFRASTRUCTURE_TLDS = new String[] {
+            "arpa",               // internet infrastructure
+    };
+    
+    // WARNING: this array MUST be sorted, otherwise it cannot be searched reliably using binary search
+    private static final String[] GENERIC_TLDS = new String[] {
+            // Taken from Version 2017020400, Last Updated Sat Feb  4 07:07:01 2017 UTC
+            "aaa", // aaa American Automobile Association, Inc.
+            "aarp", // aarp AARP
+            "abarth", // abarth Fiat Chrysler Automobiles N.V.
+            "abb", // abb ABB Ltd
+            "abbott", // abbott Abbott Laboratories, Inc.
+            "abbvie", // abbvie AbbVie Inc.
+            "abc", // abc Disney Enterprises, Inc.
+            "able", // able Able Inc.
+            "abogado", // abogado Top Level Domain Holdings Limited
+            "abudhabi", // abudhabi Abu Dhabi Systems and Information Centre
+            "academy", // academy Half Oaks, LLC
+            "accenture", // accenture Accenture plc
+            "accountant", // accountant dot Accountant Limited
+            "accountants", // accountants Knob Town, LLC
+            "aco", // aco ACO Severin Ahlmann GmbH &amp; Co. KG
+            "active", // active The Active Network, Inc
+            "actor", // actor United TLD Holdco Ltd.
+            "adac", // adac Allgemeiner Deutscher Automobil-Club e.V. (ADAC)
+            "ads", // ads Charleston Road Registry Inc.
+            "adult", // adult ICM Registry AD LLC
+            "aeg", // aeg Aktiebolaget Electrolux
+            "aero", // aero Societe Internationale de Telecommunications Aeronautique (SITA INC USA)
+            "aetna", // aetna Aetna Life Insurance Company
+            "afamilycompany", // afamilycompany Johnson Shareholdings, Inc.
+            "afl", // afl Australian Football League
+            "agakhan", // agakhan Fondation Aga Khan (Aga Khan Foundation)
+            "agency", // agency Steel Falls, LLC
+            "aig", // aig American International Group, Inc.
+            "aigo", // aigo aigo Digital Technology Co,Ltd.
+            "airbus", // airbus Airbus S.A.S.
+            "airforce", // airforce United TLD Holdco Ltd.
+            "airtel", // airtel Bharti Airtel Limited
+            "akdn", // akdn Fondation Aga Khan (Aga Khan Foundation)
+            "alfaromeo", // alfaromeo Fiat Chrysler Automobiles N.V.
+            "alibaba", // alibaba Alibaba Group Holding Limited
+            "alipay", // alipay Alibaba Group Holding Limited
+            "allfinanz", // allfinanz Allfinanz Deutsche Vermögensberatung Aktiengesellschaft
+            "allstate", // allstate Allstate Fire and Casualty Insurance Company
+            "ally", // ally Ally Financial Inc.
+            "alsace", // alsace REGION D ALSACE
+            "alstom", // alstom ALSTOM
+            "americanexpress", // americanexpress American Express Travel Related Services Company, Inc.
+            "americanfamily", // americanfamily AmFam, Inc.
+            "amex", // amex American Express Travel Related Services Company, Inc.
+            "amfam", // amfam AmFam, Inc.
+            "amica", // amica Amica Mutual Insurance Company
+            "amsterdam", // amsterdam Gemeente Amsterdam
+            "analytics", // analytics Campus IP LLC
+            "android", // android Charleston Road Registry Inc.
+            "anquan", // anquan QIHOO 360 TECHNOLOGY CO. LTD.
+            "anz", // anz Australia and New Zealand Banking Group Limited
+            "aol", // aol AOL Inc.
+            "apartments", // apartments June Maple, LLC
+            "app", // app Charleston Road Registry Inc.
+            "apple", // apple Apple Inc.
+            "aquarelle", // aquarelle Aquarelle.com
+            "aramco", // aramco Aramco Services Company
+            "archi", // archi STARTING DOT LIMITED
+            "army", // army United TLD Holdco Ltd.
+            "art", // art UK Creative Ideas Limited
+            "arte", // arte Association Relative à la Télévision Européenne G.E.I.E.
+            "asda", // asda Wal-Mart Stores, Inc.
+            "asia", // asia DotAsia Organisation Ltd.
+            "associates", // associates Baxter Hill, LLC
+            "athleta", // athleta The Gap, Inc.
+            "attorney", // attorney United TLD Holdco, Ltd
+            "auction", // auction United TLD HoldCo, Ltd.
+            "audi", // audi AUDI Aktiengesellschaft
+            "audible", // audible Amazon Registry Services, Inc.
+            "audio", // audio Uniregistry, Corp.
+            "auspost", // auspost Australian Postal Corporation
+            "author", // author Amazon Registry Services, Inc.
+            "auto", // auto Uniregistry, Corp.
+            "autos", // autos DERAutos, LLC
+            "avianca", // avianca Aerovias del Continente Americano S.A. Avianca
+            "aws", // aws Amazon Registry Services, Inc.
+            "axa", // axa AXA SA
+            "azure", // azure Microsoft Corporation
+            "baby", // baby Johnson &amp; Johnson Services, Inc.
+            "baidu", // baidu Baidu, Inc.
+            "banamex", // banamex Citigroup Inc.
+            "bananarepublic", // bananarepublic The Gap, Inc.
+            "band", // band United TLD Holdco, Ltd
+            "bank", // bank fTLD Registry Services, LLC
+            "bar", // bar Punto 2012 Sociedad Anonima Promotora de Inversion de Capital Variable
+            "barcelona", // barcelona Municipi de Barcelona
+            "barclaycard", // barclaycard Barclays Bank PLC
+            "barclays", // barclays Barclays Bank PLC
+            "barefoot", // barefoot Gallo Vineyards, Inc.
+            "bargains", // bargains Half Hallow, LLC
+            "baseball", // baseball MLB Advanced Media DH, LLC
+            "basketball", // basketball Fédération Internationale de Basketball (FIBA)
+            "bauhaus", // bauhaus Werkhaus GmbH
+            "bayern", // bayern Bayern Connect GmbH
+            "bbc", // bbc British Broadcasting Corporation
+            "bbt", // bbt BB&amp;T Corporation
+            "bbva", // bbva BANCO BILBAO VIZCAYA ARGENTARIA, S.A.
+            "bcg", // bcg The Boston Consulting Group, Inc.
+            "bcn", // bcn Municipi de Barcelona
+            "beats", // beats Beats Electronics, LLC
+            "beauty", // beauty L&#39;Oréal
+            "beer", // beer Top Level Domain Holdings Limited
+            "bentley", // bentley Bentley Motors Limited
+            "berlin", // berlin dotBERLIN GmbH &amp; Co. KG
+            "best", // best BestTLD Pty Ltd
+            "bestbuy", // bestbuy BBY Solutions, Inc.
+            "bet", // bet Afilias plc
+            "bharti", // bharti Bharti Enterprises (Holding) Private Limited
+            "bible", // bible American Bible Society
+            "bid", // bid dot Bid Limited
+            "bike", // bike Grand Hollow, LLC
+            "bing", // bing Microsoft Corporation
+            "bingo", // bingo Sand Cedar, LLC
+            "bio", // bio STARTING DOT LIMITED
+            "biz", // biz Neustar, Inc.
+            "black", // black Afilias Limited
+            "blackfriday", // blackfriday Uniregistry, Corp.
+            "blanco", // blanco BLANCO GmbH + Co KG
+            "blockbuster", // blockbuster Dish DBS Corporation
+            "blog", // blog Knock Knock WHOIS There, LLC
+            "bloomberg", // bloomberg Bloomberg IP Holdings LLC
+            "blue", // blue Afilias Limited
+            "bms", // bms Bristol-Myers Squibb Company
+            "bmw", // bmw Bayerische Motoren Werke Aktiengesellschaft
+            "bnl", // bnl Banca Nazionale del Lavoro
+            "bnpparibas", // bnpparibas BNP Paribas
+            "boats", // boats DERBoats, LLC
+            "boehringer", // boehringer Boehringer Ingelheim International GmbH
+            "bofa", // bofa NMS Services, Inc.
+            "bom", // bom Núcleo de Informação e Coordenação do Ponto BR - NIC.br
+            "bond", // bond Bond University Limited
+            "boo", // boo Charleston Road Registry Inc.
+            "book", // book Amazon Registry Services, Inc.
+            "booking", // booking Booking.com B.V.
+            "boots", // boots THE BOOTS COMPANY PLC
+            "bosch", // bosch Robert Bosch GMBH
+            "bostik", // bostik Bostik SA
+            "boston", // boston Boston TLD Management, LLC
+            "bot", // bot Amazon Registry Services, Inc.
+            "boutique", // boutique Over Galley, LLC
+            "box", // box NS1 Limited
+            "bradesco", // bradesco Banco Bradesco S.A.
+            "bridgestone", // bridgestone Bridgestone Corporation
+            "broadway", // broadway Celebrate Broadway, Inc.
+            "broker", // broker DOTBROKER REGISTRY LTD
+            "brother", // brother Brother Industries, Ltd.
+            "brussels", // brussels DNS.be vzw
+            "budapest", // budapest Top Level Domain Holdings Limited
+            "bugatti", // bugatti Bugatti International SA
+            "build", // build Plan Bee LLC
+            "builders", // builders Atomic Madison, LLC
+            "business", // business Spring Cross, LLC
+            "buy", // buy Amazon Registry Services, INC
+            "buzz", // buzz DOTSTRATEGY CO.
+            "bzh", // bzh Association www.bzh
+            "cab", // cab Half Sunset, LLC
+            "cafe", // cafe Pioneer Canyon, LLC
+            "cal", // cal Charleston Road Registry Inc.
+            "call", // call Amazon Registry Services, Inc.
+            "calvinklein", // calvinklein PVH gTLD Holdings LLC
+            "cam", // cam AC Webconnecting Holding B.V.
+            "camera", // camera Atomic Maple, LLC
+            "camp", // camp Delta Dynamite, LLC
+            "cancerresearch", // cancerresearch Australian Cancer Research Foundation
+            "canon", // canon Canon Inc.
+            "capetown", // capetown ZA Central Registry NPC trading as ZA Central Registry
+            "capital", // capital Delta Mill, LLC
+            "capitalone", // capitalone Capital One Financial Corporation
+            "car", // car Cars Registry Limited
+            "caravan", // caravan Caravan International, Inc.
+            "cards", // cards Foggy Hollow, LLC
+            "care", // care Goose Cross, LLC
+            "career", // career dotCareer LLC
+            "careers", // careers Wild Corner, LLC
+            "cars", // cars Uniregistry, Corp.
+            "cartier", // cartier Richemont DNS Inc.
+            "casa", // casa Top Level Domain Holdings Limited
+            "case", // case CNH Industrial N.V.
+            "caseih", // caseih CNH Industrial N.V.
+            "cash", // cash Delta Lake, LLC
+            "casino", // casino Binky Sky, LLC
+            "cat", // cat Fundacio puntCAT
+            "catering", // catering New Falls. LLC
+            "catholic", // catholic Pontificium Consilium de Comunicationibus Socialibus (PCCS) (Pontifical Council for Social Communication)
+            "cba", // cba COMMONWEALTH BANK OF AUSTRALIA
+            "cbn", // cbn The Christian Broadcasting Network, Inc.
+            "cbre", // cbre CBRE, Inc.
+            "cbs", // cbs CBS Domains Inc.
+            "ceb", // ceb The Corporate Executive Board Company
+            "center", // center Tin Mill, LLC
+            "ceo", // ceo CEOTLD Pty Ltd
+            "cern", // cern European Organization for Nuclear Research (&quot;CERN&quot;)
+            "cfa", // cfa CFA Institute
+            "cfd", // cfd DOTCFD REGISTRY LTD
+            "chanel", // chanel Chanel International B.V.
+            "channel", // channel Charleston Road Registry Inc.
+            "chase", // chase JPMorgan Chase &amp; Co.
+            "chat", // chat Sand Fields, LLC
+            "cheap", // cheap Sand Cover, LLC
+            "chintai", // chintai CHINTAI Corporation
+            "chloe", // chloe Richemont DNS Inc.
+            "christmas", // christmas Uniregistry, Corp.
+            "chrome", // chrome Charleston Road Registry Inc.
+            "chrysler", // chrysler FCA US LLC.
+            "church", // church Holly Fileds, LLC
+            "cipriani", // cipriani Hotel Cipriani Srl
+            "circle", // circle Amazon Registry Services, Inc.
+            "cisco", // cisco Cisco Technology, Inc.
+            "citadel", // citadel Citadel Domain LLC
+            "citi", // citi Citigroup Inc.
+            "citic", // citic CITIC Group Corporation
+            "city", // city Snow Sky, LLC
+            "cityeats", // cityeats Lifestyle Domain Holdings, Inc.
+            "claims", // claims Black Corner, LLC
+            "cleaning", // cleaning Fox Shadow, LLC
+            "click", // click Uniregistry, Corp.
+            "clinic", // clinic Goose Park, LLC
+            "clinique", // clinique The Estée Lauder Companies Inc.
+            "clothing", // clothing Steel Lake, LLC
+            "cloud", // cloud ARUBA S.p.A.
+            "club", // club .CLUB DOMAINS, LLC
+            "clubmed", // clubmed Club Méditerranée S.A.
+            "coach", // coach Koko Island, LLC
+            "codes", // codes Puff Willow, LLC
+            "coffee", // coffee Trixy Cover, LLC
+            "college", // college XYZ.COM LLC
+            "cologne", // cologne NetCologne Gesellschaft für Telekommunikation mbH
+            "com", // com VeriSign Global Registry Services
+            "comcast", // comcast Comcast IP Holdings I, LLC
+            "commbank", // commbank COMMONWEALTH BANK OF AUSTRALIA
+            "community", // community Fox Orchard, LLC
+            "company", // company Silver Avenue, LLC
+            "compare", // compare iSelect Ltd
+            "computer", // computer Pine Mill, LLC
+            "comsec", // comsec VeriSign, Inc.
+            "condos", // condos Pine House, LLC
+            "construction", // construction Fox Dynamite, LLC
+            "consulting", // consulting United TLD Holdco, LTD.
+            "contact", // contact Top Level Spectrum, Inc.
+            "contractors", // contractors Magic Woods, LLC
+            "cooking", // cooking Top Level Domain Holdings Limited
+            "cookingchannel", // cookingchannel Lifestyle Domain Holdings, Inc.
+            "cool", // cool Koko Lake, LLC
+            "coop", // coop DotCooperation LLC
+            "corsica", // corsica Collectivité Territoriale de Corse
+            "country", // country Top Level Domain Holdings Limited
+            "coupon", // coupon Amazon Registry Services, Inc.
+            "coupons", // coupons Black Island, LLC
+            "courses", // courses OPEN UNIVERSITIES AUSTRALIA PTY LTD
+            "credit", // credit Snow Shadow, LLC
+            "creditcard", // creditcard Binky Frostbite, LLC
+            "creditunion", // creditunion CUNA Performance Resources, LLC
+            "cricket", // cricket dot Cricket Limited
+            "crown", // crown Crown Equipment Corporation
+            "crs", // crs Federated Co-operatives Limited
+            "cruise", // cruise Viking River Cruises (Bermuda) Ltd.
+            "cruises", // cruises Spring Way, LLC
+            "csc", // csc Alliance-One Services, Inc.
+            "cuisinella", // cuisinella SALM S.A.S.
+            "cymru", // cymru Nominet UK
+            "cyou", // cyou Beijing Gamease Age Digital Technology Co., Ltd.
+            "dabur", // dabur Dabur India Limited
+            "dad", // dad Charleston Road Registry Inc.
+            "dance", // dance United TLD Holdco Ltd.
+            "data", // data Dish DBS Corporation
+            "date", // date dot Date Limited
+            "dating", // dating Pine Fest, LLC
+            "datsun", // datsun NISSAN MOTOR CO., LTD.
+            "day", // day Charleston Road Registry Inc.
+            "dclk", // dclk Charleston Road Registry Inc.
+            "dds", // dds Minds + Machines Group Limited
+            "deal", // deal Amazon Registry Services, Inc.
+            "dealer", // dealer Dealer Dot Com, Inc.
+            "deals", // deals Sand Sunset, LLC
+            "degree", // degree United TLD Holdco, Ltd
+            "delivery", // delivery Steel Station, LLC
+            "dell", // dell Dell Inc.
+            "deloitte", // deloitte Deloitte Touche Tohmatsu
+            "delta", // delta Delta Air Lines, Inc.
+            "democrat", // democrat United TLD Holdco Ltd.
+            "dental", // dental Tin Birch, LLC
+            "dentist", // dentist United TLD Holdco, Ltd
+            "desi", // desi Desi Networks LLC
+            "design", // design Top Level Design, LLC
+            "dev", // dev Charleston Road Registry Inc.
+            "dhl", // dhl Deutsche Post AG
+            "diamonds", // diamonds John Edge, LLC
+            "diet", // diet Uniregistry, Corp.
+            "digital", // digital Dash Park, LLC
+            "direct", // direct Half Trail, LLC
+            "directory", // directory Extra Madison, LLC
+            "discount", // discount Holly Hill, LLC
+            "discover", // discover Discover Financial Services
+            "dish", // dish Dish DBS Corporation
+            "diy", // diy Lifestyle Domain Holdings, Inc.
+            "dnp", // dnp Dai Nippon Printing Co., Ltd.
+            "docs", // docs Charleston Road Registry Inc.
+            "doctor", // doctor Brice Trail, LLC
+            "dodge", // dodge FCA US LLC.
+            "dog", // dog Koko Mill, LLC
+            "doha", // doha Communications Regulatory Authority (CRA)
+            "domains", // domains Sugar Cross, LLC
+//            "doosan", // doosan Doosan Corporation (retired)
+            "dot", // dot Dish DBS Corporation
+            "download", // download dot Support Limited
+            "drive", // drive Charleston Road Registry Inc.
+            "dtv", // dtv Dish DBS Corporation
+            "dubai", // dubai Dubai Smart Government Department
+            "duck", // duck Johnson Shareholdings, Inc.
+            "dunlop", // dunlop The Goodyear Tire &amp; Rubber Company
+            "duns", // duns The Dun &amp; Bradstreet Corporation
+            "dupont", // dupont E. I. du Pont de Nemours and Company
+            "durban", // durban ZA Central Registry NPC trading as ZA Central Registry
+            "dvag", // dvag Deutsche Vermögensberatung Aktiengesellschaft DVAG
+            "dvr", // dvr Hughes Satellite Systems Corporation
+            "earth", // earth Interlink Co., Ltd.
+            "eat", // eat Charleston Road Registry Inc.
+            "eco", // eco Big Room Inc.
+            "edeka", // edeka EDEKA Verband kaufmännischer Genossenschaften e.V.
+            "edu", // edu EDUCAUSE
+            "education", // education Brice Way, LLC
+            "email", // email Spring Madison, LLC
+            "emerck", // emerck Merck KGaA
+            "energy", // energy Binky Birch, LLC
+            "engineer", // engineer United TLD Holdco Ltd.
+            "engineering", // engineering Romeo Canyon
+            "enterprises", // enterprises Snow Oaks, LLC
+            "epost", // epost Deutsche Post AG
+            "epson", // epson Seiko Epson Corporation
+            "equipment", // equipment Corn Station, LLC
+            "ericsson", // ericsson Telefonaktiebolaget L M Ericsson
+            "erni", // erni ERNI Group Holding AG
+            "esq", // esq Charleston Road Registry Inc.
+            "estate", // estate Trixy Park, LLC
+            "esurance", // esurance Esurance Insurance Company
+            "eurovision", // eurovision European Broadcasting Union (EBU)
+            "eus", // eus Puntueus Fundazioa
+            "events", // events Pioneer Maple, LLC
+            "everbank", // everbank EverBank
+            "exchange", // exchange Spring Falls, LLC
+            "expert", // expert Magic Pass, LLC
+            "exposed", // exposed Victor Beach, LLC
+            "express", // express Sea Sunset, LLC
+            "extraspace", // extraspace Extra Space Storage LLC
+            "fage", // fage Fage International S.A.
+            "fail", // fail Atomic Pipe, LLC
+            "fairwinds", // fairwinds FairWinds Partners, LLC
+            "faith", // faith dot Faith Limited
+            "family", // family United TLD Holdco Ltd.
+            "fan", // fan Asiamix Digital Ltd
+            "fans", // fans Asiamix Digital Limited
+            "farm", // farm Just Maple, LLC
+            "farmers", // farmers Farmers Insurance Exchange
+            "fashion", // fashion Top Level Domain Holdings Limited
+            "fast", // fast Amazon Registry Services, Inc.
+            "fedex", // fedex Federal Express Corporation
+            "feedback", // feedback Top Level Spectrum, Inc.
+            "ferrari", // ferrari Fiat Chrysler Automobiles N.V.
+            "ferrero", // ferrero Ferrero Trading Lux S.A.
+            "fiat", // fiat Fiat Chrysler Automobiles N.V.
+            "fidelity", // fidelity Fidelity Brokerage Services LLC
+            "fido", // fido Rogers Communications Canada Inc.
+            "film", // film Motion Picture Domain Registry Pty Ltd
+            "final", // final Núcleo de Informação e Coordenação do Ponto BR - NIC.br
+            "finance", // finance Cotton Cypress, LLC
+            "financial", // financial Just Cover, LLC
+            "fire", // fire Amazon Registry Services, Inc.
+            "firestone", // firestone Bridgestone Corporation
+            "firmdale", // firmdale Firmdale Holdings Limited
+            "fish", // fish Fox Woods, LLC
+            "fishing", // fishing Top Level Domain Holdings Limited
+            "fit", // fit Minds + Machines Group Limited
+            "fitness", // fitness Brice Orchard, LLC
+            "flickr", // flickr Yahoo! Domain Services Inc.
+            "flights", // flights Fox Station, LLC
+            "flir", // flir FLIR Systems, Inc.
+            "florist", // florist Half Cypress, LLC
+            "flowers", // flowers Uniregistry, Corp.
+//        "flsmidth", // flsmidth FLSmidth A/S retired 2016-07-22
+            "fly", // fly Charleston Road Registry Inc.
+            "foo", // foo Charleston Road Registry Inc.
+            "food", // food Lifestyle Domain Holdings, Inc.
+            "foodnetwork", // foodnetwork Lifestyle Domain Holdings, Inc.
+            "football", // football Foggy Farms, LLC
+            "ford", // ford Ford Motor Company
+            "forex", // forex DOTFOREX REGISTRY LTD
+            "forsale", // forsale United TLD Holdco, LLC
+            "forum", // forum Fegistry, LLC
+            "foundation", // foundation John Dale, LLC
+            "fox", // fox FOX Registry, LLC
+            "free", // free Amazon Registry Services, Inc.
+            "fresenius", // fresenius Fresenius Immobilien-Verwaltungs-GmbH
+            "frl", // frl FRLregistry B.V.
+            "frogans", // frogans OP3FT
+            "frontdoor", // frontdoor Lifestyle Domain Holdings, Inc.
+            "frontier", // frontier Frontier Communications Corporation
+            "ftr", // ftr Frontier Communications Corporation
+            "fujitsu", // fujitsu Fujitsu Limited
+            "fujixerox", // fujixerox Xerox DNHC LLC
+            "fun", // fun DotSpace, Inc.
+            "fund", // fund John Castle, LLC
+            "furniture", // furniture Lone Fields, LLC
+            "futbol", // futbol United TLD Holdco, Ltd.
+            "fyi", // fyi Silver Tigers, LLC
+            "gal", // gal Asociación puntoGAL
+            "gallery", // gallery Sugar House, LLC
+            "gallo", // gallo Gallo Vineyards, Inc.
+            "gallup", // gallup Gallup, Inc.
+            "game", // game Uniregistry, Corp.
+            "games", // games United TLD Holdco Ltd.
+            "gap", // gap The Gap, Inc.
+            "garden", // garden Top Level Domain Holdings Limited
+            "gbiz", // gbiz Charleston Road Registry Inc.
+            "gdn", // gdn Joint Stock Company "Navigation-information systems"
+            "gea", // gea GEA Group Aktiengesellschaft
+            "gent", // gent COMBELL GROUP NV/SA
+            "genting", // genting Resorts World Inc. Pte. Ltd.
+            "george", // george Wal-Mart Stores, Inc.
+            "ggee", // ggee GMO Internet, Inc.
+            "gift", // gift Uniregistry, Corp.
+            "gifts", // gifts Goose Sky, LLC
+            "gives", // gives United TLD Holdco Ltd.
+            "giving", // giving Giving Limited
+            "glade", // glade Johnson Shareholdings, Inc.
+            "glass", // glass Black Cover, LLC
+            "gle", // gle Charleston Road Registry Inc.
+            "global", // global Dot Global Domain Registry Limited
+            "globo", // globo Globo Comunicação e Participações S.A
+            "gmail", // gmail Charleston Road Registry Inc.
+            "gmbh", // gmbh Extra Dynamite, LLC
+            "gmo", // gmo GMO Internet, Inc.
+            "gmx", // gmx 1&amp;1 Mail &amp; Media GmbH
+            "godaddy", // godaddy Go Daddy East, LLC
+            "gold", // gold June Edge, LLC
+            "goldpoint", // goldpoint YODOBASHI CAMERA CO.,LTD.
+            "golf", // golf Lone Falls, LLC
+            "goo", // goo NTT Resonant Inc.
+            "goodhands", // goodhands Allstate Fire and Casualty Insurance Company
+            "goodyear", // goodyear The Goodyear Tire &amp; Rubber Company
+            "goog", // goog Charleston Road Registry Inc.
+            "google", // google Charleston Road Registry Inc.
+            "gop", // gop Republican State Leadership Committee, Inc.
+            "got", // got Amazon Registry Services, Inc.
+            "gov", // gov General Services Administration Attn: QTDC, 2E08 (.gov Domain Registration)
+            "grainger", // grainger Grainger Registry Services, LLC
+            "graphics", // graphics Over Madison, LLC
+            "gratis", // gratis Pioneer Tigers, LLC
+            "green", // green Afilias Limited
+            "gripe", // gripe Corn Sunset, LLC
+            "group", // group Romeo Town, LLC
+            "guardian", // guardian The Guardian Life Insurance Company of America
+            "gucci", // gucci Guccio Gucci S.p.a.
+            "guge", // guge Charleston Road Registry Inc.
+            "guide", // guide Snow Moon, LLC
+            "guitars", // guitars Uniregistry, Corp.
+            "guru", // guru Pioneer Cypress, LLC
+            "hair", // hair L&#39;Oreal
+            "hamburg", // hamburg Hamburg Top-Level-Domain GmbH
+            "hangout", // hangout Charleston Road Registry Inc.
+            "haus", // haus United TLD Holdco, LTD.
+            "hbo", // hbo HBO Registry Services, Inc.
+            "hdfc", // hdfc HOUSING DEVELOPMENT FINANCE CORPORATION LIMITED
+            "hdfcbank", // hdfcbank HDFC Bank Limited
+            "health", // health DotHealth, LLC
+            "healthcare", // healthcare Silver Glen, LLC
+            "help", // help Uniregistry, Corp.
+            "helsinki", // helsinki City of Helsinki
+            "here", // here Charleston Road Registry Inc.
+            "hermes", // hermes Hermes International
+            "hgtv", // hgtv Lifestyle Domain Holdings, Inc.
+            "hiphop", // hiphop Uniregistry, Corp.
+            "hisamitsu", // hisamitsu Hisamitsu Pharmaceutical Co.,Inc.
+            "hitachi", // hitachi Hitachi, Ltd.
+            "hiv", // hiv dotHIV gemeinnuetziger e.V.
+            "hkt", // hkt PCCW-HKT DataCom Services Limited
+            "hockey", // hockey Half Willow, LLC
+            "holdings", // holdings John Madison, LLC
+            "holiday", // holiday Goose Woods, LLC
+            "homedepot", // homedepot Homer TLC, Inc.
+            "homegoods", // homegoods The TJX Companies, Inc.
+            "homes", // homes DERHomes, LLC
+            "homesense", // homesense The TJX Companies, Inc.
+            "honda", // honda Honda Motor Co., Ltd.
+            "honeywell", // honeywell Honeywell GTLD LLC
+            "horse", // horse Top Level Domain Holdings Limited
+            "hospital", // hospital Ruby Pike, LLC
+            "host", // host DotHost Inc.
+            "hosting", // hosting Uniregistry, Corp.
+            "hot", // hot Amazon Registry Services, Inc.
+            "hoteles", // hoteles Travel Reservations SRL
+            "hotmail", // hotmail Microsoft Corporation
+            "house", // house Sugar Park, LLC
+            "how", // how Charleston Road Registry Inc.
+            "hsbc", // hsbc HSBC Holdings PLC
+            "htc", // htc HTC corporation
+            "hughes", // hughes Hughes Satellite Systems Corporation
+            "hyatt", // hyatt Hyatt GTLD, L.L.C.
+            "hyundai", // hyundai Hyundai Motor Company
+            "ibm", // ibm International Business Machines Corporation
+            "icbc", // icbc Industrial and Commercial Bank of China Limited
+            "ice", // ice IntercontinentalExchange, Inc.
+            "icu", // icu One.com A/S
+            "ieee", // ieee IEEE Global LLC
+            "ifm", // ifm ifm electronic gmbh
+//        "iinet", // iinet Connect West Pty. Ltd. (Retired)
+            "ikano", // ikano Ikano S.A.
+            "imamat", // imamat Fondation Aga Khan (Aga Khan Foundation)
+            "imdb", // imdb Amazon Registry Services, Inc.
+            "immo", // immo Auburn Bloom, LLC
+            "immobilien", // immobilien United TLD Holdco Ltd.
+            "industries", // industries Outer House, LLC
+            "infiniti", // infiniti NISSAN MOTOR CO., LTD.
+            "info", // info Afilias Limited
+            "ing", // ing Charleston Road Registry Inc.
+            "ink", // ink Top Level Design, LLC
+            "institute", // institute Outer Maple, LLC
+            "insurance", // insurance fTLD Registry Services LLC
+            "insure", // insure Pioneer Willow, LLC
+            "int", // int Internet Assigned Numbers Authority
+            "intel", // intel Intel Corporation
+            "international", // international Wild Way, LLC
+            "intuit", // intuit Intuit Administrative Services, Inc.
+            "investments", // investments Holly Glen, LLC
+            "ipiranga", // ipiranga Ipiranga Produtos de Petroleo S.A.
+            "irish", // irish Dot-Irish LLC
+            "iselect", // iselect iSelect Ltd
+            "ismaili", // ismaili Fondation Aga Khan (Aga Khan Foundation)
+            "ist", // ist Istanbul Metropolitan Municipality
+            "istanbul", // istanbul Istanbul Metropolitan Municipality / Medya A.S.
+            "itau", // itau Itau Unibanco Holding S.A.
+            "itv", // itv ITV Services Limited
+            "iveco", // iveco CNH Industrial N.V.
+            "iwc", // iwc Richemont DNS Inc.
+            "jaguar", // jaguar Jaguar Land Rover Ltd
+            "java", // java Oracle Corporation
+            "jcb", // jcb JCB Co., Ltd.
+            "jcp", // jcp JCP Media, Inc.
+            "jeep", // jeep FCA US LLC.
+            "jetzt", // jetzt New TLD Company AB
+            "jewelry", // jewelry Wild Bloom, LLC
+            "jio", // jio Affinity Names, Inc.
+            "jlc", // jlc Richemont DNS Inc.
+            "jll", // jll Jones Lang LaSalle Incorporated
+            "jmp", // jmp Matrix IP LLC
+            "jnj", // jnj Johnson &amp; Johnson Services, Inc.
+            "jobs", // jobs Employ Media LLC
+            "joburg", // joburg ZA Central Registry NPC trading as ZA Central Registry
+            "jot", // jot Amazon Registry Services, Inc.
+            "joy", // joy Amazon Registry Services, Inc.
+            "jpmorgan", // jpmorgan JPMorgan Chase &amp; Co.
+            "jprs", // jprs Japan Registry Services Co., Ltd.
+            "juegos", // juegos Uniregistry, Corp.
+            "juniper", // juniper JUNIPER NETWORKS, INC.
+            "kaufen", // kaufen United TLD Holdco Ltd.
+            "kddi", // kddi KDDI CORPORATION
+            "kerryhotels", // kerryhotels Kerry Trading Co. Limited
+            "kerrylogistics", // kerrylogistics Kerry Trading Co. Limited
+            "kerryproperties", // kerryproperties Kerry Trading Co. Limited
+            "kfh", // kfh Kuwait Finance House
+            "kia", // kia KIA MOTORS CORPORATION
+            "kim", // kim Afilias Limited
+            "kinder", // kinder Ferrero Trading Lux S.A.
+            "kindle", // kindle Amazon Registry Services, Inc.
+            "kitchen", // kitchen Just Goodbye, LLC
+            "kiwi", // kiwi DOT KIWI LIMITED
+            "koeln", // koeln NetCologne Gesellschaft für Telekommunikation mbH
+            "komatsu", // komatsu Komatsu Ltd.
+            "kosher", // kosher Kosher Marketing Assets LLC
+            "kpmg", // kpmg KPMG International Cooperative (KPMG International Genossenschaft)
+            "kpn", // kpn Koninklijke KPN N.V.
+            "krd", // krd KRG Department of Information Technology
+            "kred", // kred KredTLD Pty Ltd
+            "kuokgroup", // kuokgroup Kerry Trading Co. Limited
+            "kyoto", // kyoto Academic Institution: Kyoto Jyoho Gakuen
+            "lacaixa", // lacaixa CAIXA D&#39;ESTALVIS I PENSIONS DE BARCELONA
+            "ladbrokes", // ladbrokes LADBROKES INTERNATIONAL PLC
+            "lamborghini", // lamborghini Automobili Lamborghini S.p.A.
+            "lamer", // lamer The Estée Lauder Companies Inc.
+            "lancaster", // lancaster LANCASTER
+            "lancia", // lancia Fiat Chrysler Automobiles N.V.
+            "lancome", // lancome L&#39;Oréal
+            "land", // land Pine Moon, LLC
+            "landrover", // landrover Jaguar Land Rover Ltd
+            "lanxess", // lanxess LANXESS Corporation
+            "lasalle", // lasalle Jones Lang LaSalle Incorporated
+            "lat", // lat ECOM-LAC Federación de Latinoamérica y el Caribe para Internet y el Comercio Electrónico
+            "latino", // latino Dish DBS Corporation
+            "latrobe", // latrobe La Trobe University
+            "law", // law Minds + Machines Group Limited
+            "lawyer", // lawyer United TLD Holdco, Ltd
+            "lds", // lds IRI Domain Management, LLC
+            "lease", // lease Victor Trail, LLC
+            "leclerc", // leclerc A.C.D. LEC Association des Centres Distributeurs Edouard Leclerc
+            "lefrak", // lefrak LeFrak Organization, Inc.
+            "legal", // legal Blue Falls, LLC
+            "lego", // lego LEGO Juris A/S
+            "lexus", // lexus TOYOTA MOTOR CORPORATION
+            "lgbt", // lgbt Afilias Limited
+            "liaison", // liaison Liaison Technologies, Incorporated
+            "lidl", // lidl Schwarz Domains und Services GmbH &amp; Co. KG
+            "life", // life Trixy Oaks, LLC
+            "lifeinsurance", // lifeinsurance American Council of Life Insurers
+            "lifestyle", // lifestyle Lifestyle Domain Holdings, Inc.
+            "lighting", // lighting John McCook, LLC
+            "like", // like Amazon Registry Services, Inc.
+            "lilly", // lilly Eli Lilly and Company
+            "limited", // limited Big Fest, LLC
+            "limo", // limo Hidden Frostbite, LLC
+            "lincoln", // lincoln Ford Motor Company
+            "linde", // linde Linde Aktiengesellschaft
+            "link", // link Uniregistry, Corp.
+            "lipsy", // lipsy Lipsy Ltd
+            "live", // live United TLD Holdco Ltd.
+            "living", // living Lifestyle Domain Holdings, Inc.
+            "lixil", // lixil LIXIL Group Corporation
+            "loan", // loan dot Loan Limited
+            "loans", // loans June Woods, LLC
+            "locker", // locker Dish DBS Corporation
+            "locus", // locus Locus Analytics LLC
+            "loft", // loft Annco, Inc.
+            "lol", // lol Uniregistry, Corp.
+            "london", // london Dot London Domains Limited
+            "lotte", // lotte Lotte Holdings Co., Ltd.
+            "lotto", // lotto Afilias Limited
+            "love", // love Merchant Law Group LLP
+            "lpl", // lpl LPL Holdings, Inc.
+            "lplfinancial", // lplfinancial LPL Holdings, Inc.
+            "ltd", // ltd Over Corner, LLC
+            "ltda", // ltda InterNetX Corp.
+            "lundbeck", // lundbeck H. Lundbeck A/S
+            "lupin", // lupin LUPIN LIMITED
+            "luxe", // luxe Top Level Domain Holdings Limited
+            "luxury", // luxury Luxury Partners LLC
+            "macys", // macys Macys, Inc.
+            "madrid", // madrid Comunidad de Madrid
+            "maif", // maif Mutuelle Assurance Instituteur France (MAIF)
+            "maison", // maison Victor Frostbite, LLC
+            "makeup", // makeup L&#39;Oréal
+            "man", // man MAN SE
+            "management", // management John Goodbye, LLC
+            "mango", // mango PUNTO FA S.L.
+            "market", // market Unitied TLD Holdco, Ltd
+            "marketing", // marketing Fern Pass, LLC
+            "markets", // markets DOTMARKETS REGISTRY LTD
+            "marriott", // marriott Marriott Worldwide Corporation
+            "marshalls", // marshalls The TJX Companies, Inc.
+            "maserati", // maserati Fiat Chrysler Automobiles N.V.
+            "mattel", // mattel Mattel Sites, Inc.
+            "mba", // mba Lone Hollow, LLC
+            "mcd", // mcd McDonald’s Corporation
+            "mcdonalds", // mcdonalds McDonald’s Corporation
+            "mckinsey", // mckinsey McKinsey Holdings, Inc.
+            "med", // med Medistry LLC
+            "media", // media Grand Glen, LLC
+            "meet", // meet Afilias Limited
+            "melbourne", // melbourne The Crown in right of the State of Victoria, represented by its Department of State Development, Business and Innovation
+            "meme", // meme Charleston Road Registry Inc.
+            "memorial", // memorial Dog Beach, LLC
+            "men", // men Exclusive Registry Limited
+            "menu", // menu Wedding TLD2, LLC
+            "meo", // meo PT Comunicacoes S.A.
+            "metlife", // metlife MetLife Services and Solutions, LLC
+            "miami", // miami Top Level Domain Holdings Limited
+            "microsoft", // microsoft Microsoft Corporation
+            "mil", // mil DoD Network Information Center
+            "mini", // mini Bayerische Motoren Werke Aktiengesellschaft
+            "mint", // mint Intuit Administrative Services, Inc.
+            "mit", // mit Massachusetts Institute of Technology
+            "mitsubishi", // mitsubishi Mitsubishi Corporation
+            "mlb", // mlb MLB Advanced Media DH, LLC
+            "mls", // mls The Canadian Real Estate Association
+            "mma", // mma MMA IARD
+            "mobi", // mobi Afilias Technologies Limited dba dotMobi
+            "mobile", // mobile Dish DBS Corporation
+            "mobily", // mobily GreenTech Consultancy Company W.L.L.
+            "moda", // moda United TLD Holdco Ltd.
+            "moe", // moe Interlink Co., Ltd.
+            "moi", // moi Amazon Registry Services, Inc.
+            "mom", // mom Uniregistry, Corp.
+            "monash", // monash Monash University
+            "money", // money Outer McCook, LLC
+            "monster", // monster Monster Worldwide, Inc.
+            "montblanc", // montblanc Richemont DNS Inc.
+            "mopar", // mopar FCA US LLC.
+            "mormon", // mormon IRI Domain Management, LLC (&quot;Applicant&quot;)
+            "mortgage", // mortgage United TLD Holdco, Ltd
+            "moscow", // moscow Foundation for Assistance for Internet Technologies and Infrastructure Development (FAITID)
+            "moto", // moto Motorola Trademark Holdings, LLC
+            "motorcycles", // motorcycles DERMotorcycles, LLC
+            "mov", // mov Charleston Road Registry Inc.
+            "movie", // movie New Frostbite, LLC
+            "movistar", // movistar Telefónica S.A.
+            "msd", // msd MSD Registry Holdings, Inc.
+            "mtn", // mtn MTN Dubai Limited
+            "mtpc", // mtpc Mitsubishi Tanabe Pharma Corporation
+            "mtr", // mtr MTR Corporation Limited
+            "museum", // museum Museum Domain Management Association
+            "mutual", // mutual Northwestern Mutual MU TLD Registry, LLC
+//        "mutuelle", // mutuelle Fédération Nationale de la Mutualité Française (Retired)
+            "nab", // nab National Australia Bank Limited
+            "nadex", // nadex Nadex Domains, Inc
+            "nagoya", // nagoya GMO Registry, Inc.
+            "name", // name VeriSign Information Services, Inc.
+            "nationwide", // nationwide Nationwide Mutual Insurance Company
+            "natura", // natura NATURA COSMÉTICOS S.A.
+            "navy", // navy United TLD Holdco Ltd.
+            "nba", // nba NBA REGISTRY, LLC
+            "nec", // nec NEC Corporation
+            "net", // net VeriSign Global Registry Services
+            "netbank", // netbank COMMONWEALTH BANK OF AUSTRALIA
+            "netflix", // netflix Netflix, Inc.
+            "network", // network Trixy Manor, LLC
+            "neustar", // neustar NeuStar, Inc.
+            "new", // new Charleston Road Registry Inc.
+            "newholland", // newholland CNH Industrial N.V.
+            "news", // news United TLD Holdco Ltd.
+            "next", // next Next plc
+            "nextdirect", // nextdirect Next plc
+            "nexus", // nexus Charleston Road Registry Inc.
+            "nfl", // nfl NFL Reg Ops LLC
+            "ngo", // ngo Public Interest Registry
+            "nhk", // nhk Japan Broadcasting Corporation (NHK)
+            "nico", // nico DWANGO Co., Ltd.
+            "nike", // nike NIKE, Inc.
+            "nikon", // nikon NIKON CORPORATION
+            "ninja", // ninja United TLD Holdco Ltd.
+            "nissan", // nissan NISSAN MOTOR CO., LTD.
+            "nissay", // nissay Nippon Life Insurance Company
+            "nokia", // nokia Nokia Corporation
+            "northwesternmutual", // northwesternmutual Northwestern Mutual Registry, LLC
+            "norton", // norton Symantec Corporation
+            "now", // now Amazon Registry Services, Inc.
+            "nowruz", // nowruz Asia Green IT System Bilgisayar San. ve Tic. Ltd. Sti.
+            "nowtv", // nowtv Starbucks (HK) Limited
+            "nra", // nra NRA Holdings Company, INC.
+            "nrw", // nrw Minds + Machines GmbH
+            "ntt", // ntt NIPPON TELEGRAPH AND TELEPHONE CORPORATION
+            "nyc", // nyc The City of New York by and through the New York City Department of Information Technology &amp; Telecommunications
+            "obi", // obi OBI Group Holding SE &amp; Co. KGaA
+            "observer", // observer Top Level Spectrum, Inc.
+            "off", // off Johnson Shareholdings, Inc.
+            "office", // office Microsoft Corporation
+            "okinawa", // okinawa BusinessRalliart inc.
+            "olayan", // olayan Crescent Holding GmbH
+            "olayangroup", // olayangroup Crescent Holding GmbH
+            "oldnavy", // oldnavy The Gap, Inc.
+            "ollo", // ollo Dish DBS Corporation
+            "omega", // omega The Swatch Group Ltd
+            "one", // one One.com A/S
+            "ong", // ong Public Interest Registry
+            "onl", // onl I-REGISTRY Ltd., Niederlassung Deutschland
+            "online", // online DotOnline Inc.
+            "onyourside", // onyourside Nationwide Mutual Insurance Company
+            "ooo", // ooo INFIBEAM INCORPORATION LIMITED
+            "open", // open American Express Travel Related Services Company, Inc.
+            "oracle", // oracle Oracle Corporation
+            "orange", // orange Orange Brand Services Limited
+            "org", // org Public Interest Registry (PIR)
+            "organic", // organic Afilias Limited
+            "orientexpress", // orientexpress Orient Express
+            "origins", // origins The Estée Lauder Companies Inc.
+            "osaka", // osaka Interlink Co., Ltd.
+            "otsuka", // otsuka Otsuka Holdings Co., Ltd.
+            "ott", // ott Dish DBS Corporation
+            "ovh", // ovh OVH SAS
+            "page", // page Charleston Road Registry Inc.
+            "pamperedchef", // pamperedchef The Pampered Chef, Ltd.
+            "panasonic", // panasonic Panasonic Corporation
+            "panerai", // panerai Richemont DNS Inc.
+            "paris", // paris City of Paris
+            "pars", // pars Asia Green IT System Bilgisayar San. ve Tic. Ltd. Sti.
+            "partners", // partners Magic Glen, LLC
+            "parts", // parts Sea Goodbye, LLC
+            "party", // party Blue Sky Registry Limited
+            "passagens", // passagens Travel Reservations SRL
+            "pay", // pay Amazon Registry Services, Inc.
+            "pccw", // pccw PCCW Enterprises Limited
+            "pet", // pet Afilias plc
+            "pfizer", // pfizer Pfizer Inc.
+            "pharmacy", // pharmacy National Association of Boards of Pharmacy
+            "philips", // philips Koninklijke Philips N.V.
+            "phone", // phone Dish DBS Corporation
+            "photo", // photo Uniregistry, Corp.
+            "photography", // photography Sugar Glen, LLC
+            "photos", // photos Sea Corner, LLC
+            "physio", // physio PhysBiz Pty Ltd
+            "piaget", // piaget Richemont DNS Inc.
+            "pics", // pics Uniregistry, Corp.
+            "pictet", // pictet Pictet Europe S.A.
+            "pictures", // pictures Foggy Sky, LLC
+            "pid", // pid Top Level Spectrum, Inc.
+            "pin", // pin Amazon Registry Services, Inc.
+            "ping", // ping Ping Registry Provider, Inc.
+            "pink", // pink Afilias Limited
+            "pioneer", // pioneer Pioneer Corporation
+            "pizza", // pizza Foggy Moon, LLC
+            "place", // place Snow Galley, LLC
+            "play", // play Charleston Road Registry Inc.
+            "playstation", // playstation Sony Computer Entertainment Inc.
+            "plumbing", // plumbing Spring Tigers, LLC
+            "plus", // plus Sugar Mill, LLC
+            "pnc", // pnc PNC Domain Co., LLC
+            "pohl", // pohl Deutsche Vermögensberatung Aktiengesellschaft DVAG
+            "poker", // poker Afilias Domains No. 5 Limited
+            "politie", // politie Politie Nederland
+            "porn", // porn ICM Registry PN LLC
+            "post", // post Universal Postal Union
+            "pramerica", // pramerica Prudential Financial, Inc.
+            "praxi", // praxi Praxi S.p.A.
+            "press", // press DotPress Inc.
+            "prime", // prime Amazon Registry Services, Inc.
+            "pro", // pro Registry Services Corporation dba RegistryPro
+            "prod", // prod Charleston Road Registry Inc.
+            "productions", // productions Magic Birch, LLC
+            "prof", // prof Charleston Road Registry Inc.
+            "progressive", // progressive Progressive Casualty Insurance Company
+            "promo", // promo Afilias plc
+            "properties", // properties Big Pass, LLC
+            "property", // property Uniregistry, Corp.
+            "protection", // protection XYZ.COM LLC
+            "pru", // pru Prudential Financial, Inc.
+            "prudential", // prudential Prudential Financial, Inc.
+            "pub", // pub United TLD Holdco Ltd.
+            "pwc", // pwc PricewaterhouseCoopers LLP
+            "qpon", // qpon dotCOOL, Inc.
+            "quebec", // quebec PointQuébec Inc
+            "quest", // quest Quest ION Limited
+            "qvc", // qvc QVC, Inc.
+            "racing", // racing Premier Registry Limited
+            "radio", // radio European Broadcasting Union (EBU)
+            "raid", // raid Johnson Shareholdings, Inc.
+            "read", // read Amazon Registry Services, Inc.
+            "realestate", // realestate dotRealEstate LLC
+            "realtor", // realtor Real Estate Domains LLC
+            "realty", // realty Fegistry, LLC
+            "recipes", // recipes Grand Island, LLC
+            "red", // red Afilias Limited
+            "redstone", // redstone Redstone Haute Couture Co., Ltd.
+            "redumbrella", // redumbrella Travelers TLD, LLC
+            "rehab", // rehab United TLD Holdco Ltd.
+            "reise", // reise Foggy Way, LLC
+            "reisen", // reisen New Cypress, LLC
+            "reit", // reit National Association of Real Estate Investment Trusts, Inc.
+            "reliance", // reliance Reliance Industries Limited
+            "ren", // ren Beijing Qianxiang Wangjing Technology Development Co., Ltd.
+            "rent", // rent XYZ.COM LLC
+            "rentals", // rentals Big Hollow,LLC
+            "repair", // repair Lone Sunset, LLC
+            "report", // report Binky Glen, LLC
+            "republican", // republican United TLD Holdco Ltd.
+            "rest", // rest Punto 2012 Sociedad Anonima Promotora de Inversion de Capital Variable
+            "restaurant", // restaurant Snow Avenue, LLC
+            "review", // review dot Review Limited
+            "reviews", // reviews United TLD Holdco, Ltd.
+            "rexroth", // rexroth Robert Bosch GMBH
+            "rich", // rich I-REGISTRY Ltd., Niederlassung Deutschland
+            "richardli", // richardli Pacific Century Asset Management (HK) Limited
+            "ricoh", // ricoh Ricoh Company, Ltd.
+            "rightathome", // rightathome Johnson Shareholdings, Inc.
+            "ril", // ril Reliance Industries Limited
+            "rio", // rio Empresa Municipal de Informática SA - IPLANRIO
+            "rip", // rip United TLD Holdco Ltd.
+            "rmit", // rmit Royal Melbourne Institute of Technology
+            "rocher", // rocher Ferrero Trading Lux S.A.
+            "rocks", // rocks United TLD Holdco, LTD.
+            "rodeo", // rodeo Top Level Domain Holdings Limited
+            "rogers", // rogers Rogers Communications Canada Inc.
+            "room", // room Amazon Registry Services, Inc.
+            "rsvp", // rsvp Charleston Road Registry Inc.
+            "ruhr", // ruhr regiodot GmbH &amp; Co. KG
+            "run", // run Snow Park, LLC
+            "rwe", // rwe RWE AG
+            "ryukyu", // ryukyu BusinessRalliart inc.
+            "saarland", // saarland dotSaarland GmbH
+            "safe", // safe Amazon Registry Services, Inc.
+            "safety", // safety Safety Registry Services, LLC.
+            "sakura", // sakura SAKURA Internet Inc.
+            "sale", // sale United TLD Holdco, Ltd
+            "salon", // salon Outer Orchard, LLC
+            "samsclub", // samsclub Wal-Mart Stores, Inc.
+            "samsung", // samsung SAMSUNG SDS CO., LTD
+            "sandvik", // sandvik Sandvik AB
+            "sandvikcoromant", // sandvikcoromant Sandvik AB
+            "sanofi", // sanofi Sanofi
+            "sap", // sap SAP AG
+            "sapo", // sapo PT Comunicacoes S.A.
+            "sarl", // sarl Delta Orchard, LLC
+            "sas", // sas Research IP LLC
+            "save", // save Amazon Registry Services, Inc.
+            "saxo", // saxo Saxo Bank A/S
+            "sbi", // sbi STATE BANK OF INDIA
+            "sbs", // sbs SPECIAL BROADCASTING SERVICE CORPORATION
+            "sca", // sca SVENSKA CELLULOSA AKTIEBOLAGET SCA (publ)
+            "scb", // scb The Siam Commercial Bank Public Company Limited (&quot;SCB&quot;)
+            "schaeffler", // schaeffler Schaeffler Technologies AG &amp; Co. KG
+            "schmidt", // schmidt SALM S.A.S.
+            "scholarships", // scholarships Scholarships.com, LLC
+            "school", // school Little Galley, LLC
+            "schule", // schule Outer Moon, LLC
+            "schwarz", // schwarz Schwarz Domains und Services GmbH &amp; Co. KG
+            "science", // science dot Science Limited
+            "scjohnson", // scjohnson Johnson Shareholdings, Inc.
+            "scor", // scor SCOR SE
+            "scot", // scot Dot Scot Registry Limited
+            "seat", // seat SEAT, S.A. (Sociedad Unipersonal)
+            "secure", // secure Amazon Registry Services, Inc.
+            "security", // security XYZ.COM LLC
+            "seek", // seek Seek Limited
+            "select", // select iSelect Ltd
+            "sener", // sener Sener Ingeniería y Sistemas, S.A.
+            "services", // services Fox Castle, LLC
+            "ses", // ses SES
+            "seven", // seven Seven West Media Ltd
+            "sew", // sew SEW-EURODRIVE GmbH &amp; Co KG
+            "sex", // sex ICM Registry SX LLC
+            "sexy", // sexy Uniregistry, Corp.
+            "sfr", // sfr Societe Francaise du Radiotelephone - SFR
+            "shangrila", // shangrila Shangri‐La International Hotel Management Limited
+            "sharp", // sharp Sharp Corporation
+            "shaw", // shaw Shaw Cablesystems G.P.
+            "shell", // shell Shell Information Technology International Inc
+            "shia", // shia Asia Green IT System Bilgisayar San. ve Tic. Ltd. Sti.
+            "shiksha", // shiksha Afilias Limited
+            "shoes", // shoes Binky Galley, LLC
+            "shop", // shop GMO Registry, Inc.
+            "shopping", // shopping Over Keep, LLC
+            "shouji", // shouji QIHOO 360 TECHNOLOGY CO. LTD.
+            "show", // show Snow Beach, LLC
+            "showtime", // showtime CBS Domains Inc.
+            "shriram", // shriram Shriram Capital Ltd.
+            "silk", // silk Amazon Registry Services, Inc.
+            "sina", // sina Sina Corporation
+            "singles", // singles Fern Madison, LLC
+            "site", // site DotSite Inc.
+            "ski", // ski STARTING DOT LIMITED
+            "skin", // skin L&#39;Oréal
+            "sky", // sky Sky International AG
+            "skype", // skype Microsoft Corporation
+            "sling", // sling Hughes Satellite Systems Corporation
+            "smart", // smart Smart Communications, Inc. (SMART)
+            "smile", // smile Amazon Registry Services, Inc.
+            "sncf", // sncf SNCF (Société Nationale des Chemins de fer Francais)
+            "soccer", // soccer Foggy Shadow, LLC
+            "social", // social United TLD Holdco Ltd.
+            "softbank", // softbank SoftBank Group Corp.
+            "software", // software United TLD Holdco, Ltd
+            "sohu", // sohu Sohu.com Limited
+            "solar", // solar Ruby Town, LLC
+            "solutions", // solutions Silver Cover, LLC
+            "song", // song Amazon Registry Services, Inc.
+            "sony", // sony Sony Corporation
+            "soy", // soy Charleston Road Registry Inc.
+            "space", // space DotSpace Inc.
+            "spiegel", // spiegel SPIEGEL-Verlag Rudolf Augstein GmbH &amp; Co. KG
+            "spot", // spot Amazon Registry Services, Inc.
+            "spreadbetting", // spreadbetting DOTSPREADBETTING REGISTRY LTD
+            "srl", // srl InterNetX Corp.
+            "srt", // srt FCA US LLC.
+            "stada", // stada STADA Arzneimittel AG
+            "staples", // staples Staples, Inc.
+            "star", // star Star India Private Limited
+            "starhub", // starhub StarHub Limited
+            "statebank", // statebank STATE BANK OF INDIA
+            "statefarm", // statefarm State Farm Mutual Automobile Insurance Company
+            "statoil", // statoil Statoil ASA
+            "stc", // stc Saudi Telecom Company
+            "stcgroup", // stcgroup Saudi Telecom Company
+            "stockholm", // stockholm Stockholms kommun
+            "storage", // storage Self Storage Company LLC
+            "store", // store DotStore Inc.
+            "stream", // stream dot Stream Limited
+            "studio", // studio United TLD Holdco Ltd.
+            "study", // study OPEN UNIVERSITIES AUSTRALIA PTY LTD
+            "style", // style Binky Moon, LLC
+            "sucks", // sucks Vox Populi Registry Ltd.
+            "supplies", // supplies Atomic Fields, LLC
+            "supply", // supply Half Falls, LLC
+            "support", // support Grand Orchard, LLC
+            "surf", // surf Top Level Domain Holdings Limited
+            "surgery", // surgery Tin Avenue, LLC
+            "suzuki", // suzuki SUZUKI MOTOR CORPORATION
+            "swatch", // swatch The Swatch Group Ltd
+            "swiftcover", // swiftcover Swiftcover Insurance Services Limited
+            "swiss", // swiss Swiss Confederation
+            "sydney", // sydney State of New South Wales, Department of Premier and Cabinet
+            "symantec", // symantec Symantec Corporation
+            "systems", // systems Dash Cypress, LLC
+            "tab", // tab Tabcorp Holdings Limited
+            "taipei", // taipei Taipei City Government
+            "talk", // talk Amazon Registry Services, Inc.
+            "taobao", // taobao Alibaba Group Holding Limited
+            "target", // target Target Domain Holdings, LLC
+            "tatamotors", // tatamotors Tata Motors Ltd
+            "tatar", // tatar Limited Liability Company &quot;Coordination Center of Regional Domain of Tatarstan Republic&quot;
+            "tattoo", // tattoo Uniregistry, Corp.
+            "tax", // tax Storm Orchard, LLC
+            "taxi", // taxi Pine Falls, LLC
+            "tci", // tci Asia Green IT System Bilgisayar San. ve Tic. Ltd. Sti.
+            "tdk", // tdk TDK Corporation
+            "team", // team Atomic Lake, LLC
+            "tech", // tech Dot Tech LLC
+            "technology", // technology Auburn Falls, LLC
+            "tel", // tel Telnic Ltd.
+            "telecity", // telecity TelecityGroup International Limited
+            "telefonica", // telefonica Telefónica S.A.
+            "temasek", // temasek Temasek Holdings (Private) Limited
+            "tennis", // tennis Cotton Bloom, LLC
+            "teva", // teva Teva Pharmaceutical Industries Limited
+            "thd", // thd Homer TLC, Inc.
+            "theater", // theater Blue Tigers, LLC
+            "theatre", // theatre XYZ.COM LLC
+            "tiaa", // tiaa Teachers Insurance and Annuity Association of America
+            "tickets", // tickets Accent Media Limited
+            "tienda", // tienda Victor Manor, LLC
+            "tiffany", // tiffany Tiffany and Company
+            "tips", // tips Corn Willow, LLC
+            "tires", // tires Dog Edge, LLC
+            "tirol", // tirol punkt Tirol GmbH
+            "tjmaxx", // tjmaxx The TJX Companies, Inc.
+            "tjx", // tjx The TJX Companies, Inc.
+            "tkmaxx", // tkmaxx The TJX Companies, Inc.
+            "tmall", // tmall Alibaba Group Holding Limited
+            "today", // today Pearl Woods, LLC
+            "tokyo", // tokyo GMO Registry, Inc.
+            "tools", // tools Pioneer North, LLC
+            "top", // top Jiangsu Bangning Science &amp; Technology Co.,Ltd.
+            "toray", // toray Toray Industries, Inc.
+            "toshiba", // toshiba TOSHIBA Corporation
+            "total", // total Total SA
+            "tours", // tours Sugar Station, LLC
+            "town", // town Koko Moon, LLC
+            "toyota", // toyota TOYOTA MOTOR CORPORATION
+            "toys", // toys Pioneer Orchard, LLC
+            "trade", // trade Elite Registry Limited
+            "trading", // trading DOTTRADING REGISTRY LTD
+            "training", // training Wild Willow, LLC
+            "travel", // travel Tralliance Registry Management Company, LLC.
+            "travelchannel", // travelchannel Lifestyle Domain Holdings, Inc.
+            "travelers", // travelers Travelers TLD, LLC
+            "travelersinsurance", // travelersinsurance Travelers TLD, LLC
+            "trust", // trust Artemis Internet Inc
+            "trv", // trv Travelers TLD, LLC
+            "tube", // tube Latin American Telecom LLC
+            "tui", // tui TUI AG
+            "tunes", // tunes Amazon Registry Services, Inc.
+            "tushu", // tushu Amazon Registry Services, Inc.
+            "tvs", // tvs T V SUNDRAM IYENGAR  &amp; SONS PRIVATE LIMITED
+            "ubank", // ubank National Australia Bank Limited
+            "ubs", // ubs UBS AG
+            "uconnect", // uconnect FCA US LLC.
+            "unicom", // unicom China United Network Communications Corporation Limited
+            "university", // university Little Station, LLC
+            "uno", // uno Dot Latin LLC
+            "uol", // uol UBN INTERNET LTDA.
+            "ups", // ups UPS Market Driver, Inc.
+            "vacations", // vacations Atomic Tigers, LLC
+            "vana", // vana Lifestyle Domain Holdings, Inc.
+            "vanguard", // vanguard The Vanguard Group, Inc.
+            "vegas", // vegas Dot Vegas, Inc.
+            "ventures", // ventures Binky Lake, LLC
+            "verisign", // verisign VeriSign, Inc.
+            "versicherung", // versicherung dotversicherung-registry GmbH
+            "vet", // vet United TLD Holdco, Ltd
+            "viajes", // viajes Black Madison, LLC
+            "video", // video United TLD Holdco, Ltd
+            "vig", // vig VIENNA INSURANCE GROUP AG Wiener Versicherung Gruppe
+            "viking", // viking Viking River Cruises (Bermuda) Ltd.
+            "villas", // villas New Sky, LLC
+            "vin", // vin Holly Shadow, LLC
+            "vip", // vip Minds + Machines Group Limited
+            "virgin", // virgin Virgin Enterprises Limited
+            "visa", // visa Visa Worldwide Pte. Limited
+            "vision", // vision Koko Station, LLC
+            "vista", // vista Vistaprint Limited
+            "vistaprint", // vistaprint Vistaprint Limited
+            "viva", // viva Saudi Telecom Company
+            "vivo", // vivo Telefonica Brasil S.A.
+            "vlaanderen", // vlaanderen DNS.be vzw
+            "vodka", // vodka Top Level Domain Holdings Limited
+            "volkswagen", // volkswagen Volkswagen Group of America Inc.
+            "volvo", // volvo Volvo Holding Sverige Aktiebolag
+            "vote", // vote Monolith Registry LLC
+            "voting", // voting Valuetainment Corp.
+            "voto", // voto Monolith Registry LLC
+            "voyage", // voyage Ruby House, LLC
+            "vuelos", // vuelos Travel Reservations SRL
+            "wales", // wales Nominet UK
+            "walmart", // walmart Wal-Mart Stores, Inc.
+            "walter", // walter Sandvik AB
+            "wang", // wang Zodiac Registry Limited
+            "wanggou", // wanggou Amazon Registry Services, Inc.
+            "warman", // warman Weir Group IP Limited
+            "watch", // watch Sand Shadow, LLC
+            "watches", // watches Richemont DNS Inc.
+            "weather", // weather The Weather Channel, LLC
+            "weatherchannel", // weatherchannel The Weather Channel, LLC
+            "webcam", // webcam dot Webcam Limited
+            "weber", // weber Saint-Gobain Weber SA
+            "website", // website DotWebsite Inc.
+            "wed", // wed Atgron, Inc.
+            "wedding", // wedding Top Level Domain Holdings Limited
+            "weibo", // weibo Sina Corporation
+            "weir", // weir Weir Group IP Limited
+            "whoswho", // whoswho Who&#39;s Who Registry
+            "wien", // wien punkt.wien GmbH
+            "wiki", // wiki Top Level Design, LLC
+            "williamhill", // williamhill William Hill Organization Limited
+            "win", // win First Registry Limited
+            "windows", // windows Microsoft Corporation
+            "wine", // wine June Station, LLC
+            "winners", // winners The TJX Companies, Inc.
+            "wme", // wme William Morris Endeavor Entertainment, LLC
+            "wolterskluwer", // wolterskluwer Wolters Kluwer N.V.
+            "woodside", // woodside Woodside Petroleum Limited
+            "work", // work Top Level Domain Holdings Limited
+            "works", // works Little Dynamite, LLC
+            "world", // world Bitter Fields, LLC
+            "wow", // wow Amazon Registry Services, Inc.
+            "wtc", // wtc World Trade Centers Association, Inc.
+            "wtf", // wtf Hidden Way, LLC
+            "xbox", // xbox Microsoft Corporation
+            "xerox", // xerox Xerox DNHC LLC
+            "xfinity", // xfinity Comcast IP Holdings I, LLC
+            "xihuan", // xihuan QIHOO 360 TECHNOLOGY CO. LTD.
+            "xin", // xin Elegant Leader Limited
+            "xn--11b4c3d", // कॉम VeriSign Sarl
+            "xn--1ck2e1b", // セール Amazon Registry Services, Inc.
+            "xn--1qqw23a", // 佛山 Guangzhou YU Wei Information Technology Co., Ltd.
+            "xn--30rr7y", // 慈善 Excellent First Limited
+            "xn--3bst00m", // 集团 Eagle Horizon Limited
+            "xn--3ds443g", // 在线 TLD REGISTRY LIMITED
+            "xn--3oq18vl8pn36a", // 大众汽车 Volkswagen (China) Investment Co., Ltd.
+            "xn--3pxu8k", // 点看 VeriSign Sarl
+            "xn--42c2d9a", // คอม VeriSign Sarl
+            "xn--45q11c", // 八卦 Zodiac Scorpio Limited
+            "xn--4gbrim", // موقع Suhub Electronic Establishment
+            "xn--55qw42g", // 公益 China Organizational Name Administration Center
+            "xn--55qx5d", // 公司 Computer Network Information Center of Chinese Academy of Sciences （China Internet Network Information Center）
+            "xn--5su34j936bgsg", // 香格里拉 Shangri‐La International Hotel Management Limited
+            "xn--5tzm5g", // 网站 Global Website TLD Asia Limited
+            "xn--6frz82g", // 移动 Afilias Limited
+            "xn--6qq986b3xl", // 我爱你 Tycoon Treasure Limited
+            "xn--80adxhks", // москва Foundation for Assistance for Internet Technologies and Infrastructure Development (FAITID)
+            "xn--80aqecdr1a", // католик Pontificium Consilium de Comunicationibus Socialibus (PCCS) (Pontifical Council for Social Communication)
+            "xn--80asehdb", // онлайн CORE Association
+            "xn--80aswg", // сайт CORE Association
+            "xn--8y0a063a", // 联通 China United Network Communications Corporation Limited
+            "xn--90ae", // бг Imena.BG Plc (NAMES.BG Plc)
+            "xn--9dbq2a", // קום VeriSign Sarl
+            "xn--9et52u", // 时尚 RISE VICTORY LIMITED
+            "xn--9krt00a", // 微博 Sina Corporation
+            "xn--b4w605ferd", // 淡马锡 Temasek Holdings (Private) Limited
+            "xn--bck1b9a5dre4c", // ファッション Amazon Registry Services, Inc.
+            "xn--c1avg", // орг Public Interest Registry
+            "xn--c2br7g", // नेट VeriSign Sarl
+            "xn--cck2b3b", // ストア Amazon Registry Services, Inc.
+            "xn--cg4bki", // 삼성 SAMSUNG SDS CO., LTD
+            "xn--czr694b", // 商标 HU YI GLOBAL INFORMATION RESOURCES(HOLDING) COMPANY.HONGKONG LIMITED
+            "xn--czrs0t", // 商店 Wild Island, LLC
+            "xn--czru2d", // 商城 Zodiac Aquarius Limited
+            "xn--d1acj3b", // дети The Foundation for Network Initiatives “The Smart Internet”
+            "xn--eckvdtc9d", // ポイント Amazon Registry Services, Inc.
+            "xn--efvy88h", // 新闻 Xinhua News Agency Guangdong Branch 新华通讯社广东分社
+            "xn--estv75g", // 工行 Industrial and Commercial Bank of China Limited
+            "xn--fct429k", // 家電 Amazon Registry Services, Inc.
+            "xn--fhbei", // كوم VeriSign Sarl
+            "xn--fiq228c5hs", // 中文网 TLD REGISTRY LIMITED
+            "xn--fiq64b", // 中信 CITIC Group Corporation
+            "xn--fjq720a", // 娱乐 Will Bloom, LLC
+            "xn--flw351e", // 谷歌 Charleston Road Registry Inc.
+            "xn--fzys8d69uvgm", // 電訊盈科 PCCW Enterprises Limited
+            "xn--g2xx48c", // 购物 Minds + Machines Group Limited
+            "xn--gckr3f0f", // クラウド Amazon Registry Services, Inc.
+            "xn--gk3at1e", // 通販 Amazon Registry Services, Inc.
+            "xn--hxt814e", // 网店 Zodiac Libra Limited
+            "xn--i1b6b1a6a2e", // संगठन Public Interest Registry
+            "xn--imr513n", // 餐厅 HU YI GLOBAL INFORMATION RESOURCES (HOLDING) COMPANY. HONGKONG LIMITED
+            "xn--io0a7i", // 网络 Computer Network Information Center of Chinese Academy of Sciences （China Internet Network Information Center）
+            "xn--j1aef", // ком VeriSign Sarl
+            "xn--jlq61u9w7b", // 诺基亚 Nokia Corporation
+            "xn--jvr189m", // 食品 Amazon Registry Services, Inc.
+            "xn--kcrx77d1x4a", // 飞利浦 Koninklijke Philips N.V.
+            "xn--kpu716f", // 手表 Richemont DNS Inc.
+            "xn--kput3i", // 手机 Beijing RITT-Net Technology Development Co., Ltd
+            "xn--mgba3a3ejt", // ارامكو Aramco Services Company
+            "xn--mgba7c0bbn0a", // العليان Crescent Holding GmbH
+            "xn--mgbab2bd", // بازار CORE Association
+            "xn--mgbb9fbpob", // موبايلي GreenTech Consultancy Company W.L.L.
+            "xn--mgbca7dzdo", // ابوظبي Abu Dhabi Systems and Information Centre
+            "xn--mgbi4ecexp", // كاثوليك Pontificium Consilium de Comunicationibus Socialibus (PCCS) (Pontifical Council for Social Communication)
+            "xn--mgbt3dhd", // همراه Asia Green IT System Bilgisayar San. ve Tic. Ltd. Sti.
+            "xn--mk1bu44c", // 닷컴 VeriSign Sarl
+            "xn--mxtq1m", // 政府 Net-Chinese Co., Ltd.
+            "xn--ngbc5azd", // شبكة International Domain Registry Pty. Ltd.
+            "xn--ngbe9e0a", // بيتك Kuwait Finance House
+            "xn--nqv7f", // 机构 Public Interest Registry
+            "xn--nqv7fs00ema", // 组织机构 Public Interest Registry
+            "xn--nyqy26a", // 健康 Stable Tone Limited
+            "xn--p1acf", // рус Rusnames Limited
+            "xn--pbt977c", // 珠宝 Richemont DNS Inc.
+            "xn--pssy2u", // 大拿 VeriSign Sarl
+            "xn--q9jyb4c", // みんな Charleston Road Registry Inc.
+            "xn--qcka1pmc", // グーグル Charleston Road Registry Inc.
+            "xn--rhqv96g", // 世界 Stable Tone Limited
+            "xn--rovu88b", // 書籍 Amazon EU S.à r.l.
+            "xn--ses554g", // 网址 KNET Co., Ltd
+            "xn--t60b56a", // 닷넷 VeriSign Sarl
+            "xn--tckwe", // コム VeriSign Sarl
+            "xn--tiq49xqyj", // 天主教 Pontificium Consilium de Comunicationibus Socialibus (PCCS) (Pontifical Council for Social Communication)
+            "xn--unup4y", // 游戏 Spring Fields, LLC
+            "xn--vermgensberater-ctb", // VERMöGENSBERATER Deutsche Vermögensberatung Aktiengesellschaft DVAG
+            "xn--vermgensberatung-pwb", // VERMöGENSBERATUNG Deutsche Vermögensberatung Aktiengesellschaft DVAG
+            "xn--vhquv", // 企业 Dash McCook, LLC
+            "xn--vuq861b", // 信息 Beijing Tele-info Network Technology Co., Ltd.
+            "xn--w4r85el8fhu5dnra", // 嘉里大酒店 Kerry Trading Co. Limited
+            "xn--w4rs40l", // 嘉里 Kerry Trading Co. Limited
+            "xn--xhq521b", // 广东 Guangzhou YU Wei Information Technology Co., Ltd.
+            "xn--zfr164b", // 政务 China Organizational Name Administration Center
+            "xperia", // xperia Sony Mobile Communications AB
+            "xxx", // xxx ICM Registry LLC
+            "xyz", // xyz XYZ.COM LLC
+            "yachts", // yachts DERYachts, LLC
+            "yahoo", // yahoo Yahoo! Domain Services Inc.
+            "yamaxun", // yamaxun Amazon Registry Services, Inc.
+            "yandex", // yandex YANDEX, LLC
+            "yodobashi", // yodobashi YODOBASHI CAMERA CO.,LTD.
+            "yoga", // yoga Top Level Domain Holdings Limited
+            "yokohama", // yokohama GMO Registry, Inc.
+            "you", // you Amazon Registry Services, Inc.
+            "youtube", // youtube Charleston Road Registry Inc.
+            "yun", // yun QIHOO 360 TECHNOLOGY CO. LTD.
+            "zappos", // zappos Amazon Registry Services, Inc.
+            "zara", // zara Industria de Diseño Textil, S.A. (INDITEX, S.A.)
+            "zero", // zero Amazon Registry Services, Inc.
+            "zip", // zip Charleston Road Registry Inc.
+            "zippo", // zippo Zadco Company
+            "zone", // zone Outer Falls, LLC
+            "zuerich", // zuerich Kanton Zürich (Canton of Zurich)
+    };
+    
+    // WARNING: this array MUST be sorted, otherwise it cannot be searched reliably using binary search
+    private static final String[] COUNTRY_CODE_TLDS = new String[] {
+            "ac",                 // Ascension Island
+            "ad",                 // Andorra
+            "ae",                 // United Arab Emirates
+            "af",                 // Afghanistan
+            "ag",                 // Antigua and Barbuda
+            "ai",                 // Anguilla
+            "al",                 // Albania
+            "am",                 // Armenia
+//        "an",                 // Netherlands Antilles (retired)
+            "ao",                 // Angola
+            "aq",                 // Antarctica
+            "ar",                 // Argentina
+            "as",                 // American Samoa
+            "at",                 // Austria
+            "au",                 // Australia (includes Ashmore and Cartier Islands and Coral Sea Islands)
+            "aw",                 // Aruba
+            "ax",                 // Åland
+            "az",                 // Azerbaijan
+            "ba",                 // Bosnia and Herzegovina
+            "bb",                 // Barbados
+            "bd",                 // Bangladesh
+            "be",                 // Belgium
+            "bf",                 // Burkina Faso
+            "bg",                 // Bulgaria
+            "bh",                 // Bahrain
+            "bi",                 // Burundi
+            "bj",                 // Benin
+            "bm",                 // Bermuda
+            "bn",                 // Brunei Darussalam
+            "bo",                 // Bolivia
+            "br",                 // Brazil
+            "bs",                 // Bahamas
+            "bt",                 // Bhutan
+            "bv",                 // Bouvet Island
+            "bw",                 // Botswana
+            "by",                 // Belarus
+            "bz",                 // Belize
+            "ca",                 // Canada
+            "cc",                 // Cocos (Keeling) Islands
+            "cd",                 // Democratic Republic of the Congo (formerly Zaire)
+            "cf",                 // Central African Republic
+            "cg",                 // Republic of the Congo
+            "ch",                 // Switzerland
+            "ci",                 // Côte d'Ivoire
+            "ck",                 // Cook Islands
+            "cl",                 // Chile
+            "cm",                 // Cameroon
+            "cn",                 // China, mainland
+            "co",                 // Colombia
+            "cr",                 // Costa Rica
+            "cu",                 // Cuba
+            "cv",                 // Cape Verde
+            "cw",                 // Curaçao
+            "cx",                 // Christmas Island
+            "cy",                 // Cyprus
+            "cz",                 // Czech Republic
+            "de",                 // Germany
+            "dj",                 // Djibouti
+            "dk",                 // Denmark
+            "dm",                 // Dominica
+            "do",                 // Dominican Republic
+            "dz",                 // Algeria
+            "ec",                 // Ecuador
+            "ee",                 // Estonia
+            "eg",                 // Egypt
+            "er",                 // Eritrea
+            "es",                 // Spain
+            "et",                 // Ethiopia
+            "eu",                 // European Union
+            "fi",                 // Finland
+            "fj",                 // Fiji
+            "fk",                 // Falkland Islands
+            "fm",                 // Federated States of Micronesia
+            "fo",                 // Faroe Islands
+            "fr",                 // France
+            "ga",                 // Gabon
+            "gb",                 // Great Britain (United Kingdom)
+            "gd",                 // Grenada
+            "ge",                 // Georgia
+            "gf",                 // French Guiana
+            "gg",                 // Guernsey
+            "gh",                 // Ghana
+            "gi",                 // Gibraltar
+            "gl",                 // Greenland
+            "gm",                 // The Gambia
+            "gn",                 // Guinea
+            "gp",                 // Guadeloupe
+            "gq",                 // Equatorial Guinea
+            "gr",                 // Greece
+            "gs",                 // South Georgia and the South Sandwich Islands
+            "gt",                 // Guatemala
+            "gu",                 // Guam
+            "gw",                 // Guinea-Bissau
+            "gy",                 // Guyana
+            "hk",                 // Hong Kong
+            "hm",                 // Heard Island and McDonald Islands
+            "hn",                 // Honduras
+            "hr",                 // Croatia (Hrvatska)
+            "ht",                 // Haiti
+            "hu",                 // Hungary
+            "id",                 // Indonesia
+            "ie",                 // Ireland (Éire)
+            "il",                 // Israel
+            "im",                 // Isle of Man
+            "in",                 // India
+            "io",                 // British Indian Ocean Territory
+            "iq",                 // Iraq
+            "ir",                 // Iran
+            "is",                 // Iceland
+            "it",                 // Italy
+            "je",                 // Jersey
+            "jm",                 // Jamaica
+            "jo",                 // Jordan
+            "jp",                 // Japan
+            "ke",                 // Kenya
+            "kg",                 // Kyrgyzstan
+            "kh",                 // Cambodia (Khmer)
+            "ki",                 // Kiribati
+            "km",                 // Comoros
+            "kn",                 // Saint Kitts and Nevis
+            "kp",                 // North Korea
+            "kr",                 // South Korea
+            "kw",                 // Kuwait
+            "ky",                 // Cayman Islands
+            "kz",                 // Kazakhstan
+            "la",                 // Laos (currently being marketed as the official domain for Los Angeles)
+            "lb",                 // Lebanon
+            "lc",                 // Saint Lucia
+            "li",                 // Liechtenstein
+            "lk",                 // Sri Lanka
+            "lr",                 // Liberia
+            "ls",                 // Lesotho
+            "lt",                 // Lithuania
+            "lu",                 // Luxembourg
+            "lv",                 // Latvia
+            "ly",                 // Libya
+            "ma",                 // Morocco
+            "mc",                 // Monaco
+            "md",                 // Moldova
+            "me",                 // Montenegro
+            "mg",                 // Madagascar
+            "mh",                 // Marshall Islands
+            "mk",                 // Republic of Macedonia
+            "ml",                 // Mali
+            "mm",                 // Myanmar
+            "mn",                 // Mongolia
+            "mo",                 // Macau
+            "mp",                 // Northern Mariana Islands
+            "mq",                 // Martinique
+            "mr",                 // Mauritania
+            "ms",                 // Montserrat
+            "mt",                 // Malta
+            "mu",                 // Mauritius
+            "mv",                 // Maldives
+            "mw",                 // Malawi
+            "mx",                 // Mexico
+            "my",                 // Malaysia
+            "mz",                 // Mozambique
+            "na",                 // Namibia
+            "nc",                 // New Caledonia
+            "ne",                 // Niger
+            "nf",                 // Norfolk Island
+            "ng",                 // Nigeria
+            "ni",                 // Nicaragua
+            "nl",                 // Netherlands
+            "no",                 // Norway
+            "np",                 // Nepal
+            "nr",                 // Nauru
+            "nu",                 // Niue
+            "nz",                 // New Zealand
+            "om",                 // Oman
+            "pa",                 // Panama
+            "pe",                 // Peru
+            "pf",                 // French Polynesia With Clipperton Island
+            "pg",                 // Papua New Guinea
+            "ph",                 // Philippines
+            "pk",                 // Pakistan
+            "pl",                 // Poland
+            "pm",                 // Saint-Pierre and Miquelon
+            "pn",                 // Pitcairn Islands
+            "pr",                 // Puerto Rico
+            "ps",                 // Palestinian territories (PA-controlled West Bank and Gaza Strip)
+            "pt",                 // Portugal
+            "pw",                 // Palau
+            "py",                 // Paraguay
+            "qa",                 // Qatar
+            "re",                 // Réunion
+            "ro",                 // Romania
+            "rs",                 // Serbia
+            "ru",                 // Russia
+            "rw",                 // Rwanda
+            "sa",                 // Saudi Arabia
+            "sb",                 // Solomon Islands
+            "sc",                 // Seychelles
+            "sd",                 // Sudan
+            "se",                 // Sweden
+            "sg",                 // Singapore
+            "sh",                 // Saint Helena
+            "si",                 // Slovenia
+            "sj",                 // Svalbard and Jan Mayen Islands Not in use (Norwegian dependencies; see .no)
+            "sk",                 // Slovakia
+            "sl",                 // Sierra Leone
+            "sm",                 // San Marino
+            "sn",                 // Senegal
+            "so",                 // Somalia
+            "sr",                 // Suriname
+            "st",                 // São Tomé and Príncipe
+            "su",                 // Soviet Union (deprecated)
+            "sv",                 // El Salvador
+            "sx",                 // Sint Maarten
+            "sy",                 // Syria
+            "sz",                 // Swaziland
+            "tc",                 // Turks and Caicos Islands
+            "td",                 // Chad
+            "tf",                 // French Southern and Antarctic Lands
+            "tg",                 // Togo
+            "th",                 // Thailand
+            "tj",                 // Tajikistan
+            "tk",                 // Tokelau
+            "tl",                 // East Timor (deprecated old code)
+            "tm",                 // Turkmenistan
+            "tn",                 // Tunisia
+            "to",                 // Tonga
+//        "tp",                 // East Timor (Retired)
+            "tr",                 // Turkey
+            "tt",                 // Trinidad and Tobago
+            "tv",                 // Tuvalu
+            "tw",                 // Taiwan, Republic of China
+            "tz",                 // Tanzania
+            "ua",                 // Ukraine
+            "ug",                 // Uganda
+            "uk",                 // United Kingdom
+            "us",                 // United States of America
+            "uy",                 // Uruguay
+            "uz",                 // Uzbekistan
+            "va",                 // Vatican City State
+            "vc",                 // Saint Vincent and the Grenadines
+            "ve",                 // Venezuela
+            "vg",                 // British Virgin Islands
+            "vi",                 // U.S. Virgin Islands
+            "vn",                 // Vietnam
+            "vu",                 // Vanuatu
+            "wf",                 // Wallis and Futuna
+            "ws",                 // Samoa (formerly Western Samoa)
+            "xn--3e0b707e", // 한국 KISA (Korea Internet &amp; Security Agency)
+            "xn--45brj9c", // ভারত National Internet Exchange of India
+            "xn--54b7fta0cc", // বাংলা Posts and Telecommunications Division
+            "xn--80ao21a", // қаз Association of IT Companies of Kazakhstan
+            "xn--90a3ac", // срб Serbian National Internet Domain Registry (RNIDS)
+            "xn--90ais", // ??? Reliable Software Inc.
+            "xn--clchc0ea0b2g2a9gcd", // சிங்கப்பூர் Singapore Network Information Centre (SGNIC) Pte Ltd
+            "xn--d1alf", // мкд Macedonian Academic Research Network Skopje
+            "xn--e1a4c", // ею EURid vzw/asbl
+            "xn--fiqs8s", // 中国 China Internet Network Information Center
+            "xn--fiqz9s", // 中國 China Internet Network Information Center
+            "xn--fpcrj9c3d", // భారత్ National Internet Exchange of India
+            "xn--fzc2c9e2c", // ලංකා LK Domain Registry
+            "xn--gecrj9c", // ભારત National Internet Exchange of India
+            "xn--h2brj9c", // भारत National Internet Exchange of India
+            "xn--j1amh", // укр Ukrainian Network Information Centre (UANIC), Inc.
+            "xn--j6w193g", // 香港 Hong Kong Internet Registration Corporation Ltd.
+            "xn--kprw13d", // 台湾 Taiwan Network Information Center (TWNIC)
+            "xn--kpry57d", // 台灣 Taiwan Network Information Center (TWNIC)
+            "xn--l1acc", // мон Datacom Co.,Ltd
+            "xn--lgbbat1ad8j", // الجزائر CERIST
+            "xn--mgb9awbf", // عمان Telecommunications Regulatory Authority (TRA)
+            "xn--mgba3a4f16a", // ایران Institute for Research in Fundamental Sciences (IPM)
+            "xn--mgbaam7a8h", // امارات Telecommunications Regulatory Authority (TRA)
+            "xn--mgbayh7gpa", // الاردن National Information Technology Center (NITC)
+            "xn--mgbbh1a71e", // بھارت National Internet Exchange of India
+            "xn--mgbc0a9azcg", // المغرب Agence Nationale de Réglementation des Télécommunications (ANRT)
+            "xn--mgberp4a5d4ar", // السعودية Communications and Information Technology Commission
+            "xn--mgbpl2fh", // ????? Sudan Internet Society
+            "xn--mgbtx2b", // عراق Communications and Media Commission (CMC)
+            "xn--mgbx4cd0ab", // مليسيا MYNIC Berhad
+            "xn--mix891f", // 澳門 Bureau of Telecommunications Regulation (DSRT)
+            "xn--node", // გე Information Technologies Development Center (ITDC)
+            "xn--o3cw4h", // ไทย Thai Network Information Center Foundation
+            "xn--ogbpf8fl", // سورية National Agency for Network Services (NANS)
+            "xn--p1ai", // рф Coordination Center for TLD RU
+            "xn--pgbs0dh", // تونس Agence Tunisienne d&#39;Internet
+            "xn--qxam", // ελ ICS-FORTH GR
+            "xn--s9brj9c", // ਭਾਰਤ National Internet Exchange of India
+            "xn--wgbh1c", // مصر National Telecommunication Regulatory Authority - NTRA
+            "xn--wgbl6a", // قطر Communications Regulatory Authority
+            "xn--xkc2al3hye2a", // இலங்கை LK Domain Registry
+            "xn--xkc2dl3a5ee0h", // இந்தியா National Internet Exchange of India
+            "xn--y9a3aq", // ??? Internet Society
+            "xn--yfro4i67o", // 新加坡 Singapore Network Information Centre (SGNIC) Pte Ltd
+            "xn--ygbi2ammx", // فلسطين Ministry of Telecom &amp; Information Technology (MTIT)
+            "ye",                 // Yemen
+            "yt",                 // Mayotte
+            "za",                 // South Africa
+            "zm",                 // Zambia
+            "zw",                 // Zimbabwe
+    };
+    
+    // WARNING: this array MUST be sorted, otherwise it cannot be searched reliably using binary search
+    private static final String[] LOCAL_TLDS = new String[] {
+            "localdomain",         // Also widely used as localhost.localdomain
+            "localhost",           // RFC2606 defined
+    };
+    
+    // Additional arrays to supplement or override the built in ones.
+    // The PLUS arrays are valid keys, the MINUS arrays are invalid keys
+    
+    /*
+     * This field is used to detect whether the getInstance has been called.
+     * After this, the method updateTLDOverride is not allowed to be called.
+     * This field does not need to be volatile since it is only accessed from
+     * synchronized methods.
+     */
+    private static boolean inUse = false;
+    
+    /*
+     * These arrays are mutable, but they don't need to be volatile.
+     * They can only be updated by the updateTLDOverride method, and any readers must get an instance
+     * using the getInstance methods which are all (now) synchronised.
+     */
+    // WARNING: this array MUST be sorted, otherwise it cannot be searched reliably using binary search
+    private static volatile String[] countryCodeTLDsPlus = EMPTY_STRING_ARRAY;
+    
+    // WARNING: this array MUST be sorted, otherwise it cannot be searched reliably using binary search
+    private static volatile String[] genericTLDsPlus = EMPTY_STRING_ARRAY;
+    
+    // WARNING: this array MUST be sorted, otherwise it cannot be searched reliably using binary search
+    private static volatile String[] countryCodeTLDsMinus = EMPTY_STRING_ARRAY;
+    
+    // WARNING: this array MUST be sorted, otherwise it cannot be searched reliably using binary search
+    private static volatile String[] genericTLDsMinus = EMPTY_STRING_ARRAY;
+    
+    /**
+     * enum used by {@link DomainValidator#updateTLDOverride(DomainValidator.ArrayType, String[])}
+     * to determine which override array to update / fetch
+     * @since 1.5.0
+     * @since 1.5.1 made public and added read-only array references
+     */
+    public enum ArrayType {
+        /** Update (or get a copy of) the GENERIC_TLDS_PLUS table containing additonal generic TLDs */
+        GENERIC_PLUS,
+        /** Update (or get a copy of) the GENERIC_TLDS_MINUS table containing deleted generic TLDs */
+        GENERIC_MINUS,
+        /** Update (or get a copy of) the COUNTRY_CODE_TLDS_PLUS table containing additonal country code TLDs */
+        COUNTRY_CODE_PLUS,
+        /** Update (or get a copy of) the COUNTRY_CODE_TLDS_MINUS table containing deleted country code TLDs */
+        COUNTRY_CODE_MINUS,
+        /** Get a copy of the generic TLDS table */
+        GENERIC_RO,
+        /** Get a copy of the country code table */
+        COUNTRY_CODE_RO,
+        /** Get a copy of the infrastructure table */
+        INFRASTRUCTURE_RO,
+        /** Get a copy of the local table */
+        LOCAL_RO
+        ;
+    };
+    
+    // For use by unit test code only
+    static synchronized void clearTLDOverrides() {
+        inUse = false;
+        countryCodeTLDsPlus = EMPTY_STRING_ARRAY;
+        countryCodeTLDsMinus = EMPTY_STRING_ARRAY;
+        genericTLDsPlus = EMPTY_STRING_ARRAY;
+        genericTLDsMinus = EMPTY_STRING_ARRAY;
+    }
+    /**
+     * Update one of the TLD override arrays.
+     * This must only be done at program startup, before any instances are accessed using getInstance.
+     * <p>
+     * For example:
+     * <p>
+     * {@code DomainValidator.updateTLDOverride(ArrayType.GENERIC_PLUS, new String[]{"apache"})}
+     * <p>
+     * To clear an override array, provide an empty array.
+     *
+     * @param table the table to update, see {@link DomainValidator.ArrayType}
+     * Must be one of the following
+     * <ul>
+     * <li>COUNTRY_CODE_MINUS</li>
+     * <li>COUNTRY_CODE_PLUS</li>
+     * <li>GENERIC_MINUS</li>
+     * <li>GENERIC_PLUS</li>
+     * </ul>
+     * @param tlds the array of TLDs, must not be null
+     * @throws IllegalStateException if the method is called after getInstance
+     * @throws IllegalArgumentException if one of the read-only tables is requested
+     * @since 1.5.0
+     */
+    public static synchronized void updateTLDOverride(DomainValidator.ArrayType table, String [] tlds) {
+        if (inUse) {
+            throw new IllegalStateException("Can only invoke this method before calling getInstance");
+        }
+        String [] copy = new String[tlds.length];
+        // Comparisons are always done with lower-case entries
+        for (int i = 0; i < tlds.length; i++) {
+            copy[i] = tlds[i].toLowerCase(Locale.ENGLISH);
+        }
+        Arrays.sort(copy);
+        switch(table) {
+            case COUNTRY_CODE_MINUS:
+                countryCodeTLDsMinus = copy;
+                break;
+            case COUNTRY_CODE_PLUS:
+                countryCodeTLDsPlus = copy;
+                break;
+            case GENERIC_MINUS:
+                genericTLDsMinus = copy;
+                break;
+            case GENERIC_PLUS:
+                genericTLDsPlus = copy;
+                break;
+            case COUNTRY_CODE_RO:
+            case GENERIC_RO:
+            case INFRASTRUCTURE_RO:
+            case LOCAL_RO:
+                throw new IllegalArgumentException("Cannot update the table: " + table);
+            default:
+                throw new IllegalArgumentException("Unexpected enum value: " + table);
+        }
+    }
+    
+    /**
+     * Get a copy of the internal array.
+     * @param table the array type (any of the enum values)
+     * @return a copy of the array
+     * @throws IllegalArgumentException if the table type is unexpected (should not happen)
+     * @since 1.5.1
+     */
+    public static String [] getTLDEntries(DomainValidator.ArrayType table) {
+        final String array[];
+        switch(table) {
+            case COUNTRY_CODE_MINUS:
+                array = countryCodeTLDsMinus;
+                break;
+            case COUNTRY_CODE_PLUS:
+                array = countryCodeTLDsPlus;
+                break;
+            case GENERIC_MINUS:
+                array = genericTLDsMinus;
+                break;
+            case GENERIC_PLUS:
+                array = genericTLDsPlus;
+                break;
+            case GENERIC_RO:
+                array = GENERIC_TLDS;
+                break;
+            case COUNTRY_CODE_RO:
+                array = COUNTRY_CODE_TLDS;
+                break;
+            case INFRASTRUCTURE_RO:
+                array = INFRASTRUCTURE_TLDS;
+                break;
+            case LOCAL_RO:
+                array = LOCAL_TLDS;
+                break;
+            default:
+                throw new IllegalArgumentException("Unexpected enum value: " + table);
+        }
+        return Arrays.copyOf(array, array.length); // clone the array
+    }
+    
+    /**
+     * Converts potentially Unicode input to punycode.
+     * If conversion fails, returns the original input.
+     *
+     * @param input the string to convert, not null
+     * @return converted input, or original input if conversion fails
+     */
+    // Needed by UrlValidator
+    static String unicodeToASCII(String input) {
+        if (isOnlyASCII(input)) { // skip possibly expensive processing
+            return input;
+        }
+        try {
+            final String ascii = IDN.toASCII(input);
+            if (DomainValidator.IDNBUGHOLDER.IDN_TOASCII_PRESERVES_TRAILING_DOTS) {
+                return ascii;
+            }
+            final int length = input.length();
+            if (length == 0) {// check there is a last character
+                return input;
+            }
+            // RFC3490 3.1. 1)
+            //            Whenever dots are used as label separators, the following
+            //            characters MUST be recognized as dots: U+002E (full stop), U+3002
+            //            (ideographic full stop), U+FF0E (fullwidth full stop), U+FF61
+            //            (halfwidth ideographic full stop).
+            char lastChar = input.charAt(length-1);// fetch original last char
+            switch(lastChar) {
+                case '\u002E': // "." full stop
+                case '\u3002': // ideographic full stop
+                case '\uFF0E': // fullwidth full stop
+                case '\uFF61': // halfwidth ideographic full stop
+                    return ascii + "."; // restore the missing stop
+                default:
+                    return ascii;
+            }
+        } catch (IllegalArgumentException e) { // input is not valid
+            return input;
+        }
+    }
+    
+    private static class IDNBUGHOLDER {
+        private static boolean keepsTrailingDot() {
+            final String input = "a."; // must be a valid name
+            return input.equals(IDN.toASCII(input));
+        }
+        private static final boolean IDN_TOASCII_PRESERVES_TRAILING_DOTS = keepsTrailingDot();
+    }
+    
+    /*
+     * Check if input contains only ASCII
+     * Treats null as all ASCII
+     */
+    private static boolean isOnlyASCII(String input) {
+        if (input == null) {
+            return true;
+        }
+        for(int i=0; i < input.length(); i++) {
+            if (input.charAt(i) > 0x7F) { // CHECKSTYLE IGNORE MagicNumber
+                return false;
+            }
+        }
+        return true;
+    }
+    
+    /**
+     * Check if a sorted array contains the specified key
+     *
+     * @param sortedArray the array to search
+     * @param key the key to find
+     * @return {@code true} if the array contains the key
+     */
+    private static boolean arrayContains(String[] sortedArray, String key) {
+        return Arrays.binarySearch(sortedArray, key) >= 0;
+    }
+}
diff --git a/core/src/main/java/jenkins/org/apache/commons/validator/routines/InetAddressValidator.java b/core/src/main/java/jenkins/org/apache/commons/validator/routines/InetAddressValidator.java
new file mode 100644
index 0000000000..59ac7ceb2b
--- /dev/null
+++ b/core/src/main/java/jenkins/org/apache/commons/validator/routines/InetAddressValidator.java
@@ -0,0 +1,196 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/* Copied from commons-validator:commons-validator:1.6, with [PATCH] modifications */
+package jenkins.org.apache.commons.validator.routines;
+
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+
+/**
+ * <p><b>InetAddress</b> validation and conversion routines (<code>java.net.InetAddress</code>).</p>
+ *
+ * <p>This class provides methods to validate a candidate IP address.
+ *
+ * <p>
+ * This class is a Singleton; you can retrieve the instance via the {@link #getInstance()} method.
+ * </p>
+ *
+ * @version $Revision: 1783032 $
+ * @since Validator 1.4
+ */
+//[PATCH]
+@Restricted(NoExternalUse.class)
+// end of [PATCH]
+public class InetAddressValidator implements Serializable {
+
+    private static final int IPV4_MAX_OCTET_VALUE = 255;
+
+    private static final int MAX_UNSIGNED_SHORT = 0xffff;
+
+    private static final int BASE_16 = 16;
+
+    private static final long serialVersionUID = -919201640201914789L;
+
+    private static final String IPV4_REGEX =
+            "^(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})$";
+
+    // Max number of hex groups (separated by :) in an IPV6 address
+    private static final int IPV6_MAX_HEX_GROUPS = 8;
+
+    // Max hex digits in each IPv6 group
+    private static final int IPV6_MAX_HEX_DIGITS_PER_GROUP = 4;
+
+    /**
+     * Singleton instance of this class.
+     */
+    private static final InetAddressValidator VALIDATOR = new InetAddressValidator();
+
+    /** IPv4 RegexValidator */
+    private final RegexValidator ipv4Validator = new RegexValidator(IPV4_REGEX);
+
+    /**
+     * Returns the singleton instance of this validator.
+     * @return the singleton instance of this validator
+     */
+    public static InetAddressValidator getInstance() {
+        return VALIDATOR;
+    }
+
+    /**
+     * Checks if the specified string is a valid IP address.
+     * @param inetAddress the string to validate
+     * @return true if the string validates as an IP address
+     */
+    public boolean isValid(String inetAddress) {
+        return isValidInet4Address(inetAddress) || isValidInet6Address(inetAddress);
+    }
+
+    /**
+     * Validates an IPv4 address. Returns true if valid.
+     * @param inet4Address the IPv4 address to validate
+     * @return true if the argument contains a valid IPv4 address
+     */
+    public boolean isValidInet4Address(String inet4Address) {
+        // verify that address conforms to generic IPv4 format
+        String[] groups = ipv4Validator.match(inet4Address);
+
+        if (groups == null) {
+            return false;
+        }
+
+        // verify that address subgroups are legal
+        for (String ipSegment : groups) {
+            if (ipSegment == null || ipSegment.length() == 0) {
+                return false;
+            }
+
+            int iIpSegment = 0;
+
+            try {
+                iIpSegment = Integer.parseInt(ipSegment);
+            } catch(NumberFormatException e) {
+                return false;
+            }
+
+            if (iIpSegment > IPV4_MAX_OCTET_VALUE) {
+                return false;
+            }
+
+            if (ipSegment.length() > 1 && ipSegment.startsWith("0")) {
+                return false;
+            }
+
+        }
+
+        return true;
+    }
+
+    /**
+     * Validates an IPv6 address. Returns true if valid.
+     * @param inet6Address the IPv6 address to validate
+     * @return true if the argument contains a valid IPv6 address
+     * 
+     * @since 1.4.1
+     */
+    public boolean isValidInet6Address(String inet6Address) {
+        boolean containsCompressedZeroes = inet6Address.contains("::");
+        if (containsCompressedZeroes && (inet6Address.indexOf("::") != inet6Address.lastIndexOf("::"))) {
+            return false;
+        }
+        if ((inet6Address.startsWith(":") && !inet6Address.startsWith("::"))
+                || (inet6Address.endsWith(":") && !inet6Address.endsWith("::"))) {
+            return false;
+        }
+        String[] octets = inet6Address.split(":");
+        if (containsCompressedZeroes) {
+            List<String> octetList = new ArrayList<String>(Arrays.asList(octets));
+            if (inet6Address.endsWith("::")) {
+                // String.split() drops ending empty segments
+                octetList.add("");
+            } else if (inet6Address.startsWith("::") && !octetList.isEmpty()) {
+                octetList.remove(0);
+            }
+            octets = octetList.toArray(new String[octetList.size()]);
+        }
+        if (octets.length > IPV6_MAX_HEX_GROUPS) {
+            return false;
+        }
+        int validOctets = 0;
+        int emptyOctets = 0; // consecutive empty chunks
+        for (int index = 0; index < octets.length; index++) {
+            String octet = octets[index];
+            if (octet.length() == 0) {
+                emptyOctets++;
+                if (emptyOctets > 1) {
+                    return false;
+                }
+            } else {
+                emptyOctets = 0;
+                // Is last chunk an IPv4 address?
+                if (index == octets.length - 1 && octet.contains(".")) {
+                    if (!isValidInet4Address(octet)) {
+                        return false;
+                    }
+                    validOctets += 2;
+                    continue;
+                }
+                if (octet.length() > IPV6_MAX_HEX_DIGITS_PER_GROUP) {
+                    return false;
+                }
+                int octetInt = 0;
+                try {
+                    octetInt = Integer.parseInt(octet, BASE_16);
+                } catch (NumberFormatException e) {
+                    return false;
+                }
+                if (octetInt < 0 || octetInt > MAX_UNSIGNED_SHORT) {
+                    return false;
+                }
+            }
+            validOctets++;
+        }
+        if (validOctets > IPV6_MAX_HEX_GROUPS || (validOctets < IPV6_MAX_HEX_GROUPS && !containsCompressedZeroes)) {
+            return false;
+        }
+        return true;
+    }
+}
diff --git a/core/src/main/java/jenkins/org/apache/commons/validator/routines/RegexValidator.java b/core/src/main/java/jenkins/org/apache/commons/validator/routines/RegexValidator.java
new file mode 100644
index 0000000000..eebc3747d9
--- /dev/null
+++ b/core/src/main/java/jenkins/org/apache/commons/validator/routines/RegexValidator.java
@@ -0,0 +1,237 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/* Copied from commons-validator:commons-validator:1.6, with [PATCH] modifications */
+package jenkins.org.apache.commons.validator.routines;
+
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+
+import java.io.Serializable;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+/**
+ * <b>Regular Expression</b> validation (using JDK 1.4+ regex support).
+ * <p>
+ * Construct the validator either for a single regular expression or a set (array) of
+ * regular expressions. By default validation is <i>case sensitive</i> but constructors
+ * are provided to allow  <i>case in-sensitive</i> validation. For example to create
+ * a validator which does <i>case in-sensitive</i> validation for a set of regular
+ * expressions:
+ * </p>
+ * <pre>
+ * <code>
+ * String[] regexs = new String[] {...};
+ * RegexValidator validator = new RegexValidator(regexs, false);
+ * </code>
+ * </pre>
+ *
+ * <ul>
+ *   <li>Validate <code>true</code> or <code>false</code>:</li>
+ *   <li>
+ *     <ul>
+ *       <li><code>boolean valid = validator.isValidRootUrl(value);</code></li>
+ *     </ul>
+ *   </li>
+ *   <li>Validate returning an aggregated String of the matched groups:</li>
+ *   <li>
+ *     <ul>
+ *       <li><code>String result = validator.validate(value);</code></li>
+ *     </ul>
+ *   </li>
+ *   <li>Validate returning the matched groups:</li>
+ *   <li>
+ *     <ul>
+ *       <li><code>String[] result = validator.match(value);</code></li>
+ *     </ul>
+ *   </li>
+ * </ul>
+ *
+ * <b>Note that patterns are matched against the entire input.</b>
+ *
+ * <p>
+ * Cached instances pre-compile and re-use {@link Pattern}(s) - which according
+ * to the {@link Pattern} API are safe to use in a multi-threaded environment.
+ * </p>
+ *
+ * @version $Revision: 1739356 $
+ * @since Validator 1.4
+ */
+//[PATCH]
+@Restricted(NoExternalUse.class)
+// end of [PATCH]
+public class RegexValidator implements Serializable {
+
+    private static final long serialVersionUID = -8832409930574867162L;
+
+    private final Pattern[] patterns;
+
+    /**
+     * Construct a <i>case sensitive</i> validator for a single
+     * regular expression.
+     *
+     * @param regex The regular expression this validator will
+     * validate against
+     */
+    public RegexValidator(String regex) {
+        this(regex, true);
+    }
+
+    /**
+     * Construct a validator for a single regular expression
+     * with the specified case sensitivity.
+     *
+     * @param regex The regular expression this validator will
+     * validate against
+     * @param caseSensitive when <code>true</code> matching is <i>case
+     * sensitive</i>, otherwise matching is <i>case in-sensitive</i>
+     */
+    public RegexValidator(String regex, boolean caseSensitive) {
+        this(new String[] {regex}, caseSensitive);
+    }
+
+    /**
+     * Construct a <i>case sensitive</i> validator that matches any one
+     * of the set of regular expressions.
+     *
+     * @param regexs The set of regular expressions this validator will
+     * validate against
+     */
+    public RegexValidator(String[] regexs) {
+        this(regexs, true);
+    }
+
+    /**
+     * Construct a validator that matches any one of the set of regular
+     * expressions with the specified case sensitivity.
+     *
+     * @param regexs The set of regular expressions this validator will
+     * validate against
+     * @param caseSensitive when <code>true</code> matching is <i>case
+     * sensitive</i>, otherwise matching is <i>case in-sensitive</i>
+     */
+    public RegexValidator(String[] regexs, boolean caseSensitive) {
+        if (regexs == null || regexs.length == 0) {
+            throw new IllegalArgumentException("Regular expressions are missing");
+        }
+        patterns = new Pattern[regexs.length];
+        int flags =  (caseSensitive ? 0: Pattern.CASE_INSENSITIVE);
+        for (int i = 0; i < regexs.length; i++) {
+            if (regexs[i] == null || regexs[i].length() == 0) {
+                throw new IllegalArgumentException("Regular expression[" + i + "] is missing");
+            }
+            patterns[i] =  Pattern.compile(regexs[i], flags);
+        }
+    }
+
+    /**
+     * Validate a value against the set of regular expressions.
+     *
+     * @param value The value to validate.
+     * @return <code>true</code> if the value is valid
+     * otherwise <code>false</code>.
+     */
+    public boolean isValid(String value) {
+        if (value == null) {
+            return false;
+        }
+        for (int i = 0; i < patterns.length; i++) {
+            if (patterns[i].matcher(value).matches()) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    /**
+     * Validate a value against the set of regular expressions
+     * returning the array of matched groups.
+     *
+     * @param value The value to validate.
+     * @return String array of the <i>groups</i> matched if
+     * valid or <code>null</code> if invalid
+     */
+    public String[] match(String value) {
+        if (value == null) {
+            return null;
+        }
+        for (int i = 0; i < patterns.length; i++) {
+            Matcher matcher = patterns[i].matcher(value);
+            if (matcher.matches()) {
+                int count = matcher.groupCount();
+                String[] groups = new String[count];
+                for (int j = 0; j < count; j++) {
+                    groups[j] = matcher.group(j+1);
+                }
+                return groups;
+            }
+        }
+        return null;
+    }
+
+
+    /**
+     * Validate a value against the set of regular expressions
+     * returning a String value of the aggregated groups.
+     *
+     * @param value The value to validate.
+     * @return Aggregated String value comprised of the
+     * <i>groups</i> matched if valid or <code>null</code> if invalid
+     */
+    public String validate(String value) {
+        if (value == null) {
+            return null;
+        }
+        for (int i = 0; i < patterns.length; i++) {
+            Matcher matcher = patterns[i].matcher(value);
+            if (matcher.matches()) {
+                int count = matcher.groupCount();
+                if (count == 1) {
+                    return matcher.group(1);
+                }
+                StringBuilder buffer = new StringBuilder();
+                for (int j = 0; j < count; j++) {
+                    String component = matcher.group(j+1);
+                    if (component != null) {
+                        buffer.append(component);
+                    }
+                }
+                return buffer.toString();
+            }
+        }
+        return null;
+    }
+
+    /**
+     * Provide a String representation of this validator.
+     * @return A String representation of this validator
+     */
+    @Override
+    public String toString() {
+        StringBuilder buffer = new StringBuilder();
+        buffer.append("RegexValidator{");
+        for (int i = 0; i < patterns.length; i++) {
+            if (i > 0) {
+                buffer.append(",");
+            }
+            buffer.append(patterns[i].pattern());
+        }
+        buffer.append("}");
+        return buffer.toString();
+    }
+
+}
diff --git a/core/src/main/java/jenkins/org/apache/commons/validator/routines/UrlValidator.java b/core/src/main/java/jenkins/org/apache/commons/validator/routines/UrlValidator.java
new file mode 100644
index 0000000000..f309b177e6
--- /dev/null
+++ b/core/src/main/java/jenkins/org/apache/commons/validator/routines/UrlValidator.java
@@ -0,0 +1,551 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/* Copied from commons-validator:commons-validator:1.6, with [PATCH] modifications */
+package jenkins.org.apache.commons.validator.routines;
+
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+
+import java.io.Serializable;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Locale;
+import java.util.Set;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+/**
+ * <p><b>URL Validation</b> routines.</p>
+ * Behavior of validation is modified by passing in options:
+ * <ul>
+ * <li>ALLOW_2_SLASHES - [FALSE]  Allows double '/' characters in the path
+ * component.</li>
+ * <li>NO_FRAGMENT- [FALSE]  By default fragments are allowed, if this option is
+ * included then fragments are flagged as illegal.</li>
+ * <li>ALLOW_ALL_SCHEMES - [FALSE] By default only http, https, and ftp are
+ * considered valid schemes.  Enabling this option will let any scheme pass validation.</li>
+ * </ul>
+ *
+ * <p>Originally based in on php script by Debbie Dyer, validation.php v1.2b, Date: 03/07/02,
+ * http://javascript.internet.com. However, this validation now bears little resemblance
+ * to the php original.</p>
+ * <pre>
+ *   Example of usage:
+ *   Construct a UrlValidator with valid schemes of "http", and "https".
+ *
+ *    String[] schemes = {"http","https"}.
+ *    UrlValidator urlValidator = new UrlValidator(schemes);
+ *    if (urlValidator.isValidRootUrl("ftp://foo.bar.com/")) {
+ *       System.out.println("url is valid");
+ *    } else {
+ *       System.out.println("url is invalid");
+ *    }
+ *
+ *    prints "url is invalid"
+ *   If instead the default constructor is used.
+ *
+ *    UrlValidator urlValidator = new UrlValidator();
+ *    if (urlValidator.isValidRootUrl("ftp://foo.bar.com/")) {
+ *       System.out.println("url is valid");
+ *    } else {
+ *       System.out.println("url is invalid");
+ *    }
+ *
+ *   prints out "url is valid"
+ *  </pre>
+ *
+ * @see
+ * <a href="http://www.ietf.org/rfc/rfc2396.txt">
+ *  Uniform Resource Identifiers (URI): Generic Syntax
+ * </a>
+ *
+ * @version $Revision: 1783203 $
+ * @since Validator 1.4
+ */
+//[PATCH]
+@Restricted(NoExternalUse.class)
+// end of [PATCH]
+public class UrlValidator implements Serializable {
+    
+    private static final long serialVersionUID = 7557161713937335013L;
+    
+    private static final int MAX_UNSIGNED_16_BIT_INT = 0xFFFF; // port max
+    
+    /**
+     * Allows all validly formatted schemes to pass validation instead of
+     * supplying a set of valid schemes.
+     */
+    public static final long ALLOW_ALL_SCHEMES = 1 << 0;
+    
+    /**
+     * Allow two slashes in the path component of the URL.
+     */
+    public static final long ALLOW_2_SLASHES = 1 << 1;
+    
+    /**
+     * Enabling this options disallows any URL fragments.
+     */
+    public static final long NO_FRAGMENTS = 1 << 2;
+    
+    /**
+     * Allow local URLs, such as http://localhost/ or http://machine/ .
+     * This enables a broad-brush check, for complex local machine name
+     *  validation requirements you should create your validator with
+     *  a {@link RegexValidator} instead ({@link #UrlValidator(RegexValidator, long)})
+     */
+    public static final long ALLOW_LOCAL_URLS = 1 << 3; // CHECKSTYLE IGNORE MagicNumber
+    
+    /**
+     * This expression derived/taken from the BNF for URI (RFC2396).
+     */
+    private static final String URL_REGEX =
+            "^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\\?([^#]*))?(#(.*))?";
+    //        12            3  4          5       6   7        8 9
+    private static final Pattern URL_PATTERN = Pattern.compile(URL_REGEX);
+    
+    /**
+     * Schema/Protocol (ie. http:, ftp:, file:, etc).
+     */
+    private static final int PARSE_URL_SCHEME = 2;
+    
+    /**
+     * Includes hostname/ip and port number.
+     */
+    private static final int PARSE_URL_AUTHORITY = 4;
+    
+    private static final int PARSE_URL_PATH = 5;
+    
+    private static final int PARSE_URL_QUERY = 7;
+    
+    private static final int PARSE_URL_FRAGMENT = 9;
+    
+    /**
+     * Protocol scheme (e.g. http, ftp, https).
+     */
+    private static final String SCHEME_REGEX = "^\\p{Alpha}[\\p{Alnum}\\+\\-\\.]*";
+    private static final Pattern SCHEME_PATTERN = Pattern.compile(SCHEME_REGEX);
+    
+    // Drop numeric, and  "+-." for now
+    // TODO does not allow for optional userinfo. 
+    // Validation of character set is done by isValidAuthority
+    private static final String AUTHORITY_CHARS_REGEX = "\\p{Alnum}\\-\\."; // allows for IPV4 but not IPV6
+    private static final String IPV6_REGEX = "[0-9a-fA-F:]+"; // do this as separate match because : could cause ambiguity with port prefix
+    
+    // userinfo    = *( unreserved / pct-encoded / sub-delims / ":" )
+    // unreserved    = ALPHA / DIGIT / "-" / "." / "_" / "~"
+    // sub-delims    = "!" / "$" / "&" / "'" / "(" / ")" / "*" / "+" / "," / ";" / "="
+    // We assume that password has the same valid chars as user info
+    private static final String USERINFO_CHARS_REGEX = "[a-zA-Z0-9%-._~!$&'()*+,;=]";
+    // since neither ':' nor '@' are allowed chars, we don't need to use non-greedy matching
+    private static final String USERINFO_FIELD_REGEX =
+            USERINFO_CHARS_REGEX + "+" + // At least one character for the name
+                    "(?::" + USERINFO_CHARS_REGEX + "*)?@"; // colon and password may be absent
+    private static final String AUTHORITY_REGEX =
+            "(?:\\[("+IPV6_REGEX+")\\]|(?:(?:"+USERINFO_FIELD_REGEX+")?([" + AUTHORITY_CHARS_REGEX + "]*)))(?::(\\d*))?(.*)?";
+    //             1                          e.g. user:pass@          2                                         3       4
+    private static final Pattern AUTHORITY_PATTERN = Pattern.compile(AUTHORITY_REGEX);
+    
+    private static final int PARSE_AUTHORITY_IPV6 = 1;
+    
+    private static final int PARSE_AUTHORITY_HOST_IP = 2; // excludes userinfo, if present
+    
+    private static final int PARSE_AUTHORITY_PORT = 3; // excludes leading colon
+    
+    /**
+     * Should always be empty. The code currently allows spaces.
+     */
+    private static final int PARSE_AUTHORITY_EXTRA = 4;
+    
+    private static final String PATH_REGEX = "^(/[-\\w:@&?=+,.!/~*'%$_;\\(\\)]*)?$";
+    private static final Pattern PATH_PATTERN = Pattern.compile(PATH_REGEX);
+    
+    private static final String QUERY_REGEX = "^(\\S*)$";
+    private static final Pattern QUERY_PATTERN = Pattern.compile(QUERY_REGEX);
+    
+    /**
+     * Holds the set of current validation options.
+     */
+    private final long options;
+    
+    /**
+     * The set of schemes that are allowed to be in a URL.
+     */
+    private final Set<String> allowedSchemes; // Must be lower-case
+    
+    /**
+     * Regular expressions used to manually validate authorities if IANA
+     * domain name validation isn't desired.
+     */
+    private final RegexValidator authorityValidator;
+    
+    /**
+     * If no schemes are provided, default to this set.
+     */
+    private static final String[] DEFAULT_SCHEMES = {"http", "https", "ftp"}; // Must be lower-case
+    
+    /**
+     * Singleton instance of this class with default schemes and options.
+     */
+    private static final UrlValidator DEFAULT_URL_VALIDATOR = new UrlValidator();
+    
+    /**
+     * Returns the singleton instance of this class with default schemes and options.
+     * @return singleton instance with default schemes and options
+     */
+    public static UrlValidator getInstance() {
+        return DEFAULT_URL_VALIDATOR;
+    }
+    
+    /**
+     * Create a UrlValidator with default properties.
+     */
+    public UrlValidator() {
+        this(null);
+    }
+    
+    /**
+     * Behavior of validation is modified by passing in several strings options:
+     * @param schemes Pass in one or more url schemes to consider valid, passing in
+     *        a null will default to "http,https,ftp" being valid.
+     *        If a non-null schemes is specified then all valid schemes must
+     *        be specified. Setting the ALLOW_ALL_SCHEMES option will
+     *        ignore the contents of schemes.
+     */
+    public UrlValidator(String[] schemes) {
+        this(schemes, 0L);
+    }
+    
+    /**
+     * Initialize a UrlValidator with the given validation options.
+     * @param options The options should be set using the public constants declared in
+     * this class.  To set multiple options you simply add them together.  For example,
+     * ALLOW_2_SLASHES + NO_FRAGMENTS enables both of those options.
+     */
+    public UrlValidator(long options) {
+        this(null, null, options);
+    }
+    
+    /**
+     * Behavior of validation is modified by passing in options:
+     * @param schemes The set of valid schemes. Ignored if the ALLOW_ALL_SCHEMES option is set.
+     * @param options The options should be set using the public constants declared in
+     * this class.  To set multiple options you simply add them together.  For example,
+     * ALLOW_2_SLASHES + NO_FRAGMENTS enables both of those options.
+     */
+    public UrlValidator(String[] schemes, long options) {
+        this(schemes, null, options);
+    }
+    
+    /**
+     * Initialize a UrlValidator with the given validation options.
+     * @param authorityValidator Regular expression validator used to validate the authority part
+     * This allows the user to override the standard set of domains.
+     * @param options Validation options. Set using the public constants of this class.
+     * To set multiple options, simply add them together:
+     * <p><code>ALLOW_2_SLASHES + NO_FRAGMENTS</code></p>
+     * enables both of those options.
+     */
+    public UrlValidator(RegexValidator authorityValidator, long options) {
+        this(null, authorityValidator, options);
+    }
+    
+    /**
+     * Customizable constructor. Validation behavior is modifed by passing in options.
+     * @param schemes the set of valid schemes. Ignored if the ALLOW_ALL_SCHEMES option is set.
+     * @param authorityValidator Regular expression validator used to validate the authority part
+     * @param options Validation options. Set using the public constants of this class.
+     * To set multiple options, simply add them together:
+     * <p><code>ALLOW_2_SLASHES + NO_FRAGMENTS</code></p>
+     * enables both of those options.
+     */
+    public UrlValidator(String[] schemes, RegexValidator authorityValidator, long options) {
+        this.options = options;
+        
+        if (isOn(ALLOW_ALL_SCHEMES)) {
+            allowedSchemes = Collections.emptySet();
+        } else {
+            if (schemes == null) {
+                schemes = DEFAULT_SCHEMES;
+            }
+            allowedSchemes = new HashSet<String>(schemes.length);
+            for(int i=0; i < schemes.length; i++) {
+                allowedSchemes.add(schemes[i].toLowerCase(Locale.ENGLISH));
+            }
+        }
+        
+        this.authorityValidator = authorityValidator;
+    }
+    
+    /**
+     * <p>Checks if a field has a valid url address.</p>
+     *
+     * Note that the method calls #isValidAuthority()
+     * which checks that the domain is valid.
+     *
+     * @param value The value validation is being performed on.  A <code>null</code>
+     * value is considered invalid.
+     * @return true if the url is valid.
+     */
+    public boolean isValid(String value) {
+        if (value == null) {
+            return false;
+        }
+        
+        // Check the whole url address structure
+        Matcher urlMatcher = URL_PATTERN.matcher(value);
+        if (!urlMatcher.matches()) {
+            return false;
+        }
+        
+        String scheme = urlMatcher.group(PARSE_URL_SCHEME);
+        if (!isValidScheme(scheme)) {
+            return false;
+        }
+        
+        String authority = urlMatcher.group(PARSE_URL_AUTHORITY);
+        if ("file".equals(scheme)) {// Special case - file: allows an empty authority
+            if (authority != null) {
+                if (authority.contains(":")) { // but cannot allow trailing :
+                    return false;
+                }
+            }
+            // drop through to continue validation
+        } else { // not file:
+            // Validate the authority
+            if (!isValidAuthority(authority)) {
+                return false;
+            }
+        }
+        
+        if (!isValidPath(urlMatcher.group(PARSE_URL_PATH))) {
+            return false;
+        }
+        
+        if (!isValidQuery(urlMatcher.group(PARSE_URL_QUERY))) {
+            return false;
+        }
+        
+        if (!isValidFragment(urlMatcher.group(PARSE_URL_FRAGMENT))) {
+            return false;
+        }
+        
+        return true;
+    }
+    
+    /**
+     * Validate scheme. If schemes[] was initialized to a non null,
+     * then only those schemes are allowed.
+     * Otherwise the default schemes are "http", "https", "ftp".
+     * Matching is case-blind.
+     * @param scheme The scheme to validate.  A <code>null</code> value is considered
+     * invalid.
+     * @return true if valid.
+     */
+    protected boolean isValidScheme(String scheme) {
+        if (scheme == null) {
+            return false;
+        }
+        
+        // TODO could be removed if external schemes were checked in the ctor before being stored
+        if (!SCHEME_PATTERN.matcher(scheme).matches()) {
+            return false;
+        }
+        
+        if (isOff(ALLOW_ALL_SCHEMES) && !allowedSchemes.contains(scheme.toLowerCase(Locale.ENGLISH))) {
+            return false;
+        }
+        
+        return true;
+    }
+    
+    /**
+     * Returns true if the authority is properly formatted.  An authority is the combination
+     * of hostname and port.  A <code>null</code> authority value is considered invalid.
+     * Note: this implementation validates the domain unless a RegexValidator was provided.
+     * If a RegexValidator was supplied and it matches, then the authority is regarded
+     * as valid with no further checks, otherwise the method checks against the
+     * AUTHORITY_PATTERN and the DomainValidator (ALLOW_LOCAL_URLS)
+     * @param authority Authority value to validate, alllows IDN
+     * @return true if authority (hostname and port) is valid.
+     */
+    protected boolean isValidAuthority(String authority) {
+        if (authority == null) {
+            return false;
+        }
+        
+        // check manual authority validation if specified
+        if (authorityValidator != null && authorityValidator.isValid(authority)) {
+            return true;
+        }
+        // convert to ASCII if possible
+        final String authorityASCII = DomainValidator.unicodeToASCII(authority);
+        
+        Matcher authorityMatcher = AUTHORITY_PATTERN.matcher(authorityASCII);
+        if (!authorityMatcher.matches()) {
+            return false;
+        }
+        
+        // We have to process IPV6 separately because that is parsed in a different group
+        String ipv6 = authorityMatcher.group(PARSE_AUTHORITY_IPV6);
+        if (ipv6 != null) {
+            InetAddressValidator inetAddressValidator = InetAddressValidator.getInstance();
+            if (!inetAddressValidator.isValidInet6Address(ipv6)) {
+                return false;
+            }
+        } else {
+            String hostLocation = authorityMatcher.group(PARSE_AUTHORITY_HOST_IP);
+            // check if authority is hostname or IP address:
+            // try a hostname first since that's much more likely
+            DomainValidator domainValidator = DomainValidator.getInstance(isOn(ALLOW_LOCAL_URLS));
+            if (!domainValidator.isValid(hostLocation)) {
+                // try an IPv4 address
+                InetAddressValidator inetAddressValidator = InetAddressValidator.getInstance();
+                if (!inetAddressValidator.isValidInet4Address(hostLocation)) {
+                    // isn't IPv4, so the URL is invalid
+                    return false;
+                }
+            }
+            String port = authorityMatcher.group(PARSE_AUTHORITY_PORT);
+            if (port != null && port.length() > 0) {
+                try {
+                    int iPort = Integer.parseInt(port);
+                    if (iPort < 0 || iPort > MAX_UNSIGNED_16_BIT_INT) {
+                        return false;
+                    }
+                } catch (NumberFormatException nfe) {
+                    return false; // this can happen for big numbers
+                }
+            }
+        }
+        
+        String extra = authorityMatcher.group(PARSE_AUTHORITY_EXTRA);
+        if (extra != null && extra.trim().length() > 0){
+            return false;
+        }
+        
+        return true;
+    }
+    
+    /**
+     * Returns true if the path is valid.  A <code>null</code> value is considered invalid.
+     * @param path Path value to validate.
+     * @return true if path is valid.
+     */
+    protected boolean isValidPath(String path) {
+        if (path == null) {
+            return false;
+        }
+        
+        if (!PATH_PATTERN.matcher(path).matches()) {
+            return false;
+        }
+        
+        try {
+            URI uri = new URI(null,null,path,null);
+            String norm = uri.normalize().getPath();
+            if (norm.startsWith("/../") // Trying to go via the parent dir 
+                    || norm.equals("/..")) {   // Trying to go to the parent dir
+                return false;
+            }
+        } catch (URISyntaxException e) {
+            return false;
+        }
+        
+        int slash2Count = countToken("//", path);
+        if (isOff(ALLOW_2_SLASHES) && (slash2Count > 0)) {
+            return false;
+        }
+        
+        return true;
+    }
+    
+    /**
+     * Returns true if the query is null or it's a properly formatted query string.
+     * @param query Query value to validate.
+     * @return true if query is valid.
+     */
+    protected boolean isValidQuery(String query) {
+        if (query == null) {
+            return true;
+        }
+        
+        return QUERY_PATTERN.matcher(query).matches();
+    }
+    
+    /**
+     * Returns true if the given fragment is null or fragments are allowed.
+     * @param fragment Fragment value to validate.
+     * @return true if fragment is valid.
+     */
+    protected boolean isValidFragment(String fragment) {
+        if (fragment == null) {
+            return true;
+        }
+        
+        return isOff(NO_FRAGMENTS);
+    }
+    
+    /**
+     * Returns the number of times the token appears in the target.
+     * @param token Token value to be counted.
+     * @param target Target value to count tokens in.
+     * @return the number of tokens.
+     */
+    protected int countToken(String token, String target) {
+        int tokenIndex = 0;
+        int count = 0;
+        while (tokenIndex != -1) {
+            tokenIndex = target.indexOf(token, tokenIndex);
+            if (tokenIndex > -1) {
+                tokenIndex++;
+                count++;
+            }
+        }
+        return count;
+    }
+    
+    /**
+     * Tests whether the given flag is on.  If the flag is not a power of 2
+     * (ie. 3) this tests whether the combination of flags is on.
+     *
+     * @param flag Flag value to check.
+     *
+     * @return whether the specified flag value is on.
+     */
+    private boolean isOn(long flag) {
+        return (options & flag) > 0;
+    }
+    
+    /**
+     * Tests whether the given flag is off.  If the flag is not a power of 2
+     * (ie. 3) this tests whether the combination of flags is off.
+     *
+     * @param flag Flag value to check.
+     *
+     * @return whether the specified flag value is off.
+     */
+    private boolean isOff(long flag) {
+        return (options & flag) == 0;
+    }
+    
+    // Unit test access to pattern matcher
+    Matcher matchURL(String value) {
+        return URL_PATTERN.matcher(value);
+    }
+}
diff --git a/core/src/main/java/jenkins/util/UrlHelper.java b/core/src/main/java/jenkins/util/UrlHelper.java
new file mode 100644
index 0000000000..21fff86a35
--- /dev/null
+++ b/core/src/main/java/jenkins/util/UrlHelper.java
@@ -0,0 +1,58 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.util;
+
+import jenkins.org.apache.commons.validator.routines.UrlValidator;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+
+import java.net.MalformedURLException;
+import java.net.URL;
+
+@Restricted(NoExternalUse.class)
+public class UrlHelper {
+    public static boolean isValidRootUrl(String url) {
+        String[] schemes = {"http", "https"};
+        // option to accept url like http://localhost or http://SERVER_JENKINS that are often used inside company's network
+        UrlValidator validator = new UrlValidator(schemes, UrlValidator.ALLOW_LOCAL_URLS + UrlValidator.NO_FRAGMENTS);
+        boolean isValid = validator.isValid(url);
+        if (!isValid) {
+            // potentially it contains _'s in hostname which seems accepted but not by the UrlValidator
+            // https://issues.apache.org/jira/browse/VALIDATOR-358
+            try {
+                URL urlObject = new URL(url);
+                String host = urlObject.getHost();
+                if (host.contains("_")) {
+                    String hostWithoutUnderscore = host.replace("_", "");
+                    String modifiedUrl = url.replace(host, hostWithoutUnderscore);
+                    isValid = validator.isValid(modifiedUrl);
+                }
+            } catch (MalformedURLException e) {
+                return false;
+            }
+        }
+        
+        return isValid;
+    }
+}
diff --git a/core/src/main/resources/jenkins/diagnostics/Messages.properties b/core/src/main/resources/jenkins/diagnostics/Messages.properties
index 38362ae234..6eb87fc358 100644
--- a/core/src/main/resources/jenkins/diagnostics/Messages.properties
+++ b/core/src/main/resources/jenkins/diagnostics/Messages.properties
@@ -1,3 +1,4 @@
 CompletedInitializationMonitor.DisplayName=Jenkins Initialization Monitor
 SecurityIsOffMonitor.DisplayName=Disabled Security
 URICheckEncodingMonitor.DisplayName=Check URI Encoding
+RootUrlNotSetMonitor.DisplayName=Root URL not configured Monitor
diff --git a/core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message.jelly b/core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message.jelly
new file mode 100644
index 0000000000..f5abad1054
--- /dev/null
+++ b/core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message.jelly
@@ -0,0 +1,36 @@
+<!--
+The MIT License
+
+Copyright (c) 2018, CloudBees, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core">
+  <div class="alert alert-warning">
+    <j:choose>
+      <j:when test="${it.isUrlNull()}">
+        ${%urlIsNull(rootURL)}
+      </j:when>
+      <j:otherwise>
+        ${%urlIsInvalid(rootURL)}
+      </j:otherwise>
+    </j:choose>
+  </div>
+</j:jelly>
diff --git a/core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message.properties b/core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message.properties
new file mode 100644
index 0000000000..cd972c3d69
--- /dev/null
+++ b/core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message.properties
@@ -0,0 +1,6 @@
+urlIsNull=Jenkins root URL is empty but is required for the proper operation of many Jenkins features like email notifications, \
+PR status update, and environment variables such as <code>BUILD_URL</code>.<br />\
+Please provide an accurate value in <a href="{0}/configure">Jenkins configuration</a>.
+urlIsInvalid=Jenkins root URL seems to be invalid. It is required for the proper operation of many Jenkins features like email notifications, \
+PR status update, and environment variables such as <code>BUILD_URL</code>.<br />\
+Please provide an accurate value in <a href="{0}/configure">Jenkins configuration</a>.
diff --git a/core/src/main/resources/jenkins/install/Messages.properties b/core/src/main/resources/jenkins/install/Messages.properties
new file mode 100644
index 0000000000..52b1b94367
--- /dev/null
+++ b/core/src/main/resources/jenkins/install/Messages.properties
@@ -0,0 +1,24 @@
+# The MIT License
+# 
+# Copyright 2018 CloudBees, Inc.
+# 
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+# 
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+SetupWizard_ConfigureInstance_ValidationErrors=Some settings are invalid. See the error messages for details.
+SetupWizard_ConfigureInstance_RootUrl_Empty=The URL cannot be empty
+SetupWizard_ConfigureInstance_RootUrl_Invalid=The URL is invalid, please ensure you are using http:// or https:// with a valid domain.
diff --git a/core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance.jelly b/core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance.jelly
new file mode 100644
index 0000000000..0a0b2f5b69
--- /dev/null
+++ b/core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance.jelly
@@ -0,0 +1,122 @@
+<!--
+The MIT License
+
+Copyright (c) 2018, CloudBees, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:s="/lib/form">
+
+  <l:layout norefresh="true" type="full-screen" title="${it.displayName}">
+    <l:main-panel>
+      <link rel="stylesheet" href="${resURL}/css/google-fonts/roboto/css/roboto.css" type="text/css" />
+      <style type="text/css">
+        #configure-instance {
+          padding: 20px 100px 20px 100px;
+          margin: 8px;
+        }
+
+        #configure-instance form > div {
+          margin: 0 !important;
+        }
+
+        #configure-instance h1 {
+          font-family: 'roboto', sans-serif;
+          font-size: 48px;
+          margin-top: 30px;
+          font-weight: 500;
+        }
+
+        #configure-instance tr td {
+          padding-bottom: 2px;
+        }
+
+        #configure-instance tr td, #configure-instance input {
+          line-height: 25px;
+          margin-bottom: 6px;
+        }
+
+        #configure-instance input[type=text], #configure-instance input[type=password] {
+          border: 1px solid #ddd;
+          border-radius: 2px;
+          padding: 1px 8px;
+        }
+
+        #configure-instance tr.has-error label{
+          color: #CC0000;
+        }
+        
+        #configure-instance tr.has-error td input[type=text], 
+        #configure-instance tr.has-error td input[type=password],
+        #configure-instance tr.has-error td textarea {
+          border-color: #CC0000;
+          background-color: #fdeaea;
+        }
+        
+        #configure-instance tr td .help-text{
+          color: #999;
+          font-size: 12px;
+        }
+  
+        #configure-instance tr td .error-panel{
+          display: none;
+        }
+        #configure-instance tr.has-error td .error-panel{
+          display: block;
+        }
+      </style>
+
+     <div id="configure-instance">
+       <form action="${rootURL}/setupWizard/configureInstance" method="post">
+          <h1>${%Instance Configuration}</h1>
+          <div style="margin: 2em;">
+            <table>
+            <tr>
+              <td><label for="root-url">${%Jenkins URL}:</label></td>
+              <td>
+                <input type="text" name="rootUrl" id="root-url" class="root-url" value="" />
+                <div class="error-panel error" />
+              </td>
+            </tr>
+            <tr>
+              <td colspan="2">
+                <div class="help-text">${%jenkinsURL_help}</div>
+              </td>
+            </tr>
+            </table>
+          </div>
+         <script>
+            $('root-url').focus();
+            (function setInitialRootUrlFieldValue(){
+              var iframeUrl = window.location.href;
+              var iframeRelativeUrl = '/setupWizard/setupWizardConfigureInstance';
+              var rootUrl = iframeUrl.substr(0, iframeUrl.length - iframeRelativeUrl.length);
+              // to keep only the root url
+              var rootUrlField = $('root-url');
+              rootUrlField.value = rootUrl
+              // to adjust the width of the input,
+              rootUrlField.size = Math.min(50, rootUrl.length);
+            })();
+          </script>
+        </form>
+     </div>
+    </l:main-panel>
+  </l:layout>
+</j:jelly>
diff --git a/core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance.properties b/core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance.properties
new file mode 100644
index 0000000000..4d08f82ba2
--- /dev/null
+++ b/core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance.properties
@@ -0,0 +1,6 @@
+Instance\ Configuration=Instance Configuration
+Jenkins\ URL=Jenkins URL
+jenkinsURL_help=The Jenkins URL is used to provide the root URL for absolute links to various Jenkins resources. \
+That means this value is required for proper operation of many Jenkins features including email notifications, PR status updates, and the <code>BUILD_URL</code> environment variable provided to build steps.<br />\
+The proposed default value shown is <strong>not saved yet</strong> and is generated from the current request, if possible. \
+The best practice is to set this value to the URL that users are expected to use.  This will avoid confusion when sharing or viewing links.
diff --git a/core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance_fr.properties b/core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance_fr.properties
new file mode 100644
index 0000000000..7c8aae3d61
--- /dev/null
+++ b/core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance_fr.properties
@@ -0,0 +1,2 @@
+Instance\ Configuration=Configuration de l''instance
+Jenkins\ URL=Jenkins URL
diff --git a/core/src/main/resources/jenkins/install/SetupWizard/setupWizardFirstUser.jelly b/core/src/main/resources/jenkins/install/SetupWizard/setupWizardFirstUser.jelly
index 788b353a9e..96e972b9ca 100644
--- a/core/src/main/resources/jenkins/install/SetupWizard/setupWizardFirstUser.jelly
+++ b/core/src/main/resources/jenkins/install/SetupWizard/setupWizardFirstUser.jelly
@@ -7,7 +7,7 @@
       <style type="text/css">
 
         #create-admin-user {
-          padding: 20px 20px 20px 100px;
+          padding: 20px 100px 20px 100px;
           margin: 8px;
         }
 
@@ -44,7 +44,7 @@
           <script>
             $('username').focus();
           </script>
-        </form>
+       </form>
      </div>
     </l:main-panel>
   </l:layout>
diff --git a/core/src/main/resources/jenkins/install/SetupWizard/setupWizardFirstUser.properties b/core/src/main/resources/jenkins/install/SetupWizard/setupWizardFirstUser.properties
index 75ce472514..09f5e00b60 100644
--- a/core/src/main/resources/jenkins/install/SetupWizard/setupWizardFirstUser.properties
+++ b/core/src/main/resources/jenkins/install/SetupWizard/setupWizardFirstUser.properties
@@ -1 +1 @@
-Create\ First\ Admin\ User=Create First Admin User
\ No newline at end of file
+Create\ First\ Admin\ User=Create First Admin User
diff --git a/core/src/main/resources/jenkins/install/SetupWizard/setupWizardFirstUser_fr.properties b/core/src/main/resources/jenkins/install/SetupWizard/setupWizardFirstUser_fr.properties
index 3769685377..b7d549f559 100644
--- a/core/src/main/resources/jenkins/install/SetupWizard/setupWizardFirstUser_fr.properties
+++ b/core/src/main/resources/jenkins/install/SetupWizard/setupWizardFirstUser_fr.properties
@@ -1 +1 @@
-Create\ First\ Admin\ User=Cr\u00e9er le 1er utilisateur Administrateur
\ No newline at end of file
+Create\ First\ Admin\ User=Cr\u00e9er le 1er utilisateur Administrateur
diff --git a/core/src/main/resources/jenkins/install/pluginSetupWizard.properties b/core/src/main/resources/jenkins/install/pluginSetupWizard.properties
index ff6ff7e931..1a682d15d6 100644
--- a/core/src/main/resources/jenkins/install/pluginSetupWizard.properties
+++ b/core/src/main/resources/jenkins/install/pluginSetupWizard.properties
@@ -41,13 +41,23 @@ installWizard_installIncomplete_title=Resume Installation
 installWizard_installIncomplete_banner=Resume Installation
 installWizard_installIncomplete_message=Jenkins was restarted during installation and some plugins did not seem to get installed.
 installWizard_installIncomplete_resumeInstallationButtonLabel=Resume
-installWizard_saveFirstUser=Save and Finish
+installWizard_saveFirstUser=Save and Continue
 installWizard_skipFirstUser=Continue as admin
 installWizard_firstUserSkippedMessage=<div class="alert alert-warning fade in">\
-You have skipped creating an admin user. To log in, use the username: "admin" and \
-the administrator password you used to access the setup wizard.\
+You have skipped the <strong>setup of an admin user</strong>. <br /><br />\
+To log in, use the username: "admin" and the administrator password you used to access the setup wizard.\
 </div>
 installWizard_addFirstUser_title=Getting Started
+
+# instance configuration page
+installWizard_configureInstance_title=Instance Configuration
+installWizard_saveConfigureInstance=Save and Finish
+installWizard_skipConfigureInstance=Not now
+installWizard_configureInstanceSkippedMessage=<div class="alert alert-warning fade in">\
+You have skipped the configuration of the Jenkins URL. <br/><br/>\
+To configure the Jenkins URL, go to "Manage Jenkins" page.\
+</div>
+
 installWizard_configureProxy_label=Configure Proxy
 installWizard_configureProxy_save=Save and Continue
 installWizard_gettingStarted_title=Getting Started
diff --git a/core/src/main/resources/jenkins/install/pluginSetupWizard_fr.properties b/core/src/main/resources/jenkins/install/pluginSetupWizard_fr.properties
index 9f95c1be1f..ceea5e32f9 100644
--- a/core/src/main/resources/jenkins/install/pluginSetupWizard_fr.properties
+++ b/core/src/main/resources/jenkins/install/pluginSetupWizard_fr.properties
@@ -13,7 +13,7 @@ installWizard_offline_message=Cette instance Jenkins a l\'air d\'\u00eatre hors-
 Pour des informations relatives \u00e0 l\'installation de Jenkins sans acc\u00e8s Internet, voir la \
 <a href="https://jenkins.io/redirect/offline-installation" target="_blank">Documentation \
 d'Installation hors-ligne de Jenkins</a>. <br/><br/> \
-Vous pouvez continuer en configurant un serveur proxy ou en sautant l\'installation des plugins. \
+Vous pouvez continuer en configurant un serveur proxy ou en passant l\'installation des plugins. \
 </p>
 installWizard_error_header=Une erreur est survenue
 installWizard_error_message=Une erreur est survenue durant l\'installation:
@@ -31,7 +31,6 @@ installWizard_goBack=Retour
 installWizard_goInstall=Installer
 installWizard_installing_title=Installation en cours...
 installWizard_installing_detailsLink=D\u00e9tails...
-installWizard_installComplete_title=D\u00e9marrage
 installWizard_installComplete_banner=Jenkins est pr\u00eat !
 installWizard_pluginsInstalled_message=L\'installation de vos plugins est termin\u00e9e.
 installWizard_installComplete_message=L\'installation de votre Jenkins est termin\u00e9e.
@@ -43,16 +42,27 @@ installWizard_installIncomplete_banner=Reprendre l\'installation
 installWizard_installIncomplete_message=Jenkins a \u00e9t\u00e9 red\u00e9marr\u00e9 durant l\'installation et \
 certains plugins n\'ont pas l\'air d\'avoir \u00e9t\u00e9 install\u00e9s.
 installWizard_installIncomplete_resumeInstallationButtonLabel=Reprendre
-installWizard_saveFirstUser=Sauver et Terminer
+installWizard_saveFirstUser=Sauver et continuer
 installWizard_skipFirstUser=Continuer en tant qu\'Administrateur
 installWizard_firstUserSkippedMessage=<div class="alert alert-warning fade in">\
-Vous avez saut\u00e9 la cr\u00e9ation d\'un utilisateur administrateur. Pour vous connecter, \
-utiliser le login: 'admin' et le mot de passe administrateur que vous avez utilis\u00e9 pour acc\u00e9der au \
+Vous avez pass\u00e9 la <strong>cr\u00e9ation d\'un utilisateur administrateur</strong>. <br /><br />\
+Pour vous connecter, utilisez le login : "admin" et le mot de passe administrateur que vous avez utilis\u00e9 pour acc\u00e9der au \
 wizard d\'installation.</div>
 installWizard_addFirstUser_title=D\u00e9marrage
+
+# instance configuration page
+installWizard_configureInstance_title=D\u00e9marrage
+installWizard_configureInstanceSkippedMessage=<div class="alert alert-warning fade in">\
+Vous avez pass\u00e9 la <strong>configuration de l\'instance</strong>. <br /><br /> \
+Vous pouvez toujours vous rendre sur les pages de configuration pour remplir les informations qui pourraient manquer.\
+</div>
+installWizard_saveConfigureInstance=Sauver et terminer
+installWizard_skipConfigureInstance=Passer cette \u00e9tape et terminer
+
+installWizard_installComplete_title=D\u00e9marrage
 installWizard_configureProxy_label=Configurer le serveur Proxy
-installWizard_configureProxy_save=Sauver et Continuer
-installWizard_skipPluginInstallations=Sauter l\'installation des plugins
+installWizard_configureProxy_save=Sauver et continuer
+installWizard_skipPluginInstallations=Passer l\'installation des plugins
 installWizard_installIncomplete_dependenciesLabel=D\u00e9pendances
 installWizard_installingConsole_dependencyIndicatorNote=** - d\u00e9pendance requise
 installWizard_retry=R\u00e9essayer
diff --git a/core/src/test/java/jenkins/util/UrlHelperTest.java b/core/src/test/java/jenkins/util/UrlHelperTest.java
new file mode 100644
index 0000000000..6d4cad2481
--- /dev/null
+++ b/core/src/test/java/jenkins/util/UrlHelperTest.java
@@ -0,0 +1,44 @@
+package jenkins.util;
+
+import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+@Issue("JENKINS-31661")
+public class UrlHelperTest {
+
+    @Test
+    public void isValid() {
+        assertTrue(UrlHelper.isValidRootUrl("http://www.google.com"));
+        assertTrue(UrlHelper.isValidRootUrl("http://www.google.com/jenkins"));
+        assertTrue(UrlHelper.isValidRootUrl("http://www.google.com:8080"));
+        assertTrue(UrlHelper.isValidRootUrl("http://www.google.com:8080/jenkins"));
+        assertTrue(UrlHelper.isValidRootUrl("https://www.google.com:8080/jenkins"));
+        assertTrue(UrlHelper.isValidRootUrl("http://localhost:8080/jenkins"));
+        assertTrue(UrlHelper.isValidRootUrl("http://my_server:8080/jenkins"));
+        assertTrue(UrlHelper.isValidRootUrl("http://MY_SERVER_IN_PRIVATE_NETWORK:8080/jenkins"));
+        assertTrue(UrlHelper.isValidRootUrl("http://jenkins"));
+        
+        assertFalse(UrlHelper.isValidRootUrl("http://jenkins::"));
+        assertFalse(UrlHelper.isValidRootUrl("http://jenkins::80"));
+        assertFalse(UrlHelper.isValidRootUrl("http//jenkins"));
+        
+        assertFalse(UrlHelper.isValidRootUrl("com."));
+        assertFalse(UrlHelper.isValidRootUrl("http:// "));
+        
+        // examples not passing with a simple `new URL(url).toURI()` check
+        assertFalse(UrlHelper.isValidRootUrl("http://jenkins//context"));
+        assertFalse(UrlHelper.isValidRootUrl("http:/jenkins"));
+        assertFalse(UrlHelper.isValidRootUrl("http://.com"));
+        assertFalse(UrlHelper.isValidRootUrl("http://com."));
+        assertFalse(UrlHelper.isValidRootUrl("http:/:"));
+        assertFalse(UrlHelper.isValidRootUrl("http://..."));
+        assertFalse(UrlHelper.isValidRootUrl("http://::::@example.com"));
+        assertFalse(UrlHelper.isValidRootUrl("ftp://jenkins"));
+        // this url will be used as a root url and so will be concatenated with other part, fragments are not allowed
+        assertFalse(UrlHelper.isValidRootUrl("http://jenkins#fragment"));
+    }
+
+}
\ No newline at end of file
diff --git a/test/src/test/java/jenkins/diagnostics/RootUrlNotSetMonitorTest.java b/test/src/test/java/jenkins/diagnostics/RootUrlNotSetMonitorTest.java
new file mode 100644
index 0000000000..e309217f08
--- /dev/null
+++ b/test/src/test/java/jenkins/diagnostics/RootUrlNotSetMonitorTest.java
@@ -0,0 +1,64 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.diagnostics;
+
+import hudson.model.AdministrativeMonitor;
+import jenkins.model.JenkinsLocationConfiguration;
+import org.apache.commons.lang.StringUtils;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+public class RootUrlNotSetMonitorTest {
+    
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+    
+    @Test
+    @Issue("JENKINS-31661")
+    public void testWithRootUrl_configured() {
+        // test relies on the default JTH behavior
+        JenkinsLocationConfiguration config = JenkinsLocationConfiguration.get();
+        assertTrue(StringUtils.isNotBlank(config.getUrl()));
+        
+        RootUrlNotSetMonitor monitor = j.jenkins.getExtensionList(AdministrativeMonitor.class).get(RootUrlNotSetMonitor.class);
+        assertFalse("Monitor must not be activated", monitor.isActivated());
+    
+        config.setUrl(null);
+    
+        assertTrue("Monitor must be activated", monitor.isActivated());
+    
+        config.setUrl("ftp://localhost:8080/jenkins");
+    
+        assertTrue("Monitor must be activated", monitor.isActivated());
+    
+        config.setUrl("http://localhost:8080/jenkins");
+        
+        assertFalse("Monitor must be activated", monitor.isActivated());
+    }
+}
diff --git a/war/src/main/js/api/securityConfig.js b/war/src/main/js/api/securityConfig.js
index 0741043d49..358e86c7ef 100644
--- a/war/src/main/js/api/securityConfig.js
+++ b/war/src/main/js/api/securityConfig.js
@@ -9,10 +9,25 @@ var jenkins = require('../util/jenkins');
  */
 exports.saveFirstUser = function($form, success, error) {
 	jenkins.staplerPost(
-			'/setupWizard/createAdminUser',
+		'/setupWizard/createAdminUser',
 		$form,
 		function(response) {
-        		var crumbRequestField = response.data.crumbRequestField;
+			var crumbRequestField = response.data.crumbRequestField;
+			if (crumbRequestField) {
+				require('window-handle').getWindow().crumb.init(crumbRequestField, response.data.crumb);
+			}
+			success(response);
+		}, {
+			error: error
+		});
+};
+
+exports.saveConfigureInstance = function($form, success, error){
+	jenkins.staplerPost(
+		'/setupWizard/configureInstance',
+		$form,
+		function(response) {
+			var crumbRequestField = response.data.crumbRequestField;
 			if (crumbRequestField) {
 				require('window-handle').getWindow().crumb.init(crumbRequestField, response.data.crumb);
 			}
@@ -27,7 +42,7 @@ exports.saveFirstUser = function($form, success, error) {
  */
 exports.saveProxy = function($form, success, error) {
 	jenkins.staplerPost(
-			'/pluginManager/proxyConfigure',
+		'/pluginManager/proxyConfigure',
 		$form,
 		success, {
 			dataType: 'html',
diff --git a/war/src/main/js/pluginSetupWizardGui.js b/war/src/main/js/pluginSetupWizardGui.js
index 2a97ce5b34..6289591393 100644
--- a/war/src/main/js/pluginSetupWizardGui.js
+++ b/war/src/main/js/pluginSetupWizardGui.js
@@ -114,6 +114,7 @@ var createPluginSetupWizard = function(appendTarget) {
 	var setupCompletePanel = require('./templates/setupCompletePanel.hbs');
 	var proxyConfigPanel = require('./templates/proxyConfigPanel.hbs');
 	var firstUserPanel = require('./templates/firstUserPanel.hbs');
+	var configureInstancePanel = require('./templates/configureInstance.hbs');
 	var offlinePanel = require('./templates/offlinePanel.hbs');
 	var pluginSetupWizard = require('./templates/pluginSetupWizard.hbs');
 	var incompleteInstallationPanel = require('./templates/incompleteInstallationPanel.hbs');
@@ -418,9 +419,38 @@ var createPluginSetupWizard = function(appendTarget) {
 		});
 	};
 	
+	var enableButtonsImmediately = function() {
+		$('button').prop({disabled:false});
+	};
+	
+	// errors: Map of nameOfField to errorMessage
+	var displayErrors = function(iframe, errors) {
+		if(!errors){
+			return;
+		}
+		var errorKeys = Object.keys(errors);
+		if(!errorKeys.length){
+			return;
+		}
+		var $iframeDoc = $(iframe).contents();
+		for(var i = 0; i < errorKeys.length; i++){
+			var name = errorKeys[i];
+			var message = errors[name];
+			var $inputField = $iframeDoc.find('[name="' + name +'"]');
+			var $tr = $inputField.parentsUntil('tr').parent();
+			var $errorPanel = $tr.find('.error-panel');
+			$tr.addClass('has-error');
+			$errorPanel.text(message);
+		}
+	};
+	
 	var setupFirstUser = function() {
 		setPanel(firstUserPanel, {}, enableButtonsAfterFrameLoad);
 	};
+	
+	var showConfigureInstance = function(messages) {
+		setPanel(configureInstancePanel, messages, enableButtonsAfterFrameLoad);
+	};
 
 	var showSetupCompletePanel = function(messages) {
 		pluginManager.getRestartStatus(function(restartStatus) {
@@ -436,6 +466,7 @@ var createPluginSetupWizard = function(appendTarget) {
 			$('.install-recommended').focus();
 		},
 		CREATE_ADMIN_USER: function() { setupFirstUser(); },
+		CONFIGURE_INSTANCE: function() { showConfigureInstance(); },
 		RUNNING: function() { showSetupCompletePanel(); },
 		INITIAL_SETUP_COMPLETED: function() { showSetupCompletePanel(); },
 		INITIAL_PLUGINS_INSTALLING: function() { showInstallProgress(); }
@@ -897,17 +928,76 @@ var createPluginSetupWizard = function(appendTarget) {
 		doc.close();
 		$('button').prop({disabled:false});
 	};
-	
-	// call to submit the firstuser
+
+	// call to submit the first user
 	var saveFirstUser = function() {
 		$('button').prop({disabled:true});
 		var $form = $('iframe#setup-first-user').contents().find('form:not(.no-json)');
 		securityConfig.saveFirstUser($form, handleFirstUserResponseSuccess, handleFirstUserResponseError);
 	};
 
+	var firstUserSkipped = false;
 	var skipFirstUser = function() {
 		$('button').prop({disabled:true});
-		showSetupCompletePanel({message: translations.installWizard_firstUserSkippedMessage});
+		firstUserSkipped = true;
+		showConfigureInstance();
+	};
+	
+	var handleConfigureInstanceResponseSuccess = function (data) {
+		if (data.status === 'ok') {
+			if(firstUserSkipped){
+				var message = translations.installWizard_firstUserSkippedMessage;
+				showSetupCompletePanel({message: message});
+			}else{
+				showStatePanel();
+			}
+		} else {
+			var errors = data.data;
+			setPanel(configureInstancePanel, {}, function(){
+				enableButtonsImmediately();
+				displayErrors($('iframe#setup-configure-instance'), errors);
+			});
+		}
+	};
+
+	var handleConfigureInstanceResponseError = function(res) {
+		// We're expecting a full HTML page to replace the form
+		// We can only replace the _whole_ iframe due to XSS rules
+		// https://stackoverflow.com/a/22913801/1117552
+		var responseText = res.responseText;
+		var $page = $(responseText);
+		var $main = $page.find('#main-panel').detach();
+		if($main.length > 0) {
+			responseText = responseText.replace(/body([^>]*)[>](.|[\r\n])+[<][/]body/,'body$1>'+$main.html()+'</body');
+		}
+		var doc = $('iframe#setup-configure-instance').contents()[0];
+		doc.open();
+		doc.write(responseText);
+		doc.close();
+		$('button').prop({disabled:false});
+	};
+	
+	var saveConfigureInstance = function() {
+		$('button').prop({disabled:true});
+		var $form = $('iframe#setup-configure-instance').contents().find('form:not(.no-json)');
+		securityConfig.saveConfigureInstance($form, handleConfigureInstanceResponseSuccess, handleConfigureInstanceResponseError);
+	};
+	
+	var skipFirstUserAndConfigureInstance = function(){
+		firstUserSkipped = true;
+		skipConfigureInstance();
+	};
+
+	var skipConfigureInstance = function() {
+		$('button').prop({disabled:true});
+		
+		var message = '';
+		if(firstUserSkipped){
+			message += translations.installWizard_firstUserSkippedMessage;
+		}
+		message += translations.installWizard_configureInstanceSkippedMessage;
+		
+		showSetupCompletePanel({message: message});
 	};
 	
 	// call to setup the proxy
@@ -1015,11 +1105,13 @@ var createPluginSetupWizard = function(appendTarget) {
 		'.plugin-select-recommended': function() { selectedPluginNames = pluginManager.recommendedPluginNames(); refreshPluginSelectionPanel(); },
 		'.plugin-show-selected': toggleSelectedSearch,
 		'.select-category': selectCategory,
-		'.close': skipFirstUser,
+		'.close': skipFirstUserAndConfigureInstance,
 		'.resume-installation': resumeInstallation,
 		'.install-done-restart': restartJenkins,
 		'.save-first-user:not([disabled])': saveFirstUser,
 		'.skip-first-user': skipFirstUser,
+		'.save-configure-instance:not([disabled])': saveConfigureInstance,
+		'.skip-configure-instance': skipConfigureInstance,
 		'.show-proxy-config': setupProxy,
 		'.save-proxy-config': saveProxyConfig,
 		'.skip-plugin-installs': function() { installPlugins([]); },
diff --git a/war/src/main/js/templates/configureInstance.hbs b/war/src/main/js/templates/configureInstance.hbs
new file mode 100644
index 0000000000..220cc56c5e
--- /dev/null
+++ b/war/src/main/js/templates/configureInstance.hbs
@@ -0,0 +1,18 @@
+<div class="modal-header">
+	<h4 class="modal-title">{{translations.installWizard_addFirstUser_title}}</h4>
+</div>
+<div class="modal-body">
+	<div class="jumbotron welcome-panel security-panel">
+		{{{message}}}
+
+		<iframe src="{{baseUrl}}/setupWizard/setupWizardConfigureInstance" id="setup-configure-instance"></iframe>
+	</div>
+</div>
+<div class="modal-footer">
+    <button type="button" class="btn btn-link skip-configure-instance" disabled>
+        {{translations.installWizard_skipConfigureInstance}}
+    </button>
+	<button type="button" class="btn btn-primary save-configure-instance" disabled>
+		{{translations.installWizard_saveConfigureInstance}}
+	</button>
+</div>
-- 
GitLab


From 6e037bfa39907faabf51a7ac44bcce41a4c7c7ff Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Thu, 26 Apr 2018 17:21:30 +0200
Subject: [PATCH 365/863] Cleanup since Javadoc tags

---
 core/src/main/java/hudson/FilePath.java                   | 2 +-
 core/src/main/java/hudson/model/AbstractItem.java         | 4 ++--
 .../main/java/hudson/model/ChoiceParameterDefinition.java | 4 ++--
 core/src/main/java/hudson/security/ACL.java               | 2 +-
 core/src/main/java/hudson/tools/ToolDescriptor.java       | 2 +-
 core/src/main/java/hudson/triggers/SafeTimerTask.java     | 2 +-
 core/src/main/java/hudson/util/FormValidation.java        | 2 +-
 core/src/main/java/hudson/util/HttpResponses.java         | 4 ++--
 core/src/main/java/hudson/util/TextFile.java              | 2 +-
 core/src/main/java/jenkins/security/s2m/ConfigFile.java   | 2 +-
 .../src/main/java/jenkins/slaves/RemotingVersionInfo.java | 3 +--
 core/src/main/java/jenkins/util/VirtualFile.java          | 8 ++++----
 core/src/main/java/jenkins/util/io/LinesStream.java       | 2 +-
 core/src/main/resources/lib/layout/layout.jelly           | 2 +-
 .../model/JenkinsBuildsAndWorkspacesDirectoriesTest.java  | 2 --
 15 files changed, 20 insertions(+), 23 deletions(-)

diff --git a/core/src/main/java/hudson/FilePath.java b/core/src/main/java/hudson/FilePath.java
index 49f6037655..5f5cddd6ab 100644
--- a/core/src/main/java/hudson/FilePath.java
+++ b/core/src/main/java/hudson/FilePath.java
@@ -907,7 +907,7 @@ public final class FilePath implements Serializable {
     /**
      * Copies the content of a URL to a remote file.
      * Unlike {@link #copyFrom} this will not transfer content over a Remoting channel.
-     * @since FIXME
+     * @since 2.119
      */
     @Restricted(Beta.class)
     public void copyFromRemotely(URL url) throws IOException, InterruptedException {
diff --git a/core/src/main/java/hudson/model/AbstractItem.java b/core/src/main/java/hudson/model/AbstractItem.java
index ffc627405d..9740880c0d 100644
--- a/core/src/main/java/hudson/model/AbstractItem.java
+++ b/core/src/main/java/hudson/model/AbstractItem.java
@@ -240,7 +240,7 @@ public abstract class AbstractItem extends Actionable implements Item, HttpDelet
      * @return whether {@link #name} can be modified by a user
      * @see #checkRename
      * @see #renameTo
-     * @since FIXME
+     * @since 2.110
      */
     public boolean isNameEditable() {
         return false;
@@ -335,7 +335,7 @@ public abstract class AbstractItem extends Actionable implements Item, HttpDelet
      *
      * @param newName the new name for the item
      * @throws Failure if the rename should be blocked
-     * @since FIXME
+     * @since 2.110
      * @see Job#checkRename
      */
     protected void checkRename(@Nonnull String newName) throws Failure {
diff --git a/core/src/main/java/hudson/model/ChoiceParameterDefinition.java b/core/src/main/java/hudson/model/ChoiceParameterDefinition.java
index d5b6000591..9ea1415362 100644
--- a/core/src/main/java/hudson/model/ChoiceParameterDefinition.java
+++ b/core/src/main/java/hudson/model/ChoiceParameterDefinition.java
@@ -61,7 +61,7 @@ public class ChoiceParameterDefinition extends SimpleParameterDefinition {
      * @param name parameter name
      * @param description parameter description
      *
-     * @since TODO
+     * @since 2.112
      */
     @DataBoundConstructor
     @Restricted(NoExternalUse.class) // there are specific constructors with String and List arguments for 'choices'
@@ -82,7 +82,7 @@ public class ChoiceParameterDefinition extends SimpleParameterDefinition {
      *
      * @param choices String or Collection representing this parameter definition's possible values.
      *
-     * @since TODO
+     * @since 2.112
      *
      */
     @DataBoundSetter
diff --git a/core/src/main/java/hudson/security/ACL.java b/core/src/main/java/hudson/security/ACL.java
index 95b3f8fc46..1f39620c66 100644
--- a/core/src/main/java/hudson/security/ACL.java
+++ b/core/src/main/java/hudson/security/ACL.java
@@ -100,7 +100,7 @@ public abstract class ACL {
      * Creates a simple {@link ACL} implementation based on a “single-abstract-method” easily implemented via lambda syntax.
      * @param impl the implementation of {@link ACL#hasPermission(Authentication, Permission)}
      * @return an adapter to that lambda
-     * @since FIXME
+     * @since 2.105
      */
     public static ACL lambda(final BiFunction<Authentication, Permission, Boolean> impl) {
         return new ACL() {
diff --git a/core/src/main/java/hudson/tools/ToolDescriptor.java b/core/src/main/java/hudson/tools/ToolDescriptor.java
index ad4ac1734a..1e1f9788a5 100644
--- a/core/src/main/java/hudson/tools/ToolDescriptor.java
+++ b/core/src/main/java/hudson/tools/ToolDescriptor.java
@@ -57,7 +57,7 @@ public abstract class ToolDescriptor<T extends ToolInstallation> extends Descrip
     protected ToolDescriptor() { }
 
     /**
-     * @since FIXME
+     * @since 2.102
      */
     protected ToolDescriptor(Class<T> clazz) {
         super(clazz);
diff --git a/core/src/main/java/hudson/triggers/SafeTimerTask.java b/core/src/main/java/hudson/triggers/SafeTimerTask.java
index e2cc7eb8b0..7e6f89236c 100644
--- a/core/src/main/java/hudson/triggers/SafeTimerTask.java
+++ b/core/src/main/java/hudson/triggers/SafeTimerTask.java
@@ -86,7 +86,7 @@ public abstract class SafeTimerTask extends TimerTask {
      * @see AsyncAperiodicWork#getLogFile()
      * @see AsyncPeriodicWork#getLogFile()
      * @return the path where the logs should be put.
-     * @since TODO
+     * @since 2.114
      */
     public static File getLogsRoot() {
         String tagsLogsPath = SystemProperties.getString(LOGS_ROOT_PATH_PROPERTY);
diff --git a/core/src/main/java/hudson/util/FormValidation.java b/core/src/main/java/hudson/util/FormValidation.java
index b8964811a2..3009e16253 100644
--- a/core/src/main/java/hudson/util/FormValidation.java
+++ b/core/src/main/java/hudson/util/FormValidation.java
@@ -400,7 +400,7 @@ public abstract class FormValidation extends IOException implements HttpResponse
      * @param lower the lower bound (inclusive)
      * @param upper the upper bound (inclusive)
      *
-     * @since TODO
+     * @since 2.104
      */
     public static FormValidation validateIntegerInRange(String value, int lower, int upper) {
         try {
diff --git a/core/src/main/java/hudson/util/HttpResponses.java b/core/src/main/java/hudson/util/HttpResponses.java
index 8c4bdeda9a..0766f73328 100644
--- a/core/src/main/java/hudson/util/HttpResponses.java
+++ b/core/src/main/java/hudson/util/HttpResponses.java
@@ -106,7 +106,7 @@ public class HttpResponses extends org.kohsuke.stapler.HttpResponses {
      * @param data The data.
      * @return {@code this} object.
      *
-     * @since TODO
+     * @since 2.115
      */
     public static HttpResponse errorJSON(@Nonnull String message, @Nonnull JSONObject data) {
         return new JSONObjectResponse(data).error(message);
@@ -118,7 +118,7 @@ public class HttpResponses extends org.kohsuke.stapler.HttpResponses {
      * @param data The data.
      * @return {@code this} object.
      *
-     * @since TODO
+     * @since 2.115
      */
     public static HttpResponse errorJSON(@Nonnull String message, @Nonnull JSONArray data) {
         return new JSONObjectResponse(data).error(message);
diff --git a/core/src/main/java/hudson/util/TextFile.java b/core/src/main/java/hudson/util/TextFile.java
index e9bb0c8b5a..bd6904add0 100644
--- a/core/src/main/java/hudson/util/TextFile.java
+++ b/core/src/main/java/hudson/util/TextFile.java
@@ -101,7 +101,7 @@ public class TextFile {
      * <code>LinesStream</code>.
      * @throws IOException if the file cannot be converted to a
      * {@link java.nio.file.Path} or if the file cannot be opened for reading
-     * @since TODO
+     * @since 2.111
      */
     @CreatesObligation
     public @Nonnull LinesStream linesStream() throws IOException {
diff --git a/core/src/main/java/jenkins/security/s2m/ConfigFile.java b/core/src/main/java/jenkins/security/s2m/ConfigFile.java
index f52b64d370..99b8c5f975 100644
--- a/core/src/main/java/jenkins/security/s2m/ConfigFile.java
+++ b/core/src/main/java/jenkins/security/s2m/ConfigFile.java
@@ -50,7 +50,7 @@ abstract class ConfigFile<T,COL extends Collection<T>> extends TextFile {
     /**
      * Loads the configuration from the configuration file.
      * @throws IOException if the configuration file could not be read.
-     * @since TODO
+     * @since 2.111
      */
     public synchronized void load2() throws IOException {
         COL result = create();
diff --git a/core/src/main/java/jenkins/slaves/RemotingVersionInfo.java b/core/src/main/java/jenkins/slaves/RemotingVersionInfo.java
index 2c89ec136e..d1e0c06e4b 100644
--- a/core/src/main/java/jenkins/slaves/RemotingVersionInfo.java
+++ b/core/src/main/java/jenkins/slaves/RemotingVersionInfo.java
@@ -32,11 +32,10 @@ import java.util.Properties;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
-// TODO: Make the API public (JENKINS-48766)
 /**
  * Provides information about Remoting versions used within the core.
  * @author Oleg Nenashev
- * @since TODO
+ * @since unrestricted since 2.104, initially added in 2.100.
  */
 public class RemotingVersionInfo {
 
diff --git a/core/src/main/java/jenkins/util/VirtualFile.java b/core/src/main/java/jenkins/util/VirtualFile.java
index e59ad888bd..c1ea07d536 100644
--- a/core/src/main/java/jenkins/util/VirtualFile.java
+++ b/core/src/main/java/jenkins/util/VirtualFile.java
@@ -148,7 +148,7 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
      * Some implementations may not support symlinks under any conditions.
      * @return a target (typically a relative path in some format), or null if this is not a link
      * @throws IOException if reading the link, or even determining whether this file is a link, failed
-     * @since FIXME
+     * @since 2.118
      */
     @Restricted(Beta.class)
     public @CheckForNull String readLink() throws IOException {
@@ -188,7 +188,7 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
      * @param useDefaultExcludes as per {@link AbstractFileSet#setDefaultexcludes}
      * @return a list of {@code /}-separated relative names of children (files directly inside or in subdirectories)
      * @throws IOException if this is not a directory, or listing was not possible for some other reason
-     * @since FIXME
+     * @since 2.118
      */
     @Restricted(Beta.class)
     public @Nonnull Collection<String> list(@Nonnull String includes, @CheckForNull String excludes, boolean useDefaultExcludes) throws IOException {
@@ -266,7 +266,7 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
      * If the file is symlink (see {@link #readLink}), the mode is that of the link target, not the link itself.
      * @return for example, 0644 ~ {@code rw-r--r--}; -1 by default, meaning unknown or inapplicable
      * @throws IOException if checking the mode failed
-     * @since FIXME
+     * @since 2.118
      */
     @Restricted(Beta.class)
     public int mode() throws IOException {
@@ -345,7 +345,7 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
      * <p>The URL might be valid for only a limited amount of time or even only a single use;
      * this method should be called anew every time an external URL is required.
      * @return an externally usable URL like {@code https://gist.githubusercontent.com/ACCT/GISTID/raw/COMMITHASH/FILE}, or null if there is no such support
-     * @since FIXME
+     * @since 2.118
      * @see #toURI
      */
     @Restricted(Beta.class)
diff --git a/core/src/main/java/jenkins/util/io/LinesStream.java b/core/src/main/java/jenkins/util/io/LinesStream.java
index d0296ddf0a..92931c4ccd 100644
--- a/core/src/main/java/jenkins/util/io/LinesStream.java
+++ b/core/src/main/java/jenkins/util/io/LinesStream.java
@@ -58,7 +58,7 @@ import javax.annotation.Nullable;
  * obtain a second or subsequent <code>Iterator</code> throws
  * <code>IllegalStateException</code>.
  *
- * @since TODO
+ * @since 2.111
  */
 @CleanupObligation
 public class LinesStream implements Closeable, Iterable<String> {
diff --git a/core/src/main/resources/lib/layout/layout.jelly b/core/src/main/resources/lib/layout/layout.jelly
index 623380cfdf..e06c32b7f3 100644
--- a/core/src/main/resources/lib/layout/layout.jelly
+++ b/core/src/main/resources/lib/layout/layout.jelly
@@ -53,7 +53,7 @@ THE SOFTWARE.
       (The permission will be checked against the "it" object.)
     </st:attribute>
     <st:attribute name="type" use="optional">
-      Available values: two-column (by default), one-column (full-width size) or full-screen (since TODO).
+      Available values: two-column (by default), one-column (full-width size) or full-screen (since 2.53).
     </st:attribute>
   </st:documentation>
 <st:setHeader name="Expires" value="0" />
diff --git a/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java b/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java
index 2051c1a26a..54e494dce2 100644
--- a/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java
+++ b/test/src/test/java/jenkins/model/JenkinsBuildsAndWorkspacesDirectoriesTest.java
@@ -41,8 +41,6 @@ import static org.junit.Assume.assumeFalse;
  * <p>
  * So this test class uses a {@link RestartableJenkinsRule} to check the behaviour of this sysprop being
  * present or not between two restarts.
- *
- * @since TODO
  */
 public class JenkinsBuildsAndWorkspacesDirectoriesTest {
 
-- 
GitLab


From 1866fe1fdd33d365b6de9be69f5d6aab87611328 Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Fri, 27 Apr 2018 10:18:39 +0200
Subject: [PATCH 366/863] Pick-up parent pom 1.41 adding junit to
 dependencyManagement

---
 pom.xml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index 3bf44bf837..7ac8233092 100644
--- a/pom.xml
+++ b/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci</groupId>
     <artifactId>jenkins</artifactId>
-    <version>1.40</version>
+    <version>1.41</version>
     <relativePath />
   </parent>
 
@@ -149,7 +149,6 @@ THE SOFTWARE.
       <dependency>
         <groupId>junit</groupId>
         <artifactId>junit</artifactId>
-        <version>4.12</version>
       </dependency>
 
       <dependency>
-- 
GitLab


From 7a986fb642d0445abe630bebbd445fc5ac7e18c8 Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Fri, 27 Apr 2018 11:03:42 +0200
Subject: [PATCH 367/863] Remove junit totally from depMgmt

---
 pom.xml | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/pom.xml b/pom.xml
index 7ac8233092..a6597b4409 100644
--- a/pom.xml
+++ b/pom.xml
@@ -146,11 +146,6 @@ THE SOFTWARE.
         <version>2.4</version>
       </dependency>
 
-      <dependency>
-        <groupId>junit</groupId>
-        <artifactId>junit</artifactId>
-      </dependency>
-
       <dependency>
         <groupId>org.mockito</groupId>
         <artifactId>mockito-core</artifactId>
-- 
GitLab


From b3c5c402e6be810d1de0d766246703c1667902ff Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Thu, 26 Apr 2018 15:25:57 +0200
Subject: [PATCH 368/863] [JENKINS-50969] core site build is broken, needed for
 core taglibs reference

The special old module for doxia seems not needed.
I suspect that it is because since 2012 when it was released, the Markdown
support got done in standard.

IIUC this was pulling in some very old doxia versions, which was
incompatible with maven-fluido-skin which I needed to bump from current
1.3.0 to 1.7 for https://github.com/jenkins-infra/core-taglibs-report-generator
to work again.
---
 pom.xml | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/pom.xml b/pom.xml
index a6597b4409..9944829b55 100644
--- a/pom.xml
+++ b/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci</groupId>
     <artifactId>jenkins</artifactId>
-    <version>1.41</version>
+    <version>1.42</version>
     <relativePath />
   </parent>
 
@@ -512,13 +512,6 @@ THE SOFTWARE.
         <plugin>
           <groupId>org.apache.maven.plugins</groupId>
           <artifactId>maven-site-plugin</artifactId>
-          <dependencies>
-            <dependency>
-              <groupId>org.kohsuke</groupId>
-              <artifactId>doxia-module-markdown</artifactId>
-              <version>1.0</version>
-            </dependency>
-          </dependencies>
         </plugin>
       <plugin>
         <groupId>org.apache.maven.plugins</groupId>
-- 
GitLab


From 38313e4fc287c9731a5c5fba77a60d9344ad75f2 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Fri, 27 Apr 2018 19:01:35 +0200
Subject: [PATCH 369/863] Separate the statistics from the token store -
 different file for better versioning / synchronization - ability using a
 configuration to avoid completely the statistics - add unit / integration
 tests - adjust the configuration page

---
 .../jenkins/security/ApiTokenProperty.java    | 108 ++++++--
 .../ApiTokenPropertyConfiguration.java        |  17 +-
 .../security/apitoken/ApiTokenStats.java      | 262 ++++++++++++++++++
 .../security/apitoken/ApiTokenStore.java      | 130 ++-------
 .../LegacyApiTokenAdministrativeMonitor.java  |  32 ++-
 .../security/ApiTokenProperty/config.jelly    |  49 ++--
 .../ApiTokenProperty/config.properties        |   2 +
 .../security/ApiTokenProperty/resources.css   |   4 +
 .../config.jelly                              |   3 +
 ...=> help-creationOfLegacyTokenEnabled.html} |   0
 ...elp-tokenGenerationOnCreationEnabled.html} |   0
 .../help-usageStatisticsEnabled.html          |   7 +
 .../security/apitoken/ApiTokenStatsTest.java  | 224 +++++++++++++++
 .../security/ApiTokenPropertyTest.java        |  11 +-
 .../security/apitoken/ApiTokenStatsTest.java  | 144 ++++++++++
 15 files changed, 826 insertions(+), 167 deletions(-)
 create mode 100644 core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
 rename core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/{help-creationOfLegacyTokenDisabled.html => help-creationOfLegacyTokenEnabled.html} (100%)
 rename core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/{help-tokenGenerationOnCreationDisabled.html => help-tokenGenerationOnCreationEnabled.html} (100%)
 create mode 100644 core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-usageStatisticsEnabled.html
 create mode 100644 core/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java
 create mode 100644 test/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java

diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index c473deddde..40fd6f5f47 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -27,6 +27,7 @@ import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
 import hudson.Extension;
 import hudson.Util;
 import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenStats;
 import jenkins.security.apitoken.ApiTokenStore;
 import jenkins.util.SystemProperties;
 import hudson.model.Descriptor.FormException;
@@ -57,8 +58,10 @@ import java.util.HashMap;
 import java.util.Map;
 import java.util.logging.Level;
 import java.util.logging.Logger;
+import java.util.stream.Collectors;
 import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
+import javax.annotation.concurrent.Immutable;
 
 import org.apache.commons.lang.StringUtils;
 import org.kohsuke.accmod.Restricted;
@@ -102,8 +105,14 @@ public class ApiTokenProperty extends UserProperty {
             SystemProperties.getBoolean(ApiTokenProperty.class.getName() + ".adminCanGenerateNewTokens");
 
     private volatile Secret apiToken;
-    // stored aside
-    private transient ApiTokenStore tokenStore;
+    private ApiTokenStore tokenStore;
+    
+    /**
+     * Store the usage information of the different token for this user
+     * The save operation can be toggled by using {@link ApiTokenPropertyConfiguration#usageStatisticsEnabled}
+     * The information are stored in a separate file to avoid problem with some configuration synchronization tools
+     */
+    private transient ApiTokenStats tokenStats;
     
     @DataBoundConstructor
     public ApiTokenProperty() {
@@ -114,10 +123,13 @@ public class ApiTokenProperty extends UserProperty {
         super.setUser(u);
     
         if (this.tokenStore == null) {
-            this.tokenStore = ApiTokenStore.load(user.getUserFolder());
+            this.tokenStore = new ApiTokenStore();
+        }
+        if(this.tokenStats == null){
+            this.tokenStats = ApiTokenStats.load(user.getUserFolder());
         }
         if(this.apiToken != null){
-            this.tokenStore.generateTokenFromLegacy(this.apiToken);
+            this.tokenStore.regenerateTokenFromLegacy(this.apiToken);
         }
     }
     
@@ -180,15 +192,15 @@ public class ApiTokenProperty extends UserProperty {
         if(StringUtils.isBlank(token)){
             return false;
         }
-        
-        // use the new way to find a match in order to trigger the counter / lastUseDate logic
-        // as the legacy token (if existing) are also stored there
-        boolean matchFound = tokenStore.doesContainToken(token);
-        if (matchFound) {
-            tokenStore.save();
+    
+        ApiTokenStore.HashedToken matchingToken = tokenStore.findMatchingToken(token);
+        if(matchingToken == null){
+            return false;
         }
         
-        return matchFound;
+        tokenStats.updateUsageForId(matchingToken.getUuid());
+        
+        return true;
     }
     
     /**
@@ -215,10 +227,46 @@ public class ApiTokenProperty extends UserProperty {
     
     // only for Jelly
     @Restricted(NoExternalUse.class)
-    public Collection<ApiTokenStore.HashedToken> getTokenList() {
-        return tokenStore.getTokenListSortedByName();
+    public Collection<TokenInfoAndStats> getTokenList() {
+        return tokenStore.getTokenListSortedByName()
+                .stream()
+                .map(token -> {
+                    ApiTokenStats.SingleTokenStats stats = tokenStats.findTokenStatsById(token.getUuid());
+                    return new TokenInfoAndStats(token, stats);
+                })
+                .collect(Collectors.toList());
     }
     
+    // only for Jelly
+    @Immutable
+    @Restricted(NoExternalUse.class)
+    public static class TokenInfoAndStats {
+        public final String uuid;
+        public final String name;
+        public final Date creationDate;
+        public final long numDaysCreation;
+        public final boolean isLegacy;
+        
+        public final int useCounter;
+        public final Date lastUseDate;
+        public final long numDaysUse;
+        
+        public TokenInfoAndStats(@Nonnull ApiTokenStore.HashedToken token, @Nonnull ApiTokenStats.SingleTokenStats stats) {
+            this.uuid = token.getUuid();
+            this.name = token.getName();
+            this.creationDate = token.getCreationDate();
+            this.numDaysCreation = token.getNumDaysCreation();
+            this.isLegacy = token.isLegacy();
+            
+            this.useCounter = stats.getUseCounter();
+            this.lastUseDate = stats.getLastUseDate();
+            this.numDaysUse = stats.getNumDaysUse();
+        }
+    }
+    
+    /**
+     * Allow user to rename tokens
+     */
     @Override
     public UserProperty reconfigure(StaplerRequest req, @CheckForNull JSONObject form) throws FormException {
         if(form == null){
@@ -228,7 +276,6 @@ public class ApiTokenProperty extends UserProperty {
         Object tokenStoreData = form.get("tokenStore");
         Map<String, JSONObject> tokenStoreTypedData = convertToTokenMap(tokenStoreData);
         this.tokenStore.reconfigure(tokenStoreTypedData);
-        this.tokenStore.save();
         return this;
     }
     
@@ -272,10 +319,13 @@ public class ApiTokenProperty extends UserProperty {
 
         LOGGER.log(Level.FINE, "Deprecated usage of changeApiToken");
 
+        ApiTokenStore.HashedToken existingLegacyToken = tokenStore.getLegacyToken();
         _changeApiToken();
         tokenStore.regenerateTokenFromLegacy(apiToken);
     
-        tokenStore.save();
+        if(existingLegacyToken != null){
+            tokenStats.removeId(existingLegacyToken.getUuid());
+        }
         user.save();
     }
     
@@ -298,6 +348,11 @@ public class ApiTokenProperty extends UserProperty {
     public ApiTokenStore getTokenStore() {
         return tokenStore;
     }
+    
+    @Restricted(NoExternalUse.class)
+    public ApiTokenStats getTokenStats() {
+        return tokenStats;
+    }
 
     @Extension
     @Symbol("apiToken")
@@ -340,6 +395,12 @@ public class ApiTokenProperty extends UserProperty {
             }
         }
     
+        // for Jelly view
+        @Restricted(NoExternalUse.class)
+        public boolean isStatisticsEnabled(){
+            return ApiTokenPropertyConfiguration.get().isUsageStatisticsEnabled();
+        }
+    
         // for Jelly view
         @Restricted(NoExternalUse.class)
         public boolean mustDisplayLegacyApiToken(User propertyOwner) {
@@ -391,7 +452,6 @@ public class ApiTokenProperty extends UserProperty {
             if (p == null) {
                 p = forceNewInstance(u, true);
                 p.setUser(u);
-                p.tokenStore.save();
                 u.addProperty(p);
             } else {
                 // even if the user does not have legacy token, this method let some legacy system to regenerate one
@@ -424,7 +484,6 @@ public class ApiTokenProperty extends UserProperty {
             }
             
             ApiTokenStore.TokenIdAndPlainValue tokenIdAndPlainValue = p.tokenStore.generateNewToken(tokenName);
-            p.tokenStore.save();
             u.save();
             
             return HttpResponses.okJSON(new HashMap<String, String>() {{ 
@@ -455,10 +514,11 @@ public class ApiTokenProperty extends UserProperty {
             
             boolean renameOk = p.tokenStore.renameToken(tokenId, newName);
             if(!renameOk){
-                // that could potentially happens between instance restart, the uuid stored in the page are no more valid
+                // that could potentially happen if the token is removed from another page
+                // between your page loaded and your action
                 return HttpResponses.errorJSON("No token found, try refreshing the page");
             }
-            p.tokenStore.save();
+            
             u.save();
             
             return HttpResponses.ok();
@@ -481,11 +541,13 @@ public class ApiTokenProperty extends UserProperty {
             }
             
             ApiTokenStore.HashedToken revoked = p.tokenStore.revokeToken(tokenId);
-            if(revoked != null && revoked.isLegacy()){
-                // if the user revoked the API Token, we can delete it
-                p.apiToken = null;
+            if(revoked != null){
+                if(revoked.isLegacy()){
+                    // if the user revoked the API Token, we can delete it
+                    p.apiToken = null;
+                }
+                p.tokenStats.removeId(revoked.getUuid());
             }
-            p.tokenStore.save();
             u.save();
             
             return HttpResponses.ok();
diff --git a/core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyConfiguration.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyConfiguration.java
index ab2d8d1eb0..81c903ba4b 100644
--- a/core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyConfiguration.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyConfiguration.java
@@ -48,6 +48,12 @@ public class ApiTokenPropertyConfiguration extends GlobalConfiguration {
      */
     private boolean creationOfLegacyTokenEnabled = false;
     
+    /**
+     * Each time an API Token is used, its usage counter is incremented and the last usage date is updated. 
+     * You can disable this feature using this property.
+     */
+    private boolean usageStatisticsEnabled = true;
+    
     public static ApiTokenPropertyConfiguration get() {
         return GlobalConfiguration.all().get(ApiTokenPropertyConfiguration.class);
     }
@@ -77,7 +83,16 @@ public class ApiTokenPropertyConfiguration extends GlobalConfiguration {
         this.creationOfLegacyTokenEnabled = creationOfLegacyTokenEnabled;
         save();
     }
-
+    
+    public boolean isUsageStatisticsEnabled() {
+        return usageStatisticsEnabled;
+    }
+    
+    public void setUsageStatisticsEnabled(boolean usageStatisticsEnabled) {
+        this.usageStatisticsEnabled = usageStatisticsEnabled;
+        save();
+    }
+    
     @Override 
     public GlobalConfigurationCategory getCategory() {
         return GlobalConfigurationCategory.get(GlobalConfigurationCategory.Security.class);
diff --git a/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
new file mode 100644
index 0000000000..cf4c310946
--- /dev/null
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
@@ -0,0 +1,262 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.security.apitoken;
+
+import hudson.BulkChange;
+import hudson.XmlFile;
+import hudson.model.Saveable;
+import hudson.model.listeners.SaveableListener;
+
+import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
+import java.io.File;
+import java.io.IOException;
+import java.time.Instant;
+import java.time.temporal.ChronoUnit;
+import java.util.ArrayList;
+import java.util.Comparator;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+public class ApiTokenStats implements Saveable {
+    private static final Logger LOGGER = Logger.getLogger(ApiTokenStats.class.getName());
+    
+    /**
+     * Normally a user will not have more 2-3 tokens at a time, 
+     * so there is no need to store a map here
+     */
+    private List<SingleTokenStats> tokenStats;
+    
+    private transient File parent;
+    
+    public ApiTokenStats() {
+        this.init();
+    }
+    
+    private ApiTokenStats readResolve() {
+        this.init();
+        return this;
+    }
+    
+    private void init() {
+        if (this.tokenStats == null) {
+            this.tokenStats = new ArrayList<>();
+        } else {
+            keepLastUpdatedDuplicated();
+        }
+    }
+    
+    private void keepLastUpdatedDuplicated() {
+        Map<String, SingleTokenStats> temp = new HashMap<>();
+        this.tokenStats.forEach(candidate -> {
+            SingleTokenStats current = temp.get(candidate.tokenUuid);
+            if (current == null) {
+                temp.put(candidate.tokenUuid, candidate);
+            } else {
+                int comparison = SingleTokenStats.COMP_BY_LAST_USE_THEN_COUNTER.compare(current, candidate);
+                if (comparison < 0) {
+                    temp.put(candidate.tokenUuid, candidate);
+                }
+            }
+        });
+        
+        this.tokenStats = new ArrayList<>(temp.values());
+    }
+    
+    public void setParent(@Nonnull File parent) {
+        this.parent = parent;
+    }
+    
+    private boolean areStatsDisabled(){
+        return !ApiTokenPropertyConfiguration.get().isUsageStatisticsEnabled();
+    }
+    
+    /**
+     * Will trigger the save if there is some modification
+     */
+    public synchronized void removeId(@Nonnull String tokenUuid) {
+        if(areStatsDisabled()){
+            return;
+        }
+        
+        boolean tokenRemoved = tokenStats.removeIf(s -> s.tokenUuid.equals(tokenUuid));
+        if (tokenRemoved) {
+            save();
+        }
+    }
+    
+    /**
+     * Will trigger the save
+     */
+    public synchronized @Nonnull SingleTokenStats updateUsageForId(@Nonnull String tokenUuid) {
+        if(areStatsDisabled()){
+            return new SingleTokenStats(tokenUuid);
+        }
+        
+        SingleTokenStats stats = tokenStats.stream()
+                .filter(s -> s.tokenUuid.equals(tokenUuid))
+                .findFirst()
+                .orElse(null);
+        
+        if (stats == null) {
+            stats = new SingleTokenStats(tokenUuid);
+            tokenStats.add(stats);
+        }
+        
+        stats.notifyUse();
+        save();
+        
+        return stats;
+    }
+    
+    public synchronized @Nonnull SingleTokenStats findTokenStatsById(@Nonnull String tokenUuid) {
+        if(areStatsDisabled()){
+            return new SingleTokenStats(tokenUuid);
+        }
+        
+        SingleTokenStats stats = findById(tokenUuid);
+        if (stats == null) {
+            // empty stats object, no need to add it to the list
+            stats = new SingleTokenStats(tokenUuid);
+        }
+        
+        return stats;
+    }
+    
+    private @Nullable SingleTokenStats findById(@Nonnull String tokenUuid) {
+        return tokenStats.stream()
+                .filter(s -> s.tokenUuid.equals(tokenUuid))
+                .findFirst()
+                .orElse(null);
+    }
+    
+    /**
+     * Saves the configuration info to the disk.
+     */
+    @Override
+    public synchronized void save() {
+        if(areStatsDisabled()){
+            return;
+        }
+        
+        if (BulkChange.contains(this))
+            return;
+        
+        XmlFile configFile = getConfigFile(parent);
+        try {
+            configFile.write(this);
+            SaveableListener.fireOnChange(this, configFile);
+        } catch (IOException e) {
+            LOGGER.log(Level.WARNING, "Failed to save " + configFile, e);
+        }
+    }
+    
+    /**
+     * Loads the data from the disk into this object.
+     */
+    public static ApiTokenStats load(File parent) {
+        // even if we are not using statistics, we load the existing one in case the configuration
+        // is enabled afterwards to avoid erasing data
+        
+        XmlFile file = getConfigFile(parent);
+        ApiTokenStats apiTokenStats;
+        if (file.exists()) {
+            try {
+                apiTokenStats = (ApiTokenStats) file.unmarshal(ApiTokenStats.class);
+            } catch (IOException e) {
+                LOGGER.log(Level.WARNING, "Failed to load " + file, e);
+                apiTokenStats = new ApiTokenStats();
+            }
+        } else {
+            apiTokenStats = new ApiTokenStats();
+        }
+    
+        apiTokenStats.setParent(parent);
+        return apiTokenStats;
+    }
+    
+    protected static XmlFile getConfigFile(File parent) {
+        return new XmlFile(new File(parent, "apiTokenStats.xml"));
+    }
+    
+    public static class SingleTokenStats {
+        private final String tokenUuid;
+        private Date lastUseDate;
+        private Integer useCounter;
+        
+        private SingleTokenStats(String tokenUuid) {
+            this.tokenUuid = tokenUuid;
+        }
+        
+        private SingleTokenStats readResolve() {
+            if (this.useCounter != null) {
+                // to avoid negative numbers to be injected
+                this.useCounter = Math.max(0, this.useCounter);
+            }
+            return this;
+        }
+        
+        private void notifyUse() {
+            this.useCounter = useCounter == null ? 1 : useCounter + 1;
+            this.lastUseDate = new Date();
+        }
+        
+        public String getTokenUuid() {
+            return tokenUuid;
+        }
+        
+        // used by Jelly view
+        public int getUseCounter() {
+            return useCounter == null ? 0 : useCounter;
+        }
+        
+        // used by Jelly view
+        public Date getLastUseDate() {
+            return lastUseDate;
+        }
+        
+        // used by Jelly view
+        
+        /**
+         * Relevant only if the lastUseDate is not null
+         */
+        public long getNumDaysUse() {
+            return lastUseDate == null ? 0 : computeDeltaDays(lastUseDate.toInstant(), Instant.now());
+        }
+        
+        private long computeDeltaDays(Instant a, Instant b) {
+            long deltaDays = ChronoUnit.DAYS.between(a, b);
+            deltaDays = Math.max(0, deltaDays);
+            return deltaDays;
+        }
+        
+        private static Comparator<SingleTokenStats> COMP_BY_LAST_USE_THEN_COUNTER =
+                Comparator.comparing(SingleTokenStats::getLastUseDate, Comparator.nullsLast(Comparator.naturalOrder()))
+                        .thenComparing(SingleTokenStats::getUseCounter, Comparator.reverseOrder());
+    }
+}
diff --git a/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
index 4a0b066450..4214ce2cec 100644
--- a/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
@@ -24,11 +24,7 @@
 package jenkins.security.apitoken;
 
 import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
-import hudson.BulkChange;
 import hudson.Util;
-import hudson.XmlFile;
-import hudson.model.Saveable;
-import hudson.model.listeners.SaveableListener;
 import hudson.util.Secret;
 import jenkins.security.Messages;
 import net.sf.json.JSONObject;
@@ -36,9 +32,8 @@ import org.apache.commons.lang.StringUtils;
 
 import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
 import javax.annotation.concurrent.Immutable;
-import java.io.File;
-import java.io.IOException;
 import java.nio.charset.StandardCharsets;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
@@ -58,7 +53,7 @@ import java.util.logging.Level;
 import java.util.logging.Logger;
 import java.util.stream.Collectors;
 
-public class ApiTokenStore implements Saveable {
+public class ApiTokenStore {
     private static final Logger LOGGER = Logger.getLogger(ApiTokenStore.class.getName());
     private static final SecureRandom RANDOM = new SecureRandom();
     
@@ -74,16 +69,10 @@ public class ApiTokenStore implements Saveable {
     
     private List<HashedToken> tokenList;
     
-    private transient File parent;
-    
     public ApiTokenStore() {
         this.init();
     }
     
-    public void setParent(File parent) {
-        this.parent = parent;
-    }
-    
     public ApiTokenStore readResolve() {
         this.init();
         return this;
@@ -128,12 +117,6 @@ public class ApiTokenStore implements Saveable {
         });
     }
     
-    public synchronized void generateTokenFromLegacy(@Nonnull Secret newLegacyApiToken) {
-        if (tokenList.stream().noneMatch(HashedToken::isLegacy)) {
-            regenerateTokenFromLegacy(newLegacyApiToken);
-        }
-    }
-    
     public synchronized void regenerateTokenFromLegacy(@Nonnull Secret newLegacyApiToken) {
         deleteAllLegacyTokens();
         addLegacyToken(newLegacyApiToken);
@@ -155,6 +138,16 @@ public class ApiTokenStore implements Saveable {
         this.addToken(token);
     }
     
+    /**
+     * @return null iff there is no legacy token in the store, otherwise the legacy token is returned
+     */
+    public synchronized @Nullable HashedToken getLegacyToken(){
+        return tokenList.stream()
+                .filter(HashedToken::isLegacy)
+                .findFirst()
+                .orElse(null);
+    }
+    
     public synchronized @Nonnull TokenIdAndPlainValue generateNewToken(@Nonnull String name) {
         // 16x8=128bit worth of randomness, using brute-force you need on average 2^127 tries (~10^37)
         byte[] random = new byte[16];
@@ -194,7 +187,7 @@ public class ApiTokenStore implements Saveable {
         return digest.digest(tokenBytes);
     }
     
-    public synchronized boolean doesContainToken(@Nonnull String token) {
+    public synchronized @CheckForNull HashedToken findMatchingToken(@Nonnull String token) {
         String plainToken;
         if (isLegacyToken(token)) {
             plainToken = token;
@@ -205,7 +198,7 @@ public class ApiTokenStore implements Saveable {
         return searchMatch(plainToken);
     }
     
-    private boolean isLegacyToken(String token) {
+    private boolean isLegacyToken(@Nonnull String token) {
         return token.length() != TOKEN_LENGTH_V2;
     }
     
@@ -213,7 +206,7 @@ public class ApiTokenStore implements Saveable {
      * [2: version][32: real token]
      * ^^^^^^^^^^^^----------------
      */
-    private String getVersionOfToken(String token) {
+    private @Nonnull String getVersionOfToken(@Nonnull String token) {
         return token.substring(0, 2);
     }
     
@@ -221,20 +214,19 @@ public class ApiTokenStore implements Saveable {
      * [2: version][32: real token]
      * ------------^^^^^^^^^^^^^^^^
      */
-    private String getHashOfToken(String token) {
+    private @Nonnull String getHashOfToken(@Nonnull String token) {
         return token.substring(2);
     }
     
-    private boolean searchMatch(String plainToken) {
+    private @CheckForNull HashedToken searchMatch(@Nonnull String plainToken) {
         byte[] hashedBytes = plainSecretToHashBytes(plainToken);
         for (HashedToken token : tokenList) {
             if (token.match(hashedBytes)) {
-                token.incrementUse();
-                return true;
+                return token;
             }
         }
         
-        return false;
+        return null;
     }
     
     public synchronized @CheckForNull HashedToken revokeToken(@Nonnull String tokenUuid) {
@@ -262,53 +254,6 @@ public class ApiTokenStore implements Saveable {
         return false;
     }
     
-    /**
-     * Saves the configuration info to the disk.
-     */
-    @Override
-    public synchronized void save() {
-        if (BulkChange.contains(this))
-            return;
-        
-        XmlFile configFile = getConfigFile(parent);
-        try {
-            configFile.write(this);
-            SaveableListener.fireOnChange(this, configFile);
-        } catch (IOException e) {
-            LOGGER.log(Level.WARNING, "Failed to save " + configFile, e);
-        }
-    }
-    
-    /**
-     * Loads the data from the disk into this object.
-     *
-     * <p>
-     * The constructor of the derived class must call this method.
-     * (If we do that in the base class, the derived class won't
-     * get a chance to set default values.)
-     */
-    public static synchronized ApiTokenStore load(File parent) {
-        XmlFile file = getConfigFile(parent);
-        ApiTokenStore apiTokenStore;
-        if (file.exists()) {
-            try {
-                apiTokenStore = (ApiTokenStore) file.unmarshal(ApiTokenStore.class);
-            } catch (IOException e) {
-                LOGGER.log(Level.WARNING, "Failed to load " + file, e);
-                apiTokenStore = new ApiTokenStore();
-            }
-        } else {
-            apiTokenStore = new ApiTokenStore();
-        }
-        
-        apiTokenStore.setParent(parent);
-        return apiTokenStore;
-    }
-    
-    protected static XmlFile getConfigFile(File parent) {
-        return new XmlFile(new File(parent, "apiTokenStore.xml"));
-    }
-    
     /**
      * [2: version][32: real token]
      */
@@ -337,17 +282,14 @@ public class ApiTokenStore implements Saveable {
     }
     
     public static class HashedToken {
-        // to ease the modification of the token through the UI
-        private transient String uuid;
+        // allow us to rename the token and link the statistics
+        private String uuid;
         private String name;
         private Date creationDate;
         
         private HashValue value;
         
-        private Date lastUseDate;
-        private Integer useCounter;
-        
-        public HashedToken() {
+        private HashedToken() {
             this.init();
         }
         
@@ -357,7 +299,9 @@ public class ApiTokenStore implements Saveable {
         }
         
         private void init() {
-            this.uuid = UUID.randomUUID().toString();
+            if(this.uuid == null){
+                this.uuid = UUID.randomUUID().toString();
+            }
         }
         
         public static @Nonnull HashedToken buildNew(@Nonnull String name, @Nonnull HashValue value) {
@@ -392,29 +336,16 @@ public class ApiTokenStore implements Saveable {
             return name;
         }
         
-        // used by Jelly view
-        public int getUseCounter() {
-            return useCounter == null ? 0 : useCounter;
-        }
-        
-        // used by Jelly view
-        public Date getLastUseDate() {
-            return lastUseDate;
-        }
-        
-        // used by Jelly view
-        public long getNumDaysUse() {
-            return lastUseDate == null ? 0 : computeDeltaDays(lastUseDate.toInstant(), Instant.now());
-        }
-        
         // used by Jelly view
         public Date getCreationDate() {
             return creationDate;
         }
         
         // used by Jelly view
+        /**
+         * Relevant only if the lastUseDate is not null
+         */
         public long getNumDaysCreation() {
-            // should not happen but just in case
             return creationDate == null ? 0 : computeDeltaDays(creationDate.toInstant(), Instant.now());
         }
         
@@ -433,11 +364,6 @@ public class ApiTokenStore implements Saveable {
             return this.value.version.equals(LEGACY_VERSION);
         }
         
-        public void incrementUse() {
-            this.useCounter = useCounter == null ? 1 : useCounter + 1;
-            this.lastUseDate = new Date();
-        }
-        
         public void setName(String name) {
             this.name = name;
         }
diff --git a/core/src/main/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor.java b/core/src/main/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor.java
index 0f8e14df98..31a7853fdc 100644
--- a/core/src/main/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor.java
+++ b/core/src/main/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor.java
@@ -25,7 +25,6 @@ package jenkins.security.apitoken;
 
 import hudson.Extension;
 import hudson.model.AdministrativeMonitor;
-import hudson.model.Api;
 import hudson.model.User;
 import hudson.node_monitors.AbstractAsyncNodeMonitorDescriptor;
 import hudson.util.HttpResponses;
@@ -35,11 +34,10 @@ import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 import org.kohsuke.stapler.HttpRedirect;
 import org.kohsuke.stapler.HttpResponse;
-import org.kohsuke.stapler.QueryParameter;
 import org.kohsuke.stapler.interceptor.RequirePOST;
 import org.kohsuke.stapler.json.JsonBody;
 
-import javax.annotation.CheckForNull;
+import javax.annotation.Nullable;
 import java.io.IOException;
 import java.util.Date;
 import java.util.List;
@@ -89,12 +87,9 @@ public class LegacyApiTokenAdministrativeMonitor extends AdministrativeMonitor {
     }
     
     @Restricted(NoExternalUse.class)
-    public @CheckForNull ApiTokenStore.HashedToken getLegacyTokenOf(User user) {
+    public @Nullable ApiTokenStore.HashedToken getLegacyTokenOf(User user) {
         ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
-        ApiTokenStore.HashedToken legacyToken = apiTokenProperty.getTokenList().stream()
-                .filter(ApiTokenStore.HashedToken::isLegacy)
-                .findFirst()
-                .orElse(null);
+        ApiTokenStore.HashedToken legacyToken = apiTokenProperty.getTokenStore().getLegacyToken();
         return legacyToken;
     }
     
@@ -103,12 +98,18 @@ public class LegacyApiTokenAdministrativeMonitor extends AdministrativeMonitor {
      */
     @Restricted(NoExternalUse.class)
     public boolean hasFreshToken(User user, ApiTokenStore.HashedToken legacyToken) {
+        if(legacyToken == null){
+            return false;
+        }
+        
         ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
+        ApiTokenStats.SingleTokenStats legacyTokenStats = apiTokenProperty.getTokenStats().findTokenStatsById(legacyToken.getUuid());
+        
         return apiTokenProperty.getTokenList().stream()
-                .filter(token -> !token.isLegacy())
+                .filter(token -> !token.isLegacy)
                 .anyMatch(token -> {
-                    Date creationDate = token.getCreationDate();
-                    Date lastUseDate = legacyToken.getLastUseDate();
+                    Date creationDate = token.creationDate;
+                    Date lastUseDate = legacyTokenStats.getLastUseDate();
                     if (lastUseDate == null) {
                         lastUseDate = legacyToken.getCreationDate();
                     }
@@ -124,12 +125,15 @@ public class LegacyApiTokenAdministrativeMonitor extends AdministrativeMonitor {
         if(legacyToken == null){
             return false;
         }
+        
         ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
+        ApiTokenStats.SingleTokenStats legacyTokenStats = apiTokenProperty.getTokenStats().findTokenStatsById(legacyToken.getUuid());
+    
         return apiTokenProperty.getTokenList().stream()
-                .filter(token -> !token.isLegacy())
+                .filter(token -> !token.isLegacy)
                 .anyMatch(token -> {
-                    Date currentLastUseDate = token.getLastUseDate();
-                    Date legacyLastUseDate = legacyToken.getLastUseDate();
+                    Date currentLastUseDate = token.lastUseDate;
+                    Date legacyLastUseDate = legacyTokenStats.getLastUseDate();
                     if (legacyLastUseDate == null) {
                         legacyLastUseDate = legacyToken.getCreationDate();
                     }
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
index a66a3d9d32..d7297265ea 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
@@ -28,6 +28,7 @@ THE SOFTWARE.
     <st:adjunct includes="jenkins.security.ApiTokenProperty.resources"/>
     <f:entry title="${%CurrentTokens(instance.tokenList.size())}" help="${descriptor.getHelpFile('tokenStore')}">
         <div class="token-list ignore-dirty-panel">
+            <j:set var="isStatisticsEnabled" value="${descriptor.isStatisticsEnabled()}" />
             <j:set var="tokenList" value="${instance.tokenList}" />
             <div class="token-list-item token-list-empty-item ${tokenList == null || tokenList.isEmpty() ? '' : 'hidden-message'}">
                 <div class="list-empty-message">${%NoTokenYet}</div>
@@ -37,17 +38,17 @@ THE SOFTWARE.
                 <j:choose>
                     <j:when test="${token!=null}">
                         <j:set var="legacyClazz" value="" />
-                        <j:if test="${token.isLegacy()}">
+                        <j:if test="${token.isLegacy}">
                             <j:set var="legacyClazz" value="legacy-token" />
                         </j:if>
                         <div class="token-list-item token-list-existing-item ${legacyClazz}">
                             <input type="hidden" class="token-uuid-input" name="tokenUuid" value="${token.uuid}" />
                             <f:textbox clazz="token-name" name="tokenName" value="${token.name}" />
-                
-                            <j:if test="${token.isLegacy()}">
+                            
+                            <j:if test="${token.isLegacy}">
                                 <l:icon class="icon-warning icon-sm" title="${%LegacyToken}"/>
                             </j:if>
-                
+                            
                             <j:set var="daysOld" value="${token.numDaysCreation}" />
                             <j:set var="oldClazz" value="age-ok" />
                             <j:if test="${daysOld > 180}">
@@ -61,28 +62,38 @@ THE SOFTWARE.
                                 <i:formatDate var="creationDateFormat" value="${token.creationDate}" type="both" dateStyle="medium" timeStyle="medium" />
                             </j:if>
                             <span class="token-creation ${oldClazz}" title="${creationDateFormat}">${%TokenCreation(daysOld)}</span>
-                
+                            
                             <span class="to-right">
-                                <j:set var="useCounter" value="${token.useCounter}" />
                                 <j:choose>
-                                    <j:when test="${useCounter > 0}">
-                                        <j:set var="lastUseDateFormat" value="${%NoLastUse}" />
-                                        <j:if test="${token.lastUseDate != null}">
-                                            <i:formatDate var="lastUseDateFormat" value="${token.lastUseDate}" type="both" dateStyle="medium" timeStyle="medium" />
-                                        </j:if>
-                                        <span class="token-use-counter" title="${lastUseDateFormat}">
-                                            ${%TokenLastUse(useCounter, token.numDaysUse)}
-                                        </span>
+                                    <j:when test="${isStatisticsEnabled}">
+                                        <j:set var="useCounter" value="${token.useCounter}" />
+                                        <j:choose>
+                                            <j:when test="${useCounter > 0}">
+                                                <j:set var="lastUseDateFormat" value="${%NoLastUse}" />
+                                                <j:if test="${token.lastUseDate != null}">
+                                                    <i:formatDate var="lastUseDateFormat" value="${token.lastUseDate}" type="both" dateStyle="medium" timeStyle="medium" />
+                                                </j:if>
+                                                <span class="token-use-counter" title="${lastUseDateFormat}">
+                                                    ${%TokenLastUse(useCounter, token.numDaysUse)}
+                                                </span>
+                                            </j:when>
+                                            <j:otherwise>
+                                                <span class="token-use-counter">
+                                                    <strong title="${%TokenNeverUsed.Title}">
+                                                        <l:icon class="icon-warning icon-sm"/>
+                                                        ${%TokenNeverUsed}
+                                                    </strong>
+                                                </span>
+                                            </j:otherwise>
+                                        </j:choose>
                                     </j:when>
                                     <j:otherwise>
-                                        <span class="token-use-counter">
-                                            <strong title="${%TokenNeverUsed.Title}">
-                                                <l:icon class="icon-warning icon-sm"/>
-                                                ${%TokenNeverUsed}
-                                            </strong>
+                                        <span class="no-statistics" title="${%StatisticsDisabled.Title}">
+                                            ${%StatisticsDisabled}
                                         </span>
                                     </j:otherwise>
                                 </j:choose>
+                                    
                                 <a href="#" onclick="return revokeToken(this)" class="token-revoke"
                                    data-message-if-legacy-revoked="${%RevokedToken}"
                                    data-confirm="${%ConfirmRevokeSingle}"
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
index aa04216af1..92bd67e3d9 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
@@ -1,6 +1,8 @@
 TokenDisplayedOnce=Once generated the token will be displayed only once. The application knows only the hash of your token for the verification.
 NoTokenYet=There is no registered token for this user
 TokenLastUse=Used <b>{0}</b> time(s), last time was <b>{1}</b> day(s) ago
+StatisticsDisabled=No statistics available
+StatisticsDisabled.Title=The current configuration disables the statistics about token usage
 TokenNeverUsed=Never used
 TokenNeverUsed.Title=If you do not plan to use it, we strongly advice you to revoke it for security reasons
 ConfirmRevokeSingle=Are you sure you want to revoke this token ? Applications that are using it will be not able to connect anymore.
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css
index 89aa78aee1..829f92e2f3 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css
@@ -77,6 +77,10 @@
     font-size: 90%;
     color: #6d7680;
 }
+.token-list .token-list-item .no-statistics{
+    font-size: 90%;
+    color: #6d7680;
+}
 .token-list .token-list-item .token-revoke{
     margin-left: 10px;
 }
diff --git a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config.jelly b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config.jelly
index 5680a857d8..65c17189f5 100644
--- a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config.jelly
+++ b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config.jelly
@@ -32,5 +32,8 @@ THE SOFTWARE.
         <f:entry field="creationOfLegacyTokenEnabled">
             <f:checkbox title="${%Enable capability of user without Legacy API Token to create new one}"/>
         </f:entry>
+        <f:entry field="usageStatisticsEnabled">
+            <f:checkbox title="${%Enable usage statistics on the API Token to help users knowing if they have unused / old token}"/>
+        </f:entry>
     </f:section>
 </j:jelly>
diff --git a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-creationOfLegacyTokenDisabled.html b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-creationOfLegacyTokenEnabled.html
similarity index 100%
rename from core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-creationOfLegacyTokenDisabled.html
rename to core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-creationOfLegacyTokenEnabled.html
diff --git a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-tokenGenerationOnCreationDisabled.html b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-tokenGenerationOnCreationEnabled.html
similarity index 100%
rename from core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-tokenGenerationOnCreationDisabled.html
rename to core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-tokenGenerationOnCreationEnabled.html
diff --git a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-usageStatisticsEnabled.html b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-usageStatisticsEnabled.html
new file mode 100644
index 0000000000..ba6ca31c0e
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-usageStatisticsEnabled.html
@@ -0,0 +1,7 @@
+<div>
+    When a user is authenticated by an API Token, its usage counter is incremented and its last usage date updated.
+    <br />
+    
+    This allows users to have better understanding on which token are often used or potentially was never used or too long ago. 
+    This could be a good signal for revocation.
+</div>
diff --git a/core/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java b/core/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java
new file mode 100644
index 0000000000..714a3d153c
--- /dev/null
+++ b/core/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java
@@ -0,0 +1,224 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.security.apitoken;
+
+import hudson.XmlFile;
+import org.apache.commons.io.FileUtils;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.TemporaryFolder;
+import org.junit.runner.RunWith;
+import org.mockito.Mockito;
+import org.powermock.api.mockito.PowerMockito;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.powermock.modules.junit4.PowerMockRunner;
+
+import java.lang.reflect.Field;
+import java.time.temporal.ChronoUnit;
+import java.util.Date;
+import java.util.UUID;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+
+@RunWith(PowerMockRunner.class)
+@PrepareForTest(ApiTokenPropertyConfiguration.class)
+public class ApiTokenStatsTest {
+    @Rule
+    public TemporaryFolder tmp = new TemporaryFolder();
+    
+    @Before
+    public void prepareConfig() throws Exception {
+        // to separate completely the class under test from its environment
+        ApiTokenPropertyConfiguration mockConfig = Mockito.mock(ApiTokenPropertyConfiguration.class);
+        Mockito.when(mockConfig.isUsageStatisticsEnabled()).thenReturn(true);
+        
+        PowerMockito.mockStatic(ApiTokenPropertyConfiguration.class);
+        PowerMockito.when(ApiTokenPropertyConfiguration.class, "get").thenReturn(mockConfig);
+    }
+    
+    @Test
+    public void regularUsage() throws Exception {
+        final String ID_1 = UUID.randomUUID().toString();
+        final String ID_2 = "other-uuid";
+        
+        { // empty stats can be saved
+            ApiTokenStats tokenStats = new ApiTokenStats();
+            tokenStats.setParent(tmp.getRoot());
+            
+            // can remove an id that does not exist
+            tokenStats.removeId(ID_1);
+            
+            tokenStats.save();
+        }
+        
+        { // and then loaded, empty stats is empty
+            ApiTokenStats tokenStats = ApiTokenStats.load(tmp.getRoot());
+            assertNotNull(tokenStats);
+            
+            ApiTokenStats.SingleTokenStats stats = tokenStats.findTokenStatsById(ID_1);
+            assertEquals(0, stats.getUseCounter());
+            assertNull(stats.getLastUseDate());
+            assertEquals(0L, stats.getNumDaysUse());
+        }
+        
+        Date lastUsage;
+        { // then re-notify the same token
+            ApiTokenStats tokenStats = ApiTokenStats.load(tmp.getRoot());
+            
+            ApiTokenStats.SingleTokenStats stats = tokenStats.updateUsageForId(ID_1);
+            assertEquals(1, stats.getUseCounter());
+            
+            lastUsage = stats.getLastUseDate();
+            assertNotNull(lastUsage);
+            // to avoid flaky test in case the test is run at midnight, normally it's 0 
+            assertTrue(stats.getNumDaysUse() <= 1);
+        }
+        
+        // to enforce a difference in the lastUseDate
+        Thread.sleep(10);
+        
+        { // then re-notify the same token
+            ApiTokenStats tokenStats = ApiTokenStats.load(tmp.getRoot());
+            
+            ApiTokenStats.SingleTokenStats stats = tokenStats.updateUsageForId(ID_1);
+            assertEquals(2, stats.getUseCounter());
+            assertTrue(lastUsage.before(stats.getLastUseDate()));
+            // to avoid flaky test in case the test is run at midnight, normally it's 0 
+            assertTrue(stats.getNumDaysUse() <= 1);
+        }
+        
+        { // check all tokens have separate stats, try with another ID
+            ApiTokenStats tokenStats = ApiTokenStats.load(tmp.getRoot());
+            
+            {
+                ApiTokenStats.SingleTokenStats stats = tokenStats.findTokenStatsById(ID_2);
+                assertEquals(0, stats.getUseCounter());
+                assertNull(stats.getLastUseDate());
+                assertEquals(0L, stats.getNumDaysUse());
+            }
+            {
+                ApiTokenStats.SingleTokenStats stats = tokenStats.updateUsageForId(ID_2);
+                assertEquals(1, stats.getUseCounter());
+                assertNotNull(lastUsage);
+                assertTrue(stats.getNumDaysUse() <= 1);
+            }
+        }
+        
+        { // reload the stats, check the counter are correct
+            ApiTokenStats tokenStats = ApiTokenStats.load(tmp.getRoot());
+            
+            ApiTokenStats.SingleTokenStats stats_1 = tokenStats.findTokenStatsById(ID_1);
+            assertEquals(2, stats_1.getUseCounter());
+            ApiTokenStats.SingleTokenStats stats_2 = tokenStats.findTokenStatsById(ID_2);
+            assertEquals(1, stats_2.getUseCounter());
+            
+            tokenStats.removeId(ID_1);
+        }
+        
+        { // after a removal, the existing must keep its value
+            ApiTokenStats tokenStats = ApiTokenStats.load(tmp.getRoot());
+            
+            ApiTokenStats.SingleTokenStats stats_1 = tokenStats.findTokenStatsById(ID_1);
+            assertEquals(0, stats_1.getUseCounter());
+            ApiTokenStats.SingleTokenStats stats_2 = tokenStats.findTokenStatsById(ID_2);
+            assertEquals(1, stats_2.getUseCounter());
+        }
+    }
+    
+    @Test
+    public void testResilientIfFileDoesNotExist() throws Exception {
+        ApiTokenStats tokenStats = ApiTokenStats.load(tmp.getRoot());
+        assertNotNull(tokenStats);
+    }
+    
+    @Test
+    public void resistentToDuplicatedUuid() throws Exception {
+        final String ID_1 = UUID.randomUUID().toString();
+        final String ID_2 = UUID.randomUUID().toString();
+        final String ID_3 = UUID.randomUUID().toString();
+        
+        { // put counter to 4 for ID_1 and to 2 for ID_2 and 1 for ID_3
+            ApiTokenStats tokenStats = new ApiTokenStats();
+            tokenStats.setParent(tmp.getRoot());
+            
+            tokenStats.updateUsageForId(ID_1);
+            tokenStats.updateUsageForId(ID_1);
+            tokenStats.updateUsageForId(ID_1);
+            tokenStats.updateUsageForId(ID_1);
+            tokenStats.updateUsageForId(ID_2);
+            tokenStats.updateUsageForId(ID_3);
+            // only the most recent information is kept
+            tokenStats.updateUsageForId(ID_2);
+        }
+        
+        { // replace the ID_1 with ID_2 in the file
+            XmlFile statsFile = ApiTokenStats.getConfigFile(tmp.getRoot());
+            String content = FileUtils.readFileToString(statsFile.getFile());
+            // now there are two time the same id in the file with different stats
+            String newContentWithDuplicatedId = content.replace(ID_1, ID_2).replace(ID_3, ID_2);
+            FileUtils.write(statsFile.getFile(), newContentWithDuplicatedId);
+        }
+        
+        {
+            ApiTokenStats tokenStats = ApiTokenStats.load(tmp.getRoot());
+            assertNotNull(tokenStats);
+            
+            ApiTokenStats.SingleTokenStats stats_1 = tokenStats.findTokenStatsById(ID_1);
+            assertEquals(0, stats_1.getUseCounter());
+            
+            // the most recent information is kept
+            ApiTokenStats.SingleTokenStats stats_2 = tokenStats.findTokenStatsById(ID_2);
+            assertEquals(2, stats_2.getUseCounter());
+            
+            ApiTokenStats.SingleTokenStats stats_3 = tokenStats.findTokenStatsById(ID_3);
+            assertEquals(0, stats_3.getUseCounter());
+        }
+    }
+    
+    @Test
+    public void testDayDifference() throws Exception {
+        final String ID = UUID.randomUUID().toString();
+        ApiTokenStats tokenStats = new ApiTokenStats();
+        tokenStats.setParent(tmp.getRoot());
+        ApiTokenStats.SingleTokenStats stats = tokenStats.updateUsageForId(ID);
+        assertTrue(stats.getNumDaysUse() <= 1);
+        
+        Field field = ApiTokenStats.SingleTokenStats.class.getDeclaredField("lastUseDate");
+        field.setAccessible(true);
+        field.set(stats, new Date(
+                        new Date().toInstant()
+                                .minus(2, ChronoUnit.DAYS)
+                                // to ensure we have more than 2 days
+                                .minus(5, ChronoUnit.MINUTES)
+                                .toEpochMilli()
+                )
+        );
+        
+        assertTrue(stats.getNumDaysUse() >= 2);
+    }
+}
diff --git a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
index 5fe57c2306..1266a8abe6 100644
--- a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
+++ b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
@@ -36,7 +36,6 @@ import org.junit.Test;
 import org.jvnet.hudson.test.JenkinsRule;
 import org.jvnet.hudson.test.JenkinsRule.WebClient;
 
-import java.util.Collection;
 import java.util.List;
 import java.util.concurrent.Callable;
 import java.util.function.Predicate;
@@ -241,12 +240,8 @@ public class ApiTokenPropertyTest {
         // ===== new system =====
         
         // revoke the legacy
-        Collection<ApiTokenStore.HashedToken> tokenList = apiTokenProperty.getTokenList();
-        List<ApiTokenStore.HashedToken> legacyTokenList = tokenList.stream()
-                .filter(ApiTokenStore.HashedToken::isLegacy)
-                .collect(Collectors.toList());
-        assertEquals(1, legacyTokenList.size());
-        ApiTokenStore.HashedToken legacyToken = legacyTokenList.get(0);
+        ApiTokenStore.HashedToken legacyToken = apiTokenProperty.getTokenStore().getLegacyToken();
+        assertNotNull(legacyToken);
         String legacyUuid = legacyToken.getUuid();
     
         wc = j.createWebClient();
@@ -411,7 +406,7 @@ public class ApiTokenPropertyTest {
     
     private void revokeAllTokenUsingFilter(WebClient wc, User user, Predicate<ApiTokenStore.HashedToken> filter) throws Exception {
         ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
-        List<String> uuidList = apiTokenProperty.getTokenList().stream()
+        List<String> uuidList = apiTokenProperty.getTokenStore().getTokenListSortedByName().stream()
                 .filter(filter)
                 .map(ApiTokenStore.HashedToken::getUuid)
                 .collect(Collectors.toList());
diff --git a/test/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java b/test/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java
new file mode 100644
index 0000000000..5f79ee04d1
--- /dev/null
+++ b/test/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java
@@ -0,0 +1,144 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.security.apitoken;
+
+import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
+import com.gargoylesoftware.htmlunit.HttpMethod;
+import com.gargoylesoftware.htmlunit.Page;
+import com.gargoylesoftware.htmlunit.WebRequest;
+import com.gargoylesoftware.htmlunit.html.HtmlPage;
+import com.gargoylesoftware.htmlunit.html.HtmlSpan;
+import com.gargoylesoftware.htmlunit.util.NameValuePair;
+import com.gargoylesoftware.htmlunit.xml.XmlPage;
+import hudson.model.User;
+import jenkins.security.ApiTokenProperty;
+import net.sf.json.JSONObject;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.JenkinsRule.WebClient;
+
+import java.net.URL;
+import java.util.Arrays;
+
+import static org.hamcrest.Matchers.containsString;
+import static org.hamcrest.Matchers.is;
+import static org.hamcrest.Matchers.not;
+import static org.hamcrest.xml.HasXPath.hasXPath;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertThat;
+import static org.junit.Assert.fail;
+
+public class ApiTokenStatsTest {
+    
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+    
+    @Test
+    public void roundtrip() throws Exception {
+        j.jenkins.setCrumbIssuer(null);
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        User u = User.getById("foo", true);
+        
+        ApiTokenProperty t = u.getProperty(ApiTokenProperty.class);
+        assertNotNull(t.getTokenStore());
+        assertNotNull(t.getTokenStats());
+        
+        // test the authentication via Token
+        WebClient wc = j.createWebClient().withBasicCredentials(u.getId());
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        
+        final String TOKEN_NAME = "New Token Name";
+        
+        WebRequest request = new WebRequest(new URL(j.getURL() + "user/" + u.getId() + "/descriptorByName/" + ApiTokenProperty.class.getName() + "/generateNewToken"), HttpMethod.POST);
+        request.setRequestParameters(Arrays.asList(new NameValuePair("newTokenName", TOKEN_NAME)));
+        
+        Page page = wc.getPage(request);
+        assertEquals(200, page.getWebResponse().getStatusCode());
+        String responseContent = page.getWebResponse().getContentAsString();
+        JSONObject jsonObject = JSONObject.fromObject(responseContent);
+        JSONObject jsonData = jsonObject.getJSONObject("data");
+        String tokenName = jsonData.getString("tokenName");
+        String tokenValue = jsonData.getString("tokenValue");
+        String tokenUuid = jsonData.getString("tokenId");
+        
+        assertEquals(TOKEN_NAME, tokenName);
+        
+        WebClient restWc = j.createWebClient().withBasicCredentials(u.getId(), tokenValue);
+        checkUserIsConnected(restWc, u.getId());
+        
+        HtmlPage config = wc.goTo(u.getUrl() + "/configure");
+        assertEquals(200, config.getWebResponse().getStatusCode());
+        assertThat(config.getWebResponse().getContentAsString(), containsString(tokenUuid));
+        assertThat(config.getWebResponse().getContentAsString(), containsString(tokenName));
+        
+        final int NUM_CALL_WITH_TOKEN = 5;
+        // one is already done with checkUserIsConnected
+        for (int i = 1; i < NUM_CALL_WITH_TOKEN; i++) {
+            restWc.goToXml("whoAmI/api/xml");
+        }
+        
+        HtmlPage configWithStats = wc.goTo(u.getUrl() + "/configure");
+        assertEquals(200, configWithStats.getWebResponse().getStatusCode());
+        HtmlSpan useCounterSpan = configWithStats.getDocumentElement().getOneHtmlElementByAttribute("span", "class", "token-use-counter");
+        assertThat(useCounterSpan.getTextContent(), containsString("" + NUM_CALL_WITH_TOKEN));
+        
+        revokeToken(wc, u.getId(), tokenUuid);
+        
+        // token is no more valid
+        checkUserIsNotConnected(restWc);
+        
+        HtmlPage configWithoutToken = wc.goTo(u.getUrl() + "/configure");
+        assertEquals(200, configWithoutToken.getWebResponse().getStatusCode());
+        assertThat(configWithoutToken.getWebResponse().getContentAsString(), not(containsString(tokenUuid)));
+        assertThat(configWithoutToken.getWebResponse().getContentAsString(), not(containsString(tokenName)));
+    }
+    
+    private void checkUserIsConnected(WebClient wc, String username) throws Exception {
+        XmlPage xmlPage = wc.goToXml("whoAmI/api/xml");
+        assertThat(xmlPage, hasXPath("//name", is(username)));
+        assertThat(xmlPage, hasXPath("//anonymous", is("false")));
+        assertThat(xmlPage, hasXPath("//authenticated", is("true")));
+        assertThat(xmlPage, hasXPath("//authority", is("authenticated")));
+    }
+    
+    private void checkUserIsNotConnected(WebClient wc) throws Exception {
+        try {
+            wc.goToXml("whoAmI/api/xml");
+            fail();
+        } catch (FailingHttpStatusCodeException e) {
+            assertEquals(401, e.getStatusCode());
+        }
+    }
+    
+    private void revokeToken(WebClient wc, String login, String tokenUuid) throws Exception {
+        WebRequest request = new WebRequest(
+                new URL(j.getURL(), "user/" + login + "/descriptorByName/" + ApiTokenProperty.class.getName() + "/revoke/?tokenId=" + tokenUuid),
+                HttpMethod.POST
+        );
+        Page p = wc.getPage(request);
+        assertEquals(200, p.getWebResponse().getStatusCode());
+    }
+}
-- 
GitLab


From fcf9b676c294faea4ae3ef64859c583a355bcbe6 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Fri, 27 Apr 2018 19:04:26 +0200
Subject: [PATCH 370/863] Adapt to base64 encoded SHA-512 checksums

---
 core/src/main/java/hudson/model/UpdateCenter.java | 9 ++++-----
 core/src/main/java/hudson/model/UpdateSite.java   | 4 ++--
 2 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/core/src/main/java/hudson/model/UpdateCenter.java b/core/src/main/java/hudson/model/UpdateCenter.java
index f928aa163d..33836d9c0f 100644
--- a/core/src/main/java/hudson/model/UpdateCenter.java
+++ b/core/src/main/java/hudson/model/UpdateCenter.java
@@ -65,7 +65,6 @@ import net.sf.json.JSONObject;
 import org.acegisecurity.Authentication;
 import org.acegisecurity.context.SecurityContext;
 import org.apache.commons.codec.binary.Base64;
-import org.apache.commons.codec.binary.Hex;
 import org.apache.commons.io.input.CountingInputStream;
 import org.apache.commons.io.output.NullOutputStream;
 import org.jenkinsci.Symbol;
@@ -1169,11 +1168,11 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
                 }
                 if (sha256 != null) {
                     byte[] digest = sha256.digest();
-                    job.computedSHA256 = Hex.encodeHexString(digest);
+                    job.computedSHA256 = Base64.encodeBase64String(digest);
                 }
                 if (sha512 != null) {
                     byte[] digest = sha512.digest();
-                    job.computedSHA512 = Hex.encodeHexString(digest);
+                    job.computedSHA512 = Base64.encodeBase64String(digest);
                 }
                 return tmp;
             } catch (IOException e) {
@@ -1655,7 +1654,7 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
         private String computedSHA1;
 
         /**
-         * Hex encoded SHA-256 checksum of the downloaded file, if it could be computed.
+         * Base64 encoded SHA-256 checksum of the downloaded file, if it could be computed.
          *
          * @since TODO
          */
@@ -1667,7 +1666,7 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
         private String computedSHA256;
 
         /**
-         *Hex encoded SHA-512 checksum of the downloaded file, if it could be computed.
+         * Base64 encoded SHA-512 checksum of the downloaded file, if it could be computed.
          *
          * @since TODO
          */
diff --git a/core/src/main/java/hudson/model/UpdateSite.java b/core/src/main/java/hudson/model/UpdateSite.java
index e695c48607..9f3d55d6ea 100644
--- a/core/src/main/java/hudson/model/UpdateSite.java
+++ b/core/src/main/java/hudson/model/UpdateSite.java
@@ -658,7 +658,7 @@ public class UpdateSite {
         }
 
         /**
-         * The hex string encoded SHA-256 checksum of the file.
+         * The base64 encoded SHA-256 checksum of the file.
          * Can be null if not provided by the update site.
          * @since TODO
          */
@@ -667,7 +667,7 @@ public class UpdateSite {
         }
 
         /**
-         * The hex string encoded SHA-512 checksum of the file.
+         * The base64 encoded SHA-512 checksum of the file.
          * Can be null if not provided by the update site.
          * @since TODO
          */
-- 
GitLab


From 79ec930a8ef4f12d2f2574c50c2f42272e5c75fb Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <Wadeck@users.noreply.github.com>
Date: Sun, 29 Apr 2018 00:58:35 +0200
Subject: [PATCH 371/863] [JENKINS-49839] correct annotation check (#3321)

- also correct a bad annotation in Run
---
 core/src/main/java/hudson/ExtensionList.java   | 18 ++++++++++++++++--
 .../src/main/java/hudson/model/Descriptor.java |  2 +-
 core/src/main/java/hudson/model/Run.java       |  2 +-
 .../csrf/GlobalCrumbIssuerConfiguration.java   |  6 ++++--
 .../main/java/hudson/tools/ToolDescriptor.java |  6 ++++--
 .../views/GlobalDefaultViewConfiguration.java  |  2 +-
 .../main/java/hudson/views/MyViewsTabBar.java  |  4 ++--
 .../main/java/hudson/views/ViewsTabBar.java    |  4 ++--
 core/src/main/java/jenkins/CLI.java            |  9 ++-------
 .../model/ArtifactManagerConfiguration.java    |  6 ++++--
 .../java/jenkins/model/DownloadSettings.java   | 16 +++++++++-------
 .../model/GlobalCloudConfiguration.java        |  2 +-
 .../jenkins/model/GlobalConfiguration.java     |  6 ++++--
 .../model/GlobalConfigurationCategory.java     | 12 ++++++++----
 .../GlobalNodePropertiesConfiguration.java     |  2 +-
 .../model/GlobalPluginConfiguration.java       |  2 +-
 ...obalProjectNamingStrategyConfiguration.java |  4 ++--
 .../model/GlobalQuietPeriodConfiguration.java  |  4 ++--
 .../GlobalSCMRetryCountConfiguration.java      |  4 ++--
 core/src/main/java/jenkins/model/Jenkins.java  |  4 ++--
 .../model/JenkinsLocationConfiguration.java    | 10 ++--------
 .../model/MasterBuildConfiguration.java        |  6 +++---
 .../java/jenkins/mvn/GlobalMavenConfig.java    |  8 +++++---
 .../QueueItemAuthenticatorConfiguration.java   |  6 +++---
 .../UpdateSiteWarningsConfiguration.java       |  6 +++---
 .../s2m/MasterKillSwitchConfiguration.java     |  4 +++-
 .../tools/ToolConfigurationCategory.java       |  5 +++--
 27 files changed, 91 insertions(+), 69 deletions(-)

diff --git a/core/src/main/java/hudson/ExtensionList.java b/core/src/main/java/hudson/ExtensionList.java
index 9a4c77d2f5..566e3de404 100644
--- a/core/src/main/java/hudson/ExtensionList.java
+++ b/core/src/main/java/hudson/ExtensionList.java
@@ -145,15 +145,29 @@ public class ExtensionList<T> extends AbstractList<T> implements OnMaster {
      * Looks for the extension instance of the given type (subclasses excluded),
      * or return null.
      */
-    public @CheckForNull <U extends T> U get(Class<U> type) {
+    public @CheckForNull <U extends T> U get(@Nonnull Class<U> type) {
         for (T ext : this)
             if(ext.getClass()==type)
                 return type.cast(ext);
         return null;
     }
 
+    /**
+     * Looks for the extension instance of the given type (subclasses excluded),
+     * or throws an IllegalStateException.
+     * 
+     * Meant to simplify call inside @Extension annotated class to retrieve their own instance.
+     */
+    public @Nonnull <U extends T> U getInstance(@Nonnull Class<U> type) throws IllegalStateException {
+        for (T ext : this)
+            if(ext.getClass()==type)
+                return type.cast(ext);
+        
+        throw new IllegalStateException("The class " + type.getName() + " was not found, potentially not yet loaded");
+    }
+
     @Override
-    public Iterator<T> iterator() {
+    public @Nonnull Iterator<T> iterator() {
         // we need to intercept mutation, so for now don't allow Iterator.remove 
         return new AdaptedIterator<ExtensionComponent<T>,T>(Iterators.readOnly(ensureLoaded().iterator())) {
             protected T adapt(ExtensionComponent<T> item) {
diff --git a/core/src/main/java/hudson/model/Descriptor.java b/core/src/main/java/hudson/model/Descriptor.java
index fa3511a5f6..aef728d373 100644
--- a/core/src/main/java/hudson/model/Descriptor.java
+++ b/core/src/main/java/hudson/model/Descriptor.java
@@ -821,7 +821,7 @@ public abstract class Descriptor<T extends Describable<T>> implements Saveable,
      *
      * @since 2.0, used to be in {@link GlobalConfiguration} before that.
      */
-    public GlobalConfigurationCategory getCategory() {
+    public @Nonnull GlobalConfigurationCategory getCategory() {
         return GlobalConfigurationCategory.get(GlobalConfigurationCategory.Unclassified.class);
     }
 
diff --git a/core/src/main/java/hudson/model/Run.java b/core/src/main/java/hudson/model/Run.java
index 879a5bd402..10ec9f6574 100644
--- a/core/src/main/java/hudson/model/Run.java
+++ b/core/src/main/java/hudson/model/Run.java
@@ -1133,7 +1133,7 @@ public abstract class Run <JobT extends Job<JobT,RunT>,RunT extends Run<JobT,Run
 
     private static int addArtifacts(@Nonnull VirtualFile dir,
             @Nonnull String path, @Nonnull String pathHref, 
-            @Nonnull SerializableArtifactList r, @Nonnull SerializableArtifact parent, int upTo) throws IOException {
+            @Nonnull SerializableArtifactList r, @CheckForNull SerializableArtifact parent, int upTo) throws IOException {
         VirtualFile[] kids = dir.list();
         Arrays.sort(kids);
 
diff --git a/core/src/main/java/hudson/security/csrf/GlobalCrumbIssuerConfiguration.java b/core/src/main/java/hudson/security/csrf/GlobalCrumbIssuerConfiguration.java
index a93c70cc23..914fba876d 100644
--- a/core/src/main/java/hudson/security/csrf/GlobalCrumbIssuerConfiguration.java
+++ b/core/src/main/java/hudson/security/csrf/GlobalCrumbIssuerConfiguration.java
@@ -31,6 +31,8 @@ import net.sf.json.JSONObject;
 import org.jenkinsci.Symbol;
 import org.kohsuke.stapler.StaplerRequest;
 
+import javax.annotation.Nonnull;
+
 /**
  * Show the crumb configuration to the system config page.
  *
@@ -39,14 +41,14 @@ import org.kohsuke.stapler.StaplerRequest;
 @Extension(ordinal=195) @Symbol("crumb") // immediately after the security setting
 public class GlobalCrumbIssuerConfiguration extends GlobalConfiguration {
     @Override
-    public GlobalConfigurationCategory getCategory() {
+    public @Nonnull GlobalConfigurationCategory getCategory() {
         return GlobalConfigurationCategory.get(GlobalConfigurationCategory.Security.class);
     }
 
     @Override
     public boolean configure(StaplerRequest req, JSONObject json) throws FormException {
         // for compatibility reasons, the actual value is stored in Jenkins
-        Jenkins j = Jenkins.getInstance();
+        Jenkins j = Jenkins.get();
         if (json.has("csrf")) {
             JSONObject csrf = json.getJSONObject("csrf");
             j.setCrumbIssuer(CrumbIssuer.all().newInstanceFromRadioList(csrf, "issuer"));
diff --git a/core/src/main/java/hudson/tools/ToolDescriptor.java b/core/src/main/java/hudson/tools/ToolDescriptor.java
index 1e1f9788a5..c39149ceeb 100644
--- a/core/src/main/java/hudson/tools/ToolDescriptor.java
+++ b/core/src/main/java/hudson/tools/ToolDescriptor.java
@@ -44,6 +44,8 @@ import org.jvnet.tiger_types.Types;
 import org.kohsuke.stapler.QueryParameter;
 import org.kohsuke.stapler.StaplerRequest;
 
+import javax.annotation.Nonnull;
+
 /**
  * {@link Descriptor} for {@link ToolInstallation}.
  *
@@ -109,12 +111,12 @@ public abstract class ToolDescriptor<T extends ToolInstallation> extends Descrip
      * Lists up {@link ToolPropertyDescriptor}s that are applicable to this {@link ToolInstallation}.
      */
     public List<ToolPropertyDescriptor> getPropertyDescriptors() {
-        return PropertyDescriptor.<ToolPropertyDescriptor, ToolInstallation>for_(ToolProperty.all(), clazz);
+        return PropertyDescriptor.for_(ToolProperty.all(), clazz);
     }
 
 
     @Override
-    public GlobalConfigurationCategory getCategory() {
+    public @Nonnull GlobalConfigurationCategory getCategory() {
         return GlobalConfigurationCategory.get(ToolConfigurationCategory.class);
     }
 
diff --git a/core/src/main/java/hudson/views/GlobalDefaultViewConfiguration.java b/core/src/main/java/hudson/views/GlobalDefaultViewConfiguration.java
index c76ae404c3..36b8aea6a6 100644
--- a/core/src/main/java/hudson/views/GlobalDefaultViewConfiguration.java
+++ b/core/src/main/java/hudson/views/GlobalDefaultViewConfiguration.java
@@ -41,7 +41,7 @@ public class GlobalDefaultViewConfiguration extends GlobalConfiguration {
     @Override
     public boolean configure(StaplerRequest req, JSONObject json) throws FormException {
         // for compatibility reasons, the actual value is stored in Jenkins
-        Jenkins j = Jenkins.getInstance();
+        Jenkins j = Jenkins.get();
         if (json.has("primaryView")) {
             final String viewName = json.getString("primaryView");
             final View newPrimaryView = j.getView(viewName);
diff --git a/core/src/main/java/hudson/views/MyViewsTabBar.java b/core/src/main/java/hudson/views/MyViewsTabBar.java
index 1d2fe44db1..6727cb050e 100644
--- a/core/src/main/java/hudson/views/MyViewsTabBar.java
+++ b/core/src/main/java/hudson/views/MyViewsTabBar.java
@@ -100,13 +100,13 @@ public abstract class MyViewsTabBar extends AbstractDescribableImpl<MyViewsTabBa
     @Extension(ordinal=305) @Symbol("myView")
     public static class GlobalConfigurationImpl extends GlobalConfiguration {
         public MyViewsTabBar getMyViewsTabBar() {
-            return Jenkins.getInstance().getMyViewsTabBar();
+            return Jenkins.get().getMyViewsTabBar();
         }
 
         @Override
         public boolean configure(StaplerRequest req, JSONObject json) throws FormException {
             // for compatibility reasons, the actual value is stored in Jenkins
-            Jenkins j = Jenkins.getInstance();
+            Jenkins j = Jenkins.get();
 
             if (json.has("myViewsTabBar")) {
                 j.setMyViewsTabBar(req.bindJSON(MyViewsTabBar.class,json.getJSONObject("myViewsTabBar")));
diff --git a/core/src/main/java/hudson/views/ViewsTabBar.java b/core/src/main/java/hudson/views/ViewsTabBar.java
index 2b638b5d8a..a6cb0b4f79 100644
--- a/core/src/main/java/hudson/views/ViewsTabBar.java
+++ b/core/src/main/java/hudson/views/ViewsTabBar.java
@@ -102,13 +102,13 @@ public abstract class ViewsTabBar extends AbstractDescribableImpl<ViewsTabBar> i
     @Extension(ordinal=310) @Symbol("viewsTabBar")
     public static class GlobalConfigurationImpl extends GlobalConfiguration {
         public ViewsTabBar getViewsTabBar() {
-            return Jenkins.getInstance().getViewsTabBar();
+            return Jenkins.get().getViewsTabBar();
         }
 
         @Override
         public boolean configure(StaplerRequest req, JSONObject json) throws FormException {
             // for compatibility reasons, the actual value is stored in Jenkins
-            Jenkins j = Jenkins.getInstance();
+            Jenkins j = Jenkins.get();
 
             if (json.has("viewsTabBar")) {
                 j.setViewsTabBar(req.bindJSON(ViewsTabBar.class,json.getJSONObject("viewsTabBar")));
diff --git a/core/src/main/java/jenkins/CLI.java b/core/src/main/java/jenkins/CLI.java
index 2338e0fb4a..4d9f9af3df 100644
--- a/core/src/main/java/jenkins/CLI.java
+++ b/core/src/main/java/jenkins/CLI.java
@@ -34,12 +34,7 @@ public class CLI extends GlobalConfiguration {
 
     @Nonnull
     public static CLI get() {
-        CLI instance = GlobalConfiguration.all().get(CLI.class);
-        if (instance == null) {
-            // should not happen
-            return new CLI();
-        }
-        return instance;
+        return GlobalConfiguration.all().getInstance(CLI.class);
     }
     
     private boolean enabled = true; // historical default, but overridden in SetupWizard
@@ -49,7 +44,7 @@ public class CLI extends GlobalConfiguration {
     }
 
     @Override
-    public GlobalConfigurationCategory getCategory() {
+    public @Nonnull GlobalConfigurationCategory getCategory() {
         return GlobalConfigurationCategory.get(GlobalConfigurationCategory.Security.class);
     }
 
diff --git a/core/src/main/java/jenkins/model/ArtifactManagerConfiguration.java b/core/src/main/java/jenkins/model/ArtifactManagerConfiguration.java
index 43f98aae8d..29d7439d03 100644
--- a/core/src/main/java/jenkins/model/ArtifactManagerConfiguration.java
+++ b/core/src/main/java/jenkins/model/ArtifactManagerConfiguration.java
@@ -31,6 +31,8 @@ import net.sf.json.JSONObject;
 import org.jenkinsci.Symbol;
 import org.kohsuke.stapler.StaplerRequest;
 
+import javax.annotation.Nonnull;
+
 /**
  * List of configured {@link ArtifactManagerFactory}s.
  * @since 1.532
@@ -38,8 +40,8 @@ import org.kohsuke.stapler.StaplerRequest;
 @Extension @Symbol("artifactManager")
 public class ArtifactManagerConfiguration extends GlobalConfiguration {
     
-    public static ArtifactManagerConfiguration get() {
-        return Jenkins.getInstance().getInjector().getInstance(ArtifactManagerConfiguration.class);
+    public static @Nonnull ArtifactManagerConfiguration get() {
+        return GlobalConfiguration.all().getInstance(ArtifactManagerConfiguration.class);
     }
 
     private final DescribableList<ArtifactManagerFactory,ArtifactManagerFactoryDescriptor> artifactManagerFactories = new DescribableList<ArtifactManagerFactory,ArtifactManagerFactoryDescriptor>(this);
diff --git a/core/src/main/java/jenkins/model/DownloadSettings.java b/core/src/main/java/jenkins/model/DownloadSettings.java
index e4c78c2ef3..8c8b75b90b 100644
--- a/core/src/main/java/jenkins/model/DownloadSettings.java
+++ b/core/src/main/java/jenkins/model/DownloadSettings.java
@@ -42,6 +42,8 @@ import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 import org.kohsuke.stapler.HttpResponse;
 
+import javax.annotation.Nonnull;
+
 /**
  * Lets user configure how metadata files should be downloaded.
  * @see UpdateSite
@@ -51,8 +53,8 @@ import org.kohsuke.stapler.HttpResponse;
 @Extension @Symbol("downloadSettings")
 public final class DownloadSettings extends GlobalConfiguration {
 
-    public static DownloadSettings get() {
-        return Jenkins.getInstance().getInjector().getInstance(DownloadSettings.class);
+    public static @Nonnull DownloadSettings get() {
+        return GlobalConfiguration.all().getInstance(DownloadSettings.class);
     }
 
     private boolean useBrowser = false;
@@ -70,19 +72,19 @@ public final class DownloadSettings extends GlobalConfiguration {
         save();
     }
 
-    @Override public GlobalConfigurationCategory getCategory() {
+    @Override public @Nonnull GlobalConfigurationCategory getCategory() {
         return GlobalConfigurationCategory.get(GlobalConfigurationCategory.Security.class);
     }
 
     public static boolean usePostBack() {
-        return get().isUseBrowser() && Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER);
+        return get().isUseBrowser() && Jenkins.get().hasPermission(Jenkins.ADMINISTER);
     }
 
     public static void checkPostBackAccess() throws AccessDeniedException {
         if (!get().isUseBrowser()) {
             throw new AccessDeniedException("browser-based download disabled");
         }
-        Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
+        Jenkins.get().checkPermission(Jenkins.ADMINISTER);
     }
 
     @Extension @Symbol("updateCenterCheck")
@@ -106,7 +108,7 @@ public final class DownloadSettings extends GlobalConfiguration {
                 return;
             }
             boolean due = false;
-            for (UpdateSite site : Jenkins.getInstance().getUpdateCenter().getSites()) {
+            for (UpdateSite site : Jenkins.get().getUpdateCenter().getSites()) {
                 if (site.isDue()) {
                     due = true;
                     break;
@@ -128,7 +130,7 @@ public final class DownloadSettings extends GlobalConfiguration {
                 return;
             }
             // This checks updates of the update sites and downloadables.
-            HttpResponse rsp = Jenkins.getInstance().getPluginManager().doCheckUpdatesServer();
+            HttpResponse rsp = Jenkins.get().getPluginManager().doCheckUpdatesServer();
             if (rsp instanceof FormValidation) {
                 listener.error(((FormValidation) rsp).renderHtml());
             }
diff --git a/core/src/main/java/jenkins/model/GlobalCloudConfiguration.java b/core/src/main/java/jenkins/model/GlobalCloudConfiguration.java
index a4aa432e20..9c6635ab05 100644
--- a/core/src/main/java/jenkins/model/GlobalCloudConfiguration.java
+++ b/core/src/main/java/jenkins/model/GlobalCloudConfiguration.java
@@ -21,7 +21,7 @@ public class GlobalCloudConfiguration  extends GlobalConfiguration {
     @Override
     public boolean configure(StaplerRequest req, JSONObject json) throws FormException {
         try {
-            Jenkins.getInstance().clouds.rebuildHetero(req,json, Cloud.all(), "cloud");
+            Jenkins.get().clouds.rebuildHetero(req,json, Cloud.all(), "cloud");
             return true;
         } catch (IOException e) {
             throw new FormException(e,"clouds");
diff --git a/core/src/main/java/jenkins/model/GlobalConfiguration.java b/core/src/main/java/jenkins/model/GlobalConfiguration.java
index f751404bed..76320768b0 100644
--- a/core/src/main/java/jenkins/model/GlobalConfiguration.java
+++ b/core/src/main/java/jenkins/model/GlobalConfiguration.java
@@ -7,6 +7,8 @@ import hudson.model.Descriptor;
 import net.sf.json.JSONObject;
 import org.kohsuke.stapler.StaplerRequest;
 
+import javax.annotation.Nonnull;
+
 /**
  * Convenient base class for extensions that contributes to the system configuration page but nothing
  * else, or to manage the global configuration of a plugin implementing several extension points.
@@ -69,8 +71,8 @@ public abstract class GlobalConfiguration extends Descriptor<GlobalConfiguration
     /**
      * Returns all the registered {@link GlobalConfiguration} descriptors.
      */
-    public static ExtensionList<GlobalConfiguration> all() {
-        return Jenkins.getInstance().<GlobalConfiguration,GlobalConfiguration>getDescriptorList(GlobalConfiguration.class);
+    public static @Nonnull ExtensionList<GlobalConfiguration> all() {
+        return Jenkins.get().getDescriptorList(GlobalConfiguration.class);
         // pointless type parameters help work around bugs in javac in earlier versions http://codepad.org/m1bbFRrH
     }
 }
diff --git a/core/src/main/java/jenkins/model/GlobalConfigurationCategory.java b/core/src/main/java/jenkins/model/GlobalConfigurationCategory.java
index d46329a404..5164f171e4 100644
--- a/core/src/main/java/jenkins/model/GlobalConfigurationCategory.java
+++ b/core/src/main/java/jenkins/model/GlobalConfigurationCategory.java
@@ -4,10 +4,10 @@ import hudson.Extension;
 import hudson.ExtensionList;
 import hudson.ExtensionPoint;
 import hudson.model.ModelObject;
-import hudson.security.*;
-import hudson.security.Messages;
 import org.jenkinsci.Symbol;
 
+import javax.annotation.Nonnull;
+
 /**
  * Grouping of related {@link GlobalConfiguration}s.
  *
@@ -41,8 +41,12 @@ public abstract class GlobalConfigurationCategory implements ExtensionPoint, Mod
         return ExtensionList.lookup(GlobalConfigurationCategory.class);
     }
 
-    public static <T extends GlobalConfigurationCategory> T get(Class<T> type) {
-        return all().get(type);
+    public static @Nonnull <T extends GlobalConfigurationCategory> T get(Class<T> type) {
+        T category = all().get(type);
+        if(category == null){
+            throw new AssertionError("Category not found. It seems the " + type + " is not annotated with @Extension and so not registered");
+        }
+        return category;
     }
 
     /**
diff --git a/core/src/main/java/jenkins/model/GlobalNodePropertiesConfiguration.java b/core/src/main/java/jenkins/model/GlobalNodePropertiesConfiguration.java
index 68bfc2bf01..b4cd78f46a 100644
--- a/core/src/main/java/jenkins/model/GlobalNodePropertiesConfiguration.java
+++ b/core/src/main/java/jenkins/model/GlobalNodePropertiesConfiguration.java
@@ -19,7 +19,7 @@ public class GlobalNodePropertiesConfiguration extends GlobalConfiguration {
     @Override
     public boolean configure(StaplerRequest req, JSONObject json) throws FormException {
         try {
-            Jenkins j = Jenkins.getInstance();
+            Jenkins j = Jenkins.get();
             JSONObject np = json.getJSONObject("globalNodeProperties");
             if (!np.isNullObject()) {
                 j.getGlobalNodeProperties().rebuild(req, np, NodeProperty.for_(j));
diff --git a/core/src/main/java/jenkins/model/GlobalPluginConfiguration.java b/core/src/main/java/jenkins/model/GlobalPluginConfiguration.java
index a706573c07..0454001f2a 100644
--- a/core/src/main/java/jenkins/model/GlobalPluginConfiguration.java
+++ b/core/src/main/java/jenkins/model/GlobalPluginConfiguration.java
@@ -24,7 +24,7 @@ public class GlobalPluginConfiguration  extends GlobalConfiguration {
     public boolean configure(StaplerRequest req, JSONObject json) throws FormException {
         try {
             for( JSONObject o : StructuredForm.toList(json, "plugin"))
-                Jenkins.getInstance().pluginManager.getPlugin(o.getString("name")).getPlugin().configure(req, o);
+                Jenkins.get().pluginManager.getPlugin(o.getString("name")).getPlugin().configure(req, o);
             return true;
         } catch (IOException | ServletException e) {
             throw new FormException(e,"plugin");
diff --git a/core/src/main/java/jenkins/model/GlobalProjectNamingStrategyConfiguration.java b/core/src/main/java/jenkins/model/GlobalProjectNamingStrategyConfiguration.java
index ca07798af1..2502df1b6e 100644
--- a/core/src/main/java/jenkins/model/GlobalProjectNamingStrategyConfiguration.java
+++ b/core/src/main/java/jenkins/model/GlobalProjectNamingStrategyConfiguration.java
@@ -41,13 +41,13 @@ public class GlobalProjectNamingStrategyConfiguration extends GlobalConfiguratio
     @Override
     public boolean configure(StaplerRequest req, JSONObject json) throws hudson.model.Descriptor.FormException {
         // for compatibility reasons, the actual value is stored in Jenkins
-        Jenkins j = Jenkins.getInstance();
+        Jenkins j = Jenkins.get();
         final JSONObject optJSONObject = json.optJSONObject("useProjectNamingStrategy");
         if (optJSONObject != null) {
             final JSONObject strategyObject = optJSONObject.getJSONObject("namingStrategy");
             final String className = strategyObject.getString("$class");
             try {
-                Class clazz = Class.forName(className, true, Jenkins.getInstance().getPluginManager().uberClassLoader);
+                Class clazz = Class.forName(className, true, j.getPluginManager().uberClassLoader);
                 final ProjectNamingStrategy strategy = (ProjectNamingStrategy) req.bindJSON(clazz, strategyObject);
                 j.setProjectNamingStrategy(strategy);
             } catch (ClassNotFoundException e) {
diff --git a/core/src/main/java/jenkins/model/GlobalQuietPeriodConfiguration.java b/core/src/main/java/jenkins/model/GlobalQuietPeriodConfiguration.java
index cf1001793a..b0cdd84d3d 100644
--- a/core/src/main/java/jenkins/model/GlobalQuietPeriodConfiguration.java
+++ b/core/src/main/java/jenkins/model/GlobalQuietPeriodConfiguration.java
@@ -38,7 +38,7 @@ import java.io.IOException;
 @Extension(ordinal=400) @Symbol("quietPeriod")
 public class GlobalQuietPeriodConfiguration extends GlobalConfiguration {
     public int getQuietPeriod() {
-        return Jenkins.getInstance().getQuietPeriod();
+        return Jenkins.get().getQuietPeriod();
     }
 
     @Override
@@ -51,7 +51,7 @@ public class GlobalQuietPeriodConfiguration extends GlobalConfiguration {
         }
         try {
             // for compatibility reasons, this value is stored in Jenkins
-            Jenkins.getInstance().setQuietPeriod(i);
+            Jenkins.get().setQuietPeriod(i);
             return true;
         } catch (IOException e) {
             throw new FormException(e,"quietPeriod");
diff --git a/core/src/main/java/jenkins/model/GlobalSCMRetryCountConfiguration.java b/core/src/main/java/jenkins/model/GlobalSCMRetryCountConfiguration.java
index 3e4d3afafa..32d0c155c6 100644
--- a/core/src/main/java/jenkins/model/GlobalSCMRetryCountConfiguration.java
+++ b/core/src/main/java/jenkins/model/GlobalSCMRetryCountConfiguration.java
@@ -39,14 +39,14 @@ import java.io.IOException;
 @Extension(ordinal=395) @Symbol("scmRetryCount")
 public class GlobalSCMRetryCountConfiguration extends GlobalConfiguration {
     public int getScmCheckoutRetryCount() {
-        return Jenkins.getInstance().getScmCheckoutRetryCount();
+        return Jenkins.get().getScmCheckoutRetryCount();
     }
 
     @Override
     public boolean configure(StaplerRequest req, JSONObject json) throws FormException {
         try {
             // for compatibility reasons, this value is stored in Jenkins
-            Jenkins.getInstance().setScmCheckoutRetryCount(json.getInt("scmCheckoutRetryCount"));
+            Jenkins.get().setScmCheckoutRetryCount(json.getInt("scmCheckoutRetryCount"));
             return true;
         } catch (IOException e) {
             throw new FormException(e,"quietPeriod");
diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index 1d200ebd2a..16eb7ad9fc 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -2539,7 +2539,7 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
      *
      * @since 1.433
      */
-    public Injector getInjector() {
+    public @CheckForNull Injector getInjector() {
         return lookup(Injector.class);
     }
 
@@ -2576,7 +2576,7 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
      *      Can be an empty list but never null.
      */
     @SuppressWarnings({"unchecked"})
-    public <T extends Describable<T>,D extends Descriptor<T>> DescriptorExtensionList<T,D> getDescriptorList(Class<T> type) {
+    public @Nonnull <T extends Describable<T>,D extends Descriptor<T>> DescriptorExtensionList<T,D> getDescriptorList(Class<T> type) {
         return descriptorLists.computeIfAbsent(type, key -> DescriptorExtensionList.createDescriptorList(this, key));
     }
 
diff --git a/core/src/main/java/jenkins/model/JenkinsLocationConfiguration.java b/core/src/main/java/jenkins/model/JenkinsLocationConfiguration.java
index 9f15cd918e..ed402938b4 100644
--- a/core/src/main/java/jenkins/model/JenkinsLocationConfiguration.java
+++ b/core/src/main/java/jenkins/model/JenkinsLocationConfiguration.java
@@ -43,14 +43,8 @@ public class JenkinsLocationConfiguration extends GlobalConfiguration {
     // just to suppress warnings
     private transient String charset,useSsl;
 
-    /**
-     * Gets local configuration.
-     * 
-     * @return {@code null} if the {@link GlobalConfiguration#all()} list does not contain this extension.
-     *         Most likely it means that the Jenkins instance has not been fully loaded yet.
-     */
-    public static @CheckForNull JenkinsLocationConfiguration get() {
-        return GlobalConfiguration.all().get(JenkinsLocationConfiguration.class);
+    public static @Nonnull JenkinsLocationConfiguration get() {
+        return GlobalConfiguration.all().getInstance(JenkinsLocationConfiguration.class);
     }
     
     /**
diff --git a/core/src/main/java/jenkins/model/MasterBuildConfiguration.java b/core/src/main/java/jenkins/model/MasterBuildConfiguration.java
index 3bc348419c..e656a6d9bf 100644
--- a/core/src/main/java/jenkins/model/MasterBuildConfiguration.java
+++ b/core/src/main/java/jenkins/model/MasterBuildConfiguration.java
@@ -39,16 +39,16 @@ import java.io.IOException;
 @Extension(ordinal=500) @Symbol("masterBuild")
 public class MasterBuildConfiguration extends GlobalConfiguration {
     public int getNumExecutors() {
-        return Jenkins.getInstance().getNumExecutors();
+        return Jenkins.get().getNumExecutors();
     }
 
     public String getLabelString() {
-        return Jenkins.getInstance().getLabelString();
+        return Jenkins.get().getLabelString();
     }
 
     @Override
     public boolean configure(StaplerRequest req, JSONObject json) throws FormException {
-        Jenkins j = Jenkins.getInstance();
+        Jenkins j = Jenkins.get();
         try {
             // for compatibility reasons, this value is stored in Jenkins
             String num = json.getString("numExecutors");
diff --git a/core/src/main/java/jenkins/mvn/GlobalMavenConfig.java b/core/src/main/java/jenkins/mvn/GlobalMavenConfig.java
index b8d0ebe4a5..24cdb171e2 100644
--- a/core/src/main/java/jenkins/mvn/GlobalMavenConfig.java
+++ b/core/src/main/java/jenkins/mvn/GlobalMavenConfig.java
@@ -7,6 +7,8 @@ import jenkins.tools.ToolConfigurationCategory;
 
 import org.jenkinsci.Symbol;
 
+import javax.annotation.Nonnull;
+
 //as close as it gets to the global Maven Project configuration
 @Extension(ordinal = 50) @Symbol("maven")
 public class GlobalMavenConfig extends GlobalConfiguration {
@@ -18,7 +20,7 @@ public class GlobalMavenConfig extends GlobalConfiguration {
     }
 
     @Override
-    public ToolConfigurationCategory getCategory() {
+    public @Nonnull ToolConfigurationCategory getCategory() {
         return GlobalConfigurationCategory.get(ToolConfigurationCategory.class);
     }
 
@@ -40,8 +42,8 @@ public class GlobalMavenConfig extends GlobalConfiguration {
         return settingsProvider != null ? settingsProvider : new DefaultSettingsProvider();
     }
 
-    public static GlobalMavenConfig get() {
-        return GlobalConfiguration.all().get(GlobalMavenConfig.class);
+    public static @Nonnull GlobalMavenConfig get() {
+        return GlobalConfiguration.all().getInstance(GlobalMavenConfig.class);
     }
 
 }
diff --git a/core/src/main/java/jenkins/security/QueueItemAuthenticatorConfiguration.java b/core/src/main/java/jenkins/security/QueueItemAuthenticatorConfiguration.java
index 7a2ef81427..df85943f26 100644
--- a/core/src/main/java/jenkins/security/QueueItemAuthenticatorConfiguration.java
+++ b/core/src/main/java/jenkins/security/QueueItemAuthenticatorConfiguration.java
@@ -35,7 +35,7 @@ public class QueueItemAuthenticatorConfiguration extends GlobalConfiguration {
     }
 
     @Override
-    public GlobalConfigurationCategory getCategory() {
+    public @Nonnull GlobalConfigurationCategory getCategory() {
         return GlobalConfigurationCategory.get(GlobalConfigurationCategory.Security.class);
     }
 
@@ -61,8 +61,8 @@ public class QueueItemAuthenticatorConfiguration extends GlobalConfiguration {
         }
     }
 
-    public static QueueItemAuthenticatorConfiguration get() {
-        return Jenkins.getInstance().getInjector().getInstance(QueueItemAuthenticatorConfiguration.class);
+    public static @Nonnull QueueItemAuthenticatorConfiguration get() {
+        return GlobalConfiguration.all().getInstance(QueueItemAuthenticatorConfiguration.class);
     }
 
     @Extension(ordinal = 100)
diff --git a/core/src/main/java/jenkins/security/UpdateSiteWarningsConfiguration.java b/core/src/main/java/jenkins/security/UpdateSiteWarningsConfiguration.java
index a8295d8b75..8ea916bab4 100644
--- a/core/src/main/java/jenkins/security/UpdateSiteWarningsConfiguration.java
+++ b/core/src/main/java/jenkins/security/UpdateSiteWarningsConfiguration.java
@@ -55,7 +55,7 @@ public class UpdateSiteWarningsConfiguration extends GlobalConfiguration {
     private HashSet<String> ignoredWarnings = new HashSet<>();
 
     @Override
-    public GlobalConfigurationCategory getCategory() {
+    public @Nonnull GlobalConfigurationCategory getCategory() {
         return GlobalConfigurationCategory.get(GlobalConfigurationCategory.Security.class);
     }
 
@@ -77,14 +77,14 @@ public class UpdateSiteWarningsConfiguration extends GlobalConfiguration {
         if (warning.type != UpdateSite.Warning.Type.PLUGIN) {
             return null;
         }
-        return Jenkins.getInstance().getPluginManager().getPlugin(warning.component);
+        return Jenkins.get().getPluginManager().getPlugin(warning.component);
     }
 
     @Nonnull
     public Set<UpdateSite.Warning> getAllWarnings() {
         HashSet<UpdateSite.Warning> allWarnings = new HashSet<>();
 
-        for (UpdateSite site : Jenkins.getInstance().getUpdateCenter().getSites()) {
+        for (UpdateSite site : Jenkins.get().getUpdateCenter().getSites()) {
             UpdateSite.Data data = site.getData();
             if (data != null) {
                 allWarnings.addAll(data.getWarnings());
diff --git a/core/src/main/java/jenkins/security/s2m/MasterKillSwitchConfiguration.java b/core/src/main/java/jenkins/security/s2m/MasterKillSwitchConfiguration.java
index 3a1e2b063d..66e20fdd22 100644
--- a/core/src/main/java/jenkins/security/s2m/MasterKillSwitchConfiguration.java
+++ b/core/src/main/java/jenkins/security/s2m/MasterKillSwitchConfiguration.java
@@ -1,6 +1,8 @@
 package jenkins.security.s2m;
 
 import hudson.Extension;
+
+import javax.annotation.Nonnull;
 import javax.inject.Inject;
 import jenkins.model.GlobalConfiguration;
 import jenkins.model.GlobalConfigurationCategory;
@@ -23,7 +25,7 @@ public class MasterKillSwitchConfiguration extends GlobalConfiguration {
     Jenkins jenkins;
 
     @Override
-    public GlobalConfigurationCategory getCategory() {
+    public @Nonnull GlobalConfigurationCategory getCategory() {
         return GlobalConfigurationCategory.get(GlobalConfigurationCategory.Security.class);
     }
 
diff --git a/core/src/main/java/jenkins/tools/ToolConfigurationCategory.java b/core/src/main/java/jenkins/tools/ToolConfigurationCategory.java
index e785369556..5c6d6ce695 100644
--- a/core/src/main/java/jenkins/tools/ToolConfigurationCategory.java
+++ b/core/src/main/java/jenkins/tools/ToolConfigurationCategory.java
@@ -2,6 +2,7 @@ package jenkins.tools;
 
 import hudson.Extension;
 import jenkins.model.GlobalConfigurationCategory;
+import jenkins.management.Messages;
 
 /**
  * Global configuration of tool locations and installers.
@@ -12,10 +13,10 @@ import jenkins.model.GlobalConfigurationCategory;
 public class ToolConfigurationCategory extends GlobalConfigurationCategory {
     @Override
     public String getShortDescription() {
-        return jenkins.management.Messages.ConfigureTools_Description();
+        return Messages.ConfigureTools_Description();
     }
 
     public String getDisplayName() {
-        return jenkins.management.Messages.ConfigureTools_DisplayName();
+        return Messages.ConfigureTools_DisplayName();
     }
 }
-- 
GitLab


From 701485e86b0163cb0d683234f6d3e3915abe01a3 Mon Sep 17 00:00:00 2001
From: Andy Neebel <andy@andne.net>
Date: Sun, 29 Apr 2018 05:50:30 -0500
Subject: [PATCH 372/863] [JENKINS-9104] Move process killing veto checks to
 master (#3357)

* [JENKINS-9104] Add a test method to show that vetos aren't processed on slaves

* Move the veto check to always run on the master

* Add a flag to skip master call if empty list
---
 .../main/java/hudson/util/ProcessTree.java    | 126 ++++++++++++++++--
 .../hudson/util/ProcessTreeKillerTest.java    |  41 +++++-
 2 files changed, 152 insertions(+), 15 deletions(-)

diff --git a/core/src/main/java/hudson/util/ProcessTree.java b/core/src/main/java/hudson/util/ProcessTree.java
index f1503dd7ff..d18d92e7a9 100644
--- a/core/src/main/java/hudson/util/ProcessTree.java
+++ b/core/src/main/java/hudson/util/ProcessTree.java
@@ -94,9 +94,20 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
      * Lazily obtained {@link ProcessKiller}s to be applied on this process tree.
      */
     private transient volatile List<ProcessKiller> killers;
+    
+    /**
+     * Flag to skip the veto check since there aren't any.
+     */
+    private boolean skipVetoes;
 
     // instantiation only allowed for subtypes in this class
-    private ProcessTree() {}
+    private ProcessTree() {
+       skipVetoes = false;
+    }
+    
+    private ProcessTree(boolean vetoesExist) {
+        skipVetoes = !vetoesExist;
+    }
 
     /**
      * Gets the process given a specific ID, or null if no such process exists.
@@ -241,14 +252,26 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
          * null if no one objects killing the process.
          */
         protected @CheckForNull VetoCause getVeto() {
-            for (ProcessKillingVeto vetoExtension : ProcessKillingVeto.all()) {
-                VetoCause cause = vetoExtension.vetoProcessKilling(this);
-                if (cause != null) {
-                    if (LOGGER.isLoggable(FINEST))
-                        LOGGER.finest("Killing of pid " + getPid() + " vetoed by " + vetoExtension.getClass().getName() + ": " + cause.getMessage());
-                    return cause;
+            String causeMessage = null;
+            
+            // Quick check, does anything exist to check against
+            if (!skipVetoes) {
+                try {
+                    VirtualChannel channelToMaster = SlaveComputer.getChannelToMaster();
+                    if (channelToMaster!=null) {
+                        CheckVetoes vetoCheck = new CheckVetoes(this);
+                        causeMessage = channelToMaster.call(vetoCheck);
+                    }
+                } catch (IOException e) {
+                    LOGGER.log(Level.WARNING, "I/O Exception while checking for vetoes", e);
+                } catch (InterruptedException e) {
+                    LOGGER.log(Level.WARNING, "Interrupted Exception while checking for vetoes", e);
                 }
             }
+            
+            if (causeMessage != null) {
+                return new VetoCause(causeMessage);
+            }
             return null;
         }
 
@@ -300,6 +323,27 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
         Object writeReplace() {
             return new SerializedProcess(pid);
         }
+        
+        private class CheckVetoes extends SlaveToMasterCallable<String, IOException> {
+            private IOSProcess process;
+            
+            public CheckVetoes(IOSProcess processToCheck) {
+                process = processToCheck;
+            }
+        
+            @Override
+            public String call() throws IOException {
+                for (ProcessKillingVeto vetoExtension : ProcessKillingVeto.all()) {
+                    VetoCause cause = vetoExtension.vetoProcessKilling(process);
+                    if (cause != null) {
+                        if (LOGGER.isLoggable(FINEST))
+                            LOGGER.info("Killing of pid " + getPid() + " vetoed by " + vetoExtension.getClass().getName() + ": " + cause.getMessage());
+                        return cause.getMessage();
+                    }
+                }
+                return null;
+            }
+        }
     }
 
     /**
@@ -338,6 +382,8 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
     }
 
 
+    private static Boolean vetoersExist;
+    
     /**
      * Gets the {@link ProcessTree} of the current system
      * that JVM runs in, or in the worst case return the default one
@@ -347,17 +393,30 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
         if(!enabled)
             return DEFAULT;
 
+        // Check for the existance of vetoers if I don't know already
+        if (vetoersExist == null) {
+            try {
+                vetoersExist = SlaveComputer.getChannelToMaster().call(new DoVetoersExist());
+            }
+            catch (Exception e) {
+                LOGGER.log(Level.WARNING, "Error while determining if vetoers exist", e);
+            }
+        }
+        
+        // Null-check in case the previous call worked
+        boolean vetoes = (vetoersExist == null ? true : vetoersExist);
+        
         try {
             if(File.pathSeparatorChar==';')
-                return new Windows();
+                return new Windows(vetoes);
 
             String os = Util.fixNull(System.getProperty("os.name"));
             if(os.equals("Linux"))
-                return new Linux();
+                return new Linux(vetoes);
             if(os.equals("SunOS"))
-                return new Solaris();
+                return new Solaris(vetoes);
             if(os.equals("Mac OS X"))
-                return new Darwin();
+                return new Darwin(vetoes);
         } catch (LinkageError e) {
             LOGGER.log(Level.WARNING,"Failed to load winp. Reverting to the default",e);
             enabled = false;
@@ -365,6 +424,13 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
 
         return DEFAULT;
     }
+    
+    private static class DoVetoersExist extends SlaveToMasterCallable<Boolean, IOException> {
+        @Override
+        public Boolean call() throws IOException {
+            return ProcessKillingVeto.all().size() > 0;
+        }
+    }
 
 //
 //
@@ -512,7 +578,9 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
     }
 
     private static final class Windows extends Local {
-        Windows() {
+        Windows(boolean vetoesExist) {
+            super(vetoesExist);
+            
             for (final WinProcess p : WinProcess.all()) {
                 int pid = p.getPid();
                 if(pid == 0 || pid == 4) continue; // skip the System Idle and System processes
@@ -574,6 +642,10 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
     }
 
     static abstract class Unix extends Local {
+        public Unix(boolean vetoersExist) {
+            super(vetoersExist);
+        }
+        
         @Override
         public OSProcess get(Process proc) {
             try {
@@ -595,7 +667,9 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
      * {@link ProcessTree} based on /proc.
      */
     static abstract class ProcfsUnix extends Unix {
-        ProcfsUnix() {
+        ProcfsUnix(boolean vetoersExist) {
+            super(vetoersExist);
+            
             File[] processes = new File("/proc").listFiles(new FileFilter() {
                 public boolean accept(File f) {
                     return f.isDirectory();
@@ -739,6 +813,10 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
 
 
     static class Linux extends ProcfsUnix {
+        public Linux(boolean vetoersExist) {
+            super(vetoersExist);
+        }
+        
         protected LinuxProcess createProcess(int pid) throws IOException {
             return new LinuxProcess(pid);
         }
@@ -853,6 +931,10 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
      *     when accessing this file.
      */
     static class Solaris extends ProcfsUnix {
+        public Solaris(boolean vetoersExist) {
+            super(vetoersExist);
+        }
+        
         protected OSProcess createProcess(final int pid) throws IOException {
             return new SolarisProcess(pid);
         }
@@ -1093,7 +1175,9 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
      * Implementation for Mac OS X based on sysctl(3).
      */
     private static class Darwin extends Unix {
-        Darwin() {
+        Darwin(boolean vetoersExist) {
+            super(vetoersExist);
+
             String arch = System.getProperty("sun.arch.data.model");
             if ("64".equals(arch)) {
                 sizeOf_kinfo_proc = sizeOf_kinfo_proc_64;
@@ -1312,8 +1396,13 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
      * (The opposite of {@link Remote}.)
      */
     public static abstract class Local extends ProcessTree {
+        @Deprecated
         Local() {
         }
+        
+        Local(boolean vetoesExist) {
+            super(vetoesExist);
+        }
     }
 
     /**
@@ -1322,11 +1411,20 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
     public static class Remote extends ProcessTree implements Serializable {
         private final IProcessTree proxy;
 
+        @Deprecated
         public Remote(ProcessTree proxy, Channel ch) {
             this.proxy = ch.export(IProcessTree.class,proxy);
             for (Entry<Integer,OSProcess> e : proxy.processes.entrySet())
                 processes.put(e.getKey(),new RemoteProcess(e.getValue(),ch));
         }
+        
+        public Remote(ProcessTree proxy, Channel ch, boolean vetoersExist) {
+            super(vetoersExist);
+            
+            this.proxy = ch.export(IProcessTree.class,proxy);
+            for (Entry<Integer,OSProcess> e : proxy.processes.entrySet())
+                processes.put(e.getKey(),new RemoteProcess(e.getValue(),ch));
+        }
 
         @Override
         public OSProcess get(Process proc) {
diff --git a/test/src/test/java/hudson/util/ProcessTreeKillerTest.java b/test/src/test/java/hudson/util/ProcessTreeKillerTest.java
index 103abe6abb..e593baea1e 100644
--- a/test/src/test/java/hudson/util/ProcessTreeKillerTest.java
+++ b/test/src/test/java/hudson/util/ProcessTreeKillerTest.java
@@ -4,6 +4,7 @@ import static org.junit.Assert.*;
 import static org.junit.Assume.*;
 import java.io.File;
 import java.io.IOException;
+import java.io.StringWriter;
 
 import hudson.EnvVars;
 import hudson.Functions;
@@ -13,6 +14,7 @@ import hudson.model.AbstractBuild;
 import hudson.model.BuildListener;
 import hudson.model.FreeStyleBuild;
 import hudson.model.FreeStyleProject;
+import hudson.model.Slave;
 import hudson.tasks.Maven;
 import hudson.tasks.Shell;
 import hudson.util.ProcessTreeRemoting.IOSProcess;
@@ -27,6 +29,7 @@ import org.jvnet.hudson.test.TestBuilder;
 import org.jvnet.hudson.test.TestExtension;
 import com.google.common.collect.ImmutableMap;
 
+
 public class ProcessTreeKillerTest {
 
     @Rule
@@ -136,8 +139,44 @@ public class ProcessTreeKillerTest {
             // Means the process is still running
         }
     }
+    
+    @Test
+    @Issue("JENKINS-9104")
+    public void considersKillingVetosOnSlave() throws Exception {
+        // on some platforms where we fail to list any processes, this test will
+        // just not work
+        assumeTrue(ProcessTree.get() != ProcessTree.DEFAULT);
+        
+        // Define a process we (shouldn't) kill
+        ProcessBuilder pb = new ProcessBuilder();
+        pb.environment().put("cookie", "testKeepDaemonsAlive");
+        
+        if (File.pathSeparatorChar == ';') {
+            pb.command("cmd");
+        } else {
+            pb.command("sleep", "5m");
+        }
+        
+        // Create a slave so we can tell it to kill the process
+        Slave s = j.createSlave();
+        s.toComputer().connect(false).get();
+        
+        // Start the process
+        process = pb.start();
+        
+        // Call killall (somewhat roundabout though) to (not) kill it
+        StringWriter out = new StringWriter();
+        s.createLauncher(new StreamTaskListener(out)).kill(ImmutableMap.of("cookie", "testKeepDaemonsAlive"));
+        
+        try {
+            process.exitValue();
+            fail("Process should have been excluded from the killing");
+        } catch (IllegalThreadStateException e) {
+            // Means the process is still running
+        }
+    }
 
-    @TestExtension("considersKillingVetos")
+    @TestExtension({"considersKillingVetos", "considersKillingVetosOnSlave"})
     public static class VetoAllKilling extends ProcessKillingVeto {
         @Override
         public VetoCause vetoProcessKilling(IOSProcess p) {
-- 
GitLab


From f94ecf2c9f117ec7656c3f0b3bae8867cbe7ba7f Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Mon, 30 Apr 2018 09:53:49 +0200
Subject: [PATCH 373/863] Set ATH mvn run: set batch mode, and show versions

---
 Jenkinsfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Jenkinsfile b/Jenkinsfile
index 20ac0b0b63..68c3ee4a9b 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -76,7 +76,7 @@ builds.ath = {
             checkout scm
             withMavenEnv(["JAVA_OPTS=-Xmx1536m -Xms512m",
                           "MAVEN_OPTS=-Xmx1536m -Xms512m"]) {
-                sh "mvn -DskipTests -am -pl war package -Dmaven.repo.local=${pwd tmp: true}/m2repo -s settings-azure.xml"
+                sh "mvn --batch-mode --show-version -DskipTests -am -pl war package -Dmaven.repo.local=${pwd tmp: true}/m2repo -s settings-azure.xml"
             }
             dir("war/target") {
                 fileUri = "file://" + pwd() + "/jenkins.war"
-- 
GitLab


From 0a7543c4435925b65a42482597eb1b6c0c7e483a Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 30 Apr 2018 11:56:44 -0700
Subject: [PATCH 374/863] [maven-release-plugin] prepare release jenkins-2.119

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 41214c492d..aeacbbf602 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.119-SNAPSHOT</version>
+    <version>2.119</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index f2744c8e2c..8c4be41d91 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.119-SNAPSHOT</version>
+    <version>2.119</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index a6597b4409..32d2673f07 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.119-SNAPSHOT</version>
+  <version>2.119</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.119</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 9809942045..1a4391f5bc 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.119-SNAPSHOT</version>
+    <version>2.119</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index d0eaf3e73f..179c645c0f 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.119-SNAPSHOT</version>
+    <version>2.119</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From a669e240afd8b800ce4cffd5c22a1adb60d396a9 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 30 Apr 2018 11:56:44 -0700
Subject: [PATCH 375/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index aeacbbf602..cfe6703894 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.119</version>
+    <version>2.120-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 8c4be41d91..fc8da936c4 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.119</version>
+    <version>2.120-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 32d2673f07..a489df1330 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.119</version>
+  <version>2.120-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.119</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 1a4391f5bc..e53fc4d2ba 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.119</version>
+    <version>2.120-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 179c645c0f..ab6a97b8c2 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.119</version>
+    <version>2.120-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 7d1f232504e35275411189de9268717e3afd6cba Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Tue, 1 May 2018 09:50:24 +0200
Subject: [PATCH 376/863] Better usage of Optional

---
 .../security/apitoken/ApiTokenStats.java      | 31 +++++++------------
 1 file changed, 12 insertions(+), 19 deletions(-)

diff --git a/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
index cf4c310946..fd33af2f87 100644
--- a/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
@@ -40,6 +40,7 @@ import java.util.Date;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.Optional;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
@@ -118,15 +119,12 @@ public class ApiTokenStats implements Saveable {
             return new SingleTokenStats(tokenUuid);
         }
         
-        SingleTokenStats stats = tokenStats.stream()
-                .filter(s -> s.tokenUuid.equals(tokenUuid))
-                .findFirst()
-                .orElse(null);
-        
-        if (stats == null) {
-            stats = new SingleTokenStats(tokenUuid);
-            tokenStats.add(stats);
-        }
+        SingleTokenStats stats = findById(tokenUuid)
+                .orElseGet(() -> {
+                    SingleTokenStats result = new SingleTokenStats(tokenUuid);
+                    tokenStats.add(result);
+                    return result;
+                });
         
         stats.notifyUse();
         save();
@@ -139,20 +137,15 @@ public class ApiTokenStats implements Saveable {
             return new SingleTokenStats(tokenUuid);
         }
         
-        SingleTokenStats stats = findById(tokenUuid);
-        if (stats == null) {
-            // empty stats object, no need to add it to the list
-            stats = new SingleTokenStats(tokenUuid);
-        }
-        
-        return stats;
+        // if we create a new empty stats object, no need to add it to the list
+        return findById(tokenUuid)
+                .orElse(new SingleTokenStats(tokenUuid));
     }
     
-    private @Nullable SingleTokenStats findById(@Nonnull String tokenUuid) {
+    private @Nonnull Optional<SingleTokenStats> findById(@Nonnull String tokenUuid) {
         return tokenStats.stream()
                 .filter(s -> s.tokenUuid.equals(tokenUuid))
-                .findFirst()
-                .orElse(null);
+                .findFirst();
     }
     
     /**
-- 
GitLab


From 828a7e02256567f0a4d11bac9ee3982b3ad145b6 Mon Sep 17 00:00:00 2001
From: Devin Nusbaum <d.w.nusbaum@gmail.com>
Date: Wed, 2 May 2018 16:28:30 -0400
Subject: [PATCH 377/863] Fix test failure by cleaning up static state after
 tests

---
 core/src/main/java/hudson/util/ProcessTree.java           | 2 +-
 test/src/test/java/hudson/util/ProcessTreeKillerTest.java | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/util/ProcessTree.java b/core/src/main/java/hudson/util/ProcessTree.java
index d18d92e7a9..115e570bb0 100644
--- a/core/src/main/java/hudson/util/ProcessTree.java
+++ b/core/src/main/java/hudson/util/ProcessTree.java
@@ -382,7 +382,7 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
     }
 
 
-    private static Boolean vetoersExist;
+    /* package */ static Boolean vetoersExist;
     
     /**
      * Gets the {@link ProcessTree} of the current system
diff --git a/test/src/test/java/hudson/util/ProcessTreeKillerTest.java b/test/src/test/java/hudson/util/ProcessTreeKillerTest.java
index e593baea1e..5382c6f134 100644
--- a/test/src/test/java/hudson/util/ProcessTreeKillerTest.java
+++ b/test/src/test/java/hudson/util/ProcessTreeKillerTest.java
@@ -38,6 +38,7 @@ public class ProcessTreeKillerTest {
     
     @After
     public void tearDown() throws Exception {
+        ProcessTree.vetoersExist = null;
         if (null != process)
             process.destroy();
     }    
-- 
GitLab


From 3fb17fb0bbb824a6c929af3809022c280cb6270a Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Thu, 3 May 2018 10:13:39 -0400
Subject: [PATCH 378/863] [JENKINS-50692] [INFRA-1571] #3394: JEP-305
 Incrementals in core

---
 .gitignore          |  1 +
 .mvn/extensions.xml |  7 +++++++
 .mvn/maven.config   |  1 +
 Jenkinsfile         | 31 +++++++++++++------------------
 cli/pom.xml         |  2 +-
 core/pom.xml        |  2 +-
 pom.xml             | 15 +++++++--------
 test/pom.xml        |  2 +-
 war/pom.xml         |  2 +-
 9 files changed, 33 insertions(+), 30 deletions(-)
 create mode 100644 .mvn/extensions.xml
 create mode 100644 .mvn/maven.config

diff --git a/.gitignore b/.gitignore
index 3cde4d575d..b7c6beee06 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,5 @@
 target
+.flattened-pom.xml
 work
 
 # IntelliJ project files 
diff --git a/.mvn/extensions.xml b/.mvn/extensions.xml
new file mode 100644
index 0000000000..b2d9947894
--- /dev/null
+++ b/.mvn/extensions.xml
@@ -0,0 +1,7 @@
+<extensions xmlns="http://maven.apache.org/EXTENSIONS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/EXTENSIONS/1.0.0 http://maven.apache.org/xsd/core-extensions-1.0.0.xsd">
+  <extension>
+    <groupId>io.jenkins.tools</groupId>
+    <artifactId>git-changelist-maven-extension</artifactId>
+    <version>1.0-alpha-3</version>
+  </extension>
+</extensions>
diff --git a/.mvn/maven.config b/.mvn/maven.config
new file mode 100644
index 0000000000..e54fdacfe6
--- /dev/null
+++ b/.mvn/maven.config
@@ -0,0 +1 @@
+-Pmight-produce-incrementals
diff --git a/Jenkinsfile b/Jenkinsfile
index 68c3ee4a9b..031633d05e 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -30,6 +30,9 @@ for(i = 0; i < buildTypes.size(); i++) {
                     checkout scm
                 }
 
+                def changelistF = "${pwd tmp: true}/changelist"
+                def m2repo = "${pwd tmp: true}/m2repo"
+
                 // Now run the actual build.
                 stage("${buildType} Build / Test") {
                     timeout(time: 180, unit: 'MINUTES') {
@@ -39,7 +42,7 @@ for(i = 0; i < buildTypes.size(); i++) {
                                     "MAVEN_OPTS=-Xmx1536m -Xms512m"]) {
                             // Actually run Maven!
                             // -Dmaven.repo.local=… tells Maven to create a subdir in the temporary directory for the local Maven repository
-                            def mvnCmd = "mvn -Pdebug -U javadoc:javadoc clean install ${runTests ? '-Dmaven.test.failure.ignore' : '-DskipTests'} -V -B -Dmaven.repo.local=${pwd tmp: true}/m2repo -s settings-azure.xml -e"
+                            def mvnCmd = "mvn -Pdebug -U -Dset.changelist help:evaluate -Dexpression=changelist -Doutput=$changelistF clean install ${runTests ? '-Dmaven.test.failure.ignore' : '-DskipTests'} -V -B -Dmaven.repo.local=$m2repo -s settings-azure.xml -e"
                             if(isUnix()) {
                                 sh mvnCmd
                                 sh 'test `git status --short | tee /dev/stderr | wc --bytes` -eq 0'
@@ -52,14 +55,17 @@ for(i = 0; i < buildTypes.size(); i++) {
 
                 // Once we've built, archive the artifacts and the test results.
                 stage("${buildType} Publishing") {
-                    def files = findFiles(glob: '**/target/*.jar, **/target/*.war, **/target/*.hpi')
-                    renameFiles(files, buildType.toLowerCase())
-
-                    archiveArtifacts artifacts: '**/target/*.jar, **/target/*.war, **/target/*.hpi',
-                                fingerprint: true
                     if (runTests) {
                         junit healthScaleFactor: 20.0, testResults: '*/target/surefire-reports/*.xml'
                     }
+                    if (buildType == 'Linux') {
+                        def changelist = readFile(changelistF)
+                        dir(m2repo) {
+                            archiveArtifacts artifacts: "**/*$changelist/*$changelist*",
+                                             excludes: '**/*.lastUpdated,**/jenkins-test/',
+                                             fingerprint: true
+                        }
+                    }
                 }
             }
         }
@@ -91,6 +97,7 @@ builds.ath = {
 
 builds.failFast = failFast
 parallel builds
+infra.maybePublishIncrementals()
 
 // This method sets up the Maven and JDK tools, puts them in the environment along
 // with whatever other arbitrary environment variables we passed in, and runs the
@@ -115,15 +122,3 @@ void withMavenEnv(List envVars = [], def body) {
         body.call()
     }
 }
-
-void renameFiles(def files, String prefix) {
-    for(i = 0; i < files.length; i++) {
-        def newPath = files[i].path.replace(files[i].name, "${prefix}-${files[i].name}")
-        def rename = "${files[i].path} ${newPath}"
-        if(isUnix()) {
-            sh "mv ${rename}"
-        } else {
-            bat "move ${rename}"
-        }
-    }
-}
diff --git a/cli/pom.xml b/cli/pom.xml
index cfe6703894..3d32d9a4f7 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.120-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index fc8da936c4..91d8b7a889 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.120-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index a489df1330..34da02bf2e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -28,13 +28,13 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci</groupId>
     <artifactId>jenkins</artifactId>
-    <version>1.41</version>
+    <version>1.43</version>
     <relativePath />
   </parent>
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.120-SNAPSHOT</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
@@ -75,6 +75,9 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
+    <revision>2.120</revision>
+    <changelist>-SNAPSHOT</changelist>
+
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
     but this suppresses a warning from Maven, and as long as we don't do filtering we should be OK. -->
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
@@ -505,10 +508,6 @@ THE SOFTWARE.
           <artifactId>maven-makepkgs-plugin</artifactId>
           <version>0.6.2</version>
         </plugin>
-        <plugin>
-          <groupId>org.jenkins-ci.tools</groupId>
-          <artifactId>maven-hpi-plugin</artifactId>
-        </plugin>
         <plugin>
           <groupId>org.apache.maven.plugins</groupId>
           <artifactId>maven-site-plugin</artifactId>
@@ -566,7 +565,7 @@ THE SOFTWARE.
         <artifactId>maven-release-plugin</artifactId>
         <configuration>
           <!-- enable release profile during the release, create IPS package, and sign bits. -->
-          <prepareVerifyArgs>-P release,sign</prepareVerifyArgs>
+          <arguments>-P release,sign</arguments>
           <!-- work around for a bug in javadoc plugin that causes the release to fail. see MRELEASE-271 -->
           <preparationGoals>clean install</preparationGoals>
           <goals>-DskipTests -Danimal.sniffer.skip=false javadoc:javadoc deploy javadoc:aggregate</goals>
diff --git a/test/pom.xml b/test/pom.xml
index e53fc4d2ba..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.120-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index ab6a97b8c2..1af95e1d77 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.120-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From b14ba46a141b21d5f45679d2871376d8b12583d2 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Thu, 3 May 2018 13:57:28 -0400
Subject: [PATCH 379/863] [JENKINS-51062] Extend
 ClassFilterImpl.isLocationWhitelisted Maven-oriented exclusions to plugin
 under test during Gradle builds.

---
 core/src/main/java/jenkins/security/ClassFilterImpl.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/jenkins/security/ClassFilterImpl.java b/core/src/main/java/jenkins/security/ClassFilterImpl.java
index 5fb8dccf40..df179e7258 100644
--- a/core/src/main/java/jenkins/security/ClassFilterImpl.java
+++ b/core/src/main/java/jenkins/security/ClassFilterImpl.java
@@ -229,12 +229,12 @@ public class ClassFilterImpl extends ClassFilter {
                     LOGGER.log(Level.WARNING, "problem checking " + loc, x);
                 }
             }
-            if (loc.endsWith("/target/classes/")) {
+            if (loc.endsWith("/target/classes/") || loc.matches(".+/build/classes/[^/]+/main/")) {
                 LOGGER.log(Level.FINE, "{0} seems to be current plugin classes, OK", loc);
                 return true;
             }
             if (Main.isUnitTest) {
-                if (loc.endsWith("/target/test-classes/") || loc.endsWith("-tests.jar")) {
+                if (loc.endsWith("/target/test-classes/") || loc.endsWith("-tests.jar") || loc.matches(".+/build/classes/[^/]+/test/")) {
                     LOGGER.log(Level.FINE, "{0} seems to be test classes, OK", loc);
                     return true;
                 }
-- 
GitLab


From 3395141650bd40f265de10a40ee8a6b1d4c9e5be Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Fri, 4 May 2018 11:04:49 +0200
Subject: [PATCH 380/863] Address Devin's comment - adjust the way the stats
 are used for the monitoring page - correct the re-creation of legacy token on
 restart

---
 .../jenkins/security/ApiTokenProperty.java    |  2 +-
 .../security/apitoken/ApiTokenStore.java      | 10 +++++
 .../LegacyApiTokenAdministrativeMonitor.java  | 39 +++++++++++++------
 .../manage.jelly                              | 17 ++++----
 ...gacyApiTokenAdministrativeMonitorTest.java | 13 ++++---
 5 files changed, 55 insertions(+), 26 deletions(-)

diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index 40fd6f5f47..07c27bc822 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -129,7 +129,7 @@ public class ApiTokenProperty extends UserProperty {
             this.tokenStats = ApiTokenStats.load(user.getUserFolder());
         }
         if(this.apiToken != null){
-            this.tokenStore.regenerateTokenFromLegacy(this.apiToken);
+            this.tokenStore.generateTokenFromLegacy(this.apiToken);
         }
     }
     
diff --git a/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
index 4214ce2cec..5d60da8f7b 100644
--- a/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
@@ -118,6 +118,16 @@ public class ApiTokenStore {
     }
     
     public synchronized void regenerateTokenFromLegacy(@Nonnull Secret newLegacyApiToken) {
+        deleteAllLegacyAndGenerateNewOne(newLegacyApiToken);
+    }
+    
+    public synchronized void generateTokenFromLegacy(@Nonnull Secret newLegacyApiToken) {
+        if(tokenList.stream().noneMatch(HashedToken::isLegacy)){
+            deleteAllLegacyAndGenerateNewOne(newLegacyApiToken);
+        }
+    }
+    
+    private void deleteAllLegacyAndGenerateNewOne(@Nonnull Secret newLegacyApiToken) {
         deleteAllLegacyTokens();
         addLegacyToken(newLegacyApiToken);
     }
diff --git a/core/src/main/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor.java b/core/src/main/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor.java
index 31a7853fdc..3e2d7eb452 100644
--- a/core/src/main/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor.java
+++ b/core/src/main/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor.java
@@ -37,6 +37,7 @@ import org.kohsuke.stapler.HttpResponse;
 import org.kohsuke.stapler.interceptor.RequirePOST;
 import org.kohsuke.stapler.json.JsonBody;
 
+import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
 import java.io.IOException;
 import java.util.Date;
@@ -76,6 +77,7 @@ public class LegacyApiTokenAdministrativeMonitor extends AdministrativeMonitor {
         return new HttpRedirect("manage");
     }
     
+    // used by Jelly view
     @Restricted(NoExternalUse.class)
     public List<User> getImpactedUserList() {
         return User.getAll().stream()
@@ -86,32 +88,47 @@ public class LegacyApiTokenAdministrativeMonitor extends AdministrativeMonitor {
                 .collect(Collectors.toList());
     }
     
+    // used by Jelly view
     @Restricted(NoExternalUse.class)
-    public @Nullable ApiTokenStore.HashedToken getLegacyTokenOf(User user) {
+    public @Nullable ApiTokenStore.HashedToken getLegacyTokenOf(@Nonnull User user) {
         ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
         ApiTokenStore.HashedToken legacyToken = apiTokenProperty.getTokenStore().getLegacyToken();
         return legacyToken;
     }
     
+    // used by Jelly view
+    @Restricted(NoExternalUse.class)
+    public @Nullable ApiTokenProperty.TokenInfoAndStats getLegacyStatsOf(@Nonnull User user, @Nullable ApiTokenStore.HashedToken legacyToken) {
+        ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
+        if(legacyToken != null){
+            ApiTokenStats.SingleTokenStats legacyStats = apiTokenProperty.getTokenStats().findTokenStatsById(legacyToken.getUuid());
+            ApiTokenProperty.TokenInfoAndStats tokenInfoAndStats = new ApiTokenProperty.TokenInfoAndStats(legacyToken, legacyStats);
+            return tokenInfoAndStats;
+        }
+        
+        // in case the legacy token was revoked during the request
+        return null;
+    }
+    
     /**
      * Determine if the user has at least one "new" token that was created after the last use of the legacy token
      */
+    // used by Jelly view
     @Restricted(NoExternalUse.class)
-    public boolean hasFreshToken(User user, ApiTokenStore.HashedToken legacyToken) {
-        if(legacyToken == null){
+    public boolean hasFreshToken(@Nonnull User user, @Nullable ApiTokenProperty.TokenInfoAndStats legacyStats) {
+        if(legacyStats == null){
             return false;
         }
         
         ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
-        ApiTokenStats.SingleTokenStats legacyTokenStats = apiTokenProperty.getTokenStats().findTokenStatsById(legacyToken.getUuid());
         
         return apiTokenProperty.getTokenList().stream()
                 .filter(token -> !token.isLegacy)
                 .anyMatch(token -> {
                     Date creationDate = token.creationDate;
-                    Date lastUseDate = legacyTokenStats.getLastUseDate();
+                    Date lastUseDate = legacyStats.lastUseDate;
                     if (lastUseDate == null) {
-                        lastUseDate = legacyToken.getCreationDate();
+                        lastUseDate = legacyStats.creationDate;
                     }
                     return creationDate != null && lastUseDate != null && creationDate.after(lastUseDate);
                 });
@@ -120,22 +137,22 @@ public class LegacyApiTokenAdministrativeMonitor extends AdministrativeMonitor {
     /**
      * Determine if the user has at least one "new" token that was used after the last use of the legacy token
      */
+    // used by Jelly view
     @Restricted(NoExternalUse.class)
-    public boolean hasMoreRecentlyUsedToken(User user, ApiTokenStore.HashedToken legacyToken) {
-        if(legacyToken == null){
+    public boolean hasMoreRecentlyUsedToken(@Nonnull User user, @Nullable ApiTokenProperty.TokenInfoAndStats legacyStats) {
+        if(legacyStats == null){
             return false;
         }
         
         ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
-        ApiTokenStats.SingleTokenStats legacyTokenStats = apiTokenProperty.getTokenStats().findTokenStatsById(legacyToken.getUuid());
     
         return apiTokenProperty.getTokenList().stream()
                 .filter(token -> !token.isLegacy)
                 .anyMatch(token -> {
                     Date currentLastUseDate = token.lastUseDate;
-                    Date legacyLastUseDate = legacyTokenStats.getLastUseDate();
+                    Date legacyLastUseDate = legacyStats.lastUseDate;
                     if (legacyLastUseDate == null) {
-                        legacyLastUseDate = legacyToken.getCreationDate();
+                        legacyLastUseDate = legacyStats.creationDate;
                     }
                     return currentLastUseDate != null && legacyLastUseDate != null && currentLastUseDate.after(legacyLastUseDate);
                 });
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
index 48d4b1b0fb..515b5ee3c6 100644
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
@@ -57,6 +57,7 @@ THE SOFTWARE.
                         <j:when test="${!userList.isEmpty()}">
                             <j:forEach var="user" items="${userList}">
                                 <j:set var="legacyToken" value="${it.getLegacyTokenOf(user)}"/>
+                                <j:set var="legacyStats" value="${it.getLegacyStatsOf(user, legacyToken)}"/>
         
                                 <j:set var="creationDateFormat" value="${%NoCreationDate}" />
                                 <j:if test="${legacyToken.creationDate != null}">
@@ -64,15 +65,15 @@ THE SOFTWARE.
                                 </j:if>
                                 
                                 <j:set var="lastUseDateFormat" value="${%NoLastUse}" />
-                                <j:if test="${legacyToken.lastUseDate != null}">
-                                    <i:formatDate var="lastUseDateFormat" value="${legacyToken.lastUseDate}" type="both" dateStyle="medium" timeStyle="medium" />
+                                <j:if test="${legacyStats.lastUseDate != null}">
+                                    <i:formatDate var="lastUseDateFormat" value="${legacyStats.lastUseDate}" type="both" dateStyle="medium" timeStyle="medium" />
                                 </j:if>
         
                                 <j:set var="hasFreshToken"
-                                       value="${it.hasFreshToken(user, legacyToken)}"/>
+                                       value="${it.hasFreshToken(user, legacyStats)}"/>
         
                                 <j:set var="hasMoreRecentlyUsedToken"
-                                       value="${it.hasMoreRecentlyUsedToken(user, legacyToken)}"/>
+                                       value="${it.hasMoreRecentlyUsedToken(user, legacyStats)}"/>
                                 
                                 <j:if test="${legacyToken != null}">
                                     <tr>
@@ -84,7 +85,7 @@ THE SOFTWARE.
                                                    class="token-to-revoke ${hasFreshToken ? 'fresh-token' : ''} ${hasMoreRecentlyUsedToken ? 'recent-token' : ''}" />
                                         </td>
                                         <td>
-                                            ${user.id}
+                                            ${user.id}asdfasdf
                                         </td>
                                         <td>
                                             ${user.fullName}
@@ -93,13 +94,13 @@ THE SOFTWARE.
                                             ${legacyToken.name}
                                         </td>
                                         <td title="${creationDateFormat}">
-                                            ${legacyToken.numDaysCreation}
+                                            ${legacyStats.numDaysCreation}
                                         </td>
                                         <td>
-                                            ${legacyToken.useCounter}
+                                            ${legacyStats.useCounter}
                                         </td>
                                         <td title="${lastUseDateFormat}">
-                                            ${legacyToken.numDaysUse}
+                                            ${legacyStats.numDaysUse}
                                         </td>
                                         <td>
                                             <j:choose>
diff --git a/test/src/test/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitorTest.java b/test/src/test/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitorTest.java
index bad41c5997..4b1cfdbe55 100644
--- a/test/src/test/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitorTest.java
+++ b/test/src/test/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitorTest.java
@@ -37,8 +37,11 @@ import jenkins.security.ApiTokenProperty;
 import org.apache.commons.lang.StringUtils;
 import org.junit.Rule;
 import org.junit.Test;
+import org.junit.rules.Timeout;
 import org.jvnet.hudson.test.JenkinsRule;
 
+import java.util.concurrent.TimeUnit;
+
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotNull;
@@ -324,22 +327,22 @@ public class LegacyApiTokenAdministrativeMonitorTest {
         JenkinsRule.WebClient wc = j.createWebClient();
         wc.withBasicApiToken(user);
         
-        wc.goTo("whoAmI");
+        wc.goTo("whoAmI/api/xml", null);
     }
     
     private void simulateUseOfToken(User user, String tokenPlainValue) throws Exception {
         JenkinsRule.WebClient wc = j.createWebClient();
         wc.withBasicCredentials(user.getId(), tokenPlainValue);
         
-        wc.goTo("whoAmI");
+        wc.goTo("whoAmI/api/xml", null);
     }
     
     private int nextId = 0;
     
-    private User createUserWithToken(boolean legacy, boolean fresh, boolean recent) throws Exception {
+    private void createUserWithToken(boolean legacy, boolean fresh, boolean recent) throws Exception {
         User user = User.getById(String.format("user %b %b %b %d", legacy, fresh, recent, nextId++), true);
         if (!legacy) {
-            return user;
+            return ;
         }
         
         ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
@@ -370,7 +373,5 @@ public class LegacyApiTokenAdministrativeMonitorTest {
             }
             //else: no other token to generate
         }
-        
-        return user;
     }
 }
-- 
GitLab


From a3d598519086a6d00aa6966d6a13e165b3e7d385 Mon Sep 17 00:00:00 2001
From: Devin Nusbaum <dwnusbaum@users.noreply.github.com>
Date: Fri, 4 May 2018 10:21:07 -0400
Subject: [PATCH 381/863] Remove unnecessary dash

(Wadeck and I want to see how the on-GitHub PR editing features work in case they are useful for proposing grammar changes)
---
 core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
index 5d60da8f7b..d3894899fa 100644
--- a/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
@@ -61,7 +61,7 @@ public class ApiTokenStore {
             Comparator.comparing(hashedToken -> hashedToken.getName().toLowerCase(Locale.ENGLISH));
     
     private static final int TOKEN_LENGTH_V2 = 34;
-    /** two hex-characters, avoid starting with 0 to avoid troubles */
+    /** two hex characters, avoid starting with 0 to avoid troubles */
     private static final String LEGACY_VERSION = "10";
     private static final String HASH_VERSION = "11";
     
-- 
GitLab


From 4ff76be14f416ce940f405d2224889739a7e7b20 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Fri, 4 May 2018 16:46:43 +0200
Subject: [PATCH 382/863] Change the warning message

---
 .../jenkins/security/ApiTokenProperty/config.properties         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
index 92bd67e3d9..5c7b1f8663 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
@@ -1,4 +1,4 @@
-TokenDisplayedOnce=Once generated the token will be displayed only once. The application knows only the hash of your token for the verification.
+TokenDisplayedOnce=Copy this token now, because it cannot be recovered in the future.
 NoTokenYet=There is no registered token for this user
 TokenLastUse=Used <b>{0}</b> time(s), last time was <b>{1}</b> day(s) ago
 StatisticsDisabled=No statistics available
-- 
GitLab


From 480555dc2f1853ea2cca02ba2da749fb9324f07d Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Fri, 4 May 2018 17:33:22 +0200
Subject: [PATCH 383/863] Adjust UI after discussion with Devin - trigger the
 confirm message if someone change an existing token name (for the rename) and
 does not click on Save / Apply - improve the ignore/force dirty mechanism -
 display the warning message about the temporary aspect of the token plain
 text only *after* the generation - change "Save" to "Generate" for the new
 token

---
 .../security/ApiTokenProperty/config.jelly        | 14 +++++++++-----
 .../security/ApiTokenProperty/config.properties   |  2 ++
 .../security/ApiTokenProperty/resources.js        |  3 +++
 core/src/main/resources/lib/form/confirm.js       | 15 +++++++++++++--
 4 files changed, 27 insertions(+), 7 deletions(-)

diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
index d7297265ea..440d29eac1 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
@@ -27,13 +27,14 @@ THE SOFTWARE.
 <j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:f="/lib/form" xmlns:l="/lib/layout" xmlns:i="jelly:fmt">
     <st:adjunct includes="jenkins.security.ApiTokenProperty.resources"/>
     <f:entry title="${%CurrentTokens(instance.tokenList.size())}" help="${descriptor.getHelpFile('tokenStore')}">
+        <!-- ignore the whole div to prevent the "Add new token" button to trigger the confirm -->
         <div class="token-list ignore-dirty-panel">
             <j:set var="isStatisticsEnabled" value="${descriptor.isStatisticsEnabled()}" />
             <j:set var="tokenList" value="${instance.tokenList}" />
             <div class="token-list-item token-list-empty-item ${tokenList == null || tokenList.isEmpty() ? '' : 'hidden-message'}">
                 <div class="list-empty-message">${%NoTokenYet}</div>
             </div>
-            <f:repeatable name="tokenStore" var="token" items="${tokenList}" minimum="0"
+            <f:repeatable name="tokenStore" var="token" items="${tokenList}" minimum="0" add="${%AddNewToken}"
                           noAddButton="${!descriptor.hasCurrentUserRightToGenerateNewToken(it)}">
                 <j:choose>
                     <j:when test="${token!=null}">
@@ -41,7 +42,8 @@ THE SOFTWARE.
                         <j:if test="${token.isLegacy}">
                             <j:set var="legacyClazz" value="legacy-token" />
                         </j:if>
-                        <div class="token-list-item token-list-existing-item ${legacyClazz}">
+                        <!-- force the confirm in case those inputs are changed, to override the parent ignore, for existing token -->
+                        <div class="token-list-item token-list-existing-item force-dirty-panel ${legacyClazz}">
                             <input type="hidden" class="token-uuid-input" name="tokenUuid" value="${token.uuid}" />
                             <f:textbox clazz="token-name" name="tokenName" value="${token.name}" />
                             
@@ -106,12 +108,14 @@ THE SOFTWARE.
                     <j:otherwise>
                         <div class="token-list-item token-list-new-item">
                             <input type="hidden" class="token-uuid-input" name="tokenUuid" value="${token.uuid}" />
-                            <f:textbox name="tokenName" clazz="token-name" placeholder="${%Default name}" 
+                            <f:textbox name="tokenName" clazz="token-name" placeholder="${%Default name}"
                                        style="width: 40%; display: inline-block"/>
                             <st:nbsp /><!-- without this non-breakable space, double click on the div will put the focus on the input -->
                             <span class="new-token-value" style="width: 40%; margin-right: 2px; display: none"><!--will be filled by javascript--></span>
                             <span class="yui-button token-save" style="vertical-align: baseline;">
-                                <button type="button" tabindex="0" data-target-url="${descriptor.descriptorFullUrl}/generateNewToken" onclick="saveApiToken(this)">Save</button>
+                                <button type="button" tabindex="0" data-target-url="${descriptor.descriptorFullUrl}/generateNewToken" onclick="saveApiToken(this)">
+                                    ${%GenerateNewToken}
+                                </button>
                             </span>
                             <span class="token-cancel">
                                 <f:repeatableDeleteButton value="${%Cancel}" />
@@ -122,7 +126,7 @@ THE SOFTWARE.
                                 <l:icon class="icon-text-error icon-sm"/>
                             </a>
                             <div class="error" style="margin-top: 5px; display: none;"><!-- filled in case of error --></div>
-                            <div class="warning" style="margin-top: 5px;">${%TokenDisplayedOnce}</div>
+                            <div class="warning display-after-generation" style="margin-top: 5px; display: none;">${%TokenDisplayedOnce}</div>
                         </div>
                     </j:otherwise>
                 </j:choose>
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
index 5c7b1f8663..52294a8e8c 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
@@ -1,4 +1,6 @@
 TokenDisplayedOnce=Copy this token now, because it cannot be recovered in the future.
+AddNewToken=Add new token
+GenerateNewToken=Generate
 NoTokenYet=There is no registered token for this user
 TokenLastUse=Used <b>{0}</b> time(s), last time was <b>{1}</b> day(s) ago
 StatisticsDisabled=No statistics available
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js
index 1534bdd06d..3cd1914de7 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js
@@ -91,6 +91,9 @@ function saveApiToken(button){
                 var uuidInput = repeatedChunk.querySelector('[name="tokenUuid"]');
                 uuidInput.value = tokenUuid;
 
+                var warningMessage = repeatedChunk.querySelector('.display-after-generation');
+                warningMessage.style.display = 'block';
+                
                 // we do not want to allow user to create twice a token using same name by mistake
                 button.remove();
                 
diff --git a/core/src/main/resources/lib/form/confirm.js b/core/src/main/resources/lib/form/confirm.js
index 688631b39b..fe830207a1 100644
--- a/core/src/main/resources/lib/form/confirm.js
+++ b/core/src/main/resources/lib/form/confirm.js
@@ -17,13 +17,24 @@
     }
     
     function isIgnoringConfirm(element){
+      if(element.hasClassName('force-dirty')){
+        return false;
+      }
       if(element.hasClassName('ignore-dirty')){
         return true;
       }
       // to allow sub-section of the form to ignore confirm
       // especially useful for "pure" JavaScript area
-      var ignorePanel = element.up('.ignore-dirty-panel');
-      if(ignorePanel){
+      // we try to gather the first parent with a marker, 
+      var dirtyPanel = element.up('.ignore-dirty-panel,.force-dirty-panel');
+      if(!dirtyPanel){
+        return false;
+      }
+      
+      if(dirtyPanel.hasClassName('force-dirty-panel')){
+        return false;
+      }
+      if(dirtyPanel.hasClassName('ignore-dirty-panel')){
         return true;
       }
       
-- 
GitLab


From 2b498df38dedc547e50ef8133708374ec48b7d1f Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Fri, 4 May 2018 17:34:07 +0200
Subject: [PATCH 384/863] uppercase the token

---
 .../jenkins/security/ApiTokenProperty/config.properties         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
index 52294a8e8c..07d50d6cbd 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
@@ -1,5 +1,5 @@
 TokenDisplayedOnce=Copy this token now, because it cannot be recovered in the future.
-AddNewToken=Add new token
+AddNewToken=Add new Token
 GenerateNewToken=Generate
 NoTokenYet=There is no registered token for this user
 TokenLastUse=Used <b>{0}</b> time(s), last time was <b>{1}</b> day(s) ago
-- 
GitLab


From a03254b99f10350bd996b0d000b01ff2cc012652 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <Wadeck@users.noreply.github.com>
Date: Fri, 4 May 2018 20:28:59 +0200
Subject: [PATCH 385/863] Admin monitor message: separation between content and
 display (#3416)

* Better separation between content and display
- also put the version for the RootUrlNotSetMonitor and the HttpResponses new method

* Add blank line
---
 core/src/main/java/hudson/util/HttpResponses.java |  2 +-
 .../jenkins/diagnostics/RootUrlNotSetMonitor.java |  8 +++-----
 .../security/csrf/CSRFAdministrativeMonitor.java  |  2 +-
 .../RootUrlNotSetMonitor/message.jelly            | 15 ++++++++++++---
 .../RootUrlNotSetMonitor/message.properties       |  8 ++++----
 .../csrf/CSRFAdministrativeMonitor/message.jelly  | 15 +++++++++++++--
 .../CSRFAdministrativeMonitor/message.properties  |  7 ++++---
 .../message_it.properties                         |  8 ++++----
 8 files changed, 42 insertions(+), 23 deletions(-)

diff --git a/core/src/main/java/hudson/util/HttpResponses.java b/core/src/main/java/hudson/util/HttpResponses.java
index c64b708941..ef731f3ff8 100644
--- a/core/src/main/java/hudson/util/HttpResponses.java
+++ b/core/src/main/java/hudson/util/HttpResponses.java
@@ -106,7 +106,7 @@ public class HttpResponses extends org.kohsuke.stapler.HttpResponses {
      * @param data The data.
      * @return {@code this} object.
      *
-     * @since TODO
+     * @since 2.119
      */
     public static HttpResponse errorJSON(@Nonnull String message, @Nonnull Map<?,?> data) {
         return new JSONObjectResponse(data).error(message);
diff --git a/core/src/main/java/jenkins/diagnostics/RootUrlNotSetMonitor.java b/core/src/main/java/jenkins/diagnostics/RootUrlNotSetMonitor.java
index 3e9a245f73..bb4a252409 100644
--- a/core/src/main/java/jenkins/diagnostics/RootUrlNotSetMonitor.java
+++ b/core/src/main/java/jenkins/diagnostics/RootUrlNotSetMonitor.java
@@ -38,7 +38,7 @@ import org.kohsuke.accmod.restrictions.NoExternalUse;
  * Potential exceptions are the dev environment, if someone disable the wizard or
  * the administrator put an empty string on the configuration page.
  *
- * @since TODO
+ * @since 2.119
  */
 @Extension
 @Symbol("rootUrlNotSet")
@@ -52,15 +52,13 @@ public class RootUrlNotSetMonitor extends AdministrativeMonitor {
     @Override
     public boolean isActivated() {
         JenkinsLocationConfiguration loc = JenkinsLocationConfiguration.get();
-        return loc != null && (
-                loc.getUrl() == null || !UrlHelper.isValidRootUrl(loc.getUrl())
-        );
+        return loc.getUrl() == null || !UrlHelper.isValidRootUrl(loc.getUrl());
     }
     
     // used by jelly to determined if it's a null url or invalid one
     @Restricted(NoExternalUse.class)
     public boolean isUrlNull(){
         JenkinsLocationConfiguration loc = JenkinsLocationConfiguration.get();
-        return loc != null && loc.getUrl() == null;
+        return loc.getUrl() == null;
     }
 }
diff --git a/core/src/main/java/jenkins/security/csrf/CSRFAdministrativeMonitor.java b/core/src/main/java/jenkins/security/csrf/CSRFAdministrativeMonitor.java
index dbdb38e337..6ffc2422e4 100644
--- a/core/src/main/java/jenkins/security/csrf/CSRFAdministrativeMonitor.java
+++ b/core/src/main/java/jenkins/security/csrf/CSRFAdministrativeMonitor.java
@@ -46,6 +46,6 @@ public class CSRFAdministrativeMonitor extends AdministrativeMonitor {
     
     @Override
     public boolean isActivated() {
-        return Jenkins.getInstance().getCrumbIssuer() == null;
+        return Jenkins.get().getCrumbIssuer() == null;
     }
 }
diff --git a/core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message.jelly b/core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message.jelly
index f5abad1054..13d15b4cdd 100644
--- a/core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message.jelly
+++ b/core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message.jelly
@@ -22,15 +22,24 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 THE SOFTWARE.
 -->
 <?jelly escape-by-default='true'?>
-<j:jelly xmlns:j="jelly:core">
+<j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form">
   <div class="alert alert-warning">
+    <form method="post" action="${rootURL}/${it.url}/disable">
+      <f:submit value="${%Dismiss}"/>
+    </form>
+    <j:set var="actionAnchor">
+      <a href="${rootURL}/configure">${%actionUrlContent}</a>
+    </j:set>
+  
     <j:choose>
       <j:when test="${it.isUrlNull()}">
-        ${%urlIsNull(rootURL)}
+        ${%urlIsNull}
       </j:when>
       <j:otherwise>
-        ${%urlIsInvalid(rootURL)}
+        ${%urlIsInvalid}
       </j:otherwise>
     </j:choose>
+    <p />
+    <j:out value="${%actionToTake(actionAnchor)}"/>
   </div>
 </j:jelly>
diff --git a/core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message.properties b/core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message.properties
index cd972c3d69..d1153159c7 100644
--- a/core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message.properties
+++ b/core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message.properties
@@ -1,6 +1,6 @@
 urlIsNull=Jenkins root URL is empty but is required for the proper operation of many Jenkins features like email notifications, \
-PR status update, and environment variables such as <code>BUILD_URL</code>.<br />\
-Please provide an accurate value in <a href="{0}/configure">Jenkins configuration</a>.
+PR status update, and environment variables such as <code>BUILD_URL</code>.
 urlIsInvalid=Jenkins root URL seems to be invalid. It is required for the proper operation of many Jenkins features like email notifications, \
-PR status update, and environment variables such as <code>BUILD_URL</code>.<br />\
-Please provide an accurate value in <a href="{0}/configure">Jenkins configuration</a>.
+PR status update, and environment variables such as <code>BUILD_URL</code>.
+actionToTake=Please provide an accurate value in {0}.
+actionUrlContent=Jenkins configuration
diff --git a/core/src/main/resources/jenkins/security/csrf/CSRFAdministrativeMonitor/message.jelly b/core/src/main/resources/jenkins/security/csrf/CSRFAdministrativeMonitor/message.jelly
index 46c6a34c61..1536a99530 100644
--- a/core/src/main/resources/jenkins/security/csrf/CSRFAdministrativeMonitor/message.jelly
+++ b/core/src/main/resources/jenkins/security/csrf/CSRFAdministrativeMonitor/message.jelly
@@ -22,8 +22,19 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 THE SOFTWARE.
 -->
 <?jelly escape-by-default='true'?>
-<j:jelly xmlns:j="jelly:core">
+<j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form">
     <div class="alert alert-warning">
-        ${%warningMessage(rootURL)}
+        <form method="post" action="${rootURL}/${it.url}/disable">
+            <f:submit value="${%Dismiss}"/>
+        </form>
+        <j:set var="referenceAnchor">
+            <a href="https://jenkins.io/redirect/csrf-protection" target="_blank">${%referenceUrlContent}</a>
+        </j:set>
+        <j:set var="actionAnchor">
+            <a href="${rootURL}/configureSecurity">${%actionUrlContent}</a>
+        </j:set>
+        <j:out value="${%warningMessage(referenceAnchor)}"/>
+        <p />
+        <j:out value="${%actionMessage(actionAnchor)}"/>
     </div>
 </j:jelly>
diff --git a/core/src/main/resources/jenkins/security/csrf/CSRFAdministrativeMonitor/message.properties b/core/src/main/resources/jenkins/security/csrf/CSRFAdministrativeMonitor/message.properties
index c84b184519..a2b329a1b0 100644
--- a/core/src/main/resources/jenkins/security/csrf/CSRFAdministrativeMonitor/message.properties
+++ b/core/src/main/resources/jenkins/security/csrf/CSRFAdministrativeMonitor/message.properties
@@ -1,4 +1,5 @@
 warningMessage=You have not configured the CSRF issuer. This could be a security issue. \
-  For more information, please refer to <a href="https://jenkins.io/redirect/csrf-protection" target="_blank">this page</a>. \
-  <br /> \
-  You can change the current configuration using the Security section <a href="{0}/configureSecurity">CSRF Protection</a>.
+  For more information, please refer to {0}.
+actionMessage=You can change the current configuration using the Security section {0}.
+referenceUrlContent=this page
+actionUrlContent=CSRF Protection
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/security/csrf/CSRFAdministrativeMonitor/message_it.properties b/core/src/main/resources/jenkins/security/csrf/CSRFAdministrativeMonitor/message_it.properties
index cd9d4d48af..ad2e646e3e 100644
--- a/core/src/main/resources/jenkins/security/csrf/CSRFAdministrativeMonitor/message_it.properties
+++ b/core/src/main/resources/jenkins/security/csrf/CSRFAdministrativeMonitor/message_it.properties
@@ -22,7 +22,7 @@
 
 warningMessage=L''emittente CSRF non � stata configurata. Ci� potrebbe costituire \
     un problema di sicurezza. \
-    Per ulteriori informazioni, fare riferimento a <a href="https://jenkins.io/redirect/csrf-protection" target="_blank">questa pagina</a>. \
-    <br /> \
-    � possibile modificare la configurazione corrente nella sezione \
-    <a href="{0}/configureSecurity">Protezione CSRF</a> della categoria Sicurezza.
+    Per ulteriori informazioni, fare riferimento a {0}.
+actionMessage=� possibile modificare la configurazione corrente nella sezione {0} della categoria Sicurezza.
+referenceUrlContent=questa pagina
+actionUrlContent=Protezione CSRF
\ No newline at end of file
-- 
GitLab


From a9eafdb973d0e9697e2f7a8a3f4e3441464398f4 Mon Sep 17 00:00:00 2001
From: Jeff Thompson <37345299+jeffret-b@users.noreply.github.com>
Date: Fri, 4 May 2018 12:51:12 -0600
Subject: [PATCH 386/863] [JENKINS-50412] Fingerprints logs should be less
 verbose (#3373)

* JENKINS-50412 - Fingerprints logs should be less verbose

Eliminate the logging line that says
possibly trimming /var/jenkins_home/fingerprints/[...]
This line fills up the fingerprints log file with repetitive, useless information.
The operation it calls provides its own logging that can be turned on if detailed
logging is actually needed instead of running this one repeatedly.

Also, while in the area, convert a couple of FileFilter inner classes to lambdas
and inline them. This reduces unnecessary boilerplate and improves clarity.

In order to make this change testable, I elected to remove the final restriction on the
class and annotate the class as restricted. This allows me to create unit tests for
this change and also verify existing capability at the appropriate level.

* Watch out for varying line endings.

Use a reliable check.

* Correct a few minor issues caught in review.

* Change to correct access modifier.
---
 .../model/FingerprintCleanupThread.java       |  43 +++--
 .../model/FingerprintCleanupThreadTest.java   | 180 ++++++++++++++++++
 2 files changed, 203 insertions(+), 20 deletions(-)
 create mode 100644 core/src/test/java/hudson/model/FingerprintCleanupThreadTest.java

diff --git a/core/src/main/java/hudson/model/FingerprintCleanupThread.java b/core/src/main/java/hudson/model/FingerprintCleanupThread.java
index 59187a3a40..292248ed52 100644
--- a/core/src/main/java/hudson/model/FingerprintCleanupThread.java
+++ b/core/src/main/java/hudson/model/FingerprintCleanupThread.java
@@ -28,9 +28,10 @@ import hudson.ExtensionList;
 import hudson.Functions;
 import jenkins.model.Jenkins;
 import org.jenkinsci.Symbol;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
 
 import java.io.File;
-import java.io.FileFilter;
 import java.io.IOException;
 import java.util.regex.Pattern;
 
@@ -45,7 +46,11 @@ import java.util.regex.Pattern;
  * @author Kohsuke Kawaguchi
  */
 @Extension @Symbol("fingerprintCleanup")
-public final class FingerprintCleanupThread extends AsyncPeriodicWork {
+@Restricted(NoExternalUse.class)
+public class FingerprintCleanupThread extends AsyncPeriodicWork {
+
+    static final String FINGERPRINTS_DIR_NAME = "fingerprints";
+    private static final Pattern FINGERPRINT_FILE_PATTERN = Pattern.compile("[0-9a-f]{28}\\.xml");
 
     public FingerprintCleanupThread() {
         super("Fingerprint cleanup");
@@ -66,13 +71,13 @@ public final class FingerprintCleanupThread extends AsyncPeriodicWork {
     public void execute(TaskListener listener) {
         int numFiles = 0;
 
-        File root = new File(Jenkins.getInstance().getRootDir(),"fingerprints");
-        File[] files1 = root.listFiles(LENGTH2DIR_FILTER);
+        File root = new File(getRootDir(), FINGERPRINTS_DIR_NAME);
+        File[] files1 = root.listFiles(f -> f.isDirectory() && f.getName().length()==2);
         if(files1!=null) {
             for (File file1 : files1) {
-                File[] files2 = file1.listFiles(LENGTH2DIR_FILTER);
+                File[] files2 = file1.listFiles(f -> f.isDirectory() && f.getName().length()==2);
                 for(File file2 : files2) {
-                    File[] files3 = file2.listFiles(FINGERPRINTFILE_FILTER);
+                    File[] files3 = file2.listFiles(f -> f.isFile() && FINGERPRINT_FILE_PATTERN.matcher(f.getName()).matches());
                     for(File file3 : files3) {
                         if(check(file3, listener))
                             numFiles++;
@@ -101,7 +106,7 @@ public final class FingerprintCleanupThread extends AsyncPeriodicWork {
      */
     private boolean check(File fingerprintFile, TaskListener listener) {
         try {
-            Fingerprint fp = Fingerprint.load(fingerprintFile);
+            Fingerprint fp = loadFingerprint(fingerprintFile);
             if (fp == null || !fp.isAlive()) {
                 listener.getLogger().println("deleting obsolete " + fingerprintFile);
                 fingerprintFile.delete();
@@ -109,8 +114,7 @@ public final class FingerprintCleanupThread extends AsyncPeriodicWork {
             } else {
                 // get the fingerprint in the official map so have the changes visible to Jenkins
                 // otherwise the mutation made in FingerprintMap can override our trimming.
-                listener.getLogger().println("possibly trimming " + fingerprintFile);
-                fp = Jenkins.getInstance()._getFingerprint(fp.getHashString());
+                fp = getFingerprint(fp);
                 return fp.trim();
             }
         } catch (IOException e) {
@@ -119,17 +123,16 @@ public final class FingerprintCleanupThread extends AsyncPeriodicWork {
         }
     }
 
-    private static final FileFilter LENGTH2DIR_FILTER = new FileFilter() {
-        public boolean accept(File f) {
-            return f.isDirectory() && f.getName().length()==2;
-        }
-    };
+    protected Fingerprint loadFingerprint(File fingerprintFile) throws IOException {
+        return Fingerprint.load(fingerprintFile);
+    }
 
-    private static final FileFilter FINGERPRINTFILE_FILTER = new FileFilter() {
-        private final Pattern PATTERN = Pattern.compile("[0-9a-f]{28}\\.xml");
+    protected Fingerprint getFingerprint(Fingerprint fp) throws IOException {
+        return Jenkins.get()._getFingerprint(fp.getHashString());
+    }
+
+    protected File getRootDir() {
+        return Jenkins.get().getRootDir();
+    }
 
-        public boolean accept(File f) {
-            return f.isFile() && PATTERN.matcher(f.getName()).matches();
-        }
-    };
 }
diff --git a/core/src/test/java/hudson/model/FingerprintCleanupThreadTest.java b/core/src/test/java/hudson/model/FingerprintCleanupThreadTest.java
new file mode 100644
index 0000000000..3fd255535a
--- /dev/null
+++ b/core/src/test/java/hudson/model/FingerprintCleanupThreadTest.java
@@ -0,0 +1,180 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package hudson.model;
+
+import org.junit.Test;
+
+import javax.annotation.CheckForNull;
+import javax.annotation.Nonnull;
+import java.io.ByteArrayOutputStream;
+import java.io.File;
+import java.io.IOException;
+import java.io.PrintStream;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+public class FingerprintCleanupThreadTest {
+
+    private static final Fingerprint.BuildPtr ptr = new Fingerprint.BuildPtr("fred", 23);
+    private Path tempDirectory;
+    private Path fpFile;
+
+    @Test
+    public void testDoesNotLogUnimportantExcessiveLogMessage() throws IOException {
+        createFolderStructure();
+        TestTaskListener testTaskListener = new TestTaskListener();
+        FingerprintCleanupThread cleanupThread = new TestFingerprintCleanupThread(new TestFingerprint(true));
+        cleanupThread.execute(testTaskListener);
+        String logOutput = testTaskListener.outputStream.toString();
+        assertFalse("Should not have logged unimportant, excessive message.", logOutput.contains("possibly trimming"));
+    }
+
+    @Test
+    public void testFingerprintFileIsEmpty() throws IOException {
+        createFolderStructure();
+        TestTaskListener testTaskListener = new TestTaskListener();
+        FingerprintCleanupThread cleanupThread = new TestFingerprintCleanupThread(new TestFingerprint(false));
+        cleanupThread.execute(testTaskListener);
+        String logOutput = testTaskListener.outputStream.toString();
+        assertFalse("Should have deleted obsolete file.", fpFile.toFile().exists());
+    }
+
+    @Test
+    public void testGetRecurencePeriod() throws IOException {
+        FingerprintCleanupThread cleanupThread = new TestFingerprintCleanupThread(new TestFingerprint());
+        assertEquals("Wrong recurrence period.", PeriodicWork.DAY, cleanupThread.getRecurrencePeriod());
+    }
+
+    @Test
+    public void testNoFingerprintsDir() throws IOException {
+        createTestDir();
+        TestTaskListener testTaskListener = new TestTaskListener();
+        FingerprintCleanupThread cleanupThread = new TestFingerprintCleanupThread(new TestFingerprint());
+        cleanupThread.execute(testTaskListener);
+        String logOutput = testTaskListener.outputStream.toString();
+        assertTrue("Should have done nothing.", logOutput.startsWith("Cleaned up 0 records"));
+    }
+
+    @Test
+    public void testIOExceptionOnLoad() throws IOException {
+        createFolderStructure();
+        TestTaskListener testTaskListener = new TestTaskListener();
+        FingerprintCleanupThread cleanupThread = new TestFingerprintCleanupThreadThrowsExceptionOnLoad(new TestFingerprint());
+        cleanupThread.execute(testTaskListener);
+        String logOutput = testTaskListener.outputStream.toString();
+        assertTrue("Should have logged IOException.", logOutput.contains("ERROR: Failed to process"));
+    }
+
+    private void createFolderStructure() throws IOException {
+        createTestDir();
+        Path fingerprintsPath = tempDirectory.resolve(FingerprintCleanupThread.FINGERPRINTS_DIR_NAME);
+        Files.createDirectory(fingerprintsPath);
+        Path aaDir = fingerprintsPath.resolve("aa");
+        Files.createDirectory(aaDir);
+        Path bbDir = aaDir.resolve("bb");
+        Files.createDirectory(bbDir);
+        fpFile = bbDir.resolve("0123456789012345678901234567.xml");
+        Files.createFile(fpFile);
+    }
+
+    private void createTestDir() throws IOException {
+        tempDirectory = Files.createTempDirectory(Paths.get("target"), "fpCleanupThreadTest");
+        tempDirectory.toFile().deleteOnExit();
+    }
+
+    private class TestTaskListener implements TaskListener {
+
+        private ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
+        private PrintStream logStream = new PrintStream(outputStream);
+
+        @Nonnull
+        @Override
+        public PrintStream getLogger() {
+            return logStream;
+        }
+
+    }
+
+    private class TestFingerprintCleanupThread extends FingerprintCleanupThread {
+
+        private Fingerprint fingerprintToLoad;
+
+        public TestFingerprintCleanupThread(Fingerprint fingerprintToLoad) throws IOException {
+            this.fingerprintToLoad = fingerprintToLoad;
+            return;
+        }
+
+        @Override
+        protected Fingerprint getFingerprint(Fingerprint fp) throws IOException {
+            return new Fingerprint(ptr, "file", new byte[0]);
+        }
+
+        @Override
+        protected File getRootDir() {
+            return tempDirectory.toFile();
+        }
+
+        @Override
+        protected Fingerprint loadFingerprint(File fingerprintFile) throws IOException {
+            return fingerprintToLoad;
+        }
+
+    }
+
+    private class TestFingerprint extends Fingerprint {
+
+        private boolean isAlive = true;
+
+        public TestFingerprint() throws IOException {
+            super(ptr, "fred", new byte[0]);
+        }
+
+        public TestFingerprint(boolean isAlive) throws IOException {
+            super(ptr, "fred", new byte[0]);
+            this.isAlive = isAlive;
+        }
+
+        @Override
+        public synchronized boolean isAlive() {
+            return isAlive;
+        }
+    }
+
+    private class TestFingerprintCleanupThreadThrowsExceptionOnLoad extends TestFingerprintCleanupThread {
+
+        public TestFingerprintCleanupThreadThrowsExceptionOnLoad(Fingerprint fingerprintToLoad) throws IOException {
+            super(fingerprintToLoad);
+        }
+
+        @Override
+        protected Fingerprint loadFingerprint(File fingerprintFile) throws IOException {
+            throw new IOException("Test exception");
+        }
+    }
+}
-- 
GitLab


From e229f37dd921812e213e34913c94b632c6e54299 Mon Sep 17 00:00:00 2001
From: Matt Sicker <boards@gmail.com>
Date: Fri, 4 May 2018 14:36:33 -0500
Subject: [PATCH 387/863] JENKINS-13128: Preserve copied file permissions and
 mtime (#3400)

* JENKINS-13128: Preserve copied file permissions and mtime

This fixes a bug where files copied locally do not preserve file permissions or last modification time.

* Use IO utility methods for exception handling

* Fix invalid path exception propagation

* Revert hudson.Util
---
 core/src/main/java/hudson/FilePath.java       |  3 +-
 .../java/hudson/model/ItemGroupMixIn.java     |  5 ++-
 core/src/test/java/hudson/FilePathTest.java   | 34 +++++++++++++++++++
 3 files changed, 40 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/FilePath.java b/core/src/main/java/hudson/FilePath.java
index 5f5cddd6ab..c743e6fe06 100644
--- a/core/src/main/java/hudson/FilePath.java
+++ b/core/src/main/java/hudson/FilePath.java
@@ -2283,7 +2283,8 @@ public final class FilePath implements Serializable {
                             if (f.isFile()) {
                                 File target = new File(dest, relativePath);
                                 mkdirsE(target.getParentFile());
-                                Util.copyFile(f, writing(target));
+                                Files.copy(fileToPath(f), fileToPath(writing(target)),
+                                        StandardCopyOption.COPY_ATTRIBUTES, StandardCopyOption.REPLACE_EXISTING);
                                 count.incrementAndGet();
                             }
                         }
diff --git a/core/src/main/java/hudson/model/ItemGroupMixIn.java b/core/src/main/java/hudson/model/ItemGroupMixIn.java
index 13f72c3f07..195d4d8c0c 100644
--- a/core/src/main/java/hudson/model/ItemGroupMixIn.java
+++ b/core/src/main/java/hudson/model/ItemGroupMixIn.java
@@ -45,6 +45,8 @@ import java.io.File;
 import java.io.FileFilter;
 import java.io.IOException;
 import java.io.InputStream;
+import java.nio.file.Files;
+import java.nio.file.StandardCopyOption;
 import java.util.Map;
 import java.util.logging.Level;
 import java.util.logging.Logger;
@@ -239,7 +241,8 @@ public abstract class ItemGroupMixIn {
         T result = (T)createProject(src.getDescriptor(),name,false);
 
         // copy config
-        Util.copyFile(srcConfigFile.getFile(), Items.getConfigFile(result).getFile());
+        Files.copy(Util.fileToPath(srcConfigFile.getFile()), Util.fileToPath(Items.getConfigFile(result).getFile()),
+                StandardCopyOption.COPY_ATTRIBUTES, StandardCopyOption.REPLACE_EXISTING);
 
         // reload from the new config
         final File rootDir = result.getRootDir();
diff --git a/core/src/test/java/hudson/FilePathTest.java b/core/src/test/java/hudson/FilePathTest.java
index 57815f6618..2243bd1fc1 100644
--- a/core/src/test/java/hudson/FilePathTest.java
+++ b/core/src/test/java/hudson/FilePathTest.java
@@ -43,8 +43,11 @@ import java.net.URLConnection;
 import java.net.URLStreamHandler;
 import java.nio.file.Files;
 import java.nio.file.Path;
+import java.nio.file.attribute.FileTime;
+import java.nio.file.attribute.PosixFilePermission;
 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.EnumSet;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Set;
@@ -52,6 +55,7 @@ import java.util.concurrent.Callable;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Executors;
 import java.util.concurrent.Future;
+import java.util.concurrent.TimeUnit;
 import java.util.zip.ZipEntry;
 import java.util.zip.ZipOutputStream;
 import org.apache.commons.io.FileUtils;
@@ -845,4 +849,34 @@ public class FilePathTest {
         assertTrue("junction target contents should not be deleted", Files.exists(targetContents));
         assertFalse("could not delete target", Files.exists(toDelete));
     }
+
+    @Issue("JENKINS-13128")
+    @Test public void copyRecursivePreservesPosixFilePermissions() throws Exception {
+        assumeFalse("windows doesn't support posix file permissions", Functions.isWindows());
+        File src = temp.newFolder("src");
+        File dst = temp.newFolder("dst");
+        Path sourceFile = Files.createFile(src.toPath().resolve("test-file"));
+        Set<PosixFilePermission> allRWX = EnumSet.allOf(PosixFilePermission.class);
+        Files.setPosixFilePermissions(sourceFile, allRWX);
+        FilePath f = new FilePath(src);
+        f.copyRecursiveTo(new FilePath(dst));
+        Path destinationFile = dst.toPath().resolve("test-file");
+        assertTrue("file was not copied", Files.exists(destinationFile));
+        Set<PosixFilePermission> destinationPermissions = Files.getPosixFilePermissions(destinationFile);
+        assertEquals("file permissions not copied", allRWX, destinationPermissions);
+    }
+
+    @Issue("JENKINS-13128")
+    @Test public void copyRecursivePreservesLastModifiedTime() throws Exception {
+        File src = temp.newFolder("src");
+        File dst = temp.newFolder("dst");
+        Path sourceFile = Files.createFile(src.toPath().resolve("test-file"));
+        FileTime mtime = FileTime.from(42L, TimeUnit.SECONDS);
+        Files.setLastModifiedTime(sourceFile, mtime);
+        FilePath f = new FilePath(src);
+        f.copyRecursiveTo(new FilePath(dst));
+        Path destinationFile = dst.toPath().resolve("test-file");
+        assertTrue("file was not copied", Files.exists(destinationFile));
+        assertEquals("file mtime was not preserved", mtime, Files.getLastModifiedTime(destinationFile));
+    }
 }
-- 
GitLab


From e7eec1cbe60067871689871f12a56d496abe60a2 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <Wadeck@users.noreply.github.com>
Date: Fri, 4 May 2018 22:03:22 +0200
Subject: [PATCH 388/863] [JENKINS-51064] Lenient URL validator for Root URL
 (#3415)

* [JENKINS-51064] Lenient URL validator for Root URL
- especially with the TLDs
- more test cases

* add blank line

* Adjust comment

* Correction typo
---
 .../validator/routines/DomainValidator.java   |  3 ++
 .../src/main/java/jenkins/util/UrlHelper.java | 48 +++++++++++--------
 .../test/java/jenkins/util/UrlHelperTest.java | 27 +++++++++--
 3 files changed, 54 insertions(+), 24 deletions(-)

diff --git a/core/src/main/java/jenkins/org/apache/commons/validator/routines/DomainValidator.java b/core/src/main/java/jenkins/org/apache/commons/validator/routines/DomainValidator.java
index bd3a8da924..10edf8c4f7 100644
--- a/core/src/main/java/jenkins/org/apache/commons/validator/routines/DomainValidator.java
+++ b/core/src/main/java/jenkins/org/apache/commons/validator/routines/DomainValidator.java
@@ -2002,6 +2002,9 @@ public class DomainValidator implements Serializable {
      * @return converted input, or original input if conversion fails
      */
     // Needed by UrlValidator
+    //[PATCH]
+    public
+    // end of [PATCH]
     static String unicodeToASCII(String input) {
         if (isOnlyASCII(input)) { // skip possibly expensive processing
             return input;
diff --git a/core/src/main/java/jenkins/util/UrlHelper.java b/core/src/main/java/jenkins/util/UrlHelper.java
index 21fff86a35..a71e592304 100644
--- a/core/src/main/java/jenkins/util/UrlHelper.java
+++ b/core/src/main/java/jenkins/util/UrlHelper.java
@@ -23,36 +23,42 @@
  */
 package jenkins.util;
 
+import jenkins.org.apache.commons.validator.routines.DomainValidator;
 import jenkins.org.apache.commons.validator.routines.UrlValidator;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 
-import java.net.MalformedURLException;
-import java.net.URL;
-
 @Restricted(NoExternalUse.class)
 public class UrlHelper {
+    /**
+     * Authorize the {@code _} and {@code -} characters in domain
+     * <p>
+     * Avoid {@code -} and {@code .} to be first or last
+     */
+    private static String DOMAIN_REGEX = System.getProperty(
+            UrlHelper.class.getName() + ".DOMAIN_REGEX", 
+            "(\\w(\\.?-?\\w+)*)(:\\d{1,5})?"
+    );
+    
     public static boolean isValidRootUrl(String url) {
-        String[] schemes = {"http", "https"};
-        // option to accept url like http://localhost or http://SERVER_JENKINS that are often used inside company's network
-        UrlValidator validator = new UrlValidator(schemes, UrlValidator.ALLOW_LOCAL_URLS + UrlValidator.NO_FRAGMENTS);
-        boolean isValid = validator.isValid(url);
-        if (!isValid) {
-            // potentially it contains _'s in hostname which seems accepted but not by the UrlValidator
-            // https://issues.apache.org/jira/browse/VALIDATOR-358
-            try {
-                URL urlObject = new URL(url);
-                String host = urlObject.getHost();
-                if (host.contains("_")) {
-                    String hostWithoutUnderscore = host.replace("_", "");
-                    String modifiedUrl = url.replace(host, hostWithoutUnderscore);
-                    isValid = validator.isValid(modifiedUrl);
-                }
-            } catch (MalformedURLException e) {
+        UrlValidator validator = new CustomUrlValidator();
+        return validator.isValid(url);
+    }
+    
+    private static class CustomUrlValidator extends UrlValidator {
+        private CustomUrlValidator() {
+            super(new String[]{"http", "https"}, UrlValidator.ALLOW_LOCAL_URLS + UrlValidator.NO_FRAGMENTS);
+        }
+        
+        @Override 
+        protected boolean isValidAuthority(String authority) {
+            // to support ipv6
+            boolean superResult = super.isValidAuthority(authority);
+            if(!superResult && authority == null){
                 return false;
             }
+            String authorityASCII = DomainValidator.unicodeToASCII(authority);
+            return authorityASCII.matches(DOMAIN_REGEX);
         }
-        
-        return isValid;
     }
 }
diff --git a/core/src/test/java/jenkins/util/UrlHelperTest.java b/core/src/test/java/jenkins/util/UrlHelperTest.java
index 6d4cad2481..e07219ab84 100644
--- a/core/src/test/java/jenkins/util/UrlHelperTest.java
+++ b/core/src/test/java/jenkins/util/UrlHelperTest.java
@@ -6,17 +6,19 @@ import org.jvnet.hudson.test.Issue;
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertTrue;
 
-@Issue("JENKINS-31661")
 public class UrlHelperTest {
 
     @Test
+    @Issue("JENKINS-31661")
     public void isValid() {
         assertTrue(UrlHelper.isValidRootUrl("http://www.google.com"));
+        assertTrue(UrlHelper.isValidRootUrl("http://www.google.com/"));
         assertTrue(UrlHelper.isValidRootUrl("http://www.google.com/jenkins"));
         assertTrue(UrlHelper.isValidRootUrl("http://www.google.com:8080"));
         assertTrue(UrlHelper.isValidRootUrl("http://www.google.com:8080/jenkins"));
         assertTrue(UrlHelper.isValidRootUrl("https://www.google.com:8080/jenkins"));
         assertTrue(UrlHelper.isValidRootUrl("http://localhost:8080/jenkins"));
+        assertTrue(UrlHelper.isValidRootUrl("http://localhost:8080/jenkins/"));
         assertTrue(UrlHelper.isValidRootUrl("http://my_server:8080/jenkins"));
         assertTrue(UrlHelper.isValidRootUrl("http://MY_SERVER_IN_PRIVATE_NETWORK:8080/jenkins"));
         assertTrue(UrlHelper.isValidRootUrl("http://jenkins"));
@@ -40,5 +42,24 @@ public class UrlHelperTest {
         // this url will be used as a root url and so will be concatenated with other part, fragments are not allowed
         assertFalse(UrlHelper.isValidRootUrl("http://jenkins#fragment"));
     }
-
-}
\ No newline at end of file
+    
+    @Test
+    @Issue("JENKINS-51064")
+    public void isAlsoValid() {
+        assertTrue(UrlHelper.isValidRootUrl("http://my-server:8080/jenkins"));
+        assertTrue(UrlHelper.isValidRootUrl("http://jenkins.internal/"));
+        assertTrue(UrlHelper.isValidRootUrl("http://jenkins.otherDomain/"));
+        assertTrue(UrlHelper.isValidRootUrl("http://my-server.domain:8080/jenkins"));
+        assertTrue(UrlHelper.isValidRootUrl("http://my-ser_ver.do_m-ain:8080/jenkins"));
+        assertTrue(UrlHelper.isValidRootUrl("http://my-ser_ver.do_m-ain:8080/jenkins"));
+    
+        // forbidden to start or end domain with - or .
+        assertFalse(UrlHelper.isValidRootUrl("http://-jenkins.com"));
+        assertFalse(UrlHelper.isValidRootUrl("http://jenkins.com-"));
+        assertFalse(UrlHelper.isValidRootUrl("http://.jenkins.com"));
+        assertFalse(UrlHelper.isValidRootUrl("http://jenkins.com."));
+    
+        // forbidden to have multiple dots in chain
+        assertFalse(UrlHelper.isValidRootUrl("http://jen..kins.com"));
+    }
+}
-- 
GitLab


From 8ede53387ec060a7c343e32efe808b1016f0c10c Mon Sep 17 00:00:00 2001
From: aviadatsnyk <aviad@snyk.io>
Date: Sat, 5 May 2018 15:32:34 +0300
Subject: [PATCH 389/863] [JENKINS-32778] - Prevent extracting archived plugins
 outside of target path (#3402)

---
 core/src/main/java/hudson/FilePath.java | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/core/src/main/java/hudson/FilePath.java b/core/src/main/java/hudson/FilePath.java
index c743e6fe06..0bcc31c32b 100644
--- a/core/src/main/java/hudson/FilePath.java
+++ b/core/src/main/java/hudson/FilePath.java
@@ -598,6 +598,10 @@ public final class FilePath implements Serializable {
             while (entries.hasMoreElements()) {
                 ZipEntry e = entries.nextElement();
                 File f = new File(dir, e.getName());
+                if (!f.toPath().normalize().startsWith(dir.toPath())) {
+                    throw new IOException(
+                        "Zip " + zipFile.getPath() + " contains illegal file name that breaks out of the target directory: " + e.getName());
+                }
                 if (e.isDirectory()) {
                     mkdirs(f);
                 } else {
-- 
GitLab


From 081e400a5b618b035fa9c350e3bf4341d66e2476 Mon Sep 17 00:00:00 2001
From: Hangsu Ma <hangsu-ma@users.noreply.github.com>
Date: Sat, 5 May 2018 20:27:15 +0100
Subject: [PATCH 390/863] [FIXED JENKINS-14713] make Cancel independent from
 Build permission (#882)

A script in the confluence page below will make sure configuration is
compatible after this change:
https://wiki.jenkins-ci.org/x/fAAhB
---
 core/src/main/java/hudson/model/Item.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/model/Item.java b/core/src/main/java/hudson/model/Item.java
index 8187d608bd..be8a5495e1 100644
--- a/core/src/main/java/hudson/model/Item.java
+++ b/core/src/main/java/hudson/model/Item.java
@@ -266,5 +266,5 @@ public interface Item extends PersistenceRoot, SearchableModelObject, AccessCont
     Permission BUILD = new Permission(PERMISSIONS, "Build", Messages._AbstractProject_BuildPermission_Description(),  Permission.UPDATE, PermissionScope.ITEM);
     Permission WORKSPACE = new Permission(PERMISSIONS, "Workspace", Messages._AbstractProject_WorkspacePermission_Description(), Permission.READ, PermissionScope.ITEM);
     Permission WIPEOUT = new Permission(PERMISSIONS, "WipeOut", Messages._AbstractProject_WipeOutPermission_Description(), null, Functions.isWipeOutPermissionEnabled(), new PermissionScope[]{PermissionScope.ITEM});
-    Permission CANCEL = new Permission(PERMISSIONS, "Cancel", Messages._AbstractProject_CancelPermission_Description(), BUILD, PermissionScope.ITEM);
+    Permission CANCEL = new Permission(PERMISSIONS, "Cancel", Messages._AbstractProject_CancelPermission_Description(), Permission.UPDATE, PermissionScope.ITEM);
 }
-- 
GitLab


From 23c44bdbfab946989e6bc081f163ecf6a5010279 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 6 May 2018 02:34:21 -0700
Subject: [PATCH 391/863] [maven-release-plugin] prepare release jenkins-2.120

---
 cli/pom.xml  | 6 +++++-
 core/pom.xml | 6 +++++-
 pom.xml      | 4 ++--
 test/pom.xml | 6 +++++-
 war/pom.xml  | 6 +++++-
 5 files changed, 22 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 3d32d9a4f7..7812521096 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.120</version>
   </parent>
 
   <artifactId>cli</artifactId>
@@ -129,4 +129,8 @@
       </plugin>
     </plugins>
   </build>
+
+  <scm>
+    <tag>jenkins-2.120-SNAPSHOT</tag>
+  </scm>
 </project>
diff --git a/core/pom.xml b/core/pom.xml
index 91d8b7a889..d2d4d81cc2 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.120</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
@@ -883,4 +883,8 @@ THE SOFTWARE.
       </properties>
     </profile>
   </profiles>
+
+  <scm>
+    <tag>jenkins-2.120-SNAPSHOT</tag>
+  </scm>
 </project>
diff --git a/pom.xml b/pom.xml
index 4ba3d3469a..c660df0e0d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.120</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.120-SNAPSHOT</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..dac7e75ba7 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.120</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
@@ -366,4 +366,8 @@ THE SOFTWARE.
       </build>
     </profile>
   </profiles>
+
+  <scm>
+    <tag>jenkins-2.120-SNAPSHOT</tag>
+  </scm>
 </project>
diff --git a/war/pom.xml b/war/pom.xml
index 1af95e1d77..1702532094 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.120</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
@@ -695,4 +695,8 @@ THE SOFTWARE.
       </build>
     </profile>
   </profiles>
+
+  <scm>
+    <tag>jenkins-2.120-SNAPSHOT</tag>
+  </scm>
 </project>
-- 
GitLab


From 7250d8b875366ae90fa6aec13b5a5c86720e23a3 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 6 May 2018 02:34:22 -0700
Subject: [PATCH 392/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 6 +-----
 core/pom.xml | 6 +-----
 pom.xml      | 4 ++--
 test/pom.xml | 6 +-----
 war/pom.xml  | 6 +-----
 5 files changed, 6 insertions(+), 22 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 7812521096..98eef9c363 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.120</version>
+    <version>2.121-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
@@ -129,8 +129,4 @@
       </plugin>
     </plugins>
   </build>
-
-  <scm>
-    <tag>jenkins-2.120-SNAPSHOT</tag>
-  </scm>
 </project>
diff --git a/core/pom.xml b/core/pom.xml
index d2d4d81cc2..f4ba140c9f 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.120</version>
+    <version>2.121-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
@@ -883,8 +883,4 @@ THE SOFTWARE.
       </properties>
     </profile>
   </profiles>
-
-  <scm>
-    <tag>jenkins-2.120-SNAPSHOT</tag>
-  </scm>
 </project>
diff --git a/pom.xml b/pom.xml
index c660df0e0d..2d99c08a04 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.120</version>
+  <version>2.121-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.120-SNAPSHOT</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index dac7e75ba7..66f389ebde 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.120</version>
+    <version>2.121-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
@@ -366,8 +366,4 @@ THE SOFTWARE.
       </build>
     </profile>
   </profiles>
-
-  <scm>
-    <tag>jenkins-2.120-SNAPSHOT</tag>
-  </scm>
 </project>
diff --git a/war/pom.xml b/war/pom.xml
index 1702532094..bbfdc90c66 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.120</version>
+    <version>2.121-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
@@ -695,8 +695,4 @@ THE SOFTWARE.
       </build>
     </profile>
   </profiles>
-
-  <scm>
-    <tag>jenkins-2.120-SNAPSHOT</tag>
-  </scm>
 </project>
-- 
GitLab


From a760a375518340803be2be1849d489faf1d49043 Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Sun, 6 May 2018 17:59:41 +0800
Subject: [PATCH 393/863] Add Chinese translation for
 setupWizardConfigureInstance page

---
 ...upWizardConfigureInstance_zh_CN.properties | 28 +++++++++++++++++++
 .../pluginSetupWizard_zh_CN.properties        | 10 +++++++
 2 files changed, 38 insertions(+)
 create mode 100644 core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance_zh_CN.properties

diff --git a/core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance_zh_CN.properties b/core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance_zh_CN.properties
new file mode 100644
index 0000000000..cafe3da6c0
--- /dev/null
+++ b/core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance_zh_CN.properties
@@ -0,0 +1,28 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Instance\ Configuration=\u5b9e\u4f8b\u914d\u7f6e
+Jenkins\ URL=Jenkins URL
+jenkinsURL_help=Jenkins URL \u7528\u4e8e\u7ed9\u5404\u79cdJenkins\u8d44\u6e90\u63d0\u4f9b\u7edd\u5bf9\u8def\u5f84\u94fe\u63a5\u7684\u6839\u5730\u5740\u3002 \
+ \u8fd9\u610f\u5473\u7740\u5bf9\u4e8e\u5f88\u591aJenkins\u7279\u8272\u662f\u9700\u8981\u6b63\u786e\u8bbe\u7f6e\u7684\uff0c\u4f8b\u5982\uff1a\u90ae\u4ef6\u901a\u77e5\u3001PR\u72b6\u6001\u66f4\u65b0\u4ee5\u53ca\u63d0\u4f9b\u7ed9\u6784\u5efa\u6b65\u9aa4\u7684<code>BUILD_URL</code>\u73af\u5883\u53d8\u91cf\u3002<br /> \
+ \u63a8\u8350\u7684\u9ed8\u8ba4\u503c\u663e\u793a\u5728<strong>\u5c1a\u672a\u4fdd\u5b58</strong>\uff0c\u5982\u679c\u53ef\u80fd\u7684\u8bdd\u8fd9\u662f\u6839\u636e\u5f53\u524d\u8bf7\u6c42\u751f\u6210\u7684\u3002 \
+ \u6700\u4f73\u5b9e\u8df5\u662f\u8981\u8bbe\u7f6e\u8fd9\u4e2a\u503c\uff0c\u7528\u6237\u53ef\u80fd\u4f1a\u9700\u8981\u7528\u5230\u3002\u8fd9\u5c06\u4f1a\u907f\u514d\u5728\u5206\u4eab\u6216\u8005\u67e5\u770b\u94fe\u63a5\u65f6\u7684\u56f0\u60d1\u3002 \
diff --git a/core/src/main/resources/jenkins/install/pluginSetupWizard_zh_CN.properties b/core/src/main/resources/jenkins/install/pluginSetupWizard_zh_CN.properties
index ca1b4b0bda..fdad93d297 100644
--- a/core/src/main/resources/jenkins/install/pluginSetupWizard_zh_CN.properties
+++ b/core/src/main/resources/jenkins/install/pluginSetupWizard_zh_CN.properties
@@ -70,6 +70,16 @@ installWizard_firstUserSkippedMessage=<div class="alert alert-warning fade in">\
 \u53ca\u7528\u4e8e\u8bbf\u95ee\u5b89\u88c5\u5411\u5bfc\u7684\u7ba1\u7406\u5458\u5bc6\u7801\u3002\
 </div> 
 installWizard_addFirstUser_title=\u65b0\u624b\u5165\u95e8
+
+# instance configuration page
+installWizard_configureInstance_title=\u5b9e\u4f8b\u914d\u7f6e
+installWizard_saveConfigureInstance=\u4fdd\u5b58\u5e76\u5b8c\u6210
+installWizard_skipConfigureInstance=\u73b0\u5728\u4e0d\u8981
+installWizard_configureInstanceSkippedMessage=<div class="alert alert-warning fade in">\
+\u60a8\u5df2\u7ecf\u8df3\u8fc7\u4e86 Jenkins URL\u7684\u914d\u7f6e\u3002 <br/><br/>\
+\u8981\u914d\u7f6e Jenkins URL\u7684\u8bdd\uff0c\u5230\u201cJenkins\u7ba1\u7406\u201d\u9875\u9762\u3002\
+</div>
+
 installWizard_configureProxy_label=\u914d\u7f6e\u4ee3\u7406
 installWizard_configureProxy_save=\u4fdd\u5b58\u5e76\u7ee7\u7eed
 installWizard_gettingStarted_title=\u65b0\u624b\u5165\u95e8
-- 
GitLab


From c79f3f719c3f320ff6f0b17fae7d15ee2c1cbbcb Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Sun, 6 May 2018 12:10:16 +0200
Subject: [PATCH 394/863] [JENKINS-51158] Improve Root URL validation - remove
 the bug for ipv6 - remove the support of query that was not expected - add
 support for trailing dots - add lots of unit tests

---
 .../src/main/java/jenkins/util/UrlHelper.java |  39 ++++++-
 .../test/java/jenkins/util/UrlHelperTest.java | 106 ++++++++++++++++--
 2 files changed, 130 insertions(+), 15 deletions(-)

diff --git a/core/src/main/java/jenkins/util/UrlHelper.java b/core/src/main/java/jenkins/util/UrlHelper.java
index a71e592304..5058d20dc7 100644
--- a/core/src/main/java/jenkins/util/UrlHelper.java
+++ b/core/src/main/java/jenkins/util/UrlHelper.java
@@ -28,16 +28,38 @@ import jenkins.org.apache.commons.validator.routines.UrlValidator;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 
+/**
+ * Objective is to validate an URL in a lenient way sufficiently strict to avoid too weird URL
+ * but to still allow particular internal URL to be accepted
+ */
 @Restricted(NoExternalUse.class)
 public class UrlHelper {
     /**
-     * Authorize the {@code _} and {@code -} characters in domain
+     * Authorize the {@code _} and {@code -} characters in *domain*
      * <p>
-     * Avoid {@code -} and {@code .} to be first or last
+     * Avoid {@code -} to be first or last, and {@code .} to be first (but can be last)
+     * 
+     * Lenient version of 
+     * - https://tools.ietf.org/html/rfc952 GRAMMATICAL HOST TABLE SPECIFICATION
+     * - https://www.ietf.org/rfc/rfc1034.txt 3.5
+     * - https://www.ietf.org/rfc/rfc1738.txt 3.1, host
+     * - https://tools.ietf.org/html/rfc1123 2.1
+     * 
+     * Deliberately allow:
+     * - short domain name (often there are rules like minimum of 3 characters)
+     * - long domain name (normally limit on whole domain of 255 and for each subdomain/label of 63)
+     * - starting by numbers (disallowed by RFC-952 and RFC-1034, but nowadays it's supported by RFC-1123)
+     * - use of underscore (not explicitly allowed in RFC but could occur in internal network, we do not speak about path here, just domain)
+     * - custom TLD like "intern" that is not standard but could be registered locally in a network
      */
     private static String DOMAIN_REGEX = System.getProperty(
             UrlHelper.class.getName() + ".DOMAIN_REGEX", 
-            "(\\w(\\.?-?\\w+)*)(:\\d{1,5})?"
+            "^" + 
+            "\\w" + // must start with letter / number / underscore
+                "(-*(\\.|\\w))*" +// dashes are allowed but not as last character
+                "\\.*" + // can end with zero (most common), one or multiple dots 
+                "(:\\d{1,5})?" + // and potentially the port specification
+                "$"
     );
     
     public static boolean isValidRootUrl(String url) {
@@ -52,13 +74,22 @@ public class UrlHelper {
         
         @Override 
         protected boolean isValidAuthority(String authority) {
-            // to support ipv6
             boolean superResult = super.isValidAuthority(authority);
+            if(superResult && authority.contains("[")){
+                // to support ipv6
+                return true;
+            }
             if(!superResult && authority == null){
                 return false;
             }
             String authorityASCII = DomainValidator.unicodeToASCII(authority);
             return authorityASCII.matches(DOMAIN_REGEX);
         }
+    
+        @Override 
+        protected boolean isValidQuery(String query) {
+            // does not accept query
+            return query == null;
+        }
     }
 }
diff --git a/core/src/test/java/jenkins/util/UrlHelperTest.java b/core/src/test/java/jenkins/util/UrlHelperTest.java
index e07219ab84..8f6391c3a9 100644
--- a/core/src/test/java/jenkins/util/UrlHelperTest.java
+++ b/core/src/test/java/jenkins/util/UrlHelperTest.java
@@ -10,56 +10,140 @@ public class UrlHelperTest {
 
     @Test
     @Issue("JENKINS-31661")
-    public void isValid() {
+    public void regularCases() {
         assertTrue(UrlHelper.isValidRootUrl("http://www.google.com"));
+        // trailing slash is optional
         assertTrue(UrlHelper.isValidRootUrl("http://www.google.com/"));
+        // path is allowed
         assertTrue(UrlHelper.isValidRootUrl("http://www.google.com/jenkins"));
+        // port is allowed to be precised
         assertTrue(UrlHelper.isValidRootUrl("http://www.google.com:8080"));
         assertTrue(UrlHelper.isValidRootUrl("http://www.google.com:8080/jenkins"));
+        // http or https are only valid schemes
         assertTrue(UrlHelper.isValidRootUrl("https://www.google.com:8080/jenkins"));
+        // also with their UPPERCASE equivalent
+        assertTrue(UrlHelper.isValidRootUrl("HTTP://www.google.com:8080/jenkins"));
+        assertTrue(UrlHelper.isValidRootUrl("HTTPS://www.google.com:8080/jenkins"));
+
         assertTrue(UrlHelper.isValidRootUrl("http://localhost:8080/jenkins"));
         assertTrue(UrlHelper.isValidRootUrl("http://localhost:8080/jenkins/"));
         assertTrue(UrlHelper.isValidRootUrl("http://my_server:8080/jenkins"));
         assertTrue(UrlHelper.isValidRootUrl("http://MY_SERVER_IN_PRIVATE_NETWORK:8080/jenkins"));
         assertTrue(UrlHelper.isValidRootUrl("http://jenkins"));
-        
+        assertTrue(UrlHelper.isValidRootUrl("http://j"));
+        assertTrue(UrlHelper.isValidRootUrl("http://j.io"));
+
         assertFalse(UrlHelper.isValidRootUrl("http://jenkins::"));
         assertFalse(UrlHelper.isValidRootUrl("http://jenkins::80"));
+        // scheme must be correctly spelled (missing :)
         assertFalse(UrlHelper.isValidRootUrl("http//jenkins"));
-        
+
+        // scheme is mandatory
         assertFalse(UrlHelper.isValidRootUrl("com."));
+        // spaces are forbidden
         assertFalse(UrlHelper.isValidRootUrl("http:// "));
-        
+
         // examples not passing with a simple `new URL(url).toURI()` check
         assertFalse(UrlHelper.isValidRootUrl("http://jenkins//context"));
         assertFalse(UrlHelper.isValidRootUrl("http:/jenkins"));
         assertFalse(UrlHelper.isValidRootUrl("http://.com"));
-        assertFalse(UrlHelper.isValidRootUrl("http://com."));
         assertFalse(UrlHelper.isValidRootUrl("http:/:"));
         assertFalse(UrlHelper.isValidRootUrl("http://..."));
         assertFalse(UrlHelper.isValidRootUrl("http://::::@example.com"));
         assertFalse(UrlHelper.isValidRootUrl("ftp://jenkins"));
-        // this url will be used as a root url and so will be concatenated with other part, fragments are not allowed
+    }
+    
+    @Test
+    public void fragmentIsForbidden(){
+        // this url will be used as a root url and so will be concatenated with other part, fragment part is not allowed
         assertFalse(UrlHelper.isValidRootUrl("http://jenkins#fragment"));
+        assertFalse(UrlHelper.isValidRootUrl("http://jenkins.com#fragment"));
+    }
+    
+    @Test
+    public void queryIsForbidden(){
+        // this url will be used as a root url and so will be concatenated with other part, query part is not allowed
+        assertFalse(UrlHelper.isValidRootUrl("http://jenkins?param=test"));
+        assertFalse(UrlHelper.isValidRootUrl("http://jenkins.com?param=test"));
+    }
+    
+    @Test
+    public void otherCharactersAreForbidden(){
+        // other characters are not allowed
+        assertFalse(UrlHelper.isValidRootUrl("http://jenk@ins.com"));
+        assertFalse(UrlHelper.isValidRootUrl("http://jenk(ins.com"));
+        assertFalse(UrlHelper.isValidRootUrl("http://jenk)ins.com"));
+        assertFalse(UrlHelper.isValidRootUrl("http://jenk[ins.com"));
+        assertFalse(UrlHelper.isValidRootUrl("http://jenk]ins.com"));
+        assertFalse(UrlHelper.isValidRootUrl("http://jenk%ins.com"));
+        assertFalse(UrlHelper.isValidRootUrl("http://jenk$ins.com"));
+        assertFalse(UrlHelper.isValidRootUrl("http://jenk!ins.com"));
+        assertFalse(UrlHelper.isValidRootUrl("http://jenk?ins.com"));
+    }
+    
+    @Test
+    public void ipv4Allowed(){
+        assertTrue(UrlHelper.isValidRootUrl("http://172.52.125.12"));
+        assertTrue(UrlHelper.isValidRootUrl("http://172.52.125.12/jenkins"));
+        assertTrue(UrlHelper.isValidRootUrl("http://172.52.125.12:8080"));
+        assertTrue(UrlHelper.isValidRootUrl("http://172.52.125.12:8080/jenkins"));
+    }
+    
+    @Test
+    public void ipv6Allowed() {
+        assertTrue(UrlHelper.isValidRootUrl("http://[FEDC:BA98:7654:3210:FEDC:BA98:7654:3210]"));
+        assertTrue(UrlHelper.isValidRootUrl("http://[FEDC:0000:0000:3210:FEDC:BA98:7654:3210]"));
+        // 0000 can be reduced to 0
+        assertTrue(UrlHelper.isValidRootUrl("http://[FEDC:0:0:3210:FEDC:BA98:7654:3210]"));
+        // an unique sequence of multiple fragments with 0's could be omitted completely
+        assertTrue(UrlHelper.isValidRootUrl("http://[FEDC::3210:FEDC:BA98:7654:3210]"));
+        // but only one sequence
+        assertFalse(UrlHelper.isValidRootUrl("http://[2001::85a3::ac1f]"));
+        
+        // port and path are still allowed
+        assertTrue(UrlHelper.isValidRootUrl("http://[FEDC:0:0:3210:FEDC:BA98:7654:3210]:8001/jenkins"));
+        assertTrue(UrlHelper.isValidRootUrl("http://[FEDC:0:0:3210:FEDC:BA98:7654:3210]:8001"));
+        assertTrue(UrlHelper.isValidRootUrl("http://[FEDC:0:0:3210:FEDC:BA98:7654:3210]/jenkins"));
+        // dashes are not allowed inside ipv6
+        assertFalse(UrlHelper.isValidRootUrl("http://[FEDC:0:0:32-10:FEDC:BA98:7654:3210]:8001/jenkins"));
+        assertFalse(UrlHelper.isValidRootUrl("http://[FEDC:0:0:3210:-FEDC:BA98:7654:3210]:8001/jenkins"));
     }
     
     @Test
     @Issue("JENKINS-51064")
-    public void isAlsoValid() {
+    public void withCustomDomain() {
         assertTrue(UrlHelper.isValidRootUrl("http://my-server:8080/jenkins"));
         assertTrue(UrlHelper.isValidRootUrl("http://jenkins.internal/"));
         assertTrue(UrlHelper.isValidRootUrl("http://jenkins.otherDomain/"));
         assertTrue(UrlHelper.isValidRootUrl("http://my-server.domain:8080/jenkins"));
         assertTrue(UrlHelper.isValidRootUrl("http://my-ser_ver.do_m-ain:8080/jenkins"));
         assertTrue(UrlHelper.isValidRootUrl("http://my-ser_ver.do_m-ain:8080/jenkins"));
-    
+        
         // forbidden to start or end domain with - or .
         assertFalse(UrlHelper.isValidRootUrl("http://-jenkins.com"));
         assertFalse(UrlHelper.isValidRootUrl("http://jenkins.com-"));
         assertFalse(UrlHelper.isValidRootUrl("http://.jenkins.com"));
-        assertFalse(UrlHelper.isValidRootUrl("http://jenkins.com."));
+        
+        // allowed to have multiple dots in chain
+        assertTrue(UrlHelper.isValidRootUrl("http://jen..kins.com"));
+    }
     
-        // forbidden to have multiple dots in chain
-        assertFalse(UrlHelper.isValidRootUrl("http://jen..kins.com"));
+    @Test
+    public void multipleConsecutiveDashesAreAllowed() {
+        assertTrue(UrlHelper.isValidRootUrl("http://jenk--ins.internal/"));
+        assertTrue(UrlHelper.isValidRootUrl("http://www.go-----ogle.com/"));
+        // even with subdomain being just a dash
+        assertTrue(UrlHelper.isValidRootUrl("http://www.go.-.--.--ogle.com/"));
+    }
+    
+    @Test
+    @Issue("JENKINS-51158")
+    public void trailingDotsAreAccepted() {
+        assertTrue(UrlHelper.isValidRootUrl("http://jenkins.internal./"));
+        assertTrue(UrlHelper.isValidRootUrl("http://jenkins.internal......./"));
+        assertTrue(UrlHelper.isValidRootUrl("http://my-server.domain.:8080/jenkins"));
+        assertTrue(UrlHelper.isValidRootUrl("http://my-server.domain......:8080/jenkins"));
+        assertTrue(UrlHelper.isValidRootUrl("http://jenkins.com."));
+        assertTrue(UrlHelper.isValidRootUrl("http://jenkins.com......"));
     }
 }
-- 
GitLab


From 188470340ffd220a47eba22ea50438b0ab861c34 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Sun, 6 May 2018 12:16:17 +0200
Subject: [PATCH 395/863] Improve JavaDoc formatting

---
 .../src/main/java/jenkins/util/UrlHelper.java | 28 +++++++++++--------
 1 file changed, 16 insertions(+), 12 deletions(-)

diff --git a/core/src/main/java/jenkins/util/UrlHelper.java b/core/src/main/java/jenkins/util/UrlHelper.java
index 5058d20dc7..f5fc20de3f 100644
--- a/core/src/main/java/jenkins/util/UrlHelper.java
+++ b/core/src/main/java/jenkins/util/UrlHelper.java
@@ -35,22 +35,26 @@ import org.kohsuke.accmod.restrictions.NoExternalUse;
 @Restricted(NoExternalUse.class)
 public class UrlHelper {
     /**
-     * Authorize the {@code _} and {@code -} characters in *domain*
+     * Authorize the {@code _} and {@code -} characters in <strong>domain</strong>
      * <p>
      * Avoid {@code -} to be first or last, and {@code .} to be first (but can be last)
+     * <p>
      * 
-     * Lenient version of 
-     * - https://tools.ietf.org/html/rfc952 GRAMMATICAL HOST TABLE SPECIFICATION
-     * - https://www.ietf.org/rfc/rfc1034.txt 3.5
-     * - https://www.ietf.org/rfc/rfc1738.txt 3.1, host
-     * - https://tools.ietf.org/html/rfc1123 2.1
+     * Lenient version of: <ol>
+     * <li> <a href="https://tools.ietf.org/html/rfc952">RFC-952</a> GRAMMATICAL HOST TABLE SPECIFICATION</li>
+     * <li> <a href="https://www.ietf.org/rfc/rfc1034.txt">RFC-1034</a> 3.5</li>
+     * <li> <a href="https://www.ietf.org/rfc/rfc1738.txt ">RFC-1738</a>3.1, host</li>
+     * <li> <a href="https://tools.ietf.org/html/rfc1123">RFC-1123</a> 2.1</li>
+     * </ol>
+     * <p>
      * 
-     * Deliberately allow:
-     * - short domain name (often there are rules like minimum of 3 characters)
-     * - long domain name (normally limit on whole domain of 255 and for each subdomain/label of 63)
-     * - starting by numbers (disallowed by RFC-952 and RFC-1034, but nowadays it's supported by RFC-1123)
-     * - use of underscore (not explicitly allowed in RFC but could occur in internal network, we do not speak about path here, just domain)
-     * - custom TLD like "intern" that is not standard but could be registered locally in a network
+     * Deliberately allow: <ol>
+     * <li> short domain name (often there are rules like minimum of 3 characters)</li>
+     * <li> long domain name (normally limit on whole domain of 255 and for each subdomain/label of 63)</li>
+     * <li> starting by numbers (disallowed by RFC-952 and RFC-1034, but nowadays it's supported by RFC-1123)</li>
+     * <li> use of underscore (not explicitly allowed in RFC but could occur in internal network, we do not speak about path here, just domain)</li>
+     * <li> custom TLD like "intern" that is not standard but could be registered locally in a network</li>
+     * </ol>
      */
     private static String DOMAIN_REGEX = System.getProperty(
             UrlHelper.class.getName() + ".DOMAIN_REGEX", 
-- 
GitLab


From b414e3f23bd9e105a8255b2949e69692891b7002 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 7 May 2018 07:50:19 -0400
Subject: [PATCH 396/863] Reincrementalify core. (#3426)

* Reincrementalify core.

* Pick up released version
---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 6 +++---
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 98eef9c363..3d32d9a4f7 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index f4ba140c9f..91d8b7a889 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 2d99c08a04..7e9a1bef10 100644
--- a/pom.xml
+++ b/pom.xml
@@ -28,13 +28,13 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci</groupId>
     <artifactId>jenkins</artifactId>
-    <version>1.43</version>
+    <version>1.44</version>
     <relativePath />
   </parent>
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.121-SNAPSHOT</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.120</revision>
+    <revision>2.121</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 66f389ebde..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index bbfdc90c66..1af95e1d77 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From e216995ee01a1acbb907dace2c0a09c772ac5ff5 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 7 May 2018 09:39:26 -0400
Subject: [PATCH 397/863] Avoid CI failures pending reincrementalifization.

---
 Jenkinsfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Jenkinsfile b/Jenkinsfile
index 031633d05e..b3285a5c64 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -63,6 +63,7 @@ for(i = 0; i < buildTypes.size(); i++) {
                         dir(m2repo) {
                             archiveArtifacts artifacts: "**/*$changelist/*$changelist*",
                                              excludes: '**/*.lastUpdated,**/jenkins-test/',
+                                             allowEmptyArchive: true, // in case we forgot to reincrementalify
                                              fingerprint: true
                         }
                     }
-- 
GitLab


From 5e4d47be1bbb71b3beba3c423c03f8b87430ff86 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 7 May 2018 11:00:10 -0700
Subject: [PATCH 398/863] [maven-release-plugin] prepare release
 jenkins-2.107.3

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 37a2d405c9..7bd0170bb7 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.3-SNAPSHOT</version>
+    <version>2.107.3</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 9bb4289755..59a6b100a3 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.3-SNAPSHOT</version>
+    <version>2.107.3</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index d59c514303..6de6cca708 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.107.3-SNAPSHOT</version>
+  <version>2.107.3</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.107.3</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index f61be09ff5..397f8dcd4e 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.3-SNAPSHOT</version>
+    <version>2.107.3</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 8425ca42b5..61760a3baa 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.3-SNAPSHOT</version>
+    <version>2.107.3</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From c6c008e0648b9ecf0631ea7ea8eeaeebe81ac0d0 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 7 May 2018 11:00:10 -0700
Subject: [PATCH 399/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 7bd0170bb7..916b4083d5 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.3</version>
+    <version>2.107.4-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 59a6b100a3..81fe3bb281 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.3</version>
+    <version>2.107.4-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 6de6cca708..21a55d407b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>pom</artifactId>
-  <version>2.107.3</version>
+  <version>2.107.4-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -58,7 +58,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.107.3</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 397f8dcd4e..975aea364d 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.3</version>
+    <version>2.107.4-SNAPSHOT</version>
   </parent>
 
   <artifactId>test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 61760a3baa..65991fedb4 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>pom</artifactId>
-    <version>2.107.3</version>
+    <version>2.107.4-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From e1132fd4ed106499fbc6eb307fff4573ca22f20d Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 7 May 2018 12:09:24 -0700
Subject: [PATCH 400/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 8db5c98be2..089361927a 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121</version>
+    <version>2.122-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index c17f7ec1d6..cb4a5818bb 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121</version>
+    <version>2.122-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 66cc79f91e..3d104c2f8d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.121</version>
+  <version>2.122-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.121</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index c99682c1c4..e23ef9dbfa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121</version>
+    <version>2.122-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index fb0f31a18f..d886d358ea 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121</version>
+    <version>2.122-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 9bc3aa68b196fbf9c676541793f4b59f663c4af8 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 7 May 2018 12:09:24 -0700
Subject: [PATCH 401/863] [maven-release-plugin] prepare release jenkins-2.121

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 98eef9c363..8db5c98be2 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121-SNAPSHOT</version>
+    <version>2.121</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index f4ba140c9f..c17f7ec1d6 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121-SNAPSHOT</version>
+    <version>2.121</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 2d99c08a04..66cc79f91e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.121-SNAPSHOT</version>
+  <version>2.121</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.121</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 66f389ebde..c99682c1c4 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121-SNAPSHOT</version>
+    <version>2.121</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index bbfdc90c66..fb0f31a18f 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121-SNAPSHOT</version>
+    <version>2.121</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 3b61b96119b9fd8c80b1fa79a19f8f770af434b7 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Tue, 8 May 2018 12:04:18 -0400
Subject: [PATCH 402/863] [JENKINS-51205] Improve performance of
 /pluginManager/available service.

---
 core/src/main/java/hudson/PluginManager.java  | 14 +++++
 .../main/java/hudson/model/UpdateSite.java    | 52 +++++++++++--------
 .../hudson/PluginManager/table.jelly          |  5 +-
 3 files changed, 48 insertions(+), 23 deletions(-)

diff --git a/core/src/main/java/hudson/PluginManager.java b/core/src/main/java/hudson/PluginManager.java
index 7ffbbf40d9..2314514ea0 100644
--- a/core/src/main/java/hudson/PluginManager.java
+++ b/core/src/main/java/hudson/PluginManager.java
@@ -144,6 +144,7 @@ import java.io.ByteArrayInputStream;
 import java.net.JarURLConnection;
 import java.net.URLConnection;
 import java.util.ServiceLoader;
+import java.util.function.Supplier;
 import java.util.jar.JarEntry;
 
 import static java.util.logging.Level.FINE;
@@ -1816,6 +1817,19 @@ public abstract class PluginManager extends AbstractModelObject implements OnMas
         return requestedPlugins;
     }
 
+    @Restricted(DoNotUse.class) // table.jelly
+    public MetadataCache createCache() {
+        return new MetadataCache();
+    }
+
+    @Restricted(NoExternalUse.class) // table.jelly
+    public static final class MetadataCache {
+        private final Map<String, Object> data = new HashMap<>();
+        public <T> T of(String key, Class<T> type, Supplier<T> func) {
+            return type.cast(data.computeIfAbsent(key, _ignored -> func.get()));
+        }
+    }
+
     /**
      * {@link ClassLoader} that can see all plugins.
      */
diff --git a/core/src/main/java/hudson/model/UpdateSite.java b/core/src/main/java/hudson/model/UpdateSite.java
index 5771bf1e54..e19ac35d9b 100644
--- a/core/src/main/java/hudson/model/UpdateSite.java
+++ b/core/src/main/java/hudson/model/UpdateSite.java
@@ -120,11 +120,6 @@ public class UpdateSite {
      */
     private transient volatile long retryWindow;
 
-    /**
-     * lastModified time of the data file when it was last read.
-     */
-    private transient long dataLastReadFromFile;
-
     /**
      * Latest data as read from the data file.
      */
@@ -226,6 +221,7 @@ public class UpdateSite {
         LOGGER.info("Obtained the latest update center data file for UpdateSource " + id);
         retryWindow = 0;
         getDataFile().write(json);
+        data = new Data(o);
         return FormValidation.ok();
     }
 
@@ -309,23 +305,20 @@ public class UpdateSite {
     public HttpResponse doInvalidateData() {
         Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
         dataTimestamp = 0;
+        data = null;
         return HttpResponses.ok();
     }
 
     /**
-     * Loads the update center data, if any and if modified since last read.
+     * Loads the update center data, if any.
      *
      * @return  null if no data is available.
      */
     public Data getData() {
-        TextFile df = getDataFile();
-        if (df.exists() && dataLastReadFromFile != df.file.lastModified()) {
+        if (data == null) {
             JSONObject o = getJSONObject();
-            if (o!=null) {
+            if (o != null) {
                 data = new Data(o);
-                dataLastReadFromFile = df.file.lastModified();
-            } else {
-                data = null;
             }
         }
         return data;
@@ -1094,10 +1087,19 @@ public class UpdateSite {
         }
 
         public boolean isNeededDependenciesForNewerJenkins() {
-            for (Plugin p: getNeededDependencies()) {
-                if (p.isForNewerHudson() || p.isNeededDependenciesForNewerJenkins()) return true;
-            }
-            return false;
+            return isNeededDependenciesForNewerJenkins(new PluginManager.MetadataCache());
+        }
+
+        @Restricted(NoExternalUse.class) // table.jelly
+        public boolean isNeededDependenciesForNewerJenkins(PluginManager.MetadataCache cache) {
+            return cache.of("isNeededDependenciesForNewerJenkins:" + name, Boolean.class, () -> {
+                for (Plugin p : getNeededDependencies()) {
+                    if (p.isForNewerHudson() || p.isNeededDependenciesForNewerJenkins()) {
+                        return true;
+                    }
+                }
+                return false;
+            });
         }
 
         /**
@@ -1109,11 +1111,19 @@ public class UpdateSite {
          * specified, it'll return true.
          */
         public boolean isNeededDependenciesCompatibleWithInstalledVersion() {
-            for (Plugin p: getNeededDependencies()) {
-                if (!p.isCompatibleWithInstalledVersion() || !p.isNeededDependenciesCompatibleWithInstalledVersion())
-                    return false;
-            }
-            return true;
+            return isNeededDependenciesCompatibleWithInstalledVersion(new PluginManager.MetadataCache());
+        }
+
+        @Restricted(NoExternalUse.class) // table.jelly
+        public boolean isNeededDependenciesCompatibleWithInstalledVersion(PluginManager.MetadataCache cache) {
+            return cache.of("isNeededDependenciesCompatibleWithInstalledVersion:" + name, Boolean.class, () -> {
+                for (Plugin p : getNeededDependencies()) {
+                    if (!p.isCompatibleWithInstalledVersion() || !p.isNeededDependenciesCompatibleWithInstalledVersion()) {
+                        return false;
+                    }
+                }
+                return true;
+            });
         }
 
         /**
diff --git a/core/src/main/resources/hudson/PluginManager/table.jelly b/core/src/main/resources/hudson/PluginManager/table.jelly
index 52fed76549..26dafbc2fc 100644
--- a/core/src/main/resources/hudson/PluginManager/table.jelly
+++ b/core/src/main/resources/hudson/PluginManager/table.jelly
@@ -72,6 +72,7 @@ THE SOFTWARE.
             <j:choose>
               <j:when test="${!empty(list)}">
                 <j:set var="lastCat" value="" />
+                <j:set var="cache" value="${it.createCache()}"/>
                 <j:forEach var="p" items="${list}">
                   <j:if test="${!isUpdates}">
                     <j:set var="thisCat" value="${p.category}" />
@@ -105,10 +106,10 @@ THE SOFTWARE.
                       <j:if test="${p.isForNewerHudson()}">
                         <div class="compatWarning">${%coreWarning(p.requiredCore)}</div>
                       </j:if>
-                      <j:if test="${!p.isNeededDependenciesCompatibleWithInstalledVersion()}">
+                      <j:if test="${!p.isNeededDependenciesCompatibleWithInstalledVersion(cache)}">
                         <div class="compatWarning">${%depCompatWarning}</div>
                       </j:if>
-                      <j:if test="${p.isNeededDependenciesForNewerJenkins()}">
+                      <j:if test="${p.isNeededDependenciesForNewerJenkins(cache)}">
                         <div class="compatWarning">${%depCoreWarning(p.getNeededDependenciesRequiredCore().toString())}</div>
                       </j:if>
                       <j:if test="${p.hasWarnings()}">
-- 
GitLab


From 901894c1beb1dffb279d4c293f8451d11e084de4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20Gond=C5=BEa?= <ogondza@gmail.com>
Date: Wed, 9 May 2018 12:57:03 +0200
Subject: [PATCH 403/863] Bump ATH version to latest to consume the timeout fix

---
 essentials.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/essentials.yml b/essentials.yml
index 2d1b1090de..7008eb14d6 100644
--- a/essentials.yml
+++ b/essentials.yml
@@ -1,6 +1,6 @@
 ---
 ath:
   useLocalSnapshots: false
-  athRevision: "06caf67d37d945ec5228a80d73714fac692c28d3"
+  athRevision: "d74f39e5ac369106876c20495031cd2499f3aa3a"
   tests:
     - '*'
-- 
GitLab


From 67b1328385a9272d8c911b52ac5012b2a90da65f Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 9 May 2018 14:17:12 -0400
Subject: [PATCH 404/863] Fix revision.

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 7e9a1bef10..1b7c21443e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.121</revision>
+    <revision>2.122</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
-- 
GitLab


From 0268cc99293ba985fe0a919e8c0633e33174f049 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 9 May 2018 15:17:02 -0400
Subject: [PATCH 405/863] Remove ${build.version} property in favor of
 ${project.version}.

---
 .mvn/extensions.xml                           |  2 +-
 cli/pom.xml                                   |  2 +-
 .../cli/jenkins-cli-version.properties        |  2 +-
 core/pom.xml                                  |  1 +
 .../hudson/model/hudson-version.properties    |  2 +-
 .../jenkins/model/jenkins-version.properties  |  2 +-
 core/src/main/java/jenkins/model/Jenkins.java |  2 +-
 pom.xml                                       | 73 -------------------
 8 files changed, 7 insertions(+), 79 deletions(-)

diff --git a/.mvn/extensions.xml b/.mvn/extensions.xml
index b2d9947894..9ad1dc3aed 100644
--- a/.mvn/extensions.xml
+++ b/.mvn/extensions.xml
@@ -2,6 +2,6 @@
   <extension>
     <groupId>io.jenkins.tools</groupId>
     <artifactId>git-changelist-maven-extension</artifactId>
-    <version>1.0-alpha-3</version>
+    <version>1.0-beta-1</version>
   </extension>
 </extensions>
diff --git a/cli/pom.xml b/cli/pom.xml
index 3d32d9a4f7..d54dac5918 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -99,7 +99,7 @@
                   <mainClass>hudson.cli.CLI</mainClass>
                 </manifest>
                 <manifestEntries>
-                  <Jenkins-CLI-Version>${build.version}</Jenkins-CLI-Version>
+                  <Jenkins-CLI-Version>${project.version}</Jenkins-CLI-Version>
                 </manifestEntries>
               </archive>
             </configuration>
diff --git a/cli/src/filter/resources/jenkins/cli/jenkins-cli-version.properties b/cli/src/filter/resources/jenkins/cli/jenkins-cli-version.properties
index 39b91895a2..defbd48204 100644
--- a/cli/src/filter/resources/jenkins/cli/jenkins-cli-version.properties
+++ b/cli/src/filter/resources/jenkins/cli/jenkins-cli-version.properties
@@ -1 +1 @@
-version=${build.version}
+version=${project.version}
diff --git a/core/pom.xml b/core/pom.xml
index 91d8b7a889..0d5c3f2c27 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -644,6 +644,7 @@ THE SOFTWARE.
         <plugin>
          <groupId>org.codehaus.mojo</groupId>
          <artifactId>build-helper-maven-plugin</artifactId>
+         <version>1.7</version>
          <executions>
              <execution>
                  <id>add-source</id>
diff --git a/core/src/filter/resources/hudson/model/hudson-version.properties b/core/src/filter/resources/hudson/model/hudson-version.properties
index 9b9343d10d..defbd48204 100644
--- a/core/src/filter/resources/hudson/model/hudson-version.properties
+++ b/core/src/filter/resources/hudson/model/hudson-version.properties
@@ -1 +1 @@
-version=${build.version}
\ No newline at end of file
+version=${project.version}
diff --git a/core/src/filter/resources/jenkins/model/jenkins-version.properties b/core/src/filter/resources/jenkins/model/jenkins-version.properties
index 9b9343d10d..defbd48204 100644
--- a/core/src/filter/resources/jenkins/model/jenkins-version.properties
+++ b/core/src/filter/resources/jenkins/model/jenkins-version.properties
@@ -1 +1 @@
-version=${build.version}
\ No newline at end of file
+version=${project.version}
diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index 9042877ccd..a7734f503d 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -4945,7 +4945,7 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
         }
         String ver = props.getProperty("version");
         if(ver==null)   ver = UNCOMPUTED_VERSION;
-        if(Main.isDevelopmentMode && "${build.version}".equals(ver)) {
+        if(Main.isDevelopmentMode && "${project.version}".equals(ver)) {
             // in dev mode, unable to get version (ahem Eclipse)
             try {
                 File dir = new File(".").getAbsoluteFile();
diff --git a/pom.xml b/pom.xml
index 1b7c21443e..4ee7fc85c7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -81,7 +81,6 @@ THE SOFTWARE.
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
     but this suppresses a warning from Maven, and as long as we don't do filtering we should be OK. -->
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-    <build.type>private</build.type>
 
     <!-- configuration for patch tracker plugin  -->
     <project.patchManagement.system>github</project.patchManagement.system>
@@ -305,50 +304,6 @@ THE SOFTWARE.
     </resources>
     <pluginManagement>
       <plugins>
-        <plugin>
-          <groupId>org.codehaus.mojo</groupId>
-          <artifactId>build-helper-maven-plugin</artifactId>
-          <version>1.7</version>
-          <executions>
-            <execution>
-              <id>timestamp-property</id>
-              <goals>
-                <goal>timestamp-property</goal>
-              </goals>
-              <configuration>
-                <name>now</name>
-                <pattern>MM/dd/yyyy HH:mm z</pattern>
-                <locale>en_US</locale>
-              </configuration>
-            </execution>
-            <execution>
-            <id>user.name</id>
-            <goals>
-              <goal>regex-property</goal>
-            </goals>
-            <configuration>
-              <name>user.name.escaped</name>
-              <value>${user.name}</value>
-              <regex>([$\\])</regex>
-              <replacement>\\$1</replacement>
-              <failIfNoMatch>false</failIfNoMatch>
-            </configuration>
-          </execution>
-          <execution>
-              <id>version-property</id>
-              <goals>
-                <goal>regex-property</goal>
-              </goals>
-              <configuration>
-                <name>build.version</name>
-                <value>${project.version}</value>
-                <regex>-SNAPSHOT</regex>
-                <replacement>-SNAPSHOT (${build.type}-${now}-${user.name.escaped})</replacement>
-                <failIfNoMatch>false</failIfNoMatch>
-              </configuration>
-            </execution>
-          </executions>
-        </plugin>
         <plugin>
           <groupId>org.apache.maven.plugins</groupId>
           <artifactId>maven-deploy-plugin</artifactId>
@@ -550,10 +505,6 @@ THE SOFTWARE.
     </pluginManagement>
 
     <plugins>
-      <plugin>
-        <groupId>org.codehaus.mojo</groupId>
-        <artifactId>build-helper-maven-plugin</artifactId>
-      </plugin>
       <plugin>
         <artifactId>maven-release-plugin</artifactId>
         <configuration>
@@ -660,30 +611,6 @@ THE SOFTWARE.
   </build>
 
   <profiles>
-    <profile>
-      <id>rc</id>
-      <properties>
-        <build.type>rc</build.type>
-      </properties>
-      <build>
-        <pluginManagement>
-          <plugins>
-            <plugin>
-              <groupId>org.codehaus.mojo</groupId>
-              <artifactId>build-helper-maven-plugin</artifactId>
-              <executions>
-                <execution>
-                  <id>version-property</id>
-                  <configuration>
-                    <replacement>-RC (${now})</replacement>
-                  </configuration>
-                </execution>
-              </executions>
-            </plugin>
-          </plugins>
-        </pluginManagement>
-      </build>
-    </profile>
     <profile>
       <id>metrics</id>
       <build>
-- 
GitLab


From bc80a66ce13bf07dc9078e1dcf3d5ba9e907dace Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 9 May 2018 16:43:17 -0400
Subject: [PATCH 406/863] Simplified usage of flatten-maven-plugin.

---
 .gitignore | 1 -
 pom.xml    | 4 ++--
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/.gitignore b/.gitignore
index b7c6beee06..3cde4d575d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,5 +1,4 @@
 target
-.flattened-pom.xml
 work
 
 # IntelliJ project files 
diff --git a/pom.xml b/pom.xml
index 1b7c21443e..0ab2b9aaa7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci</groupId>
     <artifactId>jenkins</artifactId>
-    <version>1.44</version>
+    <version>1.45-20180509.203006-1</version> <!-- TODO https://github.com/jenkinsci/pom/pull/24 -->
     <relativePath />
   </parent>
 
@@ -114,7 +114,7 @@ THE SOFTWARE.
     <!-- TODO: JENKINS-36716 - Switch to Medium once FindBugs is cleaned up, 430 issues on Mar 10, 2018 -->
     <findbugs.effort>Max</findbugs.effort>
     <findbugs.threshold>High</findbugs.threshold>
-    <findbugs.excludeFilterFile>../src/findbugs/findbugs-excludes.xml</findbugs.excludeFilterFile>
+    <findbugs.excludeFilterFile>${project.basedir}/../src/findbugs/findbugs-excludes.xml</findbugs.excludeFilterFile>
   </properties>
 
   <!-- Note that the 'repositories' and 'pluginRepositories' blocks below are actually copy-pasted
-- 
GitLab


From 1299fc60468afca4b14cfb075c83791a863b0b0e Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Thu, 10 May 2018 08:55:05 +1200
Subject: [PATCH 407/863] Capture the corresponding branch/tag in
 jenkinsci/packaging to be used.

---
 packaging-ref.txt | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 packaging-ref.txt

diff --git a/packaging-ref.txt b/packaging-ref.txt
new file mode 100644
index 0000000000..1f7391f92b
--- /dev/null
+++ b/packaging-ref.txt
@@ -0,0 +1 @@
+master
-- 
GitLab


From c5d0ce0044afa000836fc1c50c2c059d0ef0cb17 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Thu, 10 May 2018 08:55:05 +1200
Subject: [PATCH 408/863] Capture the corresponding branch/tag in
 jenkinsci/packaging to be used.

---
 packaging-ref.txt | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 packaging-ref.txt

diff --git a/packaging-ref.txt b/packaging-ref.txt
new file mode 100644
index 0000000000..a81768d6a5
--- /dev/null
+++ b/packaging-ref.txt
@@ -0,0 +1 @@
+stable-2.60
-- 
GitLab


From 9506c86f155acb57dbfc06bc44420aa17bb126d2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20Gond=C5=BEa?= <ogondza@gmail.com>
Date: Thu, 10 May 2018 13:06:32 +0200
Subject: [PATCH 409/863] Towards 2.121.1

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 8db5c98be2..557be25357 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121</version>
+    <version>2.121.1-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index c17f7ec1d6..de50185d24 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121</version>
+    <version>2.121.1-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 66cc79f91e..4b1d35f45e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.121</version>
+  <version>2.121.1-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.121</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index c99682c1c4..e3083a84aa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121</version>
+    <version>2.121.1-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index fb0f31a18f..b00b967c9c 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121</version>
+    <version>2.121.1-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From fbadb6174a48a97bd47384a4b6226736cf153a50 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20Gond=C5=BEa?= <ogondza@gmail.com>
Date: Wed, 9 May 2018 12:57:03 +0200
Subject: [PATCH 410/863] Bump ATH version to latest to consume the timeout fix

(cherry picked from commit 901894c1beb1dffb279d4c293f8451d11e084de4)
---
 essentials.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/essentials.yml b/essentials.yml
index c1d2a77dcc..7008eb14d6 100644
--- a/essentials.yml
+++ b/essentials.yml
@@ -1,6 +1,6 @@
 ---
 ath:
   useLocalSnapshots: false
-  athRevision: "06caf67d37d945ec5228a80d73714fac692c28d3"
-  categories:
-    - org.jenkinsci.test.acceptance.junit.SmokeTest
+  athRevision: "d74f39e5ac369106876c20495031cd2499f3aa3a"
+  tests:
+    - '*'
-- 
GitLab


From 51e0da8ed23d56eb85882937b9a96b7c4aa3c542 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Thu, 10 May 2018 10:35:51 -0400
Subject: [PATCH 411/863] [JENKINS-51247] source:jar, not source:jar-no-fork

---
 .mvn/extensions.xml | 2 +-
 pom.xml             | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.mvn/extensions.xml b/.mvn/extensions.xml
index b2d9947894..9ad1dc3aed 100644
--- a/.mvn/extensions.xml
+++ b/.mvn/extensions.xml
@@ -2,6 +2,6 @@
   <extension>
     <groupId>io.jenkins.tools</groupId>
     <artifactId>git-changelist-maven-extension</artifactId>
-    <version>1.0-alpha-3</version>
+    <version>1.0-beta-1</version>
   </extension>
 </extensions>
diff --git a/pom.xml b/pom.xml
index 0ab2b9aaa7..43de3aac28 100644
--- a/pom.xml
+++ b/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci</groupId>
     <artifactId>jenkins</artifactId>
-    <version>1.45-20180509.203006-1</version> <!-- TODO https://github.com/jenkinsci/pom/pull/24 -->
+    <version>1.45-20180510.143454-3</version> <!-- TODO https://github.com/jenkinsci/pom/pull/24 -->
     <relativePath />
   </parent>
 
-- 
GitLab


From b043385d4710f1e917abda984e18beb1a87c14d9 Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Thu, 10 May 2018 12:26:34 -0400
Subject: [PATCH 412/863] Remove stray space before period

---
 core/src/main/resources/hudson/model/Api/index.jelly | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/hudson/model/Api/index.jelly b/core/src/main/resources/hudson/model/Api/index.jelly
index 6985eda72d..082c66400e 100644
--- a/core/src/main/resources/hudson/model/Api/index.jelly
+++ b/core/src/main/resources/hudson/model/Api/index.jelly
@@ -137,7 +137,7 @@ THE SOFTWARE.
       </ul>
 
       <p>
-        Another way to retrieve more data is to use the <tt>depth=N</tt> query parameter .
+        Another way to retrieve more data is to use the <tt>depth=N</tt> query parameter.
         This retrieves all the data up to the specified depth.
         Compare <a href="xml">depth=0</a> and <a href="xml?depth=1">depth=1</a> and see what the difference
         is for yourself. Also note that data created by a smaller depth value is always a subset of
-- 
GitLab


From 2b4288155a95d9810c58308234254ee6afa91f56 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Thu, 10 May 2018 14:24:08 -0400
Subject: [PATCH 413/863] [JENKINS-51187] Moving git-changelist-maven-extension
 into incrementals-tools.

---
 .mvn/extensions.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.mvn/extensions.xml b/.mvn/extensions.xml
index b2d9947894..db1d854113 100644
--- a/.mvn/extensions.xml
+++ b/.mvn/extensions.xml
@@ -1,7 +1,7 @@
 <extensions xmlns="http://maven.apache.org/EXTENSIONS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/EXTENSIONS/1.0.0 http://maven.apache.org/xsd/core-extensions-1.0.0.xsd">
   <extension>
-    <groupId>io.jenkins.tools</groupId>
+    <groupId>io.jenkins.tools.incrementals</groupId>
     <artifactId>git-changelist-maven-extension</artifactId>
-    <version>1.0-alpha-3</version>
+    <version>1.0-beta-2</version>
   </extension>
 </extensions>
-- 
GitLab


From e3d5bb9ddf6f8bb578df407adcc80c766747238e Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Fri, 11 May 2018 13:50:25 -0400
Subject: [PATCH 414/863] Queue API: do not end status with period

None of the other messages do...
---
 core/src/main/resources/hudson/model/Messages.properties | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/src/main/resources/hudson/model/Messages.properties b/core/src/main/resources/hudson/model/Messages.properties
index df9d52bf89..b7562fbabf 100644
--- a/core/src/main/resources/hudson/model/Messages.properties
+++ b/core/src/main/resources/hudson/model/Messages.properties
@@ -43,8 +43,8 @@ AbstractProject.AwaitingBuildForWorkspace=Awaiting build to get a workspace.
 AbstractProject.AwaitingWorkspaceToComeOnline=We need to schedule a new build to get a workspace, but deferring {0}ms in the hope that one will become available soon
 AbstractProject.Pronoun=Project
 AbstractProject.Aborted=Aborted
-AbstractProject.UpstreamBuildInProgress=Upstream project {0} is already building.
-AbstractProject.DownstreamBuildInProgress=Downstream project {0} is already building.
+AbstractProject.UpstreamBuildInProgress=Upstream project {0} is already building
+AbstractProject.DownstreamBuildInProgress=Downstream project {0} is already building
 AbstractProject.Disabled=Build disabled
 AbstractProject.NoBuilds=No existing build. Scheduling a new one.
 AbstractProject.NoSCM=No SCM
-- 
GitLab


From 91ddc6fca78e09efe25ced0409def4cd62c811aa Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Fri, 11 May 2018 14:22:53 -0400
Subject: [PATCH 415/863] Queue API: use fancy quotes around
 nodes/labels/projects

---
 .../resources/hudson/model/Messages.properties | 18 +++++++++---------
 .../BecauseLabelIsBusy/summary.properties      |  2 +-
 .../BecauseNodeIsBusy/summary.properties       |  2 +-
 3 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/core/src/main/resources/hudson/model/Messages.properties b/core/src/main/resources/hudson/model/Messages.properties
index b7562fbabf..a8f1d9a5aa 100644
--- a/core/src/main/resources/hudson/model/Messages.properties
+++ b/core/src/main/resources/hudson/model/Messages.properties
@@ -43,8 +43,8 @@ AbstractProject.AwaitingBuildForWorkspace=Awaiting build to get a workspace.
 AbstractProject.AwaitingWorkspaceToComeOnline=We need to schedule a new build to get a workspace, but deferring {0}ms in the hope that one will become available soon
 AbstractProject.Pronoun=Project
 AbstractProject.Aborted=Aborted
-AbstractProject.UpstreamBuildInProgress=Upstream project {0} is already building
-AbstractProject.DownstreamBuildInProgress=Downstream project {0} is already building
+AbstractProject.UpstreamBuildInProgress=Upstream project \u2018{0}\u2019 is already building
+AbstractProject.DownstreamBuildInProgress=Downstream project \u2018{0}\u2019 is already building
 AbstractProject.Disabled=Build disabled
 AbstractProject.NoBuilds=No existing build. Scheduling a new one.
 AbstractProject.NoSCM=No SCM
@@ -193,14 +193,14 @@ ManageJenkinsAction.DisplayName=Manage Jenkins
 MultiStageTimeSeries.EMPTY_STRING=
 Queue.AllNodesOffline=All nodes of label \u2018{0}\u2019 are offline
 Queue.LabelHasNoNodes=There are no nodes with the label \u2018{0}\u2019
-Queue.BlockedBy=Blocked by {0}
+Queue.BlockedBy=Blocked by \u2018{0}\u2019
 Queue.HudsonIsAboutToShutDown=Jenkins is about to shut down
 Queue.InProgress=A build is already in progress
 Queue.InQuietPeriod=In the quiet period. Expires in {0}
-Queue.NodeOffline={0} is offline
+Queue.NodeOffline=\u2018{0}\u2019 is offline
 Queue.Unknown=???
 Queue.WaitingForNextAvailableExecutor=Waiting for next available executor
-Queue.WaitingForNextAvailableExecutorOn=Waiting for next available executor on {0}
+Queue.WaitingForNextAvailableExecutorOn=Waiting for next available executor on \u2018{0}\u2019
 Queue.init=Restoring the build queue
 Queue.node_has_been_removed_from_configuration={0} has been removed from configuration
 Queue.executor_slot_already_in_use=Executor slot already in use
@@ -341,10 +341,10 @@ ChoiceParameterDefinition.MissingChoices=Requires Choices.
 RunParameterDefinition.DisplayName=Run Parameter
 PasswordParameterDefinition.DisplayName=Password Parameter
 
-Node.BecauseNodeIsReserved={0} is reserved for jobs with matching label expression
-Node.BecauseNodeIsNotAcceptingTasks={0} is not accepting tasks
-Node.LabelMissing={0} doesn\u2019t have label {1}
-Node.LackingBuildPermission={0} lacks permission to run on {1}
+Node.BecauseNodeIsReserved=\u2018{0}\u2019 is reserved for jobs with matching label expression
+Node.BecauseNodeIsNotAcceptingTasks=\u2018{0}\u2019 is not accepting tasks
+Node.LabelMissing=\u2018{0}\u2019 doesn\u2019t have label \u2018{1}\u2019
+Node.LackingBuildPermission=\u2018{0}\u2019 lacks permission to run on \u2018{1}\u2019
 Node.Mode.NORMAL=Use this node as much as possible
 Node.Mode.EXCLUSIVE=Only build jobs with label expressions matching this node
 
diff --git a/core/src/main/resources/hudson/model/queue/CauseOfBlockage/BecauseLabelIsBusy/summary.properties b/core/src/main/resources/hudson/model/queue/CauseOfBlockage/BecauseLabelIsBusy/summary.properties
index 7f61c09183..b287883239 100644
--- a/core/src/main/resources/hudson/model/queue/CauseOfBlockage/BecauseLabelIsBusy/summary.properties
+++ b/core/src/main/resources/hudson/model/queue/CauseOfBlockage/BecauseLabelIsBusy/summary.properties
@@ -21,4 +21,4 @@
 # THE SOFTWARE.
 
 # note for translators: this message is referenced from st:structuredMessageFormat
-description=Waiting for next available executor on {0}
\ No newline at end of file
+description=Waiting for next available executor on \u2018{0}\u2019
diff --git a/core/src/main/resources/hudson/model/queue/CauseOfBlockage/BecauseNodeIsBusy/summary.properties b/core/src/main/resources/hudson/model/queue/CauseOfBlockage/BecauseNodeIsBusy/summary.properties
index e8e094ee2f..35996788e5 100644
--- a/core/src/main/resources/hudson/model/queue/CauseOfBlockage/BecauseNodeIsBusy/summary.properties
+++ b/core/src/main/resources/hudson/model/queue/CauseOfBlockage/BecauseNodeIsBusy/summary.properties
@@ -21,4 +21,4 @@
 # THE SOFTWARE.
 
 # note for translators: this message is referenced from st:structuredMessageFormat
-description=Waiting for next available executor on {0}
\ No newline at end of file
+description=Waiting for next available executor on \u2018{0}\u2019
-- 
GitLab


From 86cfcba479b82ecd4d6a3af54a0160b168576dd5 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Fri, 11 May 2018 14:38:32 -0400
Subject: [PATCH 416/863] No need to be touching .mvn/extensions.xml here.

---
 .mvn/extensions.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.mvn/extensions.xml b/.mvn/extensions.xml
index 9ad1dc3aed..b2d9947894 100644
--- a/.mvn/extensions.xml
+++ b/.mvn/extensions.xml
@@ -2,6 +2,6 @@
   <extension>
     <groupId>io.jenkins.tools</groupId>
     <artifactId>git-changelist-maven-extension</artifactId>
-    <version>1.0-beta-1</version>
+    <version>1.0-alpha-3</version>
   </extension>
 </extensions>
-- 
GitLab


From cc9425039aa2f8f46153e404c226cf98b0e65659 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Mon, 14 May 2018 00:24:54 +0200
Subject: [PATCH 417/863] [JENKINS-51179] - Reproduce the issue in Test

---
 .../java/hudson/model/FingerprintTest.java     | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/test/src/test/java/hudson/model/FingerprintTest.java b/test/src/test/java/hudson/model/FingerprintTest.java
index 1aa139db49..ff5214063f 100644
--- a/test/src/test/java/hudson/model/FingerprintTest.java
+++ b/test/src/test/java/hudson/model/FingerprintTest.java
@@ -23,6 +23,7 @@
  */
 package hudson.model;
 
+import hudson.XmlFile;
 import hudson.security.ACL;
 import hudson.security.ACLContext;
 import hudson.security.AuthorizationMatrixProperty;
@@ -30,6 +31,8 @@ import hudson.security.Permission;
 import hudson.security.ProjectMatrixAuthorizationStrategy;
 import hudson.tasks.ArtifactArchiver;
 import hudson.tasks.Fingerprinter;
+
+import java.io.File;
 import java.io.IOException;
 import java.util.Arrays;
 import java.util.HashMap;
@@ -50,6 +53,7 @@ import org.jvnet.hudson.test.MockFolder;
 import org.jvnet.hudson.test.SecuredMockFolder;
 import org.jvnet.hudson.test.WorkspaceCopyFileBuilder;
 
+import static org.hamcrest.Matchers.containsString;
 import static org.junit.Assert.*;
 import static org.hamcrest.Matchers.notNullValue;
 import static org.hamcrest.Matchers.nullValue;
@@ -115,6 +119,20 @@ public class FingerprintTest {
         assertTrue("Usages do not have a reference to " + project, usages.containsKey(project.getName()));
         assertTrue("Usages do not have a reference to " + project2, usages.containsKey(project2.getName()));       
     }
+
+    @Test
+    @Issue("JENKINS-51179")
+    public void shouldThrowIOExceptionWhenFileIsInvalid() throws Exception {
+        XmlFile f = new XmlFile(new File(rule.jenkins.getRootDir(), "foo.xml"));
+        f.write("Hello, world!");
+        try {
+            Fingerprint.load(f.getFile());
+        } catch (IOException ex) {
+            assertThat(ex.getMessage(), containsString("Unexpected Fingerprint type"));
+            return;
+        }
+        fail("Expected IOException");
+    }
     
     @Test
     @Issue("SECURITY-153")
-- 
GitLab


From 922617509eccbcb89ad3bb8b5f6e33bd5a8182c0 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Mon, 14 May 2018 00:25:24 +0200
Subject: [PATCH 418/863] [JENKINS-51179] - Check type of the loaded object
 when loading fingerprints

---
 core/src/main/java/hudson/model/Fingerprint.java | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/model/Fingerprint.java b/core/src/main/java/hudson/model/Fingerprint.java
index 2e0a7ce166..cb130e2c61 100644
--- a/core/src/main/java/hudson/model/Fingerprint.java
+++ b/core/src/main/java/hudson/model/Fingerprint.java
@@ -1366,7 +1366,12 @@ public class Fingerprint implements ModelObject, Saveable {
             start = System.currentTimeMillis();
 
         try {
-            Fingerprint f = (Fingerprint) configFile.read();
+            Object loaded = configFile.read();
+            if (!(loaded instanceof Fingerprint)) {
+                throw new IOException("Unexpected Fingerprint type. Expected " + Fingerprint.class + " or subclass but got "
+                        + (loaded != null ? loaded.getClass() : "null"));
+            }
+            Fingerprint f = (Fingerprint) loaded;
             if(logger.isLoggable(Level.FINE))
                 logger.fine("Loading fingerprint "+file+" took "+(System.currentTimeMillis()-start)+"ms");
             if (f.facets==null)
-- 
GitLab


From 5b524805597d329393edf9e19630834d5430b899 Mon Sep 17 00:00:00 2001
From: suren <zxjlwt@126.com>
Date: Mon, 14 May 2018 10:06:15 +0800
Subject: [PATCH 419/863] Fix incorrect i18n resources

---
 .../GlobalSecurityConfiguration/index_zh_CN.properties        | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index_zh_CN.properties b/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index_zh_CN.properties
index 8863a8c607..d5e0d900b2 100644
--- a/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index_zh_CN.properties
+++ b/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index_zh_CN.properties
@@ -22,7 +22,7 @@
 
 LOADING=\u52A0\u8F7D\u4E2D
 Enable\ security=\u542F\u7528\u5B89\u5168
-Markup\ Formatter=
+Markup\ Formatter=\u6807\u8BB0\u683C\u5F0F\u5668
 
 Agents=\u4EE3\u7406
 Agent\ protocols=\u4EE3\u7406\u534F\u8BAE
@@ -33,4 +33,4 @@ Authorization=\u6388\u6743\u7B56\u7565
 Save=\u4FDD\u5B58
 Apply=\u5E94\u7528
 
-Disable remember me=\u4E0D\u8BB0\u4F4F\u6211
+Disable\ remember\ me=\u4E0D\u8981\u8BB0\u4F4F\u6211
-- 
GitLab


From 74c5b680eedd60e097941efbfcbb56382ae478bb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20Gond=C5=BEa?= <ogondza@gmail.com>
Date: Mon, 14 May 2018 10:38:37 +0200
Subject: [PATCH 420/863] Reference packaging branch

---
 packaging-ref.txt | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 packaging-ref.txt

diff --git a/packaging-ref.txt b/packaging-ref.txt
new file mode 100644
index 0000000000..7faeef1ea9
--- /dev/null
+++ b/packaging-ref.txt
@@ -0,0 +1 @@
+stable-2.121
-- 
GitLab


From 29b69b35549eea3c38d14b9c32c41097b52183f4 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 14 May 2018 12:40:16 -0400
Subject: [PATCH 421/863] Apparently #3431 broke the Maven release?

---
 .gitignore | 1 +
 pom.xml    | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/.gitignore b/.gitignore
index 3cde4d575d..b7c6beee06 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,5 @@
 target
+.flattened-pom.xml
 work
 
 # IntelliJ project files 
diff --git a/pom.xml b/pom.xml
index 1a4e045693..f9289fcd76 100644
--- a/pom.xml
+++ b/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci</groupId>
     <artifactId>jenkins</artifactId>
-    <version>1.45</version>
+    <version>1.44</version>
     <relativePath />
   </parent>
 
-- 
GitLab


From 82f90da4ddedf2d0f94d841f06b9f36b1cfea9a7 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 14 May 2018 14:35:17 -0400
Subject: [PATCH 422/863] Picking up https://github.com/jenkinsci/pom/pull/25.

---
 .gitignore | 1 -
 pom.xml    | 2 +-
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/.gitignore b/.gitignore
index b7c6beee06..3cde4d575d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,5 +1,4 @@
 target
-.flattened-pom.xml
 work
 
 # IntelliJ project files 
diff --git a/pom.xml b/pom.xml
index f9289fcd76..c17bdd2c87 100644
--- a/pom.xml
+++ b/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci</groupId>
     <artifactId>jenkins</artifactId>
-    <version>1.44</version>
+    <version>1.46-20180514.183442-1</version> <!-- TODO https://github.com/jenkinsci/pom/pull/25 -->
     <relativePath />
   </parent>
 
-- 
GitLab


From 261ddc1c9a610bffa61b6e9f559a27c363216f6d Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 14 May 2018 12:45:22 -0700
Subject: [PATCH 423/863] [maven-release-plugin] prepare release jenkins-2.122

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d54dac5918..47ddcb854c 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.122</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 0d5c3f2c27..b1bccfcdcd 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.122</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index f9289fcd76..ae5c29104e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.122</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.122</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..ccb5487c12 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.122</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 1af95e1d77..647ce3fb0a 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.122</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 84e0c40349d27817762f180a6dff7315ec7492ba Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 14 May 2018 12:45:22 -0700
Subject: [PATCH 424/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 47ddcb854c..4c58e4bdfd 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.122</version>
+    <version>2.123-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index b1bccfcdcd..d61795ce29 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.122</version>
+    <version>2.123-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index ae5c29104e..0efad2f2e7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.122</version>
+  <version>2.123-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.122</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index ccb5487c12..7acc88340a 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.122</version>
+    <version>2.123-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 647ce3fb0a..f3635ccaa7 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.122</version>
+    <version>2.123-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From cdda62c35a86e6955ed36169ba43593ac35bd2ce Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 14 May 2018 18:18:44 -0700
Subject: [PATCH 425/863] mvn incrementals:reincrementalify

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 4c58e4bdfd..d54dac5918 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.123-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index d61795ce29..0d5c3f2c27 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.123-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 0efad2f2e7..456ef8b608 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.123-SNAPSHOT</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.122</revision>
+    <revision>2.123</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 7acc88340a..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.123-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index f3635ccaa7..1af95e1d77 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.123-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From ee96b71b36713d4c60488d6b3ccb0a59dd8815ce Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Tue, 15 May 2018 12:14:20 +0200
Subject: [PATCH 426/863] Fix an at-since 2.119 typo

---
 core/src/main/java/hudson/FilePath.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/FilePath.java b/core/src/main/java/hudson/FilePath.java
index 790f290e4c..8cc9c9e085 100644
--- a/core/src/main/java/hudson/FilePath.java
+++ b/core/src/main/java/hudson/FilePath.java
@@ -922,7 +922,7 @@ public final class FilePath implements Serializable {
     /**
      * Copies the content of a URL to a remote file.
      * Unlike {@link #copyFrom} this will not transfer content over a Remoting channel.
-     * @since 2.119
+     * @since 2.118
      */
     @Restricted(Beta.class)
     public void copyFromRemotely(URL url) throws IOException, InterruptedException {
-- 
GitLab


From 2a08932f7b0272e695dd45c4452e3c525fa99005 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Tue, 15 May 2018 17:25:14 +0200
Subject: [PATCH 427/863] Address James' comment - also rename TokenId to
 TokenUuid everywhere

---
 .../jenkins/security/ApiTokenProperty.java    |  24 ++--
 .../security/apitoken/ApiTokenStats.java      |  10 +-
 .../security/apitoken/ApiTokenStore.java      | 103 +++++++++++++-----
 .../LegacyApiTokenAdministrativeMonitor.java  |   4 +-
 .../security/ApiTokenProperty/resources.js    |   6 +-
 .../security/apitoken/ApiTokenStatsTest.java  |  20 ++--
 .../bugs/JnlpAccessWithSecuredHudsonTest.java |   4 +-
 .../test/java/hudson/cli/CLIActionTest.java   |   3 +-
 .../HudsonHomeDiskUsageMonitorTest.java       |   4 +-
 .../src/test/java/hudson/model/ItemsTest.java |   4 +-
 test/src/test/java/hudson/model/JobTest.java  |   4 +-
 .../PasswordParameterDefinitionTest.java      |   4 +-
 .../src/test/java/hudson/model/QueueTest.java |   4 +-
 test/src/test/java/hudson/model/UserTest.java |   3 +-
 .../HudsonPrivateSecurityRealmTest.java       |   3 +-
 .../test/java/hudson/security/LoginTest.java  |   4 +-
 .../util/RobustReflectionConverterTest.java   |   4 +-
 .../test/java/jenkins/model/JenkinsTest.java  |   7 +-
 .../security/ApiCrumbExclusionTest.java       |   4 +-
 .../security/ApiTokenPropertyTest.java        |  21 ++--
 .../security/BasicHeaderProcessorTest.java    |   6 +-
 .../security/apitoken/ApiTokenStatsTest.java  |   4 +-
 .../security/apitoken/ApiTokenTestHelper.java |  36 ++++++
 ...gacyApiTokenAdministrativeMonitorTest.java |  15 ++-
 test/src/test/java/lib/form/PasswordTest.java |   4 +-
 25 files changed, 196 insertions(+), 109 deletions(-)
 create mode 100644 test/src/test/java/jenkins/security/apitoken/ApiTokenTestHelper.java

diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index 07c27bc822..c32277806f 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -129,7 +129,7 @@ public class ApiTokenProperty extends UserProperty {
             this.tokenStats = ApiTokenStats.load(user.getUserFolder());
         }
         if(this.apiToken != null){
-            this.tokenStore.generateTokenFromLegacy(this.apiToken);
+            this.tokenStore.regenerateTokenFromLegacyIfRequired(this.apiToken);
         }
     }
     
@@ -483,28 +483,28 @@ public class ApiTokenProperty extends UserProperty {
                 u.addProperty(p);
             }
             
-            ApiTokenStore.TokenIdAndPlainValue tokenIdAndPlainValue = p.tokenStore.generateNewToken(tokenName);
+            ApiTokenStore.TokenUuidAndPlainValue tokenUuidAndPlainValue = p.tokenStore.generateNewToken(tokenName);
             u.save();
             
             return HttpResponses.okJSON(new HashMap<String, String>() {{ 
-                put("tokenId", tokenIdAndPlainValue.tokenId); 
+                put("tokenUuid", tokenUuidAndPlainValue.tokenUuid); 
                 put("tokenName", tokenName); 
-                put("tokenValue", tokenIdAndPlainValue.plainValue); 
+                put("tokenValue", tokenUuidAndPlainValue.plainValue); 
             }});
         }
         
         @RequirePOST
         public HttpResponse doRename(@AncestorInPath User u,
-                                     @QueryParameter String tokenId, @QueryParameter String newName) throws IOException {
+                                     @QueryParameter String tokenUuid, @QueryParameter String newName) throws IOException {
             // only current user + administrator can rename token
             u.checkPermission(Jenkins.ADMINISTER);
     
             if (StringUtils.isBlank(newName)) {
                 return HttpResponses.errorJSON("The name cannot be empty");
             }
-            if(StringUtils.isBlank(tokenId)){
+            if(StringUtils.isBlank(tokenUuid)){
                 // using the web UI this should not occur
-                return HttpResponses.errorWithoutStack(400, "The tokenId cannot be empty");
+                return HttpResponses.errorWithoutStack(400, "The tokenUuid cannot be empty");
             }
             
             ApiTokenProperty p = u.getProperty(ApiTokenProperty.class);
@@ -512,7 +512,7 @@ public class ApiTokenProperty extends UserProperty {
                 return HttpResponses.errorWithoutStack(400, "The user does not have any ApiToken yet, try generating one before.");
             }
             
-            boolean renameOk = p.tokenStore.renameToken(tokenId, newName);
+            boolean renameOk = p.tokenStore.renameToken(tokenUuid, newName);
             if(!renameOk){
                 // that could potentially happen if the token is removed from another page
                 // between your page loaded and your action
@@ -526,13 +526,13 @@ public class ApiTokenProperty extends UserProperty {
         
         @RequirePOST
         public HttpResponse doRevoke(@AncestorInPath User u,
-                                     @QueryParameter String tokenId) throws IOException {
+                                     @QueryParameter String tokenUuid) throws IOException {
             // only current user + administrator can revoke token
             u.checkPermission(Jenkins.ADMINISTER);
             
-            if(StringUtils.isBlank(tokenId)){
+            if(StringUtils.isBlank(tokenUuid)){
                 // using the web UI this should not occur
-                return HttpResponses.errorWithoutStack(400, "The tokenId cannot be empty");
+                return HttpResponses.errorWithoutStack(400, "The tokenUuid cannot be empty");
             }
             
             ApiTokenProperty p = u.getProperty(ApiTokenProperty.class);
@@ -540,7 +540,7 @@ public class ApiTokenProperty extends UserProperty {
                 return HttpResponses.errorWithoutStack(400, "The user does not have any ApiToken yet, try generating one before.");
             }
             
-            ApiTokenStore.HashedToken revoked = p.tokenStore.revokeToken(tokenId);
+            ApiTokenStore.HashedToken revoked = p.tokenStore.revokeToken(tokenUuid);
             if(revoked != null){
                 if(revoked.isLegacy()){
                     // if the user revoked the API Token, we can delete it
diff --git a/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
index fd33af2f87..e7bb9b1472 100644
--- a/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
@@ -89,7 +89,7 @@ public class ApiTokenStats implements Saveable {
         this.tokenStats = new ArrayList<>(temp.values());
     }
     
-    public void setParent(@Nonnull File parent) {
+    void setParent(@Nonnull File parent) {
         this.parent = parent;
     }
     
@@ -170,9 +170,11 @@ public class ApiTokenStats implements Saveable {
     }
     
     /**
-     * Loads the data from the disk into this object.
+     * Loads the data from the disk into the new object.
+     * <p>
+     * If the file is not present, a fresh new instance is created.
      */
-    public static ApiTokenStats load(File parent) {
+    public static @Nonnull ApiTokenStats load(@Nonnull File parent) {
         // even if we are not using statistics, we load the existing one in case the configuration
         // is enabled afterwards to avoid erasing data
         
@@ -234,8 +236,8 @@ public class ApiTokenStats implements Saveable {
         }
         
         // used by Jelly view
-        
         /**
+         * Return the number of days since the last usage
          * Relevant only if the lastUseDate is not null
          */
         public long getNumDaysUse() {
diff --git a/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
index d3894899fa..9aff609738 100644
--- a/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
@@ -73,7 +73,7 @@ public class ApiTokenStore {
         this.init();
     }
     
-    public ApiTokenStore readResolve() {
+    private ApiTokenStore readResolve() {
         this.init();
         return this;
     }
@@ -117,11 +117,19 @@ public class ApiTokenStore {
         });
     }
     
+    /**
+     * Remove the legacy token present and generate a new one using the given secret.
+     */
     public synchronized void regenerateTokenFromLegacy(@Nonnull Secret newLegacyApiToken) {
         deleteAllLegacyAndGenerateNewOne(newLegacyApiToken);
     }
     
-    public synchronized void generateTokenFromLegacy(@Nonnull Secret newLegacyApiToken) {
+    /**
+     * Same as {@link #regenerateTokenFromLegacy(Secret)} but only applied if there is an existing legacy token. 
+     * <p>
+     * Otherwise, no effect.
+     */
+    public synchronized void regenerateTokenFromLegacyIfRequired(@Nonnull Secret newLegacyApiToken) {
         if(tokenList.stream().noneMatch(HashedToken::isLegacy)){
             deleteAllLegacyAndGenerateNewOne(newLegacyApiToken);
         }
@@ -149,7 +157,7 @@ public class ApiTokenStore {
     }
     
     /**
-     * @return null iff there is no legacy token in the store, otherwise the legacy token is returned
+     * @return {@code null} iff there is no legacy token in the store, otherwise the legacy token is returned
      */
     public synchronized @Nullable HashedToken getLegacyToken(){
         return tokenList.stream()
@@ -158,7 +166,11 @@ public class ApiTokenStore {
                 .orElse(null);
     }
     
-    public synchronized @Nonnull TokenIdAndPlainValue generateNewToken(@Nonnull String name) {
+    /**
+     * Create a new token with the given name and return it id and secret value. 
+     * Result meant to be sent / displayed and then discarded.
+     */
+    public synchronized @Nonnull TokenUuidAndPlainValue generateNewToken(@Nonnull String name) {
         // 16x8=128bit worth of randomness, using brute-force you need on average 2^127 tries (~10^37)
         byte[] random = new byte[16];
         RANDOM.nextBytes(random);
@@ -173,7 +185,7 @@ public class ApiTokenStore {
         
         this.addToken(token);
         
-        return new TokenIdAndPlainValue(token.uuid, tokenTheUserWillUse);
+        return new TokenUuidAndPlainValue(token.uuid, tokenTheUserWillUse);
     }
     
     @SuppressFBWarnings("NP_NONNULL_RETURN_VIOLATION")
@@ -197,6 +209,10 @@ public class ApiTokenStore {
         return digest.digest(tokenBytes);
     }
     
+    /**
+     * Search in the store if there is a token with the same secret as the one given
+     * @return {@code null} iff there is no matching token
+     */
     public synchronized @CheckForNull HashedToken findMatchingToken(@Nonnull String token) {
         String plainToken;
         if (isLegacyToken(token)) {
@@ -208,28 +224,34 @@ public class ApiTokenStore {
         return searchMatch(plainToken);
     }
     
-    private boolean isLegacyToken(@Nonnull String token) {
-        return token.length() != TOKEN_LENGTH_V2;
-    }
-    
     /**
-     * [2: version][32: real token]
-     * ^^^^^^^^^^^^----------------
+     * Determine if the given token was generated by the legacy system or the new one
      */
-    private @Nonnull String getVersionOfToken(@Nonnull String token) {
-        return token.substring(0, 2);
+    private boolean isLegacyToken(@Nonnull String token) {
+        return token.length() != TOKEN_LENGTH_V2;
     }
     
     /**
-     * [2: version][32: real token]
-     * ------------^^^^^^^^^^^^^^^^
+     * Retrieve the hash part of the token
+     * @param token assumed the token is not a legacy one and represent the full token (version + hash)
+     * @return the hash part
      */
     private @Nonnull String getHashOfToken(@Nonnull String token) {
+        /*
+         * Structure of the token:
+         * 
+         * [2: version][32: real token]
+         * ------------^^^^^^^^^^^^^^^^
+         */
         return token.substring(2);
     }
     
-    private @CheckForNull HashedToken searchMatch(@Nonnull String plainToken) {
-        byte[] hashedBytes = plainSecretToHashBytes(plainToken);
+    /**
+     * Search in the store if there is a matching token that has the same secret.
+     * @return {@code null} iff there is no matching token
+     */
+    private @CheckForNull HashedToken searchMatch(@Nonnull String plainSecret) {
+        byte[] hashedBytes = plainSecretToHashBytes(plainSecret);
         for (HashedToken token : tokenList) {
             if (token.match(hashedBytes)) {
                 return token;
@@ -239,6 +261,12 @@ public class ApiTokenStore {
         return null;
     }
     
+    /**
+     * Remove a token given its identifier. Effectively make it unusable for future connection.
+     * 
+     * @param tokenUuid The identifier of the token, could be retrieved directly from the {@link HashedToken#getUuid()}
+     * @return the revoked token corresponding to the given {@code tokenUuid} if one was found, otherwise {@code null}
+     */
     public synchronized @CheckForNull HashedToken revokeToken(@Nonnull String tokenUuid) {
         for (Iterator<HashedToken> iterator = tokenList.iterator(); iterator.hasNext(); ) {
             HashedToken token = iterator.next();
@@ -252,6 +280,10 @@ public class ApiTokenStore {
         return null;
     }
     
+    /**
+     * Given a token identifier and a name, the system will try to find a corresponding token and rename it
+     * @return {@code true} iff the token was found and the rename was successful
+     */
     public synchronized boolean renameToken(@Nonnull String tokenUuid, @Nonnull String newName) {
         for (HashedToken token : tokenList) {
             if (token.uuid.equals(tokenUuid)) {
@@ -264,29 +296,42 @@ public class ApiTokenStore {
         return false;
     }
     
-    /**
-     * [2: version][32: real token]
-     */
     @Immutable
     private static class HashValue {
-        /** To ease future implementation */
+        /**
+         * Allow to distinguish tokens from different versions easily to adapt the logic
+         */
         private final String version;
-        /** The only confidential information. The token is stored as a SHA-256 hash, in hex format */
+        /**
+         * Only confidential information in this class. It's a SHA-256 hash stored in hex format
+         */
         private final String hash;
         
-        public HashValue(String version, String hash) {
+        private HashValue(String version, String hash) {
             this.version = version;
             this.hash = hash;
         }
     }
     
+    /**
+     * Contains information about the token and the secret value.
+     * It should not be stored as is, but just displayed once to the user and then forget about it.
+     */
     @Immutable
-    public static class TokenIdAndPlainValue {
-        public final String tokenId;
+    public static class TokenUuidAndPlainValue {
+        /**
+         * The token identifier to allow manipulation of the token
+         */
+        public final String tokenUuid;
+        
+        /**
+         * Confidential information, must not be stored.<p>
+         * It's meant to be send only one to the user and then only store the hash of this value.
+         */
         public final String plainValue;
         
-        public TokenIdAndPlainValue(String tokenId, String plainValue) {
-            this.tokenId = tokenId;
+        private TokenUuidAndPlainValue(String tokenUuid, String plainValue) {
+            this.tokenUuid = tokenUuid;
             this.plainValue = plainValue;
         }
     }
@@ -302,8 +347,8 @@ public class ApiTokenStore {
         private HashedToken() {
             this.init();
         }
-        
-        public HashedToken readResolve() {
+    
+        private HashedToken readResolve() {
             this.init();
             return this;
         }
diff --git a/core/src/main/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor.java b/core/src/main/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor.java
index 3e2d7eb452..7c2a2ce1b0 100644
--- a/core/src/main/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor.java
+++ b/core/src/main/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor.java
@@ -171,11 +171,11 @@ public class LegacyApiTokenAdministrativeMonitor extends AdministrativeMonitor {
                 }else{
                     ApiTokenStore.HashedToken revokedToken = apiTokenProperty.getTokenStore().revokeToken(value.uuid);
                     if(revokedToken == null){
-                        LOGGER.log(Level.INFO, "User without selected token id={0}, tokenId={1}", new Object[]{value.userId, value.uuid});
+                        LOGGER.log(Level.INFO, "User without selected token id={0}, tokenUuid={1}", new Object[]{value.userId, value.uuid});
                     }else{
                         apiTokenProperty.deleteApiToken();
                         user.save();
-                        LOGGER.log(Level.INFO, "Revocation success for user id={0}, tokenId={1}", new Object[]{value.userId, value.uuid});
+                        LOGGER.log(Level.INFO, "Revocation success for user id={0}, tokenUuid={1}", new Object[]{value.userId, value.uuid});
                     }
                 }
             }
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js
index 3cd1914de7..2964e8ff75 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js
@@ -28,12 +28,12 @@ function revokeToken(anchorRevoke){
     var targetUrl = anchorRevoke.getAttribute('data-target-url');
     
     var inputUuid = repeatedChunk.querySelector('input.token-uuid-input');
-    var tokenId = inputUuid.value;
+    var tokenUuid = inputUuid.value;
 
     if(confirm(confirmMessage)){
         new Ajax.Request(targetUrl, {
             method: "post",
-            parameters: {tokenId: tokenId},
+            parameters: {tokenUuid: tokenUuid},
             onSuccess: function(rsp,_) {
                 if(repeatedChunk.querySelectorAll('.legacy-token').length > 0){
                     // we are revoking the legacy token
@@ -87,7 +87,7 @@ function saveApiToken(button){
                 tokenValueSpan.innerText = tokenValue;
                 tokenValueSpan.style.display = 'inline-block';
                 
-                var tokenUuid = json.data.tokenId;
+                var tokenUuid = json.data.tokenUuid;
                 var uuidInput = repeatedChunk.querySelector('[name="tokenUuid"]');
                 uuidInput.value = tokenUuid;
 
diff --git a/core/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java b/core/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java
index 714a3d153c..32cfe4b560 100644
--- a/core/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java
+++ b/core/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java
@@ -25,12 +25,14 @@ package jenkins.security.apitoken;
 
 import hudson.XmlFile;
 import org.apache.commons.io.FileUtils;
+import org.hamcrest.Matchers;
 import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.TemporaryFolder;
 import org.junit.runner.RunWith;
 import org.mockito.Mockito;
+import org.mockito.internal.matchers.LessOrEqual;
 import org.powermock.api.mockito.PowerMockito;
 import org.powermock.core.classloader.annotations.PrepareForTest;
 import org.powermock.modules.junit4.PowerMockRunner;
@@ -40,10 +42,11 @@ import java.time.temporal.ChronoUnit;
 import java.util.Date;
 import java.util.UUID;
 
+import static org.hamcrest.Matchers.*;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertNull;
-import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.assertThat;
 
 @RunWith(PowerMockRunner.class)
 @PrepareForTest(ApiTokenPropertyConfiguration.class)
@@ -96,7 +99,7 @@ public class ApiTokenStatsTest {
             lastUsage = stats.getLastUseDate();
             assertNotNull(lastUsage);
             // to avoid flaky test in case the test is run at midnight, normally it's 0 
-            assertTrue(stats.getNumDaysUse() <= 1);
+            assertThat(stats.getNumDaysUse(), lessThanOrEqualTo(1L));
         }
         
         // to enforce a difference in the lastUseDate
@@ -107,9 +110,10 @@ public class ApiTokenStatsTest {
             
             ApiTokenStats.SingleTokenStats stats = tokenStats.updateUsageForId(ID_1);
             assertEquals(2, stats.getUseCounter());
-            assertTrue(lastUsage.before(stats.getLastUseDate()));
-            // to avoid flaky test in case the test is run at midnight, normally it's 0 
-            assertTrue(stats.getNumDaysUse() <= 1);
+            assertThat(lastUsage, lessThan(stats.getLastUseDate()));
+            
+            // to avoid flaky test in case the test is run at midnight, normally it's 0
+            assertThat(stats.getNumDaysUse(), lessThanOrEqualTo(1L));
         }
         
         { // check all tokens have separate stats, try with another ID
@@ -125,7 +129,7 @@ public class ApiTokenStatsTest {
                 ApiTokenStats.SingleTokenStats stats = tokenStats.updateUsageForId(ID_2);
                 assertEquals(1, stats.getUseCounter());
                 assertNotNull(lastUsage);
-                assertTrue(stats.getNumDaysUse() <= 1);
+                assertThat(stats.getNumDaysUse(), lessThanOrEqualTo(1L));
             }
         }
         
@@ -206,7 +210,7 @@ public class ApiTokenStatsTest {
         ApiTokenStats tokenStats = new ApiTokenStats();
         tokenStats.setParent(tmp.getRoot());
         ApiTokenStats.SingleTokenStats stats = tokenStats.updateUsageForId(ID);
-        assertTrue(stats.getNumDaysUse() <= 1);
+        assertThat(stats.getNumDaysUse(), lessThan(1L));
         
         Field field = ApiTokenStats.SingleTokenStats.class.getDeclaredField("lastUseDate");
         field.setAccessible(true);
@@ -219,6 +223,6 @@ public class ApiTokenStatsTest {
                 )
         );
         
-        assertTrue(stats.getNumDaysUse() >= 2);
+        assertThat(stats.getNumDaysUse(), greaterThanOrEqualTo(2L));
     }
 }
diff --git a/test/src/test/java/hudson/bugs/JnlpAccessWithSecuredHudsonTest.java b/test/src/test/java/hudson/bugs/JnlpAccessWithSecuredHudsonTest.java
index 524c8263e2..e0cc02ef9f 100644
--- a/test/src/test/java/hudson/bugs/JnlpAccessWithSecuredHudsonTest.java
+++ b/test/src/test/java/hudson/bugs/JnlpAccessWithSecuredHudsonTest.java
@@ -39,6 +39,7 @@ import hudson.slaves.DumbSlave;
 import hudson.util.StreamTaskListener;
 import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
 import jenkins.security.MasterToSlaveCallable;
+import jenkins.security.apitoken.ApiTokenTestHelper;
 import jenkins.security.s2m.AdminWhitelistRule;
 import org.dom4j.Document;
 import org.dom4j.Element;
@@ -86,8 +87,7 @@ public class JnlpAccessWithSecuredHudsonTest {
     @Email("http://markmail.org/message/on4wkjdaldwi2atx")
     @Test
     public void anonymousCanAlwaysLoadJARs() throws Exception {
-        // legacy behavior re-enabled (could be changed when the webclient will be adapted
-        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        ApiTokenTestHelper.enableLegacyBehavior();
         
         r.jenkins.setNodes(Collections.singletonList(createNewJnlpSlave("test")));
         JenkinsRule.WebClient wc = r.createWebClient();
diff --git a/test/src/test/java/hudson/cli/CLIActionTest.java b/test/src/test/java/hudson/cli/CLIActionTest.java
index c83c856fe1..c6d9208f45 100644
--- a/test/src/test/java/hudson/cli/CLIActionTest.java
+++ b/test/src/test/java/hudson/cli/CLIActionTest.java
@@ -30,6 +30,7 @@ import java.util.logging.Level;
 import jenkins.model.Jenkins;
 import jenkins.security.ApiTokenProperty;
 import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenTestHelper;
 import jenkins.util.FullDuplexHttpService;
 import jenkins.util.Timer;
 import org.apache.commons.io.FileUtils;
@@ -130,7 +131,7 @@ public class CLIActionTest {
     @Issue({"JENKINS-12543", "JENKINS-41745"})
     @Test
     public void authentication() throws Exception {
-        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        ApiTokenTestHelper.enableLegacyBehavior();
         
         logging.record(PlainCLIProtocol.class, Level.FINE);
         File jar = tmp.newFile("jenkins-cli.jar");
diff --git a/test/src/test/java/hudson/diagnosis/HudsonHomeDiskUsageMonitorTest.java b/test/src/test/java/hudson/diagnosis/HudsonHomeDiskUsageMonitorTest.java
index d159fe090d..395653a0cb 100644
--- a/test/src/test/java/hudson/diagnosis/HudsonHomeDiskUsageMonitorTest.java
+++ b/test/src/test/java/hudson/diagnosis/HudsonHomeDiskUsageMonitorTest.java
@@ -13,6 +13,7 @@ import hudson.model.User;
 import hudson.security.GlobalMatrixAuthorizationStrategy;
 import jenkins.model.Jenkins;
 import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenTestHelper;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
@@ -60,8 +61,7 @@ public class HudsonHomeDiskUsageMonitorTest {
     @Issue("SECURITY-371")
     @Test
     public void noAccessForNonAdmin() throws Exception {
-        // legacy behavior re-enabled (could be changed when the webclient will be adapted
-        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        ApiTokenTestHelper.enableLegacyBehavior();
         
         JenkinsRule.WebClient wc = j.createWebClient();
 
diff --git a/test/src/test/java/hudson/model/ItemsTest.java b/test/src/test/java/hudson/model/ItemsTest.java
index 847d663b44..04aefdc237 100644
--- a/test/src/test/java/hudson/model/ItemsTest.java
+++ b/test/src/test/java/hudson/model/ItemsTest.java
@@ -41,6 +41,7 @@ import java.net.URL;
 import java.util.Arrays;
 import jenkins.model.Jenkins;
 import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenTestHelper;
 import org.acegisecurity.context.SecurityContext;
 import org.acegisecurity.context.SecurityContextHolder;
 import org.apache.commons.httpclient.HttpStatus;
@@ -64,8 +65,7 @@ public class ItemsTest {
 
     @Before
     public void setupLegacyBehavior(){
-        // legacy behavior re-enabled (could be changed when the webclient will be adapted
-        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        ApiTokenTestHelper.enableLegacyBehavior();
     }
     
     @Test public void getAllItems() throws Exception {
diff --git a/test/src/test/java/hudson/model/JobTest.java b/test/src/test/java/hudson/model/JobTest.java
index 1790ff93ac..5444892246 100644
--- a/test/src/test/java/hudson/model/JobTest.java
+++ b/test/src/test/java/hudson/model/JobTest.java
@@ -53,6 +53,7 @@ import java.util.concurrent.CountDownLatch;
 import jenkins.model.ProjectNamingStrategy;
 
 import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenTestHelper;
 import org.hamcrest.Matchers;
 import org.junit.Rule;
 import org.junit.Test;
@@ -211,8 +212,7 @@ public class JobTest {
 
     @LocalData
     @Test public void configDotXmlPermission() throws Exception {
-        // legacy behavior re-enabled (could be changed when the webclient will be adapted
-        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        ApiTokenTestHelper.enableLegacyBehavior();
         
         j.jenkins.setCrumbIssuer(null);
         JenkinsRule.WebClient wc = j.createWebClient();
diff --git a/test/src/test/java/hudson/model/PasswordParameterDefinitionTest.java b/test/src/test/java/hudson/model/PasswordParameterDefinitionTest.java
index 7861cca4b0..49784981af 100644
--- a/test/src/test/java/hudson/model/PasswordParameterDefinitionTest.java
+++ b/test/src/test/java/hudson/model/PasswordParameterDefinitionTest.java
@@ -32,6 +32,7 @@ import jenkins.model.Jenkins;
 import static org.junit.Assert.assertEquals;
 
 import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenTestHelper;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
@@ -52,8 +53,7 @@ public class PasswordParameterDefinitionTest {
 
     @Issue("JENKINS-36476")
     @Test public void defaultValueAlwaysAvailable() throws Exception {
-        // legacy behavior re-enabled (could be changed when the webclient will be adapted
-        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        ApiTokenTestHelper.enableLegacyBehavior();
         
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         j.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy().
diff --git a/test/src/test/java/hudson/model/QueueTest.java b/test/src/test/java/hudson/model/QueueTest.java
index 3b3a67fd0b..27cfea5850 100644
--- a/test/src/test/java/hudson/model/QueueTest.java
+++ b/test/src/test/java/hudson/model/QueueTest.java
@@ -74,6 +74,7 @@ import jenkins.model.BlockedBecauseOfBuildInProgress;
 import jenkins.model.Jenkins;
 import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
 import jenkins.security.QueueItemAuthenticatorConfiguration;
+import jenkins.security.apitoken.ApiTokenTestHelper;
 import jenkins.triggers.ReverseBuildTrigger;
 import org.acegisecurity.Authentication;
 import org.acegisecurity.GrantedAuthority;
@@ -927,8 +928,7 @@ public class QueueTest {
     @Issue({"SECURITY-186", "SECURITY-618"})
     @Test
     public void queueApiOutputShouldBeFilteredByUserPermission() throws Exception {
-        // legacy behavior re-enabled (could be changed when the webclient will be adapted
-        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        ApiTokenTestHelper.enableLegacyBehavior();
 
         r.jenkins.setSecurityRealm(r.createDummySecurityRealm());
         ProjectMatrixAuthorizationStrategy str = new ProjectMatrixAuthorizationStrategy();
diff --git a/test/src/test/java/hudson/model/UserTest.java b/test/src/test/java/hudson/model/UserTest.java
index 493391b2b7..da8a6b839c 100644
--- a/test/src/test/java/hudson/model/UserTest.java
+++ b/test/src/test/java/hudson/model/UserTest.java
@@ -57,6 +57,7 @@ import jenkins.model.Jenkins;
 import jenkins.security.ApiTokenProperty;
 
 import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenTestHelper;
 import org.acegisecurity.AccessDeniedException;
 import org.acegisecurity.Authentication;
 import org.acegisecurity.AuthenticationException;
@@ -532,7 +533,7 @@ public class UserTest {
     @Test
     // @Issue("SECURITY-180")
     public void security180() throws Exception {
-        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        ApiTokenTestHelper.enableLegacyBehavior();
         
         final GlobalMatrixAuthorizationStrategy auth = new GlobalMatrixAuthorizationStrategy();
         j.jenkins.setAuthorizationStrategy(auth);
diff --git a/test/src/test/java/hudson/security/HudsonPrivateSecurityRealmTest.java b/test/src/test/java/hudson/security/HudsonPrivateSecurityRealmTest.java
index 1705a6143a..f88d1a177a 100644
--- a/test/src/test/java/hudson/security/HudsonPrivateSecurityRealmTest.java
+++ b/test/src/test/java/hudson/security/HudsonPrivateSecurityRealmTest.java
@@ -52,6 +52,7 @@ import static org.junit.Assert.*;
 
 import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
 import jenkins.security.SecurityListener;
+import jenkins.security.apitoken.ApiTokenTestHelper;
 import org.apache.commons.lang.StringUtils;
 import org.junit.Before;
 import org.junit.Rule;
@@ -168,7 +169,7 @@ public class HudsonPrivateSecurityRealmTest {
     @Issue("SECURITY-243")
     @Test
     public void fullNameCollisionToken() throws Exception {
-        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        ApiTokenTestHelper.enableLegacyBehavior();
         
         HudsonPrivateSecurityRealm securityRealm = new HudsonPrivateSecurityRealm(false, false, null);
         j.jenkins.setSecurityRealm(securityRealm);
diff --git a/test/src/test/java/hudson/security/LoginTest.java b/test/src/test/java/hudson/security/LoginTest.java
index 7e6ba0d452..a53533cb93 100644
--- a/test/src/test/java/hudson/security/LoginTest.java
+++ b/test/src/test/java/hudson/security/LoginTest.java
@@ -13,6 +13,7 @@ import com.gargoylesoftware.htmlunit.html.HtmlCheckBoxInput;
 
 import hudson.model.User;
 import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenTestHelper;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.JenkinsRule;
@@ -54,8 +55,7 @@ public class LoginTest {
     @Test
     @PresetData(DataSet.ANONYMOUS_READONLY)
     public void loginErrorRedirect2() throws Exception {
-        // legacy behavior re-enabled (could be changed when the webclient will be adapted
-        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        ApiTokenTestHelper.enableLegacyBehavior();
 
         // in a secured Hudson, the error page should render.
         WebClient wc = j.createWebClient();
diff --git a/test/src/test/java/hudson/util/RobustReflectionConverterTest.java b/test/src/test/java/hudson/util/RobustReflectionConverterTest.java
index 64169eb842..35f489b4ea 100644
--- a/test/src/test/java/hudson/util/RobustReflectionConverterTest.java
+++ b/test/src/test/java/hudson/util/RobustReflectionConverterTest.java
@@ -46,6 +46,7 @@ import jenkins.model.Jenkins;
 import static org.junit.Assert.*;
 
 import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenTestHelper;
 import net.sf.json.JSONObject;
 
 import org.junit.Rule;
@@ -188,8 +189,7 @@ public class RobustReflectionConverterTest {
     
     @Test
     public void testRestInterfaceFailure() throws Exception {
-        // legacy behavior re-enabled (could be changed when the webclient will be adapted
-        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        ApiTokenTestHelper.enableLegacyBehavior();
 
         Items.XSTREAM2.addCriticalField(KeywordProperty.class, "criticalField");
 
diff --git a/test/src/test/java/jenkins/model/JenkinsTest.java b/test/src/test/java/jenkins/model/JenkinsTest.java
index 4563f0bdbc..6c30ebdeb0 100644
--- a/test/src/test/java/jenkins/model/JenkinsTest.java
+++ b/test/src/test/java/jenkins/model/JenkinsTest.java
@@ -65,6 +65,7 @@ import hudson.util.VersionNumber;
 
 import jenkins.AgentProtocol;
 import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenTestHelper;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
@@ -294,8 +295,7 @@ public class JenkinsTest {
 
     @Test
     public void testDoScript() throws Exception {
-        // legacy behavior re-enabled (could be changed when the webclient will be adapted
-        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        ApiTokenTestHelper.enableLegacyBehavior();
         
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         j.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy().
@@ -325,8 +325,7 @@ public class JenkinsTest {
 
     @Test
     public void testDoEval() throws Exception {
-        // legacy behavior re-enabled (could be changed when the webclient will be adapted
-        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        ApiTokenTestHelper.enableLegacyBehavior();
         
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         j.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy().
diff --git a/test/src/test/java/jenkins/security/ApiCrumbExclusionTest.java b/test/src/test/java/jenkins/security/ApiCrumbExclusionTest.java
index 034a63b568..59793f7da3 100644
--- a/test/src/test/java/jenkins/security/ApiCrumbExclusionTest.java
+++ b/test/src/test/java/jenkins/security/ApiCrumbExclusionTest.java
@@ -35,6 +35,7 @@ import hudson.model.User;
 import hudson.security.csrf.DefaultCrumbIssuer;
 import hudson.util.HttpResponses;
 import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenTestHelper;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
@@ -59,8 +60,7 @@ public class ApiCrumbExclusionTest {
     @Test
     @Issue("JENKINS-22474")
     public void callUsingApiTokenDoesNotRequireCSRFToken() throws Exception {
-        // legacy behavior re-enabled (could be changed when the webclient will be adapted
-        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        ApiTokenTestHelper.enableLegacyBehavior();
 
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         j.jenkins.setCrumbIssuer(null);
diff --git a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
index 1266a8abe6..47e750f62c 100644
--- a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
+++ b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
@@ -1,14 +1,14 @@
 package jenkins.security;
 
+import static org.hamcrest.Matchers.containsString;
 import static org.hamcrest.Matchers.is;
+import static org.hamcrest.Matchers.not;
 import static org.hamcrest.xml.HasXPath.hasXPath;
 import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotEquals;
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertSame;
 import static org.junit.Assert.assertThat;
-import static org.junit.Assert.assertTrue;
 import static org.junit.Assert.fail;
 
 import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
@@ -29,6 +29,7 @@ import java.net.URL;
 import jenkins.model.Jenkins;
 import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
 import jenkins.security.apitoken.ApiTokenStore;
+import jenkins.security.apitoken.ApiTokenTestHelper;
 import net.sf.json.JSONObject;
 import org.junit.Before;
 import org.junit.Rule;
@@ -54,9 +55,7 @@ public class ApiTokenPropertyTest {
 
     @Before
     public void setupLegacyConfig(){
-        ApiTokenPropertyConfiguration config = ApiTokenPropertyConfiguration.get();
-        config.setCreationOfLegacyTokenEnabled(true);
-        config.setTokenGenerationOnCreationEnabled(true);
+        ApiTokenTestHelper.enableLegacyBehavior();
     }
     
     /**
@@ -102,7 +101,7 @@ public class ApiTokenPropertyTest {
         ApiTokenProperty t = new ApiTokenProperty(historicalInitialValue);
         u.addProperty(t);
         String apiToken1 = t.getApiToken();
-        assertFalse(apiToken1.equals(Util.getDigestOf(historicalInitialValue)));
+        assertNotEquals(apiToken1, Util.getDigestOf(historicalInitialValue));
 
         // the replacement for the compromised value must be consistent and cannot be random
         ApiTokenProperty t2 = new ApiTokenProperty(historicalInitialValue);
@@ -112,7 +111,7 @@ public class ApiTokenPropertyTest {
         // any other value is OK. those are changed values
         t = new ApiTokenProperty(historicalInitialValue+"somethingElse");
         u.addProperty(t);
-        assertTrue(t.getApiToken().equals(Util.getDigestOf(historicalInitialValue+"somethingElse")));
+        assertEquals(t.getApiToken(), Util.getDigestOf(historicalInitialValue+"somethingElse"));
     }
     
     @Issue("SECURITY-200")
@@ -417,7 +416,7 @@ public class ApiTokenPropertyTest {
     
     private void revokeToken(WebClient wc, String login, String tokenUuid) throws Exception {
         WebRequest request = new WebRequest(
-                new URL(j.getURL(), "user/" + login + "/descriptorByName/" + ApiTokenProperty.class.getName() + "/revoke/?tokenId=" + tokenUuid),
+                new URL(j.getURL(), "user/" + login + "/descriptorByName/" + ApiTokenProperty.class.getName() + "/revoke/?tokenUuid=" + tokenUuid),
                 HttpMethod.POST
         );
         Page p = wc.getPage(request);
@@ -432,14 +431,14 @@ public class ApiTokenPropertyTest {
         Page p = wc.getPage(request);
         assertEquals(200, p.getWebResponse().getStatusCode());
         if(success){
-            assertFalse(p.getWebResponse().getContentAsString().contains(Messages.ApiTokenProperty_ChangeToken_CapabilityNotAllowed()));
+            assertThat(p.getWebResponse().getContentAsString(), not(containsString(Messages.ApiTokenProperty_ChangeToken_CapabilityNotAllowed())));
         }else{
-            assertTrue(p.getWebResponse().getContentAsString().contains(Messages.ApiTokenProperty_ChangeToken_CapabilityNotAllowed()));
+            assertThat(p.getWebResponse().getContentAsString(), containsString(Messages.ApiTokenProperty_ChangeToken_CapabilityNotAllowed()));
         }
     }
     
     public static class GenerateNewTokenResponse {
-        public String tokenId;
+        public String tokenUuid;
         public String tokenName;
         public String tokenValue;
     }
diff --git a/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java b/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java
index bfce1b46f4..526c2307d2 100644
--- a/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java
+++ b/test/src/test/java/jenkins/security/BasicHeaderProcessorTest.java
@@ -8,6 +8,7 @@ import hudson.model.UnprotectedRootAction;
 import hudson.model.User;
 import hudson.util.HttpResponses;
 import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenTestHelper;
 import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
@@ -46,8 +47,7 @@ public class BasicHeaderProcessorTest {
      */
     @Test
     public void testVariousWaysToCall() throws Exception {
-        // legacy behavior re-enabled (could be changed when the webclient will be adapted
-        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        ApiTokenTestHelper.enableLegacyBehavior();
 
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         User foo = User.getById("foo", true);
@@ -116,7 +116,7 @@ public class BasicHeaderProcessorTest {
 
     @Test
     public void testAuthHeaderCaseInSensitive() throws Exception {
-        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        ApiTokenTestHelper.enableLegacyBehavior();
         
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         User foo = User.get("foo");
diff --git a/test/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java b/test/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java
index 5f79ee04d1..e1b8dd6674 100644
--- a/test/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java
+++ b/test/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java
@@ -82,7 +82,7 @@ public class ApiTokenStatsTest {
         JSONObject jsonData = jsonObject.getJSONObject("data");
         String tokenName = jsonData.getString("tokenName");
         String tokenValue = jsonData.getString("tokenValue");
-        String tokenUuid = jsonData.getString("tokenId");
+        String tokenUuid = jsonData.getString("tokenUuid");
         
         assertEquals(TOKEN_NAME, tokenName);
         
@@ -135,7 +135,7 @@ public class ApiTokenStatsTest {
     
     private void revokeToken(WebClient wc, String login, String tokenUuid) throws Exception {
         WebRequest request = new WebRequest(
-                new URL(j.getURL(), "user/" + login + "/descriptorByName/" + ApiTokenProperty.class.getName() + "/revoke/?tokenId=" + tokenUuid),
+                new URL(j.getURL(), "user/" + login + "/descriptorByName/" + ApiTokenProperty.class.getName() + "/revoke/?tokenUuid=" + tokenUuid),
                 HttpMethod.POST
         );
         Page p = wc.getPage(request);
diff --git a/test/src/test/java/jenkins/security/apitoken/ApiTokenTestHelper.java b/test/src/test/java/jenkins/security/apitoken/ApiTokenTestHelper.java
new file mode 100644
index 0000000000..2630a84ed7
--- /dev/null
+++ b/test/src/test/java/jenkins/security/apitoken/ApiTokenTestHelper.java
@@ -0,0 +1,36 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.security.apitoken;
+
+public class ApiTokenTestHelper {
+    /**
+     * Reconfigure the instance to use legacy behavior
+     * When the jenkins-test-harness will support this, we will be able to remove this method.
+     */
+    public static void enableLegacyBehavior(){
+        ApiTokenPropertyConfiguration config = ApiTokenPropertyConfiguration.get();
+        config.setTokenGenerationOnCreationEnabled(true);
+        config.setCreationOfLegacyTokenEnabled(true);
+    }
+}
diff --git a/test/src/test/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitorTest.java b/test/src/test/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitorTest.java
index 4b1cfdbe55..80172d9ab7 100644
--- a/test/src/test/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitorTest.java
+++ b/test/src/test/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitorTest.java
@@ -35,16 +35,15 @@ import hudson.model.AdministrativeMonitor;
 import hudson.model.User;
 import jenkins.security.ApiTokenProperty;
 import org.apache.commons.lang.StringUtils;
+import org.hamcrest.Matchers;
 import org.junit.Rule;
 import org.junit.Test;
-import org.junit.rules.Timeout;
 import org.jvnet.hudson.test.JenkinsRule;
 
-import java.util.concurrent.TimeUnit;
-
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertThat;
 import static org.junit.Assert.assertTrue;
 
 public class LegacyApiTokenAdministrativeMonitorTest {
@@ -66,11 +65,11 @@ public class LegacyApiTokenAdministrativeMonitorTest {
         LegacyApiTokenAdministrativeMonitor monitor = j.jenkins.getExtensionList(AdministrativeMonitor.class).get(LegacyApiTokenAdministrativeMonitor.class);
         assertFalse(monitor.isActivated());
         
-        ApiTokenStore.TokenIdAndPlainValue tokenInfo = apiTokenProperty.getTokenStore().generateNewToken("Not Legacy");
+        ApiTokenStore.TokenUuidAndPlainValue tokenInfo = apiTokenProperty.getTokenStore().generateNewToken("Not Legacy");
         // "new" token does not trigger the monitor
         assertFalse(monitor.isActivated());
         
-        apiTokenProperty.getTokenStore().revokeToken(tokenInfo.tokenId);
+        apiTokenProperty.getTokenStore().revokeToken(tokenInfo.tokenUuid);
         assertFalse(monitor.isActivated());
         
         apiTokenProperty.changeApiToken();
@@ -297,7 +296,7 @@ public class LegacyApiTokenAdministrativeMonitorTest {
     private void checkUserWithLegacyTokenListIsEmpty(JenkinsRule.WebClient wc, LegacyApiTokenAdministrativeMonitor monitor) throws Exception {
         HtmlPage page = wc.goTo(monitor.getUrl() + "/manage");
         String pageContent = page.getWebResponse().getContentAsString();
-        assertTrue(pageContent.contains("no-token-line"));
+        assertThat(pageContent, Matchers.containsString("no-token-line"));
     }
     
     private HtmlPage checkUserWithLegacyTokenListHasSizeOf(
@@ -353,7 +352,7 @@ public class LegacyApiTokenAdministrativeMonitorTest {
                 simulateUseOfLegacyToken(user);
                 Thread.sleep(1);
                 
-                ApiTokenStore.TokenIdAndPlainValue tokenInfo = apiTokenProperty.getTokenStore().generateNewToken("Fresh and recent token");
+                ApiTokenStore.TokenUuidAndPlainValue tokenInfo = apiTokenProperty.getTokenStore().generateNewToken("Fresh and recent token");
                 simulateUseOfToken(user, tokenInfo.plainValue);
             } else {
                 simulateUseOfLegacyToken(user);
@@ -363,7 +362,7 @@ public class LegacyApiTokenAdministrativeMonitorTest {
             }
         } else {
             if (recent) {
-                ApiTokenStore.TokenIdAndPlainValue tokenInfo = apiTokenProperty.getTokenStore().generateNewToken("Recent token");
+                ApiTokenStore.TokenUuidAndPlainValue tokenInfo = apiTokenProperty.getTokenStore().generateNewToken("Recent token");
                 Thread.sleep(1);
                 
                 simulateUseOfLegacyToken(user);
diff --git a/test/src/test/java/lib/form/PasswordTest.java b/test/src/test/java/lib/form/PasswordTest.java
index bac9abf1f0..316fdb20d3 100644
--- a/test/src/test/java/lib/form/PasswordTest.java
+++ b/test/src/test/java/lib/form/PasswordTest.java
@@ -41,6 +41,7 @@ import java.util.regex.Pattern;
 
 import jenkins.model.Jenkins;
 import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
+import jenkins.security.apitoken.ApiTokenTestHelper;
 import org.acegisecurity.Authentication;
 import static org.hamcrest.Matchers.containsString;
 import static org.hamcrest.Matchers.not;
@@ -96,8 +97,7 @@ public class PasswordTest {
     @Issue({"SECURITY-266", "SECURITY-304"})
     @Test
     public void testExposedCiphertext() throws Exception {
-        // legacy behavior re-enabled (could be changed when the webclient will be adapted
-        ApiTokenPropertyConfiguration.get().setTokenGenerationOnCreationEnabled(true);
+        ApiTokenTestHelper.enableLegacyBehavior();
 
         boolean saveEnabled = Item.EXTENDED_READ.getEnabled();
         Item.EXTENDED_READ.setEnabled(true);
-- 
GitLab


From 30be745f63faca548c6a76f1ee998790a9ee85cc Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Tue, 15 May 2018 11:29:09 -0400
Subject: [PATCH 428/863] parent 1.46

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index cbf6bf8eeb..53362e46b7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci</groupId>
     <artifactId>jenkins</artifactId>
-    <version>1.46-20180514.183442-1</version> <!-- TODO https://github.com/jenkinsci/pom/pull/25 -->
+    <version>1.46</version>
     <relativePath />
   </parent>
 
-- 
GitLab


From c4fdc59859c81fe291374b870c11c4f39b65a571 Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Wed, 16 May 2018 13:06:29 -0400
Subject: [PATCH 429/863] node-executors-help: correct agent to node

This screen is in the nodes view and can be reached for:
/computer/(master)/configure

The help applies to all nodes (agents and master) and therefore this text
should say node.
---
 .../src/main/resources/hudson/model/Node/help-numExecutors.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/hudson/model/Node/help-numExecutors.html b/core/src/main/resources/hudson/model/Node/help-numExecutors.html
index 6e23a37a77..0ed2dd6e02 100644
--- a/core/src/main/resources/hudson/model/Node/help-numExecutors.html
+++ b/core/src/main/resources/hudson/model/Node/help-numExecutors.html
@@ -1,6 +1,6 @@
 <div>
   The maximum number of concurrent builds that Jenkins may perform on this
-  agent.
+  node.
   <p>
   A good value to start with would be the number of CPU cores on the machine.
   Setting a higher value would cause each build to take longer, but could
-- 
GitLab


From 7fb6cf58e5a8091e7f7427112bb597a8b726af59 Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Wed, 16 May 2018 13:07:31 -0400
Subject: [PATCH 430/863] node-executors-help: clarify what an agent is

---
 .../main/resources/hudson/model/Node/help-numExecutors.html | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/core/src/main/resources/hudson/model/Node/help-numExecutors.html b/core/src/main/resources/hudson/model/Node/help-numExecutors.html
index 0ed2dd6e02..8fb5cd7951 100644
--- a/core/src/main/resources/hudson/model/Node/help-numExecutors.html
+++ b/core/src/main/resources/hudson/model/Node/help-numExecutors.html
@@ -9,9 +9,9 @@
   the second build could take advantage of the spare I/O capacity at that
   moment.
   <p>
-  Agents must have at least one executor. To temporarily prevent any builds from
-  being executed on an agent, use the <i>Mark this node temporarily offline</i>
-  button on the agent's page.
+  Agents (nodes that are not the master) must have at least one executor.
+  To temporarily prevent any builds from being executed on an agent, use the
+  <i>Mark this node temporarily offline</i> button on the agent's page.
   <p>
   This does not apply to the Jenkins master &mdash; setting the number of
   executors to zero will prevent any builds from being executed on the master.
-- 
GitLab


From 2cf986aa3bd49980cc8ae9b3a4194824ad42407f Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Wed, 16 May 2018 13:08:07 -0400
Subject: [PATCH 431/863] node-executors-help: reword text about master

This screen is in the nodes view and can be reached for:
/computer/(master)/configure
---
 .../main/resources/hudson/model/Node/help-numExecutors.html   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/src/main/resources/hudson/model/Node/help-numExecutors.html b/core/src/main/resources/hudson/model/Node/help-numExecutors.html
index 8fb5cd7951..ad156534a8 100644
--- a/core/src/main/resources/hudson/model/Node/help-numExecutors.html
+++ b/core/src/main/resources/hudson/model/Node/help-numExecutors.html
@@ -13,6 +13,6 @@
   To temporarily prevent any builds from being executed on an agent, use the
   <i>Mark this node temporarily offline</i> button on the agent's page.
   <p>
-  This does not apply to the Jenkins master &mdash; setting the number of
-  executors to zero will prevent any builds from being executed on the master.
+  For the master, set the number of executors to zero to prevent it from
+  executing builds locally.
 </div>
-- 
GitLab


From 283cde4909f16f42d0512639ded156e1e99040d1 Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Thu, 17 May 2018 10:07:28 -0400
Subject: [PATCH 432/863] node-executors-help: mention flyweight on master

---
 .../src/main/resources/hudson/model/Node/help-numExecutors.html | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/core/src/main/resources/hudson/model/Node/help-numExecutors.html b/core/src/main/resources/hudson/model/Node/help-numExecutors.html
index ad156534a8..62ee113d35 100644
--- a/core/src/main/resources/hudson/model/Node/help-numExecutors.html
+++ b/core/src/main/resources/hudson/model/Node/help-numExecutors.html
@@ -15,4 +15,6 @@
   <p>
   For the master, set the number of executors to zero to prevent it from
   executing builds locally.
+  <i>Note:<i> master will always be able to run flyweight tasks including
+  Pipeline's top-level task.
 </div>
-- 
GitLab


From 20cdb05f941d2813fa799efac316896914ae77e5 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Fri, 18 May 2018 14:03:38 +0200
Subject: [PATCH 433/863] Correct typo

---
 .../apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
index 515b5ee3c6..6deea7d789 100644
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
@@ -85,7 +85,7 @@ THE SOFTWARE.
                                                    class="token-to-revoke ${hasFreshToken ? 'fresh-token' : ''} ${hasMoreRecentlyUsedToken ? 'recent-token' : ''}" />
                                         </td>
                                         <td>
-                                            ${user.id}asdfasdf
+                                            ${user.id}
                                         </td>
                                         <td>
                                             ${user.fullName}
-- 
GitLab


From f33731e7ec7a18c4899a7e22adf5ec5a1becbbb4 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sat, 19 May 2018 10:04:55 +0200
Subject: [PATCH 434/863] Update to Winstone 4.3: Option to enable JMX (#3422)

---
 war/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/war/pom.xml b/war/pom.xml
index 1af95e1d77..d9980a0636 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -89,7 +89,7 @@ THE SOFTWARE.
       -->
       <groupId>org.jenkins-ci</groupId>
       <artifactId>winstone</artifactId>
-      <version>4.2</version>
+      <version>4.3</version>
       <scope>test</scope>
     </dependency>
     <dependency>
-- 
GitLab


From 2561c1f18ab3f9854e368c16170db56b223343aa Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Sat, 19 May 2018 17:09:25 +0800
Subject: [PATCH 435/863] Add Chinese translation for Jenkins lib

---
 .../lib/form/booleanRadio_zh_CN.properties    | 24 ++++++++++++++++++
 .../form/expandableTextbox_zh_CN.properties   | 25 +++++++++++++++++++
 .../lib/form/hetero-list_zh_CN.properties     | 23 +++++++++++++++++
 .../lib/form/repeatable_zh_CN.properties      |  2 +-
 .../lib/layout/layout_zh_CN.properties        |  2 +-
 .../lib/layout/pane_zh_CN.properties          | 24 ++++++++++++++++++
 6 files changed, 98 insertions(+), 2 deletions(-)
 create mode 100644 core/src/main/resources/lib/form/booleanRadio_zh_CN.properties
 create mode 100644 core/src/main/resources/lib/form/expandableTextbox_zh_CN.properties
 create mode 100644 core/src/main/resources/lib/form/hetero-list_zh_CN.properties
 create mode 100644 core/src/main/resources/lib/layout/pane_zh_CN.properties

diff --git a/core/src/main/resources/lib/form/booleanRadio_zh_CN.properties b/core/src/main/resources/lib/form/booleanRadio_zh_CN.properties
new file mode 100644
index 0000000000..bbb5b92f3c
--- /dev/null
+++ b/core/src/main/resources/lib/form/booleanRadio_zh_CN.properties
@@ -0,0 +1,24 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Yes=\u662F
+No=\u5426
diff --git a/core/src/main/resources/lib/form/expandableTextbox_zh_CN.properties b/core/src/main/resources/lib/form/expandableTextbox_zh_CN.properties
new file mode 100644
index 0000000000..48f2663aaf
--- /dev/null
+++ b/core/src/main/resources/lib/form/expandableTextbox_zh_CN.properties
@@ -0,0 +1,25 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+tooltip=\
+  \u6309\u4E00\u4E0B\u5C55\u5F00\u6210\u591A\u884C\u6A21\u5F0F<br />\u8BE5\u6A21\u5F0F\u4E0B\u60A8\u53EF\u4EE5\u76F4\u63A5\u63DB\u884C\u800C\u4E0D\u662F\u7528\u7A7A\u767D\u9694\u884C\u3002<br />\
+  \u8F93\u5165\u4EFB\u4F55\u5355\u884C\u7684\u5185\u5BB9\u518D\u56DE\u8F66\u53EF\u5207\u63DB\u56DE\u5355\u884C\u6A21\u5F0F\u3002
diff --git a/core/src/main/resources/lib/form/hetero-list_zh_CN.properties b/core/src/main/resources/lib/form/hetero-list_zh_CN.properties
new file mode 100644
index 0000000000..b3c5fe872e
--- /dev/null
+++ b/core/src/main/resources/lib/form/hetero-list_zh_CN.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Add=\u65B0\u589E
diff --git a/core/src/main/resources/lib/form/repeatable_zh_CN.properties b/core/src/main/resources/lib/form/repeatable_zh_CN.properties
index 9f8cfebf41..f5733ee16c 100644
--- a/core/src/main/resources/lib/form/repeatable_zh_CN.properties
+++ b/core/src/main/resources/lib/form/repeatable_zh_CN.properties
@@ -20,4 +20,4 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Add=\u589E\u52A0
+Add=\u65B0\u589E
diff --git a/core/src/main/resources/lib/layout/layout_zh_CN.properties b/core/src/main/resources/lib/layout/layout_zh_CN.properties
index dee9aa6363..8b3ea5b661 100644
--- a/core/src/main/resources/lib/layout/layout_zh_CN.properties
+++ b/core/src/main/resources/lib/layout/layout_zh_CN.properties
@@ -20,7 +20,7 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Page\ generated=\u751F\u6210 \u9875\u9762
+Page\ generated=\u751F\u6210\u9875\u9762
 logout=\u6CE8\u9500
 search=\u67E5\u627E
 
diff --git a/core/src/main/resources/lib/layout/pane_zh_CN.properties b/core/src/main/resources/lib/layout/pane_zh_CN.properties
new file mode 100644
index 0000000000..82411933bc
--- /dev/null
+++ b/core/src/main/resources/lib/layout/pane_zh_CN.properties
@@ -0,0 +1,24 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+expand=\u5C55\u5F00
+collapse=\u5408\u4E0A
-- 
GitLab


From d40b1976624c8973bb1b6a71b846fa3b8d2745d5 Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Sat, 19 May 2018 21:02:04 +0800
Subject: [PATCH 436/863] Add Chinese translation for Jenkins Security warning

---
 .../diagnosis/Messages_zh_CN.properties       | 31 +++++++++++++++++++
 .../OldDataMonitor/message_zh_CN.properties   | 26 ++++++++++++++++
 .../message_zh_CN.properties                  |  2 +-
 .../message_zh_CN.properties                  | 26 ++++++++++++++++
 .../config_zh_CN.properties                   | 23 ++++++++++++++
 .../configure-entries_zh_CN.properties        |  4 +--
 .../View/AsynchPeople/index_zh_CN.properties  |  2 ++
 .../model/View/configure_zh_CN.properties     |  1 +
 .../hudson/model/View/index_zh_CN.properties  | 23 ++++++++++++++
 .../scm/SCM/project-changes_zh_CN.properties  |  5 +--
 .../index_zh_CN.properties                    |  1 +
 .../config_zh_CN.properties                   |  2 +-
 .../config_zh_CN.properties                   |  9 ++++--
 .../security/csrf/Messages_zh_CN.properties   | 23 ++++++++++++++
 .../SCMAction/index_zh_CN.properties          | 23 +++++++++++++-
 .../hudson/util/Messages_zh_CN.properties     | 29 +++++++++++++++++
 .../WarnWhenEnabled/message_zh_CN.properties  |  8 +++--
 .../jenkins/CLI/config_zh_CN.properties       | 24 ++++++++++++++
 .../diagnostics/Messages_zh_CN.properties     | 26 ++++++++++++++++
 .../message_zh_CN.properties                  | 29 +++++++++++++++++
 .../message_zh_CN.properties                  | 24 ++++++++++++--
 .../management/Messages_zh_CN.properties      |  2 +-
 .../DownloadSettings/config_zh_CN.properties  |  1 +
 .../config_zh_CN.properties                   | 29 +++++++++++++++++
 .../message_zh_CN.properties                  | 28 +++++++++++++++++
 .../message.jelly                             |  2 +-
 .../message_zh_CN.properties                  | 28 +++++++++++++++++
 27 files changed, 414 insertions(+), 17 deletions(-)
 create mode 100644 core/src/main/resources/hudson/diagnosis/Messages_zh_CN.properties
 create mode 100644 core/src/main/resources/hudson/diagnosis/OldDataMonitor/message_zh_CN.properties
 create mode 100644 core/src/main/resources/hudson/diagnosis/TooManyJobsButNoView/message_zh_CN.properties
 create mode 100644 core/src/main/resources/hudson/markup/EscapedMarkupFormatter/config_zh_CN.properties
 create mode 100644 core/src/main/resources/hudson/model/View/index_zh_CN.properties
 create mode 100644 core/src/main/resources/hudson/security/csrf/Messages_zh_CN.properties
 create mode 100644 core/src/main/resources/hudson/util/Messages_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/CLI/config_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/diagnostics/Messages_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/security/UpdateSiteWarningsConfiguration/config_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/security/csrf/CSRFAdministrativeMonitor/message_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_zh_CN.properties

diff --git a/core/src/main/resources/hudson/diagnosis/Messages_zh_CN.properties b/core/src/main/resources/hudson/diagnosis/Messages_zh_CN.properties
new file mode 100644
index 0000000000..a35f0e0c67
--- /dev/null
+++ b/core/src/main/resources/hudson/diagnosis/Messages_zh_CN.properties
@@ -0,0 +1,31 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+MemoryUsageMonitor.USED=\u5DF2\u7528
+MemoryUsageMonitor.TOTAL=\u603B\u5171
+OldDataMonitor.Description=\u4ECE\u65E7\u7684\u3001\u65E9\u671F\u7248\u672C\u7684\u63D2\u4EF6\u4E2D\u6E05\u7406\u914D\u7F6E\u6587\u4EF6\u3002
+OldDataMonitor.DisplayName=\u7BA1\u7406\u65E7\u6570\u636E
+HudsonHomeDiskUsageMonitor.DisplayName=\u78C1\u76D8\u4F7F\u7528\u76D1\u63A7
+
+NullIdDescriptorMonitor.DisplayName=\u63CF\u8FF0ID\u4E3A\u7A7A
+ReverseProxySetupMonitor.DisplayName=\u53CD\u5411\u4EE3\u7406\u8BBE\u7F6E
+TooManyJobsButNoView.DisplayName=\u4EFB\u52A1\u8FC7\u591A\u800C\u6CA1\u6709\u7EC4\u7EC7\u5230\u89C6\u56FE\u4E2D
diff --git a/core/src/main/resources/hudson/diagnosis/OldDataMonitor/message_zh_CN.properties b/core/src/main/resources/hudson/diagnosis/OldDataMonitor/message_zh_CN.properties
new file mode 100644
index 0000000000..e33d31ca0e
--- /dev/null
+++ b/core/src/main/resources/hudson/diagnosis/OldDataMonitor/message_zh_CN.properties
@@ -0,0 +1,26 @@
+# The MIT License
+#
+# Copyright (c) 2004-2013, Sun Microsystems, Inc., Kohsuke Kawaguchi, Pei-Tang Huang,
+# and a number of other of contributers
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+You\ have\ data\ stored\ in\ an\ older\ format\ and/or\ unreadable\ data.=\u60A8\u6709\u8CC7\u6599\u683C\u5F0F\u904E\u820A\u6216\u662F\u7121\u6CD5\u8B80\u53D6\u3002
+Manage=\u7BA1\u7406
+Dismiss=\u4E0D\u518D\u663E\u793A
diff --git a/core/src/main/resources/hudson/diagnosis/ReverseProxySetupMonitor/message_zh_CN.properties b/core/src/main/resources/hudson/diagnosis/ReverseProxySetupMonitor/message_zh_CN.properties
index a0d2ca74c0..51a7112815 100644
--- a/core/src/main/resources/hudson/diagnosis/ReverseProxySetupMonitor/message_zh_CN.properties
+++ b/core/src/main/resources/hudson/diagnosis/ReverseProxySetupMonitor/message_zh_CN.properties
@@ -20,6 +20,6 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Dismiss=\u653E\u5F03
+Dismiss=\u4E0D\u518D\u663E\u793A
 More\ Info=\u66F4\u591A\u4FE1\u606F
 blurb=\u53CD\u5411\u4EE3\u7406\u8BBE\u7F6E\u6709\u8BEF
diff --git a/core/src/main/resources/hudson/diagnosis/TooManyJobsButNoView/message_zh_CN.properties b/core/src/main/resources/hudson/diagnosis/TooManyJobsButNoView/message_zh_CN.properties
new file mode 100644
index 0000000000..4e530b5bdb
--- /dev/null
+++ b/core/src/main/resources/hudson/diagnosis/TooManyJobsButNoView/message_zh_CN.properties
@@ -0,0 +1,26 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+blurb=\u770B\u8D77\u4F86\u6709\u5927\u91CF\u7684\u4EFB\u52A1\u3002\u60A8\u662F\u5426\u77E5\u9053\u53EF\u4EE5\u628A\u4E0D\u540C\u7684\u4EFB\u52A1\u7EC4\u7EC7\u5230\u4E0D\u540C\u7684\u89C6\u56FE\u4E2D\uFF1F\
+  \u60A8\u968F\u65F6\u90FD\u53EF\u4EE5\u6309\u9801\u9762\u6700\u4E0A\u65B9\u7684 '+' \u4F86\u5EFA\u7ACB\u89C6\u56FE\u3002
+Create\ a\ view\ now=\u73B0\u5728\u521B\u5EFA\u4E00\u4E2A\u89C6\u56FE
+Dismiss=\u4E0D\u518D\u663E\u793A
diff --git a/core/src/main/resources/hudson/markup/EscapedMarkupFormatter/config_zh_CN.properties b/core/src/main/resources/hudson/markup/EscapedMarkupFormatter/config_zh_CN.properties
new file mode 100644
index 0000000000..043dfbb86a
--- /dev/null
+++ b/core/src/main/resources/hudson/markup/EscapedMarkupFormatter/config_zh_CN.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+blurb=\u628A\u6240\u6709\u7684\u8F93\u5165\u90FD\u5F53\u4F5C\u7EAF\u6587\u672C\u3002HTML\u4E2D\u50CF < \u548C & \u7684\u4E0D\u5B89\u5168\u5B57\u7B26\u4F1A\u88AB\u8F6C\u4E49\u3002
diff --git a/core/src/main/resources/hudson/model/ListView/configure-entries_zh_CN.properties b/core/src/main/resources/hudson/model/ListView/configure-entries_zh_CN.properties
index 4e571856e2..5264325bf7 100644
--- a/core/src/main/resources/hudson/model/ListView/configure-entries_zh_CN.properties
+++ b/core/src/main/resources/hudson/model/ListView/configure-entries_zh_CN.properties
@@ -21,7 +21,7 @@
 # THE SOFTWARE.
 
 Add\ column=\u6DFB\u52A0\u5217
-All\ selected\ jobs=\u6240\u6709\u9009\u62E9\u7684Jobs
+All\ selected\ jobs=\u6240\u6709\u9009\u62E9\u7684\u4EFB\u52A1
 Columns=\u5217
 Disabled\ jobs\ only=\u53EA\u663E\u793A\u7981\u7528\u7684\u4EFB\u52A1
 Enabled\ jobs\ only=\u53EA\u663E\u793A\u542F\u7528\u7684\u4EFB\u52A1
@@ -30,5 +30,5 @@ Regular\ expression=\u6B63\u5219\u8868\u8FBE\u5F0F
 Status\ Filter=\u72B6\u6001\u8FC7\u6EE4
 Recurse\ in\ subfolders=\u904D\u5386\u5B50\u6587\u4EF6\u5939
 Jobs=\u4EFB\u52A1\u5217\u8868
-Use\ a\ regular\ expression\ to\ include\ jobs\ into\ the\ view=\u4F7F\u7528\u6B63\u5219\u8868\u8FBE\u5F0F\u5728\u89C6\u56FE\u4E2D\u663E\u793AJobs
+Use\ a\ regular\ expression\ to\ include\ jobs\ into\ the\ view=\u4F7F\u7528\u6B63\u5219\u8868\u8FBE\u5F0F\u5728\u89C6\u56FE\u4E2D\u663E\u793A\u4EFB\u52A1
 Add\ Job\ Filter=\u589E\u52A0\u4EFB\u52A1\u8FC7\u6EE4\u5668
diff --git a/core/src/main/resources/hudson/model/View/AsynchPeople/index_zh_CN.properties b/core/src/main/resources/hudson/model/View/AsynchPeople/index_zh_CN.properties
index 8c79dbcf4d..acaa864942 100644
--- a/core/src/main/resources/hudson/model/View/AsynchPeople/index_zh_CN.properties
+++ b/core/src/main/resources/hudson/model/View/AsynchPeople/index_zh_CN.properties
@@ -26,3 +26,5 @@ On=\u5728\u7EBF
 People=\u7528\u6237
 User\ Id=\u7528\u6237\u6807\u8BC6
 blurb=\u5305\u542B\u6240\u6709\u5DF2\u77E5\u201C\u7528\u6237\u201D\uFF0C\u5305\u62EC\u5F53\u524D\u5B89\u5168\u57DF\u4E2D\u7684\u767B\u5F55ID\u548C\u5728\u53D8\u66F4\u8BB0\u5F55\u7684\u63D0\u4EA4\u4FE1\u7684\u606F\u91CC\u7684\u4EBA
+All\ People=\u6240\u6709\u4EBA
+Last\ Commit\ Activity=\u4E0A\u6B21\u63D0\u4EA4\u6D3B\u52A8
diff --git a/core/src/main/resources/hudson/model/View/configure_zh_CN.properties b/core/src/main/resources/hudson/model/View/configure_zh_CN.properties
index d9d3dd4d7d..c274a96317 100644
--- a/core/src/main/resources/hudson/model/View/configure_zh_CN.properties
+++ b/core/src/main/resources/hudson/model/View/configure_zh_CN.properties
@@ -6,3 +6,4 @@ Filter\ build\ queue=\u8FC7\u6EE4\u6784\u5EFA\u961F\u5217
 Name=\u540D\u79F0
 OK=\u4FDD\u5B58
 Apply=\u5E94\u7528
+Edit\ View=\u7F16\u8F91\u89C6\u56FE
diff --git a/core/src/main/resources/hudson/model/View/index_zh_CN.properties b/core/src/main/resources/hudson/model/View/index_zh_CN.properties
new file mode 100644
index 0000000000..bbe633616d
--- /dev/null
+++ b/core/src/main/resources/hudson/model/View/index_zh_CN.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Dashboard=\u4EEA\u8868\u76D8
diff --git a/core/src/main/resources/hudson/scm/SCM/project-changes_zh_CN.properties b/core/src/main/resources/hudson/scm/SCM/project-changes_zh_CN.properties
index 7262342d01..d15ba1605a 100644
--- a/core/src/main/resources/hudson/scm/SCM/project-changes_zh_CN.properties
+++ b/core/src/main/resources/hudson/scm/SCM/project-changes_zh_CN.properties
@@ -1,6 +1,6 @@
 # The MIT License
 #
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
+# Copyright (c) 2004-2018, Sun Microsystems, Inc., suren <zxjlwt@126.com>
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -20,5 +20,6 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-No\ changes\ in\ any\ of\ the\ builds.=\u6CA1\u6709\u4EFB\u4F55\u53D8\u66F4\u3002
+No\ changes\ in\ any\ of\ the\ builds.=\u5728\u4EFB\u610F\u4E00\u6B21\u6784\u5EFA\u4E2D\u90FD\u6CA1\u6709\u53D8\u66F4\u3002
 detail=\u8BE6\u7EC6\u4FE1\u606F
+No\ builds.=\u6CA1\u6709\u6784\u5EFA\u3002
diff --git a/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index_zh_CN.properties b/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index_zh_CN.properties
index d5e0d900b2..0442512fa5 100644
--- a/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index_zh_CN.properties
+++ b/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index_zh_CN.properties
@@ -26,6 +26,7 @@ Markup\ Formatter=\u6807\u8BB0\u683C\u5F0F\u5668
 
 Agents=\u4EE3\u7406
 Agent\ protocols=\u4EE3\u7406\u534F\u8BAE
+TCP\ port\ for\ JNLP\ agents=JNLP\u4EE3\u7406\u534F\u8BAE\u7684TCP\u7AEF\u53E3
 
 Access\ Control=\u8BBF\u95EE\u63A7\u5236
 Security\ Realm=\u5B89\u5168\u57DF
diff --git a/core/src/main/resources/hudson/security/csrf/DefaultCrumbIssuer/config_zh_CN.properties b/core/src/main/resources/hudson/security/csrf/DefaultCrumbIssuer/config_zh_CN.properties
index d7b627e8d1..5204e1c20c 100644
--- a/core/src/main/resources/hudson/security/csrf/DefaultCrumbIssuer/config_zh_CN.properties
+++ b/core/src/main/resources/hudson/security/csrf/DefaultCrumbIssuer/config_zh_CN.properties
@@ -1,3 +1,3 @@
 # This file is under the MIT License by authors
 
-Enable\ proxy\ compatibility=\u6FC0\u6D3B\u4EE3\u7406\u517C\u5BB9
+Enable\ proxy\ compatibility=\u542F\u7528\u4EE3\u7406\u517C\u5BB9
diff --git a/core/src/main/resources/hudson/security/csrf/GlobalCrumbIssuerConfiguration/config_zh_CN.properties b/core/src/main/resources/hudson/security/csrf/GlobalCrumbIssuerConfiguration/config_zh_CN.properties
index 1cb9b1d202..5bf77c312b 100644
--- a/core/src/main/resources/hudson/security/csrf/GlobalCrumbIssuerConfiguration/config_zh_CN.properties
+++ b/core/src/main/resources/hudson/security/csrf/GlobalCrumbIssuerConfiguration/config_zh_CN.properties
@@ -16,9 +16,12 @@
 # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# LIABILITY, WHETHER IN AN ACTION OF CONTR
+# ACT, TORT OR OTHERWISE, ARISING FROM,
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Prevent\ Cross\ Site\ Request\ Forgery\ exploits=\u9632\u6b62\u8de8\u7ad9\u70b9\u8bf7\u6c42\u4f2a\u9020
-
+Prevent\ Cross\ Site\ Request\ Forgery\ exploits=\u9632\u6B62\u8DE8\u7AD9\u70B9\u8BF7\u6C42\u4F2A\u9020
+CSRF\ Protection=\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020\u4FDD\u62A4
+Crumbs=\u788E\u7247
+Crumb\ Algorithm=\u788E\u7247\u7B97\u6CD5
diff --git a/core/src/main/resources/hudson/security/csrf/Messages_zh_CN.properties b/core/src/main/resources/hudson/security/csrf/Messages_zh_CN.properties
new file mode 100644
index 0000000000..730423c9dd
--- /dev/null
+++ b/core/src/main/resources/hudson/security/csrf/Messages_zh_CN.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+DefaultCrumbIssuer.DisplayName=\u9ED8\u8BA4\u788E\u7247\u751F\u6210\u5668
diff --git a/core/src/main/resources/hudson/triggers/SCMTrigger/SCMAction/index_zh_CN.properties b/core/src/main/resources/hudson/triggers/SCMTrigger/SCMAction/index_zh_CN.properties
index 3a75fb402c..f402abdf0e 100644
--- a/core/src/main/resources/hudson/triggers/SCMTrigger/SCMAction/index_zh_CN.properties
+++ b/core/src/main/resources/hudson/triggers/SCMTrigger/SCMAction/index_zh_CN.properties
@@ -1,3 +1,24 @@
-# This file is under the MIT License by authors
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
 title={0}
+Polling\ has\ not\ run\ yet.=\u8FD8\u6CA1\u6709\u5F00\u59CB\u8F6E\u8BE2\u3002
diff --git a/core/src/main/resources/hudson/util/Messages_zh_CN.properties b/core/src/main/resources/hudson/util/Messages_zh_CN.properties
new file mode 100644
index 0000000000..2e90a1cb7c
--- /dev/null
+++ b/core/src/main/resources/hudson/util/Messages_zh_CN.properties
@@ -0,0 +1,29 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+ClockDifference.InSync=\u5DF2\u540C\u6B65
+ClockDifference.Ahead={0} \u9760\u524D
+ClockDifference.Behind={0} \u843D\u540E
+ClockDifference.Failed=\u68C0\u67E5\u5931\u8D25
+FormValidation.ValidateRequired=\u5FC5\u586B\u9879
+FormValidation.Error.Details=\uFF08\u663E\u793A\u8BE6\u60C5\uFF09
+HttpResponses.Saved=\u5DF2\u4FDD\u5B58
diff --git a/core/src/main/resources/jenkins/CLI/WarnWhenEnabled/message_zh_CN.properties b/core/src/main/resources/jenkins/CLI/WarnWhenEnabled/message_zh_CN.properties
index c4963491f5..0d8fbd4efa 100644
--- a/core/src/main/resources/jenkins/CLI/WarnWhenEnabled/message_zh_CN.properties
+++ b/core/src/main/resources/jenkins/CLI/WarnWhenEnabled/message_zh_CN.properties
@@ -20,7 +20,9 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
+Dismiss=\u4E0D\u518D\u663E\u793A
 blurb=\
-    \u5f00\u542fjenkins cli\u7684 <code>-remoting</code> \u5de5\u4f5c\u6a21\u5f0f\u662f\u6bd4\u8f83\u5371\u9669\u7684\uff0c\u901a\u5e38\u6ca1\u6709\u5fc5\u8981\u3002\
-    \u5efa\u8bae\u7981\u6b62\u8be5\u6a21\u5f0f\u3002 \
-    \u8bf7\u53c2\u8003 <a href="https://jenkins.io/doc/book/managing/cli/">cli\u6587\u6863</a> \u4e86\u89e3\u8be6\u60c5\u3002
+    \u5F00\u542Fjenkins cli\u7684 <code>-remoting</code> \u5DE5\u4F5C\u6A21\u5F0F\u662F\u6BD4\u8F83\u5371\u9669\u7684\uFF0C\u901A\u5E38\u6CA1\u6709\u5FC5\u8981\u3002\
+    \u5EFA\u8BAE\u7981\u6B62\u8BE5\u6A21\u5F0F\u3002 \
+    \u8BF7\u53C2\u8003 <a href="https://jenkins.io/doc/book/managing/cli/">cli\u6587\u6863</a> \u4E86\u89E3\u8BE6\u60C5\u3002
+Disable\ CLI\ over\ Remoting=\u7981\u7528\u8FDC\u7A0B\u547D\u4EE4\u63A5\u53E3
diff --git a/core/src/main/resources/jenkins/CLI/config_zh_CN.properties b/core/src/main/resources/jenkins/CLI/config_zh_CN.properties
new file mode 100644
index 0000000000..3ea951e04c
--- /dev/null
+++ b/core/src/main/resources/jenkins/CLI/config_zh_CN.properties
@@ -0,0 +1,24 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+CLI=\u547D\u4EE4\u884C\u63A5\u53E3
+Enable\ CLI\ over\ Remoting=\u542F\u7528\u8FDC\u7A0B\u547D\u4EE4\u884C\u63A5\u53E3
diff --git a/core/src/main/resources/jenkins/diagnostics/Messages_zh_CN.properties b/core/src/main/resources/jenkins/diagnostics/Messages_zh_CN.properties
new file mode 100644
index 0000000000..4616baa249
--- /dev/null
+++ b/core/src/main/resources/jenkins/diagnostics/Messages_zh_CN.properties
@@ -0,0 +1,26 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+CompletedInitializationMonitor.DisplayName=Jenkins \u521D\u59CB\u5316\u76D1\u63A7\u5668
+SecurityIsOffMonitor.DisplayName=\u7981\u7528\u5B89\u5168
+URICheckEncodingMonitor.DisplayName=\u68C0\u67E5 URI \u7F16\u7801
+RootUrlNotSetMonitor.DisplayName=\u76D1\u89C6\u5668\u7684\u6839 URL \u6CA1\u6709\u914D\u7F6E
diff --git a/core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message_zh_CN.properties b/core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message_zh_CN.properties
new file mode 100644
index 0000000000..84005b1c49
--- /dev/null
+++ b/core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message_zh_CN.properties
@@ -0,0 +1,29 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+urlIsNull=Jenkins \u7684\u6839 URL \u4E3A\u7A7A\uFF0C\u4F46\u5BF9\u4E8E Jenkins \u7684\u5F88\u591A\u7279\u8272\u662F\u5FC5\u9700\u7684\uFF0C\u4F8B\u5982\uFF1A\u90AE\u4EF6\u901A\u77E5\uFF0C \
+    PR \u72B6\u6001\u66F4\u65B0\uFF0C\u4EE5\u53CA\u50CF <code>BUILD_URL</code> \u4E00\u6837\u7684\u73AF\u5883\u53D8\u91CF\u3002
+urlIsInvalid=Jenkins \u7684\u6839 URL \u4F3C\u4E4E\u662F\u4E0D\u5408\u6CD5\u7684\u3002\u5B83\u5BF9\u4E8E Jenkins \u7684\u5F88\u591A\u7279\u8272\u662F\u5FC5\u9700\u7684\uFF0C\u4F8B\u5982\uFF1A\u90AE\u4EF6\u901A\u77E5\uFF0C \
+    PR \u72B6\u6001\u66F4\u65B0\uFF0C\u4EE5\u53CA\u50CF <code>BUILD_URL</code> \u4E00\u6837\u7684\u73AF\u5883\u53D8\u91CF\u3002
+actionToTake=\u8BF7\u5728 {0} \u63D0\u4F9B\u4E00\u4E2A\u51C6\u786E\u7684\u503C\u3002
+actionUrlContent=Jenkins \u914D\u7F6E
+Dismiss=\u4E0D\u518D\u663E\u793A
diff --git a/core/src/main/resources/jenkins/diagnostics/SecurityIsOffMonitor/message_zh_CN.properties b/core/src/main/resources/jenkins/diagnostics/SecurityIsOffMonitor/message_zh_CN.properties
index 920e3df570..7ac2a369ab 100644
--- a/core/src/main/resources/jenkins/diagnostics/SecurityIsOffMonitor/message_zh_CN.properties
+++ b/core/src/main/resources/jenkins/diagnostics/SecurityIsOffMonitor/message_zh_CN.properties
@@ -1,5 +1,25 @@
-# This file is under the MIT License by authors
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
 
-Dismiss=\u5FFD\u7565
+Dismiss=\u4E0D\u518D\u663E\u793A
 Setup\ Security=\u5B89\u5168\u8BBE\u7F6E
 blurb=\u4E0D\u5B89\u5168\u7684Jenkins\u5141\u8BB8\u7F51\u7EDC\u4E0A\u7684\u4EFB\u4F55\u4EBA\u4EE5\u4F60\u7684\u8EAB\u4EFD\u8BBF\u95EE\u7A0B\u5E8F\u3002\u8003\u8651\u81F3\u5C11\u542F\u7528\u8EAB\u4EFD\u9A8C\u8BC1\u6765\u963B\u6B62\u6EE5\u7528\u3002
diff --git a/core/src/main/resources/jenkins/management/Messages_zh_CN.properties b/core/src/main/resources/jenkins/management/Messages_zh_CN.properties
index 2154b15034..bce62ce140 100644
--- a/core/src/main/resources/jenkins/management/Messages_zh_CN.properties
+++ b/core/src/main/resources/jenkins/management/Messages_zh_CN.properties
@@ -25,7 +25,7 @@
 NodesLink.Description=\u6DFB\u52A0\u3001\u5220\u9664\u3001\u63A7\u5236\u548C\u76D1\u89C6\u7CFB\u7EDF\u8FD0\u884C\u4EFB\u52A1\u7684\u8282\u70B9\u3002
 PluginsLink.Description=\u6DFB\u52A0\u3001\u5220\u9664\u3001\u7981\u7528\u6216\u542F\u7528Jenkins\u529F\u80FD\u6269\u5C55\u63D2\u4EF6\u3002
 ConfigureLink.DisplayName=\u7CFB\u7EDF\u8BBE\u7F6E
-ConfigureLink.Description=\u5168\u5C40\u8BBE\u7F6E&\u8DEF\u5F84
+ConfigureLink.Description=\u5168\u5C40\u8BBE\u7F6E\u548C\u8DEF\u5F84
 ReloadLink.Description=\u653E\u5F03\u5F53\u524D\u5185\u5B58\u4E2D\u6240\u6709\u7684\u8BBE\u7F6E\u4FE1\u606F\u5E76\u4ECE\u914D\u7F6E\u6587\u4EF6\u4E2D\u91CD\u65B0\u8BFB\u53D6\n\
                        \u4EC5\u7528\u4E8E\u5F53\u60A8\u624B\u52A8\u4FEE\u6539\u914D\u7F6E\u6587\u4EF6\u65F6\u91CD\u65B0\u8BFB\u53D6\u8BBE\u7F6E\u3002
 
diff --git a/core/src/main/resources/jenkins/model/DownloadSettings/config_zh_CN.properties b/core/src/main/resources/jenkins/model/DownloadSettings/config_zh_CN.properties
index b57b404bcd..8718dff20c 100644
--- a/core/src/main/resources/jenkins/model/DownloadSettings/config_zh_CN.properties
+++ b/core/src/main/resources/jenkins/model/DownloadSettings/config_zh_CN.properties
@@ -20,5 +20,6 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
+Plugin\ Manager=\u63D2\u4EF6\u7BA1\u7406
 Use\ Browser=\u4F7F\u7528\u6D4F\u89C8\u5668
 Use\ browser\ for\ metadata\ download=\u4F7F\u7528\u6D4F\u89C8\u5668\u4E0B\u8F7D\u5143\u6570\u636E
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/security/UpdateSiteWarningsConfiguration/config_zh_CN.properties b/core/src/main/resources/jenkins/security/UpdateSiteWarningsConfiguration/config_zh_CN.properties
new file mode 100644
index 0000000000..aec0b05bf1
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/UpdateSiteWarningsConfiguration/config_zh_CN.properties
@@ -0,0 +1,29 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Hidden\ security\ warnings=\u9690\u85CF\u7684\u5B89\u5168\u8B66\u544A
+Security\ warnings=\u5B89\u5168\u8B66\u544A
+warning.core=Jenkins \u6838\u5FC3: {0}
+warning.plugin= {0}: {1} 
+
+blurb=\u8BE5\u533A\u57DF\u5141\u8BB8\u4F60\u7981\u7528\u5728\u66F4\u65B0\u7F51\u7AD9\u53D1\u5E03\u7684\u8B66\u544A\u3002 \
+  \u52FE\u9009\u8B66\u544A\u663E\u793A\uFF08\u9ED8\u8BA4\uFF09\uFF0C\u53D6\u6D88\u7684\u8B66\u544A\u4F1A\u9690\u85CF\u3002
diff --git a/core/src/main/resources/jenkins/security/csrf/CSRFAdministrativeMonitor/message_zh_CN.properties b/core/src/main/resources/jenkins/security/csrf/CSRFAdministrativeMonitor/message_zh_CN.properties
new file mode 100644
index 0000000000..ef11117723
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/csrf/CSRFAdministrativeMonitor/message_zh_CN.properties
@@ -0,0 +1,28 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+warningMessage=\u60A8\u8FD8\u6CA1\u6709\u914D\u7F6E\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020\u9632\u62A4\u3002\u8FD9\u53EF\u80FD\u4F1A\u6709\u5B89\u5168\u95EE\u9898\u3002 \
+  \u66F4\u591A\u4FE1\u606F\uFF0C\u8BF7\u53C2\u8003 {0}\u3002
+actionMessage=\u60A8\u53EF\u4EE5\u5728\u5B89\u5168\u533A\u57DF {0} \u6765\u4FEE\u6539\u5F53\u524D\u7684\u914D\u7F6E\u3002
+referenceUrlContent=\u8FD9\u4E2A\u9875\u9762
+actionUrlContent=\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020\u4FDD\u62A4
+Dismiss=\u4E0D\u518D\u663E\u793A
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message.jelly b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message.jelly
index 5c5e708c96..a7876a8de2 100644
--- a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message.jelly
+++ b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message.jelly
@@ -2,6 +2,6 @@
 <j:jelly xmlns:j="jelly:core">
 <div class="alert alert-warning">
   ${%blurb(it.deprecatedProtocols)}
-  See <a href="${rootURL}/configureSecurity">${%Protocol Configuration}</a>.
+  ${%See} <a href="${rootURL}/configureSecurity">${%Protocol Configuration}</a>.
 </div>
 </j:jelly>
diff --git a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_zh_CN.properties b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_zh_CN.properties
new file mode 100644
index 0000000000..5f6308a5c9
--- /dev/null
+++ b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_zh_CN.properties
@@ -0,0 +1,28 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+blurb=\u8BE5 Jenkins \u5B9E\u4F8B\u4F7F\u7528\u4E86\u5DF2\u5F03\u7528\u7684\u534F\u8BAE\uFF1A {0}\u3002 \
+      \u5B83\u53EF\u80FD\u5F71\u54CD\u5B9E\u4F8B\u7684\u7A33\u5B9A\u6027\u3002 \
+      \u5982\u679C\u66F4\u65B0\u7684\u534F\u8BAE\u7248\u672C\u5DF2\u7ECF\u652F\u6301\u4E86\u6240\u6709\u7684\u7CFB\u7EDF\u7EC4\u4EF6\uFF08\u4EE3\u7406\u3001\u547D\u4EE4\u884C\u4EE5\u53CA\u5176\u4ED6\u5BA2\u6237\u7AEF\uFF0C \
+      \u5F3A\u70C8\u5EFA\u8BAE\u7981\u7528\u88AB\u5F03\u7528\u7684\u534F\u8BAE\u3002
+See=\u67E5\u770B
+Protocol\ Configuration=\u534F\u8BAE\u914D\u7F6E
-- 
GitLab


From 448eda5b63a8d99c6ec989f76cb25044cb63733e Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 20 May 2018 18:41:47 -0700
Subject: [PATCH 437/863] [maven-release-plugin] prepare release jenkins-2.123

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d54dac5918..2e15a2e1e9 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.123</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 0d5c3f2c27..2c7fbe565c 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.123</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 53362e46b7..7cf9bd28ce 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.123</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.123</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..da6dd63441 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.123</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index d9980a0636..637b7e3437 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.123</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From dea69f62b0af1fa1def503cccd8ea86970cacf7a Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 20 May 2018 18:41:47 -0700
Subject: [PATCH 438/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 2e15a2e1e9..aef267390b 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.123</version>
+    <version>2.124-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 2c7fbe565c..6dfd4f49a3 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.123</version>
+    <version>2.124-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 7cf9bd28ce..0d09d67603 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.123</version>
+  <version>2.124-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.123</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index da6dd63441..98b9076238 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.123</version>
+    <version>2.124-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 637b7e3437..ae0c4c79bc 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.123</version>
+    <version>2.124-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 53a7f64b43c94321459bae819c3b19693fcf8a29 Mon Sep 17 00:00:00 2001
From: suren <zxjlwt@126.com>
Date: Mon, 21 May 2018 09:56:16 +0800
Subject: [PATCH 439/863] change the i18n to parameterized

---
 .../DeprecatedAgentProtocolMonitor/message.jelly      |  2 +-
 .../DeprecatedAgentProtocolMonitor/message.properties |  3 ++-
 .../message_bg.properties                             | 11 ++++++-----
 .../message_it.properties                             |  6 +++---
 .../message_zh_CN.properties                          |  2 +-
 5 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message.jelly b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message.jelly
index a7876a8de2..0a22909879 100644
--- a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message.jelly
+++ b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message.jelly
@@ -2,6 +2,6 @@
 <j:jelly xmlns:j="jelly:core">
 <div class="alert alert-warning">
   ${%blurb(it.deprecatedProtocols)}
-  ${%See} <a href="${rootURL}/configureSecurity">${%Protocol Configuration}</a>.
+  ${%See} ${%Protocol Configuration(rootURL)}
 </div>
 </j:jelly>
diff --git a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message.properties b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message.properties
index 24d624fa2c..a418a180c6 100644
--- a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message.properties
+++ b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message.properties
@@ -1,4 +1,5 @@
 blurb=This Jenkins instance uses deprecated protocols: {0}. \
       It may impact stability of the instance. \
       If newer protocol versions are supported by all system components (agents, CLI and other clients), \
-      it is highly recommended to disable the deprecated protocols.
\ No newline at end of file
+      it is highly recommended to disable the deprecated protocols.
+Protocol\ Configuration=<a href="{0}/configureSecurity">Protocol Configuration</a>.
diff --git a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_bg.properties b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_bg.properties
index 9674b5a02d..e901efca6d 100644
--- a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_bg.properties
+++ b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_bg.properties
@@ -25,12 +25,13 @@
 # If newer protocol versions are supported by all system components (agents, CLI and other clients), \ 
 # it is highly recommended to disable the deprecated protocols.
 blurb=\
- \u0422\u0430\u0437\u0438 \u0438\u043d\u0441\u0442\u0430\u043b\u0430\u0446\u0438\u044f \u043d\u0430 Jenkins \u0438\u0437\u043f\u043e\u043b\u0437\u0432\u0430 \u043e\u0441\u0442\u0430\u0440\u0435\u043b\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0438: {0}.  \u0422\u043e\u0432\u0430 \u043c\u043e\u0436\u0435 \u0434\u0430 \u0441\u0435\
- \u043e\u0442\u0440\u0430\u0437\u0438 \u043d\u0430 \u0441\u0442\u0430\u0431\u0438\u043b\u043d\u043e\u0441\u0442\u0442\u0430 \u045d.  \u0410\u043a\u043e \u0432\u0441\u0438\u0447\u043a\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u0438 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0438, \u043a\u0430\u0442\u043e \u0430\u0433\u0435\u043d\u0442\u0438\u0442\u0435,\
- \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u0438\u044f \u0440\u0435\u0434 \u0438 \u0434\u0440\u0443\u0433\u0438\u0442\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u0438 \u043f\u043e\u0434\u0434\u044a\u0440\u0436\u0430\u0442 \u043d\u043e\u0432\u0438\u0442\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0438, \u0441\u0438\u043b\u043d\u043e \u043f\u0440\u0435\u043f\u043e\u0440\u044a\u0447\u0432\u0430\u043c\u0435\
- \u0434\u0430 \u0438\u0437\u043a\u043b\u044e\u0447\u0438\u0442\u0435 \u043e\u0441\u0442\u0430\u0440\u0435\u043b\u0438\u0442\u0435.
+ \u0422\u0430\u0437\u0438 \u0438\u043D\u0441\u0442\u0430\u043B\u0430\u0446\u0438\u044F \u043D\u0430 Jenkins \u0438\u0437\u043F\u043E\u043B\u0437\u0432\u0430 \u043E\u0441\u0442\u0430\u0440\u0435\u043B\u0438 \u043F\u0440\u043E\u0442\u043E\u043A\u043E\u043B\u0438: {0}.  \u0422\u043E\u0432\u0430 \u043C\u043E\u0436\u0435 \u0434\u0430 \u0441\u0435\
+ \u043E\u0442\u0440\u0430\u0437\u0438 \u043D\u0430 \u0441\u0442\u0430\u0431\u0438\u043B\u043D\u043E\u0441\u0442\u0442\u0430 \u045D.  \u0410\u043A\u043E \u0432\u0441\u0438\u0447\u043A\u0438 \u0441\u0438\u0441\u0442\u0435\u043C\u043D\u0438 \u043A\u043E\u043C\u043F\u043E\u043D\u0435\u043D\u0442\u0438, \u043A\u0430\u0442\u043E \u0430\u0433\u0435\u043D\u0442\u0438\u0442\u0435,\
+ \u043A\u043E\u043C\u0430\u043D\u0434\u043D\u0438\u044F \u0440\u0435\u0434 \u0438 \u0434\u0440\u0443\u0433\u0438\u0442\u0435 \u043A\u043B\u0438\u0435\u043D\u0442\u0438 \u043F\u043E\u0434\u0434\u044A\u0440\u0436\u0430\u0442 \u043D\u043E\u0432\u0438\u0442\u0435 \u043F\u0440\u043E\u0442\u043E\u043A\u043E\u043B\u0438, \u0441\u0438\u043B\u043D\u043E \u043F\u0440\u0435\u043F\u043E\u0440\u044A\u0447\u0432\u0430\u043C\u0435\
+ \u0434\u0430 \u0438\u0437\u043A\u043B\u044E\u0447\u0438\u0442\u0435 \u043E\u0441\u0442\u0430\u0440\u0435\u043B\u0438\u0442\u0435.
 # It may impact stability of the instance. \ 
 # If newer protocol versions are supported by all system components (agents, CLI and other clients), \ 
 # it is highly recommended to disable the deprecated protocols.
 Protocol\ Configuration=\
- \u041d\u0430\u0441\u0442\u0440\u043e\u0439\u0432\u0430\u043d\u0435 \u043d\u0430 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0438\u0442\u0435
+ <a href="{0}/configureSecurity">\u041D\u0430\u0441\u0442\u0440\u043E\u0439\u0432\u0430\u043D\u0435 \u043D\u0430 \u043F\u0440\u043E\u0442\u043E\u043A\u043E\u043B\u0438\u0442\u0435</a>.
+
diff --git a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_it.properties b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_it.properties
index ff100b58f5..6bf77dac47 100644
--- a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_it.properties
+++ b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_it.properties
@@ -20,9 +20,9 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Protocol\ Configuration=Configurazione protocollo
+Protocol\ Configuration=<a href="{0}/configureSecurity">Configurazione protocollo</a>.
 blurb=Quest''istanza di Jenkins utilizza protocolli deprecati: {0}. \
-    Ci� potrebbe influenzare la stabilit� dell''istanza. \
+    Ci\uFFFD potrebbe influenzare la stabilit\uFFFD dell''istanza. \
     Se le nuove versioni dei protocolli sono supportate da tutti i componenti di sistema (agenti, \
-    interfaccia da riga di comando e altri client), � fortemente raccomandato disabilitare i \
+    interfaccia da riga di comando e altri client), \uFFFD fortemente raccomandato disabilitare i \
     protocolli deprecati.
diff --git a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_zh_CN.properties b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_zh_CN.properties
index 5f6308a5c9..66d47e2c29 100644
--- a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_zh_CN.properties
+++ b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_zh_CN.properties
@@ -25,4 +25,4 @@ blurb=\u8BE5 Jenkins \u5B9E\u4F8B\u4F7F\u7528\u4E86\u5DF2\u5F03\u7528\u7684\u534
       \u5982\u679C\u66F4\u65B0\u7684\u534F\u8BAE\u7248\u672C\u5DF2\u7ECF\u652F\u6301\u4E86\u6240\u6709\u7684\u7CFB\u7EDF\u7EC4\u4EF6\uFF08\u4EE3\u7406\u3001\u547D\u4EE4\u884C\u4EE5\u53CA\u5176\u4ED6\u5BA2\u6237\u7AEF\uFF0C \
       \u5F3A\u70C8\u5EFA\u8BAE\u7981\u7528\u88AB\u5F03\u7528\u7684\u534F\u8BAE\u3002
 See=\u67E5\u770B
-Protocol\ Configuration=\u534F\u8BAE\u914D\u7F6E
+Protocol\ Configuration=<a href="{0}/configureSecurity">\u534F\u8BAE\u914D\u7F6E</a>\u3002
-- 
GitLab


From 43200c7de10c7db379b305d84a82b88c1eb6b909 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 21 May 2018 12:20:37 -0400
Subject: [PATCH 440/863] Avoid javadoc:aggregate.

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 53362e46b7..c32259af9c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -512,7 +512,7 @@ THE SOFTWARE.
           <arguments>-P release,sign</arguments>
           <!-- work around for a bug in javadoc plugin that causes the release to fail. see MRELEASE-271 -->
           <preparationGoals>clean install</preparationGoals>
-          <goals>-DskipTests -Danimal.sniffer.skip=false javadoc:javadoc deploy javadoc:aggregate</goals>
+          <goals>-DskipTests -Danimal.sniffer.skip=false javadoc:javadoc deploy</goals>
           <pushChanges>false</pushChanges>
           <localCheckout>true</localCheckout>
           <tagNameFormat>jenkins-@{project.version}</tagNameFormat>
-- 
GitLab


From 9966c5d479a7ef35b6e4171cf5f351121d66b097 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 21 May 2018 10:25:47 -0700
Subject: [PATCH 441/863] [maven-release-plugin] prepare release jenkins-2.124

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index aef267390b..56722994cb 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.124-SNAPSHOT</version>
+    <version>2.124</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 6dfd4f49a3..4358c2f06f 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.124-SNAPSHOT</version>
+    <version>2.124</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index e99c541e49..e1095f3777 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.124-SNAPSHOT</version>
+  <version>2.124</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.124</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 98b9076238..3e59c5c61a 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.124-SNAPSHOT</version>
+    <version>2.124</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index ae0c4c79bc..52b4281a19 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.124-SNAPSHOT</version>
+    <version>2.124</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From dfa76a2f3d2b05da3ca594d6d5409f9d83fe6ef5 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 21 May 2018 10:25:47 -0700
Subject: [PATCH 442/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 56722994cb..462543cc3f 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.124</version>
+    <version>2.125-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 4358c2f06f..02f60f484b 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.124</version>
+    <version>2.125-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index e1095f3777..bd0644eb14 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.124</version>
+  <version>2.125-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.124</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 3e59c5c61a..1f81795a3f 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.124</version>
+    <version>2.125-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 52b4281a19..4fc24c0c3e 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.124</version>
+    <version>2.125-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From ccd6455ed33919738f25cbbad3a01941553462e8 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 21 May 2018 10:31:33 -0700
Subject: [PATCH 443/863] mvn incrementals:reincrementalify

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 462543cc3f..d54dac5918 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.125-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 02f60f484b..0d5c3f2c27 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.125-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index bd0644eb14..b666d55c6d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.125-SNAPSHOT</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.123</revision>
+    <revision>2.125</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 1f81795a3f..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.125-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 4fc24c0c3e..d9980a0636 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.125-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 5ff1c08c7ba142684312885b372aac42e99165f0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20Gond=C5=BEa?= <ogondza@gmail.com>
Date: Tue, 22 May 2018 12:43:48 +0200
Subject: [PATCH 444/863] Update th ATH used for testing

---
 essentials.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/essentials.yml b/essentials.yml
index 7008eb14d6..22ce8eca21 100644
--- a/essentials.yml
+++ b/essentials.yml
@@ -1,6 +1,6 @@
 ---
 ath:
   useLocalSnapshots: false
-  athRevision: "d74f39e5ac369106876c20495031cd2499f3aa3a"
+  athRevision: "418902d61f8ed920e18f6cfaa701d37afc92739e"
   tests:
     - '*'
-- 
GitLab


From 7bef2e44aef54bc76235fee4970a52f6f0456f49 Mon Sep 17 00:00:00 2001
From: Devin Nusbaum <d.w.nusbaum@gmail.com>
Date: Tue, 22 May 2018 10:50:40 -0400
Subject: [PATCH 445/863] [JENKINS-51483] Remove erroneous entry in
 split-plugin-cycles.txt

---
 core/src/main/resources/jenkins/split-plugin-cycles.txt | 2 --
 1 file changed, 2 deletions(-)

diff --git a/core/src/main/resources/jenkins/split-plugin-cycles.txt b/core/src/main/resources/jenkins/split-plugin-cycles.txt
index cfa589d969..8c7871ef91 100644
--- a/core/src/main/resources/jenkins/split-plugin-cycles.txt
+++ b/core/src/main/resources/jenkins/split-plugin-cycles.txt
@@ -10,5 +10,3 @@ script-security command-launcher
 script-security matrix-auth
 script-security matrix-project
 script-security windows-slaves
-
-apache-httpcomponents-client-4-api jdk-tool
-- 
GitLab


From 0ca6238d6624673497c8364ce696d31931125694 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Thu, 24 May 2018 11:26:48 +0200
Subject: [PATCH 446/863] Address Devin's comment - change comparator null and
 counter parts - add unit test to cover this part of the comparison

---
 .../jenkins/security/ApiTokenProperty.java    |  4 +-
 .../security/apitoken/ApiTokenStats.java      | 17 ++--
 .../security/apitoken/ApiTokenStatsTest.java  | 90 ++++++++++++++++++-
 3 files changed, 101 insertions(+), 10 deletions(-)

diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index c32277806f..6f9e875180 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -51,6 +51,8 @@ import org.kohsuke.stapler.StaplerResponse;
 import java.io.IOException;
 import java.security.SecureRandom;
 import java.text.SimpleDateFormat;
+import java.time.ZonedDateTime;
+import java.time.format.DateTimeFormatter;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.Date;
@@ -472,7 +474,7 @@ public class ApiTokenProperty extends UserProperty {
             
             final String tokenName;
             if (StringUtils.isBlank(newTokenName)) {
-                tokenName = String.format("Token created on %s", new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssZ").format(new Date()));
+                tokenName = String.format("Token created on %s", DateTimeFormatter.ISO_OFFSET_DATE_TIME.format(ZonedDateTime.now()));
             }else{
                 tokenName = newTokenName;
             }
diff --git a/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
index e7bb9b1472..c87652e985 100644
--- a/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
@@ -29,7 +29,6 @@ import hudson.model.Saveable;
 import hudson.model.listeners.SaveableListener;
 
 import javax.annotation.Nonnull;
-import javax.annotation.Nullable;
 import java.io.File;
 import java.io.IOException;
 import java.time.Instant;
@@ -68,11 +67,14 @@ public class ApiTokenStats implements Saveable {
         if (this.tokenStats == null) {
             this.tokenStats = new ArrayList<>();
         } else {
-            keepLastUpdatedDuplicated();
+            keepLastUpdatedUnique();
         }
     }
     
-    private void keepLastUpdatedDuplicated() {
+    /**
+     * In case of duplicate entries, we keep only the last updated element
+     */
+    private void keepLastUpdatedUnique() {
         Map<String, SingleTokenStats> temp = new HashMap<>();
         this.tokenStats.forEach(candidate -> {
             SingleTokenStats current = temp.get(candidate.tokenUuid);
@@ -81,6 +83,7 @@ public class ApiTokenStats implements Saveable {
             } else {
                 int comparison = SingleTokenStats.COMP_BY_LAST_USE_THEN_COUNTER.compare(current, candidate);
                 if (comparison < 0) {
+                    // candidate was updated more recently (or has a bigger counter in case of perfectly equivalent dates)
                     temp.put(candidate.tokenUuid, candidate);
                 }
             }
@@ -200,6 +203,10 @@ public class ApiTokenStats implements Saveable {
     }
     
     public static class SingleTokenStats {
+        private static Comparator<SingleTokenStats> COMP_BY_LAST_USE_THEN_COUNTER =
+                Comparator.comparing(SingleTokenStats::getLastUseDate, Comparator.nullsFirst(Comparator.naturalOrder()))
+                        .thenComparing(SingleTokenStats::getUseCounter);
+        
         private final String tokenUuid;
         private Date lastUseDate;
         private Integer useCounter;
@@ -249,9 +256,5 @@ public class ApiTokenStats implements Saveable {
             deltaDays = Math.max(0, deltaDays);
             return deltaDays;
         }
-        
-        private static Comparator<SingleTokenStats> COMP_BY_LAST_USE_THEN_COUNTER =
-                Comparator.comparing(SingleTokenStats::getLastUseDate, Comparator.nullsLast(Comparator.naturalOrder()))
-                        .thenComparing(SingleTokenStats::getUseCounter, Comparator.reverseOrder());
     }
 }
diff --git a/core/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java b/core/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java
index 32cfe4b560..6649702190 100644
--- a/core/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java
+++ b/core/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java
@@ -37,10 +37,22 @@ import org.powermock.api.mockito.PowerMockito;
 import org.powermock.core.classloader.annotations.PrepareForTest;
 import org.powermock.modules.junit4.PowerMockRunner;
 
+import java.lang.reflect.Constructor;
 import java.lang.reflect.Field;
+import java.text.SimpleDateFormat;
+import java.time.LocalDate;
+import java.time.format.DateTimeFormatter;
 import java.time.temporal.ChronoUnit;
+import java.time.temporal.TemporalAccessor;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.Comparator;
 import java.util.Date;
+import java.util.List;
+import java.util.Random;
 import java.util.UUID;
+import java.util.stream.Collectors;
 
 import static org.hamcrest.Matchers.*;
 import static org.junit.Assert.assertEquals;
@@ -161,7 +173,7 @@ public class ApiTokenStatsTest {
     }
     
     @Test
-    public void resistentToDuplicatedUuid() throws Exception {
+    public void resistantToDuplicatedUuid() throws Exception {
         final String ID_1 = UUID.randomUUID().toString();
         final String ID_2 = UUID.randomUUID().toString();
         final String ID_3 = UUID.randomUUID().toString();
@@ -183,7 +195,7 @@ public class ApiTokenStatsTest {
         { // replace the ID_1 with ID_2 in the file
             XmlFile statsFile = ApiTokenStats.getConfigFile(tmp.getRoot());
             String content = FileUtils.readFileToString(statsFile.getFile());
-            // now there are two time the same id in the file with different stats
+            // now there are multiple times the same id in the file with different stats
             String newContentWithDuplicatedId = content.replace(ID_1, ID_2).replace(ID_3, ID_2);
             FileUtils.write(statsFile.getFile(), newContentWithDuplicatedId);
         }
@@ -204,6 +216,80 @@ public class ApiTokenStatsTest {
         }
     }
     
+    @Test
+    public void resistantToDuplicatedUuid_withNull() throws Exception {
+        final String ID = "ID";
+        
+        { // prepare
+            List<ApiTokenStats.SingleTokenStats> tokenStatsList = Arrays.asList(
+                    /* A */ createSingleTokenStatsByReflection(ID, null, 0),
+                    /* B */ createSingleTokenStatsByReflection(ID, "2018-05-01 09:10:59.234", 2),
+                    /* C */ createSingleTokenStatsByReflection(ID, "2018-05-01 09:10:59.234", 3),
+                    /* D */ createSingleTokenStatsByReflection(ID, "2018-05-01 09:10:59.235", 1)
+            );
+            
+            ApiTokenStats stats = new ApiTokenStats();
+            Field field = ApiTokenStats.class.getDeclaredField("tokenStats");
+            field.setAccessible(true);
+            field.set(stats, tokenStatsList);
+            
+            stats.setParent(tmp.getRoot());
+            stats.save();
+        }
+        { // reload to see the effect
+            ApiTokenStats stats = ApiTokenStats.load(tmp.getRoot());
+            ApiTokenStats.SingleTokenStats tokenStats = stats.findTokenStatsById(ID);
+            // must be D (as it was the last updated one)
+            assertThat(tokenStats.getUseCounter(), equalTo(1));
+        }
+    }
+    
+    @Test
+    @SuppressWarnings("unchecked")
+    public void testInternalComparator() throws Exception {
+        List<ApiTokenStats.SingleTokenStats> tokenStatsList = Arrays.asList(
+                createSingleTokenStatsByReflection("A", null, 0),
+                createSingleTokenStatsByReflection("B", "2018-05-01 09:10:59.234", 2),
+                createSingleTokenStatsByReflection("C", "2018-05-01 09:10:59.234", 3),
+                createSingleTokenStatsByReflection("D", "2018-05-01 09:10:59.235", 1)
+        );
+    
+        Field field = ApiTokenStats.SingleTokenStats.class.getDeclaredField("COMP_BY_LAST_USE_THEN_COUNTER");
+        field.setAccessible(true);
+        Comparator<ApiTokenStats.SingleTokenStats> comparator = (Comparator<ApiTokenStats.SingleTokenStats>) field.get(null);
+    
+        // to be not impacted by the declaration order
+        Collections.shuffle(tokenStatsList, new Random(42));
+        tokenStatsList.sort(comparator);
+    
+        List<String> idList = tokenStatsList.stream()
+                .map(ApiTokenStats.SingleTokenStats::getTokenUuid)
+                .collect(Collectors.toList());
+    
+        assertThat(idList, contains("A", "B", "C", "D"));
+    }
+    
+    private ApiTokenStats.SingleTokenStats createSingleTokenStatsByReflection(String uuid, String dateString, Integer counter) throws Exception {
+        Class<ApiTokenStats.SingleTokenStats> clazz = ApiTokenStats.SingleTokenStats.class;
+        Constructor<ApiTokenStats.SingleTokenStats> constructor = clazz.getDeclaredConstructor(String.class);
+        constructor.setAccessible(true);
+        
+        ApiTokenStats.SingleTokenStats result = constructor.newInstance(uuid);
+    
+        {
+            Field field = clazz.getDeclaredField("useCounter");
+            field.setAccessible(true);
+            field.set(result, counter);
+        }
+        if(dateString != null){
+            Field field = clazz.getDeclaredField("lastUseDate");
+            field.setAccessible(true);
+            field.set(result, new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").parse(dateString));
+        }
+        
+        return result;
+    }
+    
     @Test
     public void testDayDifference() throws Exception {
         final String ID = UUID.randomUUID().toString();
-- 
GitLab


From 7bd6d1e80c40fc2117ab713bd9e3d9e7707dd394 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Tue, 8 May 2018 12:04:18 -0400
Subject: [PATCH 447/863] [JENKINS-51205] Improve performance of
 /pluginManager/available service.

(cherry picked from commit 3b61b96119b9fd8c80b1fa79a19f8f770af434b7)
---
 core/src/main/java/hudson/PluginManager.java  | 14 +++++
 .../main/java/hudson/model/UpdateSite.java    | 52 +++++++++++--------
 .../hudson/PluginManager/table.jelly          |  5 +-
 3 files changed, 48 insertions(+), 23 deletions(-)

diff --git a/core/src/main/java/hudson/PluginManager.java b/core/src/main/java/hudson/PluginManager.java
index 7ffbbf40d9..2314514ea0 100644
--- a/core/src/main/java/hudson/PluginManager.java
+++ b/core/src/main/java/hudson/PluginManager.java
@@ -144,6 +144,7 @@ import java.io.ByteArrayInputStream;
 import java.net.JarURLConnection;
 import java.net.URLConnection;
 import java.util.ServiceLoader;
+import java.util.function.Supplier;
 import java.util.jar.JarEntry;
 
 import static java.util.logging.Level.FINE;
@@ -1816,6 +1817,19 @@ public abstract class PluginManager extends AbstractModelObject implements OnMas
         return requestedPlugins;
     }
 
+    @Restricted(DoNotUse.class) // table.jelly
+    public MetadataCache createCache() {
+        return new MetadataCache();
+    }
+
+    @Restricted(NoExternalUse.class) // table.jelly
+    public static final class MetadataCache {
+        private final Map<String, Object> data = new HashMap<>();
+        public <T> T of(String key, Class<T> type, Supplier<T> func) {
+            return type.cast(data.computeIfAbsent(key, _ignored -> func.get()));
+        }
+    }
+
     /**
      * {@link ClassLoader} that can see all plugins.
      */
diff --git a/core/src/main/java/hudson/model/UpdateSite.java b/core/src/main/java/hudson/model/UpdateSite.java
index 5771bf1e54..e19ac35d9b 100644
--- a/core/src/main/java/hudson/model/UpdateSite.java
+++ b/core/src/main/java/hudson/model/UpdateSite.java
@@ -120,11 +120,6 @@ public class UpdateSite {
      */
     private transient volatile long retryWindow;
 
-    /**
-     * lastModified time of the data file when it was last read.
-     */
-    private transient long dataLastReadFromFile;
-
     /**
      * Latest data as read from the data file.
      */
@@ -226,6 +221,7 @@ public class UpdateSite {
         LOGGER.info("Obtained the latest update center data file for UpdateSource " + id);
         retryWindow = 0;
         getDataFile().write(json);
+        data = new Data(o);
         return FormValidation.ok();
     }
 
@@ -309,23 +305,20 @@ public class UpdateSite {
     public HttpResponse doInvalidateData() {
         Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
         dataTimestamp = 0;
+        data = null;
         return HttpResponses.ok();
     }
 
     /**
-     * Loads the update center data, if any and if modified since last read.
+     * Loads the update center data, if any.
      *
      * @return  null if no data is available.
      */
     public Data getData() {
-        TextFile df = getDataFile();
-        if (df.exists() && dataLastReadFromFile != df.file.lastModified()) {
+        if (data == null) {
             JSONObject o = getJSONObject();
-            if (o!=null) {
+            if (o != null) {
                 data = new Data(o);
-                dataLastReadFromFile = df.file.lastModified();
-            } else {
-                data = null;
             }
         }
         return data;
@@ -1094,10 +1087,19 @@ public class UpdateSite {
         }
 
         public boolean isNeededDependenciesForNewerJenkins() {
-            for (Plugin p: getNeededDependencies()) {
-                if (p.isForNewerHudson() || p.isNeededDependenciesForNewerJenkins()) return true;
-            }
-            return false;
+            return isNeededDependenciesForNewerJenkins(new PluginManager.MetadataCache());
+        }
+
+        @Restricted(NoExternalUse.class) // table.jelly
+        public boolean isNeededDependenciesForNewerJenkins(PluginManager.MetadataCache cache) {
+            return cache.of("isNeededDependenciesForNewerJenkins:" + name, Boolean.class, () -> {
+                for (Plugin p : getNeededDependencies()) {
+                    if (p.isForNewerHudson() || p.isNeededDependenciesForNewerJenkins()) {
+                        return true;
+                    }
+                }
+                return false;
+            });
         }
 
         /**
@@ -1109,11 +1111,19 @@ public class UpdateSite {
          * specified, it'll return true.
          */
         public boolean isNeededDependenciesCompatibleWithInstalledVersion() {
-            for (Plugin p: getNeededDependencies()) {
-                if (!p.isCompatibleWithInstalledVersion() || !p.isNeededDependenciesCompatibleWithInstalledVersion())
-                    return false;
-            }
-            return true;
+            return isNeededDependenciesCompatibleWithInstalledVersion(new PluginManager.MetadataCache());
+        }
+
+        @Restricted(NoExternalUse.class) // table.jelly
+        public boolean isNeededDependenciesCompatibleWithInstalledVersion(PluginManager.MetadataCache cache) {
+            return cache.of("isNeededDependenciesCompatibleWithInstalledVersion:" + name, Boolean.class, () -> {
+                for (Plugin p : getNeededDependencies()) {
+                    if (!p.isCompatibleWithInstalledVersion() || !p.isNeededDependenciesCompatibleWithInstalledVersion()) {
+                        return false;
+                    }
+                }
+                return true;
+            });
         }
 
         /**
diff --git a/core/src/main/resources/hudson/PluginManager/table.jelly b/core/src/main/resources/hudson/PluginManager/table.jelly
index 52fed76549..26dafbc2fc 100644
--- a/core/src/main/resources/hudson/PluginManager/table.jelly
+++ b/core/src/main/resources/hudson/PluginManager/table.jelly
@@ -72,6 +72,7 @@ THE SOFTWARE.
             <j:choose>
               <j:when test="${!empty(list)}">
                 <j:set var="lastCat" value="" />
+                <j:set var="cache" value="${it.createCache()}"/>
                 <j:forEach var="p" items="${list}">
                   <j:if test="${!isUpdates}">
                     <j:set var="thisCat" value="${p.category}" />
@@ -105,10 +106,10 @@ THE SOFTWARE.
                       <j:if test="${p.isForNewerHudson()}">
                         <div class="compatWarning">${%coreWarning(p.requiredCore)}</div>
                       </j:if>
-                      <j:if test="${!p.isNeededDependenciesCompatibleWithInstalledVersion()}">
+                      <j:if test="${!p.isNeededDependenciesCompatibleWithInstalledVersion(cache)}">
                         <div class="compatWarning">${%depCompatWarning}</div>
                       </j:if>
-                      <j:if test="${p.isNeededDependenciesForNewerJenkins()}">
+                      <j:if test="${p.isNeededDependenciesForNewerJenkins(cache)}">
                         <div class="compatWarning">${%depCoreWarning(p.getNeededDependenciesRequiredCore().toString())}</div>
                       </j:if>
                       <j:if test="${p.hasWarnings()}">
-- 
GitLab


From eac53dcf7282e2faf57be3d2bd740727cfdbd2ec Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Fri, 25 May 2018 11:50:40 +0200
Subject: [PATCH 448/863] Address Devin's rewording points

---
 .../ApiTokenProperty/config.properties        |  6 ++--
 .../ApiTokenProperty/help-tokenStore.html     |  4 +--
 .../jenkins/security/Messages.properties      |  1 -
 .../config.jelly                              |  6 ++--
 .../config.properties                         |  3 ++
 .../help-creationOfLegacyTokenEnabled.html    |  6 ++--
 ...help-tokenGenerationOnCreationEnabled.html |  6 ++--
 .../help-usageStatisticsEnabled.html          |  7 ++--
 .../message.jelly                             |  2 +-
 .../message.properties                        |  6 ++--
 .../message.jelly                             |  2 +-
 .../message.properties                        |  6 ++--
 .../manage.properties                         | 32 +++++++++----------
 .../message.properties                        |  4 +--
 14 files changed, 49 insertions(+), 42 deletions(-)
 create mode 100644 core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config.properties

diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
index 07d50d6cbd..fc6b26c4d7 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
@@ -4,12 +4,12 @@ GenerateNewToken=Generate
 NoTokenYet=There is no registered token for this user
 TokenLastUse=Used <b>{0}</b> time(s), last time was <b>{1}</b> day(s) ago
 StatisticsDisabled=No statistics available
-StatisticsDisabled.Title=The current configuration disables the statistics about token usage
+StatisticsDisabled.Title=Token usage statistics are currently disabled
 TokenNeverUsed=Never used
-TokenNeverUsed.Title=If you do not plan to use it, we strongly advice you to revoke it for security reasons
+TokenNeverUsed.Title=We strongly recommend that you revoke tokens which you do not plan to use
 ConfirmRevokeSingle=Are you sure you want to revoke this token ? Applications that are using it will be not able to connect anymore.
 CurrentTokens=Current token(s)
 TokenCreation=Created {0} day(s) ago
 RenameToken=Save the new name of the token
-LegacyToken=We strongly recommend you to revoke this Legacy API Token as it is not as secure as the others
+LegacyToken=We strongly recommend that you revoke this legacy token and replace it with a newly generated token for increased security.
 NoLegacyToken=The user does not have a legacy token
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/help-tokenStore.html b/core/src/main/resources/jenkins/security/ApiTokenProperty/help-tokenStore.html
index 6c0258d8e8..5ad5670b81 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/help-tokenStore.html
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/help-tokenStore.html
@@ -1,11 +1,11 @@
 <div>
-    The API tokens can be used for authenticating yourself in the REST API call.
+    API tokens offer a way to make authenticated CLI or REST API calls.
     See <a href="https://jenkins.io/redirect/api-token">our wiki</a> for more details.<br/>
     The username associated with each token is your Jenkins username.<br/>
     <br/>
     Some good practices for keeping your API tokens secure are:
     <ul>
-        <li>Use a different token for each application (if one application is compromised, you do not lose data from other)</li>
+        <li>Use a different token for each application so that if an application is compromised you can revoke its token individually.</li>
         <li>Regenerate the tokens every 6 months (depending on your context). We put an indicator concerning the age of the token.</li>
         <li>Protect it like your password, as it allows other people to access Jenkins as you.</li>
     </ul>
diff --git a/core/src/main/resources/jenkins/security/Messages.properties b/core/src/main/resources/jenkins/security/Messages.properties
index b74f76c49d..4e5ed11db2 100644
--- a/core/src/main/resources/jenkins/security/Messages.properties
+++ b/core/src/main/resources/jenkins/security/Messages.properties
@@ -25,7 +25,6 @@ ApiTokenProperty.ChangeToken.TokenIsHidden=Token is hidden
 ApiTokenProperty.ChangeToken.Success=<div>Updated. See the new token in the field above</div>
 ApiTokenProperty.ChangeToken.SuccessHidden=<div>Updated. You need to login as the user to see the token</div>
 ApiTokenProperty.ChangeToken.CapabilityNotAllowed=<div>Capability to generate a legacy token without an existing one is currently disabled in the security configuration</div>
-ApiTokenProperty.NewTokenGenerated=<div class="success">Token generated! <code>The value will not be displayed </code>anymore, please save it.</div>
 ApiTokenProperty.LegacyTokenName=Legacy Token
 ApiTokenProperty.NoLegacyToken=This user currently does not have a legacy token
 RekeySecretAdminMonitor.DisplayName=Re-keying
diff --git a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config.jelly b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config.jelly
index 65c17189f5..1bff873855 100644
--- a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config.jelly
+++ b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config.jelly
@@ -27,13 +27,13 @@ THE SOFTWARE.
 <j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form">
     <f:section title="${%API Token}">
         <f:entry field="tokenGenerationOnCreationEnabled">
-            <f:checkbox title="${%Enable generation of Legacy API Token on user creation}"/>
+            <f:checkbox title="${%tokenGenerationOnCreationEnabled}"/>
         </f:entry>
         <f:entry field="creationOfLegacyTokenEnabled">
-            <f:checkbox title="${%Enable capability of user without Legacy API Token to create new one}"/>
+            <f:checkbox title="${%creationOfLegacyTokenEnabled}"/>
         </f:entry>
         <f:entry field="usageStatisticsEnabled">
-            <f:checkbox title="${%Enable usage statistics on the API Token to help users knowing if they have unused / old token}"/>
+            <f:checkbox title="${%usageStatisticsEnabled}"/>
         </f:entry>
     </f:section>
 </j:jelly>
diff --git a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config.properties b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config.properties
new file mode 100644
index 0000000000..0661597a6c
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config.properties
@@ -0,0 +1,3 @@
+tokenGenerationOnCreationEnabled=Generate a legacy API token for each newly created user (Not recommended)
+creationOfLegacyTokenEnabled=Allow users to manually create a legacy API token (Not recommended)
+usageStatisticsEnabled=Enable API Token usage statistics
diff --git a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-creationOfLegacyTokenEnabled.html b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-creationOfLegacyTokenEnabled.html
index 578047e45c..761f0f521a 100644
--- a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-creationOfLegacyTokenEnabled.html
+++ b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-creationOfLegacyTokenEnabled.html
@@ -1,5 +1,5 @@
 <div>
-    Even if this is disabled (recommended for security reasons), the users are still able to generate new tokens
-    themselves on their configure page using the new system.<br/>
-    It affects only the legacy tokens that are now <strong>deprecated</strong>.
+    This option allows users to generate a legacy API token if they do not already have one. 
+    Because legacy tokens are <strong>deprecated</strong>, we recommend disabling it and having users instead generate 
+    new API tokens from the user configuration page.
 </div>
diff --git a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-tokenGenerationOnCreationEnabled.html b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-tokenGenerationOnCreationEnabled.html
index d8b25ae6f9..f56b1a1d61 100644
--- a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-tokenGenerationOnCreationEnabled.html
+++ b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-tokenGenerationOnCreationEnabled.html
@@ -1,5 +1,5 @@
 <div>
-    If this capability is disabled (recommended for security reasons), the users will be forced to use the new system of API token. <br/>
-    This behavior was the legacy one used until the new system was implemented.
-    It affects only the legacy tokens that are now <strong>deprecated</strong>.
+    This option causes a legacy API token to be generated automatically for newly created users. 
+    Because legacy tokens are <strong>deprecated</strong>, we recommend disabling it and having users instead generate 
+    new API tokens from the user configuration page as needed.
 </div>
diff --git a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-usageStatisticsEnabled.html b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-usageStatisticsEnabled.html
index ba6ca31c0e..cf5baf744d 100644
--- a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-usageStatisticsEnabled.html
+++ b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/help-usageStatisticsEnabled.html
@@ -1,7 +1,8 @@
 <div>
-    When a user is authenticated by an API Token, its usage counter is incremented and its last usage date updated.
+    If this option is enabled, then the date of the most recent use of each API token and the total number of times 
+    it has been used are stored in Jenkins. 
+    This allows users to see if they have unused or outdated API tokens which should be revoked.
     <br />
     
-    This allows users to have better understanding on which token are often used or potentially was never used or too long ago. 
-    This could be a good signal for revocation.
+    This data is stored in your Jenkins instance and will not be used for any other purpose.
 </div>
diff --git a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.jelly b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.jelly
index bcae352386..923a29aa38 100644
--- a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.jelly
+++ b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.jelly
@@ -25,7 +25,7 @@ THE SOFTWARE.
 <j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form">
     <div class="alert alert-warning">
         <form method="post" action="${rootURL}/${it.url}/act" name="${it.id}">
-            <f:submit name="yes" value="${%Disable legacy generation by default}"/>
+            <f:submit name="yes" value="${%Disable automatic generation of legacy API tokens}"/>
             <f:submit name="no" value="${%Dismiss}"/>
         </form>
         ${%warningMessage}
diff --git a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.properties b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.properties
index 71e8f0ab02..4f5e431354 100644
--- a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.properties
+++ b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message.properties
@@ -1,2 +1,4 @@
-warningMessage=A Legacy API Token is currently generated when a new user is created. <br />\
-  This behavior is just implemented to help users migrate at their own pace but not meant for long-term use.
+warningMessage=A legacy API token will be generated automatically for newly created users.<br/>\
+  This behavior is supported for backwards compatibility, but legacy API tokens are deprecated and \
+  are not recommended for long-term use.<br/>\
+  Users should instead generate API tokens as needed from the user configuration page.
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.jelly b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.jelly
index bb25a29b2e..2d57564a47 100644
--- a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.jelly
+++ b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.jelly
@@ -25,7 +25,7 @@ THE SOFTWARE.
 <j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form">
     <div class="alert alert-warning">
         <form method="post" action="${rootURL}/${it.url}/act" name="${it.id}">
-            <f:submit name="yes" value="${%Disable that capability}"/>
+            <f:submit name="yes" value="${%Prevent users from manually creating legacy API tokens}"/>
             <f:submit name="no" value="${%Dismiss}"/>
         </form>
         ${%warningMessage}
diff --git a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.properties b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.properties
index 0221fc76ee..db8dbe7b63 100644
--- a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.properties
+++ b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message.properties
@@ -1,2 +1,4 @@
-warningMessage=Users without Legacy API Token have the capability to create new Legacy API Token. <br />\
-  This behavior is just implemented to help users migrate at their own pace but not meant for long-term use.
+warningMessage=Users without legacy API tokens are able to generate a new legacy token.<br/>\
+  This behavior is supported for backwards compatibility, but legacy API tokens are deprecated and \
+  are not recommended for long-term use.<br/>\
+  Users should instead generate API tokens as needed from the user configuration page.
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
index 52b7a61c49..2f07d45c09 100644
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
@@ -1,13 +1,13 @@
 title=Manage Legacy API Token usage
-contextMessage=The following users are using Legacy API Token. \
-As that old system stores the credentials in a recoverable format, it is strongly advised to migrate to the new system.<br /> \
-In previous versions of Jenkins, the creation of a new user implied to the generation of an Legacy API Token. \
-Often majority of users are not using that token and so provide a larger potential attack surface than required.<br /> \
-From now, the automatic generation of token is determined by configuration.
+contextMessage=The following users have a legacy API token. \
+  Because legacy tokens are stored in a recoverable format, we recommend migrating to the new API token system. \
+  Additionally, in previous version of Jenkins, API tokens were automatically created for every new user. \
+  Often, users did not use the token, resulting in a larger attack surface than necessary. \
+  Automatic token generation must now be enabled explicitly.
 recommendationMessage=For such reasons, we recommend to: \
 <ul>\
   <li>revoke the tokens that were never used and</li>\
-  <li>ask users that are effectively using their legacy token to generate a new token using the new system and revoking the legacy one</li>\
+  <li>ask users that are currently using their legacy token to generate a token using the new system and revoke their legacy token</li>\
 </ul>
 UserId=User Id
 UserFullName=User full name
@@ -16,18 +16,18 @@ NumDaysSinceCreation=Days since creation
 NumOfUse=# of use
 NumDaysSinceLastUse=Days since last use
 HasFreshToken=Fresh token?
-HasFreshToken_tooltip=A fresh token is a token from the new system \
-that was created after the last use of the legacy token. \n\n\
-Also it is important to notice that legacy token's creation date is reset \n\
-every time the instance is restarted if they were never saved before. So it was never used, the date is not really accurate.
+HasFreshToken_tooltip=A fresh token is one that was created using the new system\n\
+  after the most recent use of the user's legacy token. \n\n\
+  Note: the creation date of legacy tokens which have never been used are reset every time Jenkins is restarted, \n\
+  which means that the date may be inaccurate.
 HasMoreRecentlyUsedToken=Recent token?
-HasMoreRecentlyUsedToken_tooltip=A recently used token is a token from the new system \
-that was used the last time after the last use of the legacy token. \n\n\
-Also it is important to notice that legacy token's creation date is reset \n\
-every time the instance is restarted if they were never saved before.
-NoImpactedUser=There are no users with legacy token
+HasMoreRecentlyUsedToken_tooltip=A recently used token is one that was created using the new system \n\
+  and used more recently than the user's legacy token. \n\n\
+  Note: the creation date of legacy tokens which have never been used are reset every time Jenkins is restarted, \n\
+  which means that the date may be inaccurate.
+NoImpactedUser=There are no users with a legacy token
 NoCreationDate=There is no creation date for that token
 NoLastUse=There is no last use date for that token
 RevokeAllSelected=Revoke the selected token(s)
 RevokeAllSelected_confirm=Are you sure about revoking all %num% selected token(s)
-RevokeAllSelected_nothing=No token is selected, please select at least one to do the revocation
\ No newline at end of file
+RevokeAllSelected_nothing=No token is selected, please select at least one to revoke
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message.properties b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message.properties
index 9c771e99e3..54ce453f9f 100644
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message.properties
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message.properties
@@ -1,3 +1,3 @@
-warningMessage=There are users that are still using Legacy API Token. \
-  That system is not as secured as the new one because it stores the token in a recoverable manner on the disk. <br />\
+warningMessage=There are users that are still using a legacy API token. \
+  That system is not as secure as the new one because it stores the token in a recoverable manner on the disk. <br />\
   See <a href="{0}/{1}/manage">list of impacted users</a>.
-- 
GitLab


From f258aff7a736a81306ecb7d3c56cacc9b3a09a68 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Reinhold=20F=C3=BCreder?= <reinholdfuereder@gmx.at>
Date: Sat, 26 May 2018 13:38:58 +0200
Subject: [PATCH 449/863] [JENKINS-27329] Less aggressive
 WorkspaceCleanupThread (#3444)

* JENKINS-27329 Less aggressive WorkspaceCleanupThread

I dare to claim that the default behaviour of WorkspaceCleanupThread is too aggressive => this little change is by no means perfect (or admittedly even far from perfect), but IMHO a saner or slightly more defensive default behaviour.

Mind that according to https://github.com/jenkinsci/jenkins/blob/9e64bcdcb4a2cf12d59dfa334e09ffb448d361e9/core/src/main/java/hudson/model/Job.java#L301 this "only" checks whether or not the last build of a job is in progress, while the JavaDoc says "Returns true if a build of this project is in progress." (cf. http://javadoc.jenkins-ci.org/hudson/model/Job.html#isBuilding--)

* Fix compilation

* Dummy commit to trigger pipeline

Previous pipeline execution (https://ci.jenkins.io/blue/organizations/jenkins/Core%2Fjenkins/detail/PR-3444/2/tests) failed with one failing test that at first glance appears to be unrelated with my change(s) and looks like a flaky test?

* Add fine logging message
---
 .../main/java/hudson/model/WorkspaceCleanupThread.java   | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/core/src/main/java/hudson/model/WorkspaceCleanupThread.java b/core/src/main/java/hudson/model/WorkspaceCleanupThread.java
index 0a01a5f28f..8c55c2bc4d 100644
--- a/core/src/main/java/hudson/model/WorkspaceCleanupThread.java
+++ b/core/src/main/java/hudson/model/WorkspaceCleanupThread.java
@@ -139,6 +139,15 @@ public class WorkspaceCleanupThread extends AsyncPeriodicWork {
             }
         }
 
+        // TODO this may only check the last build in fact:
+        if (item instanceof Job<?,?>) {
+            Job<?,?> j = (Job<?,?>) item;
+            if (j.isBuilding()) {
+                LOGGER.log(Level.FINE, "Job {0} is building, so not deleting", item.getFullDisplayName());
+                return false;
+            }
+        }
+
         LOGGER.log(Level.FINER, "Going to delete directory {0}", dir);
         return true;
     }
-- 
GitLab


From 9680086f6885b0e390367e9f98f405d8f16e3b81 Mon Sep 17 00:00:00 2001
From: suren <zxjlwt@126.com>
Date: Sat, 26 May 2018 19:44:06 +0800
Subject: [PATCH 450/863] export slave remote fs for json api (#3206)

* export slave remove fs for json api

* Check permission for getAbsoluteRemotePath api

* Add @Restricted annotation

* Modify slaveComputer permission check

* Add javadoc

* Revert for squashed imports

* Add unit test for method 'getAbsoluteRemotePath'

* Change assert to Junit.Assert

* Add webClient test case

* Fix code style

* Fix javadoc

* Use more canonical way to test

* Remove super interface Serializable

* Change to way to determine whether ths json value is null
---
 .../java/hudson/slaves/SlaveComputer.java     | 23 +++++
 .../java/hudson/slaves/SlaveComputerTest.java | 95 +++++++++++++++++++
 2 files changed, 118 insertions(+)
 create mode 100644 test/src/test/java/hudson/slaves/SlaveComputerTest.java

diff --git a/core/src/main/java/hudson/slaves/SlaveComputer.java b/core/src/main/java/hudson/slaves/SlaveComputer.java
index c1b5166e71..763272df9c 100644
--- a/core/src/main/java/hudson/slaves/SlaveComputer.java
+++ b/core/src/main/java/hudson/slaves/SlaveComputer.java
@@ -60,12 +60,15 @@ import jenkins.slaves.systemInfo.SlaveSystemInfo;
 import jenkins.util.SystemProperties;
 import org.acegisecurity.context.SecurityContext;
 import org.acegisecurity.context.SecurityContextHolder;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.DoNotUse;
 import org.kohsuke.stapler.HttpRedirect;
 import org.kohsuke.stapler.HttpResponse;
 import org.kohsuke.stapler.QueryParameter;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.StaplerResponse;
 import org.kohsuke.stapler.WebMethod;
+import org.kohsuke.stapler.export.Exported;
 import org.kohsuke.stapler.interceptor.RequirePOST;
 
 import javax.annotation.CheckForNull;
@@ -473,6 +476,26 @@ public class SlaveComputer extends Computer {
         return channel == null ? null : absoluteRemoteFs;
     }
 
+    /**
+     * Just for restFul api.
+     * Returns the remote FS root absolute path or {@code null} if the agent is off-line. The absolute path may change
+     * between connections if the connection method does not provide a consistent working directory and the node's
+     * remote FS is specified as a relative path.
+     * @see #getAbsoluteRemoteFs()
+     * @return the remote FS root absolute path or {@code null} if the agent is off-line or don't have connect permission.
+     * @since TODO
+     */
+    @Exported
+    @Restricted(DoNotUse.class)
+    @CheckForNull
+    public String getAbsoluteRemotePath() {
+        if(hasPermission(CONNECT)) {
+            return getAbsoluteRemoteFs();
+        } else {
+            return null;
+        }
+    }
+
     static class LoadingCount extends MasterToSlaveCallable<Integer,RuntimeException> {
         private final boolean resource;
         LoadingCount(boolean resource) {
diff --git a/test/src/test/java/hudson/slaves/SlaveComputerTest.java b/test/src/test/java/hudson/slaves/SlaveComputerTest.java
new file mode 100644
index 0000000000..77e391c534
--- /dev/null
+++ b/test/src/test/java/hudson/slaves/SlaveComputerTest.java
@@ -0,0 +1,95 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, suren <zxjlwt@126.com>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package hudson.slaves;
+
+import com.gargoylesoftware.htmlunit.WebResponse;
+import hudson.model.*;
+import hudson.security.ACL;
+import hudson.security.ACLContext;
+import jenkins.model.Jenkins;
+import net.sf.json.JSONNull;
+import net.sf.json.JSONObject;
+import org.junit.Assert;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.MockAuthorizationStrategy;
+import org.xml.sax.SAXException;
+
+import java.io.IOException;
+
+/**
+ * @author suren
+ */
+public class SlaveComputerTest {
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+
+    @Test
+    public void testGetAbsoluteRemotePath() throws Exception {
+        Node nodeA = j.createOnlineSlave();
+        String path = ((DumbSlave) nodeA).getComputer().getAbsoluteRemotePath();
+        Assert.assertNotNull(path);
+        Assert.assertEquals(getRemoteFS(nodeA, null), path);
+
+        String userAlice = "alice";
+        MockAuthorizationStrategy authStrategy = new MockAuthorizationStrategy();
+        authStrategy.grant(Computer.CONFIGURE, Jenkins.READ).everywhere().to(userAlice);
+
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        j.jenkins.setAuthorizationStrategy(authStrategy);
+        try(ACLContext context = ACL.as(User.getById(userAlice, true))) {
+            nodeA = j.createOnlineSlave();
+            path = ((DumbSlave) nodeA).getComputer().getAbsoluteRemotePath();
+            Assert.assertNull(path);
+            Assert.assertNull(getRemoteFS(nodeA, userAlice));
+        }
+    }
+
+    /**
+     * Get remote path through json api
+     * @param node slave node
+     * @param user the user for webClient
+     * @return remote path
+     * @throws IOException in case of communication problem.
+     * @throws SAXException in case of config format problem.
+     */
+    private String getRemoteFS(Node node, String user) throws Exception {
+        JenkinsRule.WebClient wc = j.createWebClient();
+        if(user != null) {
+            wc.login(user);
+        }
+
+        WebResponse response = wc.goTo("computer/" + node.getNodeName() + "/api/json",
+                "application/json").getWebResponse();
+        JSONObject json = JSONObject.fromObject(response.getContentAsString());
+
+        Object pathObj = json.get("absoluteRemotePath");
+        if(pathObj instanceof JSONNull) {
+            return null; // the value is null in here
+        } else {
+            return pathObj.toString();
+        }
+    }
+}
\ No newline at end of file
-- 
GitLab


From 5d39ece24fa79a52e09db8694db28087a0716cc0 Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Sat, 26 May 2018 20:56:04 +0800
Subject: [PATCH 451/863] Supplement test case and clean to code

---
 .../test/java/hudson/slaves/SlaveComputerTest.java   | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/test/src/test/java/hudson/slaves/SlaveComputerTest.java b/test/src/test/java/hudson/slaves/SlaveComputerTest.java
index 77e391c534..637e0c966b 100644
--- a/test/src/test/java/hudson/slaves/SlaveComputerTest.java
+++ b/test/src/test/java/hudson/slaves/SlaveComputerTest.java
@@ -48,11 +48,13 @@ public class SlaveComputerTest {
 
     @Test
     public void testGetAbsoluteRemotePath() throws Exception {
+        //default auth
         Node nodeA = j.createOnlineSlave();
         String path = ((DumbSlave) nodeA).getComputer().getAbsoluteRemotePath();
         Assert.assertNotNull(path);
         Assert.assertEquals(getRemoteFS(nodeA, null), path);
 
+        //not auth
         String userAlice = "alice";
         MockAuthorizationStrategy authStrategy = new MockAuthorizationStrategy();
         authStrategy.grant(Computer.CONFIGURE, Jenkins.READ).everywhere().to(userAlice);
@@ -60,11 +62,19 @@ public class SlaveComputerTest {
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
         j.jenkins.setAuthorizationStrategy(authStrategy);
         try(ACLContext context = ACL.as(User.getById(userAlice, true))) {
-            nodeA = j.createOnlineSlave();
             path = ((DumbSlave) nodeA).getComputer().getAbsoluteRemotePath();
             Assert.assertNull(path);
             Assert.assertNull(getRemoteFS(nodeA, userAlice));
         }
+
+        //with auth
+        String userBob = "bob";
+        authStrategy.grant(Computer.CONNECT, Jenkins.READ).everywhere().to(userBob);
+        try(ACLContext context = ACL.as(User.getById(userBob, true))) {
+            path = ((DumbSlave) nodeA).getComputer().getAbsoluteRemotePath();
+            Assert.assertNotNull(path);
+            Assert.assertNotNull(getRemoteFS(nodeA, userBob));
+        }
     }
 
     /**
-- 
GitLab


From 83420bcb3e90824ae3a9057caf47906cbde87abb Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Mon, 28 May 2018 00:18:50 -0400
Subject: [PATCH 452/863] grammar improvements for patternJobNamingStrategy

whether or not
conform ... conforms
---
 .../webapp/help/system-config/patternJobNamingStrategy.html   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/war/src/main/webapp/help/system-config/patternJobNamingStrategy.html b/war/src/main/webapp/help/system-config/patternJobNamingStrategy.html
index 8f25cb7e25..c7551c0324 100644
--- a/war/src/main/webapp/help/system-config/patternJobNamingStrategy.html
+++ b/war/src/main/webapp/help/system-config/patternJobNamingStrategy.html
@@ -1,8 +1,8 @@
 <div>
-  Define a pattern (regular expression) to check whether the job name is valid or not.
+  Define a pattern (regular expression) to check whether or not the job name is valid.
   <p>
   Forcing the check on existing jobs, will allow you to enforce a naming convention on existing jobs - e.g. even if the user does not change the name, 
-  it will be validated with the given pattern at every submit and no updates can be made until the name confirms.<br>
+  it will be validated with the given pattern at every submit and no updates can be made until the name conforms.<br>
   <i>This option does not affect the execution of jobs with non-compliant names.
   It just controls the validation process when saving job configurations.</i> 
 </div>
-- 
GitLab


From 2be60cdba271351f7478b40364de13de24da466e Mon Sep 17 00:00:00 2001
From: suren <zxjlwt@126.com>
Date: Mon, 28 May 2018 19:39:01 +0800
Subject: [PATCH 453/863] Fix the incorrect expression

---
 .../hudson/model/UpdateCenter/sidepanel_zh_CN.properties      | 4 ++--
 .../resources/jenkins/management/Messages_zh_CN.properties    | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/core/src/main/resources/hudson/model/UpdateCenter/sidepanel_zh_CN.properties b/core/src/main/resources/hudson/model/UpdateCenter/sidepanel_zh_CN.properties
index 37d6238582..9f98a8f7bd 100644
--- a/core/src/main/resources/hudson/model/UpdateCenter/sidepanel_zh_CN.properties
+++ b/core/src/main/resources/hudson/model/UpdateCenter/sidepanel_zh_CN.properties
@@ -21,5 +21,5 @@
 # THE SOFTWARE.
 
 Back\ to\ Dashboard=\u8FD4\u56DE
-Manage\ Jenkins=\u7cfb\u7edf\u7ba1\u7406
-Manage\ Plugins=\u7BA1\u7406\u63D2\u4EF6
+Manage\ Jenkins=\u7CFB\u7EDF\u7BA1\u7406
+Manage\ Plugins=\u63D2\u4EF6\u7BA1\u7406
diff --git a/core/src/main/resources/jenkins/management/Messages_zh_CN.properties b/core/src/main/resources/jenkins/management/Messages_zh_CN.properties
index 2154b15034..63c83fcc62 100644
--- a/core/src/main/resources/jenkins/management/Messages_zh_CN.properties
+++ b/core/src/main/resources/jenkins/management/Messages_zh_CN.properties
@@ -37,8 +37,8 @@ ConsoleLink.Description=\u6267\u884C\u7528\u4E8E\u7BA1\u7406\u6216\u6545\u969C\u
 CliLink.Description=\u4ECE\u60A8\u547D\u4EE4\u884C\u6216\u811A\u672C\u8BBF\u95EE\u6216\u7BA1\u7406\u60A8\u7684Jenkins\u3002
 StatisticsLink.DisplayName=\u8D1F\u8F7D\u7EDF\u8BA1
 StatisticsLink.Description=\u68C0\u67E5\u60A8\u7684\u8D44\u6E90\u5229\u7528\u60C5\u51B5\uFF0C\u770B\u770B\u662F\u5426\u9700\u8981\u66F4\u591A\u7684\u8BA1\u7B97\u673A\u6765\u5E2E\u52A9\u60A8\u6784\u5EFA\u3002
-NodesLink.DisplayName=\u7BA1\u7406\u8282\u70B9
-PluginsLink.DisplayName=\u7BA1\u7406\u63D2\u4EF6
+NodesLink.DisplayName=\u8282\u70B9\u7BA1\u7406
+PluginsLink.DisplayName=\u63D2\u4EF6\u7BA1\u7406
 ShutdownLink.DisplayName_prepare=\u51C6\u5907\u5173\u673A
 ReloadLink.DisplayName=\u8BFB\u53D6\u8BBE\u7F6E
 ConsoleLink.DisplayName=\u811A\u672C\u547D\u4EE4\u884C
-- 
GitLab


From bd6c13962964cc6e53669fb3212d6a4b328f728a Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 28 May 2018 10:02:44 -0700
Subject: [PATCH 454/863] [maven-release-plugin] prepare release jenkins-2.125

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d54dac5918..4b0ff19f59 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.125</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 0d5c3f2c27..9cfb7e3650 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.125</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index b666d55c6d..9168640b19 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.125</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.125</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..7b11163e5d 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.125</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index d9980a0636..17a289795b 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.125</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 15d6a7ad1bb09456755c888af349c74b5b4b74eb Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 28 May 2018 10:02:45 -0700
Subject: [PATCH 455/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 4b0ff19f59..44c6fa7783 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.125</version>
+    <version>2.126-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 9cfb7e3650..59d32ae8a4 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.125</version>
+    <version>2.126-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 9168640b19..d75bdf22c3 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.125</version>
+  <version>2.126-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.125</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 7b11163e5d..249f5d8b8e 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.125</version>
+    <version>2.126-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 17a289795b..9f4174c397 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.125</version>
+    <version>2.126-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From bc37379c96daef081c2ed0fa7ed85a06eadfaa80 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 28 May 2018 10:08:36 -0700
Subject: [PATCH 456/863] mvn incrementals:reincrementalify

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 44c6fa7783..d54dac5918 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.126-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 59d32ae8a4..0d5c3f2c27 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.126-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index d75bdf22c3..b02eab8918 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.126-SNAPSHOT</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.125</revision>
+    <revision>2.126</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 249f5d8b8e..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.126-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 9f4174c397..d9980a0636 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.126-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 8872b44cc8823c2106dfc5ba9a344fd1d82e4823 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20Gond=C5=BEa?= <ogondza@gmail.com>
Date: Tue, 29 May 2018 17:58:06 +0200
Subject: [PATCH 457/863] [JENKINS-20272] - Disconnected nodes should not be
 disconnected repeatedly (#3453)

* [JENKINS-20272] Reproduce in test

* [FIX JENKINS-20272] Do not disconnect skipped computers

* [JENKINS-20272] Clean the API a bit
---
 .../AbstractAsyncNodeMonitorDescriptor.java   | 62 ++++++++++++++++++-
 .../node_monitors/ResponseTimeMonitor.java    | 16 +++--
 .../ResponseTimeMonitorTest.java              | 23 +++++++
 3 files changed, 94 insertions(+), 7 deletions(-)

diff --git a/core/src/main/java/hudson/node_monitors/AbstractAsyncNodeMonitorDescriptor.java b/core/src/main/java/hudson/node_monitors/AbstractAsyncNodeMonitorDescriptor.java
index 8621f37ceb..05eed5fc24 100644
--- a/core/src/main/java/hudson/node_monitors/AbstractAsyncNodeMonitorDescriptor.java
+++ b/core/src/main/java/hudson/node_monitors/AbstractAsyncNodeMonitorDescriptor.java
@@ -6,10 +6,16 @@ import hudson.remoting.VirtualChannel;
 import jenkins.model.Jenkins;
 
 import javax.annotation.CheckForNull;
+import javax.annotation.Nonnull;
 import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Collection;
 import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
 import java.util.Map;
 import java.util.Map.Entry;
+import java.util.Set;
 import java.util.concurrent.ExecutionException;
 import java.util.concurrent.Future;
 import java.util.concurrent.TimeoutException;
@@ -60,10 +66,22 @@ public abstract class AbstractAsyncNodeMonitorDescriptor<T> extends AbstractNode
 
     /**
      * Performs all monitoring concurrently.
+     *
+     * @return Mapping from computer to monitored value. The map values can be null for several reasons, see {@link Result}
+     * for more details.
      */
     @Override
     protected Map<Computer, T> monitor() throws InterruptedException {
+        // Bridge method to offer original constrained interface.
+        return monitorDetailed().getMonitoringData();
+    }
+
+    /**
+     * Perform monitoring with detailed reporting.
+     */
+    protected final @Nonnull Result<T> monitorDetailed() throws InterruptedException {
         Map<Computer,Future<T>> futures = new HashMap<Computer,Future<T>>();
+        Set<Computer> skipped = new HashSet<>();
 
         for (Computer c : Jenkins.getInstance().getComputers()) {
             try {
@@ -101,11 +119,53 @@ public abstract class AbstractAsyncNodeMonitorDescriptor<T> extends AbstractNode
                 } catch (TimeoutException x) {
                     LOGGER.log(WARNING, "Failed to monitor " + c.getDisplayName() + " for " + getDisplayName(), x);
                 }
+            } else {
+                skipped.add(c);
             }
         }
 
-        return data;
+        return new Result<>(data, skipped);
     }
 
     private static final Logger LOGGER = Logger.getLogger(AbstractAsyncNodeMonitorDescriptor.class.getName());
+
+    /**
+     * Result object for {@link AbstractAsyncNodeMonitorDescriptor#monitorDetailed()} to facilitate extending information
+     * returned in the future.
+     *
+     * The {@link #getMonitoringData()} provides the results of the monitoring as {@link #monitor()} does. Note the value
+     * in the map can be <tt>null</tt> for several reasons:
+     * <ul>
+     *     <li>The monitoring {@link Callable} returned <tt>null</tt> as a provisioning result.</li>
+     *     <li>Creating or evaluating that callable has thrown an exception.</li>
+     *     <li>The computer was not monitored as it was offline.</li>
+     *     <li>The {@link AbstractAsyncNodeMonitorDescriptor#createCallable} has returned null.</li>
+     * </ul>
+     *
+     * Clients can distinguishing among these states based on the additional data attached to this object. {@link #getSkipped()}
+     * returns computers that was not monitored as they ware either offline or monitor produced <tt>null</tt> {@link Callable}.
+     */
+    protected static final class Result<T> {
+        private static final long serialVersionUID = -7671448355804481216L;
+
+        private final @Nonnull Map<Computer, T> data;
+        private final @Nonnull ArrayList<Computer> skipped;
+
+        private Result(@Nonnull Map<Computer, T> data, @Nonnull Collection<Computer> skipped) {
+            this.data = new HashMap<>(data);
+            this.skipped = new ArrayList<>(skipped);
+        }
+
+        protected @Nonnull Map<Computer, T> getMonitoringData() {
+            return data;
+        }
+
+        /**
+         * Computers that ware skipped during monitoring as they either do not have a a channel (offline) or the monitor
+         * have not produced the Callable. Computers that caused monitor to throw exception are not returned here.
+         */
+        protected @Nonnull List<Computer> getSkipped() {
+            return skipped;
+        }
+    }
 }
diff --git a/core/src/main/java/hudson/node_monitors/ResponseTimeMonitor.java b/core/src/main/java/hudson/node_monitors/ResponseTimeMonitor.java
index d7241e9eff..9f77f9bb77 100644
--- a/core/src/main/java/hudson/node_monitors/ResponseTimeMonitor.java
+++ b/core/src/main/java/hudson/node_monitors/ResponseTimeMonitor.java
@@ -46,20 +46,24 @@ import org.kohsuke.stapler.export.ExportedBean;
 public class ResponseTimeMonitor extends NodeMonitor {
     @Extension
     public static final AbstractNodeMonitorDescriptor<Data> DESCRIPTOR = new AbstractAsyncNodeMonitorDescriptor<Data>() {
+
         @Override
         protected Callable<Data,IOException> createCallable(Computer c) {
-            if (c.getChannel() == null) {
-                return null;
-            }
             return new Step1(get(c));
         }
 
         @Override
         protected Map<Computer, Data> monitor() throws InterruptedException {
-            Map<Computer, Data> base = super.monitor();
-            for (Entry<Computer, Data> e : base.entrySet()) {
+            Result<Data> base = monitorDetailed();
+            Map<Computer, Data> monitoringData = base.getMonitoringData();
+            for (Entry<Computer, Data> e : monitoringData.entrySet()) {
                 Computer c = e.getKey();
                 Data d = e.getValue();
+                if (base.getSkipped().contains(c)) {
+                    assert d == null;
+                    continue;
+                }
+
                 if (d ==null) {
                     // if we failed to monitor, put in the special value that indicates a failure
                     e.setValue(d=new Data(get(c),-1L));
@@ -74,7 +78,7 @@ public class ResponseTimeMonitor extends NodeMonitor {
                     LOGGER.warning(Messages.ResponseTimeMonitor_MarkedOffline(c.getName()));
                 }
             }
-            return base;
+            return monitoringData;
         }
 
         public String getDisplayName() {
diff --git a/test/src/test/java/hudson/node_monitors/ResponseTimeMonitorTest.java b/test/src/test/java/hudson/node_monitors/ResponseTimeMonitorTest.java
index 8bd2c5640a..136e42b09c 100644
--- a/test/src/test/java/hudson/node_monitors/ResponseTimeMonitorTest.java
+++ b/test/src/test/java/hudson/node_monitors/ResponseTimeMonitorTest.java
@@ -1,14 +1,22 @@
 package hudson.node_monitors;
 
+import hudson.model.Computer;
+import hudson.model.ComputerSet;
+import hudson.model.Node;
 import hudson.model.User;
 import hudson.slaves.DumbSlave;
+import hudson.slaves.JNLPLauncher;
 import hudson.slaves.OfflineCause;
+import hudson.slaves.RetentionStrategy;
 import hudson.slaves.SlaveComputer;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
 import org.jvnet.hudson.test.JenkinsRule;
 
+import java.util.Collections;
+
+import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertNull;
 
@@ -45,4 +53,19 @@ public class ResponseTimeMonitorTest {
         assertNotNull(ResponseTimeMonitor.DESCRIPTOR.monitor(c));
     }
 
+    @Test
+    public void doNotDisconnectBeforeLaunched() throws Exception {
+        DumbSlave slave = new DumbSlave("dummy", "dummy", j.createTmpDir().getPath(), "1", Node.Mode.NORMAL, "", new JNLPLauncher(), RetentionStrategy.NOOP, Collections.EMPTY_LIST);
+        j.jenkins.addNode(slave);
+        Computer c = slave.toComputer();
+        assertNotNull(c);
+        OfflineCause originalOfflineCause = c.getOfflineCause();
+
+        ResponseTimeMonitor rtm = ComputerSet.getMonitors().get(ResponseTimeMonitor.class);
+        for (int i = 0; i < 10; i++) {
+            rtm.triggerUpdate().join();
+            System.out.println(rtm.getDescriptor().get(c));
+            assertEquals(originalOfflineCause, c.getOfflineCause());
+        }
+    }
 }
-- 
GitLab


From 7de5f7d00b866aa57bfd4cac251a7d6aebc1e315 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Wed, 30 May 2018 10:58:07 +0200
Subject: [PATCH 458/863] [JENKINS-51598] - Expose PermissionGroup IDs to API

---
 .../java/hudson/security/PermissionGroup.java | 35 +++++++++++++++----
 1 file changed, 29 insertions(+), 6 deletions(-)

diff --git a/core/src/main/java/hudson/security/PermissionGroup.java b/core/src/main/java/hudson/security/PermissionGroup.java
index 13542cf4a8..4110e55c90 100644
--- a/core/src/main/java/hudson/security/PermissionGroup.java
+++ b/core/src/main/java/hudson/security/PermissionGroup.java
@@ -27,6 +27,7 @@ import hudson.model.Hudson;
 import java.util.ArrayList;
 import java.util.Iterator;
 import java.util.List;
+import java.util.Locale;
 import java.util.SortedSet;
 import java.util.TreeSet;
 import javax.annotation.CheckForNull;
@@ -51,6 +52,8 @@ public final class PermissionGroup implements Iterable<Permission>, Comparable<P
      */
     public final Localizable title;
 
+    private final String id;
+
     /**
      * Both creates a registers a new permission group.
      * @param owner sets {@link #owner}
@@ -58,12 +61,32 @@ public final class PermissionGroup implements Iterable<Permission>, Comparable<P
      * @throws IllegalStateException if this group was already registered
      */
     public PermissionGroup(@Nonnull Class owner, Localizable title) throws IllegalStateException {
+        this(title.toString(Locale.ENGLISH), owner, title);
+    }
+
+    /**
+     * Both creates a registers a new permission group.
+     * @param owner sets {@link #owner}
+     * @param title sets {@link #title}
+     * @throws IllegalStateException if this group was already registered
+     * @since TODO
+     */
+    public PermissionGroup(String id, @Nonnull Class owner, Localizable title) throws IllegalStateException {
         this.owner = owner;
         this.title = title;
+        this.id = id;
         register(this);
     }
 
-    private String id() {
+    /**
+     * Gets ID of the permission group.
+     * @return Non-localizable ID of the permission group.
+     */
+    public String getId() {
+        return id;
+    }
+
+    public String getOwnerClassName() {
         return owner.getName();
     }
 
@@ -110,7 +133,7 @@ public final class PermissionGroup implements Iterable<Permission>, Comparable<P
 
         // among the permissions of the same group, just sort by their names
         // so that the sort order is consistent regardless of classloading order.
-        return id().compareTo(that.id());
+        return getOwnerClassName().compareTo(that.getOwnerClassName());
     }
 
     private int compareOrder() {
@@ -119,11 +142,11 @@ public final class PermissionGroup implements Iterable<Permission>, Comparable<P
     }
 
     @Override public boolean equals(Object o) {
-        return o instanceof PermissionGroup && id().equals(((PermissionGroup) o).id());
+        return o instanceof PermissionGroup && getOwnerClassName().equals(((PermissionGroup) o).getOwnerClassName());
     }
 
     @Override public int hashCode() {
-        return id().hashCode();
+        return getOwnerClassName().hashCode();
     }
 
     public synchronized int size() {
@@ -131,12 +154,12 @@ public final class PermissionGroup implements Iterable<Permission>, Comparable<P
     }
 
     @Override public String toString() {
-        return "PermissionGroup[" + id() + "]";
+        return "PermissionGroup[" + getOwnerClassName() + "]";
     }
 
     private static synchronized void register(PermissionGroup g) {
         if (!PERMISSIONS.add(g)) {
-            throw new IllegalStateException("attempt to register a second PermissionGroup for " + g.id());
+            throw new IllegalStateException("attempt to register a second PermissionGroup for " + g.getOwnerClassName());
         }
     }
 
-- 
GitLab


From cf3389f33f19c53cb5faf4c4657d95c7549272cf Mon Sep 17 00:00:00 2001
From: James Nord <jnord+github@cloudbees.com>
Date: Wed, 30 May 2018 11:35:30 +0100
Subject: [PATCH 459/863] [JENKINS-51584] Added unit test showing the issue.

The Actions are created for the hudson.model.Queue$WaitingItem and
hudson.model.Queue$BuildableItem but get persisted in the actions list
of the build.
---
 .../model/TransientActionFactoryTest.java     | 39 ++++++++++++++++---
 1 file changed, 33 insertions(+), 6 deletions(-)

diff --git a/test/src/test/java/jenkins/model/TransientActionFactoryTest.java b/test/src/test/java/jenkins/model/TransientActionFactoryTest.java
index 5737fb5d18..356e085525 100644
--- a/test/src/test/java/jenkins/model/TransientActionFactoryTest.java
+++ b/test/src/test/java/jenkins/model/TransientActionFactoryTest.java
@@ -25,24 +25,26 @@
 package jenkins.model;
 
 import hudson.Util;
-import hudson.model.AbstractItem;
-import hudson.model.AbstractProject;
-import hudson.model.Action;
-import hudson.model.FreeStyleProject;
-import hudson.model.InvisibleAction;
-import hudson.model.ProminentProjectAction;
+import hudson.model.*;
 import hudson.model.queue.FoldableAction;
+
+import java.io.IOException;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
 import org.hamcrest.Matchers;
+
+import static org.hamcrest.Matchers.hasSize;
 import static org.junit.Assert.*;
 import org.junit.Rule;
 import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
 import org.jvnet.hudson.test.JenkinsRule;
 import org.jvnet.hudson.test.MockFolder;
 import org.jvnet.hudson.test.TestExtension;
 
+import javax.annotation.Nonnull;
+
 public class TransientActionFactoryTest {
 
     @Rule public JenkinsRule r = new JenkinsRule();
@@ -147,6 +149,31 @@ public class TransientActionFactoryTest {
         }
     }
 
+    @Issue("JENKINS-51584")
+    @Test
+    public void transientActionsAreNotPersistedOnQueueItems() throws Exception {
+        FreeStyleProject p = r.createFreeStyleProject();
+        FreeStyleBuild build = r.buildAndAssertSuccess(p);
+        // MyProminentProjectAction is only added via the TransientActionFactory and should never be persisted.
+        assertThat(build.getActions(MyProminentProjectAction.class), hasSize(0));
+        assertThat(Util.filter(build.getAllActions(), MyProminentProjectAction.class), hasSize(1));
+    }
+
+    @TestExtension("transientActionsAreNotPersistedOnQueueItems")
+    public static class AllFactory extends TransientActionFactory<Actionable> {
+
+        @Override
+        public Class<Actionable> type() {
+            return Actionable.class;
+        }
+
+        @Nonnull
+        @Override
+        public Collection<? extends Action> createFor(@Nonnull Actionable target) {
+            return Collections.singleton(new MyProminentProjectAction());
+        }
+    }
+
     private static class MyProminentProjectAction extends InvisibleAction implements ProminentProjectAction {}
 
 }
-- 
GitLab


From ed4c94a0a10eacc6fc5dee6783f88f216cb0017d Mon Sep 17 00:00:00 2001
From: James Nord <jnord+github@cloudbees.com>
Date: Wed, 30 May 2018 11:56:47 +0100
Subject: [PATCH 460/863] [JENKINS-51584] Unit test was not quite correct.

Calling getActions(class) will include actions froma TransientActionFactory.

To get the correct results just call getActions() and then filter the result.
---
 .../src/test/java/jenkins/model/TransientActionFactoryTest.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/src/test/java/jenkins/model/TransientActionFactoryTest.java b/test/src/test/java/jenkins/model/TransientActionFactoryTest.java
index 356e085525..b92d10923d 100644
--- a/test/src/test/java/jenkins/model/TransientActionFactoryTest.java
+++ b/test/src/test/java/jenkins/model/TransientActionFactoryTest.java
@@ -155,7 +155,7 @@ public class TransientActionFactoryTest {
         FreeStyleProject p = r.createFreeStyleProject();
         FreeStyleBuild build = r.buildAndAssertSuccess(p);
         // MyProminentProjectAction is only added via the TransientActionFactory and should never be persisted.
-        assertThat(build.getActions(MyProminentProjectAction.class), hasSize(0));
+        assertThat(Util.filter(build.getActions(), MyProminentProjectAction.class), hasSize(0));
         assertThat(Util.filter(build.getAllActions(), MyProminentProjectAction.class), hasSize(1));
     }
 
-- 
GitLab


From 5b6acd7c2cd6a1f1784f2fe8b13875bde5a54fa0 Mon Sep 17 00:00:00 2001
From: James Nord <jnord+github@cloudbees.com>
Date: Wed, 30 May 2018 12:13:32 +0100
Subject: [PATCH 461/863] [JENKINS-51584] Unit test was not quite correct.

Calling getActions(class) will include actions froma TransientActionFactory.

To get the correct results just call getActions() and then filter the result.
---
 .../jenkins/model/TransientActionFactoryTest.java  | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/test/src/test/java/jenkins/model/TransientActionFactoryTest.java b/test/src/test/java/jenkins/model/TransientActionFactoryTest.java
index b92d10923d..836e60de4b 100644
--- a/test/src/test/java/jenkins/model/TransientActionFactoryTest.java
+++ b/test/src/test/java/jenkins/model/TransientActionFactoryTest.java
@@ -25,7 +25,14 @@
 package jenkins.model;
 
 import hudson.Util;
-import hudson.model.*;
+import hudson.model.AbstractItem;
+import hudson.model.AbstractProject;
+import hudson.model.Action;
+import hudson.model.Actionable;
+import hudson.model.FreeStyleBuild;
+import hudson.model.FreeStyleProject;
+import hudson.model.InvisibleAction;
+import hudson.model.ProminentProjectAction;
 import hudson.model.queue.FoldableAction;
 
 import java.io.IOException;
@@ -34,8 +41,6 @@ import java.util.Collections;
 import java.util.List;
 import org.hamcrest.Matchers;
 
-import static org.hamcrest.Matchers.hasSize;
-import static org.junit.Assert.*;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
@@ -45,6 +50,9 @@ import org.jvnet.hudson.test.TestExtension;
 
 import javax.annotation.Nonnull;
 
+import static org.hamcrest.Matchers.hasSize;
+import static org.junit.Assert.*;
+
 public class TransientActionFactoryTest {
 
     @Rule public JenkinsRule r = new JenkinsRule();
-- 
GitLab


From c4215dc6ad5f974c740bed925aaba655b27e453a Mon Sep 17 00:00:00 2001
From: James Nord <jnord+github@cloudbees.com>
Date: Wed, 30 May 2018 12:40:21 +0100
Subject: [PATCH 462/863] [JENKINS-51584] Improve unit test to show allocation
 trace.

improve the unit test to show the allocation trace on failure.
---
 .../model/TransientActionFactoryTest.java     | 23 ++++++++++++++++---
 1 file changed, 20 insertions(+), 3 deletions(-)

diff --git a/test/src/test/java/jenkins/model/TransientActionFactoryTest.java b/test/src/test/java/jenkins/model/TransientActionFactoryTest.java
index 836e60de4b..9e03a37d4a 100644
--- a/test/src/test/java/jenkins/model/TransientActionFactoryTest.java
+++ b/test/src/test/java/jenkins/model/TransientActionFactoryTest.java
@@ -35,7 +35,8 @@ import hudson.model.InvisibleAction;
 import hudson.model.ProminentProjectAction;
 import hudson.model.queue.FoldableAction;
 
-import java.io.IOException;
+import java.io.PrintWriter;
+import java.io.StringWriter;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
@@ -50,7 +51,9 @@ import org.jvnet.hudson.test.TestExtension;
 
 import javax.annotation.Nonnull;
 
+import static org.hamcrest.Matchers.empty;
 import static org.hamcrest.Matchers.hasSize;
+import static org.hamcrest.Matchers.is;
 import static org.junit.Assert.*;
 
 public class TransientActionFactoryTest {
@@ -163,7 +166,7 @@ public class TransientActionFactoryTest {
         FreeStyleProject p = r.createFreeStyleProject();
         FreeStyleBuild build = r.buildAndAssertSuccess(p);
         // MyProminentProjectAction is only added via the TransientActionFactory and should never be persisted.
-        assertThat(Util.filter(build.getActions(), MyProminentProjectAction.class), hasSize(0));
+        assertThat(Util.filter(build.getActions(), MyProminentProjectAction.class), is(empty()));
         assertThat(Util.filter(build.getAllActions(), MyProminentProjectAction.class), hasSize(1));
     }
 
@@ -182,6 +185,20 @@ public class TransientActionFactoryTest {
         }
     }
 
-    private static class MyProminentProjectAction extends InvisibleAction implements ProminentProjectAction {}
+    private static class MyProminentProjectAction extends InvisibleAction implements ProminentProjectAction {
+
+        private String allocation;
+
+        public MyProminentProjectAction() {
+            StringWriter sw = new StringWriter();
+            PrintWriter pw = new PrintWriter(sw);
+            new Exception("MyProminentProjectAction allocated at: ").printStackTrace(pw);
+            allocation = sw.toString();
+        }
+
+        public String toString() {
+            return allocation;
+        }
+    }
 
 }
-- 
GitLab


From 8ca803819bbd7f5ecaf44179680d6694999e74d4 Mon Sep 17 00:00:00 2001
From: James Nord <jnord+github@cloudbees.com>
Date: Wed, 30 May 2018 13:11:17 +0100
Subject: [PATCH 463/863] [JENKINS-51584] do not store actions from
 TransientActionFactory.

The code was updated to use the non deprecated getAllActions() to obtain
the list of actions, however this was persisted in the actions causing
the actions from TransientActionFactories to be persisted in Builds.
---
 core/src/main/java/hudson/model/Queue.java                 | 4 +++-
 core/src/main/java/hudson/model/queue/WorkUnitContext.java | 4 ++--
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/hudson/model/Queue.java b/core/src/main/java/hudson/model/Queue.java
index a7b9dcc762..02eaa80d8b 100644
--- a/core/src/main/java/hudson/model/Queue.java
+++ b/core/src/main/java/hudson/model/Queue.java
@@ -2196,8 +2196,10 @@ public class Queue extends ResourceController implements Saveable {
             for (Action action: actions) addAction(action);
         }
 
+        @SuppressWarnings("deprecation") // JENKINS-51584
         protected Item(Item item) {
-        	this(item.task, new ArrayList<Action>(item.getAllActions()), item.id, item.future, item.inQueueSince);
+            // do not use item.getAllActions() here as this will persist actions from a TransientActionFactory
+            this(item.task, new ArrayList<Action>(item.getActions()), item.id, item.future, item.inQueueSince);
         }
 
         /**
diff --git a/core/src/main/java/hudson/model/queue/WorkUnitContext.java b/core/src/main/java/hudson/model/queue/WorkUnitContext.java
index 80a402242d..8afce5cbfd 100644
--- a/core/src/main/java/hudson/model/queue/WorkUnitContext.java
+++ b/core/src/main/java/hudson/model/queue/WorkUnitContext.java
@@ -67,8 +67,8 @@ public final class WorkUnitContext {
         this.item = item;
         this.task = item.task;
         this.future = (FutureImpl)item.getFuture();
-        this.actions = new ArrayList<Action>(item.getAllActions());
-        
+        // JENKINS-51584 do not use item.getAllActions() here.
+        this.actions = new ArrayList<Action>(item.getActions());
         // +1 for the main task
         int workUnitSize = task.getSubTasks().size();
         startLatch = new Latch(workUnitSize) {
-- 
GitLab


From 9bd13323c84c38f98091e2deffed0b7ae1cc5d68 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Wed, 30 May 2018 14:23:21 +0200
Subject: [PATCH 464/863] [JENKINS-51608] - Improve diagnostics of errorneous
 cases in ClassicPluginStrategy#getShortName()

---
 core/src/main/java/hudson/ClassicPluginStrategy.java | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/core/src/main/java/hudson/ClassicPluginStrategy.java b/core/src/main/java/hudson/ClassicPluginStrategy.java
index bc00b2a0c9..6503d4b639 100644
--- a/core/src/main/java/hudson/ClassicPluginStrategy.java
+++ b/core/src/main/java/hudson/ClassicPluginStrategy.java
@@ -25,6 +25,8 @@ package hudson;
 
 import com.google.common.collect.ImmutableList;
 import com.google.common.collect.ImmutableSet;
+
+import java.io.FileNotFoundException;
 import java.io.InputStream;
 import java.nio.file.Files;
 import java.nio.file.InvalidPathException;
@@ -110,11 +112,20 @@ public class ClassicPluginStrategy implements PluginStrategy {
 
     @Override public String getShortName(File archive) throws IOException {
         Manifest manifest;
+        if (!archive.exists()) {
+            throw new FileNotFoundException("Failed to load " + archive + ". The file does not exist");
+        } else if (!archive.isFile()) {
+            throw new FileNotFoundException("Failed to load " + archive + ". It is not a file");
+        }
+
         if (isLinked(archive)) {
             manifest = loadLinkedManifest(archive);
         } else {
             try (JarFile jf = new JarFile(archive, false)) {
                 manifest = jf.getManifest();
+            } catch (IOException ex) {
+                // Mention file name in the exception
+                throw new IOException("Failed to load " + archive, ex);
             }
         }
         return PluginWrapper.computeShortName(manifest, archive.getName());
-- 
GitLab


From 498aee9c2895e423ba093d5d5b2e4c20bd92928c Mon Sep 17 00:00:00 2001
From: Gustaf Lundh <gustaflh@axis.com>
Date: Thu, 31 May 2018 11:51:56 +0200
Subject: [PATCH 465/863] RunParameterDefinition.copyWithDefaultValue() used
 wrong constructor

---
 core/src/main/java/hudson/model/RunParameterDefinition.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/model/RunParameterDefinition.java b/core/src/main/java/hudson/model/RunParameterDefinition.java
index da1e7865e6..8f725193f2 100644
--- a/core/src/main/java/hudson/model/RunParameterDefinition.java
+++ b/core/src/main/java/hudson/model/RunParameterDefinition.java
@@ -92,7 +92,7 @@ public class RunParameterDefinition extends SimpleParameterDefinition {
     public ParameterDefinition copyWithDefaultValue(ParameterValue defaultValue) {
         if (defaultValue instanceof RunParameterValue) {
             RunParameterValue value = (RunParameterValue) defaultValue;
-            return new RunParameterDefinition(getName(), value.getRunId(), getDescription(), getFilter());
+            return new RunParameterDefinition(getName(), getProjectName(), value.getRunId(), getDescription(), getFilter());
         } else {
             return this;
         }
-- 
GitLab


From f92a7569a52d3e3078d976270748e97c52d2bd13 Mon Sep 17 00:00:00 2001
From: suren <zxjlwt@126.com>
Date: Fri, 1 Jun 2018 09:55:48 +0800
Subject: [PATCH 466/863] Wipe incomplete labels

---
 .../slaves/DeprecatedAgentProtocolMonitor/message.jelly       | 2 +-
 .../DeprecatedAgentProtocolMonitor/message_bg.properties      | 2 --
 .../DeprecatedAgentProtocolMonitor/message_it.properties      | 1 -
 .../DeprecatedAgentProtocolMonitor/message_zh_CN.properties   | 4 ++--
 4 files changed, 3 insertions(+), 6 deletions(-)

diff --git a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message.jelly b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message.jelly
index 0a22909879..e81dd150c9 100644
--- a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message.jelly
+++ b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message.jelly
@@ -2,6 +2,6 @@
 <j:jelly xmlns:j="jelly:core">
 <div class="alert alert-warning">
   ${%blurb(it.deprecatedProtocols)}
-  ${%See} ${%Protocol Configuration(rootURL)}
+  ${%See Protocol Configuration(rootURL)}
 </div>
 </j:jelly>
diff --git a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_bg.properties b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_bg.properties
index e901efca6d..a001cdd2ab 100644
--- a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_bg.properties
+++ b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_bg.properties
@@ -32,6 +32,4 @@ blurb=\
 # It may impact stability of the instance. \ 
 # If newer protocol versions are supported by all system components (agents, CLI and other clients), \ 
 # it is highly recommended to disable the deprecated protocols.
-Protocol\ Configuration=\
- <a href="{0}/configureSecurity">\u041D\u0430\u0441\u0442\u0440\u043E\u0439\u0432\u0430\u043D\u0435 \u043D\u0430 \u043F\u0440\u043E\u0442\u043E\u043A\u043E\u043B\u0438\u0442\u0435</a>.
 
diff --git a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_it.properties b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_it.properties
index 6bf77dac47..a23fa785c5 100644
--- a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_it.properties
+++ b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_it.properties
@@ -20,7 +20,6 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Protocol\ Configuration=<a href="{0}/configureSecurity">Configurazione protocollo</a>.
 blurb=Quest''istanza di Jenkins utilizza protocolli deprecati: {0}. \
     Ci\uFFFD potrebbe influenzare la stabilit\uFFFD dell''istanza. \
     Se le nuove versioni dei protocolli sono supportate da tutti i componenti di sistema (agenti, \
diff --git a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_zh_CN.properties b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_zh_CN.properties
index 66d47e2c29..d67610f515 100644
--- a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_zh_CN.properties
+++ b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_zh_CN.properties
@@ -1,3 +1,4 @@
+
 # The MIT License
 #
 # Copyright (c) 2018, suren <zxjlwt@126.com>
@@ -24,5 +25,4 @@ blurb=\u8BE5 Jenkins \u5B9E\u4F8B\u4F7F\u7528\u4E86\u5DF2\u5F03\u7528\u7684\u534
       \u5B83\u53EF\u80FD\u5F71\u54CD\u5B9E\u4F8B\u7684\u7A33\u5B9A\u6027\u3002 \
       \u5982\u679C\u66F4\u65B0\u7684\u534F\u8BAE\u7248\u672C\u5DF2\u7ECF\u652F\u6301\u4E86\u6240\u6709\u7684\u7CFB\u7EDF\u7EC4\u4EF6\uFF08\u4EE3\u7406\u3001\u547D\u4EE4\u884C\u4EE5\u53CA\u5176\u4ED6\u5BA2\u6237\u7AEF\uFF0C \
       \u5F3A\u70C8\u5EFA\u8BAE\u7981\u7528\u88AB\u5F03\u7528\u7684\u534F\u8BAE\u3002
-See=\u67E5\u770B
-Protocol\ Configuration=<a href="{0}/configureSecurity">\u534F\u8BAE\u914D\u7F6E</a>\u3002
+See\ Protocol\ Configuration=\u67E5\u770B<a href="{0}/configureSecurity">\u534F\u8BAE\u914D\u7F6E</a>\u3002
-- 
GitLab


From 0f87afef3f42c41bed7b8fa8cb2200787c8facb2 Mon Sep 17 00:00:00 2001
From: suren <zxjlwt@126.com>
Date: Fri, 1 Jun 2018 21:00:25 +0800
Subject: [PATCH 467/863] Add Chinese translation (#3461)

* Add Chinese translation

* revert the change
---
 .../message_zh_CN.properties                  | 28 +++++++++++++++++++
 .../thirdPartyLicenses_zh_CN.properties       | 25 +++++++++++++++++
 2 files changed, 53 insertions(+)
 create mode 100644 core/src/main/resources/hudson/PluginWrapper/PluginWrapperAdministrativeMonitor/message_zh_CN.properties
 create mode 100644 core/src/main/resources/hudson/PluginWrapper/thirdPartyLicenses_zh_CN.properties

diff --git a/core/src/main/resources/hudson/PluginWrapper/PluginWrapperAdministrativeMonitor/message_zh_CN.properties b/core/src/main/resources/hudson/PluginWrapper/PluginWrapperAdministrativeMonitor/message_zh_CN.properties
new file mode 100644
index 0000000000..ef2f0d5460
--- /dev/null
+++ b/core/src/main/resources/hudson/PluginWrapper/PluginWrapperAdministrativeMonitor/message_zh_CN.properties
@@ -0,0 +1,28 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Correct=\u7EA0\u6B63
+Dependency\ errors=\u4F9D\u8D56\u9519\u8BEF
+Downstream\ dependency\ errors=\u4E0B\u6E38\u4F9D\u8D56\u9519\u8BEF
+
+blurbOriginal=\u90E8\u5206\u63D2\u4EF6\u7531\u4E8E\u7F3A\u5C11\u4EE5\u6765\u65E0\u6CD5\u52A0\u8F7D\u3002\u8981\u6062\u590D\u8FD9\u4E9B\u63D2\u4EF6\u63D0\u4F9B\u7684\u529F\u80FD\uFF0C\u9700\u8981\u4FEE\u590D\u8FD9\u4E9B\u95EE\u9898\u5E76\u91CD\u542F Jenkins\u3002
+blurbDerived=\u7531\u4E8E\u4E00\u4E2A\u6216\u8005\u591A\u4E2A\u4E0A\u9762\u7684\u9519\u8BEF\u5BFC\u81F4\u8FD9\u4E9B\u63D2\u4EF6\u65E0\u6CD5\u52A0\u8F7D\u3002\u4FEE\u590D\u540E\u63D2\u4EF6\u5C06\u4F1A\u518D\u6B21\u52A0\u8F7D\u3002
diff --git a/core/src/main/resources/hudson/PluginWrapper/thirdPartyLicenses_zh_CN.properties b/core/src/main/resources/hudson/PluginWrapper/thirdPartyLicenses_zh_CN.properties
new file mode 100644
index 0000000000..85d755b0a4
--- /dev/null
+++ b/core/src/main/resources/hudson/PluginWrapper/thirdPartyLicenses_zh_CN.properties
@@ -0,0 +1,25 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+about=\u5173\u4E8E {0}
+3rd\ Party\ Dependencies=\u7B2C\u4E09\u65B9\u4F9D\u8D56
+No\ information\ recorded=\u65E0\u4FE1\u606F\u8BB0\u5F55
\ No newline at end of file
-- 
GitLab


From 0015d895b85770a79ba47e5800b767ac204dbee9 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Fri, 1 Jun 2018 16:11:41 +0200
Subject: [PATCH 468/863] Taglib docs: Add consistently the checkX attributes -
 in number, passowrd, select and textarea

---
 core/src/main/resources/lib/form/number.jelly   |  4 ++++
 core/src/main/resources/lib/form/password.jelly |  8 ++++++++
 core/src/main/resources/lib/form/select.jelly   | 15 +++++++++++++++
 core/src/main/resources/lib/form/textarea.jelly |  4 ++++
 4 files changed, 31 insertions(+)

diff --git a/core/src/main/resources/lib/form/number.jelly b/core/src/main/resources/lib/form/number.jelly
index e7e3208a56..fb5a0a6c26 100644
--- a/core/src/main/resources/lib/form/number.jelly
+++ b/core/src/main/resources/lib/form/number.jelly
@@ -60,6 +60,10 @@ THE SOFTWARE.
       If @field is specified, this will be inferred automatically,
       which is the recommended approach.
     </st:attribute>
+    <st:attribute name="checkMethod" use="optional" type="String">
+      Specify 'post' (must be lowercase) to change the HTTP method used for the AJAX requests to @checkUrl from a GET to a POST.
+      If any other value is specified then requests will use GET.
+    </st:attribute>
   </st:documentation>
   <f:prepareDatabinding />
 
diff --git a/core/src/main/resources/lib/form/password.jelly b/core/src/main/resources/lib/form/password.jelly
index 6e93438051..4a44b0d708 100644
--- a/core/src/main/resources/lib/form/password.jelly
+++ b/core/src/main/resources/lib/form/password.jelly
@@ -44,6 +44,10 @@ THE SOFTWARE.
       Additional CSS class(es) to add (such as client-side validation clazz="required",
       "number" or "positive-number"; these may be combined, as clazz="required number").
     </st:attribute>
+    <st:attribute name="checkMessage">
+      Override the default error message when client-side validation fails,
+      as with clazz="required", etc.
+    </st:attribute>
     <st:attribute name="checkUrl">
       If specified, the value entered in this input field will be checked (via AJAX)
       against this URL, and errors will be rendered under the text field.
@@ -51,6 +55,10 @@ THE SOFTWARE.
       If @field is specified, this will be inferred automatically,
       which is the recommended approach.
     </st:attribute>
+    <st:attribute name="checkMethod" use="optional" type="String">
+      Specify 'post' (must be lowercase) to change the HTTP method used for the AJAX requests to @checkUrl from a GET to a POST.
+      If any other value is specified then requests will use GET.
+    </st:attribute>
   </st:documentation>
   <f:prepareDatabinding />
   <m:input xmlns:m="jelly:hudson.util.jelly.MorphTagLibrary"
diff --git a/core/src/main/resources/lib/form/select.jelly b/core/src/main/resources/lib/form/select.jelly
index 0180600b32..781dd63d75 100644
--- a/core/src/main/resources/lib/form/select.jelly
+++ b/core/src/main/resources/lib/form/select.jelly
@@ -40,6 +40,21 @@ THE SOFTWARE.
     <st:attribute name="default">
       The default value of the text box, in case both @value is and 'instance[field]' is null.
     </st:attribute>
+    <st:attribute name="checkMessage">
+      Override the default error message when client-side validation fails,
+      as with clazz="required", etc.
+    </st:attribute>
+    <st:attribute name="checkUrl">
+      If specified, the value entered in this input field will be checked (via AJAX)
+      against this URL, and errors will be rendered under the text field.
+    
+      If @field is specified, this will be inferred automatically,
+      which is the recommended approach.
+    </st:attribute>
+    <st:attribute name="checkMethod" use="optional" type="String">
+      Specify 'post' (must be lowercase) to change the HTTP method used for the AJAX requests to @checkUrl from a GET to a POST.
+      If any other value is specified then requests will use GET.
+    </st:attribute>
   </st:documentation>
 
   <f:prepareDatabinding/>
diff --git a/core/src/main/resources/lib/form/textarea.jelly b/core/src/main/resources/lib/form/textarea.jelly
index 4104fa8159..08c86f4333 100644
--- a/core/src/main/resources/lib/form/textarea.jelly
+++ b/core/src/main/resources/lib/form/textarea.jelly
@@ -44,6 +44,10 @@ THE SOFTWARE.
     <st:attribute name="default">
       The default value of the text box, in case both @value is and 'instance[field]' is null.
     </st:attribute>
+    <st:attribute name="checkMessage">
+      Override the default error message when client-side validation fails,
+      as with clazz="required", etc.
+    </st:attribute>
     <st:attribute name="checkUrl">
       If specified, the value entered in this input field will be checked (via AJAX)
       against this URL, and errors will be rendered under the text field.
-- 
GitLab


From c8b2f52895dad7fbc0e5aeaadbaa7f3ff2d4bdee Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Fri, 1 Jun 2018 12:59:01 -0400
Subject: [PATCH 469/863] [JENKINS-50217] Defend against buggy
 ComputerListener.onConfigurationChange implementations.

---
 core/src/main/java/hudson/model/AbstractCIBase.java | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/model/AbstractCIBase.java b/core/src/main/java/hudson/model/AbstractCIBase.java
index 1b79051178..d82afd6488 100644
--- a/core/src/main/java/hudson/model/AbstractCIBase.java
+++ b/core/src/main/java/hudson/model/AbstractCIBase.java
@@ -227,8 +227,13 @@ public abstract class AbstractCIBase extends Node implements ItemGroup<TopLevelI
             killComputer(c);
         }
         getQueue().scheduleMaintenance();
-        for (ComputerListener cl : ComputerListener.all())
-            cl.onConfigurationChange();
+        for (ComputerListener cl : ComputerListener.all()) {
+            try {
+                cl.onConfigurationChange();
+            } catch (Throwable t) {
+                LOGGER.log(Level.WARNING, null, t);
+            }
+        }
     }
 
 }
-- 
GitLab


From 63fa1785ebe22dcf4e62957566a5fa0587ad9ddc Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Fri, 1 Jun 2018 13:40:30 -0400
Subject: [PATCH 470/863] Converting remaining anonymous Callable and
 FileCallable implementations to named classes. (#3437)

---
 core/src/main/java/hudson/FilePath.java       | 645 +++++++++++-------
 .../java/hudson/os/solaris/ZFSInstaller.java  |  19 +-
 .../hudson/os/solaris/ZFSProvisioner.java     |  27 +-
 core/src/main/java/hudson/tasks/Maven.java    |  58 +-
 .../java/hudson/util/RemotingDiagnostics.java |   6 +-
 .../hudson/util/io/ParserConfigurator.java    |  16 +-
 core/src/main/java/jenkins/model/Jenkins.java |  12 +-
 7 files changed, 491 insertions(+), 292 deletions(-)

diff --git a/core/src/main/java/hudson/FilePath.java b/core/src/main/java/hudson/FilePath.java
index 8cc9c9e085..3c31605534 100644
--- a/core/src/main/java/hudson/FilePath.java
+++ b/core/src/main/java/hudson/FilePath.java
@@ -478,7 +478,18 @@ public final class FilePath implements Serializable {
      */
     public int archive(final ArchiverFactory factory, OutputStream os, final DirScanner scanner) throws IOException, InterruptedException {
         final OutputStream out = (channel!=null)?new RemoteOutputStream(os):os;
-        return act(new SecureFileCallable<Integer>() {
+        return act(new Archive(factory, out, scanner));
+    }
+    private class Archive extends SecureFileCallable<Integer> {
+        private final ArchiverFactory factory;
+        private final OutputStream out;
+        private final DirScanner scanner;
+        Archive(ArchiverFactory factory, OutputStream out, DirScanner scanner) {
+            this.factory = factory;
+            this.out = out;
+            this.scanner = scanner;
+        }
+        @Override
             public Integer invoke(File f, VirtualChannel channel) throws IOException {
                 Archiver a = factory.create(out);
                 try {
@@ -490,7 +501,6 @@ public final class FilePath implements Serializable {
             }
 
             private static final long serialVersionUID = 1L;
-        });
     }
 
     public int archive(final ArchiverFactory factory, OutputStream os, final FileFilter filter) throws IOException, InterruptedException {
@@ -513,27 +523,32 @@ public final class FilePath implements Serializable {
         // TODO: post release, re-unite two branches by introducing FileStreamCallable that resolves InputStream
         if (this.channel!=target.channel) {// local -> remote or remote->local
             final RemoteInputStream in = new RemoteInputStream(read(), Flag.GREEDY);
-            target.act(new SecureFileCallable<Void>() {
-                public Void invoke(File dir, VirtualChannel channel) throws IOException, InterruptedException {
-                    unzip(dir, in);
-                    return null;
-                }
-
-                private static final long serialVersionUID = 1L;
-            });
+            target.act(new UnzipRemote(in));
         } else {// local -> local or remote->remote
-            target.act(new SecureFileCallable<Void>() {
-
-                public Void invoke(File dir, VirtualChannel channel) throws IOException, InterruptedException {
-                    assert !FilePath.this.isRemote();       // this.channel==target.channel above
-                    unzip(dir, reading(new File(FilePath.this.getRemote()))); // shortcut to local file
-                    return null;
-                }
-
-                private static final long serialVersionUID = 1L;
-            });
+            target.act(new UnzipLocal());
         }
     }
+    private class UnzipRemote extends SecureFileCallable<Void> {
+        private final RemoteInputStream in;
+        UnzipRemote(RemoteInputStream in) {
+            this.in = in;
+        }
+        @Override
+        public Void invoke(File dir, VirtualChannel channel) throws IOException, InterruptedException {
+            unzip(dir, in);
+            return null;
+        }
+        private static final long serialVersionUID = 1L;
+    }
+    private class UnzipLocal extends SecureFileCallable<Void> {
+        @Override
+        public Void invoke(File dir, VirtualChannel channel) throws IOException, InterruptedException {
+            assert !FilePath.this.isRemote();       // this.channel==target.channel above
+            unzip(dir, reading(new File(FilePath.this.getRemote()))); // shortcut to local file
+            return null;
+        }
+        private static final long serialVersionUID = 1L;
+    }
 
     /**
      * When this {@link FilePath} represents a tar file, extracts that tar file.
@@ -549,23 +564,36 @@ public final class FilePath implements Serializable {
         // TODO: post release, re-unite two branches by introducing FileStreamCallable that resolves InputStream
         if (this.channel!=target.channel) {// local -> remote or remote->local
             final RemoteInputStream in = new RemoteInputStream(read(), Flag.GREEDY);
-            target.act(new SecureFileCallable<Void>() {
-                public Void invoke(File dir, VirtualChannel channel) throws IOException, InterruptedException {
-                    readFromTar(FilePath.this.getName(),dir,compression.extract(in));
-                    return null;
-                }
-
-                private static final long serialVersionUID = 1L;
-            });
+            target.act(new UntarRemote(compression, in));
         } else {// local -> local or remote->remote
-            target.act(new SecureFileCallable<Void>() {
-                public Void invoke(File dir, VirtualChannel channel) throws IOException, InterruptedException {
-                    readFromTar(FilePath.this.getName(),dir,compression.extract(FilePath.this.read()));
-                    return null;
-                }
-                private static final long serialVersionUID = 1L;
-            });
+            target.act(new UntarLocal(compression));
+        }
+    }
+    private class UntarRemote extends SecureFileCallable<Void> {
+        private final TarCompression compression;
+        private final RemoteInputStream in;
+        UntarRemote(TarCompression compression, RemoteInputStream in) {
+            this.compression = compression;
+            this.in = in;
         }
+        @Override
+        public Void invoke(File dir, VirtualChannel channel) throws IOException, InterruptedException {
+            readFromTar(FilePath.this.getName(), dir, compression.extract(in));
+            return null;
+        }
+        private static final long serialVersionUID = 1L;
+    }
+    private class UntarLocal extends SecureFileCallable<Void> {
+        private final TarCompression compression;
+        UntarLocal(TarCompression compression) {
+            this.compression = compression;
+        }
+        @Override
+        public Void invoke(File dir, VirtualChannel channel) throws IOException, InterruptedException {
+            readFromTar(FilePath.this.getName(), dir, compression.extract(FilePath.this.read()));
+            return null;
+        }
+        private static final long serialVersionUID = 1L;
     }
 
     /**
@@ -578,13 +606,19 @@ public final class FilePath implements Serializable {
      */
     public void unzipFrom(InputStream _in) throws IOException, InterruptedException {
         final InputStream in = new RemoteInputStream(_in, Flag.GREEDY);
-        act(new SecureFileCallable<Void>() {
-            public Void invoke(File dir, VirtualChannel channel) throws IOException {
-                unzip(dir, in);
-                return null;
-            }
-            private static final long serialVersionUID = 1L;
-        });
+        act(new UnzipFrom(in));
+    }
+    private class UnzipFrom extends SecureFileCallable<Void> {
+        private final InputStream in;
+        UnzipFrom(InputStream in) {
+            this.in = in;
+        }
+        @Override
+        public Void invoke(File dir, VirtualChannel channel) throws IOException {
+            unzip(dir, in);
+            return null;
+        }
+        private static final long serialVersionUID = 1L;
     }
 
     private void unzip(File dir, InputStream in) throws IOException {
@@ -643,12 +677,13 @@ public final class FilePath implements Serializable {
      * Absolutizes this {@link FilePath} and returns the new one.
      */
     public FilePath absolutize() throws IOException, InterruptedException {
-        return new FilePath(channel,act(new SecureFileCallable<String>() {
-            private static final long serialVersionUID = 1L;
-            public String invoke(File f, VirtualChannel channel) throws IOException {
-                return f.getAbsolutePath();
-            }
-        }));
+        return new FilePath(channel, act(new Absolutize()));
+    }
+    private static class Absolutize extends SecureFileCallable<String> {
+        private static final long serialVersionUID = 1L;
+        public String invoke(File f, VirtualChannel channel) throws IOException {
+            return f.getAbsolutePath();
+        }
     }
 
     /**
@@ -661,14 +696,22 @@ public final class FilePath implements Serializable {
      * @since 1.456
      */
     public void symlinkTo(final String target, final TaskListener listener) throws IOException, InterruptedException {
-        act(new SecureFileCallable<Void>() {
-            private static final long serialVersionUID = 1L;
-            public Void invoke(File f, VirtualChannel channel) throws IOException, InterruptedException {
-                symlinking(f);
-                Util.createSymlink(f.getParentFile(),target,f.getName(),listener);
-                return null;
-            }
-        });
+        act(new SymlinkTo(target, listener));
+    }
+    private class SymlinkTo extends SecureFileCallable<Void> {
+        private final String target;
+        private final TaskListener listener;
+        SymlinkTo(String target, TaskListener listener) {
+            this.target = target;
+            this.listener = listener;
+        }
+        private static final long serialVersionUID = 1L;
+        @Override
+        public Void invoke(File f, VirtualChannel channel) throws IOException, InterruptedException {
+            symlinking(f);
+            Util.createSymlink(f.getParentFile(), target, f.getName(), listener);
+            return null;
+        }
     }
     
     /**
@@ -679,12 +722,14 @@ public final class FilePath implements Serializable {
      * @since 1.456
      */
     public String readLink() throws IOException, InterruptedException {
-        return act(new SecureFileCallable<String>() {
-            private static final long serialVersionUID = 1L;
-            public String invoke(File f, VirtualChannel channel) throws IOException, InterruptedException {
-                return Util.resolveSymlink(reading(f));
-            }
-        });
+        return act(new ReadLink());
+    }
+    private class ReadLink extends SecureFileCallable<String> {
+        private static final long serialVersionUID = 1L;
+        @Override
+        public String invoke(File f, VirtualChannel channel) throws IOException, InterruptedException {
+            return Util.resolveSymlink(reading(f));
+        }
     }
 
     @Override
@@ -748,17 +793,25 @@ public final class FilePath implements Serializable {
     public void untarFrom(InputStream _in, final TarCompression compression) throws IOException, InterruptedException {
         try {
             final InputStream in = new RemoteInputStream(_in, Flag.GREEDY);
-            act(new SecureFileCallable<Void>() {
-                public Void invoke(File dir, VirtualChannel channel) throws IOException {
-                    readFromTar("input stream",dir, compression.extract(in));
-                    return null;
-                }
-                private static final long serialVersionUID = 1L;
-            });
+            act(new UntarFrom(compression, in));
         } finally {
             _in.close();
         }
     }
+    private class UntarFrom extends SecureFileCallable<Void> {
+        private final TarCompression compression;
+        private final InputStream in;
+        UntarFrom(TarCompression compression, InputStream in) {
+            this.compression = compression;
+            this.in = in;
+        }
+        @Override
+        public Void invoke(File dir, VirtualChannel channel) throws IOException {
+            readFromTar("input stream",dir, compression.extract(in));
+            return null;
+        }
+        private static final long serialVersionUID = 1L;
+    }
 
     /**
      * Given a tgz/zip file, extracts it to the given target directory, if necessary.
@@ -1172,12 +1225,14 @@ public final class FilePath implements Serializable {
      * on which this file is available.
      */
     public URI toURI() throws IOException, InterruptedException {
-        return act(new SecureFileCallable<URI>() {
-            private static final long serialVersionUID = 1L;
-            public URI invoke(File f, VirtualChannel channel) {
-                return f.toURI();
-            }
-        });
+        return act(new ToURI());
+    }
+    private static class ToURI extends SecureFileCallable<URI> {
+        private static final long serialVersionUID = 1L;
+        @Override
+        public URI invoke(File f, VirtualChannel channel) {
+            return f.toURI();
+        }
     }
 
     /**
@@ -1247,13 +1302,15 @@ public final class FilePath implements Serializable {
      * Deletes all the contents of this directory, but not the directory itself
      */
     public void deleteContents() throws IOException, InterruptedException {
-        act(new SecureFileCallable<Void>() {
-            private static final long serialVersionUID = 1L;
-            public Void invoke(File f, VirtualChannel channel) throws IOException {
-                deleteContentsRecursive(f);
-                return null;
-            }
-        });
+        act(new DeleteContents());
+    }
+    private class DeleteContents extends SecureFileCallable<Void> {
+        private static final long serialVersionUID = 1L;
+        @Override
+        public Void invoke(File f, VirtualChannel channel) throws IOException {
+            deleteContentsRecursive(f);
+            return null;
+        }
     }
 
     private void deleteRecursive(File dir) throws IOException {
@@ -1364,17 +1421,25 @@ public final class FilePath implements Serializable {
      */
     public FilePath createTempFile(final String prefix, final String suffix) throws IOException, InterruptedException {
         try {
-            return new FilePath(this,act(new SecureFileCallable<String>() {
-                private static final long serialVersionUID = 1L;
-                public String invoke(File dir, VirtualChannel channel) throws IOException {
-                    File f = writing(File.createTempFile(prefix, suffix, dir));
-                    return f.getName();
-                }
-            }));
+            return new FilePath(this, act(new CreateTempFile(prefix, suffix)));
         } catch (IOException e) {
             throw new IOException("Failed to create a temp file on "+remote,e);
         }
     }
+    private class CreateTempFile extends SecureFileCallable<String> {
+        private final String prefix;
+        private final String suffix;
+        CreateTempFile(String prefix, String suffix) {
+            this.prefix = prefix;
+            this.suffix = suffix;
+        }
+        private static final long serialVersionUID = 1L;
+        @Override
+        public String invoke(File dir, VirtualChannel channel) throws IOException {
+            File f = writing(File.createTempFile(prefix, suffix, dir));
+            return f.getName();
+        }
+    }
 
     /**
      * Creates a temporary file in this directory and set the contents to the
@@ -1482,29 +1547,35 @@ public final class FilePath implements Serializable {
                 s = new String[]{prefix, suffix};
             }
             String name = StringUtils.join(s, ".");
-            return new FilePath(this,act(new SecureFileCallable<String>() {
-                private static final long serialVersionUID = 1L;
-                public String invoke(File dir, VirtualChannel channel) throws IOException {
+            return new FilePath(this, act(new CreateTempDir(name)));
+        } catch (IOException e) {
+            throw new IOException("Failed to create a temp directory on "+remote,e);
+        }
+    }
+    private class CreateTempDir extends SecureFileCallable<String> {
+        private final String name;
+        CreateTempDir(String name) {
+            this.name = name;
+        }
+            private static final long serialVersionUID = 1L;
+            @Override
+            public String invoke(File dir, VirtualChannel channel) throws IOException {
 
-                    Path tempPath;
-                    final boolean isPosix = FileSystems.getDefault().supportedFileAttributeViews().contains("posix");
+                Path tempPath;
+                final boolean isPosix = FileSystems.getDefault().supportedFileAttributeViews().contains("posix");
 
-                    if (isPosix) {
-                        tempPath = Files.createTempDirectory(Util.fileToPath(dir), name,
-                                PosixFilePermissions.asFileAttribute(EnumSet.allOf(PosixFilePermission.class)));
-                    } else {
-                        tempPath = Files.createTempDirectory(Util.fileToPath(dir), name, new FileAttribute<?>[] {});
-                    }
+                if (isPosix) {
+                    tempPath = Files.createTempDirectory(Util.fileToPath(dir), name,
+                            PosixFilePermissions.asFileAttribute(EnumSet.allOf(PosixFilePermission.class)));
+                } else {
+                    tempPath = Files.createTempDirectory(Util.fileToPath(dir), name, new FileAttribute<?>[] {});
+                }
 
-                    if (tempPath.toFile() == null) {
-                        throw new IOException("Failed to obtain file from path " + dir + " on " + remote);
-                    }
-                    return tempPath.toFile().getName();
+                if (tempPath.toFile() == null) {
+                    throw new IOException("Failed to obtain file from path " + dir + " on " + remote);
                 }
-            }));
-        } catch (IOException e) {
-            throw new IOException("Failed to create a temp directory on "+remote,e);
-        }
+                return tempPath.toFile().getName();
+            }
     }
 
     /**
@@ -1563,8 +1634,15 @@ public final class FilePath implements Serializable {
      * @since 1.299
      */
     public void touch(final long timestamp) throws IOException, InterruptedException {
-        act(new SecureFileCallable<Void>() {
+        act(new Touch(timestamp));
+    }
+    private class Touch extends SecureFileCallable<Void> {
+        private final long timestamp;
+        Touch(long timestamp) {
+            this.timestamp = timestamp;
+        }
             private static final long serialVersionUID = -5094638816500738429L;
+            @Override
             public Void invoke(File f, VirtualChannel channel) throws IOException {
                 if(!f.exists()) {
                     try {
@@ -1577,12 +1655,22 @@ public final class FilePath implements Serializable {
                     throw new IOException("Failed to set the timestamp of "+f+" to "+timestamp);
                 return null;
             }
-        });
     }
     
     private void setLastModifiedIfPossible(final long timestamp) throws IOException, InterruptedException {
-        String message = act(new SecureFileCallable<String>() {
+        String message = act(new SetLastModified(timestamp));
+
+        if (message!=null) {
+            LOGGER.warning(message);
+        }
+    }
+    private class SetLastModified extends SecureFileCallable<String> {
+        private final long timestamp;
+        SetLastModified(long timestamp) {
+            this.timestamp = timestamp;
+        }
             private static final long serialVersionUID = -828220335793641630L;
+            @Override
             public String invoke(File f, VirtualChannel channel) throws IOException {
                 if(!writing(f).setLastModified(timestamp)) {
                     if (Functions.isWindows()) {
@@ -1595,11 +1683,6 @@ public final class FilePath implements Serializable {
                 }
                 return null;
             }
-        });
-
-        if (message!=null) {
-            LOGGER.warning(message);
-        }
     }
 
     /**
@@ -1622,12 +1705,14 @@ public final class FilePath implements Serializable {
      * @since 1.129
      */
     public long length() throws IOException, InterruptedException {
-        return act(new SecureFileCallable<Long>() {
-            private static final long serialVersionUID = 1L;
-            public Long invoke(File f, VirtualChannel channel) throws IOException {
-                return stating(f).length();
-            }
-        });
+        return act(new Length());
+    }
+    private class Length extends SecureFileCallable<Long> {
+        private static final long serialVersionUID = 1L;
+        @Override
+        public Long invoke(File f, VirtualChannel channel) throws IOException {
+            return stating(f).length();
+        }
     }
 
     /**
@@ -1635,12 +1720,14 @@ public final class FilePath implements Serializable {
      * @since 1.542
      */
     public long getFreeDiskSpace() throws IOException, InterruptedException {
-        return act(new SecureFileCallable<Long>() {
-            private static final long serialVersionUID = 1L;
-            @Override public Long invoke(File f, VirtualChannel channel) throws IOException {
-                return f.getFreeSpace();
-            }
-        });
+        return act(new GetFreeDiskSpace());
+    }
+    private static class GetFreeDiskSpace extends SecureFileCallable<Long> {
+        private static final long serialVersionUID = 1L;
+        @Override
+        public Long invoke(File f, VirtualChannel channel) throws IOException {
+            return f.getFreeSpace();
+        }
     }
 
     /**
@@ -1648,12 +1735,14 @@ public final class FilePath implements Serializable {
      * @since 1.542
      */
     public long getTotalDiskSpace() throws IOException, InterruptedException {
-        return act(new SecureFileCallable<Long>() {
-            private static final long serialVersionUID = 1L;
-            @Override public Long invoke(File f, VirtualChannel channel) throws IOException {
-                return f.getTotalSpace();
-            }
-        });
+        return act(new GetTotalDiskSpace());
+    }
+    private static class GetTotalDiskSpace extends SecureFileCallable<Long> {
+        private static final long serialVersionUID = 1L;
+        @Override
+        public Long invoke(File f, VirtualChannel channel) throws IOException {
+            return f.getTotalSpace();
+        }
     }
 
     /**
@@ -1661,12 +1750,14 @@ public final class FilePath implements Serializable {
      * @since 1.542
      */
     public long getUsableDiskSpace() throws IOException, InterruptedException {
-        return act(new SecureFileCallable<Long>() {
-            private static final long serialVersionUID = 1L;
-            @Override public Long invoke(File f, VirtualChannel channel) throws IOException {
-                return f.getUsableSpace();
-            }
-        });
+        return act(new GetUsableDiskSpace());
+    }
+    private static class GetUsableDiskSpace extends SecureFileCallable<Long> {
+        private static final long serialVersionUID = 1L;
+        @Override
+        public Long invoke(File f, VirtualChannel channel) throws IOException {
+            return f.getUsableSpace();
+        }
     }
 
     /**
@@ -1734,12 +1825,14 @@ public final class FilePath implements Serializable {
      */
     public int mode() throws IOException, InterruptedException, PosixException {
         if(!isUnix())   return -1;
-        return act(new SecureFileCallable<Integer>() {
-            private static final long serialVersionUID = 1L;
-            public Integer invoke(File f, VirtualChannel channel) throws IOException {
-                return IOUtils.mode(stating(f));
-            }
-        });
+        return act(new Mode());
+    }
+    private class Mode extends SecureFileCallable<Integer> {
+        private static final long serialVersionUID = 1L;
+        @Override
+        public Integer invoke(File f, VirtualChannel channel) throws IOException {
+            return IOUtils.mode(stating(f));
+        }
     }
 
     /**
@@ -1784,8 +1877,15 @@ public final class FilePath implements Serializable {
         if (filter != null && !(filter instanceof Serializable)) {
             throw new IllegalArgumentException("Non-serializable filter of " + filter.getClass());
         }
-        return act(new SecureFileCallable<List<FilePath>>() {
+        return act(new ListFilter(filter), (filter != null ? filter : this).getClass().getClassLoader());
+    }
+    private class ListFilter extends SecureFileCallable<List<FilePath>> {
+        private final FileFilter filter;
+        ListFilter(FileFilter filter) {
+            this.filter = filter;
+        }
             private static final long serialVersionUID = 1L;
+            @Override
             public List<FilePath> invoke(File f, VirtualChannel channel) throws IOException {
                 File[] children = reading(f).listFiles(filter);
                 if (children == null) {
@@ -1798,7 +1898,6 @@ public final class FilePath implements Serializable {
 
                 return r;
             }
-        }, (filter!=null?filter:this).getClass().getClassLoader());
     }
 
     /**
@@ -1842,8 +1941,19 @@ public final class FilePath implements Serializable {
      */
     @Nonnull
     public FilePath[] list(final String includes, final String excludes, final boolean defaultExcludes) throws IOException, InterruptedException {
-        return act(new SecureFileCallable<FilePath[]>() {
+        return act(new ListGlob(includes, excludes, defaultExcludes));
+    }
+    private class ListGlob extends SecureFileCallable<FilePath[]> {
+        private final String includes;
+        private final String excludes;
+        private final boolean defaultExcludes;
+        ListGlob(String includes, String excludes, boolean defaultExcludes) {
+            this.includes = includes;
+            this.excludes = excludes;
+            this.defaultExcludes = defaultExcludes;
+        }
             private static final long serialVersionUID = 1L;
+            @Override
             public FilePath[] invoke(File f, VirtualChannel channel) throws IOException {
                 String[] files = glob(reading(f), includes, excludes, defaultExcludes);
 
@@ -1853,7 +1963,6 @@ public final class FilePath implements Serializable {
 
                 return r;
             }
-        });
     }
 
     /**
@@ -2012,8 +2121,11 @@ public final class FilePath implements Serializable {
             }
         }
 
-        return act(new SecureFileCallable<OutputStream>() {
+        return act(new WritePipe());
+    }
+    private class WritePipe extends SecureFileCallable<OutputStream> {
             private static final long serialVersionUID = 1L;
+            @Override
             public OutputStream invoke(File f, VirtualChannel channel) throws IOException, InterruptedException {
                 f = f.getAbsoluteFile();
                 mkdirs(f.getParentFile());
@@ -2024,7 +2136,6 @@ public final class FilePath implements Serializable {
                     throw new IOException(e);
                 }
             }
-        });
     }
 
     /**
@@ -2063,12 +2174,14 @@ public final class FilePath implements Serializable {
      * @see Util#getDigestOf(File)
      */
     public String digest() throws IOException, InterruptedException {
-        return act(new SecureFileCallable<String>() {
-            private static final long serialVersionUID = 1L;
-            public String invoke(File f, VirtualChannel channel) throws IOException {
-                return Util.getDigestOf(reading(f));
-            }
-        });
+        return act(new Digest());
+    }
+    private class Digest extends SecureFileCallable<String> {
+        private static final long serialVersionUID = 1L;
+        @Override
+        public String invoke(File f, VirtualChannel channel) throws IOException {
+            return Util.getDigestOf(reading(f));
+        }
     }
 
     /**
@@ -2079,13 +2192,19 @@ public final class FilePath implements Serializable {
     	if(this.channel != target.channel) {
     		throw new IOException("renameTo target must be on the same host");
     	}
-        act(new SecureFileCallable<Void>() {
-            private static final long serialVersionUID = 1L;
-            public Void invoke(File f, VirtualChannel channel) throws IOException {
-                Files.move(fileToPath(reading(f)), fileToPath(creating(new File(target.remote))), LinkOption.NOFOLLOW_LINKS);
-                return null;
-            }
-        });
+        act(new RenameTo(target));
+    }
+    private class RenameTo extends SecureFileCallable<Void> {
+        private final FilePath target;
+        RenameTo(FilePath target) {
+            this.target = target;
+        }
+        private static final long serialVersionUID = 1L;
+        @Override
+        public Void invoke(File f, VirtualChannel channel) throws IOException {
+            Files.move(fileToPath(reading(f)), fileToPath(creating(new File(target.remote))), LinkOption.NOFOLLOW_LINKS);
+            return null;
+        }
     }
 
     /**
@@ -2097,8 +2216,15 @@ public final class FilePath implements Serializable {
         if(this.channel != target.channel) {
             throw new IOException("pullUpTo target must be on the same host");
         }
-        act(new SecureFileCallable<Void>() {
+        act(new MoveAllChildrenTo(target));
+    }
+    private class MoveAllChildrenTo extends SecureFileCallable<Void> {
+        private final FilePath target;
+        MoveAllChildrenTo(FilePath target) {
+            this.target = target;
+        }
             private static final long serialVersionUID = 1L;
+            @Override
             public Void invoke(File f, VirtualChannel channel) throws IOException {
                 // JENKINS-16846: if f.getName() is the same as one of the files/directories in f,
                 // then the rename op will fail
@@ -2107,7 +2233,7 @@ public final class FilePath implements Serializable {
                     throw new IOException("Failed to rename "+f+" to "+tmp);
 
                 File t = new File(target.getRemote());
-                
+
                 for(File child : reading(tmp).listFiles()) {
                     File target = new File(t, child.getName());
                     if(!stating(child).renameTo(creating(target)))
@@ -2116,7 +2242,6 @@ public final class FilePath implements Serializable {
                 deleting(tmp).delete();
                 return null;
             }
-        });
     }
 
     /**
@@ -2139,16 +2264,7 @@ public final class FilePath implements Serializable {
     public void copyToWithPermission(FilePath target) throws IOException, InterruptedException {
         // Use NIO copy with StandardCopyOption.COPY_ATTRIBUTES when copying on the same machine.
         if (this.channel == target.channel) {
-            act(new SecureFileCallable<Void>() {
-                public Void invoke(File f, VirtualChannel channel) throws IOException {
-                    File targetFile = new File(target.remote);
-                    File targetDir = targetFile.getParentFile();
-                    filterNonNull().mkdirs(targetDir);
-                    Files.createDirectories(fileToPath(targetDir));
-                    Files.copy(fileToPath(reading(f)), fileToPath(writing(targetFile)), StandardCopyOption.COPY_ATTRIBUTES, StandardCopyOption.REPLACE_EXISTING);
-                    return null;
-                }
-            });
+            act(new CopyToWithPermission(target));
             return;
         }
 
@@ -2157,6 +2273,21 @@ public final class FilePath implements Serializable {
         target.chmod(mode());
         target.setLastModifiedIfPossible(lastModified());
     }
+    private class CopyToWithPermission extends SecureFileCallable<Void> {
+        private final FilePath target;
+        CopyToWithPermission(FilePath target) {
+            this.target = target;
+        }
+        @Override
+        public Void invoke(File f, VirtualChannel channel) throws IOException {
+            File targetFile = new File(target.remote);
+            File targetDir = targetFile.getParentFile();
+            filterNonNull().mkdirs(targetDir);
+            Files.createDirectories(fileToPath(targetDir));
+            Files.copy(fileToPath(reading(f)), fileToPath(writing(targetFile)), StandardCopyOption.COPY_ATTRIBUTES, StandardCopyOption.REPLACE_EXISTING);
+            return null;
+        }
+    }
 
     /**
      * Sends the contents of this file into the given {@link OutputStream}.
@@ -2285,65 +2416,14 @@ public final class FilePath implements Serializable {
     public int copyRecursiveTo(final DirScanner scanner, final FilePath target, final String description) throws IOException, InterruptedException {
         if(this.channel==target.channel) {
             // local to local copy.
-            return act(new SecureFileCallable<Integer>() {
-                private static final long serialVersionUID = 1L;
-                public Integer invoke(File base, VirtualChannel channel) throws IOException {
-                    if(!base.exists())  return 0;
-                    assert target.channel==null;
-                    final File dest = new File(target.remote);
-                    final AtomicInteger count = new AtomicInteger();
-                    scanner.scan(base, reading(new FileVisitor() {
-                        @Override
-                        public void visit(File f, String relativePath) throws IOException {
-                            if (f.isFile()) {
-                                File target = new File(dest, relativePath);
-                                mkdirsE(target.getParentFile());
-                                Files.copy(fileToPath(f), fileToPath(writing(target)),
-                                        StandardCopyOption.COPY_ATTRIBUTES, StandardCopyOption.REPLACE_EXISTING);
-                                count.incrementAndGet();
-                            }
-                        }
-
-                        @Override
-                        public boolean understandsSymlink() {
-                            return true;
-                        }
-
-                        @Override
-                        public void visitSymlink(File link, String target, String relativePath) throws IOException {
-                            try {
-                                mkdirsE(new File(dest, relativePath).getParentFile());
-                                writing(new File(dest, target));
-                                Util.createSymlink(dest, target, relativePath, TaskListener.NULL);
-                            } catch (InterruptedException x) {
-                                throw new IOException(x);
-                            }
-                            count.incrementAndGet();
-                        }
-                    }));
-                    return count.get();
-                }
-            });
+            return act(new CopyRecursiveLocal(target, scanner));
         } else
         if(this.channel==null) {
             // local -> remote copy
             final Pipe pipe = Pipe.createLocalToRemote();
 
-            Future<Void> future = target.actAsync(new SecureFileCallable<Void>() {
-                private static final long serialVersionUID = 1L;
-                public Void invoke(File f, VirtualChannel channel) throws IOException {
-                    try (InputStream in = pipe.getIn()) {
-                        readFromTar(remote + '/' + description, f,TarCompression.GZIP.extract(in));
-                        return null;
-                    }
-                }
-            });
-            Future<Integer> future2 = actAsync(new SecureFileCallable<Integer>() {
-                private static final long serialVersionUID = 1L;
-                @Override public Integer invoke(File f, VirtualChannel channel) throws IOException, InterruptedException {
-                    return writeToTar(new File(remote), scanner, TarCompression.GZIP.compress(pipe.getOut()));
-                }
-            });
+            Future<Void> future = target.actAsync(new ReadToTar(pipe, description));
+            Future<Integer> future2 = actAsync(new WriteToTar(scanner, pipe));
             try {
                 // JENKINS-9540 in case the reading side failed, report that error first
                 future.get();
@@ -2388,6 +2468,81 @@ public final class FilePath implements Serializable {
             }
         }
     }
+    private class CopyRecursiveLocal extends SecureFileCallable<Integer> {
+        private final FilePath target;
+        private final DirScanner scanner;
+        CopyRecursiveLocal(FilePath target, DirScanner scanner) {
+            this.target = target;
+            this.scanner = scanner;
+        }
+        private static final long serialVersionUID = 1L;
+        @Override
+        public Integer invoke(File base, VirtualChannel channel) throws IOException {
+            if (!base.exists()) {
+                return 0;
+            }
+            assert target.channel == null;
+            final File dest = new File(target.remote);
+            final AtomicInteger count = new AtomicInteger();
+            scanner.scan(base, reading(new FileVisitor() {
+                @Override
+                public void visit(File f, String relativePath) throws IOException {
+                    if (f.isFile()) {
+                        File target = new File(dest, relativePath);
+                        mkdirsE(target.getParentFile());
+                        Files.copy(fileToPath(f), fileToPath(writing(target)),
+                                StandardCopyOption.COPY_ATTRIBUTES, StandardCopyOption.REPLACE_EXISTING);
+                        count.incrementAndGet();
+                    }
+                }
+                @Override
+                public boolean understandsSymlink() {
+                    return true;
+                }
+                @Override
+                public void visitSymlink(File link, String target, String relativePath) throws IOException {
+                    try {
+                        mkdirsE(new File(dest, relativePath).getParentFile());
+                        writing(new File(dest, target));
+                        Util.createSymlink(dest, target, relativePath, TaskListener.NULL);
+                    } catch (InterruptedException x) {
+                        throw new IOException(x);
+                    }
+                    count.incrementAndGet();
+                }
+            }));
+            return count.get();
+        }
+    }
+    private class ReadToTar extends SecureFileCallable<Void> {
+        private final Pipe pipe;
+        private final String description;
+        ReadToTar(Pipe pipe, String description) {
+            this.pipe = pipe;
+            this.description = description;
+        }
+        private static final long serialVersionUID = 1L;
+        @Override
+        public Void invoke(File f, VirtualChannel channel) throws IOException {
+            try (InputStream in = pipe.getIn()) {
+                readFromTar(remote + '/' + description, f, TarCompression.GZIP.extract(in));
+                return null;
+            }
+        }
+    }
+    private class WriteToTar extends SecureFileCallable<Integer> {
+        private final DirScanner scanner;
+        private final Pipe pipe;
+        WriteToTar(DirScanner scanner, Pipe pipe) {
+            this.scanner = scanner;
+            this.pipe = pipe;
+        }
+        private static final long serialVersionUID = 1L;
+        @Override
+        public Integer invoke(File f, VirtualChannel channel) throws IOException, InterruptedException {
+            return writeToTar(new File(remote), scanner, TarCompression.GZIP.compress(pipe.getOut()));
+        }
+    }
     private class CopyRecursiveRemoteToLocal extends SecureFileCallable<Integer> {
         private static final long serialVersionUID = 1L;
         private final Pipe pipe;
@@ -2544,8 +2699,19 @@ public final class FilePath implements Serializable {
      * @since 1.484
      */
     public @CheckForNull String validateAntFileMask(final String fileMasks, final int bound, final boolean caseSensitive) throws IOException, InterruptedException {
-        return act(new MasterToSlaveFileCallable<String>() {
+        return act(new ValidateAntFileMask(fileMasks, caseSensitive, bound));
+    }
+    private class ValidateAntFileMask extends MasterToSlaveFileCallable<String> {
+        private final String fileMasks;
+        private final boolean caseSensitive;
+        private final int bound;
+        ValidateAntFileMask(String fileMasks, boolean caseSensitive, int bound) {
+            this.fileMasks = fileMasks;
+            this.caseSensitive = caseSensitive;
+            this.bound = bound;
+        }
             private static final long serialVersionUID = 1;
+            @Override
             public String invoke(File dir, VirtualChannel channel) throws IOException, InterruptedException {
                 if(fileMasks.startsWith("~"))
                     return Messages.FilePath_TildaDoesntWork();
@@ -2691,7 +2857,6 @@ public final class FilePath implements Serializable {
                 if(idx2==-1)    return idx1;
                 return Math.min(idx1,idx2);
             }
-        });
     }
 
     private static final UrlFactory DEFAULT_URL_FACTORY = new UrlFactory();
@@ -2962,11 +3127,13 @@ public final class FilePath implements Serializable {
      * (User's home directory in the Unix sense) of the given channel.
      */
     public static FilePath getHomeDirectory(VirtualChannel ch) throws InterruptedException, IOException {
-        return ch.call(new MasterToSlaveCallable<FilePath,IOException>() {
-            public FilePath call() throws IOException {
-                return new FilePath(new File(System.getProperty("user.home")));
-            }
-        });
+        return ch.call(new GetHomeDirectory());
+    }
+    private static class GetHomeDirectory extends MasterToSlaveCallable<FilePath, IOException> {
+        @Override
+        public FilePath call() throws IOException {
+            return new FilePath(new File(System.getProperty("user.home")));
+        }
     }
 
     /**
diff --git a/core/src/main/java/hudson/os/solaris/ZFSInstaller.java b/core/src/main/java/hudson/os/solaris/ZFSInstaller.java
index a5709e8976..29532545fa 100644
--- a/core/src/main/java/hudson/os/solaris/ZFSInstaller.java
+++ b/core/src/main/java/hudson/os/solaris/ZFSInstaller.java
@@ -169,9 +169,23 @@ public class ZFSInstaller extends AdministrativeMonitor implements Serializable
 
         // this is the actual creation of the file system.
         // return true indicating a success
-        return SU.execute(listener, rootUsername, rootPassword, new MasterToSlaveCallable<String,IOException>() {
+        return SU.execute(listener, rootUsername, rootPassword, new Create(listener, home, uid, gid, userName));
+    }
+    private static class Create extends MasterToSlaveCallable<String, IOException> {
+        private final TaskListener listener;
+        private final File home;
+        private final int uid;
+        private final int gid;
+        private final String userName;
+        Create(TaskListener listener, File home, int uid, int gid, String userName) {
+            this.listener = listener;
+            this.home = home;
+            this.uid = uid;
+            this.gid = gid;
+            this.userName = userName;
+        }
             private static final long serialVersionUID = 7731167233498214301L;
-
+            @Override
             public String call() throws IOException {
                 PrintStream out = listener.getLogger();
 
@@ -212,7 +226,6 @@ public class ZFSInstaller extends AdministrativeMonitor implements Serializable
                 }
                 return hudson.getName();
             }
-        });
     }
 
     /**
diff --git a/core/src/main/java/hudson/os/solaris/ZFSProvisioner.java b/core/src/main/java/hudson/os/solaris/ZFSProvisioner.java
index 229b5affb5..aeb4674511 100644
--- a/core/src/main/java/hudson/os/solaris/ZFSProvisioner.java
+++ b/core/src/main/java/hudson/os/solaris/ZFSProvisioner.java
@@ -53,9 +53,11 @@ public class ZFSProvisioner extends FileSystemProvisioner implements Serializabl
     private final String rootDataset;
 
     public ZFSProvisioner(Node node) throws IOException, InterruptedException {
-        rootDataset = node.getRootPath().act(new MasterToSlaveFileCallable<String>() {
+        rootDataset = node.getRootPath().act(new GetName());
+    }
+    private static class GetName extends MasterToSlaveFileCallable<String> {
             private static final long serialVersionUID = -2142349338699797436L;
-
+            @Override
             public String invoke(File f, VirtualChannel channel) throws IOException {
                 ZFSFileSystem fs = libzfs.getFileSystemByMountPoint(f);
                 if(fs!=null)    return fs.getName();
@@ -63,15 +65,22 @@ public class ZFSProvisioner extends FileSystemProvisioner implements Serializabl
                 // TODO: for now, only support agents that are already on ZFS.
                 throw new IOException("Not on ZFS");
             }
-        });
     }
 
     public void prepareWorkspace(AbstractBuild<?,?> build, FilePath ws, final TaskListener listener) throws IOException, InterruptedException {
         final String name = build.getProject().getFullName();
         
-        ws.act(new MasterToSlaveFileCallable<Void>() {
+        ws.act(new PrepareWorkspace(name, listener));
+    }
+    private class PrepareWorkspace extends MasterToSlaveFileCallable<Void> {
+        private final String name;
+        private final TaskListener listener;
+        PrepareWorkspace(String name, TaskListener listener) {
+            this.name = name;
+            this.listener = listener;
+        }
             private static final long serialVersionUID = 2129531727963121198L;
-
+            @Override
             public Void invoke(File f, VirtualChannel channel) throws IOException {
                 ZFSFileSystem fs = libzfs.getFileSystemByMountPoint(f);
                 if(fs!=null)    return null;    // already on ZFS
@@ -84,20 +93,20 @@ public class ZFSProvisioner extends FileSystemProvisioner implements Serializabl
                 fs.mount();
                 return null;
             }
-        });
     }
 
     public void discardWorkspace(AbstractProject<?, ?> project, FilePath ws) throws IOException, InterruptedException {
-        ws.act(new MasterToSlaveFileCallable<Void>() {
+        ws.act(new DiscardWorkspace());
+    }
+    private static class DiscardWorkspace extends MasterToSlaveFileCallable<Void> {
             private static final long serialVersionUID = 1916618107019257530L;
-
+            @Override
             public Void invoke(File f, VirtualChannel channel) throws IOException {
                 ZFSFileSystem fs = libzfs.getFileSystemByMountPoint(f);
                 if(fs!=null)
                     fs.destory(true);
                 return null;
             }
-        });
     }
 
     /**
diff --git a/core/src/main/java/hudson/tasks/Maven.java b/core/src/main/java/hudson/tasks/Maven.java
index c1e4a610fe..910e3a6ebf 100644
--- a/core/src/main/java/hudson/tasks/Maven.java
+++ b/core/src/main/java/hudson/tasks/Maven.java
@@ -553,29 +553,7 @@ public class Maven extends Builder {
         public boolean meetsMavenReqVersion(Launcher launcher, int mavenReqVersion) throws IOException, InterruptedException {
             // FIXME using similar stuff as in the maven plugin could be better 
             // olamy : but will add a dependency on maven in core -> so not so good 
-            String mavenVersion = launcher.getChannel().call(new MasterToSlaveCallable<String,IOException>() {
-                    private static final long serialVersionUID = -4143159957567745621L;
-
-                    public String call() throws IOException {
-                        File[] jars = new File(getHomeDir(),"lib").listFiles();
-                        if(jars!=null) { // be defensive
-                            for (File jar : jars) {
-                                if (jar.getName().startsWith("maven-")) {
-                                    JarFile jf = null;
-                                    try {
-                                        jf = new JarFile(jar);
-                                        Manifest manifest = jf.getManifest();
-                                        String version = manifest.getMainAttributes().getValue(Attributes.Name.IMPLEMENTATION_VERSION);
-                                        if(version != null) return version;
-                                    } finally {
-                                        if(jf != null) jf.close();
-                                    }
-                                }
-                            }
-                        }
-                        return "";
-                    }
-                });
+            String mavenVersion = launcher.getChannel().call(new GetMavenVersion());
 
             if (!mavenVersion.equals("")) {
                 if (mavenReqVersion == MAVEN_20) {
@@ -594,6 +572,33 @@ public class Maven extends Builder {
             return false;
             
         }
+        private class GetMavenVersion extends MasterToSlaveCallable<String, IOException> {
+            private static final long serialVersionUID = -4143159957567745621L;
+            @Override
+            public String call() throws IOException {
+                File[] jars = new File(getHomeDir(), "lib").listFiles();
+                if (jars != null) { // be defensive
+                    for (File jar : jars) {
+                        if (jar.getName().startsWith("maven-")) {
+                            JarFile jf = null;
+                            try {
+                                jf = new JarFile(jar);
+                                Manifest manifest = jf.getManifest();
+                                String version = manifest.getMainAttributes().getValue(Attributes.Name.IMPLEMENTATION_VERSION);
+                                if (version != null) {
+                                    return version;
+                                }
+                            } finally {
+                                if (jf != null) {
+                                    jf.close();
+                                }
+                            }
+                        }
+                    }
+                }
+                return "";
+            }
+        }
         
         /**
          * Is this Maven 2.1.x or 2.2.x - but not Maven 3.x?
@@ -609,9 +614,11 @@ public class Maven extends Builder {
          * Gets the executable path of this maven on the given target system.
          */
         public String getExecutable(Launcher launcher) throws IOException, InterruptedException {
-            return launcher.getChannel().call(new MasterToSlaveCallable<String,IOException>() {
+            return launcher.getChannel().call(new GetExecutable());
+        }
+        private class GetExecutable extends MasterToSlaveCallable<String, IOException> {
                 private static final long serialVersionUID = 2373163112639943768L;
-
+                @Override
                 public String call() throws IOException {
                     File exe = getExeFile("mvn");
                     if(exe.exists())
@@ -621,7 +628,6 @@ public class Maven extends Builder {
                         return exe.getPath();
                     return null;
                 }
-            });
         }
 
         private File getExeFile(String execName) {
diff --git a/core/src/main/java/hudson/util/RemotingDiagnostics.java b/core/src/main/java/hudson/util/RemotingDiagnostics.java
index d38fa7170e..447b19a5c9 100644
--- a/core/src/main/java/hudson/util/RemotingDiagnostics.java
+++ b/core/src/main/java/hudson/util/RemotingDiagnostics.java
@@ -153,7 +153,10 @@ public final class RemotingDiagnostics {
      * Obtains the heap dump in an HPROF file.
      */
     public static FilePath getHeapDump(VirtualChannel channel) throws IOException, InterruptedException {
-        return channel.call(new MasterToSlaveCallable<FilePath, IOException>() {
+        return channel.call(new GetHeapDump());
+    }
+    private static class GetHeapDump extends MasterToSlaveCallable<FilePath, IOException> {
+            @Override
             public FilePath call() throws IOException {
                 final File hprof = File.createTempFile("hudson-heapdump", "hprof");
                 hprof.delete();
@@ -169,7 +172,6 @@ public final class RemotingDiagnostics {
             }
 
             private static final long serialVersionUID = 1L;
-        });
     }
 
     /**
diff --git a/core/src/main/java/hudson/util/io/ParserConfigurator.java b/core/src/main/java/hudson/util/io/ParserConfigurator.java
index 878fba535b..149e82ba1d 100644
--- a/core/src/main/java/hudson/util/io/ParserConfigurator.java
+++ b/core/src/main/java/hudson/util/io/ParserConfigurator.java
@@ -78,17 +78,17 @@ public abstract class ParserConfigurator implements ExtensionPoint, Serializable
         if (Jenkins.getInstanceOrNull()==null) {
             Channel ch = Channel.current();
             if (ch!=null)
-                all = ch.call(new SlaveToMasterCallable<Collection<ParserConfigurator>, IOException>() {
-
-                    private static final long serialVersionUID = -2178106894481500733L;
-
-                    public Collection<ParserConfigurator> call() throws IOException {
-                        return new ArrayList<ParserConfigurator>(all());
-                    }
-                });
+                all = ch.call(new GetParserConfigurators());
         } else
             all = all();
         for (ParserConfigurator pc : all)
             pc.configure(reader,context);
     }
+    private static class GetParserConfigurators extends SlaveToMasterCallable<Collection<ParserConfigurator>, IOException> {
+        private static final long serialVersionUID = -2178106894481500733L;
+        @Override
+        public Collection<ParserConfigurator> call() throws IOException {
+            return new ArrayList<>(all());
+        }
+    }
 }
diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index a7734f503d..4dfc9cd526 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -2415,11 +2415,13 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
 
     @Override
     public Callable<ClockDifference, IOException> getClockDifferenceCallable() {
-        return new MasterToSlaveCallable<ClockDifference, IOException>() {
-            public ClockDifference call() throws IOException {
-                return new ClockDifference(0);
-            }
-        };
+        return new ClockDifferenceCallable();
+    }
+    private static class ClockDifferenceCallable extends MasterToSlaveCallable<ClockDifference, IOException> {
+        @Override
+        public ClockDifference call() throws IOException {
+            return new ClockDifference(0);
+        }
     }
 
     /**
-- 
GitLab


From 229ed44a535034e045005bca942ed04a3093c91c Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Wed, 30 May 2018 12:38:36 +0200
Subject: [PATCH 471/863] [JENKINS-51603] - Relax workDirectory requirements
 for a JNLPLauncher constructor

---
 .../main/java/hudson/slaves/JNLPLauncher.java  | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/hudson/slaves/JNLPLauncher.java b/core/src/main/java/hudson/slaves/JNLPLauncher.java
index eeafc2bb7f..3e32c45bd1 100644
--- a/core/src/main/java/hudson/slaves/JNLPLauncher.java
+++ b/core/src/main/java/hudson/slaves/JNLPLauncher.java
@@ -31,6 +31,8 @@ import hudson.model.DescriptorVisibilityFilter;
 import hudson.model.TaskListener;
 import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
+
 import jenkins.model.Jenkins;
 import jenkins.slaves.RemotingWorkDirSettings;
 import org.jenkinsci.Symbol;
@@ -68,12 +70,22 @@ public class JNLPLauncher extends ComputerLauncher {
 
     @Nonnull
     private RemotingWorkDirSettings workDirSettings;
-    
+
+    /**
+     * Constructor.
+     * @param tunnel Tunnel settings
+     * @param vmargs JVM arguments
+     * @param workDirSettings Settings for Work Directory management in Remoting.
+     *                        If {@code null}, {@link RemotingWorkDirSettings#getEnabledDefaults()}
+     *                        will be used to enable work directories by default in new agents.
+     * @since 2.68
+     */
     @DataBoundConstructor
-    public JNLPLauncher(@CheckForNull String tunnel, @CheckForNull String vmargs, @Nonnull RemotingWorkDirSettings workDirSettings) {
+    public JNLPLauncher(@CheckForNull String tunnel, @CheckForNull String vmargs, @Nullable RemotingWorkDirSettings workDirSettings) {
         this.tunnel = Util.fixEmptyAndTrim(tunnel);
         this.vmargs = Util.fixEmptyAndTrim(vmargs);
-        this.workDirSettings = workDirSettings;
+        this.workDirSettings = workDirSettings != null ? workDirSettings :
+                RemotingWorkDirSettings.getEnabledDefaults();
     }
     
     @Deprecated
-- 
GitLab


From d79c6afd2163a30b549314c7c1185bf8bd1fd149 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 1 Jun 2018 19:42:14 +0200
Subject: [PATCH 472/863] [JENKINS-51603] - Use CheckForNull instead of
 Nullable

---
 core/src/main/java/hudson/slaves/JNLPLauncher.java | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/slaves/JNLPLauncher.java b/core/src/main/java/hudson/slaves/JNLPLauncher.java
index 3e32c45bd1..a9cb94a9dc 100644
--- a/core/src/main/java/hudson/slaves/JNLPLauncher.java
+++ b/core/src/main/java/hudson/slaves/JNLPLauncher.java
@@ -31,7 +31,6 @@ import hudson.model.DescriptorVisibilityFilter;
 import hudson.model.TaskListener;
 import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
-import javax.annotation.Nullable;
 
 import jenkins.model.Jenkins;
 import jenkins.slaves.RemotingWorkDirSettings;
@@ -81,7 +80,7 @@ public class JNLPLauncher extends ComputerLauncher {
      * @since 2.68
      */
     @DataBoundConstructor
-    public JNLPLauncher(@CheckForNull String tunnel, @CheckForNull String vmargs, @Nullable RemotingWorkDirSettings workDirSettings) {
+    public JNLPLauncher(@CheckForNull String tunnel, @CheckForNull String vmargs, @CheckForNull RemotingWorkDirSettings workDirSettings) {
         this.tunnel = Util.fixEmptyAndTrim(tunnel);
         this.vmargs = Util.fixEmptyAndTrim(vmargs);
         this.workDirSettings = workDirSettings != null ? workDirSettings :
-- 
GitLab


From 7619aeda1ab4b9d63f73f4548d181882b622c063 Mon Sep 17 00:00:00 2001
From: Vincent Latombe <vincent@latombe.net>
Date: Fri, 1 Jun 2018 20:00:57 +0200
Subject: [PATCH 473/863] =?UTF-8?q?[JENKINS-14632]=20Use=20a=20more=20spec?=
 =?UTF-8?q?ific=20selector=20so=20we=20don't=20risk=20matchin=E2=80=A6=20(?=
 =?UTF-8?q?#3467)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* [JENKINS-14632] Use a more specific selector so we don't risk matching an element we are not expecting

* [JENKINS-14632] Annotate test with issue number
---
 .../resources/lib/form/advanced/advanced.js   |  4 ++--
 .../java/lib/form/AdvancedButtonTest.java     | 12 ++++++++++-
 .../testSectionInsideOfAdvanced.jelly         | 20 +++++++++++++++++++
 3 files changed, 33 insertions(+), 3 deletions(-)
 create mode 100644 test/src/test/resources/lib/form/AdvancedButtonTest/testSectionInsideOfAdvanced.jelly

diff --git a/core/src/main/resources/lib/form/advanced/advanced.js b/core/src/main/resources/lib/form/advanced/advanced.js
index f316c139f5..b93093bb7b 100644
--- a/core/src/main/resources/lib/form/advanced/advanced.js
+++ b/core/src/main/resources/lib/form/advanced/advanced.js
@@ -3,7 +3,7 @@ Behaviour.specify("INPUT.advanced-button", 'advanced', 0, function(e) {
             var link = $(e.target).up(".advancedLink");
             link.style.display = "none"; // hide the button
 
-            var container = link.next().down(); // TABLE -> TBODY
+            var container = link.next("table.advancedBody").down(); // TABLE -> TBODY
 
             var tr = link.up("TR");
 
@@ -25,4 +25,4 @@ Behaviour.specify("INPUT.advanced-button", 'advanced', 0, function(e) {
             layoutUpdateCallback.call();
         });
         e = null; // avoid memory leak
-});
\ No newline at end of file
+});
diff --git a/test/src/test/java/lib/form/AdvancedButtonTest.java b/test/src/test/java/lib/form/AdvancedButtonTest.java
index e96c2c61b6..55bc1c7bfd 100644
--- a/test/src/test/java/lib/form/AdvancedButtonTest.java
+++ b/test/src/test/java/lib/form/AdvancedButtonTest.java
@@ -6,6 +6,7 @@ import com.gargoylesoftware.htmlunit.html.HtmlPage;
 import hudson.util.FormValidation;
 import net.sf.json.JSONObject;
 import org.jvnet.hudson.test.HudsonTestCase;
+import org.jvnet.hudson.test.Issue;
 import org.kohsuke.stapler.StaplerRequest;
 
 
@@ -32,4 +33,13 @@ public class AdvancedButtonTest extends HudsonTestCase {
         assertEquals("dvalue",c.getString("d"));
         return FormValidation.ok();
     }
-}
\ No newline at end of file
+
+    @Issue("JENKINS-14632")
+    public void testSectionInsideOfAdvanced() throws Exception {
+        HtmlPage p = createWebClient().goTo("self/testSectionInsideOfAdvanced");
+        HtmlForm f = p.getFormByName("config");
+        assertFalse(f.getInputByName("b").isDisplayed());
+        HtmlFormUtil.getButtonByCaption(f, "Advanced...").click();
+        assertTrue(f.getInputByName("b").isDisplayed());
+    }
+}
diff --git a/test/src/test/resources/lib/form/AdvancedButtonTest/testSectionInsideOfAdvanced.jelly b/test/src/test/resources/lib/form/AdvancedButtonTest/testSectionInsideOfAdvanced.jelly
new file mode 100644
index 0000000000..3bdd7801b6
--- /dev/null
+++ b/test/src/test/resources/lib/form/AdvancedButtonTest/testSectionInsideOfAdvanced.jelly
@@ -0,0 +1,20 @@
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
+<l:layout title="Testing the effect of validateButton">
+  <l:main-panel>
+    <f:form method="post" name="config" action="">
+      <f:entry title="a">
+        <f:textbox name="a" value="avalue" />
+      </f:entry>
+      <f:advanced>
+        <f:section title="foo">
+          <f:entry title="b">
+            <f:textbox name="b" value="bvalue" />
+          </f:entry>
+        </f:section>
+      </f:advanced>
+      <f:submit value="submit" />
+    </f:form>
+  </l:main-panel>
+</l:layout>
+</j:jelly>
-- 
GitLab


From 0e5fc86f4f724fe4740e8680dd3454dada717155 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20Gond=C5=BEa?= <ogondza@gmail.com>
Date: Fri, 1 Jun 2018 20:04:22 +0200
Subject: [PATCH 474/863] [FIX JENKINS-51082] Avoid attaching calling
 stacktrace as that is done by Channel already (#3417)

---
 core/src/main/java/hudson/FilePath.java | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/core/src/main/java/hudson/FilePath.java b/core/src/main/java/hudson/FilePath.java
index 3c31605534..149a5b0b6b 100644
--- a/core/src/main/java/hudson/FilePath.java
+++ b/core/src/main/java/hudson/FilePath.java
@@ -1089,11 +1089,6 @@ public final class FilePath implements Serializable {
                 return channel.call(wrapper);
             } catch (TunneledInterruptedException e) {
                 throw (InterruptedException)new InterruptedException(e.getMessage()).initCause(e);
-            } catch (AbortException e) {
-                throw e;    // pass through so that the caller can catch it as AbortException
-            } catch (IOException e) {
-                // wrap it into a new IOException so that we get the caller's stack trace as well.
-                throw new IOException("remote file operation failed: " + remote + " at " + channel + ": " + e, e);
             }
         } else {
             // the file is on the local machine.
-- 
GitLab


From 320fc6e2b2894b531953f4ee3694c4a89ad5d5f8 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sat, 2 Jun 2018 09:28:36 +0200
Subject: [PATCH 475/863] [JENKINS-51355] - Print stacktraces to logs at FINE+
 level when rejecting classes in ClassFilterImpl (#3447)

* [JENKINS-51355] - Print stacktraces to logs when rejecting classes in ClassFilterImpl

* [JENKINS-51355] - Address leftover message noticed by @dwnusbaum

* [JENKINS-51355] - Switch the logging level to FINE
---
 .../jenkins/security/ClassFilterImpl.java     | 31 ++++++++++++++++---
 1 file changed, 26 insertions(+), 5 deletions(-)

diff --git a/core/src/main/java/jenkins/security/ClassFilterImpl.java b/core/src/main/java/jenkins/security/ClassFilterImpl.java
index df179e7258..6d49d53f46 100644
--- a/core/src/main/java/jenkins/security/ClassFilterImpl.java
+++ b/core/src/main/java/jenkins/security/ClassFilterImpl.java
@@ -172,10 +172,13 @@ public class ClassFilterImpl extends ClassFilter {
                 return false;
             }
             if (SUPPRESS_WHITELIST || SUPPRESS_ALL) {
-                LOGGER.log(Level.WARNING, "{0} in {1} might be dangerous, so would normally be rejected; see https://jenkins.io/redirect/class-filter/", new Object[] {name, location != null ? location : "JRE"});
+                notifyRejected(_c, null,
+                        String.format("%s in %s might be dangerous, so would normally be rejected; see https://jenkins.io/redirect/class-filter/", name, location != null ?location : "JRE"));
+
                 return false;
             }
-            LOGGER.log(Level.WARNING, "{0} in {1} might be dangerous, so rejecting; see https://jenkins.io/redirect/class-filter/", new Object[] {name, location != null ? location : "JRE"});
+            notifyRejected(_c, null,
+                    String.format("%s in %s might be dangerous, so rejecting; see https://jenkins.io/redirect/class-filter/", name, location != null ?location : "JRE"));
             return true;
         });
     }
@@ -295,21 +298,39 @@ public class ClassFilterImpl extends ClassFilter {
         for (CustomClassFilter f : ExtensionList.lookup(CustomClassFilter.class)) {
             Boolean r = f.permits(name);
             if (r != null) {
-                LOGGER.log(Level.FINER, "{0} specifies a policy for {1}: {2}", new Object[] {f, name, r});
+                if (r) {
+                    LOGGER.log(Level.FINER, "{0} specifies a policy for {1}: {2}", new Object[] {f, name, r});
+                } else {
+                    notifyRejected(null, name,
+                            String.format("%s specifies a policy for %s: %s", f, name, r));
+                }
+
                 return !r;
             }
         }
         // could apply a cache if the pattern search turns out to be slow
         if (ClassFilter.STANDARD.isBlacklisted(name)) {
             if (SUPPRESS_ALL) {
-                LOGGER.log(Level.WARNING, "would normally reject {0} according to standard blacklist; see https://jenkins.io/redirect/class-filter/", name);
+                notifyRejected(null, name,
+                        String.format("would normally reject %s according to standard blacklist; see https://jenkins.io/redirect/class-filter/", name));
                 return false;
             }
-            LOGGER.log(Level.WARNING, "rejecting {0} according to standard blacklist; see https://jenkins.io/redirect/class-filter/", name);
+            notifyRejected(null, name,
+                    String.format("rejecting %s according to standard blacklist; see https://jenkins.io/redirect/class-filter/", name));
             return true;
         } else {
             return false;
         }
     }
 
+    private void notifyRejected(@CheckForNull Class<?> clazz, @CheckForNull String clazzName, String message) {
+        Throwable cause = null;
+        if (LOGGER.isLoggable(Level.FINE)) {
+            cause = new SecurityException("Class rejected by the class filter: " +
+                    (clazz != null ? clazz.getName() : clazzName));
+        }
+        LOGGER.log(Level.WARNING, message, cause);
+
+        // TODO: Integrate with Telemetry API (JEP-304) once it is available in the core
+    }
 }
-- 
GitLab


From 00c6bbd07ddee09960531a82682fe565801e62c0 Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Sun, 3 Jun 2018 02:06:09 -0400
Subject: [PATCH 476/863] Update help-quietPeriod.html

Try to improve help.

The option is a number, not a check box... And thus it's worth clarifying its units.
---
 .../help-quietPeriod.html                             | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

diff --git a/core/src/main/resources/jenkins/model/GlobalQuietPeriodConfiguration/help-quietPeriod.html b/core/src/main/resources/jenkins/model/GlobalQuietPeriodConfiguration/help-quietPeriod.html
index 1012ea55af..cb055c7298 100644
--- a/core/src/main/resources/jenkins/model/GlobalQuietPeriodConfiguration/help-quietPeriod.html
+++ b/core/src/main/resources/jenkins/model/GlobalQuietPeriodConfiguration/help-quietPeriod.html
@@ -1,7 +1,7 @@
 <div>
-  When this option is checked, newly triggered builds of this project will be
+  When this option non-zero, newly triggered builds of this project will be
   added to the queue, but Jenkins will wait for the specified period of time
-  before actually starting the build.
+  (in seconds) before actually starting the build.
   <p>
   For example, if your builds take a long time to execute, you may want to
   prevent multiple source control commits that are made at approximately the
@@ -15,9 +15,6 @@
   If a new build of this project is triggered while a build is already sitting
   in the queue, waiting for its quiet period to end, the quiet period will not
   be reset.  The newly triggered build will not be added to the queue, unless
-  this project is parameterized and the build has different parameters to the
+  this project is parameterized and the build has different parameters than the
   build already in the queue.
-  <p>
-  If this option is not checked, then the system-wide default value from the
-  <i>Configure System</i> screen will be used.
-  </div>
+</div>
-- 
GitLab


From 072ff1bb6425db0f0bfd620e5622e724feac3e57 Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Sun, 3 Jun 2018 20:43:41 +0800
Subject: [PATCH 477/863] Add Italian translation

---
 .../slaves/DeprecatedAgentProtocolMonitor/message_it.properties  | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_it.properties b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_it.properties
index a23fa785c5..78f92b4903 100644
--- a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_it.properties
+++ b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_it.properties
@@ -25,3 +25,4 @@ blurb=Quest''istanza di Jenkins utilizza protocolli deprecati: {0}. \
     Se le nuove versioni dei protocolli sono supportate da tutti i componenti di sistema (agenti, \
     interfaccia da riga di comando e altri client), \uFFFD fortemente raccomandato disabilitare i \
     protocolli deprecati.
+See\ Protocol\ Configuration=Vedi <a href="{0}/configureSecurity">Configurazione protocollo</a>.
-- 
GitLab


From 974a85160f090d591aa9d59ace37b226bbacf7d9 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 4 Jun 2018 00:19:23 -0700
Subject: [PATCH 478/863] [maven-release-plugin] prepare release jenkins-2.126

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d54dac5918..5aa49c7c52 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.126</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 0d5c3f2c27..5bc315d45c 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.126</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index b02eab8918..56e2fa49be 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.126</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.126</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..8e3640e50f 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.126</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index d9980a0636..09041245b0 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.126</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 91bc6d3374fc1f0742ec7558d8233052932f6290 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 4 Jun 2018 00:19:23 -0700
Subject: [PATCH 479/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 5aa49c7c52..30fa3f6ebc 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.126</version>
+    <version>2.127-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 5bc315d45c..544cb4dee3 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.126</version>
+    <version>2.127-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 56e2fa49be..35e4d3f585 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.126</version>
+  <version>2.127-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.126</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 8e3640e50f..e8bae854a6 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.126</version>
+    <version>2.127-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 09041245b0..ccc59d007d 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.126</version>
+    <version>2.127-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From a34f7631dec0b2a4ea816aa6d9afbcd4b79d39d4 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 4 Jun 2018 00:25:30 -0700
Subject: [PATCH 480/863] mvn incrementals:reincrementalify

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 30fa3f6ebc..d54dac5918 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.127-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 544cb4dee3..0d5c3f2c27 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.127-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 35e4d3f585..6a4a504cd9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.127-SNAPSHOT</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.126</revision>
+    <revision>2.127</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index e8bae854a6..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.127-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index ccc59d007d..d9980a0636 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.127-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 1d9bbfa02f10a115c72197fb95cb63324a65b12a Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Mon, 4 Jun 2018 14:06:41 +0200
Subject: [PATCH 481/863] [JENKINS-51660] Correct default URL proposed

---
 .../install/SetupWizard/setupWizardConfigureInstance.jelly     | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance.jelly b/core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance.jelly
index 0a0b2f5b69..0eb0679643 100644
--- a/core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance.jelly
+++ b/core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance.jelly
@@ -106,7 +106,8 @@ THE SOFTWARE.
             $('root-url').focus();
             (function setInitialRootUrlFieldValue(){
               var iframeUrl = window.location.href;
-              var iframeRelativeUrl = '/setupWizard/setupWizardConfigureInstance';
+              // will let the trailing slash in the rootUrl 
+              var iframeRelativeUrl = 'setupWizard/setupWizardConfigureInstance';
               var rootUrl = iframeUrl.substr(0, iframeUrl.length - iframeRelativeUrl.length);
               // to keep only the root url
               var rootUrlField = $('root-url');
-- 
GitLab


From 89039a5b34b96b0838a925e954fd991d68b09ffa Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Mon, 4 Jun 2018 16:08:35 -0400
Subject: [PATCH 482/863] internal: Move period outside parentheses

---
 .../main/resources/hudson/model/LoadStatistics/main.properties  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/hudson/model/LoadStatistics/main.properties b/core/src/main/resources/hudson/model/LoadStatistics/main.properties
index 62d0348c77..23ffe45ae6 100644
--- a/core/src/main/resources/hudson/model/LoadStatistics/main.properties
+++ b/core/src/main/resources/hudson/model/LoadStatistics/main.properties
@@ -50,7 +50,7 @@ blurb=\
     <dt>Queue length</dt>\
     <dd>\
       This is the number of jobs that are in the build queue, waiting for an \
-      available executor (of this computer, of this label, or in this Jenkins, respectively.) \
+      available executor (of this computer, of this label, or in this Jenkins, respectively). \
       This doesn''t include jobs that are in the quiet period, nor does it include \
       jobs that are in the queue because earlier builds are still in progress. \
       If this line ever goes above 0, that means your Jenkins will run more builds by \
-- 
GitLab


From 98b37699152595f35fce7387be0ee1717596650d Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 4 Jun 2018 16:07:12 -0400
Subject: [PATCH 483/863] [JENKINS-51603] The proper way to make a parameter
 optional is to use @DataBoundSetter.

---
 .../main/java/hudson/slaves/JNLPLauncher.java | 28 +++++++++++--------
 .../java/hudson/slaves/JNLPLauncherTest.java  |  9 ++++--
 2 files changed, 22 insertions(+), 15 deletions(-)

diff --git a/core/src/main/java/hudson/slaves/JNLPLauncher.java b/core/src/main/java/hudson/slaves/JNLPLauncher.java
index a9cb94a9dc..bed08613d8 100644
--- a/core/src/main/java/hudson/slaves/JNLPLauncher.java
+++ b/core/src/main/java/hudson/slaves/JNLPLauncher.java
@@ -38,6 +38,7 @@ import org.jenkinsci.Symbol;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 import org.kohsuke.stapler.DataBoundConstructor;
+import org.kohsuke.stapler.DataBoundSetter;
 
 /**
  * {@link ComputerLauncher} via JNLP.
@@ -68,7 +69,7 @@ public class JNLPLauncher extends ComputerLauncher {
     public final String vmargs;
 
     @Nonnull
-    private RemotingWorkDirSettings workDirSettings;
+    private RemotingWorkDirSettings workDirSettings = RemotingWorkDirSettings.getEnabledDefaults();
 
     /**
      * Constructor.
@@ -79,20 +80,18 @@ public class JNLPLauncher extends ComputerLauncher {
      *                        will be used to enable work directories by default in new agents.
      * @since 2.68
      */
-    @DataBoundConstructor
+    @Deprecated
     public JNLPLauncher(@CheckForNull String tunnel, @CheckForNull String vmargs, @CheckForNull RemotingWorkDirSettings workDirSettings) {
-        this.tunnel = Util.fixEmptyAndTrim(tunnel);
-        this.vmargs = Util.fixEmptyAndTrim(vmargs);
-        this.workDirSettings = workDirSettings != null ? workDirSettings :
-                RemotingWorkDirSettings.getEnabledDefaults();
+        this(tunnel, vmargs);
+        if (workDirSettings != null) {
+            setWorkDirSettings(workDirSettings);
+        }
     }
     
-    @Deprecated
-    public JNLPLauncher(String tunnel, String vmargs) {
-        // TODO: Enable workDir by default in API? Otherwise classes inheriting from JNLPLauncher
-        // will need to enable the feature by default as well.
-        // https://github.com/search?q=org%3Ajenkinsci+%22extends+JNLPLauncher%22&type=Code
-        this(tunnel, vmargs, RemotingWorkDirSettings.getDisabledDefaults());
+    @DataBoundConstructor
+    public JNLPLauncher(@CheckForNull String tunnel, @CheckForNull String vmargs) {
+        this.tunnel = Util.fixEmptyAndTrim(tunnel);
+        this.vmargs = Util.fixEmptyAndTrim(vmargs);
     }
 
     /**
@@ -132,6 +131,11 @@ public class JNLPLauncher extends ComputerLauncher {
     public RemotingWorkDirSettings getWorkDirSettings() {
         return workDirSettings;
     }
+
+    @DataBoundSetter
+    public final void setWorkDirSettings(@Nonnull RemotingWorkDirSettings workDirSettings) {
+        this.workDirSettings = workDirSettings;
+    }
     
     @Override
     public boolean isLaunchSupported() {
diff --git a/test/src/test/java/hudson/slaves/JNLPLauncherTest.java b/test/src/test/java/hudson/slaves/JNLPLauncherTest.java
index 2d34ae63eb..702673bbda 100644
--- a/test/src/test/java/hudson/slaves/JNLPLauncherTest.java
+++ b/test/src/test/java/hudson/slaves/JNLPLauncherTest.java
@@ -148,10 +148,9 @@ public class JNLPLauncherTest {
     
     @Test
     @Issue("JENKINS-44112")
+    @SuppressWarnings("deprecation")
     public void testDefaults() throws Exception {
-        String errorMsg = "Work directory should be disabled for agents created via old API";
-        assertTrue(errorMsg, new JNLPLauncher().getWorkDirSettings().isDisabled());
-        assertTrue(errorMsg, new JNLPLauncher(null, null).getWorkDirSettings().isDisabled());
+        assertTrue("Work directory should be disabled for agents created via old API", new JNLPLauncher().getWorkDirSettings().isDisabled());
     }
 
     @Test
@@ -286,8 +285,12 @@ public class JNLPLauncherTest {
         DumbSlave s = j.createSlave();
         JNLPLauncher original = new JNLPLauncher("a", "b");
         s.setLauncher(original);
+        j.assertEqualDataBoundBeans(((JNLPLauncher) s.getLauncher()).getWorkDirSettings(), RemotingWorkDirSettings.getEnabledDefaults());
+        RemotingWorkDirSettings custom = new RemotingWorkDirSettings(false, null, "custom", false);
+        ((JNLPLauncher) s.getLauncher()).setWorkDirSettings(custom);
         HtmlPage p = j.createWebClient().getPage(s, "configure");
         j.submit(p.getFormByName("config"));
         j.assertEqualBeans(original,s.getLauncher(),"tunnel,vmargs");
+        j.assertEqualDataBoundBeans(((JNLPLauncher) s.getLauncher()).getWorkDirSettings(), custom);
     }
 }
-- 
GitLab


From f0311944a059da0a69c7822311e579918d7c2369 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Sun, 6 May 2018 12:10:16 +0200
Subject: [PATCH 484/863] [JENKINS-51158] Improve Root URL validation - remove
 the bug for ipv6 - remove the support of query that was not expected - add
 support for trailing dots - add lots of unit tests

(cherry picked from commit c79f3f719c3f320ff6f0b17fae7d15ee2c1cbbcb)
---
 .../src/main/java/jenkins/util/UrlHelper.java |  39 ++++++-
 .../test/java/jenkins/util/UrlHelperTest.java | 106 ++++++++++++++++--
 2 files changed, 130 insertions(+), 15 deletions(-)

diff --git a/core/src/main/java/jenkins/util/UrlHelper.java b/core/src/main/java/jenkins/util/UrlHelper.java
index a71e592304..5058d20dc7 100644
--- a/core/src/main/java/jenkins/util/UrlHelper.java
+++ b/core/src/main/java/jenkins/util/UrlHelper.java
@@ -28,16 +28,38 @@ import jenkins.org.apache.commons.validator.routines.UrlValidator;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 
+/**
+ * Objective is to validate an URL in a lenient way sufficiently strict to avoid too weird URL
+ * but to still allow particular internal URL to be accepted
+ */
 @Restricted(NoExternalUse.class)
 public class UrlHelper {
     /**
-     * Authorize the {@code _} and {@code -} characters in domain
+     * Authorize the {@code _} and {@code -} characters in *domain*
      * <p>
-     * Avoid {@code -} and {@code .} to be first or last
+     * Avoid {@code -} to be first or last, and {@code .} to be first (but can be last)
+     * 
+     * Lenient version of 
+     * - https://tools.ietf.org/html/rfc952 GRAMMATICAL HOST TABLE SPECIFICATION
+     * - https://www.ietf.org/rfc/rfc1034.txt 3.5
+     * - https://www.ietf.org/rfc/rfc1738.txt 3.1, host
+     * - https://tools.ietf.org/html/rfc1123 2.1
+     * 
+     * Deliberately allow:
+     * - short domain name (often there are rules like minimum of 3 characters)
+     * - long domain name (normally limit on whole domain of 255 and for each subdomain/label of 63)
+     * - starting by numbers (disallowed by RFC-952 and RFC-1034, but nowadays it's supported by RFC-1123)
+     * - use of underscore (not explicitly allowed in RFC but could occur in internal network, we do not speak about path here, just domain)
+     * - custom TLD like "intern" that is not standard but could be registered locally in a network
      */
     private static String DOMAIN_REGEX = System.getProperty(
             UrlHelper.class.getName() + ".DOMAIN_REGEX", 
-            "(\\w(\\.?-?\\w+)*)(:\\d{1,5})?"
+            "^" + 
+            "\\w" + // must start with letter / number / underscore
+                "(-*(\\.|\\w))*" +// dashes are allowed but not as last character
+                "\\.*" + // can end with zero (most common), one or multiple dots 
+                "(:\\d{1,5})?" + // and potentially the port specification
+                "$"
     );
     
     public static boolean isValidRootUrl(String url) {
@@ -52,13 +74,22 @@ public class UrlHelper {
         
         @Override 
         protected boolean isValidAuthority(String authority) {
-            // to support ipv6
             boolean superResult = super.isValidAuthority(authority);
+            if(superResult && authority.contains("[")){
+                // to support ipv6
+                return true;
+            }
             if(!superResult && authority == null){
                 return false;
             }
             String authorityASCII = DomainValidator.unicodeToASCII(authority);
             return authorityASCII.matches(DOMAIN_REGEX);
         }
+    
+        @Override 
+        protected boolean isValidQuery(String query) {
+            // does not accept query
+            return query == null;
+        }
     }
 }
diff --git a/core/src/test/java/jenkins/util/UrlHelperTest.java b/core/src/test/java/jenkins/util/UrlHelperTest.java
index e07219ab84..8f6391c3a9 100644
--- a/core/src/test/java/jenkins/util/UrlHelperTest.java
+++ b/core/src/test/java/jenkins/util/UrlHelperTest.java
@@ -10,56 +10,140 @@ public class UrlHelperTest {
 
     @Test
     @Issue("JENKINS-31661")
-    public void isValid() {
+    public void regularCases() {
         assertTrue(UrlHelper.isValidRootUrl("http://www.google.com"));
+        // trailing slash is optional
         assertTrue(UrlHelper.isValidRootUrl("http://www.google.com/"));
+        // path is allowed
         assertTrue(UrlHelper.isValidRootUrl("http://www.google.com/jenkins"));
+        // port is allowed to be precised
         assertTrue(UrlHelper.isValidRootUrl("http://www.google.com:8080"));
         assertTrue(UrlHelper.isValidRootUrl("http://www.google.com:8080/jenkins"));
+        // http or https are only valid schemes
         assertTrue(UrlHelper.isValidRootUrl("https://www.google.com:8080/jenkins"));
+        // also with their UPPERCASE equivalent
+        assertTrue(UrlHelper.isValidRootUrl("HTTP://www.google.com:8080/jenkins"));
+        assertTrue(UrlHelper.isValidRootUrl("HTTPS://www.google.com:8080/jenkins"));
+
         assertTrue(UrlHelper.isValidRootUrl("http://localhost:8080/jenkins"));
         assertTrue(UrlHelper.isValidRootUrl("http://localhost:8080/jenkins/"));
         assertTrue(UrlHelper.isValidRootUrl("http://my_server:8080/jenkins"));
         assertTrue(UrlHelper.isValidRootUrl("http://MY_SERVER_IN_PRIVATE_NETWORK:8080/jenkins"));
         assertTrue(UrlHelper.isValidRootUrl("http://jenkins"));
-        
+        assertTrue(UrlHelper.isValidRootUrl("http://j"));
+        assertTrue(UrlHelper.isValidRootUrl("http://j.io"));
+
         assertFalse(UrlHelper.isValidRootUrl("http://jenkins::"));
         assertFalse(UrlHelper.isValidRootUrl("http://jenkins::80"));
+        // scheme must be correctly spelled (missing :)
         assertFalse(UrlHelper.isValidRootUrl("http//jenkins"));
-        
+
+        // scheme is mandatory
         assertFalse(UrlHelper.isValidRootUrl("com."));
+        // spaces are forbidden
         assertFalse(UrlHelper.isValidRootUrl("http:// "));
-        
+
         // examples not passing with a simple `new URL(url).toURI()` check
         assertFalse(UrlHelper.isValidRootUrl("http://jenkins//context"));
         assertFalse(UrlHelper.isValidRootUrl("http:/jenkins"));
         assertFalse(UrlHelper.isValidRootUrl("http://.com"));
-        assertFalse(UrlHelper.isValidRootUrl("http://com."));
         assertFalse(UrlHelper.isValidRootUrl("http:/:"));
         assertFalse(UrlHelper.isValidRootUrl("http://..."));
         assertFalse(UrlHelper.isValidRootUrl("http://::::@example.com"));
         assertFalse(UrlHelper.isValidRootUrl("ftp://jenkins"));
-        // this url will be used as a root url and so will be concatenated with other part, fragments are not allowed
+    }
+    
+    @Test
+    public void fragmentIsForbidden(){
+        // this url will be used as a root url and so will be concatenated with other part, fragment part is not allowed
         assertFalse(UrlHelper.isValidRootUrl("http://jenkins#fragment"));
+        assertFalse(UrlHelper.isValidRootUrl("http://jenkins.com#fragment"));
+    }
+    
+    @Test
+    public void queryIsForbidden(){
+        // this url will be used as a root url and so will be concatenated with other part, query part is not allowed
+        assertFalse(UrlHelper.isValidRootUrl("http://jenkins?param=test"));
+        assertFalse(UrlHelper.isValidRootUrl("http://jenkins.com?param=test"));
+    }
+    
+    @Test
+    public void otherCharactersAreForbidden(){
+        // other characters are not allowed
+        assertFalse(UrlHelper.isValidRootUrl("http://jenk@ins.com"));
+        assertFalse(UrlHelper.isValidRootUrl("http://jenk(ins.com"));
+        assertFalse(UrlHelper.isValidRootUrl("http://jenk)ins.com"));
+        assertFalse(UrlHelper.isValidRootUrl("http://jenk[ins.com"));
+        assertFalse(UrlHelper.isValidRootUrl("http://jenk]ins.com"));
+        assertFalse(UrlHelper.isValidRootUrl("http://jenk%ins.com"));
+        assertFalse(UrlHelper.isValidRootUrl("http://jenk$ins.com"));
+        assertFalse(UrlHelper.isValidRootUrl("http://jenk!ins.com"));
+        assertFalse(UrlHelper.isValidRootUrl("http://jenk?ins.com"));
+    }
+    
+    @Test
+    public void ipv4Allowed(){
+        assertTrue(UrlHelper.isValidRootUrl("http://172.52.125.12"));
+        assertTrue(UrlHelper.isValidRootUrl("http://172.52.125.12/jenkins"));
+        assertTrue(UrlHelper.isValidRootUrl("http://172.52.125.12:8080"));
+        assertTrue(UrlHelper.isValidRootUrl("http://172.52.125.12:8080/jenkins"));
+    }
+    
+    @Test
+    public void ipv6Allowed() {
+        assertTrue(UrlHelper.isValidRootUrl("http://[FEDC:BA98:7654:3210:FEDC:BA98:7654:3210]"));
+        assertTrue(UrlHelper.isValidRootUrl("http://[FEDC:0000:0000:3210:FEDC:BA98:7654:3210]"));
+        // 0000 can be reduced to 0
+        assertTrue(UrlHelper.isValidRootUrl("http://[FEDC:0:0:3210:FEDC:BA98:7654:3210]"));
+        // an unique sequence of multiple fragments with 0's could be omitted completely
+        assertTrue(UrlHelper.isValidRootUrl("http://[FEDC::3210:FEDC:BA98:7654:3210]"));
+        // but only one sequence
+        assertFalse(UrlHelper.isValidRootUrl("http://[2001::85a3::ac1f]"));
+        
+        // port and path are still allowed
+        assertTrue(UrlHelper.isValidRootUrl("http://[FEDC:0:0:3210:FEDC:BA98:7654:3210]:8001/jenkins"));
+        assertTrue(UrlHelper.isValidRootUrl("http://[FEDC:0:0:3210:FEDC:BA98:7654:3210]:8001"));
+        assertTrue(UrlHelper.isValidRootUrl("http://[FEDC:0:0:3210:FEDC:BA98:7654:3210]/jenkins"));
+        // dashes are not allowed inside ipv6
+        assertFalse(UrlHelper.isValidRootUrl("http://[FEDC:0:0:32-10:FEDC:BA98:7654:3210]:8001/jenkins"));
+        assertFalse(UrlHelper.isValidRootUrl("http://[FEDC:0:0:3210:-FEDC:BA98:7654:3210]:8001/jenkins"));
     }
     
     @Test
     @Issue("JENKINS-51064")
-    public void isAlsoValid() {
+    public void withCustomDomain() {
         assertTrue(UrlHelper.isValidRootUrl("http://my-server:8080/jenkins"));
         assertTrue(UrlHelper.isValidRootUrl("http://jenkins.internal/"));
         assertTrue(UrlHelper.isValidRootUrl("http://jenkins.otherDomain/"));
         assertTrue(UrlHelper.isValidRootUrl("http://my-server.domain:8080/jenkins"));
         assertTrue(UrlHelper.isValidRootUrl("http://my-ser_ver.do_m-ain:8080/jenkins"));
         assertTrue(UrlHelper.isValidRootUrl("http://my-ser_ver.do_m-ain:8080/jenkins"));
-    
+        
         // forbidden to start or end domain with - or .
         assertFalse(UrlHelper.isValidRootUrl("http://-jenkins.com"));
         assertFalse(UrlHelper.isValidRootUrl("http://jenkins.com-"));
         assertFalse(UrlHelper.isValidRootUrl("http://.jenkins.com"));
-        assertFalse(UrlHelper.isValidRootUrl("http://jenkins.com."));
+        
+        // allowed to have multiple dots in chain
+        assertTrue(UrlHelper.isValidRootUrl("http://jen..kins.com"));
+    }
     
-        // forbidden to have multiple dots in chain
-        assertFalse(UrlHelper.isValidRootUrl("http://jen..kins.com"));
+    @Test
+    public void multipleConsecutiveDashesAreAllowed() {
+        assertTrue(UrlHelper.isValidRootUrl("http://jenk--ins.internal/"));
+        assertTrue(UrlHelper.isValidRootUrl("http://www.go-----ogle.com/"));
+        // even with subdomain being just a dash
+        assertTrue(UrlHelper.isValidRootUrl("http://www.go.-.--.--ogle.com/"));
+    }
+    
+    @Test
+    @Issue("JENKINS-51158")
+    public void trailingDotsAreAccepted() {
+        assertTrue(UrlHelper.isValidRootUrl("http://jenkins.internal./"));
+        assertTrue(UrlHelper.isValidRootUrl("http://jenkins.internal......./"));
+        assertTrue(UrlHelper.isValidRootUrl("http://my-server.domain.:8080/jenkins"));
+        assertTrue(UrlHelper.isValidRootUrl("http://my-server.domain......:8080/jenkins"));
+        assertTrue(UrlHelper.isValidRootUrl("http://jenkins.com."));
+        assertTrue(UrlHelper.isValidRootUrl("http://jenkins.com......"));
     }
 }
-- 
GitLab


From 4f576414b544a3d78e7156e6b1d1b12ed7406455 Mon Sep 17 00:00:00 2001
From: James Nord <teilo@teilo.net>
Date: Thu, 31 May 2018 10:37:00 +0100
Subject: [PATCH 485/863] Merge pull request #3462 from jtnord/JENKINS-51584

[JENKINS-51584] Actions from a TransientActionFactory should not be persisted

(cherry picked from commit d4737b2b60438ce0e3cb7a8a6f26675f7c880914)
---
 core/src/main/java/hudson/model/Queue.java    |  4 +-
 .../hudson/model/queue/WorkUnitContext.java   |  4 +-
 .../model/TransientActionFactoryTest.java     | 56 ++++++++++++++++++-
 3 files changed, 59 insertions(+), 5 deletions(-)

diff --git a/core/src/main/java/hudson/model/Queue.java b/core/src/main/java/hudson/model/Queue.java
index a7b9dcc762..02eaa80d8b 100644
--- a/core/src/main/java/hudson/model/Queue.java
+++ b/core/src/main/java/hudson/model/Queue.java
@@ -2196,8 +2196,10 @@ public class Queue extends ResourceController implements Saveable {
             for (Action action: actions) addAction(action);
         }
 
+        @SuppressWarnings("deprecation") // JENKINS-51584
         protected Item(Item item) {
-        	this(item.task, new ArrayList<Action>(item.getAllActions()), item.id, item.future, item.inQueueSince);
+            // do not use item.getAllActions() here as this will persist actions from a TransientActionFactory
+            this(item.task, new ArrayList<Action>(item.getActions()), item.id, item.future, item.inQueueSince);
         }
 
         /**
diff --git a/core/src/main/java/hudson/model/queue/WorkUnitContext.java b/core/src/main/java/hudson/model/queue/WorkUnitContext.java
index 80a402242d..8afce5cbfd 100644
--- a/core/src/main/java/hudson/model/queue/WorkUnitContext.java
+++ b/core/src/main/java/hudson/model/queue/WorkUnitContext.java
@@ -67,8 +67,8 @@ public final class WorkUnitContext {
         this.item = item;
         this.task = item.task;
         this.future = (FutureImpl)item.getFuture();
-        this.actions = new ArrayList<Action>(item.getAllActions());
-        
+        // JENKINS-51584 do not use item.getAllActions() here.
+        this.actions = new ArrayList<Action>(item.getActions());
         // +1 for the main task
         int workUnitSize = task.getSubTasks().size();
         startLatch = new Latch(workUnitSize) {
diff --git a/test/src/test/java/jenkins/model/TransientActionFactoryTest.java b/test/src/test/java/jenkins/model/TransientActionFactoryTest.java
index 5737fb5d18..9e03a37d4a 100644
--- a/test/src/test/java/jenkins/model/TransientActionFactoryTest.java
+++ b/test/src/test/java/jenkins/model/TransientActionFactoryTest.java
@@ -28,21 +28,34 @@ import hudson.Util;
 import hudson.model.AbstractItem;
 import hudson.model.AbstractProject;
 import hudson.model.Action;
+import hudson.model.Actionable;
+import hudson.model.FreeStyleBuild;
 import hudson.model.FreeStyleProject;
 import hudson.model.InvisibleAction;
 import hudson.model.ProminentProjectAction;
 import hudson.model.queue.FoldableAction;
+
+import java.io.PrintWriter;
+import java.io.StringWriter;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
 import org.hamcrest.Matchers;
-import static org.junit.Assert.*;
+
 import org.junit.Rule;
 import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
 import org.jvnet.hudson.test.JenkinsRule;
 import org.jvnet.hudson.test.MockFolder;
 import org.jvnet.hudson.test.TestExtension;
 
+import javax.annotation.Nonnull;
+
+import static org.hamcrest.Matchers.empty;
+import static org.hamcrest.Matchers.hasSize;
+import static org.hamcrest.Matchers.is;
+import static org.junit.Assert.*;
+
 public class TransientActionFactoryTest {
 
     @Rule public JenkinsRule r = new JenkinsRule();
@@ -147,6 +160,45 @@ public class TransientActionFactoryTest {
         }
     }
 
-    private static class MyProminentProjectAction extends InvisibleAction implements ProminentProjectAction {}
+    @Issue("JENKINS-51584")
+    @Test
+    public void transientActionsAreNotPersistedOnQueueItems() throws Exception {
+        FreeStyleProject p = r.createFreeStyleProject();
+        FreeStyleBuild build = r.buildAndAssertSuccess(p);
+        // MyProminentProjectAction is only added via the TransientActionFactory and should never be persisted.
+        assertThat(Util.filter(build.getActions(), MyProminentProjectAction.class), is(empty()));
+        assertThat(Util.filter(build.getAllActions(), MyProminentProjectAction.class), hasSize(1));
+    }
+
+    @TestExtension("transientActionsAreNotPersistedOnQueueItems")
+    public static class AllFactory extends TransientActionFactory<Actionable> {
+
+        @Override
+        public Class<Actionable> type() {
+            return Actionable.class;
+        }
+
+        @Nonnull
+        @Override
+        public Collection<? extends Action> createFor(@Nonnull Actionable target) {
+            return Collections.singleton(new MyProminentProjectAction());
+        }
+    }
+
+    private static class MyProminentProjectAction extends InvisibleAction implements ProminentProjectAction {
+
+        private String allocation;
+
+        public MyProminentProjectAction() {
+            StringWriter sw = new StringWriter();
+            PrintWriter pw = new PrintWriter(sw);
+            new Exception("MyProminentProjectAction allocated at: ").printStackTrace(pw);
+            allocation = sw.toString();
+        }
+
+        public String toString() {
+            return allocation;
+        }
+    }
 
 }
-- 
GitLab


From 013213c56a7a38ea2f7edda3cf2cb5affa641222 Mon Sep 17 00:00:00 2001
From: Devin Nusbaum <d.w.nusbaum@gmail.com>
Date: Tue, 22 May 2018 10:50:40 -0400
Subject: [PATCH 486/863] [JENKINS-51483] Remove erroneous entry in
 split-plugin-cycles.txt

(cherry picked from commit 7bef2e44aef54bc76235fee4970a52f6f0456f49)
---
 core/src/main/resources/jenkins/split-plugin-cycles.txt | 2 --
 1 file changed, 2 deletions(-)

diff --git a/core/src/main/resources/jenkins/split-plugin-cycles.txt b/core/src/main/resources/jenkins/split-plugin-cycles.txt
index cfa589d969..8c7871ef91 100644
--- a/core/src/main/resources/jenkins/split-plugin-cycles.txt
+++ b/core/src/main/resources/jenkins/split-plugin-cycles.txt
@@ -10,5 +10,3 @@ script-security command-launcher
 script-security matrix-auth
 script-security matrix-project
 script-security windows-slaves
-
-apache-httpcomponents-client-4-api jdk-tool
-- 
GitLab


From b21b0c061f540c43f3d06d3bdf0fb6aaf52bffc0 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sat, 2 Jun 2018 09:28:36 +0200
Subject: [PATCH 487/863] [JENKINS-51355] - Print stacktraces to logs at FINE+
 level when rejecting classes in ClassFilterImpl (#3447)

* [JENKINS-51355] - Print stacktraces to logs when rejecting classes in ClassFilterImpl

* [JENKINS-51355] - Address leftover message noticed by @dwnusbaum

* [JENKINS-51355] - Switch the logging level to FINE

(cherry picked from commit 320fc6e2b2894b531953f4ee3694c4a89ad5d5f8)
---
 .../jenkins/security/ClassFilterImpl.java     | 31 ++++++++++++++++---
 1 file changed, 26 insertions(+), 5 deletions(-)

diff --git a/core/src/main/java/jenkins/security/ClassFilterImpl.java b/core/src/main/java/jenkins/security/ClassFilterImpl.java
index df179e7258..6d49d53f46 100644
--- a/core/src/main/java/jenkins/security/ClassFilterImpl.java
+++ b/core/src/main/java/jenkins/security/ClassFilterImpl.java
@@ -172,10 +172,13 @@ public class ClassFilterImpl extends ClassFilter {
                 return false;
             }
             if (SUPPRESS_WHITELIST || SUPPRESS_ALL) {
-                LOGGER.log(Level.WARNING, "{0} in {1} might be dangerous, so would normally be rejected; see https://jenkins.io/redirect/class-filter/", new Object[] {name, location != null ? location : "JRE"});
+                notifyRejected(_c, null,
+                        String.format("%s in %s might be dangerous, so would normally be rejected; see https://jenkins.io/redirect/class-filter/", name, location != null ?location : "JRE"));
+
                 return false;
             }
-            LOGGER.log(Level.WARNING, "{0} in {1} might be dangerous, so rejecting; see https://jenkins.io/redirect/class-filter/", new Object[] {name, location != null ? location : "JRE"});
+            notifyRejected(_c, null,
+                    String.format("%s in %s might be dangerous, so rejecting; see https://jenkins.io/redirect/class-filter/", name, location != null ?location : "JRE"));
             return true;
         });
     }
@@ -295,21 +298,39 @@ public class ClassFilterImpl extends ClassFilter {
         for (CustomClassFilter f : ExtensionList.lookup(CustomClassFilter.class)) {
             Boolean r = f.permits(name);
             if (r != null) {
-                LOGGER.log(Level.FINER, "{0} specifies a policy for {1}: {2}", new Object[] {f, name, r});
+                if (r) {
+                    LOGGER.log(Level.FINER, "{0} specifies a policy for {1}: {2}", new Object[] {f, name, r});
+                } else {
+                    notifyRejected(null, name,
+                            String.format("%s specifies a policy for %s: %s", f, name, r));
+                }
+
                 return !r;
             }
         }
         // could apply a cache if the pattern search turns out to be slow
         if (ClassFilter.STANDARD.isBlacklisted(name)) {
             if (SUPPRESS_ALL) {
-                LOGGER.log(Level.WARNING, "would normally reject {0} according to standard blacklist; see https://jenkins.io/redirect/class-filter/", name);
+                notifyRejected(null, name,
+                        String.format("would normally reject %s according to standard blacklist; see https://jenkins.io/redirect/class-filter/", name));
                 return false;
             }
-            LOGGER.log(Level.WARNING, "rejecting {0} according to standard blacklist; see https://jenkins.io/redirect/class-filter/", name);
+            notifyRejected(null, name,
+                    String.format("rejecting %s according to standard blacklist; see https://jenkins.io/redirect/class-filter/", name));
             return true;
         } else {
             return false;
         }
     }
 
+    private void notifyRejected(@CheckForNull Class<?> clazz, @CheckForNull String clazzName, String message) {
+        Throwable cause = null;
+        if (LOGGER.isLoggable(Level.FINE)) {
+            cause = new SecurityException("Class rejected by the class filter: " +
+                    (clazz != null ? clazz.getName() : clazzName));
+        }
+        LOGGER.log(Level.WARNING, message, cause);
+
+        // TODO: Integrate with Telemetry API (JEP-304) once it is available in the core
+    }
 }
-- 
GitLab


From 8ade79859ef23ce12a2ceb4ebbf449df8761c626 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Fri, 1 Jun 2018 12:59:01 -0400
Subject: [PATCH 488/863] [JENKINS-50217] Defend against buggy
 ComputerListener.onConfigurationChange implementations.

(cherry picked from commit c8b2f52895dad7fbc0e5aeaadbaa7f3ff2d4bdee)
---
 core/src/main/java/hudson/model/AbstractCIBase.java | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/model/AbstractCIBase.java b/core/src/main/java/hudson/model/AbstractCIBase.java
index 1b79051178..d82afd6488 100644
--- a/core/src/main/java/hudson/model/AbstractCIBase.java
+++ b/core/src/main/java/hudson/model/AbstractCIBase.java
@@ -227,8 +227,13 @@ public abstract class AbstractCIBase extends Node implements ItemGroup<TopLevelI
             killComputer(c);
         }
         getQueue().scheduleMaintenance();
-        for (ComputerListener cl : ComputerListener.all())
-            cl.onConfigurationChange();
+        for (ComputerListener cl : ComputerListener.all()) {
+            try {
+                cl.onConfigurationChange();
+            } catch (Throwable t) {
+                LOGGER.log(Level.WARNING, null, t);
+            }
+        }
     }
 
 }
-- 
GitLab


From 3e3a4136038812671f45bf92f79e8ce7ad9b2362 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sat, 2 Jun 2018 18:27:19 +0200
Subject: [PATCH 489/863] Merge pull request #3466 from GLundh/runparamfix

[JENKINS-51650] RunParameterDefinition.copyWithDefaultValue() used wrong constructor

(cherry picked from commit 88271739a25e35c4bb250c87efba5009eb6f253c)
---
 core/src/main/java/hudson/model/RunParameterDefinition.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/model/RunParameterDefinition.java b/core/src/main/java/hudson/model/RunParameterDefinition.java
index da1e7865e6..8f725193f2 100644
--- a/core/src/main/java/hudson/model/RunParameterDefinition.java
+++ b/core/src/main/java/hudson/model/RunParameterDefinition.java
@@ -92,7 +92,7 @@ public class RunParameterDefinition extends SimpleParameterDefinition {
     public ParameterDefinition copyWithDefaultValue(ParameterValue defaultValue) {
         if (defaultValue instanceof RunParameterValue) {
             RunParameterValue value = (RunParameterValue) defaultValue;
-            return new RunParameterDefinition(getName(), value.getRunId(), getDescription(), getFilter());
+            return new RunParameterDefinition(getName(), getProjectName(), value.getRunId(), getDescription(), getFilter());
         } else {
             return this;
         }
-- 
GitLab


From 527141e5e8dafe09e4d1c68f10f582243c53c456 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20Gond=C5=BEa?= <ogondza@gmail.com>
Date: Tue, 29 May 2018 17:58:06 +0200
Subject: [PATCH 490/863] [JENKINS-20272] - Disconnected nodes should not be
 disconnected repeatedly (#3453)

* [JENKINS-20272] Reproduce in test

* [FIX JENKINS-20272] Do not disconnect skipped computers

* [JENKINS-20272] Clean the API a bit

(cherry picked from commit 8872b44cc8823c2106dfc5ba9a344fd1d82e4823)
---
 .../AbstractAsyncNodeMonitorDescriptor.java   | 62 ++++++++++++++++++-
 .../node_monitors/ResponseTimeMonitor.java    | 16 +++--
 .../ResponseTimeMonitorTest.java              | 23 +++++++
 3 files changed, 94 insertions(+), 7 deletions(-)

diff --git a/core/src/main/java/hudson/node_monitors/AbstractAsyncNodeMonitorDescriptor.java b/core/src/main/java/hudson/node_monitors/AbstractAsyncNodeMonitorDescriptor.java
index 8621f37ceb..05eed5fc24 100644
--- a/core/src/main/java/hudson/node_monitors/AbstractAsyncNodeMonitorDescriptor.java
+++ b/core/src/main/java/hudson/node_monitors/AbstractAsyncNodeMonitorDescriptor.java
@@ -6,10 +6,16 @@ import hudson.remoting.VirtualChannel;
 import jenkins.model.Jenkins;
 
 import javax.annotation.CheckForNull;
+import javax.annotation.Nonnull;
 import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Collection;
 import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
 import java.util.Map;
 import java.util.Map.Entry;
+import java.util.Set;
 import java.util.concurrent.ExecutionException;
 import java.util.concurrent.Future;
 import java.util.concurrent.TimeoutException;
@@ -60,10 +66,22 @@ public abstract class AbstractAsyncNodeMonitorDescriptor<T> extends AbstractNode
 
     /**
      * Performs all monitoring concurrently.
+     *
+     * @return Mapping from computer to monitored value. The map values can be null for several reasons, see {@link Result}
+     * for more details.
      */
     @Override
     protected Map<Computer, T> monitor() throws InterruptedException {
+        // Bridge method to offer original constrained interface.
+        return monitorDetailed().getMonitoringData();
+    }
+
+    /**
+     * Perform monitoring with detailed reporting.
+     */
+    protected final @Nonnull Result<T> monitorDetailed() throws InterruptedException {
         Map<Computer,Future<T>> futures = new HashMap<Computer,Future<T>>();
+        Set<Computer> skipped = new HashSet<>();
 
         for (Computer c : Jenkins.getInstance().getComputers()) {
             try {
@@ -101,11 +119,53 @@ public abstract class AbstractAsyncNodeMonitorDescriptor<T> extends AbstractNode
                 } catch (TimeoutException x) {
                     LOGGER.log(WARNING, "Failed to monitor " + c.getDisplayName() + " for " + getDisplayName(), x);
                 }
+            } else {
+                skipped.add(c);
             }
         }
 
-        return data;
+        return new Result<>(data, skipped);
     }
 
     private static final Logger LOGGER = Logger.getLogger(AbstractAsyncNodeMonitorDescriptor.class.getName());
+
+    /**
+     * Result object for {@link AbstractAsyncNodeMonitorDescriptor#monitorDetailed()} to facilitate extending information
+     * returned in the future.
+     *
+     * The {@link #getMonitoringData()} provides the results of the monitoring as {@link #monitor()} does. Note the value
+     * in the map can be <tt>null</tt> for several reasons:
+     * <ul>
+     *     <li>The monitoring {@link Callable} returned <tt>null</tt> as a provisioning result.</li>
+     *     <li>Creating or evaluating that callable has thrown an exception.</li>
+     *     <li>The computer was not monitored as it was offline.</li>
+     *     <li>The {@link AbstractAsyncNodeMonitorDescriptor#createCallable} has returned null.</li>
+     * </ul>
+     *
+     * Clients can distinguishing among these states based on the additional data attached to this object. {@link #getSkipped()}
+     * returns computers that was not monitored as they ware either offline or monitor produced <tt>null</tt> {@link Callable}.
+     */
+    protected static final class Result<T> {
+        private static final long serialVersionUID = -7671448355804481216L;
+
+        private final @Nonnull Map<Computer, T> data;
+        private final @Nonnull ArrayList<Computer> skipped;
+
+        private Result(@Nonnull Map<Computer, T> data, @Nonnull Collection<Computer> skipped) {
+            this.data = new HashMap<>(data);
+            this.skipped = new ArrayList<>(skipped);
+        }
+
+        protected @Nonnull Map<Computer, T> getMonitoringData() {
+            return data;
+        }
+
+        /**
+         * Computers that ware skipped during monitoring as they either do not have a a channel (offline) or the monitor
+         * have not produced the Callable. Computers that caused monitor to throw exception are not returned here.
+         */
+        protected @Nonnull List<Computer> getSkipped() {
+            return skipped;
+        }
+    }
 }
diff --git a/core/src/main/java/hudson/node_monitors/ResponseTimeMonitor.java b/core/src/main/java/hudson/node_monitors/ResponseTimeMonitor.java
index d7241e9eff..9f77f9bb77 100644
--- a/core/src/main/java/hudson/node_monitors/ResponseTimeMonitor.java
+++ b/core/src/main/java/hudson/node_monitors/ResponseTimeMonitor.java
@@ -46,20 +46,24 @@ import org.kohsuke.stapler.export.ExportedBean;
 public class ResponseTimeMonitor extends NodeMonitor {
     @Extension
     public static final AbstractNodeMonitorDescriptor<Data> DESCRIPTOR = new AbstractAsyncNodeMonitorDescriptor<Data>() {
+
         @Override
         protected Callable<Data,IOException> createCallable(Computer c) {
-            if (c.getChannel() == null) {
-                return null;
-            }
             return new Step1(get(c));
         }
 
         @Override
         protected Map<Computer, Data> monitor() throws InterruptedException {
-            Map<Computer, Data> base = super.monitor();
-            for (Entry<Computer, Data> e : base.entrySet()) {
+            Result<Data> base = monitorDetailed();
+            Map<Computer, Data> monitoringData = base.getMonitoringData();
+            for (Entry<Computer, Data> e : monitoringData.entrySet()) {
                 Computer c = e.getKey();
                 Data d = e.getValue();
+                if (base.getSkipped().contains(c)) {
+                    assert d == null;
+                    continue;
+                }
+
                 if (d ==null) {
                     // if we failed to monitor, put in the special value that indicates a failure
                     e.setValue(d=new Data(get(c),-1L));
@@ -74,7 +78,7 @@ public class ResponseTimeMonitor extends NodeMonitor {
                     LOGGER.warning(Messages.ResponseTimeMonitor_MarkedOffline(c.getName()));
                 }
             }
-            return base;
+            return monitoringData;
         }
 
         public String getDisplayName() {
diff --git a/test/src/test/java/hudson/node_monitors/ResponseTimeMonitorTest.java b/test/src/test/java/hudson/node_monitors/ResponseTimeMonitorTest.java
index 8bd2c5640a..136e42b09c 100644
--- a/test/src/test/java/hudson/node_monitors/ResponseTimeMonitorTest.java
+++ b/test/src/test/java/hudson/node_monitors/ResponseTimeMonitorTest.java
@@ -1,14 +1,22 @@
 package hudson.node_monitors;
 
+import hudson.model.Computer;
+import hudson.model.ComputerSet;
+import hudson.model.Node;
 import hudson.model.User;
 import hudson.slaves.DumbSlave;
+import hudson.slaves.JNLPLauncher;
 import hudson.slaves.OfflineCause;
+import hudson.slaves.RetentionStrategy;
 import hudson.slaves.SlaveComputer;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
 import org.jvnet.hudson.test.JenkinsRule;
 
+import java.util.Collections;
+
+import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertNull;
 
@@ -45,4 +53,19 @@ public class ResponseTimeMonitorTest {
         assertNotNull(ResponseTimeMonitor.DESCRIPTOR.monitor(c));
     }
 
+    @Test
+    public void doNotDisconnectBeforeLaunched() throws Exception {
+        DumbSlave slave = new DumbSlave("dummy", "dummy", j.createTmpDir().getPath(), "1", Node.Mode.NORMAL, "", new JNLPLauncher(), RetentionStrategy.NOOP, Collections.EMPTY_LIST);
+        j.jenkins.addNode(slave);
+        Computer c = slave.toComputer();
+        assertNotNull(c);
+        OfflineCause originalOfflineCause = c.getOfflineCause();
+
+        ResponseTimeMonitor rtm = ComputerSet.getMonitors().get(ResponseTimeMonitor.class);
+        for (int i = 0; i < 10; i++) {
+            rtm.triggerUpdate().join();
+            System.out.println(rtm.getDescriptor().get(c));
+            assertEquals(originalOfflineCause, c.getOfflineCause());
+        }
+    }
 }
-- 
GitLab


From 162ed7e5377437ead0b37e37f7bb3dd80a419545 Mon Sep 17 00:00:00 2001
From: Vincent Latombe <vincent@latombe.net>
Date: Fri, 1 Jun 2018 20:00:57 +0200
Subject: [PATCH 491/863] =?UTF-8?q?[JENKINS-14632]=20Use=20a=20more=20spec?=
 =?UTF-8?q?ific=20selector=20so=20we=20don't=20risk=20matchin=E2=80=A6=20(?=
 =?UTF-8?q?#3467)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* [JENKINS-14632] Use a more specific selector so we don't risk matching an element we are not expecting

* [JENKINS-14632] Annotate test with issue number

(cherry picked from commit 7619aeda1ab4b9d63f73f4548d181882b622c063)
---
 .../resources/lib/form/advanced/advanced.js   |  4 ++--
 .../java/lib/form/AdvancedButtonTest.java     | 12 ++++++++++-
 .../testSectionInsideOfAdvanced.jelly         | 20 +++++++++++++++++++
 3 files changed, 33 insertions(+), 3 deletions(-)
 create mode 100644 test/src/test/resources/lib/form/AdvancedButtonTest/testSectionInsideOfAdvanced.jelly

diff --git a/core/src/main/resources/lib/form/advanced/advanced.js b/core/src/main/resources/lib/form/advanced/advanced.js
index f316c139f5..b93093bb7b 100644
--- a/core/src/main/resources/lib/form/advanced/advanced.js
+++ b/core/src/main/resources/lib/form/advanced/advanced.js
@@ -3,7 +3,7 @@ Behaviour.specify("INPUT.advanced-button", 'advanced', 0, function(e) {
             var link = $(e.target).up(".advancedLink");
             link.style.display = "none"; // hide the button
 
-            var container = link.next().down(); // TABLE -> TBODY
+            var container = link.next("table.advancedBody").down(); // TABLE -> TBODY
 
             var tr = link.up("TR");
 
@@ -25,4 +25,4 @@ Behaviour.specify("INPUT.advanced-button", 'advanced', 0, function(e) {
             layoutUpdateCallback.call();
         });
         e = null; // avoid memory leak
-});
\ No newline at end of file
+});
diff --git a/test/src/test/java/lib/form/AdvancedButtonTest.java b/test/src/test/java/lib/form/AdvancedButtonTest.java
index e96c2c61b6..55bc1c7bfd 100644
--- a/test/src/test/java/lib/form/AdvancedButtonTest.java
+++ b/test/src/test/java/lib/form/AdvancedButtonTest.java
@@ -6,6 +6,7 @@ import com.gargoylesoftware.htmlunit.html.HtmlPage;
 import hudson.util.FormValidation;
 import net.sf.json.JSONObject;
 import org.jvnet.hudson.test.HudsonTestCase;
+import org.jvnet.hudson.test.Issue;
 import org.kohsuke.stapler.StaplerRequest;
 
 
@@ -32,4 +33,13 @@ public class AdvancedButtonTest extends HudsonTestCase {
         assertEquals("dvalue",c.getString("d"));
         return FormValidation.ok();
     }
-}
\ No newline at end of file
+
+    @Issue("JENKINS-14632")
+    public void testSectionInsideOfAdvanced() throws Exception {
+        HtmlPage p = createWebClient().goTo("self/testSectionInsideOfAdvanced");
+        HtmlForm f = p.getFormByName("config");
+        assertFalse(f.getInputByName("b").isDisplayed());
+        HtmlFormUtil.getButtonByCaption(f, "Advanced...").click();
+        assertTrue(f.getInputByName("b").isDisplayed());
+    }
+}
diff --git a/test/src/test/resources/lib/form/AdvancedButtonTest/testSectionInsideOfAdvanced.jelly b/test/src/test/resources/lib/form/AdvancedButtonTest/testSectionInsideOfAdvanced.jelly
new file mode 100644
index 0000000000..3bdd7801b6
--- /dev/null
+++ b/test/src/test/resources/lib/form/AdvancedButtonTest/testSectionInsideOfAdvanced.jelly
@@ -0,0 +1,20 @@
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
+<l:layout title="Testing the effect of validateButton">
+  <l:main-panel>
+    <f:form method="post" name="config" action="">
+      <f:entry title="a">
+        <f:textbox name="a" value="avalue" />
+      </f:entry>
+      <f:advanced>
+        <f:section title="foo">
+          <f:entry title="b">
+            <f:textbox name="b" value="bvalue" />
+          </f:entry>
+        </f:section>
+      </f:advanced>
+      <f:submit value="submit" />
+    </f:form>
+  </l:main-panel>
+</l:layout>
+</j:jelly>
-- 
GitLab


From d33305744275717f928e834ab97c343d8a442edf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20Gond=C5=BEa?= <ogondza@gmail.com>
Date: Fri, 1 Jun 2018 20:04:22 +0200
Subject: [PATCH 492/863] [FIX JENKINS-51082] Avoid attaching calling
 stacktrace as that is done by Channel already (#3417)

(cherry picked from commit 0e5fc86f4f724fe4740e8680dd3454dada717155)
---
 core/src/main/java/hudson/FilePath.java | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/core/src/main/java/hudson/FilePath.java b/core/src/main/java/hudson/FilePath.java
index 790f290e4c..aeb0c08c57 100644
--- a/core/src/main/java/hudson/FilePath.java
+++ b/core/src/main/java/hudson/FilePath.java
@@ -1036,11 +1036,6 @@ public final class FilePath implements Serializable {
                 return channel.call(wrapper);
             } catch (TunneledInterruptedException e) {
                 throw (InterruptedException)new InterruptedException(e.getMessage()).initCause(e);
-            } catch (AbortException e) {
-                throw e;    // pass through so that the caller can catch it as AbortException
-            } catch (IOException e) {
-                // wrap it into a new IOException so that we get the caller's stack trace as well.
-                throw new IOException("remote file operation failed: " + remote + " at " + channel + ": " + e, e);
             }
         } else {
             // the file is on the local machine.
-- 
GitLab


From 51ca14677a460c62c1ddb8a87a556d6cb98aeb81 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Reinhold=20F=C3=BCreder?= <reinholdfuereder@gmx.at>
Date: Sat, 26 May 2018 13:38:58 +0200
Subject: [PATCH 493/863] [JENKINS-27329] Less aggressive
 WorkspaceCleanupThread (#3444)

* JENKINS-27329 Less aggressive WorkspaceCleanupThread

I dare to claim that the default behaviour of WorkspaceCleanupThread is too aggressive => this little change is by no means perfect (or admittedly even far from perfect), but IMHO a saner or slightly more defensive default behaviour.

Mind that according to https://github.com/jenkinsci/jenkins/blob/9e64bcdcb4a2cf12d59dfa334e09ffb448d361e9/core/src/main/java/hudson/model/Job.java#L301 this "only" checks whether or not the last build of a job is in progress, while the JavaDoc says "Returns true if a build of this project is in progress." (cf. http://javadoc.jenkins-ci.org/hudson/model/Job.html#isBuilding--)

* Fix compilation

* Dummy commit to trigger pipeline

Previous pipeline execution (https://ci.jenkins.io/blue/organizations/jenkins/Core%2Fjenkins/detail/PR-3444/2/tests) failed with one failing test that at first glance appears to be unrelated with my change(s) and looks like a flaky test?

* Add fine logging message

(cherry picked from commit f258aff7a736a81306ecb7d3c56cacc9b3a09a68)
---
 .../main/java/hudson/model/WorkspaceCleanupThread.java   | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/core/src/main/java/hudson/model/WorkspaceCleanupThread.java b/core/src/main/java/hudson/model/WorkspaceCleanupThread.java
index 0a01a5f28f..8c55c2bc4d 100644
--- a/core/src/main/java/hudson/model/WorkspaceCleanupThread.java
+++ b/core/src/main/java/hudson/model/WorkspaceCleanupThread.java
@@ -139,6 +139,15 @@ public class WorkspaceCleanupThread extends AsyncPeriodicWork {
             }
         }
 
+        // TODO this may only check the last build in fact:
+        if (item instanceof Job<?,?>) {
+            Job<?,?> j = (Job<?,?>) item;
+            if (j.isBuilding()) {
+                LOGGER.log(Level.FINE, "Job {0} is building, so not deleting", item.getFullDisplayName());
+                return false;
+            }
+        }
+
         LOGGER.log(Level.FINER, "Going to delete directory {0}", dir);
         return true;
     }
-- 
GitLab


From c845fd86e05faa69baef9911d0337f640bd2175e Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Tue, 15 May 2018 11:56:13 +0200
Subject: [PATCH 494/863] Merge pull request #3439 from
 oleg-nenashev/bug/JENKINS-51179

[JENKINS-51179] - Provide diagnostics when loading corrupted fingerprint files

(cherry picked from commit 9e64bcdcb4a2cf12d59dfa334e09ffb448d361e9)
---
 .../main/java/hudson/model/Fingerprint.java    |  7 ++++++-
 .../java/hudson/model/FingerprintTest.java     | 18 ++++++++++++++++++
 2 files changed, 24 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/model/Fingerprint.java b/core/src/main/java/hudson/model/Fingerprint.java
index 2e0a7ce166..cb130e2c61 100644
--- a/core/src/main/java/hudson/model/Fingerprint.java
+++ b/core/src/main/java/hudson/model/Fingerprint.java
@@ -1366,7 +1366,12 @@ public class Fingerprint implements ModelObject, Saveable {
             start = System.currentTimeMillis();
 
         try {
-            Fingerprint f = (Fingerprint) configFile.read();
+            Object loaded = configFile.read();
+            if (!(loaded instanceof Fingerprint)) {
+                throw new IOException("Unexpected Fingerprint type. Expected " + Fingerprint.class + " or subclass but got "
+                        + (loaded != null ? loaded.getClass() : "null"));
+            }
+            Fingerprint f = (Fingerprint) loaded;
             if(logger.isLoggable(Level.FINE))
                 logger.fine("Loading fingerprint "+file+" took "+(System.currentTimeMillis()-start)+"ms");
             if (f.facets==null)
diff --git a/test/src/test/java/hudson/model/FingerprintTest.java b/test/src/test/java/hudson/model/FingerprintTest.java
index 1aa139db49..ff5214063f 100644
--- a/test/src/test/java/hudson/model/FingerprintTest.java
+++ b/test/src/test/java/hudson/model/FingerprintTest.java
@@ -23,6 +23,7 @@
  */
 package hudson.model;
 
+import hudson.XmlFile;
 import hudson.security.ACL;
 import hudson.security.ACLContext;
 import hudson.security.AuthorizationMatrixProperty;
@@ -30,6 +31,8 @@ import hudson.security.Permission;
 import hudson.security.ProjectMatrixAuthorizationStrategy;
 import hudson.tasks.ArtifactArchiver;
 import hudson.tasks.Fingerprinter;
+
+import java.io.File;
 import java.io.IOException;
 import java.util.Arrays;
 import java.util.HashMap;
@@ -50,6 +53,7 @@ import org.jvnet.hudson.test.MockFolder;
 import org.jvnet.hudson.test.SecuredMockFolder;
 import org.jvnet.hudson.test.WorkspaceCopyFileBuilder;
 
+import static org.hamcrest.Matchers.containsString;
 import static org.junit.Assert.*;
 import static org.hamcrest.Matchers.notNullValue;
 import static org.hamcrest.Matchers.nullValue;
@@ -115,6 +119,20 @@ public class FingerprintTest {
         assertTrue("Usages do not have a reference to " + project, usages.containsKey(project.getName()));
         assertTrue("Usages do not have a reference to " + project2, usages.containsKey(project2.getName()));       
     }
+
+    @Test
+    @Issue("JENKINS-51179")
+    public void shouldThrowIOExceptionWhenFileIsInvalid() throws Exception {
+        XmlFile f = new XmlFile(new File(rule.jenkins.getRootDir(), "foo.xml"));
+        f.write("Hello, world!");
+        try {
+            Fingerprint.load(f.getFile());
+        } catch (IOException ex) {
+            assertThat(ex.getMessage(), containsString("Unexpected Fingerprint type"));
+            return;
+        }
+        fail("Expected IOException");
+    }
     
     @Test
     @Issue("SECURITY-153")
-- 
GitLab


From c209e642dfb20aaabe4426a7d1d8a42c7ccb64f9 Mon Sep 17 00:00:00 2001
From: Nicolas De loof <nicolas.deloof@gmail.com>
Date: Mon, 4 Jun 2018 16:13:04 +0200
Subject: [PATCH 495/863] use "agent" as canonical symbol for dumbslave

@Symbol first value is the canonical one as identifier (see javadoc https://github.com/jenkinsci/structs-plugin/blob/master/annotation/src/main/java/org/jenkinsci/Symbol.java#L33)
---
 core/src/main/java/hudson/slaves/DumbSlave.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/slaves/DumbSlave.java b/core/src/main/java/hudson/slaves/DumbSlave.java
index 3ead036d65..9fdb7ca1b6 100644
--- a/core/src/main/java/hudson/slaves/DumbSlave.java
+++ b/core/src/main/java/hudson/slaves/DumbSlave.java
@@ -65,8 +65,8 @@ public final class DumbSlave extends Slave {
         super(name, remoteFS, launcher);
     }
 
-    @Extension @Symbol({"dumb",
-            "slave", "agent" /*because this is in effect the canonical slave type*/})
+    @Extension @Symbol({"agent" /*because this is in effect the canonical slave type*/, 
+            "dumb", "slave"})
     public static final class DescriptorImpl extends SlaveDescriptor {
         public String getDisplayName() {
             return Messages.DumbSlave_displayName();
-- 
GitLab


From 9e282dcf38fa895e74c667e436cc3e72e52f9084 Mon Sep 17 00:00:00 2001
From: Nicolas De loof <nicolas.deloof@gmail.com>
Date: Wed, 6 Jun 2018 09:01:44 +0200
Subject: [PATCH 496/863] Use "permanent" as canonical symbol

This better reflect the web UI display name "Permanent Agent" for this Agent flavour
https://github.com/ndeloof/jenkins/blob/agent/core/src/main/resources/hudson/slaves/Messages.properties#L32
---
 core/src/main/java/hudson/slaves/DumbSlave.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/slaves/DumbSlave.java b/core/src/main/java/hudson/slaves/DumbSlave.java
index 9fdb7ca1b6..8142eb358f 100644
--- a/core/src/main/java/hudson/slaves/DumbSlave.java
+++ b/core/src/main/java/hudson/slaves/DumbSlave.java
@@ -65,7 +65,7 @@ public final class DumbSlave extends Slave {
         super(name, remoteFS, launcher);
     }
 
-    @Extension @Symbol({"agent" /*because this is in effect the canonical slave type*/, 
+    @Extension @Symbol({"permanent" /*because this is in effect the canonical slave type*/, 
             "dumb", "slave"})
     public static final class DescriptorImpl extends SlaveDescriptor {
         public String getDisplayName() {
-- 
GitLab


From 8a653f84283b1729d0ecd25138d472de83af1b6d Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Thu, 7 Jun 2018 12:33:02 -0700
Subject: [PATCH 497/863] [maven-release-plugin] prepare release
 jenkins-2.121.1

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 557be25357..6328892510 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.1-SNAPSHOT</version>
+    <version>2.121.1</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index de50185d24..7413237906 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.1-SNAPSHOT</version>
+    <version>2.121.1</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 4b1d35f45e..08a923f4b8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.121.1-SNAPSHOT</version>
+  <version>2.121.1</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.121.1</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index e3083a84aa..4e9299d360 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.1-SNAPSHOT</version>
+    <version>2.121.1</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index b00b967c9c..f83fd7f710 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.1-SNAPSHOT</version>
+    <version>2.121.1</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 29d20f8941964536a402d9f2abf116fc9f849c27 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Thu, 7 Jun 2018 12:33:02 -0700
Subject: [PATCH 498/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 6328892510..3cacbd08fe 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.1</version>
+    <version>2.121.2-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 7413237906..729a5ffe13 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.1</version>
+    <version>2.121.2-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 08a923f4b8..a4291c3f07 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.121.1</version>
+  <version>2.121.2-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.121.1</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4e9299d360..20b63c4c8b 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.1</version>
+    <version>2.121.2-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index f83fd7f710..d85e4a0392 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.1</version>
+    <version>2.121.2-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 39db0b4615c8a3a7f732a8eac6d6b14a79e71cfe Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Thu, 7 Jun 2018 12:39:23 -0700
Subject: [PATCH 499/863] mvn incrementals:reincrementalify

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 3cacbd08fe..3d32d9a4f7 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.2-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 729a5ffe13..91d8b7a889 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.2-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index a4291c3f07..aeba985b12 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.121.2-SNAPSHOT</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.120</revision>
+    <revision>2.121.2</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 20b63c4c8b..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.2-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index d85e4a0392..1af95e1d77 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.2-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 1859a55e73c8aca5eb067e25115741345fd9f9ba Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Fri, 8 Jun 2018 09:48:31 +0200
Subject: [PATCH 500/863] Address Jeff's rewording points - add tooltip on the
 success/warning icon in manage page

---
 .../ApiTokenProperty/help-tokenStore.html     |  6 +++++-
 .../manage.jelly                              |  8 ++++----
 .../manage.properties                         | 20 +++++++++++--------
 .../message.properties                        |  2 +-
 4 files changed, 22 insertions(+), 14 deletions(-)

diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/help-tokenStore.html b/core/src/main/resources/jenkins/security/ApiTokenProperty/help-tokenStore.html
index 5ad5670b81..f100c28c24 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/help-tokenStore.html
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/help-tokenStore.html
@@ -6,7 +6,11 @@
     Some good practices for keeping your API tokens secure are:
     <ul>
         <li>Use a different token for each application so that if an application is compromised you can revoke its token individually.</li>
-        <li>Regenerate the tokens every 6 months (depending on your context). We put an indicator concerning the age of the token.</li>
+        <li>Regenerate the tokens every 6 months (depending on your context). We display an indicator concerning the age of the token.</li>
         <li>Protect it like your password, as it allows other people to access Jenkins as you.</li>
     </ul>
+    <div class="warning">
+        The creation date of legacy tokens which have never been used are reset every time Jenkins is restarted,
+        which means that the date may be inaccurate.
+    </div>
 </div>
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
index 6deea7d789..d385f62d03 100644
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
@@ -105,20 +105,20 @@ THE SOFTWARE.
                                         <td>
                                             <j:choose>
                                                 <j:when test="${hasFreshToken}">
-                                                    <l:icon class="icon-accept icon-sm" alt="${%Fresh token}"/>
+                                                    <l:icon class="icon-accept icon-sm" alt="${%Fresh token}" tooltip="${%HasFreshToken_ok_tooltip}"/>
                                                 </j:when>
                                                 <j:otherwise>
-                                                    <l:icon class="icon-warning icon-sm" alt="${%No fresh token}"/>
+                                                    <l:icon class="icon-warning icon-sm" alt="${%No fresh token}" tooltip="${%HasFreshToken_warning_tooltip}"/>
                                                 </j:otherwise>
                                             </j:choose>
                                         </td>
                                         <td>
                                             <j:choose>
                                                 <j:when test="${hasMoreRecentlyUsedToken}">
-                                                    <l:icon class="icon-accept icon-sm" alt="${%Recently used token}"/>
+                                                    <l:icon class="icon-accept icon-sm" alt="${%Recently used token}" tooltip="${%HasMoreRecentlyUsedToken_ok_tooltip}"/>
                                                 </j:when>
                                                 <j:otherwise>
-                                                    <l:icon class="icon-warning icon-sm" alt="${%No recently used token}"/>
+                                                    <l:icon class="icon-warning icon-sm" alt="${%No recently used token}" tooltip="${%HasMoreRecentlyUsedToken_warning_tooltip}"/>
                                                 </j:otherwise>
                                             </j:choose>
                                         </td>
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
index 2f07d45c09..21dd3be692 100644
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
@@ -1,7 +1,7 @@
 title=Manage Legacy API Token usage
 contextMessage=The following users have a legacy API token. \
   Because legacy tokens are stored in a recoverable format, we recommend migrating to the new API token system. \
-  Additionally, in previous version of Jenkins, API tokens were automatically created for every new user. \
+  Additionally, in previous versions of Jenkins, API tokens were automatically created for every new user. \
   Often, users did not use the token, resulting in a larger attack surface than necessary. \
   Automatic token generation must now be enabled explicitly.
 recommendationMessage=For such reasons, we recommend to: \
@@ -16,18 +16,22 @@ NumDaysSinceCreation=Days since creation
 NumOfUse=# of use
 NumDaysSinceLastUse=Days since last use
 HasFreshToken=Fresh token?
-HasFreshToken_tooltip=A fresh token is one that was created using the new system\n\
-  after the most recent use of the user's legacy token. \n\n\
-  Note: the creation date of legacy tokens which have never been used are reset every time Jenkins is restarted, \n\
+HasFreshToken_tooltip=A fresh token is one that was created using the new system \
+  after the most recent use of the user''s legacy token. \n\
+  Note: the creation date of legacy tokens which have never been used are reset every time Jenkins is restarted, \
   which means that the date may be inaccurate.
+HasFreshToken_ok_tooltip=A fresh token exist for that user
+HasFreshToken_warning_tooltip=No fresh token exist for that user
 HasMoreRecentlyUsedToken=Recent token?
-HasMoreRecentlyUsedToken_tooltip=A recently used token is one that was created using the new system \n\
-  and used more recently than the user's legacy token. \n\n\
-  Note: the creation date of legacy tokens which have never been used are reset every time Jenkins is restarted, \n\
+HasMoreRecentlyUsedToken_tooltip=A recently used token is one that was created using the new system \
+  and used more recently than the user''s legacy token. \n\
+  Note: the creation date of legacy tokens which have never been used are reset every time Jenkins is restarted, \
   which means that the date may be inaccurate.
+HasMoreRecentlyUsedToken_ok_tooltip=A recent token exist for that user
+HasMoreRecentlyUsedToken_warning_tooltip=No recent token exist for that user
 NoImpactedUser=There are no users with a legacy token
 NoCreationDate=There is no creation date for that token
 NoLastUse=There is no last use date for that token
 RevokeAllSelected=Revoke the selected token(s)
 RevokeAllSelected_confirm=Are you sure about revoking all %num% selected token(s)
-RevokeAllSelected_nothing=No token is selected, please select at least one to revoke
\ No newline at end of file
+RevokeAllSelected_nothing=No token is selected, please select at least one to revoke
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message.properties b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message.properties
index 54ce453f9f..51f02b1be6 100644
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message.properties
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message.properties
@@ -1,3 +1,3 @@
-warningMessage=There are users that are still using a legacy API token. \
+warningMessage=There are users who are still using a legacy API token. \
   That system is not as secure as the new one because it stores the token in a recoverable manner on the disk. <br />\
   See <a href="{0}/{1}/manage">list of impacted users</a>.
-- 
GitLab


From 7438abb88fc7d9bbd5f2b265e8fb191179a3c553 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Thu, 7 Jun 2018 18:15:50 +0200
Subject: [PATCH 501/863] [JENKINS-51777] Don't let tar entries escape target
 dir

---
 core/src/main/java/hudson/FilePath.java | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/core/src/main/java/hudson/FilePath.java b/core/src/main/java/hudson/FilePath.java
index 790f290e4c..ef3763da08 100644
--- a/core/src/main/java/hudson/FilePath.java
+++ b/core/src/main/java/hudson/FilePath.java
@@ -2452,6 +2452,10 @@ public final class FilePath implements Serializable {
             TarArchiveEntry te;
             while ((te = t.getNextTarEntry()) != null) {
                 File f = new File(baseDir, te.getName());
+                if (!f.toPath().normalize().startsWith(baseDir.toPath())) {
+                    throw new IOException(
+                            "Tar " + name + " contains illegal file name that breaks out of the target directory: " + te.getName());
+                }
                 if (te.isDirectory()) {
                     mkdirs(f);
                 } else {
-- 
GitLab


From fb9f531a66ad22ad484fce30eeb3ad749724eb95 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Fri, 8 Jun 2018 17:51:02 +0200
Subject: [PATCH 502/863] Address Evaristo's comment on JS

---
 .../security/ApiTokenProperty/config.jelly    | 11 +++++-----
 .../security/ApiTokenProperty/resources.css   | 21 +++++++++++++++++++
 .../security/ApiTokenProperty/resources.js    | 10 ++++-----
 .../resources.js                              | 17 ++++++---------
 4 files changed, 37 insertions(+), 22 deletions(-)

diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
index 440d29eac1..d1cb2c203b 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
@@ -108,11 +108,10 @@ THE SOFTWARE.
                     <j:otherwise>
                         <div class="token-list-item token-list-new-item">
                             <input type="hidden" class="token-uuid-input" name="tokenUuid" value="${token.uuid}" />
-                            <f:textbox name="tokenName" clazz="token-name" placeholder="${%Default name}"
-                                       style="width: 40%; display: inline-block"/>
+                            <f:textbox name="tokenName" clazz="token-name" placeholder="${%Default name}"/>
                             <st:nbsp /><!-- without this non-breakable space, double click on the div will put the focus on the input -->
-                            <span class="new-token-value" style="width: 40%; margin-right: 2px; display: none"><!--will be filled by javascript--></span>
-                            <span class="yui-button token-save" style="vertical-align: baseline;">
+                            <span class="new-token-value"><!--will be filled by javascript--></span>
+                            <span class="yui-button token-save">
                                 <button type="button" tabindex="0" data-target-url="${descriptor.descriptorFullUrl}/generateNewToken" onclick="saveApiToken(this)">
                                     ${%GenerateNewToken}
                                 </button>
@@ -125,8 +124,8 @@ THE SOFTWARE.
                                data-target-url="${descriptor.descriptorFullUrl}/revoke">
                                 <l:icon class="icon-text-error icon-sm"/>
                             </a>
-                            <div class="error" style="margin-top: 5px; display: none;"><!-- filled in case of error --></div>
-                            <div class="warning display-after-generation" style="margin-top: 5px; display: none;">${%TokenDisplayedOnce}</div>
+                            <div class="error token-error-message"><!-- filled in case of error --></div>
+                            <div class="warning display-after-generation">${%TokenDisplayedOnce}</div>
                         </div>
                     </j:otherwise>
                 </j:choose>
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css
index 829f92e2f3..c0e3baeffe 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.css
@@ -106,6 +106,27 @@
     display: none;
     font-family: monospace;
     font-size: 14px;
+    margin-right: 2px; 
+}
+.token-list .token-list-new-item .new-token-value.visible{
+    display: inline-block;
+}
+.token-list .token-list-new-item .display-after-generation{
+    margin-top: 5px; 
+    display: none;
+}
+.token-list .token-list-new-item .display-after-generation.visible{
+    display: block;
+}
+.token-list .token-list-new-item .token-error-message{
+    margin-top: 5px; 
+    display: none;
+}
+.token-list .token-list-new-item .token-error-message.visible{
+    display: block;
+}
+.token-list .token-list-new-item .token-save{
+    vertical-align: baseline;
 }
 .token-list .repeated-chunk {
     border-width: 0;
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js
index 2964e8ff75..9c98ceb2c7 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/resources.js
@@ -71,12 +71,12 @@ function saveApiToken(button){
             var json = rsp.responseJSON;
             var errorSpan = repeatedChunk.querySelector('.error');
             if(json.status === 'error'){
-                errorSpan.style.display = 'block';
                 errorSpan.innerHTML = json.message;
+                errorSpan.addClassName('visible');
 
                 button.removeClassName('request-pending');
             }else{
-                errorSpan.style.display = 'none';
+                errorSpan.removeClassName('visible');
                 
                 var tokenName = json.data.tokenName;
                 // in case the name was empty, the application will propose a default one
@@ -85,15 +85,15 @@ function saveApiToken(button){
                 var tokenValue = json.data.tokenValue;
                 var tokenValueSpan = repeatedChunk.querySelector('.new-token-value');
                 tokenValueSpan.innerText = tokenValue;
-                tokenValueSpan.style.display = 'inline-block';
+                tokenValueSpan.addClassName('visible');
                 
                 var tokenUuid = json.data.tokenUuid;
                 var uuidInput = repeatedChunk.querySelector('[name="tokenUuid"]');
                 uuidInput.value = tokenUuid;
 
                 var warningMessage = repeatedChunk.querySelector('.display-after-generation');
-                warningMessage.style.display = 'block';
-                
+                warningMessage.addClassName('visible');
+
                 // we do not want to allow user to create twice a token using same name by mistake
                 button.remove();
                 
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/resources.js b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/resources.js
index 8286fd8dc7..ccdf4c9949 100644
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/resources.js
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/resources.js
@@ -47,27 +47,22 @@ function selectRecent(anchor){
 
 function checkTheDesiredOne(allCheckBoxes, concernedCheckBoxes){
     var mustCheck = false;
-    for(var i = 0; i < concernedCheckBoxes.length ; i++){
+    for(var i = 0; i < concernedCheckBoxes.length && !mustCheck ; i++){
         var checkBox = concernedCheckBoxes[i];
         if(!checkBox.checked){
             mustCheck = true;
         }
     }
     
-    for(var i = 0; i < allCheckBoxes.length ; i++){
-        var checkBox = allCheckBoxes[i];
+    allCheckBoxes.forEach(function(checkBox){
         checkBox.checked = false;
-    }
+    });
     
-    for(var i = 0; i < concernedCheckBoxes.length ; i++){
-        var checkBox = concernedCheckBoxes[i];
+    concernedCheckBoxes.forEach(function(checkBox){
         checkBox.checked = mustCheck;
-    }
+    });
     
-    for(var i = 0; i < allCheckBoxes.length ; i++){
-        var checkBox = allCheckBoxes[i];
-        onCheckChanged(checkBox);
-    }
+    allCheckBoxes.forEach(onCheckChanged);
 }
 
 function confirmAndRevokeAllSelected(button){
-- 
GitLab


From 64c4e124393ae5c65bc85d51314c525857161c71 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Fri, 8 Jun 2018 17:59:42 +0200
Subject: [PATCH 503/863] Address Daniel's comment

---
 core/src/main/java/hudson/model/User.java                   | 6 ++++++
 core/src/main/java/jenkins/install/UpgradeWizard.java       | 1 +
 core/src/main/java/jenkins/security/ApiTokenProperty.java   | 3 ++-
 .../main/java/jenkins/security/apitoken/ApiTokenStats.java  | 3 +++
 .../main/java/jenkins/security/apitoken/ApiTokenStore.java  | 3 +++
 5 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/model/User.java b/core/src/main/java/hudson/model/User.java
index 38029364ea..5d75c901fe 100644
--- a/core/src/main/java/hudson/model/User.java
+++ b/core/src/main/java/hudson/model/User.java
@@ -765,6 +765,12 @@ public class User extends AbstractModelObject implements AccessControlled, Descr
         return fullName;
     }
     
+    /**
+     * Returns the folder that store all the user information
+     * Useful for plugins to save a user-specific file aside the config.xml
+     * 
+     * @since TODO
+     */
     public File getUserFolder(){
         return getUserFolderFor(this.id);
     }
diff --git a/core/src/main/java/jenkins/install/UpgradeWizard.java b/core/src/main/java/jenkins/install/UpgradeWizard.java
index 09e0ea7d2d..57aef99ccd 100644
--- a/core/src/main/java/jenkins/install/UpgradeWizard.java
+++ b/core/src/main/java/jenkins/install/UpgradeWizard.java
@@ -80,6 +80,7 @@ public class UpgradeWizard extends InstallState {
         // and potentially the admin has re-enabled the features
         ApiTokenPropertyConfiguration apiTokenPropertyConfiguration = ApiTokenPropertyConfiguration.get();
         if(!apiTokenPropertyConfiguration.hasExistingConfigFile()){
+            LOGGER.log(Level.INFO, "New API token system configured with insecure options to keep legacy behavior");
             apiTokenPropertyConfiguration.setCreationOfLegacyTokenEnabled(false);
             apiTokenPropertyConfiguration.setTokenGenerationOnCreationEnabled(false);
         }
diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index 6f9e875180..3d828cc5e1 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -362,7 +362,8 @@ public class ApiTokenProperty extends UserProperty {
         public String getDisplayName() {
             return Messages.ApiTokenProperty_DisplayName();
         }
-        
+
+        @Restricted(NoExternalUse.class) // Jelly use
         public String getNoLegacyToken(){
             return Messages.ApiTokenProperty_NoLegacyToken();
         }
diff --git a/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
index c87652e985..bebf9db68d 100644
--- a/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
@@ -27,6 +27,8 @@ import hudson.BulkChange;
 import hudson.XmlFile;
 import hudson.model.Saveable;
 import hudson.model.listeners.SaveableListener;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
 
 import javax.annotation.Nonnull;
 import java.io.File;
@@ -43,6 +45,7 @@ import java.util.Optional;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
+@Restricted(NoExternalUse.class)
 public class ApiTokenStats implements Saveable {
     private static final Logger LOGGER = Logger.getLogger(ApiTokenStats.class.getName());
     
diff --git a/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
index 9aff609738..bf05aa8be3 100644
--- a/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
@@ -29,6 +29,8 @@ import hudson.util.Secret;
 import jenkins.security.Messages;
 import net.sf.json.JSONObject;
 import org.apache.commons.lang.StringUtils;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
 
 import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
@@ -53,6 +55,7 @@ import java.util.logging.Level;
 import java.util.logging.Logger;
 import java.util.stream.Collectors;
 
+@Restricted(NoExternalUse.class)
 public class ApiTokenStore {
     private static final Logger LOGGER = Logger.getLogger(ApiTokenStore.class.getName());
     private static final SecureRandom RANDOM = new SecureRandom();
-- 
GitLab


From fd7d1e383c5b157316e648f1b50bceb7d8130267 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Evaristo=20Gutie=CC=81rrez?= <egutierrez@cloudbees.com>
Date: Fri, 8 Jun 2018 18:06:14 +0200
Subject: [PATCH 504/863] [JENKINS-51816] Avoid the form to be sent when Enter
 is pressed.

---
 .../SetupWizard/setupWizardConfigureInstance.jelly    | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance.jelly b/core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance.jelly
index 0eb0679643..6db422d713 100644
--- a/core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance.jelly
+++ b/core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance.jelly
@@ -103,14 +103,21 @@ THE SOFTWARE.
             </table>
           </div>
          <script>
-            $('root-url').focus();
+            var rootUrlField = $('root-url');
+            
+            rootUrlField.focus();
+            rootUrlField.onkeydown = function(event) {
+                if (event.keyCode == 13){
+                    event.preventDefault();
+                }
+            };
+
             (function setInitialRootUrlFieldValue(){
               var iframeUrl = window.location.href;
               // will let the trailing slash in the rootUrl 
               var iframeRelativeUrl = 'setupWizard/setupWizardConfigureInstance';
               var rootUrl = iframeUrl.substr(0, iframeUrl.length - iframeRelativeUrl.length);
               // to keep only the root url
-              var rootUrlField = $('root-url');
               rootUrlField.value = rootUrl
               // to adjust the width of the input,
               rootUrlField.size = Math.min(50, rootUrl.length);
-- 
GitLab


From a846c366fe1569805548544118d65d908de5644a Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Fri, 8 Jun 2018 13:25:07 -0400
Subject: [PATCH 505/863] [JENKINS-51779] Avoid
 com.google.common.collect.Iterators.skip (#3481)

* [JENKINS-51779] Avoid com.google.common.collect.Iterators.skip.

* Reviewers preferred for the new method to be restricted for now.
---
 core/src/main/java/hudson/util/Iterators.java | 20 +++++++++++++
 core/src/main/java/hudson/util/RunList.java   |  2 +-
 .../jenkins/widgets/HistoryPageFilter.java    |  2 +-
 .../test/java/hudson/util/IteratorsTest.java  | 29 +++++++++++++++----
 4 files changed, 46 insertions(+), 7 deletions(-)

diff --git a/core/src/main/java/hudson/util/Iterators.java b/core/src/main/java/hudson/util/Iterators.java
index 74d82950dc..8d93d72262 100644
--- a/core/src/main/java/hudson/util/Iterators.java
+++ b/core/src/main/java/hudson/util/Iterators.java
@@ -23,6 +23,7 @@
  */
 package hudson.util;
 
+import com.google.common.annotations.Beta;
 import com.google.common.base.Predicates;
 import com.google.common.collect.ImmutableList;
 
@@ -35,6 +36,9 @@ import java.util.AbstractList;
 import java.util.Arrays;
 import java.util.Set;
 import java.util.HashSet;
+import javax.annotation.Nonnull;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
 
 /**
  * Varios {@link Iterator} implementations.
@@ -403,4 +407,20 @@ public class Iterators {
     public interface CountingPredicate<T> {
         boolean apply(int index, T input);
     }
+
+    /**
+     * Similar to {@link com.google.common.collect.Iterators#skip} except not {@link Beta}.
+     * @param iterator some iterator
+     * @param count a nonnegative count
+     */
+    @Restricted(NoExternalUse.class)
+    public static void skip(@Nonnull Iterator<?> iterator, int count) {
+        if (count < 0) {
+            throw new IllegalArgumentException();
+        }
+        while (iterator.hasNext() && count-- > 0) {
+            iterator.next();
+        }
+    }
+
 }
diff --git a/core/src/main/java/hudson/util/RunList.java b/core/src/main/java/hudson/util/RunList.java
index d9b8adb7dc..bdc9cb61f4 100644
--- a/core/src/main/java/hudson/util/RunList.java
+++ b/core/src/main/java/hudson/util/RunList.java
@@ -150,7 +150,7 @@ public class RunList<R extends Run> extends AbstractList<R> {
     public List<R> subList(int fromIndex, int toIndex) {
         List<R> r = new ArrayList<R>();
         Iterator<R> itr = iterator();
-        Iterators.skip(itr,fromIndex);
+        hudson.util.Iterators.skip(itr, fromIndex);
         for (int i=toIndex-fromIndex; i>0; i--) {
             r.add(itr.next());
         }
diff --git a/core/src/main/java/jenkins/widgets/HistoryPageFilter.java b/core/src/main/java/jenkins/widgets/HistoryPageFilter.java
index 269f5e44fc..521ace8b79 100644
--- a/core/src/main/java/jenkins/widgets/HistoryPageFilter.java
+++ b/core/src/main/java/jenkins/widgets/HistoryPageFilter.java
@@ -24,7 +24,6 @@
 package jenkins.widgets;
 
 import com.google.common.collect.Iterables;
-import com.google.common.collect.Iterators;
 import hudson.model.AbstractBuild;
 import hudson.model.Job;
 import hudson.model.ParameterValue;
@@ -32,6 +31,7 @@ import hudson.model.ParametersAction;
 import hudson.model.Queue;
 import hudson.model.Run;
 import hudson.search.UserSearchProperty;
+import hudson.util.Iterators;
 import hudson.widgets.HistoryWidget;
 
 import javax.annotation.Nonnull;
diff --git a/core/src/test/java/hudson/util/IteratorsTest.java b/core/src/test/java/hudson/util/IteratorsTest.java
index 679df76a65..4236ca359d 100644
--- a/core/src/test/java/hudson/util/IteratorsTest.java
+++ b/core/src/test/java/hudson/util/IteratorsTest.java
@@ -32,6 +32,7 @@ import java.util.Iterator;
 import java.util.List;
 
 import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
 
 /**
  * @author Kohsuke Kawaguchi
@@ -77,9 +78,27 @@ public class IteratorsTest {
         assertEquals("[]", com.google.common.collect.Iterators.toString(Iterators.limit(asList(1,2,4,6).iterator(), EVEN)));
     }
 
-    public static final CountingPredicate<Integer> EVEN = new CountingPredicate<Integer>() {
-        public boolean apply(int index, Integer input) {
-            return input % 2 == 0;
-        }
-    };
+    public static final CountingPredicate<Integer> EVEN = (index, input) -> input % 2 == 0;
+
+    @Issue("JENKINS-51779")
+    @Test
+    public void skip() {
+        List<Integer> lst = Iterators.sequence(1, 4);
+        Iterator<Integer> it = lst.iterator();
+        Iterators.skip(it, 0);
+        assertEquals("[1, 2, 3]", com.google.common.collect.Iterators.toString(it));
+        it = lst.iterator();
+        Iterators.skip(it, 1);
+        assertEquals("[2, 3]", com.google.common.collect.Iterators.toString(it));
+        it = lst.iterator();
+        Iterators.skip(it, 2);
+        assertEquals("[3]", com.google.common.collect.Iterators.toString(it));
+        it = lst.iterator();
+        Iterators.skip(it, 3);
+        assertEquals("[]", com.google.common.collect.Iterators.toString(it));
+        it = lst.iterator();
+        Iterators.skip(it, 4);
+        assertEquals("[]", com.google.common.collect.Iterators.toString(it));
+    }
+
 }
-- 
GitLab


From 8c1b8b8e144280f9645eaf761ed7f5e894ac7353 Mon Sep 17 00:00:00 2001
From: Vincent Latombe <vincent@latombe.net>
Date: Fri, 8 Jun 2018 19:30:12 +0200
Subject: [PATCH 506/863] [JENKINS-50336] Fix loading optional extensions after
 installing a missing dependency (#3370)

* [JENKINS-50336] Only keep extensions that could be loaded in memory

So that delta computations will re-attempt to load any extension that
previously failed or was skipped after a new plugin is installed.

After installing a plugin, need to refresh extensions in order to pick
up extensions that can be loaded thanks to this new plugin.

* [JENKINS-50336] @OptionalExtension annotated classes were not being picked up after dynamic load of variant

Recompute GuiceExtensionAnnotation list when refreshing extensions
---
 .../src/main/java/hudson/ExtensionFinder.java |  35 +++++++++++++-----
 core/src/main/java/hudson/PluginManager.java  |   6 +++
 .../test/java/hudson/PluginManagerTest.java   |  22 ++++++++++-
 .../test/resources/plugins/jenkins-50336.hpi  | Bin 0 -> 5058 bytes
 test/src/test/resources/plugins/variant.hpi   | Bin 0 -> 10027 bytes
 5 files changed, 51 insertions(+), 12 deletions(-)
 create mode 100644 test/src/test/resources/plugins/jenkins-50336.hpi
 create mode 100644 test/src/test/resources/plugins/variant.hpi

diff --git a/core/src/main/java/hudson/ExtensionFinder.java b/core/src/main/java/hudson/ExtensionFinder.java
index 6208f6cec8..5d7d13d8f4 100644
--- a/core/src/main/java/hudson/ExtensionFinder.java
+++ b/core/src/main/java/hudson/ExtensionFinder.java
@@ -254,12 +254,9 @@ public abstract class ExtensionFinder implements ExtensionPoint {
         private Map<Class<? extends Annotation>,GuiceExtensionAnnotation<?>> extensionAnnotations = Maps.newHashMap();
 
         public GuiceFinder() {
-            for (ExtensionComponent<GuiceExtensionAnnotation> ec : moduleFinder.find(GuiceExtensionAnnotation.class, Hudson.getInstance())) {
-                GuiceExtensionAnnotation gea = ec.getInstance();
-                extensionAnnotations.put(gea.annotationType,gea);
-            }
+            refreshExtensionAnnotations();
 
-            sezpozIndex = loadSezpozIndices(Jenkins.getInstance().getPluginManager().uberClassLoader);
+            SezpozModule extensions = new SezpozModule(loadSezpozIndices(Jenkins.getInstance().getPluginManager().uberClassLoader));
 
             List<Module> modules = new ArrayList<>();
             modules.add(new AbstractModule() {
@@ -270,7 +267,7 @@ public abstract class ExtensionFinder implements ExtensionPoint {
                     bind(PluginManager.class).toInstance(j.getPluginManager());
                 }
             });
-            modules.add(new SezpozModule(sezpozIndex));
+            modules.add(extensions);
 
             for (ExtensionComponent<Module> ec : moduleFinder.find(Module.class, Hudson.getInstance())) {
                 modules.add(ec.getInstance());
@@ -278,6 +275,7 @@ public abstract class ExtensionFinder implements ExtensionPoint {
 
             try {
                 container = Guice.createInjector(modules);
+                sezpozIndex = extensions.getLoadedIndex();
             } catch (Throwable e) {
                 LOGGER.log(Level.SEVERE, "Failed to create Guice container from all the plugins",e);
                 // failing to load all bindings are disastrous, so recover by creating minimum that works
@@ -293,6 +291,13 @@ public abstract class ExtensionFinder implements ExtensionPoint {
             });
         }
 
+        private void refreshExtensionAnnotations() {
+            for (ExtensionComponent<GuiceExtensionAnnotation> ec : moduleFinder.find(GuiceExtensionAnnotation.class, Hudson.getInstance())) {
+                GuiceExtensionAnnotation gea = ec.getInstance();
+                extensionAnnotations.put(gea.annotationType,gea);
+            }
+        }
+
         private ImmutableList<IndexItem<?, Object>> loadSezpozIndices(ClassLoader classLoader) {
             List<IndexItem<?,Object>> indices = Lists.newArrayList();
             for (GuiceExtensionAnnotation<?> gea : extensionAnnotations.values()) {
@@ -315,17 +320,17 @@ public abstract class ExtensionFinder implements ExtensionPoint {
          */
         @Override
         public synchronized ExtensionComponentSet refresh() throws ExtensionRefreshException {
+            refreshExtensionAnnotations();
             // figure out newly discovered sezpoz components
             List<IndexItem<?, Object>> delta = Lists.newArrayList();
             for (Class<? extends Annotation> annotationType : extensionAnnotations.keySet()) {
                 delta.addAll(Sezpoz.listDelta(annotationType,sezpozIndex));
             }
-            List<IndexItem<?, Object>> l = Lists.newArrayList(sezpozIndex);
-            l.addAll(delta);
-            sezpozIndex = l;
+
+            SezpozModule deltaExtensions = new SezpozModule(delta);
 
             List<Module> modules = new ArrayList<>();
-            modules.add(new SezpozModule(delta));
+            modules.add(deltaExtensions);
             for (ExtensionComponent<Module> ec : moduleFinder.refresh().find(Module.class)) {
                 modules.add(ec.getInstance());
             }
@@ -333,6 +338,9 @@ public abstract class ExtensionFinder implements ExtensionPoint {
             try {
                 final Injector child = container.createChildInjector(modules);
                 container = child;
+                List<IndexItem<?, Object>> l = Lists.newArrayList(sezpozIndex);
+                l.addAll(deltaExtensions.getLoadedIndex());
+                sezpozIndex = l;
 
                 return new ExtensionComponentSet() {
                     @Override
@@ -448,9 +456,11 @@ public abstract class ExtensionFinder implements ExtensionPoint {
          */
         private class SezpozModule extends AbstractModule {
             private final List<IndexItem<?,Object>> index;
+            private final List<IndexItem<?,Object>> loadedIndex;
 
             public SezpozModule(List<IndexItem<?,Object>> index) {
                 this.index = index;
+                this.loadedIndex = new ArrayList<>();
             }
 
             /**
@@ -527,6 +537,7 @@ public abstract class ExtensionFinder implements ExtensionPoint {
                                     }
                                 }).in(scope);
                         }
+                        loadedIndex.add(item);
                     } catch (Exception|LinkageError e) {
                         // sometimes the instantiation fails in an indirect classloading failure,
                         // which results in a LinkageError
@@ -535,6 +546,10 @@ public abstract class ExtensionFinder implements ExtensionPoint {
                     }
                 }
             }
+
+            public List<IndexItem<?, Object>> getLoadedIndex() {
+                return Collections.unmodifiableList(loadedIndex);
+            }
         }
     }
 
diff --git a/core/src/main/java/hudson/PluginManager.java b/core/src/main/java/hudson/PluginManager.java
index 2314514ea0..506f5860d8 100644
--- a/core/src/main/java/hudson/PluginManager.java
+++ b/core/src/main/java/hudson/PluginManager.java
@@ -26,6 +26,7 @@ package hudson;
 import edu.umd.cs.findbugs.annotations.NonNull;
 import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
 import hudson.security.ACLContext;
+import jenkins.ExtensionRefreshException;
 import jenkins.util.SystemProperties;
 import hudson.PluginWrapper.Dependency;
 import hudson.init.InitMilestone;
@@ -921,6 +922,11 @@ public abstract class PluginManager extends AbstractModelObject implements OnMas
             // Redo who depends on who.
             resolveDependantPlugins();
 
+            try {
+                Jenkins.get().refreshExtensions();
+            } catch (ExtensionRefreshException e) {
+                throw new IOException("Failed to refresh extensions after installing " + sn + " plugin", e);
+            }
             LOGGER.info("Plugin " + p.getShortName()+":"+p.getVersion() + " dynamically installed");
         }
     }
diff --git a/test/src/test/java/hudson/PluginManagerTest.java b/test/src/test/java/hudson/PluginManagerTest.java
index b384c387b8..61c09bea42 100644
--- a/test/src/test/java/hudson/PluginManagerTest.java
+++ b/test/src/test/java/hudson/PluginManagerTest.java
@@ -46,6 +46,8 @@ import java.util.concurrent.Future;
 
 import jenkins.ClassLoaderReflectionToolkit;
 import jenkins.RestartRequiredException;
+import jenkins.model.GlobalConfiguration;
+
 import net.sf.json.JSONArray;
 import net.sf.json.JSONObject;
 import org.apache.commons.io.FileUtils;
@@ -342,8 +344,8 @@ public class PluginManagerTest {
         assertEquals("dependee", callDependerValue());
         
         // No extensions exist.
-        // extensions in depender is not loaded.
-        assertTrue(r.jenkins.getExtensionList("org.jenkinsci.plugins.dependencytest.dependee.DependeeExtensionPoint").isEmpty());
+        // extensions in depender are loaded.
+        assertFalse(r.jenkins.getExtensionList("org.jenkinsci.plugins.dependencytest.dependee.DependeeExtensionPoint").isEmpty());
     }
 
     @Issue("JENKINS-21486")
@@ -533,4 +535,20 @@ public class PluginManagerTest {
 
         assertEquals(fromPlugin, fromToolkit);
     }
+
+    // Sources for jenkins-50336.hpi are available at https://github.com/Vlatombe/jenkins-50336
+    //
+    // package io.jenkins.plugins;
+    // import org.jenkinsci.plugins.variant.OptionalExtension;
+    // import jenkins.model.GlobalConfiguration;
+    // @OptionalExtension public class MyGlobalConfiguration extends GlobalConfiguration {}
+    //
+    @Issue("JENKINS-50336")
+    @Test
+    public void optionalExtensionCanBeFoundAfterDynamicLoadOfVariant() throws Exception {
+        dynamicLoad("variant.hpi");
+        assertNotNull(r.jenkins.getPluginManager().getPlugin("variant"));
+        dynamicLoad("jenkins-50336.hpi");
+        assertTrue(ExtensionList.lookup(GlobalConfiguration.class).stream().anyMatch(gc -> "io.jenkins.plugins.MyGlobalConfiguration".equals(gc.getClass().getName())));
+    }
 }
diff --git a/test/src/test/resources/plugins/jenkins-50336.hpi b/test/src/test/resources/plugins/jenkins-50336.hpi
new file mode 100644
index 0000000000000000000000000000000000000000..03578c6c8c9f620adc834ab3ed624f0edf7bd781
GIT binary patch
literal 5058
zcmbVQ1z1$u79OQLr4d9zYCwh(0YRi|=xz{(ZfOK0E-g|6f^>Hyof6W`5DEw)3@MH9
z;CT^!-uvGB?mpj~bLRWj|F5&w+Iz3HHdq<~5gl+j!kpb?{{8aj4ejD7E2=EaDk&$%
z2L4kF6%cwMmN0`%&2<9+AioI!5dJJCD=a4|CaR<ilohiA_gc5I<JN2KJUX1bO|b(A
z_V81@h0Dg6GtpyDG#SMkyZB`5z)31ku^o~*H8lm*kPLIrp*RO<8RQ~`_(n#Rs)$=Q
zpS8d!`kgwwh@<N@Be6LIYf-tm6)AlRjS&)}B*SV?TF6JyE9xGT>KSLNdK12QqtGPZ
z4V&_@{&b{CL_JCTnczz>PAe^`ViXy;Mx0JZdMdS7z_c1_eGf`ZAJ{5=4x62we`!sy
z<0vqfRo)jK^-OC#U;xxog30IKytLOMzxh#J^I&qWY&6h%Bw+`uk|$bwW%1d1x4NZ=
z4Zn=rb_sFdP>`tS{UFzgF%VrjU%vIX&KBuNaM|a%`Ni2LMv_5NGk@^Wa;9i*QjqWG
zfFU7WGH+nKyej#~(?s107Vx$SBWM(*<#nMCzEtClD>wfh4b%%atBF4TB^bX;Vg4j#
z2{HUBY?sk}*}@(@e<AVuB6OEwyW+Ei7@1f*m^c7ktSk#7Tci-~;|6RBc9g`uc2;7%
zrNPbUD}gb_>gf5L?qSgoCz@o{XV}Ba+(~!&JG%p?^QR*$P5a2$Bx%m7gw<mOfQlZh
z>F_iccyiB)A)^hM63*u#><mb#kO=p<7<>Ay>7bV_Br{7Be)`iYRA!GV!(w<wB-s1}
zX}^u<JC2sC1E205QJxrq4CCtJ0^!zU&N62VUViX{d+HN{RVCl{>bY^UgdiN;c`2T0
z^scnrr)6TS51e$@TxVOBmAeHu8IRN*Htq>IDuLB&*>`qJd1cvw@|`Q8ae91Zr#~Ew
z`tRuuWFU#^y725d763r`i$e_A%uTE<Al447T<jnaH_+U`zEBm7a}-WSWz2XYmt)zj
zA1WpiRc1m8>P+c~)k(j<C?^uM9wjgho-#3O(^ke8LGMn09+C8_Y#-6|W?QbxdA^O6
zS*e>n>31DCYFgoMns-<}sNdW@jbyK4g#q-`(!3*)^!uiJCT)$#J-I;bcuq@FB*fG{
zc(Ft8N-d}`0Ms4mfS>{_zqPyX!%4JY&p(KJM6#-LsHaSO9S>4C1%BnE2J+(5F{Kn~
zKY?_HC@57HW0T8z?SR<CxKc38I5m&a%G(`8hxGvaz$g2MLD8d%S_Cq1d!6F1%uS{%
z9c*f_%q{qsdl!;_nsMvq+j5hP1Uf<Of>&SW#M~^YU5CHz4}o9iu;gdQ$~IKkuESg(
zmg*>PD|{^F^(ynFWpa90*7IZtPplX6;Ij%eeD)Qv@#H4yerB8;Rn3cA$@CQKY%Dgi
zQUVt91S80~?#<~0Iww!7`ghs}?ds%5&&oD1CW}HLbKd4U&LpIQCylGT^d#99c$|Ae
zr;o)8?1IEBsXuW&Db>zKJgF_kj`d|Bhf|ScJyMA^i{rl)_S#!bU#6av{65);-6X{Q
z-siWU6mo$BG7M2n_B|q`!+jdh7OiU{U9m8B9*v>SgR!_f#TG}QD7NRfKEQnh!a9?W
zBvZDIh4ez-ObpyevtVBL?N~qsB63<|y;viEQ3nwUiLhhrAtkSH#db+SLtgpfd%xX4
zU`W^N(1xFyC$tv|`lCzniGcc(YWzN?5Q<MF#p{?W!$A_lW%*_ID6(c9>GNqHFwsnw
zCyR28+RJI$QBrGk$z(O;J;>%9tgI>FukPTHdPG#wtk|-Dn?F1He4$g<w>!-~LlwpQ
ziJWRME>g0W-FmDV1N*R9duoa1My*THL?MklTIQ(%O&O~<i~ciusMq=#S9BbLFJbf>
z>4K<+L|REfp=ww4$~7gOrU#iD_OP>Kv^V_8%=Sp6@r{n7HW|3N&1>l$?*!(*xyr7v
zkb_-5d<v6h1ug7wFXrytNGC(<MR~s0*pwf7cP794Wf|YuDuKScnH6y336-GM8vjb|
zj<MkQ;V#pGSwStslp7+mAVYAskx<Ki<>^|CK%puwUl*?=do-7!DkjAoMnzgRIax&-
zZ`V9hgmVkNP;8@Kx;A^~4Md!E(oP0`4TP4g0V9^S%6Af=0w11C0uSK(QO5|MWurcd
zT|A_LucmEL$zx?leqz{otZ>R4dl4UAMs@j#g`L1xjg0na3bP3+$dK$8abyu8O03aI
z3kabYb30kxS_*i)XGlSaW6M!<zVB2CHadF=;Bj4_9eLe#4?v0a%);19`_j;HHgf8*
z<Ad}sqTB4{cVwh958CpK?+(Q?Cb92?q!ba(5<IQ*go{(W`5I@^t);rANJU4q*DU74
z6Kh^ZIIpn~m-YDc=0jfwF$s~ScLp2;u1l`%O>-Wr5#hDYXS#IrsVYcqB<T2UoXy})
z$oWB_uhRjlewTj>Vr*O$w3-{wN@fffRb^yiYr(pPlp<?7Puo1d2=fI@RTVo9%9R_7
zlMcYUnYxflor}9A2Z(~emh`l!sffLC3ix*QYpMK(YBo&}za4V&EVOuIG})`dPy&Qf
zEOZO8{IEV^y{_pqTjZ1j2(1xMde{l30I1#*Xi;estLxXEXJC}jn{K?kH%cE_1<P%j
z((RDb*MFASIolIJt48NGI)egNgF=(1?mWne@(&yssG7ChZDq^gB*e-JfzC^Pc;hIa
zV~>LVQDh&e#v-BIYuwS5?G{caOrrvSH=IRQOu(x+eOI4oybrvJk7;vSZ{}pAX<84<
zr_4~Qn6tY-1J5X*ULCINrej6=x&{xF^$ealq36@VFu56oe}X$3NaJ8Fy=B*-P%+F=
zoour?7#ph--9SQI^0i$%5U}93$&#l^?OHe}2RouyIFKx8p;AORM{Pf{)5J7yO!H92
zv00}YkR#^Lz{IO_@CdOU+OnX#(H^bOdo(#H-EB-2X2ms?{Bla|frWYaQyKzEsTW6~
znEqZNtwr^?Uv<WGx8JV%e;B6gdsXf|{5*4|K5%oi&1YG)&;-o(0e0Id_?0eAZK<?s
z@lXQSi)r`xhy8sJMXl;IvXf)`B9{tCXU1mZpa}hT1pQ$UnlGV>0cRg$cgZ+n5IClW
z$avx1nkm!SNxTK8M5YIW!ZsXjH9x#V5bBJSgRjE_<1}-Dw*oT;7bj6#O~S$DWI)wc
zfhH|wkL2zc{z_(ws3EXJt_M;Qe#|m5=4w@9&kMWaV4udD2JUg)GsA<Ad&@OamzT{q
z4SV9X0~T2QT0Inv`;*>#vblGud@*>lYQt1aP(6tzCr9<r?2Gia7nz2ohSWrHQfi5w
zWk169z)+Ipr<CM_6KSL4DBh^~k%Z;RyUf~qF9V`t)!M^d__LP8Hu-sgZ%&?b+8oyV
zMu=`X2$Kh%e+>1RcYeY@bkeqD)PvX>OF}a;f}?TPP5?SJ=)z-CKSI-vm3g-TUb7(2
z7{dvbr`jG5tnna$F5UJJF6O(3*PiUzG&U%V+WSmJi~~Yi;&#x~m?6qi*%D!g{?xKT
zul}Ub<#jPi^7DOOBe=~Jx)Ml@%TEhR1e0l1F(_=yi72$PbYB$3*A3ok-c+ZZlPtk)
z_(%e|7uDRBt~wSP9O3u=y}pa7E9%QPnNu{_KvGqwPWiSPr^5S@&?$~l8B$|<YiIJg
zdS>n2`1}}Xb`rA}vm&Ot?KF(k4`OV3dWT3Ak9!$;qnHjrGJygZpQ_y~>BE{mh@mP%
zoSc~}l&y!VX~@2AFI&)#N2r;&u~BYm%kkc)b?vz_5q*Ea1E0@)zJ&!cN&R`ciLOa1
z4UQV;S}Wx*-4`qLJ~j62pF_V{fULPG)j*2X1&J|_>a0%JqDKwqjnO$!dJ7Ti&Qa$a
znK)JuiWhs&wLHkPm-56C`?^)avb=pfP0WjA%QQqZWjR{*nyMIRLz5PniK!M*jHCBf
ztM|8T{=UY<xhR2tRQy&3&L-AB3dr9}O`6|@AvVB2t0thWrIYDJ_4Hrx?Ee@3mn!TB
z8!ABgqMVg8XWGcV=s>1W005qUz-DV>by@K?s94#Iu;ZT1=@~FJrXIe%#jWf*MX%eg
zuf?p1J5N7wzp%PJ+>l}R#o;Dze`4a(6wg$}{Nvhp&jykPOzn>&+jBlZiKLQ4akh*@
zYmAxj?L9fps*XwODc=O#je7be9OTEM_2t!eXS^eF<e;y#j8YFbMZP6g$kDC(&R4@B
zM*X)d%%)&)BAe{+XS`5~=7{{>%-Q%sAqlG-<C%?N!z@adToNw1(MNu%*(BJg!4o{M
z64AT{hj=OOoZR^%*yXfAiq8><x~_kVHIp<hOOsbWDVM(?=<yo)yq&9!6N=0S&i;vg
zHlNNpcnTEn5hIAGKpl}kXK{=HS8f~6r&aCad(sH2`{<1+PyJG2Q5qXn6Tx8>430+$
z3AA%EStIG5kU|z1am&uJN9if2-rm<Krc!tF#ez0jCMku!GHz3*PvdM8x`JV?og;Sy
zJC$yFPQrvRf{k>yc=@a9t;eF%i2WrJwrsh)ABl&&-N4Qb#hYLufK2Izi!_Tf$+3{c
zxrsYrIY|(&elhe1GM7{3(tXmPh}FrnO4Q6$%;z^!dByG1d`u0-uL~+6DAVDVY(%~3
zSmcyEX`e10lg=80OzO`qMV>*+m(SeOZds9S#JnL2V}2}5>qs^tet7!vxVK{uzo)0(
zJa6I)O#)r=<E)Gdztn<6uJ_}uHEhqn%`R2P=OSw2ZSANDNZ3x8H~Hnsm(B_|?@l27
z(UT6uIh@t6C<l(OKPU~D2}h1tpXxqD@~biw28)o&#}J8`)J>%MQ@O+Mrj=A2iM*@A
zzJd2Ga{$>{C}Dp3wr_*rn)rU?hMY>SC*}AY=<EP9U~%)K4mV!)0ee}*to3cynSl>e
zZS(LQF>_&%!RE>q#)q!i8UYeFq?F=55p8^H>{v?D@H4>Gvi;t<oLEn`J6+6qkBgt+
zKb-rv_BOUA_Kpw}2PJ3uK514d7D-tJi9F>kSr+NOMaBKT0R)Z^!qE4Gn6d>jVFjTw
zw_fY`i4cZjVzSosD24=sc6TkY_Anj&zEL3f3Y?1642SGUWAH0kf_C@H6nD!&yTN<t
z_EIB0oN9&&l20`a?a{zQOqmwu`j(cRNEZg(xJiic_h%0mR$UBS09^R;`D0(YhW+(f
z#HH}%$nasfxc`9tbTV<x@cXWI*=Bzqmx{wL8s)1d`M;qq+wN;r#ZRd3P570e-(&Zm
zZTJ;7!)NXn<aJYit^2S0)@z2%i~aEGi!XKmvVUH7vDZ|;8-Ka~e;=2|?_m7ozN>6-
zWy$a0%Y1MRrn+#+58r<W|7CXgd%ny3aLuRpfARfd?M1e@V*l%WamAnEQ}_?q|I8jg
tE4e&l`Ok%Utt9utz5m-KznXBV<a(KcrIC;?`7kan4g>(e4fpcjzW`>|O<Di|

literal 0
HcmV?d00001

diff --git a/test/src/test/resources/plugins/variant.hpi b/test/src/test/resources/plugins/variant.hpi
new file mode 100644
index 0000000000000000000000000000000000000000..999acbcf1b98a1f706a9467de37449e41b7fa0ab
GIT binary patch
literal 10027
zcmbVy19W9u+HGvxsZ?y+NySFRwvAJ<om6bww(SZlwr#8Os{Y%z>%P9-|9Jh@9%t`;
z#`xx3_|95$j59xZDNryNpkJ+9>Wjqxy!_(^{qrd!qAW-&AuCER|Bo;zppKtmu<yt(
zD!@QMpFx0t(Eb`GBPc5&Dx#!JCnIVcGcDK4fHb&~cI(~jS_dyJJ-jXu=_e#Dpd+J>
z=rYqFvjTs=u`(jxUqrUy`mlCU>6l|4&PQVDlo>IhpNznP+m@RTu~zk3c&X;jft$X@
zjRtJYWbTNisSpq4IGw$3r5FdZ(K<Dg<2oP_HzIxB2At<~$%wb^a1VehZhJK%q8iUZ
zjtW3Xr=`WHFAxft&{B|})=t>XxsM5R63%3U5u6@`Uhw;T7sUcqFy7-2P0Cfw;jaNM
zNktrZEX4x`ic3RGCBAGkor6#c9*WUG(gB*cg|vcfAP!qOPiZ<kN>y&KN0?2xO8v5(
zC_IswUSiFZz=_o)#jkKdETSmC3_4&fwbOeCtrNL^xBQ$xz<-Ft;qFQm%mj9FL&H6l
zNvE_EEgjn=S-*5@f5oItQ^&Wtk7wsr#gS!s^xnG>36a5g()Z5oIRVO691-b)kZyku
z{%0P5{wEKAO&8S9FRCI!|5vvD9tHQ8C@XV=f5|HeEsYf%E)WpYM<5`~e~EO_cQDtt
zaiX)(cPLN?SJqN*99YZHi?kH<*%YKkg2Gwt@bT-duyci$o!UGH_5%<8&;#1T3$UXE
zfzHz5y_uD8-JcxqvR(UpGSB6n)pXwCu)aif9U_ip*VQEZ1(CCvpY`^olA?kRI$9}q
zOYtcf8)tRJoq3%56;}qp!2u7(!I8_KMkz@(G9q49;z%{>vrQh~M!0=fWt9HH+R`<s
zB9En(7y=!y7|o#ky~jDtN?xnGQ%fC7`H0p;!@f&{tJGlvTr8AvvDrxMYifHxa=zI&
zY611qPFk+{dzAcPEfgX@$Sa?Wk=so298S4iD?w#cMiq@ga>uooT@*-k1kJ4*?Wh*Y
zqzt+oHPVWv{d%hl$16jBdnRC@*k_@VO@+4uDpZJ(w3ei+7`kpNFSwCVuiLM_IG8nG
zr(iZ*!E=~llAs`tKJpvpAuh#vM+AuX2u_l5+p@=mD+S>R&U9a5FnYt=0&gf|)L8`0
zIaq{L^xmS%Abk7y^34s#j)lAKdm_1d$Z2Hz;|;N!`R9Z${d}5Fk>{{ZeaU;_PxRoP
z+uVp?9ji;dfav>4j!%PioO5j3XejGEWm(*IJX?&L0NTb@k)us@+Q(6ohe~%+2-0x(
zt^?VAQ?!^a60Sjb^4TjC^*!&txof57kas*tRBmo}OjOM3jtu67DkAZRwe^u}UA4{E
zzFr(7Q_x07Hqdui&DgF*E&(mtp7(3`V((CUW_ysd#g<p|t+yyvQdC^14#I>D*YOvG
zMrKGs&I&=K5J){IFz!Pl<n7WB94k?4f|Ni*5YC*gx^x^*s3c>-?D4uQ7n>cn1)M7@
z-)9B%C$%gxJ!v_*r^q2t?8-ASySXr)c?=#fN&gcGswjVvoNiAxfDE7TwMIy<6?Miy
z_#W>SBdE&jBAkL#<<_}Q0=@N$c3A}a)}_XMfRswDN4P#Yxz5lqf2WOdP3Y75TgaYQ
z6~hlIK9$P-iF=py8F|d;jGH(9F#6^_WYR04WI}Ps0X+}l(_`<l&>+#Kv5|RhqlKV`
zjJ0RCcfIMn&E(tEr^JN{`@)p3vPXUq&xdEzs?tpXve*4iXfa~QsjKMIn5gE%{{0hF
z$E|ts1cgMzjFE#)b~>-b4pprueq9JDJgAE?n$%zDF+s}1U_xJaOIFs>4u=@9q+sCP
zqShtnVq>Q~XSx*kmme@}12m5y;Qf_n++gIi<S0{YbGJT<5skBWxhWJ9=^6CLDNq*E
zD(pQmk2rf{s>y$}>-Q=;S(_`eyi|9b2dNum<YUqWJm^7Qi*<3wk*_N!h8ujo<d>cQ
z@oKGb|MuzIIw6(E`$4O`%cJML^oMtD>vR(&RMUg#0Pq5E==LdYQKwkzZ28!@2Gwqh
zOu+!1&+6XIRyLoq^OfstOw9d5Wv>btK%AxHvG8m{7y{8R{mbu<at_WG+RU0N;?`J!
zy*GhJX++@@u4Xrkbcfgwa!9qe6N!ealqpO&q1nwmC<hkxxHv`JZNKR7$xaku*(Ug^
z+lwo8*)mkHj>Ix{r@>5Q_n&jcK9TgV_51tQ{UDgy7Z_z@C5cevVUxgYD3cM)wst(1
z;YNEU!(e)@bi+1FugcN3>LPA<Gd61<?6qzbnjE2w>UbQSiW@6Lek4;gLvzU$Y=4l<
zVN6F770+6o@V9E&4m8swxtYiSm2uVNu_YK+B(@Nj9~FGDaeUcDfI{Q=pxb&G^;oaO
zZkDWOwawI$noD4580%cnKF$6XQb()Z{1H2yshiW(ut*D-%fd^?^<d3@*<LtbCS^i*
zPKX4hTKNPyb$JkuRNoI+_Iq5=UCWXUe-1{elq*Cv)vEqN+)mdiS2a^3ESs0(+T1pM
z$Ere|pdAa|ny9Y6wAGEZ3Ry1M{iy3X01Mr36Y{~Zd-9D6Lri{iGx=(Bv;W79PZ`Hj
zns0i>S;mhLkAlQZ?k%xx+ZsGJJUu9|gl&IDScKQ~*)eCqpw9J>U>+m7C?IB&bEx%r
zFD2;Xka_?!@Cv20o!{1O=WCL>qVU=E^Ys=9<Bd?|(1GoRL;sCOIoa3TZ+j+3CY<$o
z>4x<DgdT4^(q67?t6RZ_(%*CLqH|aJ+aWJV_aO!`qRW{X<b8@G?*iXG9DdPe#Z|tz
zq-Z8v<Q0F%qbDVZ!@wNQ!yc|J#U&6Sz)?Hjy^4>+&!ZYgmh}mN!m=r6)a@!MEzLEL
z2xUpltSt*rp~r6w^hi@%6xHklpHDC^vGg71^0p6?(_k~DC0ldR7C)~3GPA|H?Z-0u
z;eu?*qKGz|fhW0erTm+lmOLdSLFPWN=kC<iZY8fr^h_PHHNz)@GL;7eb(j`Yqj}<K
z?rfJKc}58KGA#F!b9MA01feTZ5+soxrsH|7l1Tg2Pmd(Cg)saHb_TO^VpoPn;e#Cg
z<x>_)gn9r*#%{bNU6Yyg42G!FwMiU-s>g17ebMX*o9HY(-Qprv4H^_M+q6{P+F9wX
zCG?_`T3*YApst%v5p6Hb{yB}S{#Klut09nS_Q@x5?6sFC$_D~loWtD^cV)6>eyObu
zGaH8WcV)2?kIQ|nJg!?oN$rFRn-D`u;@(-GYrNJSQ1PtUkf5b@I{MGKiWi-b6tqE%
zgPN`F24zIdUDpMLwsob#9peP(0$*93*)taAWUt}%*71++<80LIJz8qgQ~;S)=l!W>
z97Z`f3ds<fr_?kVO4SfIj&1&r8+^G6Z1KY3e7jw<hS**xrL&VOxy2KGQPIbR;0s(l
zT9*14J5xR%lOvbIY*iv}mvb#0C>0ejhN^c9<U94>C6J3O81<TiI7^NF%T>#XzjW>;
zhfD$P@mbBzKCFyM9?#?}bj-K#hc*B>ejKSufBb6UV^y$~nA!S@JONuhE!2slSzcq1
zmDH#rbM8j{y%_Nu8t}AP4vOzdHcPeMM~>Lfx_h6#ub4RxNz0WWK5%@9E`$rZ(5#tQ
zRc?kM!MJdD>jvUuBK9K1y(&c`+f8fBgpm@`ownBlr}~2A>ZA&*tpIS;u6}~3h>sbe
zxaBn27UUmc?1I<oc_))Z*%-kkHNd8_-%DJ7l40hzax6PkI~F`vD?Dy5B0kMdL=Q9}
z<+%ah?KddUb)Cob3*BN`;75TjY*x!G%9+t-p)8mSgLb{{!OzTGq<jba{!*`Z>8sQy
zw{v9lR#cd1#0-4IlT^B!KE84^Btoa)sUl{S=Ao-+Bk@ucE7bHAl?z`hOczKO5E~fI
z=xwz?%aLX>wvtu6@0MZ1V^~h9#lpG(cP9;X?Pq_3ad4j$&cTQvx8lUcmH(u}Q_c}r
zLKX8>nv{sql`^I>R)eqWIvrO<Dt=9mx1Rlxio;2H1=ST3@S;dEwJzZ_98z|Iua7YQ
zIe+15p}vTP;#-bP2>T-n%Mz|bLX4%+(n@fNdTaZtq(k{$NAOcv*=S|J<!Ho7fvU#L
zynE3nPryQ_qpC;uw#k=yRoA>%wDBXPMS`v-YH(hb1)LBPQ>jUj!#!J_oCd5$l)<|+
zD&F(vDMRwrNiP%~San!4@SEU{%n`&0$;nSM`n(M~X43aw@DBRx))+rD#HXtEwkGaP
z<5MyWJ`aHMJxUqz)+=TjC6+JnEZ|CXE>f?(fOnMZT)n{MSwiJmj1%<*4F=pXGp48P
z`|%*9in%kWiN#y|*eSoJWYVVcE+>|(`&=0}fQ45s%^Lh=CJsA2M`@dt4K-tq3jO2*
z5u8($NJ=v*XT9);8mow=#ekL9Q8xI9_4xIJ6|f6a{>{c|Fh)Q@QwF<$3wkGaXIzQM
z_kr`)3&%V5qoY#>crEzIHi5nwYVgfHm<IkyK5L4V1jTB2twsqga>zwKBL8V}cVu<v
z0X0%8KwP9}Un1}_!I_sQIzd`ZGYFmtPwvi1$-7E$Y5MUwb}gdGvPN;y1T-+!?eX`r
zjxT4TV!M)Lmw<*>{rfn4Ki22XWBRim<3YtOS4)E7x$>zhe1K~#JIO*<Bqf7zcqC{{
zvbZ^A3JbE1de4Se-B~*dI@gcV2>2CxHG^iMB~o(}WqeVMLgUT&a)3D6yt>R{&|7&J
zlFMD#Ifrfv)^Xb{k#c2<F7Uu<C9|GY`YQzRogHz}tdGw*dWBy+=awYuOOAzlzSYn@
zO!m9qJZj>8gxF5;Huw85u5lNB()-7>Lf*FH%LtTD7B_{$+{C$K{n454yPHe~CdV;u
z(V{<yAxBFv5%J4y>aAs7J@4dTm5n>v<pEEXU-9C3=iu-HlH3HnhFtk|;`f@tnwB3@
zV){Hy`d@5y<Eh9@*vJyIz4t|~N7qmQ7c?={*Rr3Z@Cg&M_j8sj<xqS1kHrRlL@G;U
zQW1lpH2?{)<3Q&g^@AHj%%>I#oAP&dwYeGF5YaW(!gWd7LF-MI)g0v_jGn$18|)c$
z`pdpX?|r@>P)L4=KGUl$aAz5jFDsD*KOu){+dPJ>w)wDFA36(q(Nrmf6rY;%Ug@xb
zJk{TKxqhZnfDWVgAz9XYrkK86d@p27Bsk3PSv@eljUTr{wO9Eaon}KEv~blriC&^z
z*}#|)ES5L@o;qX?207=V9s|?4u1I32S0duzRs2nWHBFz}e{*eLD{;Gz%k(6C{>v#R
z)xLh13k<fLZDIJng+i6x3AsQpl0wE|rj@LIc$;?n2g>19(DG2BYA(SqRo0we?IY3J
zoQ7;iFzj>GY*}v_%wCbjsep=^OFoGwuCP-?OW-eibk|w8E1`QUB~6BOFUeD304}l=
z7tQ$v47jQARtMf(Q4ij+DZcT0%?Z$X_fx3f49b0reWiPu&R)&Ofqgm$8f(tmj`x@m
zml7rtLxG0isEmOko@dN(Q<RYySvJ3ZlE}WipP#9e%8X@6&}h#iP(^fg9*GAWj4tq9
zRjOu)=|GD(2w}GC5NH{i8kDHAKaZJibhZ+H93OlniVU6?L+m{oTQ3J!a7Brfb(I<x
zKpSx$F52WAFc)T4W%sl|Qj0KFuC-Ss)buDoTRDTCz8eH2IK)D**Ig~wn-`hl0^c{|
zSD~UNV#?q!^*MVA=>b~U;4UJq;yrqk+G^<cWiAkX&|?~ygDk)omN)QBd)9<lt5rhW
zEBy}mK6dxRUCAkZvn2&N^G0=(&i431i8-OXa0>Eekh{^6NaeATLX@h*gN@5m(vXTN
z$Y{mLh(1SDRN+9X-ejG85Jn_WQRf6^M>_?^tO_7fv(2)yPkb9#yI;^bx_Y~|l)77j
zj7h6C*a+pOobG7FX*S@d)V{480V|d?VHdEhC{>b4(F59QaGX*yWTh>It-jN9O<NF=
zY#s&V+pZP{Lekqpa-vRZO5B<#*+Mh3GmU~h66x&mT@vJ^#EEZ*w!6Of=40o`N*i8e
z#DU>vTF}D0HY;3hdq?hwhmR2$2<0n7$2dq{?yUx4)6PfkwHUe69Z|VAmW37pxae5C
zf|>m#yc6EBpvIV7;e<y?DdzqnUD5E9o@>LSv~Q)MYEkBnb7)7L?ieFmLJ+LnS0Wg+
z9YoTVCQbw7pf?t$5rO50^vRjn4_BXtw!@3*2kDFDNhi-R5Inl)>(({LksEnI)=F=?
z7;JGHqPQ6?&!RlpG~HWOC$c|Nj%$arx^wzWCyr37ntCC5mv@Ff&gh#s>xQ;ZwK0Ln
zjH=1oW?w1*sZ>@f=Hgm^M)*iH@1iXn-C*m-$0Xy5b$Bn4RBM<@0~@j0L=_x{%S*t{
z>!&Ao0t=g1)tb+NFlLoJ4d9zHt%met#F!-vs^trjvzeShqYy}6x>&U&2|dwlEd{rP
z>V&$^;Wvk4c<|>LFI?r!&4!r8%jdFiTH@~KXpIU>O$UkQ=K^V1(oAH@P<}y=*}%gT
zq1U5%IQcvrpl^=H95S6k>C8)}U))6{<}iVax19wl^Igh!#g!->dow5BU*G!9FkM(3
zy^->c?ge!MK2iW^!9eq=^sqv4VH%pMmT=l$sg-V;wl%BJ|N6118-a}?4D(Q><^*D2
zWc97St2tA=w$&qqigY4EWo@dVg{~mKhTBX2{dyVg)z^~WZN<E*cXUyM#ufJxk3Xf<
zKuiM`jnF0$Q&+5sKvJqKtMOH(h<s=Rh7wV!uOWHbrzIV8+!m4Vok3bL6`}@p1VvUg
zuR9`@ox-RJtKOUpvhzOO(450Et!C<^Wj;!NTdzyDww3i-G`bC@!j}1xvxU?Qm$K_A
z_u2q>a+;@o{PL(M+uwSKqS0#{t@za6Ve3;Oko+8A#~;(7w(;pi2%6R5lWhQXcrs4?
z5);I?={Wf6jT*RJeq5YIi(xS~0Di?zAu2{;BBP**7yO+Ga+o{K715adSdCGq6FtqH
zBO1!{3LsJl2Q9OqS;fl}@JcZ}?$MB%C+9m<l&#@Yn!BT4U@H#>S^o8wW8vCd!J%j2
zvJ}%#Q*`kZ#dmzWksHPyLb9NY;e3vkGN^HtrTW|M7VyV@gXAUHG`W_?`2nnsH-}U^
zBUP}wffO0z2n7h;{Z$oa(R?60!C=6`BE`*>RN05OEwV%mK_X+Z2Pcq;>4?|5W}b&R
zNNhPV47|+c2b#H_$ms@qMVI7L;RDnA#?+5&MpVx<r8tf#aY8rZTKhOJqZIAsZiDiX
zXOOH%v~q0A(^Y}Akfts;k|HjZ0DjWZFHDL3%~gu=?$KU10=+%bYrspgXy;nrDOUst
z)dC@E7bjEJcgwIO!z$UsP_Yu|$?-a6KAL5vEX*M4Tx3>KkL_3+S1B%7s)B3ncU{T`
zu0xj=W~>mGGZG%<vh$aie)rm$bS+#velM^bgk84l;rGWw13!aj)J1ZpX=kY86?U{9
zflSs?;DhpDwD1ezk@H(1P)k9#YRP$o5&?R%3zs!~;L&osw@QH#vWWv%=H|QdF}h=+
zYMFfAoS(0kMb@G7;>)zh&PHGMz+Kbr8@F=;tRtQ7@T?HX2Hs+;7wtLCL0#HE2toHy
zt`cqIjI9HIJDtHb-nq`c3XtaVFocl`MO#F^zt$S?E3?BN2^X!PX#i#2#>d;>tRTtn
z8lm3{VxLW@B~(usL!(cy5*3&#t|HrqsuHw{76fcIXuFtunSJf_J)-K_IeRryR5{pe
zXv#R=7&bV7T%!)XG{@1xR7-l}Ph9NWB{PLLC%lBAVW;MRYDKvL6G4P_u=x-Q`!Iw6
zbME$}N`MGsVFlj}c7fH%h1{ftJ}a=&1A3LXV5o&%c(CAHu`G$wj2kY6h!NNe2Z5_u
zf-q|z4+)hK@mz+pL$ekRj!^3Z?&pEe5f}mK6P-yAyuyrqJxLrHi5srYxv)Cs3a7B}
zNdZ&5VY~5(B;q{z6(D7RaoSj7S{3du+(2B<d7Who;?S0!s=KRaPQtRDV<H!ID|V=d
zgfZjW5?g`4Nq)QShi10sXL4(j^YkopSz)ktaH3Xzl#qq+y7}2lU3}=xac^?IAKqx_
z&eE{33unU=IsJY3Ban&SM3>5E@BPi!Ce9xk#-5&&dt<bZg9OM3m6&f|C0D%%_w;PX
zpc?{N%tlv~pf(#WEa$|R9_*Q5C_W~)8)wj8lWT2~=@9_!vP_HFNjZ+Hq#T?-M&d6x
z91WL)+Cvd+MRj)J*i)!y{U}Wl5E;~=f3>)^q8st<2<%=KJEguI{4sMRrB0^M7ogxH
zzIiR*SlfNbvR}uJq|7GO2_NPQkx>HYTH%OaQ+MFIaxxZ^r-M(u!cHwn?TGYaTXimd
zyG+|>YqM2N1@BPa2<kriRUD_V{wq++kh@!AYr%rn!{k}*etcZK)fvl`4^t;9CrFHx
zAVfV^hL&->Xm9_#$T#r}WaE6|>H_lUq#Na=jeQkUkDzDk)I4)tRQcz0V==$QA=l`G
z_}e>MBB&zioM>F=bc|)J-8(U^SH;wxf*3#68kt3VqxNwYpTtiq*}PU@M-lkh=+TGS
zu%ap?U;2r%5+A=48;^$+^KshtzmMd%2~Qdv0?0=WpqK){ZJv{4FCa8rCfWxW3_9dQ
zgtW_o(Sg?qS!zC<MiLcSOgp%M>5Z&O8d$fHXKm~?YFGCwL6mfmec#pVH<W>v0Zk3!
zGwM(y3t=SR@Swu8-A*dp6a|Jq`mX=oh(E|0qPPq!1A=nMImASl#CbL<u9HMcoj59#
zJ|B4vaaJ=zt<Ena9#WMlECN<pwF>L_WiPvG5w!m`abo}yVh+0unJgN;&?sK)h%?48
z+`*OB0zzDq2)iv+kn-Y@^TiGB(f-?x19Smho1AsVytDd>Z1K{Pxb=K%pR#QdA-w51
zC|b@pPW%nUr!1PUcdJMFW&B=zbW8V4<k6Ci2KV#9rpF0#E?LXwWI-WFv+Ez!4_oB(
z*0}AZ>x8#`a&#>EJhVF++&n;8V~(`a#$!$Aa*vLDW89DLM`hw@xe8UeNp0COKfuV8
z@x^fDO8BPs?F-drX-m*V%i}XPP(QMmCfH|;Edd%M3%ac<3Y0*Pbq`iVhvf^p$uX`C
z=n<&}`HHL<@*lZ2%JE&1dhz6t0_T_74$SGEaY#kb%D_SE;JNkV4JbBrp8Hr1UbwSj
z;N{&}Wh5ITs~48_If-FTOp+(ZyFqM=K-xVA1uTG-bviF9wZtVX=lYr1`{3L@2F8pP
z2bGR$^YufvMy5ZLa;39Ajh1@eAtl{gj<ruX1Pl`ht#h8inCU7#18V7p#53Pr;AiA5
zg5MRgaWVQ08rldsS09Gn=MY@%YF&XiTYLm37KOF3)(~qp2RoLJEGB}SblIFK_bSqi
zHXvB;kV)E-ah;r-yX=Ey$;pQ<BYJEWjD$nRa;K8!S_fr{=o}s}59`G2YYh5HrEjrZ
zRqJ}oyWLz&?eS<qUgWf?Qt*S<@;-rZ1m%S->xeU=M|&&91dDwTdTsdlB-ZEuLIVx?
z;LrCYx41za|84~iJZ|S*rTSy(YQx-e17Ef8UD5o76?_H}?d0-ZdEG0r`w7@L;8K<J
zd_gUiup05*@69XtHP!za65&SI!J|vKGkEi&zV(7=SnyG><puk(&f*@wIO5UP!i-<(
zM>(x$(XHq+eL`WD_G`I`hpT@0_4^!~*ZrNN;9*-8+Ua{K&uyK57A*D#e#p*`BI8K!
zhCF+3HA9Dd?>LG#obg-G#j~nST{79O{oPmJy1kA4*EX3;*OKoKp`VCe=uykEzP4sf
zK3~v5Q2g*F?+W8#8oiJPdyr#c!qdXryU2S7{?m~A!x&BSirD{Y2LZAC!x;V3kh3y3
zG`4XxcBBJXTUEr!$n`P&{AcPFrYs3h9@j;9b~!@;hY%IT-+jKhLOoU4etFtkPK~>M
zt!1F*?Xh8F?zxSXA=}h}O%7v88^lbiXk`A&b&b39MVzyJ9g|cfz6QQy09?(;^~`Rs
zd}v|}`1kd@HPM6KC$1ME_YY&{66&VUTzudZgvE-+j}_SQ<i`GwX*3v1LTE{bqSd7X
zS{||mmoD3{V|a(2@#_IoSBj&=_=hNHEsChFqLJ4}`Y-KEonz|#XEX*VqXk8DpDb!D
zLvl=SDVKbc?;(1o)~We>^I_u|&xbdK{0WxV!6Y?{5>js9dU^<OSwEPSQr(*QW9xH?
zv4Exr8lH-T1R#6Z)+My7Ad7r+8832QJKZ#XZdv54JpCB2eIdnT?arn!2tgDc>fX4;
z6|s-W|K}S2-J?eQX;S{vqqf#}F}C@qqxtt>vcCu0I+)T~7~5Ey+c?r1n$y`?Ih+1`
z{a-lf{+~Ji;g|lC3ks<2r*rPb$kAjA3Ix>u(_Lr%uet1Ot$+Q38dRigaoLeNPgJXg
zYzOE_*=0cVJ1Cb6eNa~zQOJjBvzv)S8Aa&CD~)mvy(ceg=+#BHg%MC#5GTeTzS$LT
z&%LR{;$u<Qb7f83EXDh5x1v~h^1T6GZ0{YOOViOBrgeR}{nke_<=7|YU?rQZAgN4Q
zcW{Rr)MwLNRd3b#ZWR0uw%5ZZ+`BdoUN-zUmaN!{va0C#H+yKu0&1fu5dfoMf$*bJ
z-%?;jJlV0oj1yDTuGP{1yk6H;W*vmYYv$00<&Yh)LC~D?(*RYe*zyyE0{YfYO1jFV
z5Z}7|TKoK%>8>@{EML{9<_S7d><tE*g+*>D4h7IXy+)X>G3!1Af?SgYS-l7#v=T*v
zZ?mYg38@5>gmF|yHN!_^F_RP0w#HfeAH#!)q#X*I38S6%JYp3JUeHLT#EE@LoYY0D
zPssh|^J&J_u5UGHsvF}h6bod9kvQ35Xt?$8#)A(g%Hx_l$hm4vhSuY|3Y-;nW8k$?
zgoF)>x!_R+x|+?Wv!R^!JBk=Qf2BH96&g|`%EX`)VS^wB%DZ)xNF(fBF|HVW?-Xel
zTtHyAI;jfv<>Rievb_Jbzg%<|Z{}TmFVPfcGFIXidSpxiA@51B=4$Ac+2d7NKm{rH
z6nj<GhK`nZHuQ!qEuZ)LP>i2{t)3EUELK5cT3NWJ12#M_W6!FJuZS6#p0gnU@12cq
zpii3((I`3xRp`F=+S*}TgR=dKfSL-^a;rC3@pYYLEd7L52GEk-^&^Sx)B0rJ`_FTR
zM`22^JvrMCU%Y(r)sty9%QJI8={g;To0IH#1S{y4v(aXVAJ*_3-FLK~KqpT_bE_U%
zTZwxv$1=TGvWhn~)i3N=*;cN3rd8eG;jp-A=MyOBoZ=^e3&KQz(c@BJrsRXb3I_fK
zS*NsTOGYXEt%Rjp`(z@}{#GghZGByyb*LzQB5+&*GyM9PtkqfK4oRYy<IC1%7wV(^
z6)5L6b?-9a-9V!tw@ej>U#3p?BOV{bk7S=mmF2;1NvvT4_vRVF_HWcRHgJxhTpDRc
z^Yf2>ud}`$o|DE(zWDB5Lk~`vm^DiL>AS(&ePLYSrTC+jWlrB?{9L|Wd&k+`G<%6F
zy?x;q@orCl%CNT*KerlkIAT|O!t->aT#ppI{qSV`S+?_Ej`%SSI7*wJJJ;^#hv)xm
z2irN=+8H}InHxL8kM_XyGQa^%xp#i7z8Td>ZtjuI-PX^1^=%$NNpLdK?&)%Eas|vK
zBt$YzKE7^=2cnmTL$53KOc~7H<(#Y#XHFo(Me+;iYmy#qW(1p=YuemI)3mamh&fe|
z+mE@1bNkYag%`Ge6(Y;W{vj^~41xywpNoBdPUdGr0y-1?_5A0t`WyD|i+_Fv|7!WZ
z<UjBKg#D!y=r_aP3sQcSt^Cn`bzJpRJO9+o{|)u4jO90K?k}i6idz1h=pQ5g*RqyB
zvH8C5|APEWk<0Jy|Gl*TCK15@J?Os*{cnc9Ytb*^`lJ1tc0R#h7Vb|O`*RL|2mcbX
z-{9%Lga4zf{b$Z!!uFdJo$zl1`VXAHW$sVze=l@@vgiBi|JU6AkiFmQ`A0_nbtnGr
if|&Tf9saK_e(y_pDR78iY_LBss-J3o@{<n;=>Gs}_7JTA

literal 0
HcmV?d00001

-- 
GitLab


From 9b0a0e71b8a6b92227e6af80ec7202aa0bf44b5b Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Fri, 8 Jun 2018 13:55:29 -0400
Subject: [PATCH 507/863] [JENKINS-51819] When using a custom ArtifactManager,
 Run.delete must call ArtifactManager.delete.

---
 core/src/main/java/hudson/model/Run.java     |  4 ++
 test/src/test/java/hudson/model/RunTest.java | 46 ++++++++++++++++++--
 2 files changed, 47 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/hudson/model/Run.java b/core/src/main/java/hudson/model/Run.java
index 10ec9f6574..a3bc3375be 100644
--- a/core/src/main/java/hudson/model/Run.java
+++ b/core/src/main/java/hudson/model/Run.java
@@ -1554,6 +1554,10 @@ public abstract class Run <JobT extends Job<JobT,RunT>,RunT extends Run<JobT,Run
         
         RunListener.fireDeleted(this);
 
+        if (artifactManager != null) {
+            deleteArtifacts();
+        } // for StandardArtifactManager, deleting the whole build dir suffices
+
         synchronized (this) { // avoid holding a lock while calling plugin impls of onDeleted
         File tmp = new File(rootDir.getParentFile(),'.'+rootDir.getName());
         
diff --git a/test/src/test/java/hudson/model/RunTest.java b/test/src/test/java/hudson/model/RunTest.java
index 92cbef2081..7150aac135 100644
--- a/test/src/test/java/hudson/model/RunTest.java
+++ b/test/src/test/java/hudson/model/RunTest.java
@@ -23,19 +23,30 @@
  */
 package hudson.model;
 
+import hudson.FilePath;
+import hudson.Launcher;
+import hudson.tasks.ArtifactArchiver;
+import java.io.IOException;
 import java.net.HttpURLConnection;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
+import java.util.Map;
+import java.util.concurrent.atomic.AtomicBoolean;
+import jenkins.model.ArtifactManager;
+import jenkins.model.ArtifactManagerConfiguration;
+import jenkins.model.ArtifactManagerFactory;
+import jenkins.model.ArtifactManagerFactoryDescriptor;
+import jenkins.model.Jenkins;
+import jenkins.util.VirtualFile;
 import static org.junit.Assert.*;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
 import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.TestExtension;
+import org.kohsuke.stapler.DataBoundConstructor;
 
-/**
- * @author Kohsuke Kawaguchi
- */
 public class RunTest  {
 
     @Rule public JenkinsRule j = new JenkinsRule();
@@ -73,4 +84,33 @@ public class RunTest  {
         assertEquals(Run.KeepLogBuildBadge.class, badgeActions.get(0).getClass());
     }
 
+    @Issue("JENKINS-51819")
+    @Test public void deleteArtifactsCustom() throws Exception {
+        ArtifactManagerConfiguration.get().getArtifactManagerFactories().add(new Mgr.Factory());
+        FreeStyleProject p = j.createFreeStyleProject();
+        j.jenkins.getWorkspaceFor(p).child("f").write("", null);
+        p.getPublishersList().add(new ArtifactArchiver("f"));
+        FreeStyleBuild b = j.buildAndAssertSuccess(p);
+        b.delete();
+        assertTrue(Mgr.deleted.get());
+    }
+    private static final class Mgr extends ArtifactManager {
+        static final AtomicBoolean deleted = new AtomicBoolean();
+        @Override public boolean delete() throws IOException, InterruptedException {
+            return !deleted.getAndSet(true);
+        }
+        @Override public void onLoad(Run<?, ?> build) {}
+        @Override public void archive(FilePath workspace, Launcher launcher, BuildListener listener, Map<String, String> artifacts) throws IOException, InterruptedException {}
+        @Override public VirtualFile root() {
+            return VirtualFile.forFile(Jenkins.get().getRootDir()); // irrelevant
+        }
+        public static final class Factory extends ArtifactManagerFactory {
+            @DataBoundConstructor public Factory() {}
+            @Override public ArtifactManager managerFor(Run<?, ?> build) {
+                return new Mgr();
+            }
+            @TestExtension("deleteArtifactsCustom") public static final class DescriptorImpl extends ArtifactManagerFactoryDescriptor {}
+        }
+    }
+
 }
-- 
GitLab


From c405ae701c4bca18f7b4edc6e5cd3bc053b7ee60 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 8 Jun 2018 23:11:38 +0200
Subject: [PATCH 508/863] [JENKINS-51541,JENKINS-51551,...] - Remoting 3.21 +
 Allow passing custom CommandTransport implementations to SlaveComputer from
 ComputerLauncher (#3455)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* [JENKINS-51541] - Introduce new SlaveComputer#setChannel() method which takes custom ChannelBuilder and CommandTransport

* [JENKINS-51551] - Pick Remoting version with the API patch

* [JENKINS-51541] - Listener is nullable according to the documentation

* [JENKINS-51551,JENKINS-51223,JENKINS-50965] - Update Remoting to 3.21

* [JENKINS-51541] - Restrict SlaveComputer#setChannel(ChannelBuilder cb, …) to Beta-use only
---
 .../java/hudson/slaves/SlaveComputer.java     | 38 +++++++++++++++++++
 pom.xml                                       |  2 +-
 2 files changed, 39 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/slaves/SlaveComputer.java b/core/src/main/java/hudson/slaves/SlaveComputer.java
index 763272df9c..b5480676db 100644
--- a/core/src/main/java/hudson/slaves/SlaveComputer.java
+++ b/core/src/main/java/hudson/slaves/SlaveComputer.java
@@ -23,6 +23,7 @@
  */
 package hudson.slaves;
 
+import com.google.common.io.NullOutputStream;
 import hudson.AbortException;
 import hudson.FilePath;
 import hudson.Functions;
@@ -39,6 +40,7 @@ import hudson.model.User;
 import hudson.remoting.Channel;
 import hudson.remoting.ChannelBuilder;
 import hudson.remoting.ChannelClosedException;
+import hudson.remoting.CommandTransport;
 import hudson.remoting.Launcher;
 import hudson.remoting.VirtualChannel;
 import hudson.security.ACL;
@@ -61,6 +63,7 @@ import jenkins.util.SystemProperties;
 import org.acegisecurity.context.SecurityContext;
 import org.acegisecurity.context.SecurityContextHolder;
 import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.Beta;
 import org.kohsuke.accmod.restrictions.DoNotUse;
 import org.kohsuke.stapler.HttpRedirect;
 import org.kohsuke.stapler.HttpResponse;
@@ -72,6 +75,7 @@ import org.kohsuke.stapler.export.Exported;
 import org.kohsuke.stapler.interceptor.RequirePOST;
 
 import javax.annotation.CheckForNull;
+import javax.annotation.Nonnull;
 import javax.annotation.OverridingMethodsMustInvokeSuper;
 import javax.servlet.ServletException;
 import java.io.File;
@@ -419,6 +423,40 @@ public class SlaveComputer extends Computer {
         setChannel(channel,launchLog,listener);
     }
 
+    /**
+     * Creates a {@link Channel} from the given Channel Builder and Command Transport.
+     * This method can be used to allow {@link ComputerLauncher}s to create channels not based on I/O streams.
+     *
+     * @param cb
+     *      Channel Builder.
+     *      To print launch logs this channel builder should have a Header Stream defined
+     *      (see {@link ChannelBuilder#getHeaderStream()}) in this argument or by one of {@link ChannelConfigurator}s.
+     * @param commandTransport
+     *      Command Transport
+     * @param listener
+     *      Gets a notification when the channel closes, to perform clean up. Can be {@code null}.
+     *      By the time this method is called, the cause of the termination is reported to the user,
+     *      so the implementation of the listener doesn't need to do that again.
+     * @since TODO
+     */
+    @Restricted(Beta.class)
+    public void setChannel(@Nonnull ChannelBuilder cb,
+                           @Nonnull CommandTransport commandTransport,
+                           @CheckForNull Channel.Listener listener) throws IOException, InterruptedException {
+        for (ChannelConfigurator cc : ChannelConfigurator.all()) {
+            cc.onChannelBuilding(cb,this);
+        }
+
+        OutputStream headerStream = cb.getHeaderStream();
+        if (headerStream == null) {
+            LOGGER.log(Level.WARNING, "No header stream defined when setting channel for computer {0}. " +
+                    "Launch log won't be printed", this);
+            headerStream = new NullOutputStream();
+        }
+        Channel channel = cb.build(commandTransport);
+        setChannel(channel, headerStream, listener);
+    }
+
     /**
      * Shows {@link Channel#classLoadingCount}.
      * @since 1.495
diff --git a/pom.xml b/pom.xml
index 6a4a504cd9..f3fc0b8c86 100644
--- a/pom.xml
+++ b/pom.xml
@@ -106,7 +106,7 @@ THE SOFTWARE.
     <maven-war-plugin.version>3.0.0</maven-war-plugin.version> <!-- JENKINS-47127 bump when 3.2.0 is out. Cf. MWAR-407 -->
 
     <!-- Bundled Remoting version -->
-    <remoting.version>3.20</remoting.version>
+    <remoting.version>3.21</remoting.version>
     <!-- Minimum Remoting version, which is tested for API compatibility -->
     <remoting.minimum.supported.version>2.60</remoting.minimum.supported.version>
 
-- 
GitLab


From 24ea6846150a5a5dc6882a7a4c0bb3c7084dbbae Mon Sep 17 00:00:00 2001
From: Ivan Fernandez Calvo <kuisathaverat@users.noreply.github.com>
Date: Fri, 8 Jun 2018 23:45:15 +0200
Subject: [PATCH 509/863] [JENKINS-20998] Add Timestamp to Workspace View
 (#3079)

* Add Timestamp to Workspace View

* suggested changes
javadoc

* suggested changes
control on dates before 1970-01-01 00:00

* constructor suggestions, I18N

* revert to N/A but in I18N
---
 .../hudson/model/DirectoryBrowserSupport.java | 47 +++++++++++++++++--
 .../model/DirectoryBrowserSupport/dir.jelly   |  8 ++++
 2 files changed, 51 insertions(+), 4 deletions(-)

diff --git a/core/src/main/java/hudson/model/DirectoryBrowserSupport.java b/core/src/main/java/hudson/model/DirectoryBrowserSupport.java
index 504eaba0d1..c67e782b91 100644
--- a/core/src/main/java/hudson/model/DirectoryBrowserSupport.java
+++ b/core/src/main/java/hudson/model/DirectoryBrowserSupport.java
@@ -33,9 +33,11 @@ import java.net.URL;
 import java.text.Collator;
 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.Calendar;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.Comparator;
+import java.util.GregorianCalendar;
 import java.util.List;
 import java.util.Locale;
 import java.util.StringTokenizer;
@@ -349,7 +351,7 @@ public final class DirectoryBrowserSupport implements HttpResponse {
         int current=1;
         while(tokens.hasMoreTokens()) {
             String token = tokens.nextToken();
-            r.add(new Path(createBackRef(total-current+restSize),token,true,0, true));
+            r.add(new Path(createBackRef(total-current+restSize),token,true,0, true,0));
             current++;
         }
         return r;
@@ -416,12 +418,26 @@ public final class DirectoryBrowserSupport implements HttpResponse {
          */
         private final boolean isReadable;
 
+       /**
+        * For a file, the last modified timestamp.
+        */
+        private final long lastModified;
+
+        /**
+         * @deprecated Use {@link #Path(String, String, boolean, long, boolean, long)}
+         */
+        @Deprecated
         public Path(String href, String title, boolean isFolder, long size, boolean isReadable) {
+            this(href, title, isFolder, size, isReadable, 0L);
+        }
+
+        public Path(String href, String title, boolean isFolder, long size, boolean isReadable, long lastModified) {
             this.href = href;
             this.title = title;
             this.isFolder = isFolder;
             this.size = size;
             this.isReadable = isReadable;
+            this.lastModified = lastModified;
         }
 
         public boolean isFolder() {
@@ -458,6 +474,29 @@ public final class DirectoryBrowserSupport implements HttpResponse {
             return size;
         }
 
+        /**
+         *
+         * @return A long value representing the time the file was last modified, measured in milliseconds since
+         * the epoch (00:00:00 GMT, January 1, 1970), or 0L if is not possible to obtain the times.
+         * @since TODO
+         */
+        public long getLastModified() {
+            return lastModified;
+        }
+
+        /**
+         *
+         * @return A Calendar representing the time the file was last modified, it lastModified is 0L
+         * it will return 00:00:00 GMT, January 1, 1970.
+         * @since TODO
+         */
+        @Restricted(NoExternalUse.class)
+        public Calendar getLastModifiedAsCalendar() {
+            final Calendar cal = new GregorianCalendar();
+            cal.setTimeInMillis(lastModified);
+            return cal;
+        }
+
         private static final long serialVersionUID = 1L;
     }
 
@@ -511,7 +550,7 @@ public final class DirectoryBrowserSupport implements HttpResponse {
                 Arrays.sort(files,new FileComparator(locale));
     
                 for( VirtualFile f : files ) {
-                    Path p = new Path(Util.rawEncode(f.getName()), f.getName(), f.isDirectory(), f.length(), f.canRead());
+                    Path p = new Path(Util.rawEncode(f.getName()), f.getName(), f.isDirectory(), f.length(), f.canRead(), f.lastModified());
                     if(!f.isDirectory()) {
                         r.add(Collections.singletonList(p));
                     } else {
@@ -532,7 +571,7 @@ public final class DirectoryBrowserSupport implements HttpResponse {
                                 break;
                             f = sub.get(0);
                             relPath += '/'+Util.rawEncode(f.getName());
-                            l.add(new Path(relPath,f.getName(),true,0, f.canRead()));
+                            l.add(new Path(relPath,f.getName(),true, f.length(), f.canRead(), f.lastModified()));
                         }
                         r.add(l);
                     }
@@ -586,7 +625,7 @@ public final class DirectoryBrowserSupport implements HttpResponse {
                 href.append("/");
             }
 
-            Path path = new Path(href.toString(), filePath.getName(), filePath.isDirectory(), filePath.length(), filePath.canRead());
+            Path path = new Path(href.toString(), filePath.getName(), filePath.isDirectory(), filePath.length(), filePath.canRead(), filePath.lastModified());
             pathList.add(path);
         }
 
diff --git a/core/src/main/resources/hudson/model/DirectoryBrowserSupport/dir.jelly b/core/src/main/resources/hudson/model/DirectoryBrowserSupport/dir.jelly
index 16a08537ed..0b12450d52 100644
--- a/core/src/main/resources/hudson/model/DirectoryBrowserSupport/dir.jelly
+++ b/core/src/main/resources/hudson/model/DirectoryBrowserSupport/dir.jelly
@@ -70,6 +70,14 @@ THE SOFTWARE.
                     </j:forEach>
                   </td>
                   <j:if test="${!x.folder}">
+                    <td class="fileSize">
+                      <j:if test="${x.lastModifiedAsCalendar.timeInMillis &gt; 0}">
+                        <i:formatDate value="${x.lastModifiedAsCalendar.time}" type="both" dateStyle="medium" timeStyle="medium"/>
+                      </j:if>
+                      <j:if test="${x.lastModifiedAsCalendar.timeInMillis &lt;= 0}">
+                        ${%N/A}
+                      </j:if>
+                    </td>
                     <td class="fileSize">
                       ${h.humanReadableByteSize(x.getSize())}
                     </td>
-- 
GitLab


From 01b1f1ddbcad7ed8ea781e41ba4bd8d890f13c67 Mon Sep 17 00:00:00 2001
From: Pavel Avgustinov <pavgust@users.noreply.github.com>
Date: Fri, 8 Jun 2018 23:31:46 +0100
Subject: [PATCH 510/863] Fix potential deadlock between queue maintenance and
 asynchronous execution (#3354)

[JENKINS-46248] - Fix potential deadlock between queue maintenance and asynchronous execution
---
 core/src/main/java/hudson/model/Executor.java |  3 +-
 .../model/queue/AsynchronousExecution.java    | 28 ++++++++++++++-----
 2 files changed, 23 insertions(+), 8 deletions(-)

diff --git a/core/src/main/java/hudson/model/Executor.java b/core/src/main/java/hudson/model/Executor.java
index 8c02d8ff64..3b160ae927 100644
--- a/core/src/main/java/hudson/model/Executor.java
+++ b/core/src/main/java/hudson/model/Executor.java
@@ -431,11 +431,12 @@ public class Executor extends Thread implements ModelObject {
             } catch (AsynchronousExecution x) {
                 lock.writeLock().lock();
                 try {
-                    x.setExecutor(this);
+                    x.setExecutorWithoutCompleting(this);
                     this.asynchronousExecution = x;
                 } finally {
                     lock.writeLock().unlock();
                 }
+                x.maybeComplete();
             } catch (Throwable e) {
                 problems = e;
             } finally {
diff --git a/core/src/main/java/jenkins/model/queue/AsynchronousExecution.java b/core/src/main/java/jenkins/model/queue/AsynchronousExecution.java
index 7ed0816572..c99dd40de6 100644
--- a/core/src/main/java/jenkins/model/queue/AsynchronousExecution.java
+++ b/core/src/main/java/jenkins/model/queue/AsynchronousExecution.java
@@ -39,6 +39,7 @@ import javax.annotation.Nonnull;
 import javax.annotation.concurrent.GuardedBy;
 import jenkins.model.Jenkins;
 import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.DoNotUse;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 
 /**
@@ -61,7 +62,7 @@ public abstract class AsynchronousExecution extends RuntimeException {
 
     /**
      * Initially null, and usually stays null.
-     * If {@link #completed} is called before {@link #setExecutor}, then either {@link #NULL} for success, or the error.
+     * If {@link #completed} is called before {@link #setExecutorWithoutCompleting}, then either {@link #NULL} for success, or the error.
      */
     @GuardedBy("this")
     private @CheckForNull Throwable result;
@@ -98,7 +99,7 @@ public abstract class AsynchronousExecution extends RuntimeException {
 
     /**
      * Obtains the associated executor.
-     * @return Associated Executor. May be {@code null} if {@link #setExecutor(hudson.model.Executor)} 
+     * @return Associated Executor. May be {@code null} if {@link #setExecutorWithoutCompleting(hudson.model.Executor)} 
      * has not been called yet.
      */
     @CheckForNull
@@ -106,13 +107,26 @@ public abstract class AsynchronousExecution extends RuntimeException {
         return executor;
     }
 
+    /**
+     * Set the executor without notifying it about task completion.
+     * The caller <b>must</b> also call {@link #maybeComplete()}
+     * after releasing any problematic locks.
+     */
     @Restricted(NoExternalUse.class)
-    public synchronized final void setExecutor(@Nonnull Executor executor) {
-        assert this.executor==null;
-
+    public synchronized final void setExecutorWithoutCompleting(@Nonnull Executor executor) {
+        assert this.executor == null;
         this.executor = executor;
-        if (result!=null) {
-            executor.completedAsynchronous( result!=NULL ? result : null );
+    }
+
+    /**
+     * If there is a pending completion notification, deliver it to the executor.
+     * Must be called after {@link #setExecutorWithoutCompleting(Executor)}.
+     */
+    @Restricted(NoExternalUse.class)
+    public synchronized final void maybeComplete() {
+        assert this.executor != null;
+        if (result != null) {
+            executor.completedAsynchronous(result != NULL ? result : null);
             result = null;
         }
     }
-- 
GitLab


From 3783cc40a4851d3d92df28f534590b850fe714b2 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sun, 10 Jun 2018 12:23:23 +0200
Subject: [PATCH 511/863] =?UTF-8?q?[JENKINS-51155]=20-=20Update=20Extras?=
 =?UTF-8?q?=20Executable=20WAR=20to=201.40=20to=20pick=20the=20=E2=80=94en?=
 =?UTF-8?q?able-future-java=20flag=20(#3486)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* [JENKINS-51155] - Update Extras Executable WAR to 1.40 to pick the —enable-future-java flag

* [JENKINS-51155] - Pick newer snapshot

* [JENKINS-51155] - Pick the released 1.40 version
---
 war/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/war/pom.xml b/war/pom.xml
index d9980a0636..a1c65f0bbc 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -49,7 +49,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>org.jenkins-ci</groupId>
       <artifactId>executable-war</artifactId>
-      <version>1.39</version>
+      <version>1.40</version>
       <scope>provided</scope>
     </dependency>
     <dependency>
-- 
GitLab


From c8763a1eef8cddd3c27839143648a074dec637b1 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 10 Jun 2018 18:42:10 -0700
Subject: [PATCH 512/863] [maven-release-plugin] prepare release jenkins-2.127

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d54dac5918..f2ce7a0c0a 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.127</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 0d5c3f2c27..66a925ddce 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.127</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index f3fc0b8c86..71b05f8f2f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.127</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.127</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..1c228226fe 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.127</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index a1c65f0bbc..69676f95bc 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.127</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 563e1a2e82fb433d670f7334294bcb6a8f650a7d Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 10 Jun 2018 18:42:11 -0700
Subject: [PATCH 513/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index f2ce7a0c0a..37f34915ed 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.127</version>
+    <version>2.128-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 66a925ddce..eb247de1cc 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.127</version>
+    <version>2.128-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 71b05f8f2f..f93b9e293d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.127</version>
+  <version>2.128-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.127</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 1c228226fe..c2665571b6 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.127</version>
+    <version>2.128-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 69676f95bc..28a001822a 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.127</version>
+    <version>2.128-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From b3b2cdc9d598740617d74fbaa290bf5ab1022064 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 10 Jun 2018 18:48:32 -0700
Subject: [PATCH 514/863] mvn incrementals:reincrementalify

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 37f34915ed..d54dac5918 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.128-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index eb247de1cc..0d5c3f2c27 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.128-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index f93b9e293d..74ae09f865 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.128-SNAPSHOT</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.127</revision>
+    <revision>2.128</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index c2665571b6..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.128-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 28a001822a..a1c65f0bbc 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.128-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From a8c8023173d83aa190b35df770d52667d101a01d Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Mon, 11 Jun 2018 08:21:27 +0200
Subject: [PATCH 515/863] Undo the forEach change

---
 .../resources.js                                  | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/resources.js b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/resources.js
index ccdf4c9949..58207a0dc0 100644
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/resources.js
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/resources.js
@@ -54,15 +54,20 @@ function checkTheDesiredOne(allCheckBoxes, concernedCheckBoxes){
         }
     }
     
-    allCheckBoxes.forEach(function(checkBox){
+    for(var i = 0; i < allCheckBoxes.length ; i++){
+        var checkBox = allCheckBoxes[i];
         checkBox.checked = false;
-    });
+    }
     
-    concernedCheckBoxes.forEach(function(checkBox){
+    for(var i = 0; i < concernedCheckBoxes.length ; i++){
+        var checkBox = concernedCheckBoxes[i];
         checkBox.checked = mustCheck;
-    });
+    }
     
-    allCheckBoxes.forEach(onCheckChanged);
+    for(var i = 0; i < allCheckBoxes.length ; i++){
+        var checkBox = allCheckBoxes[i];
+        onCheckChanged(checkBox);
+    }
 }
 
 function confirmAndRevokeAllSelected(button){
-- 
GitLab


From cb3087256e541051d698edc447b8460f6cf8b3a9 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Tue, 12 Jun 2018 18:17:50 +0200
Subject: [PATCH 516/863] =?UTF-8?q?[JENKINS-51889]=20-=20Stop=20using=20Gu?=
 =?UTF-8?q?ava=E2=80=99s=20NullOutputStream,=20document=20setChannel=20API?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/hudson/slaves/SlaveComputer.java     | 31 ++++++++++++++++---
 1 file changed, 26 insertions(+), 5 deletions(-)

diff --git a/core/src/main/java/hudson/slaves/SlaveComputer.java b/core/src/main/java/hudson/slaves/SlaveComputer.java
index b5480676db..0aa438a918 100644
--- a/core/src/main/java/hudson/slaves/SlaveComputer.java
+++ b/core/src/main/java/hudson/slaves/SlaveComputer.java
@@ -23,7 +23,6 @@
  */
 package hudson.slaves;
 
-import com.google.common.io.NullOutputStream;
 import hudson.AbortException;
 import hudson.FilePath;
 import hudson.Functions;
@@ -387,7 +386,28 @@ public class SlaveComputer extends Computer {
 
     private final Object channelLock = new Object();
 
-    public void setChannel(InputStream in, OutputStream out, TaskListener taskListener, Channel.Listener listener) throws IOException, InterruptedException {
+    /**
+     * Creates a {@link Channel} from the given stream and sets that to this agent.
+     *
+     * @param in
+     *      Stream connected to the remote agent. It's the caller's responsibility to do
+     *      buffering on this stream, if that's necessary.
+     * @param out
+     *      Stream connected to the remote peer. It's the caller's responsibility to do
+     *      buffering on this stream, if that's necessary.
+     * @param taskListener
+     *      Receives the portion of data in <tt>is</tt> before
+     *      the data goes into the "binary mode". This is useful
+     *      when the established communication channel might include some data that might
+     *      be useful for debugging/trouble-shooting.
+     * @param listener
+     *      Gets a notification when the channel closes, to perform clean up. Can be null.
+     *      By the time this method is called, the cause of the termination is reported to the user,
+     *      so the implementation of the listener doesn't need to do that again.
+     */
+    public void setChannel(@Nonnull InputStream in, @Nonnull OutputStream out,
+                           @Nonnull TaskListener taskListener,
+                           @CheckForNull Channel.Listener listener) throws IOException, InterruptedException {
         setChannel(in,out,taskListener.getLogger(),listener);
     }
 
@@ -410,7 +430,9 @@ public class SlaveComputer extends Computer {
      *      By the time this method is called, the cause of the termination is reported to the user,
      *      so the implementation of the listener doesn't need to do that again.
      */
-    public void setChannel(InputStream in, OutputStream out, OutputStream launchLog, Channel.Listener listener) throws IOException, InterruptedException {
+    public void setChannel(@Nonnull InputStream in, @Nonnull OutputStream out,
+                           @CheckForNull OutputStream launchLog,
+                           @CheckForNull Channel.Listener listener) throws IOException, InterruptedException {
         ChannelBuilder cb = new ChannelBuilder(nodeName,threadPoolForRemoting)
             .withMode(Channel.Mode.NEGOTIATE)
             .withHeaderStream(launchLog);
@@ -437,7 +459,7 @@ public class SlaveComputer extends Computer {
      *      Gets a notification when the channel closes, to perform clean up. Can be {@code null}.
      *      By the time this method is called, the cause of the termination is reported to the user,
      *      so the implementation of the listener doesn't need to do that again.
-     * @since TODO
+     * @since 2.127
      */
     @Restricted(Beta.class)
     public void setChannel(@Nonnull ChannelBuilder cb,
@@ -451,7 +473,6 @@ public class SlaveComputer extends Computer {
         if (headerStream == null) {
             LOGGER.log(Level.WARNING, "No header stream defined when setting channel for computer {0}. " +
                     "Launch log won't be printed", this);
-            headerStream = new NullOutputStream();
         }
         Channel channel = cb.build(commandTransport);
         setChannel(channel, headerStream, listener);
-- 
GitLab


From 01b8e7e94e5cce53c409489ccc87d7c7a93a4bfa Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Tue, 12 Jun 2018 18:46:22 +0200
Subject: [PATCH 517/863] [JENKINS-51889] - DRY in Javadoc

---
 .../main/java/hudson/slaves/SlaveComputer.java  | 17 ++---------------
 1 file changed, 2 insertions(+), 15 deletions(-)

diff --git a/core/src/main/java/hudson/slaves/SlaveComputer.java b/core/src/main/java/hudson/slaves/SlaveComputer.java
index 0aa438a918..7dea6b1667 100644
--- a/core/src/main/java/hudson/slaves/SlaveComputer.java
+++ b/core/src/main/java/hudson/slaves/SlaveComputer.java
@@ -389,21 +389,8 @@ public class SlaveComputer extends Computer {
     /**
      * Creates a {@link Channel} from the given stream and sets that to this agent.
      *
-     * @param in
-     *      Stream connected to the remote agent. It's the caller's responsibility to do
-     *      buffering on this stream, if that's necessary.
-     * @param out
-     *      Stream connected to the remote peer. It's the caller's responsibility to do
-     *      buffering on this stream, if that's necessary.
-     * @param taskListener
-     *      Receives the portion of data in <tt>is</tt> before
-     *      the data goes into the "binary mode". This is useful
-     *      when the established communication channel might include some data that might
-     *      be useful for debugging/trouble-shooting.
-     * @param listener
-     *      Gets a notification when the channel closes, to perform clean up. Can be null.
-     *      By the time this method is called, the cause of the termination is reported to the user,
-     *      so the implementation of the listener doesn't need to do that again.
+     * Same as {@link #setChannel(InputStream, OutputStream, OutputStream, Channel.Listener)}, but for
+     * {@link TaskListener}.
      */
     public void setChannel(@Nonnull InputStream in, @Nonnull OutputStream out,
                            @Nonnull TaskListener taskListener,
-- 
GitLab


From f5ef5d7dcc2d48813b0c454ef76c8c78c9ebb697 Mon Sep 17 00:00:00 2001
From: Julien Coste <julien.coste@orange.com>
Date: Wed, 13 Jun 2018 10:22:58 +0200
Subject: [PATCH 518/863] fix French translation of tools installations list

---
 .../hudson/tools/ToolInstallation/global_fr.properties          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/hudson/tools/ToolInstallation/global_fr.properties b/core/src/main/resources/hudson/tools/ToolInstallation/global_fr.properties
index c7b318631c..b1eebde9a8 100644
--- a/core/src/main/resources/hudson/tools/ToolInstallation/global_fr.properties
+++ b/core/src/main/resources/hudson/tools/ToolInstallation/global_fr.properties
@@ -20,7 +20,7 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-description=Nombre d''installations {0} sur ce syst\u00E8me
+description=Liste des installations {0} sur ce syst\u00E8me
 label.add=Ajouter {0}
 label.delete=Supprimer {0}
 title=Installations {0}
-- 
GitLab


From 578d6bacb33a5e99f149de504c80275796f0b231 Mon Sep 17 00:00:00 2001
From: MatthiasSchmalz <matthias.schmalz@sap.com>
Date: Wed, 13 Jun 2018 22:01:14 +0200
Subject: [PATCH 519/863] [FIX JENKINS-51667] Move getBuildFingerprints from
 AbstractBuild to Run (#3476)

* [FIX JENKINS-51667] Move getBuildFingerprints from AbstractBuild to Run

* Add @Nonnull annotation

Change-Id: I51e565bf6b528eea3c14da4349dde081d69b929e

* Adjust location change: filter on Job instead of AbstractProject
---
 .../main/java/hudson/model/AbstractBuild.java | 14 ------------
 .../main/java/hudson/model/Fingerprint.java   | 22 +++++++++----------
 core/src/main/java/hudson/model/Run.java      | 17 ++++++++++++++
 3 files changed, 27 insertions(+), 26 deletions(-)

diff --git a/core/src/main/java/hudson/model/AbstractBuild.java b/core/src/main/java/hudson/model/AbstractBuild.java
index 5e66617e27..0f49ac47f3 100644
--- a/core/src/main/java/hudson/model/AbstractBuild.java
+++ b/core/src/main/java/hudson/model/AbstractBuild.java
@@ -803,20 +803,6 @@ public abstract class AbstractBuild<P extends AbstractProject<P,R>,R extends Abs
         }
     }
 
-    /**
-     * get the fingerprints associated with this build
-     *
-     * @return never null
-     */
-    @Exported(name = "fingerprint", inline = true, visibility = -1)
-    public Collection<Fingerprint> getBuildFingerprints() {
-        FingerprintAction fingerprintAction = getAction(FingerprintAction.class);
-        if (fingerprintAction != null) {
-            return fingerprintAction.getFingerprints().values();
-        }
-        return Collections.<Fingerprint>emptyList();
-    }
-
 	/*
      * No need to lock the entire AbstractBuild on change set calculation
      */
diff --git a/core/src/main/java/hudson/model/Fingerprint.java b/core/src/main/java/hudson/model/Fingerprint.java
index cb130e2c61..31dd8d87c5 100644
--- a/core/src/main/java/hudson/model/Fingerprint.java
+++ b/core/src/main/java/hudson/model/Fingerprint.java
@@ -827,19 +827,17 @@ public class Fingerprint implements ModelObject, Saveable {
             }
         }
         private void locationChanged(Item item, String oldName, String newName) {
-            if (item instanceof AbstractProject) {
-                AbstractProject p = Jenkins.getInstance().getItemByFullName(newName, AbstractProject.class);
+            if (item instanceof Job) {
+                Job p = Jenkins.getInstance().getItemByFullName(newName, Job.class);
                 if (p != null) {
-                    RunList builds = p.getBuilds();
-                    for (Object build : builds) {
-                        if (build instanceof AbstractBuild) {
-                            Collection<Fingerprint> fingerprints = ((AbstractBuild)build).getBuildFingerprints();
-                            for (Fingerprint f : fingerprints) {
-                                try {
-                                    f.rename(oldName, newName);
-                                } catch (IOException e) {
-                                    logger.log(Level.WARNING, "Failed to update fingerprint record " + f.getFileName() + " when " + oldName + " was renamed to " + newName, e);
-                                }
+                    RunList<? extends Run> builds = p.getBuilds();
+                    for (Run build : builds) {
+                        Collection<Fingerprint> fingerprints = build.getBuildFingerprints();
+                        for (Fingerprint f : fingerprints) {
+                            try {
+                                f.rename(oldName, newName);
+                            } catch (IOException e) {
+                                logger.log(Level.WARNING, "Failed to update fingerprint record " + f.getFileName() + " when " + oldName + " was renamed to " + newName, e);
                             }
                         }
                     }
diff --git a/core/src/main/java/hudson/model/Run.java b/core/src/main/java/hudson/model/Run.java
index a3bc3375be..e8c7965f30 100644
--- a/core/src/main/java/hudson/model/Run.java
+++ b/core/src/main/java/hudson/model/Run.java
@@ -59,6 +59,7 @@ import hudson.security.Permission;
 import hudson.security.PermissionGroup;
 import hudson.security.PermissionScope;
 import hudson.tasks.BuildWrapper;
+import hudson.tasks.Fingerprinter.FingerprintAction;
 import hudson.util.FormApply;
 import hudson.util.LogTaskListener;
 import hudson.util.ProcessTree;
@@ -80,6 +81,7 @@ import java.text.SimpleDateFormat;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Calendar;
+import java.util.Collection;
 import java.util.Collections;
 import java.util.Comparator;
 import java.util.Date;
@@ -1401,6 +1403,21 @@ public abstract class Run <JobT extends Job<JobT,RunT>,RunT extends Run<JobT,Run
         }
     }
 
+    /**
+     * get the fingerprints associated with this build
+     *
+     * @return The fingerprints
+     */
+    @Nonnull
+    @Exported(name = "fingerprint", inline = true, visibility = -1)
+    public Collection<Fingerprint> getBuildFingerprints() {
+        FingerprintAction fingerprintAction = getAction(FingerprintAction.class);
+        if (fingerprintAction != null) {
+            return fingerprintAction.getFingerprints().values();
+        }
+        return Collections.<Fingerprint>emptyList();
+    }
+    
     /**
      * Returns the log file.
      * @return The file may reference both uncompressed or compressed logs
-- 
GitLab


From 21b8dfb653b074835829a3db820f31f13c9c2af0 Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Wed, 13 Jun 2018 21:44:40 -0400
Subject: [PATCH 520/863] more i18n

cancel this build
Build time graph
captcha
title
---
 core/src/main/resources/hudson/model/Job/buildTimeTrend.jelly   | 2 +-
 .../hudson/security/HudsonPrivateSecurityRealm/_entryForm.jelly | 2 +-
 core/src/main/resources/lib/hudson/queue.jelly                  | 2 +-
 core/src/main/resources/lib/layout/layout.jelly                 | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/core/src/main/resources/hudson/model/Job/buildTimeTrend.jelly b/core/src/main/resources/hudson/model/Job/buildTimeTrend.jelly
index ec951a785d..d88ebc1094 100644
--- a/core/src/main/resources/hudson/model/Job/buildTimeTrend.jelly
+++ b/core/src/main/resources/hudson/model/Job/buildTimeTrend.jelly
@@ -35,7 +35,7 @@ THE SOFTWARE.
 
       <h1>${%Build Time Trend}</h1>
           <div align="center">
-            <img src="buildTimeGraph/png" width="500" height="400" lazymap="buildTimeGraph/map" alt="[Build time graph]" style="float:right"/>
+            <img src="buildTimeGraph/png" width="500" height="400" lazymap="buildTimeGraph/map" alt="[${%Build time graph}]" style="float:right"/>
           </div>
 
           <j:set var="isMasterSlaveEnabled" value="${!empty(app.slaves)}"/>
diff --git a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/_entryForm.jelly b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/_entryForm.jelly
index a4e2f822f2..1b096dd34c 100644
--- a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/_entryForm.jelly
+++ b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/_entryForm.jelly
@@ -60,7 +60,7 @@ THE SOFTWARE.
             <td>${%Enter text as shown}:</td>
             <td>
               <input type="text" name="captcha" autocomplete="off" /><br />
-              <img src="${rootURL}/securityRealm/captcha" alt="[captcha]"/>
+              <img src="${rootURL}/securityRealm/captcha" alt="[${%captcha}]"/>
             </td>
           </tr>
         </j:if>
diff --git a/core/src/main/resources/lib/hudson/queue.jelly b/core/src/main/resources/lib/hudson/queue.jelly
index d38462218d..6f64358ef1 100644
--- a/core/src/main/resources/lib/hudson/queue.jelly
+++ b/core/src/main/resources/lib/hudson/queue.jelly
@@ -92,7 +92,7 @@ THE SOFTWARE.
             </td>
             <td class="pane" width="16" align="center" valign="middle">
               <j:if test="${item.hasCancelPermission()}">
-                <l:stopButton href="${rootURL}/queue/cancelItem?id=${item.id}" confirm="${%confirm(item.task.fullDisplayName)}" alt="cancel this build"/>
+                <l:stopButton href="${rootURL}/queue/cancelItem?id=${item.id}" confirm="${%confirm(item.task.fullDisplayName)}" alt="${%cancel this build}"/>
               </j:if>
              </td>
           </tr>
diff --git a/core/src/main/resources/lib/layout/layout.jelly b/core/src/main/resources/lib/layout/layout.jelly
index e06c32b7f3..97f1c6bf8d 100644
--- a/core/src/main/resources/lib/layout/layout.jelly
+++ b/core/src/main/resources/lib/layout/layout.jelly
@@ -185,7 +185,7 @@ ${h.initPageVariables(context)}
         <div class="logo">
           <a id="jenkins-home-link" href="${rootURL}/">
             <img id="jenkins-head-icon" src="${imagesURL}/headshot.png" alt="title" />
-            <img id="jenkins-name-icon" src="${imagesURL}/title.png" alt="title" width="139" height="34" />
+            <img id="jenkins-name-icon" src="${imagesURL}/title.png" alt="${%title}" width="139" height="34" />
           </a>
         </div>
         <div class="login">
-- 
GitLab


From 7e21ac34be150d165f485a3479b7a4712a65809f Mon Sep 17 00:00:00 2001
From: James Nord <jnord+github@cloudbees.com>
Date: Thu, 14 Jun 2018 17:39:29 +0100
Subject: [PATCH 521/863] [JENKINS-28683] (A)PeriodicWork suuport for
 dynamically loaded plugins.

If a new PeriodicWork or AperiodicWork extension is loaded then schedule
the task.
---
 .../main/java/hudson/model/AperiodicWork.java | 38 +++++++++++-
 .../main/java/hudson/model/PeriodicWork.java  | 41 ++++++++++++-
 .../java/hudson/model/APeriodicWorkTest.java  | 59 +++++++++++++++++++
 .../java/hudson/model/PeriodicWorkTest.java   | 55 +++++++++++++++++
 4 files changed, 190 insertions(+), 3 deletions(-)
 create mode 100644 test/src/test/java/hudson/model/APeriodicWorkTest.java
 create mode 100644 test/src/test/java/hudson/model/PeriodicWorkTest.java

diff --git a/core/src/main/java/hudson/model/AperiodicWork.java b/core/src/main/java/hudson/model/AperiodicWork.java
index fbd4f2c4f7..1a2cf155b0 100644
--- a/core/src/main/java/hudson/model/AperiodicWork.java
+++ b/core/src/main/java/hudson/model/AperiodicWork.java
@@ -24,12 +24,15 @@
 package hudson.model;
 
 import hudson.ExtensionList;
+import hudson.ExtensionListListener;
 import hudson.ExtensionPoint;
 import hudson.init.Initializer;
 import hudson.triggers.SafeTimerTask;
 import jenkins.util.Timer;
 
+import java.util.HashSet;
 import java.util.Random;
+import java.util.Set;
 import java.util.concurrent.TimeUnit;
 import java.util.logging.Logger;
 
@@ -92,11 +95,17 @@ public abstract class AperiodicWork extends SafeTimerTask implements ExtensionPo
     @Initializer(after= JOB_LOADED)
     public static void init() {
         // start all AperidocWorks
+        ExtensionList<AperiodicWork> extensionList = all();
+        extensionList.addListener(new AperiodicWorkExtensionListListener(extensionList));
         for (AperiodicWork p : AperiodicWork.all()) {
-            Timer.get().schedule(p, p.getInitialDelay(), TimeUnit.MILLISECONDS);
+            scheduleAperiodWork(p);
         }
     }
 
+    public static void scheduleAperiodWork(AperiodicWork ap) {
+        Timer.get().schedule(ap, ap.getInitialDelay(), TimeUnit.MILLISECONDS);
+    }
+
     protected abstract void doAperiodicRun();
     
     /**
@@ -107,4 +116,31 @@ public abstract class AperiodicWork extends SafeTimerTask implements ExtensionPo
     }
 
     private static final Random RANDOM = new Random();
+
+    /**
+     * ExtensionListener that will kick off any new AperiodWork extensions from plugins that are dynamically
+     * loaded.
+     */
+    private static class AperiodicWorkExtensionListListener extends ExtensionListListener {
+
+        private final Set<AperiodicWork> registered = new HashSet<>();
+
+        AperiodicWorkExtensionListListener(ExtensionList<AperiodicWork> initiallyRegistered) {
+            for (AperiodicWork p : initiallyRegistered) {
+                registered.add(p);
+            }
+        }
+
+        @Override
+        public void onChange() {
+            synchronized (registered) {
+                for (AperiodicWork p : AperiodicWork.all()) {
+                    if (!registered.contains(p)) {
+                        scheduleAperiodWork(p);
+                        registered.add(p);
+                    }
+                }
+            }
+        }
+    }
 }
diff --git a/core/src/main/java/hudson/model/PeriodicWork.java b/core/src/main/java/hudson/model/PeriodicWork.java
index aab8342672..1079553551 100644
--- a/core/src/main/java/hudson/model/PeriodicWork.java
+++ b/core/src/main/java/hudson/model/PeriodicWork.java
@@ -23,6 +23,7 @@
  */
 package hudson.model;
 
+import hudson.ExtensionListListener;
 import hudson.init.Initializer;
 import hudson.triggers.SafeTimerTask;
 import hudson.ExtensionPoint;
@@ -30,6 +31,8 @@ import hudson.Extension;
 import hudson.ExtensionList;
 import jenkins.util.Timer;
 
+import java.util.HashSet;
+import java.util.Set;
 import java.util.concurrent.TimeUnit;
 import java.util.logging.Logger;
 import java.util.Random;
@@ -99,15 +102,49 @@ public abstract class PeriodicWork extends SafeTimerTask implements ExtensionPoi
     @Initializer(after= JOB_LOADED)
     public static void init() {
         // start all PeriodicWorks
-        for (PeriodicWork p : PeriodicWork.all()) {
-            Timer.get().scheduleAtFixedRate(p, p.getInitialDelay(), p.getRecurrencePeriod(), TimeUnit.MILLISECONDS);
+        ExtensionList<PeriodicWork> extensionList = all();
+        extensionList.addListener(new PeriodicWorkExtensionListListener(extensionList));
+        for (PeriodicWork p : extensionList) {
+            schedulePeriodicWork(p);
         }
     }
 
+    private static void schedulePeriodicWork(PeriodicWork p) {
+        Timer.get().scheduleAtFixedRate(p, p.getInitialDelay(), p.getRecurrencePeriod(), TimeUnit.MILLISECONDS);
+    }
+
     // time constants
     protected static final long MIN = 1000*60;
     protected static final long HOUR =60*MIN;
     protected static final long DAY = 24*HOUR;
 
     private static final Random RANDOM = new Random();
+
+    /**
+     * ExtensionListener that will kick off any new AperiodWork extensions from plugins that are dynamically
+     * loaded.
+     */
+    private static class PeriodicWorkExtensionListListener extends ExtensionListListener {
+
+        private final Set<PeriodicWork> registered = new HashSet<>();
+
+        PeriodicWorkExtensionListListener(ExtensionList<PeriodicWork> initiallyRegistered) {
+            for (PeriodicWork p : initiallyRegistered) {
+                registered.add(p);
+            }
+        }
+
+        @Override
+        public void onChange() {
+            synchronized (registered) {
+                for (PeriodicWork p : PeriodicWork.all()) {
+                    // it is possibly to programatically remove Extensions but that is rarely used.
+                    if (!registered.contains(p)) {
+                        schedulePeriodicWork(p);
+                        registered.add(p);
+                    }
+                }
+            }
+        }
+    }
 }
diff --git a/test/src/test/java/hudson/model/APeriodicWorkTest.java b/test/src/test/java/hudson/model/APeriodicWorkTest.java
new file mode 100644
index 0000000000..39101cc343
--- /dev/null
+++ b/test/src/test/java/hudson/model/APeriodicWorkTest.java
@@ -0,0 +1,59 @@
+package hudson.model;
+
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.TimeUnit;
+
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.JenkinsRule;
+
+import hudson.ExtensionList;
+
+import static org.hamcrest.Matchers.hasSize;
+import static org.hamcrest.Matchers.is;
+import static org.junit.Assert.assertThat;
+
+public class APeriodicWorkTest {
+
+    @Rule
+    public JenkinsRule jr = new JenkinsRule();
+
+
+    @Test
+    public void newExtensionsAreScheduled() throws Exception {
+        TestAperiodicWork tapw = new TestAperiodicWork();
+
+        int size = PeriodicWork.all().size();
+        ExtensionList.lookup(AperiodicWork.class).add(tapw);
+
+        assertThat("we have one new AperiodicWork", AperiodicWork.all(), hasSize(size+1));
+        assertThat("The task was not run within 15 seconds",tapw.doneSignal.await(15, TimeUnit.SECONDS), is(true));
+    }
+
+    private static class TestAperiodicWork extends AperiodicWork {
+
+        CountDownLatch doneSignal = new CountDownLatch(1);
+
+        @Override
+        public long getRecurrencePeriod() {
+            // should make this only ever run once initially for testing.
+            return Long.MAX_VALUE;
+        }
+
+        @Override
+        public long getInitialDelay() {
+            // Don't delay just run it!
+            return 0L;
+        }
+
+        @Override
+        public AperiodicWork getNewInstance() {
+            return this;
+        }
+
+        @Override
+        protected void doAperiodicRun() {
+            doneSignal.countDown();
+        }
+    }
+}
\ No newline at end of file
diff --git a/test/src/test/java/hudson/model/PeriodicWorkTest.java b/test/src/test/java/hudson/model/PeriodicWorkTest.java
new file mode 100644
index 0000000000..cfa2c0dc69
--- /dev/null
+++ b/test/src/test/java/hudson/model/PeriodicWorkTest.java
@@ -0,0 +1,55 @@
+package hudson.model;
+
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.atomic.AtomicInteger;
+
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.JenkinsRule;
+
+import hudson.ExtensionList;
+
+import static org.hamcrest.Matchers.hasSize;
+import static org.hamcrest.Matchers.is;
+import static org.junit.Assert.assertThat;
+
+public class PeriodicWorkTest {
+
+    @Rule
+    public JenkinsRule jr = new JenkinsRule();
+
+
+    @Test
+    public void newExtensionsAreScheduled() throws Exception {
+        TestPeriodicWork tpw = new TestPeriodicWork();
+
+        int size = PeriodicWork.all().size();
+        ExtensionList.lookup(PeriodicWork.class).add(tpw);
+
+        assertThat("we have one new PeriodicWork", PeriodicWork.all(), hasSize(size+1));
+        assertThat("The task was not run within 15 seconds",tpw.doneSignal.await(15, TimeUnit.SECONDS), is(true));
+    }
+
+    private static class TestPeriodicWork extends PeriodicWork {
+
+        CountDownLatch doneSignal = new CountDownLatch(1);
+
+        @Override
+        public long getRecurrencePeriod() {
+            // should make this only ever run once initially for testing.
+            return Long.MAX_VALUE;
+        }
+
+        @Override
+        public long getInitialDelay() {
+            // Don't delay just run it!
+            return 0L;
+        }
+
+        @Override
+        protected void doRun() throws Exception {
+            doneSignal.countDown();
+        }
+    }
+}
\ No newline at end of file
-- 
GitLab


From 6c5f13af3fedb2423c7a3186ba6aad1b6d1f991d Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 15 Jun 2018 00:25:23 +0200
Subject: [PATCH 522/863] Update Winstone to 4.4 in order to pick Jetty 9.4.11

---
 war/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/war/pom.xml b/war/pom.xml
index a1c65f0bbc..a34321a927 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -89,7 +89,7 @@ THE SOFTWARE.
       -->
       <groupId>org.jenkins-ci</groupId>
       <artifactId>winstone</artifactId>
-      <version>4.3</version>
+      <version>4.4</version>
       <scope>test</scope>
     </dependency>
     <dependency>
-- 
GitLab


From e6403b980a078570d97a90374198675f6fb6fdfb Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 15 Jun 2018 00:41:37 +0200
Subject: [PATCH 523/863] Annotate the StreamTaskListener implementation

---
 .../java/hudson/util/StreamTaskListener.java  | 21 ++++++++++++-------
 1 file changed, 13 insertions(+), 8 deletions(-)

diff --git a/core/src/main/java/hudson/util/StreamTaskListener.java b/core/src/main/java/hudson/util/StreamTaskListener.java
index bd2b6dc87e..c6b0f70b97 100644
--- a/core/src/main/java/hudson/util/StreamTaskListener.java
+++ b/core/src/main/java/hudson/util/StreamTaskListener.java
@@ -44,6 +44,9 @@ import java.util.logging.Level;
 import java.util.logging.Logger;
 import org.kohsuke.stapler.framework.io.WriterOutputStream;
 
+import javax.annotation.CheckForNull;
+import javax.annotation.Nonnull;
+
 // TODO: AbstractTaskListener is empty now, but there are dependencies on that e.g. Ruby Runtime - JENKINS-48116)
 // The change needs API deprecation policy or external usages cleanup.
 
@@ -56,7 +59,9 @@ import org.kohsuke.stapler.framework.io.WriterOutputStream;
  * @author Kohsuke Kawaguchi
  */
 public class StreamTaskListener extends AbstractTaskListener implements TaskListener, Closeable {
+    @Nonnull
     private PrintStream out;
+    @CheckForNull
     private Charset charset;
 
     /**
@@ -66,15 +71,15 @@ public class StreamTaskListener extends AbstractTaskListener implements TaskList
      *      or use {@link #fromStdout()} or {@link #fromStderr()}.
      */
     @Deprecated
-    public StreamTaskListener(PrintStream out) {
+    public StreamTaskListener(@Nonnull PrintStream out) {
         this(out,null);
     }
 
-    public StreamTaskListener(OutputStream out) {
+    public StreamTaskListener(@Nonnull OutputStream out) {
         this(out,null);
     }
 
-    public StreamTaskListener(OutputStream out, Charset charset) {
+    public StreamTaskListener(@Nonnull OutputStream out, @CheckForNull Charset charset) {
         try {
             if (charset == null)
                 this.out = (out instanceof PrintStream) ? (PrintStream)out : new PrintStream(out, false);
@@ -87,18 +92,18 @@ public class StreamTaskListener extends AbstractTaskListener implements TaskList
         }
     }
 
-    public StreamTaskListener(File out) throws IOException {
+    public StreamTaskListener(@Nonnull File out) throws IOException {
         this(out,null);
     }
 
-    public StreamTaskListener(File out, Charset charset) throws IOException {
+    public StreamTaskListener(@Nonnull File out, @CheckForNull Charset charset) throws IOException {
         // don't do buffering so that what's written to the listener
         // gets reflected to the file immediately, which can then be
         // served to the browser immediately
         this(Files.newOutputStream(asPath(out)), charset);
     }
 
-    private static Path asPath(File out) throws IOException {
+    private static Path asPath(@Nonnull File out) throws IOException {
         try {
             return out.toPath();
         } catch (InvalidPathException e) {
@@ -115,7 +120,7 @@ public class StreamTaskListener extends AbstractTaskListener implements TaskList
      * @throws IOException if the file could not be opened.
      * @since 1.651
      */
-    public StreamTaskListener(File out, boolean append, Charset charset) throws IOException {
+    public StreamTaskListener(@Nonnull File out, boolean append, @CheckForNull Charset charset) throws IOException {
         // don't do buffering so that what's written to the listener
         // gets reflected to the file immediately, which can then be
         // served to the browser immediately
@@ -127,7 +132,7 @@ public class StreamTaskListener extends AbstractTaskListener implements TaskList
         );
     }
 
-    public StreamTaskListener(Writer w) throws IOException {
+    public StreamTaskListener(@Nonnull Writer w) throws IOException {
         this(new WriterOutputStream(w));
     }
 
-- 
GitLab


From fef59606a8c25a4c66f6f31338f0a8c431abb36f Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 15 Jun 2018 00:56:51 +0200
Subject: [PATCH 524/863] [JENKINS-51955] - Prevent NPE in
 SlaveComputer#setChannel(Channel,OutputStream launchLog,Channel.Listener,)
 when null launchLog is passed from API

---
 core/src/main/java/hudson/slaves/SlaveComputer.java | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/hudson/slaves/SlaveComputer.java b/core/src/main/java/hudson/slaves/SlaveComputer.java
index 7dea6b1667..735dc5b5a5 100644
--- a/core/src/main/java/hudson/slaves/SlaveComputer.java
+++ b/core/src/main/java/hudson/slaves/SlaveComputer.java
@@ -578,14 +578,18 @@ public class SlaveComputer extends Computer {
 
     /**
      * Sets up the connection through an existing channel.
-     * @param channel the channel to use; <strong>warning:</strong> callers are expected to have called {@link ChannelConfigurator} already
+     * @param channel the channel to use; <strong>warning:</strong> callers are expected to have called {@link ChannelConfigurator} already.
+     * @param launchLog Launch log. If not {@code null}, will receive launch log messages
+     * @param listener Channel event listener to be attached (if not {@code null})
      * @since 1.444
      */
-    public void setChannel(Channel channel, OutputStream launchLog, Channel.Listener listener) throws IOException, InterruptedException {
+    public void setChannel(@Nonnull Channel channel,
+                           @CheckForNull OutputStream launchLog,
+                           @CheckForNull Channel.Listener listener) throws IOException, InterruptedException {
         if(this.channel!=null)
             throw new IllegalStateException("Already connected");
 
-        final TaskListener taskListener = new StreamTaskListener(launchLog);
+        final TaskListener taskListener = launchLog != null ? new StreamTaskListener(launchLog) : TaskListener.NULL;
         PrintStream log = taskListener.getLogger();
 
         channel.setProperty(SlaveComputer.class, this);
-- 
GitLab


From 198c73120a6303d448ec73dde52a5d62c213882b Mon Sep 17 00:00:00 2001
From: James Nord <jnord+github@cloudbees.com>
Date: Fri, 15 Jun 2018 11:21:36 +0100
Subject: [PATCH 525/863] [JENKINS-28683] method should be private

---
 core/src/main/java/hudson/model/AperiodicWork.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/model/AperiodicWork.java b/core/src/main/java/hudson/model/AperiodicWork.java
index 1a2cf155b0..3c5385c077 100644
--- a/core/src/main/java/hudson/model/AperiodicWork.java
+++ b/core/src/main/java/hudson/model/AperiodicWork.java
@@ -102,7 +102,7 @@ public abstract class AperiodicWork extends SafeTimerTask implements ExtensionPo
         }
     }
 
-    public static void scheduleAperiodWork(AperiodicWork ap) {
+    private static void scheduleAperiodWork(AperiodicWork ap) {
         Timer.get().schedule(ap, ap.getInitialDelay(), TimeUnit.MILLISECONDS);
     }
 
-- 
GitLab


From 89d9c21e44f8d4eebb183f676badf5f242ab6ea8 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 15 Jun 2018 16:30:42 +0200
Subject: [PATCH 526/863] [JENKINS-51971] - Defaults to the null charset

---
 core/src/main/java/hudson/util/StreamTaskListener.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/util/StreamTaskListener.java b/core/src/main/java/hudson/util/StreamTaskListener.java
index c6b0f70b97..b2b2e4fd62 100644
--- a/core/src/main/java/hudson/util/StreamTaskListener.java
+++ b/core/src/main/java/hudson/util/StreamTaskListener.java
@@ -160,7 +160,7 @@ public class StreamTaskListener extends AbstractTaskListener implements TaskList
 
     @Override
     public Charset getCharset() {
-        return charset;
+        return charset != null ? charset : Charset.defaultCharset();
     }
 
     private void writeObject(ObjectOutputStream out) throws IOException {
-- 
GitLab


From a372afff946a83bb38efb0aad110142a69407297 Mon Sep 17 00:00:00 2001
From: Vincent Latombe <vincent@latombe.net>
Date: Sun, 17 Jun 2018 14:56:52 +0200
Subject: [PATCH 527/863] [JENKINS-48480] Switch deprecated protocols to
 opt-in. (#3188)

* [JENKINS-48480] Switch deprecated protocols to opt-in.

They no longer need to be removed by setup wizard since they won't be
enabled in the first place.

* [JENKINS-48480] Fix tests

* [JENKINS-48480] Remove useless calls to CLI.get().setEnabled(true)

It is already enabled.

* [JENKINS-48480] Bump remoting.minimum.supported.version to 3.4
---
 .../src/main/java/hudson/cli/CliProtocol.java | 12 +-------
 .../main/java/hudson/cli/CliProtocol2.java    |  2 +-
 .../java/jenkins/install/SetupWizard.java     |  7 -----
 .../slaves/JnlpSlaveAgentProtocol.java        | 12 +-------
 .../slaves/JnlpSlaveAgentProtocol2.java       |  2 +-
 .../slaves/JnlpSlaveAgentProtocol3.java       | 29 ++-----------------
 pom.xml                                       |  2 +-
 .../test/java/hudson/cli/CLIActionTest.java   | 13 +++++++++
 .../cli/ClientAuthenticationCacheTest.java    | 13 +++++++++
 .../security/CliAuthenticationTest.java       | 11 +++++++
 10 files changed, 44 insertions(+), 59 deletions(-)

diff --git a/core/src/main/java/hudson/cli/CliProtocol.java b/core/src/main/java/hudson/cli/CliProtocol.java
index 58b5c95a64..30e18b9cb0 100644
--- a/core/src/main/java/hudson/cli/CliProtocol.java
+++ b/core/src/main/java/hudson/cli/CliProtocol.java
@@ -39,7 +39,7 @@ public class CliProtocol extends AgentProtocol {
      */
     @Override
     public boolean isOptIn() {
-        return OPT_IN;
+        return true;
     }
 
     @Override
@@ -109,14 +109,4 @@ public class CliProtocol extends AgentProtocol {
             channel.join();
         }
     }
-
-    /**
-     * A/B test turning off this protocol by default.
-     */
-    private static final boolean OPT_IN;
-
-    static {
-        byte hash = Util.fromHexString(Jenkins.getInstance().getLegacyInstanceId())[0];
-        OPT_IN = (hash % 10) == 0;
-    }
 }
diff --git a/core/src/main/java/hudson/cli/CliProtocol2.java b/core/src/main/java/hudson/cli/CliProtocol2.java
index 9fca4055fb..6e181714bb 100644
--- a/core/src/main/java/hudson/cli/CliProtocol2.java
+++ b/core/src/main/java/hudson/cli/CliProtocol2.java
@@ -35,7 +35,7 @@ public class CliProtocol2 extends CliProtocol {
      */
     @Override
     public boolean isOptIn() {
-        return false;
+        return true;
     }
 
     @Override
diff --git a/core/src/main/java/jenkins/install/SetupWizard.java b/core/src/main/java/jenkins/install/SetupWizard.java
index b9cd417e83..3ae5a0ea24 100644
--- a/core/src/main/java/jenkins/install/SetupWizard.java
+++ b/core/src/main/java/jenkins/install/SetupWizard.java
@@ -133,13 +133,6 @@ public class SetupWizard extends PageDecorator {
 
                     // Disable CLI over Remoting
                     CLI.get().setEnabled(false);
-
-                    // Disable old Non-Encrypted protocols ()
-                    HashSet<String> newProtocols = new HashSet<>(jenkins.getAgentProtocols());
-                    newProtocols.removeAll(Arrays.asList(
-                            "JNLP2-connect", "JNLP-connect", "CLI-connect"   
-                    ));
-                    jenkins.setAgentProtocols(newProtocols);
                     
                     // require a crumb issuer
                     jenkins.setCrumbIssuer(new DefaultCrumbIssuer(SystemProperties.getBoolean(Jenkins.class.getName() + ".crumbIssuerProxyCompatibility",false)));
diff --git a/core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol.java b/core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol.java
index 6c33950690..e502567e0d 100644
--- a/core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol.java
+++ b/core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol.java
@@ -76,7 +76,7 @@ public class JnlpSlaveAgentProtocol extends AgentProtocol {
      */
     @Override
     public boolean isOptIn() {
-        return OPT_IN;
+        return true;
     }
 
     @Override
@@ -104,14 +104,4 @@ public class JnlpSlaveAgentProtocol extends AgentProtocol {
                 ExtensionList.lookup(JnlpAgentReceiver.class));
     }
 
-
-    /**
-     * A/B test turning off this protocol by default.
-     */
-    private static final boolean OPT_IN;
-
-    static {
-        byte hash = Util.fromHexString(Jenkins.getInstance().getLegacyInstanceId())[0];
-        OPT_IN = (hash % 10) == 0;
-    }
 }
diff --git a/core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol2.java b/core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol2.java
index 24aca6696f..1c19f85a94 100644
--- a/core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol2.java
+++ b/core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol2.java
@@ -50,7 +50,7 @@ public class JnlpSlaveAgentProtocol2 extends AgentProtocol {
      */
     @Override
     public boolean isOptIn() {
-        return false;
+        return true;
     }
 
     @Override
diff --git a/core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol3.java b/core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol3.java
index d216f628dd..dac6230466 100644
--- a/core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol3.java
+++ b/core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol3.java
@@ -48,15 +48,12 @@ public class JnlpSlaveAgentProtocol3 extends AgentProtocol {
      */
     @Override
     public boolean isOptIn() {
-        return !ENABLED;
+        return true ;
     }
 
     @Override
     public String getName() {
-        // we only want to force the protocol off for users that have explicitly banned it via system property
-        // everyone on the A/B test will just have the opt-in flag toggled
-        // TODO strip all this out and hardcode OptIn==TRUE once JENKINS-36871 is merged
-        return forceEnabled != Boolean.FALSE ? handler.getName() : null;
+        return handler.isEnabled() ? handler.getName() : null;
     }
 
     /**
@@ -79,26 +76,4 @@ public class JnlpSlaveAgentProtocol3 extends AgentProtocol {
                 ExtensionList.lookup(JnlpAgentReceiver.class));
     }
 
-    /**
-     * Flag to control the activation of JNLP3 protocol.
-     *
-     * <p>
-     * Once this will be on by default, the flag and this field will disappear. The system property is
-     * an escape hatch for those who hit any issues and those who are trying this out.
-     */
-    @Restricted(NoExternalUse.class)
-    @SuppressFBWarnings(value = "MS_SHOULD_BE_REFACTORED_TO_BE_FINAL",
-            justification = "Part of the administrative API for System Groovy scripts.")
-    public static boolean ENABLED;
-    private static final Boolean forceEnabled;
-
-    static {
-        forceEnabled = SystemProperties.optBoolean(JnlpSlaveAgentProtocol3.class.getName() + ".enabled");
-        if (forceEnabled != null) {
-            ENABLED = forceEnabled;
-        } else {
-            byte hash = Util.fromHexString(Jenkins.getActiveInstance().getLegacyInstanceId())[0];
-            ENABLED = (hash % 10) == 0;
-        }
-    }
 }
diff --git a/pom.xml b/pom.xml
index 74ae09f865..89285ac1c6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -108,7 +108,7 @@ THE SOFTWARE.
     <!-- Bundled Remoting version -->
     <remoting.version>3.21</remoting.version>
     <!-- Minimum Remoting version, which is tested for API compatibility -->
-    <remoting.minimum.supported.version>2.60</remoting.minimum.supported.version>
+    <remoting.minimum.supported.version>3.4</remoting.minimum.supported.version>
 
     <!-- TODO: JENKINS-36716 - Switch to Medium once FindBugs is cleaned up, 430 issues on Mar 10, 2018 -->
     <findbugs.effort>Max</findbugs.effort>
diff --git a/test/src/test/java/hudson/cli/CLIActionTest.java b/test/src/test/java/hudson/cli/CLIActionTest.java
index 27408b5e48..ebab5d103d 100644
--- a/test/src/test/java/hudson/cli/CLIActionTest.java
+++ b/test/src/test/java/hudson/cli/CLIActionTest.java
@@ -1,6 +1,8 @@
 package hudson.cli;
 
 import com.google.common.collect.Lists;
+
+import hudson.ExtensionList;
 import hudson.Functions;
 import hudson.Launcher;
 import hudson.Proc;
@@ -22,7 +24,9 @@ import java.net.HttpURLConnection;
 import java.net.URL;
 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.HashSet;
 import java.util.List;
+import java.util.Set;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Executors;
 import java.util.concurrent.TimeUnit;
@@ -36,6 +40,8 @@ import org.apache.commons.io.output.TeeOutputStream;
 import org.codehaus.groovy.runtime.Security218;
 import static org.hamcrest.Matchers.containsString;
 import static org.junit.Assert.*;
+
+import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.TemporaryFolder;
@@ -62,6 +68,13 @@ public class CLIActionTest {
 
     private ExecutorService pool;
 
+    @Before
+    public void setUp() {
+        Set<String> agentProtocols = new HashSet<>(j.jenkins.getAgentProtocols());
+        agentProtocols.add(ExtensionList.lookupSingleton(CliProtocol2.class).getName());
+        j.jenkins.setAgentProtocols(agentProtocols);
+    }
+
     /**
      * Makes sure that the /cli endpoint is functioning.
      */
diff --git a/test/src/test/java/hudson/cli/ClientAuthenticationCacheTest.java b/test/src/test/java/hudson/cli/ClientAuthenticationCacheTest.java
index 6194485ab6..077e531468 100644
--- a/test/src/test/java/hudson/cli/ClientAuthenticationCacheTest.java
+++ b/test/src/test/java/hudson/cli/ClientAuthenticationCacheTest.java
@@ -25,6 +25,8 @@
 package hudson.cli;
 
 import com.google.common.collect.Lists;
+
+import hudson.ExtensionList;
 import hudson.Launcher;
 import hudson.security.FullControlOnceLoggedInAuthorizationStrategy;
 import hudson.util.Secret;
@@ -32,13 +34,17 @@ import hudson.util.StreamTaskListener;
 import java.io.ByteArrayOutputStream;
 import java.io.File;
 import java.util.Arrays;
+import java.util.HashSet;
 import java.util.List;
+import java.util.Set;
 import java.util.logging.Level;
 import javax.annotation.CheckForNull;
 import jenkins.model.JenkinsLocationConfiguration;
 import org.apache.commons.io.FileUtils;
 import org.apache.commons.io.output.TeeOutputStream;
 import static org.hamcrest.Matchers.containsString;
+
+import org.junit.Before;
 import org.junit.Test;
 import static org.junit.Assert.*;
 import org.junit.Ignore;
@@ -59,6 +65,13 @@ public class ClientAuthenticationCacheTest {
     @Rule
     public LoggerRule logging = new LoggerRule().record(ClientAuthenticationCache.class, Level.FINER);
 
+    @Before
+    public void setUp() {
+        Set<String> agentProtocols = new HashSet<>(r.jenkins.getAgentProtocols());
+        agentProtocols.add(ExtensionList.lookupSingleton(CliProtocol2.class).getName());
+        r.jenkins.setAgentProtocols(agentProtocols);
+    }
+
     @Issue("SECURITY-466")
     @Test
     public void login() throws Exception {
diff --git a/test/src/test/java/hudson/security/CliAuthenticationTest.java b/test/src/test/java/hudson/security/CliAuthenticationTest.java
index c02d085586..acd795374a 100644
--- a/test/src/test/java/hudson/security/CliAuthenticationTest.java
+++ b/test/src/test/java/hudson/security/CliAuthenticationTest.java
@@ -1,8 +1,10 @@
 package hudson.security;
 
+import hudson.ExtensionList;
 import hudson.ExtensionList;
 import hudson.cli.CLI;
 import hudson.cli.CLICommand;
+import hudson.cli.CliProtocol2;
 import jenkins.model.Jenkins;
 import jenkins.security.SecurityListener;
 import jenkins.security.SpySecurityListener;
@@ -26,6 +28,8 @@ import org.springframework.dao.DataAccessException;
 
 import java.io.ByteArrayOutputStream;
 import java.util.Arrays;
+import java.util.HashSet;
+import java.util.Set;
 
 import static org.junit.Assert.*;
 
@@ -46,6 +50,13 @@ public class CliAuthenticationTest {
         this.spySecurityListener = ExtensionList.lookup(SecurityListener.class).get(SpySecurityListenerImpl.class);
     }
 
+    @Before
+    public void setUp() {
+        Set<String> agentProtocols = new HashSet<>(j.jenkins.getAgentProtocols());
+        agentProtocols.add(ExtensionList.lookupSingleton(CliProtocol2.class).getName());
+       j.jenkins.setAgentProtocols(agentProtocols);
+    }
+
     @Test
     public void test() throws Exception {
         // dummy security realm that authenticates when username==password
-- 
GitLab


From 90670e05c17b34270cda9436eaf877cc72a341ec Mon Sep 17 00:00:00 2001
From: Thorsten Scherler <tscherler@cloudbees.com>
Date: Sun, 17 Jun 2018 18:02:37 +0200
Subject: [PATCH 528/863] [JENKINS-50447] New design and slim down of login
 page (#3380)

* [JENKINS-50447] New design and slim down of login page

The change will provide a new designed login page that is using no external deps to prevent any possible malvious javascript.
We still allow the user to use the legacy login page, which has not changed the behaviour.

[JENKINS-50447] Implement error case and use final svg jenkins logo

[JENKINS-50447] remove mock up logo

[JENKINS-50447] Fix feet back from jlong

[JENKINS-50447_squash] Use theme css which only contains values to be overriden. Drop ie js since with the theme css it is not needed anymore

* [JENKINS-50447_squash] Fix expression to evaluate when to show an error and when to simply redirect

* eslint - formating changes and fix offences

* [JENKINS-50447_squash] Use system property to controll whether or not to use the legacy login

* [JENKINS-50447_squash] prevent that the jsessionId appears in the url which should fix most tests

* [JENKINS-50447_squash] Fix cli test by adding pageDecorators magic from layout.jelly

* [JENKINS-50447_squash] remove pageDecorators because they assume existence of js that we do not have

* [JENKINS-50447] New design and slim down of login page

The change will provide a new designed login page that is using no external deps to prevent any possible malvious javascript.
We still allow the user to use the legacy login page, which has not changed the behaviour.

[JENKINS-50447] Implement error case and use final svg jenkins logo

[JENKINS-50447] remove mock up logo

[JENKINS-50447] Fix feet back from jlong

[JENKINS-50447_squash] Use theme css which only contains values to be overriden. Drop ie js since with the theme css it is not needed anymore

[JENKINS-50447_squash] Fix expression to evaluate when to show an error and when to simply redirect

eslint - formating changes and fix offences

[JENKINS-50447_squash] Use system property to controll whether or not to use the legacy login

[JENKINS-50447_squash] prevent that the jsessionId appears in the url which should fix most tests

[JENKINS-50447_squash] Fix cli test by adding pageDecorators magic from layout.jelly

[JENKINS-50447_squash] remove pageDecorators because they assume existence of js that we do not have

[JENKINS-50447_squash] make login page extensible with pagedecorators

[JENKINS-50447_squash] drop legacy support

* Make theme customisable by using a magic package for css and header. Limiting the implemetation of those to one.

* [JENKINS-50447_squash] Creating a specific decorator for login which only returns one instance

* [JENKINS-50447_squash] using rounded corner

* JENKINS-50447 remove legacy code

* [JENKINS-50447_squash] Fix comments from @amuniz about javadoc and uniqueness of css for login

* [JENKINS-50447_squash] Fix click on label span to toggle the select of the checkbox

* [JENKINS-50447_squash] fix comments from @daniel-beck

* [JENKINS-50447_squash] Fix license headers

* [JENKINS-50447_squash] Implement loading/restarting and signup with same design

* [JENKINS-50447_squash] Implement the loading/restarting view and signup with same design as the login page

* [JENKINS-50447_squash] Remove limitation that only one validation error can be shown at a time

* [JENKINS-50447_squash] implement password strength checker

* [JENKINS-50447_squash] Fix different comments from @daniel-beck regarding titles. Further enhanced spacing of label and input

* [JENKINS-50447_squash] Fix restart screen css. Fix comments regarding signup page.

* [JENKINS-50447_squash] fix tabindex flow

* harmonize design
- of checkboxes using jdl styles.
- distance of headers

* [JENKINS-50447] Fix comments from @daniel-beck
- fix some accessibility issues
-- html has now a lang tag
-- define main region
- fix missplaced }
- fix when server down for real that we still show the loading page

* [JENKINS-50447_squash] should never ended up here
---
 core/src/main/java/hudson/Functions.java      |  12 +-
 .../security/HudsonPrivateSecurityRealm.java  |  66 +++--
 .../model/DefaultSimplePageDecorator.java     |  36 +++
 .../jenkins/model/SimplePageDecorator.java    |  72 +++++
 .../HudsonPrivateSecurityRealm/signup.jelly   | 273 +++++++++++++++++-
 .../hudson/util/HudsonIsLoading/index.jelly   |  53 ++--
 .../util/HudsonIsRestarting/index.jelly       |  55 ++--
 .../simple-head.jelly                         |  29 ++
 .../simple-header.jelly                       |  30 ++
 .../jenkins/model/Jenkins/login.jelly         | 180 ++++++++----
 .../jenkins/model/Jenkins/login.properties    |   4 +-
 .../jenkins/model/Jenkins/loginError.jelly    |  25 +-
 war/src/main/webapp/css/loading.css           |  86 ++++++
 war/src/main/webapp/css/signup.css            |  56 ++++
 war/src/main/webapp/css/simple-page-forms.css |  79 +++++
 war/src/main/webapp/css/simple-page.css       | 135 +++++++++
 war/src/main/webapp/css/simple-page.theme.css |  66 +++++
 war/src/main/webapp/images/jenkins.svg        |   1 +
 war/src/main/webapp/scripts/loading.js        |  60 ++++
 19 files changed, 1175 insertions(+), 143 deletions(-)
 create mode 100644 core/src/main/java/jenkins/model/DefaultSimplePageDecorator.java
 create mode 100644 core/src/main/java/jenkins/model/SimplePageDecorator.java
 create mode 100644 core/src/main/resources/jenkins/model/DefaultSimplePageDecorator/simple-head.jelly
 create mode 100644 core/src/main/resources/jenkins/model/DefaultSimplePageDecorator/simple-header.jelly
 create mode 100644 war/src/main/webapp/css/loading.css
 create mode 100644 war/src/main/webapp/css/signup.css
 create mode 100644 war/src/main/webapp/css/simple-page-forms.css
 create mode 100644 war/src/main/webapp/css/simple-page.css
 create mode 100644 war/src/main/webapp/css/simple-page.theme.css
 create mode 100644 war/src/main/webapp/images/jenkins.svg
 create mode 100644 war/src/main/webapp/scripts/loading.js

diff --git a/core/src/main/java/hudson/Functions.java b/core/src/main/java/hudson/Functions.java
index d416b61095..9a0b27ce90 100644
--- a/core/src/main/java/hudson/Functions.java
+++ b/core/src/main/java/hudson/Functions.java
@@ -47,6 +47,7 @@ import hudson.model.JobPropertyDescriptor;
 import hudson.model.ModelObject;
 import hudson.model.Node;
 import hudson.model.PageDecorator;
+import jenkins.model.SimplePageDecorator;
 import hudson.model.PaneStatusProperties;
 import hudson.model.ParameterDefinition;
 import hudson.model.ParameterDefinition.ParameterDescriptor;
@@ -133,8 +134,6 @@ import jenkins.model.Jenkins;
 import jenkins.model.ModelObjectWithChildren;
 import jenkins.model.ModelObjectWithContextMenu;
 
-import org.acegisecurity.Authentication;
-import org.acegisecurity.providers.anonymous.AnonymousAuthenticationToken;
 import org.apache.commons.jelly.JellyContext;
 import org.apache.commons.jelly.JellyTagException;
 import org.apache.commons.jelly.Script;
@@ -1772,7 +1771,14 @@ public class Functions {
         if(Jenkins.getInstanceOrNull()==null)  return Collections.emptyList();
         return PageDecorator.all();
     }
-    
+    /**
+     * Gets only one {@link SimplePageDecorator}.
+     * @since FIXME
+     */
+    public static SimplePageDecorator getSimplePageDecorator() {
+        return SimplePageDecorator.first();
+    }
+
     public static List<Descriptor<Cloud>> getCloudDescriptors() {
         return Cloud.all();
     }
diff --git a/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java b/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
index 389517c577..cf6c94e085 100644
--- a/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
+++ b/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
@@ -78,11 +78,7 @@ import static javax.servlet.http.HttpServletResponse.SC_UNAUTHORIZED;
 import java.io.IOException;
 import java.lang.reflect.Constructor;
 import java.security.SecureRandom;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-import java.util.MissingResourceException;
-import java.util.ResourceBundle;
+import java.util.*;
 import java.util.logging.Logger;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
@@ -312,13 +308,22 @@ public class HudsonPrivateSecurityRealm extends AbstractPasswordBasedSecurityRea
     public User createAccountFromSetupWizard(StaplerRequest req) throws IOException, AccountCreationFailedException {
         checkPermission(Jenkins.ADMINISTER);
         SignupInfo si = validateAccountCreationForm(req, false);
-        if (si.errorMessage != null) {
-            throw new AccountCreationFailedException(si.errorMessage);
+        if (!si.errors.isEmpty()) {
+            String messages = getErrorMessages(si);
+            throw new AccountCreationFailedException(messages);
         } else {
             return createAccount(si);
         }
     }
 
+    private String getErrorMessages(SignupInfo si) {
+        StringBuilder messages = new StringBuilder();
+        for (String message : si.errors.values()) {
+            messages.append(message).append(" | ");
+        }
+        return messages.toString();
+    }
+
     /**
      * Creates a first admin user account.
      *
@@ -363,7 +368,7 @@ public class HudsonPrivateSecurityRealm extends AbstractPasswordBasedSecurityRea
     private User createAccount(StaplerRequest req, StaplerResponse rsp, boolean validateCaptcha, String formView) throws ServletException, IOException {
         SignupInfo si = validateAccountCreationForm(req, validateCaptcha);
 
-        if (si.errorMessage != null) {
+        if (!si.errors.isEmpty()) {
             // failed. ask the user to try again.
             req.getView(this, formView).forward(req, rsp);
             return null;
@@ -377,7 +382,7 @@ public class HudsonPrivateSecurityRealm extends AbstractPasswordBasedSecurityRea
      * @param validateCaptcha  whether to attempt to validate a captcha in the request
      *
      * @return a {@link SignupInfo#SignupInfo(StaplerRequest) SignupInfo from given request}, with {@link
-     * SignupInfo#errorMessage} set to a non-null value if any of the supported fields are invalid
+     * SignupInfo#errors} set to a non-null value if any of the supported fields are invalid
      */
     private SignupInfo validateAccountCreationForm(StaplerRequest req, boolean validateCaptcha) {
         // form field validation
@@ -385,24 +390,16 @@ public class HudsonPrivateSecurityRealm extends AbstractPasswordBasedSecurityRea
         SignupInfo si = new SignupInfo(req);
 
         if (validateCaptcha && !validateCaptcha(si.captcha)) {
-            si.errorMessage = Messages.HudsonPrivateSecurityRealm_CreateAccount_TextNotMatchWordInImage();
-        }
-
-        if (si.password1 != null && !si.password1.equals(si.password2)) {
-            si.errorMessage = Messages.HudsonPrivateSecurityRealm_CreateAccount_PasswordNotMatch();
-        }
-
-        if (!(si.password1 != null && si.password1.length() != 0)) {
-            si.errorMessage = Messages.HudsonPrivateSecurityRealm_CreateAccount_PasswordRequired();
+            si.errors.put("captcha", Messages.HudsonPrivateSecurityRealm_CreateAccount_TextNotMatchWordInImage());
         }
 
         if (si.username == null || si.username.length() == 0) {
-            si.errorMessage = Messages.HudsonPrivateSecurityRealm_CreateAccount_UserNameRequired();
+            si.errors.put("username", Messages.HudsonPrivateSecurityRealm_CreateAccount_UserNameRequired());
         } else if(!containsOnlyAcceptableCharacters(si.username)) {
             if (ID_REGEX == null) {
-                si.errorMessage = Messages.HudsonPrivateSecurityRealm_CreateAccount_UserNameInvalidCharacters();
+                si.errors.put("username", Messages.HudsonPrivateSecurityRealm_CreateAccount_UserNameInvalidCharacters());
             } else {
-                si.errorMessage = Messages.HudsonPrivateSecurityRealm_CreateAccount_UserNameInvalidCharactersCustom(ID_REGEX);
+                si.errors.put("username", Messages.HudsonPrivateSecurityRealm_CreateAccount_UserNameInvalidCharactersCustom(ID_REGEX));
             }
         } else {
             // do not create the user - we just want to check if the user already exists but is not a "login" user.
@@ -410,7 +407,15 @@ public class HudsonPrivateSecurityRealm extends AbstractPasswordBasedSecurityRea
             if (null != user)
                 // Allow sign up. SCM people has no such property.
                 if (user.getProperty(Details.class) != null)
-                    si.errorMessage = Messages.HudsonPrivateSecurityRealm_CreateAccount_UserNameAlreadyTaken();
+                    si.errors.put("username", Messages.HudsonPrivateSecurityRealm_CreateAccount_UserNameAlreadyTaken());
+        }
+
+        if (si.password1 != null && !si.password1.equals(si.password2)) {
+            si.errors.put("password1", Messages.HudsonPrivateSecurityRealm_CreateAccount_PasswordNotMatch());
+        }
+
+        if (!(si.password1 != null && si.password1.length() != 0)) {
+            si.errors.put("password1", Messages.HudsonPrivateSecurityRealm_CreateAccount_PasswordRequired());
         }
 
         if (si.fullname == null || si.fullname.length() == 0) {
@@ -418,31 +423,32 @@ public class HudsonPrivateSecurityRealm extends AbstractPasswordBasedSecurityRea
         }
 
         if (isMailerPluginPresent() && (si.email == null || !si.email.contains("@"))) {
-            si.errorMessage = Messages.HudsonPrivateSecurityRealm_CreateAccount_InvalidEmailAddress();
+            si.errors.put("email", Messages.HudsonPrivateSecurityRealm_CreateAccount_InvalidEmailAddress());
         }
 
         if (!User.isIdOrFullnameAllowed(si.username)) {
-            si.errorMessage = hudson.model.Messages.User_IllegalUsername(si.username);
+            si.errors.put("username", hudson.model.Messages.User_IllegalUsername(si.username));
         }
 
         if (!User.isIdOrFullnameAllowed(si.fullname)) {
-            si.errorMessage = hudson.model.Messages.User_IllegalFullname(si.fullname);
+            si.errors.put("fullname", hudson.model.Messages.User_IllegalFullname(si.fullname));
         }
         req.setAttribute("data", si); // for error messages in the view
         return si;
     }
 
     /**
-     * Creates a new account from a valid signup info. A signup info is valid if its {@link SignupInfo#errorMessage}
-     * field is null.
+     * Creates a new account from a valid signup info. A signup info is valid if its {@link SignupInfo#errors}
+     * field is empty.
      *
      * @param si the valid signup info to create an account from
      * @return a valid {@link User} object created from given signup info
      * @throws IllegalArgumentException if an invalid signup info is passed
      */
     private User createAccount(SignupInfo si) throws IOException {
-        if (si.errorMessage != null) {
-            throw new IllegalArgumentException("invalid signup info passed to createAccount(si): " + si.errorMessage);
+        if (!si.errors.isEmpty()) {
+            String messages = getErrorMessages(si);
+            throw new IllegalArgumentException("invalid signup info passed to createAccount(si): " + messages);
         }
         // register the user
         User user = createAccount(si.username, si.password1);
@@ -541,6 +547,8 @@ public class HudsonPrivateSecurityRealm extends AbstractPasswordBasedSecurityRea
          */
         public String errorMessage;
 
+        public HashMap<String, String> errors = new HashMap<String, String>();
+
         public SignupInfo() {
         }
 
diff --git a/core/src/main/java/jenkins/model/DefaultSimplePageDecorator.java b/core/src/main/java/jenkins/model/DefaultSimplePageDecorator.java
new file mode 100644
index 0000000000..6a4a9278a3
--- /dev/null
+++ b/core/src/main/java/jenkins/model/DefaultSimplePageDecorator.java
@@ -0,0 +1,36 @@
+/*
+ * The MIT License
+ *
+ * Copyright 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.model;
+
+import hudson.Extension;
+
+/**
+ * In case there are no other implementations we will fallback to this implementation.
+ *
+ * To make sure that we load this extension last (or at least very late) we use a negative ordinal.
+ * This allows custom implementation to be "first"
+ */
+@Extension(ordinal=-9999)
+public class DefaultSimplePageDecorator extends SimplePageDecorator {
+}
diff --git a/core/src/main/java/jenkins/model/SimplePageDecorator.java b/core/src/main/java/jenkins/model/SimplePageDecorator.java
new file mode 100644
index 0000000000..866fc69925
--- /dev/null
+++ b/core/src/main/java/jenkins/model/SimplePageDecorator.java
@@ -0,0 +1,72 @@
+/*
+ * The MIT License
+ *
+ * Copyright 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.model;
+
+import hudson.DescriptorExtensionList;
+import hudson.ExtensionPoint;
+import hudson.model.Describable;
+import hudson.model.Descriptor;
+/**
+ * Participates in the rendering of the login page
+ *
+ * <p>
+ * This class provides a few hooks to augment the HTML of the login page.
+ *
+ * @since TODO
+ */
+public class SimplePageDecorator extends Descriptor<SimplePageDecorator> implements ExtensionPoint, Describable<SimplePageDecorator> {
+
+    protected SimplePageDecorator()  {
+        super(self());
+    }
+
+    @Override
+    public final Descriptor<SimplePageDecorator> getDescriptor() {
+        return this;
+    }
+    /**
+     * Obtains the URL of this object, excluding the context path.
+     *
+     * <p>
+     * Every {@link SimplePageDecorator} is bound to URL via {@link Jenkins#getDescriptor()}.
+     * This method returns such an URL.
+     */
+    public final String getUrl() {
+        return "descriptor/"+clazz.getName();
+    }
+
+    /**
+     * The first found LoginDecarator, there can only be one.
+     * @return the first found {@link SimplePageDecorator}
+     */
+    public static SimplePageDecorator first(){
+        DescriptorExtensionList<SimplePageDecorator, SimplePageDecorator> descriptorList = Jenkins.getInstanceOrNull().<SimplePageDecorator, SimplePageDecorator>getDescriptorList(SimplePageDecorator.class);
+        if (descriptorList.size() >= 1) {
+            return descriptorList.get(0);
+        } else {
+            return null;
+        }
+    }
+
+}
diff --git a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/signup.jelly b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/signup.jelly
index f2477da1df..6312f5b8b4 100644
--- a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/signup.jelly
+++ b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/signup.jelly
@@ -26,6 +26,275 @@ THE SOFTWARE.
   User self sign up page.
 -->
 <?jelly escape-by-default='true'?>
-<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
-  <local:_entryFormPage host="${app}" title="${%Sign up}" action="createAccount" captcha="${it.isEnableCaptcha()}" xmlns:local="/hudson/security/HudsonPrivateSecurityRealm" />
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:x="jelly:xml" xmlns:f="/lib/form">
+
+    <st:setHeader name="Expires" value="0"/>
+    <st:setHeader name="Cache-Control" value="no-cache,no-store,must-revalidate"/>
+    <j:new var="h" className="hudson.Functions"/><!-- instead of JSP functions -->
+    <!-- response contentType header -->
+    <st:contentType value="text/html;charset=UTF-8"/>
+    <!--
+    needed to generate a session if non exists,
+    without it we would add ";jsessionid=" to the url which will result in a 404
+  -->
+    <j:set var="_" value="${request.getSession()}"/>
+    <!-- get default/commong page variable -->
+    ${h.initPageVariables(context)}
+    <x:doctype name="html"/>
+    <!-- in case of error we want to surround the form elements with an error hint -->
+    <j:set var="inputClass" value="${data.errorMessage!=null ? 'danger' : 'normal'}"/>
+    <j:set var="simpleDecorator" value="${h.simplePageDecorator}"/>
+    <html lang="${request.getLocale().toLanguageTag()}">
+        <head data-rooturl="${rootURL}" data-resurl="${resURL}" resURL="${resURL}">
+            <title>${%Create an account! [Jenkins]}</title>
+            <!-- we do not want bots on this page -->
+            <meta name="ROBOTS" content="NOFOLLOW"/>
+            <!-- css styling, will fallback to default implementation -->
+            <st:include it="${simpleDecorator}" page="simple-head.jelly" optional="true"/>
+            <link rel="stylesheet" href="${resURL}/css/signup.css" type="text/css"/>
+        </head>
+        <body>
+            <div class="simple-page" role="main">
+                <div class="modal signup">
+                    <div class="signupIntroDefault">
+                        <h1>${%Create an account!}</h1>
+                        <div>
+                            ${%If you already have a Jenkins account,}&#160;<a href="${rootURL}/login" tabindex="1">${%please sign in.}</a>
+                        </div>
+                    </div>
+                    <form class="signup" action="${rootURL}/securityRealm/createAccount" method="post" id="main-panel">
+                        <div class="formRow">
+                            <div class="inputHeader">
+                                <label
+                                    class="${data.errors.containsKey('username') ? 'alert' : 'normal'}"
+                                    for="username"
+                                >
+                                    ${%Username}${data.errors.containsKey('username') ? ' - ' +  data.errors.get('username') : ''}
+                                </label>
+                            </div>
+                            <input
+                                class="${data.errors.containsKey('username') ? 'danger' : 'normal'}"
+                                value="${data.username}"
+                                tabindex="2"
+                                type="text"
+                                name="username"
+                                id="username"
+                            />
+                        </div>
+                        <div class="formRow">
+                            <div class="inputHeader">
+                                <label
+                                    class="${data.errors.containsKey('fullname') ? 'alert' : 'normal'}"
+                                    for="fullname"
+                                >
+                                    ${%Full name}${data.errors.containsKey('fullname') ? ' - ' + data.errors.get('fullname') : ''}
+                                </label>
+                            </div>
+                            <input
+                                tabindex="3"
+                                class="${data.errors.containsKey('fullname') ? 'danger' : 'normal'}"
+                                value="${data.fullname}"
+                                type="text"
+                                name="fullname"
+                                id="fullname"
+                            />
+                        </div>
+                        <j:if test="${it.mailerPluginPresent}">
+                            <div class="formRow">
+                                <div class="inputHeader">
+                                    <label
+                                        class="${data.errors.containsKey('email') ? 'alert' : 'normal'}"
+                                        for="email"
+                                    >
+                                        ${%Email}${data.errors.containsKey('email') ? ' - ' +  data.errors.get('email') : ''}
+                                    </label>
+                                </div>
+                                <input
+                                    tabindex="4"
+                                    class="${data.errors.containsKey('email') ? 'danger' : 'normal'}"
+                                    value="${data.email}"
+                                    type="text"
+                                    name="email"
+                                    id="email"
+                                />
+                            </div>
+                        </j:if>
+                        <j:if test="${it.isEnableCaptcha()}">
+                            <div class="formRow">
+                                <div class="inputHeader">
+                                    <label
+                                        class="${data.errors.containsKey('captcha') ? 'alert' : 'normal'}"
+                                        for="captcha"
+                                    >${%Enter text as shown}</label>
+                                </div>
+
+                                <input
+                                    class="${data.errors.containsKey('captcha') ? 'danger' : 'normal'}"
+                                    type="text"
+                                    name="captcha"
+                                    id="captcha"
+                                    tabindex="5"
+                                    autocomplete="off"
+                                />
+                                <img src="${rootURL}/securityRealm/captcha" alt="[captcha]"/>
+                            </div>
+                        </j:if>
+                        <div class="formRow">
+                            <div class="inputHeader">
+                                <label
+                                        class="${data.errors.containsKey('password1') ? 'alert' : 'normal'}"
+                                        for="password1"
+                                >
+                                    ${%Password}${data.errors.containsKey('password1') ? ' - ' +  data.errors.get('password1') : ''}
+                                </label>
+                                <script type="text/javascript">
+                                    const togglePasswordType = function(event) {
+                                        const passwordField = document.getElementById('password1');
+                                        const showPass = document.getElementById('showPassword');
+                                        if (showPass.checked) {
+                                            passwordField.type = 'text';
+                                        } else {
+                                            passwordField.type = 'password';
+                                        }
+                                    };
+
+                                    const passwordScore = function(password) {
+                                        var score = 0;
+                                        if (!password) {
+                                            return score
+                                        }
+                                        // award every unique letter until 5 repetitions
+                                        var letters = {};
+                                        for (var i = 0; i &lt; password.length; i++) {
+                                            letters[password[i]] = (letters[password[i]] || 0) + 1
+                                            score += 5.0 / letters[password[i]]
+                                        }
+
+                                        // bonus points for mixing it up
+                                        var variations = {
+                                            digits: /\d/.test(password),
+                                            lower: /[a-z]/.test(password),
+                                            upper: /[A-Z]/.test(password),
+                                            nonWords: /\W/.test(password)
+                                        };
+
+                                        var variationCount = 0;
+                                        for (var check in variations) {
+                                            variationCount += variations[check] === true ? 1 : 0;
+                                        }
+                                        score += (variationCount - 1) * 10;
+                                        return parseInt(score);
+                                    };
+
+                                    const passwordStrength = function(score) {
+                                        if (score > 80) {
+                                            return "Strong";
+                                        }
+                                        if (score > 60) {
+                                            return "Moderate";
+                                        }
+                                        if (score >= 30) {
+                                            return "Weak";
+                                        }
+                                        return "Poor";
+                                    };
+
+                                    const passwordStrengthColor = function(score) {
+                                        if (score > 80) {
+                                            return "#3a7911"
+                                        }
+                                        if (score > 60) {
+                                            return "#c6810e"
+                                        }
+                                        if (score >= 30) {
+                                            return "#de5912"
+                                        }
+                                        return "#c4000a"
+                                    };
+
+                                    const validatePassword = function() {
+                                        const password = document.getElementById('password1');
+                                        if (password) {
+                                            const passwordStrengthWrapper =
+                                                    document.getElementById('passwordStrengthWrapper');
+                                            passwordStrengthWrapper.hidden = false;
+                                            const score = passwordScore(password.value);
+                                            const passwordStrengthIndicator = document.getElementById('passwordStrength');
+                                            passwordStrengthIndicator.innerText = passwordStrength(score);
+                                            passwordStrengthIndicator.setAttribute('style', 'color: ' +
+                                                passwordStrengthColor(score));
+                                            document.getElementById('password2').value = password.value;
+                                        }
+                                    }
+                                </script>
+                                <div class="Checkbox Checkbox-small">
+                                    <label class="Checkbox-wrapper">
+                                        <input
+                                            type="checkbox"
+                                            id="showPassword"
+                                            onClick="togglePasswordType(this)"
+                                            name="remember_me"
+                                            tabindex="7"
+                                        />
+                                        <div class="Checkbox-indicator">
+                                            <svg
+                                                xmlns="http://www.w3.org/2000/svg"
+                                                focusable="false"
+                                                width="20"
+                                                height="20"
+                                                class="svg-icon check"
+                                                viewBox="0 0 24 24">
+                                                <path d="M9 16.17L4.83 12l-1.42 1.41L9 19 21 7l-1.41-1.41z"></path>
+                                            </svg>
+                                        </div>
+                                        <div class="Checkbox-text">
+                                            ${%Show}
+                                        </div>
+                                    </label>
+                                </div>
+                            </div>
+                            <input
+                                onKeyUp="validatePassword()"
+                                class="${data.errors.containsKey('password1') ? 'danger' : 'normal'}"
+                                value="${data.password1}"
+                                type="password"
+                                tabindex="6"
+                                name="password1"
+                                id="password1"
+                            />
+                            <div id="passwordStrengthWrapper">Strength: <span id="passwordStrength">&#160;</span> </div>
+                            <script type="text/javascript">
+                                if (document.getElementById('passwordStrengthWrapper')) {
+                                    document.getElementById('passwordStrengthWrapper').hidden = true;
+                                }
+                            </script>
+
+                        </div>
+                        <div class="formRow">
+                            A strong password is a long password that's unique for every site. Try using a phrase with 5-6 words for the best security.
+                        </div>
+                        <input
+                            class="${data.errors.containsKey('password1') ? 'danger' : 'normal'}"
+                            value="${data.password2}"
+                            type="hidden"
+                            name="password2"
+                            id="password2"
+                        />
+                        <div class="submit formRow">
+                            <f:submit value="${%Create account}"/>
+                        </div>
+                        <input type="hidden" name="${h.getCrumbRequestField()}" value="${h.getCrumb(request)}"/>
+                        <j:if test="${data.errorField != null}">
+                            <script type="text/javascript">
+                                const errorField = document.getElementById('${data.errorField}');
+                                if(errorField &amp;&amp; errorField.focus) {
+                                    errorField.focus();
+                                }
+                            </script>
+                        </j:if>
+                    </form>
+                </div>
+            </div>
+        </body>
+    </html>
 </j:jelly>
diff --git a/core/src/main/resources/hudson/util/HudsonIsLoading/index.jelly b/core/src/main/resources/hudson/util/HudsonIsLoading/index.jelly
index 625be9422f..75157ee49a 100644
--- a/core/src/main/resources/hudson/util/HudsonIsLoading/index.jelly
+++ b/core/src/main/resources/hudson/util/HudsonIsLoading/index.jelly
@@ -23,22 +23,41 @@ THE SOFTWARE.
 -->
 
 <?jelly escape-by-default='true'?>
-<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form" xmlns:i="jelly:fmt">
-  <st:statusCode value="503" /><!-- SERVICE NOT AVAILABLE -->
-  <l:layout title="Jenkins">
-    <l:header>
-      <!--meta http-equiv="refresh" content="5" /-->
-    </l:header>
-    <l:side-panel />
-    <l:main-panel>
-      <h1 style="margin-top:4em">
-        ${%Please wait while Jenkins is getting ready to work}<span id="progress">...</span>
-      </h1>
-      <p style="color:gray">
-        ${%Your browser will reload automatically when Jenkins is ready.}
-      </p>
 
-      <script>applySafeRedirector(window.location.href)</script>
-    </l:main-panel>
-  </l:layout>
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:x="jelly:xml" xmlns:f="/lib/form">
+
+    <st:statusCode value="503"/><!-- SERVICE NOT AVAILABLE -->
+    <st:setHeader name="Expires" value="0"/>
+    <st:setHeader name="Cache-Control" value="no-cache,no-store,must-revalidate"/>
+    <!-- response contentType header -->
+    <st:contentType value="text/html;charset=UTF-8"/>
+    <x:doctype name="html"/>
+    <html lang="${request.getLocale().toLanguageTag()}">
+        <head data-rooturl="${rootURL}" data-resurl="${resURL}" resURL="${resURL}">
+            <title>${%Starting Jenkins}</title>
+            <!-- we do not want bots on this page -->
+            <meta name="ROBOTS" content="NOFOLLOW"/>
+            <link rel="stylesheet" href="${resURL}/css/simple-page.css" type="text/css" />
+            <link rel="stylesheet" href="${resURL}/css/simple-page.theme.css" type="text/css" />
+            <link rel="stylesheet" href="${resURL}/css/loading.css" type="text/css" />
+        </head>
+        <body>
+            <div class="simple-page" role="main">
+                <div class="modal signup">
+                    <div class="signupIntroDefault">
+                        <div class="logo"></div>
+                        <h1 class="loading">
+                            ${%Please wait while Jenkins is getting ready to work}
+                            <span>.</span><span>.</span><span>.</span>
+                        </h1>
+                        <p>
+                            ${%Your browser will reload automatically when Jenkins is ready.}
+                        </p>
+                    </div>
+                </div>
+            </div>
+            <script src="${resURL}/scripts/loading.js" type="text/javascript"></script>
+            <script>safeRedirector(window.location.href);</script>
+        </body>
+    </html>
 </j:jelly>
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/util/HudsonIsRestarting/index.jelly b/core/src/main/resources/hudson/util/HudsonIsRestarting/index.jelly
index 65e8bb6e45..aafd2cfc60 100644
--- a/core/src/main/resources/hudson/util/HudsonIsRestarting/index.jelly
+++ b/core/src/main/resources/hudson/util/HudsonIsRestarting/index.jelly
@@ -23,22 +23,41 @@ THE SOFTWARE.
 -->
 
 <?jelly escape-by-default='true'?>
-<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form" xmlns:i="jelly:fmt">
-  <st:statusCode value="503" /><!-- SERVICE NOT AVAILABLE -->
-  <l:layout>
-    <l:header title="Jenkins">
-      <!--meta http-equiv="refresh" content="5" /-->
-    </l:header>
-    <l:side-panel />
-    <l:main-panel>
-      <h1 style="margin-top:4em">
-        ${%Please wait while Jenkins is restarting}<span id="progress">...</span>
-      </h1>
-      <p style="color:grey">
-        ${%Your browser will reload automatically when Jenkins is ready.}
-      </p>
 
-      <script>applySafeRedirector(window.location.href)</script>
-    </l:main-panel>
-  </l:layout>
-</j:jelly>
\ No newline at end of file
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:x="jelly:xml" xmlns:f="/lib/form">
+
+    <st:statusCode value="503"/><!-- SERVICE NOT AVAILABLE -->
+    <st:setHeader name="Expires" value="0"/>
+    <st:setHeader name="Cache-Control" value="no-cache,no-store,must-revalidate"/>
+    <!-- response contentType header -->
+    <st:contentType value="text/html;charset=UTF-8"/>
+    <x:doctype name="html"/>
+    <html lang="${request.getLocale().toLanguageTag()}">
+        <head data-rooturl="${rootURL}" data-resurl="${resURL}" resURL="${resURL}">
+            <title>${%Restarting Jenkins}</title>
+            <!-- we do not want bots on this page -->
+            <meta name="ROBOTS" content="NOFOLLOW"/>
+            <link rel="stylesheet" href="${resURL}/css/simple-page.css" type="text/css" />
+            <link rel="stylesheet" href="${resURL}/css/simple-page.theme.css" type="text/css" />
+            <link rel="stylesheet" href="${resURL}/css/loading.css" type="text/css" />
+        </head>
+        <body>
+            <div class="simple-page" role="main">
+                <div class="modal signup">
+                    <div class="signupIntroDefault">
+                        <div class="logo"></div>
+                        <h1 class="loading">
+                            ${%Please wait while Jenkins is restarting}
+                            <span>.</span><span>.</span><span>.</span>
+                        </h1>
+                        <p>
+                            ${%Your browser will reload automatically when Jenkins is ready.}
+                        </p>
+                    </div>
+                </div>
+            </div>
+            <script src="${resURL}/scripts/loading.js" type="text/javascript"></script>
+            <script>safeRedirector(window.location.href);</script>
+        </body>
+    </html>
+</j:jelly>
diff --git a/core/src/main/resources/jenkins/model/DefaultSimplePageDecorator/simple-head.jelly b/core/src/main/resources/jenkins/model/DefaultSimplePageDecorator/simple-head.jelly
new file mode 100644
index 0000000000..c8ff1fb711
--- /dev/null
+++ b/core/src/main/resources/jenkins/model/DefaultSimplePageDecorator/simple-head.jelly
@@ -0,0 +1,29 @@
+<!--
+The MIT License
+
+Copyright (c) 2018, CloudBees, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core">
+  <link rel="stylesheet" href="${resURL}/css/simple-page.css" type="text/css" />
+  <link rel="stylesheet" href="${resURL}/css/simple-page.theme.css" type="text/css" />
+  <link rel="stylesheet" href="${resURL}/css/simple-page-forms.css" type="text/css" />
+</j:jelly>
diff --git a/core/src/main/resources/jenkins/model/DefaultSimplePageDecorator/simple-header.jelly b/core/src/main/resources/jenkins/model/DefaultSimplePageDecorator/simple-header.jelly
new file mode 100644
index 0000000000..59c61a3c2c
--- /dev/null
+++ b/core/src/main/resources/jenkins/model/DefaultSimplePageDecorator/simple-header.jelly
@@ -0,0 +1,30 @@
+<!--
+The MIT License
+
+Copyright (c) 2018, CloudBees, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core">
+    <div id="loginIntroDefault">
+        <div class="logo"> </div>
+        <h1>${%Welcome to Jenkins!}</h1>
+    </div>
+</j:jelly>
diff --git a/core/src/main/resources/jenkins/model/Jenkins/login.jelly b/core/src/main/resources/jenkins/model/Jenkins/login.jelly
index cb4ed08319..3276493af8 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/login.jelly
+++ b/core/src/main/resources/jenkins/model/Jenkins/login.jelly
@@ -23,58 +23,136 @@ THE SOFTWARE.
 -->
 
 <?jelly escape-by-default='true'?>
-<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
-  <j:choose>
-  <j:when test="${it.setupWizard.isUsingSecurityToken()}">
-    <st:include it="${it.setupWizard}" page="authenticate-security-token"/>
-  </j:when>
-  <j:otherwise>
-  <l:layout norefresh="true">
-    <l:hasPermission permission="${app.READ}">
-      <st:include page="sidepanel.jelly" />
-    </l:hasPermission>
-    <l:main-panel>
-      <div style="margin: 2em;">
-        <!-- login form -->
-        <form name="login" action="${it.securityRealm.authenticationGatewayUrl}" method="post" style="text-size:smaller">
-          <table>
-            <tr>
-              <td>${%User}:</td>
-              <td><input type="text" name="j_username" id="j_username" autocorrect="off" autocapitalize="off" /></td>
-            </tr>
-            <tr>
-              <td>${%Password}:</td>
-              <td><input type="password" name="j_password" /></td>
-            </tr>
-            <j:if test="${app.security.name()=='SECURED' and !app.disableRememberMe}">
-              <!-- remember me service only available for Acegi -->
-              <tr>
-                <td align="right"><input id="remember_me" type="checkbox" name="remember_me" /></td>
-                <td><label for="remember_me">${%Remember me on this computer}</label></td>
-              </tr>
-            </j:if>
-          </table>
-          <input type="hidden" name="from" value="${request.getParameter('from')}" />
-          <f:submit value="${%login}" />
-          <script>
-            $('j_username').focus();
-          </script>
-        </form>
+<j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form" xmlns:x="jelly:xml" xmlns:st="jelly:stapler">
+  <!-- deactivate all caching -->
+  <st:setHeader name="Expires" value="0" />
+  <st:setHeader name="Cache-Control" value="no-cache,no-store,must-revalidate" />
+  <j:new var="h" className="hudson.Functions" /><!-- instead of JSP functions -->
+  <!-- needed for cli -->
+  <j:if test="${request.servletPath=='/' || request.servletPath==''}">
+    ${h.advertiseHeaders(response)}
+    <j:forEach var="pd" items="${h.pageDecorators}">
+      <st:include it="${pd}" page="httpHeaders.jelly" optional="true"/>
+    </j:forEach>
+  </j:if>
+  <!-- response contentType header -->
+  <st:contentType value="text/html;charset=UTF-8" />
+  <!--
+    needed to generate a session if non exists,
+    without it we would add ";jsessionid=" to the url which will result in a 404
+  -->
+  <j:set var="_" value="${request.getSession()}"/>
+  <!-- get default/commong page variable -->
+  ${h.initPageVariables(context)}
+  <x:doctype name="html" />
+  <!-- needed for the redirect after login -->
+  <j:set var="from" value="${error ? request.session.getAttribute('from') : request.getParameter('from')}"/>
+  <!-- in case of error we want to surround the form elements with an error hint -->
+  <j:set var="inputClass" value="${error ? 'danger' : 'normal'}"/>
+  <j:set var="simpleDecorator" value="${h.simplePageDecorator}"/>
+  <!-- real deal starting here -->
+  <html lang="${request.getLocale().toLanguageTag()}">
+    <head data-rooturl="${rootURL}" data-resurl="${resURL}" resURL="${resURL}">
+      <title>${%signIn} [Jenkins]</title>
+      <!-- we do not want bots on this page -->
+      <meta name="ROBOTS" content="NOFOLLOW" />
+      <!-- css styling, will fallback to default implementation -->
+      <st:include it="${simpleDecorator}" page="simple-head.jelly" optional="true"/>
+    </head>
+    <body>
+      <j:choose>
+        <j:when test="${it.setupWizard.isUsingSecurityToken()}">
+          <st:include it="${it.setupWizard}" page="authenticate-security-token"/>
+        </j:when>
+        <j:otherwise>
+          <div class="simple-page" role="main">
+            <div class="modal login">
+              <st:include it="${simpleDecorator}" page="simple-header.jelly" optional="true"/>
+              <!-- login form -->
+              <form name="login" action="${it.securityRealm.authenticationGatewayUrl}" method="post">
+                <j:if test="${it.securityRealm.allowsSignup()}">
+                  <div class="signupTag">
+                    ${%signUp}
+                  </div>
+                </j:if>
+                <j:if test="${error}">
+                  <div class="alert alert-danger">
+                    ${%Invalid username or password}
+                  </div>
+                </j:if>
+                <div class="formRow">
+                  <input
+                    class="${inputClass}"
+                    type="text"
+                    name="j_username"
+                    id="j_username"
+                    autocorrect="off"
+                    autocapitalize="off"
+                    placeholder="${%Username}"
+                  />
+                </div>
+                <div class="formRow">
+                  <input
+                    class="${inputClass}"
+                    type="password"
+                    name="j_password"
+                    placeholder="${%Password}"
+                  />
+                </div>
+                <input type="hidden" name="from" value="${from}" />
+                <div class="submit formRow"><f:submit value="${%signIn}" /></div>
+                <!-- focus the username field -->
+                <script type="text/javascript">
+                  document.getElementById('j_username').focus();
+                  var checkBoxClick = function(event) {
+                    document.getElementById('remember_me').click();
+                  }
+                </script>
 
-        <j:forEach var="fls" items="${it.getFederatedLoginServices()}">
-          <div>
-            <st:include page="loginFragment.jelly" it="${fls}"/>
-          </div>
-        </j:forEach>
+                <j:if test="${app.security.name()=='SECURED' and !app.disableRememberMe}">
+                  <!-- remember me service only available for Acegi -->
+                  <div class="Checkbox Checkbox-medium">
+                    <label class="Checkbox-wrapper">
+                      <input
+                        type="checkbox"
+                        id="remember_me"
+                        name="remember_me"
+                      />
+                      <div class="Checkbox-indicator">
+                        <svg
+                          xmlns="http://www.w3.org/2000/svg"
+                          focusable="false"
+                          width="25"
+                          height="25"
+                          class="svg-icon check"
+                          viewBox="0 0 24 24">
+                          <path d="M9 16.17L4.83 12l-1.42 1.41L9 19 21 7l-1.41-1.41z"></path>
+                        </svg>
+                      </div>
+                      <div class="Checkbox-text">
+                        ${%Keep me signed in}
+                      </div>
+                    </label>
+                  </div>
+                </j:if>
+
+              </form>
+
+              <j:forEach var="fls" items="${it.getFederatedLoginServices()}">
+                <div>
+                  <st:include page="loginFragment.jelly" it="${fls}"/>
+                </div>
+              </j:forEach>
+
+              <div class="footer">
+
+                <st:include it="${simpleDecorator}" page="simple-footer.jelly" optional="true"/>
+              </div>
 
-        <j:if test="${it.securityRealm.allowsSignup()}">
-          <div style="margin-top:2em">
-            ${%signUp}
+            </div>
           </div>
-        </j:if>
-      </div>
-    </l:main-panel>
-  </l:layout>
-  </j:otherwise>
-  </j:choose>
+        </j:otherwise>
+      </j:choose>
+    </body>
+  </html>
 </j:jelly>
diff --git a/core/src/main/resources/jenkins/model/Jenkins/login.properties b/core/src/main/resources/jenkins/model/Jenkins/login.properties
index d297fd6dc9..1cb864cfbb 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/login.properties
+++ b/core/src/main/resources/jenkins/model/Jenkins/login.properties
@@ -20,5 +20,7 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-signUp=<a href="signup">Create an account</a> if you are not a member yet.
+signUp=Please sign in below or <a href="signup">create an account</a>.
 login=log in
+signIn=Sign in
+loginWelcome=Welcome to Jenkins!
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/model/Jenkins/loginError.jelly b/core/src/main/resources/jenkins/model/Jenkins/loginError.jelly
index a5a9549aca..0e178b2df8 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/loginError.jelly
+++ b/core/src/main/resources/jenkins/model/Jenkins/loginError.jelly
@@ -24,7 +24,7 @@ THE SOFTWARE.
 
 <!-- report a login error -->
 <?jelly escape-by-default='true'?>
-<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler">
   <j:choose>
     <j:new var="h" className="hudson.Functions" />
     <j:when test="${app.setupWizard.isUsingSecurityToken()}">
@@ -32,28 +32,9 @@ THE SOFTWARE.
       <st:include it="${app.setupWizard}" page="authenticate-security-token"/>
     </j:when>
     <j:when test="${app.isUseSecurity() and h.isAnonymous()}">
-      <!--
-        The only time the error message makes sense is when Jenkins is protected and the user failed to authenticate.
-        If the user accidentally comes to this page (by back button, etc), redirect away to prevent a confusion.
-      -->
       <st:statusCode value="401" />
-      <l:layout title="${%Login Error}">
-        <l:hasPermission permission="${app.READ}">
-          <st:include page="sidepanel.jelly" />
-        </l:hasPermission>
-        <l:main-panel>
-          <div style="margin: 2em; text-align:center; color:red; font-weight:bold">
-            ${%Invalid login information. Please try again.}
-            <br/>       
-            <a href="login?from=${request.session.getAttribute('from')}">${%Try again}</a>
-          </div>
-          <div align="middle">
-            <div style="margin-top:2em; color:gray; width:20em">
-              ${%If you are a system administrator and suspect this to be a configuration problem, see the server console output for more details.}
-            </div>
-          </div>
-        </l:main-panel>
-      </l:layout>
+      <j:set var="error" value="true"/>
+      <st:include it="${it}" page="login.jelly"/>
     </j:when>
     <j:otherwise>
       <st:redirect url="." />
diff --git a/war/src/main/webapp/css/loading.css b/war/src/main/webapp/css/loading.css
new file mode 100644
index 0000000000..c6ed611c28
--- /dev/null
+++ b/war/src/main/webapp/css/loading.css
@@ -0,0 +1,86 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+@keyframes blink {
+    /**
+     * At the start of the animation the dot
+     * has an opacity of .2
+     */
+    0% {
+      opacity: .2;
+    }
+    /**
+     * At 20% the dot is fully visible and
+     * then fades out slowly
+     */
+    20% {
+      opacity: 1;
+    }
+    /**
+     * Until it reaches an opacity of .2 and
+     * the animation can start again
+     */
+    100% {
+      opacity: .2;
+    }
+}
+.loading span {
+    /**
+     * Use the blink animation, which is defined above
+     */
+    animation-name: blink;
+    /**
+     * The animation should take 1.4 seconds
+     */
+    animation-duration: 1.4s;
+    /**
+     * It will repeat itself forever
+     */
+    animation-iteration-count: infinite;
+    /**
+     * This makes sure that the starting style (opacity: .2)
+     * of the animation is applied before the animation starts.
+     * Otherwise we would see a short flash or would have
+     * to set the default styling of the dots to the same
+     * as the animation. Same applies for the ending styles.
+     */
+    animation-fill-mode: both;
+}
+
+.loading span:nth-child(2) {
+    /**
+     * Starts the animation of the third dot
+     * with a delay of .2s, otherwise all dots
+     * would animate at the same time
+     */
+    animation-delay: .2s;
+}
+
+.loading span:nth-child(3) {
+    /**
+     * Starts the animation of the third dot
+     * with a delay of .4s, otherwise all dots
+     * would animate at the same time
+     */
+    animation-delay: .4s;
+}
diff --git a/war/src/main/webapp/css/signup.css b/war/src/main/webapp/css/signup.css
new file mode 100644
index 0000000000..17a7b58a38
--- /dev/null
+++ b/war/src/main/webapp/css/signup.css
@@ -0,0 +1,56 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+.signup{
+  min-width: 480px;
+  max-width: 480px;
+  width: 480px;
+}
+.signupIntroDefault {
+  text-align: center;
+}
+form.signup{
+  min-width: 480px;
+  max-width: 480px;
+  width: 480px;
+  text-align: left;
+}
+.inputHeader {
+  display: flex;
+  justify-content: space-between;
+  align-items: center;
+}
+#showPassword {
+  width: unset;
+  margin-right: 5px;
+}
+.combinedElement{
+  display: flex;
+  align-items: center;
+}
+label {
+  margin-bottom: 7px;
+}
+#passwordStrengthWrapper {
+  margin-top: 4px;
+}
\ No newline at end of file
diff --git a/war/src/main/webapp/css/simple-page-forms.css b/war/src/main/webapp/css/simple-page-forms.css
new file mode 100644
index 0000000000..cac4a03afd
--- /dev/null
+++ b/war/src/main/webapp/css/simple-page-forms.css
@@ -0,0 +1,79 @@
+.Checkbox {
+  display: inline-block;
+}
+.Checkbox .svg-icon {
+  width: 20px;
+  height: 20px;
+}
+.Checkbox .Checkbox-wrapper {
+  display: flex;
+  align-items: center;
+}
+.Checkbox input[type="checkbox"] {
+  border: 0;
+  clip: rect(0, 0, 0, 0);
+  height: 1px;
+  margin: -1px;
+  overflow: hidden;
+  padding: 0;
+  position: absolute;
+  width: 1px;
+}
+.Checkbox .Checkbox-indicator {
+  display: flex;
+  border: 1px solid rgba(73, 73, 73, 0.5);
+  border-radius: 3px;
+  cursor: pointer;
+}
+.Checkbox .Checkbox-text {
+  margin-left: 5px;
+  cursor: pointer;
+}
+.Checkbox .svg-icon {
+  opacity: 0;
+  fill: #fff;
+  transition: opacity 0.1s linear;
+}
+.Checkbox input[type="checkbox"]:checked + .Checkbox-indicator {
+  background-color: #4A90E2;
+  border-color: #4A90E2;
+}
+.Checkbox input[type="checkbox"]:checked + .Checkbox-indicator .svg-icon {
+  opacity: 1;
+}
+.Checkbox input[type="checkbox"]:focus + .Checkbox-indicator,
+.Checkbox.focus .Checkbox-indicator {
+  outline: 0;
+  box-shadow: inset 0 0 2px 3px rgba(0, 0, 0, 0.2);
+}
+.Checkbox input[disabled] + .Checkbox-indicator,
+fieldset[disabled] .Checkbox input + .Checkbox-indicator,
+.Checkbox input[disabled] ~ .Checkbox-text,
+fieldset[disabled] .Checkbox input ~ .Checkbox-text {
+  opacity: 0.4;
+  cursor: auto;
+}
+@media all and (-ms-high-contrast: none), (-ms-high-contrast: active) {
+  .Checkbox input[type="checkbox"]:focus + .Checkbox-indicator,
+  .Checkbox.focus .Checkbox-indicator {
+    box-shadow: inset 0 0 1px 3px rgba(0, 0, 0, 0.2);
+  }
+}
+@supports (-ms-ime-align:auto) {
+  .Checkbox input[type="checkbox"]:focus + .Checkbox-indicator,
+  .Checkbox.focus .Checkbox-indicator {
+    box-shadow: inset 0 0 1px 3px rgba(0, 0, 0, 0.2);
+  }
+}
+.Checkbox-small .svg-icon {
+  width: 16px;
+  height: 16px;
+}
+.Checkbox-medium .svg-icon {
+  width: 20px;
+  height: 20px;
+}
+.Checkbox-large .svg-icon {
+  width: 24px;
+  height: 24px;
+}
\ No newline at end of file
diff --git a/war/src/main/webapp/css/simple-page.css b/war/src/main/webapp/css/simple-page.css
new file mode 100644
index 0000000000..d269ceb791
--- /dev/null
+++ b/war/src/main/webapp/css/simple-page.css
@@ -0,0 +1,135 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+html {
+  height: 100vh;
+  font-family: "LatoLatinWeb", "Lato", "Helvetica Neue", Helvetica, Arial, sans-serif;
+  font-size: 14px;
+  line-height: 18px;
+}
+
+.simple-page h1 {
+  font-size: 24px;
+}
+
+.simple-page {
+  text-align: center;
+  display: -webkit-box;
+  display: -moz-box;
+  display: -ms-flexbox;
+  display: -webkit-flex;
+  display: flex;
+  -webkit-box-align: center;
+  -moz-box-align: center;
+  -ms-flex-align: center;
+  -webkit-align-items: center;
+  align-items: center;
+  -webkit-box-pack: center;
+  -moz-box-pack: center;
+  -ms-flex-pack: center;
+  -webkit-justify-content: center;
+  justify-content: center;
+  min-height: 90vh;
+}
+
+.simple-page form {
+  min-width: 300px;
+  max-width: 300px;
+  width: 300px;
+}
+
+.simple-page input {
+  padding: 6px 8px;
+  display: inline-block;
+  text-align: left;
+  text-decoration: none;
+  font-size: 18px;
+  border-radius: 3px;
+  border: 1px solid rgba(74,74,74,0.25);
+}
+
+.simple-page input[type=text],
+.simple-page input[type=password],
+.simple-page input[type=submit] {
+  width: 100%;
+  box-sizing: border-box;
+}
+
+.simple-page .formRow {
+  margin-top: 27px;
+}
+.simple-page .formRow ~ .formRow {
+  margin-top: 16px;
+}
+
+.simple-page input[type=submit] {
+  text-align: center;
+}
+
+.simple-page form .submit input {
+  border-radius: 3px;
+  color: #fff;
+  cursor: pointer;
+}
+
+.simple-page .alert {
+  text-align: center;
+  font-size: 14px;
+  line-height: 18px;
+}
+
+.simple-page .Checkbox-wrapper {
+  justify-content: center;
+}
+.simple-page .login .Checkbox-wrapper {
+  margin-top: 20px;
+}
+#remember_me{
+  width: unset;
+  margin-right: 5px;
+}
+
+/* forms */
+
+/**
+ * 1. Add the correct box sizing in IE 10-.
+ * 2. Remove the padding in IE 10-.
+ */
+
+[type="checkbox"],
+[type="radio"] {
+  box-sizing: border-box; /* 1 */
+  padding: 0; /* 2 */
+}
+
+.layout-small {
+    font-size: 12px;
+}
+
+.layout-medium {
+    font-size: 14px;
+}
+
+.layout-large {
+    font-size: 18px;
+}
\ No newline at end of file
diff --git a/war/src/main/webapp/css/simple-page.theme.css b/war/src/main/webapp/css/simple-page.theme.css
new file mode 100644
index 0000000000..af00024ceb
--- /dev/null
+++ b/war/src/main/webapp/css/simple-page.theme.css
@@ -0,0 +1,66 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+/*
+ * IE11 prevents of the usage of variable,
+ * but to show the color theme we left it here
+ */
+:root {
+  --main-bg-color-focus: #2171ce;
+  --main-bg-color: #4A90E2;
+  --danger-color: #C4000A;
+}
+
+html {
+  color: #4A4A4A;
+}
+
+.simple-page .logo {
+  background-image: url('../images/jenkins.svg');
+  background-repeat: no-repeat;
+  background-position: 50% 0;
+  height: 130px;
+}
+
+.simple-page form .submit input:focus {
+  background-color: #2171ce; /*var(--main-bg-color-focus);*/
+  border: solid 1px #2171ce; /*var(--main-bg-color-focus);*/
+}
+
+.simple-page form .submit input {
+  background-color: #4A90E2; /*var(--main-bg-color);*/
+  border: solid 1px #4A90E2; /*var(--main-bg-color-focus);*/
+}
+
+.simple-page input.normal:focus {
+  border: solid 1px #2171ce; /*var(--main-bg-color-focus);*/
+}
+
+ .simple-page .danger {
+  border: 1px solid #C4000A; /*var(--danger-color);*/
+  box-shadow: 0 0 1px #C4000A; /*var(--danger-color);*/
+}
+
+.simple-page .alert {
+  color: #C4000A; /*var(--danger-color);*/
+}
\ No newline at end of file
diff --git a/war/src/main/webapp/images/jenkins.svg b/war/src/main/webapp/images/jenkins.svg
new file mode 100644
index 0000000000..c9ee5d084a
--- /dev/null
+++ b/war/src/main/webapp/images/jenkins.svg
@@ -0,0 +1 @@
+<svg width="87" height="120" xmlns="http://www.w3.org/2000/svg"><g fill="none" fill-rule="evenodd"><path d="M85.602 57.693c0 23.62-18.783 42.774-41.947 42.774-23.163 0-41.946-19.153-41.946-42.774 0-23.62 18.783-42.774 41.946-42.774 23.164 0 41.947 19.153 41.947 42.774" fill="#D33833" fill-rule="nonzero"/><path d="M3.402 68.284S.365 23.683 41.605 22.405l-2.874-4.777-22.419 7.487-6.392 7.331-5.593 10.677-3.2 12.387.955 8.284" fill="#EF3D3A" fill-rule="nonzero"/><path d="M14.907 28.514A41.733 41.733 0 0 0 2.99 57.855 41.733 41.733 0 0 0 14.907 87.19a40.117 40.117 0 0 0 28.74 12.139 40.117 40.117 0 0 0 28.742-12.14 41.733 41.733 0 0 0 11.916-29.334 41.733 41.733 0 0 0-11.916-29.341 40.124 40.124 0 0 0-28.741-12.14 40.124 40.124 0 0 0-28.741 12.14zm-1.865 60.518A44.361 44.361 0 0 1 .381 57.88a44.361 44.361 0 0 1 12.661-31.154A42.731 42.731 0 0 1 43.64 13.804a42.731 42.731 0 0 1 30.597 12.921A44.353 44.353 0 0 1 86.9 57.88a44.353 44.353 0 0 1-12.654 31.153 42.739 42.739 0 0 1-30.597 12.922 42.739 42.739 0 0 1-30.606-12.922z" fill="#231F20" fill-rule="nonzero"/><path fill="#F0D6B7" fill-rule="nonzero" d="M61.312 57.925l-6.393.952-8.63.953-5.593.162-5.438-.162-4.187-1.262-3.674-3.98-2.85-8.136-.638-1.75-3.837-1.277-2.206-3.662-1.6-5.257 1.755-4.645 4.156-1.433 3.356 1.595 1.6 3.507 1.919-.317.637-.774-.637-3.662-.163-4.645.955-6.372v-3.639l2.913-4.645 5.111-3.662 8.949-3.824 9.888 1.455 8.63 6.194 3.993 6.371 2.556 4.645.637 11.474-1.919 9.879-3.519 8.764-3.355 4.645"/><path fill="#335061" fill-rule="nonzero" d="M55.874 85.486l-22.86.953v3.824l1.941 13.386-.955 1.115-15.986-5.42-1.119-1.912-1.6-18-3.674-10.838-.777-2.548 12.74-8.756 3.992-1.595L31.07 60l3.038 2.71 3.518 1.115 1.6.48 1.92 8.283 1.436 1.75 3.675-1.277L43.702 78l13.904 6.534-1.755.952"/><path fill="#6D6B6D" fill-rule="nonzero" d="M17.99 29.892l4.156-1.433 3.356 1.595 1.6 3.507 1.919-.317.481-1.912-.955-3.662.97-8.772-.776-4.777 2.874-3.344 6.214-4.94-1.755-2.392-8.809 4.297-3.674 2.864-2.074 4.46-3.208 4.289-.956 5.094.637 5.42"/><path d="M24.546 14.919s2.4-5.892 11.986-8.764c9.586-2.872.482-2.075.482-2.075L26.628 8.06l-3.992 3.979-1.756 3.19 3.674-.318M19.754 28.777s-3.356-11.149 9.43-12.743l-.482-1.913-8.793 2.075-2.556 8.284.637 5.42 1.756-1.115" fill="#DCD9D8" fill-rule="nonzero"/><path d="M24.857 43.587l2.09-2.02c.603.11 1.056.613 1.103 1.223.163 1.115.637 11.148 7.511 16.567.63.496-5.111-.774-5.111-.774l-5.111-7.966M54.274 40.56s.373-4.831 1.678-4.46a1.79 1.79 0 0 1 1.305 1.673s-3.17 2.044-2.983 2.787M67.542 22.877s-2.634.558-2.875 2.865c-.24 2.307 2.875.48 3.356.317M48.2 23.04s-3.52.48-3.52 2.71 3.993 2.075 5.112 1.115M26.465 33.391s-6.074-3.662-6.711-.163c-.637 3.5-2.082 6.055.955 9.717l-2.074-.635-1.919-4.94-.637-4.776 3.675-3.825 4.155.317L26.31 31l.164 2.392M29.34 23.357s2.718-14.02 16.46-16.73c11.317-2.23 17.26.48 19.497 3.027 0 0-10.099-11.946-19.66-8.284-9.563 3.662-16.624 10.359-16.46 14.656.27 7.324.162 7.331.162 7.331M66.423 11.249s-4.66-.163-4.793 3.98c.015.443.124.878.319 1.277 0 0 3.674-4.142 5.911-1.912" fill="#F7E4CD" fill-rule="nonzero"/><path d="M46.126 16.94s-.777-6.357-6.215-2.664c-3.519 2.392-3.192 5.737-2.555 6.372.637.635.466 1.92.955 1.037.49-.882.326-3.747 2.082-4.544 1.755-.798 4.66-1.688 5.756-.21" fill="#F7E4CD" fill-rule="nonzero"/><path d="M31.071 60l-15.023 6.689s6.215 24.69 3.038 32.338l-2.238-.774-.163-9.399-4.155-17.806-1.756-4.94 15.66-10.513 4.66 4.46M32.625 73.657l2.128 2.593v9.562h-2.555s-.319-6.69-.319-7.487c0-.797.319-3.662.319-3.662M32.695 87.236l-7.193.318 2.082 1.432 5.11.774" fill="#49728B" fill-rule="nonzero"/><path fill="#335061" fill-rule="nonzero" d="M57.311 85.649l5.912-.163 1.437 14.656-6.075.774-1.282-15.29"/><path d="M58.911 85.649l8.949-.48s3.674-9.236 3.674-9.716c0-.48 3.2-13.378 3.2-13.378l-7.192-7.487-1.438-1.277-3.837 3.824v14.819l-3.356 13.703" fill="#335061" fill-rule="nonzero"/><path d="M62.92 84.534l-5.593 1.115.777 4.46c2.074.952 5.592-1.595 5.592-1.595M63.067 56.655l11.186 8.284.318-3.824-8.467-7.804-3.037 3.344" fill="#49728B" fill-rule="nonzero"/><path fill="#FFF" fill-rule="nonzero" d="M38.241 117.027l-3.286-13.378-1.646-9.879-.272-7.331 14.976-.774h9.322l-.847 16.73 1.437 12.906-.163 2.392-12.15.952-7.355-1.595"/><path d="M55.237 85.486s-.777 16.568 1.6 28.36a30.607 30.607 0 0 1-11.83 3.831l13.423-.48 1.6-.952-1.919-26.129-.481-5.574" fill="#DCD9D8" fill-rule="nonzero"/><path fill="#FFF" fill-rule="nonzero" d="M64.94 98.872l6.214-1.75 11.83-.634 1.756-5.42-3.177-9.406-3.675-.48-5.11 1.595-4.918 2.384-2.602-.48-2.028.774"/><path d="M64.823 95.683s4.156-1.913 4.793-1.75L67.86 85.16l2.074-.774s1.437 8.284 1.437 9.236c0 0 8.949.48 9.749.48a14.428 14.428 0 0 0 1.437-7.486l1.755 5.094.163 2.864L81.92 98.4l-2.874.635-4.793-.163-1.6-2.098-5.593.774-1.756.635" fill="#DCD9D8" fill-rule="nonzero"/><path d="M58.546 84.387l-3.518-8.919-3.675-5.256s.777-2.23 1.919-2.23h3.674l3.519 1.277-.318 5.892-1.6 9.236" fill="#FFF" fill-rule="nonzero"/><path d="M59.23 81.345s-4.474-8.602-4.474-9.88c0 0 .776-1.911 1.918-1.431s3.52 1.75 3.52 1.75v-3.028l-5.438-1.115-3.675.48 6.215 14.656 1.281.162" fill="#DCD9D8" fill-rule="nonzero"/><path fill="#FFF" fill-rule="nonzero" d="M39.686 60.317l-4.428-.48-4.187-1.27V60l2.028 2.23 6.393 2.864"/><path d="M32.54 60.797s4.955 2.075 6.556 1.595l.155 1.913-4.474-.953-2.72-1.912.483-.635" fill="#DCD9D8" fill-rule="nonzero"/><path d="M64.916 68.508a30.468 30.468 0 0 1-7.31-1.006c.148-.875-.124-1.734.094-2.37.598-.425 1.6-.425 2.5-.526a4.371 4.371 0 0 0-2.78-.31 4.425 4.425 0 0 0-.458-1.462c1.553-.542 5.126-4.096 7.146-2.92.963.558 1.375 3.763 1.453 5.312a5.404 5.404 0 0 1-.645 3.275" fill="#D33833" fill-rule="nonzero"/><path d="M64.916 68.508a30.468 30.468 0 0 1-7.31-1.006c.148-.875-.124-1.734.094-2.37.598-.425 1.6-.425 2.5-.526a4.371 4.371 0 0 0-2.78-.31 4.425 4.425 0 0 0-.458-1.462c1.553-.542 5.126-4.096 7.146-2.92.963.558 1.375 3.763 1.453 5.312a5.404 5.404 0 0 1-.645 3.282z" stroke="#D33833" stroke-width="2"/><path d="M51.951 64.088v.62c-.846.557-2.213.549-3.107 1.013a8.186 8.186 0 0 1 3.38.852c0 .516-.021 1.032-.063 1.548-1.553 1.06-2.967 2.64-4.8 3.631-.863.473-3.884 1.68-4.816 1.463-.52-.123-.568-.774-.777-1.37-.443-1.3-1.46-3.368-1.554-5.319-.116-2.47-.365-6.603 2.33-6.1a23.898 23.898 0 0 1 6.324 2.322c1.017.558 1.608 1.24 3.153 1.363" fill="#D33833" fill-rule="nonzero"/><path d="M51.951 64.088v.62c-.846.557-2.213.549-3.107 1.013a8.186 8.186 0 0 1 3.38.852c0 .516-.021 1.032-.063 1.548-1.553 1.06-2.967 2.64-4.8 3.631-.863.473-3.884 1.68-4.816 1.463-.52-.123-.568-.774-.777-1.37-.443-1.3-1.46-3.368-1.554-5.319-.116-2.47-.365-6.603 2.33-6.1a23.898 23.898 0 0 1 6.324 2.322c.947.535 1.538 1.224 3.083 1.34z" stroke="#D33833" stroke-width="2"/><path d="M53.49 67.037c-.234-1.347-.513-1.726-.404-2.903 3.596-2.392 4.272 4.111.403 2.903" fill="#D33833" fill-rule="nonzero"/><path d="M53.49 67.037c-.234-1.347-.513-1.726-.404-2.903 3.62-2.392 4.272 4.103.403 2.903z" stroke="#D33833" stroke-width="2"/><path d="M58.702 68.129s-1.119-1.595-.319-2.075c.8-.48 1.6 0 2.082-.774.482-.774 0-1.277.163-2.23.163-.952.963-1.115 1.756-1.277.792-.163 3.037-.48 3.355.317l-.955-2.864-1.919-.635-6.074 3.507-.319 1.75v3.507M41.946 73.378a594.31 594.31 0 0 0-.621-7.455c-.342-3.709.893-3.097 4.117-3.097.49 0 3.03.588 3.216.952.87 1.773-1.46 1.378 1.002 2.717 2.082 1.13 5.748-.689 4.91-3.197-.467-.557-2.448-.17-3.155-.542l-3.744-1.935c-1.553-.821-5.258-2.021-6.99-.875-4.296 2.91.271 10.18 1.801 13.215" fill="#EF3D3A" fill-rule="nonzero"/><path d="M46.126 16.94c-4.358-1.015-6.525 1.819-7.846 4.753-1.18-.287-.707-1.881-.412-2.694.777-2.137 3.884-4.986 6.486-4.599 1.104.163 2.603 1.169 1.764 2.547M67.355 21.886h.225a44.848 44.848 0 0 0 3.108 6c-.832 1.928-6.3 3.64-6.215.17 1.18-.518 3.224-.108 4.273-.773-.606-1.657-1.484-3.097-1.344-5.42M48.355 21.94c.932 1.704 1.235 3.5 2.563 4.793.598.58 1.764 1.285 1.181 2.903a3.695 3.695 0 0 1-1.686 1.394c-2.074.611-6.913.124-5.274-2.455 1.717.078 4.024 1.115 5.305-.131-.986-1.549-2.742-4.645-2.097-6.503M66.57 39.283c-3.107 1.997-6.61 4.18-11.729 3.67a3.452 3.452 0 0 1-.45-4.452c.551.944.202 2.694 1.747 2.957 2.905.496 6.285-1.773 8.382-2.563 1.297-2.175-.109-2.98-1.282-4.381-2.392-2.873-5.6-6.434-5.484-10.73.963-.698 1.049 1.068 1.189 1.385 1.25 2.911 4.388 6.635 6.68 9.128.56.611 1.491 1.2 1.592 1.61.295 1.177-.777 2.594-.652 3.376M25.37 37.161c-.979-.557-1.212-3.011-2.33-3.096-1.647-.101-1.344 3.181-1.337 5.101-1.134-1.021-1.328-4.172-.497-5.79-.947-.465-1.367.51-1.895.851.676-4.885 7.177-2.268 6.098 2.919M68.56 41.319c-1.453 2.756-3.512 5.798-7.769 5.891a10.471 10.471 0 0 1 0-2.787c3.263-.31 5.282-1.966 7.768-3.097M48.106 43.107c2.727 1.425 7.73 1.548 11.427 1.471.169.922.236 1.859.202 2.795-4.754.24-10.386-.937-11.652-4.266M47.594 45.77c1.88 4.715 8.358 4.173 13.81 4.042A2.914 2.914 0 0 1 60 51.406c-1.748.713-6.572 1.247-9.003 0-1.554-.812-2.532-2.655-3.371-3.739-.404-.519-2.44-1.858 0-1.858" fill="#231F20" fill-rule="nonzero"/><path d="M66.345 71.76c-2.206 3.77-4.326 7.649-6.944 10.97 1.095-3.22 1.553-8.609 1.732-12.72 2.33-1.076 4.265.24 5.212 1.75" fill="#81B0C4" fill-rule="nonzero"/><path d="M78.238 85.316c-2.47.496-4.21 2.888-6.626 2.733 1.328-1.866 3.65-2.648 6.626-2.733M79.325 89.172a36.372 36.372 0 0 1-6.431.371c.97-1.47 4.66-.968 6.431-.371M80.009 92.5c-2.268.047-5.08 0-7.24-.177 1.274-1.363 5.764-.504 7.24.178" fill="#231F20" fill-rule="nonzero"/><path d="M62.08 101.605c.327 2.834 1.453 5.714 1.313 8.818a9.293 9.293 0 0 1-3.65.774c-.117-2.64-.474-6.673-.366-9.19.824.055 2.043-.588 2.704-.41" fill="#DCD9D8" fill-rule="nonzero"/><path d="M58.43 59.799c-1.134.774-2.105 1.664-3.2 2.454-2.424.116-3.745-.17-5.523-1.548 0-.109.21-.062.217-.202 2.594 1.154 5.888-.472 8.545-.704" fill="#F0D6B7" fill-rule="nonzero"/><path d="M44.813 77.42c.714-3.097 3.503-4.646 6.043-6.365 2.618 3.314 4.21 7.572 5.966 11.675a61.205 61.205 0 0 1-12.01-5.31" fill="#81B0C4" fill-rule="nonzero"/><path d="M59.377 102.015c-.108 2.517.25 6.55.366 9.19a9.293 9.293 0 0 0 3.65-.774c.14-3.097-.986-5.977-1.312-8.818-.66-.194-1.88.457-2.704.402zM33.24 87.701a131.167 131.167 0 0 0 5.647 27.654c6.525 1.974 14.394 2.144 20.196.364-1.056-5.071-.598-11.242-1.211-16.653-.467-4.065-.226-8.16-.87-12.302-7.023-1.448-16.903-.34-23.762.937zm25.385-.875c-.062 4.359.194 8.655.528 13.014 1.678-.248 2.82-.418 4.374-.774-.505-4.196-.443-8.927-1.476-12.635a10.434 10.434 0 0 0-3.434.395h.008zm8.545-.705a10.49 10.49 0 0 0-2.486 0c.357 3.554 1.227 7.471 1.554 11.195 1.196 0 1.833-.526 2.82-.712.054-3.275-.288-7.742-1.865-10.49l-.023.007zm12.84 11.745c2.493-.604 4.063-3.654 3.363-6.782-.466-2.106-1.305-6.062-2.198-7.41-.66-.998-2.447-2.322-3.884-1.385-2.33 1.486-6.416 1.912-8.11 3.708.847 2.818 1.111 6.69 1.46 10.266 2.906.178 6.48-.774 8.887.24-1.685.542-3.884.55-5.328 1.34 1.188.572 3.977.456 5.794 0l.016.023zm-23.21-15.128c-1.756-4.11-3.348-8.369-5.966-11.675-2.517 1.711-5.313 3.26-6.02 6.356a61.205 61.205 0 0 0 12.001 5.32H56.8zm4.319-12.728c-.164 4.111-.637 9.5-1.733 12.72 2.618-3.329 4.739-7.2 6.945-10.97-.925-1.51-2.898-2.857-5.197-1.75h-.016zm-4.902-1.734c-.994-.108-1.833 1.138-3.107.596-.295.325-.567.682-.87.999 2.85 3.422 4.148 8.284 6.354 12.31 1.18-3.871 1.049-8.106 1.305-12.326-1.64.109-2.525-1.463-3.659-1.579h-.023zm-3.154-4.142c-.109 1.177.171 1.549.404 2.903 3.892 1.2 3.24-5.295-.38-2.903h-.024zm-4.264-1.424a23.898 23.898 0 0 0-6.323-2.323c-2.672-.51-2.416 3.631-2.33 6.1.085 1.952 1.11 4.019 1.553 5.32.21.603.256 1.246.777 1.37.916.217 3.953-.999 4.816-1.463 1.825-.991 3.247-2.57 4.8-3.631 0-.517.021-1.033.062-1.549a8.186 8.186 0 0 0-3.379-.851c.933-.465 2.33-.457 3.108-1.015v-.619c-1.476-.077-2.067-.766-3.084-1.34zm-15.924-2.88c-1.383 1.401 3.883 3.305 5.554 3.414 0-.883.505-1.719.404-2.323-1.997-.371-4.607-.14-5.966-1.076l.008-.015zm17.05.658c0 .14-.186.085-.217.201 1.778 1.386 3.107 1.672 5.522 1.548 1.096-.774 2.059-1.71 3.2-2.454-2.617.248-5.918 1.874-8.513.72l.008-.015zm15.644 4.73c-.077-1.548-.481-4.753-1.452-5.31-2.028-1.178-5.624 2.376-7.147 2.918.237.457.392.952.459 1.463a4.371 4.371 0 0 1 2.78.31c-.9.1-1.902.093-2.5.526-.218.635.054 1.494-.094 2.37 2.387.63 4.841.967 7.31 1.006.55-.996.773-2.139.637-3.267l.007-.016zm-35.025-4.057c-.435-.31-3.371-4.118-3.775-3.964-5.32 2.09-10.292 5.706-14.759 9.128 4.241 9.066 5.95 20.13 6.214 30.867 4.855 2.26 9.12 5.528 15.707 5.869-.777-5.373-1.46-10.173-1.888-15.236-1.654-.697-4.031 0-5.577-.217 0-1.858 2.33-.813 2.563-2.067.148-.945-1.305-1.015-.83-2.509 1.211.442 1.848 1.41 3.106 1.773 1.181-2.57 0-7.122.156-9.29 0-.403.202-2.238 1.11-1.912.91.325-.046 4.877.04 6.913.077 1.874-.226 3.693.535 4.87 6.54-.893 13.124-1.43 19.723-1.61a47.797 47.797 0 0 1-5.29-2.37c-1.072-.603-4.443-1.85-4.754-2.864-.49-1.61 1.29-2.47 1.6-3.871-3.216 1.75-3.837-1.672-4.598-4.096a31.762 31.762 0 0 1-1.25-5.101 55.438 55.438 0 0 1-8.11-4.336l.077.023zm32.214-3.5c4.435-2.144 5.227 8.006 3.495 11.273.272.976 1.189 1.347 1.554 2.222-2.47 4.413-5.22 8.516-7.768 12.898 1.88-1.161 4.56-.209 6.766-1.084.776-.317 1.39-2.16 2.004-3.63a78.857 78.857 0 0 0 4.233-13.038c.316-1.171.5-2.373.552-3.585-.195-1.4-2.105-2.446-3.107-3.313-1.795-1.603-2.921-3.02-4.793-4.521-.777 1.114-2.385 1.865-3.006 2.771l.07.008zm-42.35-39.173c-2.114 2.322-1.67 6.658-1.415 9.74 3.814-2.393 8.887.185 8.84 4.257 1.826-.046.684-2.268.35-3.7-1.08-4.646 1.817-9.748.132-14.021a11.598 11.598 0 0 0-7.908 3.716v.008zm15.108-13.44c-4.778 1.347-10.875 4.815-12.872 9.097 1.554-.217 2.58-.984 4.078-1.077.651.09 1.31.116 1.966.078 1.297-.318 2.392-3.22 3.379-4.305.986-1.084 2.105-1.502 2.89-2.47.504-.24 1.25-.224 1.281-.983-.233-.2-.458-.379-.722-.31v-.03zm24.857 1.27c-4.964-2.788-13.36-4.893-18.643-2.269-4.257 2.114-10.02 5.62-11.978 10.065 1.833 4.28-.544 8.206-.691 12.557-.078 2.323 1.095 4.335 1.18 6.852-.629 1.03-2.548 1.16-3.884 1.091-.45-2.23-1.227-4.73-3.534-4.986a5.356 5.356 0 0 0-4.001 1.332 5.32 5.32 0 0 0-1.786 3.809c-.179 3.298 2.548 8.772 6.4 8.392 1.492-.147 1.857-1.633 3.48-1.618.878 1.75-1.359 2.323-1.553 3.546.029.735.138 1.464.326 2.176a29.67 29.67 0 0 0 3.83 8.84c1.95 2.788 5.78 3.206 9.904 3.477.738-1.548 3.449-1.448 5.212-1.037-2.12-.837-4.086-2.865-5.717-4.646-1.872-2.059-3.775-4.265-3.884-6.967 3.542 4.893 6.47 9.174 12.91 11.326 4.87 1.626 10.565-.774 14.309-3.368 1.553-1.091 2.478-2.818 3.588-4.397 4.133-5.923 6.06-14.377 5.64-22.576-.171-3.383-.163-6.75-1.305-9.019-1.142-2.268-5.212-4.506-7.566-2.323-.435-2.322 1.957-3.739 4.77-2.91-2.005-2.579-4.11-5.675-6.992-7.286l-.015-.062zm9.244 76.257c3.883-1.92 11.123-5.171 13.554 0a43.811 43.811 0 0 1 2.416 7.108c.66 2.779-.714 8.624-3.58 9.553a17.067 17.067 0 0 1-8.545.163 4.647 4.647 0 0 1-1.041-1.355 11.81 11.81 0 0 0-5.935 1.006c.163 1.603-.924 1.866-1.95 2.191-.776 2.989 1.554 6.898.971 9.631-.388 1.943-2.788 2.245-4.552 2.61-.03.968.036 1.938.195 2.895-.404 1.478-2.214 2.322-3.923 2.531-5.64.674-14.2.976-19.622-.967-1.515-3.701-2.703-8.2-3.97-12.387-5.29.565-9.57-2.277-13.6-4.135-1.399-.642-3.325-.998-3.885-2.105-.559-1.108-.295-3.097-.427-5.071-.318-4.963-.59-9.74-1.903-14.818-.59-2.277-1.616-4.29-2.33-6.488-.66-2.036-1.818-4.552-2.121-6.58-.45-3.005 2.393-3.175 4.21-4.476 2.812-2.013 5.01-3.096 8.055-4.947.902-.542 3.62-1.904 3.931-2.531.614-1.247-1.056-3.004-1.5-3.98a11.93 11.93 0 0 1-1.172-4.374 8.477 8.477 0 0 1-5.655-3.623c-1.934-2.826-3.27-8.052-1.6-12.023.132-.31.776-.93.885-1.41.194-.944-.357-2.206-.388-3.212-.179-5.164.878-9.616 4.365-11.172 1.414-5.62 6.487-7.494 11.264-10.289a35.485 35.485 0 0 1 5.787-2.454C44.844-.813 56.03-.302 62.08 4.258c2.564 1.936 6.666 6.016 8.134 8.973 3.884 7.804 3.596 20.857.893 30.356a30.481 30.481 0 0 1-1.631 4.645c-.513 1.069-2.113 3.213-1.919 4.158.194.944 3.643 3.584 4.389 4.296 1.328 1.278 3.884 2.981 4.062 4.591.18 1.61-.776 4.073-1.258 5.73-1.662 5.535-3.278 10.645-5.158 15.576l.024-.008z" fill="#231F20" fill-rule="nonzero"/><path d="M43.78 44.315c.21-.279 1.367-.705 2.983.077 0 0-1.92.318-1.756 3.507l-.777-.162s-.823-2.888-.427-3.422" fill="#F7E4CD" fill-rule="nonzero"/><path d="M57.793 71.706a.876.876 0 0 1-.878.875.876.876 0 0 1-.878-.875c0-.483.393-.875.878-.875s.878.392.878.875M58.67 75.77a.876.876 0 0 1-.877.875.876.876 0 0 1-.878-.875c0-.483.393-.875.878-.875s.878.392.878.875" fill="#1D1919" fill-rule="nonzero"/></g></svg>
\ No newline at end of file
diff --git a/war/src/main/webapp/scripts/loading.js b/war/src/main/webapp/scripts/loading.js
new file mode 100644
index 0000000000..282f3395e4
--- /dev/null
+++ b/war/src/main/webapp/scripts/loading.js
@@ -0,0 +1,60 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+const Fetch = {
+    get: function (url, callback) {
+        const xhr = new XMLHttpRequest();
+        xhr.open('GET', url, true);
+        xhr.onload = function () {
+            const status = xhr.status;
+            if(callback) {
+                callback(null, status);
+            }
+        };
+        xhr.onerror = function(){
+            const message = xhr.responseText;
+            const status = xhr.status;
+            if(callback) {
+                callback(message, status);
+            }
+        };
+        xhr.send();
+    }
+};
+
+function safeRedirector(url) {
+    const timeout = 5000;
+    window.setTimeout(function() {
+        const statusChecker = arguments.callee;
+        Fetch.get(url, function(error, status) {
+            if(status === 503 || status === 0) {
+                window.setTimeout(statusChecker, timeout)
+            } else {
+                window.location.replace(url);
+            }
+            if(error) {
+                console.error(error);
+            }
+        })
+    }, timeout);
+}
-- 
GitLab


From 29141f8ea3014890ca1be3516b61c53890322b9c Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 17 Jun 2018 15:15:05 -0700
Subject: [PATCH 529/863] [maven-release-plugin] prepare release jenkins-2.128

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d54dac5918..f07f49e0f1 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.128</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 0d5c3f2c27..c6d9236b05 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.128</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 89285ac1c6..6cc4827160 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.128</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.128</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..a69e5016cc 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.128</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index a34321a927..7e63255d34 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.128</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 5a66551e3df3f8cbcde5e8e4bb86bf0d730e6efc Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 17 Jun 2018 15:15:06 -0700
Subject: [PATCH 530/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index f07f49e0f1..28c27d180c 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.128</version>
+    <version>2.129-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index c6d9236b05..bb84787a00 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.128</version>
+    <version>2.129-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 6cc4827160..9640cbda63 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.128</version>
+  <version>2.129-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.128</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index a69e5016cc..68b9033c15 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.128</version>
+    <version>2.129-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 7e63255d34..ec9fd3b107 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.128</version>
+    <version>2.129-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 8b4dea41ded82582686d6319511b8145126e5b91 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 17 Jun 2018 15:21:01 -0700
Subject: [PATCH 531/863] mvn incrementals:reincrementalify

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 28c27d180c..d54dac5918 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.129-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index bb84787a00..0d5c3f2c27 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.129-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 9640cbda63..cddc2bc4da 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.129-SNAPSHOT</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.128</revision>
+    <revision>2.129</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 68b9033c15..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.129-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index ec9fd3b107..a34321a927 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.129-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 65108e42f41079e17622e57c2542e04d3ef64976 Mon Sep 17 00:00:00 2001
From: James Nord <jnord+github@cloudbees.com>
Date: Mon, 18 Jun 2018 11:26:47 +0100
Subject: [PATCH 532/863] [JENKINS-28683] Fix unit test and remove unised
 import.

---
 test/src/test/java/hudson/model/APeriodicWorkTest.java | 2 +-
 test/src/test/java/hudson/model/PeriodicWorkTest.java  | 1 -
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/test/src/test/java/hudson/model/APeriodicWorkTest.java b/test/src/test/java/hudson/model/APeriodicWorkTest.java
index 39101cc343..0aa26e77f6 100644
--- a/test/src/test/java/hudson/model/APeriodicWorkTest.java
+++ b/test/src/test/java/hudson/model/APeriodicWorkTest.java
@@ -23,7 +23,7 @@ public class APeriodicWorkTest {
     public void newExtensionsAreScheduled() throws Exception {
         TestAperiodicWork tapw = new TestAperiodicWork();
 
-        int size = PeriodicWork.all().size();
+        int size = AperiodicWork.all().size();
         ExtensionList.lookup(AperiodicWork.class).add(tapw);
 
         assertThat("we have one new AperiodicWork", AperiodicWork.all(), hasSize(size+1));
diff --git a/test/src/test/java/hudson/model/PeriodicWorkTest.java b/test/src/test/java/hudson/model/PeriodicWorkTest.java
index cfa2c0dc69..830009838c 100644
--- a/test/src/test/java/hudson/model/PeriodicWorkTest.java
+++ b/test/src/test/java/hudson/model/PeriodicWorkTest.java
@@ -2,7 +2,6 @@ package hudson.model;
 
 import java.util.concurrent.CountDownLatch;
 import java.util.concurrent.TimeUnit;
-import java.util.concurrent.atomic.AtomicInteger;
 
 import org.junit.Rule;
 import org.junit.Test;
-- 
GitLab


From d4f87626c8c95813eff1342e06a230ae4deebdde Mon Sep 17 00:00:00 2001
From: James Nord <jnord+github@cloudbees.com>
Date: Mon, 18 Jun 2018 14:07:19 +0100
Subject: [PATCH 533/863] [JENKINS-28683] correct the class name and assertion
 message.

---
 .../model/{APeriodicWorkTest.java => AperiodicWorkTest.java}  | 4 ++--
 test/src/test/java/hudson/model/PeriodicWorkTest.java         | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)
 rename test/src/test/java/hudson/model/{APeriodicWorkTest.java => AperiodicWorkTest.java} (90%)

diff --git a/test/src/test/java/hudson/model/APeriodicWorkTest.java b/test/src/test/java/hudson/model/AperiodicWorkTest.java
similarity index 90%
rename from test/src/test/java/hudson/model/APeriodicWorkTest.java
rename to test/src/test/java/hudson/model/AperiodicWorkTest.java
index 0aa26e77f6..5b81e05c8f 100644
--- a/test/src/test/java/hudson/model/APeriodicWorkTest.java
+++ b/test/src/test/java/hudson/model/AperiodicWorkTest.java
@@ -13,7 +13,7 @@ import static org.hamcrest.Matchers.hasSize;
 import static org.hamcrest.Matchers.is;
 import static org.junit.Assert.assertThat;
 
-public class APeriodicWorkTest {
+public class AperiodicWorkTest {
 
     @Rule
     public JenkinsRule jr = new JenkinsRule();
@@ -27,7 +27,7 @@ public class APeriodicWorkTest {
         ExtensionList.lookup(AperiodicWork.class).add(tapw);
 
         assertThat("we have one new AperiodicWork", AperiodicWork.all(), hasSize(size+1));
-        assertThat("The task was not run within 15 seconds",tapw.doneSignal.await(15, TimeUnit.SECONDS), is(true));
+        assertThat("The task was run within 15 seconds", tapw.doneSignal.await(15, TimeUnit.SECONDS), is(true));
     }
 
     private static class TestAperiodicWork extends AperiodicWork {
diff --git a/test/src/test/java/hudson/model/PeriodicWorkTest.java b/test/src/test/java/hudson/model/PeriodicWorkTest.java
index 830009838c..fc91dabfde 100644
--- a/test/src/test/java/hudson/model/PeriodicWorkTest.java
+++ b/test/src/test/java/hudson/model/PeriodicWorkTest.java
@@ -27,7 +27,7 @@ public class PeriodicWorkTest {
         ExtensionList.lookup(PeriodicWork.class).add(tpw);
 
         assertThat("we have one new PeriodicWork", PeriodicWork.all(), hasSize(size+1));
-        assertThat("The task was not run within 15 seconds",tpw.doneSignal.await(15, TimeUnit.SECONDS), is(true));
+        assertThat("The task was run within 15 seconds", tpw.doneSignal.await(15, TimeUnit.SECONDS), is(true));
     }
 
     private static class TestPeriodicWork extends PeriodicWork {
-- 
GitLab


From d391eac520ee94566c36cc9022b24bee067050a5 Mon Sep 17 00:00:00 2001
From: Youngrok Kim <rok0810@gmail.com>
Date: Tue, 19 Jun 2018 21:32:32 +0900
Subject: [PATCH 534/863] Fix Korean translation in the login page

---
 .../resources/jenkins/model/Jenkins/login_ko.properties  | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/core/src/main/resources/jenkins/model/Jenkins/login_ko.properties b/core/src/main/resources/jenkins/model/Jenkins/login_ko.properties
index 299b293453..485b63aa2c 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/login_ko.properties
+++ b/core/src/main/resources/jenkins/model/Jenkins/login_ko.properties
@@ -20,8 +20,9 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Password=\uC554&nbsp;&nbsp;&nbsp;&nbsp;\uD638
-Remember\ me\ on\ this\ computer=\uAE30\uC5B5\uD558\uAE30
-User=\uACC4\uC815
-login=\uB85C\uADF8\uC778
+Username=\uC0AC\uC6A9\uC790 \uC774\uB984
+Password=\uBE44\uBC00\uBC88\uD638
+signIn=\uB85C\uADF8\uC778
 signUp=<a href="signup">\uACC4\uC815 \uC0DD\uC131</a>
+Keep\ me\ signed\ in=\uB85C\uADF8\uC778 \uC0C1\uD0DC \uC720\uC9C0
+Invalid\ username\ or\ password=\uC0AC\uC6A9\uC790 \uC774\uB984 \uB610\uB294 \uC554\uD638\uAC00 \uC798\uBABB\uB418\uC5C8\uC2B5\uB2C8\uB2E4.
-- 
GitLab


From 5f4d014b3b7f89e206c6c8509540ed559f604959 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Tue, 19 Jun 2018 21:03:08 +0200
Subject: [PATCH 535/863] [SECURITY-897]

---
 core/src/main/java/hudson/model/User.java     | 34 ++++++++-
 .../hudson/model/UserRestartTest_SEC897.java  | 71 +++++++++++++++++++
 2 files changed, 104 insertions(+), 1 deletion(-)
 create mode 100644 test/src/test/java/hudson/model/UserRestartTest_SEC897.java

diff --git a/core/src/main/java/hudson/model/User.java b/core/src/main/java/hudson/model/User.java
index 895729ade4..424b1108b3 100644
--- a/core/src/main/java/hudson/model/User.java
+++ b/core/src/main/java/hudson/model/User.java
@@ -472,7 +472,8 @@ public class User extends AbstractModelObject implements AccessControlled, Descr
         }
 
         File unsanitizedLegacyConfigFile = getUnsanitizedLegacyConfigFileFor(id);
-        if (unsanitizedLegacyConfigFile.exists() && !unsanitizedLegacyConfigFile.equals(configFile)) {
+        boolean mustMigrateLegacyConfig = isMigrationRequiredForLegacyConfigFile(unsanitizedLegacyConfigFile, configFile);
+        if (mustMigrateLegacyConfig) {
             File ancestor = unsanitizedLegacyConfigFile.getParentFile();
             if (!configFile.exists()) {
                 try {
@@ -533,6 +534,37 @@ public class User extends AbstractModelObject implements AccessControlled, Descr
         }
         return u;
     }
+    
+    private static boolean isMigrationRequiredForLegacyConfigFile(@Nonnull File legacyConfigFile, @Nonnull File newConfigFile){
+        boolean mustMigrateLegacyConfig = legacyConfigFile.exists() && !legacyConfigFile.equals(newConfigFile);
+        if(mustMigrateLegacyConfig){
+            try{
+                // TODO Could be replace by Util.isDescendant(getRootDir(), legacyConfigFile) in 2.80+
+                String canonicalLegacy = legacyConfigFile.getCanonicalPath();
+                String canonicalUserDir = getRootDir().getCanonicalPath();
+                if(!canonicalLegacy.startsWith(canonicalUserDir + File.separator)){
+                    // without that check, the application config.xml could be moved (i.e. erased from application PoV)
+                    mustMigrateLegacyConfig = false;
+                    LOGGER.log(Level.WARNING, String.format(
+                            "Attempt to escape from users directory with %s, migration aborted, see SECURITY-897 for more information",
+                            legacyConfigFile.getAbsolutePath()
+                    ));
+                }
+            }
+            catch (IOException e){
+                mustMigrateLegacyConfig = false;
+                LOGGER.log(
+                        Level.WARNING,
+                        String.format(
+                                "Failed to determine the canonical path of %s, migration aborted, see SECURITY-897 for more information", 
+                                legacyConfigFile.getAbsolutePath()
+                        ),
+                        e
+                );
+            }
+        }
+        return mustMigrateLegacyConfig;
+    }
 
     /**
      * Gets the {@link User} object by its id or full name.
diff --git a/test/src/test/java/hudson/model/UserRestartTest_SEC897.java b/test/src/test/java/hudson/model/UserRestartTest_SEC897.java
new file mode 100644
index 0000000000..854bbe4aec
--- /dev/null
+++ b/test/src/test/java/hudson/model/UserRestartTest_SEC897.java
@@ -0,0 +1,71 @@
+package hudson.model;
+
+import com.gargoylesoftware.htmlunit.WebRequest;
+import hudson.FilePath;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runners.model.Statement;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.RestartableJenkinsRule;
+
+import java.net.URL;
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+
+import static org.hamcrest.core.IsEqual.equalTo;
+import static org.junit.Assert.assertThat;
+
+//TODO after the security fix, it could be merged inside UserRestartTest
+public class UserRestartTest_SEC897 {
+    
+    @Rule
+    public RestartableJenkinsRule rr = new RestartableJenkinsRule();
+    
+    @Test public void legacyConfigMoveCannotEscapeUserFolder() {
+        rr.addStep(new Statement() {
+            @Override
+            public void evaluate() throws Throwable {
+                rr.j.jenkins.setSecurityRealm(rr.j.createDummySecurityRealm());
+                assertThat(rr.j.jenkins.isUseSecurity(), equalTo(true));
+                
+                // in order to create the folder "users"
+                User.getById("admin", true).save();
+                
+                { // attempt with ".."
+                    JenkinsRule.WebClient wc = rr.j.createWebClient();
+                    wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+                    
+                    WebRequest request = new WebRequest(new URL(rr.j.jenkins.getRootUrl() + "whoAmI/api/xml"));
+                    request.setAdditionalHeader("Authorization", base64("..", "any-password"));
+                    wc.getPage(request);
+                }
+                { // attempt with "../users/.."
+                    JenkinsRule.WebClient wc = rr.j.createWebClient();
+                    wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+                    
+                    WebRequest request = new WebRequest(new URL(rr.j.jenkins.getRootUrl() + "whoAmI/api/xml"));
+                    request.setAdditionalHeader("Authorization", base64("../users/..", "any-password"));
+                    wc.getPage(request);
+                }
+                
+                // security is still active
+                assertThat(rr.j.jenkins.isUseSecurity(), equalTo(true));
+                // but, the config file was moved
+                FilePath rootPath = rr.j.jenkins.getRootPath();
+                assertThat(rootPath.child("config.xml").exists(), equalTo(true));
+            }
+        });
+        rr.addStep(new Statement() {
+            @Override
+            public void evaluate() throws Throwable {
+                assertThat(rr.j.jenkins.isUseSecurity(), equalTo(true));
+                FilePath rootPath = rr.j.jenkins.getRootPath();
+                assertThat(rootPath.child("config.xml").exists(), equalTo(true));
+            }
+        });
+    }
+    
+    private String base64(String login, String password) {
+        return "Basic " + Base64.getEncoder().encodeToString((login + ":" + password).getBytes(StandardCharsets.UTF_8));
+    }
+}
-- 
GitLab


From 40250f08aca7f3f8816f21870ee23463a52ef2f2 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Tue, 19 Jun 2018 21:03:56 +0200
Subject: [PATCH 536/863] [SECURITY-892]

---
 core/src/main/java/hudson/slaves/SlaveComputer.java | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/core/src/main/java/hudson/slaves/SlaveComputer.java b/core/src/main/java/hudson/slaves/SlaveComputer.java
index eaef01609d..c940d74318 100644
--- a/core/src/main/java/hudson/slaves/SlaveComputer.java
+++ b/core/src/main/java/hudson/slaves/SlaveComputer.java
@@ -654,6 +654,8 @@ public class SlaveComputer extends Computer {
 
     @RequirePOST
     public void doLaunchSlaveAgent(StaplerRequest req, StaplerResponse rsp) throws IOException, ServletException {
+        checkPermission(CONNECT);
+            
         if(channel!=null) {
             req.getView(this,"already-launched.jelly").forward(req, rsp);
             return;
-- 
GitLab


From 29ca81dd59c255ad633f1bd86cf1be40a5f02c64 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Tue, 19 Jun 2018 21:06:23 +0200
Subject: [PATCH 537/863] [SECURITY-914]

---
 core/pom.xml                                  |  2 +-
 .../security/stapler/Security914Test.java     | 88 +++++++++++++++++++
 2 files changed, 89 insertions(+), 1 deletion(-)
 create mode 100644 test/src/test/java/jenkins/security/stapler/Security914Test.java

diff --git a/core/pom.xml b/core/pom.xml
index 9a582a5af4..ede736f44a 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -39,7 +39,7 @@ THE SOFTWARE.
 
   <properties>
     <staplerFork>true</staplerFork>
-    <stapler.version>1.250</stapler.version>
+    <stapler.version>1.250.1</stapler.version>
     <spring.version>2.5.6.SEC03</spring.version>
     <groovy.version>2.4.11</groovy.version>
     <!-- TODO: Actually many issues are being filtered by src/findbugs/findbugs-excludes.xml -->
diff --git a/test/src/test/java/jenkins/security/stapler/Security914Test.java b/test/src/test/java/jenkins/security/stapler/Security914Test.java
new file mode 100644
index 0000000000..0d4ea8d263
--- /dev/null
+++ b/test/src/test/java/jenkins/security/stapler/Security914Test.java
@@ -0,0 +1,88 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.security.stapler;
+
+import com.gargoylesoftware.htmlunit.Page;
+import com.gargoylesoftware.htmlunit.WebRequest;
+import hudson.Functions;
+import org.junit.Assume;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.TestPluginManager;
+
+import java.net.URL;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotEquals;
+
+@Issue("SECURITY-914")
+public class Security914Test {
+    
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+    
+    @Test
+    public void cannotUseInvalidLocale_toTraverseFolder() throws Exception {
+        Assume.assumeTrue(Functions.isWindows());
+        
+        if (j.jenkins.pluginManager.getPlugin("credentials") == null) {
+            ((TestPluginManager) j.jenkins.pluginManager).installDetachedPlugin("credentials");
+        }
+        j.createWebClient().goTo("plugin/credentials/images/24x24/credentials.png", "image/png");
+        
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        WebRequest request = new WebRequest(new URL(j.getURL() + "plugin/credentials/.xml"));
+        // plugin deployed in: test\target\jenkins7375296945862059919tmp
+        // rootDir is in     : test\target\jenkinsTests.tmp\jenkins1274934531848159942test
+        // j.jenkins.getRootDir().getName() = jenkins1274934531848159942test
+        request.setAdditionalHeader("Accept-Language", "../../../../jenkinsTests.tmp/" + j.jenkins.getRootDir().getName() + "/config");
+        
+        Page p = wc.getPage(request);
+        assertEquals(p.getWebResponse().getStatusCode(), 404);
+        assertNotEquals(p.getWebResponse().getContentType(), "application/xml");
+    }
+    
+    @Test
+    public void cannotUseInvalidLocale_toAnyFileInSystem() throws Exception {
+        Assume.assumeTrue(Functions.isWindows());
+        
+        if (j.jenkins.pluginManager.getPlugin("credentials") == null) {
+            ((TestPluginManager) j.jenkins.pluginManager).installDetachedPlugin("credentials");
+        }
+        j.createWebClient().goTo("plugin/credentials/images/24x24/credentials.png", "image/png");
+        
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        WebRequest request = new WebRequest(new URL(j.getURL() + "plugin/credentials/.ini"));
+        // ../ can be multiply to infinity, no impact, we just need to have enough to reach the root
+        request.setAdditionalHeader("Accept-Language", "../../../../../../../../../../../../windows/win");
+        
+        Page p = wc.getPage(request);
+        assertEquals(p.getWebResponse().getStatusCode(), 404);
+        assertEquals(p.getWebResponse().getContentType(), "text/html");
+    }
+}
-- 
GitLab


From af9e11c9941487f69ec1a95c65958fc208064e7a Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Tue, 19 Jun 2018 21:15:47 +0200
Subject: [PATCH 538/863] [SECURITY-891]

---
 core/src/main/java/hudson/model/Queue.java    |  8 +-
 .../java/hudson/model/QueueTest_SEC891.java   | 84 +++++++++++++++++++
 2 files changed, 90 insertions(+), 2 deletions(-)
 create mode 100644 test/src/test/java/hudson/model/QueueTest_SEC891.java

diff --git a/core/src/main/java/hudson/model/Queue.java b/core/src/main/java/hudson/model/Queue.java
index f4e8a8eaaa..b8b021752c 100644
--- a/core/src/main/java/hudson/model/Queue.java
+++ b/core/src/main/java/hudson/model/Queue.java
@@ -755,7 +755,9 @@ public class Queue extends ResourceController implements Saveable {
     public HttpResponse doCancelItem(@QueryParameter long id) throws IOException, ServletException {
         Item item = getItem(id);
         if (item != null) {
-            cancel(item);
+            if(item.hasCancelPermission()){
+                cancel(item);
+            }
         } // else too late, ignore (JENKINS-14813)
         return HttpResponses.forwardToPreviousPage();
     }
@@ -2193,7 +2195,9 @@ public class Queue extends ResourceController implements Saveable {
         @Deprecated
         @RequirePOST
         public HttpResponse doCancelQueue() throws IOException, ServletException {
-        	Jenkins.getInstance().getQueue().cancel(this);
+            if(hasCancelPermission()){
+                Jenkins.getInstance().getQueue().cancel(this);
+            }
             return HttpResponses.forwardToPreviousPage();
         }
 
diff --git a/test/src/test/java/hudson/model/QueueTest_SEC891.java b/test/src/test/java/hudson/model/QueueTest_SEC891.java
new file mode 100644
index 0000000000..30afef8739
--- /dev/null
+++ b/test/src/test/java/hudson/model/QueueTest_SEC891.java
@@ -0,0 +1,84 @@
+package hudson.model;
+
+import com.gargoylesoftware.htmlunit.HttpMethod;
+import com.gargoylesoftware.htmlunit.Page;
+import com.gargoylesoftware.htmlunit.WebRequest;
+import hudson.model.Cause.UserIdCause;
+import hudson.slaves.NodeProvisionerRule;
+import jenkins.model.Jenkins;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.MockAuthorizationStrategy;
+
+import java.net.URL;
+import java.util.function.Function;
+
+import static org.hamcrest.Matchers.equalTo;
+import static org.hamcrest.Matchers.lessThan;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertThat;
+import static org.junit.Assert.assertTrue;
+
+//TODO merge into QueueTest after security patch
+public class QueueTest_SEC891 {
+    
+    @Rule
+    public JenkinsRule r = new NodeProvisionerRule(-1, 0, 10);
+    
+    @Test public void doCancelItem_PermissionIsChecked() throws Exception {
+        checkCancelOperationUsingUrl(item -> "queue/cancelItem?id=" + item.getId());
+    }
+    
+    @Test public void doCancelQueue_PermissionIsChecked() throws Exception {
+        checkCancelOperationUsingUrl(item -> "queue/item/" + item.getId() + "/cancelQueue");
+    }
+    
+    private void checkCancelOperationUsingUrl(Function<Queue.Item, String> urlProvider) throws Exception {
+        Queue q = r.jenkins.getQueue();
+        
+        r.jenkins.setCrumbIssuer(null);
+        r.jenkins.setSecurityRealm(r.createDummySecurityRealm());
+        r.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy()
+                .grant(Jenkins.READ, Item.CANCEL).everywhere().to("admin")
+                .grant(Jenkins.READ).everywhere().to("user")
+        );
+        
+        // prevent execution to push stuff into the queue
+        r.jenkins.setNumExecutors(0);
+        assertThat(q.getItems().length, equalTo(0));
+        
+        FreeStyleProject testProject = r.createFreeStyleProject("test");
+        testProject.scheduleBuild(new UserIdCause());
+        
+        Queue.Item[] items = q.getItems();
+        assertThat(items.length, equalTo(1));
+        Queue.Item currentOne = items[0];
+        assertFalse(currentOne.getFuture().isCancelled());
+        
+        WebRequest request = new WebRequest(new URL(r.getURL() + urlProvider.apply(currentOne)), HttpMethod.POST);
+        
+        { // user without right cannot cancel
+            JenkinsRule.WebClient wc = r.createWebClient();
+            wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+            wc.getOptions().setRedirectEnabled(false);
+            wc.login("user");
+            Page p = wc.getPage(request);
+            // currently the endpoint return a redirection to the previously visited page, none in our case 
+            // (so force no redirect to avoid false positive error)
+            assertThat(p.getWebResponse().getStatusCode(), lessThan(400));
+            
+            assertFalse(currentOne.getFuture().isCancelled());
+        }
+        { // user with right can
+            JenkinsRule.WebClient wc = r.createWebClient();
+            wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+            wc.getOptions().setRedirectEnabled(false);
+            wc.login("admin");
+            Page p = wc.getPage(request);
+            assertThat(p.getWebResponse().getStatusCode(), lessThan(400));
+            
+            assertTrue(currentOne.getFuture().isCancelled());
+        }
+    }
+}
-- 
GitLab


From f46842c7a2c916170ac457a039a2f7f019afd885 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Tue, 19 Jun 2018 21:16:40 +0200
Subject: [PATCH 539/863] [SECURITY-925]

---
 core/src/main/java/hudson/Plugin.java         |  6 +++-
 .../test/java/hudson/PluginTest_SEC925.java   | 33 +++++++++++++++++++
 2 files changed, 38 insertions(+), 1 deletion(-)
 create mode 100644 test/src/test/java/hudson/PluginTest_SEC925.java

diff --git a/core/src/main/java/hudson/Plugin.java b/core/src/main/java/hudson/Plugin.java
index 02d05d452f..eff33896de 100644
--- a/core/src/main/java/hudson/Plugin.java
+++ b/core/src/main/java/hudson/Plugin.java
@@ -228,7 +228,11 @@ public abstract class Plugin implements Saveable {
         String path = req.getRestOfPath();
 
         String pathUC = path.toUpperCase(Locale.ENGLISH);
-        if (path.isEmpty() || path.contains("..") || path.startsWith(".") || path.contains("%") || pathUC.contains("META-INF") || pathUC.contains("WEB-INF")) {
+        if (path.isEmpty() || path.contains("..") || path.startsWith(".") || path.contains("%")
+                || pathUC.contains("META-INF") || pathUC.contains("WEB-INF")
+                // ClassicPluginStrategy#explode produce that file to know if a new explosion is required or not
+                || pathUC.equals("/.TIMESTAMP2")
+        ) {
             LOGGER.warning("rejecting possibly malicious " + req.getRequestURIWithQueryString());
             rsp.sendError(HttpServletResponse.SC_BAD_REQUEST);
             return;
diff --git a/test/src/test/java/hudson/PluginTest_SEC925.java b/test/src/test/java/hudson/PluginTest_SEC925.java
new file mode 100644
index 0000000000..f52abce238
--- /dev/null
+++ b/test/src/test/java/hudson/PluginTest_SEC925.java
@@ -0,0 +1,33 @@
+package hudson;
+
+import hudson.model.UpdateCenter;
+import jenkins.model.Jenkins;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+
+import javax.servlet.http.HttpServletResponse;
+import java.util.Arrays;
+import java.util.List;
+import java.util.concurrent.Future;
+
+//TODO merge it within PluginTest after the security release
+public class PluginTest_SEC925 {
+    
+    @Rule
+    public JenkinsRule r = new JenkinsRule();
+    
+    @Test
+    @Issue("SECURITY-925")
+    public void preventTimestamp2_toBeServed() throws Exception {
+        // impossible to use installDetachedPlugin("credentials") since we want to have it exploded like with WAR
+        Jenkins.getInstance().getUpdateCenter().getSites().get(0).updateDirectlyNow(false);
+        List<Future<UpdateCenter.UpdateCenterJob>> pluginInstalled = r.jenkins.pluginManager.install(Arrays.asList("credentials"), true);
+    
+        for (Future<UpdateCenter.UpdateCenterJob> job : pluginInstalled) {
+            job.get();
+        }
+        r.createWebClient().assertFails("plugin/credentials/.timestamp2", HttpServletResponse.SC_BAD_REQUEST);
+    }
+}
-- 
GitLab


From 8697bdff0342421e22230028d84aaa265719e86c Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Tue, 19 Jun 2018 21:17:07 +0200
Subject: [PATCH 540/863] [SECURITY-944]

---
 core/src/main/java/hudson/model/BuildTimelineWidget.java     | 5 ++++-
 .../resources/hudson/model/BuildTimelineWidget/control.jelly | 2 +-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/model/BuildTimelineWidget.java b/core/src/main/java/hudson/model/BuildTimelineWidget.java
index 31810b5f5e..717052e5bf 100644
--- a/core/src/main/java/hudson/model/BuildTimelineWidget.java
+++ b/core/src/main/java/hudson/model/BuildTimelineWidget.java
@@ -23,6 +23,7 @@
  */
 package hudson.model;
 
+import hudson.Util;
 import hudson.util.RunList;
 import org.kohsuke.stapler.QueryParameter;
 import org.kohsuke.stapler.StaplerRequest;
@@ -64,7 +65,9 @@ public class BuildTimelineWidget {
             Event e = new Event();
             e.start = new Date(r.getStartTimeInMillis());
             e.end   = new Date(r.getStartTimeInMillis()+r.getDuration());
-            e.title = r.getFullDisplayName();
+            // due to SimileAjax.HTML.deEntify (in simile-ajax-bundle.js), "&lt;" are transformed back to "<", but not the "&#60";
+            // to protect against XSS
+            e.title = Util.escape(r.getFullDisplayName()).replace("&lt;", "&#60;");
             // what to put in the description?
             // e.description = "Longish description of event "+r.getFullDisplayName();
             // e.durationEvent = true;
diff --git a/core/src/main/resources/hudson/model/BuildTimelineWidget/control.jelly b/core/src/main/resources/hudson/model/BuildTimelineWidget/control.jelly
index a9efb2525b..71d6cc22f7 100644
--- a/core/src/main/resources/hudson/model/BuildTimelineWidget/control.jelly
+++ b/core/src/main/resources/hudson/model/BuildTimelineWidget/control.jelly
@@ -56,7 +56,7 @@ THE SOFTWARE.
               onSuccess: function(t) {
                 if (t.status != 0) {
                   try {
-                    eventSource1.loadJSON(eval('('+t.responseText+')'),'.');
+                    eventSource1.loadJSON(JSON.parse(t.responseText),'.');
                     getData(eventSource1, current-1, min, max);
                   } catch (e) {
                     alert(e);
-- 
GitLab


From abf7858f3308a8c9815aac3f9a0094f43fed1ae6 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Fri, 8 Jun 2018 13:25:07 -0400
Subject: [PATCH 541/863] [JENKINS-51779] Avoid
 com.google.common.collect.Iterators.skip (#3481)

* [JENKINS-51779] Avoid com.google.common.collect.Iterators.skip.

* Reviewers preferred for the new method to be restricted for now.

(cherry picked from commit a846c366fe1569805548544118d65d908de5644a)
---
 core/src/main/java/hudson/util/Iterators.java | 20 +++++++++++++
 core/src/main/java/hudson/util/RunList.java   |  2 +-
 .../jenkins/widgets/HistoryPageFilter.java    |  2 +-
 .../test/java/hudson/util/IteratorsTest.java  | 29 +++++++++++++++----
 4 files changed, 46 insertions(+), 7 deletions(-)

diff --git a/core/src/main/java/hudson/util/Iterators.java b/core/src/main/java/hudson/util/Iterators.java
index 74d82950dc..8d93d72262 100644
--- a/core/src/main/java/hudson/util/Iterators.java
+++ b/core/src/main/java/hudson/util/Iterators.java
@@ -23,6 +23,7 @@
  */
 package hudson.util;
 
+import com.google.common.annotations.Beta;
 import com.google.common.base.Predicates;
 import com.google.common.collect.ImmutableList;
 
@@ -35,6 +36,9 @@ import java.util.AbstractList;
 import java.util.Arrays;
 import java.util.Set;
 import java.util.HashSet;
+import javax.annotation.Nonnull;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
 
 /**
  * Varios {@link Iterator} implementations.
@@ -403,4 +407,20 @@ public class Iterators {
     public interface CountingPredicate<T> {
         boolean apply(int index, T input);
     }
+
+    /**
+     * Similar to {@link com.google.common.collect.Iterators#skip} except not {@link Beta}.
+     * @param iterator some iterator
+     * @param count a nonnegative count
+     */
+    @Restricted(NoExternalUse.class)
+    public static void skip(@Nonnull Iterator<?> iterator, int count) {
+        if (count < 0) {
+            throw new IllegalArgumentException();
+        }
+        while (iterator.hasNext() && count-- > 0) {
+            iterator.next();
+        }
+    }
+
 }
diff --git a/core/src/main/java/hudson/util/RunList.java b/core/src/main/java/hudson/util/RunList.java
index d9b8adb7dc..bdc9cb61f4 100644
--- a/core/src/main/java/hudson/util/RunList.java
+++ b/core/src/main/java/hudson/util/RunList.java
@@ -150,7 +150,7 @@ public class RunList<R extends Run> extends AbstractList<R> {
     public List<R> subList(int fromIndex, int toIndex) {
         List<R> r = new ArrayList<R>();
         Iterator<R> itr = iterator();
-        Iterators.skip(itr,fromIndex);
+        hudson.util.Iterators.skip(itr, fromIndex);
         for (int i=toIndex-fromIndex; i>0; i--) {
             r.add(itr.next());
         }
diff --git a/core/src/main/java/jenkins/widgets/HistoryPageFilter.java b/core/src/main/java/jenkins/widgets/HistoryPageFilter.java
index 269f5e44fc..521ace8b79 100644
--- a/core/src/main/java/jenkins/widgets/HistoryPageFilter.java
+++ b/core/src/main/java/jenkins/widgets/HistoryPageFilter.java
@@ -24,7 +24,6 @@
 package jenkins.widgets;
 
 import com.google.common.collect.Iterables;
-import com.google.common.collect.Iterators;
 import hudson.model.AbstractBuild;
 import hudson.model.Job;
 import hudson.model.ParameterValue;
@@ -32,6 +31,7 @@ import hudson.model.ParametersAction;
 import hudson.model.Queue;
 import hudson.model.Run;
 import hudson.search.UserSearchProperty;
+import hudson.util.Iterators;
 import hudson.widgets.HistoryWidget;
 
 import javax.annotation.Nonnull;
diff --git a/core/src/test/java/hudson/util/IteratorsTest.java b/core/src/test/java/hudson/util/IteratorsTest.java
index 679df76a65..4236ca359d 100644
--- a/core/src/test/java/hudson/util/IteratorsTest.java
+++ b/core/src/test/java/hudson/util/IteratorsTest.java
@@ -32,6 +32,7 @@ import java.util.Iterator;
 import java.util.List;
 
 import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
 
 /**
  * @author Kohsuke Kawaguchi
@@ -77,9 +78,27 @@ public class IteratorsTest {
         assertEquals("[]", com.google.common.collect.Iterators.toString(Iterators.limit(asList(1,2,4,6).iterator(), EVEN)));
     }
 
-    public static final CountingPredicate<Integer> EVEN = new CountingPredicate<Integer>() {
-        public boolean apply(int index, Integer input) {
-            return input % 2 == 0;
-        }
-    };
+    public static final CountingPredicate<Integer> EVEN = (index, input) -> input % 2 == 0;
+
+    @Issue("JENKINS-51779")
+    @Test
+    public void skip() {
+        List<Integer> lst = Iterators.sequence(1, 4);
+        Iterator<Integer> it = lst.iterator();
+        Iterators.skip(it, 0);
+        assertEquals("[1, 2, 3]", com.google.common.collect.Iterators.toString(it));
+        it = lst.iterator();
+        Iterators.skip(it, 1);
+        assertEquals("[2, 3]", com.google.common.collect.Iterators.toString(it));
+        it = lst.iterator();
+        Iterators.skip(it, 2);
+        assertEquals("[3]", com.google.common.collect.Iterators.toString(it));
+        it = lst.iterator();
+        Iterators.skip(it, 3);
+        assertEquals("[]", com.google.common.collect.Iterators.toString(it));
+        it = lst.iterator();
+        Iterators.skip(it, 4);
+        assertEquals("[]", com.google.common.collect.Iterators.toString(it));
+    }
+
 }
-- 
GitLab


From 2a7b56e8385beae1a11290b6e576423799487fbc Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Fri, 8 Jun 2018 13:55:29 -0400
Subject: [PATCH 542/863] [JENKINS-51819] When using a custom ArtifactManager,
 Run.delete must call ArtifactManager.delete.

(cherry picked from commit 9b0a0e71b8a6b92227e6af80ec7202aa0bf44b5b)
---
 core/src/main/java/hudson/model/Run.java     |  4 ++
 test/src/test/java/hudson/model/RunTest.java | 46 ++++++++++++++++++--
 2 files changed, 47 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/hudson/model/Run.java b/core/src/main/java/hudson/model/Run.java
index 10ec9f6574..a3bc3375be 100644
--- a/core/src/main/java/hudson/model/Run.java
+++ b/core/src/main/java/hudson/model/Run.java
@@ -1554,6 +1554,10 @@ public abstract class Run <JobT extends Job<JobT,RunT>,RunT extends Run<JobT,Run
         
         RunListener.fireDeleted(this);
 
+        if (artifactManager != null) {
+            deleteArtifacts();
+        } // for StandardArtifactManager, deleting the whole build dir suffices
+
         synchronized (this) { // avoid holding a lock while calling plugin impls of onDeleted
         File tmp = new File(rootDir.getParentFile(),'.'+rootDir.getName());
         
diff --git a/test/src/test/java/hudson/model/RunTest.java b/test/src/test/java/hudson/model/RunTest.java
index 92cbef2081..7150aac135 100644
--- a/test/src/test/java/hudson/model/RunTest.java
+++ b/test/src/test/java/hudson/model/RunTest.java
@@ -23,19 +23,30 @@
  */
 package hudson.model;
 
+import hudson.FilePath;
+import hudson.Launcher;
+import hudson.tasks.ArtifactArchiver;
+import java.io.IOException;
 import java.net.HttpURLConnection;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
+import java.util.Map;
+import java.util.concurrent.atomic.AtomicBoolean;
+import jenkins.model.ArtifactManager;
+import jenkins.model.ArtifactManagerConfiguration;
+import jenkins.model.ArtifactManagerFactory;
+import jenkins.model.ArtifactManagerFactoryDescriptor;
+import jenkins.model.Jenkins;
+import jenkins.util.VirtualFile;
 import static org.junit.Assert.*;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
 import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.TestExtension;
+import org.kohsuke.stapler.DataBoundConstructor;
 
-/**
- * @author Kohsuke Kawaguchi
- */
 public class RunTest  {
 
     @Rule public JenkinsRule j = new JenkinsRule();
@@ -73,4 +84,33 @@ public class RunTest  {
         assertEquals(Run.KeepLogBuildBadge.class, badgeActions.get(0).getClass());
     }
 
+    @Issue("JENKINS-51819")
+    @Test public void deleteArtifactsCustom() throws Exception {
+        ArtifactManagerConfiguration.get().getArtifactManagerFactories().add(new Mgr.Factory());
+        FreeStyleProject p = j.createFreeStyleProject();
+        j.jenkins.getWorkspaceFor(p).child("f").write("", null);
+        p.getPublishersList().add(new ArtifactArchiver("f"));
+        FreeStyleBuild b = j.buildAndAssertSuccess(p);
+        b.delete();
+        assertTrue(Mgr.deleted.get());
+    }
+    private static final class Mgr extends ArtifactManager {
+        static final AtomicBoolean deleted = new AtomicBoolean();
+        @Override public boolean delete() throws IOException, InterruptedException {
+            return !deleted.getAndSet(true);
+        }
+        @Override public void onLoad(Run<?, ?> build) {}
+        @Override public void archive(FilePath workspace, Launcher launcher, BuildListener listener, Map<String, String> artifacts) throws IOException, InterruptedException {}
+        @Override public VirtualFile root() {
+            return VirtualFile.forFile(Jenkins.get().getRootDir()); // irrelevant
+        }
+        public static final class Factory extends ArtifactManagerFactory {
+            @DataBoundConstructor public Factory() {}
+            @Override public ArtifactManager managerFor(Run<?, ?> build) {
+                return new Mgr();
+            }
+            @TestExtension("deleteArtifactsCustom") public static final class DescriptorImpl extends ArtifactManagerFactoryDescriptor {}
+        }
+    }
+
 }
-- 
GitLab


From 4178bad7413244ed071d291d79d3e9c9630df513 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 8 Jun 2018 23:11:38 +0200
Subject: [PATCH 543/863] [JENKINS-51541,JENKINS-51551,...] - Remoting 3.21 +
 Allow passing custom CommandTransport implementations to SlaveComputer from
 ComputerLauncher (#3455)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* [JENKINS-51541] - Introduce new SlaveComputer#setChannel() method which takes custom ChannelBuilder and CommandTransport

* [JENKINS-51551] - Pick Remoting version with the API patch

* [JENKINS-51541] - Listener is nullable according to the documentation

* [JENKINS-51551,JENKINS-51223,JENKINS-50965] - Update Remoting to 3.21

* [JENKINS-51541] - Restrict SlaveComputer#setChannel(ChannelBuilder cb, …) to Beta-use only

(cherry picked from commit c405ae701c4bca18f7b4edc6e5cd3bc053b7ee60)
---
 .../java/hudson/slaves/SlaveComputer.java     | 39 +++++++++++++++++++
 pom.xml                                       |  2 +-
 2 files changed, 40 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/slaves/SlaveComputer.java b/core/src/main/java/hudson/slaves/SlaveComputer.java
index c1b5166e71..fc8c04eef3 100644
--- a/core/src/main/java/hudson/slaves/SlaveComputer.java
+++ b/core/src/main/java/hudson/slaves/SlaveComputer.java
@@ -23,6 +23,7 @@
  */
 package hudson.slaves;
 
+import com.google.common.io.NullOutputStream;
 import hudson.AbortException;
 import hudson.FilePath;
 import hudson.Functions;
@@ -39,6 +40,7 @@ import hudson.model.User;
 import hudson.remoting.Channel;
 import hudson.remoting.ChannelBuilder;
 import hudson.remoting.ChannelClosedException;
+import hudson.remoting.CommandTransport;
 import hudson.remoting.Launcher;
 import hudson.remoting.VirtualChannel;
 import hudson.security.ACL;
@@ -60,6 +62,8 @@ import jenkins.slaves.systemInfo.SlaveSystemInfo;
 import jenkins.util.SystemProperties;
 import org.acegisecurity.context.SecurityContext;
 import org.acegisecurity.context.SecurityContextHolder;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.Beta;
 import org.kohsuke.stapler.HttpRedirect;
 import org.kohsuke.stapler.HttpResponse;
 import org.kohsuke.stapler.QueryParameter;
@@ -69,6 +73,7 @@ import org.kohsuke.stapler.WebMethod;
 import org.kohsuke.stapler.interceptor.RequirePOST;
 
 import javax.annotation.CheckForNull;
+import javax.annotation.Nonnull;
 import javax.annotation.OverridingMethodsMustInvokeSuper;
 import javax.servlet.ServletException;
 import java.io.File;
@@ -416,6 +421,40 @@ public class SlaveComputer extends Computer {
         setChannel(channel,launchLog,listener);
     }
 
+    /**
+     * Creates a {@link Channel} from the given Channel Builder and Command Transport.
+     * This method can be used to allow {@link ComputerLauncher}s to create channels not based on I/O streams.
+     *
+     * @param cb
+     *      Channel Builder.
+     *      To print launch logs this channel builder should have a Header Stream defined
+     *      (see {@link ChannelBuilder#getHeaderStream()}) in this argument or by one of {@link ChannelConfigurator}s.
+     * @param commandTransport
+     *      Command Transport
+     * @param listener
+     *      Gets a notification when the channel closes, to perform clean up. Can be {@code null}.
+     *      By the time this method is called, the cause of the termination is reported to the user,
+     *      so the implementation of the listener doesn't need to do that again.
+     * @since TODO
+     */
+    @Restricted(Beta.class)
+    public void setChannel(@Nonnull ChannelBuilder cb,
+                           @Nonnull CommandTransport commandTransport,
+                           @CheckForNull Channel.Listener listener) throws IOException, InterruptedException {
+        for (ChannelConfigurator cc : ChannelConfigurator.all()) {
+            cc.onChannelBuilding(cb,this);
+        }
+
+        OutputStream headerStream = cb.getHeaderStream();
+        if (headerStream == null) {
+            LOGGER.log(Level.WARNING, "No header stream defined when setting channel for computer {0}. " +
+                    "Launch log won't be printed", this);
+            headerStream = new NullOutputStream();
+        }
+        Channel channel = cb.build(commandTransport);
+        setChannel(channel, headerStream, listener);
+    }
+
     /**
      * Shows {@link Channel#classLoadingCount}.
      * @since 1.495
diff --git a/pom.xml b/pom.xml
index aeba985b12..7b6592c7a0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -107,7 +107,7 @@ THE SOFTWARE.
     <maven-war-plugin.version>3.0.0</maven-war-plugin.version> <!-- JENKINS-47127 bump when 3.2.0 is out. Cf. MWAR-407 -->
 
     <!-- Bundled Remoting version -->
-    <remoting.version>3.20</remoting.version>
+    <remoting.version>3.21</remoting.version>
     <!-- Minimum Remoting version, which is tested for API compatibility -->
     <remoting.minimum.supported.version>2.60</remoting.minimum.supported.version>
 
-- 
GitLab


From 8696646ffd916d6028c0fbc71793bf997364e750 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 15 Jun 2018 20:09:28 +0200
Subject: [PATCH 544/863] Merge pull request #3489 from
 oleg-nenashev/bug/JENKINS-51889
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

[JENKINS-51889,JENKINS-51955,JENKINS-51971] - Stop using Guava’s NullOutputStream, document setChannel API

(cherry picked from commit e4e06333ee3c4dcdf8c945f85691e1dbb639d5e7)
---
 .../java/hudson/slaves/SlaveComputer.java     | 28 +++++++++++++------
 .../java/hudson/util/StreamTaskListener.java  | 23 +++++++++------
 2 files changed, 34 insertions(+), 17 deletions(-)

diff --git a/core/src/main/java/hudson/slaves/SlaveComputer.java b/core/src/main/java/hudson/slaves/SlaveComputer.java
index fc8c04eef3..15f106144a 100644
--- a/core/src/main/java/hudson/slaves/SlaveComputer.java
+++ b/core/src/main/java/hudson/slaves/SlaveComputer.java
@@ -23,7 +23,6 @@
  */
 package hudson.slaves;
 
-import com.google.common.io.NullOutputStream;
 import hudson.AbortException;
 import hudson.FilePath;
 import hudson.Functions;
@@ -385,7 +384,15 @@ public class SlaveComputer extends Computer {
 
     private final Object channelLock = new Object();
 
-    public void setChannel(InputStream in, OutputStream out, TaskListener taskListener, Channel.Listener listener) throws IOException, InterruptedException {
+    /**
+     * Creates a {@link Channel} from the given stream and sets that to this agent.
+     *
+     * Same as {@link #setChannel(InputStream, OutputStream, OutputStream, Channel.Listener)}, but for
+     * {@link TaskListener}.
+     */
+    public void setChannel(@Nonnull InputStream in, @Nonnull OutputStream out,
+                           @Nonnull TaskListener taskListener,
+                           @CheckForNull Channel.Listener listener) throws IOException, InterruptedException {
         setChannel(in,out,taskListener.getLogger(),listener);
     }
 
@@ -408,7 +415,9 @@ public class SlaveComputer extends Computer {
      *      By the time this method is called, the cause of the termination is reported to the user,
      *      so the implementation of the listener doesn't need to do that again.
      */
-    public void setChannel(InputStream in, OutputStream out, OutputStream launchLog, Channel.Listener listener) throws IOException, InterruptedException {
+    public void setChannel(@Nonnull InputStream in, @Nonnull OutputStream out,
+                           @CheckForNull OutputStream launchLog,
+                           @CheckForNull Channel.Listener listener) throws IOException, InterruptedException {
         ChannelBuilder cb = new ChannelBuilder(nodeName,threadPoolForRemoting)
             .withMode(Channel.Mode.NEGOTIATE)
             .withHeaderStream(launchLog);
@@ -435,7 +444,7 @@ public class SlaveComputer extends Computer {
      *      Gets a notification when the channel closes, to perform clean up. Can be {@code null}.
      *      By the time this method is called, the cause of the termination is reported to the user,
      *      so the implementation of the listener doesn't need to do that again.
-     * @since TODO
+     * @since 2.127
      */
     @Restricted(Beta.class)
     public void setChannel(@Nonnull ChannelBuilder cb,
@@ -449,7 +458,6 @@ public class SlaveComputer extends Computer {
         if (headerStream == null) {
             LOGGER.log(Level.WARNING, "No header stream defined when setting channel for computer {0}. " +
                     "Launch log won't be printed", this);
-            headerStream = new NullOutputStream();
         }
         Channel channel = cb.build(commandTransport);
         setChannel(channel, headerStream, listener);
@@ -548,14 +556,18 @@ public class SlaveComputer extends Computer {
 
     /**
      * Sets up the connection through an existing channel.
-     * @param channel the channel to use; <strong>warning:</strong> callers are expected to have called {@link ChannelConfigurator} already
+     * @param channel the channel to use; <strong>warning:</strong> callers are expected to have called {@link ChannelConfigurator} already.
+     * @param launchLog Launch log. If not {@code null}, will receive launch log messages
+     * @param listener Channel event listener to be attached (if not {@code null})
      * @since 1.444
      */
-    public void setChannel(Channel channel, OutputStream launchLog, Channel.Listener listener) throws IOException, InterruptedException {
+    public void setChannel(@Nonnull Channel channel,
+                           @CheckForNull OutputStream launchLog,
+                           @CheckForNull Channel.Listener listener) throws IOException, InterruptedException {
         if(this.channel!=null)
             throw new IllegalStateException("Already connected");
 
-        final TaskListener taskListener = new StreamTaskListener(launchLog);
+        final TaskListener taskListener = launchLog != null ? new StreamTaskListener(launchLog) : TaskListener.NULL;
         PrintStream log = taskListener.getLogger();
 
         channel.setProperty(SlaveComputer.class, this);
diff --git a/core/src/main/java/hudson/util/StreamTaskListener.java b/core/src/main/java/hudson/util/StreamTaskListener.java
index bd2b6dc87e..b2b2e4fd62 100644
--- a/core/src/main/java/hudson/util/StreamTaskListener.java
+++ b/core/src/main/java/hudson/util/StreamTaskListener.java
@@ -44,6 +44,9 @@ import java.util.logging.Level;
 import java.util.logging.Logger;
 import org.kohsuke.stapler.framework.io.WriterOutputStream;
 
+import javax.annotation.CheckForNull;
+import javax.annotation.Nonnull;
+
 // TODO: AbstractTaskListener is empty now, but there are dependencies on that e.g. Ruby Runtime - JENKINS-48116)
 // The change needs API deprecation policy or external usages cleanup.
 
@@ -56,7 +59,9 @@ import org.kohsuke.stapler.framework.io.WriterOutputStream;
  * @author Kohsuke Kawaguchi
  */
 public class StreamTaskListener extends AbstractTaskListener implements TaskListener, Closeable {
+    @Nonnull
     private PrintStream out;
+    @CheckForNull
     private Charset charset;
 
     /**
@@ -66,15 +71,15 @@ public class StreamTaskListener extends AbstractTaskListener implements TaskList
      *      or use {@link #fromStdout()} or {@link #fromStderr()}.
      */
     @Deprecated
-    public StreamTaskListener(PrintStream out) {
+    public StreamTaskListener(@Nonnull PrintStream out) {
         this(out,null);
     }
 
-    public StreamTaskListener(OutputStream out) {
+    public StreamTaskListener(@Nonnull OutputStream out) {
         this(out,null);
     }
 
-    public StreamTaskListener(OutputStream out, Charset charset) {
+    public StreamTaskListener(@Nonnull OutputStream out, @CheckForNull Charset charset) {
         try {
             if (charset == null)
                 this.out = (out instanceof PrintStream) ? (PrintStream)out : new PrintStream(out, false);
@@ -87,18 +92,18 @@ public class StreamTaskListener extends AbstractTaskListener implements TaskList
         }
     }
 
-    public StreamTaskListener(File out) throws IOException {
+    public StreamTaskListener(@Nonnull File out) throws IOException {
         this(out,null);
     }
 
-    public StreamTaskListener(File out, Charset charset) throws IOException {
+    public StreamTaskListener(@Nonnull File out, @CheckForNull Charset charset) throws IOException {
         // don't do buffering so that what's written to the listener
         // gets reflected to the file immediately, which can then be
         // served to the browser immediately
         this(Files.newOutputStream(asPath(out)), charset);
     }
 
-    private static Path asPath(File out) throws IOException {
+    private static Path asPath(@Nonnull File out) throws IOException {
         try {
             return out.toPath();
         } catch (InvalidPathException e) {
@@ -115,7 +120,7 @@ public class StreamTaskListener extends AbstractTaskListener implements TaskList
      * @throws IOException if the file could not be opened.
      * @since 1.651
      */
-    public StreamTaskListener(File out, boolean append, Charset charset) throws IOException {
+    public StreamTaskListener(@Nonnull File out, boolean append, @CheckForNull Charset charset) throws IOException {
         // don't do buffering so that what's written to the listener
         // gets reflected to the file immediately, which can then be
         // served to the browser immediately
@@ -127,7 +132,7 @@ public class StreamTaskListener extends AbstractTaskListener implements TaskList
         );
     }
 
-    public StreamTaskListener(Writer w) throws IOException {
+    public StreamTaskListener(@Nonnull Writer w) throws IOException {
         this(new WriterOutputStream(w));
     }
 
@@ -155,7 +160,7 @@ public class StreamTaskListener extends AbstractTaskListener implements TaskList
 
     @Override
     public Charset getCharset() {
-        return charset;
+        return charset != null ? charset : Charset.defaultCharset();
     }
 
     private void writeObject(ObjectOutputStream out) throws IOException {
-- 
GitLab


From 654c92cc24dc1282afc58cee407f8522e7d699ab Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Wed, 30 May 2018 14:23:21 +0200
Subject: [PATCH 545/863] [JENKINS-51608] - Improve diagnostics of errorneous
 cases in ClassicPluginStrategy#getShortName()

(cherry picked from commit 9bd13323c84c38f98091e2deffed0b7ae1cc5d68)
---
 core/src/main/java/hudson/ClassicPluginStrategy.java | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/core/src/main/java/hudson/ClassicPluginStrategy.java b/core/src/main/java/hudson/ClassicPluginStrategy.java
index bc00b2a0c9..6503d4b639 100644
--- a/core/src/main/java/hudson/ClassicPluginStrategy.java
+++ b/core/src/main/java/hudson/ClassicPluginStrategy.java
@@ -25,6 +25,8 @@ package hudson;
 
 import com.google.common.collect.ImmutableList;
 import com.google.common.collect.ImmutableSet;
+
+import java.io.FileNotFoundException;
 import java.io.InputStream;
 import java.nio.file.Files;
 import java.nio.file.InvalidPathException;
@@ -110,11 +112,20 @@ public class ClassicPluginStrategy implements PluginStrategy {
 
     @Override public String getShortName(File archive) throws IOException {
         Manifest manifest;
+        if (!archive.exists()) {
+            throw new FileNotFoundException("Failed to load " + archive + ". The file does not exist");
+        } else if (!archive.isFile()) {
+            throw new FileNotFoundException("Failed to load " + archive + ". It is not a file");
+        }
+
         if (isLinked(archive)) {
             manifest = loadLinkedManifest(archive);
         } else {
             try (JarFile jf = new JarFile(archive, false)) {
                 manifest = jf.getManifest();
+            } catch (IOException ex) {
+                // Mention file name in the exception
+                throw new IOException("Failed to load " + archive, ex);
             }
         }
         return PluginWrapper.computeShortName(manifest, archive.getName());
-- 
GitLab


From 41083ef30f13fc0302a9bc7845ab5155798a6bf7 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Thu, 21 Jun 2018 13:26:46 +0200
Subject: [PATCH 546/863] [JENKINS-51837] - Update BCT from 1.8 to 2.0-beta-2
 with ASM 6.2

---
 core/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/pom.xml b/core/pom.xml
index 0d5c3f2c27..50e635093b 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -212,7 +212,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>org.jenkins-ci</groupId>
       <artifactId>bytecode-compatibility-transformer</artifactId>
-      <version>1.8</version>
+      <version>2.0-beta-2</version>
     </dependency>
     <dependency>
       <groupId>org.jenkins-ci</groupId>
-- 
GitLab


From d570407e6a28acdd1dd8b5154ee71074899ad6a2 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 22 Jun 2018 12:21:59 +0200
Subject: [PATCH 547/863] [JENKINS-51818,JENKINS-51841] - Update Remoting from
 3.21 to 3.22

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index cddc2bc4da..b3bf2204ee 100644
--- a/pom.xml
+++ b/pom.xml
@@ -106,7 +106,7 @@ THE SOFTWARE.
     <maven-war-plugin.version>3.0.0</maven-war-plugin.version> <!-- JENKINS-47127 bump when 3.2.0 is out. Cf. MWAR-407 -->
 
     <!-- Bundled Remoting version -->
-    <remoting.version>3.21</remoting.version>
+    <remoting.version>3.22</remoting.version>
     <!-- Minimum Remoting version, which is tested for API compatibility -->
     <remoting.minimum.supported.version>3.4</remoting.minimum.supported.version>
 
-- 
GitLab


From 7c2d0ceaada1bc4d7a2b61fb3860634851c1848f Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 22 Jun 2018 20:02:01 +0200
Subject: [PATCH 548/863] [JENKINS-51994,JENKINS-46622] - Update Extras
 Executable WAR from 1.40 to 1.41

---
 war/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/war/pom.xml b/war/pom.xml
index a34321a927..d554466abe 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -49,7 +49,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>org.jenkins-ci</groupId>
       <artifactId>executable-war</artifactId>
-      <version>1.40</version>
+      <version>1.41</version>
       <scope>provided</scope>
     </dependency>
     <dependency>
-- 
GitLab


From e18df1ffd3d53fe12f6dca75a264b3550d6e8e5f Mon Sep 17 00:00:00 2001
From: Mark Waite <mark.earl.waite@gmail.com>
Date: Sat, 23 Jun 2018 14:48:41 -0600
Subject: [PATCH 549/863] [JENKINS-52153] - Check
 SlaveComputer.getChannelToMaster() before use (#3488)

[JENKINS-52153] - Check SlaveComputer.getChannelToMaster() before use
---
 core/src/main/java/hudson/util/ProcessTree.java | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/util/ProcessTree.java b/core/src/main/java/hudson/util/ProcessTree.java
index 115e570bb0..0ef4c2192e 100644
--- a/core/src/main/java/hudson/util/ProcessTree.java
+++ b/core/src/main/java/hudson/util/ProcessTree.java
@@ -396,7 +396,10 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
         // Check for the existance of vetoers if I don't know already
         if (vetoersExist == null) {
             try {
-                vetoersExist = SlaveComputer.getChannelToMaster().call(new DoVetoersExist());
+                VirtualChannel channelToMaster = SlaveComputer.getChannelToMaster();
+                if (channelToMaster != null) {
+                    vetoersExist = channelToMaster.call(new DoVetoersExist());
+                }
             }
             catch (Exception e) {
                 LOGGER.log(Level.WARNING, "Error while determining if vetoers exist", e);
-- 
GitLab


From f47037846fd60c5be7406a6abbe35353b669955e Mon Sep 17 00:00:00 2001
From: Jon <jon.sten@gmail.com>
Date: Sun, 24 Jun 2018 13:11:20 +0200
Subject: [PATCH 550/863] [JENKINS-52026] - Adding logging of called CLI
 commands (#3506)

[JENKINS-52026] - Adding logging of called CLI commands
---
 core/src/main/java/hudson/cli/CLICommand.java | 20 +++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/cli/CLICommand.java b/core/src/main/java/hudson/cli/CLICommand.java
index d5535a700f..3593ebf259 100644
--- a/core/src/main/java/hudson/cli/CLICommand.java
+++ b/core/src/main/java/hudson/cli/CLICommand.java
@@ -260,6 +260,7 @@ public abstract class CLICommand implements ExtensionPoint, Cloneable {
         // add options from the authenticator
         SecurityContext sc = null;
         Authentication old = null;
+        Authentication auth = null;
         try {
             sc = SecurityContextHolder.getContext();
             old = sc.getAuthentication();
@@ -271,32 +272,47 @@ public abstract class CLICommand implements ExtensionPoint, Cloneable {
             if (!(this instanceof LoginCommand || this instanceof LogoutCommand || this instanceof HelpCommand || this instanceof WhoAmICommand))
                 Jenkins.getActiveInstance().checkPermission(Jenkins.READ);
             p.parseArgument(args.toArray(new String[args.size()]));
-            Authentication auth = authenticator.authenticate();
+            auth = authenticator.authenticate();
             if (auth==Jenkins.ANONYMOUS)
                 auth = loadStoredAuthentication();
             sc.setAuthentication(auth); // run the CLI with the right credential
             if (!(this instanceof LoginCommand || this instanceof LogoutCommand || this instanceof HelpCommand || this instanceof WhoAmICommand))
                 Jenkins.getActiveInstance().checkPermission(Jenkins.READ);
-            return run();
+            LOGGER.log(Level.FINE, "Invoking CLI command {0}, with {1} arguments, as user {2}.",
+                    new Object[] {getName(), args.size(), auth.getName()});
+            int res = run();
+            LOGGER.log(Level.FINE, "Executed CLI command {0}, with {1} arguments, as user {2}, return code {3}",
+                    new Object[] {getName(), args.size(), auth.getName(), res});
+            return res;
         } catch (CmdLineException e) {
+            LOGGER.log(Level.FINE, String.format("Failed call to CLI command %s, with %d arguments, as user %s.",
+                    getName(), args.size(), auth != null ? auth.getName() : "<unknown>"), e);
             stderr.println("");
             stderr.println("ERROR: " + e.getMessage());
             printUsage(stderr, p);
             return 2;
         } catch (IllegalStateException e) {
+            LOGGER.log(Level.FINE, String.format("Failed call to CLI command %s, with %d arguments, as user %s.",
+                    getName(), args.size(), auth != null ? auth.getName() : "<unknown>"), e);
             stderr.println("");
             stderr.println("ERROR: " + e.getMessage());
             return 4;
         } catch (IllegalArgumentException e) {
+            LOGGER.log(Level.FINE, String.format("Failed call to CLI command %s, with %d arguments, as user %s.",
+                    getName(), args.size(), auth != null ? auth.getName() : "<unknown>"), e);
             stderr.println("");
             stderr.println("ERROR: " + e.getMessage());
             return 3;
         } catch (AbortException e) {
+            LOGGER.log(Level.FINE, String.format("Failed call to CLI command %s, with %d arguments, as user %s.",
+                    getName(), args.size(), auth != null ? auth.getName() : "<unknown>"), e);
             // signals an error without stack trace
             stderr.println("");
             stderr.println("ERROR: " + e.getMessage());
             return 5;
         } catch (AccessDeniedException e) {
+            LOGGER.log(Level.FINE, String.format("Failed call to CLI command %s, with %d arguments, as user %s.",
+                    getName(), args.size(), auth != null ? auth.getName() : "<unknown>"), e);
             stderr.println("");
             stderr.println("ERROR: " + e.getMessage());
             return 6;
-- 
GitLab


From 216231625cd6b1333b9d08b30cde6f3f741c6488 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 24 Jun 2018 20:14:27 -0700
Subject: [PATCH 551/863] [maven-release-plugin] prepare release jenkins-2.129

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d54dac5918..858a8d5932 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.129</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 50e635093b..03446cbbad 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.129</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index b3bf2204ee..614e473023 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.129</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.129</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..8c45ae0f4e 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.129</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index d554466abe..b0dd95a007 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.129</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From b9cd13dc6e77454a70b904abed5532f9630ee3aa Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 24 Jun 2018 20:14:27 -0700
Subject: [PATCH 552/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 858a8d5932..5ef236e7a7 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.129</version>
+    <version>2.130-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 03446cbbad..aafd8ab738 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.129</version>
+    <version>2.130-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 614e473023..a08781a374 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.129</version>
+  <version>2.130-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.129</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 8c45ae0f4e..141b645cc7 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.129</version>
+    <version>2.130-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index b0dd95a007..f49ff19e61 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.129</version>
+    <version>2.130-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 22aa2e6e766074d11249893e3f35e0b99e20d3d0 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 24 Jun 2018 20:21:19 -0700
Subject: [PATCH 553/863] mvn incrementals:reincrementalify

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 5ef236e7a7..d54dac5918 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.130-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index aafd8ab738..50e635093b 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.130-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index a08781a374..5a0df8f470 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.130-SNAPSHOT</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.129</revision>
+    <revision>2.130</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 141b645cc7..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.130-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index f49ff19e61..d554466abe 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.130-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From c96a8e0ac5941cbd865ffc5b740d911f6620de37 Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Mon, 25 Jun 2018 10:58:30 -0400
Subject: [PATCH 554/863] grammar: count agreement #-of(plural)

---
 .../LegacyApiTokenAdministrativeMonitor/manage.properties       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
index 21dd3be692..1fd48c44fe 100644
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
@@ -13,7 +13,7 @@ UserId=User Id
 UserFullName=User full name
 TokenName=Token name
 NumDaysSinceCreation=Days since creation
-NumOfUse=# of use
+NumOfUse=# of uses
 NumDaysSinceLastUse=Days since last use
 HasFreshToken=Fresh token?
 HasFreshToken_tooltip=A fresh token is one that was created using the new system \
-- 
GitLab


From afc4d06d21d4001b2bf510dbf1b5d1f92dcfe67e Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Mon, 25 Jun 2018 10:58:46 -0400
Subject: [PATCH 555/863] realistic: it will be inaccurate

---
 .../LegacyApiTokenAdministrativeMonitor/manage.properties       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
index 1fd48c44fe..d4fbbdd5de 100644
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
@@ -19,7 +19,7 @@ HasFreshToken=Fresh token?
 HasFreshToken_tooltip=A fresh token is one that was created using the new system \
   after the most recent use of the user''s legacy token. \n\
   Note: the creation date of legacy tokens which have never been used are reset every time Jenkins is restarted, \
-  which means that the date may be inaccurate.
+  which means that the date for those tokens will be inaccurate.
 HasFreshToken_ok_tooltip=A fresh token exist for that user
 HasFreshToken_warning_tooltip=No fresh token exist for that user
 HasMoreRecentlyUsedToken=Recent token?
-- 
GitLab


From 15ebe6510218cfb248ec59905effd7c909b9cd11 Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Mon, 25 Jun 2018 10:59:26 -0400
Subject: [PATCH 556/863] grammar: agreement token-exists

---
 .../LegacyApiTokenAdministrativeMonitor/manage.properties     | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
index d4fbbdd5de..c8bd3ec73e 100644
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
@@ -20,8 +20,8 @@ HasFreshToken_tooltip=A fresh token is one that was created using the new system
   after the most recent use of the user''s legacy token. \n\
   Note: the creation date of legacy tokens which have never been used are reset every time Jenkins is restarted, \
   which means that the date for those tokens will be inaccurate.
-HasFreshToken_ok_tooltip=A fresh token exist for that user
-HasFreshToken_warning_tooltip=No fresh token exist for that user
+HasFreshToken_ok_tooltip=A fresh token exists for that user
+HasFreshToken_warning_tooltip=No fresh token exists for that user
 HasMoreRecentlyUsedToken=Recent token?
 HasMoreRecentlyUsedToken_tooltip=A recently used token is one that was created using the new system \
   and used more recently than the user''s legacy token. \n\
-- 
GitLab


From f610a04223939ceb16f418f791fea1f1d2a8a44c Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Mon, 25 Jun 2018 11:13:32 -0400
Subject: [PATCH 557/863] active voice

---
 .../LegacyApiTokenAdministrativeMonitor/manage.properties       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
index c8bd3ec73e..44470a3c2b 100644
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
@@ -4,7 +4,7 @@ contextMessage=The following users have a legacy API token. \
   Additionally, in previous versions of Jenkins, API tokens were automatically created for every new user. \
   Often, users did not use the token, resulting in a larger attack surface than necessary. \
   Automatic token generation must now be enabled explicitly.
-recommendationMessage=For such reasons, we recommend to: \
+recommendationMessage=For such reasons, we recommend you: \
 <ul>\
   <li>revoke the tokens that were never used and</li>\
   <li>ask users that are currently using their legacy token to generate a token using the new system and revoke their legacy token</li>\
-- 
GitLab


From a004d83b4f9dcb0dcbea7546f98421ac25a2ff6e Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Mon, 25 Jun 2018 11:17:06 -0400
Subject: [PATCH 558/863] grammar: tense/whether-or-not/left/count-agreement

---
 .../apitoken/ApiTokenPropertyConfiguration.java        | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyConfiguration.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyConfiguration.java
index 81c903ba4b..2035843f02 100644
--- a/core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyConfiguration.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyConfiguration.java
@@ -37,19 +37,19 @@ import org.jenkinsci.Symbol;
 @Symbol("apiToken")
 public class ApiTokenPropertyConfiguration extends GlobalConfiguration {
     /**
-     * When a user is created, this property determine if we create a legacy token for the user or not
-     * For security reason, we do not recommend to enable this but we let that open to ease upgrade.
+     * When a user is created, this property determines whether or not we create a legacy token for the user.
+     * For security reasons, we do not recommend you enable this but we left that open to ease upgrades.
      */
     private boolean tokenGenerationOnCreationEnabled = false;
 
     /**
-     * When a user has a legacy token, this property determine if the user can request a new legacy token or not
-     * For security reason, we do not recommend to enable this but we let that open to ease upgrade.
+     * When a user has a legacy token, this property determines whether or not the user can request a new legacy token.
+     * For security reasons, we do not recommend you enable this but we left that open to ease upgrades.
      */
     private boolean creationOfLegacyTokenEnabled = false;
     
     /**
-     * Each time an API Token is used, its usage counter is incremented and the last usage date is updated. 
+     * Each time an API Token is used, its usage counter is incremented and the last used date is updated.
      * You can disable this feature using this property.
      */
     private boolean usageStatisticsEnabled = true;
-- 
GitLab


From 6896b1c5bd5f7c379fe9b2c3fe6d7037a86b0a9b Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Mon, 25 Jun 2018 11:23:26 -0400
Subject: [PATCH 559/863] spelling: User ID

---
 core/src/main/resources/hudson/model/User/index.jelly           | 2 +-
 .../main/resources/hudson/model/View/AsynchPeople/index.jelly   | 2 +-
 .../hudson/security/HudsonPrivateSecurityRealm/index.jelly      | 2 +-
 .../LegacyApiTokenAdministrativeMonitor/manage.properties       | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/core/src/main/resources/hudson/model/User/index.jelly b/core/src/main/resources/hudson/model/User/index.jelly
index d4895ca5a1..b16f2b3e63 100644
--- a/core/src/main/resources/hudson/model/User/index.jelly
+++ b/core/src/main/resources/hudson/model/User/index.jelly
@@ -32,7 +32,7 @@ THE SOFTWARE.
       </h1>
       <t:editableDescription permission="${app.ADMINISTER}" />
       <div>
-        ${%Jenkins User Id}: ${it.id}
+        ${%Jenkins User ID}: ${it.id}
       </div>
       <!-- give properties a chance to contribute summary item -->
       <j:forEach var="p" items="${it.allProperties}">
diff --git a/core/src/main/resources/hudson/model/View/AsynchPeople/index.jelly b/core/src/main/resources/hudson/model/View/AsynchPeople/index.jelly
index 8bcfe21fc7..ffdcd6d2f3 100644
--- a/core/src/main/resources/hudson/model/View/AsynchPeople/index.jelly
+++ b/core/src/main/resources/hudson/model/View/AsynchPeople/index.jelly
@@ -101,7 +101,7 @@ THE SOFTWARE.
       <table class="sortable pane bigtable" id="people">
         <tr>
           <th />
-          <th>${%User Id}</th>
+          <th>${%User ID}</th>
           <th>${%Name}</th>
           <th initialSortDir="up">${%Last Commit Activity}</th>
           <th>${%On}</th>
diff --git a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/index.jelly b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/index.jelly
index 9b7fe9d0fa..a7cad84726 100644
--- a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/index.jelly
+++ b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/index.jelly
@@ -33,7 +33,7 @@ THE SOFTWARE.
       <table class="sortable pane bigtable" id="people">
         <tr>
           <th style="width:32px"/>
-          <th>${%User Id}</th>
+          <th>${%User ID}</th>
           <th>${%Name}</th>
           <th style="width:32px"/>
         </tr>
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
index 44470a3c2b..a42853e504 100644
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
@@ -9,7 +9,7 @@ recommendationMessage=For such reasons, we recommend you: \
   <li>revoke the tokens that were never used and</li>\
   <li>ask users that are currently using their legacy token to generate a token using the new system and revoke their legacy token</li>\
 </ul>
-UserId=User Id
+UserId=User ID
 UserFullName=User full name
 TokenName=Token name
 NumDaysSinceCreation=Days since creation
-- 
GitLab


From 7d71c5a6a173e564ba0dcfb3d43d30ef0266cf10 Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Mon, 25 Jun 2018 12:19:36 -0400
Subject: [PATCH 560/863] improve docstring for
 TopLevelItemDescriptor.getDescription

grammar: recommended
grammar: plain text
clarify: consistent -- the old text did not really make sense
clarify: Stapler Thread association
clarify: otherwise
---
 .../src/main/java/hudson/model/TopLevelItemDescriptor.java | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/hudson/model/TopLevelItemDescriptor.java b/core/src/main/java/hudson/model/TopLevelItemDescriptor.java
index 32aee86d1c..ff5101faa8 100644
--- a/core/src/main/java/hudson/model/TopLevelItemDescriptor.java
+++ b/core/src/main/java/hudson/model/TopLevelItemDescriptor.java
@@ -135,10 +135,11 @@ public abstract class TopLevelItemDescriptor extends Descriptor<TopLevelItem> im
     }
 
     /**
-     * A description of this kind of item type. This description can contain HTML code but it is recommend to use text plain
-     * in order to avoid how it should be represented.
+     * A description of this kind of item type. This description can contain HTML code but it is recommended that
+     * you use plain text in order to be consistent with the rest of Jenkins.
      *
-     * This method should be called in a thread where Stapler is associated, but it will return an empty string.
+     * This method should be called from a thread where Stapler is handling an HTTP request, otherwise it will
+     * return an empty string.
      *
      * @return A string, by default the value from newInstanceDetail view is taken.
      *
-- 
GitLab


From bd05b8cc04619a3cabcfc1ffda5bb9d08ca84a45 Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Mon, 25 Jun 2018 12:23:26 -0400
Subject: [PATCH 561/863] clarify: jnlp agent port help

document default and recommended behavior first
grammar: recommended-that
explain that the system is responsible for random generation at launch

Removes mention of "default" secondary behavior because, afaict
the default is simply "disabled", but by listing random before assigned,
we're implicitly favoring that.
---
 .../help-slaveAgentPort.html                          | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/help-slaveAgentPort.html b/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/help-slaveAgentPort.html
index 8681f55f8f..6c1a2cdb38 100644
--- a/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/help-slaveAgentPort.html
+++ b/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/help-slaveAgentPort.html
@@ -1,7 +1,10 @@
 <div>
+  If you are not using JNLP agents, it's recommended that you disable this
+  entirely, which is the default installation behavior.
   Jenkins uses a TCP port to communicate with agents launched via JNLP.
-  Normally this port is chosen randomly to avoid collisions, but this would
-  make securing the system difficult. If you are not using JNLP agents,
-  it's recommend to disable this TCP port. Alternatively, you can specify
-  the fixed port number so that you can configure your firewall accordingly.
+  If you're going to use JNLP agents, you can allow the system to randomly
+  select a port at launch (this avoids interfering with other programs,
+  including other Jenkins instances).
+  As it's hard for firewalls to secure a random port, you can instead
+  specify a fixed port number and configure your firewall accordingly.
 </div>
-- 
GitLab


From ad4c1250b9c457baf6b9363dbd1d00dfd12f1b12 Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Mon, 25 Jun 2018 14:36:33 -0400
Subject: [PATCH 562/863] grammar: this

---
 .../LegacyApiTokenAdministrativeMonitor/manage.properties     | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
index a42853e504..da69df90d7 100644
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
@@ -20,8 +20,8 @@ HasFreshToken_tooltip=A fresh token is one that was created using the new system
   after the most recent use of the user''s legacy token. \n\
   Note: the creation date of legacy tokens which have never been used are reset every time Jenkins is restarted, \
   which means that the date for those tokens will be inaccurate.
-HasFreshToken_ok_tooltip=A fresh token exists for that user
-HasFreshToken_warning_tooltip=No fresh token exists for that user
+HasFreshToken_ok_tooltip=A fresh token exists for this user
+HasFreshToken_warning_tooltip=No fresh token exists for this user
 HasMoreRecentlyUsedToken=Recent token?
 HasMoreRecentlyUsedToken_tooltip=A recently used token is one that was created using the new system \
   and used more recently than the user''s legacy token. \n\
-- 
GitLab


From 1083a3f5c648e87464e25815779690eed1fb3296 Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Mon, 25 Jun 2018 17:12:13 -0400
Subject: [PATCH 563/863] JENKINS-52159: Queue.maintain - tolerate misbehaving
 sorter.sortBuildableItems()

Any plugin that implements the sort step could throw an exception which would break
the maintain() step. As sorting is really an optional step, it really should not be fatal.

Instead, we wrap the step in a try block, log it, and move on with life.
---
 core/src/main/java/hudson/model/Queue.java | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/model/Queue.java b/core/src/main/java/hudson/model/Queue.java
index 02eaa80d8b..7f881e21bc 100644
--- a/core/src/main/java/hudson/model/Queue.java
+++ b/core/src/main/java/hudson/model/Queue.java
@@ -1567,8 +1567,15 @@ public class Queue extends ResourceController implements Saveable {
                 }
             }
 
-            if (s != null)
-                s.sortBuildableItems(buildables);
+            if (s != null) {
+                try {
+                    s.sortBuildableItems(buildables);
+                } catch (Throwable e) {
+                    // We don't really care if the sort doesn't sort anything, we still should
+                    // continue to do our job. We'll complain about it and continue.
+                    LOGGER.log(Level.WARNING, "s.sortBuildableItems() threw Throwable: {0}", e);
+                }
+            }
             
             // Ensure that identification of blocked tasks is using the live state: JENKINS-27708 & JENKINS-27871
             updateSnapshot();
-- 
GitLab


From 5f7c50cd0d034198a1fc0b34af5f8a82c35f446c Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Tue, 26 Jun 2018 13:06:16 +0200
Subject: [PATCH 564/863] [JENKINS-52161] Improve creation-date value
 determination - in case of migration we put null instead of now - improve
 also the difference in days for the Xxx day(s) ago to take calendar day in
 difference and not the total duration (<24h = 0 days, which seems wrong in
 UI)

---
 core/src/main/java/hudson/Util.java           | 26 +++++++++++++-
 .../security/apitoken/ApiTokenStats.java      | 13 ++++---
 .../security/apitoken/ApiTokenStore.java      | 36 ++++++++++++-------
 .../manage.jelly                              | 20 +++++++----
 .../manage.properties                         |  2 ++
 core/src/test/java/hudson/UtilTest.java       | 17 +++++++++
 6 files changed, 86 insertions(+), 28 deletions(-)

diff --git a/core/src/main/java/hudson/Util.java b/core/src/main/java/hudson/Util.java
index 4053ce915e..87c78c62ce 100644
--- a/core/src/main/java/hudson/Util.java
+++ b/core/src/main/java/hudson/Util.java
@@ -23,6 +23,7 @@
  */
 package hudson;
 
+import com.sun.istack.internal.NotNull;
 import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
 
 import hudson.model.TaskListener;
@@ -74,6 +75,9 @@ import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.text.NumberFormat;
 import java.text.ParseException;
+import java.time.LocalDate;
+import java.time.Period;
+import java.time.ZoneId;
 import java.util.*;
 import java.util.concurrent.TimeUnit;
 import java.util.concurrent.atomic.AtomicBoolean;
@@ -1662,7 +1666,27 @@ public class Util {
             throw new IOException(e);
         }
     }
-
+    
+    /**
+     * Compute the number of calendar days elapsed since the given date.
+     * As it's only the calendar days difference that matter, "11.00pm" to "2.00am the day after" returns 1,
+     * even if there are only 3 hours between. As well as "10am" to "2pm" both on the same day, returns 0.
+     */
+    @Restricted(NoExternalUse.class)
+    public static int differenceInCalendarDay(@Nonnull Date a, @Nonnull Date b){
+        LocalDate aLocal = a.toInstant().atZone(ZoneId.systemDefault()).toLocalDate();
+        LocalDate bLocal = b.toInstant().atZone(ZoneId.systemDefault()).toLocalDate();
+        return Period.between(aLocal, bLocal).getDays();
+    }
+    
+    /**
+     * @see #differenceInCalendarDay(Date, Date)
+     */
+    @Restricted(NoExternalUse.class)
+    public static int numOfCalendarDayToNow(@Nonnull Date date){
+        return differenceInCalendarDay(date, new Date());
+    }
+    
     public static final FastDateFormat XS_DATETIME_FORMATTER = FastDateFormat.getInstance("yyyy-MM-dd'T'HH:mm:ss'Z'",new SimpleTimeZone(0,"GMT"));
 
     // Note: RFC822 dates must not be localized!
diff --git a/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
index bebf9db68d..91594b18e7 100644
--- a/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
@@ -24,6 +24,7 @@
 package jenkins.security.apitoken;
 
 import hudson.BulkChange;
+import hudson.Util;
 import hudson.XmlFile;
 import hudson.model.Saveable;
 import hudson.model.listeners.SaveableListener;
@@ -33,7 +34,11 @@ import org.kohsuke.accmod.restrictions.NoExternalUse;
 import javax.annotation.Nonnull;
 import java.io.File;
 import java.io.IOException;
+import java.time.Duration;
 import java.time.Instant;
+import java.time.LocalDate;
+import java.time.Period;
+import java.time.ZoneId;
 import java.time.temporal.ChronoUnit;
 import java.util.ArrayList;
 import java.util.Comparator;
@@ -251,13 +256,7 @@ public class ApiTokenStats implements Saveable {
          * Relevant only if the lastUseDate is not null
          */
         public long getNumDaysUse() {
-            return lastUseDate == null ? 0 : computeDeltaDays(lastUseDate.toInstant(), Instant.now());
-        }
-        
-        private long computeDeltaDays(Instant a, Instant b) {
-            long deltaDays = ChronoUnit.DAYS.between(a, b);
-            deltaDays = Math.max(0, deltaDays);
-            return deltaDays;
+            return lastUseDate == null ? 0 : Math.max(0, Util.numOfCalendarDayToNow(lastUseDate));
         }
     }
 }
diff --git a/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
index bf05aa8be3..c4d2dc2cae 100644
--- a/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
@@ -124,7 +124,7 @@ public class ApiTokenStore {
      * Remove the legacy token present and generate a new one using the given secret.
      */
     public synchronized void regenerateTokenFromLegacy(@Nonnull Secret newLegacyApiToken) {
-        deleteAllLegacyAndGenerateNewOne(newLegacyApiToken);
+        deleteAllLegacyAndGenerateNewOne(newLegacyApiToken, false);
     }
     
     /**
@@ -134,13 +134,13 @@ public class ApiTokenStore {
      */
     public synchronized void regenerateTokenFromLegacyIfRequired(@Nonnull Secret newLegacyApiToken) {
         if(tokenList.stream().noneMatch(HashedToken::isLegacy)){
-            deleteAllLegacyAndGenerateNewOne(newLegacyApiToken);
+            deleteAllLegacyAndGenerateNewOne(newLegacyApiToken, true);
         }
     }
     
-    private void deleteAllLegacyAndGenerateNewOne(@Nonnull Secret newLegacyApiToken) {
+    private void deleteAllLegacyAndGenerateNewOne(@Nonnull Secret newLegacyApiToken, boolean migrationFromExistingLegacy) {
         deleteAllLegacyTokens();
-        addLegacyToken(newLegacyApiToken);
+        addLegacyToken(newLegacyApiToken, migrationFromExistingLegacy);
     }
     
     private void deleteAllLegacyTokens() {
@@ -148,13 +148,13 @@ public class ApiTokenStore {
         tokenList.removeIf(HashedToken::isLegacy);
     }
     
-    private void addLegacyToken(@Nonnull Secret legacyToken) {
+    private void addLegacyToken(@Nonnull Secret legacyToken, boolean migrationFromExistingLegacy) {
         String tokenUserUseNormally = Util.getDigestOf(legacyToken.getPlainText());
         
         String secretValueHashed = this.plainSecretToHashInHex(tokenUserUseNormally);
         
         HashValue hashValue = new HashValue(LEGACY_VERSION, secretValueHashed);
-        HashedToken token = HashedToken.buildNew(Messages.ApiTokenProperty_LegacyTokenName(), hashValue);
+        HashedToken token = HashedToken.buildNewFromLegacy(hashValue, migrationFromExistingLegacy);
         
         this.addToken(token);
     }
@@ -371,6 +371,22 @@ public class ApiTokenStore {
             
             return result;
         }
+    
+        public static @Nonnull HashedToken buildNewFromLegacy(@Nonnull HashValue value, boolean migrationFromExistingLegacy) {
+            HashedToken result = new HashedToken();
+            result.name = Messages.ApiTokenProperty_LegacyTokenName();
+            if(migrationFromExistingLegacy){
+                // we do not know when the legacy token was created
+                result.creationDate = null;
+            }else{
+                // it comes from a manual action, so we set the creation date to now
+                result.creationDate = new Date();
+            }
+            
+            result.value = value;
+            
+            return result;
+        }
         
         public void rename(String newName) {
             this.name = newName;
@@ -404,7 +420,7 @@ public class ApiTokenStore {
          * Relevant only if the lastUseDate is not null
          */
         public long getNumDaysCreation() {
-            return creationDate == null ? 0 : computeDeltaDays(creationDate.toInstant(), Instant.now());
+            return creationDate == null ? 0 : Math.max(0, Util.numOfCalendarDayToNow(creationDate));
         }
         
         // used by Jelly view
@@ -412,12 +428,6 @@ public class ApiTokenStore {
             return this.uuid;
         }
         
-        private long computeDeltaDays(Instant a, Instant b) {
-            long deltaDays = ChronoUnit.DAYS.between(a, b);
-            deltaDays = Math.max(0, deltaDays);
-            return deltaDays;
-        }
-        
         public boolean isLegacy() {
             return this.value.version.equals(LEGACY_VERSION);
         }
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
index d385f62d03..550cb12d92 100644
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
@@ -58,20 +58,26 @@ THE SOFTWARE.
                             <j:forEach var="user" items="${userList}">
                                 <j:set var="legacyToken" value="${it.getLegacyTokenOf(user)}"/>
                                 <j:set var="legacyStats" value="${it.getLegacyStatsOf(user, legacyToken)}"/>
-        
+                                
                                 <j:set var="creationDateFormat" value="${%NoCreationDate}" />
+                                <j:set var="creationDateValue" value="${%NoCreationDateValue}" />
                                 <j:if test="${legacyToken.creationDate != null}">
                                     <i:formatDate var="creationDateFormat" value="${legacyToken.creationDate}" type="both" dateStyle="medium" timeStyle="medium" />
+                                    <!--TODO convert to "Today", "Tomorrow", "4 days ago", "2 weeks ago", etc-->
+                                    <j:set var="creationDateValue" value="${legacyStats.numDaysCreation}" />
                                 </j:if>
                                 
                                 <j:set var="lastUseDateFormat" value="${%NoLastUse}" />
+                                <j:set var="lastUseDateValue" value="${%NoLastUseValue}" />
                                 <j:if test="${legacyStats.lastUseDate != null}">
                                     <i:formatDate var="lastUseDateFormat" value="${legacyStats.lastUseDate}" type="both" dateStyle="medium" timeStyle="medium" />
+                                    <!--TODO convert to "Today", "Tomorrow", "4 days ago", "2 weeks ago", etc-->
+                                    <j:set var="lastUseDateValue" value="${legacyStats.numDaysUse}" />
                                 </j:if>
-        
+                                
                                 <j:set var="hasFreshToken"
                                        value="${it.hasFreshToken(user, legacyStats)}"/>
-        
+                                
                                 <j:set var="hasMoreRecentlyUsedToken"
                                        value="${it.hasMoreRecentlyUsedToken(user, legacyStats)}"/>
                                 
@@ -94,13 +100,13 @@ THE SOFTWARE.
                                             ${legacyToken.name}
                                         </td>
                                         <td title="${creationDateFormat}">
-                                            ${legacyStats.numDaysCreation}
+                                            ${creationDateValue}
                                         </td>
                                         <td>
                                             ${legacyStats.useCounter}
                                         </td>
                                         <td title="${lastUseDateFormat}">
-                                            ${legacyStats.numDaysUse}
+                                            ${lastUseDateValue}
                                         </td>
                                         <td>
                                             <j:choose>
@@ -138,14 +144,14 @@ THE SOFTWARE.
                         </j:otherwise>
                     </j:choose>
                 </table>
-    
+                
                 <div class="selection-panel">
                     Select:
                     <a href="#" class="action" onclick="selectAll(this);return false;">all</a>
                     <a href="#" class="action" onclick="selectFresh(this);return false;">only fresh</a>
                     <a href="#" class="action" onclick="selectRecent(this);return false;">only recent</a>
                 </div>
-    
+                
                 <div class="action-panel">
                     <span class="yui-button">
                         <button class="action-revoke-selected" onclick="confirmAndRevokeAllSelected(this);" 
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
index 21dd3be692..3ada4c7185 100644
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.properties
@@ -31,7 +31,9 @@ HasMoreRecentlyUsedToken_ok_tooltip=A recent token exist for that user
 HasMoreRecentlyUsedToken_warning_tooltip=No recent token exist for that user
 NoImpactedUser=There are no users with a legacy token
 NoCreationDate=There is no creation date for that token
+NoCreationDateValue=Unknown
 NoLastUse=There is no last use date for that token
+NoLastUseValue=Never used
 RevokeAllSelected=Revoke the selected token(s)
 RevokeAllSelected_confirm=Are you sure about revoking all %num% selected token(s)
 RevokeAllSelected_nothing=No token is selected, please select at least one to revoke
diff --git a/core/src/test/java/hudson/UtilTest.java b/core/src/test/java/hudson/UtilTest.java
index f1cf614055..3bc278a164 100644
--- a/core/src/test/java/hudson/UtilTest.java
+++ b/core/src/test/java/hudson/UtilTest.java
@@ -24,6 +24,7 @@
  */
 package hudson;
 
+import java.util.Date;
 import java.util.List;
 import java.util.Map;
 import java.util.HashMap;
@@ -781,4 +782,20 @@ public class UtilTest {
         assertEquals(0000, Util.permissionsToMode(PosixFilePermissions.fromString("---------")));
     }
 
+    @Test
+    public void testDifferenceDays() {
+        Date day1_10am = new Date(2018, 4, 6, 10, 0);
+        Date day1_11pm55 = new Date(2018, 4, 6, 23, 55);
+        Date day2_01am = new Date(2018, 4, 7, 1, 0);
+        Date day2_11pm = new Date(2018, 4, 7, 1, 0);
+        Date day3_08am = new Date(2018, 4, 8, 8, 0);
+        assertEquals(0, Util.differenceInCalendarDay(day1_10am, day1_11pm55));
+        assertEquals(1, Util.differenceInCalendarDay(day1_10am, day2_01am));
+        assertEquals(1, Util.differenceInCalendarDay(day1_11pm55, day2_01am));
+        assertEquals(2, Util.differenceInCalendarDay(day1_10am, day3_08am));
+        assertEquals(1, Util.differenceInCalendarDay(day2_11pm, day3_08am));
+        
+        // reverse order
+        assertEquals(-1, Util.differenceInCalendarDay(day3_08am, day2_11pm));
+    }
 }
-- 
GitLab


From 0a41e87b6678fddc678e1f57163abbee84d768b8 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Tue, 26 Jun 2018 14:51:25 +0200
Subject: [PATCH 565/863] Address Josh's comments

---
 core/src/main/java/hudson/Util.java                           | 1 -
 .../apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly | 4 ++--
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/hudson/Util.java b/core/src/main/java/hudson/Util.java
index 87c78c62ce..70267c2c27 100644
--- a/core/src/main/java/hudson/Util.java
+++ b/core/src/main/java/hudson/Util.java
@@ -23,7 +23,6 @@
  */
 package hudson;
 
-import com.sun.istack.internal.NotNull;
 import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
 
 import hudson.model.TaskListener;
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
index 550cb12d92..7740572ea5 100644
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
@@ -63,7 +63,7 @@ THE SOFTWARE.
                                 <j:set var="creationDateValue" value="${%NoCreationDateValue}" />
                                 <j:if test="${legacyToken.creationDate != null}">
                                     <i:formatDate var="creationDateFormat" value="${legacyToken.creationDate}" type="both" dateStyle="medium" timeStyle="medium" />
-                                    <!--TODO convert to "Today", "Tomorrow", "4 days ago", "2 weeks ago", etc-->
+                                    <!--TODO convert to "Today", "Tomorrow", "4 days ago", "2 weeks ago", etc. -->
                                     <j:set var="creationDateValue" value="${legacyStats.numDaysCreation}" />
                                 </j:if>
                                 
@@ -71,7 +71,7 @@ THE SOFTWARE.
                                 <j:set var="lastUseDateValue" value="${%NoLastUseValue}" />
                                 <j:if test="${legacyStats.lastUseDate != null}">
                                     <i:formatDate var="lastUseDateFormat" value="${legacyStats.lastUseDate}" type="both" dateStyle="medium" timeStyle="medium" />
-                                    <!--TODO convert to "Today", "Tomorrow", "4 days ago", "2 weeks ago", etc-->
+                                    <!--TODO convert to "Today", "Tomorrow", "4 days ago", "2 weeks ago", etc. -->
                                     <j:set var="lastUseDateValue" value="${legacyStats.numDaysUse}" />
                                 </j:if>
                                 
-- 
GitLab


From e0cc790ee78d0b1a8b31cda75b86bf11d8199732 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Tue, 26 Jun 2018 17:33:05 +0200
Subject: [PATCH 566/863] Address other comments - also add translation for
 another creationDate - and manage correctly the null creation date instead of
 0

---
 core/src/main/java/hudson/Util.java           | 17 ++++------
 .../security/apitoken/ApiTokenStats.java      |  8 +----
 .../security/apitoken/ApiTokenStore.java      |  4 +--
 .../security/ApiTokenProperty/config.jelly    | 20 ++++++++----
 .../ApiTokenProperty/config.properties        |  3 ++
 core/src/test/java/hudson/UtilTest.java       | 32 ++++++++++++-------
 6 files changed, 46 insertions(+), 38 deletions(-)

diff --git a/core/src/main/java/hudson/Util.java b/core/src/main/java/hudson/Util.java
index 70267c2c27..4e2dc2bd4d 100644
--- a/core/src/main/java/hudson/Util.java
+++ b/core/src/main/java/hudson/Util.java
@@ -75,8 +75,8 @@ import java.security.NoSuchAlgorithmException;
 import java.text.NumberFormat;
 import java.text.ParseException;
 import java.time.LocalDate;
-import java.time.Period;
 import java.time.ZoneId;
+import java.time.temporal.ChronoUnit;
 import java.util.*;
 import java.util.concurrent.TimeUnit;
 import java.util.concurrent.atomic.AtomicBoolean;
@@ -92,10 +92,6 @@ import javax.annotation.Nullable;
 import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
 
-import org.apache.commons.codec.digest.DigestUtils;
-import org.apache.commons.io.FileUtils;
-
-import org.apache.commons.codec.digest.DigestUtils;
 import org.apache.commons.io.FileUtils;
 
 /**
@@ -1672,18 +1668,19 @@ public class Util {
      * even if there are only 3 hours between. As well as "10am" to "2pm" both on the same day, returns 0.
      */
     @Restricted(NoExternalUse.class)
-    public static int differenceInCalendarDay(@Nonnull Date a, @Nonnull Date b){
+    public static long daysBetween(@Nonnull Date a, @Nonnull Date b){
         LocalDate aLocal = a.toInstant().atZone(ZoneId.systemDefault()).toLocalDate();
         LocalDate bLocal = b.toInstant().atZone(ZoneId.systemDefault()).toLocalDate();
-        return Period.between(aLocal, bLocal).getDays();
+        return ChronoUnit.DAYS.between(aLocal, bLocal);
     }
     
     /**
-     * @see #differenceInCalendarDay(Date, Date)
+     * @return positive number of days between the given date and now
+     * @see #daysBetween(Date, Date)
      */
     @Restricted(NoExternalUse.class)
-    public static int numOfCalendarDayToNow(@Nonnull Date date){
-        return differenceInCalendarDay(date, new Date());
+    public static long daysElapsedSince(@Nonnull Date date){
+        return Math.max(0, daysBetween(date, new Date()));
     }
     
     public static final FastDateFormat XS_DATETIME_FORMATTER = FastDateFormat.getInstance("yyyy-MM-dd'T'HH:mm:ss'Z'",new SimpleTimeZone(0,"GMT"));
diff --git a/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
index 91594b18e7..f92fd8e701 100644
--- a/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
@@ -34,12 +34,6 @@ import org.kohsuke.accmod.restrictions.NoExternalUse;
 import javax.annotation.Nonnull;
 import java.io.File;
 import java.io.IOException;
-import java.time.Duration;
-import java.time.Instant;
-import java.time.LocalDate;
-import java.time.Period;
-import java.time.ZoneId;
-import java.time.temporal.ChronoUnit;
 import java.util.ArrayList;
 import java.util.Comparator;
 import java.util.Date;
@@ -256,7 +250,7 @@ public class ApiTokenStats implements Saveable {
          * Relevant only if the lastUseDate is not null
          */
         public long getNumDaysUse() {
-            return lastUseDate == null ? 0 : Math.max(0, Util.numOfCalendarDayToNow(lastUseDate));
+            return lastUseDate == null ? 0 : Util.daysElapsedSince(lastUseDate);
         }
     }
 }
diff --git a/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
index c4d2dc2cae..29d99120ec 100644
--- a/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
@@ -40,8 +40,6 @@ import java.nio.charset.StandardCharsets;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
-import java.time.Instant;
-import java.time.temporal.ChronoUnit;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Comparator;
@@ -420,7 +418,7 @@ public class ApiTokenStore {
          * Relevant only if the lastUseDate is not null
          */
         public long getNumDaysCreation() {
-            return creationDate == null ? 0 : Math.max(0, Util.numOfCalendarDayToNow(creationDate));
+            return creationDate == null ? 0 : Util.daysElapsedSince(creationDate);
         }
         
         // used by Jelly view
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
index d1cb2c203b..b7aee62ac7 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
@@ -59,11 +59,14 @@ THE SOFTWARE.
                                     <j:set var="oldClazz" value="age-argh" />
                                 </j:if>
                             </j:if>
-                            <j:set var="creationDateFormat" value="${%NoLastUse}" />
+                            <j:set var="creationDateFormat" value="${%NoCreationDate}" />
+                            <j:set var="creationDateValue" value="${%NoCreationDateValue}" />
                             <j:if test="${token.creationDate != null}">
                                 <i:formatDate var="creationDateFormat" value="${token.creationDate}" type="both" dateStyle="medium" timeStyle="medium" />
+                                <!--TODO convert to "Today", "Tomorrow", "4 days ago", "2 weeks ago", etc. -->
+                                <j:set var="creationDateValue" value="${%TokenCreation(daysOld)}" />
                             </j:if>
-                            <span class="token-creation ${oldClazz}" title="${creationDateFormat}">${%TokenCreation(daysOld)}</span>
+                            <span class="token-creation ${oldClazz}" title="${creationDateFormat}">${creationDateValue}</span>
                             
                             <span class="to-right">
                                 <j:choose>
@@ -71,13 +74,18 @@ THE SOFTWARE.
                                         <j:set var="useCounter" value="${token.useCounter}" />
                                         <j:choose>
                                             <j:when test="${useCounter > 0}">
-                                                <j:set var="lastUseDateFormat" value="${%NoLastUse}" />
+                                                <j:if test="${token.lastUseDate == null}">
+                                                    <!--Should normally never happen without manual XML modification-->
+                                                    <span class="token-use-counter" title="${$TokenNeverUsedTooltip}">
+                                                        ${%TokenNeverUsedValue}
+                                                    </span>
+                                                </j:if>
                                                 <j:if test="${token.lastUseDate != null}">
                                                     <i:formatDate var="lastUseDateFormat" value="${token.lastUseDate}" type="both" dateStyle="medium" timeStyle="medium" />
+                                                    <span class="token-use-counter" title="${lastUseDateFormat}">
+                                                        ${%TokenLastUse(useCounter, token.numDaysUse)}
+                                                    </span>
                                                 </j:if>
-                                                <span class="token-use-counter" title="${lastUseDateFormat}">
-                                                    ${%TokenLastUse(useCounter, token.numDaysUse)}
-                                                </span>
                                             </j:when>
                                             <j:otherwise>
                                                 <span class="token-use-counter">
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
index fc6b26c4d7..79bef819d2 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
@@ -6,6 +6,7 @@ TokenLastUse=Used <b>{0}</b> time(s), last time was <b>{1}</b> day(s) ago
 StatisticsDisabled=No statistics available
 StatisticsDisabled.Title=Token usage statistics are currently disabled
 TokenNeverUsed=Never used
+TokenNeverUsedTooltip=There is no last use date for that token
 TokenNeverUsed.Title=We strongly recommend that you revoke tokens which you do not plan to use
 ConfirmRevokeSingle=Are you sure you want to revoke this token ? Applications that are using it will be not able to connect anymore.
 CurrentTokens=Current token(s)
@@ -13,3 +14,5 @@ TokenCreation=Created {0} day(s) ago
 RenameToken=Save the new name of the token
 LegacyToken=We strongly recommend that you revoke this legacy token and replace it with a newly generated token for increased security.
 NoLegacyToken=The user does not have a legacy token
+NoCreationDate=There is no creation date for that token
+NoCreationDateValue=Unknown
diff --git a/core/src/test/java/hudson/UtilTest.java b/core/src/test/java/hudson/UtilTest.java
index 3bc278a164..11a057b65e 100644
--- a/core/src/test/java/hudson/UtilTest.java
+++ b/core/src/test/java/hudson/UtilTest.java
@@ -61,7 +61,6 @@ import org.jvnet.hudson.test.Issue;
 import hudson.util.StreamTaskListener;
 
 import org.junit.Rule;
-import org.junit.internal.AssumptionViolatedException;
 import org.junit.rules.TemporaryFolder;
 
 import com.google.common.collect.Lists;
@@ -784,18 +783,27 @@ public class UtilTest {
 
     @Test
     public void testDifferenceDays() {
-        Date day1_10am = new Date(2018, 4, 6, 10, 0);
-        Date day1_11pm55 = new Date(2018, 4, 6, 23, 55);
-        Date day2_01am = new Date(2018, 4, 7, 1, 0);
-        Date day2_11pm = new Date(2018, 4, 7, 1, 0);
-        Date day3_08am = new Date(2018, 4, 8, 8, 0);
-        assertEquals(0, Util.differenceInCalendarDay(day1_10am, day1_11pm55));
-        assertEquals(1, Util.differenceInCalendarDay(day1_10am, day2_01am));
-        assertEquals(1, Util.differenceInCalendarDay(day1_11pm55, day2_01am));
-        assertEquals(2, Util.differenceInCalendarDay(day1_10am, day3_08am));
-        assertEquals(1, Util.differenceInCalendarDay(day2_11pm, day3_08am));
+        Date may_6_10am = new Date(2018 - 1900, 4, 6, 10, 0);
+        Date may_6_11pm55 = new Date(2018 - 1900, 4, 6, 23, 55);
+        Date may_7_01am = new Date(2018 - 1900, 4, 7, 1, 0);
+        Date may_7_11pm = new Date(2018 - 1900, 4, 7, 1, 0);
+        Date may_8_08am = new Date(2018 - 1900, 4, 8, 8, 0);
+        Date june_3_08am = new Date(2018 - 1900, 5, 3, 8, 0);
+        Date june_9_08am = new Date(2018 - 1900, 5, 9, 8, 0);
+        Date june_9_08am_nextYear = new Date(2019 - 1900, 5, 9, 8, 0);
+        
+        assertEquals(0, Util.daysBetween(may_6_10am, may_6_11pm55));
+        assertEquals(1, Util.daysBetween(may_6_10am, may_7_01am));
+        assertEquals(1, Util.daysBetween(may_6_11pm55, may_7_01am));
+        assertEquals(2, Util.daysBetween(may_6_10am, may_8_08am));
+        assertEquals(1, Util.daysBetween(may_7_11pm, may_8_08am));
+        
+        // larger scale
+        assertEquals(28, Util.daysBetween(may_6_10am, june_3_08am));
+        assertEquals(34, Util.daysBetween(may_6_10am, june_9_08am));
+        assertEquals(365 + 34, Util.daysBetween(may_6_10am, june_9_08am_nextYear));
         
         // reverse order
-        assertEquals(-1, Util.differenceInCalendarDay(day3_08am, day2_11pm));
+        assertEquals(-1, Util.daysBetween(may_8_08am, may_7_11pm));
     }
 }
-- 
GitLab


From d0be7b3431b1692934026ad211dd2c91580de527 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Tue, 26 Jun 2018 21:15:13 +0200
Subject: [PATCH 567/863] Avoid using deprecated constructor in test

---
 core/src/test/java/hudson/UtilTest.java | 24 +++++++++++++++---------
 1 file changed, 15 insertions(+), 9 deletions(-)

diff --git a/core/src/test/java/hudson/UtilTest.java b/core/src/test/java/hudson/UtilTest.java
index 11a057b65e..7aae66de48 100644
--- a/core/src/test/java/hudson/UtilTest.java
+++ b/core/src/test/java/hudson/UtilTest.java
@@ -24,6 +24,8 @@
  */
 package hudson;
 
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
 import java.util.Date;
 import java.util.List;
 import java.util.Map;
@@ -782,15 +784,15 @@ public class UtilTest {
     }
 
     @Test
-    public void testDifferenceDays() {
-        Date may_6_10am = new Date(2018 - 1900, 4, 6, 10, 0);
-        Date may_6_11pm55 = new Date(2018 - 1900, 4, 6, 23, 55);
-        Date may_7_01am = new Date(2018 - 1900, 4, 7, 1, 0);
-        Date may_7_11pm = new Date(2018 - 1900, 4, 7, 1, 0);
-        Date may_8_08am = new Date(2018 - 1900, 4, 8, 8, 0);
-        Date june_3_08am = new Date(2018 - 1900, 5, 3, 8, 0);
-        Date june_9_08am = new Date(2018 - 1900, 5, 9, 8, 0);
-        Date june_9_08am_nextYear = new Date(2019 - 1900, 5, 9, 8, 0);
+    public void testDifferenceDays() throws Exception {
+        Date may_6_10am = parseDate("2018-05-06 10:00:00"); 
+        Date may_6_11pm55 = parseDate("2018-05-06 23:55:00"); 
+        Date may_7_01am = parseDate("2018-05-07 01:00:00"); 
+        Date may_7_11pm = parseDate("2018-05-07 11:00:00"); 
+        Date may_8_08am = parseDate("2018-05-08 08:00:00"); 
+        Date june_3_08am = parseDate("2018-06-03 08:00:00"); 
+        Date june_9_08am = parseDate("2018-06-09 08:00:00"); 
+        Date june_9_08am_nextYear = parseDate("2019-06-09 08:00:00"); 
         
         assertEquals(0, Util.daysBetween(may_6_10am, may_6_11pm55));
         assertEquals(1, Util.daysBetween(may_6_10am, may_7_01am));
@@ -806,4 +808,8 @@ public class UtilTest {
         // reverse order
         assertEquals(-1, Util.daysBetween(may_8_08am, may_7_11pm));
     }
+    
+    private Date parseDate(String dateString) throws ParseException {
+        return new SimpleDateFormat("yyyy-MM-dd hh:mm:ss").parse(dateString);
+    }
 }
-- 
GitLab


From b8f7d3b94a5a49a3b84b7527dc12c5b356ad7234 Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Tue, 26 Jun 2018 23:59:06 -0400
Subject: [PATCH 568/863] i18n: add Jenkins banner text

---
 core/src/main/resources/lib/layout/layout.properties | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/src/main/resources/lib/layout/layout.properties b/core/src/main/resources/lib/layout/layout.properties
index b904b8f879..0adeb2cc30 100644
--- a/core/src/main/resources/lib/layout/layout.properties
+++ b/core/src/main/resources/lib/layout/layout.properties
@@ -23,3 +23,4 @@
 # do not localize unless a localized wiki page really exists.
 searchBox.url=https://jenkins.io/redirect/search-box
 logout=log out
+title=Jenkins
-- 
GitLab


From db5aa4bf6c0865cd363bf7b204cf94f116b089db Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Wed, 27 Jun 2018 00:01:17 -0400
Subject: [PATCH 569/863] i18n: Add jenkins alt item for localization

---
 core/src/main/resources/lib/layout/layout.jelly | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/lib/layout/layout.jelly b/core/src/main/resources/lib/layout/layout.jelly
index 97f1c6bf8d..1ebb71ca04 100644
--- a/core/src/main/resources/lib/layout/layout.jelly
+++ b/core/src/main/resources/lib/layout/layout.jelly
@@ -184,7 +184,7 @@ ${h.initPageVariables(context)}
       <div id="header">
         <div class="logo">
           <a id="jenkins-home-link" href="${rootURL}/">
-            <img id="jenkins-head-icon" src="${imagesURL}/headshot.png" alt="title" />
+            <img id="jenkins-head-icon" src="${imagesURL}/headshot.png" alt="[${%jenkinshead.alt}]" />
             <img id="jenkins-name-icon" src="${imagesURL}/title.png" alt="${%title}" width="139" height="34" />
           </a>
         </div>
-- 
GitLab


From 1adde3ac5c7f73aaf46a83ad2bd08b96de8fa17a Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Wed, 27 Jun 2018 00:02:40 -0400
Subject: [PATCH 570/863] i18n: include localization for Jenkins

This is the alternate text that replaces the picture of Jenkins in the banner
---
 core/src/main/resources/lib/layout/layout.properties | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/src/main/resources/lib/layout/layout.properties b/core/src/main/resources/lib/layout/layout.properties
index 0adeb2cc30..553d79dd16 100644
--- a/core/src/main/resources/lib/layout/layout.properties
+++ b/core/src/main/resources/lib/layout/layout.properties
@@ -24,3 +24,4 @@
 searchBox.url=https://jenkins.io/redirect/search-box
 logout=log out
 title=Jenkins
+jenkinshead.alt=Jenkins
-- 
GitLab


From cdc97dc114964b2c559368e471e3557d5fee4bc9 Mon Sep 17 00:00:00 2001
From: Eric Yu <eric.e.yu@oracle.com>
Date: Wed, 27 Jun 2018 17:16:16 +0800
Subject: [PATCH 571/863] Fix JENKINS-52181 about permission issue when using
 cli to get console

Fixed https://issues.jenkins-ci.org/browse/JENKINS-52181 about issue when using jenkins-cli to get console of a project requires user has Job/Build permission as per guidance from Oleg Nenashev.
---
 core/src/main/java/hudson/cli/ConsoleCommand.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/cli/ConsoleCommand.java b/core/src/main/java/hudson/cli/ConsoleCommand.java
index f98fdc95a2..8965af0fe6 100644
--- a/core/src/main/java/hudson/cli/ConsoleCommand.java
+++ b/core/src/main/java/hudson/cli/ConsoleCommand.java
@@ -41,7 +41,7 @@ public class ConsoleCommand extends CLICommand {
     public int n = -1;
 
     protected int run() throws Exception {
-        job.checkPermission(Item.BUILD);
+        job.checkPermission(Item.READ);
 
         Run<?,?> run;
 
-- 
GitLab


From b45c28df41d6981cef974a5b1a7f82012b97e5e2 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Wed, 27 Jun 2018 15:49:53 +0200
Subject: [PATCH 572/863] [JENKINS-51965] - Update Instance Identity module
 from 2.1 to 2.2

---
 war/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/war/pom.xml b/war/pom.xml
index d554466abe..5c3b3557ca 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -95,7 +95,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>org.jenkins-ci.modules</groupId>
       <artifactId>instance-identity</artifactId>
-      <version>2.1</version>
+      <version>2.2</version>
     </dependency>
     <dependency>
       <groupId>org.jenkins-ci.modules</groupId>
-- 
GitLab


From 0f4df5b6289eb5af4235f8596e50d0d8b59a3687 Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Fri, 29 Jun 2018 14:43:10 -0400
Subject: [PATCH 573/863] Revoke and revoked token (#3524)

* i18n: include RevokedToken translation

Note: This message is shown in the "Legacy API Token" field after the user has revoked their legacy token.

* Include alt text so that at least blind users can figure out how to revoke tokens

As a sighted user, I could not figure it out. This gives the blind a chance.
---
 .../resources/jenkins/security/ApiTokenProperty/config.jelly    | 2 +-
 .../jenkins/security/ApiTokenProperty/config.properties         | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
index b7aee62ac7..4999a8dcb6 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.jelly
@@ -108,7 +108,7 @@ THE SOFTWARE.
                                    data-message-if-legacy-revoked="${%RevokedToken}"
                                    data-confirm="${%ConfirmRevokeSingle}"
                                    data-target-url="${descriptor.descriptorFullUrl}/revoke">
-                                    <l:icon class="icon-text-error icon-sm"/>
+                                    <l:icon class="icon-text-error icon-sm" alt="${%RevokeToken}" />
                                 </a>
                             </span>
                         </div>
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
index 79bef819d2..25fca9d566 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config.properties
@@ -1,6 +1,7 @@
 TokenDisplayedOnce=Copy this token now, because it cannot be recovered in the future.
 AddNewToken=Add new Token
 GenerateNewToken=Generate
+RevokeToken=Revoke this token
 NoTokenYet=There is no registered token for this user
 TokenLastUse=Used <b>{0}</b> time(s), last time was <b>{1}</b> day(s) ago
 StatisticsDisabled=No statistics available
@@ -14,5 +15,6 @@ TokenCreation=Created {0} day(s) ago
 RenameToken=Save the new name of the token
 LegacyToken=We strongly recommend that you revoke this legacy token and replace it with a newly generated token for increased security.
 NoLegacyToken=The user does not have a legacy token
+RevokedToken=The legacy token has been revoked
 NoCreationDate=There is no creation date for that token
 NoCreationDateValue=Unknown
-- 
GitLab


From dbeda50abaa9c1a23cd4be6938e28c3d0193c745 Mon Sep 17 00:00:00 2001
From: Devin Nusbaum <dwnusbaum@users.noreply.github.com>
Date: Fri, 29 Jun 2018 17:01:09 -0400
Subject: [PATCH 574/863] [JENKINS-52164] Fix rename action for AbstractItems
 that don't define URL when including the actions taglib (#3523)

* Reproduce JENKINS-52164

* Fix JENKINS-52164 by creating URL inline

* Remove tests from core
---
 core/src/main/resources/jenkins/model/RenameAction/action.jelly | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/jenkins/model/RenameAction/action.jelly b/core/src/main/resources/jenkins/model/RenameAction/action.jelly
index d298d56503..992a1ce7cf 100644
--- a/core/src/main/resources/jenkins/model/RenameAction/action.jelly
+++ b/core/src/main/resources/jenkins/model/RenameAction/action.jelly
@@ -26,6 +26,6 @@ THE SOFTWARE.
 <j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:s="/lib/form">
     <!-- TODO: Should use permission attribute after JENKINS-18649 -->
     <j:if test="${it.hasPermission(it.CONFIGURE) or (it.parent.hasPermission(it.CREATE) and it.hasPermission(it.DELETE))}">
-      <l:task href="${url}/confirm-rename" icon="icon-notepad icon-md" enabled="${it.nameEditable}" title="${%Rename}"/>
+      <l:task href="${h.getActionUrl(it.url, action)}" icon="icon-notepad icon-md" enabled="${it.nameEditable}" title="${%Rename}"/>
     </j:if>
 </j:jelly>
-- 
GitLab


From a1def496830441922fc14e4dbaec9c1c8ad81610 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sat, 30 Jun 2018 00:03:16 +0200
Subject: [PATCH 575/863] [JENKINS-52204] - Update Remoting to 3.23 to fix
 regressions in 2.129

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 5a0df8f470..f9a6226b29 100644
--- a/pom.xml
+++ b/pom.xml
@@ -106,7 +106,7 @@ THE SOFTWARE.
     <maven-war-plugin.version>3.0.0</maven-war-plugin.version> <!-- JENKINS-47127 bump when 3.2.0 is out. Cf. MWAR-407 -->
 
     <!-- Bundled Remoting version -->
-    <remoting.version>3.22</remoting.version>
+    <remoting.version>3.23</remoting.version>
     <!-- Minimum Remoting version, which is tested for API compatibility -->
     <remoting.minimum.supported.version>3.4</remoting.minimum.supported.version>
 
-- 
GitLab


From 639e5d35625b11b4716288dfa19146b3f7a515ff Mon Sep 17 00:00:00 2001
From: Kohei Suzuki <kohei-suzuki@cookpad.com>
Date: Mon, 2 Jul 2018 16:32:39 +0900
Subject: [PATCH 576/863] Fix documentation of getItems's return value

---
 core/src/main/java/hudson/model/Queue.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/model/Queue.java b/core/src/main/java/hudson/model/Queue.java
index 7f881e21bc..ebd868ff11 100644
--- a/core/src/main/java/hudson/model/Queue.java
+++ b/core/src/main/java/hudson/model/Queue.java
@@ -1110,7 +1110,7 @@ public class Queue extends ResourceController implements Saveable {
     /**
      * Gets the information about the queue item for the given project.
      *
-     * @return null if the project is not in the queue.
+     * @return empty if the project is not in the queue.
      */
     public List<Item> getItems(Task t) {
         Snapshot snapshot = this.snapshot;
-- 
GitLab


From 3a125b65c845569d9b56f62d662875c34a340e96 Mon Sep 17 00:00:00 2001
From: suren <zxjlwt@126.com>
Date: Mon, 2 Jul 2018 16:41:07 +0800
Subject: [PATCH 577/863] Translate for login page

---
 .../model/AllView/noJob_zh_CN.properties      |  2 +-
 .../simple-header_zh_CN.properties            | 23 +++++++++++++++++++
 .../jenkins/model/Jenkins/login.properties    |  1 -
 .../model/Jenkins/login_zh_CN.properties      |  6 ++---
 4 files changed, 27 insertions(+), 5 deletions(-)
 create mode 100644 core/src/main/resources/jenkins/model/DefaultSimplePageDecorator/simple-header_zh_CN.properties

diff --git a/core/src/main/resources/hudson/model/AllView/noJob_zh_CN.properties b/core/src/main/resources/hudson/model/AllView/noJob_zh_CN.properties
index be8a0d93bc..be0c4f302e 100644
--- a/core/src/main/resources/hudson/model/AllView/noJob_zh_CN.properties
+++ b/core/src/main/resources/hudson/model/AllView/noJob_zh_CN.properties
@@ -20,7 +20,7 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Welcome\ to\ Jenkins!=\u6B22\u8FCE\u4F7F\u7528Jenkins!
+Welcome\ to\ Jenkins!=\u6B22\u8FCE\u6765\u5230 Jenkins!
 login=<a href="{0}/{1}?from={2}">\u767B\u5F55</a>\u4EE5\u521B\u5EFA jobs.
 newJob=\u5F00\u59CB<a href="newJob">\u521B\u5EFA\u4E00\u4E2A\u65B0\u4EFB\u52A1</a>.
 signup=\u5982\u679C\u60A8\u8FD8\u6CA1\u6709\u5E10\u6237\uFF0C\u60A8\u73B0\u5728\u53EF\u4EE5<a href="signup">\u6CE8\u518C</a>\u3002
diff --git a/core/src/main/resources/jenkins/model/DefaultSimplePageDecorator/simple-header_zh_CN.properties b/core/src/main/resources/jenkins/model/DefaultSimplePageDecorator/simple-header_zh_CN.properties
new file mode 100644
index 0000000000..d3e0472c0e
--- /dev/null
+++ b/core/src/main/resources/jenkins/model/DefaultSimplePageDecorator/simple-header_zh_CN.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Welcome\ to\ Jenkins!=\u6B22\u8FCE\u6765\u5230 Jenkins\uFF01
diff --git a/core/src/main/resources/jenkins/model/Jenkins/login.properties b/core/src/main/resources/jenkins/model/Jenkins/login.properties
index 1cb864cfbb..cfc4e3f018 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/login.properties
+++ b/core/src/main/resources/jenkins/model/Jenkins/login.properties
@@ -23,4 +23,3 @@
 signUp=Please sign in below or <a href="signup">create an account</a>.
 login=log in
 signIn=Sign in
-loginWelcome=Welcome to Jenkins!
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/model/Jenkins/login_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/login_zh_CN.properties
index 6322623398..62731e1f10 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/login_zh_CN.properties
+++ b/core/src/main/resources/jenkins/model/Jenkins/login_zh_CN.properties
@@ -21,7 +21,7 @@
 # THE SOFTWARE.
 
 Password=\u5BC6\u7801
-Remember\ me\ on\ this\ computer=\u5728\u8FD9\u53F0\u8BA1\u7B97\u673A\u4E0A\u4FDD\u6301\u767B\u5F55\u72B6\u6001
-User=\u7528\u6237\u540D
-login=\u767B\u5F55
+Keep\ me\ signed\ in=\u4FDD\u6301\u767B\u5F55\u72B6\u6001
+Username=\u7528\u6237\u540D
 signUp=<a href="signup">\u521B\u5EFA\u4E00\u4E2A\u7528\u6237\u8D26\u53F7</a> \u5982\u679C\u4F60\u6CA1\u6709\u6CE8\u518C\u7528\u6237.
+signIn=\u767B\u5F55
-- 
GitLab


From 3bbefd621c1b22509ba62c52fe3461fcbec39995 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 2 Jul 2018 07:19:11 -0700
Subject: [PATCH 578/863] [maven-release-plugin] prepare release jenkins-2.130

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d54dac5918..ee18af4ffb 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.130</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 50e635093b..531564ceba 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.130</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index f9a6226b29..eabef2dd10 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.130</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.130</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..8920cbcd4c 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.130</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 5c3b3557ca..fe00e011ec 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.130</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From d98c1fca72707bd6bce3003ac51b1cfbcc715be5 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 2 Jul 2018 07:19:12 -0700
Subject: [PATCH 579/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index ee18af4ffb..bbc2e76a29 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.130</version>
+    <version>2.131-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 531564ceba..fe54c9b5c3 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.130</version>
+    <version>2.131-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index eabef2dd10..b5f7bfb696 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.130</version>
+  <version>2.131-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.130</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 8920cbcd4c..f4799788df 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.130</version>
+    <version>2.131-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index fe00e011ec..f4514515b2 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.130</version>
+    <version>2.131-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 1951479c93185cb7efe455c2f9d15f21e02d24b3 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 2 Jul 2018 07:25:47 -0700
Subject: [PATCH 580/863] mvn incrementals:reincrementalify

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index bbc2e76a29..d54dac5918 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.131-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index fe54c9b5c3..50e635093b 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.131-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index b5f7bfb696..19fea6615a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.131-SNAPSHOT</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.130</revision>
+    <revision>2.131</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index f4799788df..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.131-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index f4514515b2..5c3b3557ca 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.131-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 6e9babd41e37381b8b2d7f24df01cd10f918c09f Mon Sep 17 00:00:00 2001
From: James Nord <jnord+github@cloudbees.com>
Date: Tue, 3 Jul 2018 13:28:33 +0100
Subject: [PATCH 581/863] Method just called and cast another method that was
 CheckForNull

toComputer() was annotated with CHeckForNull yet getComputer which just
calls that and casts it was not.  This causes code using getComputer()
to not have a findbugs check and this has been observed in a
NullPOinterException happening at runtime.
---
 core/src/main/java/hudson/model/Slave.java | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/core/src/main/java/hudson/model/Slave.java b/core/src/main/java/hudson/model/Slave.java
index 9b0a02b338..c3a497f9a1 100644
--- a/core/src/main/java/hudson/model/Slave.java
+++ b/core/src/main/java/hudson/model/Slave.java
@@ -529,7 +529,12 @@ public abstract class Slave extends Node implements Serializable {
 
     /**
      * Gets the corresponding computer object.
+     *
+     * @return
+     *      this method can return null if there's no {@link Computer} object for this node,
+     *      such as when this node has no executors at all.
      */
+    @CheckForNull
     public SlaveComputer getComputer() {
         return (SlaveComputer)toComputer();
     }
-- 
GitLab


From 3a0c2220d4246601ffa2b0220a99e3a7298ddce1 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Sat, 7 Jul 2018 05:53:12 -0400
Subject: [PATCH 582/863] [JENKINS-52417] - Removing FilePath.copyFromRemotely 
 (#3480)

[JENKINS-52417] - Removing FilePath.copyFromRemotely
---
 core/src/main/java/hudson/FilePath.java       | 23 -------------------
 .../main/java/jenkins/util/VirtualFile.java   |  3 +++
 2 files changed, 3 insertions(+), 23 deletions(-)

diff --git a/core/src/main/java/hudson/FilePath.java b/core/src/main/java/hudson/FilePath.java
index b2d2d92b31..dfabc689c6 100644
--- a/core/src/main/java/hudson/FilePath.java
+++ b/core/src/main/java/hudson/FilePath.java
@@ -139,7 +139,6 @@ import static hudson.Util.isSymlink;
 
 import java.util.Collections;
 import org.apache.tools.ant.BuildException;
-import org.kohsuke.accmod.restrictions.Beta;
         
 /**
  * {@link File} like object with remoting support.
@@ -972,28 +971,6 @@ public final class FilePath implements Serializable {
         }
     }
 
-    /**
-     * Copies the content of a URL to a remote file.
-     * Unlike {@link #copyFrom} this will not transfer content over a Remoting channel.
-     * @since 2.118
-     */
-    @Restricted(Beta.class)
-    public void copyFromRemotely(URL url) throws IOException, InterruptedException {
-        act(new CopyFromRemotely(url));
-    }
-    private final class CopyFromRemotely extends MasterToSlaveFileCallable<Void> {
-        private static final long serialVersionUID = 1;
-        private final URL url;
-        CopyFromRemotely(URL url) {
-            this.url = url;
-        }
-        @Override
-        public Void invoke(File f, VirtualChannel channel) throws IOException, InterruptedException {
-            copyFrom(url);
-            return null;
-        }
-    }
-
     /**
      * Replaces the content of this file by the data from the given {@link InputStream}.
      *
diff --git a/core/src/main/java/jenkins/util/VirtualFile.java b/core/src/main/java/jenkins/util/VirtualFile.java
index c1ea07d536..b8491df130 100644
--- a/core/src/main/java/jenkins/util/VirtualFile.java
+++ b/core/src/main/java/jenkins/util/VirtualFile.java
@@ -336,6 +336,9 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
     /**
      * Optionally obtains a URL which may be used to retrieve file contents from any process on any node.
      * For example, given cloud storage this might produce a permalink to the file.
+     * <p>Only {@code http} and {@code https} protocols are permitted.
+     * It is recommended to use the {@code RobustHTTPClient.downloadFile} utility method
+     * from the {@code apache-httpcomponents-client-4-api} plugin to work with these URLs.
      * <p>This is only meaningful for {@link #isFile}:
      * no ZIP etc. archiving protocol is defined to allow bulk access to directory trees.
      * <p>Any necessary authentication must be encoded somehow into the URL itself;
-- 
GitLab


From af5fdc99feb628969929a23e51333b08fe2d8283 Mon Sep 17 00:00:00 2001
From: Eric Yu <eric.e.yu@oracle.com>
Date: Sat, 7 Jul 2018 18:37:41 +0800
Subject: [PATCH 583/863] Removed test case
 consoleShouldFailWithoutItemBuildPermission()because it is not for the right
 feature.

---
 .../test/java/hudson/cli/ConsoleCommandTest.java    | 13 -------------
 1 file changed, 13 deletions(-)

diff --git a/test/src/test/java/hudson/cli/ConsoleCommandTest.java b/test/src/test/java/hudson/cli/ConsoleCommandTest.java
index 1f4033e0c2..a01dd99f17 100644
--- a/test/src/test/java/hudson/cli/ConsoleCommandTest.java
+++ b/test/src/test/java/hudson/cli/ConsoleCommandTest.java
@@ -81,19 +81,6 @@ public class ConsoleCommandTest {
         assertThat(result.stderr(), containsString("ERROR: No such job 'aProject'"));
     }
 
-    @Test public void consoleShouldFailWithoutItemBuildPermission() throws Exception {
-
-        j.createFreeStyleProject("aProject");
-
-        final CLICommandInvoker.Result result = command
-                .authorizedTo(Jenkins.READ, Job.READ)
-                .invokeWithArgs("aProject");
-
-        assertThat(result, failedWith(6));
-        assertThat(result, hasNoStandardOutput());
-        assertThat(result.stderr(), containsString("ERROR: user is missing the Job/Build permission"));
-    }
-
     @Test public void consoleShouldFailWhenProjectDoesNotExist() throws Exception {
 
         final CLICommandInvoker.Result result = command
-- 
GitLab


From 9193ed8e44e70f6c79d712a62e4d0f205f8680d4 Mon Sep 17 00:00:00 2001
From: suren <zxjlwt@126.com>
Date: Sat, 7 Jul 2018 20:59:16 +0800
Subject: [PATCH 584/863] jenkins should be capitalize

---
 ...uthenticate-security-token_zh_CN.properties | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/core/src/main/resources/jenkins/install/SetupWizard/authenticate-security-token_zh_CN.properties b/core/src/main/resources/jenkins/install/SetupWizard/authenticate-security-token_zh_CN.properties
index 9f59b21975..68236b24e5 100644
--- a/core/src/main/resources/jenkins/install/SetupWizard/authenticate-security-token_zh_CN.properties
+++ b/core/src/main/resources/jenkins/install/SetupWizard/authenticate-security-token_zh_CN.properties
@@ -21,12 +21,12 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-authenticate-security-token.getting.started=\u5165\u95e8
-authenticate-security-token.unlock.jenkins=\u89e3\u9501jenkins
-jenkins.install.findSecurityTokenMessage=\u4e3a\u4e86\u786e\u4fdd\u7ba1\u7406\u5458\u5b89\u5168\u5730\u5b89\u88c5jenkins\uff0c\
-\u5bc6\u7801\u5df2\u5199\u5165\u5230\u65e5\u5fd7\u4e2d\uff08<small><a href="https://jenkins.io/redirect/find-jenkins-logs" target="_blank">\u4e0d\u77e5\u9053\u5728\u54ea\u91cc\uff1f</a></small>\uff09\u8be5\u6587\u4ef6\u5728\u670d\u52a1\u5668\u4e0a\uff1a<p><small><code>{0}</code></small></p>
-authenticate-security-token.copy.password=\u8bf7\u4ece\u672c\u5730\u590d\u5236\u5bc6\u7801\u5e76\u7c98\u8d34\u5230\u4e0b\u9762\u3002
-authenticate-security-token.error=\u9519\u8bef\uff1a
-authenticate-security-token.password.incorrect=\u8f93\u5165\u7684\u5bc6\u7801\u6709\u8bef\uff0c\u8bf7\u68c0\u67e5\u6587\u4ef6\u4ee5\u786e\u8ba4\u5bc6\u7801\u6b63\u786e
-authenticate-security-token.password.administrator=\u7ba1\u7406\u5458\u5bc6\u7801
-authenticate-security-token.continue=\u7ee7\u7eed
+authenticate-security-token.getting.started=\u5165\u95E8
+authenticate-security-token.unlock.jenkins=\u89E3\u9501 Jenkins
+jenkins.install.findSecurityTokenMessage=\u4E3A\u4E86\u786E\u4FDD\u7BA1\u7406\u5458\u5B89\u5168\u5730\u5B89\u88C5 Jenkins\uFF0C\
+\u5BC6\u7801\u5DF2\u5199\u5165\u5230\u65E5\u5FD7\u4E2D\uFF08<small><a href="https://jenkins.io/redirect/find-jenkins-logs" target="_blank">\u4E0D\u77E5\u9053\u5728\u54EA\u91CC\uFF1F</a></small>\uFF09\u8BE5\u6587\u4EF6\u5728\u670D\u52A1\u5668\u4E0A\uFF1A<p><small><code>{0}</code></small></p>
+authenticate-security-token.copy.password=\u8BF7\u4ECE\u672C\u5730\u590D\u5236\u5BC6\u7801\u5E76\u7C98\u8D34\u5230\u4E0B\u9762\u3002
+authenticate-security-token.error=\u9519\u8BEF\uFF1A
+authenticate-security-token.password.incorrect=\u8F93\u5165\u7684\u5BC6\u7801\u6709\u8BEF\uFF0C\u8BF7\u68C0\u67E5\u6587\u4EF6\u4EE5\u786E\u8BA4\u5BC6\u7801\u6B63\u786E
+authenticate-security-token.password.administrator=\u7BA1\u7406\u5458\u5BC6\u7801
+authenticate-security-token.continue=\u7EE7\u7EED
-- 
GitLab


From 78a99ddbfc41aacc3b943e635371fadc4c2c2166 Mon Sep 17 00:00:00 2001
From: suren <zxjlwt@126.com>
Date: Sat, 7 Jul 2018 21:21:17 +0800
Subject: [PATCH 585/863] Add translation for view

---
 .../main/resources/hudson/model/MyView/noJob_zh_CN.properties   | 1 +
 core/src/main/resources/lib/hudson/newFromList/form.jelly       | 2 +-
 .../main/resources/lib/hudson/newFromList/form_zh_CN.properties | 1 +
 3 files changed, 3 insertions(+), 1 deletion(-)
 create mode 100644 core/src/main/resources/hudson/model/MyView/noJob_zh_CN.properties

diff --git a/core/src/main/resources/hudson/model/MyView/noJob_zh_CN.properties b/core/src/main/resources/hudson/model/MyView/noJob_zh_CN.properties
new file mode 100644
index 0000000000..c49b1f4db9
--- /dev/null
+++ b/core/src/main/resources/hudson/model/MyView/noJob_zh_CN.properties
@@ -0,0 +1 @@
+blurb=\u5F53\u524D\u8BD5\u56FE\u4E2D\u6CA1\u6709\u4EFB\u52A1\u3002
\ No newline at end of file
diff --git a/core/src/main/resources/lib/hudson/newFromList/form.jelly b/core/src/main/resources/lib/hudson/newFromList/form.jelly
index 4c1935efb3..446fb6114d 100644
--- a/core/src/main/resources/lib/hudson/newFromList/form.jelly
+++ b/core/src/main/resources/lib/hudson/newFromList/form.jelly
@@ -96,7 +96,7 @@ THE SOFTWARE.
        -->
       <input type="radio" name="mode" value="dummy1" style="display:none" />
       <input type="radio" name="mode" value="dummy2" style="display:none" />
-      <input type="submit" name="Submit" value="OK" id="ok" style="margin-left:5em" />
+      <input type="submit" name="Submit" value="${%OK}" id="ok" style="margin-left:5em" />
     </s:bottomButtonBar>
   </s:form>
   <script><![CDATA[
diff --git a/core/src/main/resources/lib/hudson/newFromList/form_zh_CN.properties b/core/src/main/resources/lib/hudson/newFromList/form_zh_CN.properties
index 66271af75a..f3dce440ee 100644
--- a/core/src/main/resources/lib/hudson/newFromList/form_zh_CN.properties
+++ b/core/src/main/resources/lib/hudson/newFromList/form_zh_CN.properties
@@ -21,3 +21,4 @@
 # THE SOFTWARE.
 
 Copy\ from=\u8981\u590D\u5236\u7684\u4EFB\u52A1\u540D\u79F0
+OK=\u786E\u5B9A
-- 
GitLab


From e2b74038427842c106b3b54daf1f501a5c8ddf69 Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Sat, 7 Jul 2018 19:38:07 -0400
Subject: [PATCH 586/863] [JENKINS-46205] ZipArchiver support 64 bit files
 (#3536)

* [JENKINS-46205] ZipArchiver support 64 bit files

call setUseZip64(Zip64Mode.AsNeeded)

* [JENKINS-46205] ZipArchiver support 64 bit files

Update test to assume it means insufficient disk space and skip
---
 .../main/java/hudson/util/io/ZipArchiver.java |  2 +
 .../java/hudson/util/io/ZipArchiverTest.java  | 63 +++++++++++++++++++
 2 files changed, 65 insertions(+)

diff --git a/core/src/main/java/hudson/util/io/ZipArchiver.java b/core/src/main/java/hudson/util/io/ZipArchiver.java
index 9bd58808b2..20da13cbc3 100644
--- a/core/src/main/java/hudson/util/io/ZipArchiver.java
+++ b/core/src/main/java/hudson/util/io/ZipArchiver.java
@@ -30,6 +30,7 @@ import java.io.InputStream;
 import java.nio.file.Files;
 import java.nio.file.InvalidPathException;
 import org.apache.tools.zip.ZipEntry;
+import org.apache.tools.zip.Zip64Mode;
 import org.apache.tools.zip.ZipOutputStream;
 
 import java.io.File;
@@ -49,6 +50,7 @@ final class ZipArchiver extends Archiver {
     ZipArchiver(OutputStream out) {
         zip = new ZipOutputStream(out);
         zip.setEncoding(System.getProperty("file.encoding"));
+        zip.setUseZip64(Zip64Mode.AsNeeded);
     }
 
     public void visit(final File f, final String _relativePath) throws IOException {
diff --git a/core/src/test/java/hudson/util/io/ZipArchiverTest.java b/core/src/test/java/hudson/util/io/ZipArchiverTest.java
index cde8bd4ae7..0ed31a83c5 100644
--- a/core/src/test/java/hudson/util/io/ZipArchiverTest.java
+++ b/core/src/test/java/hudson/util/io/ZipArchiverTest.java
@@ -5,6 +5,7 @@ import static org.junit.Assert.assertEquals;
 import java.io.File;
 import java.io.FileOutputStream;
 import java.io.IOException;
+import java.io.RandomAccessFile;
 import java.nio.file.Files;
 import java.util.logging.Level;
 import java.util.logging.Logger;
@@ -102,6 +103,68 @@ public class ZipArchiverTest {
         assertEquals("foo/bar/baz/Test.txt", zipEntryName);
     }
 
+    @Test
+    public void huge64bitFile()  {
+        // create huge64bitFileTest.txt
+
+        File hugeFile = new File(tmpDir, "huge64bitFileTest.txt");
+        try {
+            RandomAccessFile largeFile = new RandomAccessFile(hugeFile, "rw");
+            largeFile.setLength(4 * 1024 * 1024 * 1024 + 2);
+        } catch (IOException e) {
+            /* We probably don't have enough free disk space
+             * That's ok, we'll skip this test...
+             */
+            LOGGER.log(Level.SEVERE, "Couldn't set up huge file for huge64bitFile test", e);
+            return;
+        }
+
+        // a file to store the zip archive in
+        File zipFile = null;
+
+        // create zip from tmpDir
+        ZipArchiver archiver = null;
+
+        try {
+            zipFile = File.createTempFile("test", ".zip");
+            archiver = new ZipArchiver(Files.newOutputStream(zipFile.toPath()));
+
+            archiver.visit(hugeFile, "huge64bitFileTest.txt");
+        } catch (Exception e) {
+            fail("exception driving ZipArchiver", e);
+        } finally {
+            if (archiver != null) {
+                try {
+                    archiver.close();
+                } catch (IOException e) {
+                    // ignored
+                }
+            }
+        }
+
+        // examine zip contents and assert that there's an item there...
+        String zipEntryName = null;
+
+        ZipFile zipFileVerify = null;
+        try {
+            zipFileVerify = new ZipFile(zipFile);
+
+            zipEntryName = ((ZipEntry) zipFileVerify.entries().nextElement()).getName();
+        } catch (Exception e) {
+            fail("failure enumerating zip entries", e);
+        } finally {
+            if (zipFileVerify != null) {
+                try {
+                    zipFileVerify.close();
+                } catch (IOException e) {
+                    // ignored
+                }
+            }
+        }
+
+        assertEquals("huge64bitFileTest.txt", zipEntryName);
+    }
+
     /**
      * Convenience method for failing with a cause.
      *
-- 
GitLab


From a8fe3e8a68aa92228c01d347b06ac3918052c66b Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 8 Jul 2018 06:39:14 -0700
Subject: [PATCH 587/863] [maven-release-plugin] prepare release jenkins-2.131

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d54dac5918..69d9f5f2ab 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.131</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 50e635093b..91d541d271 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.131</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 19fea6615a..65f9e0db2d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.131</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.131</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..0d499c9f6b 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.131</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 5c3b3557ca..c413dcd888 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.131</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From a31b9d57723d96260c57d20e95b9ed7288e839d3 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 8 Jul 2018 06:39:15 -0700
Subject: [PATCH 588/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 69d9f5f2ab..a30840de12 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.131</version>
+    <version>2.132-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 91d541d271..8f582c349a 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.131</version>
+    <version>2.132-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 65f9e0db2d..2256db0ed0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.131</version>
+  <version>2.132-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.131</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 0d499c9f6b..7f345951ce 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.131</version>
+    <version>2.132-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index c413dcd888..3944ed893b 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.131</version>
+    <version>2.132-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 2650fc4711033fdd8b5d84431e0009de727e1c77 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 8 Jul 2018 06:47:53 -0700
Subject: [PATCH 589/863] mvn incrementals:reincrementalify

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index a30840de12..d54dac5918 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.132-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 8f582c349a..50e635093b 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.132-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 2256db0ed0..eeb6945be3 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.132-SNAPSHOT</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.131</revision>
+    <revision>2.132</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 7f345951ce..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.132-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 3944ed893b..5c3b3557ca 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.132-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From e464e58bda0c41c077b8008549694d8c7ad3d784 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Wed, 11 Jul 2018 11:41:06 +0200
Subject: [PATCH 590/863] Accept SHA-256 without complaint in logs

---
 .../main/java/hudson/model/UpdateCenter.java   | 18 ++++++------------
 1 file changed, 6 insertions(+), 12 deletions(-)

diff --git a/core/src/main/java/hudson/model/UpdateCenter.java b/core/src/main/java/hudson/model/UpdateCenter.java
index 33836d9c0f..386311816d 100644
--- a/core/src/main/java/hudson/model/UpdateCenter.java
+++ b/core/src/main/java/hudson/model/UpdateCenter.java
@@ -1888,30 +1888,31 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
         switch (result512) {
             case PASS:
                 // this has passed but no real reason not to check the others
-                break;
+                return;
             case FAIL:
                 throwVerificationFailure(entry.getSha512(), job.getComputedSHA512(), file, "SHA-512");
             case NOT_COMPUTED:
                 LOGGER.log(WARNING, "Attempt to verify a downloaded file (" + file.getName() + ") using SHA-512 failed since it could not be computed. Falling back to weaker algorithms. Update your JRE.");
                 break;
             case NOT_PROVIDED:
-                LOGGER.log(INFO, "Attempt to verify a downloaded file (" + file.getName() + ") using SHA-512 failed since your configured update site does not provide this checksum. Falling back to weaker algorithms.");
                 break;
         }
 
         VerificationResult result256 = verifyChecksums(entry.getSha256(), job.getComputedSHA256(), false);
         switch (result256) {
             case PASS:
-                // this has passed but no real reason not to check the others
-                break;
+                return;
             case FAIL:
                 throwVerificationFailure(entry.getSha256(), job.getComputedSHA256(), file, "SHA-256");
             case NOT_COMPUTED:
             case NOT_PROVIDED:
-                // we've probably already complained once, and if not, we've passed SHA-512.
                 break;
         }
 
+        if (result512 == VerificationResult.NOT_PROVIDED && result256 == VerificationResult.NOT_PROVIDED) {
+            LOGGER.log(INFO, "Attempt to verify a downloaded file (" + file.getName() + ") using SHA-512 or SHA-256 failed since your configured update site does not provide either of those checksums. Falling back to SHA-1.");
+        }
+
         VerificationResult result1 = verifyChecksums(entry.getSha1(), job.getComputedSHA1(), true);
         switch (result1) {
             case PASS:
@@ -1919,15 +1920,8 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
             case FAIL:
                 throwVerificationFailure(entry.getSha1(), job.getComputedSHA1(), file, "SHA-1");
             case NOT_COMPUTED:
-                // we need to make sure that at least one of the checks has passed, otherwise this is a problem
-                if (result256 == VerificationResult.PASS || result512 == VerificationResult.PASS) {
-                    return;
-                }
                 throw new IOException("Failed to compute SHA-1 of downloaded file, refusing installation");
             case NOT_PROVIDED:
-                if (result256 == VerificationResult.PASS || result512 == VerificationResult.PASS) {
-                    return;
-                }
                 throw new IOException("Unable to confirm integrity of downloaded file, refusing installation");
         }
     }
-- 
GitLab


From 1b32280e4372c491223de360209d9ffe2ad56ba1 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Wed, 11 Jul 2018 13:05:38 +0200
Subject: [PATCH 591/863] If SHA-512/256 is valid, we're no longer checking
 SHA-1

---
 test/src/test/java/hudson/model/UpdateCenter2Test.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/src/test/java/hudson/model/UpdateCenter2Test.java b/test/src/test/java/hudson/model/UpdateCenter2Test.java
index ca0f3b2378..671d10ca47 100644
--- a/test/src/test/java/hudson/model/UpdateCenter2Test.java
+++ b/test/src/test/java/hudson/model/UpdateCenter2Test.java
@@ -66,7 +66,7 @@ public class UpdateCenter2Test {
         String wrongChecksum = "ABCDEFG1234567890";
 
         // usually the problem is the file having a wrong checksum, but changing the expected one works just the same
-        j.jenkins.getUpdateCenter().getSite("default").getPlugin("changelog-history").sha1 = wrongChecksum;
+        j.jenkins.getUpdateCenter().getSite("default").getPlugin("changelog-history").sha512 = wrongChecksum;
         DownloadJob job = (DownloadJob) j.jenkins.getUpdateCenter().getPlugin("changelog-history").deploy().get();
         assertTrue(job.status instanceof Failure);
         assertTrue("error message references checksum", ((Failure) job.status).problem.getMessage().contains(wrongChecksum));
-- 
GitLab


From 34c8c41b4c3714181473d7a512919148c189a4e8 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Wed, 11 Jul 2018 15:57:40 +0200
Subject: [PATCH 592/863] Fix comment

---
 core/src/main/java/hudson/model/UpdateCenter.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/model/UpdateCenter.java b/core/src/main/java/hudson/model/UpdateCenter.java
index 386311816d..65ad9ee6f9 100644
--- a/core/src/main/java/hudson/model/UpdateCenter.java
+++ b/core/src/main/java/hudson/model/UpdateCenter.java
@@ -1887,7 +1887,7 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
         VerificationResult result512 = verifyChecksums(entry.getSha512(), job.getComputedSHA512(), false);
         switch (result512) {
             case PASS:
-                // this has passed but no real reason not to check the others
+                // this has passed so no reason not to check the weaker checksums
                 return;
             case FAIL:
                 throwVerificationFailure(entry.getSha512(), job.getComputedSHA512(), file, "SHA-512");
-- 
GitLab


From 69f47781cc7de5706e1852d191efa81a441e0bc7 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Wed, 11 Jul 2018 16:02:36 +0200
Subject: [PATCH 593/863] Grammar is difficult

---
 core/src/main/java/hudson/model/UpdateCenter.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/model/UpdateCenter.java b/core/src/main/java/hudson/model/UpdateCenter.java
index 65ad9ee6f9..deeed0c152 100644
--- a/core/src/main/java/hudson/model/UpdateCenter.java
+++ b/core/src/main/java/hudson/model/UpdateCenter.java
@@ -1887,7 +1887,7 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
         VerificationResult result512 = verifyChecksums(entry.getSha512(), job.getComputedSHA512(), false);
         switch (result512) {
             case PASS:
-                // this has passed so no reason not to check the weaker checksums
+                // this has passed so no reason to check the weaker checksums
                 return;
             case FAIL:
                 throwVerificationFailure(entry.getSha512(), job.getComputedSHA512(), file, "SHA-512");
-- 
GitLab


From af6dc33ff4ded3e84b321e5fb66a3ebb85ba2ab6 Mon Sep 17 00:00:00 2001
From: Zbynek Konecny <zbynek@geogebra.org>
Date: Fri, 13 Jul 2018 12:53:49 +0200
Subject: [PATCH 594/863] [JENKINS-52325] - If copy of artifact with attributes
 throws error, retry without attributes (#3537)

[JENKINS-52325] - If copy of artifact with attributes throws error, retry without attributes
---
 core/src/main/java/hudson/FilePath.java | 28 +++++++++++++++++++++++--
 1 file changed, 26 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/FilePath.java b/core/src/main/java/hudson/FilePath.java
index dfabc689c6..80dec77b0d 100644
--- a/core/src/main/java/hudson/FilePath.java
+++ b/core/src/main/java/hudson/FilePath.java
@@ -58,6 +58,9 @@ import hudson.util.IOUtils;
 import hudson.util.NamingThreadFactory;
 import hudson.util.io.Archiver;
 import hudson.util.io.ArchiverFactory;
+
+import static java.util.logging.Level.FINE;
+
 import java.io.BufferedOutputStream;
 import java.io.File;
 import java.io.FileFilter;
@@ -2457,16 +2460,37 @@ public final class FilePath implements Serializable {
             final File dest = new File(target.remote);
             final AtomicInteger count = new AtomicInteger();
             scanner.scan(base, reading(new FileVisitor() {
+                private boolean exceptionEncountered;
+                private boolean logMessageShown;
                 @Override
                 public void visit(File f, String relativePath) throws IOException {
                     if (f.isFile()) {
                         File target = new File(dest, relativePath);
                         mkdirsE(target.getParentFile());
-                        Files.copy(fileToPath(f), fileToPath(writing(target)),
-                                StandardCopyOption.COPY_ATTRIBUTES, StandardCopyOption.REPLACE_EXISTING);
+                        Path targetPath = fileToPath(writing(target));
+                        exceptionEncountered = exceptionEncountered || !tryCopyWithAttributes(f, targetPath);
+                        if (exceptionEncountered) {
+                            Files.copy(fileToPath(f), targetPath, StandardCopyOption.REPLACE_EXISTING);
+                            if (!logMessageShown) {
+                                LOGGER.log(Level.INFO, 
+                                    "JENKINS-52325: Jenkins failed to retain attributes when copying to {0}, so proceeding without attributes.", 
+                                    dest.getAbsolutePath());
+                                logMessageShown = true;
+                            }
+                        }
                         count.incrementAndGet();
                     }
                 }
+                private boolean tryCopyWithAttributes(File f, Path targetPath) {
+                	try {
+                        Files.copy(fileToPath(f), targetPath,
+                            StandardCopyOption.COPY_ATTRIBUTES, StandardCopyOption.REPLACE_EXISTING);
+                    } catch (IOException e) {
+                        LOGGER.log(Level.FINE, "Unable to copy: {0}", e.getMessage());
+                        return false;
+                    }
+                	return true;
+                }
                 @Override
                 public boolean understandsSymlink() {
                     return true;
-- 
GitLab


From 1a4ed7ba302fb7d2031427034e827916fc95990d Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Sat, 14 Jul 2018 01:25:19 +0200
Subject: [PATCH 595/863] Strip referer when following links to other origins

---
 core/src/main/resources/lib/layout/layout.jelly | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/src/main/resources/lib/layout/layout.jelly b/core/src/main/resources/lib/layout/layout.jelly
index 1ebb71ca04..02a170e407 100644
--- a/core/src/main/resources/lib/layout/layout.jelly
+++ b/core/src/main/resources/lib/layout/layout.jelly
@@ -59,6 +59,7 @@ THE SOFTWARE.
 <st:setHeader name="Expires" value="0" />
 <st:setHeader name="Cache-Control" value="no-cache,no-store,must-revalidate" />
 <st:setHeader name="X-Hudson-Theme" value="default" />
+<st:setHeader name="Referrer-Policy" value="same-origin" />
 <st:contentType value="text/html;charset=UTF-8" />
 
   <j:new var="h" className="hudson.Functions" /><!-- instead of JSP functions -->
-- 
GitLab


From b02071a441c643073f56d8a817b04c24227216b8 Mon Sep 17 00:00:00 2001
From: Ivan Fernandez Calvo <kuisathaverat@users.noreply.github.com>
Date: Sat, 14 Jul 2018 16:52:31 +0200
Subject: [PATCH 596/863] [JENKINS-52450] annotate onLoad build param as
 Nonnull (#3543)

* annotate onLoad build param as NonNull

* replace the annotation with the java one
---
 core/src/main/java/jenkins/model/ArtifactManager.java | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/jenkins/model/ArtifactManager.java b/core/src/main/java/jenkins/model/ArtifactManager.java
index a7b569417e..874d4e3a58 100644
--- a/core/src/main/java/jenkins/model/ArtifactManager.java
+++ b/core/src/main/java/jenkins/model/ArtifactManager.java
@@ -33,6 +33,7 @@ import hudson.model.TaskListener;
 import hudson.tasks.ArtifactArchiver;
 import java.io.IOException;
 import java.util.Map;
+import javax.annotation.Nonnull;
 import jenkins.util.VirtualFile;
 
 /**
@@ -47,7 +48,7 @@ public abstract class ArtifactManager {
      * The selected manager will be persisted inside a build, so the build reference should be {@code transient} (quasi-{@code final}) and restored here.
      * @param build a historical build with which this manager was associated
      */
-    public abstract void onLoad(Run<?,?> build);
+    public abstract void onLoad(@Nonnull Run<?,?> build);
 
     /**
      * Archive all configured artifacts from a build.
-- 
GitLab


From dfd5dcbec2dcbe2d9aa84a4901754119ad298950 Mon Sep 17 00:00:00 2001
From: ValHaris <martin@asc-hq.org>
Date: Sat, 14 Jul 2018 16:53:07 +0200
Subject: [PATCH 597/863] Add java.time.Ser to security whitelisted classes
 (JEP-200) (#3542)

---
 core/src/main/resources/jenkins/security/whitelisted-classes.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/src/main/resources/jenkins/security/whitelisted-classes.txt b/core/src/main/resources/jenkins/security/whitelisted-classes.txt
index 3ad58670b6..3ddb8d841a 100644
--- a/core/src/main/resources/jenkins/security/whitelisted-classes.txt
+++ b/core/src/main/resources/jenkins/security/whitelisted-classes.txt
@@ -59,6 +59,7 @@ java.math.BigInteger
 java.net.URI
 java.net.URL
 java.security.KeyRep
+java.time.Ser
 java.util.ArrayDeque
 java.util.ArrayList
 java.util.Arrays$ArrayList
-- 
GitLab


From 4d65572c6db9099ebcf8d2222159c069996670f9 Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Sat, 14 Jul 2018 10:55:26 -0400
Subject: [PATCH 598/863] Tie alt to manage object icon object class (#3498)

* Tie alt to manage object icon object class

* manaje.jelly: Closing quote was missing
---
 core/src/main/resources/jenkins/model/Jenkins/manage.jelly | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/core/src/main/resources/jenkins/model/Jenkins/manage.jelly b/core/src/main/resources/jenkins/model/Jenkins/manage.jelly
index 5fa406c953..d9dd6de40d 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/manage.jelly
+++ b/core/src/main/resources/jenkins/model/Jenkins/manage.jelly
@@ -54,6 +54,7 @@ THE SOFTWARE.
         <j:if test="${icon!=null}">
           <div class="manage-option">
           <j:set var="iconUrl" value="${icon.startsWith('/') ? resURL+icon : imagesURL + '/48x48/' + icon}" />
+          <j:set var="alt" value="${icon.replaceAll('\\d*\\.[^.]+$', '')}"/>
           ${taskTags!=null and attrs.contextMenu!='false' ? taskTags.add(m.urlName, iconUrl, m.displayName, m.requiresPOST, m.requiresConfirmation) : null}
           <j:choose>
             <j:when test="${m.requiresConfirmation}">
@@ -68,7 +69,7 @@ THE SOFTWARE.
             </j:when>
             <j:when test="${m.requiresPOST}">
               <f:link href="${m.urlName}" post="${m.requiresPOST}">
-                <img class="icon" src="${iconUrl}" alt="manage-option"/>
+                <img class="icon" src="${iconUrl}" alt="[${%alt}]"/>
                 <dl>
                   <dt>${m.displayName}</dt>
                   <dd><j:out value="${m.description}"/></dd>
-- 
GitLab


From 1cac1b7a41122c522646cf785c319ca7c647eeff Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Sun, 15 Jul 2018 09:53:38 -0400
Subject: [PATCH 599/863] [JENKINS-52417] Javadoc clarifications now that
 INFRA-1600 is cleared up.

---
 core/src/main/java/hudson/FilePath.java          | 7 ++++---
 core/src/main/java/jenkins/util/VirtualFile.java | 3 +--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/core/src/main/java/hudson/FilePath.java b/core/src/main/java/hudson/FilePath.java
index 80dec77b0d..00d453f794 100644
--- a/core/src/main/java/hudson/FilePath.java
+++ b/core/src/main/java/hudson/FilePath.java
@@ -963,9 +963,10 @@ public final class FilePath implements Serializable {
     }
 
     /**
-     * Reads the URL on the current VM, and writes all the data to this {@link FilePath}
-     * (this is different from resolving URL remotely.)
-     *
+     * Reads the URL on the current VM, and streams the data to this file using the Remoting channel.
+     * <p>This is different from resolving URL remotely.
+     * If you instead wished to open an HTTP(S) URL on the remote side,
+     * prefer <a href="http://javadoc.jenkins.io/plugin/apache-httpcomponents-client-4-api/io/jenkins/plugins/httpclient/RobustHTTPClient.html#copyFromRemotely-hudson.FilePath-java.net.URL-hudson.model.TaskListener-">{@code RobustHTTPClient.copyFromRemotely}</a>.
      * @since 1.293
      */
     public void copyFrom(URL url) throws IOException, InterruptedException {
diff --git a/core/src/main/java/jenkins/util/VirtualFile.java b/core/src/main/java/jenkins/util/VirtualFile.java
index b8491df130..3db7461a93 100644
--- a/core/src/main/java/jenkins/util/VirtualFile.java
+++ b/core/src/main/java/jenkins/util/VirtualFile.java
@@ -337,8 +337,7 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
      * Optionally obtains a URL which may be used to retrieve file contents from any process on any node.
      * For example, given cloud storage this might produce a permalink to the file.
      * <p>Only {@code http} and {@code https} protocols are permitted.
-     * It is recommended to use the {@code RobustHTTPClient.downloadFile} utility method
-     * from the {@code apache-httpcomponents-client-4-api} plugin to work with these URLs.
+     * It is recommended to use <a href="http://javadoc.jenkins.io/plugin/apache-httpcomponents-client-4-api/io/jenkins/plugins/httpclient/RobustHTTPClient.html#downloadFile-java.io.File-java.net.URL-hudson.model.TaskListener-">{@code RobustHTTPClient.downloadFile}</a> to work with these URLs.
      * <p>This is only meaningful for {@link #isFile}:
      * no ZIP etc. archiving protocol is defined to allow bulk access to directory trees.
      * <p>Any necessary authentication must be encoded somehow into the URL itself;
-- 
GitLab


From 85354aad981e4115f8f2d0c9e66b43c31dd22810 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 15 Jul 2018 13:26:50 -0700
Subject: [PATCH 600/863] [maven-release-plugin] prepare release jenkins-2.132

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d54dac5918..76baf35253 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.132</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 50e635093b..7933590a1d 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.132</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index eeb6945be3..70486cafa6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.132</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.132</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..d363e3f7fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.132</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 5c3b3557ca..5f7bc87719 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.132</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 31d7966e3896819a99b31f10e83e864e3805bcbd Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 15 Jul 2018 13:26:50 -0700
Subject: [PATCH 601/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 76baf35253..085e05fa7a 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.132</version>
+    <version>2.133-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 7933590a1d..026c8609d6 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.132</version>
+    <version>2.133-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 70486cafa6..d6eadd4084 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.132</version>
+  <version>2.133-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.132</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index d363e3f7fa..d7d2a6aa03 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.132</version>
+    <version>2.133-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 5f7bc87719..a3a11e075c 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.132</version>
+    <version>2.133-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From a39a8dc2d1d43a567e6c38099008b36e488cdbff Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 15 Jul 2018 13:34:42 -0700
Subject: [PATCH 602/863] mvn incrementals:reincrementalify

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 085e05fa7a..d54dac5918 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.133-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 026c8609d6..50e635093b 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.133-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index d6eadd4084..381d76f61c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.133-SNAPSHOT</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.132</revision>
+    <revision>2.133</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index d7d2a6aa03..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.133-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index a3a11e075c..5c3b3557ca 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.133-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 9ebea82f28e515b5571c7ecea754be749605174c Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 16 Jul 2018 10:35:42 -0700
Subject: [PATCH 603/863] [maven-release-plugin] prepare release
 jenkins-2.121.2

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 3d32d9a4f7..fa3051bc51 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.121.2</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 8c6f248eaa..61783b9b14 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.121.2</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 7b6592c7a0..1685a28386 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.121.2</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.121.2</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..f76346cba4 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.121.2</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 1af95e1d77..723aacc3e2 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.121.2</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From aafd5d12593eb771de3caa11a3455db39601f0f9 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 16 Jul 2018 10:35:43 -0700
Subject: [PATCH 604/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index fa3051bc51..cdc8f318c1 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.2</version>
+    <version>2.121.3-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 61783b9b14..103999a061 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.2</version>
+    <version>2.121.3-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 1685a28386..f2e95e2b59 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.121.2</version>
+  <version>2.121.3-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.121.2</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index f76346cba4..87fe1808d0 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.2</version>
+    <version>2.121.3-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 723aacc3e2..ccc7a634f4 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.2</version>
+    <version>2.121.3-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From b83f350d011b8a7a8dca623c0647faee908fce7a Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 16 Jul 2018 10:42:12 -0700
Subject: [PATCH 605/863] mvn incrementals:reincrementalify

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index cdc8f318c1..3d32d9a4f7 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.3-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 103999a061..8c6f248eaa 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.3-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index f2e95e2b59..9390b4bf22 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.121.3-SNAPSHOT</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.121.2</revision>
+    <revision>2.121.3</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 87fe1808d0..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.3-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index ccc7a634f4..1af95e1d77 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.3-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 115a36535a794b37ed9e071977fb8bc5da9ee574 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 16 Jul 2018 11:59:05 -0700
Subject: [PATCH 606/863] [maven-release-plugin] prepare release jenkins-2.133

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 085e05fa7a..4ba00e9e69 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.133-SNAPSHOT</version>
+    <version>2.133</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index e693b315fb..fda68fb29a 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.133-SNAPSHOT</version>
+    <version>2.133</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index d6eadd4084..0de46d51ab 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.133-SNAPSHOT</version>
+  <version>2.133</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.133</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index d7d2a6aa03..b5a88dc59f 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.133-SNAPSHOT</version>
+    <version>2.133</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index a3a11e075c..02401967c2 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.133-SNAPSHOT</version>
+    <version>2.133</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 868e9922ae977f24b693e943f22698b48d94461c Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 16 Jul 2018 11:59:06 -0700
Subject: [PATCH 607/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 4ba00e9e69..dd6538fd6d 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.133</version>
+    <version>2.134-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index fda68fb29a..b5aac93b2d 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.133</version>
+    <version>2.134-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 0de46d51ab..877e21566e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.133</version>
+  <version>2.134-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.133</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index b5a88dc59f..d8208174dc 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.133</version>
+    <version>2.134-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 02401967c2..3547265590 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.133</version>
+    <version>2.134-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From b9f329e16247e9dfcf4fc1a975b43f3c7e2dd2cb Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 16 Jul 2018 12:04:53 -0700
Subject: [PATCH 608/863] mvn incrementals:reincrementalify

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index dd6538fd6d..d54dac5918 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.134-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index b5aac93b2d..3ad3f09029 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.134-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 877e21566e..874989c453 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.134-SNAPSHOT</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.132</revision>
+    <revision>2.134</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index d8208174dc..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.134-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 3547265590..5c3b3557ca 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.134-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 72400d90d6558d028be75a025c1e0a0fbca73911 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Tue, 17 Jul 2018 01:36:06 +0200
Subject: [PATCH 609/863] Update CONTRIBUTING.md

---
 CONTRIBUTING.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 01de1fea2c..d419bd03a9 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -13,7 +13,7 @@ This page provides information about contributing code to the Jenkins core codeb
     - In Jenkins project we usually use [OpenJDK](http://openjdk.java.net/),
   but you can use other JDKs as well.
     - Java 9 is **not supported** in Jenkins.
-  * Maven 3.3.9 or above. You can download it [here](https://maven.apache.org/download.cgi)
+  * Maven 3.5.3 or above. You can download it [here](https://maven.apache.org/download.cgi)
   * Any IDE which supports importing Maven projects
 4. Setup your development environment as described in [Preparing for Plugin Development](https://jenkins.io/doc/developer/tutorial/prepare/)
 
@@ -30,7 +30,7 @@ Building and debugging process is described [here](https://jenkins.io/doc/develo
 
 If you want simply to have the `jenkins.war` file as fast as possible without tests, run:
 
-    mvn clean package -pl war -am -DskipTests
+    mvn clean package -pl war -am -DskipTests -Dfindbugs.skip
 
 The WAR file will be created in `war/target/jenkins.war`.
 After that you can start Jenkins using Java CLI ([guide](https://wiki.jenkins.io/display/JENKINS/Starting+and+Accessing+Jenkins)).
-- 
GitLab


From f0dc779d668e181f7effe47f016f9e1f9579bcb0 Mon Sep 17 00:00:00 2001
From: suren <zxjlwt@126.com>
Date: Thu, 19 Jul 2018 12:15:02 +0800
Subject: [PATCH 610/863] Add translation for signup page

---
 .../HudsonPrivateSecurityRealm/signup.jelly   | 12 ++++-----
 .../signup_zh_CN.properties                   | 20 ++++++++++++++-
 .../SecurityRealm/signup_zh_CN.properties     | 25 +++++++++++++++++++
 3 files changed, 50 insertions(+), 7 deletions(-)
 create mode 100644 core/src/main/resources/hudson/security/SecurityRealm/signup_zh_CN.properties

diff --git a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/signup.jelly b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/signup.jelly
index 6312f5b8b4..f588306700 100644
--- a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/signup.jelly
+++ b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/signup.jelly
@@ -188,15 +188,15 @@ THE SOFTWARE.
 
                                     const passwordStrength = function(score) {
                                         if (score > 80) {
-                                            return "Strong";
+                                            return "${%Strong}";
                                         }
                                         if (score > 60) {
-                                            return "Moderate";
+                                            return "${%Moderate}";
                                         }
                                         if (score >= 30) {
-                                            return "Weak";
+                                            return "${%Weak}";
                                         }
-                                        return "Poor";
+                                        return "${%Poor}";
                                     };
 
                                     const passwordStrengthColor = function(score) {
@@ -262,7 +262,7 @@ THE SOFTWARE.
                                 name="password1"
                                 id="password1"
                             />
-                            <div id="passwordStrengthWrapper">Strength: <span id="passwordStrength">&#160;</span> </div>
+                            <div id="passwordStrengthWrapper">${%Strength}: <span id="passwordStrength">&#160;</span> </div>
                             <script type="text/javascript">
                                 if (document.getElementById('passwordStrengthWrapper')) {
                                     document.getElementById('passwordStrengthWrapper').hidden = true;
@@ -271,7 +271,7 @@ THE SOFTWARE.
 
                         </div>
                         <div class="formRow">
-                            A strong password is a long password that's unique for every site. Try using a phrase with 5-6 words for the best security.
+                            ${%A strong password is a long password that's unique for every site. Try using a phrase with 5-6 words for the best security.}
                         </div>
                         <input
                             class="${data.errors.containsKey('password1') ? 'danger' : 'normal'}"
diff --git a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/signup_zh_CN.properties b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/signup_zh_CN.properties
index 907d5faa39..9f7004ed18 100644
--- a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/signup_zh_CN.properties
+++ b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/signup_zh_CN.properties
@@ -20,4 +20,22 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Sign\ up=\u6ce8\u518c
+Sign\ up=\u6CE8\u518C
+Create\ an\ account!\ [Jenkins]=\u521B\u5EFA\u4E00\u4E2A\u8D26\u53F7\uFF01[Jenkins]
+Create\ an\ account!=\u521B\u5EFA\u4E00\u4E2A\u8D26\u53F7\uFF01
+If\ you\ already\ have\ a\ Jenkins\ account,=\u5982\u679C\u4F60\u5DF2\u7ECF\u6709\u4E86\u4E00\u4E2A Jenkins \u8D26\u53F7\uFF0C
+please\ sign\ in.=\u8BF7\u767B\u9646
+
+Username=\u7528\u6237\u540D
+Full\ name=\u5168\u79F0
+Email=\u90AE\u7BB1
+Enter\ text\ as\ shown=\u8F93\u5165\u663E\u793A\u7684\u6587\u672C
+Password=\u5BC6\u7801
+Show=\u663E\u793A
+Strength=\u5F3A\u5EA6
+Create\ account=\u521B\u5EFA\u8D26\u53F7
+A\ strong\ password\ is\ a\ long\ password\ that's\ unique\ for\ every\ site.\ Try\ using\ a\ phrase\ with\ 5-6\ words\ for\ the\ best\ security.=\u9AD8\u5F3A\u5EA6\u7684\u5BC6\u7801\u5E94\u8BE5\u662F\u6BD4\u8F83\u957F\uFF0C\u800C\u4E14\u6BCF\u4E2A\u7F51\u7AD9\u90FD\u662F\u552F\u4E00\u7684\u3002\u8BF7\u53C2\u8BD5\u4F7F\u75285\uFF5E6\u4E2A\u5B57\u7B26\u7684\u5B89\u5168\u5BC6\u7801\u3002
+Strong=\u5F3A
+Moderate=\u9002\u4E2D
+Weak=\u5F31
+Poor=\u5F88\u5F31
diff --git a/core/src/main/resources/hudson/security/SecurityRealm/signup_zh_CN.properties b/core/src/main/resources/hudson/security/SecurityRealm/signup_zh_CN.properties
new file mode 100644
index 0000000000..a1792959d4
--- /dev/null
+++ b/core/src/main/resources/hudson/security/SecurityRealm/signup_zh_CN.properties
@@ -0,0 +1,25 @@
+# The MIT License
+# 
+# Copyright (c) 2018, suren <zxjlwt@126.com>
+# 
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+# 
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Signup\ not\ supported=\u4E0D\u652F\u6301\u6CE8\u518C
+Sign\ up=\u6CE8\u518C
+This\ is\ not\ supported\ in\ the\ current\ configuration.=\u5F53\u524D\u914D\u7F6E\u4E2D\u4E0D\u652F\u6301\u3002
-- 
GitLab


From caf3e0808906929d52105dca4af197c569270a38 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Thu, 19 Jul 2018 14:56:27 -0400
Subject: [PATCH 611/863] [JENKINS-52665] Treat plugin dependency mismatches
 involving snapshots as nonfatal.

---
 core/src/main/java/hudson/PluginWrapper.java  | 31 ++++++++++++++-----
 .../test/java/hudson/PluginWrapperTest.java   | 17 ++++++++--
 2 files changed, 38 insertions(+), 10 deletions(-)

diff --git a/core/src/main/java/hudson/PluginWrapper.java b/core/src/main/java/hudson/PluginWrapper.java
index 64238fbe5c..363d588f0a 100644
--- a/core/src/main/java/hudson/PluginWrapper.java
+++ b/core/src/main/java/hudson/PluginWrapper.java
@@ -36,7 +36,6 @@ import jenkins.model.Jenkins;
 import hudson.model.UpdateCenter;
 import hudson.model.UpdateSite;
 import hudson.util.VersionNumber;
-import org.jvnet.localizer.ResourceBundleHolder;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.DoNotUse;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
@@ -54,7 +53,6 @@ import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
 import java.io.Closeable;
 import java.io.File;
-import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.OutputStream;
 import java.net.URL;
@@ -64,7 +62,6 @@ import java.util.Collection;
 import java.util.Collections;
 import java.util.Enumeration;
 import java.util.HashMap;
-import java.util.HashSet;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
@@ -600,7 +597,7 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
             } else {
                 VersionNumber actualVersion = Jenkins.getVersion();
                 if (actualVersion.isOlderThan(new VersionNumber(requiredCoreVersion))) {
-                    dependencyErrors.put(Messages.PluginWrapper_obsoleteCore(Jenkins.getVersion().toString(), requiredCoreVersion), false);
+                    versionDependencyError(Messages.PluginWrapper_obsoleteCore(Jenkins.getVersion().toString(), requiredCoreVersion), Jenkins.getVersion().toString(), requiredCoreVersion);
                 }
             }
         }
@@ -618,11 +615,11 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
             } else {
                 if (dependency.isActive()) {
                     if (isDependencyObsolete(d, dependency)) {
-                        dependencyErrors.put(Messages.PluginWrapper_obsolete(dependency.getLongName(), dependency.getVersion(), d.version), false);
+                        versionDependencyError(Messages.PluginWrapper_obsolete(dependency.getLongName(), dependency.getVersion(), d.version), dependency.getVersion(), d.version);
                     }
                 } else {
                     if (isDependencyObsolete(d, dependency)) {
-                        dependencyErrors.put(Messages.PluginWrapper_disabledAndObsolete(dependency.getLongName(), dependency.getVersion(), d.version), false);
+                        versionDependencyError(Messages.PluginWrapper_disabledAndObsolete(dependency.getLongName(), dependency.getVersion(), d.version), dependency.getVersion(), d.version);
                     } else {
                         dependencyErrors.put(Messages.PluginWrapper_disabled(dependency.getLongName()), false);
                     }
@@ -635,7 +632,7 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
             PluginWrapper dependency = parent.getPlugin(d.shortName);
             if (dependency != null && dependency.isActive()) {
                 if (isDependencyObsolete(d, dependency)) {
-                    dependencyErrors.put(Messages.PluginWrapper_obsolete(dependency.getLongName(), dependency.getVersion(), d.version), false);
+                    versionDependencyError(Messages.PluginWrapper_obsolete(dependency.getLongName(), dependency.getVersion(), d.version), dependency.getVersion(), d.version);
                 } else {
                     dependencies.add(d);
                 }
@@ -660,6 +657,26 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
         return ENABLE_PLUGIN_DEPENDENCIES_VERSION_CHECK && dependency.getVersionNumber().isOlderThan(new VersionNumber(d.version));
     }
 
+    /**
+     * Called when there appears to be a core or plugin version which is too old for a stated dependency.
+     * Normally records an error in {@link #dependencyErrors}.
+     * But if one or both versions {@link #isSnapshot}, just issue a warning (JENKINS-52665).
+     */
+    private void versionDependencyError(String message, String actual, String minimum) {
+        if (isSnapshot(actual) || isSnapshot(minimum)) {
+            LOGGER.log(WARNING, "Suppressing dependency error in {0} v{1}: {2}", new Object[] {getLongName(), getVersion(), message});
+        } else {
+            dependencyErrors.put(message, false);
+        }
+    }
+
+    /**
+     * Similar to {@code org.apache.maven.artifact.ArtifactUtils.isSnapshot}.
+     */
+    static boolean isSnapshot(@Nonnull String version) {
+        return version.contains("-SNAPSHOT") || version.matches(".+-[0-9]{8}.[0-9]{6}-[0-9]+");
+    }
+
     /**
      * If the plugin has {@link #getUpdateInfo() an update},
      * returns the {@link hudson.model.UpdateSite.Plugin} object.
diff --git a/core/src/test/java/hudson/PluginWrapperTest.java b/core/src/test/java/hudson/PluginWrapperTest.java
index 177cdf834b..e15c803dca 100644
--- a/core/src/test/java/hudson/PluginWrapperTest.java
+++ b/core/src/test/java/hudson/PluginWrapperTest.java
@@ -15,9 +15,8 @@ import org.mockito.invocation.InvocationOnMock;
 import org.mockito.stubbing.Answer;
 
 import static org.hamcrest.CoreMatchers.containsString;
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.fail;
+import static org.junit.Assert.*;
+import org.jvnet.hudson.test.Issue;
 import static org.mockito.Matchers.any;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
@@ -180,4 +179,16 @@ public class PluginWrapperTest {
             );
         }
     }
+
+    @Issue("JENKINS-52665")
+    @Test
+    public void isSnapshot() {
+        assertFalse(PluginWrapper.isSnapshot("1.0"));
+        assertFalse(PluginWrapper.isSnapshot("1.0-alpha-1"));
+        assertFalse(PluginWrapper.isSnapshot("1.0-rc9999.abc123def456"));
+        assertTrue(PluginWrapper.isSnapshot("1.0-SNAPSHOT"));
+        assertTrue(PluginWrapper.isSnapshot("1.0-20180719.153600-1"));
+        assertTrue(PluginWrapper.isSnapshot("1.0-SNAPSHOT (private-abcd1234-jqhacker)"));
+    }
+
 }
-- 
GitLab


From a26c61c08deaafd61dc41b7c22a1c85e48582a03 Mon Sep 17 00:00:00 2001
From: suren <zxjlwt@126.com>
Date: Fri, 20 Jul 2018 11:41:16 +0800
Subject: [PATCH 612/863] Fixes broken translation

---
 .../src/main/resources/hudson/model/User/index_zh_CN.properties | 2 +-
 .../hudson/model/View/AsynchPeople/index_zh_CN.properties       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/src/main/resources/hudson/model/User/index_zh_CN.properties b/core/src/main/resources/hudson/model/User/index_zh_CN.properties
index a4f9f03909..bf545f3ff2 100644
--- a/core/src/main/resources/hudson/model/User/index_zh_CN.properties
+++ b/core/src/main/resources/hudson/model/User/index_zh_CN.properties
@@ -20,4 +20,4 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Jenkins\ User\ Id=Jenkins \u7528\u6237 Id
+Jenkins\ User\ ID=Jenkins \u7528\u6237 ID
diff --git a/core/src/main/resources/hudson/model/View/AsynchPeople/index_zh_CN.properties b/core/src/main/resources/hudson/model/View/AsynchPeople/index_zh_CN.properties
index acaa864942..33e44e8e49 100644
--- a/core/src/main/resources/hudson/model/View/AsynchPeople/index_zh_CN.properties
+++ b/core/src/main/resources/hudson/model/View/AsynchPeople/index_zh_CN.properties
@@ -24,7 +24,7 @@ Last\ Active=\u6700\u540E\u6D3B\u52A8\u65F6\u95F4
 Name=\u540D\u79F0
 On=\u5728\u7EBF
 People=\u7528\u6237
-User\ Id=\u7528\u6237\u6807\u8BC6
+User\ ID=\u7528\u6237 ID
 blurb=\u5305\u542B\u6240\u6709\u5DF2\u77E5\u201C\u7528\u6237\u201D\uFF0C\u5305\u62EC\u5F53\u524D\u5B89\u5168\u57DF\u4E2D\u7684\u767B\u5F55ID\u548C\u5728\u53D8\u66F4\u8BB0\u5F55\u7684\u63D0\u4EA4\u4FE1\u7684\u606F\u91CC\u7684\u4EBA
 All\ People=\u6240\u6709\u4EBA
 Last\ Commit\ Activity=\u4E0A\u6B21\u63D0\u4EA4\u6D3B\u52A8
-- 
GitLab


From 2a37424e5f8391d49b69451b2c54953d74c6e996 Mon Sep 17 00:00:00 2001
From: suren <zxjlwt@126.com>
Date: Fri, 20 Jul 2018 11:51:41 +0800
Subject: [PATCH 613/863] Add transaltion for maven configure

---
 .../config_zh_CN.properties                   | 23 ++++++++++++++++
 .../config_zh_CN.properties                   | 23 ++++++++++++++++
 .../GlobalMavenConfig/config_zh_CN.properties | 25 +++++++++++++++++
 .../jenkins/mvn/Messages_zh_CN.properties     | 27 +++++++++++++++++++
 4 files changed, 98 insertions(+)
 create mode 100644 core/src/main/resources/jenkins/mvn/FilePathGlobalSettingsProvider/config_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/mvn/FilePathSettingsProvider/config_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/mvn/GlobalMavenConfig/config_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/mvn/Messages_zh_CN.properties

diff --git a/core/src/main/resources/jenkins/mvn/FilePathGlobalSettingsProvider/config_zh_CN.properties b/core/src/main/resources/jenkins/mvn/FilePathGlobalSettingsProvider/config_zh_CN.properties
new file mode 100644
index 0000000000..27c372ccea
--- /dev/null
+++ b/core/src/main/resources/jenkins/mvn/FilePathGlobalSettingsProvider/config_zh_CN.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright 2018, suren
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+File\ path=\u6587\u4EF6\u8DEF\u5F84
diff --git a/core/src/main/resources/jenkins/mvn/FilePathSettingsProvider/config_zh_CN.properties b/core/src/main/resources/jenkins/mvn/FilePathSettingsProvider/config_zh_CN.properties
new file mode 100644
index 0000000000..27c372ccea
--- /dev/null
+++ b/core/src/main/resources/jenkins/mvn/FilePathSettingsProvider/config_zh_CN.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright 2018, suren
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+File\ path=\u6587\u4EF6\u8DEF\u5F84
diff --git a/core/src/main/resources/jenkins/mvn/GlobalMavenConfig/config_zh_CN.properties b/core/src/main/resources/jenkins/mvn/GlobalMavenConfig/config_zh_CN.properties
new file mode 100644
index 0000000000..cf7aa39622
--- /dev/null
+++ b/core/src/main/resources/jenkins/mvn/GlobalMavenConfig/config_zh_CN.properties
@@ -0,0 +1,25 @@
+# The MIT License
+#
+# Copyright 2018, suren
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Maven\ Configuration=Maven \u914D\u7F6E
+Default\ settings\ provider=\u9ED8\u8BA4 settings \u63D0\u4F9B
+Default\ global\ settings\ provider=\u9ED8\u8BA4\u5168\u5C40 settings \u63D0\u4F9B
diff --git a/core/src/main/resources/jenkins/mvn/Messages_zh_CN.properties b/core/src/main/resources/jenkins/mvn/Messages_zh_CN.properties
new file mode 100644
index 0000000000..4a830b4b4d
--- /dev/null
+++ b/core/src/main/resources/jenkins/mvn/Messages_zh_CN.properties
@@ -0,0 +1,27 @@
+# The MIT License
+#
+# Copyright 2018, suren
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+DefaultSettingsProvider.DisplayName=\u4F7F\u7528\u9ED8\u8BA4 Maven \u8BBE\u7F6E
+DefaultGlobalSettingsProvider.DisplayName=\u4F7F\u7528\u9ED8\u8BA4 Maven \u5168\u5C40\u8BBE\u7F6E
+FilePathGlobalSettingsProvider.DisplayName=\u6587\u4EF6\u7CFB\u7EDF\u4E2D\u7684\u5168\u5C40 settings \u6587\u4EF6
+FilePathSettingsProvider.DisplayName=\u6587\u4EF6\u7CFB\u7EDF\u4E2D\u7684 settings \u6587\u4EF6
+
-- 
GitLab


From c531181e55b3ecdc63e7bf1b853403eb7751c565 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 22 Jul 2018 17:14:29 -0700
Subject: [PATCH 614/863] [maven-release-plugin] prepare release jenkins-2.134

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d54dac5918..20e511659f 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.134</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 3ad3f09029..6c4dfb151a 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.134</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 874989c453..790ec83e2c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.134</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.134</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..f25ef3c2af 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.134</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 5c3b3557ca..4c94c836d9 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.134</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From a7b7ec950c9227af082d309a6c984ee00969ee32 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 22 Jul 2018 17:14:29 -0700
Subject: [PATCH 615/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 20e511659f..56a2e021a7 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.134</version>
+    <version>2.135-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 6c4dfb151a..85465eac6f 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.134</version>
+    <version>2.135-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 790ec83e2c..27acaf0972 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.134</version>
+  <version>2.135-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.134</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index f25ef3c2af..8bfecc2a3d 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.134</version>
+    <version>2.135-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 4c94c836d9..7e8e7ccd84 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.134</version>
+    <version>2.135-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 1a11fa39b567fd7ff64e61fab23aa18a123f2d97 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 22 Jul 2018 17:23:04 -0700
Subject: [PATCH 616/863] mvn incrementals:reincrementalify

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 56a2e021a7..d54dac5918 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.135-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 85465eac6f..3ad3f09029 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.135-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 27acaf0972..0bb2f2724a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.135-SNAPSHOT</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.134</revision>
+    <revision>2.135</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 8bfecc2a3d..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.135-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 7e8e7ccd84..5c3b3557ca 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.135-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From cea88e0440345bc64498f98b42432338d7b842ea Mon Sep 17 00:00:00 2001
From: amuniz <amuniz@cloudbees.com>
Date: Tue, 24 Jul 2018 11:06:13 +0200
Subject: [PATCH 617/863] [JENKINS-52718] InstallState API should not be
 Restricted

---
 core/src/main/java/jenkins/model/Jenkins.java | 2 --
 1 file changed, 2 deletions(-)

diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index 4dfc9cd526..16b41e8cc4 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -1015,7 +1015,6 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
      * @return The Jenkins {@link jenkins.install.InstallState install state}.
      */
     @Nonnull
-    @Restricted(NoExternalUse.class)
     public InstallState getInstallState() {
         if (installState != null) {
             installStateName = installState.name();
@@ -1029,7 +1028,6 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
      * Update the current install state. This will invoke state.initializeState() 
      * when the state has been transitioned.
      */
-    @Restricted(NoExternalUse.class)
     public void setInstallState(@Nonnull InstallState newState) {
         String prior = installStateName;
         installStateName = newState.name();
-- 
GitLab


From 33155b16ea3eaf2761d9408d0ecb3166cefeed32 Mon Sep 17 00:00:00 2001
From: Devin Nusbaum <d.w.nusbaum@gmail.com>
Date: Tue, 24 Jul 2018 17:32:48 -0400
Subject: [PATCH 618/863] Prevent flyweight tasks for jobs with concurrent
 execution disabled from running concurrently

---
 core/src/main/java/hudson/model/Queue.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/model/Queue.java b/core/src/main/java/hudson/model/Queue.java
index dd674cf074..121e3e6f30 100644
--- a/core/src/main/java/hudson/model/Queue.java
+++ b/core/src/main/java/hudson/model/Queue.java
@@ -1470,7 +1470,7 @@ public class Queue extends ResourceController implements Saveable {
             {// update parked (and identify any pending items whose executor has disappeared)
                 List<BuildableItem> lostPendings = new ArrayList<BuildableItem>(pendings);
                 for (Computer c : jenkins.getComputers()) {
-                    for (Executor e : c.getExecutors()) {
+                    for (Executor e : c.getAllExecutors()) {
                         if (e.isInterrupted()) {
                             // JENKINS-28840 we will deadlock if we try to touch this executor while interrupt flag set
                             // we need to clear lost pendings as we cannot know what work unit was on this executor
-- 
GitLab


From e67131c6fcca540c6dfcba19676c83b7cb262c8e Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Wed, 25 Jul 2018 14:56:32 +0200
Subject: [PATCH 619/863] Add missing javadoc for second parameter

---
 core/src/main/java/jenkins/ExtensionFilter.java | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/jenkins/ExtensionFilter.java b/core/src/main/java/jenkins/ExtensionFilter.java
index 1f3ec5c886..1b4b55ffda 100644
--- a/core/src/main/java/jenkins/ExtensionFilter.java
+++ b/core/src/main/java/jenkins/ExtensionFilter.java
@@ -63,8 +63,9 @@ public abstract class ExtensionFilter implements ExtensionPoint {
      * @param type
      *      The type of the extension that we are discovering. This is not the actual instance
      *      type, but the contract type, such as {@link Descriptor}, {@link AdministrativeMonitor}, etc.
+     * @param component the actual discovered {@link hudson.Extension} object.
      * @return
-     *      true to let the component into Jenkins. false to drop it and pretend
+     *      <code>true</code> to let the component into Jenkins. <code>false</code> to drop it and pretend
      *      as if it didn't exist. When any one of {@link ExtensionFilter}s veto
      *      a component, it gets dropped.
      */
-- 
GitLab


From 2c317e60b28a7b8b05acaab404181517a37c16d8 Mon Sep 17 00:00:00 2001
From: suren <zxjlwt@126.com>
Date: Wed, 25 Jul 2018 21:10:38 +0800
Subject: [PATCH 620/863] Add translation for api token (#3552)

* Add translation for api token

* Change the expression
---
 .../ApiTokenProperty/config_zh_CN.properties  | 47 ++++++++++++++
 .../security/Messages_zh_CN.properties        | 31 ++++++++++
 .../config_zh_CN.properties                   | 25 ++++++++
 .../message_zh_CN.properties                  | 27 ++++++++
 .../message_zh_CN.properties                  | 27 ++++++++
 .../manage.jelly                              |  8 +--
 .../manage_zh_CN.properties                   | 61 +++++++++++++++++++
 .../message_zh_CN.properties                  | 25 ++++++++
 .../apitoken/Messages_zh_CN.properties        | 25 ++++++++
 9 files changed, 272 insertions(+), 4 deletions(-)
 create mode 100644 core/src/main/resources/jenkins/security/ApiTokenProperty/config_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/security/Messages_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/security/apitoken/Messages_zh_CN.properties

diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config_zh_CN.properties b/core/src/main/resources/jenkins/security/ApiTokenProperty/config_zh_CN.properties
new file mode 100644
index 0000000000..c4bb98365d
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config_zh_CN.properties
@@ -0,0 +1,47 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+TokenDisplayedOnce=\u7ACB\u523B\u62F7\u8D1D\u8BE5 Token\uFF0C\u56E0\u4E3A\u4EE5\u540E\u5C06\u65E0\u6CD5\u83B7\u53D6\u5B83\u3002
+AddNewToken=\u6DFB\u52A0\u65B0 Token
+GenerateNewToken=\u751F\u6210
+RevokeToken=\u5220\u9664\u8BE5 token
+NoTokenYet=\u6CA1\u6709\u5C5E\u4E8E\u5F53\u524D\u7528\u6237\u540D\u7684 Token
+TokenLastUse=\u4F7F\u7528\u4E86 <b>{0}</b> \u6B21\uFF0C\u6700\u8FD1\u4E00\u6B21\u662F <b>{1}</b> \u5929\u524D
+StatisticsDisabled=\u65E0\u7EDF\u8BA1\u4FE1\u606F
+StatisticsDisabled.Title=Token \u4F7F\u7528\u7EDF\u8BA1\u529F\u80FD\u88AB\u7981\u7528
+TokenNeverUsed=\u4ECE\u672A\u4F7F\u7528
+TokenNeverUsedTooltip=\u6CA1\u6709 Token \u7684\u6700\u540E\u4F7F\u7528\u65F6\u95F4
+TokenNeverUsed.Title=\u6211\u4EEC\u5F3A\u70C8\u5EFA\u8BAE\u4F60\u5220\u9664\u4E0D\u8BA1\u5212\u4F7F\u7528\u7684 Token
+ConfirmRevokeSingle=\u60A8\u786E\u5B9A\u8981\u5220\u9664\u8BE5 Token \u5417\uFF1F\u5DF2\u7ECF\u4F7F\u7528\u4E86\u5B83\u7684\u5E94\u7528\u5C06\u4F1A\u53D1\u751F\u9519\u8BEF\u3002
+CurrentTokens=\u5F53\u524D Token
+TokenCreation={0} \u5929\u524D\u521B\u5EFA
+RenameToken=\u4FDD\u5B58 token \u4E3A\u65B0\u7684\u540D\u79F0
+LegacyToken=\u6211\u4EEC\u5F3A\u70C8\u5EFA\u8BAE\u4F60\u5220\u9664\u8FD9\u4E2A\u9057\u7559 Token \uFF0C\u5E76\u4E3A\u4E86\u589E\u52A0\u5B89\u5168\u6027\u4F7F\u7528\u65B0\u751F\u6210\u7684 Token\u3002
+NoLegacyToken=\u5F53\u524D\u7528\u6237\u8FD8\u6CA1\u6709\u9057\u7559\u7684 Token
+RevokedToken=\u9057\u7559\u7684 Token \u88AB\u5220\u9664
+NoCreationDate=\u8BE5 Token \u6CA1\u6709\u521B\u5EFA\u65F6\u95F4
+NoCreationDateValue=\u672A\u77E5
+Default\ name=\u9ED8\u8BA4\u540D\u79F0
+Cancel=\u53D6\u6D88
+Show\ Legacy\ API\ Token=\u663E\u793A\u9057\u7559\u7684 API Token
+Legacy\ API\ Token=\u9057\u7559\u7684 API Token
+Change\ API\ Token=\u4FEE\u6539 API Token
diff --git a/core/src/main/resources/jenkins/security/Messages_zh_CN.properties b/core/src/main/resources/jenkins/security/Messages_zh_CN.properties
new file mode 100644
index 0000000000..5f47ee3166
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/Messages_zh_CN.properties
@@ -0,0 +1,31 @@
+# The MIT License
+#
+# Copyright 2018, suren <zxjlwt@126.com>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+ApiTokenProperty.DisplayName=API Token
+ApiTokenProperty.ChangeToken.TokenIsHidden=Token \u88AB\u9690\u85CF
+ApiTokenProperty.ChangeToken.Success=<div>\u5DF2\u66F4\u65B0\u3002\u5728\u4E0A\u9762\u7684\u5B57\u6BB5\u67E5\u770B\u65B0\u7684 Token</div>
+ApiTokenProperty.ChangeToken.SuccessHidden=<div>\u5DF2\u66F4\u65B0\u3002\u4F60\u9700\u8981\u4EE5\u8BE5\u7528\u6237\u767B\u9646\u624D\u80FD\u67E5\u770B\u8BE5 Token</div>
+ApiTokenProperty.ChangeToken.CapabilityNotAllowed=<div>\u5728\u5B89\u5168\u914D\u7F6E\u4E2D\uFF0C\u5DF2\u7ECF\u7981\u6B62\u751F\u6210\u4E00\u4E2A\u9057\u7559\u7684 Token</div>
+ApiTokenProperty.LegacyTokenName=\u9057\u7559 Token
+ApiTokenProperty.NoLegacyToken=\u5F53\u524D\u7528\u6237\u6CA1\u6709\u9057\u7559 Token
+RekeySecretAdminMonitor.DisplayName=Re-keying
+UpdateSiteWarningsMonitor.DisplayName=\u7AD9\u70B9\u66F4\u65B0\u8B66\u544A
diff --git a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config_zh_CN.properties b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config_zh_CN.properties
new file mode 100644
index 0000000000..ffdfdcdd82
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config_zh_CN.properties
@@ -0,0 +1,25 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+tokenGenerationOnCreationEnabled=\u4E3A\u6BCF\u4E2A\u65B0\u521B\u5EFA\u7684\u7528\u6237\u751F\u6210\u4E00\u4E2A\u9057\u7559\u7684 API token \uFF08\u4E0D\u5EFA\u8BAE\uFF09
+creationOfLegacyTokenEnabled=\u5141\u8BB8\u7528\u6237\u624B\u52A8\u521B\u5EFA\u4E00\u4E2A\u9057\u7559\u7684 API token \uFF08\u4E0D\u5EFA\u8BAE\uFF09
+usageStatisticsEnabled=\u542F\u7528 API Token \u4F7F\u7528\u7EDF\u8BA1
diff --git a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message_zh_CN.properties b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message_zh_CN.properties
new file mode 100644
index 0000000000..caf7f6155a
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message_zh_CN.properties
@@ -0,0 +1,27 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+warningMessage=\u4E3A\u6BCF\u4E2A\u65B0\u521B\u5EFA\u7684\u7528\u6237\u751F\u6210\u4E00\u4E2A\u9057\u7559\u7684 API Token.<br/>\
+  \u8BE5\u884C\u4E3A\u662F\u4E3A\u4E86\u5411\u540E\u517C\u5BB9\uFF0C\u4F46\u662F\u9057\u7559\u7684 API Token \u5DF2\u7ECF\u88AB\u5F03\u7528\uFF0C\u5E76\u4E14\u4E0D\u63A8\u8350\u957F\u671F\u4F7F\u7528\u3002<br/>\
+  \u5E94\u8BE5\u6839\u636E\u9700\u8981\u5728\u7528\u6237\u914D\u7F6E\u9875\u9762\u751F\u6210 API Tokens.
+Disable\ automatic\ generation\ of\ legacy\ API\ tokens=\u7981\u6B62\u81EA\u52A8\u751F\u6210\u9057\u7559 API Token
+Dismiss=\u4E0D\u518D\u663E\u793A
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message_zh_CN.properties b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message_zh_CN.properties
new file mode 100644
index 0000000000..45f475a615
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message_zh_CN.properties
@@ -0,0 +1,27 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+warningMessage=\u7528\u6237\u53EF\u4EE5\u751F\u6210\u4E00\u4E2A\u65B0\u7684\u9057\u7559 API Token.<br/>\
+  \u8BE5\u884C\u4E3A\u662F\u4E3A\u4E86\u5411\u540E\u517C\u5BB9\uFF0C\u4F46\u662F\u9057\u7559\u7684 API Token \u5DF2\u7ECF\u88AB\u5F03\u7528\uFF0C\u5E76\u4E14\u4E0D\u63A8\u8350\u957F\u671F\u4F7F\u7528\u3002<br/>\
+  \u5E94\u8BE5\u6839\u636E\u9700\u8981\u5728\u7528\u6237\u914D\u7F6E\u9875\u9762\u751F\u6210 API Tokens.
+Prevent\ users\ from\ manually\ creating\ legacy\ API\ tokens=\u963B\u6B62\u7528\u6237\u624B\u52A8\u521B\u5EFA\u9057\u7559 API Token
+Dismiss=\u4E0D\u518D\u663E\u793A
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
index 7740572ea5..9ec9a34d74 100644
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage.jelly
@@ -146,10 +146,10 @@ THE SOFTWARE.
                 </table>
                 
                 <div class="selection-panel">
-                    Select:
-                    <a href="#" class="action" onclick="selectAll(this);return false;">all</a>
-                    <a href="#" class="action" onclick="selectFresh(this);return false;">only fresh</a>
-                    <a href="#" class="action" onclick="selectRecent(this);return false;">only recent</a>
+                    ${%Select}:
+                    <a href="#" class="action" onclick="selectAll(this);return false;">${%all}</a>
+                    <a href="#" class="action" onclick="selectFresh(this);return false;">${%only fresh}</a>
+                    <a href="#" class="action" onclick="selectRecent(this);return false;">${%only recent}</a>
                 </div>
                 
                 <div class="action-panel">
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage_zh_CN.properties b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage_zh_CN.properties
new file mode 100644
index 0000000000..b575a8d42f
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage_zh_CN.properties
@@ -0,0 +1,61 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+title=\u7BA1\u7406\u9057\u7559\u7684 API Token \u4F7F\u7528
+contextMessage=\u4E0B\u5217\u7528\u6237\u62E5\u6709\u4E00\u4E2A\u9057\u7559\u7684 API Token. \
+  \u7531\u4E8E\u9057\u7559 Token \u662F\u4EE5\u53EF\u6062\u590D\u7684\u683C\u5F0F\u5B58\u50A8\u7684\uFF0C\u6211\u4EEC\u5EFA\u8BAE\u8FC1\u79FB\u5230\u65B0\u7684 API Token \u7CFB\u7EDF\u3002 \
+  \u53E6\u5916\uFF0C\u5728\u4E4B\u524D\u7248\u672C\u7684 Jenkins \u4E2D\uFF0C\u4F1A\u4E3A\u6BCF\u4E2A\u65B0\u7528\u6237\u81EA\u52A8\u521B\u5EFA API Token. \
+  \u901A\u5E38\u60C5\u51B5\u4E0B\uFF0C\u7528\u6237\u4E0D\u4F1A\u4F7F\u7528\u8FD9\u4E9B Token\uFF0C\u5BFC\u81F4\u66F4\u52A0\u5BB9\u6613\u88AB\u653B\u51FB\u3002 \
+  \u81EA\u52A8\u751F\u6210 Token \u7684\u542F\u7528\u5FC5\u987B\u660E\u786E\u3002
+recommendationMessage=\u56E0\u6B64\uFF0C\u6211\u4EEC\u5EFA\u8BAE\u4F60\uFF1A\
+<ul>\
+  <li>\u79FB\u9664\u4ECE\u672A\u4F7F\u7528\u7684 Token</li>\
+  <li>\u5F53\u524D\u5728\u4F7F\u7528\u9057\u7559 Token \u7684\u7528\u6237\uFF0C\u4F7F\u7528\u65B0\u7CFB\u7EDF\u751F\u6210 Token\uFF0C\u5E76\u79FB\u9664\u4ED6\u4EEC\u7684\u9057\u7559 Token</li>\
+</ul>
+UserId=\u7528\u6237 ID
+UserFullName=\u7528\u6237\u5168\u79F0
+TokenName=Token \u540D\u79F0
+NumDaysSinceCreation=\u8DDD\u79BB\u521B\u5EFA\u65F6\u7684\u5929\u6570
+NumOfUse=# \u4F7F\u7528\u6570
+NumDaysSinceLastUse=\u8DDD\u79BB\u6700\u8FD1\u4E00\u6B21\u4F7F\u7528\u7684\u5929\u6570
+HasFreshToken=\u65B0\u7684 token?
+HasFreshToken_tooltip=\u4E00\u4E2A\u6700\u8FD1\u4F7F\u7528\u7684\u65B0\u7684 Token \u662F\u7531\u65B0\u7CFB\u7EDF\u521B\u5EFA\u5E76\u6700\u8FD1\u4F7F\u7528\u4E86\u7684\uFF0C\u800C\u4E0D\u662F\u7528\u6237\u7684\u9057\u7559 Token. \n\
+  \u6CE8\u610F\uFF1A\u9057\u7559 Token \u7684\u521B\u5EFA\u65F6\u95F4\u5728\u6BCF\u6B21 Jenkins \u91CD\u542F\u540E\u4F1A\u88AB\u91CD\u7F6E\uFF0C\u4E5F\u5C31\u610F\u5473\u7740\u8BE5\u65F6\u95F4\u662F\u4E0D\u51C6\u786E\u7684\u3002
+HasFreshToken_ok_tooltip=\u8BE5\u7528\u6237\u6709\u4E00\u4E2A\u65B0\u7684 Token
+HasFreshToken_warning_tooltip=\u8BE5\u7528\u6237\u6CA1\u6709\u65B0\u7684 Token
+HasMoreRecentlyUsedToken=\u6700\u8FD1\u7528\u8FC7\u7684 Token?
+HasMoreRecentlyUsedToken_tooltip=\u4E00\u4E2A\u6700\u8FD1\u4F7F\u7528\u7684 Token \u662F\u7531\u65B0\u7CFB\u7EDF\u521B\u5EFA\u5E76\u6700\u8FD1\u4F7F\u7528\u4E86\u7684\uFF0C\u800C\u4E0D\u662F\u7528\u6237\u7684\u9057\u7559 Token. \n\
+  \u6CE8\u610F\uFF1A\u9057\u7559 Token \u7684\u521B\u5EFA\u65F6\u95F4\u5728\u6BCF\u6B21 Jenkins \u91CD\u542F\u540E\u4F1A\u88AB\u91CD\u7F6E\uFF0C\u4E5F\u5C31\u610F\u5473\u7740\u8BE5\u65F6\u95F4\u662F\u4E0D\u51C6\u786E\u7684\u3002
+HasMoreRecentlyUsedToken_ok_tooltip=\u8BE5\u7528\u6237\u6709\u4E00\u4E2A\u6700\u8FD1\u7528\u7684 Token
+HasMoreRecentlyUsedToken_warning_tooltip=\u8BE5\u7528\u6237\u6CA1\u6709\u6700\u8FD1\u7528\u8FC7\u7684 Token
+NoImpactedUser=\u6CA1\u6709\u7528\u6237\u4F7F\u7528\u9057\u7559 Token
+NoCreationDate=\u8BE5 Token \u6CA1\u6709\u521B\u5EFA\u65F6\u95F4
+NoCreationDateValue=\u672A\u77E5
+NoLastUse=\u8BE5 Token \u6CA1\u6709\u6700\u8FD1\u4F7F\u7528\u65F6\u95F4
+NoLastUseValue=\u4ECE\u672A\u4F7F\u7528
+RevokeAllSelected=\u79FB\u9664\u6240\u9009\u7684 Token
+RevokeAllSelected_confirm=\u4F60\u786E\u5B9A\u8981\u79FB\u9664\u6240\u9009 %num% \u7684 Token\u5417\uFF1F
+RevokeAllSelected_nothing=\u6CA1\u6709\u9009\u62E9 Token\uFF0C\u8BF7\u81F3\u5C11\u9009\u62E9\u4E00\u4E2A Token \u6765\u79FB\u9664
+Select=\u9009\u62E9
+only\ recent=\u4EC5\u6700\u8FD1\u7528\u8FC7\u7684
+only\ fresh=\u4EC5\u65B0\u7684
+all=\u6240\u6709
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message_zh_CN.properties b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message_zh_CN.properties
new file mode 100644
index 0000000000..1ac094b36a
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message_zh_CN.properties
@@ -0,0 +1,25 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+warningMessage=\u90E8\u5206\u7528\u6237\u4ECD\u7136\u5728\u4F7F\u7528\u9057\u7559 API token. \
+  \u5B83\u4E0D\u5982\u65B0\u7684\u5B89\u5168\uFF0C\u56E0\u4E3A\u9057\u7559\u7684 Token \u53EF\u4EE5\u5728\u78C1\u76D8\u4E0A\u6062\u590D\u3002 <br />\
+  \u67E5\u770B <a href="{0}/{1}/manage">\u53D7\u5F71\u54CD\u7684\u7528\u6237\u5217\u8868</a>\u3002
diff --git a/core/src/main/resources/jenkins/security/apitoken/Messages_zh_CN.properties b/core/src/main/resources/jenkins/security/apitoken/Messages_zh_CN.properties
new file mode 100644
index 0000000000..648bfa9dc8
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/apitoken/Messages_zh_CN.properties
@@ -0,0 +1,25 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+ApiTokenPropertyDisabledDefaultAdministrativeMonitor.displayName=\u9ED8\u8BA4\u6CA1\u6709\u751F\u6210\u9057\u7559 API Token
+ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor.displayName=\u5373\u4F7F\u4E0D\u5B58\u5728\u9057\u7559 API Token \u4E5F\u53EF\u4EE5\u88AB\u521B\u5EFA
+LegacyApiTokenAdministrativeMonitor.displayName=\u9057\u7559 API Token \u4F7F\u7528
-- 
GitLab


From eb39e8d51cced45be978ad4a40de38af956d8651 Mon Sep 17 00:00:00 2001
From: Devin Nusbaum <d.w.nusbaum@gmail.com>
Date: Wed, 25 Jul 2018 11:17:06 -0400
Subject: [PATCH 621/863] Add regression test for JENKINS-41127

---
 .../src/test/java/hudson/model/QueueTest.java | 26 +++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/test/src/test/java/hudson/model/QueueTest.java b/test/src/test/java/hudson/model/QueueTest.java
index 27cfea5850..67b20a3ae2 100644
--- a/test/src/test/java/hudson/model/QueueTest.java
+++ b/test/src/test/java/hudson/model/QueueTest.java
@@ -123,6 +123,7 @@ import java.util.concurrent.TimeoutException;
 import java.util.concurrent.atomic.AtomicInteger;
 import java.util.logging.Level;
 
+import static org.hamcrest.Matchers.contains;
 import static org.hamcrest.Matchers.nullValue;
 import static org.junit.Assert.*;
 import org.junit.Ignore;
@@ -458,6 +459,31 @@ public class QueueTest {
         assert task.exec instanceof OneOffExecutor : task.exec;
     }
 
+    @Issue("JENKINS-41127")
+    @Test public void flyweightTasksUnwantedConcurrency() throws Exception {
+        Label label = r.jenkins.getSelfLabel();
+        AtomicInteger cnt = new AtomicInteger();
+        TestFlyweightTask task1 = new TestFlyweightTask(cnt, label);
+        TestFlyweightTask task2 = new TestFlyweightTask(cnt, label);
+        assertFalse(task1.isConcurrentBuild());
+        assertFalse(task2.isConcurrentBuild());
+        // We need to call Queue#maintain without any interleaving Queue modification to reproduce the issue.
+        Queue.withLock(() -> {
+            r.jenkins.getQueue().schedule2(task1, 0);
+            r.jenkins.getQueue().maintain();
+            Queue.Item item1 = r.jenkins.getQueue().getItem(task1);
+            assertThat(r.jenkins.getQueue().getPendingItems(), contains(item1));
+            r.jenkins.getQueue().schedule2(task2, 0);
+            r.jenkins.getQueue().maintain();
+            Queue.Item item2 = r.jenkins.getQueue().getItem(task2);
+            // Before the fix, item1 would no longer be present in the pending items (but would
+            // still be assigned to a live executor), and item2 would not be blocked, which would
+            // allow the tasks to execute concurrently.
+            assertThat(r.jenkins.getQueue().getPendingItems(), contains(item1));
+            assertTrue(item2.isBlocked());
+        });
+    }
+
     @Issue("JENKINS-27256")
     @Test public void inQueueTaskLookupByAPI() throws Exception {
         FreeStyleProject p = r.createFreeStyleProject();
-- 
GitLab


From f6deb31220388103e3211d549f1d42fd9a382127 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Sat, 28 Jul 2018 23:03:46 +0200
Subject: [PATCH 622/863] Add content doc for split plugins resource file
 (#3538)

* Add content doc for split plugins resource file

* Fix documentation based on Devin's findings

* Add note why we're not fixing it
---
 core/src/main/resources/jenkins/split-plugins.txt | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/core/src/main/resources/jenkins/split-plugins.txt b/core/src/main/resources/jenkins/split-plugins.txt
index 3014a382c3..cb0a447db2 100644
--- a/core/src/main/resources/jenkins/split-plugins.txt
+++ b/core/src/main/resources/jenkins/split-plugins.txt
@@ -1,5 +1,11 @@
 # See ClassicPluginStrategy.DETACHED_LIST. As of JENKINS-47634 also used by plugin-compat-tester.
 
+# Columns are: plugin ID, last core release still containing the plugin's functionality, plugin version that's implied.
+
+# Note that all split plugins between and including matrix-auth and jdk-tool incorrectly use the first
+# core release without the plugin's functionality when they should use the immediately prior release.
+# Fixing these retroactively won't help, as the difference only matters to those specific versions.
+
 maven-plugin 1.296 1.296
 subversion 1.310 1.0
 cvs 1.340 0.1
-- 
GitLab


From d146a922ff0e5223260c4fad3afea476508562d3 Mon Sep 17 00:00:00 2001
From: Dalibor Plavcic <dplavcic@users.noreply.github.com>
Date: Sat, 28 Jul 2018 23:08:31 +0200
Subject: [PATCH 623/863] [JENKINS-51666] Polish logging for rejected classes
 in ClassFilterImpl (#3553)

* [JENKINS-51666] Polish logging for rejected classes in ClassFilterImpl

* [JENKINS-51666] Value r is always true
---
 core/src/main/java/jenkins/security/ClassFilterImpl.java | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/jenkins/security/ClassFilterImpl.java b/core/src/main/java/jenkins/security/ClassFilterImpl.java
index 6d49d53f46..c4b3311e3a 100644
--- a/core/src/main/java/jenkins/security/ClassFilterImpl.java
+++ b/core/src/main/java/jenkins/security/ClassFilterImpl.java
@@ -129,7 +129,11 @@ public class ClassFilterImpl extends ClassFilter {
         for (CustomClassFilter f : ExtensionList.lookup(CustomClassFilter.class)) {
             Boolean r = f.permits(_c);
             if (r != null) {
-                LOGGER.log(Level.FINER, "{0} specifies a policy for {1}: {2}", new Object[] {f, _c.getName(), r});
+                if (r) {
+                    LOGGER.log(Level.FINER, "{0} specifies a policy for {1}: {2}", new Object[] {f, _c.getName(), true});
+                } else {
+                    notifyRejected(_c, _c.getName(), String.format("%s specifies a policy for %s: %s ", f, _c.getName(), r));
+                }
                 return !r;
             }
         }
@@ -140,6 +144,7 @@ public class ClassFilterImpl extends ClassFilter {
                 return false;
             }
             if (ClassFilter.STANDARD.isBlacklisted(c)) { // currently never true, but may issue diagnostics
+                notifyRejected(_c, _c.getName(), String.format("%s is not permitted ", _c.getName()));
                 return true;
             }
             if (c.isArray()) {
@@ -299,7 +304,7 @@ public class ClassFilterImpl extends ClassFilter {
             Boolean r = f.permits(name);
             if (r != null) {
                 if (r) {
-                    LOGGER.log(Level.FINER, "{0} specifies a policy for {1}: {2}", new Object[] {f, name, r});
+                    LOGGER.log(Level.FINER, "{0} specifies a policy for {1}: {2}", new Object[] {f, name, true});
                 } else {
                     notifyRejected(null, name,
                             String.format("%s specifies a policy for %s: %s", f, name, r));
-- 
GitLab


From 7d04b106c4e34defab8450e9dbd648dd93989956 Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Sat, 28 Jul 2018 17:09:03 -0400
Subject: [PATCH 624/863] Convert anonymous MasterToSlaveFileCallable to member
 (#3540)

* Convert anonymous MasterToSlaveFileCallable to member

org.jenkinsci.remoting.util.AnonymousClassWarnings warn:

WARNING: Attempt to (de-)serialize anonymous class hudson.model.ParametersDefinitionProperty$1
WARNING: Attempt to (de-)serialize anonymous class hudson.cli.ClientAuthenticationCache$1

see: https://jenkins.io/redirect/serialization-of-anonymous-classes/

* Try to make DefinitionsAbstractList a static class
---
 .../hudson/cli/ClientAuthenticationCache.java | 22 +++++++++-------
 .../model/ParametersDefinitionProperty.java   | 26 ++++++++++++-------
 2 files changed, 29 insertions(+), 19 deletions(-)

diff --git a/core/src/main/java/hudson/cli/ClientAuthenticationCache.java b/core/src/main/java/hudson/cli/ClientAuthenticationCache.java
index 48b96f4686..2cd45a7776 100644
--- a/core/src/main/java/hudson/cli/ClientAuthenticationCache.java
+++ b/core/src/main/java/hudson/cli/ClientAuthenticationCache.java
@@ -53,16 +53,7 @@ public class ClientAuthenticationCache implements Serializable {
     final Properties props = new Properties();
 
     public ClientAuthenticationCache(Channel channel) throws IOException, InterruptedException {
-        store = (channel==null ? FilePath.localChannel :  channel).call(new MasterToSlaveCallable<FilePath, IOException>() {
-            public FilePath call() throws IOException {
-                File home = new File(System.getProperty("user.home"));
-                File hudsonHome = new File(home, ".hudson");
-                if (hudsonHome.exists()) {
-                    return new FilePath(new File(hudsonHome, "cli-credentials"));
-                }
-                return new FilePath(new File(home, ".jenkins/cli-credentials"));
-            }
-        });
+        store = (channel==null ? FilePath.localChannel :  channel).call(new CredentialsFilePathMasterToSlaveCallable());
         if (store.exists()) {
             try (InputStream istream = store.read()) {
                 props.load(istream);
@@ -151,4 +142,15 @@ public class ClientAuthenticationCache implements Serializable {
         // try to protect this file from other users, if we can.
         store.chmod(0600);
     }
+
+    private static class CredentialsFilePathMasterToSlaveCallable extends MasterToSlaveCallable<FilePath, IOException> {
+        public FilePath call() throws IOException {
+            File home = new File(System.getProperty("user.home"));
+            File hudsonHome = new File(home, ".hudson");
+            if (hudsonHome.exists()) {
+                return new FilePath(new File(hudsonHome, "cli-credentials"));
+            }
+            return new FilePath(new File(home, ".jenkins/cli-credentials"));
+        }
+    }
 }
diff --git a/core/src/main/java/hudson/model/ParametersDefinitionProperty.java b/core/src/main/java/hudson/model/ParametersDefinitionProperty.java
index 46d2d273f3..348673043b 100644
--- a/core/src/main/java/hudson/model/ParametersDefinitionProperty.java
+++ b/core/src/main/java/hudson/model/ParametersDefinitionProperty.java
@@ -101,15 +101,7 @@ public class ParametersDefinitionProperty extends OptionalJobProperty<Job<?, ?>>
      * Gets the names of all the parameter definitions.
      */
     public List<String> getParameterDefinitionNames() {
-        return new AbstractList<String>() {
-            public String get(int index) {
-                return parameterDefinitions.get(index).getName();
-            }
-
-            public int size() {
-                return parameterDefinitions.size();
-            }
-        };
+        return new DefinitionsAbstractList(this.parameterDefinitions);
     }
 
     @Nonnull
@@ -246,4 +238,20 @@ public class ParametersDefinitionProperty extends OptionalJobProperty<Job<?, ?>>
     public String getUrlName() {
         return null;
     }
+
+    private static class DefinitionsAbstractList extends AbstractList<String> {
+        private final List<ParameterDefinition> parameterDefinitions;
+
+        public DefinitionsAbstractList(List<ParameterDefinition> parameterDefinitions) {
+            this.parameterDefinitions = parameterDefinitions;
+        }
+
+        public String get(int index) {
+            return this.parameterDefinitions.get(index).getName();
+        }
+
+        public int size() {
+            return this.parameterDefinitions.size();
+        }
+    }
 }
-- 
GitLab


From fdd5d5db2467cdb5dca392db35a5453c53ceb9b9 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 29 Jul 2018 16:28:47 -0700
Subject: [PATCH 625/863] [maven-release-plugin] prepare release jenkins-2.135

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d54dac5918..3f652a4af7 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.135</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 3ad3f09029..cbcf2b315a 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.135</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 0bb2f2724a..0b0a4802f1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.135</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.135</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..d83b19da09 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.135</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 5c3b3557ca..ae90352631 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.135</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From e82ea0e511cca1f9314f03c550b8b0c4f2bf764e Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 29 Jul 2018 16:28:47 -0700
Subject: [PATCH 626/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 3f652a4af7..43f813a243 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.135</version>
+    <version>2.136-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index cbcf2b315a..8f9e44a603 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.135</version>
+    <version>2.136-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 0b0a4802f1..cda4b9d8b1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.135</version>
+  <version>2.136-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.135</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index d83b19da09..907a8d9993 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.135</version>
+    <version>2.136-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index ae90352631..f2f00dc461 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.135</version>
+    <version>2.136-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From aff9c3bca60a376cb3db0658da5e671a97c7ce15 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 29 Jul 2018 16:35:46 -0700
Subject: [PATCH 627/863] mvn incrementals:reincrementalify

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 43f813a243..d54dac5918 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.136-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 8f9e44a603..3ad3f09029 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.136-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index cda4b9d8b1..c241d590e2 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.136-SNAPSHOT</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.135</revision>
+    <revision>2.136</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 907a8d9993..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.136-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index f2f00dc461..5c3b3557ca 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.136-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 414913e41ff18dd1f4da07a65accb0b8acfd3ad1 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 30 Jul 2018 14:19:02 -0400
Subject: [PATCH 628/863] Update parent POM.

---
 .mvn/extensions.xml | 2 +-
 pom.xml             | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.mvn/extensions.xml b/.mvn/extensions.xml
index 510f24fbcd..a2d496cc2b 100644
--- a/.mvn/extensions.xml
+++ b/.mvn/extensions.xml
@@ -2,6 +2,6 @@
   <extension>
     <groupId>io.jenkins.tools.incrementals</groupId>
     <artifactId>git-changelist-maven-extension</artifactId>
-    <version>1.0-beta-3</version>
+    <version>1.0-beta-4</version>
   </extension>
 </extensions>
diff --git a/pom.xml b/pom.xml
index c241d590e2..9c32d784f6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci</groupId>
     <artifactId>jenkins</artifactId>
-    <version>1.46</version>
+    <version>1.48-20180730.183534-1</version> <!-- TODO https://github.com/jenkinsci/pom/pull/30 -->
     <relativePath />
   </parent>
 
-- 
GitLab


From 90eac31bda6b7267c9b26905ab592f4a215e83fa Mon Sep 17 00:00:00 2001
From: Durgadas Kamath <durgadasthegenius@gmail.com>
Date: Tue, 31 Jul 2018 00:52:04 +0530
Subject: [PATCH 629/863] [JENKINS-52771] Bump up jna.jar version to 4.5.2
 (#3565)

* Bump up jna.jar version to 4.5.1

Fixes https://issues.jenkins-ci.org/browse/JENKINS-52771.
JNA support for s390x is missing in 4.2.1. The support is added in 4.5.1 version as part of issue 845
Issue: https://github.com/java-native-access/jna/issues/845
Commit : https://github.com/matthiasblaesing/jna/commit/1fef4a20a031d91dce6d37e6ef809c9d38708bd2

* Per review comment , bump jna.jar version to 4.5.2
---
 core/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/pom.xml b/core/pom.xml
index 3ad3f09029..827d6e3c5e 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -535,7 +535,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>net.java.dev.jna</groupId>
       <artifactId>jna</artifactId>
-      <version>4.2.1</version>
+      <version>4.5.2</version>
     </dependency>
     <dependency>
       <groupId>org.kohsuke</groupId>
-- 
GitLab


From 25da480fab1da7d2a01ab68a56faf00cae0c23b1 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <Wadeck@users.noreply.github.com>
Date: Mon, 30 Jul 2018 21:22:46 +0200
Subject: [PATCH 630/863] [JENKINS-52441] Care about user with id = 'null'
 (#3558)

* [JENKINS-52441] Care about user with id = 'null'

* Add test case for the null id

* Address Ramon's comment

* Adjust whitespaces
---
 .../LegacyApiTokenAdministrativeMonitor.java  | 20 ++++---
 ...gacyApiTokenAdministrativeMonitorTest.java | 57 +++++++++++++++++--
 2 files changed, 64 insertions(+), 13 deletions(-)

diff --git a/core/src/main/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor.java b/core/src/main/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor.java
index 7c2a2ce1b0..8e56ceb40b 100644
--- a/core/src/main/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor.java
+++ b/core/src/main/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor.java
@@ -100,7 +100,7 @@ public class LegacyApiTokenAdministrativeMonitor extends AdministrativeMonitor {
     @Restricted(NoExternalUse.class)
     public @Nullable ApiTokenProperty.TokenInfoAndStats getLegacyStatsOf(@Nonnull User user, @Nullable ApiTokenStore.HashedToken legacyToken) {
         ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
-        if(legacyToken != null){
+        if (legacyToken != null) {
             ApiTokenStats.SingleTokenStats legacyStats = apiTokenProperty.getTokenStats().findTokenStatsById(legacyToken.getUuid());
             ApiTokenProperty.TokenInfoAndStats tokenInfoAndStats = new ApiTokenProperty.TokenInfoAndStats(legacyToken, legacyStats);
             return tokenInfoAndStats;
@@ -116,7 +116,7 @@ public class LegacyApiTokenAdministrativeMonitor extends AdministrativeMonitor {
     // used by Jelly view
     @Restricted(NoExternalUse.class)
     public boolean hasFreshToken(@Nonnull User user, @Nullable ApiTokenProperty.TokenInfoAndStats legacyStats) {
-        if(legacyStats == null){
+        if (legacyStats == null) {
             return false;
         }
         
@@ -140,12 +140,12 @@ public class LegacyApiTokenAdministrativeMonitor extends AdministrativeMonitor {
     // used by Jelly view
     @Restricted(NoExternalUse.class)
     public boolean hasMoreRecentlyUsedToken(@Nonnull User user, @Nullable ApiTokenProperty.TokenInfoAndStats legacyStats) {
-        if(legacyStats == null){
+        if (legacyStats == null) {
             return false;
         }
         
         ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
-    
+        
         return apiTokenProperty.getTokenList().stream()
                 .filter(token -> !token.isLegacy)
                 .anyMatch(token -> {
@@ -161,18 +161,22 @@ public class LegacyApiTokenAdministrativeMonitor extends AdministrativeMonitor {
     @RequirePOST
     public HttpResponse doRevokeAllSelected(@JsonBody RevokeAllSelectedModel content) throws IOException {
         for (RevokeAllSelectedUserAndUuid value : content.values) {
+            if (value.userId == null) {
+                // special case not managed by JSONObject
+                value.userId = "null";
+            }
             User user = User.getById(value.userId, false);
             if (user == null) {
                 LOGGER.log(Level.INFO, "User not found id={0}", value.userId);
             } else {
                 ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
-                if(apiTokenProperty == null){
+                if (apiTokenProperty == null) {
                     LOGGER.log(Level.INFO, "User without apiTokenProperty found id={0}", value.userId);
-                }else{
+                } else {
                     ApiTokenStore.HashedToken revokedToken = apiTokenProperty.getTokenStore().revokeToken(value.uuid);
-                    if(revokedToken == null){
+                    if (revokedToken == null) {
                         LOGGER.log(Level.INFO, "User without selected token id={0}, tokenUuid={1}", new Object[]{value.userId, value.uuid});
-                    }else{
+                    } else {
                         apiTokenProperty.deleteApiToken();
                         user.save();
                         LOGGER.log(Level.INFO, "Revocation success for user id={0}, tokenUuid={1}", new Object[]{value.userId, value.uuid});
diff --git a/test/src/test/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitorTest.java b/test/src/test/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitorTest.java
index 80172d9ab7..7fbea41d0b 100644
--- a/test/src/test/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitorTest.java
+++ b/test/src/test/java/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitorTest.java
@@ -38,6 +38,7 @@ import org.apache.commons.lang.StringUtils;
 import org.hamcrest.Matchers;
 import org.junit.Rule;
 import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
 import org.jvnet.hudson.test.JenkinsRule;
 
 import static org.junit.Assert.assertEquals;
@@ -51,6 +52,18 @@ public class LegacyApiTokenAdministrativeMonitorTest {
     @Rule
     public JenkinsRule j = new JenkinsRule();
     
+    private enum SelectFilter {
+        ALL(0),
+        ONLY_FRESH(1),
+        ONLY_RECENT(2);
+        
+        int index;
+        
+        SelectFilter(int index) {
+            this.index = index;
+        }
+    }
+    
     @Test
     public void isActive() throws Exception {
         ApiTokenPropertyConfiguration config = ApiTokenPropertyConfiguration.get();
@@ -76,6 +89,40 @@ public class LegacyApiTokenAdministrativeMonitorTest {
         assertTrue(monitor.isActivated());
     }
     
+    @Test
+    @Issue("JENKINS-52441")
+    public void takeCareOfUserWithIdNull() throws Exception {
+        ApiTokenPropertyConfiguration config = ApiTokenPropertyConfiguration.get();
+        config.setCreationOfLegacyTokenEnabled(true);
+        config.setTokenGenerationOnCreationEnabled(false);
+        
+        // user created without legacy token
+        User user = User.getById("null", true);
+        ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
+        assertFalse(apiTokenProperty.hasLegacyToken());
+        
+        LegacyApiTokenAdministrativeMonitor monitor = j.jenkins.getExtensionList(AdministrativeMonitor.class).get(LegacyApiTokenAdministrativeMonitor.class);
+        assertFalse(monitor.isActivated());
+        
+        apiTokenProperty.changeApiToken();
+        assertTrue(monitor.isActivated());
+        
+        {//revoke the legacy token
+            JenkinsRule.WebClient wc = j.createWebClient();
+            
+            HtmlPage page = wc.goTo(monitor.getUrl() + "/manage");
+            {// select all (only one user normally)
+                HtmlAnchor filterAll = getFilterByIndex(page, SelectFilter.ALL);
+                HtmlElementUtil.click(filterAll);
+            }
+            // revoke them
+            HtmlButton revokeSelected = getRevokeSelected(page);
+            HtmlElementUtil.click(revokeSelected);
+        }
+        
+        assertFalse(monitor.isActivated());
+    }
+    
     @Test
     public void listOfUserWithLegacyTokenIsCorrect() throws Exception {
         j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
@@ -254,7 +301,7 @@ public class LegacyApiTokenAdministrativeMonitorTest {
         checkUserWithLegacyTokenListHasSizeOf(page, 1 + 2 + 3 + 4, 2 + 4, 3 + 4);
         
         {// select 2
-            HtmlAnchor filterOnlyFresh = getFilterByIndex(page, 1);
+            HtmlAnchor filterOnlyFresh = getFilterByIndex(page, SelectFilter.ONLY_FRESH);
             HtmlElementUtil.click(filterOnlyFresh);
         }
         // revoke them
@@ -265,7 +312,7 @@ public class LegacyApiTokenAdministrativeMonitorTest {
         assertTrue(monitor.isActivated());
         
         {// select 1 + 3
-            HtmlAnchor filterAll = getFilterByIndex(newPage, 0);
+            HtmlAnchor filterAll = getFilterByIndex(newPage, SelectFilter.ALL);
             HtmlElementUtil.click(filterAll);
         }
         // revoke them
@@ -275,13 +322,13 @@ public class LegacyApiTokenAdministrativeMonitorTest {
         assertFalse(monitor.isActivated());
     }
     
-    private HtmlAnchor getFilterByIndex(HtmlPage page, int index) {
+    private HtmlAnchor getFilterByIndex(HtmlPage page, SelectFilter selectFilter) {
         HtmlElement document = page.getDocumentElement();
         HtmlDivision filterDiv = document.getOneHtmlElementByAttribute("div", "class", "selection-panel");
         DomNodeList<HtmlElement> filters = filterDiv.getElementsByTagName("a");
         assertEquals(3, filters.size());
         
-        HtmlAnchor filter = (HtmlAnchor) filters.get(index);
+        HtmlAnchor filter = (HtmlAnchor) filters.get(selectFilter.index);
         assertNotNull(filter);
         return filter;
     }
@@ -341,7 +388,7 @@ public class LegacyApiTokenAdministrativeMonitorTest {
     private void createUserWithToken(boolean legacy, boolean fresh, boolean recent) throws Exception {
         User user = User.getById(String.format("user %b %b %b %d", legacy, fresh, recent, nextId++), true);
         if (!legacy) {
-            return ;
+            return;
         }
         
         ApiTokenProperty apiTokenProperty = user.getProperty(ApiTokenProperty.class);
-- 
GitLab


From 303f8754c44696ace29da7fb40f02fcff650abf8 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Tue, 31 Jul 2018 09:32:41 +0200
Subject: [PATCH 631/863] Javadoc: Link ToolInstaller to InstallSourceProperty

---
 core/src/main/java/hudson/tools/ToolInstaller.java | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/core/src/main/java/hudson/tools/ToolInstaller.java b/core/src/main/java/hudson/tools/ToolInstaller.java
index 2aaec73d1d..0a6ef5d07c 100644
--- a/core/src/main/java/hudson/tools/ToolInstaller.java
+++ b/core/src/main/java/hudson/tools/ToolInstaller.java
@@ -42,12 +42,14 @@ import org.kohsuke.stapler.DataBoundConstructor;
 
 /**
  * An object which can ensure that a generic {@link ToolInstallation} in fact exists on a node.
+ * The properties can be added to {@link ToolInstallation} using the {@link InstallSourceProperty}.
  *
  * The subclass should have a {@link ToolInstallerDescriptor}.
  * A {@code config.jelly} should be provided to customize specific fields;
  * {@code <t:label xmlns:t="/hudson/tools"/>} to customize {@code label}.
  * @see <a href="http://wiki.jenkins-ci.org/display/JENKINS/Tool+Auto-Installation">Tool Auto-Installation</a>
  * @since 1.305
+ * @see InstallSourceProperty
  */
 public abstract class ToolInstaller implements Describable<ToolInstaller>, ExtensionPoint {
 
-- 
GitLab


From a3576afd239fa0fd2e25ac01eb0974f1e968ca37 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Tue, 31 Jul 2018 09:48:15 +0200
Subject: [PATCH 632/863] [JENKINS-52181] - Create Unit test for the new
 behavior

---
 test/src/test/java/hudson/cli/ConsoleCommandTest.java | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/test/src/test/java/hudson/cli/ConsoleCommandTest.java b/test/src/test/java/hudson/cli/ConsoleCommandTest.java
index a01dd99f17..4fe07e98df 100644
--- a/test/src/test/java/hudson/cli/ConsoleCommandTest.java
+++ b/test/src/test/java/hudson/cli/ConsoleCommandTest.java
@@ -80,6 +80,17 @@ public class ConsoleCommandTest {
         assertThat(result, hasNoStandardOutput());
         assertThat(result.stderr(), containsString("ERROR: No such job 'aProject'"));
     }
+    
+    @Issue("JENKINS-52181")
+    @Test public void consoleShouldBeAccessibleForUserWithRead() throws Exception {	
+        j.createFreeStyleProject("aProject");	
+        final CLICommandInvoker.Result result = command	
+                .authorizedTo(Jenkins.READ, Job.READ)	
+                .invokeWithArgs("aProject");	
+        
+        assertThat(result, succeeded());
+        assertThat(result.stdout(), containsString("echo 5"));	
+    }
 
     @Test public void consoleShouldFailWhenProjectDoesNotExist() throws Exception {
 
-- 
GitLab


From e63a5aaea3267353b34ddc4cfe766768424390b1 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Tue, 31 Jul 2018 14:56:17 -0400
Subject: [PATCH 633/863] parent 1.48

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 9c32d784f6..ea419b5be8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci</groupId>
     <artifactId>jenkins</artifactId>
-    <version>1.48-20180730.183534-1</version> <!-- TODO https://github.com/jenkinsci/pom/pull/30 -->
+    <version>1.48</version>
     <relativePath />
   </parent>
 
-- 
GitLab


From e5046911c57e60a1d6d8aca9b21bd9093b0f3763 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Wed, 1 Aug 2018 00:56:12 +0200
Subject: [PATCH 634/863] [SECURITY-790]

---
 core/src/main/java/hudson/scheduler/CronTab.java     | 2 +-
 core/src/test/java/hudson/scheduler/CronTabTest.java | 7 +++++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/scheduler/CronTab.java b/core/src/main/java/hudson/scheduler/CronTab.java
index 14c67b9034..120b8bc2a1 100644
--- a/core/src/main/java/hudson/scheduler/CronTab.java
+++ b/core/src/main/java/hudson/scheduler/CronTab.java
@@ -204,7 +204,7 @@ public final class CronTab {
         }
 
         void setTo(Calendar c, int i) {
-            c.set(field,i-offset);
+            c.set(field,Math.min(i-offset, c.getActualMaximum(field)));
         }
 
         void clear(Calendar c) {
diff --git a/core/src/test/java/hudson/scheduler/CronTabTest.java b/core/src/test/java/hudson/scheduler/CronTabTest.java
index e2acaf53ba..cae0fdc7ed 100644
--- a/core/src/test/java/hudson/scheduler/CronTabTest.java
+++ b/core/src/test/java/hudson/scheduler/CronTabTest.java
@@ -314,4 +314,11 @@ public class CronTabTest {
         assertEquals("[35, 56]", times.toString());
     }
 
+    @Issue("SECURITY-790")
+    @Test(timeout = 1000L) public void testLongMonths() throws Exception {
+        Calendar cal = Calendar.getInstance();
+        cal.set(Calendar.MONTH, Calendar.JULY);
+        new CronTab("0 0 31 7 *").floor(cal); // would infinite loop
+    }
+
 }
-- 
GitLab


From ef9583a24abc4de157e1570cb32d7a273d327f36 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Wed, 1 Aug 2018 00:58:04 +0200
Subject: [PATCH 635/863] [SECURITY-996]

---
 .../java/hudson/security/SecurityRealm.java   |  3 +
 .../TokenBasedRememberMeServices2.java        | 44 +++++++---
 ...enBasedRememberMeServices2Test_SEC996.java | 88 +++++++++++++++++++
 3 files changed, 122 insertions(+), 13 deletions(-)
 create mode 100644 test/src/test/java/hudson/security/TokenBasedRememberMeServices2Test_SEC996.java

diff --git a/core/src/main/java/hudson/security/SecurityRealm.java b/core/src/main/java/hudson/security/SecurityRealm.java
index 6cb69906e0..219a317eda 100644
--- a/core/src/main/java/hudson/security/SecurityRealm.java
+++ b/core/src/main/java/hudson/security/SecurityRealm.java
@@ -304,6 +304,9 @@ public abstract class SecurityRealm extends AbstractDescribableImpl<SecurityReal
 
         // reset remember-me cookie
         Cookie cookie = new Cookie(ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,"");
+        cookie.setMaxAge(0);
+        cookie.setSecure(req.isSecure());
+        cookie.setHttpOnly(true);
         cookie.setPath(req.getContextPath().length()>0 ? req.getContextPath() : "/");
         rsp.addCookie(cookie);
 
diff --git a/core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java b/core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java
index 9b81ae5b19..ff0f374ca4 100644
--- a/core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java
+++ b/core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java
@@ -123,19 +123,39 @@ public class TokenBasedRememberMeServices2 extends TokenBasedRememberMeServices
 
     @Override
     public Authentication autoLogin(HttpServletRequest request, HttpServletResponse response) {
-        try {
-            return super.autoLogin(request, response);
-        } catch (Exception e) {
-            cancelCookie(request, response, "Failed to handle remember-me cookie: "+Functions.printThrowable(e));
+        if(Jenkins.getInstance().isDisableRememberMe()){
+            cancelCookie(request, response, null);
             return null;
+        }else {
+            try {
+                return super.autoLogin(request, response);
+            } catch (Exception e) {
+                cancelCookie(request, response, "Failed to handle remember-me cookie: " + Functions.printThrowable(e));
+                return null;
+            }
         }
     }
 
-	@Override
-	protected Cookie makeValidCookie(String tokenValueBase64, HttpServletRequest request, long maxAge) {
-		Cookie cookie = super.makeValidCookie(tokenValueBase64, request, maxAge);
+    @Override
+    protected Cookie makeValidCookie(String tokenValueBase64, HttpServletRequest request, long maxAge) {
+        Cookie cookie = super.makeValidCookie(tokenValueBase64, request, maxAge);
+        secureCookie(cookie, request);
+        return cookie;
+    }
+
+    @Override 
+    protected Cookie makeCancelCookie(HttpServletRequest request) {
+        Cookie cookie = super.makeCancelCookie(request);
+        secureCookie(cookie, request);
+        return cookie;
+    }
+    
+    /**
+     * Force always the http-only flag and depending on the request, put also the secure flag.
+     */
+    private void secureCookie(Cookie cookie, HttpServletRequest request){
         // if we can mark the cookie HTTP only, do so to protect this cookie even in case of XSS vulnerability.
-		if (SET_HTTP_ONLY!=null) {
+        if (SET_HTTP_ONLY!=null) {
             try {
                 SET_HTTP_ONLY.invoke(cookie,true);
             } catch (IllegalAccessException e) {
@@ -148,12 +168,10 @@ public class TokenBasedRememberMeServices2 extends TokenBasedRememberMeServices
         // if the user is running Jenkins over HTTPS, we also want to prevent the cookie from leaking in HTTP.
         // whether the login is done over HTTPS or not would be a good enough approximation of whether Jenkins runs in
         // HTTPS or not, so use that.
-        if (request.isSecure())
-            cookie.setSecure(true);
-		return cookie;
-	}
+        cookie.setSecure(request.isSecure());
+    }
 
-	/**
+    /**
      * Used to compute the token signature securely.
      */
     private static final HMACConfidentialKey MAC = new HMACConfidentialKey(TokenBasedRememberMeServices.class,"mac");
diff --git a/test/src/test/java/hudson/security/TokenBasedRememberMeServices2Test_SEC996.java b/test/src/test/java/hudson/security/TokenBasedRememberMeServices2Test_SEC996.java
new file mode 100644
index 0000000000..b2fa21ce6c
--- /dev/null
+++ b/test/src/test/java/hudson/security/TokenBasedRememberMeServices2Test_SEC996.java
@@ -0,0 +1,88 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package hudson.security;
+
+import com.gargoylesoftware.htmlunit.util.Cookie;
+import com.gargoylesoftware.htmlunit.xml.XmlPage;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+
+import static org.hamcrest.Matchers.is;
+import static org.hamcrest.Matchers.not;
+import static org.hamcrest.text.IsEmptyString.isEmptyString;
+import static org.hamcrest.xml.HasXPath.hasXPath;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertThat;
+
+public class TokenBasedRememberMeServices2Test_SEC996 {
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+    
+    @Test
+    @Issue("SECURITY-996")
+    public void rememberMeToken_shouldNotBeRead_ifOptionIsDisabled() throws Exception {
+        j.jenkins.setDisableRememberMe(false);
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        
+        Cookie rememberMeCookie = null;
+        {
+            JenkinsRule.WebClient wc = j.createWebClient();
+            wc.login("alice", "alice", true);
+            
+            
+            // we should see a remember me cookie
+            rememberMeCookie = getRememberMeCookie(wc);
+            assertNotNull(rememberMeCookie);
+            assertThat(rememberMeCookie.getValue(), not(isEmptyString()));
+        }
+        
+        j.jenkins.setDisableRememberMe(true);
+        {
+            JenkinsRule.WebClient wc = j.createWebClient();
+        
+            wc.getCookieManager().addCookie(rememberMeCookie);
+        
+            // the application should not use the cookie to connect
+            XmlPage page = (XmlPage) wc.goTo("whoAmI/api/xml", "application/xml");
+            assertThat(page, hasXPath("//name", not(is("alice"))));
+        }
+        
+        j.jenkins.setDisableRememberMe(false);
+        {
+            JenkinsRule.WebClient wc = j.createWebClient();
+        
+            wc.getCookieManager().addCookie(rememberMeCookie);
+        
+            // if we reactivate the remember me feature, it's ok
+            XmlPage page = (XmlPage) wc.goTo("whoAmI/api/xml", "application/xml");
+            assertThat(page, hasXPath("//name", is("alice")));
+        }
+    }
+    
+    private Cookie getRememberMeCookie(JenkinsRule.WebClient wc) {
+        return wc.getCookieManager().getCookie(TokenBasedRememberMeServices2.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+    }
+}
-- 
GitLab


From 832144e32297fea7734a44bd2064f6ddd4562874 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Wed, 1 Aug 2018 00:58:46 +0200
Subject: [PATCH 636/863] [SECURITY-896]

---
 .../security/BasicAuthenticationFilter.java   |  11 +-
 .../jenkins/security/ApiTokenProperty.java    |   3 +-
 .../jenkins/security/BasicApiTokenHelper.java |  88 ++++++++
 .../BasicHeaderApiTokenAuthenticator.java     |  27 +--
 ...eaderApiTokenAuthenticatorTest_SEC986.java | 200 ++++++++++++++++++
 5 files changed, 308 insertions(+), 21 deletions(-)
 create mode 100644 core/src/main/java/jenkins/security/BasicApiTokenHelper.java
 create mode 100644 test/src/test/java/jenkins/security/BasicHeaderApiTokenAuthenticatorTest_SEC986.java

diff --git a/core/src/main/java/hudson/security/BasicAuthenticationFilter.java b/core/src/main/java/hudson/security/BasicAuthenticationFilter.java
index 11709bcf58..12deb034f5 100644
--- a/core/src/main/java/hudson/security/BasicAuthenticationFilter.java
+++ b/core/src/main/java/hudson/security/BasicAuthenticationFilter.java
@@ -26,7 +26,7 @@ package hudson.security;
 import hudson.model.User;
 import jenkins.model.Jenkins;
 import hudson.util.Scrambler;
-import jenkins.security.ApiTokenProperty;
+import jenkins.security.BasicApiTokenHelper;
 import org.acegisecurity.context.SecurityContextHolder;
 
 import javax.servlet.Filter;
@@ -132,12 +132,9 @@ public class BasicAuthenticationFilter implements Filter {
             return;
         }
 
-        {// attempt to authenticate as API token
-            // create is true as the user may not have been saved and the default api token may be in use.
-            // validation of the user will be performed against the underlying realm in impersonate.
-            User u = User.getById(username, true);
-            ApiTokenProperty t = u.getProperty(ApiTokenProperty.class);
-            if (t!=null && t.matchesPassword(password)) {
+        {
+            User u = BasicApiTokenHelper.isConnectingUsingApiToken(username, password);
+            if(u != null){
                 SecurityContextHolder.getContext().setAuthentication(u.impersonate());
                 try {
                     chain.doFilter(request,response);
diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index dd64d0e9d0..fc87f3c411 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -200,5 +200,6 @@ public class ApiTokenProperty extends UserProperty {
     /**
      * We don't want an API key that's too long, so cut the length to 16 (which produces 32-letter MAC code in hexdump)
      */
-    private static final HMACConfidentialKey API_KEY_SEED = new HMACConfidentialKey(ApiTokenProperty.class,"seed",16);
+    @Restricted(NoExternalUse.class)
+    public static final HMACConfidentialKey API_KEY_SEED = new HMACConfidentialKey(ApiTokenProperty.class,"seed",16);
 }
diff --git a/core/src/main/java/jenkins/security/BasicApiTokenHelper.java b/core/src/main/java/jenkins/security/BasicApiTokenHelper.java
new file mode 100644
index 0000000000..bafece0e57
--- /dev/null
+++ b/core/src/main/java/jenkins/security/BasicApiTokenHelper.java
@@ -0,0 +1,88 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.security;
+
+import hudson.Util;
+import hudson.model.User;
+import jenkins.model.GlobalConfiguration;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+
+import javax.annotation.CheckForNull;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+import java.nio.charset.StandardCharsets;
+import java.security.MessageDigest;
+
+@Restricted(NoExternalUse.class)
+public class BasicApiTokenHelper {
+    public static @CheckForNull User isConnectingUsingApiToken(String username, String tokenValue){
+        User user = User.getById(username, false);
+        if(user == null){
+            if(isLegacyTokenGeneratedOnUserCreation()){
+                String generatedTokenOnCreation = Util.getDigestOf(ApiTokenProperty.API_KEY_SEED.mac(username));
+                boolean areTokenEqual = MessageDigest.isEqual(
+                        generatedTokenOnCreation.getBytes(StandardCharsets.US_ASCII),
+                        tokenValue.getBytes(StandardCharsets.US_ASCII)
+                );
+                if(areTokenEqual){
+                    // directly return the user freshly created
+                    // and no need to check its token as the generated token 
+                    // will be the same as the one we checked just above
+                    return User.getById(username, true);
+                }
+            }
+        }else{
+            ApiTokenProperty t = user.getProperty(ApiTokenProperty.class);
+            if (t!=null && t.matchesPassword(tokenValue)) {
+                return user;
+            }
+        }
+        
+        return null;
+    }
+    
+    //TODO could be simplified when the patch is merged in 2.129+
+    @SuppressWarnings("unchecked")
+    static boolean isLegacyTokenGeneratedOnUserCreation(){
+        Class<GlobalConfiguration> clazz;
+        try {
+            clazz = (Class<GlobalConfiguration>) BasicApiTokenHelper.class.getClassLoader().loadClass("jenkins.security.apitoken.ApiTokenPropertyConfiguration");
+        } catch (ClassNotFoundException e) {
+            // case the new api token system is not in place
+            return true;
+        }
+        
+        Object apiTokenConfiguration = GlobalConfiguration.all().get(clazz);
+        boolean tokenGenerationOnCreationEnabled;
+        try {
+            Method isTokenGenerationOnCreationEnabled = clazz.getDeclaredMethod("isTokenGenerationOnCreationEnabled");
+            tokenGenerationOnCreationEnabled = (boolean) isTokenGenerationOnCreationEnabled.invoke(apiTokenConfiguration);
+        } catch (NoSuchMethodException | IllegalAccessException | InvocationTargetException e) {
+            return false;
+        }
+        
+        return tokenGenerationOnCreationEnabled;
+    }
+}
diff --git a/core/src/main/java/jenkins/security/BasicHeaderApiTokenAuthenticator.java b/core/src/main/java/jenkins/security/BasicHeaderApiTokenAuthenticator.java
index a192dddc5f..27fdb4f047 100644
--- a/core/src/main/java/jenkins/security/BasicHeaderApiTokenAuthenticator.java
+++ b/core/src/main/java/jenkins/security/BasicHeaderApiTokenAuthenticator.java
@@ -23,19 +23,20 @@ import static java.util.logging.Level.*;
 public class BasicHeaderApiTokenAuthenticator extends BasicHeaderAuthenticator {
     @Override
     public Authentication authenticate(HttpServletRequest req, HttpServletResponse rsp, String username, String password) throws ServletException {
-        // attempt to authenticate as API token
-        User u = User.getById(username, true);
-        ApiTokenProperty t = u.getProperty(ApiTokenProperty.class);
-        if (t!=null && t.matchesPassword(password)) {
-            try {
-                return u.impersonate();
-            } catch (UsernameNotFoundException x) {
-                // The token was valid, but the impersonation failed. This token is clearly not his real password,
-                // so there's no point in continuing the request processing. Report this error and abort.
-                LOGGER.log(WARNING, "API token matched for user "+username+" but the impersonation failed",x);
-                throw new ServletException(x);
-            } catch (DataAccessException x) {
-                throw new ServletException(x);
+        User u = BasicApiTokenHelper.isConnectingUsingApiToken(username, password);
+        if(u != null) {
+            ApiTokenProperty t = u.getProperty(ApiTokenProperty.class);
+            if (t != null && t.matchesPassword(password)) {
+                try {
+                    return u.impersonate();
+                } catch (UsernameNotFoundException x) {
+                    // The token was valid, but the impersonation failed. This token is clearly not his real password,
+                    // so there's no point in continuing the request processing. Report this error and abort.
+                    LOGGER.log(WARNING, "API token matched for user " + username + " but the impersonation failed", x);
+                    throw new ServletException(x);
+                } catch (DataAccessException x) {
+                    throw new ServletException(x);
+                }
             }
         }
         return null;
diff --git a/test/src/test/java/jenkins/security/BasicHeaderApiTokenAuthenticatorTest_SEC986.java b/test/src/test/java/jenkins/security/BasicHeaderApiTokenAuthenticatorTest_SEC986.java
new file mode 100644
index 0000000000..f72c407b70
--- /dev/null
+++ b/test/src/test/java/jenkins/security/BasicHeaderApiTokenAuthenticatorTest_SEC986.java
@@ -0,0 +1,200 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.security;
+
+import com.gargoylesoftware.htmlunit.WebRequest;
+import com.gargoylesoftware.htmlunit.html.HtmlPage;
+import com.gargoylesoftware.htmlunit.html.HtmlTextInput;
+import com.gargoylesoftware.htmlunit.xml.XmlPage;
+import hudson.ExtensionComponent;
+import hudson.model.User;
+import jenkins.ExtensionFilter;
+import jenkins.model.Jenkins;
+import org.junit.Assume;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runners.model.Statement;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.MockAuthorizationStrategy;
+import org.jvnet.hudson.test.RestartableJenkinsRule;
+import org.jvnet.hudson.test.TestExtension;
+
+import java.net.URL;
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+import java.util.concurrent.atomic.AtomicReference;
+
+import static org.hamcrest.Matchers.equalTo;
+import static org.hamcrest.Matchers.is;
+import static org.hamcrest.xml.HasXPath.hasXPath;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertThat;
+
+public class BasicHeaderApiTokenAuthenticatorTest_SEC986 {
+    @Rule
+    public RestartableJenkinsRule rr = new RestartableJenkinsRule();
+    
+    @Test
+    public void legacyToken_regularCase() {
+        AtomicReference<String> token = new AtomicReference<>();
+        rr.addStep(new Statement() {
+            @Override
+            public void evaluate() throws Throwable {
+                assumeLegacyTokenCreation();
+                
+                configureSecurity();
+                
+                {
+                    JenkinsRule.WebClient wc = rr.j.createWebClient();
+                    // default SecurityListener will save the user when adding the LastGrantedAuthoritiesProperty
+                    // and so the user is persisted
+                    wc.login("user1");
+                    HtmlPage page = wc.goTo("user/user1/configure");
+                    String tokenValue = ((HtmlTextInput) page.getDocumentElement().querySelector("#apiToken")).getText();
+                    token.set(tokenValue);
+                }
+            }
+        });
+        rr.addStep(new Statement() {
+            @Override
+            public void evaluate() throws Throwable {
+                User user = User.getById("user1", false);
+                assertNotNull(user);
+                
+                JenkinsRule.WebClient wc = rr.j.createWebClient();
+                wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+                
+                { // for invalid token, no effect
+                    WebRequest request = new WebRequest(new URL(rr.j.jenkins.getRootUrl() + "whoAmI/api/xml"));
+                    request.setAdditionalHeader("Authorization", base64("user1", "invalid-token"));
+                    assertThat(wc.getPage(request).getWebResponse().getStatusCode(), equalTo(401));
+                }
+                { // for invalid user, no effect
+                    WebRequest request = new WebRequest(new URL(rr.j.jenkins.getRootUrl() + "whoAmI/api/xml"));
+                    request.setAdditionalHeader("Authorization", base64("user-not-valid", token.get()));
+                    assertThat(wc.getPage(request).getWebResponse().getStatusCode(), equalTo(401));
+                }
+    
+                assertNull(User.getById("user-not-valid", false));
+                
+                { // valid user with valid token, ok
+                    WebRequest request = new WebRequest(new URL(rr.j.jenkins.getRootUrl() + "whoAmI/api/xml"));
+                    request.setAdditionalHeader("Authorization", base64("user1", token.get()));
+                    XmlPage xmlPage = wc.getPage(request);
+                    assertThat(xmlPage, hasXPath("//name", is("user1")));
+                }
+            }
+        });
+    }
+    
+    /*
+     * The user is not saved after login without the default SecurityListener#fireAuthenticated
+     */
+    @Test
+    public void legacyToken_withoutLastGrantedAuthorities() {
+        AtomicReference<String> token = new AtomicReference<>();
+        rr.addStep(new Statement() {
+            @Override
+            public void evaluate() throws Throwable {
+                assumeLegacyTokenCreation();
+                
+                configureSecurity();
+                
+                {
+                    JenkinsRule.WebClient wc = rr.j.createWebClient();
+                    wc.login("user1");
+                    HtmlPage page = wc.goTo("user/user1/configure");
+                    String tokenValue = ((HtmlTextInput) page.getDocumentElement().querySelector("#apiToken")).getText();
+                    token.set(tokenValue);
+                }
+            }
+        });
+        rr.addStep(new Statement() {
+            @Override
+            public void evaluate() throws Throwable {
+                User user = User.getById("user1", false);
+                assertNull(user);
+                
+                JenkinsRule.WebClient wc = rr.j.createWebClient();
+                wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+                
+                { // for invalid token, no effect
+                    WebRequest request = new WebRequest(new URL(rr.j.jenkins.getRootUrl() + "whoAmI/api/xml"));
+                    request.setAdditionalHeader("Authorization", base64("user1", "invalid-token"));
+                    assertThat(wc.getPage(request).getWebResponse().getStatusCode(), equalTo(401));
+                }
+                { // for invalid user, no effect
+                    WebRequest request = new WebRequest(new URL(rr.j.jenkins.getRootUrl() + "whoAmI/api/xml"));
+                    request.setAdditionalHeader("Authorization", base64("user-not-valid", token.get()));
+                    assertThat(wc.getPage(request).getWebResponse().getStatusCode(), equalTo(401));
+                }
+    
+                assertNull(User.getById("user1", false));
+                assertNull(User.getById("user-not-valid", false));
+                
+                { // valid user with valid token, ok
+                    WebRequest request = new WebRequest(new URL(rr.j.jenkins.getRootUrl() + "whoAmI/api/xml"));
+                    request.setAdditionalHeader("Authorization", base64("user1", token.get()));
+                    XmlPage xmlPage = wc.getPage(request);
+                    assertThat(xmlPage, hasXPath("//name", is("user1")));
+                }
+            }
+        });
+        rr.addStep(new Statement() {
+            @Override
+            public void evaluate() throws Throwable {
+                User user = User.getById("user1", false);
+                assertNull(user);
+            }
+        });
+    }
+    
+    @TestExtension("legacyToken_withoutLastGrantedAuthorities")
+    public static class RemoveDefaultSecurityListener extends ExtensionFilter {
+        @Override
+        public <T> boolean allows(Class<T> type, ExtensionComponent<T> component) {
+            return !SecurityListener.class.isAssignableFrom(type);
+        }
+    }
+    
+    private void configureSecurity() throws Exception {
+        rr.j.jenkins.setSecurityRealm(rr.j.createDummySecurityRealm());
+        rr.j.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy()
+                .grant(Jenkins.ADMINISTER).everywhere().toEveryone());
+        rr.j.jenkins.save();
+    }
+    
+    @SuppressWarnings("unchecked")
+    private void assumeLegacyTokenCreation() {
+        Assume.assumeTrue(
+                "New API token system present AND legacy token is not generated on user creation", 
+                BasicApiTokenHelper.isLegacyTokenGeneratedOnUserCreation()
+        );
+    }
+    
+    private String base64(String login, String password) {
+        return "Basic " + Base64.getEncoder().encodeToString((login + ":" + password).getBytes(StandardCharsets.UTF_8));
+    }
+}
-- 
GitLab


From e7bf396555fd89ebc53ee060c9e6f41ee06f9fca Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Mon, 25 Jun 2018 17:12:13 -0400
Subject: [PATCH 637/863] JENKINS-52159: Queue.maintain - tolerate misbehaving
 sorter.sortBuildableItems()

Any plugin that implements the sort step could throw an exception which would break
the maintain() step. As sorting is really an optional step, it really should not be fatal.

Instead, we wrap the step in a try block, log it, and move on with life.

(cherry picked from commit 1083a3f5c648e87464e25815779690eed1fb3296)
---
 core/src/main/java/hudson/model/Queue.java | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/model/Queue.java b/core/src/main/java/hudson/model/Queue.java
index 8aad4b0acc..0556b1c318 100644
--- a/core/src/main/java/hudson/model/Queue.java
+++ b/core/src/main/java/hudson/model/Queue.java
@@ -1569,8 +1569,15 @@ public class Queue extends ResourceController implements Saveable {
                 }
             }
 
-            if (s != null)
-                s.sortBuildableItems(buildables);
+            if (s != null) {
+                try {
+                    s.sortBuildableItems(buildables);
+                } catch (Throwable e) {
+                    // We don't really care if the sort doesn't sort anything, we still should
+                    // continue to do our job. We'll complain about it and continue.
+                    LOGGER.log(Level.WARNING, "s.sortBuildableItems() threw Throwable: {0}", e);
+                }
+            }
             
             // Ensure that identification of blocked tasks is using the live state: JENKINS-27708 & JENKINS-27871
             updateSnapshot();
-- 
GitLab


From 4cb86a5c3055d39cf836a7d662f53e316a6a1cd7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20Gond=C5=BEa?= <ogondza@gmail.com>
Date: Wed, 1 Aug 2018 09:33:31 +0200
Subject: [PATCH 638/863] [FIXED JENKINS-52417] Restrict Beta API removed in
 weekly: FilePath.copyFromRemotely()

---
 core/src/main/java/hudson/FilePath.java | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/core/src/main/java/hudson/FilePath.java b/core/src/main/java/hudson/FilePath.java
index aeb0c08c57..051a3561ba 100644
--- a/core/src/main/java/hudson/FilePath.java
+++ b/core/src/main/java/hudson/FilePath.java
@@ -128,6 +128,7 @@ import org.apache.tools.zip.ZipFile;
 import org.jenkinsci.remoting.RoleChecker;
 import org.jenkinsci.remoting.RoleSensitive;
 import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.DoNotUse;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 import org.kohsuke.stapler.Stapler;
 
@@ -920,11 +921,10 @@ public final class FilePath implements Serializable {
     }
 
     /**
-     * Copies the content of a URL to a remote file.
-     * Unlike {@link #copyFrom} this will not transfer content over a Remoting channel.
-     * @since 2.119
+     * Kept to maintain binary compatibility - restricted to discourage further use as it is removed in newer versions.
      */
-    @Restricted(Beta.class)
+    @Restricted(DoNotUse.class)
+    @RestrictedSince("2.121.3")
     public void copyFromRemotely(URL url) throws IOException, InterruptedException {
         act(new CopyFromRemotely(url));
     }
-- 
GitLab


From f42fe0fc63c9cab33cce361bde16c12ac035efa4 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Thu, 7 Jun 2018 18:15:50 +0200
Subject: [PATCH 639/863] [JENKINS-51777] Don't let tar entries escape target
 dir

(cherry picked from commit 7438abb88fc7d9bbd5f2b265e8fb191179a3c553)
---
 core/src/main/java/hudson/FilePath.java | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/core/src/main/java/hudson/FilePath.java b/core/src/main/java/hudson/FilePath.java
index 051a3561ba..7ec95e032f 100644
--- a/core/src/main/java/hudson/FilePath.java
+++ b/core/src/main/java/hudson/FilePath.java
@@ -2447,6 +2447,10 @@ public final class FilePath implements Serializable {
             TarArchiveEntry te;
             while ((te = t.getNextTarEntry()) != null) {
                 File f = new File(baseDir, te.getName());
+                if (!f.toPath().normalize().startsWith(baseDir.toPath())) {
+                    throw new IOException(
+                            "Tar " + name + " contains illegal file name that breaks out of the target directory: " + te.getName());
+                }
                 if (te.isDirectory()) {
                     mkdirs(f);
                 } else {
-- 
GitLab


From 43e8049892f6298b087679f7b2540b09ccde14b2 Mon Sep 17 00:00:00 2001
From: James Nord <teilo@teilo.net>
Date: Mon, 18 Jun 2018 22:29:21 +0100
Subject: [PATCH 640/863] Merge pull request #3496 from
 jtnord/JENKINS-JENKINS-28683

[JENKINS-28683] (A)PeriodicWork suuport for dynamically loaded plugins.

(cherry picked from commit 1e8c07a4ea963bc19dccd51b5d39ee814bd37f0b)
---
 .../main/java/hudson/model/AperiodicWork.java | 38 +++++++++++-
 .../main/java/hudson/model/PeriodicWork.java  | 41 ++++++++++++-
 .../java/hudson/model/AperiodicWorkTest.java  | 59 +++++++++++++++++++
 .../java/hudson/model/PeriodicWorkTest.java   | 54 +++++++++++++++++
 4 files changed, 189 insertions(+), 3 deletions(-)
 create mode 100644 test/src/test/java/hudson/model/AperiodicWorkTest.java
 create mode 100644 test/src/test/java/hudson/model/PeriodicWorkTest.java

diff --git a/core/src/main/java/hudson/model/AperiodicWork.java b/core/src/main/java/hudson/model/AperiodicWork.java
index fbd4f2c4f7..3c5385c077 100644
--- a/core/src/main/java/hudson/model/AperiodicWork.java
+++ b/core/src/main/java/hudson/model/AperiodicWork.java
@@ -24,12 +24,15 @@
 package hudson.model;
 
 import hudson.ExtensionList;
+import hudson.ExtensionListListener;
 import hudson.ExtensionPoint;
 import hudson.init.Initializer;
 import hudson.triggers.SafeTimerTask;
 import jenkins.util.Timer;
 
+import java.util.HashSet;
 import java.util.Random;
+import java.util.Set;
 import java.util.concurrent.TimeUnit;
 import java.util.logging.Logger;
 
@@ -92,11 +95,17 @@ public abstract class AperiodicWork extends SafeTimerTask implements ExtensionPo
     @Initializer(after= JOB_LOADED)
     public static void init() {
         // start all AperidocWorks
+        ExtensionList<AperiodicWork> extensionList = all();
+        extensionList.addListener(new AperiodicWorkExtensionListListener(extensionList));
         for (AperiodicWork p : AperiodicWork.all()) {
-            Timer.get().schedule(p, p.getInitialDelay(), TimeUnit.MILLISECONDS);
+            scheduleAperiodWork(p);
         }
     }
 
+    private static void scheduleAperiodWork(AperiodicWork ap) {
+        Timer.get().schedule(ap, ap.getInitialDelay(), TimeUnit.MILLISECONDS);
+    }
+
     protected abstract void doAperiodicRun();
     
     /**
@@ -107,4 +116,31 @@ public abstract class AperiodicWork extends SafeTimerTask implements ExtensionPo
     }
 
     private static final Random RANDOM = new Random();
+
+    /**
+     * ExtensionListener that will kick off any new AperiodWork extensions from plugins that are dynamically
+     * loaded.
+     */
+    private static class AperiodicWorkExtensionListListener extends ExtensionListListener {
+
+        private final Set<AperiodicWork> registered = new HashSet<>();
+
+        AperiodicWorkExtensionListListener(ExtensionList<AperiodicWork> initiallyRegistered) {
+            for (AperiodicWork p : initiallyRegistered) {
+                registered.add(p);
+            }
+        }
+
+        @Override
+        public void onChange() {
+            synchronized (registered) {
+                for (AperiodicWork p : AperiodicWork.all()) {
+                    if (!registered.contains(p)) {
+                        scheduleAperiodWork(p);
+                        registered.add(p);
+                    }
+                }
+            }
+        }
+    }
 }
diff --git a/core/src/main/java/hudson/model/PeriodicWork.java b/core/src/main/java/hudson/model/PeriodicWork.java
index aab8342672..1079553551 100644
--- a/core/src/main/java/hudson/model/PeriodicWork.java
+++ b/core/src/main/java/hudson/model/PeriodicWork.java
@@ -23,6 +23,7 @@
  */
 package hudson.model;
 
+import hudson.ExtensionListListener;
 import hudson.init.Initializer;
 import hudson.triggers.SafeTimerTask;
 import hudson.ExtensionPoint;
@@ -30,6 +31,8 @@ import hudson.Extension;
 import hudson.ExtensionList;
 import jenkins.util.Timer;
 
+import java.util.HashSet;
+import java.util.Set;
 import java.util.concurrent.TimeUnit;
 import java.util.logging.Logger;
 import java.util.Random;
@@ -99,15 +102,49 @@ public abstract class PeriodicWork extends SafeTimerTask implements ExtensionPoi
     @Initializer(after= JOB_LOADED)
     public static void init() {
         // start all PeriodicWorks
-        for (PeriodicWork p : PeriodicWork.all()) {
-            Timer.get().scheduleAtFixedRate(p, p.getInitialDelay(), p.getRecurrencePeriod(), TimeUnit.MILLISECONDS);
+        ExtensionList<PeriodicWork> extensionList = all();
+        extensionList.addListener(new PeriodicWorkExtensionListListener(extensionList));
+        for (PeriodicWork p : extensionList) {
+            schedulePeriodicWork(p);
         }
     }
 
+    private static void schedulePeriodicWork(PeriodicWork p) {
+        Timer.get().scheduleAtFixedRate(p, p.getInitialDelay(), p.getRecurrencePeriod(), TimeUnit.MILLISECONDS);
+    }
+
     // time constants
     protected static final long MIN = 1000*60;
     protected static final long HOUR =60*MIN;
     protected static final long DAY = 24*HOUR;
 
     private static final Random RANDOM = new Random();
+
+    /**
+     * ExtensionListener that will kick off any new AperiodWork extensions from plugins that are dynamically
+     * loaded.
+     */
+    private static class PeriodicWorkExtensionListListener extends ExtensionListListener {
+
+        private final Set<PeriodicWork> registered = new HashSet<>();
+
+        PeriodicWorkExtensionListListener(ExtensionList<PeriodicWork> initiallyRegistered) {
+            for (PeriodicWork p : initiallyRegistered) {
+                registered.add(p);
+            }
+        }
+
+        @Override
+        public void onChange() {
+            synchronized (registered) {
+                for (PeriodicWork p : PeriodicWork.all()) {
+                    // it is possibly to programatically remove Extensions but that is rarely used.
+                    if (!registered.contains(p)) {
+                        schedulePeriodicWork(p);
+                        registered.add(p);
+                    }
+                }
+            }
+        }
+    }
 }
diff --git a/test/src/test/java/hudson/model/AperiodicWorkTest.java b/test/src/test/java/hudson/model/AperiodicWorkTest.java
new file mode 100644
index 0000000000..5b81e05c8f
--- /dev/null
+++ b/test/src/test/java/hudson/model/AperiodicWorkTest.java
@@ -0,0 +1,59 @@
+package hudson.model;
+
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.TimeUnit;
+
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.JenkinsRule;
+
+import hudson.ExtensionList;
+
+import static org.hamcrest.Matchers.hasSize;
+import static org.hamcrest.Matchers.is;
+import static org.junit.Assert.assertThat;
+
+public class AperiodicWorkTest {
+
+    @Rule
+    public JenkinsRule jr = new JenkinsRule();
+
+
+    @Test
+    public void newExtensionsAreScheduled() throws Exception {
+        TestAperiodicWork tapw = new TestAperiodicWork();
+
+        int size = AperiodicWork.all().size();
+        ExtensionList.lookup(AperiodicWork.class).add(tapw);
+
+        assertThat("we have one new AperiodicWork", AperiodicWork.all(), hasSize(size+1));
+        assertThat("The task was run within 15 seconds", tapw.doneSignal.await(15, TimeUnit.SECONDS), is(true));
+    }
+
+    private static class TestAperiodicWork extends AperiodicWork {
+
+        CountDownLatch doneSignal = new CountDownLatch(1);
+
+        @Override
+        public long getRecurrencePeriod() {
+            // should make this only ever run once initially for testing.
+            return Long.MAX_VALUE;
+        }
+
+        @Override
+        public long getInitialDelay() {
+            // Don't delay just run it!
+            return 0L;
+        }
+
+        @Override
+        public AperiodicWork getNewInstance() {
+            return this;
+        }
+
+        @Override
+        protected void doAperiodicRun() {
+            doneSignal.countDown();
+        }
+    }
+}
\ No newline at end of file
diff --git a/test/src/test/java/hudson/model/PeriodicWorkTest.java b/test/src/test/java/hudson/model/PeriodicWorkTest.java
new file mode 100644
index 0000000000..fc91dabfde
--- /dev/null
+++ b/test/src/test/java/hudson/model/PeriodicWorkTest.java
@@ -0,0 +1,54 @@
+package hudson.model;
+
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.TimeUnit;
+
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.JenkinsRule;
+
+import hudson.ExtensionList;
+
+import static org.hamcrest.Matchers.hasSize;
+import static org.hamcrest.Matchers.is;
+import static org.junit.Assert.assertThat;
+
+public class PeriodicWorkTest {
+
+    @Rule
+    public JenkinsRule jr = new JenkinsRule();
+
+
+    @Test
+    public void newExtensionsAreScheduled() throws Exception {
+        TestPeriodicWork tpw = new TestPeriodicWork();
+
+        int size = PeriodicWork.all().size();
+        ExtensionList.lookup(PeriodicWork.class).add(tpw);
+
+        assertThat("we have one new PeriodicWork", PeriodicWork.all(), hasSize(size+1));
+        assertThat("The task was run within 15 seconds", tpw.doneSignal.await(15, TimeUnit.SECONDS), is(true));
+    }
+
+    private static class TestPeriodicWork extends PeriodicWork {
+
+        CountDownLatch doneSignal = new CountDownLatch(1);
+
+        @Override
+        public long getRecurrencePeriod() {
+            // should make this only ever run once initially for testing.
+            return Long.MAX_VALUE;
+        }
+
+        @Override
+        public long getInitialDelay() {
+            // Don't delay just run it!
+            return 0L;
+        }
+
+        @Override
+        protected void doRun() throws Exception {
+            doneSignal.countDown();
+        }
+    }
+}
\ No newline at end of file
-- 
GitLab


From 8efcbd8fe073931d0841837e367b080c6b11af9c Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 1 Jun 2018 19:42:14 +0200
Subject: [PATCH 641/863] [JENKINS-51603] - Use CheckForNull instead of
 Nullable

(cherry picked from commit d79c6afd2163a30b549314c7c1185bf8bd1fd149)
---
 core/src/main/java/hudson/slaves/JNLPLauncher.java | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/slaves/JNLPLauncher.java b/core/src/main/java/hudson/slaves/JNLPLauncher.java
index eeafc2bb7f..8307e1c71b 100644
--- a/core/src/main/java/hudson/slaves/JNLPLauncher.java
+++ b/core/src/main/java/hudson/slaves/JNLPLauncher.java
@@ -31,6 +31,7 @@ import hudson.model.DescriptorVisibilityFilter;
 import hudson.model.TaskListener;
 import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
+
 import jenkins.model.Jenkins;
 import jenkins.slaves.RemotingWorkDirSettings;
 import org.jenkinsci.Symbol;
@@ -70,7 +71,7 @@ public class JNLPLauncher extends ComputerLauncher {
     private RemotingWorkDirSettings workDirSettings;
     
     @DataBoundConstructor
-    public JNLPLauncher(@CheckForNull String tunnel, @CheckForNull String vmargs, @Nonnull RemotingWorkDirSettings workDirSettings) {
+    public JNLPLauncher(@CheckForNull String tunnel, @CheckForNull String vmargs, @CheckForNull RemotingWorkDirSettings workDirSettings) {
         this.tunnel = Util.fixEmptyAndTrim(tunnel);
         this.vmargs = Util.fixEmptyAndTrim(vmargs);
         this.workDirSettings = workDirSettings;
-- 
GitLab


From a94769781ed03ed30200fa677347d02c44876c53 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 4 Jun 2018 16:07:12 -0400
Subject: [PATCH 642/863] [JENKINS-51603] The proper way to make a parameter
 optional is to use @DataBoundSetter.

(cherry picked from commit 98b37699152595f35fce7387be0ee1717596650d)
---
 .../main/java/hudson/slaves/JNLPLauncher.java | 36 +++++++++++++------
 .../java/hudson/slaves/JNLPLauncherTest.java  |  9 +++--
 2 files changed, 31 insertions(+), 14 deletions(-)

diff --git a/core/src/main/java/hudson/slaves/JNLPLauncher.java b/core/src/main/java/hudson/slaves/JNLPLauncher.java
index 8307e1c71b..bed08613d8 100644
--- a/core/src/main/java/hudson/slaves/JNLPLauncher.java
+++ b/core/src/main/java/hudson/slaves/JNLPLauncher.java
@@ -38,6 +38,7 @@ import org.jenkinsci.Symbol;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 import org.kohsuke.stapler.DataBoundConstructor;
+import org.kohsuke.stapler.DataBoundSetter;
 
 /**
  * {@link ComputerLauncher} via JNLP.
@@ -68,21 +69,29 @@ public class JNLPLauncher extends ComputerLauncher {
     public final String vmargs;
 
     @Nonnull
-    private RemotingWorkDirSettings workDirSettings;
+    private RemotingWorkDirSettings workDirSettings = RemotingWorkDirSettings.getEnabledDefaults();
+
+    /**
+     * Constructor.
+     * @param tunnel Tunnel settings
+     * @param vmargs JVM arguments
+     * @param workDirSettings Settings for Work Directory management in Remoting.
+     *                        If {@code null}, {@link RemotingWorkDirSettings#getEnabledDefaults()}
+     *                        will be used to enable work directories by default in new agents.
+     * @since 2.68
+     */
+    @Deprecated
+    public JNLPLauncher(@CheckForNull String tunnel, @CheckForNull String vmargs, @CheckForNull RemotingWorkDirSettings workDirSettings) {
+        this(tunnel, vmargs);
+        if (workDirSettings != null) {
+            setWorkDirSettings(workDirSettings);
+        }
+    }
     
     @DataBoundConstructor
-    public JNLPLauncher(@CheckForNull String tunnel, @CheckForNull String vmargs, @CheckForNull RemotingWorkDirSettings workDirSettings) {
+    public JNLPLauncher(@CheckForNull String tunnel, @CheckForNull String vmargs) {
         this.tunnel = Util.fixEmptyAndTrim(tunnel);
         this.vmargs = Util.fixEmptyAndTrim(vmargs);
-        this.workDirSettings = workDirSettings;
-    }
-    
-    @Deprecated
-    public JNLPLauncher(String tunnel, String vmargs) {
-        // TODO: Enable workDir by default in API? Otherwise classes inheriting from JNLPLauncher
-        // will need to enable the feature by default as well.
-        // https://github.com/search?q=org%3Ajenkinsci+%22extends+JNLPLauncher%22&type=Code
-        this(tunnel, vmargs, RemotingWorkDirSettings.getDisabledDefaults());
     }
 
     /**
@@ -122,6 +131,11 @@ public class JNLPLauncher extends ComputerLauncher {
     public RemotingWorkDirSettings getWorkDirSettings() {
         return workDirSettings;
     }
+
+    @DataBoundSetter
+    public final void setWorkDirSettings(@Nonnull RemotingWorkDirSettings workDirSettings) {
+        this.workDirSettings = workDirSettings;
+    }
     
     @Override
     public boolean isLaunchSupported() {
diff --git a/test/src/test/java/hudson/slaves/JNLPLauncherTest.java b/test/src/test/java/hudson/slaves/JNLPLauncherTest.java
index 2d34ae63eb..702673bbda 100644
--- a/test/src/test/java/hudson/slaves/JNLPLauncherTest.java
+++ b/test/src/test/java/hudson/slaves/JNLPLauncherTest.java
@@ -148,10 +148,9 @@ public class JNLPLauncherTest {
     
     @Test
     @Issue("JENKINS-44112")
+    @SuppressWarnings("deprecation")
     public void testDefaults() throws Exception {
-        String errorMsg = "Work directory should be disabled for agents created via old API";
-        assertTrue(errorMsg, new JNLPLauncher().getWorkDirSettings().isDisabled());
-        assertTrue(errorMsg, new JNLPLauncher(null, null).getWorkDirSettings().isDisabled());
+        assertTrue("Work directory should be disabled for agents created via old API", new JNLPLauncher().getWorkDirSettings().isDisabled());
     }
 
     @Test
@@ -286,8 +285,12 @@ public class JNLPLauncherTest {
         DumbSlave s = j.createSlave();
         JNLPLauncher original = new JNLPLauncher("a", "b");
         s.setLauncher(original);
+        j.assertEqualDataBoundBeans(((JNLPLauncher) s.getLauncher()).getWorkDirSettings(), RemotingWorkDirSettings.getEnabledDefaults());
+        RemotingWorkDirSettings custom = new RemotingWorkDirSettings(false, null, "custom", false);
+        ((JNLPLauncher) s.getLauncher()).setWorkDirSettings(custom);
         HtmlPage p = j.createWebClient().getPage(s, "configure");
         j.submit(p.getFormByName("config"));
         j.assertEqualBeans(original,s.getLauncher(),"tunnel,vmargs");
+        j.assertEqualDataBoundBeans(((JNLPLauncher) s.getLauncher()).getWorkDirSettings(), custom);
     }
 }
-- 
GitLab


From 37d3a2e5ee48e1bf9242a79707973e6f074bcc38 Mon Sep 17 00:00:00 2001
From: Pavel Avgustinov <pavgust@users.noreply.github.com>
Date: Fri, 8 Jun 2018 23:31:46 +0100
Subject: [PATCH 643/863] Fix potential deadlock between queue maintenance and
 asynchronous execution (#3354)

[JENKINS-46248] - Fix potential deadlock between queue maintenance and asynchronous execution

(cherry picked from commit 01b1f1ddbcad7ed8ea781e41ba4bd8d890f13c67)
---
 core/src/main/java/hudson/model/Executor.java |  3 +-
 .../model/queue/AsynchronousExecution.java    | 28 ++++++++++++++-----
 2 files changed, 23 insertions(+), 8 deletions(-)

diff --git a/core/src/main/java/hudson/model/Executor.java b/core/src/main/java/hudson/model/Executor.java
index 8c02d8ff64..3b160ae927 100644
--- a/core/src/main/java/hudson/model/Executor.java
+++ b/core/src/main/java/hudson/model/Executor.java
@@ -431,11 +431,12 @@ public class Executor extends Thread implements ModelObject {
             } catch (AsynchronousExecution x) {
                 lock.writeLock().lock();
                 try {
-                    x.setExecutor(this);
+                    x.setExecutorWithoutCompleting(this);
                     this.asynchronousExecution = x;
                 } finally {
                     lock.writeLock().unlock();
                 }
+                x.maybeComplete();
             } catch (Throwable e) {
                 problems = e;
             } finally {
diff --git a/core/src/main/java/jenkins/model/queue/AsynchronousExecution.java b/core/src/main/java/jenkins/model/queue/AsynchronousExecution.java
index 7ed0816572..c99dd40de6 100644
--- a/core/src/main/java/jenkins/model/queue/AsynchronousExecution.java
+++ b/core/src/main/java/jenkins/model/queue/AsynchronousExecution.java
@@ -39,6 +39,7 @@ import javax.annotation.Nonnull;
 import javax.annotation.concurrent.GuardedBy;
 import jenkins.model.Jenkins;
 import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.DoNotUse;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 
 /**
@@ -61,7 +62,7 @@ public abstract class AsynchronousExecution extends RuntimeException {
 
     /**
      * Initially null, and usually stays null.
-     * If {@link #completed} is called before {@link #setExecutor}, then either {@link #NULL} for success, or the error.
+     * If {@link #completed} is called before {@link #setExecutorWithoutCompleting}, then either {@link #NULL} for success, or the error.
      */
     @GuardedBy("this")
     private @CheckForNull Throwable result;
@@ -98,7 +99,7 @@ public abstract class AsynchronousExecution extends RuntimeException {
 
     /**
      * Obtains the associated executor.
-     * @return Associated Executor. May be {@code null} if {@link #setExecutor(hudson.model.Executor)} 
+     * @return Associated Executor. May be {@code null} if {@link #setExecutorWithoutCompleting(hudson.model.Executor)} 
      * has not been called yet.
      */
     @CheckForNull
@@ -106,13 +107,26 @@ public abstract class AsynchronousExecution extends RuntimeException {
         return executor;
     }
 
+    /**
+     * Set the executor without notifying it about task completion.
+     * The caller <b>must</b> also call {@link #maybeComplete()}
+     * after releasing any problematic locks.
+     */
     @Restricted(NoExternalUse.class)
-    public synchronized final void setExecutor(@Nonnull Executor executor) {
-        assert this.executor==null;
-
+    public synchronized final void setExecutorWithoutCompleting(@Nonnull Executor executor) {
+        assert this.executor == null;
         this.executor = executor;
-        if (result!=null) {
-            executor.completedAsynchronous( result!=NULL ? result : null );
+    }
+
+    /**
+     * If there is a pending completion notification, deliver it to the executor.
+     * Must be called after {@link #setExecutorWithoutCompleting(Executor)}.
+     */
+    @Restricted(NoExternalUse.class)
+    public synchronized final void maybeComplete() {
+        assert this.executor != null;
+        if (result != null) {
+            executor.completedAsynchronous(result != NULL ? result : null);
             result = null;
         }
     }
-- 
GitLab


From 0077685929982496995c7fe4bb04ce80c6e0d78a Mon Sep 17 00:00:00 2001
From: ValHaris <martin@asc-hq.org>
Date: Sat, 14 Jul 2018 16:53:07 +0200
Subject: [PATCH 644/863] [JENKINS-52534] Add java.time.Ser to security
 whitelisted classes (JEP-200) (#3542)

(cherry picked from commit dfd5dcbec2dcbe2d9aa84a4901754119ad298950)
---
 core/src/main/resources/jenkins/security/whitelisted-classes.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/src/main/resources/jenkins/security/whitelisted-classes.txt b/core/src/main/resources/jenkins/security/whitelisted-classes.txt
index 3ad58670b6..3ddb8d841a 100644
--- a/core/src/main/resources/jenkins/security/whitelisted-classes.txt
+++ b/core/src/main/resources/jenkins/security/whitelisted-classes.txt
@@ -59,6 +59,7 @@ java.math.BigInteger
 java.net.URI
 java.net.URL
 java.security.KeyRep
+java.time.Ser
 java.util.ArrayDeque
 java.util.ArrayList
 java.util.Arrays$ArrayList
-- 
GitLab


From 727d58f690abf64f543407e1de3545eca76ad30e Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Wed, 1 Aug 2018 18:19:32 +0200
Subject: [PATCH 645/863] [SECURITY-637]

---
 core/src/main/java/hudson/util/XStream2.java  |   3 +
 .../util/xstream/SafeURLConverter.java        |  55 ++++
 pom.xml                                       |   2 +-
 .../jenkins/security/Security637Test.java     | 238 ++++++++++++++++++
 4 files changed, 297 insertions(+), 1 deletion(-)
 create mode 100644 core/src/main/java/jenkins/util/xstream/SafeURLConverter.java
 create mode 100644 test/src/test/java/jenkins/security/Security637Test.java

diff --git a/core/src/main/java/hudson/util/XStream2.java b/core/src/main/java/hudson/util/XStream2.java
index dc91ccec4a..1489a2ba7c 100644
--- a/core/src/main/java/hudson/util/XStream2.java
+++ b/core/src/main/java/hudson/util/XStream2.java
@@ -50,6 +50,7 @@ import hudson.diagnosis.OldDataMonitor;
 import hudson.remoting.ClassFilter;
 import hudson.util.xstream.ImmutableSetConverter;
 import hudson.util.xstream.ImmutableSortedSetConverter;
+import jenkins.util.xstream.SafeURLConverter;
 import jenkins.model.Jenkins;
 import hudson.model.Label;
 import hudson.model.Result;
@@ -157,6 +158,8 @@ public class XStream2 extends XStream {
         registerConverter(new CopyOnWriteMap.Tree.ConverterImpl(getMapper()),10); // needs to override MapConverter
         registerConverter(new DescribableList.ConverterImpl(getMapper()),10); // explicitly added to handle subtypes
         registerConverter(new Label.ConverterImpl(),10);
+        // SECURITY-637 against URL deserialization
+        registerConverter(new SafeURLConverter(),10); 
 
         // this should come after all the XStream's default simpler converters,
         // but before reflection-based one kicks in.
diff --git a/core/src/main/java/jenkins/util/xstream/SafeURLConverter.java b/core/src/main/java/jenkins/util/xstream/SafeURLConverter.java
new file mode 100644
index 0000000000..0de0a10074
--- /dev/null
+++ b/core/src/main/java/jenkins/util/xstream/SafeURLConverter.java
@@ -0,0 +1,55 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018 CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.util.xstream;
+
+import com.thoughtworks.xstream.converters.ConversionException;
+import com.thoughtworks.xstream.converters.basic.URLConverter;
+import hudson.remoting.URLDeserializationHelper;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+
+import java.io.IOException;
+import java.net.URL;
+import java.net.URLStreamHandler;
+
+/**
+ * Wrap the URL handler during deserialization into a specific one that does not generate DNS query on the hostname
+ * for {@link URLStreamHandler#equals(URL, URL)} or {@link URLStreamHandler#hashCode(URL)}. 
+ * Required to protect against SECURITY-637
+ * 
+ * @since TODO
+ */
+@Restricted(NoExternalUse.class)
+public class SafeURLConverter extends URLConverter {
+    
+    @Override
+    public Object fromString(String str) {
+        URL url = (URL) super.fromString(str);
+        try {
+            return URLDeserializationHelper.wrapIfRequired(url);
+        } catch (IOException e) {
+            throw new ConversionException(e);
+        }
+    }
+}
diff --git a/pom.xml b/pom.xml
index 4b9d54ce7f..3830d184f1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -168,7 +168,7 @@ THE SOFTWARE.
       <dependency>
         <groupId>org.jenkins-ci.main</groupId>
         <artifactId>remoting</artifactId>
-        <version>3.10.2</version>
+        <version>3.10.3</version>
       </dependency>
 
       <dependency>
diff --git a/test/src/test/java/jenkins/security/Security637Test.java b/test/src/test/java/jenkins/security/Security637Test.java
new file mode 100644
index 0000000000..7a38df6a6b
--- /dev/null
+++ b/test/src/test/java/jenkins/security/Security637Test.java
@@ -0,0 +1,238 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018 CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.security;
+
+import hudson.Launcher;
+import hudson.model.AbstractBuild;
+import hudson.model.BuildListener;
+import hudson.model.FreeStyleProject;
+import hudson.model.JobProperty;
+import hudson.model.JobPropertyDescriptor;
+import hudson.slaves.DumbSlave;
+import org.apache.commons.lang.StringUtils;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runners.model.Statement;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.RestartableJenkinsRule;
+import org.jvnet.hudson.test.TestExtension;
+
+import java.io.IOException;
+import java.lang.reflect.Field;
+import java.net.URL;
+import java.net.URLStreamHandler;
+import java.util.HashSet;
+import java.util.Set;
+
+import static org.hamcrest.CoreMatchers.containsString;
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.hamcrest.CoreMatchers.not;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertThat;
+
+public class Security637Test {
+    
+    @Rule
+    public RestartableJenkinsRule rr = new RestartableJenkinsRule();
+    
+    @Test
+    @Issue("SECURITY-637")
+    public void urlSafeDeserialization_handler_inSameJVMRemotingContext() {
+        rr.addStep(new Statement() {
+            @Override
+            public void evaluate() throws Exception {
+                DumbSlave slave = rr.j.createOnlineSlave();
+                String unsafeHandlerClassName = slave.getChannel().call(new URLHandlerCallable(new URL("https://www.google.com/")));
+                assertThat(unsafeHandlerClassName, containsString("SafeURLStreamHandler"));
+                
+                String safeHandlerClassName = slave.getChannel().call(new URLHandlerCallable(new URL("file", null, -1, "", null)));
+                assertThat(safeHandlerClassName, not(containsString("SafeURLStreamHandler")));
+            }
+        });
+    }
+    
+    private static class URLHandlerCallable extends MasterToSlaveCallable<String, Exception> {
+        private URL url;
+        
+        public URLHandlerCallable(URL url) {
+            this.url = url;
+        }
+        
+        @Override
+        public String call() throws Exception {
+            Field handlerField = URL.class.getDeclaredField("handler");
+            handlerField.setAccessible(true);
+            URLStreamHandler handler = (URLStreamHandler) handlerField.get(url);
+            return handler.getClass().getName();
+        }
+    }
+    
+    @Test
+    @Issue("SECURITY-637")
+    public void urlDnsEquivalence() {
+        rr.addStep(new Statement() {
+            @Override
+            public void evaluate() throws Exception {
+                // due to the DNS resolution they are equal
+                assertEquals(
+                        new URL("https://jenkins.io"),
+                        new URL("https://www.jenkins.io")
+                );
+            }
+        });
+    }
+    
+    @Test
+    @Issue("SECURITY-637")
+    public void urlSafeDeserialization_urlBuiltInAgent_inSameJVMRemotingContext() {
+        rr.addStep(new Statement() {
+            @Override
+            public void evaluate() throws Exception {
+                DumbSlave slave = rr.j.createOnlineSlave();
+                
+                // we bypass the standard equals method that resolve the hostname
+                assertThat(
+                        slave.getChannel().call(new URLBuilderCallable("https://jenkins.io")),
+                        not(equalTo(
+                                slave.getChannel().call(new URLBuilderCallable("https://www.jenkins.io"))
+                        ))
+                );
+            }
+        });
+    }
+    
+    private static class URLBuilderCallable extends MasterToSlaveCallable<URL, Exception> {
+        private String url;
+        
+        public URLBuilderCallable(String url) {
+            this.url = url;
+        }
+        
+        @Override
+        public URL call() throws Exception {
+            return new URL(url);
+        }
+    }
+    
+    @Test
+    @Issue("SECURITY-637")
+    public void urlSafeDeserialization_urlBuiltInMaster_inSameJVMRemotingContext() {
+        rr.addStep(new Statement() {
+            @Override
+            public void evaluate() throws Exception {
+                DumbSlave slave = rr.j.createOnlineSlave();
+                
+                // we bypass the standard equals method that resolve the hostname
+                assertThat(
+                        slave.getChannel().call(new URLTransferCallable(new URL("https://jenkins.io"))),
+                        not(equalTo(
+                                slave.getChannel().call(new URLTransferCallable(new URL("https://www.jenkins.io")))
+                        ))
+                );
+                
+                // due to the DNS resolution they are equal
+                assertEquals(
+                        new URL("https://jenkins.io"),
+                        new URL("https://www.jenkins.io")
+                );
+            }
+        });
+    }
+    
+    // the URL is serialized / deserialized twice, master => agent and then agent => master
+    private static class URLTransferCallable extends MasterToSlaveCallable<URL, Exception> {
+        private URL url;
+        
+        public URLTransferCallable(URL url) {
+            this.url = url;
+        }
+        
+        @Override
+        public URL call() throws Exception {
+            return url;
+        }
+    }
+    
+    @Test
+    @Issue("SECURITY-637")
+    public void urlSafeDeserialization_inXStreamContext() {
+        rr.addStep(new Statement() {
+            @Override
+            public void evaluate() throws Exception {
+                FreeStyleProject project = rr.j.createFreeStyleProject("project-with-url");
+                URLJobProperty URLJobProperty = new URLJobProperty(
+                        // url to be wrapped
+                        new URL("https://www.google.com/"),
+                        // safe url, not required to be wrapped
+                        new URL("https", null, -1, "", null)
+                );
+                project.addProperty(URLJobProperty);
+                
+                project.save();
+            }
+        });
+        
+        rr.addStep(new Statement() {
+            @Override
+            public void evaluate() throws Exception {
+                FreeStyleProject project = rr.j.jenkins.getItemByFullName("project-with-url", FreeStyleProject.class);
+                assertNotNull(project);
+                
+                Field handlerField = URL.class.getDeclaredField("handler");
+                handlerField.setAccessible(true);
+                
+                URLJobProperty urlJobProperty = project.getProperty(URLJobProperty.class);
+                for (URL url : urlJobProperty.urlSet) {
+                    URLStreamHandler handler = (URLStreamHandler) handlerField.get(url);
+                    if (StringUtils.isEmpty(url.getHost())) {
+                        assertThat(handler.getClass().getName(), not(containsString("SafeURLStreamHandler")));
+                    } else {
+                        assertThat(handler.getClass().getName(), containsString("SafeURLStreamHandler"));
+                    }
+                }
+            }
+        });
+    }
+    
+    public static class URLJobProperty extends JobProperty<FreeStyleProject> {
+        
+        private Set<URL> urlSet;
+        
+        public URLJobProperty(URL... urls) throws Exception {
+            this.urlSet = new HashSet<>();
+            for (URL url : urls) {
+                urlSet.add(url);
+            }
+        }
+        
+        @Override
+        public boolean perform(AbstractBuild<?, ?> build, Launcher launcher, BuildListener listener) throws InterruptedException, IOException {
+            return true;
+        }
+        
+        @TestExtension("urlSafeDeserialization_inXStreamContext")
+        public static class DescriptorImpl extends JobPropertyDescriptor {}
+    }
+}
-- 
GitLab


From 78e012abca5fde500f071a918da3e54b38b53b28 Mon Sep 17 00:00:00 2001
From: Nicolas De loof <nicolas.deloof@gmail.com>
Date: Wed, 1 Aug 2018 20:03:35 +0200
Subject: [PATCH 646/863] [JENKINS-52794] - offer symetrical getter for
 databound constructor parameter "env" (#3566)

* offer symetrical getter for databound constructor parameter "env"

Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>

* javadoc

Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
---
 .../slaves/EnvironmentVariablesNodeProperty.java  | 15 +++++++++++++++
 .../EnvironmentVariablesNodeProperty/config.jelly |  2 +-
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/slaves/EnvironmentVariablesNodeProperty.java b/core/src/main/java/hudson/slaves/EnvironmentVariablesNodeProperty.java
index d41b8c49a1..ae09c30ef6 100644
--- a/core/src/main/java/hudson/slaves/EnvironmentVariablesNodeProperty.java
+++ b/core/src/main/java/hudson/slaves/EnvironmentVariablesNodeProperty.java
@@ -39,6 +39,9 @@ import org.kohsuke.stapler.Stapler;
 import java.io.IOException;
 import java.util.Arrays;
 import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.stream.Collectors;
 
 /**
  * {@link NodeProperty} that sets additional environment variables.
@@ -65,6 +68,14 @@ public class EnvironmentVariablesNodeProperty extends NodeProperty<Node> {
     	return envVars;
     }
 
+    /**
+     * @return environment variables using same data type as constructor parameter.
+     * @since TODO
+     */
+    public List<Entry> getEnv() {
+        return envVars.entrySet().stream().map(Entry::new).collect(Collectors.toList());
+    }
+
     @Override
     public Environment setUp(AbstractBuild build, Launcher launcher,
 			BuildListener listener) throws IOException, InterruptedException {
@@ -100,6 +111,10 @@ public class EnvironmentVariablesNodeProperty extends NodeProperty<Node> {
 	public static class Entry {
 		public String key, value;
 
+		private Entry(Map.Entry<String,String> e) {
+		    this(e.getKey(), e.getValue());
+        }
+
 		@DataBoundConstructor
 		public Entry(String key, String value) {
 			this.key = key;
diff --git a/core/src/main/resources/hudson/slaves/EnvironmentVariablesNodeProperty/config.jelly b/core/src/main/resources/hudson/slaves/EnvironmentVariablesNodeProperty/config.jelly
index b2becef5dc..a972228484 100644
--- a/core/src/main/resources/hudson/slaves/EnvironmentVariablesNodeProperty/config.jelly
+++ b/core/src/main/resources/hudson/slaves/EnvironmentVariablesNodeProperty/config.jelly
@@ -25,7 +25,7 @@ THE SOFTWARE.
 <j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define"
 	xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
   <f:entry title="${%List of variables}" help="${descriptor.getHelpPage()}">
-    <f:repeatable var="env" items="${instance.envVars.entrySet()}">
+    <f:repeatable var="env" items="${instance.env}">
       <table width="100%">
         <f:entry title="${%Name}">
           <f:textbox name="env.key" value="${env.key}" />
-- 
GitLab


From 6867e4469525d16319b1bae9c840b933fe4e23c4 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Thu, 2 Aug 2018 01:33:23 +0200
Subject: [PATCH 647/863] [SECURITY-1071]

---
 core/src/main/java/hudson/PluginManager.java  | 18 +++++++++++-
 .../lifecycle/WindowsInstallerLink.java       |  7 +++--
 .../hudson/logging/LogRecorderManager.java    | 21 +++++++++++++-
 .../main/java/hudson/model/AbstractItem.java  | 18 +++++++++++-
 core/src/main/java/hudson/model/Computer.java |  1 +
 .../main/java/hudson/model/UpdateCenter.java  | 29 ++++++++++++-------
 core/src/main/java/hudson/model/User.java     | 19 +++++++++++-
 core/src/main/java/hudson/model/View.java     |  2 +-
 .../java/hudson/model/ViewDescriptor.java     |  1 -
 core/src/main/java/hudson/search/Search.java  | 21 ++++++++++++--
 .../security/s2m/AdminWhitelistRule.java      |  2 --
 11 files changed, 115 insertions(+), 24 deletions(-)

diff --git a/core/src/main/java/hudson/PluginManager.java b/core/src/main/java/hudson/PluginManager.java
index c7fd4e1b83..2066556429 100644
--- a/core/src/main/java/hudson/PluginManager.java
+++ b/core/src/main/java/hudson/PluginManager.java
@@ -88,6 +88,7 @@ import org.kohsuke.stapler.HttpResponse;
 import org.kohsuke.stapler.HttpResponses;
 import org.kohsuke.stapler.QueryParameter;
 import org.kohsuke.stapler.StaplerOverridable;
+import org.kohsuke.stapler.StaplerProxy;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.StaplerResponse;
 import org.kohsuke.stapler.export.Exported;
@@ -175,7 +176,7 @@ import org.kohsuke.accmod.restrictions.NoExternalUse;
  * @author Kohsuke Kawaguchi
  */
 @ExportedBean
-public abstract class PluginManager extends AbstractModelObject implements OnMaster, StaplerOverridable {
+public abstract class PluginManager extends AbstractModelObject implements OnMaster, StaplerOverridable, StaplerProxy {
     /** Custom plugin manager system property or context param. */
     public static final String CUSTOM_PLUGIN_MANAGER = PluginManager.class.getName() + ".className";
 
@@ -2052,4 +2053,19 @@ public abstract class PluginManager extends AbstractModelObject implements OnMas
         }
 
     }
+
+    @Override
+    @Restricted(NoExternalUse.class)
+    public Object getTarget() {
+        if (!SKIP_PERMISSION_CHECK) {
+            Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
+        }
+        return this;
+    }
+
+    /**
+     * Escape hatch for StaplerProxy-based access control
+     */
+    @Restricted(NoExternalUse.class)
+    public static /* Script Console modifiable */ boolean SKIP_PERMISSION_CHECK = Boolean.getBoolean(PluginManager.class.getName() + ".skipPermissionCheck");
 }
diff --git a/core/src/main/java/hudson/lifecycle/WindowsInstallerLink.java b/core/src/main/java/hudson/lifecycle/WindowsInstallerLink.java
index 14bbb60584..b218d59640 100644
--- a/core/src/main/java/hudson/lifecycle/WindowsInstallerLink.java
+++ b/core/src/main/java/hudson/lifecycle/WindowsInstallerLink.java
@@ -112,6 +112,8 @@ public class WindowsInstallerLink extends ManagementLink {
      */
     @RequirePOST
     public void doDoInstall(StaplerRequest req, StaplerResponse rsp, @QueryParameter("dir") String _dir) throws IOException, ServletException {
+        Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
+
         if(installationDir!=null) {
             // installation already complete
             sendError("Installation is already complete",req,rsp);
@@ -121,8 +123,6 @@ public class WindowsInstallerLink extends ManagementLink {
             sendError(".NET Framework 2.0 or later is required for this feature",req,rsp);
             return;
         }
-        
-        Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
 
         File dir = new File(_dir).getAbsoluteFile();
         dir.mkdirs();
@@ -174,6 +174,8 @@ public class WindowsInstallerLink extends ManagementLink {
 
     @RequirePOST
     public void doRestart(StaplerRequest req, StaplerResponse rsp) throws IOException, ServletException {
+        Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
+
         if(installationDir==null) {
             // if the user reloads the page after Hudson has restarted,
             // it comes back here. In such a case, don't let this restart Hudson.
@@ -181,7 +183,6 @@ public class WindowsInstallerLink extends ManagementLink {
             rsp.sendRedirect(req.getContextPath()+"/");
             return;
         }
-        Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
 
         rsp.forward(this,"_restart",req);
         final File oldRoot = Jenkins.getInstance().getRootDir();
diff --git a/core/src/main/java/hudson/logging/LogRecorderManager.java b/core/src/main/java/hudson/logging/LogRecorderManager.java
index bac8c8b685..765253341b 100644
--- a/core/src/main/java/hudson/logging/LogRecorderManager.java
+++ b/core/src/main/java/hudson/logging/LogRecorderManager.java
@@ -25,6 +25,7 @@ package hudson.logging;
 
 import hudson.FeedAdapter;
 import hudson.Functions;
+import hudson.PluginManager;
 import hudson.init.Initializer;
 import static hudson.init.InitMilestone.PLUGINS_PREPARED;
 import hudson.model.AbstractModelObject;
@@ -35,7 +36,10 @@ import jenkins.model.JenkinsLocationConfiguration;
 import jenkins.model.ModelObjectWithChildren;
 import jenkins.model.ModelObjectWithContextMenu.ContextMenu;
 import org.apache.commons.io.filefilter.WildcardFileFilter;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
 import org.kohsuke.stapler.QueryParameter;
+import org.kohsuke.stapler.StaplerProxy;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.StaplerResponse;
 import org.kohsuke.stapler.HttpResponse;
@@ -61,7 +65,7 @@ import java.util.logging.Logger;
  *
  * @author Kohsuke Kawaguchi
  */
-public class LogRecorderManager extends AbstractModelObject implements ModelObjectWithChildren {
+public class LogRecorderManager extends AbstractModelObject implements ModelObjectWithChildren, StaplerProxy {
     /**
      * {@link LogRecorder}s keyed by their {@linkplain LogRecorder#name name}.
      */
@@ -198,4 +202,19 @@ public class LogRecorderManager extends AbstractModelObject implements ModelObje
     public static void init(Jenkins h) throws IOException {
         h.getLog().load();
     }
+
+    @Override
+    @Restricted(NoExternalUse.class)
+    public Object getTarget() {
+        if (!SKIP_PERMISSION_CHECK) {
+            Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
+        }
+        return this;
+    }
+
+    /**
+     * Escape hatch for StaplerProxy-based access control
+     */
+    @Restricted(NoExternalUse.class)
+    public static /* Script Console modifiable */ boolean SKIP_PERMISSION_CHECK = Boolean.getBoolean(LogRecorderManager.class.getName() + ".skipPermissionCheck");
 }
diff --git a/core/src/main/java/hudson/model/AbstractItem.java b/core/src/main/java/hudson/model/AbstractItem.java
index 8cd5a1625e..9abd3e8708 100644
--- a/core/src/main/java/hudson/model/AbstractItem.java
+++ b/core/src/main/java/hudson/model/AbstractItem.java
@@ -56,6 +56,7 @@ import jenkins.util.xml.XMLUtils;
 
 import org.apache.tools.ant.taskdefs.Copy;
 import org.apache.tools.ant.types.FileSet;
+import org.kohsuke.stapler.StaplerProxy;
 import org.kohsuke.stapler.WebMethod;
 import org.kohsuke.stapler.export.Exported;
 import org.kohsuke.stapler.export.ExportedBean;
@@ -103,7 +104,7 @@ import org.kohsuke.stapler.Ancestor;
 // Item doesn't necessarily have to be Actionable, but
 // Java doesn't let multiple inheritance.
 @ExportedBean
-public abstract class AbstractItem extends Actionable implements Item, HttpDeletable, AccessControlled, DescriptorByNameOwner {
+public abstract class AbstractItem extends Actionable implements Item, HttpDeletable, AccessControlled, DescriptorByNameOwner, StaplerProxy {
 
     private static final Logger LOGGER = Logger.getLogger(AbstractItem.class.getName());
 
@@ -836,6 +837,21 @@ public abstract class AbstractItem extends Actionable implements Item, HttpDelet
         return super.toString() + '[' + (parent != null ? getFullName() : "?/" + name) + ']';
     }
 
+    @Override
+    @Restricted(NoExternalUse.class)
+    public Object getTarget() {
+        if (!SKIP_PERMISSION_CHECK) {
+            getACL().checkPermission(Item.READ);
+        }
+        return this;
+    }
+
+    /**
+     * Escape hatch for StaplerProxy-based access control
+     */
+    @Restricted(NoExternalUse.class)
+    public static /* Script Console modifiable */ boolean SKIP_PERMISSION_CHECK = Boolean.getBoolean(AbstractItem.class.getName() + ".skipPermissionCheck");
+
     /**
      * Used for CLI binding.
      */
diff --git a/core/src/main/java/hudson/model/Computer.java b/core/src/main/java/hudson/model/Computer.java
index afad020673..789ed8052f 100644
--- a/core/src/main/java/hudson/model/Computer.java
+++ b/core/src/main/java/hudson/model/Computer.java
@@ -325,6 +325,7 @@ public /*transient*/ abstract class Computer extends Actionable implements Acces
      * Used to URL-bind {@link AnnotatedLargeText}.
      */
     public AnnotatedLargeText<Computer> getLogText() {
+        checkPermission(CONNECT);
         return new AnnotatedLargeText<Computer>(getLogFile(), Charset.defaultCharset(), false, this);
     }
 
diff --git a/core/src/main/java/hudson/model/UpdateCenter.java b/core/src/main/java/hudson/model/UpdateCenter.java
index cf6cb0d684..49d452ce23 100644
--- a/core/src/main/java/hudson/model/UpdateCenter.java
+++ b/core/src/main/java/hudson/model/UpdateCenter.java
@@ -70,6 +70,7 @@ import org.jenkinsci.Symbol;
 import org.jvnet.localizer.Localizable;
 import org.kohsuke.accmod.restrictions.DoNotUse;
 import org.kohsuke.stapler.HttpResponse;
+import org.kohsuke.stapler.StaplerProxy;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.StaplerResponse;
 
@@ -146,7 +147,7 @@ import org.kohsuke.stapler.interceptor.RequirePOST;
  * @since 1.220
  */
 @ExportedBean
-public class UpdateCenter extends AbstractModelObject implements Saveable, OnMaster {
+public class UpdateCenter extends AbstractModelObject implements Saveable, OnMaster, StaplerProxy {
 
     private static final String UPDATE_CENTER_URL = SystemProperties.getString(UpdateCenter.class.getName()+".updateCenterUrl","http://updates.jenkins-ci.org/");
 
@@ -292,7 +293,6 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
     }
 
     public Api getApi() {
-        Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
         return new Api(this);
     }
 
@@ -364,7 +364,6 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
      */
     @Restricted(DoNotUse.class)
     public HttpResponse doConnectionStatus(StaplerRequest request) {
-        Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
         try {
             String siteId = request.getParameter("siteId");
             if (siteId == null) {
@@ -417,7 +416,6 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
      */
     @Restricted(DoNotUse.class) // WebOnly
     public HttpResponse doIncompleteInstallStatus() {
-        Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
         try {
         Map<String,String> jobs = InstallUtil.getPersistedInstallStatus();
         if(jobs == null) {
@@ -467,7 +465,6 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
      */
     @Restricted(DoNotUse.class)
     public HttpResponse doInstallStatus(StaplerRequest request) {
-        Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
         try {
             String correlationId = request.getParameter("correlationId");
             Map<String,Object> response = new HashMap<>();
@@ -620,7 +617,6 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
      */
     @RequirePOST
     public void doUpgrade(StaplerResponse rsp) throws IOException, ServletException {
-        Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
         HudsonUpgradeJob job = new HudsonUpgradeJob(getCoreSource(), Jenkins.getAuthentication());
         if(!Lifecycle.get().canRewriteHudsonWar()) {
             sendError("Jenkins upgrade not supported in this running mode");
@@ -639,7 +635,6 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
      */
     @RequirePOST
     public HttpResponse doInvalidateData() {
-        Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
         for (UpdateSite site : sites) {
             site.doInvalidateData();
         }
@@ -655,7 +650,6 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
     public void doSafeRestart(StaplerRequest request, StaplerResponse response) throws IOException, ServletException {
         synchronized (jobs) {
             if (!isRestartScheduled()) {
-                Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
                 addJob(new RestartJenkinsJob(getCoreSource()));
                 LOGGER.info("Scheduling Jenkins reboot");
             }
@@ -726,7 +720,6 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
      */
     @RequirePOST
     public void doDowngrade(StaplerResponse rsp) throws IOException, ServletException {
-        Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
         if(!isDowngradable()) {
             sendError("Jenkins downgrade is not possible, probably backup does not exist");
             return;
@@ -743,7 +736,6 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
      */
     @RequirePOST
     public void doRestart(StaplerResponse rsp) throws IOException, ServletException {
-        Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
         HudsonDowngradeJob job = new HudsonDowngradeJob(getCoreSource(), Jenkins.getAuthentication());
         LOGGER.info("Scheduling the core downgrade");
 
@@ -982,7 +974,6 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
         return results;
     }
 
-
     /**
      * {@link AdministrativeMonitor} that checks if there's Jenkins update.
      */
@@ -2198,6 +2189,22 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
         }
     }
 
+    @Override
+    @Restricted(NoExternalUse.class)
+    public Object getTarget() {
+        if (!SKIP_PERMISSION_CHECK) {
+            Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
+        }
+        return this;
+    }
+
+    /**
+     * Escape hatch for StaplerProxy-based access control
+     */
+    @Restricted(NoExternalUse.class)
+    public static /* Script Console modifiable */ boolean SKIP_PERMISSION_CHECK = Boolean.getBoolean(UpdateCenter.class.getName() + ".skipPermissionCheck");
+
+
     /**
      * Sequence number generator.
      */
diff --git a/core/src/main/java/hudson/model/User.java b/core/src/main/java/hudson/model/User.java
index 424b1108b3..a1e48bbd28 100644
--- a/core/src/main/java/hudson/model/User.java
+++ b/core/src/main/java/hudson/model/User.java
@@ -97,6 +97,7 @@ import org.apache.commons.lang.StringUtils;
 import org.jenkinsci.Symbol;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
+import org.kohsuke.stapler.StaplerProxy;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.StaplerResponse;
 import org.kohsuke.stapler.export.Exported;
@@ -129,7 +130,7 @@ import org.springframework.dao.DataAccessException;
  * @author Kohsuke Kawaguchi
  */
 @ExportedBean
-public class User extends AbstractModelObject implements AccessControlled, DescriptorByNameOwner, Saveable, Comparable<User>, ModelObjectWithContextMenu {
+public class User extends AbstractModelObject implements AccessControlled, DescriptorByNameOwner, Saveable, Comparable<User>, ModelObjectWithContextMenu, StaplerProxy {
 
     /**
      * The username of the 'unknown' user used to avoid null user references.
@@ -1059,6 +1060,22 @@ public class User extends AbstractModelObject implements AccessControlled, Descr
     public ContextMenu doContextMenu(StaplerRequest request, StaplerResponse response) throws Exception {
         return new ContextMenu().from(this,request,response);
     }
+
+    @Override
+    @Restricted(NoExternalUse.class)
+    public Object getTarget() {
+        if (!SKIP_PERMISSION_CHECK) {
+            Jenkins.getInstance().checkPermission(Jenkins.READ);
+        }
+        return this;
+    }
+
+    /**
+     * Escape hatch for StaplerProxy-based access control
+     */
+    @Restricted(NoExternalUse.class)
+    public static /* Script Console modifiable */ boolean SKIP_PERMISSION_CHECK = Boolean.getBoolean(User.class.getName() + ".skipPermissionCheck");
+
     
     /**
      * Gets list of Illegal usernames, for which users should not be created.
diff --git a/core/src/main/java/hudson/model/View.java b/core/src/main/java/hudson/model/View.java
index f19ab9a605..a03457eed1 100644
--- a/core/src/main/java/hudson/model/View.java
+++ b/core/src/main/java/hudson/model/View.java
@@ -1053,11 +1053,11 @@ public abstract class View extends AbstractModelObject implements AccessControll
      */
     @Restricted(DoNotUse.class)
     public Categories doItemCategories(StaplerRequest req, StaplerResponse rsp, @QueryParameter String iconStyle) throws IOException, ServletException {
+        getOwner().checkPermission(Item.CREATE);
 
         rsp.addHeader("Cache-Control", "no-cache, no-store, must-revalidate");
         rsp.addHeader("Pragma", "no-cache");
         rsp.addHeader("Expires", "0");
-        getOwner().checkPermission(Item.CREATE);
         Categories categories = new Categories();
         int order = 0;
         JellyContext ctx;
diff --git a/core/src/main/java/hudson/model/ViewDescriptor.java b/core/src/main/java/hudson/model/ViewDescriptor.java
index a63484d69e..933ad74dcb 100644
--- a/core/src/main/java/hudson/model/ViewDescriptor.java
+++ b/core/src/main/java/hudson/model/ViewDescriptor.java
@@ -88,7 +88,6 @@ public abstract class ViewDescriptor extends Descriptor<View> {
      */
     @Restricted(DoNotUse.class)
     public AutoCompletionCandidates doAutoCompleteCopyNewItemFrom(@QueryParameter final String value, @AncestorInPath ItemGroup<?> container) {
-        // TODO do we need a permissions check here?
         AutoCompletionCandidates candidates = AutoCompletionCandidates.ofJobNames(TopLevelItem.class, value, container);
         if (container instanceof DirectlyModifiableTopLevelItemGroup) {
             DirectlyModifiableTopLevelItemGroup modifiableContainer = (DirectlyModifiableTopLevelItemGroup) container;
diff --git a/core/src/main/java/hudson/search/Search.java b/core/src/main/java/hudson/search/Search.java
index 627d77fafb..275a69536d 100644
--- a/core/src/main/java/hudson/search/Search.java
+++ b/core/src/main/java/hudson/search/Search.java
@@ -42,10 +42,12 @@ import java.util.logging.Logger;
 
 import javax.servlet.ServletException;
 
+import jenkins.model.Jenkins;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 import org.kohsuke.stapler.Ancestor;
 import org.kohsuke.stapler.QueryParameter;
+import org.kohsuke.stapler.StaplerProxy;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.StaplerResponse;
 import org.kohsuke.stapler.export.DataWriter;
@@ -63,7 +65,7 @@ import org.kohsuke.stapler.export.Flavor;
  * @author Kohsuke Kawaguchi
  * @see SearchableModelObject
  */
-public class Search {
+public class Search implements StaplerProxy {
     @Restricted(NoExternalUse.class) // used from stapler views only
     public static String encodeQuery(String query) throws UnsupportedEncodingException {
         return URLEncoder.encode(query, "UTF-8");
@@ -406,6 +408,21 @@ public class Search {
 
         return paths[tokens.length()];
     }
-    
+
+    @Override
+    @Restricted(NoExternalUse.class)
+    public Object getTarget() {
+        if (!SKIP_PERMISSION_CHECK) {
+            Jenkins.getInstance().checkPermission(Jenkins.READ);
+        }
+        return this;
+    }
+
+    /**
+     * Escape hatch for StaplerProxy-based access control
+     */
+    @Restricted(NoExternalUse.class)
+    public static /* Script Console modifiable */ boolean SKIP_PERMISSION_CHECK = Boolean.getBoolean(Search.class.getName() + ".skipPermissionCheck");
+
     private final static Logger LOGGER = Logger.getLogger(Search.class.getName());
 }
diff --git a/core/src/main/java/jenkins/security/s2m/AdminWhitelistRule.java b/core/src/main/java/jenkins/security/s2m/AdminWhitelistRule.java
index a05fd59e8e..958d63a3d5 100644
--- a/core/src/main/java/jenkins/security/s2m/AdminWhitelistRule.java
+++ b/core/src/main/java/jenkins/security/s2m/AdminWhitelistRule.java
@@ -155,8 +155,6 @@ public class AdminWhitelistRule implements StaplerProxy {
 
     @RequirePOST
     public HttpResponse doSubmit(StaplerRequest req) throws IOException {
-        jenkins.checkPermission(Jenkins.RUN_SCRIPTS);
-
         String whitelist = Util.fixNull(req.getParameter("whitelist"));
         if (!whitelist.endsWith("\n"))
             whitelist+="\n";
-- 
GitLab


From ebd71116c15b97fd3e855a738fbfdef387cd6e3c Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Thu, 2 Aug 2018 13:52:12 -0400
Subject: [PATCH 648/863] [JENKINS-52729]
 Launcher.ProcStarter.stdout(TaskListener) discards remotability (#3563)

* [JENKINS-52729] Demonstrating issue with Launcher.ProcStarter.stdout(TaskListener).

* [JENKINS-52729] Properly remote the TaskListener.

* Defend test against a possible problem on Windows.

* FindBugs

* Fix a Windows test failure. There is no C:\Windows\System32\echo.exe; it is a cmd.exe built-in.

* Clarify in Javadoc that TaskListener is remotable.

* A call to stdout(TaskListener) should be countermanded by a call to stdout(OutputStream), which was true for local but not remote launchers.
---
 core/src/main/java/hudson/Launcher.java       |  25 +++-
 .../main/java/hudson/model/TaskListener.java  |   5 +-
 test/src/test/java/hudson/LauncherTest.java   | 120 ++++++++++++++++++
 3 files changed, 143 insertions(+), 7 deletions(-)

diff --git a/core/src/main/java/hudson/Launcher.java b/core/src/main/java/hudson/Launcher.java
index 432a5afe24..5932cef9ef 100644
--- a/core/src/main/java/hudson/Launcher.java
+++ b/core/src/main/java/hudson/Launcher.java
@@ -166,6 +166,8 @@ public abstract class Launcher {
         @CheckForNull
         protected OutputStream stdout = NULL_OUTPUT_STREAM, stderr;
         @CheckForNull
+        private TaskListener stdoutListener;
+        @CheckForNull
         protected InputStream stdin = NULL_INPUT_STREAM;
         @CheckForNull
         protected String[] envs = null;
@@ -285,17 +287,20 @@ public abstract class Launcher {
          */
         public ProcStarter stdout(@CheckForNull OutputStream out) {
             this.stdout = out;
+            stdoutListener = null;
             return this;
         }
 
         /**
          * Sends the stdout to the given {@link TaskListener}.
          * 
-         * @param out Task listener
+         * @param out Task listener (must be safely remotable)
          * @return {@code this}
          */
         public ProcStarter stdout(@Nonnull TaskListener out) {
-            return stdout(out.getLogger());
+            stdout = out.getLogger();
+            stdoutListener = out;
+            return this;
         }
 
         /**
@@ -490,6 +495,7 @@ public abstract class Launcher {
         @Nonnull
         public ProcStarter copy() {
             ProcStarter rhs = new ProcStarter().cmds(commands).pwd(pwd).masks(masks).stdin(stdin).stdout(stdout).stderr(stderr).envs(envs).quiet(quiet);
+            rhs.stdoutListener = stdoutListener;
             rhs.reverseStdin  = this.reverseStdin;
             rhs.reverseStderr = this.reverseStderr;
             rhs.reverseStdout = this.reverseStdout;
@@ -1041,7 +1047,7 @@ public abstract class Launcher {
         }
 
         public Proc launch(ProcStarter ps) throws IOException {
-            final OutputStream out = ps.stdout == null ? null : new RemoteOutputStream(new CloseProofOutputStream(ps.stdout));
+            final OutputStream out = ps.stdout == null || ps.stdoutListener != null ? null : new RemoteOutputStream(new CloseProofOutputStream(ps.stdout));
             final OutputStream err = ps.stderr==null ? null : new RemoteOutputStream(new CloseProofOutputStream(ps.stderr));
             final InputStream  in  = (ps.stdin==null || ps.stdin==NULL_INPUT_STREAM) ? null : new RemoteInputStream(ps.stdin,false);
             
@@ -1049,7 +1055,7 @@ public abstract class Launcher {
             final String workDir = psPwd==null ? null : psPwd.getRemote();
 
             try {
-                return new ProcImpl(getChannel().call(new RemoteLaunchCallable(ps.commands, ps.masks, ps.envs, in, ps.reverseStdin, out, ps.reverseStdout, err, ps.reverseStderr, ps.quiet, workDir, listener)));
+                return new ProcImpl(getChannel().call(new RemoteLaunchCallable(ps.commands, ps.masks, ps.envs, in, ps.reverseStdin, out, ps.reverseStdout, err, ps.reverseStderr, ps.quiet, workDir, listener, ps.stdoutListener)));
             } catch (InterruptedException e) {
                 throw (IOException)new InterruptedIOException().initCause(e);
             }
@@ -1265,6 +1271,7 @@ public abstract class Launcher {
         private final @CheckForNull OutputStream err;
         private final @CheckForNull String workDir;
         private final @Nonnull TaskListener listener;
+        private final @CheckForNull TaskListener stdoutListener;
         private final boolean reverseStdin, reverseStdout, reverseStderr;
         private final boolean quiet;
 
@@ -1272,7 +1279,7 @@ public abstract class Launcher {
                 @CheckForNull InputStream in, boolean reverseStdin, 
                 @CheckForNull OutputStream out, boolean reverseStdout, 
                 @CheckForNull OutputStream err, boolean reverseStderr, 
-                boolean quiet, @CheckForNull String workDir, @Nonnull TaskListener listener) {
+                boolean quiet, @CheckForNull String workDir, @Nonnull TaskListener listener, @CheckForNull TaskListener stdoutListener) {
             this.cmd = new ArrayList<>(cmd);
             this.masks = masks;
             this.env = env;
@@ -1281,6 +1288,7 @@ public abstract class Launcher {
             this.err = err;
             this.workDir = workDir;
             this.listener = listener;
+            this.stdoutListener = stdoutListener;
             this.reverseStdin = reverseStdin;
             this.reverseStdout = reverseStdout;
             this.reverseStderr = reverseStderr;
@@ -1290,7 +1298,12 @@ public abstract class Launcher {
         public RemoteProcess call() throws IOException {
             final Channel channel = getOpenChannelOrFail();
             Launcher.ProcStarter ps = new LocalLauncher(listener).launch();
-            ps.cmds(cmd).masks(masks).envs(env).stdin(in).stdout(out).stderr(err).quiet(quiet);
+            ps.cmds(cmd).masks(masks).envs(env).stdin(in).stderr(err).quiet(quiet);
+            if (stdoutListener != null) {
+                ps.stdout(stdoutListener.getLogger());
+            } else {
+                ps.stdout(out);
+            }
             if(workDir!=null)   ps.pwd(workDir);
             if (reverseStdin)   ps.writeStdin();
             if (reverseStdout)  ps.readStdout();
diff --git a/core/src/main/java/hudson/model/TaskListener.java b/core/src/main/java/hudson/model/TaskListener.java
index aeaae66439..e5e27f56c5 100644
--- a/core/src/main/java/hudson/model/TaskListener.java
+++ b/core/src/main/java/hudson/model/TaskListener.java
@@ -25,6 +25,7 @@ package hudson.model;
 
 import hudson.console.ConsoleNote;
 import hudson.console.HyperlinkNote;
+import hudson.remoting.Channel;
 import hudson.util.NullStream;
 import hudson.util.StreamTaskListener;
 
@@ -59,7 +60,9 @@ import org.kohsuke.accmod.restrictions.ProtectedExternally;
  *
  * <p>
  * {@link StreamTaskListener} is the most typical implementation of this interface.
- * All the {@link TaskListener} implementations passed to plugins from Hudson core are remotable.
+ *
+ * <p>
+ * Implementations are generally expected to be remotable via {@link Channel}.
  *
  * @author Kohsuke Kawaguchi
  */
diff --git a/test/src/test/java/hudson/LauncherTest.java b/test/src/test/java/hudson/LauncherTest.java
index eba09f57c5..3041478f1c 100644
--- a/test/src/test/java/hudson/LauncherTest.java
+++ b/test/src/test/java/hudson/LauncherTest.java
@@ -23,8 +23,10 @@
  */
 package hudson;
 
+import hudson.console.LineTransformationOutputStream;
 import hudson.model.AbstractBuild;
 import hudson.model.AbstractProject;
+import hudson.model.BuildListener;
 import hudson.model.FreeStyleBuild;
 import hudson.model.FreeStyleProject;
 import hudson.model.Node;
@@ -32,15 +34,27 @@ import hudson.model.ParametersDefinitionProperty;
 import hudson.model.Slave;
 import hudson.model.StringParameterDefinition;
 import hudson.model.TaskListener;
+import hudson.remoting.Channel;
 import hudson.tasks.BatchFile;
 import hudson.tasks.BuildStepDescriptor;
 import hudson.tasks.Builder;
 import hudson.tasks.CommandInterpreter;
 import hudson.tasks.Shell;
+import hudson.util.StreamTaskListener;
+import java.io.ByteArrayOutputStream;
+import java.io.File;
+import java.io.FileOutputStream;
 import java.io.IOException;
+import java.io.OutputStream;
+import java.io.PrintStream;
+import java.nio.charset.StandardCharsets;
 
 import java.util.HashMap;
 import java.util.Map;
+import org.apache.commons.io.FileUtils;
+import static org.hamcrest.Matchers.*;
+import static org.junit.Assert.*;
+import static org.junit.Assume.*;
 
 import org.junit.Rule;
 import org.junit.Test;
@@ -153,4 +167,110 @@ public class LauncherTest {
         }
     }
 
+    @Issue("JENKINS-52729")
+    @Test public void remotable() throws Exception {
+        File log = new File(rule.jenkins.root, "log");
+        TaskListener listener = new RemotableBuildListener(log);
+        Launcher.ProcStarter ps = rule.createOnlineSlave().createLauncher(listener).launch();
+        if (Functions.isWindows()) {
+            ps.cmds("cmd", "/c", "echo", "hello");
+        } else {
+            ps.cmds("echo", "hello");
+        }
+        assertEquals(0, ps.stdout(listener).join());
+        assertThat(FileUtils.readFileToString(log, StandardCharsets.UTF_8).replace("\r\n", "\n"),
+            containsString("[master → slave0] $ " + (Functions.isWindows() ? "cmd /c " : "") + "echo hello\n" +
+                           "[master → slave0] hello"));
+    }
+    private static class RemotableBuildListener implements BuildListener {
+        private static final long serialVersionUID = 1;
+        /** location of log file streamed to by multiple sources */
+        private final File logFile;
+        /** records allocation & deserialization history; e.g., {@code master → agentName} */
+        private final String id;
+        private transient PrintStream logger;
+        RemotableBuildListener(File logFile) {
+            this(logFile, "master");
+        }
+        private RemotableBuildListener(File logFile, String id) {
+            this.logFile = logFile;
+            this.id = id;
+        }
+        @Override public PrintStream getLogger() {
+            if (logger == null) {
+                final OutputStream fos;
+                try {
+                    fos = new FileOutputStream(logFile, true);
+                    logger = new PrintStream(new LineTransformationOutputStream() {
+                        @Override protected void eol(byte[] b, int len) throws IOException {
+                            fos.write(("[" + id + "] ").getBytes(StandardCharsets.UTF_8));
+                            fos.write(b, 0, len);
+                        }
+                    }, true, "UTF-8");
+                } catch (IOException x) {
+                    throw new AssertionError(x);
+                }
+            }
+            return logger;
+        }
+        private Object writeReplace() {
+            Thread.dumpStack();
+            String name = Channel.current().getName();
+            return new RemotableBuildListener(logFile, id + " → " + name);
+        }
+    }
+
+    @Issue("JENKINS-52729")
+    @Test public void multipleStdioCalls() throws Exception {
+        Node master = rule.jenkins;
+        Node agent = rule.createOnlineSlave();
+        for (Node node : new Node[] {master, agent}) {
+            assertMultipleStdioCalls("first TaskListener then OutputStream", node, false, (ps, os1, os2, os2Listener) -> {
+                ps.stdout(os2Listener).stdout(os1);
+                assertEquals(os1, ps.stdout());
+            }, false);
+            assertMultipleStdioCalls("first OutputStream then TaskListener", node, false, (ps, os1, os2, os2Listener) -> {
+                ps.stdout(os1).stdout(os2Listener);
+                assertEquals(os2Listener.getLogger(), ps.stdout());
+            }, true);
+            assertMultipleStdioCalls("stdout then stderr", node, true, (ps, os1, os2, os2Listener) -> {
+                ps.stdout(os1).stderr(os2);
+                assertEquals(os1, ps.stdout());
+                assertEquals(os2, ps.stderr());
+            }, true);
+            assertMultipleStdioCalls("stderr then stdout", node, true, (ps, os1, os2, os2Listener) -> {
+                ps.stdout(os1).stderr(os2);
+                assertEquals(os1, ps.stdout());
+                assertEquals(os2, ps.stderr());
+            }, true);
+        }
+    }
+    @FunctionalInterface
+    private interface ProcStarterCustomizer {
+        void run(Launcher.ProcStarter ps, OutputStream os1, OutputStream os2, TaskListener os2Listener) throws Exception;
+    }
+    private void assertMultipleStdioCalls(String message, Node node, boolean emitStderr, ProcStarterCustomizer psCustomizer, boolean outputIn2) throws Exception {
+        message = node.getDisplayName() + ": " + message;
+        Launcher launcher = node.createLauncher(StreamTaskListener.fromStderr());
+        Launcher.ProcStarter ps = launcher.launch();
+        assumeFalse("should not be platform-dependent, not bothering for now", Functions.isWindows());
+        if (emitStderr) {
+            ps.cmds("sh", "-c", "echo hello >&2").quiet(true);
+        } else {
+            ps.cmds("echo", "hello");
+        }
+        ByteArrayOutputStream baos1 = new ByteArrayOutputStream();
+        ByteArrayOutputStream baos2 = new ByteArrayOutputStream();
+        TaskListener listener = new StreamTaskListener(baos2);
+        psCustomizer.run(ps, baos1, baos2, listener);
+        assertEquals(message, 0, ps.join());
+        if (outputIn2) {
+            assertThat(message, baos2.toString(), containsString("hello"));
+            assertThat(message, baos1.toString(), isEmptyString());
+        } else {
+            assertThat(message, baos1.toString(), containsString("hello"));
+            assertThat(message, baos2.toString(), isEmptyString());
+        }
+    }
+
 }
-- 
GitLab


From fe2fa9c67011cf4a16468097d3eb078b9186da83 Mon Sep 17 00:00:00 2001
From: Leonardo Rossetti <2183506+odra@users.noreply.github.com>
Date: Thu, 2 Aug 2018 18:04:40 -0300
Subject: [PATCH 649/863] [JENKINS-49905] - verify-signature in core/pom.xml
 (#3561)

* verify-signature in core/pom.xml

* removed maven comment + add-tsa task
---
 core/pom.xml | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/core/pom.xml b/core/pom.xml
index 827d6e3c5e..6a44d07e31 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -42,6 +42,7 @@ THE SOFTWARE.
     <stapler.version>1.254.1</stapler.version>
     <spring.version>2.5.6.SEC03</spring.version>
     <groovy.version>2.4.11</groovy.version>
+    <maven-jarsigner-plugin.version>1.4</maven-jarsigner-plugin.version>
   </properties>
 
   <dependencies>
@@ -813,6 +814,7 @@ THE SOFTWARE.
         <groupId>org.codehaus.mojo</groupId>
         <artifactId>findbugs-maven-plugin</artifactId>
       </plugin>
+
     </plugins>
   </build>
 
@@ -871,6 +873,26 @@ THE SOFTWARE.
               </execution>
             </executions>
           </plugin>
+          <!-- VERIFY SIGNATURE -->
+          <plugin>
+            <artifactId>maven-jarsigner-plugin</artifactId>
+            <executions>
+              <execution>
+                <id>verify-signature</id>
+                <phase>verify</phase>
+                <goals>
+                  <goal>verify</goal>
+                </goals>
+                <configuration>
+                  <processMainArtifact>true</processMainArtifact>
+                  <processAttachedArtifacts>false</processAttachedArtifacts>
+                  <certs>true</certs>
+                  <errorWhenNotSigned>true</errorWhenNotSigned>
+                  <arguments>-strict</arguments> <!--otherwise certificate chains will be ignored-->
+                </configuration>
+              </execution>
+            </executions>
+          </plugin>
         </plugins>
       </build>
     </profile>
-- 
GitLab


From e9ee7ee3aabf09ee7f37be528d53611eebd0b213 Mon Sep 17 00:00:00 2001
From: Tim Lander <tim57282@hotmail.com>
Date: Fri, 3 Aug 2018 10:57:43 +0800
Subject: [PATCH 650/863] Stop premature scroll bar on long build labels

The build name width did not take into account the width/offset of the build icon. This resulted in a scroll bar being added prematurely.
Screenshot of change: https://i.imgur.com/RmercIT.png
---
 war/src/main/webapp/css/style.css | 1 +
 1 file changed, 1 insertion(+)

diff --git a/war/src/main/webapp/css/style.css b/war/src/main/webapp/css/style.css
index d698e65359..0894046821 100644
--- a/war/src/main/webapp/css/style.css
+++ b/war/src/main/webapp/css/style.css
@@ -1067,6 +1067,7 @@ table.parameters > tbody:hover {
 }
 
 .build-row.multi-line .build-row-cell .pane.build-name.block {
+  padding-right: 20px;
   width: 100%;
 }
 .build-row-cell .pane.build-controls.block {
-- 
GitLab


From efb7adcccb7e60a4029e233199c7b3b28598702d Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 3 Aug 2018 09:40:11 +0200
Subject: [PATCH 651/863] Do not store Jenkins instance references in
 AdmineWhitelistRule

---
 .../security/s2m/AdminWhitelistRule.java      | 31 ++++++++++++-------
 1 file changed, 19 insertions(+), 12 deletions(-)

diff --git a/core/src/main/java/jenkins/security/s2m/AdminWhitelistRule.java b/core/src/main/java/jenkins/security/s2m/AdminWhitelistRule.java
index a05fd59e8e..62b79fa140 100644
--- a/core/src/main/java/jenkins/security/s2m/AdminWhitelistRule.java
+++ b/core/src/main/java/jenkins/security/s2m/AdminWhitelistRule.java
@@ -16,6 +16,8 @@ import org.kohsuke.stapler.StaplerProxy;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.interceptor.RequirePOST;
 
+import javax.annotation.CheckReturnValue;
+import javax.annotation.Nonnull;
 import java.io.BufferedReader;
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
@@ -52,12 +54,10 @@ public class AdminWhitelistRule implements StaplerProxy {
      */
     public final FilePathRuleConfig filePathRules;
 
-    private final Jenkins jenkins;
-
     private boolean masterKillSwitch;
 
     public AdminWhitelistRule() throws IOException, InterruptedException {
-        this.jenkins = Jenkins.getInstance();
+        final Jenkins jenkins = Jenkins.get();
 
         // while this file is not a secret, write access to this file is dangerous,
         // so put this in the better-protected part of $JENKINS_HOME, which is in secrets/
@@ -79,17 +79,21 @@ public class AdminWhitelistRule implements StaplerProxy {
                 whitelisted);
         this.filePathRules = new FilePathRuleConfig(
                 new File(jenkins.getRootDir(),"secrets/filepath-filters.d/50-gui.conf"));
-        this.masterKillSwitch = loadMasterKillSwitchFile();
+
+        File f = getMasterKillSwitchFile(jenkins);
+        this.masterKillSwitch = loadMasterKillSwitchFile(f);
     }
 
     /**
-     * Reads the master kill switch.
+     * Reads the master kill switch from a file.
      *
      * Instead of {@link FileBoolean}, we use a text file so that the admin can prevent Jenkins from
      * writing this to file.
+     * @param f File to load
+     * @return {@code true} if the file was loaded, {@code false} otherwise
      */
-    private boolean loadMasterKillSwitchFile() {
-        File f = getMasterKillSwitchFile();
+    @CheckReturnValue
+    private boolean loadMasterKillSwitchFile(@Nonnull File f) {
         try {
             if (!f.exists())    return true;
             return Boolean.parseBoolean(FileUtils.readFileToString(f).trim());
@@ -99,7 +103,8 @@ public class AdminWhitelistRule implements StaplerProxy {
         }
     }
 
-    private File getMasterKillSwitchFile() {
+    @Nonnull
+    private File getMasterKillSwitchFile(@Nonnull Jenkins jenkins) {
         return new File(jenkins.getRootDir(),"secrets/slave-to-master-security-kill-switch");
     }
 
@@ -155,7 +160,7 @@ public class AdminWhitelistRule implements StaplerProxy {
 
     @RequirePOST
     public HttpResponse doSubmit(StaplerRequest req) throws IOException {
-        jenkins.checkPermission(Jenkins.RUN_SCRIPTS);
+        Jenkins.get().checkPermission(Jenkins.RUN_SCRIPTS);
 
         String whitelist = Util.fixNull(req.getParameter("whitelist"));
         if (!whitelist.endsWith("\n"))
@@ -206,11 +211,13 @@ public class AdminWhitelistRule implements StaplerProxy {
     }
 
     public void setMasterKillSwitch(boolean state) {
+        final Jenkins jenkins = Jenkins.get();
         try {
             jenkins.checkPermission(Jenkins.RUN_SCRIPTS);
-            FileUtils.writeStringToFile(getMasterKillSwitchFile(),Boolean.toString(state));
+            File f = getMasterKillSwitchFile(jenkins);
+            FileUtils.writeStringToFile(f, Boolean.toString(state));
             // treat the file as the canonical source of information in case write fails
-            masterKillSwitch = loadMasterKillSwitchFile();
+            masterKillSwitch = loadMasterKillSwitchFile(f);
         } catch (IOException e) {
             LOGGER.log(WARNING, "Failed to write master kill switch", e);
         }
@@ -221,7 +228,7 @@ public class AdminWhitelistRule implements StaplerProxy {
      */
     @Override
     public Object getTarget() {
-        jenkins.checkPermission(Jenkins.RUN_SCRIPTS);
+        Jenkins.get().checkPermission(Jenkins.RUN_SCRIPTS);
         return this;
     }
 
-- 
GitLab


From 199a830383d0e018aa678648ff683e2fec2ccb56 Mon Sep 17 00:00:00 2001
From: Matt Sicker <boards@gmail.com>
Date: Fri, 3 Aug 2018 06:19:04 -0500
Subject: [PATCH 652/863] [JENKINS-52822] Add CLI command to enable a plugin
 (#3571)

* [JENKINS-52822] Add CLI command to enable a plugin

* [JENKINS-52822] Add CLI command to enable a plugin

This adds the ability to enable multiple plugins at once along with their dependencies.

* Add missing license headers

* Clarify javadoc

* Fix copyright

Work was done while at work!

* Improve short description of enable-plugin command

* Improve output of enable-plugin command

* Clarify enable-plugin errors regarding dependencies
---
 .../java/hudson/cli/EnablePluginCommand.java  | 100 ++++++++++++++++++
 .../resources/hudson/cli/Messages.properties  |   5 +
 .../hudson/cli/EnablePluginCommandTest.java   |  95 +++++++++++++++++
 3 files changed, 200 insertions(+)
 create mode 100644 core/src/main/java/hudson/cli/EnablePluginCommand.java
 create mode 100644 test/src/test/java/hudson/cli/EnablePluginCommandTest.java

diff --git a/core/src/main/java/hudson/cli/EnablePluginCommand.java b/core/src/main/java/hudson/cli/EnablePluginCommand.java
new file mode 100644
index 0000000000..8fa013a2b0
--- /dev/null
+++ b/core/src/main/java/hudson/cli/EnablePluginCommand.java
@@ -0,0 +1,100 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018 CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+package hudson.cli;
+
+import hudson.Extension;
+import hudson.PluginManager;
+import hudson.PluginWrapper;
+import jenkins.model.Jenkins;
+import org.kohsuke.args4j.Argument;
+import org.kohsuke.args4j.Option;
+
+import java.io.IOException;
+import java.util.List;
+
+/**
+ * Enables one or more installed plugins. The listed plugins must already be installed along with its dependencies.
+ * Any listed plugin with disabled dependencies will have its dependencies enabled transitively. Note that enabling an
+ * already enabled plugin does nothing.
+ *
+ * @since TODO
+ */
+@Extension
+public class EnablePluginCommand extends CLICommand {
+
+    @Argument(required = true, usage = "Enables the plugins with the given short names and their dependencies.")
+    private List<String> pluginNames;
+
+    @Option(name = "-restart", usage = "Restart Jenkins after enabling plugins.")
+    private boolean restart;
+
+    @Override
+    public String getShortDescription() {
+        return Messages.EnablePluginCommand_ShortDescription();
+    }
+
+    @Override
+    protected int run() throws Exception {
+        Jenkins jenkins = Jenkins.get();
+        jenkins.checkPermission(Jenkins.ADMINISTER);
+        PluginManager manager = jenkins.getPluginManager();
+        for (String pluginName : pluginNames) {
+            enablePlugin(manager, pluginName);
+        }
+        if (restart) {
+            jenkins.safeRestart();
+        }
+        return 0;
+    }
+
+    private void enablePlugin(PluginManager manager, String shortName) throws IOException {
+        PluginWrapper plugin = manager.getPlugin(shortName);
+        if (plugin == null) {
+            throw new IllegalArgumentException(Messages.EnablePluginCommand_NoSuchPlugin(shortName));
+        }
+        if (plugin.isEnabled()) {
+            return;
+        }
+        stdout.println(String.format("Enabling plugin `%s' (%s)", plugin.getShortName(), plugin.getVersion()));
+        enableDependencies(manager, plugin);
+        plugin.enable();
+        stdout.println(String.format("Plugin `%s' was enabled.", plugin.getShortName()));
+    }
+
+    private void enableDependencies(PluginManager manager, PluginWrapper plugin) throws IOException {
+        for (PluginWrapper.Dependency dep : plugin.getDependencies()) {
+            PluginWrapper dependency = manager.getPlugin(dep.shortName);
+            if (dependency == null) {
+                throw new IllegalArgumentException(Messages.EnablePluginCommand_MissingDependencies(plugin.getShortName(), dep));
+            }
+            if (!dependency.isEnabled()) {
+                enableDependencies(manager, dependency);
+                stdout.println(String.format("Enabling plugin dependency `%s' (%s) for `%s'", dependency.getShortName(), dependency.getVersion(), plugin.getShortName()));
+                dependency.enable();
+            }
+        }
+    }
+
+}
diff --git a/core/src/main/resources/hudson/cli/Messages.properties b/core/src/main/resources/hudson/cli/Messages.properties
index 8b9c933e6d..df4e3f5125 100644
--- a/core/src/main/resources/hudson/cli/Messages.properties
+++ b/core/src/main/resources/hudson/cli/Messages.properties
@@ -7,6 +7,9 @@ InstallPluginCommand.NoUpdateCenterDefined=Note that no update center is defined
 InstallPluginCommand.NoUpdateDataRetrieved=No update center data is retrieved yet from: {0}
 InstallPluginCommand.NotAValidSourceName={0} is neither a valid file, URL, nor a plugin artifact name in the update center
 
+EnablePluginCommand.NoSuchPlugin=No such plugin found with the name {0}
+EnablePluginCommand.MissingDependencies=Cannot enable plugin {0} as it is missing the dependency {1}
+
 AddJobToViewCommand.ShortDescription=\
  Adds jobs to view.
 BuildCommand.ShortDescription=\
@@ -25,6 +28,8 @@ DeleteViewCommand.ShortDescription=\
  Deletes view(s).
 DeleteJobCommand.ShortDescription=\
  Deletes job(s).
+EnablePluginCommand.ShortDescription=\
+ Enables one or more installed plugins transitively.
 GroovyCommand.ShortDescription=\
  Executes the specified Groovy script. 
 GroovyshCommand.ShortDescription=\
diff --git a/test/src/test/java/hudson/cli/EnablePluginCommandTest.java b/test/src/test/java/hudson/cli/EnablePluginCommandTest.java
new file mode 100644
index 0000000000..a37d97fb63
--- /dev/null
+++ b/test/src/test/java/hudson/cli/EnablePluginCommandTest.java
@@ -0,0 +1,95 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018 CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+package hudson.cli;
+
+import hudson.PluginManager;
+import hudson.PluginWrapper;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.JenkinsRule;
+
+import java.io.IOException;
+
+import static hudson.cli.CLICommandInvoker.Matcher.failedWith;
+import static hudson.cli.CLICommandInvoker.Matcher.succeeded;
+import static org.hamcrest.Matchers.*;
+import static org.junit.Assert.*;
+
+public class EnablePluginCommandTest {
+
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+
+    private CLICommandInvoker.Result installTestPlugin(String name) {
+        return new CLICommandInvoker(j, new InstallPluginCommand())
+                .withStdin(EnablePluginCommandTest.class.getResourceAsStream("/plugins/" + name + ".hpi"))
+                .invokeWithArgs("-name", name, "-deploy", "=");
+    }
+
+    private CLICommandInvoker.Result enablePlugins(String... names) {
+        return new CLICommandInvoker(j, new EnablePluginCommand()).invokeWithArgs(names);
+    }
+
+    @Test
+    public void enableSinglePlugin() throws IOException {
+        String name = "token-macro";
+        PluginManager m = j.getPluginManager();
+        assertThat(m.getPlugin(name), is(nullValue()));
+        assertThat(installTestPlugin("token-macro"), succeeded());
+        PluginWrapper wrapper = m.getPlugin(name);
+        assertThat(wrapper, is(notNullValue()));
+        assertTrue(wrapper.isEnabled());
+        wrapper.disable();
+        assertFalse(wrapper.isEnabled());
+
+        assertThat(enablePlugins(name), succeeded());
+        assertTrue(wrapper.isEnabled());
+    }
+
+    @Test
+    public void enableInvalidPluginFails() {
+        assertThat(
+                new CLICommandInvoker(j, "enable-plugin").invokeWithArgs("foobar"), failedWith(3)
+        );
+    }
+
+    @Test
+    public void enableDependerEnablesDependee() throws IOException {
+        installTestPlugin("dependee");
+        installTestPlugin("depender");
+        PluginManager m = j.getPluginManager();
+        PluginWrapper depender = m.getPlugin("depender");
+        assertThat(depender, is(notNullValue()));
+        PluginWrapper dependee = m.getPlugin("dependee");
+        assertThat(dependee, is(notNullValue()));
+
+        depender.disable();
+        dependee.disable();
+
+        assertThat(enablePlugins("depender"), succeeded());
+        assertTrue(depender.isEnabled());
+        assertTrue(dependee.isEnabled());
+    }
+}
-- 
GitLab


From 900fab5bd82feb09b1089427034223e54b4dfdd6 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 5 Aug 2018 11:46:39 -0700
Subject: [PATCH 653/863] Revert "[JENKINS-49905] - verify-signature in
 core/pom.xml (#3561)"

This reverts commit fe2fa9c67011cf4a16468097d3eb078b9186da83.

See failure log below (also at
https://gist.github.com/kohsuke/9dcff6789ce5eda88b4635a34e986e61)

IIUC, JENKINS-49905 was meant to test the signature of remoting, but the
change is testing the signature of core jar, which is not meant to be
signed. So this failure makes sense.

Reverting the change to proceed with the release.

----------------------
Sun Aug  5 10:49:34 PDT 2018: [INFO] [INFO] --- maven-jar-plugin:3.0.2:jar (default-jar) @ jenkins-core ---
Sun Aug  5 10:49:34 PDT 2018: [INFO] [INFO] Building jar: /files/kohsuke/ws/jenkins/rc/core/target/jenkins-core-2.136.jar
Sun Aug  5 10:49:35 PDT 2018: [INFO] [INFO]
Sun Aug  5 10:49:35 PDT 2018: [INFO] [INFO] --- maven-hpi-plugin:2.3:record-core-location (default) @ jenkins-core ---
Sun Aug  5 10:49:35 PDT 2018: [INFO] [INFO]
Sun Aug  5 10:49:35 PDT 2018: [INFO] [INFO] >>> findbugs-maven-plugin:3.0.5:check (findbugs) > :findbugs @ jenkins-core >>>
Sun Aug  5 10:49:35 PDT 2018: [INFO] [INFO]
Sun Aug  5 10:49:35 PDT 2018: [INFO] [INFO] --- findbugs-maven-plugin:3.0.5:findbugs (findbugs) @ jenkins-core ---
Sun Aug  5 10:49:35 PDT 2018: [INFO] [INFO] Fork Value is true
Sun Aug  5 10:50:10 PDT 2018: [INFO] [INFO] Done FindBugs Analysis....
Sun Aug  5 10:50:11 PDT 2018: [INFO] [INFO]
Sun Aug  5 10:50:11 PDT 2018: [INFO] [INFO] <<< findbugs-maven-plugin:3.0.5:check (findbugs) < :findbugs @ jenkins-core <<<
Sun Aug  5 10:50:11 PDT 2018: [INFO] [INFO]
Sun Aug  5 10:50:11 PDT 2018: [INFO] [INFO]
Sun Aug  5 10:50:11 PDT 2018: [INFO] [INFO] --- findbugs-maven-plugin:3.0.5:check (findbugs) @ jenkins-core ---
Sun Aug  5 10:50:11 PDT 2018: [INFO] [INFO] BugInstance size is 0
Sun Aug  5 10:50:11 PDT 2018: [INFO] [INFO] Error size is 0
Sun Aug  5 10:50:11 PDT 2018: [INFO] [INFO] No errors/warnings found
Sun Aug  5 10:50:11 PDT 2018: [INFO] [INFO]
Sun Aug  5 10:50:11 PDT 2018: [INFO] [INFO] --- maven-gpg-plugin:1.6:sign (sign-artifacts) @ jenkins-core ---
Sun Aug  5 10:50:11 PDT 2018: [INFO] [INFO]
Sun Aug  5 10:50:11 PDT 2018: [INFO] [INFO] --- maven-jarsigner-plugin:1.2:verify (verify-signature) @ jenkins-core ---
Sun Aug  5 10:50:12 PDT 2018: [INFO] [INFO] ------------------------------------------------------------------------
Sun Aug  5 10:50:12 PDT 2018: [INFO] [INFO] Reactor Summary:
Sun Aug  5 10:50:12 PDT 2018: [INFO] [INFO]
Sun Aug  5 10:50:12 PDT 2018: [INFO] [INFO] Jenkins main module 2.136 .......................... SUCCESS [  9.657 s]
Sun Aug  5 10:50:12 PDT 2018: [INFO] [INFO] Jenkins cli ........................................ SUCCESS [ 13.659 s]
Sun Aug  5 10:50:12 PDT 2018: [INFO] [INFO] Jenkins core ....................................... FAILURE [01:40 min]
Sun Aug  5 10:50:12 PDT 2018: [INFO] [INFO] Jenkins war ........................................ SKIPPED
Sun Aug  5 10:50:12 PDT 2018: [INFO] [INFO] Tests for Jenkins core 2.136 ....................... SKIPPED
Sun Aug  5 10:50:12 PDT 2018: [INFO] [INFO] ------------------------------------------------------------------------
Sun Aug  5 10:50:12 PDT 2018: [INFO] [INFO] BUILD FAILURE
Sun Aug  5 10:50:12 PDT 2018: [INFO] [INFO] ------------------------------------------------------------------------
Sun Aug  5 10:50:12 PDT 2018: [INFO] [INFO] Total time: 02:04 min
Sun Aug  5 10:50:12 PDT 2018: [INFO] [INFO] Finished at: 2018-08-05T10:50:12-07:00
Sun Aug  5 10:50:12 PDT 2018: [INFO] [INFO] ------------------------------------------------------------------------
Sun Aug  5 10:50:12 PDT 2018: [INFO] [ERROR] Failed to execute goal org.apache.maven.plugins:maven-jarsigner-plugin:1.2:verify (verify-signature) on project jenkins-core: Failed executing '/bin/sh -c cd /files/kohsuke/ws/jenkins/rc/core && /usr/local/jdk1.8.0_144/jre/../bin/jarsigner -verify -strict -certs /files/kohsuke/ws/jenkins/rc/core/target/jenkins-core-2.136.jar' - exitcode 16 -> [Help 1]
Sun Aug  5 10:50:12 PDT 2018: [INFO] [ERROR]
Sun Aug  5 10:50:12 PDT 2018: [INFO] [ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
Sun Aug  5 10:50:12 PDT 2018: [INFO] [ERROR] Re-run Maven using the -X switch to enable full debug logging.
Sun Aug  5 10:50:12 PDT 2018: [INFO] [ERROR]
Sun Aug  5 10:50:12 PDT 2018: [INFO] [ERROR] For more information about the errors and possible solutions, please read the following articles:
Sun Aug  5 10:50:12 PDT 2018: [INFO] [ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
Sun Aug  5 10:50:12 PDT 2018: [INFO] [ERROR]
Sun Aug  5 10:50:12 PDT 2018: [INFO] [ERROR] After correcting the problems, you can resume the build with the command
Sun Aug  5 10:50:12 PDT 2018: [INFO] [ERROR]   mvn <goals> -rf :jenkins-core
----------------------

Executing the offending command from the terminal:
----------------------
$ /bin/sh -c 'cd /files/kohsuke/ws/jenkins/rc/core && /usr/local/jdk1.8.0_144/jre/../bin/jarsigner -verify -strict -certs /files/kohsuke/ws/jenkins/rc/core/target/jenkins-core-2.136.jar'

jar is unsigned.
$ echo $?
16
----------------------
---
 core/pom.xml | 22 ----------------------
 1 file changed, 22 deletions(-)

diff --git a/core/pom.xml b/core/pom.xml
index 6a44d07e31..827d6e3c5e 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -42,7 +42,6 @@ THE SOFTWARE.
     <stapler.version>1.254.1</stapler.version>
     <spring.version>2.5.6.SEC03</spring.version>
     <groovy.version>2.4.11</groovy.version>
-    <maven-jarsigner-plugin.version>1.4</maven-jarsigner-plugin.version>
   </properties>
 
   <dependencies>
@@ -814,7 +813,6 @@ THE SOFTWARE.
         <groupId>org.codehaus.mojo</groupId>
         <artifactId>findbugs-maven-plugin</artifactId>
       </plugin>
-
     </plugins>
   </build>
 
@@ -873,26 +871,6 @@ THE SOFTWARE.
               </execution>
             </executions>
           </plugin>
-          <!-- VERIFY SIGNATURE -->
-          <plugin>
-            <artifactId>maven-jarsigner-plugin</artifactId>
-            <executions>
-              <execution>
-                <id>verify-signature</id>
-                <phase>verify</phase>
-                <goals>
-                  <goal>verify</goal>
-                </goals>
-                <configuration>
-                  <processMainArtifact>true</processMainArtifact>
-                  <processAttachedArtifacts>false</processAttachedArtifacts>
-                  <certs>true</certs>
-                  <errorWhenNotSigned>true</errorWhenNotSigned>
-                  <arguments>-strict</arguments> <!--otherwise certificate chains will be ignored-->
-                </configuration>
-              </execution>
-            </executions>
-          </plugin>
         </plugins>
       </build>
     </profile>
-- 
GitLab


From 430e92504e61145f8a30c390e74ad2084eaeb752 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 5 Aug 2018 12:56:43 -0700
Subject: [PATCH 654/863] [maven-release-plugin] prepare release jenkins-2.136

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d54dac5918..71f219a63e 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.136</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 827d6e3c5e..d632703b54 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.136</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index c241d590e2..f1682aaad5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.136</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.136</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..840c6c1aac 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.136</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 5c3b3557ca..17f3010045 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.136</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 511fb1e4ec707ed69132bd669f9634341b35a69f Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 5 Aug 2018 12:56:44 -0700
Subject: [PATCH 655/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 71f219a63e..d15d58eaf1 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.136</version>
+    <version>2.137-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index d632703b54..36114f0fd6 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.136</version>
+    <version>2.137-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index f1682aaad5..a29093eb23 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.136</version>
+  <version>2.137-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.136</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 840c6c1aac..19e8972102 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.136</version>
+    <version>2.137-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 17f3010045..a43396f673 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.136</version>
+    <version>2.137-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 7b2698db89183b4d701107485db61eb36442ac25 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 5 Aug 2018 13:03:47 -0700
Subject: [PATCH 656/863] mvn incrementals:reincrementalify

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d15d58eaf1..d54dac5918 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.137-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 36114f0fd6..827d6e3c5e 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.137-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index a29093eb23..4865c689fa 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.137-SNAPSHOT</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.136</revision>
+    <revision>2.137</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 19e8972102..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.137-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index a43396f673..5c3b3557ca 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.137-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 12a6acfc8e1a9aad86449cea15e280ba80638917 Mon Sep 17 00:00:00 2001
From: suren <zxjlwt@126.com>
Date: Sat, 11 Aug 2018 22:56:11 +0800
Subject: [PATCH 657/863] Fixes wrong translations to Simplified Chinese

---
 .../hudson/diagnosis/OldDataMonitor/message_zh_CN.properties    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/hudson/diagnosis/OldDataMonitor/message_zh_CN.properties b/core/src/main/resources/hudson/diagnosis/OldDataMonitor/message_zh_CN.properties
index e33d31ca0e..9b9b0c3a7c 100644
--- a/core/src/main/resources/hudson/diagnosis/OldDataMonitor/message_zh_CN.properties
+++ b/core/src/main/resources/hudson/diagnosis/OldDataMonitor/message_zh_CN.properties
@@ -21,6 +21,6 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-You\ have\ data\ stored\ in\ an\ older\ format\ and/or\ unreadable\ data.=\u60A8\u6709\u8CC7\u6599\u683C\u5F0F\u904E\u820A\u6216\u662F\u7121\u6CD5\u8B80\u53D6\u3002
+You\ have\ data\ stored\ in\ an\ older\ format\ and/or\ unreadable\ data.=\u60A8\u7684\u5B58\u50A8\u4E2D\u6709\u65E0\u6CD5\u8BFB\u53D6\u6216\u8005\u65E7\u7684\u6570\u636E\u683C\u5F0F\u3002
 Manage=\u7BA1\u7406
 Dismiss=\u4E0D\u518D\u663E\u793A
-- 
GitLab


From a84e7ae833421e97b1dd936b6cb9296fdf89cb91 Mon Sep 17 00:00:00 2001
From: suren <zxjlwt@126.com>
Date: Sat, 11 Aug 2018 23:49:22 +0800
Subject: [PATCH 658/863] Add Chinese translation for Jenkins model

---
 .../message_zh_CN.properties                  | 24 ++++++++++++++++
 .../jenkins/model/Jenkins/_restart.jelly      |  2 +-
 .../model/Jenkins/_restart_zh_CN.properties   | 26 +++++++++++++++++
 .../Jenkins/_safeRestart_zh_CN.properties     | 26 +++++++++++++++++
 .../Jenkins/accessDenied_zh_CN.properties     | 24 ++++++++++++++++
 .../model/Jenkins/configure_zh_CN.properties  |  9 +++---
 .../model/Jenkins/loginError_zh_CN.properties |  2 +-
 .../model/Jenkins/login_zh_CN.properties      |  3 +-
 .../model/Jenkins/oops_zh_CN.properties       | 28 +++++++++++++++++++
 .../projectRelationship_zh_CN.properties      |  3 +-
 .../model/Jenkins/systemInfo_zh_CN.properties |  6 +++-
 11 files changed, 143 insertions(+), 10 deletions(-)
 create mode 100644 core/src/main/resources/jenkins/model/Jenkins/EnforceSlaveAgentPortAdministrativeMonitor/message_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/model/Jenkins/_restart_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/model/Jenkins/_safeRestart_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/model/Jenkins/accessDenied_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/model/Jenkins/oops_zh_CN.properties

diff --git a/core/src/main/resources/jenkins/model/Jenkins/EnforceSlaveAgentPortAdministrativeMonitor/message_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/EnforceSlaveAgentPortAdministrativeMonitor/message_zh_CN.properties
new file mode 100644
index 0000000000..c10cbe8313
--- /dev/null
+++ b/core/src/main/resources/jenkins/model/Jenkins/EnforceSlaveAgentPortAdministrativeMonitor/message_zh_CN.properties
@@ -0,0 +1,24 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+description=JNLP \u4EE3\u7406\u7AEF\u53E3\u5DF2\u7ECF\u53D1\u751F\u53D8\u5316\uFF0C\u4F46\u662F\u5728\u542F\u52A8\u65F6\u901A\u8FC7\u7CFB\u7EDF\u5C5E\u6027 <code>{0}</code> \u6307\u5B9A\u7684\u3002\u5B83\u7684\u503C\u4F1A\u5728\u91CD\u542F\u65F6\u88AB\u91CD\u7F6E\u4E3A {1,number,#} \u3002
+reset=\u91CD\u7F6E\u4E3A {0,number,#}
diff --git a/core/src/main/resources/jenkins/model/Jenkins/_restart.jelly b/core/src/main/resources/jenkins/model/Jenkins/_restart.jelly
index cfead03b2d..06c94096b9 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/_restart.jelly
+++ b/core/src/main/resources/jenkins/model/Jenkins/_restart.jelly
@@ -25,7 +25,7 @@ THE SOFTWARE.
 <!-- Delete view -->
 <?jelly escape-by-default='true'?>
 <j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form" xmlns:i="jelly:fmt">
-	<l:layout title="Restart Jenkins">
+	<l:layout title="${%Restart Jenkins}">
 		<st:include page="sidepanel.jelly" />
 		<l:main-panel>
 			<j:choose>
diff --git a/core/src/main/resources/jenkins/model/Jenkins/_restart_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/_restart_zh_CN.properties
new file mode 100644
index 0000000000..d8b3cc28c2
--- /dev/null
+++ b/core/src/main/resources/jenkins/model/Jenkins/_restart_zh_CN.properties
@@ -0,0 +1,26 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Restart\ Jenkins=\u91CD\u542F Jenkins
+Are\ you\ sure\ about\ restarting\ Jenkins?=\u60A8\u786E\u5B9A\u8981\u91CD\u542F Jenkins\uFF1F
+Yes=\u662F
+Jenkins\ cannot\ restart\ itself\ as\ currently\ configured.=Jenkins \u5728\u5F53\u524D\u914D\u7F6E\u4E0B\uFF0C\u65E0\u6CD5\u81EA\u6211\u91CD\u542F\u3002
diff --git a/core/src/main/resources/jenkins/model/Jenkins/_safeRestart_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/_safeRestart_zh_CN.properties
new file mode 100644
index 0000000000..d128a420c5
--- /dev/null
+++ b/core/src/main/resources/jenkins/model/Jenkins/_safeRestart_zh_CN.properties
@@ -0,0 +1,26 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Jenkins\ cannot\ restart\ itself\ as\ currently\ configured.=Jenkins \u5728\u5F53\u524D\u914D\u7F6E\u4E0B\uFF0C\u65E0\u6CD5\u81EA\u6211\u91CD\u542F\u3002
+Are\ you\ sure\ about\ restarting\ Jenkins?\ Jenkins\ will\ restart\ once\ all\ running\ jobs\ are\ finished.=\
+  \u60A8\u786E\u5B9A\u8981\u91CD\u542F Jenkins\uFF1FJenkins \u4F1A\u5728\u6240\u6709\u4EFB\u52A1\u8FD0\u884C\u5B8C\u6210\u540E\u91CD\u542F\u3002
+Yes=\u662F
diff --git a/core/src/main/resources/jenkins/model/Jenkins/accessDenied_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/accessDenied_zh_CN.properties
new file mode 100644
index 0000000000..5629d48dee
--- /dev/null
+++ b/core/src/main/resources/jenkins/model/Jenkins/accessDenied_zh_CN.properties
@@ -0,0 +1,24 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Jenkins\ Login=\u767B\u9646 Jenkins
+Access\ Denied=\u62D2\u7EDD\u8BBF\u95EE
diff --git a/core/src/main/resources/jenkins/model/Jenkins/configure_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/configure_zh_CN.properties
index 13dcfce860..5914183e6a 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/configure_zh_CN.properties
+++ b/core/src/main/resources/jenkins/model/Jenkins/configure_zh_CN.properties
@@ -1,6 +1,6 @@
 # The MIT License
 #
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
+# Copyright (c) 2004-2018, Sun Microsystems, Inc., suren
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -20,9 +20,8 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
+Configure\ System=\u7CFB\u7EDF\u8BBE\u7F6E
 LOADING=\u52A0\u8F7D\u4E2D
-Home\ directory=\u4e3b\u76ee\u5f55
+Home\ directory=\u4E3B\u76EE\u5F55
 Save=\u4FDD\u5B58
-System\ Message=\u7cfb\u7edf\u6d88\u606f
-Build\ Record\ Root\ Directory=\u6784\u5EFA\u8BB0\u5F55\u6839\u76EE\u5F55
-Workspace\ Root\ Directory=\u5DE5\u4F5C\u7A7A\u95F4\u6839\u76EE\u5F55
+System\ Message=\u7CFB\u7EDF\u6D88\u606F
diff --git a/core/src/main/resources/jenkins/model/Jenkins/loginError_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/loginError_zh_CN.properties
index e9ddc36afe..f73606fdf6 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/loginError_zh_CN.properties
+++ b/core/src/main/resources/jenkins/model/Jenkins/loginError_zh_CN.properties
@@ -1,6 +1,6 @@
 # The MIT License
 #
-# Copyright (c) 2004-2017, Sun Microsystems, Inc.
+# Copyright (c) 2004-2018, Sun Microsystems, Inc.
 #               suren <zxjlwt@126.com>
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
diff --git a/core/src/main/resources/jenkins/model/Jenkins/login_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/login_zh_CN.properties
index 62731e1f10..601996f02b 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/login_zh_CN.properties
+++ b/core/src/main/resources/jenkins/model/Jenkins/login_zh_CN.properties
@@ -1,6 +1,6 @@
 # The MIT License
 #
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
+# Copyright (c) 2004-2018, Sun Microsystems, Inc., suren
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -25,3 +25,4 @@ Keep\ me\ signed\ in=\u4FDD\u6301\u767B\u5F55\u72B6\u6001
 Username=\u7528\u6237\u540D
 signUp=<a href="signup">\u521B\u5EFA\u4E00\u4E2A\u7528\u6237\u8D26\u53F7</a> \u5982\u679C\u4F60\u6CA1\u6709\u6CE8\u518C\u7528\u6237.
 signIn=\u767B\u5F55
+Invalid\ username\ or\ password=\u7528\u6237\u540D\u6216\u5BC6\u7801\u9519\u8BEF
diff --git a/core/src/main/resources/jenkins/model/Jenkins/oops_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/oops_zh_CN.properties
new file mode 100644
index 0000000000..a452d20921
--- /dev/null
+++ b/core/src/main/resources/jenkins/model/Jenkins/oops_zh_CN.properties
@@ -0,0 +1,28 @@
+# The MIT License
+#
+# Copyright (c) 2018, suren
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+problemHappened=\u8BF7\u6C42\u8FC7\u7A0B\u4E2D\u53D1\u751F\u9519\u8BEF\u3002
+checkJIRA=\u8BF7\u68C0\u67E5<a href="https://jenkins.io/redirect/issue-tracker">\u6211\u4EEC\u7684\u95EE\u9898\u8DDF\u8E2A\u7CFB\u7EDF</a>\u770B\u662F\u5426\u5DF2\u7ECF\u8BB0\u5F55\u4E86\u7C7B\u4F3C\u7684\u95EE\u9898\u3002
+vote=\u5982\u679C\u5DF2\u7ECF\u8BB0\u5F55\uFF0C\u8BF7\u6295\u7968\u5E76\u7559\u8A00\uFF0C\u4EE5\u4FBF\u6211\u4EEC\u8861\u91CF\u8FD9\u4E2A\u95EE\u9898\u7684\u5F71\u54CD\u7A0B\u5EA6\u3002
+pleaseReport=\u5982\u679C\u4F60\u8BA4\u4E3A\u8FD9\u662F\u4E00\u4E2A\u65B0\u7684\u95EE\u9898\uFF0C\u8BF7\u628A\u8FD9\u4E2A\u95EE\u9898\u8BB0\u5F55\u4E0B\u6765\u3002
+stackTracePlease=\u5F53\u4F60\u8BB0\u5F55\u4E00\u4E2A\u95EE\u9898\u65F6\uFF0C\u8BF7\u786E\u4FDD\u628A\u6574\u4E2A\u8DDF\u8E2A\u6808\u90FD\u8BB0\u5F55\u4E0B\u6765\uFF0C\u4EE5\u53CA Jenkins \u548C\u76F8\u5173\u63D2\u4EF6\u7684\u7248\u672C\u3002
+checkML=<a href="https://jenkins.io/redirect/users-mailing-list">\u7528\u6237\u5217\u8868</a>\u53EF\u80FD\u5BF9\u4F60\u4E86\u89E3\u8FD9\u4E2A\u95EE\u9898\u6709\u5E2E\u52A9\u3002
diff --git a/core/src/main/resources/jenkins/model/Jenkins/projectRelationship_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/projectRelationship_zh_CN.properties
index e91306219d..3cb0cc6a58 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/projectRelationship_zh_CN.properties
+++ b/core/src/main/resources/jenkins/model/Jenkins/projectRelationship_zh_CN.properties
@@ -1,6 +1,6 @@
 # The MIT License
 #
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
+# Copyright (c) 2004-2018, Sun Microsystems, Inc., suren
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -24,3 +24,4 @@ Compare=\u6BD4\u8F83
 Project\ Relationship=\u9879\u76EE\u5173\u7CFB
 downstream\ project=\u4E0B\u6E38\u9879\u76EE
 upstream\ project=\u4E0A\u6E38\u9879\u76EE
+There\ are\ no\ fingerprint\ records\ that\ connect\ these\ two\ projects.=\u6CA1\u6709\u6307\u7EB9\u8BB0\u5F55\u80FD\u5173\u8054\u8FD9\u4E24\u4E2A\u9879\u76EE\u3002
diff --git a/core/src/main/resources/jenkins/model/Jenkins/systemInfo_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/systemInfo_zh_CN.properties
index 2693a973f3..3deab89a0a 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/systemInfo_zh_CN.properties
+++ b/core/src/main/resources/jenkins/model/Jenkins/systemInfo_zh_CN.properties
@@ -1,6 +1,6 @@
 # The MIT License
 #
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
+# Copyright (c) 2004-2018, Sun Microsystems, Inc., suren
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -26,3 +26,7 @@ Name=\u540D\u79F0
 Plugins=\u63D2\u4EF6
 System\ Properties=\u7CFB\u7EDF\u5C5E\u6027
 Version=\u7248\u672C
+System\ Information=\u7CFB\u7EDF\u4FE1\u606F
+threadDump_blurb=\u8BBF\u95EE<a href="{0}">\u8BE5\u9875\u9762</a>\u67E5\u770B master \u548C agent \u7684\u7EBF\u7A0B\u7EBF\u7A0B\u8F6C\u50A8\u3002
+Thread\ Dumps=\u7EBF\u7A0B\u8F6C\u50A8
+No\ plugins\ installed.=\u6CA1\u6709\u5B89\u88C5\u4EFB\u4F55\u63D2\u4EF6\u3002
-- 
GitLab


From ba395a1abf7aaba80b5af9105ffb8aa6faa83a05 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sat, 11 Aug 2018 18:57:12 +0200
Subject: [PATCH 659/863] [JENKINS-52181] - Add missing import

---
 test/src/test/java/hudson/cli/ConsoleCommandTest.java | 1 +
 1 file changed, 1 insertion(+)

diff --git a/test/src/test/java/hudson/cli/ConsoleCommandTest.java b/test/src/test/java/hudson/cli/ConsoleCommandTest.java
index 4fe07e98df..1c05b7fb69 100644
--- a/test/src/test/java/hudson/cli/ConsoleCommandTest.java
+++ b/test/src/test/java/hudson/cli/ConsoleCommandTest.java
@@ -38,6 +38,7 @@ import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.Issue;
 
 import java.io.IOException;
 
-- 
GitLab


From 49156a51c96ab3bf2b30d8180fe0efeb601f4810 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 12 Aug 2018 20:07:17 -0700
Subject: [PATCH 660/863] [maven-release-plugin] prepare release jenkins-2.137

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d54dac5918..b3f6bf4c17 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.137</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 827d6e3c5e..06a4112e06 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.137</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 9f9571c1c6..35bc1aa5a7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.137</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.137</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..39b1e4117b 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.137</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 5c3b3557ca..65a3fb2134 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.137</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 817f1149781eeb3ceea7839ab3213d2d2fdc9b3d Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 12 Aug 2018 20:07:25 -0700
Subject: [PATCH 661/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 6 +++---
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index b3f6bf4c17..d54dac5918 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.137</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 06a4112e06..827d6e3c5e 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.137</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 35bc1aa5a7..d417f92265 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.137</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.137</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.137</revision>
+    <revision>2.138</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 39b1e4117b..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.137</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 65a3fb2134..5c3b3557ca 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.137</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 7c978d954ca67a7d76c2d86dc6dbaf3315c207c2 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Mon, 13 Aug 2018 13:16:34 +0200
Subject: [PATCH 662/863] Clean up at-since

---
 core/src/main/java/hudson/Functions.java                      | 2 +-
 core/src/main/java/hudson/cli/EnablePluginCommand.java        | 2 +-
 core/src/main/java/hudson/model/DirectoryBrowserSupport.java  | 4 ++--
 core/src/main/java/hudson/model/UpdateCenter.java             | 4 ++--
 core/src/main/java/hudson/model/UpdateSite.java               | 4 ++--
 core/src/main/java/hudson/model/User.java                     | 2 +-
 core/src/main/java/hudson/security/PermissionGroup.java       | 2 +-
 .../java/hudson/slaves/EnvironmentVariablesNodeProperty.java  | 2 +-
 core/src/main/java/hudson/slaves/SlaveComputer.java           | 2 +-
 core/src/main/java/jenkins/model/SimplePageDecorator.java     | 2 +-
 core/src/main/java/jenkins/security/ApiTokenProperty.java     | 2 +-
 .../security/apitoken/ApiTokenPropertyConfiguration.java      | 2 +-
 12 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/core/src/main/java/hudson/Functions.java b/core/src/main/java/hudson/Functions.java
index 9a0b27ce90..e18264f914 100644
--- a/core/src/main/java/hudson/Functions.java
+++ b/core/src/main/java/hudson/Functions.java
@@ -1773,7 +1773,7 @@ public class Functions {
     }
     /**
      * Gets only one {@link SimplePageDecorator}.
-     * @since FIXME
+     * @since 2.128
      */
     public static SimplePageDecorator getSimplePageDecorator() {
         return SimplePageDecorator.first();
diff --git a/core/src/main/java/hudson/cli/EnablePluginCommand.java b/core/src/main/java/hudson/cli/EnablePluginCommand.java
index 8fa013a2b0..eb9d46f460 100644
--- a/core/src/main/java/hudson/cli/EnablePluginCommand.java
+++ b/core/src/main/java/hudson/cli/EnablePluginCommand.java
@@ -39,7 +39,7 @@ import java.util.List;
  * Any listed plugin with disabled dependencies will have its dependencies enabled transitively. Note that enabling an
  * already enabled plugin does nothing.
  *
- * @since TODO
+ * @since 2.136
  */
 @Extension
 public class EnablePluginCommand extends CLICommand {
diff --git a/core/src/main/java/hudson/model/DirectoryBrowserSupport.java b/core/src/main/java/hudson/model/DirectoryBrowserSupport.java
index c67e782b91..e89f28c8a5 100644
--- a/core/src/main/java/hudson/model/DirectoryBrowserSupport.java
+++ b/core/src/main/java/hudson/model/DirectoryBrowserSupport.java
@@ -478,7 +478,7 @@ public final class DirectoryBrowserSupport implements HttpResponse {
          *
          * @return A long value representing the time the file was last modified, measured in milliseconds since
          * the epoch (00:00:00 GMT, January 1, 1970), or 0L if is not possible to obtain the times.
-         * @since TODO
+         * @since 2.127
          */
         public long getLastModified() {
             return lastModified;
@@ -488,7 +488,7 @@ public final class DirectoryBrowserSupport implements HttpResponse {
          *
          * @return A Calendar representing the time the file was last modified, it lastModified is 0L
          * it will return 00:00:00 GMT, January 1, 1970.
-         * @since TODO
+         * @since 2.127
          */
         @Restricted(NoExternalUse.class)
         public Calendar getLastModifiedAsCalendar() {
diff --git a/core/src/main/java/hudson/model/UpdateCenter.java b/core/src/main/java/hudson/model/UpdateCenter.java
index deeed0c152..25c409c32a 100644
--- a/core/src/main/java/hudson/model/UpdateCenter.java
+++ b/core/src/main/java/hudson/model/UpdateCenter.java
@@ -1656,7 +1656,7 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
         /**
          * Base64 encoded SHA-256 checksum of the downloaded file, if it could be computed.
          *
-         * @since TODO
+         * @since 2.130
          */
         @CheckForNull
         public String getComputedSHA256() {
@@ -1668,7 +1668,7 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
         /**
          * Base64 encoded SHA-512 checksum of the downloaded file, if it could be computed.
          *
-         * @since TODO
+         * @since 2.130
          */
         @CheckForNull
         public String getComputedSHA512() {
diff --git a/core/src/main/java/hudson/model/UpdateSite.java b/core/src/main/java/hudson/model/UpdateSite.java
index 4afa19f98b..0a27890a12 100644
--- a/core/src/main/java/hudson/model/UpdateSite.java
+++ b/core/src/main/java/hudson/model/UpdateSite.java
@@ -653,7 +653,7 @@ public class UpdateSite {
         /**
          * The base64 encoded SHA-256 checksum of the file.
          * Can be null if not provided by the update site.
-         * @since TODO
+         * @since 2.130
          */
         public String getSha256() {
             return sha256;
@@ -662,7 +662,7 @@ public class UpdateSite {
         /**
          * The base64 encoded SHA-512 checksum of the file.
          * Can be null if not provided by the update site.
-         * @since TODO
+         * @since 2.130
          */
         public String getSha512() {
             return sha512;
diff --git a/core/src/main/java/hudson/model/User.java b/core/src/main/java/hudson/model/User.java
index 824b5e8d71..3c6caf9c51 100644
--- a/core/src/main/java/hudson/model/User.java
+++ b/core/src/main/java/hudson/model/User.java
@@ -801,7 +801,7 @@ public class User extends AbstractModelObject implements AccessControlled, Descr
      * Returns the folder that store all the user information
      * Useful for plugins to save a user-specific file aside the config.xml
      * 
-     * @since TODO
+     * @since 2.129
      */
     public File getUserFolder(){
         return getUserFolderFor(this.id);
diff --git a/core/src/main/java/hudson/security/PermissionGroup.java b/core/src/main/java/hudson/security/PermissionGroup.java
index 4110e55c90..ef39787662 100644
--- a/core/src/main/java/hudson/security/PermissionGroup.java
+++ b/core/src/main/java/hudson/security/PermissionGroup.java
@@ -69,7 +69,7 @@ public final class PermissionGroup implements Iterable<Permission>, Comparable<P
      * @param owner sets {@link #owner}
      * @param title sets {@link #title}
      * @throws IllegalStateException if this group was already registered
-     * @since TODO
+     * @since 2.127
      */
     public PermissionGroup(String id, @Nonnull Class owner, Localizable title) throws IllegalStateException {
         this.owner = owner;
diff --git a/core/src/main/java/hudson/slaves/EnvironmentVariablesNodeProperty.java b/core/src/main/java/hudson/slaves/EnvironmentVariablesNodeProperty.java
index ae09c30ef6..90f95efb4e 100644
--- a/core/src/main/java/hudson/slaves/EnvironmentVariablesNodeProperty.java
+++ b/core/src/main/java/hudson/slaves/EnvironmentVariablesNodeProperty.java
@@ -70,7 +70,7 @@ public class EnvironmentVariablesNodeProperty extends NodeProperty<Node> {
 
     /**
      * @return environment variables using same data type as constructor parameter.
-     * @since TODO
+     * @since 2.136
      */
     public List<Entry> getEnv() {
         return envVars.entrySet().stream().map(Entry::new).collect(Collectors.toList());
diff --git a/core/src/main/java/hudson/slaves/SlaveComputer.java b/core/src/main/java/hudson/slaves/SlaveComputer.java
index ba9bc86665..029892a2f4 100644
--- a/core/src/main/java/hudson/slaves/SlaveComputer.java
+++ b/core/src/main/java/hudson/slaves/SlaveComputer.java
@@ -529,7 +529,7 @@ public class SlaveComputer extends Computer {
      * remote FS is specified as a relative path.
      * @see #getAbsoluteRemoteFs()
      * @return the remote FS root absolute path or {@code null} if the agent is off-line or don't have connect permission.
-     * @since TODO
+     * @since 2.125
      */
     @Exported
     @Restricted(DoNotUse.class)
diff --git a/core/src/main/java/jenkins/model/SimplePageDecorator.java b/core/src/main/java/jenkins/model/SimplePageDecorator.java
index 866fc69925..4d3b0682bd 100644
--- a/core/src/main/java/jenkins/model/SimplePageDecorator.java
+++ b/core/src/main/java/jenkins/model/SimplePageDecorator.java
@@ -33,7 +33,7 @@ import hudson.model.Descriptor;
  * <p>
  * This class provides a few hooks to augment the HTML of the login page.
  *
- * @since TODO
+ * @since 2.128
  */
 public class SimplePageDecorator extends Descriptor<SimplePageDecorator> implements ExtensionPoint, Describable<SimplePageDecorator> {
 
diff --git a/core/src/main/java/jenkins/security/ApiTokenProperty.java b/core/src/main/java/jenkins/security/ApiTokenProperty.java
index 3d828cc5e1..aebbba619d 100644
--- a/core/src/main/java/jenkins/security/ApiTokenProperty.java
+++ b/core/src/main/java/jenkins/security/ApiTokenProperty.java
@@ -100,7 +100,7 @@ public class ApiTokenProperty extends UserProperty {
      * Disabled by default due to the security reasons.
      * It's the version of {@link #SHOW_LEGACY_TOKEN_TO_ADMINS} for the new API Token system (SECURITY-200).
      *
-     * @since TODO
+     * @since 2.129
      */
     @SuppressFBWarnings(value = "MS_SHOULD_BE_FINAL", justification = "Accessible via System Groovy Scripts")
     private static /* not final */ boolean ADMIN_CAN_GENERATE_NEW_TOKENS =
diff --git a/core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyConfiguration.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyConfiguration.java
index 2035843f02..ba7c866d73 100644
--- a/core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyConfiguration.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyConfiguration.java
@@ -31,7 +31,7 @@ import org.jenkinsci.Symbol;
 /**
  * Configuration for the new token generation when a user is created
  *
- * @since TODO
+ * @since 2.129
  */
 @Extension 
 @Symbol("apiToken")
-- 
GitLab


From a69801af6be306b262d3c887072541071704d10b Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 13 Aug 2018 07:26:04 -0700
Subject: [PATCH 663/863] [maven-release-plugin] prepare release
 jenkins-2.121.3

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 3d32d9a4f7..351cb25d62 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.121.3</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 8c6f248eaa..65fb12029e 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.121.3</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index c9e916e704..a0de5f9240 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.121.3</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>HEAD</tag>
+    <tag>jenkins-2.121.3</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..dedc131818 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.121.3</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 1af95e1d77..d43ba89371 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.121.3</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From f53630705122145be3c355935192b391a1ec5646 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 13 Aug 2018 07:26:04 -0700
Subject: [PATCH 664/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 351cb25d62..8ba516132e 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.3</version>
+    <version>2.121.4-SNAPSHOT</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 65fb12029e..199c5a83bd 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.3</version>
+    <version>2.121.4-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index a0de5f9240..000e32b507 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.121.3</version>
+  <version>2.121.4-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.121.3</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index dedc131818..38f89c519f 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.3</version>
+    <version>2.121.4-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index d43ba89371..cf1cb7c214 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.3</version>
+    <version>2.121.4-SNAPSHOT</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From ae08d8fad86997b7b86f9d070f192ca901ca8f57 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 13 Aug 2018 07:32:06 -0700
Subject: [PATCH 665/863] mvn incrementals:reincrementalify

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 8ba516132e..3d32d9a4f7 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.4-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 199c5a83bd..8c6f248eaa 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.4-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 000e32b507..6611492cd8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.121.4-SNAPSHOT</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.121.3</revision>
+    <revision>2.121.4</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 38f89c519f..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.4-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index cf1cb7c214..1af95e1d77 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.121.4-SNAPSHOT</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 749804d569ef56c10e53381fa096da3baa2d4c62 Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Mon, 13 Aug 2018 22:41:55 +0800
Subject: [PATCH 666/863] Add translation for install

---
 .../jenkins/install/Messages_zh_CN.properties | 25 +++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 core/src/main/resources/jenkins/install/Messages_zh_CN.properties

diff --git a/core/src/main/resources/jenkins/install/Messages_zh_CN.properties b/core/src/main/resources/jenkins/install/Messages_zh_CN.properties
new file mode 100644
index 0000000000..4baea254d1
--- /dev/null
+++ b/core/src/main/resources/jenkins/install/Messages_zh_CN.properties
@@ -0,0 +1,25 @@
+# The MIT License
+# 
+# Copyright 2018 suren
+# 
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+# 
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+SetupWizard_ConfigureInstance_ValidationErrors=\u6709\u975E\u6CD5\u8BBE\u7F6E\u3002\u8BF7\u67E5\u770B\u9519\u8BEF\u4FE1\u606F\u4E2D\u8BE6\u60C5\u3002
+SetupWizard_ConfigureInstance_RootUrl_Empty=URL \u4E0D\u80FD\u4E3A\u7A7A
+SetupWizard_ConfigureInstance_RootUrl_Invalid=URL \u683C\u5F0F\u4E0D\u6B63\u786E\uFF0C\u8BF7\u786E\u8BA4\u4F60\u4F7F\u7528 http:// \u6216 https:// \u7B49\u5408\u6CD5\u7684\u57DF\u540D\u3002
-- 
GitLab


From a2c84512433161279bccd2c5eadc5874d85125bc Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Mon, 13 Aug 2018 22:48:01 +0800
Subject: [PATCH 667/863] Add translation for management

---
 .../footer_zh_CN.properties                   | 26 +++++++++++++++++++
 .../management/Messages_zh_CN.properties      |  5 +++-
 2 files changed, 30 insertions(+), 1 deletion(-)
 create mode 100644 core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/footer_zh_CN.properties

diff --git a/core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/footer_zh_CN.properties b/core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/footer_zh_CN.properties
new file mode 100644
index 0000000000..1d59784cbc
--- /dev/null
+++ b/core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/footer_zh_CN.properties
@@ -0,0 +1,26 @@
+#
+# The MIT License
+#
+# Copyright (c) 2018, suren
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+#
+
+Manage\ Jenkins=\u7BA1\u7406 Jenkins
+tooltip=\u6709 {0} \u4E2A\u6D3B\u8DC3\u7684\u7BA1\u7406\u76D1\u63A7\u3002
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/management/Messages_zh_CN.properties b/core/src/main/resources/jenkins/management/Messages_zh_CN.properties
index 1252700dde..a1c3c76a50 100644
--- a/core/src/main/resources/jenkins/management/Messages_zh_CN.properties
+++ b/core/src/main/resources/jenkins/management/Messages_zh_CN.properties
@@ -1,7 +1,7 @@
 #
 # The MIT License
 #
-# Copyright (c) 2012, CloudBees, Intl., Nicolas De loof
+# Copyright (c) 2018, CloudBees, Intl., Nicolas De loof, suren
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -48,3 +48,6 @@ SystemInfoLink.DisplayName=\u7CFB\u7EDF\u4FE1\u606F
 SystemLogLink.DisplayName=\u7CFB\u7EDF\u65E5\u5FD7
 SystemLogLink.Description=\u7CFB\u7EDF\u65E5\u5FD7\u4ECE<tt>java.util.logging</tt>\u6355\u83B7Jenkins\u76F8\u5173\u7684\u65E5\u5FD7\u4FE1\u606F\u3002
 ShutdownLink.DisplayName_cancel=\u53D6\u6D88\u5173\u673A
+
+CliLink.DisplayName=Jenkins \u547D\u4EE4\u884C\u63A5\u53E3
+AdministrativeMonitorsDecorator.DisplayName=\u7BA1\u7406\u76D1\u63A7\u901A\u77E5
-- 
GitLab


From 2e4e5964b9008b15994c085d198a76194311e774 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 13 Aug 2018 09:09:45 -0700
Subject: [PATCH 668/863] [maven-release-plugin] prepare release jenkins-2.138

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d54dac5918..d6693eaf88 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.138</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 827d6e3c5e..a6faba5cac 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.138</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 337da4d131..a20fdd6486 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.138</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.138</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..88f76a1460 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.138</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 5c3b3557ca..fada5e8c29 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.138</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 2d8c78a73bdeac0881ba8644c7c9aceb7128f649 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 13 Aug 2018 09:09:55 -0700
Subject: [PATCH 669/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 6 +++---
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d6693eaf88..d54dac5918 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.138</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index a6faba5cac..827d6e3c5e 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.138</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index a20fdd6486..8df9ff40e7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.138</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.138</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.138</revision>
+    <revision>2.139</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 88f76a1460..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.138</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index fada5e8c29..5c3b3557ca 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.138</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 31cd4d3d788a8dc28d0109e47971a0db84afaea0 Mon Sep 17 00:00:00 2001
From: Stephan Reiter <Stephan.Reiter@Emerson.com>
Date: Tue, 1 May 2018 08:12:07 +0200
Subject: [PATCH 670/863] [JENKINS-17116] - When aborting a job, wait up to 2
 mins for process termination

---
 core/pom.xml                                  |  2 +-
 .../main/java/hudson/util/ProcessTree.java    | 45 +++++++++++++++++++
 2 files changed, 46 insertions(+), 1 deletion(-)

diff --git a/core/pom.xml b/core/pom.xml
index 827d6e3c5e..cb7f3d52d0 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -515,7 +515,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>org.jvnet.winp</groupId>
       <artifactId>winp</artifactId>
-      <version>1.26</version>
+      <version>1.27</version>
     </dependency>
     <dependency>
       <groupId>org.jenkins-ci</groupId>
diff --git a/core/src/main/java/hudson/util/ProcessTree.java b/core/src/main/java/hudson/util/ProcessTree.java
index 0ef4c2192e..28e6097724 100644
--- a/core/src/main/java/hudson/util/ProcessTree.java
+++ b/core/src/main/java/hudson/util/ProcessTree.java
@@ -144,6 +144,8 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
      */
     public abstract void killAll(Map<String, String> modelEnvVars) throws InterruptedException;
 
+    private final int softkillWaitSeconds = 2 * 60; // processes get at most 2 minutes to respond to SIGTERM (JENKINS-17116)
+
     /**
      * Convenience method that does {@link #killAll(Map)} and {@link OSProcess#killRecursively()}.
      * This is necessary to reliably kill the process and its descendants, as some OS
@@ -501,6 +503,8 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
                 return;
 
             LOGGER.log(FINER, "Killing recursively {0}", getPid());
+            // Firstly try to kill the root process gracefully, then do a forcekill if it does not help (algorithm is described in JENKINS-17116)
+            killSoftly();
             p.killRecursively();
             killByKiller();
         }
@@ -512,10 +516,39 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
             }
             
             LOGGER.log(FINER, "Killing {0}", getPid());
+            // Firstly try to kill it gracefully, then do a forcekill if it does not help (algorithm is described in JENKINS-17116)
+            killSoftly();
             p.kill();
             killByKiller();
         }
 
+        private void killSoftly() throws InterruptedException {
+            // send Ctrl+C to the process
+            try {
+                if (!p.sendCtrlC()) {
+                    return;
+                }
+            }
+            catch (WinpException e) {
+                if (LOGGER.isLoggable(Level.FINE)) {
+                    LOGGER.log(Level.FINE, "Failed to send CTRL+C to pid=" + getPid(), e);
+                }
+                return;
+            }
+
+            // after that wait for it to cease to exist
+            long deadline = System.nanoTime() + softkillWaitSeconds * 1000000000;
+            int sleepTime = 10; // initially we sleep briefly, then sleep up to 1sec
+            do {
+                if (!p.isRunning()) {
+                    break;
+                }
+
+                Thread.sleep(sleepTime);
+                sleepTime = Math.min(sleepTime * 2, 1000);
+            } while (System.nanoTime() < deadline);
+        }
+
         @Override
         public synchronized List<String> getArguments() {
             if(args==null) {
@@ -724,6 +757,18 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
                 int pid = getPid();
                 LOGGER.fine("Killing pid="+pid);
                 UnixReflection.destroy(pid);
+                // after sending SIGTERM, wait for the process to cease to exist
+                long deadline = System.nanoTime() + softkillWaitSeconds * 1000000000;
+                int sleepTime = 10; // initially we sleep briefly, then sleep up to 1sec
+                do {
+                    File f = getFile("status");
+                    if (!f.exists()) {
+                        break; // status is gone, process therefore as well
+                    }
+
+                    Thread.sleep(sleepTime);
+                    sleepTime = Math.min(sleepTime * 2, 1000);
+                } while (System.nanoTime() < deadline);
             } catch (IllegalAccessException e) {
                 // this is impossible
                 IllegalAccessError x = new IllegalAccessError();
-- 
GitLab


From d1da38e0b324740911945f7f6e902a032765da95 Mon Sep 17 00:00:00 2001
From: Stephan Reiter <Stephan.Reiter@Emerson.com>
Date: Wed, 8 Aug 2018 18:03:18 +0200
Subject: [PATCH 671/863] Allow customization of softkill time via property
 SoftKillWaitSeconds and share time among processes when terminating a tree on
 linux

---
 .../main/java/hudson/util/ProcessTree.java    | 32 ++++++++++++++-----
 1 file changed, 24 insertions(+), 8 deletions(-)

diff --git a/core/src/main/java/hudson/util/ProcessTree.java b/core/src/main/java/hudson/util/ProcessTree.java
index 28e6097724..843653f72d 100644
--- a/core/src/main/java/hudson/util/ProcessTree.java
+++ b/core/src/main/java/hudson/util/ProcessTree.java
@@ -144,7 +144,7 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
      */
     public abstract void killAll(Map<String, String> modelEnvVars) throws InterruptedException;
 
-    private final int softkillWaitSeconds = 2 * 60; // processes get at most 2 minutes to respond to SIGTERM (JENKINS-17116)
+    private final long softKillWaitSeconds = Integer.getInteger("SoftKillWaitSeconds", 2 * 60); // by default processes get at most 2 minutes to respond to SIGTERM (JENKINS-17116)
 
     /**
      * Convenience method that does {@link #killAll(Map)} and {@link OSProcess#killRecursively()}.
@@ -537,7 +537,7 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
             }
 
             // after that wait for it to cease to exist
-            long deadline = System.nanoTime() + softkillWaitSeconds * 1000000000;
+            long deadline = System.nanoTime() + softKillWaitSeconds * 1000000000;
             int sleepTime = 10; // initially we sleep briefly, then sleep up to 1sec
             do {
                 if (!p.isRunning()) {
@@ -751,6 +751,12 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
          * Tries to kill this process.
          */
         public void kill() throws InterruptedException {
+            // after sending SIGTERM, wait for the process to cease to exist
+            long deadline = System.nanoTime() + softKillWaitSeconds * 1000000000;
+            kill(deadline);
+        }
+
+        private void kill(long deadline) throws InterruptedException {
             if (getVeto() != null) 
                 return;
             try {
@@ -758,11 +764,10 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
                 LOGGER.fine("Killing pid="+pid);
                 UnixReflection.destroy(pid);
                 // after sending SIGTERM, wait for the process to cease to exist
-                long deadline = System.nanoTime() + softkillWaitSeconds * 1000000000;
                 int sleepTime = 10; // initially we sleep briefly, then sleep up to 1sec
+                File status = getFile("status");
                 do {
-                    File f = getFile("status");
-                    if (!f.exists()) {
+                    if (!status.exists()) {
                         break; // status is gone, process therefore as well
                     }
 
@@ -785,11 +790,22 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
         }
 
         public void killRecursively() throws InterruptedException {
+            // after sending SIGTERM, wait for the processes to cease to exist until the deadline
+            long deadline = System.nanoTime() + softKillWaitSeconds * 1000000000;
+            killRecursively(deadline);
+        }
+
+        private void killRecursively(long deadline) throws InterruptedException {
             // We kill individual processes of a tree, so handling vetoes inside #kill() is enough for UnixProcess es
             LOGGER.fine("Recursively killing pid="+getPid());
-            for (OSProcess p : getChildren())
-                p.killRecursively();
-            kill();
+            for (OSProcess p : getChildren()) {
+                if (p instanceof UnixProcess) {
+                    ((UnixProcess)p).killRecursively(deadline);
+                } else {
+                    p.killRecursively(); // should not happen, fallback to non-deadline version
+                }
+            }
+            kill(deadline);
         }
 
         /**
-- 
GitLab


From 1d89cb04d4d059cf20b6e0d2fa6462769c2243bf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20Gond=C5=BEa?= <ogondza@gmail.com>
Date: Wed, 15 Aug 2018 20:26:51 +0200
Subject: [PATCH 672/863] Towards 2.138.1

---
 .mvn/maven.config | 1 +
 packaging-ref.txt | 2 +-
 pom.xml           | 2 +-
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/.mvn/maven.config b/.mvn/maven.config
index e54fdacfe6..70ffd0cc92 100644
--- a/.mvn/maven.config
+++ b/.mvn/maven.config
@@ -1 +1,2 @@
 -Pmight-produce-incrementals
+-Plts-release
diff --git a/packaging-ref.txt b/packaging-ref.txt
index 1f7391f92b..9e4acddafe 100644
--- a/packaging-ref.txt
+++ b/packaging-ref.txt
@@ -1 +1 @@
-master
+stable-2.138
diff --git a/pom.xml b/pom.xml
index 8df9ff40e7..4145f21283 100644
--- a/pom.xml
+++ b/pom.xml
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.139</revision>
+    <revision>2.138.1</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
-- 
GitLab


From d4befbfdc1e1b385d5933cd41f35e1e4349151bb Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Wed, 15 Aug 2018 15:38:54 -0400
Subject: [PATCH 673/863] minor spelling/grammar/word choice improvements

---
 .../security/s2m/AdminWhitelistRule/index.jelly      | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/core/src/main/resources/jenkins/security/s2m/AdminWhitelistRule/index.jelly b/core/src/main/resources/jenkins/security/s2m/AdminWhitelistRule/index.jelly
index 738fe7cf02..a657ea84b4 100644
--- a/core/src/main/resources/jenkins/security/s2m/AdminWhitelistRule/index.jelly
+++ b/core/src/main/resources/jenkins/security/s2m/AdminWhitelistRule/index.jelly
@@ -32,8 +32,8 @@ THE SOFTWARE.
       Jenkins master is now more strict about what commands its agents can send to the master.
       Unfortunately, this prevents some plugins from functioning correctly, as those plugins do not
       specify which commands are open for agents to execute and which ones are not.
-      While plugin developers work on updating this,
-      as an administrator, you can mark commands as OK for agents to execute (aka "whitelisting".)
+      While plugin developers work on improving this,
+      as an administrator, you can mark commands as OK for agents to execute (aka "whitelisting").
     </p>
     <div class="warning" style="margin:1em">
       Please see <a href="https://jenkins.io/redirect/security-144">the discussion of this feature</a> to
@@ -43,14 +43,14 @@ THE SOFTWARE.
       <div class="warning" style="margin:1em">
         The agent &#8594; master access control subsystem is currently disabled.
         This is unsafe if you have agents from other less trusted people.
-        You can put it back on from <a href="${rootURL}/configureSecurity">Global Security Configuration UI</a>
+        You can turn it back on from <a href="${rootURL}/configureSecurity">Global Security Configuration UI</a>.
       </div>
     </j:if>
 
     <form method="post" action="submit">
       <h2>Currently Whitelisted Commands</h2>
       <p>
-        The following commands are currently whitelisted for agents to execute them on the master.
+        The following commands are currently whitelisted for agents to execute on the master.
         Type in any fully-qualified class names to white list them:
       </p>
       <textarea id="whitelist" name="whitelist" style="width:100%; height:5em">${it.whitelisted.read()}</textarea>
@@ -61,7 +61,7 @@ THE SOFTWARE.
         <h2>Currently Rejected Commands</h2>
         <p>
           Agents have attempted to use the following functionalities but the plugins that implement them
-          did not specify whether they are usable from agents or not. Check ones you want to whitelist:
+          did not specify whether or not they should be usable from agents. Check ones you want to whitelist:
         </p>
         <ul style="list-style:none">
           <j:forEach var="r" items="${rejectedList}">
@@ -86,7 +86,7 @@ THE SOFTWARE.
 
       <h2>File Access Rules</h2>
       <p>
-        The following rules control which part of <tt>$JENKINS_HOME</tt> can be access from agents:
+        The following rules control which part of <tt>$JENKINS_HOME</tt> can be accessed from agents:
       </p>
       <textarea id="filePathRules" name="filePathRules" style="width:100%; height:5em">${it.filePathRules.read()}</textarea>
       <p>
-- 
GitLab


From 1686d360a3a84db3c84021bdaf3035ecdf5f3e2e Mon Sep 17 00:00:00 2001
From: Francisco Javier Fernandez Gonzalez <fjfernandez@cloudbees.com>
Date: Thu, 16 Aug 2018 12:31:02 +0200
Subject: [PATCH 674/863] [JENKINS-48770] changing time from UI from sec to
 millis.

---
 .../java/hudson/model/ParametersDefinitionProperty.java   | 8 ++++++--
 .../main/java/jenkins/model/ParameterizedJobMixIn.java    | 3 ++-
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/hudson/model/ParametersDefinitionProperty.java b/core/src/main/java/hudson/model/ParametersDefinitionProperty.java
index 348673043b..1c5706f59c 100644
--- a/core/src/main/java/hudson/model/ParametersDefinitionProperty.java
+++ b/core/src/main/java/hudson/model/ParametersDefinitionProperty.java
@@ -133,7 +133,9 @@ public class ParametersDefinitionProperty extends OptionalJobProperty<Job<?, ?>>
      * This method is supposed to be invoked from {@link ParameterizedJobMixIn#doBuild(StaplerRequest, StaplerResponse, TimeDuration)}.
      */
     public void _doBuild(StaplerRequest req, StaplerResponse rsp, @QueryParameter TimeDuration delay) throws IOException, ServletException {
-        if (delay==null)    delay=new TimeDuration(getJob().getQuietPeriod());
+        if (delay==null)
+            // time set in UI is in seconds. Changing it into milliseconds
+            delay=new TimeDuration(getJob().getQuietPeriod() * 1000);
 
 
         List<ParameterValue> values = new ArrayList<ParameterValue>();
@@ -182,7 +184,9 @@ public class ParametersDefinitionProperty extends OptionalJobProperty<Job<?, ?>>
         		values.add(value);
         	}
         }
-        if (delay==null)    delay=new TimeDuration(getJob().getQuietPeriod());
+        if (delay==null)
+            // time set in UI is in seconds. Changing it into milliseconds
+            delay=new TimeDuration(getJob().getQuietPeriod() * 1000);
 
         Queue.Item item = Jenkins.getInstance().getQueue().schedule2(
                 getJob(), delay.getTimeInSeconds(), new ParametersAction(values), ParameterizedJobMixIn.getBuildCause(getJob(), req)).getItem();
diff --git a/core/src/main/java/jenkins/model/ParameterizedJobMixIn.java b/core/src/main/java/jenkins/model/ParameterizedJobMixIn.java
index 55301e4f86..8150fb5ec1 100644
--- a/core/src/main/java/jenkins/model/ParameterizedJobMixIn.java
+++ b/core/src/main/java/jenkins/model/ParameterizedJobMixIn.java
@@ -190,7 +190,8 @@ public abstract class ParameterizedJobMixIn<JobT extends Job<JobT, RunT> & Param
     @SuppressWarnings("deprecation")
     public final void doBuild(StaplerRequest req, StaplerResponse rsp, @QueryParameter TimeDuration delay) throws IOException, ServletException {
         if (delay == null) {
-            delay = new TimeDuration(asJob().getQuietPeriod());
+            // time set in UI is in seconds. Changing it into milliseconds
+            delay = new TimeDuration(asJob().getQuietPeriod() * 1000);
         }
 
         if (!asJob().isBuildable()) {
-- 
GitLab


From 07350a6e6bd684b07171089d15f6e84ec7b6bebc Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Thu, 16 Aug 2018 13:59:40 -0400
Subject: [PATCH 675/863] Adding role for search form and searchbox

This should improve accessibility of the search form/box
---
 core/src/main/resources/lib/layout/layout.jelly | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/src/main/resources/lib/layout/layout.jelly b/core/src/main/resources/lib/layout/layout.jelly
index 02a170e407..e8f8aef255 100644
--- a/core/src/main/resources/lib/layout/layout.jelly
+++ b/core/src/main/resources/lib/layout/layout.jelly
@@ -221,13 +221,13 @@ ${h.initPageVariables(context)}
         <div class="searchbox hidden-xs">
           <!-- search box -->
           <j:set var="searchURL" value="${h.searchURL}"/>
-          <form action="${searchURL}" method="get" style="position:relative;" class="no-json" name="search">
+          <form action="${searchURL}" method="get" style="position:relative;" class="no-json" name="search" role="search">
             <!-- this div determines the minimum width -->
             <div id="search-box-minWidth"/>
             <!-- this div is used to calculate the width of the text box -->
             <div id="search-box-sizer"/>
             <div id="searchform">
-              <input name="q" placeholder="${%search}" id="search-box" class="has-default-text" value="${request.getParameter('q')}" />
+              <input name="q" placeholder="${%search}" id="search-box" class="has-default-text" value="${request.getParameter('q')}" role="searchbox" />
               <st:nbsp />
               <a href="${%searchBox.url}"><l:icon class="icon-help icon-sm" /></a>
               <div id="search-box-completion" />
-- 
GitLab


From a713bc0d95d6bcff0b163fca9c5cec5a494a2bfa Mon Sep 17 00:00:00 2001
From: Devin Nusbaum <dwnusbaum@users.noreply.github.com>
Date: Fri, 17 Aug 2018 22:45:41 -0400
Subject: [PATCH 676/863] [JENKINS-53016] Harden (Model)HyperlinkNote against
 display names containing newlines (#3580)

* Harden ModelHyperlinkNote against display names containing newlines

* Add regression test

* Harden HyperlinkNote as well

* Remove unnecessary wildcard in function type

* Restrict new method to be extra careful
---
 .../java/hudson/console/HyperlinkNote.java    | 17 +++-
 .../hudson/console/ModelHyperlinkNote.java    | 10 +--
 .../hudson/console/HyperlinkNoteTest.java     | 83 +++++++++++++++++++
 3 files changed, 100 insertions(+), 10 deletions(-)
 create mode 100644 test/src/test/java/hudson/console/HyperlinkNoteTest.java

diff --git a/core/src/main/java/hudson/console/HyperlinkNote.java b/core/src/main/java/hudson/console/HyperlinkNote.java
index 79fbbffc70..8ed5039993 100644
--- a/core/src/main/java/hudson/console/HyperlinkNote.java
+++ b/core/src/main/java/hudson/console/HyperlinkNote.java
@@ -27,10 +27,13 @@ import hudson.Extension;
 import hudson.MarkupText;
 import jenkins.model.Jenkins;
 import org.jenkinsci.Symbol;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
 import org.kohsuke.stapler.Stapler;
 import org.kohsuke.stapler.StaplerRequest;
 
 import java.io.IOException;
+import java.util.function.BiFunction;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
@@ -75,8 +78,20 @@ public class HyperlinkNote extends ConsoleNote {
     }
 
     public static String encodeTo(String url, String text) {
+        return encodeTo(url, text, HyperlinkNote::new);
+    }
+
+    @Restricted(NoExternalUse.class)
+    static String encodeTo(String url, String text, BiFunction<String, Integer, ConsoleNote> constructor) {
+        // If text contains newlines, then its stored length will not match its length when being
+        // displayed, since the display length will only include text up to the first newline,
+        // which will cause an IndexOutOfBoundsException in MarkupText#rangeCheck when
+        // ConsoleAnnotationOutputStream converts the note into markup. That stream treats '\n' as
+        // the sole end-of-line marker on all platforms, so we ignore '\r' because it will not
+        // break the conversion.
+        text = text.replace('\n', ' ');
         try {
-            return new HyperlinkNote(url,text.length()).encode()+text;
+            return constructor.apply(url,text.length()).encode()+text;
         } catch (IOException e) {
             // impossible, but don't make this a fatal problem
             LOGGER.log(Level.WARNING, "Failed to serialize "+HyperlinkNote.class,e);
diff --git a/core/src/main/java/hudson/console/ModelHyperlinkNote.java b/core/src/main/java/hudson/console/ModelHyperlinkNote.java
index 784934708d..127911cc76 100644
--- a/core/src/main/java/hudson/console/ModelHyperlinkNote.java
+++ b/core/src/main/java/hudson/console/ModelHyperlinkNote.java
@@ -5,8 +5,6 @@ import hudson.model.*;
 import jenkins.model.Jenkins;
 import org.jenkinsci.Symbol;
 
-import java.io.IOException;
-import java.util.logging.Level;
 import java.util.logging.Logger;
 import javax.annotation.Nonnull;
 
@@ -57,13 +55,7 @@ public class ModelHyperlinkNote extends HyperlinkNote {
     }
 
     public static String encodeTo(String url, String text) {
-        try {
-            return new ModelHyperlinkNote(url,text.length()).encode()+text;
-        } catch (IOException e) {
-            // impossible, but don't make this a fatal problem
-            LOGGER.log(Level.WARNING, "Failed to serialize "+ModelHyperlinkNote.class,e);
-            return text;
-        }
+        return HyperlinkNote.encodeTo(url, text, ModelHyperlinkNote::new);
     }
 
     @Extension @Symbol("hyperlinkToModels")
diff --git a/test/src/test/java/hudson/console/HyperlinkNoteTest.java b/test/src/test/java/hudson/console/HyperlinkNoteTest.java
new file mode 100644
index 0000000000..c65019f292
--- /dev/null
+++ b/test/src/test/java/hudson/console/HyperlinkNoteTest.java
@@ -0,0 +1,83 @@
+/*
+ * The MIT License
+ *
+ * Copyright 2018 CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+package hudson.console;
+
+import hudson.model.FreeStyleProject;
+import java.io.IOException;
+import java.io.StringReader;
+import java.io.StringWriter;
+import java.nio.charset.StandardCharsets;
+import org.apache.commons.io.IOUtils;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+
+import static org.hamcrest.Matchers.allOf;
+import static org.hamcrest.Matchers.containsString;
+import static org.junit.Assert.assertThat;
+
+public class HyperlinkNoteTest {
+
+    @Rule
+    public JenkinsRule r = new JenkinsRule();
+
+    @Issue("JENKINS-53016")
+    @Test
+    public void textWithNewlines() throws Exception {
+        String url = r.getURL().toString()+"test";
+        String noteText = "\nthis string\nhas newline\r\ncharacters\n\r";
+        String input = HyperlinkNote.encodeTo(url, noteText);
+        String noteTextSanitized = input.substring(input.length() - noteText.length());
+        // Throws IndexOutOfBoundsException before https://github.com/jenkinsci/jenkins/pull/3580.
+        String output = annotate(input);
+        assertThat(output, allOf(
+                containsString("href='" + url + "'"),
+                containsString(">" + noteTextSanitized + "</a>")));
+    }
+
+    @Issue("JENKINS-53016")
+    @Test
+    public void textWithNewlinesModelHyperlinkNote() throws Exception {
+        FreeStyleProject p = r.createFreeStyleProject();
+        String noteText = "\nthis string\nhas newline\r\ncharacters\n\r";
+        String input = ModelHyperlinkNote.encodeTo(p, noteText);
+        String noteTextSanitized = input.substring(input.length() - noteText.length());
+        // Throws IndexOutOfBoundsException before https://github.com/jenkinsci/jenkins/pull/3580.
+        String output = annotate(input);
+        assertThat(output, allOf(
+                containsString("href='" + r.getURL().toString()+p.getUrl() + "'"),
+                containsString(new ModelHyperlinkNote("", 0).extraAttributes()),
+                containsString(">" + noteTextSanitized + "</a>")));
+    }
+
+    private static String annotate(String text) throws IOException {
+        StringWriter writer = new StringWriter();
+        try (ConsoleAnnotationOutputStream out = new ConsoleAnnotationOutputStream(writer, null, null, StandardCharsets.UTF_8)) {
+            IOUtils.copy(new StringReader(text), out);
+        }
+        return writer.toString();
+    }
+}
-- 
GitLab


From d6d06edf90c364a77b5f8677e7a490b194751c69 Mon Sep 17 00:00:00 2001
From: Matt Sicker <boards@gmail.com>
Date: Sat, 18 Aug 2018 03:47:44 -0500
Subject: [PATCH 677/863] [JENKINS-52950] CLI enable-plugin -restart should not
 restart if no plugins are enabled (#3585)

* [JENKINS-52950] CLI enable-plugin -restart should not restart if no plugins are enabled

* Fix Windows test failures
---
 .../java/hudson/cli/EnablePluginCommand.java  | 10 ++-
 .../hudson/cli/EnablePluginCommandTest.java   | 89 ++++++++++++++-----
 2 files changed, 74 insertions(+), 25 deletions(-)

diff --git a/core/src/main/java/hudson/cli/EnablePluginCommand.java b/core/src/main/java/hudson/cli/EnablePluginCommand.java
index eb9d46f460..fcee649c03 100644
--- a/core/src/main/java/hudson/cli/EnablePluginCommand.java
+++ b/core/src/main/java/hudson/cli/EnablePluginCommand.java
@@ -60,27 +60,29 @@ public class EnablePluginCommand extends CLICommand {
         Jenkins jenkins = Jenkins.get();
         jenkins.checkPermission(Jenkins.ADMINISTER);
         PluginManager manager = jenkins.getPluginManager();
+        boolean enabledAnyPlugins = false;
         for (String pluginName : pluginNames) {
-            enablePlugin(manager, pluginName);
+            enabledAnyPlugins |= enablePlugin(manager, pluginName);
         }
-        if (restart) {
+        if (restart && enabledAnyPlugins) {
             jenkins.safeRestart();
         }
         return 0;
     }
 
-    private void enablePlugin(PluginManager manager, String shortName) throws IOException {
+    private boolean enablePlugin(PluginManager manager, String shortName) throws IOException {
         PluginWrapper plugin = manager.getPlugin(shortName);
         if (plugin == null) {
             throw new IllegalArgumentException(Messages.EnablePluginCommand_NoSuchPlugin(shortName));
         }
         if (plugin.isEnabled()) {
-            return;
+            return false;
         }
         stdout.println(String.format("Enabling plugin `%s' (%s)", plugin.getShortName(), plugin.getVersion()));
         enableDependencies(manager, plugin);
         plugin.enable();
         stdout.println(String.format("Plugin `%s' was enabled.", plugin.getShortName()));
+        return true;
     }
 
     private void enableDependencies(PluginManager manager, PluginWrapper plugin) throws IOException {
diff --git a/test/src/test/java/hudson/cli/EnablePluginCommandTest.java b/test/src/test/java/hudson/cli/EnablePluginCommandTest.java
index a37d97fb63..90c467be37 100644
--- a/test/src/test/java/hudson/cli/EnablePluginCommandTest.java
+++ b/test/src/test/java/hudson/cli/EnablePluginCommandTest.java
@@ -26,8 +26,10 @@ package hudson.cli;
 
 import hudson.PluginManager;
 import hudson.PluginWrapper;
+import org.junit.Assume;
 import org.junit.Rule;
 import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
 import org.jvnet.hudson.test.JenkinsRule;
 
 import java.io.IOException;
@@ -52,44 +54,89 @@ public class EnablePluginCommandTest {
         return new CLICommandInvoker(j, new EnablePluginCommand()).invokeWithArgs(names);
     }
 
+    private void assertPluginEnabled(String name) {
+        PluginWrapper plugin = j.getPluginManager().getPlugin(name);
+        assertThat(plugin, is(notNullValue()));
+        assertTrue(plugin.isEnabled());
+    }
+
+    private void disablePlugin(String name) throws IOException {
+        PluginWrapper plugin = j.getPluginManager().getPlugin(name);
+        assertThat(plugin, is(notNullValue()));
+        plugin.disable();
+    }
+
+    private void assertPluginDisabled(String name) {
+        PluginWrapper plugin = j.getPluginManager().getPlugin(name);
+        assertThat(plugin, is(notNullValue()));
+        assertFalse(plugin.isEnabled());
+    }
+
+    private void assumeNotWindows() {
+        Assume.assumeFalse(System.getProperty("os.name").startsWith("Windows"));
+    }
+
+    private void assertJenkinsInQuietMode() {
+        QuietDownCommandTest.assertJenkinsInQuietMode(j);
+    }
+
+    private void assertJenkinsNotInQuietMode() {
+        QuietDownCommandTest.assertJenkinsNotInQuietMode(j);
+    }
+
     @Test
+    @Issue("JENKINS-52822")
     public void enableSinglePlugin() throws IOException {
         String name = "token-macro";
         PluginManager m = j.getPluginManager();
         assertThat(m.getPlugin(name), is(nullValue()));
-        assertThat(installTestPlugin("token-macro"), succeeded());
-        PluginWrapper wrapper = m.getPlugin(name);
-        assertThat(wrapper, is(notNullValue()));
-        assertTrue(wrapper.isEnabled());
-        wrapper.disable();
-        assertFalse(wrapper.isEnabled());
-
+        assertThat(installTestPlugin(name), succeeded());
+        assertPluginEnabled(name);
+        disablePlugin(name);
+        assertPluginDisabled(name);
         assertThat(enablePlugins(name), succeeded());
-        assertTrue(wrapper.isEnabled());
+        assertPluginEnabled(name);
+        assertJenkinsNotInQuietMode();
     }
 
     @Test
+    @Issue("JENKINS-52822")
     public void enableInvalidPluginFails() {
-        assertThat(
-                new CLICommandInvoker(j, "enable-plugin").invokeWithArgs("foobar"), failedWith(3)
-        );
+        assertThat(enablePlugins("foobar"), failedWith(3));
+        assertJenkinsNotInQuietMode();
     }
 
     @Test
+    @Issue("JENKINS-52822")
     public void enableDependerEnablesDependee() throws IOException {
         installTestPlugin("dependee");
         installTestPlugin("depender");
-        PluginManager m = j.getPluginManager();
-        PluginWrapper depender = m.getPlugin("depender");
-        assertThat(depender, is(notNullValue()));
-        PluginWrapper dependee = m.getPlugin("dependee");
-        assertThat(dependee, is(notNullValue()));
+        disablePlugin("depender");
+        disablePlugin("dependee");
+        assertThat(enablePlugins("depender"), succeeded());
+        assertPluginEnabled("depender");
+        assertPluginEnabled("dependee");
+        assertJenkinsNotInQuietMode();
+    }
 
-        depender.disable();
-        dependee.disable();
+    @Test
+    @Issue("JENKINS-52950")
+    public void enablePluginWithRestart() throws IOException {
+        assumeNotWindows();
+        String name = "credentials";
+        assertThat(installTestPlugin(name), succeeded());
+        disablePlugin(name);
+        assertThat(enablePlugins("-restart", name), succeeded());
+        assertJenkinsInQuietMode();
+    }
 
-        assertThat(enablePlugins("depender"), succeeded());
-        assertTrue(depender.isEnabled());
-        assertTrue(dependee.isEnabled());
+    @Test
+    @Issue("JENKINS-52950")
+    public void enableNoPluginsWithRestartIsNoOp() {
+        assumeNotWindows();
+        String name = "variant";
+        assertThat(installTestPlugin(name), succeeded());
+        assertThat(enablePlugins("-restart", name), succeeded());
+        assertJenkinsNotInQuietMode();
     }
 }
-- 
GitLab


From 8b6f3c2a0678f425d182899b4d3c6d8905515010 Mon Sep 17 00:00:00 2001
From: Matt Sicker <boards@gmail.com>
Date: Sat, 18 Aug 2018 03:48:20 -0500
Subject: [PATCH 678/863] [JENKINS-53055] Upgrade libpam4j dependency (#3589)

* Upgrade to libpam4j 1.11

* Remove libpam4j from core dependencies

This dependency is no longer used ever since PAM authn/authz support
was extracted into the pam-auth-plugin years ago. This reduces the need
to keep security libraries up to date in multiple places.

* Revert "Remove libpam4j from core dependencies"

This reverts commit a7c7a52a4875b1f6248a4bffb0abd05431b1cbcb.
---
 core/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/pom.xml b/core/pom.xml
index 827d6e3c5e..763fa20fe2 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -545,7 +545,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>org.kohsuke</groupId>
       <artifactId>libpam4j</artifactId>
-      <version>1.8</version>
+      <version>1.11</version>
     </dependency>
     <dependency>
       <groupId>org.kohsuke</groupId>
-- 
GitLab


From c3988aae8ad66fde529830e799fe3d49cd241ebb Mon Sep 17 00:00:00 2001
From: Nicolas De loof <nicolas.deloof@gmail.com>
Date: Sat, 18 Aug 2018 10:49:44 +0200
Subject: [PATCH 679/863] [JENKINS-52818] support @Postconstruct on extensions
 (#3570)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* add support for JSR250 @PostConstruct

Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>

* with PostConstruct method no need to explicitely invoke load() anymore

Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>

* introduce PersistentDescriptor to flag Descriptors
which expect load() to be invoked.

This prevent double execution for plugins which
have been designed on previous version of code and
don’t expect load to be automatically invoked.

Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>

* document PostConstruct method discovery logic

Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>

* Force reflective access to non-public @PostConstruct methods

Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>

* check @PostConstruct annotation both on method and on implemented interface with a matching method.

Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>

* typo

Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
---
 .../src/main/java/hudson/ExtensionFinder.java | 84 +++++++++++++++++--
 .../main/java/hudson/model/Descriptor.java    |  4 +
 .../hudson/model/PersistentDescriptor.java    | 16 ++++
 .../java/hudson/model/UsageStatistics.java    |  3 +-
 .../security/csrf/DefaultCrumbIssuer.java     |  4 +-
 core/src/main/java/hudson/tasks/Maven.java    |  4 +-
 core/src/main/java/hudson/tasks/Shell.java    |  7 +-
 .../main/java/hudson/triggers/SCMTrigger.java | 11 ++-
 core/src/main/java/jenkins/CLI.java           |  8 +-
 .../model/ArtifactManagerConfiguration.java   |  7 +-
 .../java/jenkins/model/DownloadSettings.java  |  7 +-
 .../model/JenkinsLocationConfiguration.java   |  7 +-
 .../java/jenkins/mvn/GlobalMavenConfig.java   |  7 +-
 .../QueueItemAuthenticatorConfiguration.java  |  7 +-
 .../UpdateSiteWarningsConfiguration.java      |  7 +-
 .../ApiTokenPropertyConfiguration.java        |  7 +-
 16 files changed, 124 insertions(+), 66 deletions(-)
 create mode 100644 core/src/main/java/hudson/model/PersistentDescriptor.java

diff --git a/core/src/main/java/hudson/ExtensionFinder.java b/core/src/main/java/hudson/ExtensionFinder.java
index 5d7d13d8f4..1ff0638c10 100644
--- a/core/src/main/java/hudson/ExtensionFinder.java
+++ b/core/src/main/java/hudson/ExtensionFinder.java
@@ -23,6 +23,7 @@
  */
 package hudson;
 
+import com.google.common.collect.ImmutableList;
 import com.google.common.collect.Iterables;
 import com.google.common.collect.Lists;
 import com.google.common.collect.Maps;
@@ -35,11 +36,13 @@ import com.google.inject.Module;
 import com.google.inject.Provider;
 import com.google.inject.Scope;
 import com.google.inject.Scopes;
+import com.google.inject.matcher.Matchers;
 import com.google.inject.name.Names;
-import com.google.common.collect.ImmutableList;
+import com.google.inject.spi.ProvisionListener;
 import hudson.init.InitMilestone;
 import hudson.model.Descriptor;
 import hudson.model.Hudson;
+import hudson.util.ReflectionUtils;
 import jenkins.ExtensionComponentSet;
 import jenkins.ExtensionFilter;
 import jenkins.ExtensionRefreshException;
@@ -49,20 +52,25 @@ import net.java.sezpoz.Index;
 import net.java.sezpoz.IndexItem;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
+import org.springframework.util.ClassUtils;
 
+import javax.annotation.PostConstruct;
 import java.lang.annotation.Annotation;
+import java.lang.reflect.AnnotatedElement;
+import java.lang.reflect.Field;
+import java.lang.reflect.Method;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
 import java.util.Collections;
 import java.util.HashMap;
+import java.util.LinkedList;
+import java.util.List;
 import java.util.Map;
 import java.util.Map.Entry;
-import java.util.logging.Logger;
+import java.util.Set;
 import java.util.logging.Level;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.lang.reflect.AnnotatedElement;
-import java.lang.reflect.Field;
-import java.lang.reflect.Method;
+import java.util.logging.Logger;
 
 /**
  * Discovers the implementations of an extension point.
@@ -454,7 +462,7 @@ public abstract class ExtensionFinder implements ExtensionPoint {
          * Instead of using SezPoz to instantiate, we'll instantiate them by using Guice,
          * so that we can take advantage of dependency injection.
          */
-        private class SezpozModule extends AbstractModule {
+        private class SezpozModule extends AbstractModule implements ProvisionListener {
             private final List<IndexItem<?,Object>> index;
             private final List<IndexItem<?,Object>> loadedIndex;
 
@@ -503,6 +511,9 @@ public abstract class ExtensionFinder implements ExtensionPoint {
             @SuppressWarnings({"unchecked", "ChainOfInstanceofChecks"})
             @Override
             protected void configure() {
+
+                bindListener(Matchers.any(), this);
+
                 for (final IndexItem<?,Object> item : index) {
                     boolean optional = isOptional(item.annotation());
                     try {
@@ -550,9 +561,64 @@ public abstract class ExtensionFinder implements ExtensionPoint {
             public List<IndexItem<?, Object>> getLoadedIndex() {
                 return Collections.unmodifiableList(loadedIndex);
             }
+
+            @Override
+            public <T> void onProvision(ProvisionInvocation<T> provision) {
+                final T instance = provision.provision();
+                if (instance == null) return;
+                List<Method> methods = new LinkedList<>();
+                Class c = instance.getClass();
+
+                // find PostConstruct methods in class hierarchy, the one from parent class being first in list
+                // so that we invoke them before derived class one. This isn't specified in JSR-250 but implemented
+                // this way in Spring and what most developers would expect to happen.
+
+                final Set<Class> interfaces = ClassUtils.getAllInterfacesAsSet(instance);
+
+                while (c != Object.class) {
+                    Arrays.stream(c.getDeclaredMethods())
+                            .map(m -> getMethodAndInterfaceDeclarations(m, interfaces))
+                            .flatMap(Collection::stream)
+                            .filter(m -> m.getAnnotation(PostConstruct.class) != null)
+                            .findFirst()
+                            .ifPresent(method -> methods.add(0, method));
+                    c = c.getSuperclass();
+                }
+
+                for (Method postConstruct : methods) {
+                    try {
+                        postConstruct.setAccessible(true);
+                        postConstruct.invoke(instance);
+                    } catch (final Exception e) {
+                        throw new RuntimeException(String.format("@PostConstruct %s", postConstruct), e);
+                    }
+                }
+            }
         }
     }
 
+    /**
+     * Returns initial {@link Method} as well as all matching ones found in interfaces.
+     * This allows to introspect metadata for a method which is both declared in parent class and in implemented
+     * interface(s). <code>interfaces</code> typically is obtained by {@link ClassUtils#getAllInterfacesAsSet}
+     */
+    Collection<Method> getMethodAndInterfaceDeclarations(Method method, Collection<Class> interfaces) {
+        final List<Method> methods = new ArrayList<>();
+        methods.add(method);
+
+        // we search for matching method by iteration and comparison vs getMethod to avoid repeated NoSuchMethodException
+        // being thrown, while interface typically only define a few set of methods to check.
+        interfaces.stream()
+                .map(Class::getMethods)
+                .flatMap(Arrays::stream)
+                .filter(m -> m.getName().equals(method.getName()) && Arrays.equals(m.getParameterTypes(), method.getParameterTypes()))
+                .findFirst()
+                .ifPresent(methods::add);
+
+        return methods;
+    }
+
+
     /**
      * The bootstrap implementation that looks for the {@link Extension} marker.
      *
diff --git a/core/src/main/java/hudson/model/Descriptor.java b/core/src/main/java/hudson/model/Descriptor.java
index aef728d373..f8e4c2cfeb 100644
--- a/core/src/main/java/hudson/model/Descriptor.java
+++ b/core/src/main/java/hudson/model/Descriptor.java
@@ -51,6 +51,8 @@ import org.apache.commons.io.IOUtils;
 
 import static hudson.util.QuotedStringTokenizer.*;
 import static javax.servlet.http.HttpServletResponse.SC_NOT_FOUND;
+
+import javax.annotation.PostConstruct;
 import javax.servlet.ServletException;
 import javax.servlet.RequestDispatcher;
 import java.io.File;
@@ -117,6 +119,8 @@ import javax.annotation.Nullable;
  * {@link Descriptor} can persist data just by storing them in fields.
  * However, it is the responsibility of the derived type to properly
  * invoke {@link #save()} and {@link #load()}.
+ * {@link #load()} is automatically invoked as a JSR-250 lifecycle method if derived class
+ * do implement {@link PersistentDescriptor}.
  *
  * <h2>Reflection Enhancement</h2>
  * {@link Descriptor} defines addition to the standard Java reflection
diff --git a/core/src/main/java/hudson/model/PersistentDescriptor.java b/core/src/main/java/hudson/model/PersistentDescriptor.java
new file mode 100644
index 0000000000..837d154cfb
--- /dev/null
+++ b/core/src/main/java/hudson/model/PersistentDescriptor.java
@@ -0,0 +1,16 @@
+package hudson.model;
+
+import javax.annotation.PostConstruct;
+
+/**
+ * Marker interface for Descriptors which use xml persistent data, and as such need to load from disk when instantiated.
+ * <p>
+ * {@link Descriptor#load()} method is annotated as {@link PostConstruct} so it get automatically invoked after
+ * constructor and field injection.
+ * @author <a href="mailto:nicolas.deloof@gmail.com">Nicolas De Loof</a>
+ */
+public interface PersistentDescriptor extends Saveable {
+
+    @PostConstruct
+    void load();
+}
diff --git a/core/src/main/java/hudson/model/UsageStatistics.java b/core/src/main/java/hudson/model/UsageStatistics.java
index 2f78840b63..bb791d38e1 100644
--- a/core/src/main/java/hudson/model/UsageStatistics.java
+++ b/core/src/main/java/hudson/model/UsageStatistics.java
@@ -66,7 +66,7 @@ import jenkins.util.SystemProperties;
  * @author Kohsuke Kawaguchi
  */
 @Extension
-public class UsageStatistics extends PageDecorator {
+public class UsageStatistics extends PageDecorator implements PersistentDescriptor {
     private final String keyImage;
 
     /**
@@ -88,7 +88,6 @@ public class UsageStatistics extends PageDecorator {
      */
     public UsageStatistics(String keyImage) {
         this.keyImage = keyImage;
-        load();
     }
 
     /**
diff --git a/core/src/main/java/hudson/security/csrf/DefaultCrumbIssuer.java b/core/src/main/java/hudson/security/csrf/DefaultCrumbIssuer.java
index 7f833c17f3..ae4a4edfab 100644
--- a/core/src/main/java/hudson/security/csrf/DefaultCrumbIssuer.java
+++ b/core/src/main/java/hudson/security/csrf/DefaultCrumbIssuer.java
@@ -12,6 +12,7 @@ import java.util.logging.Level;
 import java.util.logging.Logger;
 
 import hudson.Extension;
+import hudson.model.PersistentDescriptor;
 import jenkins.util.SystemProperties;
 import hudson.Util;
 import jenkins.model.Jenkins;
@@ -121,13 +122,12 @@ public class DefaultCrumbIssuer extends CrumbIssuer {
     }
     
     @Extension @Symbol("standard")
-    public static final class DescriptorImpl extends CrumbIssuerDescriptor<DefaultCrumbIssuer> implements ModelObject {
+    public static final class DescriptorImpl extends CrumbIssuerDescriptor<DefaultCrumbIssuer> implements ModelObject, PersistentDescriptor {
 
         private final static HexStringConfidentialKey CRUMB_SALT = new HexStringConfidentialKey(Jenkins.class,"crumbSalt",16);
         
         public DescriptorImpl() {
             super(CRUMB_SALT.get(), SystemProperties.getString("hudson.security.csrf.requestfield", CrumbIssuer.DEFAULT_CRUMB_NAME));
-            load();
         }
 
         @Override
diff --git a/core/src/main/java/hudson/tasks/Maven.java b/core/src/main/java/hudson/tasks/Maven.java
index 910e3a6ebf..ac36f7fcde 100644
--- a/core/src/main/java/hudson/tasks/Maven.java
+++ b/core/src/main/java/hudson/tasks/Maven.java
@@ -24,6 +24,7 @@
 package hudson.tasks;
 
 import hudson.Extension;
+import hudson.model.PersistentDescriptor;
 import jenkins.MasterToSlaveFileCallable;
 import hudson.Launcher;
 import hudson.Functions;
@@ -424,13 +425,12 @@ public class Maven extends Builder {
     public static DescriptorImpl DESCRIPTOR;
 
     @Extension @Symbol("maven")
-    public static final class DescriptorImpl extends BuildStepDescriptor<Builder> {
+    public static final class DescriptorImpl extends BuildStepDescriptor<Builder> implements PersistentDescriptor {
         @CopyOnWrite
         private volatile MavenInstallation[] installations = new MavenInstallation[0];
 
         public DescriptorImpl() {
             DESCRIPTOR = this;
-            load();
         }
 
         public boolean isApplicable(Class<? extends AbstractProject> jobType) {
diff --git a/core/src/main/java/hudson/tasks/Shell.java b/core/src/main/java/hudson/tasks/Shell.java
index 4360f4ce94..3455076d5b 100644
--- a/core/src/main/java/hudson/tasks/Shell.java
+++ b/core/src/main/java/hudson/tasks/Shell.java
@@ -27,6 +27,7 @@ import hudson.FilePath;
 import hudson.Util;
 import hudson.Extension;
 import hudson.model.AbstractProject;
+import hudson.model.PersistentDescriptor;
 import hudson.remoting.VirtualChannel;
 import hudson.util.FormValidation;
 import java.io.IOException;
@@ -131,16 +132,12 @@ public class Shell extends CommandInterpreter {
     }
 
     @Extension @Symbol("shell")
-    public static class DescriptorImpl extends BuildStepDescriptor<Builder> {
+    public static class DescriptorImpl extends BuildStepDescriptor<Builder> implements PersistentDescriptor {
         /**
          * Shell executable, or null to default.
          */
         private String shell;
 
-        public DescriptorImpl() {
-            load();
-        }
-
         public boolean isApplicable(Class<? extends AbstractProject> jobType) {
             return true;
         }
diff --git a/core/src/main/java/hudson/triggers/SCMTrigger.java b/core/src/main/java/hudson/triggers/SCMTrigger.java
index 7afeeacdb0..83a6383d82 100644
--- a/core/src/main/java/hudson/triggers/SCMTrigger.java
+++ b/core/src/main/java/hudson/triggers/SCMTrigger.java
@@ -37,6 +37,7 @@ import hudson.model.AdministrativeMonitor;
 import hudson.model.Cause;
 import hudson.model.CauseAction;
 import hudson.model.Item;
+import hudson.model.PersistentDescriptor;
 import hudson.model.Run;
 import hudson.scm.SCM;
 import hudson.scm.SCMDescriptor;
@@ -84,6 +85,8 @@ import org.kohsuke.stapler.QueryParameter;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.StaplerResponse;
 
+import javax.annotation.PostConstruct;
+
 import static java.util.logging.Level.WARNING;
 
 
@@ -211,7 +214,7 @@ public class SCMTrigger extends Trigger<Item> {
     }
 
     @Extension @Symbol("pollSCM")
-    public static class DescriptorImpl extends TriggerDescriptor {
+    public static class DescriptorImpl extends TriggerDescriptor implements PersistentDescriptor {
 
         private static ThreadFactory threadFactory() {
             return new NamingThreadFactory(Executors.defaultThreadFactory(), "SCMTrigger");
@@ -242,11 +245,6 @@ public class SCMTrigger extends Trigger<Item> {
         private static final int THREADS_UPPER_BOUND = 100;
         private static final int THREADS_DEFAULT= 10;
 
-        public DescriptorImpl() {
-            load();
-            resizeThreadPool();
-        }
-
         private void readResolve() {
             if (maximumThreads == 0) {
                 maximumThreads = THREADS_DEFAULT;
@@ -347,6 +345,7 @@ public class SCMTrigger extends Trigger<Item> {
         /**
          * Update the {@link ExecutorService} instance.
          */
+        @PostConstruct
         /*package*/ synchronized void resizeThreadPool() {
             queue.setExecutors(Executors.newFixedThreadPool(maximumThreads, threadFactory()));
         }
diff --git a/core/src/main/java/jenkins/CLI.java b/core/src/main/java/jenkins/CLI.java
index 4d9f9af3df..e0a7f38957 100644
--- a/core/src/main/java/jenkins/CLI.java
+++ b/core/src/main/java/jenkins/CLI.java
@@ -4,6 +4,8 @@ import hudson.Extension;
 import hudson.model.AdministrativeMonitor;
 import java.io.IOException;
 import javax.annotation.Nonnull;
+
+import hudson.model.PersistentDescriptor;
 import jenkins.model.GlobalConfiguration;
 import jenkins.model.GlobalConfigurationCategory;
 import org.jenkinsci.Symbol;
@@ -23,7 +25,7 @@ import org.kohsuke.stapler.interceptor.RequirePOST;
  */
 @Restricted(NoExternalUse.class)
 @Extension @Symbol("remotingCLI")
-public class CLI extends GlobalConfiguration {
+public class CLI extends GlobalConfiguration implements PersistentDescriptor {
 
     /**
      * Supersedes {@link #isEnabled} if set.
@@ -39,10 +41,6 @@ public class CLI extends GlobalConfiguration {
     
     private boolean enabled = true; // historical default, but overridden in SetupWizard
 
-    public CLI() {
-        load();
-    }
-
     @Override
     public @Nonnull GlobalConfigurationCategory getCategory() {
         return GlobalConfigurationCategory.get(GlobalConfigurationCategory.Security.class);
diff --git a/core/src/main/java/jenkins/model/ArtifactManagerConfiguration.java b/core/src/main/java/jenkins/model/ArtifactManagerConfiguration.java
index 29d7439d03..cb411800d9 100644
--- a/core/src/main/java/jenkins/model/ArtifactManagerConfiguration.java
+++ b/core/src/main/java/jenkins/model/ArtifactManagerConfiguration.java
@@ -25,6 +25,7 @@
 package jenkins.model;
 
 import hudson.Extension;
+import hudson.model.PersistentDescriptor;
 import hudson.util.DescribableList;
 import java.io.IOException;
 import net.sf.json.JSONObject;
@@ -38,7 +39,7 @@ import javax.annotation.Nonnull;
  * @since 1.532
  */
 @Extension @Symbol("artifactManager")
-public class ArtifactManagerConfiguration extends GlobalConfiguration {
+public class ArtifactManagerConfiguration extends GlobalConfiguration implements PersistentDescriptor {
     
     public static @Nonnull ArtifactManagerConfiguration get() {
         return GlobalConfiguration.all().getInstance(ArtifactManagerConfiguration.class);
@@ -46,10 +47,6 @@ public class ArtifactManagerConfiguration extends GlobalConfiguration {
 
     private final DescribableList<ArtifactManagerFactory,ArtifactManagerFactoryDescriptor> artifactManagerFactories = new DescribableList<ArtifactManagerFactory,ArtifactManagerFactoryDescriptor>(this);
 
-    public ArtifactManagerConfiguration() {
-        load();
-    }
-
     private Object readResolve() {
         artifactManagerFactories.setOwner(this);
         return this;
diff --git a/core/src/main/java/jenkins/model/DownloadSettings.java b/core/src/main/java/jenkins/model/DownloadSettings.java
index 8c8b75b90b..6f5e6aeabb 100644
--- a/core/src/main/java/jenkins/model/DownloadSettings.java
+++ b/core/src/main/java/jenkins/model/DownloadSettings.java
@@ -30,6 +30,7 @@ import hudson.model.AdministrativeMonitor;
 import hudson.model.AsyncPeriodicWork;
 import hudson.model.DownloadService;
 import hudson.model.DownloadService.Downloadable;
+import hudson.model.PersistentDescriptor;
 import hudson.model.TaskListener;
 import hudson.model.UpdateSite;
 import hudson.util.FormValidation;
@@ -51,7 +52,7 @@ import javax.annotation.Nonnull;
  */
 @Restricted(NoExternalUse.class) // no clear reason for this to be an API
 @Extension @Symbol("downloadSettings")
-public final class DownloadSettings extends GlobalConfiguration {
+public final class DownloadSettings extends GlobalConfiguration implements PersistentDescriptor {
 
     public static @Nonnull DownloadSettings get() {
         return GlobalConfiguration.all().getInstance(DownloadSettings.class);
@@ -59,10 +60,6 @@ public final class DownloadSettings extends GlobalConfiguration {
 
     private boolean useBrowser = false;
     
-    public DownloadSettings() {
-        load();
-    }
-
     public boolean isUseBrowser() {
         return useBrowser;
     }
diff --git a/core/src/main/java/jenkins/model/JenkinsLocationConfiguration.java b/core/src/main/java/jenkins/model/JenkinsLocationConfiguration.java
index ed402938b4..1e9213df75 100644
--- a/core/src/main/java/jenkins/model/JenkinsLocationConfiguration.java
+++ b/core/src/main/java/jenkins/model/JenkinsLocationConfiguration.java
@@ -3,6 +3,7 @@ package jenkins.model;
 import hudson.Extension;
 import hudson.Util;
 import hudson.XmlFile;
+import hudson.model.PersistentDescriptor;
 import hudson.util.FormValidation;
 import hudson.util.XStream2;
 import org.jenkinsci.Symbol;
@@ -31,7 +32,7 @@ import javax.annotation.Nonnull;
  * @since 1.494
  */
 @Extension @Symbol("location")
-public class JenkinsLocationConfiguration extends GlobalConfiguration {
+public class JenkinsLocationConfiguration extends GlobalConfiguration implements PersistentDescriptor {
     /**
      * @deprecated replaced by {@link #jenkinsUrl}
      */
@@ -59,10 +60,6 @@ public class JenkinsLocationConfiguration extends GlobalConfiguration {
         return config;
     }
 
-    public JenkinsLocationConfiguration() {
-        load();
-    }
-
     @Override
     public synchronized void load() {
         // for backward compatibility, if we don't have our own data yet, then
diff --git a/core/src/main/java/jenkins/mvn/GlobalMavenConfig.java b/core/src/main/java/jenkins/mvn/GlobalMavenConfig.java
index 24cdb171e2..477aa34afd 100644
--- a/core/src/main/java/jenkins/mvn/GlobalMavenConfig.java
+++ b/core/src/main/java/jenkins/mvn/GlobalMavenConfig.java
@@ -1,6 +1,7 @@
 package jenkins.mvn;
 
 import hudson.Extension;
+import hudson.model.PersistentDescriptor;
 import jenkins.model.GlobalConfiguration;
 import jenkins.model.GlobalConfigurationCategory;
 import jenkins.tools.ToolConfigurationCategory;
@@ -11,14 +12,10 @@ import javax.annotation.Nonnull;
 
 //as close as it gets to the global Maven Project configuration
 @Extension(ordinal = 50) @Symbol("maven")
-public class GlobalMavenConfig extends GlobalConfiguration {
+public class GlobalMavenConfig extends GlobalConfiguration  implements PersistentDescriptor {
     private SettingsProvider settingsProvider;
     private GlobalSettingsProvider globalSettingsProvider;
 
-    public GlobalMavenConfig() {
-        load();
-    }
-
     @Override
     public @Nonnull ToolConfigurationCategory getCategory() {
         return GlobalConfigurationCategory.get(ToolConfigurationCategory.class);
diff --git a/core/src/main/java/jenkins/security/QueueItemAuthenticatorConfiguration.java b/core/src/main/java/jenkins/security/QueueItemAuthenticatorConfiguration.java
index df85943f26..c6283401b2 100644
--- a/core/src/main/java/jenkins/security/QueueItemAuthenticatorConfiguration.java
+++ b/core/src/main/java/jenkins/security/QueueItemAuthenticatorConfiguration.java
@@ -1,6 +1,7 @@
 package jenkins.security;
 
 import hudson.Extension;
+import hudson.model.PersistentDescriptor;
 import hudson.model.queue.Tasks;
 import hudson.util.DescribableList;
 import jenkins.model.GlobalConfiguration;
@@ -21,14 +22,10 @@ import java.util.List;
  * @since 1.520
  */
 @Extension @Symbol("queueItemAuthenticator")
-public class QueueItemAuthenticatorConfiguration extends GlobalConfiguration {
+public class QueueItemAuthenticatorConfiguration extends GlobalConfiguration implements PersistentDescriptor {
     private final DescribableList<QueueItemAuthenticator,QueueItemAuthenticatorDescriptor> authenticators
         = new DescribableList<QueueItemAuthenticator, QueueItemAuthenticatorDescriptor>(this);
 
-    public QueueItemAuthenticatorConfiguration() {
-        load();
-    }
-
     private Object readResolve() {
         authenticators.setOwner(this);
         return this;
diff --git a/core/src/main/java/jenkins/security/UpdateSiteWarningsConfiguration.java b/core/src/main/java/jenkins/security/UpdateSiteWarningsConfiguration.java
index 8ea916bab4..a623702258 100644
--- a/core/src/main/java/jenkins/security/UpdateSiteWarningsConfiguration.java
+++ b/core/src/main/java/jenkins/security/UpdateSiteWarningsConfiguration.java
@@ -26,6 +26,7 @@ package jenkins.security;
 
 import hudson.Extension;
 import hudson.PluginWrapper;
+import hudson.model.PersistentDescriptor;
 import hudson.model.UpdateSite;
 import jenkins.model.GlobalConfiguration;
 import jenkins.model.GlobalConfigurationCategory;
@@ -50,7 +51,7 @@ import java.util.Set;
  */
 @Extension
 @Restricted(NoExternalUse.class)
-public class UpdateSiteWarningsConfiguration extends GlobalConfiguration {
+public class UpdateSiteWarningsConfiguration extends GlobalConfiguration implements PersistentDescriptor {
 
     private HashSet<String> ignoredWarnings = new HashSet<>();
 
@@ -59,10 +60,6 @@ public class UpdateSiteWarningsConfiguration extends GlobalConfiguration {
         return GlobalConfigurationCategory.get(GlobalConfigurationCategory.Security.class);
     }
 
-    public UpdateSiteWarningsConfiguration() {
-        load();
-    }
-
     @Nonnull
     public Set<String> getIgnoredWarnings() {
         return Collections.unmodifiableSet(ignoredWarnings);
diff --git a/core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyConfiguration.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyConfiguration.java
index ba7c866d73..e032f2818d 100644
--- a/core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyConfiguration.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenPropertyConfiguration.java
@@ -24,6 +24,7 @@
 package jenkins.security.apitoken;
 
 import hudson.Extension;
+import hudson.model.PersistentDescriptor;
 import jenkins.model.GlobalConfiguration;
 import jenkins.model.GlobalConfigurationCategory;
 import org.jenkinsci.Symbol;
@@ -35,7 +36,7 @@ import org.jenkinsci.Symbol;
  */
 @Extension 
 @Symbol("apiToken")
-public class ApiTokenPropertyConfiguration extends GlobalConfiguration {
+public class ApiTokenPropertyConfiguration extends GlobalConfiguration implements PersistentDescriptor {
     /**
      * When a user is created, this property determines whether or not we create a legacy token for the user.
      * For security reasons, we do not recommend you enable this but we left that open to ease upgrades.
@@ -58,10 +59,6 @@ public class ApiTokenPropertyConfiguration extends GlobalConfiguration {
         return GlobalConfiguration.all().get(ApiTokenPropertyConfiguration.class);
     }
 
-    public ApiTokenPropertyConfiguration() {
-        load();
-    }
-
     public boolean hasExistingConfigFile(){
         return getConfigFile().exists();
     }
-- 
GitLab


From 2e3a4098eed031d291e3e3ee062169a6db0491af Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <Wadeck@users.noreply.github.com>
Date: Sat, 18 Aug 2018 10:52:40 +0200
Subject: [PATCH 680/863] Cleanup API Token reflection (#3587)

- that was used for compatibility with new API token released after the version that received the security fix
---
 .../jenkins/security/BasicApiTokenHelper.java |  27 +--
 ...eaderApiTokenAuthenticatorTest_SEC986.java | 200 ------------------
 2 files changed, 3 insertions(+), 224 deletions(-)
 delete mode 100644 test/src/test/java/jenkins/security/BasicHeaderApiTokenAuthenticatorTest_SEC986.java

diff --git a/core/src/main/java/jenkins/security/BasicApiTokenHelper.java b/core/src/main/java/jenkins/security/BasicApiTokenHelper.java
index bafece0e57..ed45727b43 100644
--- a/core/src/main/java/jenkins/security/BasicApiTokenHelper.java
+++ b/core/src/main/java/jenkins/security/BasicApiTokenHelper.java
@@ -26,6 +26,7 @@ package jenkins.security;
 import hudson.Util;
 import hudson.model.User;
 import jenkins.model.GlobalConfiguration;
+import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 
@@ -40,7 +41,8 @@ public class BasicApiTokenHelper {
     public static @CheckForNull User isConnectingUsingApiToken(String username, String tokenValue){
         User user = User.getById(username, false);
         if(user == null){
-            if(isLegacyTokenGeneratedOnUserCreation()){
+            ApiTokenPropertyConfiguration apiTokenConfiguration = GlobalConfiguration.all().getInstance(ApiTokenPropertyConfiguration.class);
+            if(apiTokenConfiguration.isTokenGenerationOnCreationEnabled()){
                 String generatedTokenOnCreation = Util.getDigestOf(ApiTokenProperty.API_KEY_SEED.mac(username));
                 boolean areTokenEqual = MessageDigest.isEqual(
                         generatedTokenOnCreation.getBytes(StandardCharsets.US_ASCII),
@@ -62,27 +64,4 @@ public class BasicApiTokenHelper {
         
         return null;
     }
-    
-    //TODO could be simplified when the patch is merged in 2.129+
-    @SuppressWarnings("unchecked")
-    static boolean isLegacyTokenGeneratedOnUserCreation(){
-        Class<GlobalConfiguration> clazz;
-        try {
-            clazz = (Class<GlobalConfiguration>) BasicApiTokenHelper.class.getClassLoader().loadClass("jenkins.security.apitoken.ApiTokenPropertyConfiguration");
-        } catch (ClassNotFoundException e) {
-            // case the new api token system is not in place
-            return true;
-        }
-        
-        Object apiTokenConfiguration = GlobalConfiguration.all().get(clazz);
-        boolean tokenGenerationOnCreationEnabled;
-        try {
-            Method isTokenGenerationOnCreationEnabled = clazz.getDeclaredMethod("isTokenGenerationOnCreationEnabled");
-            tokenGenerationOnCreationEnabled = (boolean) isTokenGenerationOnCreationEnabled.invoke(apiTokenConfiguration);
-        } catch (NoSuchMethodException | IllegalAccessException | InvocationTargetException e) {
-            return false;
-        }
-        
-        return tokenGenerationOnCreationEnabled;
-    }
 }
diff --git a/test/src/test/java/jenkins/security/BasicHeaderApiTokenAuthenticatorTest_SEC986.java b/test/src/test/java/jenkins/security/BasicHeaderApiTokenAuthenticatorTest_SEC986.java
deleted file mode 100644
index f72c407b70..0000000000
--- a/test/src/test/java/jenkins/security/BasicHeaderApiTokenAuthenticatorTest_SEC986.java
+++ /dev/null
@@ -1,200 +0,0 @@
-/*
- * The MIT License
- *
- * Copyright (c) 2018, CloudBees, Inc.
- *
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included in
- * all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
- * THE SOFTWARE.
- */
-package jenkins.security;
-
-import com.gargoylesoftware.htmlunit.WebRequest;
-import com.gargoylesoftware.htmlunit.html.HtmlPage;
-import com.gargoylesoftware.htmlunit.html.HtmlTextInput;
-import com.gargoylesoftware.htmlunit.xml.XmlPage;
-import hudson.ExtensionComponent;
-import hudson.model.User;
-import jenkins.ExtensionFilter;
-import jenkins.model.Jenkins;
-import org.junit.Assume;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.runners.model.Statement;
-import org.jvnet.hudson.test.JenkinsRule;
-import org.jvnet.hudson.test.MockAuthorizationStrategy;
-import org.jvnet.hudson.test.RestartableJenkinsRule;
-import org.jvnet.hudson.test.TestExtension;
-
-import java.net.URL;
-import java.nio.charset.StandardCharsets;
-import java.util.Base64;
-import java.util.concurrent.atomic.AtomicReference;
-
-import static org.hamcrest.Matchers.equalTo;
-import static org.hamcrest.Matchers.is;
-import static org.hamcrest.xml.HasXPath.hasXPath;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertNull;
-import static org.junit.Assert.assertThat;
-
-public class BasicHeaderApiTokenAuthenticatorTest_SEC986 {
-    @Rule
-    public RestartableJenkinsRule rr = new RestartableJenkinsRule();
-    
-    @Test
-    public void legacyToken_regularCase() {
-        AtomicReference<String> token = new AtomicReference<>();
-        rr.addStep(new Statement() {
-            @Override
-            public void evaluate() throws Throwable {
-                assumeLegacyTokenCreation();
-                
-                configureSecurity();
-                
-                {
-                    JenkinsRule.WebClient wc = rr.j.createWebClient();
-                    // default SecurityListener will save the user when adding the LastGrantedAuthoritiesProperty
-                    // and so the user is persisted
-                    wc.login("user1");
-                    HtmlPage page = wc.goTo("user/user1/configure");
-                    String tokenValue = ((HtmlTextInput) page.getDocumentElement().querySelector("#apiToken")).getText();
-                    token.set(tokenValue);
-                }
-            }
-        });
-        rr.addStep(new Statement() {
-            @Override
-            public void evaluate() throws Throwable {
-                User user = User.getById("user1", false);
-                assertNotNull(user);
-                
-                JenkinsRule.WebClient wc = rr.j.createWebClient();
-                wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
-                
-                { // for invalid token, no effect
-                    WebRequest request = new WebRequest(new URL(rr.j.jenkins.getRootUrl() + "whoAmI/api/xml"));
-                    request.setAdditionalHeader("Authorization", base64("user1", "invalid-token"));
-                    assertThat(wc.getPage(request).getWebResponse().getStatusCode(), equalTo(401));
-                }
-                { // for invalid user, no effect
-                    WebRequest request = new WebRequest(new URL(rr.j.jenkins.getRootUrl() + "whoAmI/api/xml"));
-                    request.setAdditionalHeader("Authorization", base64("user-not-valid", token.get()));
-                    assertThat(wc.getPage(request).getWebResponse().getStatusCode(), equalTo(401));
-                }
-    
-                assertNull(User.getById("user-not-valid", false));
-                
-                { // valid user with valid token, ok
-                    WebRequest request = new WebRequest(new URL(rr.j.jenkins.getRootUrl() + "whoAmI/api/xml"));
-                    request.setAdditionalHeader("Authorization", base64("user1", token.get()));
-                    XmlPage xmlPage = wc.getPage(request);
-                    assertThat(xmlPage, hasXPath("//name", is("user1")));
-                }
-            }
-        });
-    }
-    
-    /*
-     * The user is not saved after login without the default SecurityListener#fireAuthenticated
-     */
-    @Test
-    public void legacyToken_withoutLastGrantedAuthorities() {
-        AtomicReference<String> token = new AtomicReference<>();
-        rr.addStep(new Statement() {
-            @Override
-            public void evaluate() throws Throwable {
-                assumeLegacyTokenCreation();
-                
-                configureSecurity();
-                
-                {
-                    JenkinsRule.WebClient wc = rr.j.createWebClient();
-                    wc.login("user1");
-                    HtmlPage page = wc.goTo("user/user1/configure");
-                    String tokenValue = ((HtmlTextInput) page.getDocumentElement().querySelector("#apiToken")).getText();
-                    token.set(tokenValue);
-                }
-            }
-        });
-        rr.addStep(new Statement() {
-            @Override
-            public void evaluate() throws Throwable {
-                User user = User.getById("user1", false);
-                assertNull(user);
-                
-                JenkinsRule.WebClient wc = rr.j.createWebClient();
-                wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
-                
-                { // for invalid token, no effect
-                    WebRequest request = new WebRequest(new URL(rr.j.jenkins.getRootUrl() + "whoAmI/api/xml"));
-                    request.setAdditionalHeader("Authorization", base64("user1", "invalid-token"));
-                    assertThat(wc.getPage(request).getWebResponse().getStatusCode(), equalTo(401));
-                }
-                { // for invalid user, no effect
-                    WebRequest request = new WebRequest(new URL(rr.j.jenkins.getRootUrl() + "whoAmI/api/xml"));
-                    request.setAdditionalHeader("Authorization", base64("user-not-valid", token.get()));
-                    assertThat(wc.getPage(request).getWebResponse().getStatusCode(), equalTo(401));
-                }
-    
-                assertNull(User.getById("user1", false));
-                assertNull(User.getById("user-not-valid", false));
-                
-                { // valid user with valid token, ok
-                    WebRequest request = new WebRequest(new URL(rr.j.jenkins.getRootUrl() + "whoAmI/api/xml"));
-                    request.setAdditionalHeader("Authorization", base64("user1", token.get()));
-                    XmlPage xmlPage = wc.getPage(request);
-                    assertThat(xmlPage, hasXPath("//name", is("user1")));
-                }
-            }
-        });
-        rr.addStep(new Statement() {
-            @Override
-            public void evaluate() throws Throwable {
-                User user = User.getById("user1", false);
-                assertNull(user);
-            }
-        });
-    }
-    
-    @TestExtension("legacyToken_withoutLastGrantedAuthorities")
-    public static class RemoveDefaultSecurityListener extends ExtensionFilter {
-        @Override
-        public <T> boolean allows(Class<T> type, ExtensionComponent<T> component) {
-            return !SecurityListener.class.isAssignableFrom(type);
-        }
-    }
-    
-    private void configureSecurity() throws Exception {
-        rr.j.jenkins.setSecurityRealm(rr.j.createDummySecurityRealm());
-        rr.j.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy()
-                .grant(Jenkins.ADMINISTER).everywhere().toEveryone());
-        rr.j.jenkins.save();
-    }
-    
-    @SuppressWarnings("unchecked")
-    private void assumeLegacyTokenCreation() {
-        Assume.assumeTrue(
-                "New API token system present AND legacy token is not generated on user creation", 
-                BasicApiTokenHelper.isLegacyTokenGeneratedOnUserCreation()
-        );
-    }
-    
-    private String base64(String login, String password) {
-        return "Basic " + Base64.getEncoder().encodeToString((login + ":" + password).getBytes(StandardCharsets.UTF_8));
-    }
-}
-- 
GitLab


From b3f6ca61e028c45094b2a188a3439aa4202a8ffe Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sat, 18 Aug 2018 10:58:59 +0200
Subject: [PATCH 681/863] [JENKINS-52181] - Fix the unit test

---
 test/src/test/java/hudson/cli/ConsoleCommandTest.java | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/test/src/test/java/hudson/cli/ConsoleCommandTest.java b/test/src/test/java/hudson/cli/ConsoleCommandTest.java
index 1c05b7fb69..3c0682d2d8 100644
--- a/test/src/test/java/hudson/cli/ConsoleCommandTest.java
+++ b/test/src/test/java/hudson/cli/ConsoleCommandTest.java
@@ -84,13 +84,20 @@ public class ConsoleCommandTest {
     
     @Issue("JENKINS-52181")
     @Test public void consoleShouldBeAccessibleForUserWithRead() throws Exception {	
-        j.createFreeStyleProject("aProject");	
+        FreeStyleProject project = j.createFreeStyleProject("aProject");	
+        if (Functions.isWindows()) {
+            project.getBuildersList().add(new BatchFile("echo 1"));
+        } else {
+            project.getBuildersList().add(new Shell("echo 1"));
+        }
+        assertThat(project.scheduleBuild2(0).get().getLog(), containsString("echo 1"));
+        
         final CLICommandInvoker.Result result = command	
                 .authorizedTo(Jenkins.READ, Job.READ)	
                 .invokeWithArgs("aProject");	
         
         assertThat(result, succeeded());
-        assertThat(result.stdout(), containsString("echo 5"));	
+        assertThat(result.stdout(), containsString("echo 1"));	
     }
 
     @Test public void consoleShouldFailWhenProjectDoesNotExist() throws Exception {
-- 
GitLab


From 45e7d631b6fae50805914ea45fba642ed39a880a Mon Sep 17 00:00:00 2001
From: surenpi <zxjlwt@126.com>
Date: Sat, 18 Aug 2018 23:24:06 +0800
Subject: [PATCH 682/863] Add Chinese localization for jenkins/security

---
 .../ApiTokenProperty/config_zh_CN.properties  |  1 +
 .../config_zh_CN.properties                   |  1 +
 .../manage_zh_CN.properties                   |  6 +++-
 .../security/csrf/Messages_zh_CN.properties   | 25 +++++++++++++++++
 .../message_zh_CN.properties                  | 28 +++++++++++++++++++
 .../AdminWhitelistRule/index_zh_CN.properties | 27 ++++++++++++++++++
 .../message_zh_CN.properties                  | 28 +++++++++++++++++++
 .../security/s2m/Messages_zh_CN.properties    | 26 +++++++++++++++++
 8 files changed, 141 insertions(+), 1 deletion(-)
 create mode 100644 core/src/main/resources/jenkins/security/csrf/Messages_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/security/s2m/AdminCallableMonitor/message_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/security/s2m/AdminWhitelistRule/index_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/security/s2m/MasterKillSwitchWarning/message_zh_CN.properties
 create mode 100644 core/src/main/resources/jenkins/security/s2m/Messages_zh_CN.properties

diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config_zh_CN.properties b/core/src/main/resources/jenkins/security/ApiTokenProperty/config_zh_CN.properties
index c4bb98365d..ca8f3ae3fb 100644
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config_zh_CN.properties
+++ b/core/src/main/resources/jenkins/security/ApiTokenProperty/config_zh_CN.properties
@@ -45,3 +45,4 @@ Cancel=\u53D6\u6D88
 Show\ Legacy\ API\ Token=\u663E\u793A\u9057\u7559\u7684 API Token
 Legacy\ API\ Token=\u9057\u7559\u7684 API Token
 Change\ API\ Token=\u4FEE\u6539 API Token
+TokenNeverUsedValue=Token \u4ECE\u672A\u7528\u8FC7\u7684\u503C
diff --git a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config_zh_CN.properties b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config_zh_CN.properties
index ffdfdcdd82..727776df19 100644
--- a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config_zh_CN.properties
+++ b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config_zh_CN.properties
@@ -23,3 +23,4 @@
 tokenGenerationOnCreationEnabled=\u4E3A\u6BCF\u4E2A\u65B0\u521B\u5EFA\u7684\u7528\u6237\u751F\u6210\u4E00\u4E2A\u9057\u7559\u7684 API token \uFF08\u4E0D\u5EFA\u8BAE\uFF09
 creationOfLegacyTokenEnabled=\u5141\u8BB8\u7528\u6237\u624B\u52A8\u521B\u5EFA\u4E00\u4E2A\u9057\u7559\u7684 API token \uFF08\u4E0D\u5EFA\u8BAE\uFF09
 usageStatisticsEnabled=\u542F\u7528 API Token \u4F7F\u7528\u7EDF\u8BA1
+API\ Token=API Token
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage_zh_CN.properties b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage_zh_CN.properties
index b575a8d42f..25dccf56c8 100644
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage_zh_CN.properties
+++ b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage_zh_CN.properties
@@ -58,4 +58,8 @@ RevokeAllSelected_nothing=\u6CA1\u6709\u9009\u62E9 Token\uFF0C\u8BF7\u81F3\u5C11
 Select=\u9009\u62E9
 only\ recent=\u4EC5\u6700\u8FD1\u7528\u8FC7\u7684
 only\ fresh=\u4EC5\u65B0\u7684
-all=\u6240\u6709
\ No newline at end of file
+all=\u6240\u6709
+Recently\ used\ token=\u6700\u8FD1\u4F7F\u7528\u8FC7\u7684 Token
+No\ fresh\ token=\u6CA1\u6709\u65B0\u7684 Token
+Fresh\ token=\u65B0\u7684 Token
+No\ recently\ used\ token=\u6CA1\u6709\u6700\u8FD1\u4F7F\u7528\u8FC7\u7684 Token
diff --git a/core/src/main/resources/jenkins/security/csrf/Messages_zh_CN.properties b/core/src/main/resources/jenkins/security/csrf/Messages_zh_CN.properties
new file mode 100644
index 0000000000..06e21c04c3
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/csrf/Messages_zh_CN.properties
@@ -0,0 +1,25 @@
+#
+# The MIT License
+#
+# Copyright (c) 2018, suren
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+#
+
+CSRFAdministrativeMonitor.displayName=\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020\uFF08CSRF\uFF09\u4FDD\u62A4\u76D1\u63A7
diff --git a/core/src/main/resources/jenkins/security/s2m/AdminCallableMonitor/message_zh_CN.properties b/core/src/main/resources/jenkins/security/s2m/AdminCallableMonitor/message_zh_CN.properties
new file mode 100644
index 0000000000..bded8c0b7b
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/s2m/AdminCallableMonitor/message_zh_CN.properties
@@ -0,0 +1,28 @@
+#
+# The MIT License
+#
+# Copyright (c) 2018, suren
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+#
+
+blurb=\u7531\u4E8E\u6211\u4EEC\u4E0D\u786E\u5B9A\u5B83\u662F\u5426\u5141\u8BB8\u4EE3\u7406\u6267\u884C\uFF0CJenkins \u5DF2\u7ECF\u62D2\u7EDD\u4E86\u90E8\u5206\u6765\u81EA\u4EE3\u7406\u7684\u547D\u4EE4\uFF0C\u8FD9\u53EF\u80FD\u4F1A\u5F71\u54CD\u90E8\u5206\u6784\u5EFA\u3002\
+  \u60A8\u56E0\u8BE5\u68C0\u67E5\u8BE5\u60C5\u51B5\uFF0C\u51B3\u5B9A\u662F\u5426\u628A\u8FD9\u4E9B\u547D\u4EE4\u6DFB\u52A0\u5230\u767D\u540D\u5355\u3002
+Dismiss=\u53D6\u6D88
+Examine=\u68C0\u67E5
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/security/s2m/AdminWhitelistRule/index_zh_CN.properties b/core/src/main/resources/jenkins/security/s2m/AdminWhitelistRule/index_zh_CN.properties
new file mode 100644
index 0000000000..fe6a966d95
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/s2m/AdminWhitelistRule/index_zh_CN.properties
@@ -0,0 +1,27 @@
+#
+# The MIT License
+#
+# Copyright (c) 2018, suren
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+#
+
+Whitelist=\u767D\u540D\u5355
+Agent\ &\#8594;\ Master\ Access\ Control=Master \u5BF9\u4EE3\u7406\u7684\u8BBF\u95EE\u63A7\u5236
+Update=\u66F4\u65B0
diff --git a/core/src/main/resources/jenkins/security/s2m/MasterKillSwitchWarning/message_zh_CN.properties b/core/src/main/resources/jenkins/security/s2m/MasterKillSwitchWarning/message_zh_CN.properties
new file mode 100644
index 0000000000..cf3bfadcb5
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/s2m/MasterKillSwitchWarning/message_zh_CN.properties
@@ -0,0 +1,28 @@
+#
+# The MIT License
+#
+# Copyright (c) 2018, suren
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+#
+
+blurb=\u4ECE\u4EE3\u7406\u5230 Master \u7684\u5B89\u5168\u5B50\u7CFB\u7EDF\u5DF2\u5173\u95ED\u3002
+    <a href="https://jenkins.io/redirect/security-144" target="_blank">\u8BF7\u67E5\u770B\u6587\u6863</a>\u540E\u8003\u8651\u662F\u5426\u8981\u6253\u5F00\u5B89\u5168\u8BBE\u7F6E\u3002
+Dismiss=\u53D6\u6D88
+Examine=\u68C0\u67E5
diff --git a/core/src/main/resources/jenkins/security/s2m/Messages_zh_CN.properties b/core/src/main/resources/jenkins/security/s2m/Messages_zh_CN.properties
new file mode 100644
index 0000000000..3ed723a267
--- /dev/null
+++ b/core/src/main/resources/jenkins/security/s2m/Messages_zh_CN.properties
@@ -0,0 +1,26 @@
+#
+# The MIT License
+#
+# Copyright (c) 2018, suren
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+#
+
+AdminCallableMonitor.DisplayName=\u62D2\u7EDD\u4EE3\u7406\u5230 Master \u7684\u8BBF\u95EE
+MasterKillSwitchWarning.DisplayName=\u7981\u7528\u4EE3\u7406\u5230 Master \u7684\u8BBF\u95EE\u63A7\u5236
-- 
GitLab


From 1a27da9c7f0e566a1a9406081c0625a0ff8c2f57 Mon Sep 17 00:00:00 2001
From: ikedam <devld@ikedam.jp>
Date: Sun, 19 Aug 2018 03:06:58 +0900
Subject: [PATCH 683/863] [JENKINS-37599] Fix handling of "minimum" in
 f:repeatable and f:repeatableProperty (#3583)

* [JENKINS-37599] Add a test to reproduce the issue of handling "minimum" field of nestedRepeatableProperty

* [JENKINS-37599] Default the minimum of repeatable and repeatableProperty to 0
---
 .../main/resources/lib/form/repeatable.jelly  |  1 +
 .../lib/form/repeatableProperty.jelly         |  2 +-
 .../java/lib/form/RepeatablePropertyTest.java | 52 +++++++++++++++++++
 .../ExcitingObjectContainer/config.jelly      |  9 ++++
 .../form/RepeatablePropertyTest/nested.jelly  | 14 +++++
 5 files changed, 77 insertions(+), 1 deletion(-)
 create mode 100644 test/src/test/resources/lib/form/RepeatablePropertyTest/ExcitingObjectContainer/config.jelly
 create mode 100644 test/src/test/resources/lib/form/RepeatablePropertyTest/nested.jelly

diff --git a/core/src/main/resources/lib/form/repeatable.jelly b/core/src/main/resources/lib/form/repeatable.jelly
index c326bd1452..09098d9203 100644
--- a/core/src/main/resources/lib/form/repeatable.jelly
+++ b/core/src/main/resources/lib/form/repeatable.jelly
@@ -107,6 +107,7 @@ THE SOFTWARE.
     </st:attribute>
     <st:attributeConstraints expr="((var,items,name?)|field),varStatus?,noAddButton?,enableTopButton?,add?,minimum?,header?"/>
   </st:documentation>
+  <j:set var="minimum" value="${attrs.minimum ?: 0}" />
 
 
   <st:adjunct includes="lib.form.repeatable.repeatable"/>
diff --git a/core/src/main/resources/lib/form/repeatableProperty.jelly b/core/src/main/resources/lib/form/repeatableProperty.jelly
index bceab6d2f6..d2198b2742 100644
--- a/core/src/main/resources/lib/form/repeatableProperty.jelly
+++ b/core/src/main/resources/lib/form/repeatableProperty.jelly
@@ -67,7 +67,7 @@ THE SOFTWARE.
   </st:documentation>
 
 
-  <f:repeatable field="${attrs.field}" default="${attrs.default}" noAddButton="${attrs.noAddButton}" header="${attrs.header}" add="${attrs.add}" enableTopButton="${attrs.enableTopButton}">
+  <f:repeatable field="${attrs.field}" default="${attrs.default}" noAddButton="${attrs.noAddButton}" header="${attrs.header}" add="${attrs.add}" minimum="${attrs.minimum ?: 0}" enableTopButton="${attrs.enableTopButton}">
     <table style="width:100%">
       <st:include page="config.jelly" class="${descriptor.clazz}" />
       <d:invokeBody/>
diff --git a/test/src/test/java/lib/form/RepeatablePropertyTest.java b/test/src/test/java/lib/form/RepeatablePropertyTest.java
index 405a6f339b..f12a26399a 100644
--- a/test/src/test/java/lib/form/RepeatablePropertyTest.java
+++ b/test/src/test/java/lib/form/RepeatablePropertyTest.java
@@ -29,14 +29,20 @@ import com.gargoylesoftware.htmlunit.html.HtmlForm;
 import com.gargoylesoftware.htmlunit.html.HtmlPage;
 import com.gargoylesoftware.htmlunit.html.HtmlTextInput;
 import hudson.Extension;
+import hudson.model.AbstractDescribableImpl;
 import hudson.model.Describable;
 import hudson.model.Descriptor;
 import jenkins.model.Jenkins;
+
+import org.apache.commons.collections4.CollectionUtils;
+import org.apache.commons.collections4.Predicate;
 import org.jvnet.hudson.test.HudsonTestCase;
+import org.jvnet.hudson.test.Issue;
 import org.kohsuke.stapler.DataBoundConstructor;
 
 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.Collections;
 import java.util.List;
 
 public class RepeatablePropertyTest extends HudsonTestCase implements Describable<RepeatablePropertyTest> {
@@ -46,6 +52,7 @@ public class RepeatablePropertyTest extends HudsonTestCase implements Describabl
     
     public ArrayList<ExcitingObject> testRepeatable;
     public ArrayList<ExcitingObject> defaults;
+    public List<ExcitingObjectContainer> testRepeatableContainer;
     
     public void testSimple() throws Exception {
         testRepeatable = createRepeatable();
@@ -69,6 +76,32 @@ public class RepeatablePropertyTest extends HudsonTestCase implements Describabl
         ));
         assertFormContents(VIEW_WITH_DEFAULT, testRepeatable);
     }
+
+    @Issue("JENKINS-37599")
+    public void testNestedRepeatableProperty() throws Exception {
+        testRepeatableContainer = Collections.emptyList();
+        // minimum="1" is set for the upper one,
+        // the form should be:
+        // * 1 ExcitingObjectCotainer
+        // * no ExcitingObject
+        final HtmlForm form = getForm("nested");
+        List<HtmlTextInput> containerNameInputs = form.getElementsByAttribute("input", "type", "text");
+        CollectionUtils.filter(containerNameInputs, new Predicate<HtmlTextInput>() {
+            @Override
+            public boolean evaluate(HtmlTextInput input) {
+                return input.getNameAttribute().endsWith(".containerName");
+            }
+        });
+        List<HtmlTextInput> greatPropertyInputs = form.getElementsByAttribute("input", "type", "text");
+        CollectionUtils.filter(greatPropertyInputs, new Predicate<HtmlTextInput>() {
+            @Override
+            public boolean evaluate(HtmlTextInput input) {
+                return input.getNameAttribute().endsWith(".greatProperty");
+            }
+        });
+        assertEquals(1, containerNameInputs.size());
+        assertEquals(0, greatPropertyInputs.size());
+    }
         
     private void assertFormContents(final String viewName, final ArrayList<ExcitingObject> expected) throws Exception {
         final HtmlForm form = getForm(viewName);
@@ -147,4 +180,23 @@ public class RepeatablePropertyTest extends HudsonTestCase implements Describabl
         }
     }
 
+    public static final class ExcitingObjectContainer extends AbstractDescribableImpl<ExcitingObjectContainer> {
+        String containerName;
+        List<ExcitingObject> excitingObjectList;
+
+        @DataBoundConstructor
+        public ExcitingObjectContainer(String containerName, List<ExcitingObject> excitingObjectList) {
+            this.containerName = containerName;
+            this.excitingObjectList = excitingObjectList;
+        }
+        public String getContainerName() {
+            return containerName;
+        }
+        public List<ExcitingObject> getExcitingObjectList() {
+            return excitingObjectList;
+        }
+        @Extension
+        public static final class DescriptorImpl extends Descriptor<ExcitingObjectContainer> {
+        }
+    }
 }
diff --git a/test/src/test/resources/lib/form/RepeatablePropertyTest/ExcitingObjectContainer/config.jelly b/test/src/test/resources/lib/form/RepeatablePropertyTest/ExcitingObjectContainer/config.jelly
new file mode 100644
index 0000000000..0bb4c48ef8
--- /dev/null
+++ b/test/src/test/resources/lib/form/RepeatablePropertyTest/ExcitingObjectContainer/config.jelly
@@ -0,0 +1,9 @@
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
+    <f:entry field="containerName">
+        <f:textbox/>
+    </f:entry>
+    <f:entry title="Exciting Objects">
+        <f:repeatableProperty field="excitingObjectList"/>
+    </f:entry>
+</j:jelly>
diff --git a/test/src/test/resources/lib/form/RepeatablePropertyTest/nested.jelly b/test/src/test/resources/lib/form/RepeatablePropertyTest/nested.jelly
new file mode 100644
index 0000000000..e238e042be
--- /dev/null
+++ b/test/src/test/resources/lib/form/RepeatablePropertyTest/nested.jelly
@@ -0,0 +1,14 @@
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
+    <l:layout title="Testing nested repeatableProperty">
+        <l:main-panel>
+            <f:form method="post" name="config" action="thisFormIsOnlyInspectedInTheTests">
+                <j:set var="instance" value="${it}" />
+                <j:set var="descriptor" value="${it.descriptor}" />
+                <f:entry title="Nested Exciting Objects">
+                    <f:repeatableProperty field="testRepeatableContainer" minimum="1" />
+                </f:entry>
+            </f:form>
+        </l:main-panel>
+    </l:layout>
+</j:jelly>
-- 
GitLab


From 5b24467bbf112a7265d38692bfe57c87290b2184 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Sat, 18 Aug 2018 23:45:05 +0200
Subject: [PATCH 684/863] Forward to jenkins.io instead of wiki directly

---
 .../main/java/hudson/diagnosis/ReverseProxySetupMonitor.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/diagnosis/ReverseProxySetupMonitor.java b/core/src/main/java/hudson/diagnosis/ReverseProxySetupMonitor.java
index 38a9215c22..5e3563f3a4 100644
--- a/core/src/main/java/hudson/diagnosis/ReverseProxySetupMonitor.java
+++ b/core/src/main/java/hudson/diagnosis/ReverseProxySetupMonitor.java
@@ -92,7 +92,7 @@ public class ReverseProxySetupMonitor extends AdministrativeMonitor {
             // of course the irony is that this redirect won't work
             return HttpResponses.redirectViaContextPath("/manage");
         } else {
-            return new HttpRedirect("https://wiki.jenkins-ci.org/display/JENKINS/Jenkins+says+my+reverse+proxy+setup+is+broken");
+            return new HttpRedirect("https://jenkins.io/redirect/troubleshooting/broken-reverse-proxy");
         }
     }
 
-- 
GitLab


From b8157190131e1a83fa5799c48f622bdd48135b52 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 20 Aug 2018 12:03:03 -0700
Subject: [PATCH 685/863] [maven-release-plugin] prepare release jenkins-2.139

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d54dac5918..2ebf69d45e 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.139</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 763fa20fe2..84565d2b8d 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.139</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 8df9ff40e7..b89f408f1d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.139</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.139</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..7b118a702c 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.139</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 5c3b3557ca..070bd195d7 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.139</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From d73575215b8954a2a7268de8f58f2f84253de5f7 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 20 Aug 2018 12:03:09 -0700
Subject: [PATCH 686/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 6 +++---
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 2ebf69d45e..d54dac5918 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.139</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 84565d2b8d..763fa20fe2 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.139</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index b89f408f1d..86c1ce5935 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.139</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.139</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.139</revision>
+    <revision>2.140</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 7b118a702c..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.139</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 070bd195d7..5c3b3557ca 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.139</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 51c75aacfd59efa6d345694664682f1aaac3b0b3 Mon Sep 17 00:00:00 2001
From: Francisco Javier Fernandez Gonzalez <fjfernandez@cloudbees.com>
Date: Tue, 21 Aug 2018 10:47:43 +0200
Subject: [PATCH 687/863] [JENKINS-48770] new test and using TimeUnits

---
 .../model/ParametersDefinitionProperty.java   |  7 +++---
 .../jenkins/model/ParameterizedJobMixIn.java  |  4 ++--
 .../model/ParameterizedJobMixInTest.java      | 23 +++++++++++++++++--
 3 files changed, 26 insertions(+), 8 deletions(-)

diff --git a/core/src/main/java/hudson/model/ParametersDefinitionProperty.java b/core/src/main/java/hudson/model/ParametersDefinitionProperty.java
index 1c5706f59c..8ecb52bf2f 100644
--- a/core/src/main/java/hudson/model/ParametersDefinitionProperty.java
+++ b/core/src/main/java/hudson/model/ParametersDefinitionProperty.java
@@ -34,6 +34,7 @@ import java.util.Arrays;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
+import java.util.concurrent.TimeUnit;
 import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
 import javax.servlet.ServletException;
@@ -134,8 +135,7 @@ public class ParametersDefinitionProperty extends OptionalJobProperty<Job<?, ?>>
      */
     public void _doBuild(StaplerRequest req, StaplerResponse rsp, @QueryParameter TimeDuration delay) throws IOException, ServletException {
         if (delay==null)
-            // time set in UI is in seconds. Changing it into milliseconds
-            delay=new TimeDuration(getJob().getQuietPeriod() * 1000);
+            delay=new TimeDuration(TimeUnit.MILLISECONDS.convert(getJob().getQuietPeriod(), TimeUnit.SECONDS));
 
 
         List<ParameterValue> values = new ArrayList<ParameterValue>();
@@ -185,8 +185,7 @@ public class ParametersDefinitionProperty extends OptionalJobProperty<Job<?, ?>>
         	}
         }
         if (delay==null)
-            // time set in UI is in seconds. Changing it into milliseconds
-            delay=new TimeDuration(getJob().getQuietPeriod() * 1000);
+            delay=new TimeDuration(TimeUnit.MILLISECONDS.convert(getJob().getQuietPeriod(), TimeUnit.SECONDS));
 
         Queue.Item item = Jenkins.getInstance().getQueue().schedule2(
                 getJob(), delay.getTimeInSeconds(), new ParametersAction(values), ParameterizedJobMixIn.getBuildCause(getJob(), req)).getItem();
diff --git a/core/src/main/java/jenkins/model/ParameterizedJobMixIn.java b/core/src/main/java/jenkins/model/ParameterizedJobMixIn.java
index 8150fb5ec1..e83f3526ef 100644
--- a/core/src/main/java/jenkins/model/ParameterizedJobMixIn.java
+++ b/core/src/main/java/jenkins/model/ParameterizedJobMixIn.java
@@ -54,6 +54,7 @@ import java.util.Arrays;
 import java.util.Collections;
 import java.util.List;
 import java.util.Map;
+import java.util.concurrent.TimeUnit;
 import javax.annotation.CheckForNull;
 import javax.servlet.ServletException;
 import static javax.servlet.http.HttpServletResponse.SC_CREATED;
@@ -190,8 +191,7 @@ public abstract class ParameterizedJobMixIn<JobT extends Job<JobT, RunT> & Param
     @SuppressWarnings("deprecation")
     public final void doBuild(StaplerRequest req, StaplerResponse rsp, @QueryParameter TimeDuration delay) throws IOException, ServletException {
         if (delay == null) {
-            // time set in UI is in seconds. Changing it into milliseconds
-            delay = new TimeDuration(asJob().getQuietPeriod() * 1000);
+            delay=new TimeDuration(TimeUnit.MILLISECONDS.convert(asJob().getQuietPeriod(), TimeUnit.SECONDS));
         }
 
         if (!asJob().isBuildable()) {
diff --git a/test/src/test/java/jenkins/model/ParameterizedJobMixInTest.java b/test/src/test/java/jenkins/model/ParameterizedJobMixInTest.java
index d6a9715585..c6143349a0 100644
--- a/test/src/test/java/jenkins/model/ParameterizedJobMixInTest.java
+++ b/test/src/test/java/jenkins/model/ParameterizedJobMixInTest.java
@@ -23,12 +23,12 @@
  */
 package jenkins.model;
 
-import com.gargoylesoftware.htmlunit.html.HtmlPage;
 import hudson.model.FreeStyleProject;
 import hudson.model.ParametersDefinitionProperty;
 import hudson.model.StringParameterDefinition;
-import java.io.IOException;
 import javax.servlet.http.HttpServletResponse;
+
+import org.junit.Assert;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
@@ -62,4 +62,23 @@ public class ParameterizedJobMixInTest {
         final JenkinsRule.WebClient webClient = j.createWebClient();
         webClient.assertFails(project.getUrl() + "buildWithParameters", HttpServletResponse.SC_CONFLICT);
     }
+
+    @Test
+    @Issue("JENKINS-48770")
+    public void doBuildQuietPeriodInSeconds() throws Exception {
+        final int projectQuietPeriodInSeconds = 10;
+        final int projectQuietPeriodInMillis = projectQuietPeriodInSeconds * 1000;
+        final int timeToExecuteProject = 5000; // Time to finish the execution of the job
+        final FreeStyleProject project = j.createFreeStyleProject();
+        project.setQuietPeriod(projectQuietPeriodInSeconds);
+
+        final JenkinsRule.WebClient webClient = j.createWebClient();
+        webClient.goTo(project.getUrl() + "build", "");
+
+        Assert.assertEquals(0, project.getBuilds().size());
+        Thread.sleep(projectQuietPeriodInMillis / 2);
+        Assert.assertEquals(0, project.getBuilds().size());
+        Thread.sleep(projectQuietPeriodInMillis / 2 + timeToExecuteProject);
+        Assert.assertEquals(1, project.getBuilds().size());
+    }
 }
-- 
GitLab


From 7322f0c40fa405fa8d71b583bd54bbd503e7e7ea Mon Sep 17 00:00:00 2001
From: Francisco Javier Fernandez Gonzalez <fjfernandez@cloudbees.com>
Date: Tue, 21 Aug 2018 16:47:01 +0200
Subject: [PATCH 688/863] [JENKINS-48770] speed up the test

---
 .../model/ParameterizedJobMixInTest.java      | 20 +++++++++++--------
 1 file changed, 12 insertions(+), 8 deletions(-)

diff --git a/test/src/test/java/jenkins/model/ParameterizedJobMixInTest.java b/test/src/test/java/jenkins/model/ParameterizedJobMixInTest.java
index c6143349a0..c94daee83e 100644
--- a/test/src/test/java/jenkins/model/ParameterizedJobMixInTest.java
+++ b/test/src/test/java/jenkins/model/ParameterizedJobMixInTest.java
@@ -25,6 +25,7 @@ package jenkins.model;
 
 import hudson.model.FreeStyleProject;
 import hudson.model.ParametersDefinitionProperty;
+import hudson.model.Queue;
 import hudson.model.StringParameterDefinition;
 import javax.servlet.http.HttpServletResponse;
 
@@ -66,19 +67,22 @@ public class ParameterizedJobMixInTest {
     @Test
     @Issue("JENKINS-48770")
     public void doBuildQuietPeriodInSeconds() throws Exception {
-        final int projectQuietPeriodInSeconds = 10;
-        final int projectQuietPeriodInMillis = projectQuietPeriodInSeconds * 1000;
-        final int timeToExecuteProject = 5000; // Time to finish the execution of the job
+        final int projectQuietPeriodInSeconds = 50;
+
         final FreeStyleProject project = j.createFreeStyleProject();
         project.setQuietPeriod(projectQuietPeriodInSeconds);
 
         final JenkinsRule.WebClient webClient = j.createWebClient();
         webClient.goTo(project.getUrl() + "build", "");
+        long triggerTime = System.currentTimeMillis();
+
+        Queue.Item item = Jenkins.get().getQueue().getItem(1);
+        Assert.assertTrue(item instanceof Queue.WaitingItem);
+        Assert.assertTrue(item.task instanceof FreeStyleProject);
+
+        Queue.WaitingItem waitingItem = (Queue.WaitingItem) item;
+        Assert.assertTrue((waitingItem.timestamp.getTimeInMillis() - triggerTime) > 45000);
 
-        Assert.assertEquals(0, project.getBuilds().size());
-        Thread.sleep(projectQuietPeriodInMillis / 2);
-        Assert.assertEquals(0, project.getBuilds().size());
-        Thread.sleep(projectQuietPeriodInMillis / 2 + timeToExecuteProject);
-        Assert.assertEquals(1, project.getBuilds().size());
+        Jenkins.get().getQueue().doCancelItem(1);
     }
 }
-- 
GitLab


From c40a60e937c48a4937b7462208645e799bbcb478 Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Fri, 24 Aug 2018 08:56:01 -0400
Subject: [PATCH 689/863] [JENKINS-53177] - Promote ConsoleAnnotatorAggregator
 to try to fix Anonymous complaint (#3598)

JENKINS-53177
---
 .../java/hudson/console/ConsoleAnnotator.java | 53 ++++++++++---------
 1 file changed, 27 insertions(+), 26 deletions(-)

diff --git a/core/src/main/java/hudson/console/ConsoleAnnotator.java b/core/src/main/java/hudson/console/ConsoleAnnotator.java
index c19ac974b6..475badceb6 100644
--- a/core/src/main/java/hudson/console/ConsoleAnnotator.java
+++ b/core/src/main/java/hudson/console/ConsoleAnnotator.java
@@ -91,41 +91,42 @@ public abstract class ConsoleAnnotator<T> implements Serializable {
         return (ConsoleAnnotator)a;
     }
 
-    /**
-     * Bundles all the given {@link ConsoleAnnotator} into a single annotator.
-     */
-    public static <T> ConsoleAnnotator<T> combine(Collection<? extends ConsoleAnnotator<? super T>> all) {
-        switch (all.size()) {
-        case 0:     return null;    // none
-        case 1:     return  cast(all.iterator().next()); // just one
-        }
-
-        class Aggregator extends ConsoleAnnotator<T> {
-            List<ConsoleAnnotator<T>> list;
+    private static final class ConsoleAnnotatorAggregator<T> extends ConsoleAnnotator<T> {
+        List<ConsoleAnnotator<T>> list;
 
-            Aggregator(Collection list) {
-                this.list = new ArrayList<ConsoleAnnotator<T>>(list);
-            }
+        ConsoleAnnotatorAggregator(Collection list) {
+            this.list = new ArrayList<ConsoleAnnotator<T>>(list);
+        }
 
-            public ConsoleAnnotator annotate(T context, MarkupText text) {
-                ListIterator<ConsoleAnnotator<T>> itr = list.listIterator();
-                while (itr.hasNext()) {
-                    ConsoleAnnotator a =  itr.next();
-                    ConsoleAnnotator b = a.annotate(context,text);
-                    if (a!=b) {
-                        if (b==null)    itr.remove();
-                        else            itr.set(b);
-                    }
+        public ConsoleAnnotator annotate(T context, MarkupText text) {
+            ListIterator<ConsoleAnnotator<T>> itr = list.listIterator();
+            while (itr.hasNext()) {
+                ConsoleAnnotator a =  itr.next();
+                ConsoleAnnotator b = a.annotate(context,text);
+                if (a!=b) {
+                    if (b==null)    itr.remove();
+                    else            itr.set(b);
                 }
+            }
 
-                switch (list.size()) {
+            switch (list.size()) {
                 case 0:     return null;    // no more annotator left
                 case 1:     return list.get(0); // no point in aggregating
                 default:    return this;
-                }
             }
         }
-        return new Aggregator(all);
+    }
+
+    /**
+     * Bundles all the given {@link ConsoleAnnotator} into a single annotator.
+     */
+    public static <T> ConsoleAnnotator<T> combine(Collection<? extends ConsoleAnnotator<? super T>> all) {
+        switch (all.size()) {
+        case 0:     return null;    // none
+        case 1:     return  cast(all.iterator().next()); // just one
+        }
+
+        return new ConsoleAnnotatorAggregator<T>(all);
     }
 
     /**
-- 
GitLab


From 0bd23f6ad786f5843700d39fb2326402577946b9 Mon Sep 17 00:00:00 2001
From: rocio27jul <42568975+rocio27jul@users.noreply.github.com>
Date: Fri, 24 Aug 2018 14:57:55 +0200
Subject: [PATCH 690/863] fixed encoding  (#3597)

* Fixed encoding

* Fixed encoding
---
 .../hudson/security/SecurityRealm/loginLink_es.properties     | 2 +-
 .../model/JenkinsLocationConfiguration/config_es.properties   | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/core/src/main/resources/hudson/security/SecurityRealm/loginLink_es.properties b/core/src/main/resources/hudson/security/SecurityRealm/loginLink_es.properties
index 5387de8441..be0e40f1c0 100644
--- a/core/src/main/resources/hudson/security/SecurityRealm/loginLink_es.properties
+++ b/core/src/main/resources/hudson/security/SecurityRealm/loginLink_es.properties
@@ -20,4 +20,4 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-login=Iniciar sesión
+login=Iniciar sesi\u00F3n
diff --git a/core/src/main/resources/jenkins/model/JenkinsLocationConfiguration/config_es.properties b/core/src/main/resources/jenkins/model/JenkinsLocationConfiguration/config_es.properties
index f12fe2f322..6ce8a979eb 100644
--- a/core/src/main/resources/jenkins/model/JenkinsLocationConfiguration/config_es.properties
+++ b/core/src/main/resources/jenkins/model/JenkinsLocationConfiguration/config_es.properties
@@ -20,5 +20,5 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-Jenkins\ URL=Dirección web de Jenkins
-Sender\ E-mail\ Address=Dirección de remitente
+Jenkins\ URL=Direcci\u00F3n web de Jenkins
+Sender\ E-mail\ Address=Direcci\u00F3n de remitente
-- 
GitLab


From 32ba82ac86b03803b14b46fbe02a3abd3ddea54d Mon Sep 17 00:00:00 2001
From: Jeff Thompson <37345299+jeffret-b@users.noreply.github.com>
Date: Thu, 23 Aug 2018 13:47:28 -0600
Subject: [PATCH 691/863] Merge pull request #3591 from
 fcojfernandez/JENKINS-48770

[JENKINS-48770] Quiet period is in milliseconds

(cherry picked from commit c0d9fb75465193866ea97355fb35c546795c2545)
---
 .../model/ParametersDefinitionProperty.java   |  7 +++--
 .../jenkins/model/ParameterizedJobMixIn.java  |  3 ++-
 .../model/ParameterizedJobMixInTest.java      | 27 +++++++++++++++++--
 3 files changed, 32 insertions(+), 5 deletions(-)

diff --git a/core/src/main/java/hudson/model/ParametersDefinitionProperty.java b/core/src/main/java/hudson/model/ParametersDefinitionProperty.java
index 348673043b..8ecb52bf2f 100644
--- a/core/src/main/java/hudson/model/ParametersDefinitionProperty.java
+++ b/core/src/main/java/hudson/model/ParametersDefinitionProperty.java
@@ -34,6 +34,7 @@ import java.util.Arrays;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
+import java.util.concurrent.TimeUnit;
 import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
 import javax.servlet.ServletException;
@@ -133,7 +134,8 @@ public class ParametersDefinitionProperty extends OptionalJobProperty<Job<?, ?>>
      * This method is supposed to be invoked from {@link ParameterizedJobMixIn#doBuild(StaplerRequest, StaplerResponse, TimeDuration)}.
      */
     public void _doBuild(StaplerRequest req, StaplerResponse rsp, @QueryParameter TimeDuration delay) throws IOException, ServletException {
-        if (delay==null)    delay=new TimeDuration(getJob().getQuietPeriod());
+        if (delay==null)
+            delay=new TimeDuration(TimeUnit.MILLISECONDS.convert(getJob().getQuietPeriod(), TimeUnit.SECONDS));
 
 
         List<ParameterValue> values = new ArrayList<ParameterValue>();
@@ -182,7 +184,8 @@ public class ParametersDefinitionProperty extends OptionalJobProperty<Job<?, ?>>
         		values.add(value);
         	}
         }
-        if (delay==null)    delay=new TimeDuration(getJob().getQuietPeriod());
+        if (delay==null)
+            delay=new TimeDuration(TimeUnit.MILLISECONDS.convert(getJob().getQuietPeriod(), TimeUnit.SECONDS));
 
         Queue.Item item = Jenkins.getInstance().getQueue().schedule2(
                 getJob(), delay.getTimeInSeconds(), new ParametersAction(values), ParameterizedJobMixIn.getBuildCause(getJob(), req)).getItem();
diff --git a/core/src/main/java/jenkins/model/ParameterizedJobMixIn.java b/core/src/main/java/jenkins/model/ParameterizedJobMixIn.java
index 55301e4f86..e83f3526ef 100644
--- a/core/src/main/java/jenkins/model/ParameterizedJobMixIn.java
+++ b/core/src/main/java/jenkins/model/ParameterizedJobMixIn.java
@@ -54,6 +54,7 @@ import java.util.Arrays;
 import java.util.Collections;
 import java.util.List;
 import java.util.Map;
+import java.util.concurrent.TimeUnit;
 import javax.annotation.CheckForNull;
 import javax.servlet.ServletException;
 import static javax.servlet.http.HttpServletResponse.SC_CREATED;
@@ -190,7 +191,7 @@ public abstract class ParameterizedJobMixIn<JobT extends Job<JobT, RunT> & Param
     @SuppressWarnings("deprecation")
     public final void doBuild(StaplerRequest req, StaplerResponse rsp, @QueryParameter TimeDuration delay) throws IOException, ServletException {
         if (delay == null) {
-            delay = new TimeDuration(asJob().getQuietPeriod());
+            delay=new TimeDuration(TimeUnit.MILLISECONDS.convert(asJob().getQuietPeriod(), TimeUnit.SECONDS));
         }
 
         if (!asJob().isBuildable()) {
diff --git a/test/src/test/java/jenkins/model/ParameterizedJobMixInTest.java b/test/src/test/java/jenkins/model/ParameterizedJobMixInTest.java
index d6a9715585..c94daee83e 100644
--- a/test/src/test/java/jenkins/model/ParameterizedJobMixInTest.java
+++ b/test/src/test/java/jenkins/model/ParameterizedJobMixInTest.java
@@ -23,12 +23,13 @@
  */
 package jenkins.model;
 
-import com.gargoylesoftware.htmlunit.html.HtmlPage;
 import hudson.model.FreeStyleProject;
 import hudson.model.ParametersDefinitionProperty;
+import hudson.model.Queue;
 import hudson.model.StringParameterDefinition;
-import java.io.IOException;
 import javax.servlet.http.HttpServletResponse;
+
+import org.junit.Assert;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
@@ -62,4 +63,26 @@ public class ParameterizedJobMixInTest {
         final JenkinsRule.WebClient webClient = j.createWebClient();
         webClient.assertFails(project.getUrl() + "buildWithParameters", HttpServletResponse.SC_CONFLICT);
     }
+
+    @Test
+    @Issue("JENKINS-48770")
+    public void doBuildQuietPeriodInSeconds() throws Exception {
+        final int projectQuietPeriodInSeconds = 50;
+
+        final FreeStyleProject project = j.createFreeStyleProject();
+        project.setQuietPeriod(projectQuietPeriodInSeconds);
+
+        final JenkinsRule.WebClient webClient = j.createWebClient();
+        webClient.goTo(project.getUrl() + "build", "");
+        long triggerTime = System.currentTimeMillis();
+
+        Queue.Item item = Jenkins.get().getQueue().getItem(1);
+        Assert.assertTrue(item instanceof Queue.WaitingItem);
+        Assert.assertTrue(item.task instanceof FreeStyleProject);
+
+        Queue.WaitingItem waitingItem = (Queue.WaitingItem) item;
+        Assert.assertTrue((waitingItem.timestamp.getTimeInMillis() - triggerTime) > 45000);
+
+        Jenkins.get().getQueue().doCancelItem(1);
+    }
 }
-- 
GitLab


From 9bc2b685c7e305c74c37c88ba7e5404068f17a97 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 26 Aug 2018 07:34:28 -0700
Subject: [PATCH 692/863] [maven-release-plugin] prepare release jenkins-2.140

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d54dac5918..f93d43aa5d 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.140</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 763fa20fe2..0a6cc70f1c 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.140</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 86c1ce5935..4a3a0e9c31 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.140</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.140</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..ea08cf2c72 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.140</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 5c3b3557ca..b657af2c08 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.140</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 1832b402f0a7fa36e64e49c786c817027cf02de1 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 26 Aug 2018 07:34:35 -0700
Subject: [PATCH 693/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 6 +++---
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index f93d43aa5d..d54dac5918 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.140</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 0a6cc70f1c..763fa20fe2 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.140</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 4a3a0e9c31..9df9713e0b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.140</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.140</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.140</revision>
+    <revision>2.141</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index ea08cf2c72..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.140</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index b657af2c08..5c3b3557ca 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.140</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 66ec7029c66cc11b6513a6699880ae6cf0aa58ad Mon Sep 17 00:00:00 2001
From: olivier lamy <olamy@apache.org>
Date: Mon, 27 Aug 2018 15:11:41 +1000
Subject: [PATCH 694/863] use winstone 4.5 (currently timestamped snapshot)
 [JENKINS-53239] [JENKINS-33412] [JENKINS-52804] [JENKINS-51136]

Signed-off-by: olivier lamy <olamy@apache.org>
---
 war/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/war/pom.xml b/war/pom.xml
index 5c3b3557ca..03fc054616 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -89,7 +89,7 @@ THE SOFTWARE.
       -->
       <groupId>org.jenkins-ci</groupId>
       <artifactId>winstone</artifactId>
-      <version>4.4</version>
+      <version>4.5-20180827.050220-1</version>
       <scope>test</scope>
     </dependency>
     <dependency>
-- 
GitLab


From a8390042b1002c5bacf70c2a427c175835a8fead Mon Sep 17 00:00:00 2001
From: olivier lamy <olamy@apache.org>
Date: Wed, 29 Aug 2018 14:23:35 +1000
Subject: [PATCH 695/863] use 5.0 version timestamped snapshot

Signed-off-by: olivier lamy <olamy@apache.org>
---
 war/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/war/pom.xml b/war/pom.xml
index 03fc054616..c269deebda 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -89,7 +89,7 @@ THE SOFTWARE.
       -->
       <groupId>org.jenkins-ci</groupId>
       <artifactId>winstone</artifactId>
-      <version>4.5-20180827.050220-1</version>
+      <version>5.0-20180829.042035-1</version>
       <scope>test</scope>
     </dependency>
     <dependency>
-- 
GitLab


From 3d1bbb807af9fd3cad46d0ab0feaa7b155b11c37 Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <bmathus@gmail.com>
Date: Wed, 29 Aug 2018 22:22:30 +0200
Subject: [PATCH 696/863] [JENKINS-53282] "Restarting VM as requested" should
 be just an INFO message (#3603)

* [JENKINS-53282] "Restarting VM as requested" should be just an INFO message

Previously logged as severe was I think incorrect, as it was simply
reacting on "standard" user interaction.
`INFO` ought to be enough because anyway, that's the default logged level,
hence will still be seen by admins if needed.

Side note: there's clearly duplications of code here.
I might address it later, but do not want to right now transform a 5 min
task into a much riskier one.

* Also lower log severity when shutting down after user request
---
 core/src/main/java/jenkins/model/Jenkins.java | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index 16b41e8cc4..f1ba7be1dd 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -4196,7 +4196,7 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
 
                     // give some time for the browser to load the "reloading" page
                     Thread.sleep(5000);
-                    LOGGER.severe(String.format("Restarting VM as requested by %s",exitUser));
+                    LOGGER.info(String.format("Restarting VM as requested by %s",exitUser));
                     for (RestartListener listener : RestartListener.all())
                         listener.onRestart();
                     lifecycle.restart();
@@ -4233,7 +4233,7 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
                         // give some time for the browser to load the "reloading" page
                         LOGGER.info("Restart in 10 seconds");
                         Thread.sleep(10000);
-                        LOGGER.severe(String.format("Restarting VM as requested by %s",exitUser));
+                        LOGGER.info(String.format("Restarting VM as requested by %s",exitUser));
                         for (RestartListener listener : RestartListener.all())
                             listener.onRestart();
                         lifecycle.restart();
@@ -4280,7 +4280,7 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
     @RequirePOST
     public void doExit( StaplerRequest req, StaplerResponse rsp ) throws IOException {
         checkPermission(ADMINISTER);
-        LOGGER.severe(String.format("Shutting down VM as requested by %s from %s",
+        LOGGER.info(String.format("Shutting down VM as requested by %s from %s",
                 getAuthentication().getName(), req!=null?req.getRemoteAddr():"???"));
         if (rsp!=null) {
             rsp.setStatus(HttpServletResponse.SC_OK);
@@ -4311,7 +4311,7 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
             public void run() {
                 try {
                     ACL.impersonate(ACL.SYSTEM);
-                    LOGGER.severe(String.format("Shutting down VM as requested by %s from %s",
+                    LOGGER.info(String.format("Shutting down VM as requested by %s from %s",
                                                 exitUser, exitAddr));
                     // Wait 'til we have no active executors.
                     doQuietDown(true, 0);
-- 
GitLab


From b6124e2ac3bb164ff12f0e3b1fe5fa7577bd46fc Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Wed, 29 Aug 2018 23:14:53 +0200
Subject: [PATCH 697/863] [JENKINS-53239,JENKINS-52358] - Update to the
 released Winstone 5.0 version

---
 war/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/war/pom.xml b/war/pom.xml
index c269deebda..a2a1e2502a 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -89,7 +89,7 @@ THE SOFTWARE.
       -->
       <groupId>org.jenkins-ci</groupId>
       <artifactId>winstone</artifactId>
-      <version>5.0-20180829.042035-1</version>
+      <version>5.0</version>
       <scope>test</scope>
     </dependency>
     <dependency>
-- 
GitLab


From 2db804ec5d8217a1a4c1adea2d492b37de37484d Mon Sep 17 00:00:00 2001
From: Jeff Thompson <jeffret.g@gmail.com>
Date: Fri, 31 Aug 2018 12:10:35 -0600
Subject: [PATCH 698/863] [JENKINS-52945,JENKINS-42533] Update Remoting to 3.26
 to remove some unhelpful warnings..

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 9df9713e0b..896de61112 100644
--- a/pom.xml
+++ b/pom.xml
@@ -106,7 +106,7 @@ THE SOFTWARE.
     <maven-war-plugin.version>3.0.0</maven-war-plugin.version> <!-- JENKINS-47127 bump when 3.2.0 is out. Cf. MWAR-407 -->
 
     <!-- Bundled Remoting version -->
-    <remoting.version>3.25</remoting.version>
+    <remoting.version>3.26</remoting.version>
     <!-- Minimum Remoting version, which is tested for API compatibility -->
     <remoting.minimum.supported.version>3.4</remoting.minimum.supported.version>
 
-- 
GitLab


From c18ffbcee5acccc8293192ea11ffe94933d1e47b Mon Sep 17 00:00:00 2001
From: Samuel Langlois <samuel.langlois@orange.fr>
Date: Sun, 2 Sep 2018 12:39:32 +0100
Subject: [PATCH 699/863] Fix typo in French translation
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

systËme -> système
---
 .../model/JenkinsLocationConfiguration/config_fr.properties     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/jenkins/model/JenkinsLocationConfiguration/config_fr.properties b/core/src/main/resources/jenkins/model/JenkinsLocationConfiguration/config_fr.properties
index 2e497ebf26..ca39df4043 100644
--- a/core/src/main/resources/jenkins/model/JenkinsLocationConfiguration/config_fr.properties
+++ b/core/src/main/resources/jenkins/model/JenkinsLocationConfiguration/config_fr.properties
@@ -20,5 +20,5 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-System\ Admin\ e-mail\ address=Adresse email de l''administrateur syst\u00cbme
+System\ Admin\ e-mail\ address=Adresse email de l''administrateur syst\u00E8me
 Jenkins\ URL=URL de Jenkins
-- 
GitLab


From 63a3db546ebf2d6402a6b416adbc30ec1d0388ef Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 2 Sep 2018 12:46:20 -0700
Subject: [PATCH 700/863] [maven-release-plugin] prepare release jenkins-2.141

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d54dac5918..ba2a39246d 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.141</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 75a46edb31..a886d8d7db 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.141</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 896de61112..17abf37fd7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.141</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.141</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..9a92f94f05 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.141</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index a2a1e2502a..99acf9cab5 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.141</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 2652a1b1eb90b5859686f505a0c6459af2dc2299 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 2 Sep 2018 12:46:33 -0700
Subject: [PATCH 701/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 6 +++---
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index ba2a39246d..d54dac5918 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.141</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index a886d8d7db..75a46edb31 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.141</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 17abf37fd7..a9925a0a1f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.141</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.141</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.141</revision>
+    <revision>2.142</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 9a92f94f05..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.141</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 99acf9cab5..a2a1e2502a 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.141</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From e38a97d4aa403628fac12fdc439c3a1901073650 Mon Sep 17 00:00:00 2001
From: Vincent Latombe <vincent@latombe.net>
Date: Tue, 4 Sep 2018 10:29:53 +0200
Subject: [PATCH 702/863] [JENKINS-53401] Tie nodeProperties to the current
 node for save purpose

---
 core/src/main/java/hudson/model/Slave.java | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/hudson/model/Slave.java b/core/src/main/java/hudson/model/Slave.java
index c3a497f9a1..59fa3eb20d 100644
--- a/core/src/main/java/hudson/model/Slave.java
+++ b/core/src/main/java/hudson/model/Slave.java
@@ -146,8 +146,8 @@ public abstract class Slave extends Node implements Serializable {
      */
     private String label="";
 
-    private /*almost final*/ DescribableList<NodeProperty<?>,NodePropertyDescriptor> nodeProperties = 
-                                    new DescribableList<NodeProperty<?>,NodePropertyDescriptor>(Jenkins.getInstance().getNodesObject());
+    private /*almost final*/ DescribableList<NodeProperty<?>,NodePropertyDescriptor> nodeProperties =
+            new DescribableList<>(this);
 
     /**
      * Lazily computed set of labels from {@link #label}.
@@ -559,7 +559,7 @@ public abstract class Slave extends Node implements Serializable {
      */
     protected Object readResolve() {
         if(nodeProperties==null)
-            nodeProperties = new DescribableList<NodeProperty<?>,NodePropertyDescriptor>(Jenkins.getInstance().getNodesObject());
+            nodeProperties = new DescribableList<>(this);
         return this;
     }
 
-- 
GitLab


From b7b8d4bf3fbe3356c094de54f306b25b15661da3 Mon Sep 17 00:00:00 2001
From: Vincent Latombe <vincent@latombe.net>
Date: Tue, 4 Sep 2018 18:14:39 +0200
Subject: [PATCH 703/863] Add a test failing without the patch

---
 .../java/hudson/slaves/NodeParallelTest.java  | 64 +++++++++++++++++++
 1 file changed, 64 insertions(+)
 create mode 100644 test/src/test/java/hudson/slaves/NodeParallelTest.java

diff --git a/test/src/test/java/hudson/slaves/NodeParallelTest.java b/test/src/test/java/hudson/slaves/NodeParallelTest.java
new file mode 100644
index 0000000000..327cd0748b
--- /dev/null
+++ b/test/src/test/java/hudson/slaves/NodeParallelTest.java
@@ -0,0 +1,64 @@
+package hudson.slaves;
+
+import static org.junit.Assert.fail;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Set;
+import java.util.concurrent.Callable;
+import java.util.concurrent.ExecutionException;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.Executors;
+import java.util.concurrent.Future;
+import java.util.concurrent.atomic.AtomicInteger;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+
+public class NodeParallelTest {
+
+    @Rule
+    public JenkinsRule r = new JenkinsRule();
+
+    private static final Logger LOGGER = Logger.getLogger(NodeParallelTest.class.getName());
+
+    private final AtomicInteger count = new AtomicInteger();
+
+    @Test
+    @Issue("JENKINS-53401")
+    public void createNodesWithParallelThreads() throws InterruptedException, ExecutionException {
+        int n = 50;
+        List<Callable<Void>> tasks = Collections.nCopies(n, () -> {
+            try {
+                int i = count.incrementAndGet();
+                LOGGER.log(Level.INFO, "Creating slave " + i);
+                // JenkinsRule sync on Jenkins singleton, so this doesn't work
+                // r.createSlave();
+                DumbSlave agent = new DumbSlave("agent-"+i, "/tmp", new JNLPLauncher(true));
+                r.jenkins.addNode(agent);
+                agent.setNodeProperties(Collections.singletonList(new EnvironmentVariablesNodeProperty(new EnvironmentVariablesNodeProperty.Entry("foo", "" + i))));
+                return null;
+            } catch (Exception e1) {
+                throw new RuntimeException(e1);
+            }
+        });
+        ExecutorService executorService = Executors.newFixedThreadPool(n);
+        List<Future<Void>> futures = executorService.invokeAll(tasks);
+        List<Void> resultList = new ArrayList<>(futures.size());
+        // Check for exceptions
+        try {
+            for (Future<Void> future : futures) {
+                // Throws an exception if an exception was thrown by the task.
+                resultList.add(future.get());
+            }
+        } catch (RuntimeException e) {
+            e.printStackTrace();
+            fail(e.getMessage());
+        }
+    }
+}
-- 
GitLab


From cd2c35c041435e0ced250d2b3d14060d9c8744f1 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Fri, 7 Sep 2018 14:29:21 -0400
Subject: [PATCH 704/863] Simplified Run.writeLogTo by reverting
 0dcf5ef64710d9c1631e8a75de3e749444104a00.

---
 core/src/main/java/hudson/model/Run.java | 11 +----------
 1 file changed, 1 insertion(+), 10 deletions(-)

diff --git a/core/src/main/java/hudson/model/Run.java b/core/src/main/java/hudson/model/Run.java
index e8c7965f30..ffceeebfb7 100644
--- a/core/src/main/java/hudson/model/Run.java
+++ b/core/src/main/java/hudson/model/Run.java
@@ -1476,16 +1476,7 @@ public abstract class Run <JobT extends Job<JobT,RunT>,RunT extends Run<JobT,Run
      * @since 1.349
      */
     public void writeLogTo(long offset, @Nonnull XMLOutput out) throws IOException {
-        try {
-			getLogText().writeHtmlTo(offset,out.asWriter());
-		} catch (IOException e) {
-			// try to fall back to the old getLogInputStream()
-			// mainly to support .gz compressed files
-			// In this case, console annotation handling will be turned off.
-			try (InputStream input = getLogInputStream()) {
-				IOUtils.copy(input, out.asWriter());
-			}
-		}
+        getLogText().writeHtmlTo(offset, out.asWriter());
     }
 
     /**
-- 
GitLab


From 4a1667146d096c650a707a52b7411fcbe0fe0e28 Mon Sep 17 00:00:00 2001
From: Sam Griff <slgriff@slgriff.com>
Date: Sat, 8 Sep 2018 10:01:43 -0400
Subject: [PATCH 705/863] [FIXED JENKINS-50795] Add null safety checks to
 FixedSet

---
 core/src/main/java/hudson/search/FixedSet.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/search/FixedSet.java b/core/src/main/java/hudson/search/FixedSet.java
index f9ab1ade29..eca3101843 100644
--- a/core/src/main/java/hudson/search/FixedSet.java
+++ b/core/src/main/java/hudson/search/FixedSet.java
@@ -50,7 +50,7 @@ public class FixedSet implements SearchIndex {
         boolean caseInsensitive = UserSearchProperty.isCaseInsensitive();
         for (SearchItem i : items) {
             String name = i.getSearchName();
-            if (name.equals(token) || (caseInsensitive && name.equalsIgnoreCase(token))) {
+            if (name != null && (name.equals(token) || (caseInsensitive && name.equalsIgnoreCase(token)))) {
                 result.add(i);
             }
         }
@@ -60,7 +60,7 @@ public class FixedSet implements SearchIndex {
         boolean caseInsensitive = UserSearchProperty.isCaseInsensitive();
         for (SearchItem i : items) {
             String name = i.getSearchName();
-            if (name.contains(token) || (caseInsensitive && StringUtils.containsIgnoreCase(name, token))) {
+            if (name != null && (name.contains(token) || (caseInsensitive && StringUtils.containsIgnoreCase(name, token)))) {
                 result.add(i);
             }
         }
-- 
GitLab


From dbfc36566ccd6fb34651a910f3e8fbdfe07d9ba0 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Wed, 12 Sep 2018 15:26:56 -0700
Subject: [PATCH 706/863] [maven-release-plugin] prepare release
 jenkins-2.138.1

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d54dac5918..a4615fb87d 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.138.1</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 827d6e3c5e..a2f988cc26 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.138.1</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 4145f21283..648e1633ab 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.138.1</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.138.1</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..e4b34d8973 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.138.1</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 5c3b3557ca..1437809ab9 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.138.1</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From ecbac2dbdf7331b34448cf9e02e9676aff8107e7 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Wed, 12 Sep 2018 15:27:02 -0700
Subject: [PATCH 707/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 6 +++---
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index a4615fb87d..d54dac5918 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.138.1</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index a2f988cc26..827d6e3c5e 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.138.1</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 648e1633ab..a7f887c22c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.138.1</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.138.1</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.138.1</revision>
+    <revision>2.138.2</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index e4b34d8973..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.138.1</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 1437809ab9..5c3b3557ca 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.138.1</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 3f49c17fa02c17f1868494d834b0a7d9f1542d6a Mon Sep 17 00:00:00 2001
From: runzexia <root@junwuhui.cn>
Date: Thu, 13 Sep 2018 11:31:29 +0800
Subject: [PATCH 708/863] update workspace permission zh describe

---
 core/src/main/resources/hudson/model/Messages_zh_CN.properties | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/hudson/model/Messages_zh_CN.properties b/core/src/main/resources/hudson/model/Messages_zh_CN.properties
index 943fe0ce7d..a1e7da7586 100644
--- a/core/src/main/resources/hudson/model/Messages_zh_CN.properties
+++ b/core/src/main/resources/hudson/model/Messages_zh_CN.properties
@@ -57,7 +57,7 @@ AbstractProject.WorkspaceOffline=\u5de5\u4f5c\u7a7a\u95f4\u79bb\u7ebf\u3002
 AbstractProject.BuildPermission.Description=\
   \u8be5\u6743\u9650\u5141\u8bb8\u542f\u52a8\u4e00\u4e2a\u65b0\u7684\u6784\u5efa\u4efb\u52a1\u3002
 AbstractProject.WorkspacePermission.Description=\
-  \u8be5\u6743\u9650\u5141\u8bb8\u83b7\u53d6Jenkins\u6267\u884c\u6784\u5efa\u4efb\u52a1\u65f6\u68c0\u51fa\u7684\u5de5\u4f5c\u7a7a\u95f4\u5185\u5bb9\u3002\u5982\u679c\u4f60\u4e0d\u5e0c\u671b\u7528\u6237\u8bbf\u95ee\u5de5\u4f5c\u7a7a\u95f4\u4e2d\u7684\u6587\u4ef6\uff08\u4f8b\u5982\uff1aSCM\u68c0\u51fa\u7684\u6e90\u7801\u6216\u8005\u6784\u5efa\u7684\u4e2d\u95f4\u4ea7\u7269\uff09\uff0c\u4f60\u53ef\u4ee5\u53d6\u6d88\u8be5\u6743\u9650\u3002
+  \u8be5\u6743\u9650\u5141\u8bb8\u83b7\u53d6 Jenkins \u6267\u884c\u6784\u5efa\u4efb\u52a1\u65f6\u68c0\u51fa\u7684\u5de5\u4f5c\u7a7a\u95f4\u5185\u5bb9\u3002\u5982\u679c\u4f60\u4e0d\u5e0c\u671b\u7528\u6237\u901a\u8fc7\u5de5\u4f5c\u7a7a\u95f4\u6d4f\u89c8\u5668\u8bbf\u95ee\u5de5\u4f5c\u7a7a\u95f4\u4e2d\u7684\u6587\u4ef6\uff08\u4f8b\u5982\uff1a SCM \u68c0\u51fa\u7684\u6e90\u7801\u6216\u8005\u6784\u5efa\u7684\u4e2d\u95f4\u4ea7\u7269\uff09\uff0c\u4f60\u53ef\u4ee5\u53d6\u6d88\u8be5\u6743\u9650\u3002\u000d\u000a
 AbstractProject.ExtendedReadPermission.Description=\
   \u8be5\u6743\u9650\u6388\u4e88\u9879\u76ee\u914d\u7f6e\u7684\u53ea\u8bfb\u8bbf\u95ee\u3002\u8bf7\u6ce8\u610f\uff0c\u4f60\u6784\u5efa\u8fc7\u7a0b\u4e2d\u7684\u654f\u611f\u4fe1\u606f\uff0c\u4f8b\u5982\u5bc6\u7801\uff0c\u5c31\u4f1a\u88ab\u66b4\u9732\u3002
 AbstractProject.DiscoverPermission.Description=\
-- 
GitLab


From 919a3ad54d95f50219598690084439c0d9df67a2 Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <batmat@batmat.net>
Date: Thu, 13 Sep 2018 10:50:59 +0200
Subject: [PATCH 709/863] Remove wrong notice since these options are not
 available anymore

Since https://issues.jenkins-ci.org/browse/JENKINS-50164, hence since
Jenkins 2.119 (merged as https://github.com/jenkinsci/jenkins/commit/a363f2e33cfd7c35a812dca12566e537b3650750).
---
 war/src/main/webapp/help/system-config/homeDirectory.html  | 7 ++-----
 .../main/webapp/help/system-config/homeDirectory_it.html   | 2 --
 2 files changed, 2 insertions(+), 7 deletions(-)

diff --git a/war/src/main/webapp/help/system-config/homeDirectory.html b/war/src/main/webapp/help/system-config/homeDirectory.html
index 9a6a4e6971..c2a161b220 100644
--- a/war/src/main/webapp/help/system-config/homeDirectory.html
+++ b/war/src/main/webapp/help/system-config/homeDirectory.html
@@ -1,9 +1,6 @@
 <div>
-  By default, Jenkins stores all of its data in this directory on the file
-  system.
-  <br>
-  Under the <i>Advanced</i> section, you can choose to store build workspaces
-  and build records elsewhere.
+  <p>By default, Jenkins stores all of its data in this directory on the file
+    system.</p>
   <p>
   There are a few ways to change the Jenkins home directory:
   <ul>
diff --git a/war/src/main/webapp/help/system-config/homeDirectory_it.html b/war/src/main/webapp/help/system-config/homeDirectory_it.html
index 1f88cf7989..845a87d1f1 100644
--- a/war/src/main/webapp/help/system-config/homeDirectory_it.html
+++ b/war/src/main/webapp/help/system-config/homeDirectory_it.html
@@ -2,8 +2,6 @@
   Per impostazione predefinita, Jenkins salva tutti i propri dati in questa
   directory sul filesystem.
   <br>
-  Nella sezione <i>Avanzate</i> è possibile scegliere di salvare gli spazi di
-  lavoro e i registri delle compilazioni in un'altra posizione.
   <p>
   Ci sono modi differenti di modificare la directory home di Jenkins:
   <ul>
-- 
GitLab


From e7de9a48f44a6906b519e812ef6b4dd3e99d0176 Mon Sep 17 00:00:00 2001
From: Tim Lander <tim57282@hotmail.com>
Date: Thu, 13 Sep 2018 16:58:40 +0800
Subject: [PATCH 710/863] Better fix for "Stop premature scroll bar on long
 build labels" (#3576) (#3601)

* Update hudson-behavior.js

* Remove previous workaround for scroll bars on build labels
---
 war/src/main/webapp/css/style.css              | 1 -
 war/src/main/webapp/scripts/hudson-behavior.js | 1 -
 2 files changed, 2 deletions(-)

diff --git a/war/src/main/webapp/css/style.css b/war/src/main/webapp/css/style.css
index 0894046821..d698e65359 100644
--- a/war/src/main/webapp/css/style.css
+++ b/war/src/main/webapp/css/style.css
@@ -1067,7 +1067,6 @@ table.parameters > tbody:hover {
 }
 
 .build-row.multi-line .build-row-cell .pane.build-name.block {
-  padding-right: 20px;
   width: 100%;
 }
 .build-row-cell .pane.build-controls.block {
diff --git a/war/src/main/webapp/scripts/hudson-behavior.js b/war/src/main/webapp/scripts/hudson-behavior.js
index 22e3706fc3..5b98df43e7 100644
--- a/war/src/main/webapp/scripts/hudson-behavior.js
+++ b/war/src/main/webapp/scripts/hudson-behavior.js
@@ -1845,7 +1845,6 @@ function updateBuildHistory(ajaxUrl,nBuild) {
                     var wrap = blockWrap(buildDetails, buildControls);
                     indentMultiline(wrap);
                     Element.addClassName(wrap, "build-details-controls");
-                    $(displayName).setStyle({width: '100%'});
                     detailsOverflowParams = getElementOverflowParams(buildDetails); // recalculate
                     expandLeftWithRight(detailsOverflowParams, controlsOverflowParams);
                     setBuildControlWidths();
-- 
GitLab


From 0a12ba85a98111d456fc640374f904f753d293ea Mon Sep 17 00:00:00 2001
From: James Nord <jnord+github@cloudbees.com>
Date: Thu, 13 Sep 2018 16:22:05 +0100
Subject: [PATCH 711/863] [FIXED JENKINS-53561] HashedToken is not Serializable

---
 .../java/jenkins/security/apitoken/ApiTokenStore.java | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
index 29d99120ec..f2c8d7f37e 100644
--- a/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
@@ -36,6 +36,7 @@ import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
 import javax.annotation.concurrent.Immutable;
+import java.io.Serializable;
 import java.nio.charset.StandardCharsets;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
@@ -298,7 +299,10 @@ public class ApiTokenStore {
     }
     
     @Immutable
-    private static class HashValue {
+    private static class HashValue implements Serializable {
+
+        private static final long serialVersionUID = 1L;
+
         /**
          * Allow to distinguish tokens from different versions easily to adapt the logic
          */
@@ -337,7 +341,10 @@ public class ApiTokenStore {
         }
     }
     
-    public static class HashedToken {
+    public static class HashedToken implements Serializable {
+
+        private static final long serialVersionUID = 1L;
+
         // allow us to rename the token and link the statistics
         private String uuid;
         private String name;
-- 
GitLab


From d9b26c309e8f308c728d210abc1f7d5b2a2101a7 Mon Sep 17 00:00:00 2001
From: Milan Kyselica <mil.kyselica@gmail.com>
Date: Fri, 14 Sep 2018 11:10:24 +0200
Subject: [PATCH 712/863] Added more Slovak translations

---
 .../resources/jenkins/management/Messages_sk.properties     | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/core/src/main/resources/jenkins/management/Messages_sk.properties b/core/src/main/resources/jenkins/management/Messages_sk.properties
index 5c5bf41872..25ebb340a3 100644
--- a/core/src/main/resources/jenkins/management/Messages_sk.properties
+++ b/core/src/main/resources/jenkins/management/Messages_sk.properties
@@ -26,9 +26,15 @@ PluginsLink.Description=Prida\u0165, odstr\u00E1ni\u0165, zak\u00E1za\u0165 aleb
 ConfigureLink.DisplayName=Konfigurova\u0165 syst\u00E9m
 ConfigureLink.Description=Konfigurova\u0165 glob\u00E1lne nastavenia a cesty
 StatisticsLink.DisplayName=Na\u010D\u00EDta\u0165 \u0161tatistiky
+StatisticsLink.Description=Skontrolujte vyu\u017Eitie syst\u00E9mov\u00FDch zdrojov a zistite, \u010Di nepotrebujete pre va\u0161e buildy \u010Fal\u0161\u00ED hardware.
 PluginsLink.DisplayName=Spravova\u0165 doplnky
 ShutdownLink.DisplayName_prepare=Pripravi\u0165 na vypnutie (Shutdown)
 ReloadLink.DisplayName=Na\u010D\u00EDta\u0165 konfigur\u00E1ciu z disku
 ConsoleLink.DisplayName=Skriptovacia konzola
 ShutdownLink.Description=Ukon\u010D\u00ED sp\u00FA\u0161\u0165anie nov\u00FDch zostaven\u00ED, tak\u017Ee syst\u00E9m sa m\u00F4\u017Ee bezpe\u010Dne vypn\u00FA\u0165.
 SystemInfoLink.DisplayName=Syst\u00E9mov\u00E9 inform\u00E1cie
+SystemInfoLink.Description=Zobrazuje r\u00F4zne inform\u00E1cie o prostred\u00ED k jednoduch\u0161iemu h\u013Eadaniu ch\u00FDb.
+ReloadLink.Description=Zahodi\u0165 v\u0161etky nahran\u00E9 d\u00E1ta v pam\u00E4ti a znovu nahra\u0165 v\u0161etko z disku.\n\
+                       Hod\u00ED sa pokia\u013E ste zmenili konfigura\u010Dn\u00E9 s\u00FAbory priamo na disku.
+CliLink.Description=Pr\u00EDstup/nastavenie Jenkins z pr\u00EDkazov\u00E9ho riadku alebo pomocou skriptu.
+SystemLogLink.Description=Syst\u00E9mov\u00FD log uklad\u00E1 v\u00FDstup <tt>java.util.logging</tt>, ktor\u00FD sa t\u00FDka Jenkins.
-- 
GitLab


From ca6d47c5c23a2b6e2c9721bbdf7f663a6006ca8b Mon Sep 17 00:00:00 2001
From: Kanstantsin Shautsou <kanstantsin.sha@gmail.com>
Date: Sat, 15 Sep 2018 15:32:22 +0300
Subject: [PATCH 713/863] [JENKINS-53593] Fix class loader error specific to
 OS.

---
 .../main/java/hudson/util/ProcessTree.java    | 23 +++++++++++++------
 1 file changed, 16 insertions(+), 7 deletions(-)

diff --git a/core/src/main/java/hudson/util/ProcessTree.java b/core/src/main/java/hudson/util/ProcessTree.java
index 843653f72d..6b2eec2f6b 100644
--- a/core/src/main/java/hudson/util/ProcessTree.java
+++ b/core/src/main/java/hudson/util/ProcessTree.java
@@ -43,7 +43,16 @@ import jenkins.security.SlaveToMasterCallable;
 import org.jvnet.winp.WinProcess;
 import org.jvnet.winp.WinpException;
 
-import java.io.*;
+import java.io.BufferedReader;
+import java.io.ByteArrayOutputStream;
+import java.io.DataInputStream;
+import java.io.File;
+import java.io.FileFilter;
+import java.io.FileReader;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.RandomAccessFile;
+import java.io.Serializable;
 import java.lang.reflect.Field;
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
@@ -64,7 +73,6 @@ import javax.annotation.CheckForNull;
 import static com.sun.jna.Pointer.NULL;
 import jenkins.util.SystemProperties;
 import static hudson.util.jna.GNUCLibrary.LIBC;
-import static java.util.logging.Level.FINE;
 import static java.util.logging.Level.FINER;
 import static java.util.logging.Level.FINEST;
 import javax.annotation.Nonnull;
@@ -175,8 +183,8 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
                     // let's do with what we have.
                     killers = Collections.emptyList();
                 }
-            } catch (IOException e) {
-                LOGGER.log(Level.WARNING, "Failed to obtain killers",e);
+            } catch (IOException | Error e) {
+                LOGGER.log(Level.WARNING, "Failed to obtain killers", e);
                 killers = Collections.emptyList();
             }
         return killers;
@@ -232,10 +240,11 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
         void killByKiller() throws InterruptedException {
             for (ProcessKiller killer : getKillers())
                 try {
-                    if (killer.kill(this))
+                    if (killer.kill(this)) {
                         break;
-                } catch (IOException e) {
-                    LOGGER.log(Level.WARNING, "Failed to kill pid="+getPid(),e);
+                    }
+                } catch (IOException | Error e) {
+                    LOGGER.log(Level.WARNING, "Failed to kill pid=" + getPid(), e);
                 }
         }
 
-- 
GitLab


From 83c6b52bd2928279cd26f863395d08d6b1aa49d7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ra=C3=BAl=20Arabaolaza=20Barquin?=
 <raul.arabaolaza@gmail.com>
Date: Sat, 15 Sep 2018 16:41:56 +0200
Subject: [PATCH 714/863] Try to use a known working ath docker image

I have found several builds failing due to selenium errors since yesterday, including the ATH itself and several internal builds.
I suspect something has happened with the docker image, maybe the firefox ECR version has change in the local repo or something similar

If I am right this version of the docker image should still work
---
 essentials.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/essentials.yml b/essentials.yml
index c1d2a77dcc..56b3c264dc 100644
--- a/essentials.yml
+++ b/essentials.yml
@@ -2,5 +2,6 @@
 ath:
   useLocalSnapshots: false
   athRevision: "06caf67d37d945ec5228a80d73714fac692c28d3"
+  athImage: "jenkins/ath:acceptance-test-harness-1.62"
   categories:
     - org.jenkinsci.test.acceptance.junit.SmokeTest
-- 
GitLab


From 1afebb1bab8d0b0f36d68b5012738f3a07c2b714 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ra=C3=BAl=20Arabaolaza=20Barquin?=
 <raul.arabaolaza@gmail.com>
Date: Sat, 15 Sep 2018 17:42:15 +0200
Subject: [PATCH 715/863] Temporarily disable findbugs for readResolve methods

---
 .../main/java/jenkins/security/apitoken/ApiTokenStore.java    | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
index f2c8d7f37e..d2634b2b52 100644
--- a/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
@@ -75,6 +75,8 @@ public class ApiTokenStore {
         this.init();
     }
     
+    //TODO Properly investigate this
+    @SuppressFBWarnings("SE_READ_RESOLVE_MUST_RETURN_OBJECT")
     private ApiTokenStore readResolve() {
         this.init();
         return this;
@@ -356,6 +358,8 @@ public class ApiTokenStore {
             this.init();
         }
     
+        //TODO Properly investigate this
+        @SuppressFBWarnings("SE_READ_RESOLVE_MUST_RETURN_OBJECT")
         private HashedToken readResolve() {
             this.init();
             return this;
-- 
GitLab


From 64c1fb876352495fcaec85702f270b9876537b82 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sat, 15 Sep 2018 16:24:21 -0700
Subject: [PATCH 716/863] Use "Object readResolve()" in API token properties

---
 .../java/jenkins/security/apitoken/ApiTokenStore.java     | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
index d2634b2b52..4e4f4ca0ca 100644
--- a/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java
@@ -75,9 +75,7 @@ public class ApiTokenStore {
         this.init();
     }
     
-    //TODO Properly investigate this
-    @SuppressFBWarnings("SE_READ_RESOLVE_MUST_RETURN_OBJECT")
-    private ApiTokenStore readResolve() {
+    private Object readResolve() {
         this.init();
         return this;
     }
@@ -358,9 +356,7 @@ public class ApiTokenStore {
             this.init();
         }
     
-        //TODO Properly investigate this
-        @SuppressFBWarnings("SE_READ_RESOLVE_MUST_RETURN_OBJECT")
-        private HashedToken readResolve() {
+        private Object readResolve() {
             this.init();
             return this;
         }
-- 
GitLab


From 9e90b59894eeac2a0d03485fab3c9bafe1c46f9c Mon Sep 17 00:00:00 2001
From: James Nord <jnord+github@cloudbees.com>
Date: Mon, 17 Sep 2018 10:12:51 +0100
Subject: [PATCH 717/863] [Fixed JENKINS-53608] Incorect method signatures of
 readResolve()

---
 core/src/main/java/hudson/triggers/SCMTrigger.java            | 3 ++-
 .../main/java/jenkins/security/apitoken/ApiTokenStats.java    | 4 ++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/hudson/triggers/SCMTrigger.java b/core/src/main/java/hudson/triggers/SCMTrigger.java
index 83a6383d82..c5bb275863 100644
--- a/core/src/main/java/hudson/triggers/SCMTrigger.java
+++ b/core/src/main/java/hudson/triggers/SCMTrigger.java
@@ -245,10 +245,11 @@ public class SCMTrigger extends Trigger<Item> {
         private static final int THREADS_UPPER_BOUND = 100;
         private static final int THREADS_DEFAULT= 10;
 
-        private void readResolve() {
+        private Object readResolve() {
             if (maximumThreads == 0) {
                 maximumThreads = THREADS_DEFAULT;
             }
+            return this;
         }
 
         public boolean isApplicable(Item item) {
diff --git a/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java b/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
index f92fd8e701..d481361f61 100644
--- a/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
+++ b/core/src/main/java/jenkins/security/apitoken/ApiTokenStats.java
@@ -60,7 +60,7 @@ public class ApiTokenStats implements Saveable {
         this.init();
     }
     
-    private ApiTokenStats readResolve() {
+    private Object readResolve() {
         this.init();
         return this;
     }
@@ -217,7 +217,7 @@ public class ApiTokenStats implements Saveable {
             this.tokenUuid = tokenUuid;
         }
         
-        private SingleTokenStats readResolve() {
+        private Object readResolve() {
             if (this.useCounter != null) {
                 // to avoid negative numbers to be injected
                 this.useCounter = Math.max(0, this.useCounter);
-- 
GitLab


From aa0d1208cff3ab8975ffa529d766428ebca55db2 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Thu, 20 Sep 2018 14:01:36 -0700
Subject: [PATCH 718/863] [maven-release-plugin] prepare release jenkins-2.142

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d54dac5918..a11c188a4a 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.142</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 75a46edb31..b396f81200 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.142</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index a9925a0a1f..b5ae47d5e6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.142</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.142</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..8c66174fc2 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.142</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index a2a1e2502a..8d123d9248 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.142</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 54651d8efcaeac2f7faa8757525e05a8a39e5812 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Thu, 20 Sep 2018 14:01:46 -0700
Subject: [PATCH 719/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 6 +++---
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index a11c188a4a..d54dac5918 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.142</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index b396f81200..75a46edb31 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.142</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index b5ae47d5e6..c121a5df7e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.142</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.142</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.142</revision>
+    <revision>2.143</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 8c66174fc2..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.142</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 8d123d9248..a2a1e2502a 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.142</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 2791e853576498fab95b7c9163cc024f9874ee55 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Thu, 20 Sep 2018 15:47:09 -0700
Subject: [PATCH 720/863] [JENKINS-52024] - Update sezpoz to 1.13

---
 core/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/pom.xml b/core/pom.xml
index 75a46edb31..fb56961899 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -560,7 +560,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>net.java.sezpoz</groupId>
       <artifactId>sezpoz</artifactId>
-      <version>1.12</version>
+      <version>1.13</version>
     </dependency>
     <dependency>
       <groupId>org.kohsuke.jinterop</groupId>
-- 
GitLab


From 1c837d391be12fc68a7512f7a10fd7f84a6ddddb Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Thu, 20 Sep 2018 18:24:42 -0700
Subject: [PATCH 721/863] Fix the FindBugs issue in the test

---
 core/src/test/java/hudson/model/JobTest.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/test/java/hudson/model/JobTest.java b/core/src/test/java/hudson/model/JobTest.java
index 44a1f07e39..c65793d521 100644
--- a/core/src/test/java/hudson/model/JobTest.java
+++ b/core/src/test/java/hudson/model/JobTest.java
@@ -74,7 +74,7 @@ public class JobTest {
         Node node = PowerMockito.mock(Node.class);
         PowerMockito.doReturn(c).when(node).toComputer();
 
-        EnvVars env = job.getEnvironment(node, null);
+        EnvVars env = job.getEnvironment(node, TaskListener.NULL);
         String path = "/test";
         env.override("PATH+TEST", path);
 
-- 
GitLab


From a3cc7780aa2d6d36bdbabf663bd4b26f1172ecf3 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 21 Sep 2018 14:54:25 -0700
Subject: [PATCH 722/863] JDK11 support: refactor code to avoid underscore
 variable names

---
 .../main/java/hudson/ClassicPluginStrategy.java  |  2 +-
 core/src/main/java/hudson/FilePath.java          |  4 ++--
 core/src/main/java/hudson/PluginManager.java     |  2 +-
 .../cli/handlers/GenericItemOptionHandler.java   |  2 +-
 core/src/main/java/hudson/model/Fingerprint.java |  4 ++--
 core/src/main/java/hudson/model/ListView.java    |  4 ++--
 .../src/main/java/hudson/model/UpdateCenter.java |  2 +-
 .../java/hudson/model/queue/Executables.java     |  2 +-
 .../java/hudson/os/solaris/ZFSInstaller.java     |  2 +-
 .../security/HudsonPrivateSecurityRealm.java     |  8 ++++----
 .../src/main/java/hudson/tasks/BuildTrigger.java |  2 +-
 core/src/main/java/hudson/util/ProcessTree.java  | 12 ++++++------
 core/src/main/java/jenkins/model/Jenkins.java    |  2 +-
 .../restarter/JnlpSlaveRestarterInstaller.java   |  2 +-
 .../jenkins/triggers/ReverseBuildTrigger.java    |  4 ++--
 test/src/test/java/hudson/PluginManagerTest.java |  6 +++---
 .../test/java/hudson/cli/ComputerStateTest.java  |  2 +-
 .../test/java/hudson/model/FingerprintTest.java  | 16 ++++++++--------
 .../src/test/java/hudson/model/ListViewTest.java |  2 +-
 test/src/test/java/hudson/search/SearchTest.java |  2 +-
 .../jenkins/security/ApiTokenPropertyTest.java   |  2 +-
 21 files changed, 42 insertions(+), 42 deletions(-)

diff --git a/core/src/main/java/hudson/ClassicPluginStrategy.java b/core/src/main/java/hudson/ClassicPluginStrategy.java
index 6503d4b639..2fdfd6427e 100644
--- a/core/src/main/java/hudson/ClassicPluginStrategy.java
+++ b/core/src/main/java/hudson/ClassicPluginStrategy.java
@@ -788,7 +788,7 @@ public class ClassicPluginStrategy implements PluginStrategy {
                     if(p!=null)
                         try {
                             return p.classLoader.loadClass(name);
-                        } catch (ClassNotFoundException _) {
+                        } catch (ClassNotFoundException ex) {
                             // try next
                         }
                 }
diff --git a/core/src/main/java/hudson/FilePath.java b/core/src/main/java/hudson/FilePath.java
index 00d453f794..f3091386e4 100644
--- a/core/src/main/java/hudson/FilePath.java
+++ b/core/src/main/java/hudson/FilePath.java
@@ -2309,7 +2309,7 @@ public final class FilePath implements Serializable {
             // legacy agent.jar. Handle this gracefully
             try {
                 LOGGER.log(Level.WARNING,"Looks like an old agent.jar. Please update "+ Which.jarFile(Channel.class)+" to the new version",e);
-            } catch (IOException _) {
+            } catch (IOException ex) {
                 // really ignore this time
             }
         }
@@ -2427,7 +2427,7 @@ public final class FilePath implements Serializable {
                     // report both errors
                     e.addSuppressed(x);
                     throw e;
-                } catch (TimeoutException _) {
+                } catch (TimeoutException ex) {
                     // remote is hanging
                     throw e;
                 }
diff --git a/core/src/main/java/hudson/PluginManager.java b/core/src/main/java/hudson/PluginManager.java
index be83e07456..fdf7b8d07e 100644
--- a/core/src/main/java/hudson/PluginManager.java
+++ b/core/src/main/java/hudson/PluginManager.java
@@ -1493,7 +1493,7 @@ public abstract class PluginManager extends AbstractModelObject implements OnMas
                     }
                     updateCenter.persistInstallStatus();
                     if(!failures) {
-                        try (ACLContext _ = ACL.as(currentAuth)) {
+                        try (ACLContext acl = ACL.as(currentAuth)) {
                             InstallUtil.proceedToNextStateFrom(InstallState.INITIAL_PLUGINS_INSTALLING);
                         }
                     }
diff --git a/core/src/main/java/hudson/cli/handlers/GenericItemOptionHandler.java b/core/src/main/java/hudson/cli/handlers/GenericItemOptionHandler.java
index 6cd1d86eba..0648f057a0 100644
--- a/core/src/main/java/hudson/cli/handlers/GenericItemOptionHandler.java
+++ b/core/src/main/java/hudson/cli/handlers/GenericItemOptionHandler.java
@@ -62,7 +62,7 @@ public abstract class GenericItemOptionHandler<T extends Item> extends OptionHan
         T s = j.getItemByFullName(src, type());
         if (s == null) {
             final Authentication who = Jenkins.getAuthentication();
-            try (ACLContext _ = ACL.as(ACL.SYSTEM)) {
+            try (ACLContext acl = ACL.as(ACL.SYSTEM)) {
                 Item actual = j.getItemByFullName(src);
                 if (actual == null) {
                     LOGGER.log(Level.FINE, "really no item exists named {0}", src);
diff --git a/core/src/main/java/hudson/model/Fingerprint.java b/core/src/main/java/hudson/model/Fingerprint.java
index 31dd8d87c5..e947908576 100644
--- a/core/src/main/java/hudson/model/Fingerprint.java
+++ b/core/src/main/java/hudson/model/Fingerprint.java
@@ -822,7 +822,7 @@ public class Fingerprint implements ModelObject, Saveable {
     public static final class ProjectRenameListener extends ItemListener {
         @Override
         public void onLocationChanged(final Item item, final String oldName, final String newName) {
-            try (ACLContext _ = ACL.as(ACL.SYSTEM)) {
+            try (ACLContext acl = ACL.as(ACL.SYSTEM)) {
                 locationChanged(item, oldName, newName);
             }
         }
@@ -1438,7 +1438,7 @@ public class Fingerprint implements ModelObject, Saveable {
         // Probably it failed due to the missing Item.DISCOVER
         // We try to retrieve the job using SYSTEM user and to check permissions manually.
         final Authentication userAuth = Jenkins.getAuthentication();
-        try (ACLContext _ = ACL.as(ACL.SYSTEM)) {
+        try (ACLContext acl = ACL.as(ACL.SYSTEM)) {
             final Item itemBySystemUser = jenkins.getItemByFullName(fullName);
             if (itemBySystemUser == null) {
                 return false;
diff --git a/core/src/main/java/hudson/model/ListView.java b/core/src/main/java/hudson/model/ListView.java
index 002646e10d..9d84eb32ce 100644
--- a/core/src/main/java/hudson/model/ListView.java
+++ b/core/src/main/java/hudson/model/ListView.java
@@ -518,7 +518,7 @@ public class ListView extends View implements DirectlyModifiableView {
     public static final class Listener extends ItemListener {
         @Override
         public void onLocationChanged(final Item item, final String oldFullName, final String newFullName) {
-            try (ACLContext _ = ACL.as(ACL.SYSTEM)) {
+            try (ACLContext acl = ACL.as(ACL.SYSTEM)) {
                 locationChanged(oldFullName, newFullName);
             }
         }
@@ -563,7 +563,7 @@ public class ListView extends View implements DirectlyModifiableView {
 
         @Override
         public void onDeleted(final Item item) {
-            try (ACLContext _ = ACL.as(ACL.SYSTEM)) {
+            try (ACLContext acl = ACL.as(ACL.SYSTEM)) {
                 deleted(item);
             }
         }
diff --git a/core/src/main/java/hudson/model/UpdateCenter.java b/core/src/main/java/hudson/model/UpdateCenter.java
index d457bd4ba2..faf0673d29 100644
--- a/core/src/main/java/hudson/model/UpdateCenter.java
+++ b/core/src/main/java/hudson/model/UpdateCenter.java
@@ -1401,7 +1401,7 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
             status = new Running();
             try {
                 // safeRestart records the current authentication for the log, so set it to the managing user
-                try (ACLContext _ = ACL.as(User.get(authentication, false, Collections.emptyMap()))) {
+                try (ACLContext acl = ACL.as(User.get(authentication, false, Collections.emptyMap()))) {
                     Jenkins.getInstance().safeRestart();
                 }
             } catch (RestartNotSupportedException exception) {
diff --git a/core/src/main/java/hudson/model/queue/Executables.java b/core/src/main/java/hudson/model/queue/Executables.java
index 2dbcca3f21..acb0e1fdfc 100644
--- a/core/src/main/java/hudson/model/queue/Executables.java
+++ b/core/src/main/java/hudson/model/queue/Executables.java
@@ -46,7 +46,7 @@ public class Executables {
             throws Error, RuntimeException {
         try {
             return e.getParent();
-        } catch (AbstractMethodError _) {
+        } catch (AbstractMethodError ex) {
             try {
                 Method m = e.getClass().getMethod("getParent");
                 m.setAccessible(true);
diff --git a/core/src/main/java/hudson/os/solaris/ZFSInstaller.java b/core/src/main/java/hudson/os/solaris/ZFSInstaller.java
index 29532545fa..d14b2dd748 100644
--- a/core/src/main/java/hudson/os/solaris/ZFSInstaller.java
+++ b/core/src/main/java/hudson/os/solaris/ZFSInstaller.java
@@ -219,7 +219,7 @@ public class ZFSInstaller extends AdministrativeMonitor implements Serializable
                     // revert the file system creation
                     try {
                         hudson.destory();
-                    } catch (Exception _) {
+                    } catch (Exception ex) {
                         // but ignore the error and let the original error thrown
                     }
                     throw e;
diff --git a/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java b/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
index cf6c94e085..e08337aac4 100644
--- a/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
+++ b/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
@@ -739,11 +739,11 @@ public class HudsonPrivateSecurityRealm extends AbstractPasswordBasedSecurityRea
     /*package*/ static final PasswordEncoder CLASSIC = new PasswordEncoder() {
         private final PasswordEncoder passwordEncoder = new ShaPasswordEncoder(256);
 
-        public String encodePassword(String rawPass, Object _) throws DataAccessException {
+        public String encodePassword(String rawPass, Object obj) throws DataAccessException {
             return hash(rawPass);
         }
 
-        public boolean isPasswordValid(String encPass, String rawPass, Object _) throws DataAccessException {
+        public boolean isPasswordValid(String encPass, String rawPass, Object obj) throws DataAccessException {
             // pull out the sale from the encoded password
             int i = encPass.indexOf(':');
             if(i<0) return false;
@@ -779,11 +779,11 @@ public class HudsonPrivateSecurityRealm extends AbstractPasswordBasedSecurityRea
      * {@link PasswordEncoder} that uses jBCrypt.
      */
     private static final PasswordEncoder JBCRYPT_ENCODER = new PasswordEncoder() {
-        public String encodePassword(String rawPass, Object _) throws DataAccessException {
+        public String encodePassword(String rawPass, Object obj) throws DataAccessException {
             return BCrypt.hashpw(rawPass,BCrypt.gensalt());
         }
 
-        public boolean isPasswordValid(String encPass, String rawPass, Object _) throws DataAccessException {
+        public boolean isPasswordValid(String encPass, String rawPass, Object obj) throws DataAccessException {
             return BCrypt.checkpw(rawPass,encPass);
         }
     };
diff --git a/core/src/main/java/hudson/tasks/BuildTrigger.java b/core/src/main/java/hudson/tasks/BuildTrigger.java
index 00615dbc79..78f8ef13f8 100644
--- a/core/src/main/java/hudson/tasks/BuildTrigger.java
+++ b/core/src/main/java/hudson/tasks/BuildTrigger.java
@@ -431,7 +431,7 @@ public class BuildTrigger extends Recorder implements DependencyDeclarer {
         public static class ItemListenerImpl extends ItemListener {
             @Override
             public void onLocationChanged(final Item item, final String oldFullName, final String newFullName) {
-                try (ACLContext _ = ACL.as(ACL.SYSTEM)) {
+                try (ACLContext acl = ACL.as(ACL.SYSTEM)) {
                     locationChanged(item, oldFullName, newFullName);
                 }
             }
diff --git a/core/src/main/java/hudson/util/ProcessTree.java b/core/src/main/java/hudson/util/ProcessTree.java
index 843653f72d..5283054fca 100644
--- a/core/src/main/java/hudson/util/ProcessTree.java
+++ b/core/src/main/java/hudson/util/ProcessTree.java
@@ -1253,18 +1253,18 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
                 kinfo_proc_ppid_offset = kinfo_proc_ppid_offset_32;
             }
             try {
-                IntByReference _ = new IntByReference(sizeOfInt);
+                IntByReference ref = new IntByReference(sizeOfInt);
                 IntByReference size = new IntByReference(sizeOfInt);
                 Memory m;
                 int nRetry = 0;
                 while(true) {
                     // find out how much memory we need to do this
-                    if(LIBC.sysctl(MIB_PROC_ALL,3, NULL, size, NULL, _)!=0)
+                    if(LIBC.sysctl(MIB_PROC_ALL,3, NULL, size, NULL, ref)!=0)
                         throw new IOException("Failed to obtain memory requirement: "+LIBC.strerror(Native.getLastError()));
 
                     // now try the real call
                     m = new Memory(size.getValue());
-                    if(LIBC.sysctl(MIB_PROC_ALL,3, m, size, NULL, _)!=0) {
+                    if(LIBC.sysctl(MIB_PROC_ALL,3, m, size, NULL, ref)!=0) {
                         if(Native.getLastError()==ENOMEM && nRetry++<16)
                             continue; // retry
                         throw new IOException("Failed to call kern.proc.all: "+LIBC.strerror(Native.getLastError()));
@@ -1324,14 +1324,14 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
                     arguments = new ArrayList<String>();
                     envVars = new EnvVars();
 
-                    IntByReference _ = new IntByReference();
+                    IntByReference intByRef = new IntByReference();
 
                     IntByReference argmaxRef = new IntByReference(0);
                     IntByReference size = new IntByReference(sizeOfInt);
 
                     // for some reason, I was never able to get sysctlbyname work.
 //        if(LIBC.sysctlbyname("kern.argmax", argmaxRef.getPointer(), size, NULL, _)!=0)
-                    if(LIBC.sysctl(new int[]{CTL_KERN,KERN_ARGMAX},2, argmaxRef.getPointer(), size, NULL, _)!=0)
+                    if(LIBC.sysctl(new int[]{CTL_KERN,KERN_ARGMAX},2, argmaxRef.getPointer(), size, NULL, intByRef)!=0)
                         throw new IOException("Failed to get kern.argmax: "+LIBC.strerror(Native.getLastError()));
 
                     int argmax = argmaxRef.getValue();
@@ -1369,7 +1369,7 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
                     }
                     StringArrayMemory m = new StringArrayMemory(argmax);
                     size.setValue(argmax);
-                    if(LIBC.sysctl(new int[]{CTL_KERN,KERN_PROCARGS2,pid},3, m, size, NULL, _)!=0)
+                    if(LIBC.sysctl(new int[]{CTL_KERN,KERN_PROCARGS2,pid},3, m, size, NULL, intByRef)!=0)
                         throw new IOException("Failed to obtain ken.procargs2: "+LIBC.strerror(Native.getLastError()));
 
 
diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index f1ba7be1dd..e4880248e3 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -5030,7 +5030,7 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
                 if (idx > 0) {
                     return new VersionNumber(versionString.substring(0,idx));
                 }
-            } catch (NumberFormatException _) {
+            } catch (NumberFormatException ex) {
                 // fall through
             }
 
diff --git a/core/src/main/java/jenkins/slaves/restarter/JnlpSlaveRestarterInstaller.java b/core/src/main/java/jenkins/slaves/restarter/JnlpSlaveRestarterInstaller.java
index e47cc39925..222998caaf 100644
--- a/core/src/main/java/jenkins/slaves/restarter/JnlpSlaveRestarterInstaller.java
+++ b/core/src/main/java/jenkins/slaves/restarter/JnlpSlaveRestarterInstaller.java
@@ -77,7 +77,7 @@ public class JnlpSlaveRestarterInstaller extends ComputerListener implements Ser
 
             try {
                 Engine.class.getMethod("addListener", EngineListener.class);
-            } catch (NoSuchMethodException _) {
+            } catch (NoSuchMethodException ex) {
                 return null;    // running with older version of remoting that doesn't support adding listener
             }
 
diff --git a/core/src/main/java/jenkins/triggers/ReverseBuildTrigger.java b/core/src/main/java/jenkins/triggers/ReverseBuildTrigger.java
index 3058274ceb..c601cebc26 100644
--- a/core/src/main/java/jenkins/triggers/ReverseBuildTrigger.java
+++ b/core/src/main/java/jenkins/triggers/ReverseBuildTrigger.java
@@ -251,7 +251,7 @@ public final class ReverseBuildTrigger extends Trigger<Job> implements Dependenc
         }
 
         private Map<Job,Collection<ReverseBuildTrigger>> calculateCache() {
-            try (ACLContext _ = ACL.as(ACL.SYSTEM)) {
+            try (ACLContext acl = ACL.as(ACL.SYSTEM)) {
                 final Map<Job, Collection<ReverseBuildTrigger>> result = new WeakHashMap<>();
                 for (Job<?, ?> downstream : Jenkins.getInstance().allItems(Job.class)) {
                     ReverseBuildTrigger trigger =
@@ -312,7 +312,7 @@ public final class ReverseBuildTrigger extends Trigger<Job> implements Dependenc
     public static class ItemListenerImpl extends ItemListener {
         @Override
         public void onLocationChanged(Item item, final String oldFullName, final String newFullName) {
-            try (ACLContext _ = ACL.as(ACL.SYSTEM)) {
+            try (ACLContext acl = ACL.as(ACL.SYSTEM)) {
                 for (Job<?, ?> p : Jenkins.getInstance().allItems(Job.class)) {
                     ReverseBuildTrigger t = ParameterizedJobMixIn.getTrigger(p, ReverseBuildTrigger.class);
                     if (t != null) {
diff --git a/test/src/test/java/hudson/PluginManagerTest.java b/test/src/test/java/hudson/PluginManagerTest.java
index 61c09bea42..180689e295 100644
--- a/test/src/test/java/hudson/PluginManagerTest.java
+++ b/test/src/test/java/hudson/PluginManagerTest.java
@@ -293,7 +293,7 @@ public class PluginManagerTest {
         try {
             callDependerValue();
             fail();
-        } catch (ClassNotFoundException _) {
+        } catch (ClassNotFoundException ex) {
         }
         
         // No extensions exist.
@@ -331,7 +331,7 @@ public class PluginManagerTest {
         try {
             r.jenkins.getExtensionList("org.jenkinsci.plugins.dependencytest.dependee.DependeeExtensionPoint");
             fail();
-        } catch( ClassNotFoundException _ ){
+        } catch( ClassNotFoundException ex ){
         }
         
         // Load dependee.
@@ -380,7 +380,7 @@ public class PluginManagerTest {
         try {
             r.jenkins.getExtensionList("org.jenkinsci.plugins.dependencytest.dependee.DependeeExtensionPoint");
             fail();
-        } catch( ClassNotFoundException _ ){
+        } catch( ClassNotFoundException ex ){
         }
     }
 
diff --git a/test/src/test/java/hudson/cli/ComputerStateTest.java b/test/src/test/java/hudson/cli/ComputerStateTest.java
index 6933b12544..87845cea8e 100644
--- a/test/src/test/java/hudson/cli/ComputerStateTest.java
+++ b/test/src/test/java/hudson/cli/ComputerStateTest.java
@@ -168,6 +168,6 @@ public class ComputerStateTest {
         try {
             page.getAnchorByText(text);
             fail(text + " link should not exist");
-        } catch (ElementNotFoundException _) { /*expected*/ }
+        } catch (ElementNotFoundException ex) { /*expected*/ }
     }
 }
diff --git a/test/src/test/java/hudson/model/FingerprintTest.java b/test/src/test/java/hudson/model/FingerprintTest.java
index ff5214063f..a8a9befece 100644
--- a/test/src/test/java/hudson/model/FingerprintTest.java
+++ b/test/src/test/java/hudson/model/FingerprintTest.java
@@ -160,7 +160,7 @@ public class FingerprintTest {
         setJobPermissionsOnce(project1, "user1", Item.READ, Item.DISCOVER);
         setJobPermissionsOnce(project2, "user2", Item.READ, Item.DISCOVER);
 
-        try (ACLContext _ = ACL.as(user1)) {
+        try (ACLContext acl = ACL.as(user1)) {
             Fingerprint.BuildPtr original = fp.getOriginal();
             assertThat("user1 should be able to see the origin", fp.getOriginal(), notNullValue());
             assertEquals("user1 should be able to see the origin's project name", project1.getName(), original.getName());
@@ -169,13 +169,13 @@ public class FingerprintTest {
             assertEquals("Only project1 should be visible to user1", project1.getFullName(), fp._getUsages().get(0).name);
         }
 
-        try (ACLContext _ = ACL.as(user2)) {
+        try (ACLContext acl = ACL.as(user2)) {
             assertThat("user2 should be unable to see the origin", fp.getOriginal(), nullValue());
             assertEquals("Only one usage should be visible to user2", 1, fp._getUsages().size());
             assertEquals("Only project2 should be visible to user2", project2.getFullName(), fp._getUsages().get(0).name);
         }
 
-        try (ACLContext _ = ACL.as(user3)) {
+        try (ACLContext acl = ACL.as(user3)) {
             Fingerprint.BuildPtr original = fp.getOriginal();
             assertThat("user3 should be unable to see the origin", fp.getOriginal(), nullValue());
             assertEquals("All usages should be invisible for user3", 0, fp._getUsages().size());
@@ -193,7 +193,7 @@ public class FingerprintTest {
         User user1 = User.get("user1");   
         setupProjectMatrixAuthStrategy(Jenkins.READ, Item.DISCOVER);
 
-        try (ACLContext _ = ACL.as(user1)) {
+        try (ACLContext acl = ACL.as(user1)) {
             Fingerprint.BuildPtr original = fingerprint.getOriginal();
             assertThat("user1 should able to see the origin", fingerprint.getOriginal(), notNullValue());
             assertEquals("user1 sees the wrong original name with Item.DISCOVER", project.getFullName(), original.getName());
@@ -216,7 +216,7 @@ public class FingerprintTest {
         folder.setPermissions("user1", Item.READ);
         
         // Ensure we can read the original from user account
-        try (ACLContext _ = ACL.as(user1)) {
+        try (ACLContext acl = ACL.as(user1)) {
             assertTrue("Test framework issue: User1 should be able to read the folder", folder.hasPermission(Item.READ));
 
             Fingerprint.BuildPtr original = fingerprint.getOriginal();
@@ -241,7 +241,7 @@ public class FingerprintTest {
         setupProjectMatrixAuthStrategy(Jenkins.READ, Item.DISCOVER);
         
         // Ensure we can read the original from user account
-        try (ACLContext _ = ACL.as(user1)) {
+        try (ACLContext acl = ACL.as(user1)) {
             assertFalse("Test framework issue: User1 should be unable to read the folder", folder.hasPermission(Item.READ));
             assertThat("user1 should be unable to see the origin", fingerprint.getOriginal(), nullValue());
             assertEquals("No jobs should be visible to user1", 0, fingerprint._getUsages().size());
@@ -266,7 +266,7 @@ public class FingerprintTest {
         setupProjectMatrixAuthStrategy(Jenkins.READ, Item.READ, Item.DISCOVER);
         project.delete();
 
-        try (ACLContext _ = ACL.as(user1)) {
+        try (ACLContext acl = ACL.as(user1)) {
             assertThat("user1 should be unable to see the origin", fp.getOriginal(), nullValue());
             assertEquals("No jobs should be visible to user1", 0, fp._getUsages().size());
         }
@@ -284,7 +284,7 @@ public class FingerprintTest {
         setupProjectMatrixAuthStrategy(Jenkins.ADMINISTER);
         project.delete();
 
-        try (ACLContext _ = ACL.as(user1)) {
+        try (ACLContext acl = ACL.as(user1)) {
             Fingerprint.BuildPtr original = fingerprint.getOriginal();
             assertThat("user1 should able to see the origin", fingerprint.getOriginal(), notNullValue());
             assertThat("Job has been deleted, so Job reference should return null", fingerprint.getOriginal().getJob(), nullValue());
diff --git a/test/src/test/java/hudson/model/ListViewTest.java b/test/src/test/java/hudson/model/ListViewTest.java
index 680a592060..04cdc116d9 100644
--- a/test/src/test/java/hudson/model/ListViewTest.java
+++ b/test/src/test/java/hudson/model/ListViewTest.java
@@ -234,7 +234,7 @@ public class ListViewTest {
         ListView v = new ListView("v", j.jenkins);
         v.add(p);
         j.jenkins.addView(v);
-        try (ACLContext _ = ACL.as(User.get("alice"))) {
+        try (ACLContext acl = ACL.as(User.get("alice"))) {
             p.renameTo("p2");
         }
         assertEquals(Collections.singletonList(p), v.getItems());
diff --git a/test/src/test/java/hudson/search/SearchTest.java b/test/src/test/java/hudson/search/SearchTest.java
index 98d74ad2c1..e2fcd37a48 100644
--- a/test/src/test/java/hudson/search/SearchTest.java
+++ b/test/src/test/java/hudson/search/SearchTest.java
@@ -440,7 +440,7 @@ public class SearchTest {
         mas.grant(Jenkins.READ).onRoot().toEveryone();
         j.jenkins.setAuthorizationStrategy(mas);
 
-        try(ACLContext _ = ACL.as(User.get("alice"))) {
+        try(ACLContext acl = ACL.as(User.get("alice"))) {
             List<SearchItem> results = new ArrayList<>();
             j.jenkins.getSearchIndex().find("config", results);
             j.jenkins.getSearchIndex().find("manage", results);
diff --git a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
index 47e750f62c..e9a4f16b24 100644
--- a/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
+++ b/test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
@@ -69,7 +69,7 @@ public class ApiTokenPropertyTest {
         final String token = t.getApiToken();
 
         // Make sure that user is able to get the token via the interface
-        try (ACLContext _ = ACL.as(u)) {
+        try (ACLContext acl = ACL.as(u)) {
             assertEquals("User is unable to get its own token", token, t.getApiToken());
         }
 
-- 
GitLab


From d9d31f9914e38aec95b46cf37a669dadcfc0b054 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 21 Sep 2018 13:53:09 -0700
Subject: [PATCH 723/863] Cleanup Javadoc errors in
 hudson.cli.PrivateKeyProvider (fails in Java 11)

---
 cli/src/main/java/hudson/cli/PrivateKeyProvider.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cli/src/main/java/hudson/cli/PrivateKeyProvider.java b/cli/src/main/java/hudson/cli/PrivateKeyProvider.java
index d7753a7504..9f87dd4a7b 100644
--- a/cli/src/main/java/hudson/cli/PrivateKeyProvider.java
+++ b/cli/src/main/java/hudson/cli/PrivateKeyProvider.java
@@ -71,7 +71,7 @@ public class PrivateKeyProvider {
     /**
      * Read keys from default keyFiles
      *
-     * <tt>.ssh/id_rsa</tt>, <tt>.ssh/id_dsa</tt> and <tt>.ssh/identity</tt>.
+     * {@code .ssh/id_rsa}, {@code .ssh/id_dsa} and {@code .ssh/identity}.
      *
      * @return true if some key was read successfully.
      */
-- 
GitLab


From ba08ebc97a605bc621fc9af61d347df74d4b05c6 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 21 Sep 2018 17:44:58 -0700
Subject: [PATCH 724/863] Refactoring: Cleanup `<tt>` tags from the Jenkins
 core Javadoc

---
 core/src/main/java/hudson/CopyOnWrite.java    |  2 +-
 core/src/main/java/hudson/EnvVars.java        | 14 +--
 .../FileSystemProvisionerDescriptor.java      |  4 +-
 core/src/main/java/hudson/Functions.java      | 14 +--
 core/src/main/java/hudson/Indenter.java       |  2 +-
 core/src/main/java/hudson/Launcher.java       |  4 +-
 core/src/main/java/hudson/Plugin.java         | 12 +--
 core/src/main/java/hudson/PluginManager.java  |  2 +-
 core/src/main/java/hudson/PluginWrapper.java  |  6 +-
 core/src/main/java/hudson/Util.java           |  4 +-
 core/src/main/java/hudson/XmlFile.java        | 10 +-
 core/src/main/java/hudson/cli/CLICommand.java |  4 +-
 .../hudson/cli/declarative/CLIMethod.java     |  4 +-
 .../hudson/cli/declarative/CLIResolver.java   |  6 +-
 .../cli/handlers/ViewOptionHandler.java       |  2 +-
 .../console/ConsoleAnnotatorFactory.java      |  2 +-
 .../main/java/hudson/console/ConsoleNote.java |  2 +-
 .../diagnosis/HudsonHomeDiskUsageChecker.java |  2 +-
 .../diagnosis/HudsonHomeDiskUsageMonitor.java |  2 +-
 .../main/java/hudson/init/Initializer.java    |  2 +-
 .../src/main/java/hudson/init/Terminator.java |  2 +-
 .../main/java/hudson/init/package-info.java   |  2 +-
 .../main/java/hudson/lifecycle/Lifecycle.java |  4 +-
 .../lifecycle/WindowsServiceLifecycle.java    |  2 +-
 .../java/hudson/markup/MarkupFormatter.java   |  2 +-
 .../main/java/hudson/model/AbstractBuild.java |  2 +-
 .../main/java/hudson/model/AbstractItem.java  |  2 +-
 .../java/hudson/model/AbstractProject.java    |  6 +-
 core/src/main/java/hudson/model/Action.java   |  8 +-
 .../hudson/model/AdministrativeMonitor.java   |  4 +-
 core/src/main/java/hudson/model/Api.java      |  2 +-
 .../java/hudson/model/BuildBadgeAction.java   |  2 +-
 core/src/main/java/hudson/model/Computer.java |  2 +-
 .../main/java/hudson/model/Descriptor.java    | 10 +-
 core/src/main/java/hudson/model/Job.java      |  4 +-
 .../main/java/hudson/model/JobProperty.java   |  4 +-
 .../java/hudson/model/ManagementLink.java     |  2 +-
 .../main/java/hudson/model/ModelObject.java   |  2 +-
 .../hudson/model/ParameterDefinition.java     |  6 +-
 .../java/hudson/model/ParameterValue.java     |  4 +-
 .../model/ParametersDefinitionProperty.java   |  2 +-
 core/src/main/java/hudson/model/Queue.java    |  4 +-
 core/src/main/java/hudson/model/Run.java      |  2 +-
 core/src/main/java/hudson/model/Slave.java    |  2 +-
 .../hudson/model/TopLevelItemDescriptor.java  |  2 +-
 .../main/java/hudson/model/UpdateCenter.java  | 10 +-
 .../main/java/hudson/model/UpdateSite.java    |  2 +-
 .../main/java/hudson/model/UserProperty.java  |  6 +-
 core/src/main/java/hudson/model/View.java     |  6 +-
 .../hudson/model/queue/CauseOfBlockage.java   |  2 +-
 .../AbstractAsyncNodeMonitorDescriptor.java   |  6 +-
 .../hudson/node_monitors/NodeMonitor.java     |  2 +-
 .../RareOrImpossibleDateException.java        |  2 +-
 .../java/hudson/scm/AbstractScmTagAction.java |  4 +-
 core/src/main/java/hudson/scm/SCM.java        |  4 +-
 core/src/main/java/hudson/search/Search.java  |  2 +-
 .../AuthenticationProcessingFilter2.java      |  2 +-
 .../security/BasicAuthenticationFilter.java   |  6 +-
 .../security/HudsonPrivateSecurityRealm.java  |  2 +-
 .../java/hudson/security/SecurityRealm.java   | 16 ++--
 .../security/captcha/CaptchaSupport.java      |  2 +-
 core/src/main/java/hudson/slaves/Cloud.java   |  8 +-
 .../java/hudson/slaves/NodeDescriptor.java    |  4 +-
 .../main/java/hudson/slaves/OfflineCause.java |  2 +-
 .../java/hudson/slaves/SlaveComputer.java     |  2 +-
 .../src/main/java/hudson/tasks/BuildStep.java |  4 +-
 core/src/main/java/hudson/tasks/Maven.java    |  4 +-
 .../tools/DownloadFromUrlInstaller.java       |  2 +-
 .../main/java/hudson/triggers/SCMTrigger.java |  2 +-
 .../java/hudson/util/ArgumentListBuilder.java |  2 +-
 .../java/hudson/util/DoubleLaunchChecker.java |  2 +-
 .../main/java/hudson/util/ErrorObject.java    |  2 +-
 .../java/hudson/util/FormFieldValidator.java  |  8 +-
 .../java/hudson/util/FormFillFailure.java     |  6 +-
 .../main/java/hudson/util/FormValidation.java | 12 +--
 core/src/main/java/hudson/util/Function1.java |  2 +-
 .../java/hudson/util/HudsonFailedToLoad.java  |  2 +-
 .../util/IncompatibleAntVersionDetected.java  |  2 +-
 .../IncompatibleServletVersionDetected.java   |  2 +-
 .../hudson/util/IncompatibleVMDetected.java   |  2 +-
 .../util/InsufficientPermissionDetected.java  |  2 +-
 .../java/hudson/util/KeyedDataStorage.java    |  2 +-
 .../hudson/util/LineEndNormalizingWriter.java |  2 +-
 .../main/java/hudson/util/ListBoxModel.java   |  6 +-
 core/src/main/java/hudson/util/NoHomeDir.java |  2 +-
 core/src/main/java/hudson/util/NoTempDir.java |  2 +-
 .../main/java/hudson/util/ProcessTree.java    |  2 +-
 core/src/main/java/hudson/util/Service.java   |  4 +-
 core/src/main/java/hudson/util/TimeUnit2.java | 92 +++++++++----------
 .../java/hudson/views/ListViewColumn.java     |  4 +-
 .../main/java/hudson/views/MyViewsTabBar.java |  2 +-
 .../main/java/hudson/views/ViewsTabBar.java   |  2 +-
 .../jenkins/model/CauseOfInterruption.java    |  2 +-
 core/src/main/java/jenkins/model/Jenkins.java |  6 +-
 .../model/JenkinsLocationConfiguration.java   |  2 +-
 .../security/BasicHeaderProcessor.java        |  2 +-
 .../security/ExceptionTranslationFilter.java  |  8 +-
 .../jenkins/security/HMACConfidentialKey.java |  2 +-
 .../slaves/JnlpSlaveAgentProtocol.java        |  4 +-
 .../slaves/systemInfo/SlaveSystemInfo.java    |  2 +-
 .../util/groovy/AbstractGroovyViewModule.java |  4 +-
 .../jenkins/util/groovy/GroovyHookScript.java |  4 +-
 102 files changed, 243 insertions(+), 243 deletions(-)

diff --git a/core/src/main/java/hudson/CopyOnWrite.java b/core/src/main/java/hudson/CopyOnWrite.java
index efe21357c4..891cbf04bb 100644
--- a/core/src/main/java/hudson/CopyOnWrite.java
+++ b/core/src/main/java/hudson/CopyOnWrite.java
@@ -43,7 +43,7 @@ import java.lang.annotation.Target;
  *
  * <p>
  * The field marked with this annotation usually needs to be marked as
- * <tt>volatile</tt>.
+ * {@code volatile}.
  *
  * @author Kohsuke Kawaguchi
  */
diff --git a/core/src/main/java/hudson/EnvVars.java b/core/src/main/java/hudson/EnvVars.java
index 1849ecbf66..a4d581802e 100644
--- a/core/src/main/java/hudson/EnvVars.java
+++ b/core/src/main/java/hudson/EnvVars.java
@@ -54,7 +54,7 @@ import javax.annotation.Nonnull;
  * but case <b>insensitive</b> way (that is, cmd.exe can get both FOO and foo as environment variables
  * when it's launched, and the "set" command will display it accordingly, but "echo %foo%" results in
  * echoing the value of "FOO", not "foo" &mdash; this is presumably caused by the behavior of the underlying
- * Win32 API <tt>GetEnvironmentVariable</tt> acting in case insensitive way.) Windows users are also
+ * Win32 API {@code GetEnvironmentVariable} acting in case insensitive way.) Windows users are also
  * used to write environment variable case-insensitively (like %Path% vs %PATH%), and you can see many
  * documents on the web that claims Windows environment variables are case insensitive.
  *
@@ -65,10 +65,10 @@ import javax.annotation.Nonnull;
  * <p>
  * In Jenkins, often we need to build up "environment variable overrides"
  * on master, then to execute the process on agents. This causes a problem
- * when working with variables like <tt>PATH</tt>. So to make this work,
- * we introduce a special convention <tt>PATH+FOO</tt> &mdash; all entries
- * that starts with <tt>PATH+</tt> are merged and prepended to the inherited
- * <tt>PATH</tt> variable, on the process where a new process is executed. 
+ * when working with variables like {@code PATH}. So to make this work,
+ * we introduce a special convention {@code PATH+FOO} &mdash; all entries
+ * that starts with {@code PATH+} are merged and prepended to the inherited
+ * {@code PATH} variable, on the process where a new process is executed.
  *
  * @author Kohsuke Kawaguchi
  */
@@ -107,7 +107,7 @@ public class EnvVars extends TreeMap<String,String> {
     }
 
     /**
-     * Builds an environment variables from an array of the form <tt>"key","value","key","value"...</tt>
+     * Builds an environment variables from an array of the form {@code "key","value","key","value"...}
      */
     public EnvVars(String... keyValuePairs) {
         this();
@@ -121,7 +121,7 @@ public class EnvVars extends TreeMap<String,String> {
      * Overrides the current entry by the given entry.
      *
      * <p>
-     * Handles <tt>PATH+XYZ</tt> notation.
+     * Handles {@code PATH+XYZ} notation.
      */
     public void override(String key, String value) {
         if(value==null || value.length()==0) {
diff --git a/core/src/main/java/hudson/FileSystemProvisionerDescriptor.java b/core/src/main/java/hudson/FileSystemProvisionerDescriptor.java
index 1e02e11f7f..9e162d666f 100644
--- a/core/src/main/java/hudson/FileSystemProvisionerDescriptor.java
+++ b/core/src/main/java/hudson/FileSystemProvisionerDescriptor.java
@@ -50,12 +50,12 @@ public abstract class FileSystemProvisionerDescriptor extends Descriptor<FileSys
      * This method is called to do this, after Hudson determines that the workspace should be deleted
      * to reclaim disk space. The implementation of this method is expected to sniff the contents of
      * the workspace, and if it looks like the one created by {@link FileSystemProvisioner#prepareWorkspace(AbstractBuild, FilePath, TaskListener)},
-     * perform the necessary deletion operation, and return <tt>true</tt>.
+     * perform the necessary deletion operation, and return {@code true}.
      *
      * <p>
      * If the workspace isn't the one created by this {@link FileSystemProvisioner}, or if the
      * workspace can be simply deleted by {@link FilePath#deleteRecursive()}, then simply
-     * return <tt>false</tt> to give other {@link FileSystemProvisionerDescriptor}s a chance to
+     * return {@code false} to give other {@link FileSystemProvisionerDescriptor}s a chance to
      * discard them.
      *
      * @param ws
diff --git a/core/src/main/java/hudson/Functions.java b/core/src/main/java/hudson/Functions.java
index e18264f914..ef2a7671a3 100644
--- a/core/src/main/java/hudson/Functions.java
+++ b/core/src/main/java/hudson/Functions.java
@@ -396,11 +396,11 @@ public class Functions {
      * is chosen, this part remains intact.
      *
      * <p>
-     * The <tt>524</tt> is the path from {@link Job} to {@link Run}.
+     * The {@code 524} is the path from {@link Job} to {@link Run}.
      *
      * <p>
-     * The <tt>bbb</tt> portion is the path after that till the last
-     * {@link Run} subtype. The <tt>ccc</tt> portion is the part
+     * The {@code bbb} portion is the path after that till the last
+     * {@link Run} subtype. The {@code ccc} portion is the part
      * after that.
      */
     public static final class RunUrl {
@@ -618,7 +618,7 @@ public class Functions {
     private static final SimpleFormatter formatter = new SimpleFormatter();
 
     /**
-     * Used by <tt>layout.jelly</tt> to control the auto refresh behavior.
+     * Used by {@code layout.jelly} to control the auto refresh behavior.
      *
      * @param noAutoRefresh
      *      On certain pages, like a page with forms, will have annoying interference
@@ -772,7 +772,7 @@ public class Functions {
     }
 
     /**
-     * This version is so that the 'checkPermission' on <tt>layout.jelly</tt>
+     * This version is so that the 'checkPermission' on {@code layout.jelly}
      * degrades gracefully if "it" is not an {@link AccessControlled} object.
      * Otherwise it will perform no check and that problem is hard to notice.
      */
@@ -1693,7 +1693,7 @@ public class Functions {
     /**
      * Obtains the host name of the Hudson server that clients can use to talk back to.
      * <p>
-     * This is primarily used in <tt>slave-agent.jnlp.jelly</tt> to specify the destination
+     * This is primarily used in {@code slave-agent.jnlp.jelly} to specify the destination
      * that the agents talk to.
      */
     public String getServerName() {
@@ -1746,7 +1746,7 @@ public class Functions {
     /**
      * If the given href link is matching the current page, return true.
      *
-     * Used in <tt>task.jelly</tt> to decide if the page should be highlighted.
+     * Used in {@code task.jelly} to decide if the page should be highlighted.
      */
     public boolean hyperlinkMatchesCurrentPage(String href) throws UnsupportedEncodingException {
         String url = Stapler.getCurrentRequest().getRequestURL().toString();
diff --git a/core/src/main/java/hudson/Indenter.java b/core/src/main/java/hudson/Indenter.java
index c1f6971b65..aa4348b57a 100644
--- a/core/src/main/java/hudson/Indenter.java
+++ b/core/src/main/java/hudson/Indenter.java
@@ -26,7 +26,7 @@ package hudson;
 import hudson.model.Job;
 
 /**
- * Used by <tt>projectView.jelly</tt> to indent modules.
+ * Used by {@code projectView.jelly} to indent modules.
  *
  * @author Kohsuke Kawaguchi
  */
diff --git a/core/src/main/java/hudson/Launcher.java b/core/src/main/java/hudson/Launcher.java
index 5932cef9ef..0c14a4bbdd 100644
--- a/core/src/main/java/hudson/Launcher.java
+++ b/core/src/main/java/hudson/Launcher.java
@@ -282,7 +282,7 @@ public abstract class Launcher {
          * Sets STDOUT destination.
          * 
          * @param out Output stream. 
-         *            Use {@code null} to send STDOUT to <tt>/dev/null</tt>.
+         *            Use {@code null} to send STDOUT to {@code /dev/null}.
          * @return {@code this}
          */
         public ProcStarter stdout(@CheckForNull OutputStream out) {
@@ -334,7 +334,7 @@ public abstract class Launcher {
 
         /**
          * Controls where the stdin of the process comes from.
-         * By default, <tt>/dev/null</tt>.
+         * By default, {@code /dev/null}.
          * 
          * @return {@code this}
          */
diff --git a/core/src/main/java/hudson/Plugin.java b/core/src/main/java/hudson/Plugin.java
index 7455099ad8..2f065102be 100644
--- a/core/src/main/java/hudson/Plugin.java
+++ b/core/src/main/java/hudson/Plugin.java
@@ -62,20 +62,20 @@ import jenkins.model.GlobalConfiguration;
  * to plugin functionality.
  *
  * <p>
- * A plugin is bound to URL space of Hudson as <tt>${rootURL}/plugin/foo/</tt>,
+ * A plugin is bound to URL space of Hudson as {@code ${rootURL}/plugin/foo/},
  * where "foo" is taken from your plugin name "foo.jpi". All your web resources
  * in src/main/webapp are visible from this URL, and you can also define Jelly
  * views against your Plugin class, and those are visible in this URL, too.
  *
  * <p>
- * {@link Plugin} can have an optional <tt>config.jelly</tt> page. If present,
+ * {@link Plugin} can have an optional {@code config.jelly} page. If present,
  * it will become a part of the system configuration page (http://server/hudson/configure).
  * This is convenient for exposing/maintaining configuration that doesn't
  * fit any {@link Descriptor}s.
  *
  * <p>
  * Up until Hudson 1.150 or something, subclasses of {@link Plugin} required
- * <tt>@plugin</tt> javadoc annotation, but that is no longer a requirement.
+ * {@code @plugin} javadoc annotation, but that is no longer a requirement.
  *
  * @author Kohsuke Kawaguchi
  * @since 1.42
@@ -194,11 +194,11 @@ public abstract class Plugin implements Saveable {
      * Handles the submission for the system configuration.
      *
      * <p>
-     * If this class defines <tt>config.jelly</tt> view, be sure to
+     * If this class defines {@code config.jelly} view, be sure to
      * override this method and persists the submitted values accordingly.
      *
      * <p>
-     * The following is a sample <tt>config.jelly</tt> that you can start yours with:
+     * The following is a sample {@code config.jelly} that you can start yours with:
      * <pre>{@code <xmp>
      * <j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
      *   <f:section title="Locale">
@@ -222,7 +222,7 @@ public abstract class Plugin implements Saveable {
     }
 
     /**
-     * This method serves static resources in the plugin under <tt>hudson/plugin/SHORTNAME</tt>.
+     * This method serves static resources in the plugin under {@code hudson/plugin/SHORTNAME}.
      */
     public void doDynamic(StaplerRequest req, StaplerResponse rsp) throws IOException, ServletException {
         String path = req.getRestOfPath();
diff --git a/core/src/main/java/hudson/PluginManager.java b/core/src/main/java/hudson/PluginManager.java
index be83e07456..c6be27a9fa 100644
--- a/core/src/main/java/hudson/PluginManager.java
+++ b/core/src/main/java/hudson/PluginManager.java
@@ -1216,7 +1216,7 @@ public abstract class PluginManager extends AbstractModelObject implements OnMas
 
     /**
      * Discover all the service provider implementations of the given class,
-     * via <tt>META-INF/services</tt>.
+     * via {@code META-INF/services}.
      * @deprecated Use {@link ServiceLoader} instead, or (more commonly) {@link ExtensionList}.
      */
     @Deprecated
diff --git a/core/src/main/java/hudson/PluginWrapper.java b/core/src/main/java/hudson/PluginWrapper.java
index 363d588f0a..b2be33c8c5 100644
--- a/core/src/main/java/hudson/PluginWrapper.java
+++ b/core/src/main/java/hudson/PluginWrapper.java
@@ -81,7 +81,7 @@ import static org.apache.commons.io.FilenameUtils.getBaseName;
  * for Jenkins to control {@link Plugin}.
  *
  * <p>
- * A plug-in is packaged into a jar file whose extension is <tt>".jpi"</tt> (or <tt>".hpi"</tt> for backward compatibility),
+ * A plug-in is packaged into a jar file whose extension is {@code ".jpi"} (or {@code ".hpi"} for backward compatibility),
  * A plugin needs to have a special manifest entry to identify what it is.
  *
  * <p>
@@ -126,7 +126,7 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
     /**
      * Base URL for loading static resources from this plugin.
      * Null if disabled. The static resources are mapped under
-     * <tt>CONTEXTPATH/plugin/SHORTNAME/</tt>.
+     * {@code CONTEXTPATH/plugin/SHORTNAME/}.
      */
     public final URL baseResourceURL;
 
@@ -151,7 +151,7 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
 
     /**
      * True if this plugin is activated for this session.
-     * The snapshot of <tt>disableFile.exists()</tt> as of the start up.
+     * The snapshot of {@code disableFile.exists()} as of the start up.
      */
     private final boolean active;
     
diff --git a/core/src/main/java/hudson/Util.java b/core/src/main/java/hudson/Util.java
index 3039bbc641..d3aa18870d 100644
--- a/core/src/main/java/hudson/Util.java
+++ b/core/src/main/java/hudson/Util.java
@@ -138,7 +138,7 @@ public class Util {
     private static final Pattern VARIABLE = Pattern.compile("\\$([A-Za-z0-9_]+|\\{[A-Za-z0-9_.]+\\}|\\$)");
 
     /**
-     * Replaces the occurrence of '$key' by <tt>properties.get('key')</tt>.
+     * Replaces the occurrence of '$key' by {@code properties.get('key')}.
      *
      * <p>
      * Unlike shell, undefined variables are left as-is (this behavior is the same as Ant.)
@@ -150,7 +150,7 @@ public class Util {
     }
 
     /**
-     * Replaces the occurrence of '$key' by <tt>resolver.get('key')</tt>.
+     * Replaces the occurrence of '$key' by {@code resolver.get('key')}.
      *
      * <p>
      * Unlike shell, undefined variables are left as-is (this behavior is the same as Ant.)
diff --git a/core/src/main/java/hudson/XmlFile.java b/core/src/main/java/hudson/XmlFile.java
index e2db72a365..7f630dfb33 100644
--- a/core/src/main/java/hudson/XmlFile.java
+++ b/core/src/main/java/hudson/XmlFile.java
@@ -72,12 +72,12 @@ import org.apache.commons.io.IOUtils;
  * not have any data, the newly added field is left to the VM-default
  * value (if you let XStream create the object, such as
  * {@link #read()} &mdash; which is the majority), or to the value initialized by the
- * constructor (if the object is created via <tt>new</tt> and then its
+ * constructor (if the object is created via {@code new} and then its
  * value filled by XStream, such as {@link #unmarshal(Object)}.)
  *
  * <p>
  * Removing a field requires that you actually leave the field with
- * <tt>transient</tt> keyword. When you read the old XML, XStream
+ * {@code transient} keyword. When you read the old XML, XStream
  * will set the value to this field. But when the data is saved,
  * the field will no longer will be written back to XML.
  * (It might be possible to tweak XStream so that we can simply
@@ -85,13 +85,13 @@ import org.apache.commons.io.IOUtils;
  *
  * <p>
  * Changing the data structure is usually a combination of the two
- * above. You'd leave the old data store with <tt>transient</tt>,
+ * above. You'd leave the old data store with {@code transient},
  * and then add the new data. When you are reading the old XML,
  * only the old field will be set. When you are reading the new XML,
  * only the new field will be set. You'll then need to alter the code
  * so that it will be able to correctly handle both situations,
  * and that as soon as you see data in the old field, you'll have to convert
- * that into the new data structure, so that the next <tt>save</tt> operation
+ * that into the new data structure, so that the next {@code save} operation
  * will write the new data (otherwise you'll end up losing the data, because
  * old fields will be never written back.)
  *
@@ -154,7 +154,7 @@ public final class XmlFile {
      * Loads the contents of this file into an existing object.
      *
      * @return
-     *      The unmarshalled object. Usually the same as <tt>o</tt>, but would be different
+     *      The unmarshalled object. Usually the same as {@code o}, but would be different
      *      if the XML representation is completely new.
      */
     public Object unmarshal( Object o ) throws IOException {
diff --git a/core/src/main/java/hudson/cli/CLICommand.java b/core/src/main/java/hudson/cli/CLICommand.java
index 3593ebf259..91d88118d1 100644
--- a/core/src/main/java/hudson/cli/CLICommand.java
+++ b/core/src/main/java/hudson/cli/CLICommand.java
@@ -84,7 +84,7 @@ import javax.annotation.Nonnull;
  * <h2>How does a CLI command work</h2>
  * <p>
  * The users starts {@linkplain CLI the "CLI agent"} on a remote system, by specifying arguments, like
- * <tt>"java -jar jenkins-cli.jar command arg1 arg2 arg3"</tt>. The CLI agent creates
+ * {@code "java -jar jenkins-cli.jar command arg1 arg2 arg3"}. The CLI agent creates
  * a remoting channel with the server, and it sends the entire arguments to the server, along with
  * the remoted stdin/out/err.
  *
@@ -183,7 +183,7 @@ public abstract class CLICommand implements ExtensionPoint, Cloneable {
      * Gets the command name.
      *
      * <p>
-     * For example, if the CLI is invoked as <tt>java -jar cli.jar foo arg1 arg2 arg4</tt>,
+     * For example, if the CLI is invoked as {@code java -jar cli.jar foo arg1 arg2 arg4},
      * on the server side {@link CLICommand} that returns "foo" from {@link #getName()}
      * will be invoked.
      *
diff --git a/core/src/main/java/hudson/cli/declarative/CLIMethod.java b/core/src/main/java/hudson/cli/declarative/CLIMethod.java
index d4e6c96ed4..6366e4409e 100644
--- a/core/src/main/java/hudson/cli/declarative/CLIMethod.java
+++ b/core/src/main/java/hudson/cli/declarative/CLIMethod.java
@@ -38,8 +38,8 @@ import java.lang.annotation.Target;
  * Annotates methods on model objects to expose them as CLI commands.
  *
  * <p>
- * You need to have <tt>Messages.properties</tt> in the same package with the
- * <tt>CLI.<i>command-name</i>.shortDescription</tt> key to describe the command.
+ * You need to have {@code Messages.properties} in the same package with the
+ * {@code CLI.<i>command-name</i>.shortDescription} key to describe the command.
  * This is used for the same purpose as {@link CLICommand#getShortDescription()}.
  *
  * <p>
diff --git a/core/src/main/java/hudson/cli/declarative/CLIResolver.java b/core/src/main/java/hudson/cli/declarative/CLIResolver.java
index 2b31b47f27..5c4b93444e 100644
--- a/core/src/main/java/hudson/cli/declarative/CLIResolver.java
+++ b/core/src/main/java/hudson/cli/declarative/CLIResolver.java
@@ -40,12 +40,12 @@ import java.lang.annotation.Target;
  * <p>
  * Hudson uses the return type of the resolver method
  * to pick the resolver method to use, of all the resolver methods it discovers. That is,
- * if Hudson is looking to find an instance of type <tt>T</tt> for the current command, it first
- * looks for the resolver method whose return type is <tt>T</tt>, then it checks for the base type of <tt>T</tt>,
+ * if Hudson is looking to find an instance of type {@code T} for the current command, it first
+ * looks for the resolver method whose return type is {@code T}, then it checks for the base type of {@code T},
  * and so on.
  *
  * <p>
- * If the chosen resolver method is an instance method on type <tt>S</tt>, the "parent resolver" is then
+ * If the chosen resolver method is an instance method on type {@code S}, the "parent resolver" is then
  * located to resolve an instance of type 'S'. This process repeats until a static resolver method is discovered
  * (since most of Hudson's model objects are anchored to the root {@link jenkins.model.Jenkins} object, normally that would become
  * the top-most resolver method.)
diff --git a/core/src/main/java/hudson/cli/handlers/ViewOptionHandler.java b/core/src/main/java/hudson/cli/handlers/ViewOptionHandler.java
index e1888db0e1..6107855812 100644
--- a/core/src/main/java/hudson/cli/handlers/ViewOptionHandler.java
+++ b/core/src/main/java/hudson/cli/handlers/ViewOptionHandler.java
@@ -48,7 +48,7 @@ import javax.annotation.CheckForNull;
  * For example:
  * <dl>
  *   <dt>my_view_name</dt><dd>refers to a top level view with given name.</dd>
- *   <dt>nested/inner</dt><dd>refers to a view named <tt>inner</tt> inside of a top level view group named <tt>nested</tt>.</dd>
+ *   <dt>nested/inner</dt><dd>refers to a view named {@code inner} inside of a top level view group named {@code nested}.</dd>
  * </dl>
  *
  * <p>
diff --git a/core/src/main/java/hudson/console/ConsoleAnnotatorFactory.java b/core/src/main/java/hudson/console/ConsoleAnnotatorFactory.java
index f71b25e53e..f9feac4a95 100644
--- a/core/src/main/java/hudson/console/ConsoleAnnotatorFactory.java
+++ b/core/src/main/java/hudson/console/ConsoleAnnotatorFactory.java
@@ -58,7 +58,7 @@ import java.net.URL;
  *
  * <h2>Behaviour, JavaScript, and CSS</h2>
  * <p>
- * {@link ConsoleNote} can have associated <tt>script.js</tt> and <tt>style.css</tt> (put them
+ * {@link ConsoleNote} can have associated {@code script.js} and {@code style.css} (put them
  * in the same resource directory that you normally put Jelly scripts), which will be loaded into
  * the HTML page whenever the console notes are used. This allows you to use minimal markup in
  * code generation, and do the styling in CSS and perform the rest of the interesting work as a CSS behaviour/JavaScript.
diff --git a/core/src/main/java/hudson/console/ConsoleNote.java b/core/src/main/java/hudson/console/ConsoleNote.java
index 165e6d9ae7..a572a966b6 100644
--- a/core/src/main/java/hudson/console/ConsoleNote.java
+++ b/core/src/main/java/hudson/console/ConsoleNote.java
@@ -109,7 +109,7 @@ import org.jenkinsci.remoting.util.AnonymousClassWarnings;
  *
  * <h2>Behaviour, JavaScript, and CSS</h2>
  * <p>
- * {@link ConsoleNote} can have associated <tt>script.js</tt> and <tt>style.css</tt> (put them
+ * {@link ConsoleNote} can have associated {@code script.js} and {@code style.css} (put them
  * in the same resource directory that you normally put Jelly scripts), which will be loaded into
  * the HTML page whenever the console notes are used. This allows you to use minimal markup in
  * code generation, and do the styling in CSS and perform the rest of the interesting work as a CSS behaviour/JavaScript.
diff --git a/core/src/main/java/hudson/diagnosis/HudsonHomeDiskUsageChecker.java b/core/src/main/java/hudson/diagnosis/HudsonHomeDiskUsageChecker.java
index 3d842e1d79..56eaf7d941 100644
--- a/core/src/main/java/hudson/diagnosis/HudsonHomeDiskUsageChecker.java
+++ b/core/src/main/java/hudson/diagnosis/HudsonHomeDiskUsageChecker.java
@@ -31,7 +31,7 @@ import org.jenkinsci.Symbol;
 import java.util.logging.Logger;
 
 /**
- * Periodically checks the disk usage of <tt>JENKINS_HOME</tt>,
+ * Periodically checks the disk usage of {@code JENKINS_HOME},
  * and activate {@link HudsonHomeDiskUsageMonitor} if necessary.
  *
  * @author Kohsuke Kawaguchi
diff --git a/core/src/main/java/hudson/diagnosis/HudsonHomeDiskUsageMonitor.java b/core/src/main/java/hudson/diagnosis/HudsonHomeDiskUsageMonitor.java
index 337f739dcb..177141f746 100644
--- a/core/src/main/java/hudson/diagnosis/HudsonHomeDiskUsageMonitor.java
+++ b/core/src/main/java/hudson/diagnosis/HudsonHomeDiskUsageMonitor.java
@@ -38,7 +38,7 @@ import java.io.IOException;
 import java.util.List;
 
 /**
- * Monitors the disk usage of <tt>JENKINS_HOME</tt>, and if it's almost filled up, warn the user.
+ * Monitors the disk usage of {@code JENKINS_HOME}, and if it's almost filled up, warn the user.
  *
  * @author Kohsuke Kawaguchi
  */
diff --git a/core/src/main/java/hudson/init/Initializer.java b/core/src/main/java/hudson/init/Initializer.java
index d41f45da52..d24a412ae8 100644
--- a/core/src/main/java/hudson/init/Initializer.java
+++ b/core/src/main/java/hudson/init/Initializer.java
@@ -92,7 +92,7 @@ public @interface Initializer {
     String[] attains() default {};
 
     /**
-     * Key in <tt>Messages.properties</tt> that represents what this task is about. Used for rendering the progress.
+     * Key in {@code Messages.properties} that represents what this task is about. Used for rendering the progress.
      * Defaults to "${short class name}.${method Name}".
      */
     String displayName() default "";
diff --git a/core/src/main/java/hudson/init/Terminator.java b/core/src/main/java/hudson/init/Terminator.java
index 3e1155babd..24bc781fb1 100644
--- a/core/src/main/java/hudson/init/Terminator.java
+++ b/core/src/main/java/hudson/init/Terminator.java
@@ -52,7 +52,7 @@ public @interface Terminator {
     String[] attains() default {};
 
     /**
-     * Key in <tt>Messages.properties</tt> that represents what this task is about. Used for rendering the progress.
+     * Key in {@code Messages.properties} that represents what this task is about. Used for rendering the progress.
      * Defaults to "${short class name}.${method Name}".
      */
     String displayName() default "";
diff --git a/core/src/main/java/hudson/init/package-info.java b/core/src/main/java/hudson/init/package-info.java
index 9833d2090e..5f66063ca3 100644
--- a/core/src/main/java/hudson/init/package-info.java
+++ b/core/src/main/java/hudson/init/package-info.java
@@ -33,7 +33,7 @@
  *
  * <p>
  * Such micro-scopic dependencies are organized into a bigger directed acyclic graph, which is then executed
- * via <tt>Session</tt>. During execution of the reactor, additional tasks can be discovered and added to
+ * via {@code Session}. During execution of the reactor, additional tasks can be discovered and added to
  * the DAG. We use this additional indirection to:
  *
  * <ol>
diff --git a/core/src/main/java/hudson/lifecycle/Lifecycle.java b/core/src/main/java/hudson/lifecycle/Lifecycle.java
index 34915da0de..4c52cdd878 100644
--- a/core/src/main/java/hudson/lifecycle/Lifecycle.java
+++ b/core/src/main/java/hudson/lifecycle/Lifecycle.java
@@ -112,7 +112,7 @@ public abstract class Lifecycle implements ExtensionPoint {
     }
 
     /**
-     * If the location of <tt>jenkins.war</tt> is known in this life cycle,
+     * If the location of {@code jenkins.war} is known in this life cycle,
      * return it location. Otherwise return null to indicate that it is unknown.
      *
      * <p>
@@ -131,7 +131,7 @@ public abstract class Lifecycle implements ExtensionPoint {
      *
      * <p>
      * On some system, most notably Windows, a file being in use cannot be changed,
-     * so rewriting <tt>jenkins.war</tt> requires some special trick. Override this method
+     * so rewriting {@code jenkins.war} requires some special trick. Override this method
      * to do so.
      */
     public void rewriteHudsonWar(File by) throws IOException {
diff --git a/core/src/main/java/hudson/lifecycle/WindowsServiceLifecycle.java b/core/src/main/java/hudson/lifecycle/WindowsServiceLifecycle.java
index 42519eb21b..ad3940b4a4 100644
--- a/core/src/main/java/hudson/lifecycle/WindowsServiceLifecycle.java
+++ b/core/src/main/java/hudson/lifecycle/WindowsServiceLifecycle.java
@@ -54,7 +54,7 @@ public class WindowsServiceLifecycle extends Lifecycle {
     }
 
     /**
-     * If <tt>jenkins.exe</tt> is old compared to our copy,
+     * If {@code jenkins.exe} is old compared to our copy,
      * schedule an overwrite (except that since it's currently running,
      * we can only do it when Jenkins restarts next time.)
      */
diff --git a/core/src/main/java/hudson/markup/MarkupFormatter.java b/core/src/main/java/hudson/markup/MarkupFormatter.java
index d722fb6aa2..be8004136a 100644
--- a/core/src/main/java/hudson/markup/MarkupFormatter.java
+++ b/core/src/main/java/hudson/markup/MarkupFormatter.java
@@ -51,7 +51,7 @@ import org.kohsuke.stapler.QueryParameter;
  *   
  * <h2>Views</h2>
  * <p>
- * This extension point must have a valid <tt>config.jelly</tt> that feeds the constructor.
+ * This extension point must have a valid {@code config.jelly} that feeds the constructor.
  *
  * TODO: allow {@link MarkupFormatter} to control the UI that the user uses to edit.
  *
diff --git a/core/src/main/java/hudson/model/AbstractBuild.java b/core/src/main/java/hudson/model/AbstractBuild.java
index 0f49ac47f3..2268f3dd99 100644
--- a/core/src/main/java/hudson/model/AbstractBuild.java
+++ b/core/src/main/java/hudson/model/AbstractBuild.java
@@ -297,7 +297,7 @@ public abstract class AbstractBuild<P extends AbstractProject<P,R>,R extends Abs
     /**
      * Returns the root directory of the checked-out module.
      * <p>
-     * This is usually where <tt>pom.xml</tt>, <tt>build.xml</tt>
+     * This is usually where {@code pom.xml}, {@code build.xml}
      * and so on exists.
      */
     public final FilePath getModuleRoot() {
diff --git a/core/src/main/java/hudson/model/AbstractItem.java b/core/src/main/java/hudson/model/AbstractItem.java
index 23f1ccb270..aced1805e5 100644
--- a/core/src/main/java/hudson/model/AbstractItem.java
+++ b/core/src/main/java/hudson/model/AbstractItem.java
@@ -790,7 +790,7 @@ public abstract class AbstractItem extends Actionable implements Item, HttpDelet
     }
 
     /**
-     * Accepts <tt>config.xml</tt> submission, as well as serve it.
+     * Accepts {@code config.xml} submission, as well as serve it.
      */
     @WebMethod(name = "config.xml")
     public void doConfigDotXml(StaplerRequest req, StaplerResponse rsp)
diff --git a/core/src/main/java/hudson/model/AbstractProject.java b/core/src/main/java/hudson/model/AbstractProject.java
index 1cb3fcfbc7..3b60e86185 100644
--- a/core/src/main/java/hudson/model/AbstractProject.java
+++ b/core/src/main/java/hudson/model/AbstractProject.java
@@ -573,7 +573,7 @@ public abstract class AbstractProject<P extends AbstractProject<P,R>,R extends A
     /**
      * Returns the root directory of the checked-out module.
      * <p>
-     * This is usually where <tt>pom.xml</tt>, <tt>build.xml</tt>
+     * This is usually where {@code pom.xml}, {@code build.xml}
      * and so on exists.
      *
      * @deprecated as of 1.319
@@ -642,7 +642,7 @@ public abstract class AbstractProject<P extends AbstractProject<P,R>,R extends A
     }
 
     /**
-     * Used in <tt>sidepanel.jelly</tt> to decide whether to display
+     * Used in {@code sidepanel.jelly} to decide whether to display
      * the config/delete/build links.
      */
     public boolean isConfigurable() {
@@ -751,7 +751,7 @@ public abstract class AbstractProject<P extends AbstractProject<P,R>,R extends A
      * Returns the live list of all {@link Publisher}s configured for this project.
      *
      * <p>
-     * This method couldn't be called <tt>getPublishers()</tt> because existing methods
+     * This method couldn't be called {@code getPublishers()} because existing methods
      * in sub-classes return different inconsistent types.
      */
     public abstract DescribableList<Publisher,Descriptor<Publisher>> getPublishersList();
diff --git a/core/src/main/java/hudson/model/Action.java b/core/src/main/java/hudson/model/Action.java
index ac7be33a60..72d2f84e06 100644
--- a/core/src/main/java/hudson/model/Action.java
+++ b/core/src/main/java/hudson/model/Action.java
@@ -38,12 +38,12 @@ import javax.annotation.CheckForNull;
  *
  * <p>
  * Some actions use the latter without the former (for example, to add a link to an external website),
- * while others do the former without the latter (for example, to just draw some graphs in <tt>floatingBox.jelly</tt>),
+ * while others do the former without the latter (for example, to just draw some graphs in {@code floatingBox.jelly}),
  * and still some others do both.
  *
  * <h2>Views</h2>
  * <p>
- * If an action has a view named <tt>floatingBox.jelly</tt>,
+ * If an action has a view named {@code floatingBox.jelly},
  * it will be displayed as a floating box on the top page of
  * the target {@link ModelObject}. (For example, this is how
  * the JUnit test result trend shows up in the project top page.
@@ -82,7 +82,7 @@ public interface Action extends ModelObject {
      *
      * @return
      *      If just a file name (like "abc.gif") is returned, it will be
-     *      interpreted as a file name inside <tt>/images/24x24</tt>.
+     *      interpreted as a file name inside {@code /images/24x24}.
      *      This is useful for using one of the stock images.
      *      <p>
      *      If an absolute file name that starts from '/' is returned (like
@@ -91,7 +91,7 @@ public interface Action extends ModelObject {
      *      image files from a plugin.
      *      <p>
      *      Finally, return null to hide it from the task list. This is normally not very useful,
-     *      but this can be used for actions that only contribute <tt>floatBox.jelly</tt>
+     *      but this can be used for actions that only contribute {@code floatBox.jelly}
      *      and no task list item. The other case where this is useful is
      *      to avoid showing links that require a privilege when the user is anonymous.
      * @see Functions#isAnonymous()
diff --git a/core/src/main/java/hudson/model/AdministrativeMonitor.java b/core/src/main/java/hudson/model/AdministrativeMonitor.java
index 537f6d092c..ce81dd56aa 100644
--- a/core/src/main/java/hudson/model/AdministrativeMonitor.java
+++ b/core/src/main/java/hudson/model/AdministrativeMonitor.java
@@ -65,9 +65,9 @@ import org.kohsuke.stapler.interceptor.RequirePOST;
  * <dl>
  * <dt>message.jelly</dt>
  * <dd>
- * If {@link #isActivated()} returns true, Jenkins will use the <tt>message.jelly</tt>
+ * If {@link #isActivated()} returns true, Jenkins will use the {@code message.jelly}
  * view of this object to render the warning text. This happens in the
- * <tt>http://SERVER/jenkins/manage</tt> page. This view should typically render
+ * {@code http://SERVER/jenkins/manage} page. This view should typically render
  * a DIV box with class='error' or class='warning' with a human-readable text
  * inside it. It often also contains a link to a page that provides more details
  * about the problem.
diff --git a/core/src/main/java/hudson/model/Api.java b/core/src/main/java/hudson/model/Api.java
index eef109f92f..b3ce84dfff 100644
--- a/core/src/main/java/hudson/model/Api.java
+++ b/core/src/main/java/hudson/model/Api.java
@@ -60,7 +60,7 @@ import org.kohsuke.accmod.restrictions.NoExternalUse;
  * Used to expose remote access API for ".../api/"
  *
  * <p>
- * If the parent object has a <tt>_api.jelly</tt> view, it will be included
+ * If the parent object has a {@code _api.jelly} view, it will be included
  * in the api index page.
  *
  * @author Kohsuke Kawaguchi
diff --git a/core/src/main/java/hudson/model/BuildBadgeAction.java b/core/src/main/java/hudson/model/BuildBadgeAction.java
index fe35eddd60..3a673f9558 100644
--- a/core/src/main/java/hudson/model/BuildBadgeAction.java
+++ b/core/src/main/java/hudson/model/BuildBadgeAction.java
@@ -32,7 +32,7 @@ package hudson.model;
  * with {@link Run}. 
  *
  * <p>
- * Actions with this marker should have a view <tt>badge.jelly</tt>,
+ * Actions with this marker should have a view {@code badge.jelly},
  * which will be called to render the badges. The expected visual appearance
  * of a badge is a 16x16 icon.
  *
diff --git a/core/src/main/java/hudson/model/Computer.java b/core/src/main/java/hudson/model/Computer.java
index 924aa27ff2..641d82fc27 100644
--- a/core/src/main/java/hudson/model/Computer.java
+++ b/core/src/main/java/hudson/model/Computer.java
@@ -1493,7 +1493,7 @@ public /*transient*/ abstract class Computer extends Actionable implements Acces
     }
 
     /**
-     * Accepts <tt>config.xml</tt> submission, as well as serve it.
+     * Accepts {@code config.xml} submission, as well as serve it.
      */
     @WebMethod(name = "config.xml")
     public void doConfigDotXml(StaplerRequest req, StaplerResponse rsp)
diff --git a/core/src/main/java/hudson/model/Descriptor.java b/core/src/main/java/hudson/model/Descriptor.java
index f8e4c2cfeb..d51edc0c39 100644
--- a/core/src/main/java/hudson/model/Descriptor.java
+++ b/core/src/main/java/hudson/model/Descriptor.java
@@ -538,7 +538,7 @@ public abstract class Descriptor<T extends Describable<T>> implements Saveable,
      * Creates a configured instance from the submitted form.
      *
      * <p>
-     * Hudson only invokes this method when the user wants an instance of <tt>T</tt>.
+     * Hudson only invokes this method when the user wants an instance of {@code T}.
      * So there's no need to check that in the implementation.
      *
      * <p>
@@ -714,9 +714,9 @@ public abstract class Descriptor<T extends Describable<T>> implements Saveable,
      *
      * <p>
      * This value is relative to the context root of Hudson, so normally
-     * the values are something like <tt>"/plugin/emma/help.html"</tt> to
-     * refer to static resource files in a plugin, or <tt>"/publisher/EmmaPublisher/abc"</tt>
-     * to refer to Jelly script <tt>abc.jelly</tt> or a method <tt>EmmaPublisher.doAbc()</tt>.
+     * the values are something like {@code "/plugin/emma/help.html"} to
+     * refer to static resource files in a plugin, or {@code "/publisher/EmmaPublisher/abc"}
+     * to refer to Jelly script {@code abc.jelly} or a method {@code EmmaPublisher.doAbc()}.
      *
      * @return
      *      null to indicate that there's no help.
@@ -915,7 +915,7 @@ public abstract class Descriptor<T extends Describable<T>> implements Saveable,
     }
 
     /**
-     * Serves <tt>help.html</tt> from the resource of {@link #clazz}.
+     * Serves {@code help.html} from the resource of {@link #clazz}.
      */
     public void doHelp(StaplerRequest req, StaplerResponse rsp) throws IOException, ServletException {
         String path = req.getRestOfPath();
diff --git a/core/src/main/java/hudson/model/Job.java b/core/src/main/java/hudson/model/Job.java
index 91f7b17d61..4b149034bd 100644
--- a/core/src/main/java/hudson/model/Job.java
+++ b/core/src/main/java/hudson/model/Job.java
@@ -811,7 +811,7 @@ public abstract class Job<JobT extends Job<JobT, RunT>, RunT extends Run<JobT, R
     }
 
     /**
-     * Gets the youngest build #m that satisfies <tt>n&lt;=m</tt>.
+     * Gets the youngest build #m that satisfies {@code n&lt;=m}.
      * 
      * This is useful when you'd like to fetch a build but the exact build might
      * be already gone (deleted, rotated, etc.)
@@ -826,7 +826,7 @@ public abstract class Job<JobT extends Job<JobT, RunT>, RunT extends Run<JobT, R
     }
 
     /**
-     * Gets the latest build #m that satisfies <tt>m&lt;=n</tt>.
+     * Gets the latest build #m that satisfies {@code m&lt;=n}.
      * 
      * This is useful when you'd like to fetch a build but the exact build might
      * be already gone (deleted, rotated, etc.)
diff --git a/core/src/main/java/hudson/model/JobProperty.java b/core/src/main/java/hudson/model/JobProperty.java
index 2c982286e4..a16c685ec7 100644
--- a/core/src/main/java/hudson/model/JobProperty.java
+++ b/core/src/main/java/hudson/model/JobProperty.java
@@ -53,9 +53,9 @@ import javax.annotation.Nonnull;
  * configuration screen, and they are persisted with the job object.
  *
  * <p>
- * Configuration screen should be defined in <tt>config.jelly</tt>.
+ * Configuration screen should be defined in {@code config.jelly}.
  * Within this page, the {@link JobProperty} instance is available
- * as <tt>instance</tt> variable (while <tt>it</tt> refers to {@link Job}.
+ * as {@code instance} variable (while {@code it} refers to {@link Job}.
  *
  * <p>
  * Starting 1.150, {@link JobProperty} implements {@link BuildStep},
diff --git a/core/src/main/java/hudson/model/ManagementLink.java b/core/src/main/java/hudson/model/ManagementLink.java
index 041fda35d0..00d6871097 100644
--- a/core/src/main/java/hudson/model/ManagementLink.java
+++ b/core/src/main/java/hudson/model/ManagementLink.java
@@ -37,7 +37,7 @@ import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
 
 /**
- * Extension point to add icon to <tt>http://server/hudson/manage</tt> page.
+ * Extension point to add icon to {@code http://server/hudson/manage} page.
  *
  * <p>
  * This is a place for exposing features that are only meant for system admins
diff --git a/core/src/main/java/hudson/model/ModelObject.java b/core/src/main/java/hudson/model/ModelObject.java
index 5467b2a7a7..166a2cbcf2 100644
--- a/core/src/main/java/hudson/model/ModelObject.java
+++ b/core/src/main/java/hudson/model/ModelObject.java
@@ -27,7 +27,7 @@ package hudson.model;
  * A model object has a human readable name.
  *
  * And it normally has URL, but this interface doesn't define one.
- * (Since there're so many classes that define the <tt>getUrl</tt> method
+ * (Since there're so many classes that define the {@code getUrl} method
  * we should have such one.)
  *
  * @author Kohsuke Kawaguchi
diff --git a/core/src/main/java/hudson/model/ParameterDefinition.java b/core/src/main/java/hudson/model/ParameterDefinition.java
index fa08b2f0f2..d535a90a05 100644
--- a/core/src/main/java/hudson/model/ParameterDefinition.java
+++ b/core/src/main/java/hudson/model/ParameterDefinition.java
@@ -75,18 +75,18 @@ import org.kohsuke.stapler.export.ExportedBean;
  *
  * <h2>Persistence</h2>
  * <p>
- * Instances of {@link ParameterDefinition}s are persisted into job <tt>config.xml</tt>
+ * Instances of {@link ParameterDefinition}s are persisted into job {@code config.xml}
  * through XStream.
  *
  *
  * <h2>Associated Views</h2>
  * <h3>config.jelly</h3>
- * {@link ParameterDefinition} class uses <tt>config.jelly</tt> to contribute a form
+ * {@link ParameterDefinition} class uses {@code config.jelly} to contribute a form
  * fragment in the job configuration screen. Values entered there are fed back to
  * {@link ParameterDescriptor#newInstance(StaplerRequest, JSONObject)} to create {@link ParameterDefinition}s.
  *
  * <h3>index.jelly</h3>
- * The <tt>index.jelly</tt> view contributes a form fragment in the page where the user
+ * The {@code index.jelly} view contributes a form fragment in the page where the user
  * enters actual values of parameters for a build. The result of this form submission
  * is then fed to {@link ParameterDefinition#createValue(StaplerRequest, JSONObject)} to
  * create {@link ParameterValue}s.
diff --git a/core/src/main/java/hudson/model/ParameterValue.java b/core/src/main/java/hudson/model/ParameterValue.java
index 6cd1f46a19..64fc925a8e 100644
--- a/core/src/main/java/hudson/model/ParameterValue.java
+++ b/core/src/main/java/hudson/model/ParameterValue.java
@@ -56,12 +56,12 @@ import org.kohsuke.stapler.export.ExportedBean;
  *
  * <h2>Persistence</h2>
  * <p>
- * Instances of {@link ParameterValue}s are persisted into build's <tt>build.xml</tt>
+ * Instances of {@link ParameterValue}s are persisted into build's {@code build.xml}
  * through XStream (via {@link ParametersAction}), so instances need to be persistable.
  *
  * <h2>Associated Views</h2>
  * <h3>value.jelly</h3>
- * The <tt>value.jelly</tt> view contributes a UI fragment to display the parameter
+ * The {@code value.jelly} view contributes a UI fragment to display the parameter
  * values used for a build.
  *
  * <h2>Notes</h2>
diff --git a/core/src/main/java/hudson/model/ParametersDefinitionProperty.java b/core/src/main/java/hudson/model/ParametersDefinitionProperty.java
index 8ecb52bf2f..1fa26ed372 100644
--- a/core/src/main/java/hudson/model/ParametersDefinitionProperty.java
+++ b/core/src/main/java/hudson/model/ParametersDefinitionProperty.java
@@ -59,7 +59,7 @@ import org.kohsuke.stapler.export.ExportedBean;
  * Keeps a list of the parameters defined for a project.
  *
  * <p>
- * This class also implements {@link Action} so that <tt>index.jelly</tt> provides
+ * This class also implements {@link Action} so that {@code index.jelly} provides
  * a form to enter build parameters.
  * <p>The owning job needs a {@code sidepanel.jelly} and should have web methods delegating to {@link ParameterizedJobMixIn#doBuild} and {@link ParameterizedJobMixIn#doBuildWithParameters}.
  * The builds also need a {@code sidepanel.jelly}.
diff --git a/core/src/main/java/hudson/model/Queue.java b/core/src/main/java/hudson/model/Queue.java
index 121e3e6f30..01a43ea299 100644
--- a/core/src/main/java/hudson/model/Queue.java
+++ b/core/src/main/java/hudson/model/Queue.java
@@ -2004,7 +2004,7 @@ public class Queue extends ResourceController implements Saveable {
      *
      * <h2>Views</h2>
      * <p>
-     * Implementation must have <tt>executorCell.jelly</tt>, which is
+     * Implementation must have {@code executorCell.jelly}, which is
      * used to render the HTML that indicates this executable is executing.
      */
     public interface Executable extends Runnable {
@@ -3036,7 +3036,7 @@ public class Queue extends ResourceController implements Saveable {
     }
 
     /**
-     * Schedule <tt>Queue.save()</tt> call for near future once items change. Ignore all changes until the time the save
+     * Schedule {@code Queue.save()} call for near future once items change. Ignore all changes until the time the save
      * takes place.
      *
      * Once queue is restored after a crash, items stages might not be accurate until the next #maintain() - this is not
diff --git a/core/src/main/java/hudson/model/Run.java b/core/src/main/java/hudson/model/Run.java
index ffceeebfb7..3fc6905f50 100644
--- a/core/src/main/java/hudson/model/Run.java
+++ b/core/src/main/java/hudson/model/Run.java
@@ -1471,7 +1471,7 @@ public abstract class Run <JobT extends Job<JobT,RunT>,RunT extends Run<JobT,Run
     }
 
     /**
-     * Used from <tt>console.jelly</tt> to write annotated log to the given output.
+     * Used from {@code console.jelly} to write annotated log to the given output.
      *
      * @since 1.349
      */
diff --git a/core/src/main/java/hudson/model/Slave.java b/core/src/main/java/hudson/model/Slave.java
index c3a497f9a1..41763646b5 100644
--- a/core/src/main/java/hudson/model/Slave.java
+++ b/core/src/main/java/hudson/model/Slave.java
@@ -84,7 +84,7 @@ import org.kohsuke.stapler.StaplerResponse;
  * Information about a Hudson agent node.
  *
  * <p>
- * Ideally this would have been in the <tt>hudson.slaves</tt> package,
+ * Ideally this would have been in the {@code hudson.slaves} package,
  * but for compatibility reasons, it can't.
  *
  * <p>
diff --git a/core/src/main/java/hudson/model/TopLevelItemDescriptor.java b/core/src/main/java/hudson/model/TopLevelItemDescriptor.java
index ff5101faa8..91488a22cc 100644
--- a/core/src/main/java/hudson/model/TopLevelItemDescriptor.java
+++ b/core/src/main/java/hudson/model/TopLevelItemDescriptor.java
@@ -125,7 +125,7 @@ public abstract class TopLevelItemDescriptor extends Descriptor<TopLevelItem> im
      *
      * <p>
      * Used as the caption when the user chooses what item type to create.
-     * The descriptor implementation also needs to have <tt>newInstanceDetail.jelly</tt>
+     * The descriptor implementation also needs to have {@code newInstanceDetail.jelly}
      * script, which will be used to render the text below the caption
      * that explains the item type.
      */
diff --git a/core/src/main/java/hudson/model/UpdateCenter.java b/core/src/main/java/hudson/model/UpdateCenter.java
index d457bd4ba2..dc43a4ef90 100644
--- a/core/src/main/java/hudson/model/UpdateCenter.java
+++ b/core/src/main/java/hudson/model/UpdateCenter.java
@@ -574,7 +574,7 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
     }
 
     /**
-     * Gets the {@link UpdateSite} from which we receive updates for <tt>jenkins.war</tt>.
+     * Gets the {@link UpdateSite} from which we receive updates for {@code jenkins.war}.
      *
      * @return
      *      {@code null} if no such update center is provided.
@@ -1218,8 +1218,8 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
          *
          * @deprecated as of 1.333
          *      With the introduction of multiple update center capability, this information
-         *      is now a part of the <tt>update-center.json</tt> file. See
-         *      <tt>http://jenkins-ci.org/update-center.json</tt> as an example.
+         *      is now a part of the {@code update-center.json} file. See
+         *      {@code http://jenkins-ci.org/update-center.json} as an example.
          */
         @Deprecated
         public String getConnectionCheckUrl() {
@@ -1245,7 +1245,7 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
          * Returns the URL of the server that hosts plugins and core updates.
          *
          * @deprecated as of 1.333
-         *      <tt>update-center.json</tt> is now signed, so we don't have to further make sure that
+         *      {@code update-center.json} is now signed, so we don't have to further make sure that
          *      we aren't downloading from anywhere unsecure.
          */
         @Deprecated
@@ -1279,7 +1279,7 @@ public class UpdateCenter extends AbstractModelObject implements Saveable, OnMas
     /**
      * Things that {@link UpdateCenter#installerService} executes.
      *
-     * This object will have the <tt>row.jelly</tt> which renders the job on UI.
+     * This object will have the {@code row.jelly} which renders the job on UI.
      */
     @ExportedBean
     public abstract class UpdateCenterJob implements Runnable {
diff --git a/core/src/main/java/hudson/model/UpdateSite.java b/core/src/main/java/hudson/model/UpdateSite.java
index 0a27890a12..10ccfb1508 100644
--- a/core/src/main/java/hudson/model/UpdateSite.java
+++ b/core/src/main/java/hudson/model/UpdateSite.java
@@ -131,7 +131,7 @@ public class UpdateSite {
     private final String id;
 
     /**
-     * Path to <tt>update-center.json</tt>, like <tt>http://jenkins-ci.org/update-center.json</tt>.
+     * Path to {@code update-center.json}, like {@code http://jenkins-ci.org/update-center.json}.
      */
     private final String url;
 
diff --git a/core/src/main/java/hudson/model/UserProperty.java b/core/src/main/java/hudson/model/UserProperty.java
index 48198a28eb..ec02b1211b 100644
--- a/core/src/main/java/hudson/model/UserProperty.java
+++ b/core/src/main/java/hudson/model/UserProperty.java
@@ -41,10 +41,10 @@ import org.kohsuke.stapler.export.ExportedBean;
  * configuration screen, and they are persisted with the user object.
  *
  * <p>
- * Configuration screen should be defined in <tt>config.jelly</tt>.
+ * Configuration screen should be defined in {@code config.jelly}.
  * Within this page, the {@link UserProperty} instance is available
- * as <tt>instance</tt> variable (while <tt>it</tt> refers to {@link User}.
- * See {@link hudson.search.UserSearchProperty}'s <tt>config.jelly</tt> for an example.
+ * as {@code instance} variable (while {@code it} refers to {@link User}.
+ * See {@link hudson.search.UserSearchProperty}'s {@code config.jelly} for an example.
  * <p>A property may also define a {@code summary.jelly} view to show in the main user screen.
  *
  * @author Kohsuke Kawaguchi
diff --git a/core/src/main/java/hudson/model/View.java b/core/src/main/java/hudson/model/View.java
index 50228d0647..cc75811fa1 100644
--- a/core/src/main/java/hudson/model/View.java
+++ b/core/src/main/java/hudson/model/View.java
@@ -134,7 +134,7 @@ import org.xml.sax.SAXException;
  * <h2>Note for implementers</h2>
  * <ul>
  * <li>
- * {@link View} subtypes need the <tt>newViewDetail.jelly</tt> page,
+ * {@link View} subtypes need the {@code newViewDetail.jelly} page,
  * which is included in the "new view" page. This page should have some
  * description of what the view is about. 
  * </ul>
@@ -1154,7 +1154,7 @@ public abstract class View extends AbstractModelObject implements AccessControll
     }
 
     /**
-     * Accepts <tt>config.xml</tt> submission, as well as serve it.
+     * Accepts {@code config.xml} submission, as well as serve it.
      */
     @WebMethod(name = "config.xml")
     public HttpResponse doConfigDotXml(StaplerRequest req) throws IOException {
@@ -1367,7 +1367,7 @@ public abstract class View extends AbstractModelObject implements AccessControll
     /**
      * Instantiate View subtype from XML stream.
      *
-     * @param name Alternative name to use or <tt>null</tt> to keep the one in xml.
+     * @param name Alternative name to use or {@code null} to keep the one in xml.
      */
     public static View createViewFromXML(String name, InputStream xml) throws IOException {
 
diff --git a/core/src/main/java/hudson/model/queue/CauseOfBlockage.java b/core/src/main/java/hudson/model/queue/CauseOfBlockage.java
index e5ba863597..beb76b824a 100644
--- a/core/src/main/java/hudson/model/queue/CauseOfBlockage.java
+++ b/core/src/main/java/hudson/model/queue/CauseOfBlockage.java
@@ -19,7 +19,7 @@ import org.jvnet.localizer.Localizable;
  * has expanded beyond queues.
  *
  * <h2>View</h2>
- * <tt>summary.jelly</tt> should do one-line HTML rendering to be used showing the cause
+ * {@code summary.jelly} should do one-line HTML rendering to be used showing the cause
  * to the user. By default it simply renders {@link #getShortDescription()} text.
  *
  * <p>
diff --git a/core/src/main/java/hudson/node_monitors/AbstractAsyncNodeMonitorDescriptor.java b/core/src/main/java/hudson/node_monitors/AbstractAsyncNodeMonitorDescriptor.java
index 05eed5fc24..e35ae80a7e 100644
--- a/core/src/main/java/hudson/node_monitors/AbstractAsyncNodeMonitorDescriptor.java
+++ b/core/src/main/java/hudson/node_monitors/AbstractAsyncNodeMonitorDescriptor.java
@@ -134,16 +134,16 @@ public abstract class AbstractAsyncNodeMonitorDescriptor<T> extends AbstractNode
      * returned in the future.
      *
      * The {@link #getMonitoringData()} provides the results of the monitoring as {@link #monitor()} does. Note the value
-     * in the map can be <tt>null</tt> for several reasons:
+     * in the map can be {@code null} for several reasons:
      * <ul>
-     *     <li>The monitoring {@link Callable} returned <tt>null</tt> as a provisioning result.</li>
+     *     <li>The monitoring {@link Callable} returned {@code null} as a provisioning result.</li>
      *     <li>Creating or evaluating that callable has thrown an exception.</li>
      *     <li>The computer was not monitored as it was offline.</li>
      *     <li>The {@link AbstractAsyncNodeMonitorDescriptor#createCallable} has returned null.</li>
      * </ul>
      *
      * Clients can distinguishing among these states based on the additional data attached to this object. {@link #getSkipped()}
-     * returns computers that was not monitored as they ware either offline or monitor produced <tt>null</tt> {@link Callable}.
+     * returns computers that was not monitored as they ware either offline or monitor produced {@code null} {@link Callable}.
      */
     protected static final class Result<T> {
         private static final long serialVersionUID = -7671448355804481216L;
diff --git a/core/src/main/java/hudson/node_monitors/NodeMonitor.java b/core/src/main/java/hudson/node_monitors/NodeMonitor.java
index 17ddf7343e..665b9cafe6 100644
--- a/core/src/main/java/hudson/node_monitors/NodeMonitor.java
+++ b/core/src/main/java/hudson/node_monitors/NodeMonitor.java
@@ -48,7 +48,7 @@ import org.kohsuke.stapler.export.ExportedBean;
  * <dl>
  * <dt>column.jelly</dt>
  * <dd>
- * Invoked from {@link ComputerSet} <tt>index.jelly</tt> to render a column.
+ * Invoked from {@link ComputerSet} {@code index.jelly} to render a column.
  * The {@link NodeMonitor} instance is accessible through the "from" variable.
  * Also see {@link #getColumnCaption()}.
  *
diff --git a/core/src/main/java/hudson/scheduler/RareOrImpossibleDateException.java b/core/src/main/java/hudson/scheduler/RareOrImpossibleDateException.java
index 7f2cf4e2cf..bd4d4831b7 100644
--- a/core/src/main/java/hudson/scheduler/RareOrImpossibleDateException.java
+++ b/core/src/main/java/hudson/scheduler/RareOrImpossibleDateException.java
@@ -35,7 +35,7 @@ import java.util.Calendar;
  * <p>This can typically have a few different reasons:</p>
  *
  * <ul>
- *   <li>The date is impossible. For example, June 31 does never happen, so <tt>0 0 31 6 *</tt> will never happen</li>
+ *   <li>The date is impossible. For example, June 31 does never happen, so {@code 0 0 31 6 *} will never happen</li>
  *   <li>The date happens only rarely
  *     <ul>
  *       <li>February 29 being the obvious one</li>
diff --git a/core/src/main/java/hudson/scm/AbstractScmTagAction.java b/core/src/main/java/hudson/scm/AbstractScmTagAction.java
index c098427ac6..a86ba18382 100644
--- a/core/src/main/java/hudson/scm/AbstractScmTagAction.java
+++ b/core/src/main/java/hudson/scm/AbstractScmTagAction.java
@@ -37,11 +37,11 @@ import java.io.IOException;
 import jenkins.model.RunAction2;
 
 /**
- * Common part of <tt>CVSSCM.TagAction</tt> and <tt>SubversionTagAction</tt>.
+ * Common part of {@code CVSSCM.TagAction} and {@code SubversionTagAction}.
  *
  * <p>
  * This class implements the action that tags the modules. Derived classes
- * need to provide <tt>tagForm.jelly</tt> view that displays a form for
+ * need to provide {@code tagForm.jelly} view that displays a form for
  * letting user start tagging.
  *
  * @author Kohsuke Kawaguchi
diff --git a/core/src/main/java/hudson/scm/SCM.java b/core/src/main/java/hudson/scm/SCM.java
index 2b1e94bb11..b49f3f10fb 100644
--- a/core/src/main/java/hudson/scm/SCM.java
+++ b/core/src/main/java/hudson/scm/SCM.java
@@ -572,7 +572,7 @@ public abstract class SCM implements Describable<SCM>, ExtensionPoint {
      * <p>
      * Many builders, like Ant or Maven, works off the specific user file
      * at the top of the checked out module (in the above case, that would
-     * be <tt>xyz/build.xml</tt>), yet the builder doesn't know the "xyz"
+     * be {@code xyz/build.xml}), yet the builder doesn't know the "xyz"
      * part; that comes from SCM.
      *
      * <p>
@@ -678,7 +678,7 @@ public abstract class SCM implements Describable<SCM>, ExtensionPoint {
     }
 
     /**
-     * The returned object will be used to parse <tt>changelog.xml</tt>.
+     * The returned object will be used to parse {@code changelog.xml}.
      */
     public abstract ChangeLogParser createChangeLogParser();
 
diff --git a/core/src/main/java/hudson/search/Search.java b/core/src/main/java/hudson/search/Search.java
index 41d359765a..769aab3963 100644
--- a/core/src/main/java/hudson/search/Search.java
+++ b/core/src/main/java/hudson/search/Search.java
@@ -334,7 +334,7 @@ public class Search implements StaplerProxy {
         public int length() { return tokens.length; }
 
         /**
-         * Returns {@link List} such that its <tt>get(end)</tt>
+         * Returns {@link List} such that its {@code get(end)}
          * returns the concatenation of [token_start,...,token_end]
          * (both end inclusive.)
          */
diff --git a/core/src/main/java/hudson/security/AuthenticationProcessingFilter2.java b/core/src/main/java/hudson/security/AuthenticationProcessingFilter2.java
index bda002cf10..1199e303ef 100644
--- a/core/src/main/java/hudson/security/AuthenticationProcessingFilter2.java
+++ b/core/src/main/java/hudson/security/AuthenticationProcessingFilter2.java
@@ -39,7 +39,7 @@ import org.acegisecurity.ui.webapp.AuthenticationProcessingFilter;
 
 /**
  * {@link AuthenticationProcessingFilter} with a change for Jenkins so that
- * we can pick up the hidden "from" form field defined in <tt>login.jelly</tt>
+ * we can pick up the hidden "from" form field defined in {@code login.jelly}
  * to send the user back to where he came from, after a successful authentication.
  * 
  * @author Kohsuke Kawaguchi
diff --git a/core/src/main/java/hudson/security/BasicAuthenticationFilter.java b/core/src/main/java/hudson/security/BasicAuthenticationFilter.java
index ae186b8dd3..737108560b 100644
--- a/core/src/main/java/hudson/security/BasicAuthenticationFilter.java
+++ b/core/src/main/java/hudson/security/BasicAuthenticationFilter.java
@@ -58,14 +58,14 @@ import java.net.URLEncoder;
  *
  * <p>
  * When an HTTP request arrives with an HTTP basic auth header, this filter detects
- * that and emulate an invocation of <tt>/j_security_check</tt>
+ * that and emulate an invocation of {@code /j_security_check}
  * (see <a href="http://mail-archives.apache.org/mod_mbox/tomcat-users/200105.mbox/%3C9005C0C9C85BD31181B20060085DAC8B10C8EF@tuvi.andmevara.ee%3E">this page</a> for the original technique.)
  *
  * <p>
  * This causes the container to perform authentication, but there's no way
  * to find out whether the user has been successfully authenticated or not.
  * So to find this out, we then redirect the user to
- * {@link jenkins.model.Jenkins#doSecured(StaplerRequest, StaplerResponse) <tt>/secured/...</tt> page}.
+ * {@link jenkins.model.Jenkins#doSecured(StaplerRequest, StaplerResponse) {@code /secured/...} page}.
  *
  * <p>
  * The handler of the above URL checks if the user is authenticated,
@@ -79,7 +79,7 @@ import java.net.URLEncoder;
  * <h2>Notes</h2>
  * <ul>
  * <li>
- * The technique of getting a request dispatcher for <tt>/j_security_check</tt> may not
+ * The technique of getting a request dispatcher for {@code /j_security_check} may not
  * work for all containers, but so far that seems like the only way to make this work.
  * <li>
  * This A → B → A redirect is a cyclic redirection, so we need to watch out for clients
diff --git a/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java b/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
index cf6c94e085..d012529e93 100644
--- a/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
+++ b/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
@@ -730,7 +730,7 @@ public class HudsonPrivateSecurityRealm extends AbstractPasswordBasedSecurityRea
      *
      * <p>
      * The salt is prepended to the hashed password and returned. So the encoded password is of the form
-     * <tt>SALT ':' hash(PASSWORD,SALT)</tt>.
+     * {@code SALT ':' hash(PASSWORD,SALT)}.
      *
      * <p>
      * This abbreviates the need to store the salt separately, which in turn allows us to hide the salt handling
diff --git a/core/src/main/java/hudson/security/SecurityRealm.java b/core/src/main/java/hudson/security/SecurityRealm.java
index 5a8325b242..90d60b7deb 100644
--- a/core/src/main/java/hudson/security/SecurityRealm.java
+++ b/core/src/main/java/hudson/security/SecurityRealm.java
@@ -75,7 +75,7 @@ import java.util.logging.Logger;
  *
  * <p>
  * If additional views/URLs need to be exposed,
- * an active {@link SecurityRealm} is bound to <tt>CONTEXT_ROOT/securityRealm/</tt>
+ * an active {@link SecurityRealm} is bound to {@code CONTEXT_ROOT/securityRealm/}
  * through {@link jenkins.model.Jenkins#getSecurityRealm()}, so you can define additional pages and
  * operations on your {@link SecurityRealm}.
  *
@@ -143,7 +143,7 @@ public abstract class SecurityRealm extends AbstractDescribableImpl<SecurityReal
      * {@link AuthenticationManager} instantiation often depends on the user-specified parameters
      * (for example, if the authentication is based on LDAP, the user needs to specify
      * the host name of the LDAP server.) Such configuration is expected to be
-     * presented to the user via <tt>config.jelly</tt> and then
+     * presented to the user via {@code config.jelly} and then
      * captured as instance variables inside the {@link SecurityRealm} implementation.
      *
      * <p>
@@ -205,8 +205,8 @@ public abstract class SecurityRealm extends AbstractDescribableImpl<SecurityReal
      *
      * <p>
      * {@link SecurityRealm} is a singleton resource in Hudson, and therefore
-     * it's always configured through <tt>config.jelly</tt> and never with
-     * <tt>global.jelly</tt>. 
+     * it's always configured through {@code config.jelly} and never with
+     * {@code global.jelly}.
      */
     @Override
     public Descriptor<SecurityRealm> getDescriptor() {
@@ -225,7 +225,7 @@ public abstract class SecurityRealm extends AbstractDescribableImpl<SecurityReal
      * Gets the target URL of the "login" link.
      * There's no need to override this, except for {@link LegacySecurityRealm}.
      * On legacy implementation this should point to {@code loginEntry}, which
-     * is protected by <tt>web.xml</tt>, so that the user can be eventually authenticated
+     * is protected by {@code web.xml}, so that the user can be eventually authenticated
      * by the container.
      *
      * <p>
@@ -315,12 +315,12 @@ public abstract class SecurityRealm extends AbstractDescribableImpl<SecurityReal
 
     /**
      * Returns true if this {@link SecurityRealm} allows online sign-up.
-     * This creates a hyperlink that redirects users to <tt>CONTEXT_ROOT/signUp</tt>,
-     * which will be served by the <tt>signup.jelly</tt> view of this class.
+     * This creates a hyperlink that redirects users to {@code CONTEXT_ROOT/signUp},
+     * which will be served by the {@code signup.jelly} view of this class.
      *
      * <p>
      * If the implementation needs to redirect the user to a different URL
-     * for signing up, use the following jelly script as <tt>signup.jelly</tt>
+     * for signing up, use the following jelly script as {@code signup.jelly}
      *
      * <pre>{@code <xmp>
      * <st:redirect url="http://www.sun.com/" xmlns:st="jelly:stapler"/>
diff --git a/core/src/main/java/hudson/security/captcha/CaptchaSupport.java b/core/src/main/java/hudson/security/captcha/CaptchaSupport.java
index d5edf95663..fb39e26e59 100644
--- a/core/src/main/java/hudson/security/captcha/CaptchaSupport.java
+++ b/core/src/main/java/hudson/security/captcha/CaptchaSupport.java
@@ -38,7 +38,7 @@ import jenkins.model.Jenkins;
  * Extension point for adding Captcha Support to User Registration Page {@link CaptchaSupport}.
  *
  * <p>
- * This object can have an optional <tt>config.jelly</tt> to configure the Captcha Support
+ * This object can have an optional {@code config.jelly} to configure the Captcha Support
  * <p>
  * A default constructor is needed to create CaptchaSupport in
  * the default configuration.
diff --git a/core/src/main/java/hudson/slaves/Cloud.java b/core/src/main/java/hudson/slaves/Cloud.java
index e436441abe..d9cc5f2039 100644
--- a/core/src/main/java/hudson/slaves/Cloud.java
+++ b/core/src/main/java/hudson/slaves/Cloud.java
@@ -67,7 +67,7 @@ import java.util.concurrent.Future;
  * <p>
  * To do this, have your {@link Slave} subtype remember the necessary handle (such as EC2 instance ID)
  * as a field. Such fields need to survive the user-initiated re-configuration of {@link Slave}, so you'll need to
- * expose it in your {@link Slave} <tt>configure-entries.jelly</tt> and read it back in through {@link DataBoundConstructor}.
+ * expose it in your {@link Slave} {@code configure-entries.jelly} and read it back in through {@link DataBoundConstructor}.
  *
  * <p>
  * You then implement your own {@link Computer} subtype, override {@link Slave#createComputer()}, and instantiate
@@ -80,9 +80,9 @@ import java.util.concurrent.Future;
  *
  * <h3>Views</h3>
  *
- * Since version 2.64, Jenkins clouds are visualized in UI. Implementations can provide <tt>top</tt> or <tt>main</tt> view
- * to be presented at the top of the page or at the bottom respectively. In the middle, actions have their <tt>summary</tt>
- * views displayed. Actions further contribute to <tt>sidepanel</tt> with <tt>box</tt> views. All mentioned views are
+ * Since version 2.64, Jenkins clouds are visualized in UI. Implementations can provide {@code top} or {@code main} view
+ * to be presented at the top of the page or at the bottom respectively. In the middle, actions have their {@code summary}
+ * views displayed. Actions further contribute to {@code sidepanel} with {@code box} views. All mentioned views are
  * optional to preserve backward compatibility.
  *
  * @author Kohsuke Kawaguchi
diff --git a/core/src/main/java/hudson/slaves/NodeDescriptor.java b/core/src/main/java/hudson/slaves/NodeDescriptor.java
index 6f06289c38..5262ece687 100644
--- a/core/src/main/java/hudson/slaves/NodeDescriptor.java
+++ b/core/src/main/java/hudson/slaves/NodeDescriptor.java
@@ -50,8 +50,8 @@ import javax.servlet.ServletException;
  *
  * <h2>Views</h2>
  * <p>
- * This object needs to have <tt>newInstanceDetail.jelly</tt> view, which shows up in
- * <tt>http://server/hudson/computers/new</tt> page as an explanation of this job type.
+ * This object needs to have {@code newInstanceDetail.jelly} view, which shows up in
+ * {@code http://server/hudson/computers/new} page as an explanation of this job type.
  *
  * <h2>Other Implementation Notes</h2>
  *
diff --git a/core/src/main/java/hudson/slaves/OfflineCause.java b/core/src/main/java/hudson/slaves/OfflineCause.java
index 7c5c77861f..a158ce2b8c 100644
--- a/core/src/main/java/hudson/slaves/OfflineCause.java
+++ b/core/src/main/java/hudson/slaves/OfflineCause.java
@@ -44,7 +44,7 @@ import java.util.Date;
  *
  * <h2>Views</h2>
  * <p>
- * {@link OfflineCause} must have <tt>cause.jelly</tt> that renders a cause
+ * {@link OfflineCause} must have {@code cause.jelly} that renders a cause
  * into HTML. This is used to tell users why the node is put offline.
  * This view should render a block element like DIV.
  *
diff --git a/core/src/main/java/hudson/slaves/SlaveComputer.java b/core/src/main/java/hudson/slaves/SlaveComputer.java
index 029892a2f4..950c6b68aa 100644
--- a/core/src/main/java/hudson/slaves/SlaveComputer.java
+++ b/core/src/main/java/hudson/slaves/SlaveComputer.java
@@ -408,7 +408,7 @@ public class SlaveComputer extends Computer {
      *      Stream connected to the remote peer. It's the caller's responsibility to do
      *      buffering on this stream, if that's necessary.
      * @param launchLog
-     *      If non-null, receive the portion of data in <tt>is</tt> before
+     *      If non-null, receive the portion of data in {@code is} before
      *      the data goes into the "binary mode". This is useful
      *      when the established communication channel might include some data that might
      *      be useful for debugging/trouble-shooting.
diff --git a/core/src/main/java/hudson/tasks/BuildStep.java b/core/src/main/java/hudson/tasks/BuildStep.java
index 16f0c0268c..ad81455335 100644
--- a/core/src/main/java/hudson/tasks/BuildStep.java
+++ b/core/src/main/java/hudson/tasks/BuildStep.java
@@ -65,7 +65,7 @@ import jenkins.model.Jenkins;
  * So generally speaking, derived classes should use instance variables
  * only for keeping configuration. You can still store objects you use
  * for processing, like a parser of some sort, but they need to be marked
- * as <tt>transient</tt>, and the code needs to be aware that they might
+ * as {@code transient}, and the code needs to be aware that they might
  * be null (which is the case when you access the field for the first time
  * the object is restored.)
  *
@@ -145,7 +145,7 @@ public interface BuildStep {
      * it owns when the rendering is requested.
      *
      * <p>
-     * This action can have optional <tt>jobMain.jelly</tt> view, which will be
+     * This action can have optional {@code jobMain.jelly} view, which will be
      * aggregated into the main panel of the job top page. The jelly file
      * should have an {@code <h2>} tag that shows the section title, followed by some
      * block elements to render the details of the section.
diff --git a/core/src/main/java/hudson/tasks/Maven.java b/core/src/main/java/hudson/tasks/Maven.java
index ac36f7fcde..5bccbfe785 100644
--- a/core/src/main/java/hudson/tasks/Maven.java
+++ b/core/src/main/java/hudson/tasks/Maven.java
@@ -246,7 +246,7 @@ public class Maven extends Builder {
     }
 
     /**
-     * Looks for <tt>pom.xlm</tt> or <tt>project.xml</tt> to determine the maven executable
+     * Looks for {@code pom.xlm} or {@code project.xml} to determine the maven executable
      * name.
      */
     private static final class DecideDefaultMavenCommand extends MasterToSlaveFileCallable<String> {
@@ -779,7 +779,7 @@ public class Maven extends Builder {
          * If the Maven installation can not be uniquely determined,
          * it's often better to return just one of them, rather than returning
          * null, since this method is currently ultimately only used to
-         * decide where to parse <tt>conf/settings.xml</tt> from.
+         * decide where to parse {@code conf/settings.xml} from.
          */
         MavenInstallation inferMavenInstallation();
     }
diff --git a/core/src/main/java/hudson/tools/DownloadFromUrlInstaller.java b/core/src/main/java/hudson/tools/DownloadFromUrlInstaller.java
index e60facbf68..c421b041a9 100644
--- a/core/src/main/java/hudson/tools/DownloadFromUrlInstaller.java
+++ b/core/src/main/java/hudson/tools/DownloadFromUrlInstaller.java
@@ -108,7 +108,7 @@ public abstract class DownloadFromUrlInstaller extends ToolInstaller {
      *
      * @return
      *      Return the real top directory inside {@code root} that contains the meat. In the above example,
-     *      <tt>root.child("jakarta-ant")</tt> should be returned. If there's no directory to pull up,
+     *      {@code root.child("jakarta-ant")} should be returned. If there's no directory to pull up,
      *      return null. 
      */
     protected FilePath findPullUpDirectory(FilePath root) throws IOException, InterruptedException {
diff --git a/core/src/main/java/hudson/triggers/SCMTrigger.java b/core/src/main/java/hudson/triggers/SCMTrigger.java
index c5bb275863..e45aa979c1 100644
--- a/core/src/main/java/hudson/triggers/SCMTrigger.java
+++ b/core/src/main/java/hudson/triggers/SCMTrigger.java
@@ -471,7 +471,7 @@ public class SCMTrigger extends Trigger<Item> {
         }
         
         /**
-         * Used from <tt>polling.jelly</tt> to write annotated polling log to the given output.
+         * Used from {@code polling.jelly} to write annotated polling log to the given output.
          */
         public void writePollingLogTo(long offset, XMLOutput out) throws IOException {
             // TODO: resurrect compressed log file support
diff --git a/core/src/main/java/hudson/util/ArgumentListBuilder.java b/core/src/main/java/hudson/util/ArgumentListBuilder.java
index 4388a7abb4..acc86c16d3 100644
--- a/core/src/main/java/hudson/util/ArgumentListBuilder.java
+++ b/core/src/main/java/hudson/util/ArgumentListBuilder.java
@@ -165,7 +165,7 @@ public class ArgumentListBuilder implements Serializable, Cloneable {
     /**
      * Adds key value pairs as "-Dkey=value -Dkey=value ..."
      *
-     * <tt>-D</tt> portion is configurable as the 'prefix' parameter.
+     * {@code -D} portion is configurable as the 'prefix' parameter.
      * @since 1.114
      */
     public ArgumentListBuilder addKeyValuePairs(String prefix, Map<String,String> props) {
diff --git a/core/src/main/java/hudson/util/DoubleLaunchChecker.java b/core/src/main/java/hudson/util/DoubleLaunchChecker.java
index 8bbcdcab08..6fff568d04 100644
--- a/core/src/main/java/hudson/util/DoubleLaunchChecker.java
+++ b/core/src/main/java/hudson/util/DoubleLaunchChecker.java
@@ -47,7 +47,7 @@ import java.lang.management.ManagementFactory;
 import java.lang.reflect.Method;
 
 /**
- * Makes sure that no other Hudson uses our <tt>JENKINS_HOME</tt> directory,
+ * Makes sure that no other Hudson uses our {@code JENKINS_HOME} directory,
  * to forestall the problem of running multiple instances of Hudson that point to the same data directory.
  *
  * <p>
diff --git a/core/src/main/java/hudson/util/ErrorObject.java b/core/src/main/java/hudson/util/ErrorObject.java
index def3df9adb..5d4a859357 100644
--- a/core/src/main/java/hudson/util/ErrorObject.java
+++ b/core/src/main/java/hudson/util/ErrorObject.java
@@ -35,7 +35,7 @@ import java.io.IOException;
  * Basis for error model objects.
  *
  * This implementation serves error pages for any requests under its domain. Subclasses are responsible for providing
- * <tt>index</tt> view.
+ * {@code index} view.
  *
  * @author Kohsuke Kawaguchi
  */
diff --git a/core/src/main/java/hudson/util/FormFieldValidator.java b/core/src/main/java/hudson/util/FormFieldValidator.java
index 47ba955121..0595afa4a6 100644
--- a/core/src/main/java/hudson/util/FormFieldValidator.java
+++ b/core/src/main/java/hudson/util/FormFieldValidator.java
@@ -170,8 +170,8 @@ public abstract class FormFieldValidator {
      * Sends out a string error message that indicates an error.
      *
      * @param message
-     *      Human readable message to be sent. <tt>error(null)</tt>
-     *      can be used as <tt>ok()</tt>.
+     *      Human readable message to be sent. {@code error(null)}
+     *      can be used as {@code ok()}.
      */
     public void error(String message) throws IOException, ServletException {
         errorWithMarkup(message==null?null:Util.escape(message));
@@ -209,8 +209,8 @@ public abstract class FormFieldValidator {
      * attack.
      *
      * @param message
-     *      Human readable message to be sent. <tt>error(null)</tt>
-     *      can be used as <tt>ok()</tt>.
+     *      Human readable message to be sent. {@code error(null)}
+     *      can be used as {@code ok()}.
      */
     public void errorWithMarkup(String message) throws IOException, ServletException {
         _errorWithMarkup(message,"error");
diff --git a/core/src/main/java/hudson/util/FormFillFailure.java b/core/src/main/java/hudson/util/FormFillFailure.java
index 8fcf650b7f..16b8e6435a 100644
--- a/core/src/main/java/hudson/util/FormFillFailure.java
+++ b/core/src/main/java/hudson/util/FormFillFailure.java
@@ -40,7 +40,7 @@ import org.kohsuke.stapler.StaplerResponse;
  * Represents a failure in a form field doFillXYZ method.
  *
  * <p>
- * Use one of the factory methods to create an instance, then throw it from your <tt>doFillXyz</tt>
+ * Use one of the factory methods to create an instance, then throw it from your {@code doFillXyz}
  * method.
  *
  * @since 2.50
@@ -117,8 +117,8 @@ public abstract class FormFillFailure extends IOException implements HttpRespons
      * This method must be used with care to avoid cross-site scripting
      * attack.
      *
-     * @param message Human readable message to be sent. <tt>error(null)</tt>
-     *                can be used as <tt>ok()</tt>.
+     * @param message Human readable message to be sent. {@code error(null)}
+     *                can be used as {@code ok()}.
      */
     public static FormFillFailure errorWithMarkup(String message) {
         return _errorWithMarkup(message, FormValidation.Kind.ERROR);
diff --git a/core/src/main/java/hudson/util/FormValidation.java b/core/src/main/java/hudson/util/FormValidation.java
index 3009e16253..90748cf224 100644
--- a/core/src/main/java/hudson/util/FormValidation.java
+++ b/core/src/main/java/hudson/util/FormValidation.java
@@ -66,7 +66,7 @@ import static hudson.Util.*;
  * Represents the result of the form field validation.
  *
  * <p>
- * Use one of the factory methods to create an instance, then return it from your <tt>doCheckXyz</tt>
+ * Use one of the factory methods to create an instance, then return it from your {@code doCheckXyz}
  * method. (Via {@link HttpResponse}, the returned object will render the result into {@link StaplerResponse}.)
  * This way of designing form field validation allows you to reuse {@code doCheckXyz()} methods
  * programmatically as well (by using {@link #kind}.
@@ -77,7 +77,7 @@ import static hudson.Util.*;
  * that you may be able to reuse.
  *
  * <p>
- * Also see <tt>doCheckCvsRoot</tt> in <tt>CVSSCM</tt> as an example.
+ * Also see {@code doCheckCvsRoot} in {@code CVSSCM} as an example.
  *
  * <p>
  * This class extends {@link IOException} so that it can be thrown from a method. This allows one to reuse
@@ -136,8 +136,8 @@ public abstract class FormValidation extends IOException implements HttpResponse
      * Sends out a string error message that indicates an error.
      *
      * @param message
-     *      Human readable message to be sent. <tt>error(null)</tt>
-     *      can be used as <tt>ok()</tt>.
+     *      Human readable message to be sent. {@code error(null)}
+     *      can be used as {@code ok()}.
      */
     public static FormValidation error(String message) {
         return errorWithMarkup(message==null?null: Util.escape(message));
@@ -245,8 +245,8 @@ public abstract class FormValidation extends IOException implements HttpResponse
      * attack.
      *
      * @param message
-     *      Human readable message to be sent. <tt>error(null)</tt>
-     *      can be used as <tt>ok()</tt>.
+     *      Human readable message to be sent. {@code error(null)}
+     *      can be used as {@code ok()}.
      */
     public static FormValidation errorWithMarkup(String message) {
         return _errorWithMarkup(message,Kind.ERROR);
diff --git a/core/src/main/java/hudson/util/Function1.java b/core/src/main/java/hudson/util/Function1.java
index c200c28c3a..aa7535d590 100644
--- a/core/src/main/java/hudson/util/Function1.java
+++ b/core/src/main/java/hudson/util/Function1.java
@@ -24,7 +24,7 @@
 package hudson.util;
 
 /**
- * Unary function <tt>y=f(x)</tt>.
+ * Unary function {@code y=f(x)}.
  * 
  * @author Kohsuke Kawaguchi
  */
diff --git a/core/src/main/java/hudson/util/HudsonFailedToLoad.java b/core/src/main/java/hudson/util/HudsonFailedToLoad.java
index 72ad0a4f9c..8347c7a1cf 100644
--- a/core/src/main/java/hudson/util/HudsonFailedToLoad.java
+++ b/core/src/main/java/hudson/util/HudsonFailedToLoad.java
@@ -30,7 +30,7 @@ import org.kohsuke.accmod.restrictions.NoExternalUse;
  * Model object used to display the generic error when Jenkins start up fails fatally during initialization.
  *
  * <p>
- * <tt>index.jelly</tt> would display a nice friendly error page.
+ * {@code index.jelly} would display a nice friendly error page.
  *
  * @author Kohsuke Kawaguchi
  */
diff --git a/core/src/main/java/hudson/util/IncompatibleAntVersionDetected.java b/core/src/main/java/hudson/util/IncompatibleAntVersionDetected.java
index 1a89b82e6f..c3d34afd4e 100644
--- a/core/src/main/java/hudson/util/IncompatibleAntVersionDetected.java
+++ b/core/src/main/java/hudson/util/IncompatibleAntVersionDetected.java
@@ -33,7 +33,7 @@ import java.net.URL;
  * we find out that the container is picking up its own Ant and that's not 1.7.
  *
  * <p>
- * <tt>index.jelly</tt> would display a nice friendly error page.
+ * {@code index.jelly} would display a nice friendly error page.
  *
  * @author Kohsuke Kawaguchi
  */
diff --git a/core/src/main/java/hudson/util/IncompatibleServletVersionDetected.java b/core/src/main/java/hudson/util/IncompatibleServletVersionDetected.java
index 92d17d185d..f2e4931d6a 100644
--- a/core/src/main/java/hudson/util/IncompatibleServletVersionDetected.java
+++ b/core/src/main/java/hudson/util/IncompatibleServletVersionDetected.java
@@ -33,7 +33,7 @@ import java.net.URL;
  * we find out that the container doesn't support servlet 2.4.
  *
  * <p>
- * <tt>index.jelly</tt> would display a nice friendly error page.
+ * {@code index.jelly} would display a nice friendly error page.
  *
  * @author Kohsuke Kawaguchi
  */
diff --git a/core/src/main/java/hudson/util/IncompatibleVMDetected.java b/core/src/main/java/hudson/util/IncompatibleVMDetected.java
index ae690c162b..651e5b1249 100644
--- a/core/src/main/java/hudson/util/IncompatibleVMDetected.java
+++ b/core/src/main/java/hudson/util/IncompatibleVMDetected.java
@@ -30,7 +30,7 @@ import java.util.Map;
  * we find out that XStream is running in pure-java mode.
  *
  * <p>
- * <tt>index.jelly</tt> would display a nice friendly error page.
+ * {@code index.jelly} would display a nice friendly error page.
  *
  * @author Kohsuke Kawaguchi
  */
diff --git a/core/src/main/java/hudson/util/InsufficientPermissionDetected.java b/core/src/main/java/hudson/util/InsufficientPermissionDetected.java
index 739e930bb9..57aea00f22 100644
--- a/core/src/main/java/hudson/util/InsufficientPermissionDetected.java
+++ b/core/src/main/java/hudson/util/InsufficientPermissionDetected.java
@@ -31,7 +31,7 @@ import org.kohsuke.accmod.restrictions.NoExternalUse;
  * we find that we don't have enough permissions to run.
  *
  * <p>
- * <tt>index.jelly</tt> would display a nice friendly error page.
+ * {@code index.jelly} would display a nice friendly error page.
  *
  * @author Kohsuke Kawaguchi
  */
diff --git a/core/src/main/java/hudson/util/KeyedDataStorage.java b/core/src/main/java/hudson/util/KeyedDataStorage.java
index 49a220b1b2..1834439455 100644
--- a/core/src/main/java/hudson/util/KeyedDataStorage.java
+++ b/core/src/main/java/hudson/util/KeyedDataStorage.java
@@ -254,7 +254,7 @@ public abstract class KeyedDataStorage<T,P> {
      * Among cache misses, number of times when we had {@link SoftReference}
      * but lost its value due to GC.
      *
-     * <tt>totalQuery-cacheHit-weakRefLost</tt> means cache miss.
+     * {@code totalQuery-cacheHit-weakRefLost} means cache miss.
      */
     public final AtomicInteger weakRefLost = new AtomicInteger();
     /**
diff --git a/core/src/main/java/hudson/util/LineEndNormalizingWriter.java b/core/src/main/java/hudson/util/LineEndNormalizingWriter.java
index 2a0edee1d0..480f71d459 100644
--- a/core/src/main/java/hudson/util/LineEndNormalizingWriter.java
+++ b/core/src/main/java/hudson/util/LineEndNormalizingWriter.java
@@ -31,7 +31,7 @@ import java.io.IOException;
  * Finds the lone LF and converts that to CR+LF.
  *
  * <p>
- * Internet Explorer's <tt>XmlHttpRequest.responseText</tt> seems to
+ * Internet Explorer's {@code XmlHttpRequest.responseText} seems to
  * normalize the line end, and if we only send LF without CR, it will
  * not recognize that as a new line. To work around this problem,
  * we use this filter to always convert LF to CR+LF.
diff --git a/core/src/main/java/hudson/util/ListBoxModel.java b/core/src/main/java/hudson/util/ListBoxModel.java
index 63d7ee7795..fc717cc7ef 100644
--- a/core/src/main/java/hudson/util/ListBoxModel.java
+++ b/core/src/main/java/hudson/util/ListBoxModel.java
@@ -62,7 +62,7 @@ import java.util.Collection;
  *
  * <p>
  * Other parts of the HTML can initiate the SELECT element update by using the "updateListBox"
- * function, defined in <tt>hudson-behavior.js</tt>. The following example does it
+ * function, defined in {@code hudson-behavior.js}. The following example does it
  * when the value of the textbox changes:
  *
  * <pre>{@code <xmp>
@@ -70,11 +70,11 @@ import java.util.Collection;
  * </xmp>}</pre>
  *
  * <p>
- * The first argument is the SELECT element or the ID of it (see Prototype.js <tt>$(...)</tt> function.)
+ * The first argument is the SELECT element or the ID of it (see Prototype.js {@code $(...)} function.)
  * The second argument is the URL that returns the options list.
  *
  * <p>
- * The URL usually maps to the <tt>doXXX</tt> method on the server, which uses {@link ListBoxModel}
+ * The URL usually maps to the {@code doXXX} method on the server, which uses {@link ListBoxModel}
  * for producing option values. See the following example:
  *
  * <pre>
diff --git a/core/src/main/java/hudson/util/NoHomeDir.java b/core/src/main/java/hudson/util/NoHomeDir.java
index cae6089554..c3d15ea367 100644
--- a/core/src/main/java/hudson/util/NoHomeDir.java
+++ b/core/src/main/java/hudson/util/NoHomeDir.java
@@ -30,7 +30,7 @@ import java.io.File;
  * we couldn't create the home directory.
  *
  * <p>
- * <tt>index.jelly</tt> would display a nice friendly error page.
+ * {@code index.jelly} would display a nice friendly error page.
  *
  * @author Kohsuke Kawaguchi
  */
diff --git a/core/src/main/java/hudson/util/NoTempDir.java b/core/src/main/java/hudson/util/NoTempDir.java
index 10cfceb5ac..2e6209463d 100644
--- a/core/src/main/java/hudson/util/NoTempDir.java
+++ b/core/src/main/java/hudson/util/NoTempDir.java
@@ -33,7 +33,7 @@ import java.io.IOException;
  * there appears to be no temporary directory.
  *
  * <p>
- * <tt>index.jelly</tt> would display a nice friendly error page.
+ * {@code index.jelly} would display a nice friendly error page.
  *
  * @author Kohsuke Kawaguchi
  */
diff --git a/core/src/main/java/hudson/util/ProcessTree.java b/core/src/main/java/hudson/util/ProcessTree.java
index 843653f72d..a7b400d5d1 100644
--- a/core/src/main/java/hudson/util/ProcessTree.java
+++ b/core/src/main/java/hudson/util/ProcessTree.java
@@ -969,7 +969,7 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
     }
 
     /**
-     * Implementation for Solaris that uses <tt>/proc</tt>.
+     * Implementation for Solaris that uses {@code /proc}.
      *
      * /proc/PID/psinfo contains a psinfo_t struct. We use it to determine where the
      *     process arguments and environment are located in PID's address space.
diff --git a/core/src/main/java/hudson/util/Service.java b/core/src/main/java/hudson/util/Service.java
index a979324f33..9d33249909 100644
--- a/core/src/main/java/hudson/util/Service.java
+++ b/core/src/main/java/hudson/util/Service.java
@@ -37,7 +37,7 @@ import java.util.logging.Logger;
 import static java.util.logging.Level.WARNING;
 
 /**
- * Load classes by looking up <tt>META-INF/services</tt>.
+ * Load classes by looking up {@code META-INF/services}.
  *
  * @author Kohsuke Kawaguchi
  * @deprecated use {@link ServiceLoader} instead.
@@ -76,7 +76,7 @@ public class Service {
     }
 
     /**
-     * Look up <tt>META-INF/service/<i>SPICLASSNAME</i></tt> from the classloader
+     * Look up {@code META-INF/service/<i>SPICLASSNAME</i>} from the classloader
      * and all the discovered classes into the given collection.
      */
     public static <T> void load(Class<T> spi, ClassLoader cl, Collection<Class<? extends T>> result) {
diff --git a/core/src/main/java/hudson/util/TimeUnit2.java b/core/src/main/java/hudson/util/TimeUnit2.java
index 36b465764d..d2aa5eb3fd 100644
--- a/core/src/main/java/hudson/util/TimeUnit2.java
+++ b/core/src/main/java/hudson/util/TimeUnit2.java
@@ -36,10 +36,10 @@ import org.kohsuke.accmod.restrictions.NoExternalUse;
 import java.util.concurrent.TimeUnit;
 
 /**
- * A <tt>TimeUnit</tt> represents time durations at a given unit of
+ * A {@code TimeUnit} represents time durations at a given unit of
  * granularity and provides utility methods to convert across units,
  * and to perform timing and delay operations in these units.  A
- * <tt>TimeUnit</tt> does not maintain time information, but only
+ * {@code TimeUnit} does not maintain time information, but only
  * helps organize and use time representations that may be maintained
  * separately across various contexts.  A nanosecond is defined as one
  * thousandth of a microsecond, a microsecond as one thousandth of a
@@ -47,7 +47,7 @@ import java.util.concurrent.TimeUnit;
  * as sixty seconds, an hour as sixty minutes, and a day as twenty four
  * hours.
  *
- * <p>A <tt>TimeUnit</tt> is mainly used to inform time-based methods
+ * <p>A {@code TimeUnit} is mainly used to inform time-based methods
  * how a given timing parameter should be interpreted. For example,
  * the following code will timeout in 50 milliseconds if the {@link
  * java.util.concurrent.locks.Lock lock} is not available:
@@ -63,7 +63,7 @@ import java.util.concurrent.TimeUnit;
  *
  * Note however, that there is no guarantee that a particular timeout
  * implementation will be able to notice the passage of time at the
- * same granularity as the given <tt>TimeUnit</tt>.
+ * same granularity as the given {@code TimeUnit}.
  *
  * @author Doug Lea
  * @deprecated use {@link TimeUnit}. (Java 5 did not have all the units required, so {@link TimeUnit2} was introduced
@@ -188,20 +188,20 @@ public enum TimeUnit2 {
      * Convert the given time duration in the given unit to this
      * unit.  Conversions from finer to coarser granularities
      * truncate, so lose precision. For example converting
-     * <tt>999</tt> milliseconds to seconds results in
-     * <tt>0</tt>. Conversions from coarser to finer granularities
+     * {@code 999} milliseconds to seconds results in
+     * {@code 0}. Conversions from coarser to finer granularities
      * with arguments that would numerically overflow saturate to
-     * <tt>Long.MIN_VALUE</tt> if negative or <tt>Long.MAX_VALUE</tt>
+     * {@code Long.MIN_VALUE} if negative or {@code Long.MAX_VALUE}
      * if positive.
      *
      * <p>For example, to convert 10 minutes to milliseconds, use:
-     * <tt>TimeUnit.MILLISECONDS.convert(10L, TimeUnit.MINUTES)</tt>
+     * {@code TimeUnit.MILLISECONDS.convert(10L, TimeUnit.MINUTES)}
      *
-     * @param sourceDuration the time duration in the given <tt>sourceUnit</tt>
-     * @param sourceUnit the unit of the <tt>sourceDuration</tt> argument
+     * @param sourceDuration the time duration in the given {@code sourceUnit}
+     * @param sourceUnit the unit of the {@code sourceDuration} argument
      * @return the converted duration in this unit,
-     * or <tt>Long.MIN_VALUE</tt> if conversion would negatively
-     * overflow, or <tt>Long.MAX_VALUE</tt> if it would positively overflow.
+     * or {@code Long.MIN_VALUE} if conversion would negatively
+     * overflow, or {@code Long.MAX_VALUE} if it would positively overflow.
      */
     public long convert(long sourceDuration, TimeUnit2 sourceUnit) {
         throw new AbstractMethodError();
@@ -211,31 +211,31 @@ public enum TimeUnit2 {
      * Convert the given time duration in the given unit to this
      * unit.  Conversions from finer to coarser granularities
      * truncate, so lose precision. For example converting
-     * <tt>999</tt> milliseconds to seconds results in
-     * <tt>0</tt>. Conversions from coarser to finer granularities
+     * {@code 999} milliseconds to seconds results in
+     * {@code 0}. Conversions from coarser to finer granularities
      * with arguments that would numerically overflow saturate to
-     * <tt>Long.MIN_VALUE</tt> if negative or <tt>Long.MAX_VALUE</tt>
+     * {@code Long.MIN_VALUE} if negative or {@code Long.MAX_VALUE}
      * if positive.
      *
      * <p>For example, to convert 10 minutes to milliseconds, use:
-     * <tt>TimeUnit.MILLISECONDS.convert(10L, TimeUnit.MINUTES)</tt>
+     * {@code TimeUnit.MILLISECONDS.convert(10L, TimeUnit.MINUTES)}
      *
-     * @param sourceDuration the time duration in the given <tt>sourceUnit</tt>
-     * @param sourceUnit the unit of the <tt>sourceDuration</tt> argument
+     * @param sourceDuration the time duration in the given {@code sourceUnit}
+     * @param sourceUnit the unit of the {@code sourceDuration} argument
      * @return the converted duration in this unit,
-     * or <tt>Long.MIN_VALUE</tt> if conversion would negatively
-     * overflow, or <tt>Long.MAX_VALUE</tt> if it would positively overflow.
+     * or {@code Long.MIN_VALUE} if conversion would negatively
+     * overflow, or {@code Long.MAX_VALUE} if it would positively overflow.
      */
     public long convert(long sourceDuration, TimeUnit sourceUnit) {
         throw new AbstractMethodError();
     }
 
     /**
-     * Equivalent to <tt>NANOSECONDS.convert(duration, this)</tt>.
+     * Equivalent to {@code NANOSECONDS.convert(duration, this)}.
      * @param duration the duration
      * @return the converted duration,
-     * or <tt>Long.MIN_VALUE</tt> if conversion would negatively
-     * overflow, or <tt>Long.MAX_VALUE</tt> if it would positively overflow.
+     * or {@code Long.MIN_VALUE} if conversion would negatively
+     * overflow, or {@code Long.MAX_VALUE} if it would positively overflow.
      * @see #convert
      */
     public long toNanos(long duration) {
@@ -243,11 +243,11 @@ public enum TimeUnit2 {
     }
 
     /**
-     * Equivalent to <tt>MICROSECONDS.convert(duration, this)</tt>.
+     * Equivalent to {@code MICROSECONDS.convert(duration, this)}.
      * @param duration the duration
      * @return the converted duration,
-     * or <tt>Long.MIN_VALUE</tt> if conversion would negatively
-     * overflow, or <tt>Long.MAX_VALUE</tt> if it would positively overflow.
+     * or {@code Long.MIN_VALUE} if conversion would negatively
+     * overflow, or {@code Long.MAX_VALUE} if it would positively overflow.
      * @see #convert
      */
     public long toMicros(long duration) {
@@ -255,11 +255,11 @@ public enum TimeUnit2 {
     }
 
     /**
-     * Equivalent to <tt>MILLISECONDS.convert(duration, this)</tt>.
+     * Equivalent to {@code MILLISECONDS.convert(duration, this)}.
      * @param duration the duration
      * @return the converted duration,
-     * or <tt>Long.MIN_VALUE</tt> if conversion would negatively
-     * overflow, or <tt>Long.MAX_VALUE</tt> if it would positively overflow.
+     * or {@code Long.MIN_VALUE} if conversion would negatively
+     * overflow, or {@code Long.MAX_VALUE} if it would positively overflow.
      * @see #convert
      */
     public long toMillis(long duration) {
@@ -267,11 +267,11 @@ public enum TimeUnit2 {
     }
 
     /**
-     * Equivalent to <tt>SECONDS.convert(duration, this)</tt>.
+     * Equivalent to {@code SECONDS.convert(duration, this)}.
      * @param duration the duration
      * @return the converted duration,
-     * or <tt>Long.MIN_VALUE</tt> if conversion would negatively
-     * overflow, or <tt>Long.MAX_VALUE</tt> if it would positively overflow.
+     * or {@code Long.MIN_VALUE} if conversion would negatively
+     * overflow, or {@code Long.MAX_VALUE} if it would positively overflow.
      * @see #convert
      */
     public long toSeconds(long duration) {
@@ -279,11 +279,11 @@ public enum TimeUnit2 {
     }
 
     /**
-     * Equivalent to <tt>MINUTES.convert(duration, this)</tt>.
+     * Equivalent to {@code MINUTES.convert(duration, this)}.
      * @param duration the duration
      * @return the converted duration,
-     * or <tt>Long.MIN_VALUE</tt> if conversion would negatively
-     * overflow, or <tt>Long.MAX_VALUE</tt> if it would positively overflow.
+     * or {@code Long.MIN_VALUE} if conversion would negatively
+     * overflow, or {@code Long.MAX_VALUE} if it would positively overflow.
      * @see #convert
      */
     public long toMinutes(long duration) {
@@ -291,11 +291,11 @@ public enum TimeUnit2 {
     }
 
     /**
-     * Equivalent to <tt>HOURS.convert(duration, this)</tt>.
+     * Equivalent to {@code HOURS.convert(duration, this)}.
      * @param duration the duration
      * @return the converted duration,
-     * or <tt>Long.MIN_VALUE</tt> if conversion would negatively
-     * overflow, or <tt>Long.MAX_VALUE</tt> if it would positively overflow.
+     * or {@code Long.MIN_VALUE} if conversion would negatively
+     * overflow, or {@code Long.MAX_VALUE} if it would positively overflow.
      * @see #convert
      */
     public long toHours(long duration) {
@@ -303,7 +303,7 @@ public enum TimeUnit2 {
     }
 
     /**
-     * Equivalent to <tt>DAYS.convert(duration, this)</tt>.
+     * Equivalent to {@code DAYS.convert(duration, this)}.
      * @param duration the duration
      * @return the converted duration
      * @see #convert
@@ -322,11 +322,11 @@ public enum TimeUnit2 {
     abstract int excessNanos(long d, long m);
 
     /**
-     * Performs a timed <tt>Object.wait</tt> using this time unit.
+     * Performs a timed {@code Object.wait} using this time unit.
      * This is a convenience method that converts timeout arguments
-     * into the form required by the <tt>Object.wait</tt> method.
+     * into the form required by the {@code Object.wait} method.
      *
-     * <p>For example, you could implement a blocking <tt>poll</tt>
+     * <p>For example, you could implement a blocking {@code poll}
      * method (see {@link java.util.concurrent.BlockingQueue#poll BlockingQueue.poll})
      * using:
      *
@@ -353,9 +353,9 @@ public enum TimeUnit2 {
     }
 
     /**
-     * Performs a timed <tt>Thread.join</tt> using this time unit.
+     * Performs a timed {@code Thread.join} using this time unit.
      * This is a convenience method that converts time arguments into the
-     * form required by the <tt>Thread.join</tt> method.
+     * form required by the {@code Thread.join} method.
      * @param thread the thread to wait for
      * @param timeout the maximum time to wait. If less than
      * or equal to zero, do not wait at all.
@@ -372,9 +372,9 @@ public enum TimeUnit2 {
     }
 
     /**
-     * Performs a <tt>Thread.sleep</tt> using this unit.
+     * Performs a {@code Thread.sleep} using this unit.
      * This is a convenience method that converts time arguments into the
-     * form required by the <tt>Thread.sleep</tt> method.
+     * form required by the {@code Thread.sleep} method.
      * @param timeout the minimum time to sleep. If less than
      * or equal to zero, do not sleep at all.
      * @throws InterruptedException if interrupted while sleeping.
diff --git a/core/src/main/java/hudson/views/ListViewColumn.java b/core/src/main/java/hudson/views/ListViewColumn.java
index f5fdd6e468..4b1581a2f9 100644
--- a/core/src/main/java/hudson/views/ListViewColumn.java
+++ b/core/src/main/java/hudson/views/ListViewColumn.java
@@ -48,13 +48,13 @@ import net.sf.json.JSONObject;
  * Extension point for adding a column to a table rendering of {@link Item}s, such as {@link ListView}.
  *
  * <p>
- * This object must have the <tt>column.jelly</tt>. This view
+ * This object must have the {@code column.jelly}. This view
  * is called for each cell of this column. The {@link Item} object
  * is passed in the "job" variable. The view should render
  * the {@code <td>} tag.
  *
  * <p>
- * This object may have an additional <tt>columnHeader.jelly</tt>. The default ColumnHeader
+ * This object may have an additional {@code columnHeader.jelly}. The default ColumnHeader
  * will render {@link #getColumnCaption()}.
  *
  * <p>
diff --git a/core/src/main/java/hudson/views/MyViewsTabBar.java b/core/src/main/java/hudson/views/MyViewsTabBar.java
index 6727cb050e..c3b49c268f 100644
--- a/core/src/main/java/hudson/views/MyViewsTabBar.java
+++ b/core/src/main/java/hudson/views/MyViewsTabBar.java
@@ -47,7 +47,7 @@ import org.kohsuke.stapler.StaplerRequest;
  * Extension point for adding a MyViewsTabBar header to Projects {@link MyViewsProperty}.
  *
  * <p>
- * This object must have the <tt>myViewTabs.jelly</tt>. This view
+ * This object must have the {@code myViewTabs.jelly}. This view
  * is called once when the My Views main panel is built.
  * The "views" attribute is set to the "Collection of views".
  *
diff --git a/core/src/main/java/hudson/views/ViewsTabBar.java b/core/src/main/java/hudson/views/ViewsTabBar.java
index a6cb0b4f79..1456596937 100644
--- a/core/src/main/java/hudson/views/ViewsTabBar.java
+++ b/core/src/main/java/hudson/views/ViewsTabBar.java
@@ -48,7 +48,7 @@ import org.kohsuke.stapler.StaplerRequest;
  * Extension point for adding a ViewsTabBar header to Projects {@link ListView}.
  *
  * <p>
- * This object must have the <tt>viewTabs.jelly</tt>. This view
+ * This object must have the {@code viewTabs.jelly}. This view
  * is called once when the project views main panel is built.
  * The "views" attribute is set to the "Collection of views".
  *
diff --git a/core/src/main/java/jenkins/model/CauseOfInterruption.java b/core/src/main/java/jenkins/model/CauseOfInterruption.java
index 7a8c173f21..b14a02ca27 100644
--- a/core/src/main/java/jenkins/model/CauseOfInterruption.java
+++ b/core/src/main/java/jenkins/model/CauseOfInterruption.java
@@ -39,7 +39,7 @@ import javax.annotation.Nonnull;
  * Records why an {@linkplain Executor#interrupt() executor is interrupted}.
  *
  * <h2>View</h2>
- * <tt>summary.groovy/.jelly</tt> should do one-line HTML rendering to be used while rendering
+ * {@code summary.groovy/.jelly} should do one-line HTML rendering to be used while rendering
  * "build history" widget, next to the blocking build. By default it simply renders
  * {@link #getShortDescription()} text.
  *
diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index f1ba7be1dd..2d0d717bbf 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -797,7 +797,7 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
 
     /**
      * Secret key generated once and used for a long time, beyond
-     * container start/stop. Persisted outside <tt>config.xml</tt> to avoid
+     * container start/stop. Persisted outside {@code config.xml} to avoid
      * accidental exposure.
      */
     private transient final String secretKey;
@@ -1557,7 +1557,7 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
 
     /**
      * Gets the plugin object from its short name.
-     * This allows URL <tt>hudson/plugin/ID</tt> to be served by the views
+     * This allows URL {@code hudson/plugin/ID} to be served by the views
      * of the plugin class.
      * @param shortName Short name of the plugin
      * @return The plugin singleton or {@code null} if for some reason the plugin is not loaded.
@@ -4618,7 +4618,7 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
     }
     
     /**
-     * Exposes the current user to <tt>/me</tt> URL.
+     * Exposes the current user to {@code /me} URL.
      */
     public User getMe() {
         User u = User.current();
diff --git a/core/src/main/java/jenkins/model/JenkinsLocationConfiguration.java b/core/src/main/java/jenkins/model/JenkinsLocationConfiguration.java
index 1e9213df75..263b482b0f 100644
--- a/core/src/main/java/jenkins/model/JenkinsLocationConfiguration.java
+++ b/core/src/main/java/jenkins/model/JenkinsLocationConfiguration.java
@@ -157,7 +157,7 @@ public class JenkinsLocationConfiguration extends GlobalConfiguration implements
     }
 
     /**
-     * Checks the URL in <tt>global.jelly</tt>
+     * Checks the URL in {@code global.jelly}
      */
     public FormValidation doCheckUrl(@QueryParameter String value) {
         if(value.startsWith("http://localhost"))
diff --git a/core/src/main/java/jenkins/security/BasicHeaderProcessor.java b/core/src/main/java/jenkins/security/BasicHeaderProcessor.java
index df176b0a1b..5e0986eca4 100644
--- a/core/src/main/java/jenkins/security/BasicHeaderProcessor.java
+++ b/core/src/main/java/jenkins/security/BasicHeaderProcessor.java
@@ -29,7 +29,7 @@ import java.util.logging.Logger;
 import static java.util.logging.Level.*;
 
 /**
- * Takes "username:password" given in the <tt>Authorization</tt> HTTP header and authenticates
+ * Takes "username:password" given in the {@code Authorization} HTTP header and authenticates
  * the request.
  *
  * <p>
diff --git a/core/src/main/java/jenkins/security/ExceptionTranslationFilter.java b/core/src/main/java/jenkins/security/ExceptionTranslationFilter.java
index aaa7154176..24755588b0 100644
--- a/core/src/main/java/jenkins/security/ExceptionTranslationFilter.java
+++ b/core/src/main/java/jenkins/security/ExceptionTranslationFilter.java
@@ -53,13 +53,13 @@ import java.util.logging.Logger;
  * <p>
  * If an {@link AuthenticationException} is detected, the filter will launch the <code>authenticationEntryPoint</code>.
  * This allows common handling of authentication failures originating from any subclass of
- * <tt>AbstractSecurityInterceptor</tt>.
+ * {@code AbstractSecurityInterceptor}.
  * </p>
  * <p>
  * If an {@link AccessDeniedException} is detected, the filter will determine whether or not the user is an anonymous
  * user. If they are an anonymous user, the <code>authenticationEntryPoint</code> will be launched. If they are not
- * an anonymous user, the filter will delegate to the <tt>AccessDeniedHandler</tt>.
- * By default the filter will use <tt>AccessDeniedHandlerImpl</tt>.
+ * an anonymous user, the filter will delegate to the {@code AccessDeniedHandler}.
+ * By default the filter will use {@code AccessDeniedHandlerImpl}.
  * </p>
  * <p>
  * To use this filter, it is necessary to specify the following properties:
@@ -74,7 +74,7 @@ import java.util.logging.Logger;
  * </ul>
  * <P>
  * <B>Do not use this class directly.</B> Instead configure
- * <code>web.xml</code> to use the <tt>FilterToBeanProxy</tt>.
+ * <code>web.xml</code> to use the {@code FilterToBeanProxy}.
  * </p>
  *
  * @author Ben Alex
diff --git a/core/src/main/java/jenkins/security/HMACConfidentialKey.java b/core/src/main/java/jenkins/security/HMACConfidentialKey.java
index 4a520cd82e..3a83d5e213 100644
--- a/core/src/main/java/jenkins/security/HMACConfidentialKey.java
+++ b/core/src/main/java/jenkins/security/HMACConfidentialKey.java
@@ -14,7 +14,7 @@ import java.util.Arrays;
 
 /**
  * {@link ConfidentialKey} that's used for creating a token by hashing some information with secret
- * (such as <tt>hash(msg|secret)</tt>).
+ * (such as {@code hash(msg|secret)}).
  *
  * <p>
  * This provides more secure version of it by using HMAC.
diff --git a/core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol.java b/core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol.java
index e502567e0d..aca5fdb54a 100644
--- a/core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol.java
+++ b/core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol.java
@@ -31,11 +31,11 @@ import org.jenkinsci.remoting.engine.JnlpProtocol1Handler;
  *
  * <p>
  * We do this by computing HMAC of the agent name.
- * This code is sent to the agent inside the <tt>.jnlp</tt> file
+ * This code is sent to the agent inside the {@code .jnlp} file
  * (this file itself is protected by HTTP form-based authentication that
  * we use everywhere else in Jenkins), and the agent sends this
  * token back when it connects to the master.
- * Unauthorized agents can't access the protected <tt>.jnlp</tt> file,
+ * Unauthorized agents can't access the protected {@code .jnlp} file,
  * so it can't impersonate a valid agent.
  *
  * <p>
diff --git a/core/src/main/java/jenkins/slaves/systemInfo/SlaveSystemInfo.java b/core/src/main/java/jenkins/slaves/systemInfo/SlaveSystemInfo.java
index 16a5352d09..8888ca4263 100644
--- a/core/src/main/java/jenkins/slaves/systemInfo/SlaveSystemInfo.java
+++ b/core/src/main/java/jenkins/slaves/systemInfo/SlaveSystemInfo.java
@@ -8,7 +8,7 @@ import hudson.model.Computer;
  * Extension point that contributes to the system information page of {@link Computer}.
  *
  * <h2>Views</h2>
- * Subtypes must have <tt>systemInfo.groovy/.jelly</tt> view.
+ * Subtypes must have {@code systemInfo.groovy/.jelly} view.
  * This view will have the "it" variable that refers to {@link Computer} object, and "instance" variable
  * that refers to {@link SlaveSystemInfo} object.
  *
diff --git a/core/src/main/java/jenkins/util/groovy/AbstractGroovyViewModule.java b/core/src/main/java/jenkins/util/groovy/AbstractGroovyViewModule.java
index ccf4720293..9bc12c6313 100644
--- a/core/src/main/java/jenkins/util/groovy/AbstractGroovyViewModule.java
+++ b/core/src/main/java/jenkins/util/groovy/AbstractGroovyViewModule.java
@@ -12,9 +12,9 @@ import lib.JenkinsTagLib;
  * <p>
  * Usage from script of a subclass, say ViewHelper:
  * <p>
- * <tt>new ViewHelper(delegate).method();</tt>
+ * {@code new ViewHelper(delegate).method();}
  * <p>
- * see <tt>ModularizeViewScript</tt> in ui-samples for an example how to use
+ * see {@code ModularizeViewScript} in ui-samples for an example how to use
  * this class.
  */
 public abstract class AbstractGroovyViewModule extends GroovyObjectSupport {
diff --git a/core/src/main/java/jenkins/util/groovy/GroovyHookScript.java b/core/src/main/java/jenkins/util/groovy/GroovyHookScript.java
index 3c01ebf827..4f15ed4965 100644
--- a/core/src/main/java/jenkins/util/groovy/GroovyHookScript.java
+++ b/core/src/main/java/jenkins/util/groovy/GroovyHookScript.java
@@ -31,8 +31,8 @@ import jenkins.model.Jenkins;
  * </ol>
  *
  * <p>
- * Scripts inside <tt>/WEB-INF</tt> is meant for OEM distributions of Jenkins. Files inside
- * <tt>$JENKINS_HOME</tt> are for installation local settings. Use of <tt>HOOK.groovy.d</tt>
+ * Scripts inside {@code /WEB-INF} is meant for OEM distributions of Jenkins. Files inside
+ * {@code $JENKINS_HOME} are for installation local settings. Use of {@code HOOK.groovy.d}
  * allows configuration management tools to control scripts easily.
  *
  * @author Kohsuke Kawaguchi
-- 
GitLab


From b5be66014c3c7a99eed1ed7436a0874686e255b5 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 21 Sep 2018 19:08:35 -0700
Subject: [PATCH 725/863] [JENKINS-53693] - Update PowerMock and Mockito to a
 Java11-compatible version (#3637)

* [JENKINS-53693] - Update PowerMock and Mockito to a Java11-compatible version

* [JENKINS-53693] - Fix tests which depend on mocking

* [JENKINS-53693] - Apply fixes to PowerMock
---
 cli/pom.xml                                            |  2 +-
 .../test/java/hudson/cli/PrivateKeyProviderTest.java   | 10 ++--------
 core/pom.xml                                           |  2 +-
 core/src/main/java/hudson/slaves/ChannelPinger.java    | 10 +++++++---
 core/src/test/java/hudson/model/RunTest.java           |  8 +++++---
 .../src/test/java/hudson/slaves/ChannelPingerTest.java |  8 ++++----
 .../jenkins/model/CoreEnvironmentContributorTest.java  |  2 +-
 pom.xml                                                |  8 ++++----
 8 files changed, 25 insertions(+), 25 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d54dac5918..69c53a20a4 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -26,7 +26,7 @@
     </dependency>
     <dependency>
       <groupId>org.powermock</groupId>
-      <artifactId>powermock-api-mockito</artifactId>
+      <artifactId>powermock-api-mockito2</artifactId>
       <scope>test</scope>
     </dependency>
     <dependency>
diff --git a/cli/src/test/java/hudson/cli/PrivateKeyProviderTest.java b/cli/src/test/java/hudson/cli/PrivateKeyProviderTest.java
index d5636f3bd7..a29af91e6e 100644
--- a/cli/src/test/java/hudson/cli/PrivateKeyProviderTest.java
+++ b/cli/src/test/java/hudson/cli/PrivateKeyProviderTest.java
@@ -113,15 +113,9 @@ public class PrivateKeyProviderTest {
 
     private Iterable<KeyPair> withKeyPairs(final KeyPair... expected) {
         return Mockito.argThat(new ArgumentMatcher<Iterable<KeyPair>>() {
-            @Override public void describeTo(Description description) {
-                description.appendText(Arrays.asList(expected).toString());
-            }
-
-            @Override public boolean matches(Object argument) {
-                if (!(argument instanceof Iterable)) throw new IllegalArgumentException("Not an instance of Iterrable");
 
-                @SuppressWarnings("unchecked")
-                final Iterable<KeyPair> actual = (Iterable<KeyPair>) argument;
+            @Override
+            public boolean matches(Iterable<KeyPair> actual) {
                 int i = 0;
                 for (KeyPair akp: actual) {
                     if (!eq(expected[i].getPublic(), akp.getPublic())) return false;
diff --git a/core/pom.xml b/core/pom.xml
index fb56961899..dc67f7c5ad 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -481,7 +481,7 @@ THE SOFTWARE.
     </dependency>
     <dependency>
       <groupId>org.powermock</groupId>
-      <artifactId>powermock-api-mockito</artifactId>
+      <artifactId>powermock-api-mockito2</artifactId>
       <scope>test</scope>
     </dependency>
     <dependency><!-- needed by Jelly -->
diff --git a/core/src/main/java/hudson/slaves/ChannelPinger.java b/core/src/main/java/hudson/slaves/ChannelPinger.java
index 85d6d78675..eac834a76f 100644
--- a/core/src/main/java/hudson/slaves/ChannelPinger.java
+++ b/core/src/main/java/hudson/slaves/ChannelPinger.java
@@ -34,6 +34,8 @@ import hudson.remoting.Channel;
 import hudson.remoting.PingThread;
 import jenkins.security.MasterToSlaveCallable;
 import jenkins.slaves.PingFailureAnalyzer;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
 
 import javax.annotation.CheckForNull;
 import java.io.IOException;
@@ -119,14 +121,15 @@ public class ChannelPinger extends ComputerListener {
     }
 
     @VisibleForTesting
-    /*package*/ static class SetUpRemotePing extends MasterToSlaveCallable<Void, IOException> {
+    @Restricted(NoExternalUse.class)
+    public static class SetUpRemotePing extends MasterToSlaveCallable<Void, IOException> {
         private static final long serialVersionUID = -2702219700841759872L;
         @Deprecated
         private transient int pingInterval;
         private final int pingTimeoutSeconds;
         private final int pingIntervalSeconds;
 
-        SetUpRemotePing(int pingTimeoutSeconds, int pingIntervalSeconds) {
+        public SetUpRemotePing(int pingTimeoutSeconds, int pingIntervalSeconds) {
             this.pingTimeoutSeconds = pingTimeoutSeconds;
             this.pingIntervalSeconds = pingIntervalSeconds;
         }
@@ -177,7 +180,8 @@ public class ChannelPinger extends ComputerListener {
     }
 
     @VisibleForTesting
-    /*package*/ static void setUpPingForChannel(final Channel channel, final SlaveComputer computer, int timeoutSeconds, int intervalSeconds, final boolean analysis) {
+    @Restricted(NoExternalUse.class)
+    public static void setUpPingForChannel(final Channel channel, final SlaveComputer computer, int timeoutSeconds, int intervalSeconds, final boolean analysis) {
         LOGGER.log(Level.FINE, "setting up ping on {0} with a {1} seconds interval and {2} seconds timeout", new Object[] {channel.getName(), intervalSeconds, timeoutSeconds});
         final AtomicBoolean isInClosed = new AtomicBoolean(false);
         final PingThread t = new PingThread(channel, timeoutSeconds * 1000L, intervalSeconds * 1000L) {
diff --git a/core/src/test/java/hudson/model/RunTest.java b/core/src/test/java/hudson/model/RunTest.java
index 0d48699772..73515c3ff0 100644
--- a/core/src/test/java/hudson/model/RunTest.java
+++ b/core/src/test/java/hudson/model/RunTest.java
@@ -37,6 +37,8 @@ import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Executors;
 
 import static org.junit.Assert.*;
+
+import jenkins.model.Jenkins;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.TemporaryFolder;
@@ -216,7 +218,7 @@ public class RunTest {
 
     @Test
     public void compareRunsFromSameJobWithDifferentNumbers() throws Exception {
-        final ItemGroup group = Mockito.mock(ItemGroup.class);
+        final Jenkins group = Mockito.mock(Jenkins.class);
         final Job j = Mockito.mock(Job.class);
 
         Mockito.when(j.getParent()).thenReturn(group);
@@ -237,8 +239,8 @@ public class RunTest {
     @Issue("JENKINS-42319")
     @Test
     public void compareRunsFromDifferentParentsWithSameNumber() throws Exception {
-        final ItemGroup group1 = Mockito.mock(ItemGroup.class);
-        final ItemGroup group2 = Mockito.mock(ItemGroup.class);
+        final Jenkins group1 = Mockito.mock(Jenkins.class);
+        final Jenkins group2 = Mockito.mock(Jenkins.class);
         final Job j1 = Mockito.mock(Job.class);
         final Job j2 = Mockito.mock(Job.class);
         Mockito.when(j1.getParent()).thenReturn(group1);
diff --git a/core/src/test/java/hudson/slaves/ChannelPingerTest.java b/core/src/test/java/hudson/slaves/ChannelPingerTest.java
index e77ccee714..666f6afaac 100644
--- a/core/src/test/java/hudson/slaves/ChannelPingerTest.java
+++ b/core/src/test/java/hudson/slaves/ChannelPingerTest.java
@@ -63,7 +63,7 @@ public class ChannelPingerTest {
 
         verify(mockChannel).call(eq(new ChannelPinger.SetUpRemotePing(ChannelPinger.PING_TIMEOUT_SECONDS_DEFAULT,
                                                                       ChannelPinger.PING_INTERVAL_SECONDS_DEFAULT)));
-        verifyStatic();
+        verifyStatic(ChannelPinger.class);
         ChannelPinger.setUpPingForChannel(mockChannel, null, ChannelPinger.PING_TIMEOUT_SECONDS_DEFAULT,
                                           ChannelPinger.PING_INTERVAL_SECONDS_DEFAULT, true);
     }
@@ -77,7 +77,7 @@ public class ChannelPingerTest {
         channelPinger.install(mockChannel, null);
 
         verify(mockChannel).call(new ChannelPinger.SetUpRemotePing(42, 73));
-        verifyStatic();
+        verifyStatic(ChannelPinger.class);
         ChannelPinger.setUpPingForChannel(mockChannel, null, 42, 73, true);
     }
 
@@ -89,7 +89,7 @@ public class ChannelPingerTest {
         channelPinger.install(mockChannel, null);
 
         verify(mockChannel).call(eq(new ChannelPinger.SetUpRemotePing(ChannelPinger.PING_TIMEOUT_SECONDS_DEFAULT, 420)));
-        verifyStatic();
+        verifyStatic(ChannelPinger.class);
         ChannelPinger.setUpPingForChannel(mockChannel, null, ChannelPinger.PING_TIMEOUT_SECONDS_DEFAULT, 420, true);
     }
 
@@ -102,7 +102,7 @@ public class ChannelPingerTest {
         channelPinger.install(mockChannel, null);
 
         verify(mockChannel).call(eq(new ChannelPinger.SetUpRemotePing(ChannelPinger.PING_TIMEOUT_SECONDS_DEFAULT, 73)));
-        verifyStatic();
+        verifyStatic(ChannelPinger.class);
         ChannelPinger.setUpPingForChannel(mockChannel, null, ChannelPinger.PING_TIMEOUT_SECONDS_DEFAULT, 73, true);
     }
 
diff --git a/core/src/test/java/jenkins/model/CoreEnvironmentContributorTest.java b/core/src/test/java/jenkins/model/CoreEnvironmentContributorTest.java
index 642abb1323..df203a5627 100644
--- a/core/src/test/java/jenkins/model/CoreEnvironmentContributorTest.java
+++ b/core/src/test/java/jenkins/model/CoreEnvironmentContributorTest.java
@@ -54,7 +54,7 @@ public class CoreEnvironmentContributorTest {
         
         // currentComputer shouldn't be called since it relates to a running build,
         // which is not the case for calls of this method (e.g. polling) 
-        verifyStatic(times(0));
+        verifyStatic(Computer.class, times(0));
         Computer.currentComputer();
     }
 
diff --git a/pom.xml b/pom.xml
index c121a5df7e..7106257885 100644
--- a/pom.xml
+++ b/pom.xml
@@ -151,18 +151,18 @@ THE SOFTWARE.
       <dependency>
         <groupId>org.mockito</groupId>
         <artifactId>mockito-core</artifactId>
-        <version>1.10.19</version>
+        <version>2.22.0</version>
       </dependency>
 
       <dependency>
         <groupId>org.powermock</groupId>
         <artifactId>powermock-module-junit4</artifactId>
-        <version>1.6.6</version>
+        <version>2.0.0-beta.5</version>
       </dependency>
       <dependency>
         <groupId>org.powermock</groupId>
-        <artifactId>powermock-api-mockito</artifactId>
-        <version>1.6.6</version>
+        <artifactId>powermock-api-mockito2</artifactId>
+        <version>2.0.0-beta.5</version>
       </dependency>
       <dependency>
         <groupId>org.objenesis</groupId>
-- 
GitLab


From 69aec235a2ea620caf06583d395869f8c6818c1a Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 21 Sep 2018 19:45:50 -0700
Subject: [PATCH 726/863] [JENKINS-52019] - Update Groovy from 2.4.11 to 2.4.12
 to pick up fixes towards Java 11 support

---
 core/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/pom.xml b/core/pom.xml
index dc67f7c5ad..258e26f64f 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -41,7 +41,7 @@ THE SOFTWARE.
     <staplerFork>true</staplerFork>
     <stapler.version>1.254.1</stapler.version>
     <spring.version>2.5.6.SEC03</spring.version>
-    <groovy.version>2.4.11</groovy.version>
+    <groovy.version>2.4.12</groovy.version>
   </properties>
 
   <dependencies>
-- 
GitLab


From fde4ec8c3510bda04a91cf3d6c612a9f8c2b5957 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 21 Sep 2018 20:06:13 -0700
Subject: [PATCH 727/863] Javadoc: Cleanup <tt> tags from package.html

---
 core/src/main/java/hudson/model/package.html       | 2 +-
 core/src/main/java/hudson/scm/package.html         | 2 +-
 core/src/main/java/hudson/tasks/package.html       | 2 +-
 core/src/main/java/hudson/triggers/package.html    | 2 +-
 core/src/main/java/hudson/util/spring/package.html | 6 +++---
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/core/src/main/java/hudson/model/package.html b/core/src/main/java/hudson/model/package.html
index 640b328a39..73e34b62da 100644
--- a/core/src/main/java/hudson/model/package.html
+++ b/core/src/main/java/hudson/model/package.html
@@ -23,5 +23,5 @@ THE SOFTWARE.
 -->
 
 <html><head/><body>
-Core object model that are bound to URLs via stapler, rooted at <a href="Hudson.html"><tt>Hudson</tt></a>.
+Core object model that are bound to URLs via stapler, rooted at <a href="Hudson.html"><code>Hudson</code></a>.
 </body></html>
\ No newline at end of file
diff --git a/core/src/main/java/hudson/scm/package.html b/core/src/main/java/hudson/scm/package.html
index 610f57991d..d2a0046c66 100644
--- a/core/src/main/java/hudson/scm/package.html
+++ b/core/src/main/java/hudson/scm/package.html
@@ -23,5 +23,5 @@ THE SOFTWARE.
 -->
 
 <html><head/><body>
-Hudson's interface with source code management systems. Start with <a href="SCM.html"><tt>SCM</tt></a>
+Hudson's interface with source code management systems. Start with <a href="SCM.html"><code>SCM</code></a>
 </body></html>
\ No newline at end of file
diff --git a/core/src/main/java/hudson/tasks/package.html b/core/src/main/java/hudson/tasks/package.html
index 9a85792fab..db3507a15f 100644
--- a/core/src/main/java/hudson/tasks/package.html
+++ b/core/src/main/java/hudson/tasks/package.html
@@ -23,6 +23,6 @@ THE SOFTWARE.
 -->
 
 <html><head/><body>
-Built-in <a href="Builder.html"><tt>Builder</tt></a>s and <a href="Publisher.html"><tt>Publisher</tt></a>s
+Built-in <a href="Builder.html"><code>Builder</code></a>s and <a href="Publisher.html"><tt>Publisher</tt></a>s
 that perform the actual heavy-lifting of a build. 
 </body></html>
\ No newline at end of file
diff --git a/core/src/main/java/hudson/triggers/package.html b/core/src/main/java/hudson/triggers/package.html
index 61cb24e2f8..dd0f97ed8b 100644
--- a/core/src/main/java/hudson/triggers/package.html
+++ b/core/src/main/java/hudson/triggers/package.html
@@ -23,5 +23,5 @@ THE SOFTWARE.
 -->
 
 <html><head/><body>
-Built-in <a href="Trigger.html"><tt>Trigger</tt></a>s that run periodically to kick a new build.
+Built-in <a href="Trigger.html"><code>Trigger</code></a>s that run periodically to kick a new build.
 </body></html>
\ No newline at end of file
diff --git a/core/src/main/java/hudson/util/spring/package.html b/core/src/main/java/hudson/util/spring/package.html
index ef210c114e..fec5670853 100644
--- a/core/src/main/java/hudson/util/spring/package.html
+++ b/core/src/main/java/hudson/util/spring/package.html
@@ -32,10 +32,10 @@ but modifications are made since then to make the syntax more consistent.
 <h2>Changes to the original code</h2>
 <p>
     Our version has support for getting rid of surrounding "bb.beans { ... }" if the script
-    is parsed via the <tt>BeanBuilder.parse()</tt> method.
+    is parsed via the <code>BeanBuilder.parse()</code> method.
 </p>
 <p>
-    Anonymous bean definition syntax is changed to <tt>bean(CLASS) {...}</tt> from
-    <tt>{CLASS _ -> ...}</tt> to increase consistency with named bean definition.
+    Anonymous bean definition syntax is changed to <code>bean(CLASS) {...}</code> from
+    <code>{CLASS _ -> ...}</code> to increase consistency with named bean definition.
 </p>
 </body></html>
\ No newline at end of file
-- 
GitLab


From 5cf87afaa8923f79554ecfeb9291dafafeb77f54 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 21 Sep 2018 20:29:34 -0700
Subject: [PATCH 728/863] Javadoc: fix issue noticed by @svanoort

---
 core/src/main/java/hudson/tasks/package.html | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/tasks/package.html b/core/src/main/java/hudson/tasks/package.html
index db3507a15f..3ecc377e25 100644
--- a/core/src/main/java/hudson/tasks/package.html
+++ b/core/src/main/java/hudson/tasks/package.html
@@ -23,6 +23,6 @@ THE SOFTWARE.
 -->
 
 <html><head/><body>
-Built-in <a href="Builder.html"><code>Builder</code></a>s and <a href="Publisher.html"><tt>Publisher</tt></a>s
+Built-in <a href="Builder.html"><code>Builder</code></a>s and <a href="Publisher.html"><code>Publisher</code></a>s
 that perform the actual heavy-lifting of a build. 
-</body></html>
\ No newline at end of file
+</body></html>
-- 
GitLab


From 37eec9ed732f6cfae3b6e9534b7518408c5eb18f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rom=C3=A9n=20Rodr=C3=ADguez-Gil?= <romenrg@gmail.com>
Date: Fri, 21 Sep 2018 21:08:31 -0700
Subject: [PATCH 729/863] Added Spanish translation for 'Build triggers'
 section in the UI (#3632)

* Added Spanish translation for 'Build triggers' section in the UI

* Copyright changes to MIT license
---
 .../jenkins/triggers/Messages_es.properties   | 23 +++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 core/src/main/resources/jenkins/triggers/Messages_es.properties

diff --git a/core/src/main/resources/jenkins/triggers/Messages_es.properties b/core/src/main/resources/jenkins/triggers/Messages_es.properties
new file mode 100644
index 0000000000..0d0afe5f28
--- /dev/null
+++ b/core/src/main/resources/jenkins/triggers/Messages_es.properties
@@ -0,0 +1,23 @@
+# The MIT License
+#
+# Copyright 2018 CloudBees.
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+ReverseBuildTrigger.build_after_other_projects_are_built=Construir tras otros proyectos
\ No newline at end of file
-- 
GitLab


From 7967e02ce3d5e07c700d97a2abfdfb7a5d793cfc Mon Sep 17 00:00:00 2001
From: Devin Nusbaum <dwnusbaum@users.noreply.github.com>
Date: Sat, 22 Sep 2018 00:26:01 -0400
Subject: [PATCH 730/863] [JENKINS-53729] - Restore serialVersionUID (#3613)

---
 core/src/main/java/hudson/console/HyperlinkNote.java | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/src/main/java/hudson/console/HyperlinkNote.java b/core/src/main/java/hudson/console/HyperlinkNote.java
index 8ed5039993..3f8ccfda1d 100644
--- a/core/src/main/java/hudson/console/HyperlinkNote.java
+++ b/core/src/main/java/hudson/console/HyperlinkNote.java
@@ -107,4 +107,5 @@ public class HyperlinkNote extends ConsoleNote {
     }
 
     private static final Logger LOGGER = Logger.getLogger(HyperlinkNote.class.getName());
+    private static final long serialVersionUID = 3908468829358026949L;
 }
-- 
GitLab


From 722ff407c4083d47e97f43a86b00a7dff0930c04 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Sat, 22 Sep 2018 13:41:57 -0700
Subject: [PATCH 731/863] [JEP-214] Telemetry with initial escape hatch
 implementation (#3604)

---
 .../java/jenkins/telemetry/Correlator.java    |  63 ++++++
 .../java/jenkins/telemetry/Telemetry.java     | 196 ++++++++++++++++
 .../impl/SecuritySystemProperties.java        | 117 ++++++++++
 .../help-usageStatisticsCollected.html        |  21 --
 .../help-usageStatisticsCollected.jelly       |  48 ++++
 .../help-usageStatisticsCollected_bg.html     |  22 --
 .../help-usageStatisticsCollected_fr.html     |  25 ---
 .../help-usageStatisticsCollected_it.html     |  25 ---
 .../help-usageStatisticsCollected_ja.html     |  22 --
 .../help-usageStatisticsCollected_pt_BR.html  |  20 --
 .../description.jelly                         |   6 +
 .../java/jenkins/telemetry/TelemetryTest.java | 209 ++++++++++++++++++
 12 files changed, 639 insertions(+), 135 deletions(-)
 create mode 100644 core/src/main/java/jenkins/telemetry/Correlator.java
 create mode 100644 core/src/main/java/jenkins/telemetry/Telemetry.java
 create mode 100644 core/src/main/java/jenkins/telemetry/impl/SecuritySystemProperties.java
 delete mode 100644 core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.html
 create mode 100644 core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.jelly
 delete mode 100644 core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_bg.html
 delete mode 100644 core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_fr.html
 delete mode 100644 core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_it.html
 delete mode 100644 core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_ja.html
 delete mode 100644 core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_pt_BR.html
 create mode 100644 core/src/main/resources/jenkins/telemetry/impl/SecuritySystemProperties/description.jelly
 create mode 100644 test/src/test/java/jenkins/telemetry/TelemetryTest.java

diff --git a/core/src/main/java/jenkins/telemetry/Correlator.java b/core/src/main/java/jenkins/telemetry/Correlator.java
new file mode 100644
index 0000000000..ea583bdb1f
--- /dev/null
+++ b/core/src/main/java/jenkins/telemetry/Correlator.java
@@ -0,0 +1,63 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.telemetry;
+
+import hudson.Extension;
+import hudson.model.Describable;
+import hudson.model.Descriptor;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+
+import java.util.UUID;
+
+/**
+ * This class stores a UUID identifying this instance for telemetry reporting to allow deduplication or merging of submitted records.
+ *
+ * We're not using anything derived from instance identity so we cannot connect an instance's public appearance with its submissions.
+ *
+ * This really only uses Descriptor/Describable to get a Saveable implementation for free.
+ */
+@Extension
+@Restricted(NoExternalUse.class)
+public class Correlator extends Descriptor<Correlator> implements Describable<Correlator> {
+    private String correlationId;
+
+    public Correlator() {
+        super(Correlator.class);
+        load();
+        if (correlationId == null) {
+            correlationId = UUID.randomUUID().toString();
+            save();
+        }
+    }
+
+    public String getCorrelationId() {
+        return correlationId;
+    }
+
+    @Override
+    public Descriptor<Correlator> getDescriptor() {
+        return this;
+    }
+}
\ No newline at end of file
diff --git a/core/src/main/java/jenkins/telemetry/Telemetry.java b/core/src/main/java/jenkins/telemetry/Telemetry.java
new file mode 100644
index 0000000000..ec766206ea
--- /dev/null
+++ b/core/src/main/java/jenkins/telemetry/Telemetry.java
@@ -0,0 +1,196 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.telemetry;
+
+import com.google.common.annotations.VisibleForTesting;
+import hudson.Extension;
+import hudson.ExtensionList;
+import hudson.ExtensionPoint;
+import hudson.ProxyConfiguration;
+import hudson.model.AsyncPeriodicWork;
+import hudson.model.TaskListener;
+import hudson.model.UsageStatistics;
+import jenkins.model.Jenkins;
+import jenkins.util.SystemProperties;
+import net.sf.json.JSONObject;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+
+import javax.annotation.Nonnull;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.io.OutputStreamWriter;
+import java.net.HttpURLConnection;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.net.URLConnection;
+import java.nio.charset.StandardCharsets;
+import java.time.LocalDate;
+import java.util.concurrent.TimeUnit;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+/**
+ * Extension point for collecting JEP-214 telemetry.
+ *
+ * @see <a href="https://github.com/jenkinsci/jep/tree/master/jep/214">JEP-214</a>
+ *
+ * @since TODO
+ */
+public abstract class Telemetry implements ExtensionPoint {
+
+    // https://webhook.site is a nice stand-in for this during development; just needs to end in ? to submit the ID as query parameter
+    @Restricted(NoExternalUse.class)
+    @VisibleForTesting
+    static String ENDPOINT = SystemProperties.getString(Telemetry.class.getName() + ".endpoint", "https://uplink.jenkins.io/events");
+
+    private static final Logger LOGGER = Logger.getLogger(Telemetry.class.getName());
+
+    /**
+     * ID of this collector, typically a basic alphanumeric string (and _- characters).
+     *
+     * Good IDs are globally unique and human readable (i.e. no UUIDs).
+     *
+     * For a periodically updated list of all public implementations, see https://jenkins.io/doc/developer/extensions/jenkins-core/#telemetry
+     * 
+     * @return ID of the collector, never null or empty
+     */
+    @Nonnull
+    public abstract String getId();
+
+    /**
+     * User friendly display name for this telemetry collector, ideally localized.
+     *
+     * @return display name, never null or empty
+     */
+    @Nonnull
+    public abstract String getDisplayName();
+
+    /**
+     * Start date for the collection.
+     * Will be checked in Jenkins to not collect outside the defined time span.
+     * This does not have to be precise enough for time zones to be a consideration.
+     *
+     * @return collection start date
+     */
+    @Nonnull
+    public abstract LocalDate getStart();
+
+    /**
+     * End date for the collection.
+     * Will be checked in Jenkins to not collect outside the defined time span.
+     * This does not have to be precise enough for time zones to be a consideration.
+     *
+     * @return collection end date
+     */
+    @Nonnull
+    public abstract LocalDate getEnd();
+
+    /**
+     * Returns the content to be sent to the telemetry service.
+     *
+     * This method is called periodically, once per content submission.
+     *
+     * @return
+     */
+    @Nonnull
+    public abstract JSONObject createContent();
+
+    public static ExtensionList<Telemetry> all() {
+        return ExtensionList.lookup(Telemetry.class);
+    }
+
+    @Extension
+    public static class TelemetryReporter extends AsyncPeriodicWork {
+
+        public TelemetryReporter() {
+            super("telemetry collection");
+        }
+
+        @Override
+        public long getRecurrencePeriod() {
+            return TimeUnit.HOURS.toMillis(24);
+        }
+
+        @Override
+        protected void execute(TaskListener listener) throws IOException, InterruptedException {
+            if (UsageStatistics.DISABLED || !Jenkins.getInstance().isUsageStatisticsCollected()) {
+                LOGGER.info("Collection of anonymous usage statistics is disabled, skipping telemetry collection and submission");
+                return;
+            }
+            Telemetry.all().forEach(telemetry -> {
+                if (telemetry.getStart().isAfter(LocalDate.now())) {
+                    LOGGER.config("Skipping telemetry for '" + telemetry.getId() + "' as it is configured to start later");
+                    return;
+                }
+                if (telemetry.getEnd().isBefore(LocalDate.now())) {
+                    LOGGER.config("Skipping telemetry for '" + telemetry.getId() + "' as it is configured to end in the past");
+                    return;
+                }
+
+                JSONObject data = new JSONObject();
+                try {
+                    data = telemetry.createContent();
+                } catch (Exception e) {
+                    LOGGER.log(Level.WARNING, "Failed to build telemetry content for: '" + telemetry.getId() + "'", e);
+                }
+
+                JSONObject wrappedData = new JSONObject();
+                wrappedData.put("type", telemetry.getId());
+                wrappedData.put("payload", data);
+                wrappedData.put("correlator", ExtensionList.lookupSingleton(Correlator.class).getCorrelationId());
+
+                try {
+                    URL url = new URL(ENDPOINT);
+                    URLConnection conn = ProxyConfiguration.open(url);
+                    if (!(conn instanceof HttpURLConnection)) {
+                        LOGGER.config("URL did not result in an HttpURLConnection: " + ENDPOINT);
+                        return;
+                    }
+                    HttpURLConnection http = (HttpURLConnection) conn;
+                    http.setRequestProperty("Content-Type", "application/json; charset=utf-8");
+                    http.setDoOutput(true);
+
+                    String body = wrappedData.toString();
+                    if (LOGGER.isLoggable(Level.FINEST)) {
+                        LOGGER.finest("Submitting JSON: " + body);
+                    }
+
+                    try (OutputStream out = http.getOutputStream();
+                            OutputStreamWriter writer = new OutputStreamWriter(out, StandardCharsets.UTF_8)) {
+                        writer.append(body);
+                    }
+
+                    LOGGER.config("Telemetry submission received response '" + http.getResponseCode() + " " + http.getResponseMessage() + "' for: " + telemetry.getId());
+                } catch (MalformedURLException e) {
+                    LOGGER.config("Malformed endpoint URL: " + ENDPOINT + " for telemetry: " + telemetry.getId());
+                } catch (IOException e) {
+                    // deliberately low visibility, as temporary infra problems aren't a big deal and we'd
+                    // rather have some unsuccessful submissions than admins opting out to clean up logs
+                    LOGGER.log(Level.CONFIG, "Failed to submit telemetry: " + telemetry.getId() + " to: " + ENDPOINT, e);
+                }
+            });
+        }
+    }
+}
diff --git a/core/src/main/java/jenkins/telemetry/impl/SecuritySystemProperties.java b/core/src/main/java/jenkins/telemetry/impl/SecuritySystemProperties.java
new file mode 100644
index 0000000000..ca2d9e1bf2
--- /dev/null
+++ b/core/src/main/java/jenkins/telemetry/impl/SecuritySystemProperties.java
@@ -0,0 +1,117 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.telemetry.impl;
+
+import hudson.Extension;
+import jenkins.model.Jenkins;
+import jenkins.telemetry.Telemetry;
+import jenkins.util.SystemProperties;
+import net.sf.json.JSONObject;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+
+import javax.annotation.Nonnull;
+import java.text.DateFormat;
+import java.text.SimpleDateFormat;
+import java.time.LocalDate;
+import java.util.Date;
+import java.util.Map;
+import java.util.TimeZone;
+import java.util.TreeMap;
+
+/**
+ * Telemetry implementation gathering information about system properties.
+ */
+@Extension
+@Restricted(NoExternalUse.class)
+public class SecuritySystemProperties extends Telemetry {
+    @Nonnull
+    @Override
+    public String getId() {
+        return "security-system-properties";
+    }
+
+    @Nonnull
+    @Override
+    public LocalDate getStart() {
+        return LocalDate.of(2018, 9, 1);
+    }
+
+    @Nonnull
+    @Override
+    public LocalDate getEnd() {
+        return LocalDate.of(2018, 12, 1);
+    }
+
+    @Nonnull
+    @Override
+    public String getDisplayName() {
+        return "Use of Security-related Java system properties";
+    }
+
+    @Nonnull
+    @Override
+    public JSONObject createContent() {
+        Map<String, String> security = new TreeMap<>();
+        putBoolean(security, "hudson.ConsoleNote.INSECURE", false);
+        putBoolean(security, "hudson.model.ParametersAction.keepUndefinedParameters", false);
+        putBoolean(security, "hudson.model.User.allowNonExistentUserToLogin", false);
+        putBoolean(security, "hudson.model.User.allowUserCreationViaUrl", false);
+        putBoolean(security, "hudson.model.User.SECURITY_243_FULL_DEFENSE", true);
+        putBoolean(security, "hudson.remoting.URLDeserializationHelper.avoidUrlWrapping", false);
+        putBoolean(security, "jenkins.security.ClassFilterImpl.SUPPRESS_WHITELIST", false);
+        putBoolean(security, "jenkins.security.ClassFilterImpl.SUPPRESS_ALL", false);
+
+        putStringInfo(security, "hudson.model.ParametersAction.safeParameters");
+        putStringInfo(security, "hudson.model.DirectoryBrowserSupport.CSP");
+        putStringInfo(security, "hudson.security.HudsonPrivateSecurityRealm.ID_REGEX");
+
+        Map<String, Object> info = new TreeMap<>();
+        info.put("core", Jenkins.getVersion().toString());
+        info.put("clientDate", clientDateString());
+        info.put("properties", security);
+
+        return JSONObject.fromObject(info);
+    }
+
+    private static String clientDateString() {
+        TimeZone tz = TimeZone.getTimeZone("UTC");
+        DateFormat df = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm'Z'");
+        df.setTimeZone(tz); // strip timezone
+        return df.format(new Date());
+    }
+
+    private static void putBoolean(Map<String, String> propertiesMap, String systemProperty, boolean defaultValue) {
+        propertiesMap.put(systemProperty, Boolean.toString(SystemProperties.getBoolean(systemProperty, defaultValue)));
+    }
+
+    private static void putStringInfo(Map<String, String> propertiesMap, String systemProperty) {
+        String reportedValue = "null";
+        String value = SystemProperties.getString(systemProperty);
+        if (value != null) {
+            reportedValue = Integer.toString(value.length());
+        }
+        propertiesMap.put(systemProperty, reportedValue);
+    }
+}
diff --git a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.html b/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.html
deleted file mode 100644
index 37b1e5cc65..0000000000
--- a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.html
+++ /dev/null
@@ -1,21 +0,0 @@
-<div>
-    Knowing how Jenkins is used is a tremendous help in guiding the direction of the development, especially
-    for open-source projects where users are inherently hard to track down. When this option is enabled,
-    Jenkins periodically send information about your usage of Jenkins.
-
-    <p>
-    Specifically, it contains the following information:
-
-    <ul>
-    <li>Your Jenkins version
-    <li>For your master and each agent, OS type, and # of executors
-    <li>Plugins that are installed and their versions
-    <li>Number of jobs per each job type in your Jenkins
-    </ul>
-
-    <p>
-    The information doesn't contain anything that identifies you or allows us to contact you
-    (except information inherently revealed by HTTP, such as the IP address). Tabulated
-    data of these usage statistics submissions will be shared with the community.
-
-</div>
diff --git a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.jelly b/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.jelly
new file mode 100644
index 0000000000..96df143a83
--- /dev/null
+++ b/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.jelly
@@ -0,0 +1,48 @@
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
+    <div>
+        For any project, it's critical to know how the software is used, but tracking usage data is inherently difficult in open-source projects.
+        Anonymous usage statistics address this need.
+        When enabled, Jenkins periodically sends information to the Jenkins project.
+        The Jenkins project uses this information to set development priorities.
+    </div>
+    <h1>General usage statistics</h1>
+    <div>
+        <p>Jenkins reports the following general usage statistics:</p>
+        <ul>
+            <li>Your Jenkins version</li>
+            <li>For your master and each agent, the OS type and number of executors</li>
+            <li>Installed plugins and their versions</li>
+            <li>Number of items (like jobs) of each item type</li>
+        </ul>
+        <p>
+            This <b>does not</b> report any personally identifiable information. The only information reported by Jenkins is information inherently revealed by the HTTP protocol, such as the IP address.
+
+            These usage statistics are aggregated, updated monthly, and published to <a href="https://stats.jenkins.io">stats.jenkins.io</a>
+        </p>
+    </div>
+    <h1>Telemetry collection</h1>
+    <div>
+        <p>
+            In addition to the general usage statistics listed above, the Jenkins project collects telemetry data from specific trials to inform future development.
+            Each trial has a specific purpose and a defined end date, after which collection stops, independent of the installed versions of Jenkins or plugins.
+            Once a trial is complete, the trial results may be aggregated and shared with the developer community.
+        </p>
+        <p>
+            The following trials are currently set up on this instance:
+        </p>
+        <j:invokeStatic className="jenkins.telemetry.Telemetry" method="all" var="collectors"/>
+        <dl>
+            <j:forEach items="${collectors}" var="collector">
+                <dt>${collector.displayName}</dt>
+                <dd>
+                    <st:include from="${collector}" optional="true" page="description.jelly"/>
+                    <p>
+                        Start date: ${collector.start}
+                        End date: ${collector.end}
+                    </p>
+                </dd>
+            </j:forEach>
+        </dl>
+    </div>
+</j:jelly>
diff --git a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_bg.html b/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_bg.html
deleted file mode 100644
index 20aacefce3..0000000000
--- a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_bg.html
+++ /dev/null
@@ -1,22 +0,0 @@
-<div>
-    От голяма помощ е да знаем как Jenkins се ползва.  Това може да определи
-    посоката на разработка, което иначе е трудно, защото няма как да се проследяват
-    потребителите на проект с отворен код.  Като изберете тази опция Jenkins
-    периодично ще изпраща анонимни данни за използването.
-
-    <p>
-    Това е пълното описание на включената информация:
-
-    <ul>
-    <li>версията на jenkins;
-    <li>операционната система и броя изпълнявани изграждания от основния и подчинените компютри;
-    <li>списък с инсталираните приставки и версиите им;
-    <li>броят задачи за всеки вид задача в инсталацията на Jenkins
-    </ul>
-
-    <p>
-    Информацията не съдържа нищо, които да ви идентифицира или да позволява да се свържем
-    с вас (с изключение на информацията указана поради естеството на HTTP, като IP адреси).
-    Тези данни ще бъдат споделени с общността в табличен вид.
-
-</div>
diff --git a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_fr.html b/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_fr.html
deleted file mode 100644
index 8d4df6df9d..0000000000
--- a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_fr.html
+++ /dev/null
@@ -1,25 +0,0 @@
-<div>
-    Comprendre comment Jenkins est utilisé est d'une grande aide pour guider les développements,
-    particulièrement pour les projets open-source où les utilisateurs sont typiquement difficiles
-    à connaitre. Quand cette option est activée, Jenkins envoie périodiquement des informations sur votre
-    utilisation de Jenkins.
-
-    <p>
-    Plus précisément, il envoie les informations suivantes:
-
-    <ul>
-    <li>Votre version de Jenkins
-    <li>Pour le Jenkins maître et pour chaque esclave, le type d'OS et le nombre d'exécuteurs
-    <li>Les plugins qui sont installés et leurs versions
-    <li>Le nombre de jobs pour chaque type de job dans votre installation de Jenkins
-    </ul>
-
-    <p>
-    Cette information ne contient rien qui vous identifie ou qui nous permette de vous contacter
-    (hors certaines informations intrinsèques à HTTP, comme votre adresse IP).
-    Les données compilées de ces statistiques d'utilisation seront partagées avec la communauté.
-
-    <p>
-    N'hésitez pas à lire <a href="http://jenkins.361315.n4.nabble.com/request-for-comments-tracking-usage-metrics-td375557.html">
-    la discussion sur ce mécanisme</a> et à contribuer aux débats.
-</div>
diff --git a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_it.html b/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_it.html
deleted file mode 100644
index 2fc1e8a8df..0000000000
--- a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_it.html
+++ /dev/null
@@ -1,25 +0,0 @@
-<div>
-    Sapere come viene utilizzato Jenkins aiuta notevolmente a guidare la
-    direzione dello sviluppo, specialmente nel caso dei progetti open source
-    in cui è inerentemente difficile rintracciare gli utenti. Quando
-    quest'opzione è abilitata, Jenkins invierà periodicamente informazioni
-    sull'utilizzo di Jenkins.
-
-    <p>
-    Specificamente, tali informazioni conterranno quanto segue:
-
-    <ul>
-    <li>La versione di Jenkins
-    <li>Per il master e ogni agente, il tipo di sistema operativo e il numero di esecutori
-    <li>I plugin installati e le rispettive versioni
-    <li>Il numero di processi per ogni tipo di processo in Jenkins
-    </ul>
-
-    <p>
-    Le informazioni non conterranno nulla che possa identificare l'utente o
-    consentirci di contattare l'utente (ad eccezione delle informazioni rivelate
-    naturalmente dal protocollo HTTP, come l'indirizzo IP). I dati tabulati
-    relativi agli invii di queste statistiche di utilizzo saranno condivisi con
-    la comunità.
-
-</div>
diff --git a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_ja.html b/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_ja.html
deleted file mode 100644
index 7db3dac478..0000000000
--- a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_ja.html
+++ /dev/null
@@ -1,22 +0,0 @@
-<div>
-    Jenkinsがどのように使用されているか把握することは、特にユーザーを特定できないオープンソースプロジェクトにとって、
-    開発の方向性を決定する上で非常に役に立ちます。このオプションを有効にすると、Jenkinsの利用状況を定期的に送信します。
-
-    <p>
-    送信する情報は次の情報を含んでいます。
-
-    <ul>
-      <li>Jenkinsのバージョン
-      <li>マスターと各スレーブの、OSとエグゼキューターの数
-      <li>インストールされているプラグインとそのバージョン
-      <li>ジョブのタイプ毎のジョブ数
-    </ul>
-
-    <p>
-    情報には、あなたを特定できる、もしくはあなたに連絡できるようなものは含みません(ただし、IPアドレスのようなHTTP関連の情報は除きます)。
-    送信された利用状況の一覧データは、コミュニティで共有されます。
-
-    <p>
-    <a href="http://jenkins.361315.n4.nabble.com/request-for-comments-tracking-usage-metrics-td375557.html">
-    コミュニティでのこの仕組みに関するディスカッション</a>を参考にしてください。ご意見はこちらにお願いします。
-</div>
diff --git a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_pt_BR.html b/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_pt_BR.html
deleted file mode 100644
index bde77e44f1..0000000000
--- a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_pt_BR.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<div>
-    Saber como Jenkins é utilizado é uma tremenda ajuda guiando-nos no desenvolvimento, especificamente para
-    projetos de código livre onde os usuários são inerentemente difíceis de rastrear. Ao ativar esta opção,
-    Jenkins periodicamente enviará informações sobre o seu uso.
-
-    <p>
-    Especificamente, as informações enviadas serão:
-
-    <ul>
-    <li>A versão do seu Jenkins
-    <li>Para cada master e cada slave, o tipo de Sistema Operacional, e número de executores
-    <li>Os plugins instalados e suas versões
-    <li>Número de jobs por tipo de job no seu Jenkins
-    </ul>
-
-    <p>
-    Essas informaçãos não contem nada o identifique ou nos permita contatá-lo
-    (exceto pelas informações reveladas via HTTP, tal como Endereço IP).
-    Dados das estatísticas de uso submetidas são compartilhados com a comunidade.
-</div>
diff --git a/core/src/main/resources/jenkins/telemetry/impl/SecuritySystemProperties/description.jelly b/core/src/main/resources/jenkins/telemetry/impl/SecuritySystemProperties/description.jelly
new file mode 100644
index 0000000000..dc78d7fda8
--- /dev/null
+++ b/core/src/main/resources/jenkins/telemetry/impl/SecuritySystemProperties/description.jelly
@@ -0,0 +1,6 @@
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
+    For many security fixes, the Jenkins security team adds hidden options, sometimes called <em>escape hatches</em>, to disable the security fix.
+    This hedges against severe regressions not caught in testing, or unexpected legitimate use cases.
+    It is unknown to the team which of these options are actually in use, so this trial collects anonymous information about the values of (typically boolean) security-related Java system properties.
+</j:jelly>
\ No newline at end of file
diff --git a/test/src/test/java/jenkins/telemetry/TelemetryTest.java b/test/src/test/java/jenkins/telemetry/TelemetryTest.java
new file mode 100644
index 0000000000..952d4e8968
--- /dev/null
+++ b/test/src/test/java/jenkins/telemetry/TelemetryTest.java
@@ -0,0 +1,209 @@
+package jenkins.telemetry;
+
+import hudson.ExtensionList;
+import hudson.model.UnprotectedRootAction;
+import static org.hamcrest.CoreMatchers.*;
+import static org.junit.Assert.*;
+
+import hudson.security.csrf.CrumbExclusion;
+import net.sf.json.JSONObject;
+import org.apache.commons.io.IOUtils;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.LoggerRule;
+import org.jvnet.hudson.test.TestExtension;
+import org.kohsuke.stapler.StaplerRequest;
+import org.kohsuke.stapler.StaplerResponse;
+
+import javax.annotation.CheckForNull;
+import javax.annotation.Nonnull;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.StringWriter;
+import java.nio.charset.StandardCharsets;
+import java.time.LocalDate;
+import java.time.temporal.ChronoUnit;
+import java.util.HashSet;
+import java.util.Set;
+import java.util.logging.Level;
+
+public class TelemetryTest {
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+
+    @Rule
+    public LoggerRule logger = new LoggerRule().record(Telemetry.class, Level.ALL).capture(100);
+
+    private static int counter = 0;
+
+    @Test
+    public void testSubmission() throws Exception {
+        j.jenkins.setNoUsageStatistics(false); // tests usually don't submit this, but we need this
+        assertEquals("no requests received", 0, counter);
+        Telemetry.ENDPOINT = j.getURL().toString() + "uplink/events";
+        ExtensionList.lookupSingleton(Telemetry.TelemetryReporter.class).doRun();
+        do {
+            Thread.sleep(250);
+        } while (counter == 0); // this might end up being flaky due to 1 to many active telemetry trials
+        assertThat(logger.getMessages(), hasItem("Telemetry submission received response '200 OK' for: test-data"));
+        assertThat(logger.getMessages(), hasItem("Skipping telemetry for 'future' as it is configured to start later"));
+        assertThat(logger.getMessages(), hasItem("Skipping telemetry for 'past' as it is configured to end in the past"));
+        assertThat(types, hasItem("test-data"));
+        assertThat(types, not(hasItem("future")));
+        assertThat(types, not(hasItem("past")));
+        assertThat(correlators.size(), is(1));
+        assertTrue("at least one request received", counter > 0); // TestTelemetry plus whatever real impls exist
+    }
+
+    @TestExtension
+    public static class DisabledFutureTelemetry extends Telemetry {
+
+        @Nonnull
+        @Override
+        public String getId() {
+            return "future";
+        }
+
+        @Nonnull
+        @Override
+        public String getDisplayName() {
+            return "future";
+        }
+
+        @Nonnull
+        @Override
+        public LocalDate getStart() {
+            return LocalDate.now().plus(1, ChronoUnit.DAYS);
+        }
+
+        @Nonnull
+        @Override
+        public LocalDate getEnd() {
+            return LocalDate.MAX;
+        }
+
+        @Nonnull
+        @Override
+        public JSONObject createContent() {
+            return new JSONObject();
+        }
+    }
+
+    @TestExtension
+    public static class DisabledPastTelemetry extends Telemetry {
+
+        @Nonnull
+        @Override
+        public String getId() {
+            return "past";
+        }
+
+        @Nonnull
+        @Override
+        public String getDisplayName() {
+            return "past";
+        }
+
+        @Nonnull
+        @Override
+        public LocalDate getStart() {
+            return LocalDate.MIN;
+        }
+
+        @Nonnull
+        @Override
+        public LocalDate getEnd() {
+            return LocalDate.now().minus(1, ChronoUnit.DAYS);
+        }
+
+        @Nonnull
+        @Override
+        public JSONObject createContent() {
+            return new JSONObject();
+        }
+    }
+
+    @TestExtension
+    public static class TestTelemetry extends Telemetry {
+
+        @Nonnull
+        @Override
+        public String getId() {
+            return "test-data";
+        }
+
+        @Nonnull
+        @Override
+        public String getDisplayName() {
+            return "test-data";
+        }
+
+        @Nonnull
+        @Override
+        public LocalDate getStart() {
+            return LocalDate.MIN;
+        }
+
+        @Nonnull
+        @Override
+        public LocalDate getEnd() {
+            return LocalDate.MAX;
+        }
+
+        @Nonnull
+        @Override
+        public JSONObject createContent() {
+            return new JSONObject();
+        }
+    }
+
+    @TestExtension
+    public static class NoCrumb extends CrumbExclusion {
+        @Override
+        public boolean process(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
+            String pathInfo = request.getPathInfo();
+            if (pathInfo != null && pathInfo.startsWith("/uplink")) {
+                chain.doFilter(request, response);
+                return true;
+            }
+            return false;
+        }
+    }
+
+    private static Set<String> correlators = new HashSet<>();
+    private static Set<String> types = new HashSet<>();
+
+    @TestExtension
+    public static class TelemetryReceiver implements UnprotectedRootAction {
+        public void doEvents(StaplerRequest request, StaplerResponse response) throws IOException {
+            StringWriter sw = new StringWriter();
+            IOUtils.copy(request.getInputStream(), sw, StandardCharsets.UTF_8);
+            JSONObject json = JSONObject.fromObject(sw.toString());
+            correlators.add(json.getString("correlator"));
+            types.add(json.getString("type"));
+            counter++;
+        }
+
+        @CheckForNull
+        @Override
+        public String getIconFileName() {
+            return null;
+        }
+
+        @CheckForNull
+        @Override
+        public String getDisplayName() {
+            return null;
+        }
+
+        @CheckForNull
+        @Override
+        public String getUrlName() {
+            return "uplink";
+        }
+    }
+}
-- 
GitLab


From 4ad1cacd92d58b7795b242e0dd44e4efb72748e3 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 24 Sep 2018 16:25:55 -0700
Subject: [PATCH 732/863] [maven-release-plugin] prepare release jenkins-2.143

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 69c53a20a4..d7af96f119 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.143</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 258e26f64f..f4c2b88a93 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.143</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 7106257885..58822a01c4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.143</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.143</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..28b33018a1 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.143</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index a2a1e2502a..4eeb4d3098 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.143</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 26ff8889f462e8560b9bc7d4c898d5f78b90fb81 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 24 Sep 2018 16:26:03 -0700
Subject: [PATCH 733/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 6 +++---
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d7af96f119..69c53a20a4 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.143</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index f4c2b88a93..258e26f64f 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.143</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 58822a01c4..170c042c5a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.143</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.143</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.143</revision>
+    <revision>2.144</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 28b33018a1..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.143</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 4eeb4d3098..a2a1e2502a 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.143</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 7509cde3432cfea68bb99d6e4b0b0e0cba8b3cd4 Mon Sep 17 00:00:00 2001
From: Kanstantsin Shautsou <kanstantsin.sha@gmail.com>
Date: Tue, 25 Sep 2018 03:37:32 +0300
Subject: [PATCH 734/863] Exclude UI screw

---
 core/src/main/java/hudson/model/View.java | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/src/main/java/hudson/model/View.java b/core/src/main/java/hudson/model/View.java
index cc75811fa1..de1dc343e8 100644
--- a/core/src/main/java/hudson/model/View.java
+++ b/core/src/main/java/hudson/model/View.java
@@ -192,6 +192,7 @@ public abstract class View extends AbstractModelObject implements AccessControll
     /**
      * Gets all the items in this collection in a read-only view.
      */
+    @Nonnull
     @Exported(name="jobs")
     public abstract Collection<TopLevelItem> getItems();
 
-- 
GitLab


From 037a1c06a08f485360088595f410063dd869f3c5 Mon Sep 17 00:00:00 2001
From: lqli <lqli@alauda.io>
Date: Tue, 25 Sep 2018 16:31:08 +0800
Subject: [PATCH 735/863] warp successive words in help

---
 war/src/main/webapp/css/style.css | 1 +
 1 file changed, 1 insertion(+)

diff --git a/war/src/main/webapp/css/style.css b/war/src/main/webapp/css/style.css
index d698e65359..ebc646374d 100644
--- a/war/src/main/webapp/css/style.css
+++ b/war/src/main/webapp/css/style.css
@@ -777,6 +777,7 @@ LABEL.attach-previous {
   background-color: #f0f0f0;
   padding: 1em;
   margin-bottom: 1em;
+  word-break: break-word;
 }
 
 .help .from-plugin {
-- 
GitLab


From d3441de2e2400e37e1f16969dcb2975545c7da1c Mon Sep 17 00:00:00 2001
From: M Ramon Leon <manuelramonleonjimenez@gmail.com>
Date: Tue, 25 Sep 2018 13:14:46 +0200
Subject: [PATCH 736/863] [JENKINS-27177] Add disable plugin command and tests

---
 .../java/hudson/cli/DisablePluginCommand.java | 135 ++++++++++++++
 .../resources/hudson/cli/Messages.properties  |   9 +
 .../hudson/cli/DisablePluginCommandTest.java  | 170 ++++++++++++++++++
 3 files changed, 314 insertions(+)
 create mode 100644 core/src/main/java/hudson/cli/DisablePluginCommand.java
 create mode 100644 test/src/test/java/hudson/cli/DisablePluginCommandTest.java

diff --git a/core/src/main/java/hudson/cli/DisablePluginCommand.java b/core/src/main/java/hudson/cli/DisablePluginCommand.java
new file mode 100644
index 0000000000..a88ff6c5e7
--- /dev/null
+++ b/core/src/main/java/hudson/cli/DisablePluginCommand.java
@@ -0,0 +1,135 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018 CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+package hudson.cli;
+
+import hudson.Extension;
+import hudson.PluginManager;
+import hudson.PluginWrapper;
+import jenkins.model.Jenkins;
+import org.kohsuke.args4j.Argument;
+import org.kohsuke.args4j.Option;
+
+import java.io.IOException;
+import java.io.PrintStream;
+import java.util.List;
+import java.util.Set;
+
+/**
+ * Disable one or more installed plugins. If the plugin has an enabled dependant then it can't be disabled, the process
+ * continues, but the exit code is 16, instead of 0. Disabling an already disabled plugin does nothing. It only restart
+ * if, at least, one plugin has been disabled and the restart option was set.
+ *
+ * @since 2.136
+ */
+@Extension
+public class DisablePluginCommand extends CLICommand {
+
+    @Argument(metaVar = "plugins", required = true, usage = "Plugins to be disabled.")
+    private List<String> pluginNames;
+
+    @Option(name = "-restart", usage = "Restart Jenkins after disabling plugins.")
+    private boolean restart;
+
+    @Override
+    public String getShortDescription() {
+        return Messages.DisablePluginCommand_ShortDescription();
+    }
+
+    @Override
+    protected void printUsageSummary(PrintStream stderr) {
+        stderr.println(Messages.DisablePluginCommand_PrintUsageSummary());
+    }
+
+    @Override
+    protected int run() throws Exception {
+        Jenkins jenkins = Jenkins.get();
+        jenkins.checkPermission(Jenkins.ADMINISTER);
+
+        PluginManager manager = jenkins.getPluginManager();
+        int result = 0;
+        boolean somePluginDisabled = false; // to ensure we restart when it needs to
+        for (String pluginName : pluginNames) {
+            switch (disablePlugin(manager, pluginName)) {
+                case DISABLED:
+                    if(!somePluginDisabled) somePluginDisabled = true;
+                    break;
+                case NOT_DISABLED_DEPENDANTS:
+                    if(result != 16) result = 16; // Custom error code to indicate one plugin, at least, can't be disabled
+            }
+        }
+
+        if (restart && somePluginDisabled) {
+            jenkins.safeRestart();
+        }
+
+        return result;
+    }
+
+    /**
+     * Try to disable a  plugin.
+     * @param manager The PluginManager.
+     * @param shortName The name of the plugin to disable.
+     * @return The result of the disabling of this plugin. See {@link DISABLING_STATUS}
+     * @throws IOException An exception disabling the plugin. See {@link PluginWrapper#disable()}
+     */
+    private DISABLING_STATUS disablePlugin(PluginManager manager, String shortName) throws IOException {
+        PluginWrapper plugin = manager.getPlugin(shortName);
+        if (plugin == null) {
+            throw new IllegalArgumentException(Messages.DisablePluginCommand_NoSuchPlugin(shortName)); // exit with 3
+        }
+
+        if (!plugin.isEnabled()) {
+            stdout.format(Messages.DisablePluginCommand_Already_Disabled(shortName));
+            stdout.println();
+            return DISABLING_STATUS.ALREADY_DISABLED;
+        }
+
+        Set<String> dependants = plugin.getDependants();
+        for (String dependant : dependants) {
+            PluginWrapper dependantPlugin = manager.getPlugin(dependant);
+            if (dependantPlugin != null && dependantPlugin.isEnabled()) {
+                // TO-DO: stdout or stderr? the process continues but as the result code is not 0, it looks like stderr
+                stderr.format(Messages.DisablePluginCommand_Plugin_Has_Dependant(shortName, dependant));
+                stderr.println();
+                return DISABLING_STATUS.NOT_DISABLED_DEPENDANTS;
+            }
+        }
+
+        plugin.disable();
+        stdout.format(Messages.DisablePluginCommand_Plugin_Disabled(plugin.getShortName()));
+        stdout.println();
+
+        return DISABLING_STATUS.DISABLED;
+    }
+
+    /**
+     * An enum to hold the status of a disabling action. To do it more reader-friendly.
+     */
+    private enum DISABLING_STATUS {
+        DISABLED,
+        ALREADY_DISABLED,
+        NOT_DISABLED_DEPENDANTS
+    }
+}
diff --git a/core/src/main/resources/hudson/cli/Messages.properties b/core/src/main/resources/hudson/cli/Messages.properties
index df4e3f5125..77363f8954 100644
--- a/core/src/main/resources/hudson/cli/Messages.properties
+++ b/core/src/main/resources/hudson/cli/Messages.properties
@@ -113,3 +113,12 @@ WaitNodeOfflineCommand.ShortDescription=Wait for a node to become offline.
 
 CliProtocol.displayName=Jenkins CLI Protocol/1 (unencrypted)
 CliProtocol2.displayName=Jenkins CLI Protocol/2 (transport encryption)
+
+DisablePluginCommand.ShortDescription=\
+Disables one or more installed plugins.
+DisablePluginCommand.Already.Disabled=The plugin {0} was already disabled.
+DisablePluginCommand.Plugin.Has.Dependant=The plugin {0} has, at least, one dependant plugin ({1}), so it can't be disabled.
+DisablePluginCommand.Plugin.Disabled=Plugin {0} disabled.
+DisablePluginCommand.NoSuchPlugin=No such plugin found with the name {0}.
+DisablePluginCommand.PrintUsageSummary=\
+Disable the plugins with the given short names. Plugins are disabled in order, so make sure to include plugins with dependencies before their dependencies.
diff --git a/test/src/test/java/hudson/cli/DisablePluginCommandTest.java b/test/src/test/java/hudson/cli/DisablePluginCommandTest.java
new file mode 100644
index 0000000000..eda6970cb9
--- /dev/null
+++ b/test/src/test/java/hudson/cli/DisablePluginCommandTest.java
@@ -0,0 +1,170 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018 CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+package hudson.cli;
+
+import hudson.PluginWrapper;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.recipes.WithPlugin;
+
+import java.io.IOException;
+
+import static hudson.cli.CLICommandInvoker.Matcher.failedWith;
+import static hudson.cli.CLICommandInvoker.Matcher.succeeded;
+import static org.hamcrest.Matchers.is;
+import static org.hamcrest.Matchers.notNullValue;
+import static org.junit.Assert.*;
+
+public class DisablePluginCommandTest {
+
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+
+    @Test
+    @Issue("JENKINS-27177")
+    @WithPlugin({"depender-0.0.2.hpi", "dependee-0.0.2.hpi"})
+    public void disablePluginWithOptionalDepender() {
+        assertThat(disablePlugins("-restart", "dependee"), failedWith(16));
+        assertPluginEnabled("dependee");
+        assertJenkinsNotInQuietMode();
+    }
+
+    @Test
+    @Issue("JENKINS-27177")
+    @WithPlugin({"mandatory-depender-0.0.2.hpi", "dependee-0.0.2.hpi"})
+    public void disablePluginWithMandatoryDepender() {
+        assertThat(disablePlugins("-restart", "dependee"), failedWith(16));
+        assertPluginEnabled("dependee");
+        assertJenkinsNotInQuietMode();
+    }
+
+    @Test
+    @Issue("JENKINS-27177")
+    @WithPlugin({"mandatory-depender-0.0.2.hpi", "dependee-0.0.2.hpi"})
+    public void disableDependentPluginsWrongOrder() {
+        assertThat(disablePlugins("-restart", "dependee", "mandatory-depender"), failedWith(16));
+        assertPluginDisabled("mandatory-depender");
+        assertJenkinsInQuietMode(); // one plugin was disabled (mandatory-depender)
+    }
+
+    @Test
+    @Issue("JENKINS-27177")
+    @WithPlugin({"mandatory-depender-0.0.2.hpi", "dependee-0.0.2.hpi"})
+    public void disableDependentPluginsRightOrder() {
+        assertThat(disablePlugins("-restart", "mandatory-depender", "dependee"), succeeded());
+
+        assertPluginDisabled("dependee");
+        assertPluginDisabled("mandatory-depender");
+        assertJenkinsInQuietMode();
+    }
+
+    @Test
+    @Issue("JENKINS-27177")
+    @WithPlugin("dependee-0.0.2.hpi")
+    public void disablePluginWithoutDepender() {
+        assertThat(disablePlugins("-restart", "dependee"), succeeded());
+        assertPluginDisabled("dependee");
+        assertJenkinsInQuietMode();
+    }
+
+    @Test
+    @Issue("JENKINS-27177")
+    @WithPlugin("dependee-0.0.2.hpi")
+    public void disablePluginWithoutDependerNorRestart() {
+        assertThat(disablePlugins("dependee"), succeeded());
+        assertPluginDisabled("dependee");
+        assertJenkinsNotInQuietMode();
+    }
+
+    @Test
+    @Issue("JENKINS-27177")
+    @WithPlugin("dependee-0.0.2.hpi")
+    public void disableInvalidPlugin() {
+        assertThat(disablePlugins("-restart", "wrongname"), failedWith(3));
+        assertJenkinsNotInQuietMode();
+    }
+
+    @Test
+    @Issue("JENKINS-27177")
+    @WithPlugin("dependee-0.0.2.hpi")
+    public void disableAlreadyDisabledPluginNoRestart() throws IOException {
+        disablePlugin("dependee");
+
+        assertPluginDisabled("dependee");
+        assertThat(disablePlugins("-restart", "dependee"), succeeded());
+        assertPluginDisabled("dependee");
+        assertJenkinsNotInQuietMode();
+    }
+
+    @Test
+    @Issue("JENKINS-27177")
+    @WithPlugin({"variant.hpi", "depender-0.0.2.hpi", "mandatory-depender-0.0.2.hpi", "plugin-first.hpi", "dependee-0.0.2.hpi", })
+    public void disablePluginsWithError16() {
+        assertThat(disablePlugins("-restart", "variant", "dependee", "depender", "plugin-first", "mandatory-depender"), failedWith(16));
+        assertPluginDisabled("variant");
+        assertPluginEnabled("dependee");
+        assertPluginDisabled("depender");
+        assertPluginDisabled("plugin-first");
+        assertPluginDisabled("mandatory-depender");
+        assertJenkinsInQuietMode(); // some plugins were disabled
+    }
+
+    private void disablePlugin(String name) throws IOException {
+        PluginWrapper plugin = j.getPluginManager().getPlugin(name);
+        assertThat(plugin, is(notNullValue()));
+        plugin.disable();
+    }
+
+    /**
+     * Disable a list of plugins using the CLI command.
+     * @param args Arguments to pass to the command.
+     * @return Result of the command. 0 if succeed, 16 if some plugin couldn't be disabled due to dependant plugins.
+     */
+    private CLICommandInvoker.Result disablePlugins(String... args) {
+        return new CLICommandInvoker(j, new DisablePluginCommand()).invokeWithArgs(args);
+    }
+
+    private void assertPluginDisabled(String name) {
+        PluginWrapper plugin = j.getPluginManager().getPlugin(name);
+        assertThat(plugin, is(notNullValue()));
+        assertFalse(plugin.isEnabled());
+    }
+
+    private void assertPluginEnabled(String name) {
+        PluginWrapper plugin = j.getPluginManager().getPlugin(name);
+        assertThat(plugin, is(notNullValue()));
+        assertTrue(plugin.isEnabled());
+    }
+
+    private void assertJenkinsInQuietMode() {
+        QuietDownCommandTest.assertJenkinsInQuietMode(j);
+    }
+
+    private void assertJenkinsNotInQuietMode() {
+        QuietDownCommandTest.assertJenkinsNotInQuietMode(j);
+    }
+}
-- 
GitLab


From 43a1611f48d20bd99319370dfb25f48bd9fbf903 Mon Sep 17 00:00:00 2001
From: M Ramon Leon <manuelramonleonjimenez@gmail.com>
Date: Tue, 25 Sep 2018 15:08:24 +0200
Subject: [PATCH 737/863] [JENKINS-27177] Add check to avoid restart in windows
 and a message fix.

---
 .../test/java/hudson/cli/DisablePluginCommandTest.java | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/test/src/test/java/hudson/cli/DisablePluginCommandTest.java b/test/src/test/java/hudson/cli/DisablePluginCommandTest.java
index eda6970cb9..f4bec458fd 100644
--- a/test/src/test/java/hudson/cli/DisablePluginCommandTest.java
+++ b/test/src/test/java/hudson/cli/DisablePluginCommandTest.java
@@ -25,6 +25,7 @@
 package hudson.cli;
 
 import hudson.PluginWrapper;
+import org.junit.Assume;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.Issue;
@@ -66,6 +67,7 @@ public class DisablePluginCommandTest {
     @Issue("JENKINS-27177")
     @WithPlugin({"mandatory-depender-0.0.2.hpi", "dependee-0.0.2.hpi"})
     public void disableDependentPluginsWrongOrder() {
+        assumeNotWindows();
         assertThat(disablePlugins("-restart", "dependee", "mandatory-depender"), failedWith(16));
         assertPluginDisabled("mandatory-depender");
         assertJenkinsInQuietMode(); // one plugin was disabled (mandatory-depender)
@@ -75,8 +77,8 @@ public class DisablePluginCommandTest {
     @Issue("JENKINS-27177")
     @WithPlugin({"mandatory-depender-0.0.2.hpi", "dependee-0.0.2.hpi"})
     public void disableDependentPluginsRightOrder() {
+        assumeNotWindows();
         assertThat(disablePlugins("-restart", "mandatory-depender", "dependee"), succeeded());
-
         assertPluginDisabled("dependee");
         assertPluginDisabled("mandatory-depender");
         assertJenkinsInQuietMode();
@@ -86,6 +88,7 @@ public class DisablePluginCommandTest {
     @Issue("JENKINS-27177")
     @WithPlugin("dependee-0.0.2.hpi")
     public void disablePluginWithoutDepender() {
+        assumeNotWindows();
         assertThat(disablePlugins("-restart", "dependee"), succeeded());
         assertPluginDisabled("dependee");
         assertJenkinsInQuietMode();
@@ -124,6 +127,7 @@ public class DisablePluginCommandTest {
     @Issue("JENKINS-27177")
     @WithPlugin({"variant.hpi", "depender-0.0.2.hpi", "mandatory-depender-0.0.2.hpi", "plugin-first.hpi", "dependee-0.0.2.hpi", })
     public void disablePluginsWithError16() {
+        assumeNotWindows();
         assertThat(disablePlugins("-restart", "variant", "dependee", "depender", "plugin-first", "mandatory-depender"), failedWith(16));
         assertPluginDisabled("variant");
         assertPluginEnabled("dependee");
@@ -167,4 +171,8 @@ public class DisablePluginCommandTest {
     private void assertJenkinsNotInQuietMode() {
         QuietDownCommandTest.assertJenkinsNotInQuietMode(j);
     }
+
+    private void assumeNotWindows() {
+        Assume.assumeFalse(System.getProperty("os.name").startsWith("Windows"));
+    }
 }
-- 
GitLab


From 1062f9abd86271bfec678d4f1f103639d11873ca Mon Sep 17 00:00:00 2001
From: M Ramon Leon <manuelramonleonjimenez@gmail.com>
Date: Tue, 25 Sep 2018 15:26:40 +0200
Subject: [PATCH 738/863] [JENKINS-27177] Some polishment.

---
 .../java/hudson/cli/DisablePluginCommand.java    | 16 ++++++++--------
 .../resources/hudson/cli/Messages.properties     |  2 +-
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/core/src/main/java/hudson/cli/DisablePluginCommand.java b/core/src/main/java/hudson/cli/DisablePluginCommand.java
index a88ff6c5e7..a0eca19f0b 100644
--- a/core/src/main/java/hudson/cli/DisablePluginCommand.java
+++ b/core/src/main/java/hudson/cli/DisablePluginCommand.java
@@ -41,7 +41,7 @@ import java.util.Set;
  * continues, but the exit code is 16, instead of 0. Disabling an already disabled plugin does nothing. It only restart
  * if, at least, one plugin has been disabled and the restart option was set.
  *
- * @since 2.136
+ * @since TODO
  */
 @Extension
 public class DisablePluginCommand extends CLICommand {
@@ -59,6 +59,7 @@ public class DisablePluginCommand extends CLICommand {
 
     @Override
     protected void printUsageSummary(PrintStream stderr) {
+        super.printUsageSummary(stderr);
         stderr.println(Messages.DisablePluginCommand_PrintUsageSummary());
     }
 
@@ -91,10 +92,10 @@ public class DisablePluginCommand extends CLICommand {
      * Try to disable a  plugin.
      * @param manager The PluginManager.
      * @param shortName The name of the plugin to disable.
-     * @return The result of the disabling of this plugin. See {@link DISABLING_STATUS}
+     * @return The result of the disabling of this plugin. See {@link DisablingStatus}
      * @throws IOException An exception disabling the plugin. See {@link PluginWrapper#disable()}
      */
-    private DISABLING_STATUS disablePlugin(PluginManager manager, String shortName) throws IOException {
+    private DisablingStatus disablePlugin(PluginManager manager, String shortName) throws IOException {
         PluginWrapper plugin = manager.getPlugin(shortName);
         if (plugin == null) {
             throw new IllegalArgumentException(Messages.DisablePluginCommand_NoSuchPlugin(shortName)); // exit with 3
@@ -103,17 +104,16 @@ public class DisablePluginCommand extends CLICommand {
         if (!plugin.isEnabled()) {
             stdout.format(Messages.DisablePluginCommand_Already_Disabled(shortName));
             stdout.println();
-            return DISABLING_STATUS.ALREADY_DISABLED;
+            return DisablingStatus.ALREADY_DISABLED;
         }
 
         Set<String> dependants = plugin.getDependants();
         for (String dependant : dependants) {
             PluginWrapper dependantPlugin = manager.getPlugin(dependant);
             if (dependantPlugin != null && dependantPlugin.isEnabled()) {
-                // TO-DO: stdout or stderr? the process continues but as the result code is not 0, it looks like stderr
                 stderr.format(Messages.DisablePluginCommand_Plugin_Has_Dependant(shortName, dependant));
                 stderr.println();
-                return DISABLING_STATUS.NOT_DISABLED_DEPENDANTS;
+                return DisablingStatus.NOT_DISABLED_DEPENDANTS;
             }
         }
 
@@ -121,13 +121,13 @@ public class DisablePluginCommand extends CLICommand {
         stdout.format(Messages.DisablePluginCommand_Plugin_Disabled(plugin.getShortName()));
         stdout.println();
 
-        return DISABLING_STATUS.DISABLED;
+        return DisablingStatus.DISABLED;
     }
 
     /**
      * An enum to hold the status of a disabling action. To do it more reader-friendly.
      */
-    private enum DISABLING_STATUS {
+    private enum DisablingStatus {
         DISABLED,
         ALREADY_DISABLED,
         NOT_DISABLED_DEPENDANTS
diff --git a/core/src/main/resources/hudson/cli/Messages.properties b/core/src/main/resources/hudson/cli/Messages.properties
index 77363f8954..73a6609eab 100644
--- a/core/src/main/resources/hudson/cli/Messages.properties
+++ b/core/src/main/resources/hudson/cli/Messages.properties
@@ -117,7 +117,7 @@ CliProtocol2.displayName=Jenkins CLI Protocol/2 (transport encryption)
 DisablePluginCommand.ShortDescription=\
 Disables one or more installed plugins.
 DisablePluginCommand.Already.Disabled=The plugin {0} was already disabled.
-DisablePluginCommand.Plugin.Has.Dependant=The plugin {0} has, at least, one dependant plugin ({1}), so it can't be disabled.
+DisablePluginCommand.Plugin.Has.Dependant=The plugin {0} has, at least, one dependant plugin ({1}), so it cannot be disabled.
 DisablePluginCommand.Plugin.Disabled=Plugin {0} disabled.
 DisablePluginCommand.NoSuchPlugin=No such plugin found with the name {0}.
 DisablePluginCommand.PrintUsageSummary=\
-- 
GitLab


From 18be1960d145293084cfab48bfffb1ab65e147fc Mon Sep 17 00:00:00 2001
From: M Ramon Leon <manuelramonleonjimenez@gmail.com>
Date: Tue, 25 Sep 2018 17:49:07 +0200
Subject: [PATCH 739/863] [JENKINS-27177] Change windows check.

---
 test/src/test/java/hudson/cli/DisablePluginCommandTest.java | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/test/src/test/java/hudson/cli/DisablePluginCommandTest.java b/test/src/test/java/hudson/cli/DisablePluginCommandTest.java
index f4bec458fd..afac7929d0 100644
--- a/test/src/test/java/hudson/cli/DisablePluginCommandTest.java
+++ b/test/src/test/java/hudson/cli/DisablePluginCommandTest.java
@@ -24,6 +24,7 @@
 
 package hudson.cli;
 
+import hudson.Functions;
 import hudson.PluginWrapper;
 import org.junit.Assume;
 import org.junit.Rule;
@@ -173,6 +174,6 @@ public class DisablePluginCommandTest {
     }
 
     private void assumeNotWindows() {
-        Assume.assumeFalse(System.getProperty("os.name").startsWith("Windows"));
+        Assume.assumeFalse(Functions.isWindows());
     }
 }
-- 
GitLab


From 764fd53eaec834c41acb659c9e118b6f4d147eea Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Thu, 30 Aug 2018 15:00:50 +0200
Subject: [PATCH 740/863] Merge pull request #3602 from olamy/winstone_4.5

[JENKINS-53239] - Use winstone 5.0

(cherry picked from commit 4fc0e8874ee0ef9e4839c60e472e001943a060bf)
---
 war/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/war/pom.xml b/war/pom.xml
index 5c3b3557ca..a2a1e2502a 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -89,7 +89,7 @@ THE SOFTWARE.
       -->
       <groupId>org.jenkins-ci</groupId>
       <artifactId>winstone</artifactId>
-      <version>4.4</version>
+      <version>5.0</version>
       <scope>test</scope>
     </dependency>
     <dependency>
-- 
GitLab


From 9c453fba8af97573c3d00c357413f73577553b7b Mon Sep 17 00:00:00 2001
From: ikedam <devld@ikedam.jp>
Date: Sun, 19 Aug 2018 03:06:58 +0900
Subject: [PATCH 741/863] [JENKINS-37599] Fix handling of "minimum" in
 f:repeatable and f:repeatableProperty (#3583)

* [JENKINS-37599] Add a test to reproduce the issue of handling "minimum" field of nestedRepeatableProperty

* [JENKINS-37599] Default the minimum of repeatable and repeatableProperty to 0

(cherry picked from commit 1a27da9c7f0e566a1a9406081c0625a0ff8c2f57)
---
 .../main/resources/lib/form/repeatable.jelly  |  1 +
 .../lib/form/repeatableProperty.jelly         |  2 +-
 .../java/lib/form/RepeatablePropertyTest.java | 52 +++++++++++++++++++
 .../ExcitingObjectContainer/config.jelly      |  9 ++++
 .../form/RepeatablePropertyTest/nested.jelly  | 14 +++++
 5 files changed, 77 insertions(+), 1 deletion(-)
 create mode 100644 test/src/test/resources/lib/form/RepeatablePropertyTest/ExcitingObjectContainer/config.jelly
 create mode 100644 test/src/test/resources/lib/form/RepeatablePropertyTest/nested.jelly

diff --git a/core/src/main/resources/lib/form/repeatable.jelly b/core/src/main/resources/lib/form/repeatable.jelly
index c326bd1452..09098d9203 100644
--- a/core/src/main/resources/lib/form/repeatable.jelly
+++ b/core/src/main/resources/lib/form/repeatable.jelly
@@ -107,6 +107,7 @@ THE SOFTWARE.
     </st:attribute>
     <st:attributeConstraints expr="((var,items,name?)|field),varStatus?,noAddButton?,enableTopButton?,add?,minimum?,header?"/>
   </st:documentation>
+  <j:set var="minimum" value="${attrs.minimum ?: 0}" />
 
 
   <st:adjunct includes="lib.form.repeatable.repeatable"/>
diff --git a/core/src/main/resources/lib/form/repeatableProperty.jelly b/core/src/main/resources/lib/form/repeatableProperty.jelly
index bceab6d2f6..d2198b2742 100644
--- a/core/src/main/resources/lib/form/repeatableProperty.jelly
+++ b/core/src/main/resources/lib/form/repeatableProperty.jelly
@@ -67,7 +67,7 @@ THE SOFTWARE.
   </st:documentation>
 
 
-  <f:repeatable field="${attrs.field}" default="${attrs.default}" noAddButton="${attrs.noAddButton}" header="${attrs.header}" add="${attrs.add}" enableTopButton="${attrs.enableTopButton}">
+  <f:repeatable field="${attrs.field}" default="${attrs.default}" noAddButton="${attrs.noAddButton}" header="${attrs.header}" add="${attrs.add}" minimum="${attrs.minimum ?: 0}" enableTopButton="${attrs.enableTopButton}">
     <table style="width:100%">
       <st:include page="config.jelly" class="${descriptor.clazz}" />
       <d:invokeBody/>
diff --git a/test/src/test/java/lib/form/RepeatablePropertyTest.java b/test/src/test/java/lib/form/RepeatablePropertyTest.java
index 405a6f339b..f12a26399a 100644
--- a/test/src/test/java/lib/form/RepeatablePropertyTest.java
+++ b/test/src/test/java/lib/form/RepeatablePropertyTest.java
@@ -29,14 +29,20 @@ import com.gargoylesoftware.htmlunit.html.HtmlForm;
 import com.gargoylesoftware.htmlunit.html.HtmlPage;
 import com.gargoylesoftware.htmlunit.html.HtmlTextInput;
 import hudson.Extension;
+import hudson.model.AbstractDescribableImpl;
 import hudson.model.Describable;
 import hudson.model.Descriptor;
 import jenkins.model.Jenkins;
+
+import org.apache.commons.collections4.CollectionUtils;
+import org.apache.commons.collections4.Predicate;
 import org.jvnet.hudson.test.HudsonTestCase;
+import org.jvnet.hudson.test.Issue;
 import org.kohsuke.stapler.DataBoundConstructor;
 
 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.Collections;
 import java.util.List;
 
 public class RepeatablePropertyTest extends HudsonTestCase implements Describable<RepeatablePropertyTest> {
@@ -46,6 +52,7 @@ public class RepeatablePropertyTest extends HudsonTestCase implements Describabl
     
     public ArrayList<ExcitingObject> testRepeatable;
     public ArrayList<ExcitingObject> defaults;
+    public List<ExcitingObjectContainer> testRepeatableContainer;
     
     public void testSimple() throws Exception {
         testRepeatable = createRepeatable();
@@ -69,6 +76,32 @@ public class RepeatablePropertyTest extends HudsonTestCase implements Describabl
         ));
         assertFormContents(VIEW_WITH_DEFAULT, testRepeatable);
     }
+
+    @Issue("JENKINS-37599")
+    public void testNestedRepeatableProperty() throws Exception {
+        testRepeatableContainer = Collections.emptyList();
+        // minimum="1" is set for the upper one,
+        // the form should be:
+        // * 1 ExcitingObjectCotainer
+        // * no ExcitingObject
+        final HtmlForm form = getForm("nested");
+        List<HtmlTextInput> containerNameInputs = form.getElementsByAttribute("input", "type", "text");
+        CollectionUtils.filter(containerNameInputs, new Predicate<HtmlTextInput>() {
+            @Override
+            public boolean evaluate(HtmlTextInput input) {
+                return input.getNameAttribute().endsWith(".containerName");
+            }
+        });
+        List<HtmlTextInput> greatPropertyInputs = form.getElementsByAttribute("input", "type", "text");
+        CollectionUtils.filter(greatPropertyInputs, new Predicate<HtmlTextInput>() {
+            @Override
+            public boolean evaluate(HtmlTextInput input) {
+                return input.getNameAttribute().endsWith(".greatProperty");
+            }
+        });
+        assertEquals(1, containerNameInputs.size());
+        assertEquals(0, greatPropertyInputs.size());
+    }
         
     private void assertFormContents(final String viewName, final ArrayList<ExcitingObject> expected) throws Exception {
         final HtmlForm form = getForm(viewName);
@@ -147,4 +180,23 @@ public class RepeatablePropertyTest extends HudsonTestCase implements Describabl
         }
     }
 
+    public static final class ExcitingObjectContainer extends AbstractDescribableImpl<ExcitingObjectContainer> {
+        String containerName;
+        List<ExcitingObject> excitingObjectList;
+
+        @DataBoundConstructor
+        public ExcitingObjectContainer(String containerName, List<ExcitingObject> excitingObjectList) {
+            this.containerName = containerName;
+            this.excitingObjectList = excitingObjectList;
+        }
+        public String getContainerName() {
+            return containerName;
+        }
+        public List<ExcitingObject> getExcitingObjectList() {
+            return excitingObjectList;
+        }
+        @Extension
+        public static final class DescriptorImpl extends Descriptor<ExcitingObjectContainer> {
+        }
+    }
 }
diff --git a/test/src/test/resources/lib/form/RepeatablePropertyTest/ExcitingObjectContainer/config.jelly b/test/src/test/resources/lib/form/RepeatablePropertyTest/ExcitingObjectContainer/config.jelly
new file mode 100644
index 0000000000..0bb4c48ef8
--- /dev/null
+++ b/test/src/test/resources/lib/form/RepeatablePropertyTest/ExcitingObjectContainer/config.jelly
@@ -0,0 +1,9 @@
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
+    <f:entry field="containerName">
+        <f:textbox/>
+    </f:entry>
+    <f:entry title="Exciting Objects">
+        <f:repeatableProperty field="excitingObjectList"/>
+    </f:entry>
+</j:jelly>
diff --git a/test/src/test/resources/lib/form/RepeatablePropertyTest/nested.jelly b/test/src/test/resources/lib/form/RepeatablePropertyTest/nested.jelly
new file mode 100644
index 0000000000..e238e042be
--- /dev/null
+++ b/test/src/test/resources/lib/form/RepeatablePropertyTest/nested.jelly
@@ -0,0 +1,14 @@
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
+    <l:layout title="Testing nested repeatableProperty">
+        <l:main-panel>
+            <f:form method="post" name="config" action="thisFormIsOnlyInspectedInTheTests">
+                <j:set var="instance" value="${it}" />
+                <j:set var="descriptor" value="${it.descriptor}" />
+                <f:entry title="Nested Exciting Objects">
+                    <f:repeatableProperty field="testRepeatableContainer" minimum="1" />
+                </f:entry>
+            </f:form>
+        </l:main-panel>
+    </l:layout>
+</j:jelly>
-- 
GitLab


From 1a19fb69a14ca7805f16148e03fd291ce2b48c7f Mon Sep 17 00:00:00 2001
From: Baptiste Mathus <bmathus@gmail.com>
Date: Thu, 13 Sep 2018 17:52:26 +0200
Subject: [PATCH 742/863] Merge pull request #3621 from
 batmat/remove-obsolete-note

[JENKINS-53549] Remove wrong notice since these options are not available anymore

(cherry picked from commit cb6b5ea7f3baae3313e4ca11ee5cda84bb1d9eaa)
---
 war/src/main/webapp/help/system-config/homeDirectory.html  | 7 ++-----
 .../main/webapp/help/system-config/homeDirectory_it.html   | 2 --
 2 files changed, 2 insertions(+), 7 deletions(-)

diff --git a/war/src/main/webapp/help/system-config/homeDirectory.html b/war/src/main/webapp/help/system-config/homeDirectory.html
index 9a6a4e6971..c2a161b220 100644
--- a/war/src/main/webapp/help/system-config/homeDirectory.html
+++ b/war/src/main/webapp/help/system-config/homeDirectory.html
@@ -1,9 +1,6 @@
 <div>
-  By default, Jenkins stores all of its data in this directory on the file
-  system.
-  <br>
-  Under the <i>Advanced</i> section, you can choose to store build workspaces
-  and build records elsewhere.
+  <p>By default, Jenkins stores all of its data in this directory on the file
+    system.</p>
   <p>
   There are a few ways to change the Jenkins home directory:
   <ul>
diff --git a/war/src/main/webapp/help/system-config/homeDirectory_it.html b/war/src/main/webapp/help/system-config/homeDirectory_it.html
index 1f88cf7989..845a87d1f1 100644
--- a/war/src/main/webapp/help/system-config/homeDirectory_it.html
+++ b/war/src/main/webapp/help/system-config/homeDirectory_it.html
@@ -2,8 +2,6 @@
   Per impostazione predefinita, Jenkins salva tutti i propri dati in questa
   directory sul filesystem.
   <br>
-  Nella sezione <i>Avanzate</i> è possibile scegliere di salvare gli spazi di
-  lavoro e i registri delle compilazioni in un'altra posizione.
   <p>
   Ci sono modi differenti di modificare la directory home di Jenkins:
   <ul>
-- 
GitLab


From 8e5359a834b12eb8c1dc4c67e9413e65f95bf9b4 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Fri, 21 Sep 2018 20:44:43 -0700
Subject: [PATCH 743/863] Merge pull request #3609 from Vlatombe/JENKINS-53401

[JENKINS-53401] Tie nodeProperties to the current node for save purpose

(cherry picked from commit b41a139e2687480275072be8f6c1c7eaeaee0bc8)
---
 core/src/main/java/hudson/model/Slave.java    |  6 +-
 .../java/hudson/slaves/NodeParallelTest.java  | 64 +++++++++++++++++++
 2 files changed, 67 insertions(+), 3 deletions(-)
 create mode 100644 test/src/test/java/hudson/slaves/NodeParallelTest.java

diff --git a/core/src/main/java/hudson/model/Slave.java b/core/src/main/java/hudson/model/Slave.java
index c3a497f9a1..59fa3eb20d 100644
--- a/core/src/main/java/hudson/model/Slave.java
+++ b/core/src/main/java/hudson/model/Slave.java
@@ -146,8 +146,8 @@ public abstract class Slave extends Node implements Serializable {
      */
     private String label="";
 
-    private /*almost final*/ DescribableList<NodeProperty<?>,NodePropertyDescriptor> nodeProperties = 
-                                    new DescribableList<NodeProperty<?>,NodePropertyDescriptor>(Jenkins.getInstance().getNodesObject());
+    private /*almost final*/ DescribableList<NodeProperty<?>,NodePropertyDescriptor> nodeProperties =
+            new DescribableList<>(this);
 
     /**
      * Lazily computed set of labels from {@link #label}.
@@ -559,7 +559,7 @@ public abstract class Slave extends Node implements Serializable {
      */
     protected Object readResolve() {
         if(nodeProperties==null)
-            nodeProperties = new DescribableList<NodeProperty<?>,NodePropertyDescriptor>(Jenkins.getInstance().getNodesObject());
+            nodeProperties = new DescribableList<>(this);
         return this;
     }
 
diff --git a/test/src/test/java/hudson/slaves/NodeParallelTest.java b/test/src/test/java/hudson/slaves/NodeParallelTest.java
new file mode 100644
index 0000000000..327cd0748b
--- /dev/null
+++ b/test/src/test/java/hudson/slaves/NodeParallelTest.java
@@ -0,0 +1,64 @@
+package hudson.slaves;
+
+import static org.junit.Assert.fail;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Set;
+import java.util.concurrent.Callable;
+import java.util.concurrent.ExecutionException;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.Executors;
+import java.util.concurrent.Future;
+import java.util.concurrent.atomic.AtomicInteger;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+
+public class NodeParallelTest {
+
+    @Rule
+    public JenkinsRule r = new JenkinsRule();
+
+    private static final Logger LOGGER = Logger.getLogger(NodeParallelTest.class.getName());
+
+    private final AtomicInteger count = new AtomicInteger();
+
+    @Test
+    @Issue("JENKINS-53401")
+    public void createNodesWithParallelThreads() throws InterruptedException, ExecutionException {
+        int n = 50;
+        List<Callable<Void>> tasks = Collections.nCopies(n, () -> {
+            try {
+                int i = count.incrementAndGet();
+                LOGGER.log(Level.INFO, "Creating slave " + i);
+                // JenkinsRule sync on Jenkins singleton, so this doesn't work
+                // r.createSlave();
+                DumbSlave agent = new DumbSlave("agent-"+i, "/tmp", new JNLPLauncher(true));
+                r.jenkins.addNode(agent);
+                agent.setNodeProperties(Collections.singletonList(new EnvironmentVariablesNodeProperty(new EnvironmentVariablesNodeProperty.Entry("foo", "" + i))));
+                return null;
+            } catch (Exception e1) {
+                throw new RuntimeException(e1);
+            }
+        });
+        ExecutorService executorService = Executors.newFixedThreadPool(n);
+        List<Future<Void>> futures = executorService.invokeAll(tasks);
+        List<Void> resultList = new ArrayList<>(futures.size());
+        // Check for exceptions
+        try {
+            for (Future<Void> future : futures) {
+                // Throws an exception if an exception was thrown by the task.
+                resultList.add(future.get());
+            }
+        } catch (RuntimeException e) {
+            e.printStackTrace();
+            fail(e.getMessage());
+        }
+    }
+}
-- 
GitLab


From d98f072b6aad653b5abc85118ee2fcf7556be826 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Sat, 22 Sep 2018 13:41:57 -0700
Subject: [PATCH 744/863] [JEP-214] Telemetry with initial escape hatch
 implementation (#3604)

(cherry picked from commit 722ff407c4083d47e97f43a86b00a7dff0930c04)
---
 .../java/jenkins/telemetry/Correlator.java    |  63 ++++++
 .../java/jenkins/telemetry/Telemetry.java     | 196 ++++++++++++++++
 .../impl/SecuritySystemProperties.java        | 117 ++++++++++
 .../help-usageStatisticsCollected.html        |  21 --
 .../help-usageStatisticsCollected.jelly       |  48 ++++
 .../help-usageStatisticsCollected_bg.html     |  22 --
 .../help-usageStatisticsCollected_fr.html     |  25 ---
 .../help-usageStatisticsCollected_it.html     |  25 ---
 .../help-usageStatisticsCollected_ja.html     |  22 --
 .../help-usageStatisticsCollected_pt_BR.html  |  20 --
 .../description.jelly                         |   6 +
 .../java/jenkins/telemetry/TelemetryTest.java | 209 ++++++++++++++++++
 12 files changed, 639 insertions(+), 135 deletions(-)
 create mode 100644 core/src/main/java/jenkins/telemetry/Correlator.java
 create mode 100644 core/src/main/java/jenkins/telemetry/Telemetry.java
 create mode 100644 core/src/main/java/jenkins/telemetry/impl/SecuritySystemProperties.java
 delete mode 100644 core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.html
 create mode 100644 core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.jelly
 delete mode 100644 core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_bg.html
 delete mode 100644 core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_fr.html
 delete mode 100644 core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_it.html
 delete mode 100644 core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_ja.html
 delete mode 100644 core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_pt_BR.html
 create mode 100644 core/src/main/resources/jenkins/telemetry/impl/SecuritySystemProperties/description.jelly
 create mode 100644 test/src/test/java/jenkins/telemetry/TelemetryTest.java

diff --git a/core/src/main/java/jenkins/telemetry/Correlator.java b/core/src/main/java/jenkins/telemetry/Correlator.java
new file mode 100644
index 0000000000..ea583bdb1f
--- /dev/null
+++ b/core/src/main/java/jenkins/telemetry/Correlator.java
@@ -0,0 +1,63 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.telemetry;
+
+import hudson.Extension;
+import hudson.model.Describable;
+import hudson.model.Descriptor;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+
+import java.util.UUID;
+
+/**
+ * This class stores a UUID identifying this instance for telemetry reporting to allow deduplication or merging of submitted records.
+ *
+ * We're not using anything derived from instance identity so we cannot connect an instance's public appearance with its submissions.
+ *
+ * This really only uses Descriptor/Describable to get a Saveable implementation for free.
+ */
+@Extension
+@Restricted(NoExternalUse.class)
+public class Correlator extends Descriptor<Correlator> implements Describable<Correlator> {
+    private String correlationId;
+
+    public Correlator() {
+        super(Correlator.class);
+        load();
+        if (correlationId == null) {
+            correlationId = UUID.randomUUID().toString();
+            save();
+        }
+    }
+
+    public String getCorrelationId() {
+        return correlationId;
+    }
+
+    @Override
+    public Descriptor<Correlator> getDescriptor() {
+        return this;
+    }
+}
\ No newline at end of file
diff --git a/core/src/main/java/jenkins/telemetry/Telemetry.java b/core/src/main/java/jenkins/telemetry/Telemetry.java
new file mode 100644
index 0000000000..ec766206ea
--- /dev/null
+++ b/core/src/main/java/jenkins/telemetry/Telemetry.java
@@ -0,0 +1,196 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.telemetry;
+
+import com.google.common.annotations.VisibleForTesting;
+import hudson.Extension;
+import hudson.ExtensionList;
+import hudson.ExtensionPoint;
+import hudson.ProxyConfiguration;
+import hudson.model.AsyncPeriodicWork;
+import hudson.model.TaskListener;
+import hudson.model.UsageStatistics;
+import jenkins.model.Jenkins;
+import jenkins.util.SystemProperties;
+import net.sf.json.JSONObject;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+
+import javax.annotation.Nonnull;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.io.OutputStreamWriter;
+import java.net.HttpURLConnection;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.net.URLConnection;
+import java.nio.charset.StandardCharsets;
+import java.time.LocalDate;
+import java.util.concurrent.TimeUnit;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+/**
+ * Extension point for collecting JEP-214 telemetry.
+ *
+ * @see <a href="https://github.com/jenkinsci/jep/tree/master/jep/214">JEP-214</a>
+ *
+ * @since TODO
+ */
+public abstract class Telemetry implements ExtensionPoint {
+
+    // https://webhook.site is a nice stand-in for this during development; just needs to end in ? to submit the ID as query parameter
+    @Restricted(NoExternalUse.class)
+    @VisibleForTesting
+    static String ENDPOINT = SystemProperties.getString(Telemetry.class.getName() + ".endpoint", "https://uplink.jenkins.io/events");
+
+    private static final Logger LOGGER = Logger.getLogger(Telemetry.class.getName());
+
+    /**
+     * ID of this collector, typically a basic alphanumeric string (and _- characters).
+     *
+     * Good IDs are globally unique and human readable (i.e. no UUIDs).
+     *
+     * For a periodically updated list of all public implementations, see https://jenkins.io/doc/developer/extensions/jenkins-core/#telemetry
+     * 
+     * @return ID of the collector, never null or empty
+     */
+    @Nonnull
+    public abstract String getId();
+
+    /**
+     * User friendly display name for this telemetry collector, ideally localized.
+     *
+     * @return display name, never null or empty
+     */
+    @Nonnull
+    public abstract String getDisplayName();
+
+    /**
+     * Start date for the collection.
+     * Will be checked in Jenkins to not collect outside the defined time span.
+     * This does not have to be precise enough for time zones to be a consideration.
+     *
+     * @return collection start date
+     */
+    @Nonnull
+    public abstract LocalDate getStart();
+
+    /**
+     * End date for the collection.
+     * Will be checked in Jenkins to not collect outside the defined time span.
+     * This does not have to be precise enough for time zones to be a consideration.
+     *
+     * @return collection end date
+     */
+    @Nonnull
+    public abstract LocalDate getEnd();
+
+    /**
+     * Returns the content to be sent to the telemetry service.
+     *
+     * This method is called periodically, once per content submission.
+     *
+     * @return
+     */
+    @Nonnull
+    public abstract JSONObject createContent();
+
+    public static ExtensionList<Telemetry> all() {
+        return ExtensionList.lookup(Telemetry.class);
+    }
+
+    @Extension
+    public static class TelemetryReporter extends AsyncPeriodicWork {
+
+        public TelemetryReporter() {
+            super("telemetry collection");
+        }
+
+        @Override
+        public long getRecurrencePeriod() {
+            return TimeUnit.HOURS.toMillis(24);
+        }
+
+        @Override
+        protected void execute(TaskListener listener) throws IOException, InterruptedException {
+            if (UsageStatistics.DISABLED || !Jenkins.getInstance().isUsageStatisticsCollected()) {
+                LOGGER.info("Collection of anonymous usage statistics is disabled, skipping telemetry collection and submission");
+                return;
+            }
+            Telemetry.all().forEach(telemetry -> {
+                if (telemetry.getStart().isAfter(LocalDate.now())) {
+                    LOGGER.config("Skipping telemetry for '" + telemetry.getId() + "' as it is configured to start later");
+                    return;
+                }
+                if (telemetry.getEnd().isBefore(LocalDate.now())) {
+                    LOGGER.config("Skipping telemetry for '" + telemetry.getId() + "' as it is configured to end in the past");
+                    return;
+                }
+
+                JSONObject data = new JSONObject();
+                try {
+                    data = telemetry.createContent();
+                } catch (Exception e) {
+                    LOGGER.log(Level.WARNING, "Failed to build telemetry content for: '" + telemetry.getId() + "'", e);
+                }
+
+                JSONObject wrappedData = new JSONObject();
+                wrappedData.put("type", telemetry.getId());
+                wrappedData.put("payload", data);
+                wrappedData.put("correlator", ExtensionList.lookupSingleton(Correlator.class).getCorrelationId());
+
+                try {
+                    URL url = new URL(ENDPOINT);
+                    URLConnection conn = ProxyConfiguration.open(url);
+                    if (!(conn instanceof HttpURLConnection)) {
+                        LOGGER.config("URL did not result in an HttpURLConnection: " + ENDPOINT);
+                        return;
+                    }
+                    HttpURLConnection http = (HttpURLConnection) conn;
+                    http.setRequestProperty("Content-Type", "application/json; charset=utf-8");
+                    http.setDoOutput(true);
+
+                    String body = wrappedData.toString();
+                    if (LOGGER.isLoggable(Level.FINEST)) {
+                        LOGGER.finest("Submitting JSON: " + body);
+                    }
+
+                    try (OutputStream out = http.getOutputStream();
+                            OutputStreamWriter writer = new OutputStreamWriter(out, StandardCharsets.UTF_8)) {
+                        writer.append(body);
+                    }
+
+                    LOGGER.config("Telemetry submission received response '" + http.getResponseCode() + " " + http.getResponseMessage() + "' for: " + telemetry.getId());
+                } catch (MalformedURLException e) {
+                    LOGGER.config("Malformed endpoint URL: " + ENDPOINT + " for telemetry: " + telemetry.getId());
+                } catch (IOException e) {
+                    // deliberately low visibility, as temporary infra problems aren't a big deal and we'd
+                    // rather have some unsuccessful submissions than admins opting out to clean up logs
+                    LOGGER.log(Level.CONFIG, "Failed to submit telemetry: " + telemetry.getId() + " to: " + ENDPOINT, e);
+                }
+            });
+        }
+    }
+}
diff --git a/core/src/main/java/jenkins/telemetry/impl/SecuritySystemProperties.java b/core/src/main/java/jenkins/telemetry/impl/SecuritySystemProperties.java
new file mode 100644
index 0000000000..ca2d9e1bf2
--- /dev/null
+++ b/core/src/main/java/jenkins/telemetry/impl/SecuritySystemProperties.java
@@ -0,0 +1,117 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.telemetry.impl;
+
+import hudson.Extension;
+import jenkins.model.Jenkins;
+import jenkins.telemetry.Telemetry;
+import jenkins.util.SystemProperties;
+import net.sf.json.JSONObject;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+
+import javax.annotation.Nonnull;
+import java.text.DateFormat;
+import java.text.SimpleDateFormat;
+import java.time.LocalDate;
+import java.util.Date;
+import java.util.Map;
+import java.util.TimeZone;
+import java.util.TreeMap;
+
+/**
+ * Telemetry implementation gathering information about system properties.
+ */
+@Extension
+@Restricted(NoExternalUse.class)
+public class SecuritySystemProperties extends Telemetry {
+    @Nonnull
+    @Override
+    public String getId() {
+        return "security-system-properties";
+    }
+
+    @Nonnull
+    @Override
+    public LocalDate getStart() {
+        return LocalDate.of(2018, 9, 1);
+    }
+
+    @Nonnull
+    @Override
+    public LocalDate getEnd() {
+        return LocalDate.of(2018, 12, 1);
+    }
+
+    @Nonnull
+    @Override
+    public String getDisplayName() {
+        return "Use of Security-related Java system properties";
+    }
+
+    @Nonnull
+    @Override
+    public JSONObject createContent() {
+        Map<String, String> security = new TreeMap<>();
+        putBoolean(security, "hudson.ConsoleNote.INSECURE", false);
+        putBoolean(security, "hudson.model.ParametersAction.keepUndefinedParameters", false);
+        putBoolean(security, "hudson.model.User.allowNonExistentUserToLogin", false);
+        putBoolean(security, "hudson.model.User.allowUserCreationViaUrl", false);
+        putBoolean(security, "hudson.model.User.SECURITY_243_FULL_DEFENSE", true);
+        putBoolean(security, "hudson.remoting.URLDeserializationHelper.avoidUrlWrapping", false);
+        putBoolean(security, "jenkins.security.ClassFilterImpl.SUPPRESS_WHITELIST", false);
+        putBoolean(security, "jenkins.security.ClassFilterImpl.SUPPRESS_ALL", false);
+
+        putStringInfo(security, "hudson.model.ParametersAction.safeParameters");
+        putStringInfo(security, "hudson.model.DirectoryBrowserSupport.CSP");
+        putStringInfo(security, "hudson.security.HudsonPrivateSecurityRealm.ID_REGEX");
+
+        Map<String, Object> info = new TreeMap<>();
+        info.put("core", Jenkins.getVersion().toString());
+        info.put("clientDate", clientDateString());
+        info.put("properties", security);
+
+        return JSONObject.fromObject(info);
+    }
+
+    private static String clientDateString() {
+        TimeZone tz = TimeZone.getTimeZone("UTC");
+        DateFormat df = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm'Z'");
+        df.setTimeZone(tz); // strip timezone
+        return df.format(new Date());
+    }
+
+    private static void putBoolean(Map<String, String> propertiesMap, String systemProperty, boolean defaultValue) {
+        propertiesMap.put(systemProperty, Boolean.toString(SystemProperties.getBoolean(systemProperty, defaultValue)));
+    }
+
+    private static void putStringInfo(Map<String, String> propertiesMap, String systemProperty) {
+        String reportedValue = "null";
+        String value = SystemProperties.getString(systemProperty);
+        if (value != null) {
+            reportedValue = Integer.toString(value.length());
+        }
+        propertiesMap.put(systemProperty, reportedValue);
+    }
+}
diff --git a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.html b/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.html
deleted file mode 100644
index 37b1e5cc65..0000000000
--- a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.html
+++ /dev/null
@@ -1,21 +0,0 @@
-<div>
-    Knowing how Jenkins is used is a tremendous help in guiding the direction of the development, especially
-    for open-source projects where users are inherently hard to track down. When this option is enabled,
-    Jenkins periodically send information about your usage of Jenkins.
-
-    <p>
-    Specifically, it contains the following information:
-
-    <ul>
-    <li>Your Jenkins version
-    <li>For your master and each agent, OS type, and # of executors
-    <li>Plugins that are installed and their versions
-    <li>Number of jobs per each job type in your Jenkins
-    </ul>
-
-    <p>
-    The information doesn't contain anything that identifies you or allows us to contact you
-    (except information inherently revealed by HTTP, such as the IP address). Tabulated
-    data of these usage statistics submissions will be shared with the community.
-
-</div>
diff --git a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.jelly b/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.jelly
new file mode 100644
index 0000000000..96df143a83
--- /dev/null
+++ b/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.jelly
@@ -0,0 +1,48 @@
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
+    <div>
+        For any project, it's critical to know how the software is used, but tracking usage data is inherently difficult in open-source projects.
+        Anonymous usage statistics address this need.
+        When enabled, Jenkins periodically sends information to the Jenkins project.
+        The Jenkins project uses this information to set development priorities.
+    </div>
+    <h1>General usage statistics</h1>
+    <div>
+        <p>Jenkins reports the following general usage statistics:</p>
+        <ul>
+            <li>Your Jenkins version</li>
+            <li>For your master and each agent, the OS type and number of executors</li>
+            <li>Installed plugins and their versions</li>
+            <li>Number of items (like jobs) of each item type</li>
+        </ul>
+        <p>
+            This <b>does not</b> report any personally identifiable information. The only information reported by Jenkins is information inherently revealed by the HTTP protocol, such as the IP address.
+
+            These usage statistics are aggregated, updated monthly, and published to <a href="https://stats.jenkins.io">stats.jenkins.io</a>
+        </p>
+    </div>
+    <h1>Telemetry collection</h1>
+    <div>
+        <p>
+            In addition to the general usage statistics listed above, the Jenkins project collects telemetry data from specific trials to inform future development.
+            Each trial has a specific purpose and a defined end date, after which collection stops, independent of the installed versions of Jenkins or plugins.
+            Once a trial is complete, the trial results may be aggregated and shared with the developer community.
+        </p>
+        <p>
+            The following trials are currently set up on this instance:
+        </p>
+        <j:invokeStatic className="jenkins.telemetry.Telemetry" method="all" var="collectors"/>
+        <dl>
+            <j:forEach items="${collectors}" var="collector">
+                <dt>${collector.displayName}</dt>
+                <dd>
+                    <st:include from="${collector}" optional="true" page="description.jelly"/>
+                    <p>
+                        Start date: ${collector.start}
+                        End date: ${collector.end}
+                    </p>
+                </dd>
+            </j:forEach>
+        </dl>
+    </div>
+</j:jelly>
diff --git a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_bg.html b/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_bg.html
deleted file mode 100644
index 20aacefce3..0000000000
--- a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_bg.html
+++ /dev/null
@@ -1,22 +0,0 @@
-<div>
-    От голяма помощ е да знаем как Jenkins се ползва.  Това може да определи
-    посоката на разработка, което иначе е трудно, защото няма как да се проследяват
-    потребителите на проект с отворен код.  Като изберете тази опция Jenkins
-    периодично ще изпраща анонимни данни за използването.
-
-    <p>
-    Това е пълното описание на включената информация:
-
-    <ul>
-    <li>версията на jenkins;
-    <li>операционната система и броя изпълнявани изграждания от основния и подчинените компютри;
-    <li>списък с инсталираните приставки и версиите им;
-    <li>броят задачи за всеки вид задача в инсталацията на Jenkins
-    </ul>
-
-    <p>
-    Информацията не съдържа нищо, които да ви идентифицира или да позволява да се свържем
-    с вас (с изключение на информацията указана поради естеството на HTTP, като IP адреси).
-    Тези данни ще бъдат споделени с общността в табличен вид.
-
-</div>
diff --git a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_fr.html b/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_fr.html
deleted file mode 100644
index 8d4df6df9d..0000000000
--- a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_fr.html
+++ /dev/null
@@ -1,25 +0,0 @@
-<div>
-    Comprendre comment Jenkins est utilisé est d'une grande aide pour guider les développements,
-    particulièrement pour les projets open-source où les utilisateurs sont typiquement difficiles
-    à connaitre. Quand cette option est activée, Jenkins envoie périodiquement des informations sur votre
-    utilisation de Jenkins.
-
-    <p>
-    Plus précisément, il envoie les informations suivantes:
-
-    <ul>
-    <li>Votre version de Jenkins
-    <li>Pour le Jenkins maître et pour chaque esclave, le type d'OS et le nombre d'exécuteurs
-    <li>Les plugins qui sont installés et leurs versions
-    <li>Le nombre de jobs pour chaque type de job dans votre installation de Jenkins
-    </ul>
-
-    <p>
-    Cette information ne contient rien qui vous identifie ou qui nous permette de vous contacter
-    (hors certaines informations intrinsèques à HTTP, comme votre adresse IP).
-    Les données compilées de ces statistiques d'utilisation seront partagées avec la communauté.
-
-    <p>
-    N'hésitez pas à lire <a href="http://jenkins.361315.n4.nabble.com/request-for-comments-tracking-usage-metrics-td375557.html">
-    la discussion sur ce mécanisme</a> et à contribuer aux débats.
-</div>
diff --git a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_it.html b/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_it.html
deleted file mode 100644
index 2fc1e8a8df..0000000000
--- a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_it.html
+++ /dev/null
@@ -1,25 +0,0 @@
-<div>
-    Sapere come viene utilizzato Jenkins aiuta notevolmente a guidare la
-    direzione dello sviluppo, specialmente nel caso dei progetti open source
-    in cui è inerentemente difficile rintracciare gli utenti. Quando
-    quest'opzione è abilitata, Jenkins invierà periodicamente informazioni
-    sull'utilizzo di Jenkins.
-
-    <p>
-    Specificamente, tali informazioni conterranno quanto segue:
-
-    <ul>
-    <li>La versione di Jenkins
-    <li>Per il master e ogni agente, il tipo di sistema operativo e il numero di esecutori
-    <li>I plugin installati e le rispettive versioni
-    <li>Il numero di processi per ogni tipo di processo in Jenkins
-    </ul>
-
-    <p>
-    Le informazioni non conterranno nulla che possa identificare l'utente o
-    consentirci di contattare l'utente (ad eccezione delle informazioni rivelate
-    naturalmente dal protocollo HTTP, come l'indirizzo IP). I dati tabulati
-    relativi agli invii di queste statistiche di utilizzo saranno condivisi con
-    la comunità.
-
-</div>
diff --git a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_ja.html b/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_ja.html
deleted file mode 100644
index 7db3dac478..0000000000
--- a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_ja.html
+++ /dev/null
@@ -1,22 +0,0 @@
-<div>
-    Jenkinsがどのように使用されているか把握することは、特にユーザーを特定できないオープンソースプロジェクトにとって、
-    開発の方向性を決定する上で非常に役に立ちます。このオプションを有効にすると、Jenkinsの利用状況を定期的に送信します。
-
-    <p>
-    送信する情報は次の情報を含んでいます。
-
-    <ul>
-      <li>Jenkinsのバージョン
-      <li>マスターと各スレーブの、OSとエグゼキューターの数
-      <li>インストールされているプラグインとそのバージョン
-      <li>ジョブのタイプ毎のジョブ数
-    </ul>
-
-    <p>
-    情報には、あなたを特定できる、もしくはあなたに連絡できるようなものは含みません(ただし、IPアドレスのようなHTTP関連の情報は除きます)。
-    送信された利用状況の一覧データは、コミュニティで共有されます。
-
-    <p>
-    <a href="http://jenkins.361315.n4.nabble.com/request-for-comments-tracking-usage-metrics-td375557.html">
-    コミュニティでのこの仕組みに関するディスカッション</a>を参考にしてください。ご意見はこちらにお願いします。
-</div>
diff --git a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_pt_BR.html b/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_pt_BR.html
deleted file mode 100644
index bde77e44f1..0000000000
--- a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected_pt_BR.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<div>
-    Saber como Jenkins é utilizado é uma tremenda ajuda guiando-nos no desenvolvimento, especificamente para
-    projetos de código livre onde os usuários são inerentemente difíceis de rastrear. Ao ativar esta opção,
-    Jenkins periodicamente enviará informações sobre o seu uso.
-
-    <p>
-    Especificamente, as informações enviadas serão:
-
-    <ul>
-    <li>A versão do seu Jenkins
-    <li>Para cada master e cada slave, o tipo de Sistema Operacional, e número de executores
-    <li>Os plugins instalados e suas versões
-    <li>Número de jobs por tipo de job no seu Jenkins
-    </ul>
-
-    <p>
-    Essas informaçãos não contem nada o identifique ou nos permita contatá-lo
-    (exceto pelas informações reveladas via HTTP, tal como Endereço IP).
-    Dados das estatísticas de uso submetidas são compartilhados com a comunidade.
-</div>
diff --git a/core/src/main/resources/jenkins/telemetry/impl/SecuritySystemProperties/description.jelly b/core/src/main/resources/jenkins/telemetry/impl/SecuritySystemProperties/description.jelly
new file mode 100644
index 0000000000..dc78d7fda8
--- /dev/null
+++ b/core/src/main/resources/jenkins/telemetry/impl/SecuritySystemProperties/description.jelly
@@ -0,0 +1,6 @@
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
+    For many security fixes, the Jenkins security team adds hidden options, sometimes called <em>escape hatches</em>, to disable the security fix.
+    This hedges against severe regressions not caught in testing, or unexpected legitimate use cases.
+    It is unknown to the team which of these options are actually in use, so this trial collects anonymous information about the values of (typically boolean) security-related Java system properties.
+</j:jelly>
\ No newline at end of file
diff --git a/test/src/test/java/jenkins/telemetry/TelemetryTest.java b/test/src/test/java/jenkins/telemetry/TelemetryTest.java
new file mode 100644
index 0000000000..952d4e8968
--- /dev/null
+++ b/test/src/test/java/jenkins/telemetry/TelemetryTest.java
@@ -0,0 +1,209 @@
+package jenkins.telemetry;
+
+import hudson.ExtensionList;
+import hudson.model.UnprotectedRootAction;
+import static org.hamcrest.CoreMatchers.*;
+import static org.junit.Assert.*;
+
+import hudson.security.csrf.CrumbExclusion;
+import net.sf.json.JSONObject;
+import org.apache.commons.io.IOUtils;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.LoggerRule;
+import org.jvnet.hudson.test.TestExtension;
+import org.kohsuke.stapler.StaplerRequest;
+import org.kohsuke.stapler.StaplerResponse;
+
+import javax.annotation.CheckForNull;
+import javax.annotation.Nonnull;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.StringWriter;
+import java.nio.charset.StandardCharsets;
+import java.time.LocalDate;
+import java.time.temporal.ChronoUnit;
+import java.util.HashSet;
+import java.util.Set;
+import java.util.logging.Level;
+
+public class TelemetryTest {
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+
+    @Rule
+    public LoggerRule logger = new LoggerRule().record(Telemetry.class, Level.ALL).capture(100);
+
+    private static int counter = 0;
+
+    @Test
+    public void testSubmission() throws Exception {
+        j.jenkins.setNoUsageStatistics(false); // tests usually don't submit this, but we need this
+        assertEquals("no requests received", 0, counter);
+        Telemetry.ENDPOINT = j.getURL().toString() + "uplink/events";
+        ExtensionList.lookupSingleton(Telemetry.TelemetryReporter.class).doRun();
+        do {
+            Thread.sleep(250);
+        } while (counter == 0); // this might end up being flaky due to 1 to many active telemetry trials
+        assertThat(logger.getMessages(), hasItem("Telemetry submission received response '200 OK' for: test-data"));
+        assertThat(logger.getMessages(), hasItem("Skipping telemetry for 'future' as it is configured to start later"));
+        assertThat(logger.getMessages(), hasItem("Skipping telemetry for 'past' as it is configured to end in the past"));
+        assertThat(types, hasItem("test-data"));
+        assertThat(types, not(hasItem("future")));
+        assertThat(types, not(hasItem("past")));
+        assertThat(correlators.size(), is(1));
+        assertTrue("at least one request received", counter > 0); // TestTelemetry plus whatever real impls exist
+    }
+
+    @TestExtension
+    public static class DisabledFutureTelemetry extends Telemetry {
+
+        @Nonnull
+        @Override
+        public String getId() {
+            return "future";
+        }
+
+        @Nonnull
+        @Override
+        public String getDisplayName() {
+            return "future";
+        }
+
+        @Nonnull
+        @Override
+        public LocalDate getStart() {
+            return LocalDate.now().plus(1, ChronoUnit.DAYS);
+        }
+
+        @Nonnull
+        @Override
+        public LocalDate getEnd() {
+            return LocalDate.MAX;
+        }
+
+        @Nonnull
+        @Override
+        public JSONObject createContent() {
+            return new JSONObject();
+        }
+    }
+
+    @TestExtension
+    public static class DisabledPastTelemetry extends Telemetry {
+
+        @Nonnull
+        @Override
+        public String getId() {
+            return "past";
+        }
+
+        @Nonnull
+        @Override
+        public String getDisplayName() {
+            return "past";
+        }
+
+        @Nonnull
+        @Override
+        public LocalDate getStart() {
+            return LocalDate.MIN;
+        }
+
+        @Nonnull
+        @Override
+        public LocalDate getEnd() {
+            return LocalDate.now().minus(1, ChronoUnit.DAYS);
+        }
+
+        @Nonnull
+        @Override
+        public JSONObject createContent() {
+            return new JSONObject();
+        }
+    }
+
+    @TestExtension
+    public static class TestTelemetry extends Telemetry {
+
+        @Nonnull
+        @Override
+        public String getId() {
+            return "test-data";
+        }
+
+        @Nonnull
+        @Override
+        public String getDisplayName() {
+            return "test-data";
+        }
+
+        @Nonnull
+        @Override
+        public LocalDate getStart() {
+            return LocalDate.MIN;
+        }
+
+        @Nonnull
+        @Override
+        public LocalDate getEnd() {
+            return LocalDate.MAX;
+        }
+
+        @Nonnull
+        @Override
+        public JSONObject createContent() {
+            return new JSONObject();
+        }
+    }
+
+    @TestExtension
+    public static class NoCrumb extends CrumbExclusion {
+        @Override
+        public boolean process(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
+            String pathInfo = request.getPathInfo();
+            if (pathInfo != null && pathInfo.startsWith("/uplink")) {
+                chain.doFilter(request, response);
+                return true;
+            }
+            return false;
+        }
+    }
+
+    private static Set<String> correlators = new HashSet<>();
+    private static Set<String> types = new HashSet<>();
+
+    @TestExtension
+    public static class TelemetryReceiver implements UnprotectedRootAction {
+        public void doEvents(StaplerRequest request, StaplerResponse response) throws IOException {
+            StringWriter sw = new StringWriter();
+            IOUtils.copy(request.getInputStream(), sw, StandardCharsets.UTF_8);
+            JSONObject json = JSONObject.fromObject(sw.toString());
+            correlators.add(json.getString("correlator"));
+            types.add(json.getString("type"));
+            counter++;
+        }
+
+        @CheckForNull
+        @Override
+        public String getIconFileName() {
+            return null;
+        }
+
+        @CheckForNull
+        @Override
+        public String getDisplayName() {
+            return null;
+        }
+
+        @CheckForNull
+        @Override
+        public String getUrlName() {
+            return "uplink";
+        }
+    }
+}
-- 
GitLab


From 98995cb0e9619e32a5eb8734fee7e6920f2e549e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20Gond=C5=BEa?= <ogondza@gmail.com>
Date: Wed, 26 Sep 2018 20:29:01 +0200
Subject: [PATCH 745/863] [JEP-214] Restrict new Telemetry API

---
 core/src/main/java/jenkins/telemetry/Telemetry.java | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/core/src/main/java/jenkins/telemetry/Telemetry.java b/core/src/main/java/jenkins/telemetry/Telemetry.java
index ec766206ea..7efca3bb7f 100644
--- a/core/src/main/java/jenkins/telemetry/Telemetry.java
+++ b/core/src/main/java/jenkins/telemetry/Telemetry.java
@@ -55,9 +55,8 @@ import java.util.logging.Logger;
  * Extension point for collecting JEP-214 telemetry.
  *
  * @see <a href="https://github.com/jenkinsci/jep/tree/master/jep/214">JEP-214</a>
- *
- * @since TODO
  */
+@Restricted(NoExternalUse.class)
 public abstract class Telemetry implements ExtensionPoint {
 
     // https://webhook.site is a nice stand-in for this during development; just needs to end in ? to submit the ID as query parameter
-- 
GitLab


From 297e4e3d85fa53496209f2acecf16d7a67616668 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Thu, 27 Sep 2018 00:31:15 +0200
Subject: [PATCH 746/863] [JENKINS-53793] - Suppress DMI_COLLECTION_OF_URLS in
 ClassicPluginStrategy

It starts failing FindBugs runs against Java 11.
The implementation is not efficient, but it should not be a serious issue in this case
---
 core/src/main/java/hudson/ClassicPluginStrategy.java | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/core/src/main/java/hudson/ClassicPluginStrategy.java b/core/src/main/java/hudson/ClassicPluginStrategy.java
index 6503d4b639..73a781f125 100644
--- a/core/src/main/java/hudson/ClassicPluginStrategy.java
+++ b/core/src/main/java/hudson/ClassicPluginStrategy.java
@@ -31,6 +31,7 @@ import java.io.InputStream;
 import java.nio.file.Files;
 import java.nio.file.InvalidPathException;
 
+import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
 import jenkins.util.AntWithFindResourceClassLoader;
 import jenkins.util.SystemProperties;
 import com.google.common.collect.Lists;
@@ -798,6 +799,8 @@ public class ClassicPluginStrategy implements PluginStrategy {
         }
 
         @Override
+        @SuppressFBWarnings(value = "DMI_COLLECTION_OF_URLS",
+                            justification = "Should not produce network overheads since the URL is local. JENKINS-53793 is a follow-up")
         protected Enumeration<URL> findResources(String name) throws IOException {
             HashSet<URL> result = new HashSet<URL>();
 
-- 
GitLab


From 8598492f193cab9633c6d32e13a9d463bc207007 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Thu, 27 Sep 2018 01:23:28 +0200
Subject: [PATCH 747/863] =?UTF-8?q?Ignored=20Exceptions:=20use=20=E2=80=98?=
 =?UTF-8?q?ignored=E2=80=99=20to=20supress=20IntellijIDEA=20warnings=20as?=
 =?UTF-8?q?=20suggested=20by=20@daniel-beck?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 core/src/main/java/hudson/ClassicPluginStrategy.java     | 9 +++++----
 core/src/main/java/hudson/FilePath.java                  | 6 +++---
 core/src/main/java/hudson/model/queue/Executables.java   | 2 +-
 core/src/main/java/hudson/os/solaris/ZFSInstaller.java   | 2 +-
 core/src/main/java/jenkins/model/Jenkins.java            | 2 +-
 .../slaves/restarter/JnlpSlaveRestarterInstaller.java    | 2 +-
 6 files changed, 12 insertions(+), 11 deletions(-)

diff --git a/core/src/main/java/hudson/ClassicPluginStrategy.java b/core/src/main/java/hudson/ClassicPluginStrategy.java
index 2fdfd6427e..af0521fab8 100644
--- a/core/src/main/java/hudson/ClassicPluginStrategy.java
+++ b/core/src/main/java/hudson/ClassicPluginStrategy.java
@@ -778,19 +778,20 @@ public class ClassicPluginStrategy implements PluginStrategy {
                         Class<?> c = ClassLoaderReflectionToolkit._findLoadedClass(pw.classLoader, name);
                         if (c!=null)    return c;
                         return ClassLoaderReflectionToolkit._findClass(pw.classLoader, name);
-                    } catch (ClassNotFoundException e) {
+                    } catch (ClassNotFoundException ignored) {
                         //not found. try next
                     }
                 }
             } else {
                 for (Dependency dep : dependencies) {
                     PluginWrapper p = pluginManager.getPlugin(dep.shortName);
-                    if(p!=null)
+                    if(p!=null) {
                         try {
                             return p.classLoader.loadClass(name);
-                        } catch (ClassNotFoundException ex) {
-                            // try next
+                        } catch (ClassNotFoundException ignored) {
+                            // OK, try next
                         }
+                    }
                 }
             }
 
diff --git a/core/src/main/java/hudson/FilePath.java b/core/src/main/java/hudson/FilePath.java
index f3091386e4..e9504a71c6 100644
--- a/core/src/main/java/hudson/FilePath.java
+++ b/core/src/main/java/hudson/FilePath.java
@@ -2309,7 +2309,7 @@ public final class FilePath implements Serializable {
             // legacy agent.jar. Handle this gracefully
             try {
                 LOGGER.log(Level.WARNING,"Looks like an old agent.jar. Please update "+ Which.jarFile(Channel.class)+" to the new version",e);
-            } catch (IOException ex) {
+            } catch (IOException ignored) {
                 // really ignore this time
             }
         }
@@ -2427,8 +2427,8 @@ public final class FilePath implements Serializable {
                     // report both errors
                     e.addSuppressed(x);
                     throw e;
-                } catch (TimeoutException ex) {
-                    // remote is hanging
+                } catch (TimeoutException ignored) {
+                    // remote is hanging, just throw the original exception
                     throw e;
                 }
             }
diff --git a/core/src/main/java/hudson/model/queue/Executables.java b/core/src/main/java/hudson/model/queue/Executables.java
index acb0e1fdfc..426c12df96 100644
--- a/core/src/main/java/hudson/model/queue/Executables.java
+++ b/core/src/main/java/hudson/model/queue/Executables.java
@@ -46,7 +46,7 @@ public class Executables {
             throws Error, RuntimeException {
         try {
             return e.getParent();
-        } catch (AbstractMethodError ex) {
+        } catch (AbstractMethodError ignored) { // will fallback to a private implementation
             try {
                 Method m = e.getClass().getMethod("getParent");
                 m.setAccessible(true);
diff --git a/core/src/main/java/hudson/os/solaris/ZFSInstaller.java b/core/src/main/java/hudson/os/solaris/ZFSInstaller.java
index d14b2dd748..f22a0b7879 100644
--- a/core/src/main/java/hudson/os/solaris/ZFSInstaller.java
+++ b/core/src/main/java/hudson/os/solaris/ZFSInstaller.java
@@ -219,7 +219,7 @@ public class ZFSInstaller extends AdministrativeMonitor implements Serializable
                     // revert the file system creation
                     try {
                         hudson.destory();
-                    } catch (Exception ex) {
+                    } catch (Exception ignored) {
                         // but ignore the error and let the original error thrown
                     }
                     throw e;
diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index e4880248e3..ba8e826317 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -5030,7 +5030,7 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
                 if (idx > 0) {
                     return new VersionNumber(versionString.substring(0,idx));
                 }
-            } catch (NumberFormatException ex) {
+            } catch (NumberFormatException ignored) {
                 // fall through
             }
 
diff --git a/core/src/main/java/jenkins/slaves/restarter/JnlpSlaveRestarterInstaller.java b/core/src/main/java/jenkins/slaves/restarter/JnlpSlaveRestarterInstaller.java
index 222998caaf..3a8b9f6b42 100644
--- a/core/src/main/java/jenkins/slaves/restarter/JnlpSlaveRestarterInstaller.java
+++ b/core/src/main/java/jenkins/slaves/restarter/JnlpSlaveRestarterInstaller.java
@@ -77,7 +77,7 @@ public class JnlpSlaveRestarterInstaller extends ComputerListener implements Ser
 
             try {
                 Engine.class.getMethod("addListener", EngineListener.class);
-            } catch (NoSuchMethodException ex) {
+            } catch (NoSuchMethodException ignored) {
                 return null;    // running with older version of remoting that doesn't support adding listener
             }
 
-- 
GitLab


From fa9fac9f73c100d40c91989d3ab2d18d04289641 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Thu, 27 Sep 2018 11:00:36 +0200
Subject: [PATCH 748/863] Correct naming issues on test

---
 .../hudson/{PluginTest_SEC925.java => PluginSEC925Test.java}    | 2 +-
 .../model/{QueueTest_SEC891.java => QueueSEC891Test.java}       | 2 +-
 .../{UserRestartTest_SEC897.java => UserRestartSEC897Test.java} | 2 +-
 ...SEC996.java => TokenBasedRememberMeServices2SEC996Test.java} | 2 +-
 ...986.java => BasicHeaderApiTokenAuthenticatorSEC986Test.java} | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)
 rename test/src/test/java/hudson/{PluginTest_SEC925.java => PluginSEC925Test.java} (97%)
 rename test/src/test/java/hudson/model/{QueueTest_SEC891.java => QueueSEC891Test.java} (99%)
 rename test/src/test/java/hudson/model/{UserRestartTest_SEC897.java => UserRestartSEC897Test.java} (98%)
 rename test/src/test/java/hudson/security/{TokenBasedRememberMeServices2Test_SEC996.java => TokenBasedRememberMeServices2SEC996Test.java} (98%)
 rename test/src/test/java/jenkins/security/{BasicHeaderApiTokenAuthenticatorTest_SEC986.java => BasicHeaderApiTokenAuthenticatorSEC986Test.java} (99%)

diff --git a/test/src/test/java/hudson/PluginTest_SEC925.java b/test/src/test/java/hudson/PluginSEC925Test.java
similarity index 97%
rename from test/src/test/java/hudson/PluginTest_SEC925.java
rename to test/src/test/java/hudson/PluginSEC925Test.java
index f52abce238..6ecf68ae1b 100644
--- a/test/src/test/java/hudson/PluginTest_SEC925.java
+++ b/test/src/test/java/hudson/PluginSEC925Test.java
@@ -13,7 +13,7 @@ import java.util.List;
 import java.util.concurrent.Future;
 
 //TODO merge it within PluginTest after the security release
-public class PluginTest_SEC925 {
+public class PluginSEC925Test {
     
     @Rule
     public JenkinsRule r = new JenkinsRule();
diff --git a/test/src/test/java/hudson/model/QueueTest_SEC891.java b/test/src/test/java/hudson/model/QueueSEC891Test.java
similarity index 99%
rename from test/src/test/java/hudson/model/QueueTest_SEC891.java
rename to test/src/test/java/hudson/model/QueueSEC891Test.java
index 30afef8739..ea3144eff3 100644
--- a/test/src/test/java/hudson/model/QueueTest_SEC891.java
+++ b/test/src/test/java/hudson/model/QueueSEC891Test.java
@@ -21,7 +21,7 @@ import static org.junit.Assert.assertThat;
 import static org.junit.Assert.assertTrue;
 
 //TODO merge into QueueTest after security patch
-public class QueueTest_SEC891 {
+public class QueueSEC891Test {
     
     @Rule
     public JenkinsRule r = new NodeProvisionerRule(-1, 0, 10);
diff --git a/test/src/test/java/hudson/model/UserRestartTest_SEC897.java b/test/src/test/java/hudson/model/UserRestartSEC897Test.java
similarity index 98%
rename from test/src/test/java/hudson/model/UserRestartTest_SEC897.java
rename to test/src/test/java/hudson/model/UserRestartSEC897Test.java
index 854bbe4aec..c0c0885863 100644
--- a/test/src/test/java/hudson/model/UserRestartTest_SEC897.java
+++ b/test/src/test/java/hudson/model/UserRestartSEC897Test.java
@@ -16,7 +16,7 @@ import static org.hamcrest.core.IsEqual.equalTo;
 import static org.junit.Assert.assertThat;
 
 //TODO after the security fix, it could be merged inside UserRestartTest
-public class UserRestartTest_SEC897 {
+public class UserRestartSEC897Test {
     
     @Rule
     public RestartableJenkinsRule rr = new RestartableJenkinsRule();
diff --git a/test/src/test/java/hudson/security/TokenBasedRememberMeServices2Test_SEC996.java b/test/src/test/java/hudson/security/TokenBasedRememberMeServices2SEC996Test.java
similarity index 98%
rename from test/src/test/java/hudson/security/TokenBasedRememberMeServices2Test_SEC996.java
rename to test/src/test/java/hudson/security/TokenBasedRememberMeServices2SEC996Test.java
index b2fa21ce6c..1abecfbfc8 100644
--- a/test/src/test/java/hudson/security/TokenBasedRememberMeServices2Test_SEC996.java
+++ b/test/src/test/java/hudson/security/TokenBasedRememberMeServices2SEC996Test.java
@@ -37,7 +37,7 @@ import static org.hamcrest.xml.HasXPath.hasXPath;
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertThat;
 
-public class TokenBasedRememberMeServices2Test_SEC996 {
+public class TokenBasedRememberMeServices2SEC996Test {
     @Rule
     public JenkinsRule j = new JenkinsRule();
     
diff --git a/test/src/test/java/jenkins/security/BasicHeaderApiTokenAuthenticatorTest_SEC986.java b/test/src/test/java/jenkins/security/BasicHeaderApiTokenAuthenticatorSEC986Test.java
similarity index 99%
rename from test/src/test/java/jenkins/security/BasicHeaderApiTokenAuthenticatorTest_SEC986.java
rename to test/src/test/java/jenkins/security/BasicHeaderApiTokenAuthenticatorSEC986Test.java
index f72c407b70..dd63951f7c 100644
--- a/test/src/test/java/jenkins/security/BasicHeaderApiTokenAuthenticatorTest_SEC986.java
+++ b/test/src/test/java/jenkins/security/BasicHeaderApiTokenAuthenticatorSEC986Test.java
@@ -52,7 +52,7 @@ import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertNull;
 import static org.junit.Assert.assertThat;
 
-public class BasicHeaderApiTokenAuthenticatorTest_SEC986 {
+public class BasicHeaderApiTokenAuthenticatorSEC986Test {
     @Rule
     public RestartableJenkinsRule rr = new RestartableJenkinsRule();
     
-- 
GitLab


From 58fecdcdefa2ef2e9abb2e08d9d7c7a6b7d2027f Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Thu, 27 Sep 2018 00:16:04 +0200
Subject: [PATCH 749/863] [SECURITY-1162]

---
 .../BasicHeaderApiTokenAuthenticator.java     | 39 ++++++++++---------
 1 file changed, 20 insertions(+), 19 deletions(-)

diff --git a/core/src/main/java/jenkins/security/BasicHeaderApiTokenAuthenticator.java b/core/src/main/java/jenkins/security/BasicHeaderApiTokenAuthenticator.java
index 345281fdce..f8a804c9e3 100644
--- a/core/src/main/java/jenkins/security/BasicHeaderApiTokenAuthenticator.java
+++ b/core/src/main/java/jenkins/security/BasicHeaderApiTokenAuthenticator.java
@@ -28,27 +28,28 @@ public class BasicHeaderApiTokenAuthenticator extends BasicHeaderAuthenticator {
      */
     @Override
     public Authentication authenticate(HttpServletRequest req, HttpServletResponse rsp, String username, String password) throws ServletException {
-        // attempt to authenticate as API token
-        User u = User.getById(username, true);
-        ApiTokenProperty t = u.getProperty(ApiTokenProperty.class);
-        if (t!=null && t.matchesPassword(password)) {
-            Authentication auth;
-            try {
-                UserDetails userDetails = u.getUserDetailsForImpersonation();
-                auth = u.impersonate(userDetails);
+        User u = BasicApiTokenHelper.isConnectingUsingApiToken(username, password);
+        if(u != null) {
+            ApiTokenProperty t = u.getProperty(ApiTokenProperty.class);
+            if (t != null && t.matchesPassword(password)) {
+                Authentication auth;
+                try {
+                    UserDetails userDetails = u.getUserDetailsForImpersonation();
+                    auth = u.impersonate(userDetails);
 
-                SecurityListener.fireAuthenticated(userDetails);
-            } catch (UsernameNotFoundException x) {
-                // The token was valid, but the impersonation failed. This token is clearly not his real password,
-                // so there's no point in continuing the request processing. Report this error and abort.
-                LOGGER.log(WARNING, "API token matched for user "+username+" but the impersonation failed",x);
-                throw new ServletException(x);
-            } catch (DataAccessException x) {
-                throw new ServletException(x);
-            }
+                    SecurityListener.fireAuthenticated(userDetails);
+                } catch (UsernameNotFoundException x) {
+                    // The token was valid, but the impersonation failed. This token is clearly not his real password,
+                    // so there's no point in continuing the request processing. Report this error and abort.
+                    LOGGER.log(WARNING, "API token matched for user " + username + " but the impersonation failed", x);
+                    throw new ServletException(x);
+                } catch (DataAccessException x) {
+                    throw new ServletException(x);
+                }
 
-            req.setAttribute(BasicHeaderApiTokenAuthenticator.class.getName(), true);
-            return auth;
+                req.setAttribute(BasicHeaderApiTokenAuthenticator.class.getName(), true);
+                return auth;
+            }
         }
         return null;
     }
-- 
GitLab


From 517da6ed389f0a606dd9bb8595bc79fc93f4331c Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Thu, 27 Sep 2018 11:12:53 +0200
Subject: [PATCH 750/863] [SECURITY-1158]

---
 .../security/HudsonPrivateSecurityRealm.java  |  9 +++
 ...udsonPrivateSecurityRealm2SEC1158Test.java | 73 +++++++++++++++++++
 2 files changed, 82 insertions(+)
 create mode 100644 test/src/test/java/hudson/security/HudsonPrivateSecurityRealm2SEC1158Test.java

diff --git a/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java b/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
index c787e352f2..01b3233108 100644
--- a/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
+++ b/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
@@ -73,6 +73,8 @@ import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
 import static javax.servlet.http.HttpServletResponse.SC_UNAUTHORIZED;
 import java.io.IOException;
 import java.lang.reflect.Constructor;
@@ -263,6 +265,13 @@ public class HudsonPrivateSecurityRealm extends AbstractPasswordBasedSecurityRea
      */
     @SuppressWarnings("ACL.impersonate")
     private void loginAndTakeBack(StaplerRequest req, StaplerResponse rsp, User u) throws ServletException, IOException {
+        HttpSession session = req.getSession(false);
+        if (session != null) {
+            // avoid session fixation
+            session.invalidate();
+        }
+        req.getSession(true);
+        
         // ... and let him login
         Authentication a = new UsernamePasswordAuthenticationToken(u.getId(),req.getParameter("password1"));
         a = this.getSecurityComponents().manager.authenticate(a);
diff --git a/test/src/test/java/hudson/security/HudsonPrivateSecurityRealm2SEC1158Test.java b/test/src/test/java/hudson/security/HudsonPrivateSecurityRealm2SEC1158Test.java
new file mode 100644
index 0000000000..fca41a931d
--- /dev/null
+++ b/test/src/test/java/hudson/security/HudsonPrivateSecurityRealm2SEC1158Test.java
@@ -0,0 +1,73 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2015, CloudBees, Inc
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package hudson.security;
+
+import com.gargoylesoftware.htmlunit.html.HtmlPage;
+import com.gargoylesoftware.htmlunit.util.Cookie;
+import hudson.security.pages.SignupPage;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+
+import static org.hamcrest.Matchers.containsString;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotEquals;
+import static org.junit.Assert.assertThat;
+
+//TODO to be merged into HudsonPrivateSecurityRealm2Test after security release
+public class HudsonPrivateSecurityRealm2SEC1158Test {
+    
+    @Rule
+    public JenkinsRule rule = new JenkinsRule();
+    
+    @Test
+    @Issue("SECURITY-1158")
+    public void singupNoLongerVulnerableToSessionFixation() throws Exception {
+        HudsonPrivateSecurityRealm securityRealm = new HudsonPrivateSecurityRealm(true, false, null);
+        rule.jenkins.setSecurityRealm(securityRealm);
+        JenkinsRule.WebClient wc = rule.createWebClient();
+        
+        // to trigger the creation of a session
+        wc.goTo("");
+        Cookie sessionBefore = wc.getCookieManager().getCookie("JSESSIONID");
+        String sessionIdBefore = sessionBefore.getValue();
+        
+        SignupPage signup = new SignupPage(wc.goTo("signup"));
+        signup.enterUsername("alice");
+        signup.enterPassword("alice");
+        signup.enterFullName("Alice User");
+        signup.enterEmail("alice@nowhere.com");
+        HtmlPage success = signup.submit(rule);
+        assertThat(success.getElementById("main-panel").getTextContent(), containsString("Success"));
+        assertThat(success.getAnchorByHref("/jenkins/user/alice").getTextContent(), containsString("Alice User"));
+        
+        assertEquals("Alice User", securityRealm.getUser("alice").getDisplayName());
+        
+        Cookie sessionAfter = wc.getCookieManager().getCookie("JSESSIONID");
+        String sessionIdAfter = sessionAfter.getValue();
+        
+        assertNotEquals(sessionIdAfter, sessionIdBefore);
+    }
+}
-- 
GitLab


From df87e12ddcfeafdba6e0de0e07b3e21f8473ece6 Mon Sep 17 00:00:00 2001
From: Ramon Leon <manuelramonleonjimenez@gmail.com>
Date: Thu, 27 Sep 2018 11:15:28 +0200
Subject: [PATCH 751/863] [SECURITY-1129]

---
 core/src/main/java/hudson/model/Api.java      | 12 +++
 .../hudson/model/Messages.properties          |  1 +
 .../hudson/model/Messages_es.properties       |  1 +
 .../hudson/model/Messages_fr.properties       |  2 +
 .../hudson/model/ApiSecurity1129Test.java     | 86 +++++++++++++++++++
 5 files changed, 102 insertions(+)
 create mode 100644 test/src/test/java/hudson/model/ApiSecurity1129Test.java

diff --git a/core/src/main/java/hudson/model/Api.java b/core/src/main/java/hudson/model/Api.java
index 6878a4284a..d3b904aa73 100644
--- a/core/src/main/java/hudson/model/Api.java
+++ b/core/src/main/java/hudson/model/Api.java
@@ -133,7 +133,19 @@ public class Api extends AbstractModelObject {
                 XPath comp = dom.createXPath(xpath);
                 comp.setFunctionContext(functionContext);
                 List list = comp.selectNodes(dom);
+
                 if (wrapper!=null) {
+                    // check if the wrapper is a valid entity name
+                    // First position:  letter or underscore
+                    // Other positions: \w (letter, number, underscore), dash or dot
+                    String validNameRE = "^[a-zA-Z_][\\w-\\.]*$";
+
+                    if(!wrapper.matches(validNameRE)) {
+                        rsp.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+                        rsp.getWriter().print(Messages.Api_WrapperParamInvalid());
+                        return;
+                    }
+
                     Element root = DocumentFactory.getInstance().createElement(wrapper);
                     for (Object o : list) {
                         if (o instanceof String) {
diff --git a/core/src/main/resources/hudson/model/Messages.properties b/core/src/main/resources/hudson/model/Messages.properties
index 92812110fd..cce1073695 100644
--- a/core/src/main/resources/hudson/model/Messages.properties
+++ b/core/src/main/resources/hudson/model/Messages.properties
@@ -84,6 +84,7 @@ AbstractProject.LabelLink=<a href="{0}{2}">Label {1}</a> is serviced by {3,choic
 Api.MultipleMatch=XPath "{0}" matched {1} nodes. \
     Create XPath that only matches one, or use the "wrapper" query parameter to wrap them all under a root element.
 Api.NoXPathMatch=XPath {0} didn\u2019t match
+Api.WrapperParamInvalid=The wrapper parameter can only contain alphanumeric characters or dash/dot/underscore. The first character has to be a letter or underscore.
 
 BallColor.Aborted=Aborted
 BallColor.Disabled=Disabled
diff --git a/core/src/main/resources/hudson/model/Messages_es.properties b/core/src/main/resources/hudson/model/Messages_es.properties
index 8d581e01e4..4872e1025c 100644
--- a/core/src/main/resources/hudson/model/Messages_es.properties
+++ b/core/src/main/resources/hudson/model/Messages_es.properties
@@ -47,6 +47,7 @@ AbstractProject.ExtendedReadPermission.Description=\
 Api.MultipleMatch=XPath "{0}" encontr\u00f3 coincidencias en {1} nodos. \
   Crea una expresi\u00f3n XPath que s\u00f3lo encuentre uno, o utiliza el par\u00e1metro "wraper" para que todos los nodos se agrupen bajo un elemento.
 Api.NoXPathMatch=XPath {0} no encontr\u00f3 nada 
+Api.WrapperParamInvalid=El par\u00E1metro wrapper s\u00F3lo puede contener caracteres alfanum\u00E9ricos o guiones/puntos/subrayado. El primer car\u00E1cter debe ser una letra o subrayado.
 
 BallColor.Aborted=Abortado
 BallColor.Disabled=Desactivado
diff --git a/core/src/main/resources/hudson/model/Messages_fr.properties b/core/src/main/resources/hudson/model/Messages_fr.properties
index d1ded2fc0f..7b65394ff0 100644
--- a/core/src/main/resources/hudson/model/Messages_fr.properties
+++ b/core/src/main/resources/hudson/model/Messages_fr.properties
@@ -41,6 +41,7 @@ AbstractProject.WorkspacePermission.Description=\
 Api.MultipleMatch=Le XPath "{0}" correspond \u00e0 {1} noeud(s). \
     Merci de fournir un XPath qui ne correspond qu''\u00e0 un seul noeud, ou utilisez le param\u00e8tre de requ\u00e8te "wrapper" pour les encapsuler tous dans un \u00e9l\u00e9ment racine.
 Api.NoXPathMatch=Pas de correspondance avec le XPath {0}
+Api.WrapperParamInvalid=Le param\u00E8tre wrapper ne doit contenir que des caract\u00E8res alphanum\u00E9riques ainsi que des points / tirets bas / traits d''union, et finalement le premier caract\u00E8re doit \u00EAtre une lettre ou un trait d''union.
 
 BallColor.Aborted=Annul\u00e9
 BallColor.Disabled=D\u00e9sactiv\u00e9
@@ -178,3 +179,4 @@ MyViewsProperty.GlobalAction.DisplayName=Mes vues
 
 ManageJenkinsAction.DisplayName=Administrer Jenkins
 ParametersDefinitionProperty.DisplayName=Ce build a des param�tres
+
diff --git a/test/src/test/java/hudson/model/ApiSecurity1129Test.java b/test/src/test/java/hudson/model/ApiSecurity1129Test.java
new file mode 100644
index 0000000000..999eacb43e
--- /dev/null
+++ b/test/src/test/java/hudson/model/ApiSecurity1129Test.java
@@ -0,0 +1,86 @@
+package hudson.model;
+
+import com.gargoylesoftware.htmlunit.WebResponse;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.xml.sax.SAXException;
+
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.fail;
+
+//TODO after the security fix, it could be merged inside ApiTest
+public class ApiSecurity1129Test {
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+
+    /**
+     * Test the wrapper parameter for the api/xml urls to avoid XSS.
+     * @throws Exception See {@link #checkWrapperParam(String, Integer, String)}
+     */
+    @Issue("SECURITY-1129")
+    @Test
+    public void wrapperXss() throws Exception {
+        String wrapper = "html%20xmlns=\"http://www.w3.org/1999/xhtml\"><script>alert(%27XSS%20Detected%27)</script></html><!--";
+
+        checkWrapperParam(wrapper, HttpServletResponse.SC_BAD_REQUEST, Messages.Api_WrapperParamInvalid());
+    }
+
+    /**
+     * Test the wrapper parameter for the api/xml urls with a bad name.
+     * @throws Exception See {@link #checkWrapperParam(String, Integer, String)}
+     */
+    @Issue("SECURITY-1129")
+    @Test
+    public void wrapperBadName() throws Exception {
+        String wrapper = "-badname";
+        checkWrapperParam(wrapper, HttpServletResponse.SC_BAD_REQUEST, Messages.Api_WrapperParamInvalid());
+
+    }
+
+    /**
+     * Test thw erapper parameter with a good name, to ensure the security fix doesn't break anything.
+     * @throws Exception See {@link #checkWrapperParam(String, Integer, String)}
+     */
+    @Issue("SECURITY-1129")
+    @Test
+    public void wrapperGoodName() throws Exception {
+        String wrapper = "__GoodName-..-OK";
+        checkWrapperParam(wrapper, HttpServletResponse.SC_OK, null);
+
+    }
+
+    /**
+     * Check the response for a XML api with the wrapper param specified. At least the statuCode or the responseMessage
+     * should be indicated.
+     * @param wrapper the wrapper param passed in theurl.
+     * @param statusCode the status code expected in the response. If it's null, it's not checked.
+     * @param responseMessage the message expected in the response. If it's null, it's not checked.
+     * @throws IOException See {@link org.jvnet.hudson.test.JenkinsRule.WebClient#goTo(String, String)}
+     * @throws SAXException See {@link org.jvnet.hudson.test.JenkinsRule.WebClient#goTo(String, String)}
+     */
+    private void checkWrapperParam(String wrapper, Integer statusCode, String responseMessage) throws IOException, SAXException {
+        if (statusCode == null && responseMessage == null) {
+            fail("You should check at least one, the statusCode or the responseMessage when testing the wrapper param");
+        }
+
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        WebResponse response = wc.goTo(String.format("whoAmI/api/xml?xpath=*&wrapper=%s", wrapper), null).getWebResponse();
+
+        if (response != null) {
+            if (statusCode != null) {
+                assertEquals(statusCode.intValue(), response.getStatusCode());
+            }
+            if (responseMessage != null) {
+                assertEquals(responseMessage, response.getContentAsString());
+            }
+        } else {
+            fail("The response shouldn't be null");
+        }
+    }
+}
-- 
GitLab


From d714a622eafebe983618df0facf3745eab549230 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Thu, 27 Sep 2018 01:13:32 +0200
Subject: [PATCH 752/863] [JENKINS-53693] - Ignore java.xml components in core
 tests.

It is require to make the tests passing on Java 11, but apparently it also speeds up tests on Java 8.
---
 core/src/test/java/hudson/FunctionsTest.java                   | 3 +++
 core/src/test/java/hudson/cli/ListJobsCommandTest.java         | 2 ++
 .../test/java/hudson/cli/handlers/ViewOptionHandlerTest.java   | 2 ++
 core/src/test/java/hudson/model/JobTest.java                   | 2 ++
 core/src/test/java/hudson/model/ListViewTest.java              | 2 ++
 core/src/test/java/hudson/model/ParametersActionTest.java      | 3 +++
 core/src/test/java/hudson/slaves/ChannelPingerTest.java        | 2 ++
 .../java/hudson/slaves/DelegatingComputerLauncherTest.java     | 2 ++
 core/src/test/java/hudson/util/RunListTest.java                | 2 ++
 .../java/jenkins/model/CoreEnvironmentContributorTest.java     | 2 ++
 core/src/test/java/jenkins/model/JenkinsGetRootUrlTest.java    | 2 ++
 core/src/test/java/jenkins/model/NewViewLinkTest.java          | 2 ++
 .../test/java/jenkins/security/apitoken/ApiTokenStatsTest.java | 2 ++
 13 files changed, 28 insertions(+)

diff --git a/core/src/test/java/hudson/FunctionsTest.java b/core/src/test/java/hudson/FunctionsTest.java
index a12179dcf7..41cfa02779 100644
--- a/core/src/test/java/hudson/FunctionsTest.java
+++ b/core/src/test/java/hudson/FunctionsTest.java
@@ -53,10 +53,13 @@ import org.kohsuke.stapler.StaplerRequest;
 import static org.powermock.api.mockito.PowerMockito.mock;
 import static org.powermock.api.mockito.PowerMockito.mockStatic;
 import static org.powermock.api.mockito.PowerMockito.when;
+
+import org.powermock.core.classloader.annotations.PowerMockIgnore;
 import org.powermock.core.classloader.annotations.PrepareForTest;
 import org.powermock.modules.junit4.PowerMockRunner;
 
 @RunWith(PowerMockRunner.class)
+@PowerMockIgnore({"com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*"})
 public class FunctionsTest {
     @Test
     public void testGetActionUrl_absoluteUriWithAuthority(){
diff --git a/core/src/test/java/hudson/cli/ListJobsCommandTest.java b/core/src/test/java/hudson/cli/ListJobsCommandTest.java
index c42eab40ec..fa1af80efe 100644
--- a/core/src/test/java/hudson/cli/ListJobsCommandTest.java
+++ b/core/src/test/java/hudson/cli/ListJobsCommandTest.java
@@ -32,12 +32,14 @@ import org.junit.Ignore;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.mockito.Mockito;
+import org.powermock.core.classloader.annotations.PowerMockIgnore;
 import org.powermock.core.classloader.annotations.PrepareForTest;
 import org.powermock.core.classloader.annotations.SuppressStaticInitializationFor;
 import org.powermock.modules.junit4.PowerMockRunner;
 
 @RunWith(PowerMockRunner.class)
 @PrepareForTest(Jenkins.class)
+@PowerMockIgnore({"com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*"})
 @SuppressStaticInitializationFor("hudson.cli.CLICommand")
 public class ListJobsCommandTest {
 
diff --git a/core/src/test/java/hudson/cli/handlers/ViewOptionHandlerTest.java b/core/src/test/java/hudson/cli/handlers/ViewOptionHandlerTest.java
index 38639ea21d..eeda846d79 100644
--- a/core/src/test/java/hudson/cli/handlers/ViewOptionHandlerTest.java
+++ b/core/src/test/java/hudson/cli/handlers/ViewOptionHandlerTest.java
@@ -46,11 +46,13 @@ import org.kohsuke.args4j.spi.Setter;
 import org.mockito.Mock;
 import org.mockito.MockitoAnnotations;
 import org.powermock.api.mockito.PowerMockito;
+import org.powermock.core.classloader.annotations.PowerMockIgnore;
 import org.powermock.core.classloader.annotations.PrepareForTest;
 import org.powermock.modules.junit4.PowerMockRunner;
 
 @PrepareForTest(Jenkins.class)
 @RunWith(PowerMockRunner.class)
+@PowerMockIgnore({"com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*"})
 public class ViewOptionHandlerTest {
 
     @Mock private Setter<View> setter;
diff --git a/core/src/test/java/hudson/model/JobTest.java b/core/src/test/java/hudson/model/JobTest.java
index c65793d521..22679f2826 100644
--- a/core/src/test/java/hudson/model/JobTest.java
+++ b/core/src/test/java/hudson/model/JobTest.java
@@ -11,6 +11,7 @@ import org.jvnet.hudson.test.Issue;
 import org.mockito.Mockito;
 import org.powermock.api.mockito.PowerMockito;
 import org.powermock.core.MockRepository;
+import org.powermock.core.classloader.annotations.PowerMockIgnore;
 import org.powermock.core.classloader.annotations.PrepareForTest;
 import org.powermock.modules.junit4.PowerMockRunner;
 
@@ -20,6 +21,7 @@ import hudson.util.ReflectionUtils;
 
 @RunWith(PowerMockRunner.class)
 @PrepareForTest({ Node.class, Platform.class })
+@PowerMockIgnore({"com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*"})
 public class JobTest {
 
     @Test
diff --git a/core/src/test/java/hudson/model/ListViewTest.java b/core/src/test/java/hudson/model/ListViewTest.java
index aa9ed29a02..aa77c1ddfe 100644
--- a/core/src/test/java/hudson/model/ListViewTest.java
+++ b/core/src/test/java/hudson/model/ListViewTest.java
@@ -17,10 +17,12 @@ import org.junit.Ignore;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.mockito.Mockito;
+import org.powermock.core.classloader.annotations.PowerMockIgnore;
 import org.powermock.core.classloader.annotations.PrepareForTest;
 import org.powermock.modules.junit4.PowerMockRunner;
 
 @RunWith(PowerMockRunner.class)
+@PowerMockIgnore({"com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*"})
 public class ListViewTest {
     
     private interface ItemGroupOfNonTopLevelItem extends TopLevelItem, ItemGroup<Item> {}
diff --git a/core/src/test/java/hudson/model/ParametersActionTest.java b/core/src/test/java/hudson/model/ParametersActionTest.java
index 6f7321ed19..670d820e71 100644
--- a/core/src/test/java/hudson/model/ParametersActionTest.java
+++ b/core/src/test/java/hudson/model/ParametersActionTest.java
@@ -13,9 +13,12 @@ import static org.junit.Assert.assertNotSame;
 import org.junit.runner.RunWith;
 import org.jvnet.hudson.test.Issue;
 import static org.powermock.api.mockito.PowerMockito.mock;
+
+import org.powermock.core.classloader.annotations.PowerMockIgnore;
 import org.powermock.modules.junit4.PowerMockRunner;
 
 @RunWith(PowerMockRunner.class)
+@PowerMockIgnore({"com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*"})
 public class ParametersActionTest {
 
     private ParametersAction baseParamsAB;
diff --git a/core/src/test/java/hudson/slaves/ChannelPingerTest.java b/core/src/test/java/hudson/slaves/ChannelPingerTest.java
index 666f6afaac..0e4941d00b 100644
--- a/core/src/test/java/hudson/slaves/ChannelPingerTest.java
+++ b/core/src/test/java/hudson/slaves/ChannelPingerTest.java
@@ -12,6 +12,7 @@ import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.mockito.Mock;
 import org.mockito.MockitoAnnotations;
+import org.powermock.core.classloader.annotations.PowerMockIgnore;
 import org.powermock.core.classloader.annotations.PrepareForTest;
 import org.powermock.modules.junit4.PowerMockRunner;
 import hudson.remoting.Channel;
@@ -21,6 +22,7 @@ import java.util.HashMap;
 
 @RunWith(PowerMockRunner.class)
 @PrepareForTest({ ChannelPinger.class })
+@PowerMockIgnore({"com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*"})
 public class ChannelPingerTest {
 
     @Mock private Channel mockChannel;
diff --git a/core/src/test/java/hudson/slaves/DelegatingComputerLauncherTest.java b/core/src/test/java/hudson/slaves/DelegatingComputerLauncherTest.java
index 5d47c1a2af..f70b552ac1 100644
--- a/core/src/test/java/hudson/slaves/DelegatingComputerLauncherTest.java
+++ b/core/src/test/java/hudson/slaves/DelegatingComputerLauncherTest.java
@@ -6,6 +6,7 @@ import jenkins.model.Jenkins;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.powermock.api.mockito.PowerMockito;
+import org.powermock.core.classloader.annotations.PowerMockIgnore;
 import org.powermock.core.classloader.annotations.PrepareForTest;
 import org.powermock.modules.junit4.PowerMockRunner;
 
@@ -21,6 +22,7 @@ import static org.powermock.api.mockito.PowerMockito.when;
  * @author peppelan
  */
 @RunWith(PowerMockRunner.class)
+@PowerMockIgnore({"com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*"})
 public class DelegatingComputerLauncherTest {
 
     public static class DummyOne extends DelegatingComputerLauncher {
diff --git a/core/src/test/java/hudson/util/RunListTest.java b/core/src/test/java/hudson/util/RunListTest.java
index 2ced98d439..19202b38d6 100644
--- a/core/src/test/java/hudson/util/RunListTest.java
+++ b/core/src/test/java/hudson/util/RunListTest.java
@@ -33,6 +33,7 @@ import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.jvnet.hudson.test.Issue;
 import org.powermock.api.mockito.PowerMockito;
+import org.powermock.core.classloader.annotations.PowerMockIgnore;
 import org.powermock.core.classloader.annotations.PrepareForTest;
 import org.powermock.modules.junit4.PowerMockRunner;
 
@@ -40,6 +41,7 @@ import org.powermock.modules.junit4.PowerMockRunner;
  * @author Ignacio Albors
  */
 @RunWith(PowerMockRunner.class)
+@PowerMockIgnore({"com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*"})
 public class RunListTest {
 
 	// RunList for byTimestamp tests
diff --git a/core/src/test/java/jenkins/model/CoreEnvironmentContributorTest.java b/core/src/test/java/jenkins/model/CoreEnvironmentContributorTest.java
index df203a5627..44177e0442 100644
--- a/core/src/test/java/jenkins/model/CoreEnvironmentContributorTest.java
+++ b/core/src/test/java/jenkins/model/CoreEnvironmentContributorTest.java
@@ -18,10 +18,12 @@ import org.jvnet.hudson.test.Issue;
 import org.mockito.Mock;
 import org.mockito.MockitoAnnotations;
 import org.powermock.api.mockito.PowerMockito;
+import org.powermock.core.classloader.annotations.PowerMockIgnore;
 import org.powermock.core.classloader.annotations.PrepareForTest;
 import org.powermock.modules.junit4.PowerMockRunner;
 
 @RunWith(PowerMockRunner.class)
+@PowerMockIgnore({"com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*"})
 public class CoreEnvironmentContributorTest {
     CoreEnvironmentContributor instance;
     
diff --git a/core/src/test/java/jenkins/model/JenkinsGetRootUrlTest.java b/core/src/test/java/jenkins/model/JenkinsGetRootUrlTest.java
index a2b5f3afd2..4d071dd644 100644
--- a/core/src/test/java/jenkins/model/JenkinsGetRootUrlTest.java
+++ b/core/src/test/java/jenkins/model/JenkinsGetRootUrlTest.java
@@ -41,11 +41,13 @@ import static org.mockito.Matchers.anyString;
 import org.mockito.Mockito;
 import org.mockito.invocation.InvocationOnMock;
 import org.mockito.stubbing.Answer;
+import org.powermock.core.classloader.annotations.PowerMockIgnore;
 import org.powermock.core.classloader.annotations.PrepareForTest;
 import org.powermock.modules.junit4.PowerMockRunner;
 
 @RunWith(PowerMockRunner.class)
 @PrepareForTest({JenkinsLocationConfiguration.class, Stapler.class})
+@PowerMockIgnore({"com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*"})
 public class JenkinsGetRootUrlTest {
 
     private Jenkins jenkins;
diff --git a/core/src/test/java/jenkins/model/NewViewLinkTest.java b/core/src/test/java/jenkins/model/NewViewLinkTest.java
index febd23a618..905970d522 100644
--- a/core/src/test/java/jenkins/model/NewViewLinkTest.java
+++ b/core/src/test/java/jenkins/model/NewViewLinkTest.java
@@ -15,11 +15,13 @@ import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.mockito.Mock;
 import org.powermock.api.mockito.PowerMockito;
+import org.powermock.core.classloader.annotations.PowerMockIgnore;
 import org.powermock.core.classloader.annotations.PrepareForTest;
 import org.powermock.modules.junit4.PowerMockRunner;
 
 @RunWith(PowerMockRunner.class)
 @PrepareForTest({NewViewLink.class, Jenkins.class})
+@PowerMockIgnore({"com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*"})
 public class NewViewLinkTest {
 	
     @Mock
diff --git a/core/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java b/core/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java
index 6649702190..d3a76bd88c 100644
--- a/core/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java
+++ b/core/src/test/java/jenkins/security/apitoken/ApiTokenStatsTest.java
@@ -34,6 +34,7 @@ import org.junit.runner.RunWith;
 import org.mockito.Mockito;
 import org.mockito.internal.matchers.LessOrEqual;
 import org.powermock.api.mockito.PowerMockito;
+import org.powermock.core.classloader.annotations.PowerMockIgnore;
 import org.powermock.core.classloader.annotations.PrepareForTest;
 import org.powermock.modules.junit4.PowerMockRunner;
 
@@ -62,6 +63,7 @@ import static org.junit.Assert.assertThat;
 
 @RunWith(PowerMockRunner.class)
 @PrepareForTest(ApiTokenPropertyConfiguration.class)
+@PowerMockIgnore({"com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*"})
 public class ApiTokenStatsTest {
     @Rule
     public TemporaryFolder tmp = new TemporaryFolder();
-- 
GitLab


From 01157a699f611ca7492e872103ac01526a982cf2 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Thu, 27 Sep 2018 11:18:42 +0200
Subject: [PATCH 753/863] [SECURITY-1128]

---
 .../main/java/hudson/security/HudsonPrivateSecurityRealm.java  | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java b/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
index 01b3233108..e877ee6291 100644
--- a/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
+++ b/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
@@ -475,8 +475,9 @@ public class HudsonPrivateSecurityRealm extends AbstractPasswordBasedSecurityRea
      * This is to map users under the security realm URL.
      * This in turn helps us set up the right navigation breadcrumb.
      */
+    @Restricted(NoExternalUse.class)
     public User getUser(String id) {
-        return User.getById(id, true);
+        return User.getById(id, User.ALLOW_USER_CREATION_VIA_URL && hasPermission(Jenkins.ADMINISTER));
     }
 
     // TODO
-- 
GitLab


From c3351d2e7c3edfee82b9470e9aa1168982296072 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Thu, 27 Sep 2018 11:31:06 +0200
Subject: [PATCH 754/863] [SECURITY-1074]

---
 core/src/main/java/hudson/FilePath.java       |  56 ++++
 .../java/hudson/model/FileParameterValue.java |  45 ++-
 .../hudson/model/FileParameterValueTest.java  | 270 ++++++++++++++++++
 3 files changed, 369 insertions(+), 2 deletions(-)
 create mode 100644 test/src/test/java/hudson/model/FileParameterValueTest.java

diff --git a/core/src/main/java/hudson/FilePath.java b/core/src/main/java/hudson/FilePath.java
index 8f112f1886..25db871436 100644
--- a/core/src/main/java/hudson/FilePath.java
+++ b/core/src/main/java/hudson/FilePath.java
@@ -79,6 +79,7 @@ import java.net.URL;
 import java.net.URLConnection;
 import java.nio.file.Files;
 import java.nio.file.InvalidPathException;
+import java.nio.file.Path;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Comparator;
@@ -2949,5 +2950,60 @@ public final class FilePath implements Serializable {
         return IOUtils.mkdirs(dir);
     }
 
+    /**
+     * Check if the relative child is really a descendant after symlink resolution if any.
+     *
+     * TODO un-restrict it in a weekly after the patch
+     */
+    @Restricted(NoExternalUse.class)
+    public boolean isDescendant(@Nonnull String potentialChildRelativePath) throws IOException, InterruptedException {
+        return act(new IsDescendant(potentialChildRelativePath));
+    }
+
+    private class IsDescendant extends SecureFileCallable<Boolean> {
+        private static final long serialVersionUID = 1L;
+        private String potentialChildRelativePath;
+
+        private IsDescendant(@Nonnull String potentialChildRelativePath){
+            this.potentialChildRelativePath = potentialChildRelativePath;
+        }
+
+        @Override
+        public Boolean invoke(@Nonnull File parentFile, @Nonnull VirtualChannel channel) throws IOException, InterruptedException {
+            if (new File(potentialChildRelativePath).isAbsolute()) {
+                throw new IllegalArgumentException("Only a relative path is supported, the given path is absolute: " + potentialChildRelativePath);
+            }
+
+            Path parent = parentFile.getAbsoluteFile().toPath().normalize();
+
+            String remainingPath = potentialChildRelativePath;
+            File currentFile = parentFile;
+            while (!remainingPath.isEmpty()) {
+                File directChild = this.getDirectChild(currentFile, remainingPath);
+                File childUsingFullPath = new File(currentFile, remainingPath);
+                remainingPath = childUsingFullPath.getAbsolutePath().substring(directChild.getAbsolutePath().length());
+                
+                File childFileSymbolic = Util.resolveSymlinkToFile(directChild);
+                if (childFileSymbolic == null) {
+                    currentFile = directChild;
+                } else {
+                    currentFile = childFileSymbolic;
+                }
+            }
+
+            //TODO could be refactored using Util#isDescendant(File, File) from 2.80+
+            Path child = currentFile.getAbsoluteFile().toPath().normalize();
+            return child.startsWith(parent);
+        }
+
+        private @CheckForNull File getDirectChild(File parentFile, String childPath){
+            File current = new File(parentFile, childPath);
+            while (current != null && !parentFile.equals(current.getParentFile())) {
+                current = current.getParentFile();
+            }
+            return current;
+        }
+    }
+
     private static final SoloFilePathFilter UNRESTRICTED = SoloFilePathFilter.wrap(FilePathFilter.UNRESTRICTED);
 }
diff --git a/core/src/main/java/hudson/model/FileParameterValue.java b/core/src/main/java/hudson/model/FileParameterValue.java
index 85bfb04387..f911927285 100644
--- a/core/src/main/java/hudson/model/FileParameterValue.java
+++ b/core/src/main/java/hudson/model/FileParameterValue.java
@@ -36,6 +36,7 @@ import java.io.OutputStream;
 import java.io.UnsupportedEncodingException;
 import java.nio.file.Files;
 import java.nio.file.InvalidPathException;
+import java.nio.file.Path;
 import javax.servlet.ServletException;
 
 import org.apache.commons.fileupload.FileItem;
@@ -45,6 +46,8 @@ import org.apache.commons.fileupload.util.FileItemHeadersImpl;
 import org.apache.commons.io.FilenameUtils;
 import org.apache.commons.io.IOUtils;
 import org.apache.commons.lang.StringUtils;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
 import org.kohsuke.stapler.DataBoundConstructor;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.StaplerResponse;
@@ -61,6 +64,16 @@ import org.kohsuke.stapler.StaplerResponse;
  * @author Kohsuke Kawaguchi
  */
 public class FileParameterValue extends ParameterValue {
+    private static final String FOLDER_NAME = "fileParameters";
+
+    /**
+     * Escape hatch for SECURITY-1074, fileParameter used to escape their expected folder.
+     * It's not recommended to enable for security reasons. That option is only present for backward compatibility.
+     */
+    @Restricted(NoExternalUse.class)
+    public static /* Script Console modifiable */ boolean ALLOW_FOLDER_TRAVERSAL_OUTSIDE_WORKSPACE = 
+            Boolean.getBoolean(FileParameterValue.class.getName() + ".allowFolderTraversalOutsideWorkspace");
+
     private transient final FileItem file;
 
     /**
@@ -70,6 +83,9 @@ public class FileParameterValue extends ParameterValue {
 
     /**
      * Overrides the location in the build to place this file. Initially set to {@link #getName()}
+     * The location could be directly the filename or also a hierarchical path. 
+     * The intermediate folders will be created automatically.
+     * Take care that no escape from the current directory is allowed and will result in the failure of the build.
      */
     private String location;
 
@@ -142,7 +158,16 @@ public class FileParameterValue extends ParameterValue {
             public Environment setUp(AbstractBuild build, Launcher launcher, BuildListener listener) throws IOException, InterruptedException {
             	if (!StringUtils.isEmpty(location) && !StringUtils.isEmpty(file.getName())) {
             	    listener.getLogger().println("Copying file to "+location);
-                    FilePath locationFilePath = build.getWorkspace().child(location);
+                    FilePath ws = build.getWorkspace();
+                    if (ws == null) {
+                        throw new IllegalStateException("The workspace should be created when setUp method is called");
+                    }
+                    if (!ALLOW_FOLDER_TRAVERSAL_OUTSIDE_WORKSPACE && !ws.isDescendant(location)) {
+                        listener.error("Rejecting file path escaping base directory with relative path: " + location);
+                        // force the build to fail
+                        return null;
+                    }
+                    FilePath locationFilePath = ws.child(location);
                     locationFilePath.getParent().mkdirs();
             	    locationFilePath.copyFrom(file);
                     locationFilePath.copyTo(new FilePath(getLocationUnderBuild(build)));
@@ -204,6 +229,18 @@ public class FileParameterValue extends ParameterValue {
         if (("/" + originalFileName).equals(request.getRestOfPath())) {
             AbstractBuild build = (AbstractBuild)request.findAncestor(AbstractBuild.class).getObject();
             File fileParameter = getLocationUnderBuild(build);
+
+            if (!ALLOW_FOLDER_TRAVERSAL_OUTSIDE_WORKSPACE) {
+                File fileParameterFolder = getFileParameterFolderUnderBuild(build);
+
+                //TODO can be replaced by Util#isDescendant in 2.80+
+                Path child = fileParameter.getAbsoluteFile().toPath().normalize();
+                Path parent = fileParameterFolder.getAbsoluteFile().toPath().normalize();
+                if (!child.startsWith(parent)) {
+                    throw new IllegalStateException("The fileParameter tried to escape the expected folder: " + location);
+                }
+            }
+
             if (fileParameter.isFile()) {
                 try (InputStream data = Files.newInputStream(fileParameter.toPath())) {
                     long lastModified = fileParameter.lastModified();
@@ -227,7 +264,11 @@ public class FileParameterValue extends ParameterValue {
      * @return the location to store the file parameter
      */
     private File getLocationUnderBuild(AbstractBuild build) {
-        return new File(build.getRootDir(), "fileParameters/" + location);
+        return new File(getFileParameterFolderUnderBuild(build), location);
+    }
+
+    private File getFileParameterFolderUnderBuild(AbstractBuild<?, ?> build){
+        return new File(build.getRootDir(), FOLDER_NAME);
     }
 
     /**
diff --git a/test/src/test/java/hudson/model/FileParameterValueTest.java b/test/src/test/java/hudson/model/FileParameterValueTest.java
new file mode 100644
index 0000000000..911f88431b
--- /dev/null
+++ b/test/src/test/java/hudson/model/FileParameterValueTest.java
@@ -0,0 +1,270 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package hudson.model;
+
+import com.gargoylesoftware.htmlunit.Page;
+import com.gargoylesoftware.htmlunit.html.HtmlPage;
+import hudson.FilePath;
+import hudson.Functions;
+import org.apache.commons.io.FileUtils;
+import org.junit.Assume;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.TemporaryFolder;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.kohsuke.stapler.Function;
+
+import java.io.File;
+import java.nio.charset.StandardCharsets;
+import java.util.Arrays;
+import java.util.Collections;
+
+import static org.hamcrest.CoreMatchers.allOf;
+import static org.hamcrest.CoreMatchers.containsString;
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.hamcrest.CoreMatchers.not;
+import static org.junit.Assert.assertThat;
+import static org.junit.Assert.assertTrue;
+
+public class FileParameterValueTest {
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+    
+    @Rule
+    public TemporaryFolder tmp = new TemporaryFolder();
+    
+    @Test
+    @Issue("SECURITY-1074")
+    public void fileParameter_cannotCreateFile_outsideOfBuildFolder() throws Exception {
+        // you can test the behavior before the correction by setting FileParameterValue.ALLOW_FOLDER_TRAVERSAL_OUTSIDE_WORKSPACE to true
+        
+        FilePath root = j.jenkins.getRootPath();
+        
+        FreeStyleProject p = j.createFreeStyleProject();
+        p.addProperty(new ParametersDefinitionProperty(Collections.singletonList(
+                new FileParameterDefinition("../../../../../root-level.txt", null)
+        )));
+        
+        assertThat(root.child("root-level.txt").exists(), equalTo(false));
+        
+        String uploadedContent = "test-content";
+        File uploadedFile = tmp.newFile();
+        FileUtils.write(uploadedFile, uploadedContent);
+        
+        FreeStyleBuild build = p.scheduleBuild2(0, new Cause.UserIdCause(), new ParametersAction(
+                new FileParameterValue("../../../../../root-level.txt", uploadedFile, "uploaded-file.txt")
+        )).get();
+    
+        assertThat(build.getResult(), equalTo(Result.FAILURE));
+        assertThat(root.child("root-level.txt").exists(), equalTo(false));
+    
+        // ensure also the file is not reachable by request
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+    
+        checkUrlNot200AndNotContains(wc, build.getUrl() + "parameters/parameter/..%2F..%2F..%2F..%2F..%2Froot-level.txt/uploaded-file.txt", uploadedContent);
+        // encoding dots
+        checkUrlNot200AndNotContains(wc, build.getUrl() + "parameters/parameter/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2Froot-level.txt/uploaded-file.txt", uploadedContent);
+        // 16-bit encoding
+        checkUrlNot200AndNotContains(wc, build.getUrl() + "parameters/parameter/%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215root-level.txt/uploaded-file.txt", uploadedContent);
+        // double encoding
+        checkUrlNot200AndNotContains(wc, build.getUrl() + "parameters/parameter/%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252froot-level.txt/uploaded-file.txt", uploadedContent);
+        // overlong utf-8 encoding
+        checkUrlNot200AndNotContains(wc, build.getUrl() + "parameters/parameter/%c0%2e%c0%2e%c0%af%c0%2e%c0%2e%c0%af%c0%2e%c0%2e%c0%af%c0%2e%c0%2e%c0%af%c0%2e%c0%2e%c0%afroot-level.txt/uploaded-file.txt", uploadedContent);
+    }
+    
+    private void checkUrlNot200AndNotContains(JenkinsRule.WebClient wc, String url, String contentNotPresent) throws Exception {
+        Page pageForEncoded = wc.goTo(url, null);
+        assertThat(pageForEncoded.getWebResponse().getStatusCode(), not(equalTo(200)));
+        assertThat(pageForEncoded.getWebResponse().getContentAsString(), not(containsString(contentNotPresent)));
+    }
+    
+    @Test
+    @Issue("SECURITY-1074")
+    public void fileParameter_cannotCreateFile_outsideOfBuildFolder_backslashEdition() throws Exception {
+        Assume.assumeTrue("Backslash are only dangerous on Windows", Functions.isWindows());
+        
+        // you can test the behavior before the correction by setting FileParameterValue.ALLOW_FOLDER_TRAVERSAL_OUTSIDE_WORKSPACE to true
+    
+        FilePath root = j.jenkins.getRootPath();
+        
+        FreeStyleProject p = j.createFreeStyleProject();
+        p.addProperty(new ParametersDefinitionProperty(Collections.singletonList(
+                new FileParameterDefinition("..\\..\\..\\..\\..\\root-level.txt", null)
+        )));
+        
+        assertThat(root.child("root-level.txt").exists(), equalTo(false));
+        
+        String uploadedContent = "test-content";
+        File uploadedFile = tmp.newFile();
+        FileUtils.write(uploadedFile, uploadedContent);
+        
+        FreeStyleBuild build = p.scheduleBuild2(0, new Cause.UserIdCause(), new ParametersAction(
+                new FileParameterValue("..\\..\\..\\..\\..\\root-level.txt", uploadedFile, "uploaded-file.txt")
+        )).get();
+        
+        assertThat(build.getResult(), equalTo(Result.FAILURE));
+        assertThat(root.child("root-level.txt").exists(), equalTo(false));
+        
+        // ensure also the file is not reachable by request
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        
+        checkUrlNot200AndNotContains(wc, build.getUrl() + "parameters/parameter/..\\..\\..\\..\\..\\root-level.txt/uploaded-file.txt", uploadedContent);
+        checkUrlNot200AndNotContains(wc, build.getUrl() + "parameters/parameter/..%2F..%2F..%2F..%2F..%2Froot-level.txt/uploaded-file.txt", uploadedContent);
+    }
+    
+    @Test
+    @Issue("SECURITY-1074")
+    public void fileParameter_withSingleDot() throws Exception {
+        // this case was not working even before the patch
+        
+        FreeStyleProject p = j.createFreeStyleProject();
+        p.addProperty(new ParametersDefinitionProperty(Collections.singletonList(
+                new FileParameterDefinition(".", null)
+        )));
+        
+        String uploadedContent = "test-content";
+        File uploadedFile = tmp.newFile();
+        FileUtils.write(uploadedFile, uploadedContent);
+        
+        FreeStyleBuild build = p.scheduleBuild2(0, new Cause.UserIdCause(), new ParametersAction(
+                new FileParameterValue(".", uploadedFile, "uploaded-file.txt")
+        )).get();
+        
+        assertThat(build.getResult(), equalTo(Result.FAILURE));
+        
+        // ensure also the file is not reachable by request
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        
+        checkUrlNot200AndNotContains(wc, build.getUrl() + "parameters/parameter/uploaded-file.txt", uploadedContent);
+        checkUrlNot200AndNotContains(wc, build.getUrl() + "parameters/parameter/./uploaded-file.txt", uploadedContent);
+    }
+    
+    @Test
+    @Issue("SECURITY-1074")
+    public void fileParameter_withDoubleDot() throws Exception {
+        // this case was not working even before the patch
+        
+        FreeStyleProject p = j.createFreeStyleProject();
+        p.addProperty(new ParametersDefinitionProperty(Collections.singletonList(
+                new FileParameterDefinition("..", null)
+        )));
+        
+        String uploadedContent = "test-content";
+        File uploadedFile = tmp.newFile();
+        FileUtils.write(uploadedFile, uploadedContent);
+        
+        FreeStyleBuild build = p.scheduleBuild2(0, new Cause.UserIdCause(), new ParametersAction(
+                new FileParameterValue("..", uploadedFile, "uploaded-file.txt")
+        )).get();
+        
+        assertThat(build.getResult(), equalTo(Result.FAILURE));
+        
+        // ensure also the file is not reachable by request
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        
+        checkUrlNot200AndNotContains(wc, build.getUrl() + "parameters/uploaded-file.txt", uploadedContent);
+        checkUrlNot200AndNotContains(wc, build.getUrl() + "parameters/parameter/../uploaded-file.txt", uploadedContent);
+    }
+    
+    @Test
+    @Issue("SECURITY-1074")
+    public void fileParameter_cannotEraseFile_outsideOfBuildFolder() throws Exception {
+        // you can test the behavior before the correction by setting FileParameterValue.ALLOW_FOLDER_TRAVERSAL_OUTSIDE_WORKSPACE to true
+        
+        FilePath root = j.jenkins.getRootPath();
+        
+        FreeStyleProject p = j.createFreeStyleProject();
+        p.addProperty(new ParametersDefinitionProperty(Collections.singletonList(
+                new FileParameterDefinition("../../../../../root-level.txt", null)
+        )));
+        
+        assertThat(root.child("root-level.txt").exists(), equalTo(false));
+        String initialContent = "do-not-erase-me";
+        root.child("root-level.txt").write(initialContent, StandardCharsets.UTF_8.name());
+        
+        String uploadedContent = "test-content";
+        File uploadedFile = tmp.newFile();
+        FileUtils.write(uploadedFile, uploadedContent);
+        
+        FreeStyleBuild build = p.scheduleBuild2(0, new Cause.UserIdCause(), new ParametersAction(
+                new FileParameterValue("../../../../../root-level.txt", uploadedFile, "uploaded-file.txt")
+        )).get();
+        
+        assertThat(build.getResult(), equalTo(Result.FAILURE));
+        assertThat(root.child("root-level.txt").readToString(), equalTo(initialContent));
+        
+        // ensure also the file is not reachable by request
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+    
+        checkUrlNot200AndNotContains(wc, build.getUrl() + "parameters/parameter/..%2F..%2F..%2F..%2F..%2Froot-level.txt/uploaded-file.txt", uploadedContent);
+    }
+    
+    @Test
+    public void fileParameter_canStillUse_internalHierarchy() throws Exception {
+        FreeStyleProject p = j.createFreeStyleProject();
+        p.addProperty(new ParametersDefinitionProperty(Arrays.asList(
+                new FileParameterDefinition("direct-child1.txt", null),
+                new FileParameterDefinition("parent/child2.txt", null)
+        )));
+        
+        File uploadedFile1 = tmp.newFile();
+        FileUtils.write(uploadedFile1, "test1");
+        File uploadedFile2 = tmp.newFile();
+        FileUtils.write(uploadedFile2, "test2");
+        
+        FreeStyleBuild build = j.assertBuildStatusSuccess(p.scheduleBuild2(0, new Cause.UserIdCause(), new ParametersAction(
+                new FileParameterValue("direct-child1.txt", uploadedFile1, "uploaded-file-1.txt"),
+                new FileParameterValue("parent/child2.txt", uploadedFile2, "uploaded-file-2.txt")
+        )));
+        
+        // files are correctly saved in the build "fileParameters" folder
+        File directChild = new File(build.getRootDir(), "fileParameters/" + "direct-child1.txt");
+        assertTrue(directChild.exists());
+        
+        File parentChild = new File(build.getRootDir(), "fileParameters/" + "parent/child2.txt");
+        assertTrue(parentChild.exists());
+        
+        // both are correctly copied inside the workspace
+        assertTrue(build.getWorkspace().child("direct-child1.txt").exists());
+        assertTrue(build.getWorkspace().child("parent").child("child2.txt").exists());
+        
+        // and reachable using request
+        JenkinsRule.WebClient wc = j.createWebClient();
+        HtmlPage workspacePage = wc.goTo(p.getUrl() + "ws");
+        String workspaceContent = workspacePage.getWebResponse().getContentAsString();
+        assertThat(workspaceContent, allOf(
+                containsString("direct-child1.txt"),
+                containsString("parent")
+        ));
+        HtmlPage workspaceParentPage = wc.goTo(p.getUrl() + "ws" + "/parent");
+        String workspaceParentContent = workspaceParentPage.getWebResponse().getContentAsString();
+        assertThat(workspaceParentContent, containsString("child2.txt"));
+    }
+}
-- 
GitLab


From fd5f5be0304c6bf1918892b81e2efb6b6d09c521 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Thu, 27 Sep 2018 11:32:50 +0200
Subject: [PATCH 755/863] [SECURITY-867]

---
 core/pom.xml                                  |   2 +-
 .../security/stapler/Security867Test.java     | 167 ++++++++++++++++++
 .../NotRootAction2/secret.jelly               |   5 +
 .../Security867Test/RootAction1/public.jelly  |   5 +
 .../RootAction3/showConfig.jelly              |   5 +
 5 files changed, 183 insertions(+), 1 deletion(-)
 create mode 100644 test/src/test/java/jenkins/security/stapler/Security867Test.java
 create mode 100644 test/src/test/resources/jenkins/security/stapler/Security867Test/NotRootAction2/secret.jelly
 create mode 100644 test/src/test/resources/jenkins/security/stapler/Security867Test/RootAction1/public.jelly
 create mode 100644 test/src/test/resources/jenkins/security/stapler/Security867Test/RootAction3/showConfig.jelly

diff --git a/core/pom.xml b/core/pom.xml
index ede736f44a..2b69eab6e9 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -39,7 +39,7 @@ THE SOFTWARE.
 
   <properties>
     <staplerFork>true</staplerFork>
-    <stapler.version>1.250.1</stapler.version>
+    <stapler.version>1.250.2</stapler.version>
     <spring.version>2.5.6.SEC03</spring.version>
     <groovy.version>2.4.11</groovy.version>
     <!-- TODO: Actually many issues are being filtered by src/findbugs/findbugs-excludes.xml -->
diff --git a/test/src/test/java/jenkins/security/stapler/Security867Test.java b/test/src/test/java/jenkins/security/stapler/Security867Test.java
new file mode 100644
index 0000000000..8527cac809
--- /dev/null
+++ b/test/src/test/java/jenkins/security/stapler/Security867Test.java
@@ -0,0 +1,167 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.security.stapler;
+
+import com.gargoylesoftware.htmlunit.Page;
+import hudson.model.RootAction;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.TestExtension;
+
+import javax.annotation.CheckForNull;
+
+import static org.hamcrest.Matchers.allOf;
+import static org.hamcrest.Matchers.containsString;
+import static org.hamcrest.Matchers.equalTo;
+import static org.hamcrest.Matchers.not;
+import static org.junit.Assert.assertThat;
+
+public class Security867Test {
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+    
+    @Test
+    @Issue("SECURITY-867")
+    public void folderTraversalPrevented_avoidStealingSecretInView() throws Exception {
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        
+        String publicContent = "Test OK";
+        String secretContent = "s3cr3t";
+        
+        // to validate the attack reproduction you can disable the protection
+        // Facet.ALLOW_VIEW_NAME_PATH_TRAVERSAL = true;
+        
+        // regular behavior
+        assertThat(getContentAndCheck200(wc, "rootAction1/public"), containsString(publicContent));
+        
+        // malicious usage prevention
+        
+        // looking for /jenkins/security/stapler/Security867Test/NotRootAction2/secret
+        assertThat(getContent(wc, "rootAction1/%2fjenkins%2fsecurity%2fstapler%2fSecurity867Test%2fNotRootAction2%2fsecret"), 
+                not(containsString(secretContent)));
+            
+        // looking for /jenkins\security\stapler\Security867Test\NotRootAction2\secret => 
+        // absolute path with backslash (initial forward one is required for absolute)
+        assertThat(getContent(wc,"rootAction1/%2fjenkins%5csecurity%5cstapler%5cSecurity867Test%5cNotRootAction2%5csecret"), 
+                not(containsString(secretContent)));
+            
+        // looking for ../NotRootAction2/secret => relative path
+        assertThat(getContent(wc,"rootAction1/%2e%2e%2fNotRootAction2%2fsecret"), 
+                not(containsString(secretContent)));
+            
+        // looking for ..\NotRootAction2\secret => relative path without forward slash
+        assertThat(getContent(wc, "rootAction1/%2e%2e%5cNotRootAction2%5csecret"),
+                not(containsString(secretContent)));
+    }
+    
+    private String getContent(JenkinsRule.WebClient wc, String url) throws Exception {
+        Page page = wc.goTo(url, null);
+        return page.getWebResponse().getContentAsString();
+    }
+    
+    private String getContentAndCheck200(JenkinsRule.WebClient wc, String url) throws Exception {
+        Page page = wc.goTo(url, null);
+        assertThat(page.getWebResponse().getStatusCode(), equalTo(200));
+        return page.getWebResponse().getContentAsString();
+    }
+    
+    @Test
+    @Issue("SECURITY-867")
+    public void folderTraversalPrevented_avoidStealingSecretFromDifferentObject() throws Exception {
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        
+        String action1Config = j.jenkins.getExtensionList(RootAction.class).get(RootAction1.class).getMyConfig();
+        String action3Config = j.jenkins.getExtensionList(RootAction.class).get(RootAction3.class).getMyConfig();
+        
+        // to validate the attack reproduction you can disable the protection
+        // Facet.ALLOW_VIEW_NAME_PATH_TRAVERSAL = true;
+        
+        // regular behavior, the config is only displayed in ActionRoot3
+        assertThat(getContentAndCheck200(wc, "rootAction1/public"), not(containsString(action1Config)));
+        assertThat(getContentAndCheck200(wc, "rootAction3/showConfig"), allOf(
+                containsString(action3Config),
+                not(containsString(action1Config))
+        ));
+        
+        // the main point here is the last node visited will be "it" for the view scope
+        // if we navigate by RootAction1, we pass it to the RootAction3's view
+        
+        // malicious usage prevention, looking for ../RootAction3/showConfig => relative path
+        // without the prevention, the config value of RootAction1 will be used here
+        assertThat(getContent(wc, "rootAction1/%2e%2e%2fRootAction3%2fshowConfig"), allOf(
+                not(containsString(action1Config)),
+                not(containsString(action3Config))
+        ));
+    }
+    
+    @TestExtension
+    public static class RootAction1 implements RootAction {
+        // not displayed in its own public.jelly
+        public String getMyConfig() {
+            return "config-1";
+        }
+        
+        @Override
+        public @CheckForNull String getIconFileName() {
+            return null;
+        }
+        
+        @Override
+        public @CheckForNull String getDisplayName() {
+            return null;
+        }
+        
+        @Override
+        public @CheckForNull String getUrlName() {
+            return "rootAction1";
+        }
+    }
+    
+    @TestExtension
+    public static class RootAction3 implements RootAction {
+        // displayed in its showConfig.jelly
+        public String getMyConfig() {
+            return "config-3";
+        }
+        
+        @Override
+        public @CheckForNull String getIconFileName() {
+            return null;
+        }
+        
+        @Override
+        public @CheckForNull String getDisplayName() {
+            return null;
+        }
+        
+        @Override
+        public @CheckForNull String getUrlName() {
+            return "rootAction3";
+        }
+    }
+}
diff --git a/test/src/test/resources/jenkins/security/stapler/Security867Test/NotRootAction2/secret.jelly b/test/src/test/resources/jenkins/security/stapler/Security867Test/NotRootAction2/secret.jelly
new file mode 100644
index 0000000000..05fb260ccb
--- /dev/null
+++ b/test/src/test/resources/jenkins/security/stapler/Security867Test/NotRootAction2/secret.jelly
@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core">
+    <p>s3cr3t</p>
+</j:jelly>
diff --git a/test/src/test/resources/jenkins/security/stapler/Security867Test/RootAction1/public.jelly b/test/src/test/resources/jenkins/security/stapler/Security867Test/RootAction1/public.jelly
new file mode 100644
index 0000000000..aae5f62d2c
--- /dev/null
+++ b/test/src/test/resources/jenkins/security/stapler/Security867Test/RootAction1/public.jelly
@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core">
+    <p>Test OK</p>
+</j:jelly>
diff --git a/test/src/test/resources/jenkins/security/stapler/Security867Test/RootAction3/showConfig.jelly b/test/src/test/resources/jenkins/security/stapler/Security867Test/RootAction3/showConfig.jelly
new file mode 100644
index 0000000000..32943accd9
--- /dev/null
+++ b/test/src/test/resources/jenkins/security/stapler/Security867Test/RootAction3/showConfig.jelly
@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core">
+    <p>Config: ${it.myConfig}</p>
+</j:jelly>
-- 
GitLab


From 7366cc50106442a021c5178cd101057ecc08f2c2 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Thu, 27 Sep 2018 11:34:02 +0200
Subject: [PATCH 756/863] [SECURITY-765]

Co-Authored-By: Wadeck Follonier <wadeck.follonier@gmail.com>
---
 .../main/java/hudson/model/Descriptor.java    |   3 +-
 core/src/main/java/jenkins/model/Jenkins.java |   7 +-
 ...dactSecretJsonInErrorMessageSanitizer.java | 118 +++++++
 ...SecretJsonInErrorMessageSanitizerTest.java | 139 ++++++++
 ...etJsonInErrorMessageSanitizerHtmlTest.java | 298 ++++++++++++++++++
 .../TestDescribablePage/index.jelly           |  39 +++
 .../TestPassword/index.jelly                  |  53 ++++
 .../TestStaplerPage/index.jelly               |  39 +++
 .../main/webapp/scripts/hudson-behavior.js    |   7 +-
 9 files changed, 699 insertions(+), 4 deletions(-)
 create mode 100644 core/src/main/java/jenkins/security/RedactSecretJsonInErrorMessageSanitizer.java
 create mode 100644 core/src/test/java/jenkins/security/RedactSecretJsonInErrorMessageSanitizerTest.java
 create mode 100644 test/src/test/java/jenkins/security/RedactSecretJsonInErrorMessageSanitizerHtmlTest.java
 create mode 100644 test/src/test/resources/jenkins/security/RedactSecretJsonInErrorMessageSanitizerHtmlTest/TestDescribablePage/index.jelly
 create mode 100644 test/src/test/resources/jenkins/security/RedactSecretJsonInErrorMessageSanitizerHtmlTest/TestPassword/index.jelly
 create mode 100644 test/src/test/resources/jenkins/security/RedactSecretJsonInErrorMessageSanitizerHtmlTest/TestStaplerPage/index.jelly

diff --git a/core/src/main/java/hudson/model/Descriptor.java b/core/src/main/java/hudson/model/Descriptor.java
index 1de0c37080..9994458814 100644
--- a/core/src/main/java/hudson/model/Descriptor.java
+++ b/core/src/main/java/hudson/model/Descriptor.java
@@ -39,6 +39,7 @@ import hudson.views.ListViewColumn;
 import jenkins.model.GlobalConfiguration;
 import jenkins.model.GlobalConfigurationCategory;
 import jenkins.model.Jenkins;
+import jenkins.security.RedactSecretJsonInErrorMessageSanitizer;
 import jenkins.util.io.OnMaster;
 import net.sf.json.JSONArray;
 import net.sf.json.JSONObject;
@@ -597,7 +598,7 @@ public abstract class Descriptor<T extends Describable<T>> implements Saveable,
         } catch (NoSuchMethodException e) {
             throw new AssertionError(e); // impossible
         } catch (InstantiationException | IllegalAccessException | RuntimeException e) {
-            throw new Error("Failed to instantiate "+clazz+" from "+formData,e);
+            throw new Error("Failed to instantiate "+clazz+" from "+RedactSecretJsonInErrorMessageSanitizer.INSTANCE.sanitize(formData),e);
         }
     }
 
diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index f7ab825696..64fe4c9947 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -37,6 +37,7 @@ import hudson.*;
 import hudson.Launcher.LocalLauncher;
 import jenkins.AgentProtocol;
 import jenkins.diagnostics.URICheckEncodingMonitor;
+import jenkins.security.RedactSecretJsonInErrorMessageSanitizer;
 import jenkins.util.SystemProperties;
 import hudson.cli.declarative.CLIMethod;
 import hudson.cli.declarative.CLIResolver;
@@ -898,9 +899,11 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
             if (pluginManager==null)
                 pluginManager = PluginManager.createDefault(this);
             this.pluginManager = pluginManager;
+            WebApp webApp = WebApp.get(servletContext);
             // JSON binding needs to be able to see all the classes from all the plugins
-            WebApp.get(servletContext).setClassLoader(pluginManager.uberClassLoader);
-
+            webApp.setClassLoader(pluginManager.uberClassLoader);
+            webApp.setJsonInErrorMessageSanitizer(RedactSecretJsonInErrorMessageSanitizer.INSTANCE);
+            
             adjuncts = new AdjunctManager(servletContext, pluginManager.uberClassLoader,"adjuncts/"+SESSION_HASH, TimeUnit2.DAYS.toMillis(365));
 
             // TODO pending move to standard blacklist, or API to append filter
diff --git a/core/src/main/java/jenkins/security/RedactSecretJsonInErrorMessageSanitizer.java b/core/src/main/java/jenkins/security/RedactSecretJsonInErrorMessageSanitizer.java
new file mode 100644
index 0000000000..e7b0e7f7df
--- /dev/null
+++ b/core/src/main/java/jenkins/security/RedactSecretJsonInErrorMessageSanitizer.java
@@ -0,0 +1,118 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.security;
+
+import net.sf.json.JSONArray;
+import net.sf.json.JSONObject;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+import org.kohsuke.stapler.JsonInErrorMessageSanitizer;
+
+import java.util.HashSet;
+import java.util.Set;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+@Restricted(NoExternalUse.class)
+public class RedactSecretJsonInErrorMessageSanitizer implements JsonInErrorMessageSanitizer {
+    private static final Logger LOGGER = Logger.getLogger(RedactSecretJsonInErrorMessageSanitizer.class.getName());
+    
+    // must be kept in sync with hudson-behavior.js in function buildFormTree, password case
+    public static final String REDACT_KEY = "$redact";
+    public static final String REDACT_VALUE = "[value redacted]";
+    
+    public static final RedactSecretJsonInErrorMessageSanitizer INSTANCE = new RedactSecretJsonInErrorMessageSanitizer();
+    
+    private RedactSecretJsonInErrorMessageSanitizer() {}
+    
+    @Override
+    public JSONObject sanitize(JSONObject jsonObject) {
+        return copyAndSanitizeObject(jsonObject);
+    }
+    
+    /**
+     * Accept anything as value for the {@link #REDACT_KEY} but only process the first level of an array and the string value.
+     */
+    private Set<String> retrieveRedactedKeys(JSONObject jsonObject) {
+        Set<String> redactedKeySet = new HashSet<>();
+        if (jsonObject.has(REDACT_KEY)) {
+            Object value = jsonObject.get(REDACT_KEY);
+            if (value instanceof JSONArray) {
+                for (Object o : jsonObject.getJSONArray(REDACT_KEY)) {
+                    if (o instanceof String) {
+                        redactedKeySet.add((String) o);
+                    } else {
+                        // array, object, null, number, boolean
+                        LOGGER.log(Level.WARNING, "Unsupported type " + o.getClass().getName() + " for " + REDACT_KEY + ", please use either a single String value or an Array");
+                    }
+                }
+            } else if (value instanceof String) {
+                redactedKeySet.add((String) value);
+            } else {
+                // object, null, number, boolean
+                LOGGER.log(Level.WARNING, "Unsupported type " + value.getClass().getName() + " for " + REDACT_KEY + ", please use either a single String value or an Array");
+            }
+        }
+        return redactedKeySet;
+    }
+    
+    private Object copyAndSanitize(Object value) {
+        if (value instanceof JSONObject) {
+            return copyAndSanitizeObject((JSONObject) value);
+        } else if (value instanceof JSONArray) {
+            return copyAndSanitizeArray((JSONArray) value);
+        } else {
+            // string, null, number, boolean
+            return value;
+        }
+    }
+    
+    @SuppressWarnings("unchecked")
+    private JSONObject copyAndSanitizeObject(JSONObject jsonObject) {
+        Set<String> redactedKeySet = retrieveRedactedKeys(jsonObject);
+        JSONObject result = new JSONObject();
+        
+        jsonObject.keySet().forEach(keyObject -> {
+            String key = keyObject.toString();
+            if (redactedKeySet.contains(key)) {
+                result.accumulate(key, REDACT_VALUE);
+            } else {
+                Object value = jsonObject.get(keyObject);
+                result.accumulate(key, copyAndSanitize(value));
+            }
+        });
+        
+        return result;
+    }
+    
+    private JSONArray copyAndSanitizeArray(JSONArray jsonArray) {
+        JSONArray result = new JSONArray();
+        
+        jsonArray.forEach(value ->
+                result.add(copyAndSanitize(value))
+        );
+        
+        return result;
+    }
+}
diff --git a/core/src/test/java/jenkins/security/RedactSecretJsonInErrorMessageSanitizerTest.java b/core/src/test/java/jenkins/security/RedactSecretJsonInErrorMessageSanitizerTest.java
new file mode 100644
index 0000000000..9a975481c2
--- /dev/null
+++ b/core/src/test/java/jenkins/security/RedactSecretJsonInErrorMessageSanitizerTest.java
@@ -0,0 +1,139 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.security;
+
+import net.sf.json.JSONObject;
+import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotSame;
+
+@Issue("SECURITY-765")
+public class RedactSecretJsonInErrorMessageSanitizerTest {
+    @Test
+    public void noSecrets() throws Exception {
+        assertRedaction(
+                "{'a': 1, 'b': '2', 'c': {'c1': 1, 'c2': '2', 'c3': ['3a', '3b']}, 'd': ['4a', {'d1': 1, 'd2': '2'}]}",
+                "{'a': 1, 'b': '2', 'c': {'c1': 1, 'c2': '2', 'c3': ['3a', '3b']}, 'd': ['4a', {'d1': 1, 'd2': '2'}]}"
+        );
+    }
+    
+    @Test
+    public void simpleWithSecret() throws Exception {
+        assertRedaction(
+                "{'a': 'secret', 'b': 'other', '$redact': 'a'}",
+                "{'a': '[value redacted]', 'b': 'other', '$redact': 'a'}"
+        );
+    }
+    
+    @Test
+    public void singleWithRedactedInArray() throws Exception {
+        assertRedaction(
+                "{'a': 'secret', 'b': 'other', '$redact': ['a']}",
+                "{'a': '[value redacted]', 'b': 'other', '$redact': ['a']}"
+        );
+    }
+    
+    @Test
+    public void objectRedactedAcceptedButNotProcessed() throws Exception {
+        assertRedaction(
+                "{'a': 'secret', 'b': 'other', '$redact': {'a': 'a'}}",
+                "{'a': 'secret', 'b': 'other', '$redact': {'a': 'a'}}"
+        );
+    }
+    
+    @Test
+    public void weirdValuesInRedactedAcceptedButNotProcessed() throws Exception {
+        assertRedaction(
+                "{'a': 'secret', 'b': 'other', '$redact': [null, true, false, 1, 2, 'a']}",
+                "{'a': '[value redacted]', 'b': 'other', '$redact': [null, true, false, 1, 2, 'a']}"
+        );
+    }
+    
+    @Test
+    public void ensureTrueAndOneAsStringAreSupportedAsRedactedKey() throws Exception {
+        //only null is not supported, as passing 'null' is considered as null
+        assertRedaction(
+                "{'true': 'secret1', '1': 'secret3', 'b': 'other', '$redact': ['true', '1']}",
+                "{'true': '[value redacted]', '1': '[value redacted]', 'b': 'other', '$redact': ['true', '1']}"
+        );
+    }
+    
+    @Test
+    public void redactFullBranch() throws Exception {
+        assertRedaction(
+                "{'a': {'s1': 'secret1', 's2': 'secret2', 's3': [1,2,3]}, 'b': [4,5,6], 'c': 'other', '$redact': ['a', 'b']}",
+                "{'a': '[value redacted]', 'b': '[value redacted]', 'c': 'other', '$redact': ['a', 'b']}"
+        );
+    }
+    
+    @Test
+    public void multipleSecretAtSameLevel() throws Exception {
+        assertRedaction(
+                "{'a1': 'secret1', 'a2': 'secret2', 'b': 'other', '$redact': ['a1', 'a2']}",
+                "{'a1': '[value redacted]', 'a2': '[value redacted]', 'b': 'other', '$redact': ['a1', 'a2']}"
+        );
+    }
+    
+    @Test
+    public void redactedKeyWithoutCorrespondences() throws Exception {
+        assertRedaction(
+                "{'a1': 'secret1', 'a2': 'secret2', 'b': 'other', '$redact': ['a0', 'a1', 'a2', 'a3']}",
+                "{'a1': '[value redacted]', 'a2': '[value redacted]', 'b': 'other', '$redact': ['a0', 'a1', 'a2', 'a3']}"
+        );
+    }
+    
+    @Test
+    public void secretsAtMultipleLevels() throws Exception {
+        assertRedaction(
+                "{'a1': 'secret1', 'a2': 'secret2', 'b': 'other', '$redact': ['a1', 'a2'], 'sub': {'c1': 'secret1', 'c2': 'secret2', 'c3': 'other', '$redact': ['c1', 'c2']}}",
+                "{'a1': '[value redacted]', 'a2': '[value redacted]', 'b': 'other', '$redact': ['a1', 'a2'], 'sub': {'c1': '[value redacted]', 'c2': '[value redacted]', 'c3': 'other', '$redact': ['c1', 'c2']}}"
+        );
+    }
+    
+    @Test
+    public void noInteractionBetweenLevels() throws Exception {
+        assertRedaction(
+                "{'a': 'secret', 'b': 'other', 'c': 'other', '$redact': 'a', 'sub': {'a': 'other', 'b': 'secret', 'c': 'other', '$redact': 'b'}}",
+                "{'a': '[value redacted]', 'b': 'other', 'c': 'other', '$redact': 'a', 'sub': {'a': 'other', 'b': '[value redacted]', 'c': 'other', '$redact': 'b'}}"
+        );
+    }
+    
+    @Test
+    public void deeplyNestedObject() throws Exception {
+        assertRedaction(
+                "{'sub': {'arr': ['d1', 2, {'a1': 'other', 'b1':'other', 'c1': 'secret', '$redact': 'c1'}, 4, {'a2': 'other', 'b2': 'other', 'c2': 'secret', '$redact': 'c2'}]}, '$redact': 'b'}",
+                "{'sub': {'arr': ['d1', 2, {'a1': 'other', 'b1':'other', 'c1': '[value redacted]', '$redact': 'c1'}, 4, {'a2': 'other', 'b2': 'other', 'c2': '[value redacted]', '$redact': 'c2'}]}, '$redact': 'b'}"
+        );
+    }
+    
+    private void assertRedaction(String from, String to) {
+        JSONObject input = JSONObject.fromObject(from.replace('\'', '"'));
+        JSONObject output = RedactSecretJsonInErrorMessageSanitizer.INSTANCE.sanitize(input);
+        assertNotSame(output, input);
+        assertEquals("redaction of " + from, to.replace('\'', '"').replace(" ", ""),
+                output.toString().replace(" ", ""));
+    }
+}
diff --git a/test/src/test/java/jenkins/security/RedactSecretJsonInErrorMessageSanitizerHtmlTest.java b/test/src/test/java/jenkins/security/RedactSecretJsonInErrorMessageSanitizerHtmlTest.java
new file mode 100644
index 0000000000..3a09f1aa80
--- /dev/null
+++ b/test/src/test/java/jenkins/security/RedactSecretJsonInErrorMessageSanitizerHtmlTest.java
@@ -0,0 +1,298 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018 CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.security;
+
+import com.gargoylesoftware.htmlunit.Page;
+import com.gargoylesoftware.htmlunit.html.HtmlForm;
+import com.gargoylesoftware.htmlunit.html.HtmlInput;
+import com.gargoylesoftware.htmlunit.html.HtmlPage;
+import hudson.model.Describable;
+import hudson.model.Descriptor;
+import hudson.model.RootAction;
+import hudson.util.Secret;
+import jenkins.model.Jenkins;
+import net.sf.json.JSONObject;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.LoggerRule;
+import org.jvnet.hudson.test.TestExtension;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+import org.kohsuke.stapler.DataBoundConstructor;
+import org.kohsuke.stapler.StaplerRequest;
+import org.kohsuke.stapler.StaplerResponse;
+import org.kohsuke.stapler.interceptor.RequirePOST;
+
+import java.io.PrintWriter;
+import java.io.StringWriter;
+import java.util.logging.Level;
+
+import static org.hamcrest.CoreMatchers.allOf;
+import static org.hamcrest.CoreMatchers.containsString;
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.hamcrest.CoreMatchers.hasItem;
+import static org.hamcrest.CoreMatchers.not;
+import static org.junit.Assert.assertThat;
+
+@Restricted(NoExternalUse.class)
+public class RedactSecretJsonInErrorMessageSanitizerHtmlTest {
+    
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+    
+    @Rule
+    public LoggerRule logging = new LoggerRule();
+    
+    @Test
+    @Issue("SECURITY-765")
+    public void passwordsAreRedacted_andOtherStayTheSame() throws Exception {
+        j.jenkins.setCrumbIssuer(null);
+        TestPassword testPassword = j.jenkins.getExtensionList(RootAction.class).get(TestPassword.class);
+        
+        JenkinsRule.WebClient wc = j.createWebClient();
+        HtmlPage page = wc.goTo("test");
+        
+        String textSimple = "plain-1";
+        String pwdSimple = "secret-1";
+        ((HtmlInput) page.getElementById("text-simple")).setValueAttribute(textSimple);
+        ((HtmlInput) page.getElementById("pwd-simple")).setValueAttribute(pwdSimple);
+        
+        String textLevelOne = "plain-2";
+        String pwdLevelOneA = "secret-2";
+        String pwdLevelOneB = "secret-3";
+        ((HtmlInput) page.getElementById("text-level-one")).setValueAttribute(textLevelOne);
+        ((HtmlInput) page.getElementById("pwd-level-one-a")).setValueAttribute(pwdLevelOneA);
+        ((HtmlInput) page.getElementById("pwd-level-one-b")).setValueAttribute(pwdLevelOneB);
+        
+        HtmlForm form = page.getFormByName("config");
+        Page formSubmitPage = j.submit(form);
+        assertThat(formSubmitPage.getWebResponse().getStatusCode(), equalTo(200));
+        
+        JSONObject rawJson = testPassword.lastJsonReceived;
+        String rawJsonToString = rawJson.toString();
+        assertThat(rawJsonToString, containsString(textSimple));
+        assertThat(rawJsonToString, containsString(pwdSimple));
+        assertThat(rawJsonToString, containsString(textLevelOne));
+        assertThat(rawJsonToString, containsString(pwdLevelOneA));
+        
+        assertThat(rawJson.getString(RedactSecretJsonInErrorMessageSanitizer.REDACT_KEY), equalTo("pwd-simple"));
+        assertThat(
+                rawJson.getJSONObject("sub-one").getJSONArray(RedactSecretJsonInErrorMessageSanitizer.REDACT_KEY),
+                allOf(
+                        hasItem("pwd-level-one-a"),
+                        hasItem("pwd-level-one-b")
+                )
+        );
+        
+        JSONObject redactedJson = RedactSecretJsonInErrorMessageSanitizer.INSTANCE.sanitize(rawJson);
+        String redactedJsonToString = redactedJson.toString();
+        assertThat(redactedJsonToString, containsString(textSimple));
+        assertThat(redactedJsonToString, not(containsString(pwdSimple)));
+        assertThat(redactedJsonToString, containsString(textLevelOne));
+        assertThat(redactedJsonToString, not(containsString(pwdLevelOneA)));
+        assertThat(redactedJsonToString, not(containsString(pwdLevelOneB)));
+        assertThat(redactedJsonToString, containsString(RedactSecretJsonInErrorMessageSanitizer.REDACT_VALUE));
+    }
+    
+    @TestExtension("passwordsAreRedacted_andOtherStayTheSame")
+    public static class TestPassword implements RootAction {
+        
+        public JSONObject lastJsonReceived;
+        
+        public void doSubmitTest(StaplerRequest req, StaplerResponse res) throws Exception {
+            lastJsonReceived = req.getSubmittedForm();
+            
+            res.setStatus(200);
+        }
+        
+        @Override
+        public String getIconFileName() {
+            return null;
+        }
+        
+        @Override
+        public String getDisplayName() {
+            return null;
+        }
+        
+        @Override
+        public String getUrlName() {
+            return "test";
+        }
+    }
+    
+    @Test
+    @Issue("SECURITY-765")
+    public void checkSanitizationIsApplied_inDescriptor() throws Exception {
+        logging.record("/jenkins", Level.ALL).capture(1);
+        
+        j.jenkins.setCrumbIssuer(null);
+        
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        HtmlPage page = wc.goTo("testDescribable");
+        String secret = "s3cr3t";
+        ((HtmlInput) page.getElementById("password")).setValueAttribute(secret);
+        
+        HtmlForm form = page.getFormByName("config");
+        Page formSubmitPage = j.submit(form);
+        assertThat(formSubmitPage.getWebResponse().getContentAsString(), allOf(
+                containsString(RedactSecretJsonInErrorMessageSanitizer.REDACT_VALUE),
+                not(containsString(secret))
+        ));
+        
+        // check the system log also
+        Throwable thrown = logging.getRecords().get(0).getThrown();
+        // the exception from Descriptor
+        assertThat(thrown.getCause().getMessage(), allOf(
+                containsString(RedactSecretJsonInErrorMessageSanitizer.REDACT_VALUE),
+                not(containsString(secret))
+        ));
+        
+        // the exception from RequestImpl
+        assertThat(thrown.getCause().getCause().getMessage(), allOf(
+                containsString(RedactSecretJsonInErrorMessageSanitizer.REDACT_VALUE),
+                not(containsString(secret))
+        ));
+        
+        StringWriter buffer = new StringWriter();
+        thrown.printStackTrace(new PrintWriter(buffer));
+        String fullStack = buffer.getBuffer().toString();
+        assertThat(fullStack, allOf(
+                containsString(RedactSecretJsonInErrorMessageSanitizer.REDACT_VALUE),
+                not(containsString(secret))
+        ));
+    }
+    
+    @Test
+    @Issue("SECURITY-765")
+    public void checkSanitizationIsApplied_inStapler() throws Exception {
+        logging.record("/jenkins", Level.ALL).capture(1);
+        
+        j.jenkins.setCrumbIssuer(null);
+        
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+        HtmlPage page = wc.goTo("testStapler");
+        String secret = "s3cr3t";
+        ((HtmlInput) page.getElementById("password")).setValueAttribute(secret);
+        
+        HtmlForm form = page.getFormByName("config");
+        Page formSubmitPage = j.submit(form);
+        assertThat(formSubmitPage.getWebResponse().getContentAsString(), allOf(
+                containsString(RedactSecretJsonInErrorMessageSanitizer.REDACT_VALUE),
+                not(containsString(secret))
+        ));
+        
+        // check the system log also
+        Throwable thrown = logging.getRecords().get(0).getThrown();
+        // the exception from RequestImpl
+        assertThat(thrown.getCause().getMessage(), allOf(
+                containsString(RedactSecretJsonInErrorMessageSanitizer.REDACT_VALUE),
+                not(containsString(secret))
+        ));
+        
+        StringWriter buffer = new StringWriter();
+        thrown.printStackTrace(new PrintWriter(buffer));
+        String fullStack = buffer.getBuffer().toString();
+        assertThat(fullStack, allOf(
+                containsString(RedactSecretJsonInErrorMessageSanitizer.REDACT_VALUE),
+                not(containsString(secret))
+        ));
+    }
+    
+    public static class TestDescribable implements Describable<TestDescribable> {
+        
+        @DataBoundConstructor
+        public TestDescribable(Secret password) {
+            throw new IllegalArgumentException("Try to steal my password");
+        }
+        
+        public DescriptorImpl getDescriptor() {
+            return Jenkins.getInstance().getDescriptorByType(TestDescribable.DescriptorImpl.class);
+        }
+        
+        @TestExtension({
+                "checkSanitizationIsApplied_inStapler",
+                "checkSanitizationIsApplied_inDescriptor"
+        })
+        public static final class DescriptorImpl extends Descriptor<TestDescribable> {
+            
+        }
+    }
+    
+    @TestExtension("checkSanitizationIsApplied_inDescriptor")
+    public static class TestDescribablePage implements RootAction {
+        
+        public TestDescribable testDescribable;
+        
+        @RequirePOST
+        public void doConfigSubmit(StaplerRequest req, StaplerResponse rsp) throws Exception {
+            Jenkins.getInstance().getDescriptorOrDie(TestDescribable.class).newInstance(req, req.getSubmittedForm());
+        }
+        
+        @Override
+        public String getIconFileName() {
+            return null;
+        }
+        
+        @Override
+        public String getDisplayName() {
+            return null;
+        }
+        
+        @Override
+        public String getUrlName() {
+            return "testDescribable";
+        }
+    }
+    
+    @TestExtension("checkSanitizationIsApplied_inStapler")
+    public static class TestStaplerPage implements RootAction {
+        
+        public TestDescribable testDescribable;
+        
+        @RequirePOST
+        public void doConfigSubmit(StaplerRequest req, StaplerResponse rsp) throws Exception {
+            req.bindJSON(TestDescribable.class, req.getSubmittedForm());
+        }
+        
+        @Override
+        public String getIconFileName() {
+            return null;
+        }
+        
+        @Override
+        public String getDisplayName() {
+            return null;
+        }
+        
+        @Override
+        public String getUrlName() {
+            return "testStapler";
+        }
+    }
+}
diff --git a/test/src/test/resources/jenkins/security/RedactSecretJsonInErrorMessageSanitizerHtmlTest/TestDescribablePage/index.jelly b/test/src/test/resources/jenkins/security/RedactSecretJsonInErrorMessageSanitizerHtmlTest/TestDescribablePage/index.jelly
new file mode 100644
index 0000000000..c721c3ea0f
--- /dev/null
+++ b/test/src/test/resources/jenkins/security/RedactSecretJsonInErrorMessageSanitizerHtmlTest/TestDescribablePage/index.jelly
@@ -0,0 +1,39 @@
+<!--
+The MIT License
+
+Copyright (c) 2018 CloudBees, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:l="/lib/layout" xmlns:f="/lib/form">
+    <l:layout title="Making sure the password field gets an encrypted value">
+        <l:main-panel>
+            <f:form method="post" name="config" action="configSubmit">
+                <f:entry field="password">
+                    <f:password id="password"/>
+                </f:entry>
+                
+                <f:bottomButtonBar>
+                    <f:submit value="submit"/>
+                </f:bottomButtonBar>
+            </f:form>
+        </l:main-panel>
+    </l:layout>
+</j:jelly>
diff --git a/test/src/test/resources/jenkins/security/RedactSecretJsonInErrorMessageSanitizerHtmlTest/TestPassword/index.jelly b/test/src/test/resources/jenkins/security/RedactSecretJsonInErrorMessageSanitizerHtmlTest/TestPassword/index.jelly
new file mode 100644
index 0000000000..151e1d9000
--- /dev/null
+++ b/test/src/test/resources/jenkins/security/RedactSecretJsonInErrorMessageSanitizerHtmlTest/TestPassword/index.jelly
@@ -0,0 +1,53 @@
+<!--
+The MIT License
+
+Copyright (c) 2018 CloudBees, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:l="/lib/layout" xmlns:f="/lib/form">
+    <l:layout title="Making sure the password field gets an encrypted value">
+        <l:main-panel>
+            <f:form method="post" name="config" action="submitTest">
+                <f:entry field="text-simple">
+                    <f:textbox id="text-simple"/>
+                </f:entry>
+                <f:entry field="pwd-simple">
+                    <f:password id="pwd-simple"/>
+                </f:entry>
+                <f:section name="sub-one">
+                    <f:entry field="text-level-one">
+                        <f:textbox id="text-level-one"/>
+                    </f:entry>
+                    <f:entry field="pwd-level-one-a">
+                        <f:password id="pwd-level-one-a"/>
+                    </f:entry>
+                    <f:entry field="pwd-level-one-b">
+                        <f:password id="pwd-level-one-b"/>
+                    </f:entry>
+                </f:section>
+    
+                <f:bottomButtonBar>
+                    <f:submit value="submit"/>
+                </f:bottomButtonBar>
+            </f:form>
+        </l:main-panel>
+    </l:layout>
+</j:jelly>
diff --git a/test/src/test/resources/jenkins/security/RedactSecretJsonInErrorMessageSanitizerHtmlTest/TestStaplerPage/index.jelly b/test/src/test/resources/jenkins/security/RedactSecretJsonInErrorMessageSanitizerHtmlTest/TestStaplerPage/index.jelly
new file mode 100644
index 0000000000..c721c3ea0f
--- /dev/null
+++ b/test/src/test/resources/jenkins/security/RedactSecretJsonInErrorMessageSanitizerHtmlTest/TestStaplerPage/index.jelly
@@ -0,0 +1,39 @@
+<!--
+The MIT License
+
+Copyright (c) 2018 CloudBees, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:l="/lib/layout" xmlns:f="/lib/form">
+    <l:layout title="Making sure the password field gets an encrypted value">
+        <l:main-panel>
+            <f:form method="post" name="config" action="configSubmit">
+                <f:entry field="password">
+                    <f:password id="password"/>
+                </f:entry>
+                
+                <f:bottomButtonBar>
+                    <f:submit value="submit"/>
+                </f:bottomButtonBar>
+            </f:form>
+        </l:main-panel>
+    </l:layout>
+</j:jelly>
diff --git a/war/src/main/webapp/scripts/hudson-behavior.js b/war/src/main/webapp/scripts/hudson-behavior.js
index d8989d5dea..0cf469a510 100644
--- a/war/src/main/webapp/scripts/hudson-behavior.js
+++ b/war/src/main/webapp/scripts/hudson-behavior.js
@@ -2579,7 +2579,12 @@ function buildFormTree(form) {
                     addProperty(p, e.name.substring(r), e.value);
                 }
                 break;
-
+            case "password":
+                p = findParent(e);
+                addProperty(p, e.name, e.value);
+                // must be kept in sync with RedactSecretJsonForTraceSanitizer.REDACT_KEY
+                addProperty(p, "$redact", shortenName(e.name));
+                break;
             default:
                 p = findParent(e);
                 addProperty(p, e.name, e.value);
-- 
GitLab


From 41f74e2a82e95d66f6723da81dfacd376a564764 Mon Sep 17 00:00:00 2001
From: Ramon Leon <manuelramonleonjimenez@gmail.com>
Date: Thu, 27 Sep 2018 11:37:29 +0200
Subject: [PATCH 757/863] [SECURITY-857]

---
 .../jenkins/security/Security857Test.java     | 118 ++++++++++++++++++
 .../resources/jenkins/security/escape.jelly   |   8 ++
 2 files changed, 126 insertions(+)
 create mode 100644 test/src/test/java/jenkins/security/Security857Test.java
 create mode 100644 test/src/test/resources/jenkins/security/escape.jelly

diff --git a/test/src/test/java/jenkins/security/Security857Test.java b/test/src/test/java/jenkins/security/Security857Test.java
new file mode 100644
index 0000000000..f5832c42cc
--- /dev/null
+++ b/test/src/test/java/jenkins/security/Security857Test.java
@@ -0,0 +1,118 @@
+package jenkins.security;
+
+import com.gargoylesoftware.htmlunit.HttpMethod;
+import com.gargoylesoftware.htmlunit.WebRequest;
+import com.gargoylesoftware.htmlunit.WebResponse;
+import hudson.util.IOUtils;
+import org.junit.Assert;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+
+import java.io.IOException;
+import java.lang.reflect.Field;
+
+/**
+ * Tests about the behavior expected setting different values in the escape-by-default directive and the
+ * CustomJellyContext.ESCAPE_BY_DEFAULT field.
+ */
+public class Security857Test {
+
+    private static String EVIDENCE = "<script> alert";
+
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+
+    /**
+     * Test that a jelly is escaped right thanks to the CustomJellyContext.ESCAPE_BY_DEFAULT field. Its default value is true.
+     * @throws Exception
+     */
+    @Issue("SECURITY-857")
+    @Test
+    public void testJellyEscapingTrue() throws Exception {
+        testJelly(true);
+    }
+
+    /**
+     * Test that a jelly is not escaped when the escape-by-default='false' directive is set in it.
+     * @throws Exception
+     */
+    @Issue("SECURITY-857")
+    @Test
+    public void testJellyEscapingFalse() throws Exception {
+        testJelly(false);
+    }
+
+
+    /**
+     * Test that a jelly is escaped when the escape-by-default='true' directive is set in it.
+     * @throws Exception
+     */
+    @Issue("SECURITY-857")
+    @Test
+    public void testJellyEscapingDefault() throws Exception {
+        testJelly(null);
+    }
+
+    private void testJelly(Boolean escape) throws Exception {
+        String jelly = getJellyContent(escape);
+
+        String response = parseJelly(jelly);
+
+        checkResponse(response, escape);
+    }
+
+    /**
+     * Get a jelly test string with the escape-by-default set or not depending on the escape parameter.
+     * @param escape null to not set anything, true of false to set or not the escape-by-default directive respectively
+     * @return The jelly test with the escape-by-default directive
+     * @throws IOException if there are some exception reading the jelly test file.
+     */
+    private String getJellyContent(Boolean escape) throws IOException {
+        String jelly = IOUtils.toString(this.getClass().getResourceAsStream("escape.jelly"));
+        if(escape != null) {
+            jelly = String.format("<?jelly escape-by-default='%s'?>%n%s", escape, jelly);
+        }
+
+        return jelly;
+    }
+
+    /**
+     * Parse a jelly using the eval url.
+     * @param jelly The jelly to parse
+     * @return The content of the response web page.
+     * @throws Exception if there are some exception during the requests.
+     */
+    private String parseJelly(String jelly) throws Exception {
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+
+        wc.login("admin");
+
+        WebRequest req = new WebRequest(wc.createCrumbedUrl("eval"), HttpMethod.POST);
+        req.setEncodingType(null);
+
+        req.setRequestBody(jelly);
+        WebResponse response = wc.getPage(req).getWebResponse();
+
+        Assert.assertEquals(200, response.getStatusCode());
+        return response.getContentAsString();
+    }
+
+    /**
+     * Check the response of the parse of the jelly. Depending on the escape parameter, the response page should have
+     * escaped characters or unescaped characters.
+     * @param response The response of the parse of the jelly.
+     * @param escape How the escape-by-default directive was set. null: not set, true: set to true, false: set to false
+     */
+    private void checkResponse(String response, Boolean escape){
+        if (escape == null) {
+            Assert.assertFalse("There is no escape-by-default tag in the jelly (true is assumed) but there are unescaped characters in the response.", response.contains(EVIDENCE));
+        } else if (escape) {
+            Assert.assertFalse("Set explicitly the <?jelly escape-by-default='true' in the jelly but there are unescaped characters in the response. Jenkins is not escaping the characters and it should to.", response.contains(EVIDENCE));
+        } else {
+            Assert.assertTrue("Set explicitly the <?jelly escape-by-default='false' in the jelly but there are escaped characters in the response. Jenkins is escaping the characters and it shouldn't to.", response.contains(EVIDENCE));
+        }
+    }
+}
diff --git a/test/src/test/resources/jenkins/security/escape.jelly b/test/src/test/resources/jenkins/security/escape.jelly
new file mode 100644
index 0000000000..60db6abc89
--- /dev/null
+++ b/test/src/test/resources/jenkins/security/escape.jelly
@@ -0,0 +1,8 @@
+<!-- This line is added from the code changing the value: <?jelly escape-by-default='true'?> -->
+<j:jelly xmlns:j="jelly:core" xmlns:l="/lib/layout">
+    <l:layout>
+        <l:main-panel>
+            ${h.xmlUnescape("Injection: &lt;script&gt; alert('Oh Oh');&lt;/script&gt; end")}
+        </l:main-panel>
+    </l:layout>
+</j:jelly>
-- 
GitLab


From ba33bd67cdaef87aba8a4e95dca8dcf108a7d73f Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Thu, 27 Sep 2018 11:38:33 +0200
Subject: [PATCH 758/863] [SECURITY-1114]

---
 .../main/java/hudson/model/AbstractItem.java  | 11 +++
 core/src/main/java/hudson/model/Run.java      | 31 +++++-
 core/src/main/java/hudson/model/User.java     | 13 ++-
 .../hudson/AbstractItemSecurity1114Test.java  | 97 +++++++++++++++++++
 4 files changed, 150 insertions(+), 2 deletions(-)
 create mode 100644 test/src/test/java/hudson/AbstractItemSecurity1114Test.java

diff --git a/core/src/main/java/hudson/model/AbstractItem.java b/core/src/main/java/hudson/model/AbstractItem.java
index 9abd3e8708..a9dcfe4137 100644
--- a/core/src/main/java/hudson/model/AbstractItem.java
+++ b/core/src/main/java/hudson/model/AbstractItem.java
@@ -56,6 +56,7 @@ import jenkins.util.xml.XMLUtils;
 
 import org.apache.tools.ant.taskdefs.Copy;
 import org.apache.tools.ant.types.FileSet;
+import org.kohsuke.stapler.HttpResponses;
 import org.kohsuke.stapler.StaplerProxy;
 import org.kohsuke.stapler.WebMethod;
 import org.kohsuke.stapler.export.Exported;
@@ -91,6 +92,8 @@ import javax.xml.transform.stream.StreamSource;
 import static hudson.model.queue.Executables.getParentOf;
 import hudson.model.queue.SubTask;
 import static javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST;
+import static javax.servlet.http.HttpServletResponse.SC_NOT_FOUND;
+
 import org.apache.commons.io.FileUtils;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
@@ -841,6 +844,14 @@ public abstract class AbstractItem extends Actionable implements Item, HttpDelet
     @Restricted(NoExternalUse.class)
     public Object getTarget() {
         if (!SKIP_PERMISSION_CHECK) {
+            if (!getACL().hasPermission(Item.DISCOVER)) {
+                // work around Stapler bug when returning null from getTarget()
+                try {
+                    Stapler.getCurrentResponse().sendError(SC_NOT_FOUND); // send same response body Stapler would send
+                } catch (IOException ex) {
+                    throw HttpResponses.notFound();
+                }
+            }
             getACL().checkPermission(Item.READ);
         }
         return this;
diff --git a/core/src/main/java/hudson/model/Run.java b/core/src/main/java/hudson/model/Run.java
index 84a31086a9..2fb4b7e5f5 100644
--- a/core/src/main/java/hudson/model/Run.java
+++ b/core/src/main/java/hudson/model/Run.java
@@ -93,6 +93,8 @@ import java.util.Map;
 import java.util.Set;
 import java.util.logging.Level;
 import static java.util.logging.Level.*;
+import static javax.servlet.http.HttpServletResponse.SC_NOT_FOUND;
+
 import java.util.logging.Logger;
 import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
@@ -120,8 +122,10 @@ import org.apache.commons.lang.ArrayUtils;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 import org.kohsuke.stapler.HttpResponse;
+import org.kohsuke.stapler.HttpResponses;
 import org.kohsuke.stapler.QueryParameter;
 import org.kohsuke.stapler.Stapler;
+import org.kohsuke.stapler.StaplerProxy;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.StaplerResponse;
 import org.kohsuke.stapler.export.Exported;
@@ -141,7 +145,7 @@ import org.kohsuke.stapler.interceptor.RequirePOST;
  */
 @ExportedBean
 public abstract class Run <JobT extends Job<JobT,RunT>,RunT extends Run<JobT,RunT>>
-        extends Actionable implements ExtensionPoint, Comparable<RunT>, AccessControlled, PersistenceRoot, DescriptorByNameOwner, OnMaster {
+        extends Actionable implements ExtensionPoint, Comparable<RunT>, AccessControlled, PersistenceRoot, DescriptorByNameOwner, OnMaster, StaplerProxy {
 
     /**
      * The original {@link Queue.Item#getId()} has not yet been mapped onto the {@link Run} instance.
@@ -2480,6 +2484,31 @@ public abstract class Run <JobT extends Job<JobT,RunT>,RunT extends Run<JobT,Run
         return returnedResult;
     }
 
+    @Override
+    @Restricted(NoExternalUse.class)
+    public Object getTarget() {
+        if (!SKIP_PERMISSION_CHECK) {
+            // This is a bit weird, but while the Run's PermissionScope does not have READ, delegate to the parent
+            if (!getParent().hasPermission(Item.DISCOVER)) {
+                // work around Stapler bug when returning null from getTarget()
+                try {
+                    Stapler.getCurrentResponse().sendError(SC_NOT_FOUND); // send same response body Stapler would send
+                } catch (IOException ex) {
+                    throw HttpResponses.notFound();
+                }
+            }
+            getParent().checkPermission(Item.READ);
+        }
+        return this;
+    }
+
+    /**
+     * Escape hatch for StaplerProxy-based access control
+     */
+    @Restricted(NoExternalUse.class)
+    public static /* Script Console modifiable */ boolean SKIP_PERMISSION_CHECK = Boolean.getBoolean(Run.class.getName() + ".skipPermissionCheck");
+
+
     public static class RedirectUp {
         public void doDynamic(StaplerResponse rsp) throws IOException {
             // Compromise to handle both browsers (auto-redirect) and programmatic access
diff --git a/core/src/main/java/hudson/model/User.java b/core/src/main/java/hudson/model/User.java
index a1e48bbd28..1970545bf9 100644
--- a/core/src/main/java/hudson/model/User.java
+++ b/core/src/main/java/hudson/model/User.java
@@ -97,6 +97,8 @@ import org.apache.commons.lang.StringUtils;
 import org.jenkinsci.Symbol;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
+import org.kohsuke.stapler.HttpResponses;
+import org.kohsuke.stapler.Stapler;
 import org.kohsuke.stapler.StaplerProxy;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.StaplerResponse;
@@ -105,6 +107,8 @@ import org.kohsuke.stapler.export.ExportedBean;
 import org.kohsuke.stapler.interceptor.RequirePOST;
 import org.springframework.dao.DataAccessException;
 
+import static javax.servlet.http.HttpServletResponse.SC_NOT_FOUND;
+
 /**
  * Represents a user.
  *
@@ -1065,7 +1069,14 @@ public class User extends AbstractModelObject implements AccessControlled, Descr
     @Restricted(NoExternalUse.class)
     public Object getTarget() {
         if (!SKIP_PERMISSION_CHECK) {
-            Jenkins.getInstance().checkPermission(Jenkins.READ);
+            if (!Jenkins.getInstance().hasPermission(Jenkins.READ)) {
+                // work around Stapler bug when returning null from getTarget()
+                try {
+                    Stapler.getCurrentResponse().sendError(SC_NOT_FOUND); // send same response body Stapler would send
+                } catch (IOException ex) {
+                    throw HttpResponses.notFound();
+                }
+            }
         }
         return this;
     }
diff --git a/test/src/test/java/hudson/AbstractItemSecurity1114Test.java b/test/src/test/java/hudson/AbstractItemSecurity1114Test.java
new file mode 100644
index 0000000000..c6d0e2199e
--- /dev/null
+++ b/test/src/test/java/hudson/AbstractItemSecurity1114Test.java
@@ -0,0 +1,97 @@
+package hudson;
+
+import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
+import hudson.model.AbstractItem;
+import hudson.model.Item;
+import hudson.model.RootAction;
+import hudson.security.ACL;
+import hudson.security.ACLContext;
+import jenkins.model.Jenkins;
+import org.junit.Assert;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.For;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.MockAuthorizationStrategy;
+import org.jvnet.hudson.test.TestExtension;
+
+import javax.annotation.CheckForNull;
+
+public class AbstractItemSecurity1114Test {
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+
+    @Test
+    @Issue("SECURITY-1114")
+    @For(AbstractItem.class)
+    public void testAccess() throws Exception {
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        MockAuthorizationStrategy authorizationStrategy = new MockAuthorizationStrategy();
+        authorizationStrategy.grant(Jenkins.READ).onRoot().toEveryone();
+        authorizationStrategy.grant(Item.DISCOVER).everywhere().to("alice");
+        authorizationStrategy.grant(Item.READ).everywhere().to("bob");
+        j.jenkins.setAuthorizationStrategy(authorizationStrategy);
+
+        j.createFreeStyleProject("myproject");
+
+        // alice can discover project
+        JenkinsRule.WebClient wc = j.createWebClient().login("alice");
+        try {
+            wc.goTo("bypass/myproject");
+            Assert.fail("expected exception");
+        } catch (FailingHttpStatusCodeException e) {
+            Assert.assertEquals("alice can discover", 403, e.getStatusCode());
+        }
+
+        // bob can read project
+        wc = j.createWebClient().login("bob");
+        wc.goTo("bypass/myproject"); // success
+
+
+        // carol has no permissions
+        wc = j.createWebClient().login("carol");
+        try {
+            wc.goTo("bypass/nonexisting");
+            Assert.fail("expected exception");
+        } catch (FailingHttpStatusCodeException e) {
+            Assert.assertEquals("carol gets 404 for nonexisting project", 404, e.getStatusCode());
+        }
+        try {
+            wc.goTo("bypass/myproject");
+            Assert.fail("expected exception");
+        } catch (FailingHttpStatusCodeException e) {
+            Assert.assertEquals("carol gets 404 for invisible project", 404, e.getStatusCode());
+        }
+
+    }
+
+    @TestExtension
+    public static class BypassAccess implements RootAction {
+        public Item getDynamic(String name) {
+            Item item;
+            try (ACLContext ctx = ACL.as(ACL.SYSTEM)) {
+                 item = Jenkins.getInstance().getItemByFullName(name);
+            }
+            return item;
+        }
+
+        @CheckForNull
+        @Override
+        public String getIconFileName() {
+            return null;
+        }
+
+        @CheckForNull
+        @Override
+        public String getDisplayName() {
+            return null;
+        }
+
+        @CheckForNull
+        @Override
+        public String getUrlName() {
+            return "bypass";
+        }
+    }
+}
-- 
GitLab


From cd6da47b333c34f14b5c18bb41e24aeb0524c6f4 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Thu, 27 Sep 2018 15:54:16 +0200
Subject: [PATCH 759/863] [SECURITY-896] Rewrite test for master

---
 .../BasicHeaderApiTokenAuthenticatorTest.java | 201 ++++++++++++++++++
 1 file changed, 201 insertions(+)
 create mode 100644 test/src/test/java/jenkins/security/BasicHeaderApiTokenAuthenticatorTest.java

diff --git a/test/src/test/java/jenkins/security/BasicHeaderApiTokenAuthenticatorTest.java b/test/src/test/java/jenkins/security/BasicHeaderApiTokenAuthenticatorTest.java
new file mode 100644
index 0000000000..e61b7f297c
--- /dev/null
+++ b/test/src/test/java/jenkins/security/BasicHeaderApiTokenAuthenticatorTest.java
@@ -0,0 +1,201 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.security;
+
+import com.gargoylesoftware.htmlunit.WebRequest;
+import com.gargoylesoftware.htmlunit.html.HtmlPage;
+import com.gargoylesoftware.htmlunit.html.HtmlTextInput;
+import com.gargoylesoftware.htmlunit.xml.XmlPage;
+import hudson.ExtensionComponent;
+import hudson.model.User;
+import jenkins.ExtensionFilter;
+import jenkins.model.GlobalConfiguration;
+import jenkins.model.Jenkins;
+import jenkins.security.apitoken.ApiTokenPropertyConfiguration;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runners.model.Statement;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.MockAuthorizationStrategy;
+import org.jvnet.hudson.test.RestartableJenkinsRule;
+import org.jvnet.hudson.test.TestExtension;
+
+import java.net.URL;
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+import java.util.concurrent.atomic.AtomicReference;
+
+import static org.hamcrest.Matchers.equalTo;
+import static org.hamcrest.Matchers.is;
+import static org.hamcrest.xml.HasXPath.hasXPath;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertThat;
+
+public class BasicHeaderApiTokenAuthenticatorTest {
+    @Rule
+    public RestartableJenkinsRule rr = new RestartableJenkinsRule();
+    
+    @Test
+    @Issue("SECURITY-896")
+    public void legacyToken_regularCase() {
+        AtomicReference<String> token = new AtomicReference<>();
+        rr.addStep(new Statement() {
+            @Override
+            public void evaluate() throws Throwable {
+                enableLegacyTokenGenerationOnUserCreation();
+                configureSecurity();
+                
+                {
+                    JenkinsRule.WebClient wc = rr.j.createWebClient();
+                    // default SecurityListener will save the user when adding the LastGrantedAuthoritiesProperty
+                    // and so the user is persisted
+                    wc.login("user1");
+                    HtmlPage page = wc.goTo("user/user1/configure");
+                    String tokenValue = ((HtmlTextInput) page.getDocumentElement().querySelector("#apiToken")).getText();
+                    token.set(tokenValue);
+                }
+            }
+        });
+        rr.addStep(new Statement() {
+            @Override
+            public void evaluate() throws Throwable {
+                User user = User.getById("user1", false);
+                assertNotNull(user);
+                
+                JenkinsRule.WebClient wc = rr.j.createWebClient();
+                wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+                
+                { // for invalid token, no effect
+                    WebRequest request = new WebRequest(new URL(rr.j.jenkins.getRootUrl() + "whoAmI/api/xml"));
+                    request.setAdditionalHeader("Authorization", base64("user1", "invalid-token"));
+                    assertThat(wc.getPage(request).getWebResponse().getStatusCode(), equalTo(401));
+                }
+                { // for invalid user, no effect
+                    WebRequest request = new WebRequest(new URL(rr.j.jenkins.getRootUrl() + "whoAmI/api/xml"));
+                    request.setAdditionalHeader("Authorization", base64("user-not-valid", token.get()));
+                    assertThat(wc.getPage(request).getWebResponse().getStatusCode(), equalTo(401));
+                }
+    
+                assertNull(User.getById("user-not-valid", false));
+                
+                { // valid user with valid token, ok
+                    WebRequest request = new WebRequest(new URL(rr.j.jenkins.getRootUrl() + "whoAmI/api/xml"));
+                    request.setAdditionalHeader("Authorization", base64("user1", token.get()));
+                    XmlPage xmlPage = wc.getPage(request);
+                    assertThat(xmlPage, hasXPath("//name", is("user1")));
+                }
+            }
+        });
+    }
+    
+    /*
+     * The user is not saved after login without the default SecurityListener#fireAuthenticated
+     */
+    @Test
+    @Issue("SECURITY-896")
+    public void legacyToken_withoutLastGrantedAuthorities() {
+        AtomicReference<String> token = new AtomicReference<>();
+        rr.addStep(new Statement() {
+            @Override
+            public void evaluate() throws Throwable {
+                enableLegacyTokenGenerationOnUserCreation();
+                configureSecurity();
+                
+                {
+                    JenkinsRule.WebClient wc = rr.j.createWebClient();
+                    wc.login("user1");
+                    HtmlPage page = wc.goTo("user/user1/configure");
+                    String tokenValue = ((HtmlTextInput) page.getDocumentElement().querySelector("#apiToken")).getText();
+                    token.set(tokenValue);
+                }
+            }
+        });
+        rr.addStep(new Statement() {
+            @Override
+            public void evaluate() throws Throwable {
+                User user = User.getById("user1", false);
+                assertNull(user);
+                
+                JenkinsRule.WebClient wc = rr.j.createWebClient();
+                wc.getOptions().setThrowExceptionOnFailingStatusCode(false);
+                
+                { // for invalid token, no effect
+                    WebRequest request = new WebRequest(new URL(rr.j.jenkins.getRootUrl() + "whoAmI/api/xml"));
+                    request.setAdditionalHeader("Authorization", base64("user1", "invalid-token"));
+                    assertThat(wc.getPage(request).getWebResponse().getStatusCode(), equalTo(401));
+                }
+                { // for invalid user, no effect
+                    WebRequest request = new WebRequest(new URL(rr.j.jenkins.getRootUrl() + "whoAmI/api/xml"));
+                    request.setAdditionalHeader("Authorization", base64("user-not-valid", token.get()));
+                    assertThat(wc.getPage(request).getWebResponse().getStatusCode(), equalTo(401));
+                }
+    
+                assertNull(User.getById("user1", false));
+                assertNull(User.getById("user-not-valid", false));
+                
+                { // valid user with valid token, ok
+                    WebRequest request = new WebRequest(new URL(rr.j.jenkins.getRootUrl() + "whoAmI/api/xml"));
+                    request.setAdditionalHeader("Authorization", base64("user1", token.get()));
+                    XmlPage xmlPage = wc.getPage(request);
+                    assertThat(xmlPage, hasXPath("//name", is("user1")));
+                }
+            }
+        });
+        rr.addStep(new Statement() {
+            @Override
+            public void evaluate() throws Throwable {
+                User user = User.getById("user1", false);
+                assertNull(user);
+            }
+        });
+    }
+    
+    @TestExtension("legacyToken_withoutLastGrantedAuthorities")
+    public static class RemoveDefaultSecurityListener extends ExtensionFilter {
+        @Override
+        public <T> boolean allows(Class<T> type, ExtensionComponent<T> component) {
+            return !SecurityListener.class.isAssignableFrom(type);
+        }
+    }
+    
+    private void enableLegacyTokenGenerationOnUserCreation() throws Exception {
+        ApiTokenPropertyConfiguration apiTokenConfiguration = GlobalConfiguration.all().getInstance(ApiTokenPropertyConfiguration.class);
+        // by default it's false
+        apiTokenConfiguration.setTokenGenerationOnCreationEnabled(true);
+    }
+    
+    private void configureSecurity() throws Exception {
+        rr.j.jenkins.setSecurityRealm(rr.j.createDummySecurityRealm());
+        rr.j.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy()
+                .grant(Jenkins.ADMINISTER).everywhere().toEveryone());
+        
+        rr.j.jenkins.save();
+    }
+    
+    private String base64(String login, String password) {
+        return "Basic " + Base64.getEncoder().encodeToString((login + ":" + password).getBytes(StandardCharsets.UTF_8));
+    }
+}
-- 
GitLab


From 135fe9bd995d6f79a4cd551247138608c8fb5dec Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Thu, 27 Sep 2018 17:32:27 +0200
Subject: [PATCH 760/863] [SECURITY-765] Better test

---
 .../RedactSecretJsonInErrorMessageSanitizerHtmlTest.java  | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/test/src/test/java/jenkins/security/RedactSecretJsonInErrorMessageSanitizerHtmlTest.java b/test/src/test/java/jenkins/security/RedactSecretJsonInErrorMessageSanitizerHtmlTest.java
index 3a09f1aa80..1f6edd3945 100644
--- a/test/src/test/java/jenkins/security/RedactSecretJsonInErrorMessageSanitizerHtmlTest.java
+++ b/test/src/test/java/jenkins/security/RedactSecretJsonInErrorMessageSanitizerHtmlTest.java
@@ -147,7 +147,7 @@ public class RedactSecretJsonInErrorMessageSanitizerHtmlTest {
     @Test
     @Issue("SECURITY-765")
     public void checkSanitizationIsApplied_inDescriptor() throws Exception {
-        logging.record("/jenkins", Level.ALL).capture(1);
+        logging.record("", Level.WARNING).capture(100);
         
         j.jenkins.setCrumbIssuer(null);
         
@@ -165,7 +165,7 @@ public class RedactSecretJsonInErrorMessageSanitizerHtmlTest {
         ));
         
         // check the system log also
-        Throwable thrown = logging.getRecords().get(0).getThrown();
+        Throwable thrown = logging.getRecords().stream().filter(r -> r.getMessage().contains("Error while serving")).findAny().get().getThrown();
         // the exception from Descriptor
         assertThat(thrown.getCause().getMessage(), allOf(
                 containsString(RedactSecretJsonInErrorMessageSanitizer.REDACT_VALUE),
@@ -190,7 +190,7 @@ public class RedactSecretJsonInErrorMessageSanitizerHtmlTest {
     @Test
     @Issue("SECURITY-765")
     public void checkSanitizationIsApplied_inStapler() throws Exception {
-        logging.record("/jenkins", Level.ALL).capture(1);
+        logging.record("", Level.WARNING).capture(100);
         
         j.jenkins.setCrumbIssuer(null);
         
@@ -208,7 +208,7 @@ public class RedactSecretJsonInErrorMessageSanitizerHtmlTest {
         ));
         
         // check the system log also
-        Throwable thrown = logging.getRecords().get(0).getThrown();
+        Throwable thrown = logging.getRecords().stream().filter(r -> r.getMessage().contains("Error while serving")).findAny().get().getThrown();
         // the exception from RequestImpl
         assertThat(thrown.getCause().getMessage(), allOf(
                 containsString(RedactSecretJsonInErrorMessageSanitizer.REDACT_VALUE),
-- 
GitLab


From 45c837daa920e85f84f288a7337016a853054add Mon Sep 17 00:00:00 2001
From: Jeff Pearce <jxpearce@godaddy.com>
Date: Thu, 27 Sep 2018 09:47:40 -0700
Subject: [PATCH 761/863] [JENKINS-53721] - Add getter/setter to EnvVars so the
 envinject plugin can set Platform safely (#3639)

[JENKINS-53721] - Add getter/setter to EnvVars so the envinject plugin can set Platform safely
---
 core/src/main/java/hudson/EnvVars.java | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/EnvVars.java b/core/src/main/java/hudson/EnvVars.java
index a4d581802e..cd553f3aba 100644
--- a/core/src/main/java/hudson/EnvVars.java
+++ b/core/src/main/java/hudson/EnvVars.java
@@ -44,6 +44,7 @@ import java.util.TreeSet;
 import java.util.UUID;
 import java.util.logging.Logger;
 import javax.annotation.Nonnull;
+import javax.annotation.CheckForNull;
 
 /**
  * Environment variables.
@@ -84,7 +85,24 @@ public class EnvVars extends TreeMap<String,String> {
      * So this property remembers that information.
      */
     private Platform platform;
+    
+    /**
+     * Gets the platform for which these env vars targeted.
+     * @since TODO
+     * @return The platform.
+     */
+    public @CheckForNull Platform getPlatform() {
+        return platform;
+    }
 
+    /**
+     * Sets the platform for which these env vars target.
+     * @since TODO
+     * @param platform the platform to set.
+     */
+    public void setPlatform(@Nonnull Platform platform) {
+        this.platform = platform;
+    }
     public EnvVars() {
         super(CaseInsensitiveComparator.INSTANCE);
     }
@@ -425,7 +443,7 @@ public class EnvVars extends TreeMap<String,String> {
      *
      * <p>
      * If you access this field from agents, then this is the environment
-     * variable of the agent agent.
+     * variable of the agent.
      */
     public static final Map<String,String> masterEnvVars = initMaster();
 
-- 
GitLab


From 3caef8ec3278f0554f23098beaf25be6adf19679 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Thu, 27 Sep 2018 20:12:15 +0200
Subject: [PATCH 762/863] [JENKINS-46523] - Make UnixReflection class
 compatible with Java 11, remove pre-Java 8 reflection (#3650)

* [JENKINS-46523] - Make UnixReflection class compatble with Java 9+, remover pre-Java-8 code

Ideally this logic should be replaced by Multi-Release JAR

* [JENKINS-46523] - FindBugs annotations complicate the code here

* [JENKINS-53799 ] - Explicitly reference the JIRA ticket in the error message
---
 .../main/java/hudson/util/ProcessTree.java    | 100 +++++++++++-------
 1 file changed, 64 insertions(+), 36 deletions(-)

diff --git a/core/src/main/java/hudson/util/ProcessTree.java b/core/src/main/java/hudson/util/ProcessTree.java
index 0aa51c4699..574fdf55b4 100644
--- a/core/src/main/java/hudson/util/ProcessTree.java
+++ b/core/src/main/java/hudson/util/ProcessTree.java
@@ -56,6 +56,7 @@ import java.util.List;
 import java.util.Locale;
 import java.util.Map;
 import java.util.Map.Entry;
+import java.util.Optional;
 import java.util.SortedMap;
 import java.util.logging.Level;
 import java.util.logging.Logger;
@@ -64,7 +65,6 @@ import javax.annotation.CheckForNull;
 import static com.sun.jna.Pointer.NULL;
 import jenkins.util.SystemProperties;
 import static hudson.util.jna.GNUCLibrary.LIBC;
-import static java.util.logging.Level.FINE;
 import static java.util.logging.Level.FINER;
 import static java.util.logging.Level.FINEST;
 import javax.annotation.Nonnull;
@@ -684,13 +684,7 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
         
         @Override
         public OSProcess get(Process proc) {
-            try {
-                return get((Integer) UnixReflection.PID_FIELD.get(proc));
-            } catch (IllegalAccessException e) { // impossible
-                IllegalAccessError x = new IllegalAccessError();
-                x.initCause(e);
-                throw x;
-            }
+            return get(UnixReflection.pid(proc));
         }
 
         public void killAll(Map<String, String> modelEnvVars) throws InterruptedException {
@@ -818,60 +812,94 @@ public abstract class ProcessTree implements Iterable<OSProcess>, IProcessTree,
         public abstract List<String> getArguments();
     }
 
+    //TODO: can be replaced by multi-release JAR
     /**
      * Reflection used in the Unix support.
      */
     private static final class UnixReflection {
         /**
          * Field to access the PID of the process.
+         * Required for Java 8 and older JVMs.
          */
-        private static final Field PID_FIELD;
+        private static final Field JAVA8_PID_FIELD;
+
+        /**
+         * Field to access the PID of the process.
+         * Required for Java 9 and above until this is replaced by multi-release JAR.
+         */
+        private static final Method JAVA9_PID_METHOD;
 
         /**
          * Method to destroy a process, given pid.
          *
          * Looking at the JavaSE source code, this is using SIGTERM (15)
          */
-        private static final Method DESTROY_PROCESS;
+        private static final Method JAVA8_DESTROY_PROCESS;
+        private static final Method JAVA_9_PROCESSHANDLE_OF;
+        private static final Method JAVA_9_PROCESSHANDLE_DESTROY;
 
         static {
             try {
-                Class<?> clazz = Class.forName("java.lang.UNIXProcess");
-                PID_FIELD = clazz.getDeclaredField("pid");
-                PID_FIELD.setAccessible(true);
-
-                if (isPreJava8()) {
-                    DESTROY_PROCESS = clazz.getDeclaredMethod("destroyProcess",int.class);
+                if (isPostJava8()) { // Java 9+
+                    Class<?> clazz = Process.class;
+                    JAVA9_PID_METHOD = clazz.getMethod("pid");
+                    JAVA8_PID_FIELD = null;
+                    Class<?> processHandleClazz = Class.forName("java.lang.ProcessHandle");
+                    JAVA_9_PROCESSHANDLE_OF = processHandleClazz.getMethod("of", long.class);
+                    JAVA_9_PROCESSHANDLE_DESTROY = processHandleClazz.getMethod("destroy");
+                    JAVA8_DESTROY_PROCESS = null;
                 } else {
-                    DESTROY_PROCESS = clazz.getDeclaredMethod("destroyProcess",int.class, boolean.class);
+                    Class<?> clazz = Class.forName("java.lang.UNIXProcess");
+                    JAVA8_PID_FIELD = clazz.getDeclaredField("pid");
+                    JAVA8_PID_FIELD.setAccessible(true);
+                    JAVA9_PID_METHOD = null;
+
+                    JAVA8_DESTROY_PROCESS = clazz.getDeclaredMethod("destroyProcess", int.class, boolean.class);
+                    JAVA8_DESTROY_PROCESS.setAccessible(true);
+                    JAVA_9_PROCESSHANDLE_OF = null;
+                    JAVA_9_PROCESSHANDLE_DESTROY = null;
                 }
-                DESTROY_PROCESS.setAccessible(true);
-            } catch (ClassNotFoundException e) {
-                LinkageError x = new LinkageError();
-                x.initCause(e);
-                throw x;
-            } catch (NoSuchFieldException e) {
-                LinkageError x = new LinkageError();
-                x.initCause(e);
-                throw x;
-            } catch (NoSuchMethodException e) {
-                LinkageError x = new LinkageError();
-                x.initCause(e);
+            } catch (ClassNotFoundException | NoSuchFieldException | NoSuchMethodException e) {
+                LinkageError x = new LinkageError("Cannot initialize reflection for Unix Processes", e);
                 throw x;
             }
         }
 
-        public static void destroy(int pid) throws IllegalAccessException, InvocationTargetException {
-            if (isPreJava8()) {
-                DESTROY_PROCESS.invoke(null, pid);
+        public static void destroy(int pid) throws IllegalAccessException,
+                InvocationTargetException {
+            if (JAVA8_DESTROY_PROCESS != null) {
+                JAVA8_DESTROY_PROCESS.invoke(null, pid, false);
             } else {
-                DESTROY_PROCESS.invoke(null, pid, false);
+                final Optional handle = (Optional)JAVA_9_PROCESSHANDLE_OF.invoke(null, pid);
+                if (handle.isPresent()) {
+                    JAVA_9_PROCESSHANDLE_DESTROY.invoke(handle.get());
+                }
+            }
+        }
+
+        //TODO: We ideally need to update ProcessTree APIs to Support Long (JENKINS-53799).
+        public static int pid(@Nonnull Process proc) {
+            try {
+                if (JAVA8_PID_FIELD != null) {
+                    return JAVA8_PID_FIELD.getInt(proc);
+                } else {
+                    long pid = (long)JAVA9_PID_METHOD.invoke(proc);
+                    if (pid > Integer.MAX_VALUE) {
+                        throw new IllegalAccessError("Java 9+ support error (JENKINS-53799). PID is out of Jenkins API bounds: " + pid);
+                    }
+                    return (int)pid;
+                }
+            } catch (IllegalAccessException | InvocationTargetException e) { // impossible
+                IllegalAccessError x = new IllegalAccessError();
+                x.initCause(e);
+                throw x;
             }
         }
 
-        private static boolean isPreJava8() {
-            int javaVersionAsAnInteger = Integer.parseInt(System.getProperty("java.version").replaceAll("\\.", "").replaceAll("_", "").substring(0, 2));
-            return javaVersionAsAnInteger < 18;
+        // Java 9 uses new version format
+        private static boolean isPostJava8() {
+            String javaVersion = System.getProperty("java.version");
+            return !javaVersion.startsWith("1.");
         }
     }
 
-- 
GitLab


From 1f31f421770847787f7928f52bc83cf825bba373 Mon Sep 17 00:00:00 2001
From: Steve Arch <sarch@cloudbees.com>
Date: Thu, 27 Sep 2018 19:15:48 +0100
Subject: [PATCH 763/863] [JENKINS-53353] - Do not cache results of
 View.getActions() (#3608)

* JENKINS-53353 Do not cache results of View.getActions()

Plugins that may affect the view, eg via TransientViewActionFactory
that get installed _after_ a `view` has been initally viewed
will not be able to add anything to the view if the results
of getActions() are cached.

* JENKINS-53353 Removed unnecessary synchronization

* JENKINS-53353 Whitespace

* JENKINS-53353 Restored (and deprecated) updateTransientActions

to maintain backwards compatibility.
---
 core/src/main/java/hudson/model/View.java | 31 ++++++++++-------------
 1 file changed, 13 insertions(+), 18 deletions(-)

diff --git a/core/src/main/java/hudson/model/View.java b/core/src/main/java/hudson/model/View.java
index de1dc343e8..fcab16b90b 100644
--- a/core/src/main/java/hudson/model/View.java
+++ b/core/src/main/java/hudson/model/View.java
@@ -116,7 +116,6 @@ import java.util.logging.Logger;
 import java.util.stream.Collectors;
 
 import static javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST;
-import static jenkins.scm.RunWithSCM.*;
 
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
@@ -172,8 +171,6 @@ public abstract class View extends AbstractModelObject implements AccessControll
      */
     protected boolean filterQueue;
     
-    protected transient List<Action> transientActions;
-
     /**
      * List of {@link ViewProperty}s configured for this view.
      * @since 1.406
@@ -550,21 +547,20 @@ public abstract class View extends AbstractModelObject implements AccessControll
      * @see Jenkins#getActions()
      */
     public List<Action> getActions() {
-    	List<Action> result = new ArrayList<Action>();
-    	result.addAll(getOwner().getViewActions());
-    	synchronized (this) {
-    		if (transientActions == null) {
-                updateTransientActions();
-    		}
-    		result.addAll(transientActions);
-    	}
-    	return result;
-    }
-    
-    public synchronized void updateTransientActions() {
-        transientActions = TransientViewActionFactory.createAllFor(this); 
+        List<Action> result = new ArrayList<>();
+        result.addAll(getOwner().getViewActions());
+        result.addAll(TransientViewActionFactory.createAllFor(this));
+        return result;
     }
-    
+
+    /**
+     * No-op. Included to maintain backwards compatibility.
+     * @deprecated This method does nothing and should not be used
+     */
+    @Restricted(DoNotUse.class)
+    @Deprecated
+    public void updateTransientActions() {}
+
     public Object getDynamic(String token) {
         for (Action a : getActions()) {
             String url = a.getUrlName();
@@ -994,7 +990,6 @@ public abstract class View extends AbstractModelObject implements AccessControll
         rename(req.getParameter("name"));
 
         getProperties().rebuild(req, req.getSubmittedForm(), getApplicablePropertyDescriptors());
-        updateTransientActions();  
 
         save();
 
-- 
GitLab


From c63087f050796a18432470dbe96c75f6d0933da4 Mon Sep 17 00:00:00 2001
From: Wadeck Follonier <wadeck.follonier@gmail.com>
Date: Thu, 27 Sep 2018 23:32:23 +0200
Subject: [PATCH 764/863] [SECURITY-1162] Remove redundant token check

---
 .../BasicHeaderApiTokenAuthenticator.java     | 33 +++++++++----------
 1 file changed, 15 insertions(+), 18 deletions(-)

diff --git a/core/src/main/java/jenkins/security/BasicHeaderApiTokenAuthenticator.java b/core/src/main/java/jenkins/security/BasicHeaderApiTokenAuthenticator.java
index f8a804c9e3..2b0fb730ba 100644
--- a/core/src/main/java/jenkins/security/BasicHeaderApiTokenAuthenticator.java
+++ b/core/src/main/java/jenkins/security/BasicHeaderApiTokenAuthenticator.java
@@ -30,26 +30,23 @@ public class BasicHeaderApiTokenAuthenticator extends BasicHeaderAuthenticator {
     public Authentication authenticate(HttpServletRequest req, HttpServletResponse rsp, String username, String password) throws ServletException {
         User u = BasicApiTokenHelper.isConnectingUsingApiToken(username, password);
         if(u != null) {
-            ApiTokenProperty t = u.getProperty(ApiTokenProperty.class);
-            if (t != null && t.matchesPassword(password)) {
-                Authentication auth;
-                try {
-                    UserDetails userDetails = u.getUserDetailsForImpersonation();
-                    auth = u.impersonate(userDetails);
+            Authentication auth;
+            try {
+                UserDetails userDetails = u.getUserDetailsForImpersonation();
+                auth = u.impersonate(userDetails);
 
-                    SecurityListener.fireAuthenticated(userDetails);
-                } catch (UsernameNotFoundException x) {
-                    // The token was valid, but the impersonation failed. This token is clearly not his real password,
-                    // so there's no point in continuing the request processing. Report this error and abort.
-                    LOGGER.log(WARNING, "API token matched for user " + username + " but the impersonation failed", x);
-                    throw new ServletException(x);
-                } catch (DataAccessException x) {
-                    throw new ServletException(x);
-                }
-
-                req.setAttribute(BasicHeaderApiTokenAuthenticator.class.getName(), true);
-                return auth;
+                SecurityListener.fireAuthenticated(userDetails);
+            } catch (UsernameNotFoundException x) {
+                // The token was valid, but the impersonation failed. This token is clearly not his real password,
+                // so there's no point in continuing the request processing. Report this error and abort.
+                LOGGER.log(WARNING, "API token matched for user " + username + " but the impersonation failed", x);
+                throw new ServletException(x);
+            } catch (DataAccessException x) {
+                throw new ServletException(x);
             }
+
+            req.setAttribute(BasicHeaderApiTokenAuthenticator.class.getName(), true);
+            return auth;
         }
         return null;
     }
-- 
GitLab


From eed7f5ee06b2014faa15f35daeacb7c1c17b41d6 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 28 Sep 2018 09:45:12 +0200
Subject: [PATCH 765/863] Remove SECURITY-218 class import from
 TcpSlaveAgentListener test.

YAGNI.
---
 test/src/test/java/hudson/TcpSlaveAgentListenerTest.java | 1 -
 1 file changed, 1 deletion(-)

diff --git a/test/src/test/java/hudson/TcpSlaveAgentListenerTest.java b/test/src/test/java/hudson/TcpSlaveAgentListenerTest.java
index 25bf75d9d4..fe29570086 100644
--- a/test/src/test/java/hudson/TcpSlaveAgentListenerTest.java
+++ b/test/src/test/java/hudson/TcpSlaveAgentListenerTest.java
@@ -20,7 +20,6 @@ import javax.annotation.Nullable;
 
 import jenkins.model.Jenkins;
 import jenkins.model.identity.InstanceIdentityProvider;
-import jenkins.security.security218.ysoserial.ExecBlockingSecurityManager.ExecException;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.JenkinsRule;
-- 
GitLab


From 179d59767958a8d40e15c7eed4db82b9ef7b88db Mon Sep 17 00:00:00 2001
From: Nicolas De Loof <nicolas.deloof@gmail.com>
Date: Fri, 28 Sep 2018 13:59:14 +0200
Subject: [PATCH 766/863] introduce hudson.Util#fixNull(value, defaultValue)

Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
---
 core/src/main/java/hudson/Util.java | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/core/src/main/java/hudson/Util.java b/core/src/main/java/hudson/Util.java
index d3aa18870d..0a13082b4b 100644
--- a/core/src/main/java/hudson/Util.java
+++ b/core/src/main/java/hudson/Util.java
@@ -1195,8 +1195,14 @@ public class Util {
      */
     @Nonnull
     public static String fixNull(@CheckForNull String s) {
-        if(s==null)     return "";
-        else            return s;
+        return fixNull(s, "");
+    }
+
+    /**
+     * Convert null to defaultValue.
+     */
+    public static <T> T fixNull(@CheckForNull T s, T defaultValue) {
+        return s != null ? s : defaultValue;
     }
 
     /**
@@ -1221,22 +1227,22 @@ public class Util {
 
     @Nonnull
     public static <T> List<T> fixNull(@CheckForNull List<T> l) {
-        return l!=null ? l : Collections.<T>emptyList();
+        return fixNull(l, Collections.<T>emptyList());
     }
 
     @Nonnull
     public static <T> Set<T> fixNull(@CheckForNull Set<T> l) {
-        return l!=null ? l : Collections.<T>emptySet();
+        return fixNull(l, Collections.<T>emptySet());
     }
 
     @Nonnull
     public static <T> Collection<T> fixNull(@CheckForNull Collection<T> l) {
-        return l!=null ? l : Collections.<T>emptySet();
+        return fixNull(l, Collections.<T>emptySet());
     }
 
     @Nonnull
     public static <T> Iterable<T> fixNull(@CheckForNull Iterable<T> l) {
-        return l!=null ? l : Collections.<T>emptySet();
+        return fixNull(l, Collections.<T>emptySet());
     }
 
     /**
-- 
GitLab


From 143c1c5d2835554780e0aa9baa3bc517bb121561 Mon Sep 17 00:00:00 2001
From: Jeff Thompson <jeffret.g@gmail.com>
Date: Fri, 28 Sep 2018 10:17:20 -0600
Subject: [PATCH 767/863] Upgrade to latest version of Remoting.

Primarily this eliminates a potential deadlock in managing the ProtocolStack.
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 170c042c5a..1ad533b586 100644
--- a/pom.xml
+++ b/pom.xml
@@ -106,7 +106,7 @@ THE SOFTWARE.
     <maven-war-plugin.version>3.0.0</maven-war-plugin.version> <!-- JENKINS-47127 bump when 3.2.0 is out. Cf. MWAR-407 -->
 
     <!-- Bundled Remoting version -->
-    <remoting.version>3.26</remoting.version>
+    <remoting.version>3.27</remoting.version>
     <!-- Minimum Remoting version, which is tested for API compatibility -->
     <remoting.minimum.supported.version>3.4</remoting.minimum.supported.version>
 
-- 
GitLab


From 2d7b2b6e24b9df04f72d80906bddd941107469d1 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 28 Sep 2018 20:46:29 +0200
Subject: [PATCH 768/863] [JENKINS-51903] - Allow specifying multiple Java
 versions in Jenkinsfile

Backports Jenkinsfile from the java11-support branch
---
 Jenkinsfile | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/Jenkinsfile b/Jenkinsfile
index b3285a5c64..f6eb3e2c0c 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -17,11 +17,14 @@ properties([buildDiscarder(logRotator(numToKeepStr: '50', artifactNumToKeepStr:
 
 // see https://github.com/jenkins-infra/documentation/blob/master/ci.adoc for information on what node types are available
 def buildTypes = ['Linux', 'Windows']
+def jdks = [8]
 
 def builds = [:]
 for(i = 0; i < buildTypes.size(); i++) {
+for(j = 0; j < jdks.size(); j++) {
     def buildType = buildTypes[i]
-    builds[buildType] = {
+    def jdk = jdks[j]
+    builds["${buildType}-jdk${jdk}"] = {
         node(buildType.toLowerCase()) {
             timestamps {
                 // First stage is actually checking out the source. Since we're using Multibranch
@@ -39,10 +42,11 @@ for(i = 0; i < buildTypes.size(); i++) {
                         // See below for what this method does - we're passing an arbitrary environment
                         // variable to it so that JAVA_OPTS and MAVEN_OPTS are set correctly.
                         withMavenEnv(["JAVA_OPTS=-Xmx1536m -Xms512m",
-                                    "MAVEN_OPTS=-Xmx1536m -Xms512m"]) {
+                                    "MAVEN_OPTS=-Xmx1536m -Xms512m"], jdk) {
                             // Actually run Maven!
                             // -Dmaven.repo.local=… tells Maven to create a subdir in the temporary directory for the local Maven repository
                             def mvnCmd = "mvn -Pdebug -U -Dset.changelist help:evaluate -Dexpression=changelist -Doutput=$changelistF clean install ${runTests ? '-Dmaven.test.failure.ignore' : '-DskipTests'} -V -B -Dmaven.repo.local=$m2repo -s settings-azure.xml -e"
+
                             if(isUnix()) {
                                 sh mvnCmd
                                 sh 'test `git status --short | tee /dev/stderr | wc --bytes` -eq 0'
@@ -71,8 +75,9 @@ for(i = 0; i < buildTypes.size(); i++) {
             }
         }
     }
-}
+}}
 
+// TODO: ATH flow now supports Java 8 only, it needs to be reworked (INFRA-1690)
 builds.ath = {
     node("docker&&highmem") {
         // Just to be safe
@@ -82,7 +87,7 @@ builds.ath = {
         dir("sources") {
             checkout scm
             withMavenEnv(["JAVA_OPTS=-Xmx1536m -Xms512m",
-                          "MAVEN_OPTS=-Xmx1536m -Xms512m"]) {
+                          "MAVEN_OPTS=-Xmx1536m -Xms512m"], 8) {
                 sh "mvn --batch-mode --show-version -DskipTests -am -pl war package -Dmaven.repo.local=${pwd tmp: true}/m2repo -s settings-azure.xml"
             }
             dir("war/target") {
@@ -103,13 +108,13 @@ infra.maybePublishIncrementals()
 // This method sets up the Maven and JDK tools, puts them in the environment along
 // with whatever other arbitrary environment variables we passed in, and runs the
 // body we passed in within that environment.
-void withMavenEnv(List envVars = [], def body) {
+void withMavenEnv(List envVars = [], def javaVersion, def body) {
     // The names here are currently hardcoded for my test environment. This needs
     // to be made more flexible.
     // Using the "tool" Workflow call automatically installs those tools on the
     // node.
     String mvntool = tool name: "mvn", type: 'hudson.tasks.Maven$MavenInstallation'
-    String jdktool = tool name: "jdk8", type: 'hudson.model.JDK'
+    String jdktool = tool name: "jdk${javaVersion}", type: 'hudson.model.JDK'
 
     // Set JAVA_HOME, MAVEN_HOME and special PATH variables for the tools we're
     // using.
-- 
GitLab


From 18027c5b0c4ab9f0dc1fe180282742c0144e672a Mon Sep 17 00:00:00 2001
From: Devin Nusbaum <d.w.nusbaum@gmail.com>
Date: Mon, 18 Jun 2018 09:56:08 -0400
Subject: [PATCH 769/863] [JENKINS-46725] - Update jnr-posix to 3.0.45 to
 prevent Illegal Reflective acces warnings

---
 core/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/pom.xml b/core/pom.xml
index 258e26f64f..3452fd0542 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -109,7 +109,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>com.github.jnr</groupId>
       <artifactId>jnr-posix</artifactId>
-      <version>3.0.41</version>
+      <version>3.0.45</version>
     </dependency>
     <dependency>
       <groupId>org.kohsuke</groupId>
-- 
GitLab


From f9cefcb0d4e30e3dd927fd1fa15f7cea83efd2e5 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 28 Sep 2018 21:12:14 +0200
Subject: [PATCH 770/863] [JENKINS-52024] - Update Metainf services from 1.4 to
 1.8 in the master branch

---
 core/pom.xml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/core/pom.xml b/core/pom.xml
index 258e26f64f..4e8ed6d9f7 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -570,8 +570,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>org.kohsuke.metainf-services</groupId>
       <artifactId>metainf-services</artifactId>
-      <version>1.4</version>
-      <scope>provided</scope>
+      <version>1.8</version>
       <optional>true</optional>
     </dependency>
     <dependency>
-- 
GitLab


From ce68c48704bde42e1b31bb1e8e39c117b65d45ae Mon Sep 17 00:00:00 2001
From: Sam Van Oort <samvanoort@gmail.com>
Date: Fri, 22 Jun 2018 11:13:50 -0400
Subject: [PATCH 771/863] [JENKINS-52024] - Hard dependency on
 lib-annotation-indexer to override stale version provided by transitive deps

---
 cli/pom.xml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/cli/pom.xml b/cli/pom.xml
index 69c53a20a4..73b4faab3e 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -33,6 +33,11 @@
         <groupId>org.kohsuke</groupId>
         <artifactId>access-modifier-annotation</artifactId>
     </dependency>
+    <dependency>
+      <groupId>org.jenkins-ci</groupId>
+      <artifactId>annotation-indexer</artifactId>
+      <version>1.12</version>
+    </dependency>
     <dependency>
       <groupId>commons-codec</groupId>
       <artifactId>commons-codec</artifactId>
-- 
GitLab


From 7bc431f09d05c0a6c0da9798fd773a02a7fce277 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Fri, 28 Sep 2018 16:35:38 -0400
Subject: [PATCH 772/863] The context type parameter on ConsoleAnnotatorFactory
 did not work.

---
 .../main/java/hudson/console/AnnotatedLargeText.java |  6 +++---
 .../console/ConsoleAnnotationOutputStream.java       |  9 ++++++---
 .../main/java/hudson/console/ConsoleAnnotator.java   | 12 ++++++++----
 .../java/hudson/console/ConsoleAnnotatorFactory.java |  9 +++++----
 4 files changed, 22 insertions(+), 14 deletions(-)

diff --git a/core/src/main/java/hudson/console/AnnotatedLargeText.java b/core/src/main/java/hudson/console/AnnotatedLargeText.java
index edfab781f2..6acbdeff6e 100644
--- a/core/src/main/java/hudson/console/AnnotatedLargeText.java
+++ b/core/src/main/java/hudson/console/AnnotatedLargeText.java
@@ -113,7 +113,7 @@ public class AnnotatedLargeText<T> extends LargeText {
         rsp.setContentType(isHtml() ? "text/html;charset=UTF-8" : "text/plain;charset=UTF-8");
     }
 
-    private ConsoleAnnotator createAnnotator(StaplerRequest req) throws IOException {
+    private ConsoleAnnotator<T> createAnnotator(StaplerRequest req) throws IOException {
         try {
             String base64 = req!=null ? req.getHeader("X-ConsoleAnnotator") : null;
             if (base64!=null) {
@@ -135,7 +135,7 @@ public class AnnotatedLargeText<T> extends LargeText {
             throw new IOException(e);
         }
         // start from scratch
-        return ConsoleAnnotator.initial(context==null ? null : context.getClass());
+        return ConsoleAnnotator.initial(context);
     }
 
     @Override
@@ -164,7 +164,7 @@ public class AnnotatedLargeText<T> extends LargeText {
     }
 
     public long writeHtmlTo(long start, Writer w) throws IOException {
-        ConsoleAnnotationOutputStream caw = new ConsoleAnnotationOutputStream(
+        ConsoleAnnotationOutputStream<T> caw = new ConsoleAnnotationOutputStream<>(
                 w, createAnnotator(Stapler.getCurrentRequest()), context, charset);
         long r = super.writeLogTo(start,caw);
 
diff --git a/core/src/main/java/hudson/console/ConsoleAnnotationOutputStream.java b/core/src/main/java/hudson/console/ConsoleAnnotationOutputStream.java
index 919e3af011..f3a22c875c 100644
--- a/core/src/main/java/hudson/console/ConsoleAnnotationOutputStream.java
+++ b/core/src/main/java/hudson/console/ConsoleAnnotationOutputStream.java
@@ -72,7 +72,7 @@ public class ConsoleAnnotationOutputStream<T> extends LineTransformationOutputSt
         this.lineOut = new WriterOutputStream(line,charset);
     }
 
-    public ConsoleAnnotator getConsoleAnnotator() {
+    public ConsoleAnnotator<T> getConsoleAnnotator() {
         return ann;
     }
 
@@ -80,6 +80,8 @@ public class ConsoleAnnotationOutputStream<T> extends LineTransformationOutputSt
      * Called after we read the whole line of plain text, which is stored in {@link #buf}.
      * This method performs annotations and send the result to {@link #out}.
      */
+    @SuppressWarnings({"unchecked", "rawtypes"}) // appears to be unsound
+    @Override
     protected void eol(byte[] in, int sz) throws IOException {
         line.reset();
         final StringBuffer strBuf = line.getStringBuffer();
@@ -109,9 +111,10 @@ public class ConsoleAnnotationOutputStream<T> extends LineTransformationOutputSt
                     final ConsoleNote a = ConsoleNote.readFrom(new DataInputStream(b));
                     if (a!=null) {
                         if (annotators==null)
-                            annotators = new ArrayList<ConsoleAnnotator<T>>();
+                            annotators = new ArrayList<>();
                         annotators.add(new ConsoleAnnotator<T>() {
-                            public ConsoleAnnotator annotate(T context, MarkupText text) {
+                            @Override
+                            public ConsoleAnnotator<T> annotate(T context, MarkupText text) {
                                 return a.annotate(context,text,charPos);
                             }
                         });
diff --git a/core/src/main/java/hudson/console/ConsoleAnnotator.java b/core/src/main/java/hudson/console/ConsoleAnnotator.java
index 475badceb6..9701eb302f 100644
--- a/core/src/main/java/hudson/console/ConsoleAnnotator.java
+++ b/core/src/main/java/hudson/console/ConsoleAnnotator.java
@@ -82,22 +82,25 @@ public abstract class ConsoleAnnotator<T> implements Serializable {
      *      To indicate that you are not interested in the following lines, return {@code null}.
      */
     @CheckForNull
-    public abstract ConsoleAnnotator annotate(@Nonnull T context, @Nonnull MarkupText text );
+    public abstract ConsoleAnnotator<T> annotate(@Nonnull T context, @Nonnull MarkupText text );
 
     /**
      * Cast operation that restricts T.
      */
+    @SuppressWarnings("unchecked")
     public static <T> ConsoleAnnotator<T> cast(ConsoleAnnotator<? super T> a) {
         return (ConsoleAnnotator)a;
     }
 
+    @SuppressWarnings({"unchecked", "rawtypes"}) // unclear to jglick what is going on here
     private static final class ConsoleAnnotatorAggregator<T> extends ConsoleAnnotator<T> {
         List<ConsoleAnnotator<T>> list;
 
         ConsoleAnnotatorAggregator(Collection list) {
-            this.list = new ArrayList<ConsoleAnnotator<T>>(list);
+            this.list = new ArrayList<>(list);
         }
 
+        @Override
         public ConsoleAnnotator annotate(T context, MarkupText text) {
             ListIterator<ConsoleAnnotator<T>> itr = list.listIterator();
             while (itr.hasNext()) {
@@ -126,7 +129,7 @@ public abstract class ConsoleAnnotator<T> implements Serializable {
         case 1:     return  cast(all.iterator().next()); // just one
         }
 
-        return new ConsoleAnnotatorAggregator<T>(all);
+        return new ConsoleAnnotatorAggregator<>(all);
     }
 
     /**
@@ -140,8 +143,9 @@ public abstract class ConsoleAnnotator<T> implements Serializable {
     /**
      * List all the console annotators that can work for the specified context type.
      */
+    @SuppressWarnings({"unchecked", "rawtypes"}) // reflective
     public static <T> List<ConsoleAnnotator<T>> _for(T context) {
-        List<ConsoleAnnotator<T>> r  = new ArrayList<ConsoleAnnotator<T>>();
+        List<ConsoleAnnotator<T>> r  = new ArrayList<>();
         for (ConsoleAnnotatorFactory f : ConsoleAnnotatorFactory.all()) {
             if (f.type().isInstance(context)) {
                 ConsoleAnnotator ca = f.newInstance(context);
diff --git a/core/src/main/java/hudson/console/ConsoleAnnotatorFactory.java b/core/src/main/java/hudson/console/ConsoleAnnotatorFactory.java
index f9feac4a95..409ee59c67 100644
--- a/core/src/main/java/hudson/console/ConsoleAnnotatorFactory.java
+++ b/core/src/main/java/hudson/console/ConsoleAnnotatorFactory.java
@@ -80,13 +80,13 @@ public abstract class ConsoleAnnotatorFactory<T> implements ExtensionPoint {
      * @return
      *      null if this factory is not going to participate in the annotation of this console.
      */
-    public abstract ConsoleAnnotator newInstance(T context);
+    public abstract ConsoleAnnotator<T> newInstance(T context);
 
     /**
      * For which context type does this annotator work?
      */
-    public Class type() {
-        Type type = Types.getBaseClass(getClass(), ConsoleAnnotator.class);
+    public Class<?> type() {
+        Type type = Types.getBaseClass(getClass(), ConsoleAnnotatorFactory.class);
         if (type instanceof ParameterizedType)
             return Types.erasure(Types.getTypeArgument(type,0));
         else
@@ -105,7 +105,7 @@ public abstract class ConsoleAnnotatorFactory<T> implements ExtensionPoint {
     }
 
     private URL getResource(String fileName) {
-        Class c = getClass();
+        Class<?> c = getClass();
         return c.getClassLoader().getResource(c.getName().replace('.','/').replace('$','/')+ fileName);
     }
 
@@ -125,6 +125,7 @@ public abstract class ConsoleAnnotatorFactory<T> implements ExtensionPoint {
     /**
      * All the registered instances.
      */
+    @SuppressWarnings("rawtypes")
     public static ExtensionList<ConsoleAnnotatorFactory> all() {
         return ExtensionList.lookup(ConsoleAnnotatorFactory.class);
     }
-- 
GitLab


From 52755f5e55f64fe55f3fdeb6b3b9ee562797052d Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sat, 29 Sep 2018 18:47:28 +0200
Subject: [PATCH 773/863] [JENKINS-52024] - Move annotation indexer to
 dependencyManagement as suggested by @jglick

---
 cli/pom.xml  | 1 -
 core/pom.xml | 1 -
 pom.xml      | 6 ++++++
 3 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 73b4faab3e..e65b174223 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -36,7 +36,6 @@
     <dependency>
       <groupId>org.jenkins-ci</groupId>
       <artifactId>annotation-indexer</artifactId>
-      <version>1.12</version>
     </dependency>
     <dependency>
       <groupId>commons-codec</groupId>
diff --git a/core/pom.xml b/core/pom.xml
index 4e8ed6d9f7..703a5ebe47 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -207,7 +207,6 @@ THE SOFTWARE.
     <dependency>
       <groupId>org.jenkins-ci</groupId>
       <artifactId>annotation-indexer</artifactId>
-      <version>1.12</version>
     </dependency>
     <dependency>
       <groupId>org.jenkins-ci</groupId>
diff --git a/pom.xml b/pom.xml
index 170c042c5a..7378476037 100644
--- a/pom.xml
+++ b/pom.xml
@@ -266,6 +266,12 @@ THE SOFTWARE.
         <artifactId>commons-codec</artifactId>
         <version>1.9</version>
       </dependency>
+
+      <dependency>
+        <groupId>org.jenkins-ci</groupId>
+        <artifactId>annotation-indexer</artifactId>
+        <version>1.12</version>
+      </dependency>
     </dependencies>
   </dependencyManagement>
 
-- 
GitLab


From beadc5946f4415b28cb6d7a3a9cfb8a2782ab316 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sun, 30 Sep 2018 12:37:53 +0200
Subject: [PATCH 774/863] Util#fixNull: Address Javadoc comments and add
 annotations

---
 core/src/main/java/hudson/Util.java | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/hudson/Util.java b/core/src/main/java/hudson/Util.java
index 0a13082b4b..00a88df95e 100644
--- a/core/src/main/java/hudson/Util.java
+++ b/core/src/main/java/hudson/Util.java
@@ -1199,9 +1199,11 @@ public class Util {
     }
 
     /**
-     * Convert null to defaultValue.
+     * Convert {@code null} to a default value.
+     * @since TODO
      */
-    public static <T> T fixNull(@CheckForNull T s, T defaultValue) {
+    @Nonnull
+    public static <T> T fixNull(@CheckForNull T s, @Nonnull T defaultValue) {
         return s != null ? s : defaultValue;
     }
 
-- 
GitLab


From 1a93f90adaa6250da86d3c3e1b4c96376d5f53a0 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 30 Sep 2018 17:35:53 -0700
Subject: [PATCH 775/863] [maven-release-plugin] prepare release jenkins-2.144

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 69c53a20a4..eba6136226 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.144</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 3452fd0542..e61fc9b155 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.144</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 1ad533b586..081b738b82 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.144</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.144</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..500e4100ba 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.144</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index a2a1e2502a..9ea7853ae3 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.144</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 008c4350849bd323f0b4adde03dbe7b5b58ed1e8 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 30 Sep 2018 17:36:06 -0700
Subject: [PATCH 776/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 6 +++---
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index eba6136226..69c53a20a4 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.144</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index e61fc9b155..3452fd0542 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.144</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 081b738b82..5cb9753a13 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.144</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.144</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.144</revision>
+    <revision>2.145</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 500e4100ba..4f9dae71fa 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.144</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 9ea7853ae3..a2a1e2502a 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.144</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 6c5effaa589cdf26ad292ea9b000fdd409430913 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 1 Oct 2018 08:43:22 -0400
Subject: [PATCH 777/863] Trivial follow-ups to JEP-304.

---
 core/src/main/java/jenkins/security/ClassFilterImpl.java | 2 +-
 core/src/main/java/jenkins/telemetry/Telemetry.java      | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/jenkins/security/ClassFilterImpl.java b/core/src/main/java/jenkins/security/ClassFilterImpl.java
index c4b3311e3a..98e2073c01 100644
--- a/core/src/main/java/jenkins/security/ClassFilterImpl.java
+++ b/core/src/main/java/jenkins/security/ClassFilterImpl.java
@@ -336,6 +336,6 @@ public class ClassFilterImpl extends ClassFilter {
         }
         LOGGER.log(Level.WARNING, message, cause);
 
-        // TODO: Integrate with Telemetry API (JEP-304) once it is available in the core
+        // TODO: add a Telemetry implementation (JEP-304)
     }
 }
diff --git a/core/src/main/java/jenkins/telemetry/Telemetry.java b/core/src/main/java/jenkins/telemetry/Telemetry.java
index ec766206ea..a917100058 100644
--- a/core/src/main/java/jenkins/telemetry/Telemetry.java
+++ b/core/src/main/java/jenkins/telemetry/Telemetry.java
@@ -54,9 +54,9 @@ import java.util.logging.Logger;
 /**
  * Extension point for collecting JEP-214 telemetry.
  *
- * @see <a href="https://github.com/jenkinsci/jep/tree/master/jep/214">JEP-214</a>
+ * @see <a href="https://jenkins.io/jep/214">JEP-214</a>
  *
- * @since TODO
+ * @since 2.143 / 2.138.2
  */
 public abstract class Telemetry implements ExtensionPoint {
 
-- 
GitLab


From fef3b2c1cae037f945ceb0419a650a012628ba52 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Mon, 1 Oct 2018 08:45:54 -0400
Subject: [PATCH 778/863] 98995cb0e9619e32a5eb8734fee7e6920f2e549e excludes
 this API from 2.138.x.

---
 core/src/main/java/jenkins/telemetry/Telemetry.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/jenkins/telemetry/Telemetry.java b/core/src/main/java/jenkins/telemetry/Telemetry.java
index a917100058..cf3892ead5 100644
--- a/core/src/main/java/jenkins/telemetry/Telemetry.java
+++ b/core/src/main/java/jenkins/telemetry/Telemetry.java
@@ -56,7 +56,7 @@ import java.util.logging.Logger;
  *
  * @see <a href="https://jenkins.io/jep/214">JEP-214</a>
  *
- * @since 2.143 / 2.138.2
+ * @since 2.143
  */
 public abstract class Telemetry implements ExtensionPoint {
 
-- 
GitLab


From 37d0898e6a478ebe1b3446694e30852ff2140beb Mon Sep 17 00:00:00 2001
From: suren <zxjlwt@126.com>
Date: Tue, 2 Oct 2018 00:02:11 +0800
Subject: [PATCH 779/863] Migrate into localization-zh-cn-plugin

See https://github.com/jenkinsci/localization-zh-cn-plugin
---
 .../message_zh_CN.properties                  |   6 -
 .../AboutJenkins/index_zh_CN.properties       |  29 -----
 .../message_zh_CN.properties                  |  23 ----
 .../message_zh_CN.properties                  |  22 ----
 .../PluginManager/advanced_zh_CN.properties   |  35 ------
 .../checkUpdates_zh_CN.properties             |  26 -----
 .../PluginManager/check_zh_CN.properties      |  24 ----
 .../PluginManager/index_zh_CN.properties      |  27 -----
 .../PluginManager/installed_zh_CN.properties  |  36 ------
 .../PluginManager/sidepanel_zh_CN.properties  |  24 ----
 .../PluginManager/sites_zh_CN.properties      |  25 ----
 .../PluginManager/tabBar_zh_CN.properties     |  27 -----
 .../PluginManager/table_zh_CN.properties      |  39 -------
 .../message_zh_CN.properties                  |  28 -----
 .../thirdPartyLicenses_zh_CN.properties       |  25 ----
 .../PluginWrapper/uninstall_zh_CN.properties  |  24 ----
 .../config_zh_CN.properties                   |  39 -------
 .../cli/CLIAction/index_zh_CN.properties      |  25 ----
 .../index_zh_CN.properties                    |  25 ----
 .../message_zh_CN.properties                  |  25 ----
 .../OldDataMonitor/manage_zh_CN.properties    |   7 --
 .../OldDataMonitor/message_zh_CN.properties   |  26 -----
 .../message_zh_CN.properties                  |  25 ----
 .../message_zh_CN.properties                  |  26 -----
 .../index_zh_CN.properties                    |   6 -
 .../LogRecorder/sidepanel_zh_CN.properties    |  26 -----
 .../LogRecorderManager/all_zh_CN.properties   |  27 -----
 .../LogRecorderManager/feeds_zh_CN.properties |  25 ----
 .../LogRecorderManager/index_zh_CN.properties |  26 -----
 .../levels_zh_CN.properties                   |  27 -----
 .../LogRecorderManager/new_zh_CN.properties   |  23 ----
 .../sidepanel_zh_CN.properties                |  28 -----
 .../config_zh_CN.properties                   |  23 ----
 .../AbstractBuild/changes_zh_CN.properties    |  23 ----
 .../AbstractBuild/index_zh_CN.properties      |  34 ------
 .../AbstractBuild/sidepanel_zh_CN.properties  |  24 ----
 .../AbstractBuild/tasks_zh_CN.properties      |  30 -----
 .../confirm-rename_zh_CN.properties           |  25 ----
 .../AbstractItem/delete_zh_CN.properties      |  25 ----
 .../AbstractItem/noWorkspace_zh_CN.properties |  33 ------
 .../error_zh_CN.properties                    |   3 -
 .../AbstractProject/changes_zh_CN.properties  |  23 ----
 .../configure-common_zh_CN.properties         |  28 -----
 .../AbstractProject/main_zh_CN.properties     |  25 ----
 .../sidepanel_zh_CN.properties                |  28 -----
 .../AllView/newViewDetail_zh_CN.properties    |  23 ----
 .../model/AllView/noJob_zh_CN.properties      |  26 -----
 .../config_zh_CN.properties                   |  24 ----
 .../config_zh_CN.properties                   |  27 -----
 .../description_zh_CN.properties              |   5 -
 .../UserCause/description_zh_CN.properties    |  23 ----
 .../UserIdCause/description_zh_CN.properties  |  24 ----
 .../config_zh_CN.properties                   |  25 ----
 .../model/Computer/_api_zh_CN.properties      |  23 ----
 .../model/Computer/builds_zh_CN.properties    |   3 -
 .../model/Computer/configure_zh_CN.properties |  25 ----
 .../model/Computer/index_zh_CN.properties     |  28 -----
 .../Computer/markOffline_zh_CN.properties     |  25 ----
 .../Computer/setOfflineCause_zh_CN.properties |  25 ----
 .../model/Computer/sidepanel_zh_CN.properties |  29 -----
 .../model/ComputerSet/_new_zh_CN.properties   |   5 -
 .../ComputerSet/configure_zh_CN.properties    |   4 -
 .../model/ComputerSet/index_zh_CN.properties  |  27 -----
 .../model/ComputerSet/new_zh_CN.properties    |  24 ----
 .../ComputerSet/sidepanel_zh_CN.properties    |  26 -----
 .../dir_zh_CN.properties                      |  25 ----
 .../config_zh_CN.properties                   |  24 ----
 .../hudson/model/JDK/config_zh_CN.properties  |  23 ----
 .../model/Job/buildTimeTrend_zh_CN.properties |  26 -----
 .../model/Job/configure_zh_CN.properties      |  28 -----
 .../hudson/model/Job/index_zh_CN.properties   |   4 -
 .../model/Job/permalinks_zh_CN.properties     |  25 ----
 .../configure-entries_zh_CN.properties        |  34 ------
 .../ListView/newJobButtonBar_zh_CN.properties |  23 ----
 .../ListView/newViewDetail_zh_CN.properties   |  23 ----
 .../LoadStatistics/main_zh_CN.properties      |  31 -----
 .../MyView/newViewDetail_zh_CN.properties     |  24 ----
 .../model/MyView/noJob_zh_CN.properties       |   1 -
 .../MyViewsProperty/config_zh_CN.properties   |  24 ----
 .../MyViewsProperty/newView_zh_CN.properties  |  23 ----
 .../NoFingerprintMatch/index_zh_CN.properties |  24 ----
 .../ParametersAction/index_zh_CN.properties   |   4 -
 .../config-details_zh_CN.properties           |  23 ----
 .../index_zh_CN.properties                    |   5 -
 .../config_zh_CN.properties                   |  25 ----
 .../Permalink/link_zh_CN.properties           |  23 ----
 .../KeepLogBuildBadge/badge_zh_CN.properties  |  23 ----
 .../model/Run/configure_zh_CN.properties      |  26 -----
 .../model/Run/confirmDelete_zh_CN.properties  |  24 ----
 .../hudson/model/Run/console_zh_CN.properties |  24 ----
 .../hudson/model/Run/delete_zh_CN.properties  |  23 ----
 .../hudson/model/Run/logKeep_zh_CN.properties |  24 ----
 .../config_zh_CN.properties                   |  31 -----
 .../config_zh_CN.properties                   |   6 -
 .../config_zh_CN.properties                   |  25 ----
 .../ConnectionCheckJob/row_zh_CN.properties   |  23 ----
 .../Failure/status_zh_CN.properties           |   4 -
 .../Installing/status_zh_CN.properties        |  23 ----
 .../Pending/status_zh_CN.properties           |  23 ----
 .../Success/status_zh_CN.properties           |  23 ----
 .../Pending/status_zh_CN.properties           |  23 ----
 .../RestartJenkinsJob/row_zh_CN.properties    |  23 ----
 .../model/UpdateCenter/body_zh_CN.properties  |  25 ----
 .../model/UpdateCenter/index_zh_CN.properties |  23 ----
 .../UpdateCenter/sidepanel_zh_CN.properties   |  25 ----
 .../UsageStatistics/global_zh_CN.properties   |  26 -----
 .../hudson/model/User/builds_zh_CN.properties |  22 ----
 .../model/User/configure_zh_CN.properties     |   6 -
 .../hudson/model/User/delete_zh_CN.properties |  24 ----
 .../hudson/model/User/index_zh_CN.properties  |  23 ----
 .../model/User/sidepanel_zh_CN.properties     |  28 -----
 .../View/AsynchPeople/index_zh_CN.properties  |  30 -----
 .../model/View/People/index_zh_CN.properties  |   3 -
 .../hudson/model/View/builds_zh_CN.properties |  24 ----
 .../model/View/configure_zh_CN.properties     |   9 --
 .../hudson/model/View/delete_zh_CN.properties |  24 ----
 .../hudson/model/View/index_zh_CN.properties  |  23 ----
 .../View/newJobButtonBar_zh_CN.properties     |   1 -
 .../hudson/model/View/newJob_zh_CN.properties |  32 ------
 .../hudson/model/View/noJob_zh_CN.properties  |   4 -
 .../model/View/sidepanel_zh_CN.properties     |  30 -----
 .../config_zh_CN.properties                   |   3 -
 .../message_zh_CN.properties                  |   3 -
 .../EmptyChangeLogSet/digest_zh_CN.properties |  23 ----
 .../scm/SCM/project-changes_zh_CN.properties  |  25 ----
 .../config_zh_CN.properties                   |   4 -
 .../config_zh_CN.properties                   |  23 ----
 .../config_zh_CN.properties                   |  28 -----
 .../index_zh_CN.properties                    |  37 ------
 .../Details/config_zh_CN.properties           |  24 ----
 .../_entryForm_zh_CN.properties               |  27 -----
 .../addUser_zh_CN.properties                  |  23 ----
 .../config_zh_CN.properties                   |  23 ----
 .../firstUser_zh_CN.properties                |  23 ----
 .../index_zh_CN.properties                    |  26 -----
 .../loginLink_zh_CN.properties                |  23 ----
 .../sidepanel_zh_CN.properties                |  25 ----
 ...gnupWithFederatedIdentity_zh_CN.properties |  23 ----
 .../signup_zh_CN.properties                   |  41 -------
 .../success_zh_CN.properties                  |  24 ----
 .../config_zh_CN.properties                   |   3 -
 .../SecurityRealm/loginLink_zh_CN.properties  |  23 ----
 .../SecurityRealm/signup_zh_CN.properties     |  25 ----
 .../config_zh_CN.properties                   |   3 -
 .../config_zh_CN.properties                   |  27 -----
 .../ComputerLauncher/main_zh_CN.properties    |  26 -----
 .../configure-entries_zh_CN.properties        |  29 -----
 .../newInstanceDetail_zh_CN.properties        |  25 ----
 .../config_zh_CN.properties                   |  25 ----
 .../JNLPLauncher/config_zh_CN.properties      |  24 ----
 .../slaves/JNLPLauncher/main_zh_CN.properties |  30 -----
 .../ChannelTermination/cause_zh_CN.properties |  23 ----
 .../LaunchFailed/cause_zh_CN.properties       |  23 ----
 .../SlaveComputer/disconnect_zh_CN.properties |  26 -----
 .../SlaveComputer/sidepanel2_zh_CN.properties |  25 ----
 .../SlaveComputer/systemInfo_zh_CN.properties |  26 -----
 .../ArtifactArchiver/config_zh_CN.properties  |  29 -----
 .../tasks/BatchFile/config_zh_CN.properties   |  25 ----
 .../BuildTrigger/config_zh_CN.properties      |  26 -----
 .../FingerprintAction/index_zh_CN.properties  |   9 --
 .../Fingerprinter/config_zh_CN.properties     |  23 ----
 .../tasks/LogRotator/config_zh_CN.properties  |  30 -----
 .../tasks/Maven/config_zh_CN.properties       |  32 ------
 .../tasks/Shell/config_zh_CN.properties       |  25 ----
 .../config_zh_CN.properties                   |   2 -
 .../config_zh_CN.properties                   |  23 ----
 .../config_zh_CN.properties                   |  24 ----
 .../ToolInstallation/config_zh_CN.properties  |   2 -
 .../ToolInstallation/global_zh_CN.properties  |  26 -----
 .../config_zh_CN.properties                   |  25 ----
 .../config_zh_CN.properties                   |   2 -
 .../hudson/tools/label_zh_CN.properties       |   1 -
 .../BuildAction/index_zh_CN.properties        |  26 -----
 .../SCMAction/index_zh_CN.properties          |  24 ----
 .../SCMTrigger/config_zh_CN.properties        |  24 ----
 .../SCMTrigger/global_zh_CN.properties        |  24 ----
 .../TimerTrigger/config_zh_CN.properties      |  23 ----
 .../HudsonIsLoading/index_zh_CN.properties    |   4 -
 .../HudsonIsRestarting/index_zh_CN.properties |   3 -
 .../myViewTabs_zh_CN.properties               |  23 ----
 .../viewTabs_zh_CN.properties                 |  23 ----
 .../config_zh_CN.properties                   |  23 ----
 .../columnHeader_zh_CN.properties             |  24 ----
 .../column_zh_CN.properties                   |   3 -
 .../columnHeader_zh_CN.properties             |  23 ----
 .../LastFailureColumn/column_zh_CN.properties |  23 ----
 .../columnHeader_zh_CN.properties             |   3 -
 .../columnHeader_zh_CN.properties             |  23 ----
 .../LastSuccessColumn/column_zh_CN.properties |   3 -
 .../columnHeader_zh_CN.properties             |  23 ----
 .../columnHeader_zh_CN.properties             |  23 ----
 .../HistoryWidget/entry_zh_CN.properties      |  23 ----
 .../HistoryWidget/index_zh_CN.properties      |  26 -----
 .../WarnWhenEnabled/message_zh_CN.properties  |  28 -----
 .../jenkins/CLI/config_zh_CN.properties       |  24 ----
 .../message_zh_CN.properties                  |  29 -----
 .../message_zh_CN.properties                  |  25 ----
 ...thenticate-security-token_zh_CN.properties |  32 ------
 .../proxy-configuration_zh_CN.properties      |  24 ----
 ...upWizardConfigureInstance_zh_CN.properties |  28 -----
 .../setupWizardFirstUser_zh_CN.properties     |  24 ----
 .../client-scripts_zh_CN.properties           |  26 -----
 .../pluginSetupWizard_zh_CN.properties        | 108 ------------------
 .../config_zh_CN.properties                   |  28 -----
 .../footer_zh_CN.properties                   |  26 -----
 .../PluginsLink/info_zh_CN.properties         |   3 -
 .../config-details_zh_CN.properties           |  23 ----
 .../simple-header_zh_CN.properties            |  23 ----
 .../DownloadSettings/config_zh_CN.properties  |  25 ----
 .../config_zh_CN.properties                   |  25 ----
 .../config_zh_CN.properties                   |  24 ----
 .../config_zh_CN.properties                   |  25 ----
 .../config_zh_CN.properties                   |  24 ----
 .../config_zh_CN.properties                   |  24 ----
 .../message_zh_CN.properties                  |  24 ----
 .../MasterComputer/_api_zh_CN.properties      |  23 ----
 .../MasterComputer/configure_zh_CN.properties |  26 -----
 .../model/Jenkins/_restart_zh_CN.properties   |  26 -----
 .../Jenkins/_safeRestart_zh_CN.properties     |  26 -----
 .../Jenkins/accessDenied_zh_CN.properties     |  24 ----
 .../model/Jenkins/configure_zh_CN.properties  |  27 -----
 .../model/Jenkins/downgrade_zh_CN.properties  |  24 ----
 .../Jenkins/fingerprintCheck_zh_CN.properties |  27 -----
 .../model/Jenkins/legend_zh_CN.properties     |  35 ------
 .../Jenkins/load-statistics_zh_CN.properties  |  23 ----
 .../model/Jenkins/loginError_zh_CN.properties |  27 -----
 .../model/Jenkins/login_zh_CN.properties      |  28 -----
 .../model/Jenkins/manage_zh_CN.properties     |  25 ----
 .../model/Jenkins/newView_zh_CN.properties    |  25 ----
 .../model/Jenkins/oops_zh_CN.properties       |  28 -----
 .../projectRelationship_zh_CN.properties      |  27 -----
 .../model/Jenkins/systemInfo_zh_CN.properties |  32 ------
 .../config_zh_CN.properties                   |  24 ----
 .../config_zh_CN.properties                   |  25 ----
 .../config_zh_CN.properties                   |  25 ----
 .../RenameAction/action_zh_CN.properties      |  23 ----
 .../config_zh_CN.properties                   |  23 ----
 .../config_zh_CN.properties                   |  23 ----
 .../GlobalMavenConfig/config_zh_CN.properties |  25 ----
 .../ApiTokenProperty/config_zh_CN.properties  |  48 --------
 .../config_zh_CN.properties                   |  29 -----
 .../config_zh_CN.properties                   |  26 -----
 .../message_zh_CN.properties                  |  27 -----
 .../message_zh_CN.properties                  |  27 -----
 .../manage_zh_CN.properties                   |  65 -----------
 .../message_zh_CN.properties                  |  25 ----
 .../message_zh_CN.properties                  |  28 -----
 .../message_zh_CN.properties                  |  28 -----
 .../AdminWhitelistRule/index_zh_CN.properties |  27 -----
 .../message_zh_CN.properties                  |  28 -----
 .../message_zh_CN.properties                  |  28 -----
 .../config_zh_CN.properties                   |  26 -----
 .../index_zh_CN.properties                    |   2 -
 .../config_zh_CN.properties                   |  26 -----
 .../lib/form/advanced_zh_CN.properties        |  24 ----
 .../resources/lib/form/apply_zh_CN.properties |  23 ----
 .../lib/form/booleanRadio_zh_CN.properties    |  24 ----
 ...breadcrumb-config-outline_zh_CN.properties |   3 -
 .../form/expandableTextbox_zh_CN.properties   |  25 ----
 .../lib/form/helpArea_zh_CN.properties        |  23 ----
 .../lib/form/hetero-list_zh_CN.properties     |  23 ----
 .../repeatableDeleteButton_zh_CN.properties   |  23 ----
 .../lib/form/repeatable_zh_CN.properties      |  23 ----
 .../lib/form/serverTcpPort_zh_CN.properties   |  25 ----
 .../lib/form/slave-mode_zh_CN.properties      |   1 -
 .../lib/form/submit_zh_CN.properties          |  23 ----
 .../lib/form/textarea_zh_CN.properties        |  24 ----
 .../lib/hudson/artifactList_zh_CN.properties  |   3 -
 .../lib/hudson/buildCaption_zh_CN.properties  |  24 ----
 .../lib/hudson/buildHealth_zh_CN.properties   |  23 ----
 .../hudson/buildListTable_zh_CN.properties    |  26 -----
 .../hudson/buildProgressBar_zh_CN.properties  |  24 ----
 .../editableDescription_zh_CN.properties      |  24 ----
 .../lib/hudson/executors_zh_CN.properties     |  30 -----
 .../lib/hudson/iconSize_zh_CN.properties      |  23 ----
 .../hudson/listScmBrowsers_zh_CN.properties   |  24 ----
 .../hudson/newFromList/form_zh_CN.properties  |  24 ----
 .../lib/hudson/node_zh_CN.properties          |  23 ----
 .../config-assignedLabel_zh_CN.properties     |  24 ----
 ...ockWhenDownstreamBuilding_zh_CN.properties |  23 ----
 ...blockWhenUpstreamBuilding_zh_CN.properties |  23 ----
 .../config-buildWrappers_zh_CN.properties     |  23 ----
 .../project/config-builders_zh_CN.properties  |  24 ----
 .../config-concurrentBuild_zh_CN.properties   |  23 ----
 .../config-customWorkspace_zh_CN.properties   |  24 ----
 .../config-disableBuild_zh_CN.properties      |  24 ----
 .../config-publishers2_zh_CN.properties       |  24 ----
 .../config-publishers_zh_CN.properties        |  23 ----
 .../config-quietPeriod_zh_CN.properties       |  24 ----
 .../config-retryCount_zh_CN.properties        |  24 ----
 .../project/config-scm_zh_CN.properties       |  23 ----
 .../project/config-trigger_zh_CN.properties   |  23 ----
 .../project/configurable_zh_CN.properties     |  27 -----
 .../project/console-link_zh_CN.properties     |  24 ----
 .../project/makeDisabled_zh_CN.properties     |  25 ----
 .../upstream-downstream_zh_CN.properties      |  24 ----
 .../lib/hudson/propertyTable_zh_CN.properties |  24 ----
 .../lib/hudson/queue_zh_CN.properties         |  29 -----
 .../lib/hudson/rssBar_zh_CN.properties        |  26 -----
 .../lib/hudson/scriptConsole_zh_CN.properties |  24 ----
 .../thirdPartyLicenses_zh_CN.properties       |  25 ----
 .../lib/layout/breadcrumbBar_zh_CN.properties |   6 -
 .../lib/layout/layout_zh_CN.properties        |  26 -----
 .../lib/layout/main-panel_zh_CN.properties    |  23 ----
 .../lib/layout/pane_zh_CN.properties          |  24 ----
 .../progressiveRendering_zh_CN.properties     |   3 -
 .../lib/layout/task_zh_CN.properties          |   3 -
 .../resources/lib/test/bar_zh_CN.properties   |   4 -
 308 files changed, 7053 deletions(-)
 delete mode 100644 core/src/filter/resources/hudson/model/UpdateCenter/CoreUpdateMonitor/message_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/AboutJenkins/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/PluginManager/PluginCycleDependenciesMonitor/message_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/PluginManager/PluginUpdateMonitor/message_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/PluginManager/advanced_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/PluginManager/checkUpdates_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/PluginManager/check_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/PluginManager/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/PluginManager/installed_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/PluginManager/sidepanel_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/PluginManager/sites_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/PluginManager/tabBar_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/PluginManager/table_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/PluginWrapper/PluginWrapperAdministrativeMonitor/message_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/PluginWrapper/thirdPartyLicenses_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/PluginWrapper/uninstall_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/ProxyConfiguration/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/cli/CLIAction/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/diagnosis/HudsonHomeDiskUsageMonitor/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/diagnosis/HudsonHomeDiskUsageMonitor/message_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/diagnosis/OldDataMonitor/manage_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/diagnosis/OldDataMonitor/message_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/diagnosis/ReverseProxySetupMonitor/message_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/diagnosis/TooManyJobsButNoView/message_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/lifecycle/WindowsInstallerLink/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/logging/LogRecorder/sidepanel_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/logging/LogRecorderManager/all_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/logging/LogRecorderManager/feeds_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/logging/LogRecorderManager/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/logging/LogRecorderManager/levels_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/logging/LogRecorderManager/new_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/logging/LogRecorderManager/sidepanel_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/markup/EscapedMarkupFormatter/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractBuild/changes_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractBuild/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractBuild/sidepanel_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractBuild/tasks_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractItem/confirm-rename_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractItem/delete_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractItem/noWorkspace_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractModelObject/error_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractProject/changes_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractProject/configure-common_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractProject/main_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/AbstractProject/sidepanel_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/AllView/newViewDetail_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/AllView/noJob_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/BooleanParameterDefinition/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/BuildAuthorizationToken/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/Cause/UpstreamCause/description_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/Cause/UserCause/description_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/Cause/UserIdCause/description_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/ChoiceParameterDefinition/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/Computer/_api_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/Computer/builds_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/Computer/configure_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/Computer/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/Computer/markOffline_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/Computer/setOfflineCause_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/Computer/sidepanel_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/ComputerSet/_new_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/ComputerSet/configure_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/ComputerSet/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/ComputerSet/new_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/ComputerSet/sidepanel_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/DirectoryBrowserSupport/dir_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/FileParameterDefinition/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/JDK/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/Job/buildTimeTrend_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/Job/configure_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/Job/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/Job/permalinks_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/ListView/configure-entries_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/ListView/newJobButtonBar_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/ListView/newViewDetail_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/LoadStatistics/main_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/MyView/newViewDetail_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/MyView/noJob_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/MyViewsProperty/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/MyViewsProperty/newView_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/NoFingerprintMatch/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/ParametersAction/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/ParametersDefinitionProperty/config-details_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/ParametersDefinitionProperty/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/PasswordParameterDefinition/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/PermalinkProjectAction/Permalink/link_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/Run/KeepLogBuildBadge/badge_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/Run/configure_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/Run/confirmDelete_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/Run/console_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/Run/delete_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/Run/logKeep_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/RunParameterDefinition/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/StringParameterDefinition/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/TextParameterDefinition/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/UpdateCenter/ConnectionCheckJob/row_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/UpdateCenter/DownloadJob/Failure/status_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/UpdateCenter/DownloadJob/Installing/status_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/UpdateCenter/DownloadJob/Pending/status_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/UpdateCenter/DownloadJob/Success/status_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/UpdateCenter/RestartJenkinsJob/Pending/status_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/UpdateCenter/RestartJenkinsJob/row_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/UpdateCenter/body_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/UpdateCenter/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/UpdateCenter/sidepanel_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/UsageStatistics/global_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/User/builds_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/User/configure_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/User/delete_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/User/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/User/sidepanel_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/View/AsynchPeople/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/View/People/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/View/builds_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/View/configure_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/View/delete_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/View/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/View/newJobButtonBar_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/View/newJob_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/View/noJob_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/model/View/sidepanel_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/node_monitors/AbstractDiskSpaceMonitor/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/node_monitors/MonitorMarkedNodeOffline/message_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/scm/EmptyChangeLogSet/digest_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/scm/SCM/project-changes_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/search/UserSearchProperty/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/security/FullControlOnceLoggedInAuthorizationStrategy/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/security/GlobalSecurityConfiguration/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/Details/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/_entryForm_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/addUser_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/firstUser_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/loginLink_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/sidepanel_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/signupWithFederatedIdentity_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/signup_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/success_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/security/LegacySecurityRealm/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/security/SecurityRealm/loginLink_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/security/SecurityRealm/signup_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/security/csrf/DefaultCrumbIssuer/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/security/csrf/GlobalCrumbIssuerConfiguration/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/slaves/ComputerLauncher/main_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/slaves/DumbSlave/configure-entries_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/slaves/DumbSlave/newInstanceDetail_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/slaves/EnvironmentVariablesNodeProperty/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/slaves/JNLPLauncher/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/slaves/JNLPLauncher/main_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/slaves/OfflineCause/ChannelTermination/cause_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/slaves/OfflineCause/LaunchFailed/cause_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/slaves/SlaveComputer/disconnect_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/slaves/SlaveComputer/sidepanel2_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/slaves/SlaveComputer/systemInfo_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/tasks/ArtifactArchiver/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/tasks/BatchFile/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/tasks/BuildTrigger/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/tasks/Fingerprinter/FingerprintAction/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/tasks/Fingerprinter/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/tasks/LogRotator/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/tasks/Maven/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/tasks/Shell/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/tools/AbstractCommandInstaller/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/tools/DownloadFromUrlInstaller/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/tools/InstallSourceProperty/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/tools/ToolInstallation/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/tools/ToolInstallation/global_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/tools/ToolLocationNodeProperty/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/tools/ZipExtractionInstaller/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/tools/label_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/triggers/SCMTrigger/BuildAction/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/triggers/SCMTrigger/SCMAction/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/triggers/SCMTrigger/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/triggers/SCMTrigger/global_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/triggers/TimerTrigger/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/util/HudsonIsLoading/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/util/HudsonIsRestarting/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/views/DefaultMyViewsTabBar/myViewTabs_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/views/DefaultViewsTabBar/viewTabs_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/views/GlobalDefaultViewConfiguration/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/views/LastDurationColumn/columnHeader_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/views/LastDurationColumn/column_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/views/LastFailureColumn/columnHeader_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/views/LastFailureColumn/column_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/views/LastStableColumn/columnHeader_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/views/LastSuccessColumn/columnHeader_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/views/LastSuccessColumn/column_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/views/StatusColumn/columnHeader_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/views/WeatherColumn/columnHeader_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/widgets/HistoryWidget/entry_zh_CN.properties
 delete mode 100644 core/src/main/resources/hudson/widgets/HistoryWidget/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/CLI/WarnWhenEnabled/message_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/CLI/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/diagnostics/SecurityIsOffMonitor/message_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/install/SetupWizard/authenticate-security-token_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/install/SetupWizard/proxy-configuration_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/install/SetupWizard/setupWizardFirstUser_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/install/UpgradeWizard/client-scripts_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/install/pluginSetupWizard_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/management/AdministrativeMonitorsConfiguration/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/footer_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/management/PluginsLink/info_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/BuildDiscarderProperty/config-details_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/DefaultSimplePageDecorator/simple-header_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/DownloadSettings/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/GlobalCloudConfiguration/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/GlobalNodePropertiesConfiguration/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/GlobalQuietPeriodConfiguration/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/GlobalSCMRetryCountConfiguration/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/EnforceSlaveAgentPortAdministrativeMonitor/message_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/MasterComputer/_api_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/MasterComputer/configure_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/_restart_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/_safeRestart_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/accessDenied_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/configure_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/downgrade_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/fingerprintCheck_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/legend_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/load-statistics_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/loginError_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/login_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/manage_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/newView_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/oops_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/projectRelationship_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/Jenkins/systemInfo_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/JenkinsLocationConfiguration/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/MasterBuildConfiguration/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/ProjectNamingStrategy/PatternProjectNamingStrategy/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/model/RenameAction/action_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/mvn/FilePathGlobalSettingsProvider/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/mvn/FilePathSettingsProvider/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/mvn/GlobalMavenConfig/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/security/ApiTokenProperty/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/security/UpdateSiteWarningsConfiguration/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/security/csrf/CSRFAdministrativeMonitor/message_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/security/s2m/AdminCallableMonitor/message_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/security/s2m/AdminWhitelistRule/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/security/s2m/MasterKillSwitchWarning/message_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/tools/GlobalToolConfiguration/index_zh_CN.properties
 delete mode 100644 core/src/main/resources/jenkins/triggers/ReverseBuildTrigger/config_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/form/advanced_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/form/apply_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/form/booleanRadio_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/form/breadcrumb-config-outline_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/form/expandableTextbox_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/form/helpArea_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/form/hetero-list_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/form/repeatableDeleteButton_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/form/repeatable_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/form/serverTcpPort_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/form/slave-mode_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/form/submit_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/form/textarea_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/artifactList_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/buildCaption_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/buildHealth_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/buildListTable_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/buildProgressBar_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/editableDescription_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/executors_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/iconSize_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/listScmBrowsers_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/newFromList/form_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/node_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/project/config-assignedLabel_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/project/config-blockWhenDownstreamBuilding_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/project/config-blockWhenUpstreamBuilding_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/project/config-buildWrappers_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/project/config-builders_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/project/config-concurrentBuild_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/project/config-customWorkspace_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/project/config-disableBuild_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/project/config-publishers2_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/project/config-publishers_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/project/config-quietPeriod_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/project/config-retryCount_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/project/config-scm_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/project/config-trigger_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/project/configurable_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/project/console-link_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/project/makeDisabled_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/project/upstream-downstream_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/propertyTable_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/queue_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/rssBar_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/scriptConsole_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/hudson/thirdPartyLicenses_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/layout/breadcrumbBar_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/layout/layout_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/layout/main-panel_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/layout/pane_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/layout/progressiveRendering_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/layout/task_zh_CN.properties
 delete mode 100644 core/src/main/resources/lib/test/bar_zh_CN.properties

diff --git a/core/src/filter/resources/hudson/model/UpdateCenter/CoreUpdateMonitor/message_zh_CN.properties b/core/src/filter/resources/hudson/model/UpdateCenter/CoreUpdateMonitor/message_zh_CN.properties
deleted file mode 100644
index 0ef79b530b..0000000000
--- a/core/src/filter/resources/hudson/model/UpdateCenter/CoreUpdateMonitor/message_zh_CN.properties
+++ /dev/null
@@ -1,6 +0,0 @@
-# This file is under the MIT License by authors
-
-NewVersionAvailable=Jenkins\u65B0\u7248\u672C ({0})\u53EF\u70B9\u51FB <a href="{1}">download</a> (<a href="${changelog.url}">\u53D8\u66F4\u8BF4\u660E</a>)\u4E0B\u8F7D\u3002
-Or\ Upgrade\ Automatically=\u6216 \u81EA\u52A8\u5347\u7EA7\u7248\u672C
-UpgradeComplete=Jenkins {0} \u7248\u672C\u5347\u7EA7\u5DF2\u5B8C\u6210,\u7B49\u5F85<a href="{1}/safeRestart">\u91CD\u542F</a>\u4E2D.
-UpgradeCompleteRestartNotSupported=Jenkins {0} \u7248\u672C\u5347\u7EA7\u5DF2\u5B8C\u6210,\u7B49\u5F85\u91CD\u542F\u4E2D.
diff --git a/core/src/main/resources/hudson/AboutJenkins/index_zh_CN.properties b/core/src/main/resources/hudson/AboutJenkins/index_zh_CN.properties
deleted file mode 100644
index 2b459d4f22..0000000000
--- a/core/src/main/resources/hudson/AboutJenkins/index_zh_CN.properties
+++ /dev/null
@@ -1,29 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-about=\u5173\u4E8EJenkins{0}
-blurb=<a href="https://jenkins.io/">Jenkins</a>\u662F\u4E00\u4E2A\u57FA\u4E8E\u793E\u533A\u5F00\u53D1\u7684\u5F00\u6E90\u6301\u7EED\u96C6\u6210\u670D\u52A1\u5668
-
-dependencies=Jenkins\u4F9D\u8D56\u4E8E\u4EE5\u4E0B\u7B2C\u4E09\u65B9\u5E93
-maven.dependencies=Maven\u76F8\u5173\u4F9D\u8D56
-plugin.dependencies=\u63D2\u4EF6\u7684\u8BB8\u53EF\u548C\u4F9D\u8D56
-static.dependencies=\u9759\u6001\u8D44\u6E90
diff --git a/core/src/main/resources/hudson/PluginManager/PluginCycleDependenciesMonitor/message_zh_CN.properties b/core/src/main/resources/hudson/PluginManager/PluginCycleDependenciesMonitor/message_zh_CN.properties
deleted file mode 100644
index 1347940930..0000000000
--- a/core/src/main/resources/hudson/PluginManager/PluginCycleDependenciesMonitor/message_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-PluginCycles=\u4E0B\u9762\u7684\u63D2\u4EF6\u7531\u4E8E\u5FAA\u73AF\u4F9D\u8D56\u5DF2\u7ECF\u88AB\u505C\u7528\uFF0C\
-  \u66F4\u65B0\u7248\u672C\u53EF\u80FD\u4F1A\u89E3\u51B3\u8BE5\u95EE\u9898\u3002
diff --git a/core/src/main/resources/hudson/PluginManager/PluginUpdateMonitor/message_zh_CN.properties b/core/src/main/resources/hudson/PluginManager/PluginUpdateMonitor/message_zh_CN.properties
deleted file mode 100644
index befbb8b67b..0000000000
--- a/core/src/main/resources/hudson/PluginManager/PluginUpdateMonitor/message_zh_CN.properties
+++ /dev/null
@@ -1,22 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-RequiredPluginUpdates=\u4E0B\u9762\u7684\u63D2\u4EF6\u9700\u8981\u66F4\u65B0\u3002
diff --git a/core/src/main/resources/hudson/PluginManager/advanced_zh_CN.properties b/core/src/main/resources/hudson/PluginManager/advanced_zh_CN.properties
deleted file mode 100644
index df08d3b54b..0000000000
--- a/core/src/main/resources/hudson/PluginManager/advanced_zh_CN.properties
+++ /dev/null
@@ -1,35 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-File=\u6587\u4EF6
-HTTP\ Proxy\ Configuration=\u4EE3\u7406\u8BBE\u7F6E
-Password=\u5BC6\u7801
-Port=\u7AEF\u53E3
-Server=\u670D\u52A1\u5668
-URL=URL
-Update\ Site=\u5347\u7EA7\u7AD9\u70B9
-Upload=\u4E0A\u4F20
-Upload\ Plugin=\u4E0A\u4F20\u63D2\u4EF6
-User\ name=\u7528\u6237\u540D
-lastUpdated=\u66F4\u65B0\u4FE1\u606F\u83B7\u53D6\u4E8E{0}\u524D
-uploadtext=\u60A8\u53EF\u4EE5\u901A\u8FC7\u4E0A\u4F20\u4E00\u4E2A.hpi\u6587\u4EF6\u6765\u5B89\u88C5\u63D2\u4EF6\u3002
-No\ Proxy\ Host=\u4E0D\u901A\u8FC7\u4EE3\u7406\u7684\u4E3B\u673A
diff --git a/core/src/main/resources/hudson/PluginManager/checkUpdates_zh_CN.properties b/core/src/main/resources/hudson/PluginManager/checkUpdates_zh_CN.properties
deleted file mode 100644
index beed5fbf9a..0000000000
--- a/core/src/main/resources/hudson/PluginManager/checkUpdates_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Checking\ Updates...=\u68C0\u67E5\u66F4\u65B0
-Done=\u5B8C\u6210
-Go\ back\ to\ update\ center=\u8FD4\u56DE\u66F4\u65B0\u4E2D\u5FC3
-Update\ Center=\u66F4\u65B0\u4E2D\u5FC3
diff --git a/core/src/main/resources/hudson/PluginManager/check_zh_CN.properties b/core/src/main/resources/hudson/PluginManager/check_zh_CN.properties
deleted file mode 100644
index 93c14ccbc1..0000000000
--- a/core/src/main/resources/hudson/PluginManager/check_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2017, Sun Microsystems, Inc. , suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Check\ now=\u7ACB\u5373\u83B7\u53D6
-lastUpdated={0} \u4E4B\u524D\u83B7\u53D6\u4E86\u66F4\u65B0\u4FE1\u606F
diff --git a/core/src/main/resources/hudson/PluginManager/index_zh_CN.properties b/core/src/main/resources/hudson/PluginManager/index_zh_CN.properties
deleted file mode 100644
index 76df8fcfdf..0000000000
--- a/core/src/main/resources/hudson/PluginManager/index_zh_CN.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-All=\u5168\u9009
-None=\u5168\u4E0D\u9009
-Select=\u9009\u62E9
-UpdatePageDescription=\u6B64\u9875\u9762\u663E\u793A\u60A8\u5DF2\u5B89\u88C5\u7684\u63D2\u4EF6\u7684\u53EF\u7528\u66F4\u65B0
-UpdatePageLegend=\u4E0D\u53EF\u64CD\u4F5C\u7684\u884C\u662F\u5DF2\u7ECF\u5347\u7EA7\uFF0C\u7B49\u5F85\u91CD\u542F\u7684\u3002\u7070\u6697\u4F46\u53EF\u4EE5\u9009\u62E9\u7684\u884C\u662F<a href="{0}">\u6B63\u5728\u5347\u7EA7\u6216\u5347\u7EA7\u5931\u8D25\u7684</a>\u3002
diff --git a/core/src/main/resources/hudson/PluginManager/installed_zh_CN.properties b/core/src/main/resources/hudson/PluginManager/installed_zh_CN.properties
deleted file mode 100644
index 3ef1b371c7..0000000000
--- a/core/src/main/resources/hudson/PluginManager/installed_zh_CN.properties
+++ /dev/null
@@ -1,36 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Changes\ will\ take\ effect\ when\ you\ restart\ Jenkins=\u6240\u6709\u6539\u53D8\u4F1A\u5728\u91CD\u65B0\u542F\u52A8Jenkins\u4EE5\u540E\u751F\u6548\u3002
-Enabled=\u542F\u7528
-Name=\u540D\u79F0
-Previously\ installed\ version=\u4E0A\u4E00\u4E2A\u5B89\u88C5\u7684\u7248\u672C
-Restart\ Once\ No\ Jobs\ Are\ Running=\u5F53\u6CA1\u6709\u4EFB\u52A1\u65F6\u91CD\u542F
-Uncheck\ to\ disable\ the\ plugin=\u53D6\u6D88\u9009\u62E9\u4EE5\u7981\u7528\u63D2\u4EF6
-Uninstall=\u5378\u8F7D
-Version=\u7248\u672C
-downgradeTo=\u964D\u5230
-No\ plugins\ installed.=\u6CA1\u6709\u5B89\u88C5\u4EFB\u52A1\u63D2\u4EF6\u3002
-Update\ Center=\u66F4\u65B0\u4E2D\u5FC3
-Warning=\u8B66\u544A
-requires.restart=Jenkins\u9700\u8981\u91CD\u542F\u3002\u8FD9\u65F6\u5019\u4E0D\u5EFA\u8BAE\u4FEE\u6539\u63D2\u4EF6\u7684\u72B6\u6001\u3002\u5728\u64CD\u4F5C\u4E4B\u524D\u5148\u91CD\u542FJenkins\u3002
-Filter=\u8FC7\u6EE4
diff --git a/core/src/main/resources/hudson/PluginManager/sidepanel_zh_CN.properties b/core/src/main/resources/hudson/PluginManager/sidepanel_zh_CN.properties
deleted file mode 100644
index 3a25d8fbda..0000000000
--- a/core/src/main/resources/hudson/PluginManager/sidepanel_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2011, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-Back\ to\ Dashboard=\u8FD4\u56DE\u5230\u5DE5\u4F5C\u53F0
-Manage\ Jenkins=\u7CFB\u7EDF\u7BA1\u7406
-Update\ Center=\u66F4\u65B0\u4E2D\u5FC3
diff --git a/core/src/main/resources/hudson/PluginManager/sites_zh_CN.properties b/core/src/main/resources/hudson/PluginManager/sites_zh_CN.properties
deleted file mode 100644
index bca86d1173..0000000000
--- a/core/src/main/resources/hudson/PluginManager/sites_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Update\ Center=\u66F4\u65B0\u4E2D\u5FC3
-Add...=\u65B0\u589E...
-Remove=\u79FB\u9664
diff --git a/core/src/main/resources/hudson/PluginManager/tabBar_zh_CN.properties b/core/src/main/resources/hudson/PluginManager/tabBar_zh_CN.properties
deleted file mode 100644
index 6465bd4b88..0000000000
--- a/core/src/main/resources/hudson/PluginManager/tabBar_zh_CN.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Advanced=\u9AD8\u7EA7
-Available=\u53EF\u9009\u63D2\u4EF6
-Installed=\u5DF2\u5B89\u88C5
-Updates=\u53EF\u66F4\u65B0
-Sites=\u7F51\u7AD9
diff --git a/core/src/main/resources/hudson/PluginManager/table_zh_CN.properties b/core/src/main/resources/hudson/PluginManager/table_zh_CN.properties
deleted file mode 100644
index ce14c75854..0000000000
--- a/core/src/main/resources/hudson/PluginManager/table_zh_CN.properties
+++ /dev/null
@@ -1,39 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Check\ to\ install\ the\ plugin=\u8BF7\u52FE\u9009\u8981\u5B89\u88C5\u7684\u63D2\u4EF6
-Click\ this\ heading\ to\ sort\ by\ category=\u70B9\u51FB\u6807\u9898\u6309\u5206\u7C7B\u6392\u5E8F
-Download\ now\ and\ install\ after\ restart=\u4E0B\u8F7D\u5F85\u91CD\u542F\u540E\u5B89\u88C5
-Filter=\u8FC7\u6EE4
-Inactive=\u672A\u6FC0\u6D3B
-Install=\u5B89\u88C5
-Install\ without\ restart=\u76F4\u63A5\u5B89\u88C5
-Installed=\u5DF2\u5B89\u88C5
-Name=\u540D\u79F0
-No\ updates=\u6CA1\u6709\u66F4\u65B0
-Version=\u7248\u672C
-coreWarning=\u8B66\u544A\uFF1A\u8BE5\u63D2\u4EF6\u53EA\u9002\u7528\u4E8EJenkins{0}\u6216\u66F4\u65B0\u7248\u672C\u3002\u5B83\u53EF\u80FD\u4E0D\u80FD\u6B63\u5E38\u8FD0\u884C\u4E8E\u4F60\u7684Jenkins
-compatWarning=\
- \u8B66\u544A\uFF1A \u65B0\u7248\u672C\u548C\u5DF2\u7ECF\u5B89\u88C5\u7684\u63D2\u4EF6\u4F7F\u7528\u4E86\u4E0D\u540C\u683C\u5F0F\u7684\u8BBE\u7F6E\u3002 \
- \u4F7F\u7528\u4E86\u8FD9\u4E2A\u63D2\u4EF6\u7684\u4EFB\u52A1\u53EF\u80FD\u9700\u8981\u91CD\u65B0\u8BBE\u7F6E\uFF0C\u800C\u4E14\u53EF\u80FD\u9700\u8981\u624B\u52A8\u8BBE\u7F6E\u624D\u80FD\u56DE\u9000\u5230\u4E0A\u4E2A\u7248\u672C\u7684\u8BBE\u7F6E\u3002 \
- \u60A8\u53EF\u4EE5\u901A\u8FC7\u67E5\u770B\u8BE5\u63D2\u4EF6\u7684\u53D1\u5E03\u4FE1\u606F\u6765\u83B7\u53D6\u8BE6\u7EC6\u4FE1\u606F\u3002
-Update\ Center=\u66F4\u65B0\u4E2D\u5FC3
diff --git a/core/src/main/resources/hudson/PluginWrapper/PluginWrapperAdministrativeMonitor/message_zh_CN.properties b/core/src/main/resources/hudson/PluginWrapper/PluginWrapperAdministrativeMonitor/message_zh_CN.properties
deleted file mode 100644
index ef2f0d5460..0000000000
--- a/core/src/main/resources/hudson/PluginWrapper/PluginWrapperAdministrativeMonitor/message_zh_CN.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Correct=\u7EA0\u6B63
-Dependency\ errors=\u4F9D\u8D56\u9519\u8BEF
-Downstream\ dependency\ errors=\u4E0B\u6E38\u4F9D\u8D56\u9519\u8BEF
-
-blurbOriginal=\u90E8\u5206\u63D2\u4EF6\u7531\u4E8E\u7F3A\u5C11\u4EE5\u6765\u65E0\u6CD5\u52A0\u8F7D\u3002\u8981\u6062\u590D\u8FD9\u4E9B\u63D2\u4EF6\u63D0\u4F9B\u7684\u529F\u80FD\uFF0C\u9700\u8981\u4FEE\u590D\u8FD9\u4E9B\u95EE\u9898\u5E76\u91CD\u542F Jenkins\u3002
-blurbDerived=\u7531\u4E8E\u4E00\u4E2A\u6216\u8005\u591A\u4E2A\u4E0A\u9762\u7684\u9519\u8BEF\u5BFC\u81F4\u8FD9\u4E9B\u63D2\u4EF6\u65E0\u6CD5\u52A0\u8F7D\u3002\u4FEE\u590D\u540E\u63D2\u4EF6\u5C06\u4F1A\u518D\u6B21\u52A0\u8F7D\u3002
diff --git a/core/src/main/resources/hudson/PluginWrapper/thirdPartyLicenses_zh_CN.properties b/core/src/main/resources/hudson/PluginWrapper/thirdPartyLicenses_zh_CN.properties
deleted file mode 100644
index 85d755b0a4..0000000000
--- a/core/src/main/resources/hudson/PluginWrapper/thirdPartyLicenses_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-about=\u5173\u4E8E {0}
-3rd\ Party\ Dependencies=\u7B2C\u4E09\u65B9\u4F9D\u8D56
-No\ information\ recorded=\u65E0\u4FE1\u606F\u8BB0\u5F55
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/PluginWrapper/uninstall_zh_CN.properties b/core/src/main/resources/hudson/PluginWrapper/uninstall_zh_CN.properties
deleted file mode 100644
index d9f59658a8..0000000000
--- a/core/src/main/resources/hudson/PluginWrapper/uninstall_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-title=\u5378\u8F7D {0} \u63D2\u4EF6
-msg=\u4F60\u6B63\u5728\u5378\u8F7D <b>{0}</b> \u63D2\u4EF6\u3002\u8FD9\u5C06\u4F1A\u4ECE$JENKINS_HOME\u4E2D\u5220\u9664\uFF0C\u4F46\u662F\u914D\u7F6E\u6587\u4EF6\u4F1A\u88AB\u4FDD\u7559\u3002
-Yes=\u786E\u5B9A
diff --git a/core/src/main/resources/hudson/ProxyConfiguration/config_zh_CN.properties b/core/src/main/resources/hudson/ProxyConfiguration/config_zh_CN.properties
deleted file mode 100644
index c4a7530391..0000000000
--- a/core/src/main/resources/hudson/ProxyConfiguration/config_zh_CN.properties
+++ /dev/null
@@ -1,39 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Check\ now=\u7ACB\u5373\u83B7\u53D6
-File=\u6587\u4EF6
-HTTP\ Proxy\ Configuration=\u4EE3\u7406\u8BBE\u7F6E
-Password=\u5BC6\u7801
-Port=\u7AEF\u53E3
-Server=\u670D\u52A1\u5668
-Submit=\u63D0\u4EA4
-URL=URL
-Update\ Site=\u5347\u7EA7\u7AD9\u70B9
-Upload=\u4E0A\u4F20
-Upload\ Plugin=\u4E0A\u4F20\u63D2\u4EF6
-User\ name=\u7528\u6237\u540D
-lastUpdated=\u66F4\u65B0\u4FE1\u606F\u83B7\u53D6\u4E8E{0}\u524D
-uploadtext=\u60A8\u53EF\u4EE5\u901A\u8FC7\u4E0A\u4F20\u4E00\u4E2A.hpi\u6587\u4EF6\u6765\u5B89\u88C5\u63D2\u4EF6\u3002
-No\ Proxy\ Host=\u4E0D\u901A\u8FC7\u4EE3\u7406\u7684\u4E3B\u673A
-Validate\ Proxy=\u9A8C\u8BC1\u4EE3\u7406
-Test\ URL=\u6D4B\u8BD5 URL
diff --git a/core/src/main/resources/hudson/cli/CLIAction/index_zh_CN.properties b/core/src/main/resources/hudson/cli/CLIAction/index_zh_CN.properties
deleted file mode 100644
index bd6ca6d779..0000000000
--- a/core/src/main/resources/hudson/cli/CLIAction/index_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Available\ Commands=\u53EF\u7528\u7684\u547D\u4EE4
-Jenkins\ CLI=Jenkins \u547d\u4ee4\u884c
-blurb=\u4F60\u53EF\u4EE5\u901A\u8FC7\u547D\u4EE4\u884C\u5DE5\u5177\u64CD\u4F5CJenkins\u7684\u8BB8\u591A\u7279\u6027\u3002\u4F60\u53EF\u4EE5\u901A\u8FC7 <a href="https://jenkins.io/redirect/cli">Wiki</a>\u83B7\u5F97\u66F4\u591A\u4FE1\u606F\u3002\u4F5C\u4E3A\u5F00\u59CB\uFF0C\u4F60\u53EF\u4EE5\u4E0B\u8F7D<a href="{0}/jnlpJars/jenkins-cli.jar">jenkins-cli.jar</a>\uFF0C\u7136\u540E\u8FD0\u884C\u4E0B\u5217\u547D\u4EE4\uFF1A
diff --git a/core/src/main/resources/hudson/diagnosis/HudsonHomeDiskUsageMonitor/index_zh_CN.properties b/core/src/main/resources/hudson/diagnosis/HudsonHomeDiskUsageMonitor/index_zh_CN.properties
deleted file mode 100644
index 6ad181e8e7..0000000000
--- a/core/src/main/resources/hudson/diagnosis/HudsonHomeDiskUsageMonitor/index_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-blurb=<tt>JENKINS_HOME</tt> \u5C31\u5FEB\u8981\u7A7A\u95F4\u4E0D\u8DB3\u4E86
-description.2=\u8981\u89E3\u51B3\u8FD9\u4E2A\u95EE\u9898\uFF0C\u4F60\u5E94\u8BE5\u73B0\u5728\u5C31\u6709\u6240\u884C\u52A8\u3002
-solution.1=\u6E05\u7406\u4E00\u4E0B\u8FD9\u4E2A\u78C1\u76D8\u5206\u533A\u4E00\u8FB9\u817E\u51FA\u66F4\u591A\u7684\u7A7A\u95F4\u3002
diff --git a/core/src/main/resources/hudson/diagnosis/HudsonHomeDiskUsageMonitor/message_zh_CN.properties b/core/src/main/resources/hudson/diagnosis/HudsonHomeDiskUsageMonitor/message_zh_CN.properties
deleted file mode 100644
index 81263a6e4e..0000000000
--- a/core/src/main/resources/hudson/diagnosis/HudsonHomeDiskUsageMonitor/message_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Dismiss=\u4E0D\u518D\u663E\u793A
-Tell\ me\ more=\u66F4\u591A\u4FE1\u606F
-blurb=\u4F60\u7684 Jenkins \u6570\u636E\u76EE\u5F55 "{0}" (AKA <tt>JENKINS_HOME</tt>) \u5C31\u5FEB\u8981\u7A7A\u95F4\u4E0D\u8DB3\u4E86\u3002\u4F60\u5E94\u8BE5\u5728\u5B83\u88AB\u5B8C\u5168\u6491\u6EE1\u4E4B\u524D\u5C31\u6709\u6240\u884C\u52A8\u3002
diff --git a/core/src/main/resources/hudson/diagnosis/OldDataMonitor/manage_zh_CN.properties b/core/src/main/resources/hudson/diagnosis/OldDataMonitor/manage_zh_CN.properties
deleted file mode 100644
index 1ebe0c9ff0..0000000000
--- a/core/src/main/resources/hudson/diagnosis/OldDataMonitor/manage_zh_CN.properties
+++ /dev/null
@@ -1,7 +0,0 @@
-# This file is under the MIT License by authors
-
-Manage\ Old\ Data=\u7BA1\u7406\u65E7\u6570\u636E
-Name=\u540D\u79F0
-No\ old\ data\ was\ found.=\u672A\u627E\u5230\u65E7\u6570\u636E
-Type=\u7C7B\u578B
-Version=\u7248\u672C
diff --git a/core/src/main/resources/hudson/diagnosis/OldDataMonitor/message_zh_CN.properties b/core/src/main/resources/hudson/diagnosis/OldDataMonitor/message_zh_CN.properties
deleted file mode 100644
index 9b9b0c3a7c..0000000000
--- a/core/src/main/resources/hudson/diagnosis/OldDataMonitor/message_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2013, Sun Microsystems, Inc., Kohsuke Kawaguchi, Pei-Tang Huang,
-# and a number of other of contributers
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-You\ have\ data\ stored\ in\ an\ older\ format\ and/or\ unreadable\ data.=\u60A8\u7684\u5B58\u50A8\u4E2D\u6709\u65E0\u6CD5\u8BFB\u53D6\u6216\u8005\u65E7\u7684\u6570\u636E\u683C\u5F0F\u3002
-Manage=\u7BA1\u7406
-Dismiss=\u4E0D\u518D\u663E\u793A
diff --git a/core/src/main/resources/hudson/diagnosis/ReverseProxySetupMonitor/message_zh_CN.properties b/core/src/main/resources/hudson/diagnosis/ReverseProxySetupMonitor/message_zh_CN.properties
deleted file mode 100644
index 51a7112815..0000000000
--- a/core/src/main/resources/hudson/diagnosis/ReverseProxySetupMonitor/message_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Dismiss=\u4E0D\u518D\u663E\u793A
-More\ Info=\u66F4\u591A\u4FE1\u606F
-blurb=\u53CD\u5411\u4EE3\u7406\u8BBE\u7F6E\u6709\u8BEF
diff --git a/core/src/main/resources/hudson/diagnosis/TooManyJobsButNoView/message_zh_CN.properties b/core/src/main/resources/hudson/diagnosis/TooManyJobsButNoView/message_zh_CN.properties
deleted file mode 100644
index 4e530b5bdb..0000000000
--- a/core/src/main/resources/hudson/diagnosis/TooManyJobsButNoView/message_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-blurb=\u770B\u8D77\u4F86\u6709\u5927\u91CF\u7684\u4EFB\u52A1\u3002\u60A8\u662F\u5426\u77E5\u9053\u53EF\u4EE5\u628A\u4E0D\u540C\u7684\u4EFB\u52A1\u7EC4\u7EC7\u5230\u4E0D\u540C\u7684\u89C6\u56FE\u4E2D\uFF1F\
-  \u60A8\u968F\u65F6\u90FD\u53EF\u4EE5\u6309\u9801\u9762\u6700\u4E0A\u65B9\u7684 '+' \u4F86\u5EFA\u7ACB\u89C6\u56FE\u3002
-Create\ a\ view\ now=\u73B0\u5728\u521B\u5EFA\u4E00\u4E2A\u89C6\u56FE
-Dismiss=\u4E0D\u518D\u663E\u793A
diff --git a/core/src/main/resources/hudson/lifecycle/WindowsInstallerLink/index_zh_CN.properties b/core/src/main/resources/hudson/lifecycle/WindowsInstallerLink/index_zh_CN.properties
deleted file mode 100644
index 2b41052d8f..0000000000
--- a/core/src/main/resources/hudson/lifecycle/WindowsInstallerLink/index_zh_CN.properties
+++ /dev/null
@@ -1,6 +0,0 @@
-# This file is under the MIT License by authors
-
-Install=\u5B89\u88C5
-Install\ as\ Windows\ Service=\u5B89\u88C5\u4E3AWindows\u670D\u52A1
-Installation\ Directory=\u5B89\u88C5\u76EE\u5F55
-installBlurb=\u5C06Jenkins \u5B89\u88C5\u4E3AWindows\u7CFB\u7EDF\u670D\u52A1\u4EE5\u4FBFJenkins\u80FD\u5F00\u673A\u81EA\u52A8\u542F\u52A8\u3002
diff --git a/core/src/main/resources/hudson/logging/LogRecorder/sidepanel_zh_CN.properties b/core/src/main/resources/hudson/logging/LogRecorder/sidepanel_zh_CN.properties
deleted file mode 100644
index 87bed4cdb7..0000000000
--- a/core/src/main/resources/hudson/logging/LogRecorder/sidepanel_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Back\ to\ Loggers=\u8FD4\u56DE
-Configure=\u8BBE\u7F6E
-Delete=\u5220\u9664
-Log\ records=\u65E5\u5FD7\u8BB0\u5F55
diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/all_zh_CN.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/all_zh_CN.properties
deleted file mode 100644
index 938db1442b..0000000000
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/all_zh_CN.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Jenkins\ Log=\u7CFB\u7EDF\u65E5\u5FD7
-Level=\u7B49\u7EA7
-Logger\ Configuration=\u65E5\u5FD7\u8BBE\u7F6E
-Name=\u540D\u79F0
-Submit=\u63D0\u4EA4
diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/feeds_zh_CN.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/feeds_zh_CN.properties
deleted file mode 100644
index c85eb60e70..0000000000
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/feeds_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
->\ SEVERE=\u670D\u52A1\u5668
->\ WARNING=\u8B66\u544A
-All=\u6240\u6709
diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/index_zh_CN.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/index_zh_CN.properties
deleted file mode 100644
index b9d7e37c31..0000000000
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/index_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Add\ new\ log\ recorder=\u6DFB\u52A0\u65B0\u7684\u65E5\u5FD7\u8BB0\u5F55\u5668
-All\ Jenkins\ Logs=\u6240\u6709\u7CFB\u7EDF\u65E5\u5FD7
-Log\ Recorders=\u65E5\u5FD7\u8BB0\u5F55\u5668
-Name=\u540D\u79F0
diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_zh_CN.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/levels_zh_CN.properties
deleted file mode 100644
index 0199ddf459..0000000000
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/levels_zh_CN.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Adjust\ Levels=\u914D\u7F6E\u7EA7\u522B
-Level=\u7EA7\u522B
-Logger\ Configuration=\u65E5\u5FD7\u914D\u7F6E
-Name=\u540D\u79F0
-defaultLoggerMsg=\u6CA1\u6709\u540D\u79F0\u7684\u662F\u9ED8\u8BA4\u65E5\u5FD7\u3002\u6240\u6709\u6CA1\u914D\u7F6E\u7EA7\u522B\u7684\u65E5\u5FD7\u5C06\u7EE7\u627F\u9ED8\u8BA4\u65E5\u5FD7
diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/new_zh_CN.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/new_zh_CN.properties
deleted file mode 100644
index fdd20db4f4..0000000000
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/new_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Name=\u540D\u79F0
diff --git a/core/src/main/resources/hudson/logging/LogRecorderManager/sidepanel_zh_CN.properties b/core/src/main/resources/hudson/logging/LogRecorderManager/sidepanel_zh_CN.properties
deleted file mode 100644
index 9585c4d98b..0000000000
--- a/core/src/main/resources/hudson/logging/LogRecorderManager/sidepanel_zh_CN.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-All\ Logs=\u6240\u6709\u65e5\u5fd7
-Back\ to\ Dashboard=\u8fd4\u56de
-Manage\ Jenkins=\u7cfb\u7edf\u7ba1\u7406
-Log\ Levels=\u65E5\u5FD7\u7EA7\u522B
-Logger\ List=\u65e5\u5fd7\u5217\u8868
-New\ Log\ Recorder=\u65b0\u5efa\u65e5\u5fd7\u8bb0\u5f55\u5668
diff --git a/core/src/main/resources/hudson/markup/EscapedMarkupFormatter/config_zh_CN.properties b/core/src/main/resources/hudson/markup/EscapedMarkupFormatter/config_zh_CN.properties
deleted file mode 100644
index 043dfbb86a..0000000000
--- a/core/src/main/resources/hudson/markup/EscapedMarkupFormatter/config_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-blurb=\u628A\u6240\u6709\u7684\u8F93\u5165\u90FD\u5F53\u4F5C\u7EAF\u6587\u672C\u3002HTML\u4E2D\u50CF < \u548C & \u7684\u4E0D\u5B89\u5168\u5B57\u7B26\u4F1A\u88AB\u8F6C\u4E49\u3002
diff --git a/core/src/main/resources/hudson/model/AbstractBuild/changes_zh_CN.properties b/core/src/main/resources/hudson/model/AbstractBuild/changes_zh_CN.properties
deleted file mode 100644
index 6577d3a8dd..0000000000
--- a/core/src/main/resources/hudson/model/AbstractBuild/changes_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Changes=\u53D8\u66F4\u8BB0\u5F55
diff --git a/core/src/main/resources/hudson/model/AbstractBuild/index_zh_CN.properties b/core/src/main/resources/hudson/model/AbstractBuild/index_zh_CN.properties
deleted file mode 100644
index 201e0fbb78..0000000000
--- a/core/src/main/resources/hudson/model/AbstractBuild/index_zh_CN.properties
+++ /dev/null
@@ -1,34 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Build=\u6784\u5efa
-Build\ Artifacts=\u6784\u5EFA\u4EA7\u751F\u6587\u4EF6
-Build\ number=\u6784\u5efa\u53f7
-Failed\ to\ determine=\u786E\u8BA4\u5931\u8D25
-Not\ yet\ determined=\u8FD8\u672A\u786E\u5B9A
-Permalinks=\u6c38\u4e45\u8fde\u63a5
-Took=\u6784\u5EFA\u7528\u65F6\uFF1A
-beingExecuted=\u6784\u5EFA\u5DF2\u7ECF\u8FDB\u884C\u4E86{0}
-detail=\u8BE6\u7EC6\u5185\u5BB9
-log=\u65E5\u5FD7
-on=\u8FD0\u884C\u4E8E
-startedAgo=\u542F\u52A8\u65F6\u95F4\uFF1A{0}
diff --git a/core/src/main/resources/hudson/model/AbstractBuild/sidepanel_zh_CN.properties b/core/src/main/resources/hudson/model/AbstractBuild/sidepanel_zh_CN.properties
deleted file mode 100644
index 7d66b4b014..0000000000
--- a/core/src/main/resources/hudson/model/AbstractBuild/sidepanel_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Next\ Build=\u540E\u4E00\u6B21\u751F\u6210
-Previous\ Build=\u524D\u4E00\u6B21\u6784\u5EFA
diff --git a/core/src/main/resources/hudson/model/AbstractBuild/tasks_zh_CN.properties b/core/src/main/resources/hudson/model/AbstractBuild/tasks_zh_CN.properties
deleted file mode 100644
index 1747ae8581..0000000000
--- a/core/src/main/resources/hudson/model/AbstractBuild/tasks_zh_CN.properties
+++ /dev/null
@@ -1,30 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Back\ to\ Project=\u8FD4\u56DE\u5230\u5DE5\u7A0B
-Changes=\u53D8\u66F4\u8BB0\u5F55
-Console\ Output=\u63A7\u5236\u53F0\u8F93\u51FA
-View\ as\ plain\ text=\u4EE5\u7EAF\u6587\u672C\u65B9\u5F0F\u67E5\u770B
-Edit\ Build\ Information=\u7F16\u8F91\u7F16\u8BD1\u4FE1\u606F
-Status=\u72B6\u6001\u96C6
-View\ Build\ Information=\u67E5\u770B\u751F\u6210\u4FE1\u606F
-raw=\u539F\u6587\u4EF6
diff --git a/core/src/main/resources/hudson/model/AbstractItem/confirm-rename_zh_CN.properties b/core/src/main/resources/hudson/model/AbstractItem/confirm-rename_zh_CN.properties
deleted file mode 100644
index 67fed55f7c..0000000000
--- a/core/src/main/resources/hudson/model/AbstractItem/confirm-rename_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-DescribeRename=\u91cd\u547d\u540d {0} {1}
-NewName=\u65b0\u540d\u79f0
-Rename=\u91cd\u547d\u540d
diff --git a/core/src/main/resources/hudson/model/AbstractItem/delete_zh_CN.properties b/core/src/main/resources/hudson/model/AbstractItem/delete_zh_CN.properties
deleted file mode 100644
index adef472d90..0000000000
--- a/core/src/main/resources/hudson/model/AbstractItem/delete_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Are\ you\ sure\ about\ deleting\ the\ job?=\u786E\u5B9A\u8981\u5220\u9664\u5F53\u524D\u4EFB\u52A1\u5417\uFF1F
-Yes=\u662F
-blurb=\u786E\u5B9A\u8981\u5220\u9664\u9879\u76EE"{1}"?
diff --git a/core/src/main/resources/hudson/model/AbstractItem/noWorkspace_zh_CN.properties b/core/src/main/resources/hudson/model/AbstractItem/noWorkspace_zh_CN.properties
deleted file mode 100644
index 44e806f922..0000000000
--- a/core/src/main/resources/hudson/model/AbstractItem/noWorkspace_zh_CN.properties
+++ /dev/null
@@ -1,33 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Error\:\ no\ workspace=\u9519\u8BEF\uFF1A\u6CA1\u6709\u5DE5\u4F5C\u7A7A\u95F4
-There's\ no\ workspace\ for\ this\ project.\ Possible\ reasons\ are\:=\u6B64\u9879\u76EE\u6CA1\u6709\u5DE5\u4F5C\u7A7A\u95F4\u3002\u53EF\u80FD\u7684\u539F\u56E0\u5982\u4E0B\uFF1A
-li3=\u6B64\u5DE5\u4F5C\u7A7A\u95F4\u7684\u76EE\u5F55({0})\u5728Jenkins\u4E4B\u5916\u88AB\u79FB\u9664
-text=<a href="{0}/{1}build">\u6267\u884C\u6784\u5EFA</a>\u4F7FJenkins\u521B\u5EFA\u5DE5\u4F5C\u533A
-A\ project\ won't\ have\ any\ workspace\ until\ at\ least\ one\ build\ is\ performed.=\u5de5\u7a0b\u81f3\u5c11\u6267\u884c\u8fc7\u4e00\u6b21\u624d\u4f1a\u6709\u5de5\u4f5c\u7a7a\u95f4\u3002
-The\ project\ was\ renamed\ recently\ and\ no\ build\ was\ done\ under\ the\ new\ name.=\
-  \u5f53\u524d\u5de5\u7a0b\u6700\u8fd1\u91cd\u547d\u540d\u8fc7\uff0c\u800c\u4e14\u4e4b\u540e\u6ca1\u6709\u6784\u5efa\u8fc7\u3002
-The\ agent\ this\ project\ has\ run\ on\ for\ the\ last\ time\ was\ removed.=\
-  \u6700\u8fd1\u8fd0\u884c\u4e86\u5f53\u524d\u5de5\u7a0b\u7684\u8282\u70b9\u88ab\u79fb\u9664\u3002
-The\ workspace\ was\ wiped\ out\ and\ no\ build\ has\ been\ done\ since\ then.=\
-  \u5de5\u4f5c\u7a7a\u95f4\u6e05\u7a7a\u540e\u6ca1\u6709\u518d\u6b21\u6784\u5efa\u3002
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/model/AbstractModelObject/error_zh_CN.properties b/core/src/main/resources/hudson/model/AbstractModelObject/error_zh_CN.properties
deleted file mode 100644
index 49aab8bb55..0000000000
--- a/core/src/main/resources/hudson/model/AbstractModelObject/error_zh_CN.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-Error=\u51FA\u9519\u5566
diff --git a/core/src/main/resources/hudson/model/AbstractProject/changes_zh_CN.properties b/core/src/main/resources/hudson/model/AbstractProject/changes_zh_CN.properties
deleted file mode 100644
index 18857cd640..0000000000
--- a/core/src/main/resources/hudson/model/AbstractProject/changes_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Changes=\u4FEE\u6539\u8BB0\u5F55
diff --git a/core/src/main/resources/hudson/model/AbstractProject/configure-common_zh_CN.properties b/core/src/main/resources/hudson/model/AbstractProject/configure-common_zh_CN.properties
deleted file mode 100644
index 6cf6e9d5d4..0000000000
--- a/core/src/main/resources/hudson/model/AbstractProject/configure-common_zh_CN.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Advanced\ Project\ Options=\u9ad8\u7ea7\u9879\u76ee\u9009\u9879
-Display\ Name=\u663e\u793a\u540d\u79f0
-JDK\ to\ be\ used\ for\ this\ project=\u9879\u76ee\u4f7f\u7528\u7684JDK
-Restrict\ where\ this\ project\ can\ be\ run=\u6307\u5b9a\u4ece\u8282\u70b9\u6807\u7b7e
-default.value=(\u9ed8\u8ba4)
-Keep\ the\ build\ logs\ of\ dependencies=\u4fdd\u7559\u6784\u5efa\u7684\u4f9d\u8d56\u65e5\u5fd7
diff --git a/core/src/main/resources/hudson/model/AbstractProject/main_zh_CN.properties b/core/src/main/resources/hudson/model/AbstractProject/main_zh_CN.properties
deleted file mode 100644
index 3ad95d17a1..0000000000
--- a/core/src/main/resources/hudson/model/AbstractProject/main_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Last\ Successful\ Artifacts=\u6700\u540E\u4E00\u6B21\u6210\u529F\u7684\u6784\u5EFA\u7ED3\u679C
-Recent\ Changes=\u6700\u65B0\u4FEE\u6539\u8BB0\u5F55
-Workspace=\u5DE5\u4F5C\u533A
diff --git a/core/src/main/resources/hudson/model/AbstractProject/sidepanel_zh_CN.properties b/core/src/main/resources/hudson/model/AbstractProject/sidepanel_zh_CN.properties
deleted file mode 100644
index eb009ec925..0000000000
--- a/core/src/main/resources/hudson/model/AbstractProject/sidepanel_zh_CN.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Back\ to\ Dashboard=\u8fd4\u56de\u9762\u677f
-Changes=\u4fee\u6539\u8bb0\u5f55
-Status=\u72b6\u6001
-Wipe\ Out\ Workspace=\u6e05\u7406\u5de5\u4f5c\u7a7a\u95f4
-Workspace=\u5de5\u4f5c\u7a7a\u95f4
-wipe.out.confirm=\u786e\u5b9a\u60f3\u8981\u6e05\u7a7a\u5de5\u4f5c\u7a7a\u95f4\u5417\uff1f
diff --git a/core/src/main/resources/hudson/model/AllView/newViewDetail_zh_CN.properties b/core/src/main/resources/hudson/model/AllView/newViewDetail_zh_CN.properties
deleted file mode 100644
index 38dc4d8bc8..0000000000
--- a/core/src/main/resources/hudson/model/AllView/newViewDetail_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-blurb=\u8BE5\u89C6\u56FE\u663E\u793AJenkins\u4E2D\u6240\u6709\u7684\u4EFB\u52A1\u3002  
diff --git a/core/src/main/resources/hudson/model/AllView/noJob_zh_CN.properties b/core/src/main/resources/hudson/model/AllView/noJob_zh_CN.properties
deleted file mode 100644
index be0c4f302e..0000000000
--- a/core/src/main/resources/hudson/model/AllView/noJob_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Welcome\ to\ Jenkins!=\u6B22\u8FCE\u6765\u5230 Jenkins!
-login=<a href="{0}/{1}?from={2}">\u767B\u5F55</a>\u4EE5\u521B\u5EFA jobs.
-newJob=\u5F00\u59CB<a href="newJob">\u521B\u5EFA\u4E00\u4E2A\u65B0\u4EFB\u52A1</a>.
-signup=\u5982\u679C\u60A8\u8FD8\u6CA1\u6709\u5E10\u6237\uFF0C\u60A8\u73B0\u5728\u53EF\u4EE5<a href="signup">\u6CE8\u518C</a>\u3002
diff --git a/core/src/main/resources/hudson/model/BooleanParameterDefinition/config_zh_CN.properties b/core/src/main/resources/hudson/model/BooleanParameterDefinition/config_zh_CN.properties
deleted file mode 100644
index ce517528d3..0000000000
--- a/core/src/main/resources/hudson/model/BooleanParameterDefinition/config_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-Name=\u540D\u79F0
-Default\ Value=\u9ED8\u8BA4\u503C
-Description=\u63CF\u8FF0
diff --git a/core/src/main/resources/hudson/model/BuildAuthorizationToken/config_zh_CN.properties b/core/src/main/resources/hudson/model/BuildAuthorizationToken/config_zh_CN.properties
deleted file mode 100644
index ae7ebca70e..0000000000
--- a/core/src/main/resources/hudson/model/BuildAuthorizationToken/config_zh_CN.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Authentication\ Token=\u8EAB\u4EFD\u9A8C\u8BC1\u4EE4\u724C
-Trigger\ builds\ remotely=\u89E6\u53D1\u8FDC\u7A0B\u6784\u5EFA
-Use\ the\ following\ URL\ to\ trigger\ build\ remotely:=\u4F7F\u7528\u4E0B\u5217URL\u6765\u89E6\u53D1\u8FDC\u7A0B\u6784\u5EFA
-e.g.,\ from\ scripts=\u4F8B\u5982,\u4F7F\u7528\u811A\u672C
-or=\u6216\u8005
diff --git a/core/src/main/resources/hudson/model/Cause/UpstreamCause/description_zh_CN.properties b/core/src/main/resources/hudson/model/Cause/UpstreamCause/description_zh_CN.properties
deleted file mode 100644
index 3c316130de..0000000000
--- a/core/src/main/resources/hudson/model/Cause/UpstreamCause/description_zh_CN.properties
+++ /dev/null
@@ -1,5 +0,0 @@
-# This file is under the MIT License by authors
-
-caused_by=\u89E6\u53D1\u6784\u5EFA
-started_by_project=\u7531\u4E0A\u6E38\u9879\u76EE <a class="model-link inside" href="{3}/{2}">{0}</a> \u6784\u5EFA\u53F7 <a class="model-link inside" href="{3}/{2}{1}/">{1}</a>
-started_by_project_with_deleted_build=\u7531\u4E0A\u6E38\u9879\u76EE <a class="model-link inside" href="{3}/{2}">{0}</a> \u6784\u5EFA\u53F7 {1}
diff --git a/core/src/main/resources/hudson/model/Cause/UserCause/description_zh_CN.properties b/core/src/main/resources/hudson/model/Cause/UserCause/description_zh_CN.properties
deleted file mode 100644
index 8e4afee84e..0000000000
--- a/core/src/main/resources/hudson/model/Cause/UserCause/description_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-started_by_user=\u542F\u52A8\u7528\u6237<a href="{1}/user/{0}">{0}</a>
diff --git a/core/src/main/resources/hudson/model/Cause/UserIdCause/description_zh_CN.properties b/core/src/main/resources/hudson/model/Cause/UserIdCause/description_zh_CN.properties
deleted file mode 100644
index a053ff7b95..0000000000
--- a/core/src/main/resources/hudson/model/Cause/UserIdCause/description_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2011, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-started_by_anonymous=\u7531\u533F\u540D\u7528\u6237\u89E6\u53D1
-started_by_user=\u542f\u52a8\u7528\u6237<a href="{2}/{0}">{1}</a>
diff --git a/core/src/main/resources/hudson/model/ChoiceParameterDefinition/config_zh_CN.properties b/core/src/main/resources/hudson/model/ChoiceParameterDefinition/config_zh_CN.properties
deleted file mode 100644
index 628e80119f..0000000000
--- a/core/src/main/resources/hudson/model/ChoiceParameterDefinition/config_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Name=\u540D\u79F0
-Choices=\u9009\u9879
-Description=\u63CF\u8FF0
diff --git a/core/src/main/resources/hudson/model/Computer/_api_zh_CN.properties b/core/src/main/resources/hudson/model/Computer/_api_zh_CN.properties
deleted file mode 100644
index fe83665bdf..0000000000
--- a/core/src/main/resources/hudson/model/Computer/_api_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Load\ Statistics=\u8d1f\u8f7d\u7edf\u8ba1
diff --git a/core/src/main/resources/hudson/model/Computer/builds_zh_CN.properties b/core/src/main/resources/hudson/model/Computer/builds_zh_CN.properties
deleted file mode 100644
index fd2c54e0e5..0000000000
--- a/core/src/main/resources/hudson/model/Computer/builds_zh_CN.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-title={0}\u4E0A\u7684\u6784\u5EFA\u5386\u53F2
diff --git a/core/src/main/resources/hudson/model/Computer/configure_zh_CN.properties b/core/src/main/resources/hudson/model/Computer/configure_zh_CN.properties
deleted file mode 100644
index b76bbc325a..0000000000
--- a/core/src/main/resources/hudson/model/Computer/configure_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-title={0} \u8BBE\u7F6E
-Name=\u540D\u79F0
-Save=\u4FDD\u5B58
diff --git a/core/src/main/resources/hudson/model/Computer/index_zh_CN.properties b/core/src/main/resources/hudson/model/Computer/index_zh_CN.properties
deleted file mode 100644
index a6f6a29eff..0000000000
--- a/core/src/main/resources/hudson/model/Computer/index_zh_CN.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2018, Sun Microsystems, Inc, suren <zxjlwt@126.com>.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Labels:=\u6807\u7B7E
-None=\u65E0
-submit.not.temporarilyOffline=\u4E34\u65F6\u65AD\u5F00\u6B64\u8282\u70B9
-title.projects_tied_on=\u5173\u8054\u5230{0}\u7684\u9879\u76EE
-submit.temporarilyOffline=\u4e0a\u7ebf\u8282\u70b9
-submit.updateOfflineCause=\u66f4\u65b0\u4e0b\u7ebf\u539f\u56e0
diff --git a/core/src/main/resources/hudson/model/Computer/markOffline_zh_CN.properties b/core/src/main/resources/hudson/model/Computer/markOffline_zh_CN.properties
deleted file mode 100644
index 99ee4b527e..0000000000
--- a/core/src/main/resources/hudson/model/Computer/markOffline_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-title=\u8ba9 {0} \u4e0b\u7ebf
-blurb=\u4f60\u53ef\u4ee5\u89e3\u91ca\u4f7f\u8be5\u8282\u70b9\u4e0b\u7ebf\u7684\u539f\u56e0\uff08\u975e\u5fc5\u586b\uff09\uff0c\u4ee5\u4fbf\u8ba9\u5176\u4ed6\u4eba\u4e86\u89e3\uff1a
-submit=\u8ba9\u8be5\u8282\u70b9\u4e34\u65f6\u4e0b\u7ebf
diff --git a/core/src/main/resources/hudson/model/Computer/setOfflineCause_zh_CN.properties b/core/src/main/resources/hudson/model/Computer/setOfflineCause_zh_CN.properties
deleted file mode 100644
index d33512a105..0000000000
--- a/core/src/main/resources/hudson/model/Computer/setOfflineCause_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-title=\u8bbe\u7f6e {0} \u4e0b\u7ebf\u539f\u56e0
-blurb=\u4f60\u53ef\u4ee5\u8bbe\u7f6e\u6216\u8005\u66f4\u65b0\u8be5\u8282\u70b9\u4e0b\u7ebf\u7684\u539f\u56e0\uff0c\u4ee5\u4fbf\u8ba9\u5176\u4ed6\u4eba\u4e86\u89e3\uff1a
-submit=\u66f4\u65b0\u539f\u56e0
diff --git a/core/src/main/resources/hudson/model/Computer/sidepanel_zh_CN.properties b/core/src/main/resources/hudson/model/Computer/sidepanel_zh_CN.properties
deleted file mode 100644
index 4757829803..0000000000
--- a/core/src/main/resources/hudson/model/Computer/sidepanel_zh_CN.properties
+++ /dev/null
@@ -1,29 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2018, Sun Microsystems, Inc, suren <zxjlwt@126.com>.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Back\ to\ List=\u8fd4\u56de\u5217\u8868
-Build\ History=\u6784\u5efa\u5386\u53f2
-Configure=\u914D\u7F6E\u4ECE\u8282\u70B9
-Load\ Statistics=\u8d1f\u8f7d\u7edf\u8ba1
-Script\ Console=\u811a\u672c\u547d\u4ee4\u884c
-Status=\u72b6\u6001
-Delete\ Agent=\u5220\u9664\u8282\u70b9
diff --git a/core/src/main/resources/hudson/model/ComputerSet/_new_zh_CN.properties b/core/src/main/resources/hudson/model/ComputerSet/_new_zh_CN.properties
deleted file mode 100644
index 08b2b7be72..0000000000
--- a/core/src/main/resources/hudson/model/ComputerSet/_new_zh_CN.properties
+++ /dev/null
@@ -1,5 +0,0 @@
-# This file is under the MIT License by authors
-
-Name=\u540D\u5B57
-Name\ is\ mandatory=\u540D\u79F0\uFF08\u5FC5\u586B\uFF09
-Save=\u4fdd\u5b58
diff --git a/core/src/main/resources/hudson/model/ComputerSet/configure_zh_CN.properties b/core/src/main/resources/hudson/model/ComputerSet/configure_zh_CN.properties
deleted file mode 100644
index ba65c4e624..0000000000
--- a/core/src/main/resources/hudson/model/ComputerSet/configure_zh_CN.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is under the MIT License by authors
-
-OK=\u786E\u8BA4
-Preventive\ Node\ Monitoring=\u9632\u5FA1\u6027\u8282\u70B9\u68C0\u6D4B
diff --git a/core/src/main/resources/hudson/model/ComputerSet/index_zh_CN.properties b/core/src/main/resources/hudson/model/ComputerSet/index_zh_CN.properties
deleted file mode 100644
index ca6e959922..0000000000
--- a/core/src/main/resources/hudson/model/ComputerSet/index_zh_CN.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2018, Sun Microsystems, Inc, suren <zxjlwt@126.com>.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Nodes=\u8282\u70b9\u5217\u8868
-Configure=\u8BBE\u7F6E
-Data\ obtained=\u83B7\u53D6\u5230\u7684\u6570\u636E
-Name=\u540D\u79F0
-Refresh\ status=\u5237\u65B0\u72B6\u6001
diff --git a/core/src/main/resources/hudson/model/ComputerSet/new_zh_CN.properties b/core/src/main/resources/hudson/model/ComputerSet/new_zh_CN.properties
deleted file mode 100644
index 9db496c9ed..0000000000
--- a/core/src/main/resources/hudson/model/ComputerSet/new_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Copy\ Existing\ Node=\u590D\u5236\u73B0\u6709\u8282\u70B9
-Node\ name=\u8282\u70B9\u540D\u79F0
diff --git a/core/src/main/resources/hudson/model/ComputerSet/sidepanel_zh_CN.properties b/core/src/main/resources/hudson/model/ComputerSet/sidepanel_zh_CN.properties
deleted file mode 100644
index 0b167ecd6d..0000000000
--- a/core/src/main/resources/hudson/model/ComputerSet/sidepanel_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2018, Sun Microsystems, Inc, suren <zxjlwt@126.com>.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Back\ to\ Dashboard=\u8fd4\u56de\u5de5\u4f5c\u53f0
-Manage\ Jenkins=\u7cfb\u7edf\u7ba1\u7406
-Configure=\u914D\u7F6E
-New\ Node=\u65b0\u5efa\u8282\u70b9
diff --git a/core/src/main/resources/hudson/model/DirectoryBrowserSupport/dir_zh_CN.properties b/core/src/main/resources/hudson/model/DirectoryBrowserSupport/dir_zh_CN.properties
deleted file mode 100644
index 3210f74de7..0000000000
--- a/core/src/main/resources/hudson/model/DirectoryBrowserSupport/dir_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-No\ files\ in\ directory=\u7A7A\u76EE\u5F55
-all\ files\ in\ zip=\u6253\u5305\u4E0B\u8F7D\u5168\u90E8\u6587\u4EF6
-view=\u67E5\u770B
diff --git a/core/src/main/resources/hudson/model/FileParameterDefinition/config_zh_CN.properties b/core/src/main/resources/hudson/model/FileParameterDefinition/config_zh_CN.properties
deleted file mode 100644
index 15c668fdb4..0000000000
--- a/core/src/main/resources/hudson/model/FileParameterDefinition/config_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-File\ location=\u6587\u4EF6\u8DEF\u5F84
-Description=\u63CF\u8FF0
diff --git a/core/src/main/resources/hudson/model/JDK/config_zh_CN.properties b/core/src/main/resources/hudson/model/JDK/config_zh_CN.properties
deleted file mode 100644
index 3259f35015..0000000000
--- a/core/src/main/resources/hudson/model/JDK/config_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2004-2010, Sun Microsystems, Inc., Kohsuke Kawaguchi, Simon Wiest
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Name=\u522b\u540d
diff --git a/core/src/main/resources/hudson/model/Job/buildTimeTrend_zh_CN.properties b/core/src/main/resources/hudson/model/Job/buildTimeTrend_zh_CN.properties
deleted file mode 100644
index 89dd54c9e5..0000000000
--- a/core/src/main/resources/hudson/model/Job/buildTimeTrend_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Build=\u6784\u5efa
-Build\ Time\ Trend=\u6784\u5EFA\u65F6\u95F4\u8D8B\u52BF
-Duration=\u6301\u7eed\u65f6\u95f4
-Timeline=\u65F6\u95F4\u8F74
diff --git a/core/src/main/resources/hudson/model/Job/configure_zh_CN.properties b/core/src/main/resources/hudson/model/Job/configure_zh_CN.properties
deleted file mode 100644
index 18ccf96a6a..0000000000
--- a/core/src/main/resources/hudson/model/Job/configure_zh_CN.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Description=\u63CF\u8FF0
-LOADING=\u52A0\u8F7D\u4E2D
-Apply=\u5E94\u7528
-Save=\u4FDD\u5B58
-Strategy=\u7B56\u7565
-name=\u9879\u76EE\u540D\u79F0
diff --git a/core/src/main/resources/hudson/model/Job/index_zh_CN.properties b/core/src/main/resources/hudson/model/Job/index_zh_CN.properties
deleted file mode 100644
index 76e27e45d5..0000000000
--- a/core/src/main/resources/hudson/model/Job/index_zh_CN.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is under the MIT License by authors
-
-Disable\ Project=\u7981\u7528\u9879\u76EE
-Project\ name=\u9879\u76EE\u540D\u79F0
diff --git a/core/src/main/resources/hudson/model/Job/permalinks_zh_CN.properties b/core/src/main/resources/hudson/model/Job/permalinks_zh_CN.properties
deleted file mode 100644
index e5d6f08317..0000000000
--- a/core/src/main/resources/hudson/model/Job/permalinks_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Permalinks=\u76F8\u5173\u94FE\u63A5
-Restrict\ where\ this\ project\ can\ be\ run=\u9650\u5236\u9879\u76EE\u7684\u8FD0\u884C\u8282\u70B9
-Label\ Expression=\u6807\u7B7E\u8868\u8FBE\u5F0F
diff --git a/core/src/main/resources/hudson/model/ListView/configure-entries_zh_CN.properties b/core/src/main/resources/hudson/model/ListView/configure-entries_zh_CN.properties
deleted file mode 100644
index 5264325bf7..0000000000
--- a/core/src/main/resources/hudson/model/ListView/configure-entries_zh_CN.properties
+++ /dev/null
@@ -1,34 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Add\ column=\u6DFB\u52A0\u5217
-All\ selected\ jobs=\u6240\u6709\u9009\u62E9\u7684\u4EFB\u52A1
-Columns=\u5217
-Disabled\ jobs\ only=\u53EA\u663E\u793A\u7981\u7528\u7684\u4EFB\u52A1
-Enabled\ jobs\ only=\u53EA\u663E\u793A\u542F\u7528\u7684\u4EFB\u52A1
-Job\ Filters=\u4EFB\u52A1\u8FC7\u6EE4\u5668
-Regular\ expression=\u6B63\u5219\u8868\u8FBE\u5F0F
-Status\ Filter=\u72B6\u6001\u8FC7\u6EE4
-Recurse\ in\ subfolders=\u904D\u5386\u5B50\u6587\u4EF6\u5939
-Jobs=\u4EFB\u52A1\u5217\u8868
-Use\ a\ regular\ expression\ to\ include\ jobs\ into\ the\ view=\u4F7F\u7528\u6B63\u5219\u8868\u8FBE\u5F0F\u5728\u89C6\u56FE\u4E2D\u663E\u793A\u4EFB\u52A1
-Add\ Job\ Filter=\u589E\u52A0\u4EFB\u52A1\u8FC7\u6EE4\u5668
diff --git a/core/src/main/resources/hudson/model/ListView/newJobButtonBar_zh_CN.properties b/core/src/main/resources/hudson/model/ListView/newJobButtonBar_zh_CN.properties
deleted file mode 100644
index d5345a7bad..0000000000
--- a/core/src/main/resources/hudson/model/ListView/newJobButtonBar_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Add\ to\ current\ view=\u6DFB\u52A0\u5230\u5F53\u524D\u89C6\u56FE
diff --git a/core/src/main/resources/hudson/model/ListView/newViewDetail_zh_CN.properties b/core/src/main/resources/hudson/model/ListView/newViewDetail_zh_CN.properties
deleted file mode 100644
index 2b9cfff40e..0000000000
--- a/core/src/main/resources/hudson/model/ListView/newViewDetail_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-blurb=\u663E\u793A\u7B80\u5355\u5217\u8868\u3002\u4F60\u53EF\u4EE5\u4ECE\u4E2D\u9009\u62E9\u4EFB\u52A1\u6765\u663E\u793A\u5728\u67D0\u4E2A\u89C6\u56FE\u4E2D
diff --git a/core/src/main/resources/hudson/model/LoadStatistics/main_zh_CN.properties b/core/src/main/resources/hudson/model/LoadStatistics/main_zh_CN.properties
deleted file mode 100644
index 672dd28939..0000000000
--- a/core/src/main/resources/hudson/model/LoadStatistics/main_zh_CN.properties
+++ /dev/null
@@ -1,31 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Load\ statistics\ graph=\u52A0\u8F7D\u7EDF\u8BA1\u56FE
-Long=\u957F
-Medium=\u4E2D
-Short=\u77ED
-Timespan=\u65F6\u95F4\u95F4\u9694
-blurb=\u8D1F\u8F7D\u7EDF\u8BA1\u6301\u7EED\u8DDF\u8E2A\u8D44\u6E90\u6682\u7528\u7684\u4E09\u4E2A\u6838\u5FC3\u6570\u636E\uFF1A
-\u6267\u884C\u603B\u6570\uFF1A
-     \u8FD9\u4E2A\u6570\u503C\u4EE3\u8868\u4E00\u53F0\u8BA1\u7B97\u673A\u7684\u6267\u884C\u5355\u5143\u6570\u503C
-title=\u8D1F\u8F7D\u7EDF\u8BA1:{0}
diff --git a/core/src/main/resources/hudson/model/MyView/newViewDetail_zh_CN.properties b/core/src/main/resources/hudson/model/MyView/newViewDetail_zh_CN.properties
deleted file mode 100644
index fba0db8a81..0000000000
--- a/core/src/main/resources/hudson/model/MyView/newViewDetail_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-blurb=\
-  \u8BE5\u89C6\u56FE\u81EA\u52A8\u663E\u793A\u5F53\u524D\u7528\u6237\u6709\u6743\u9650\u8BBF\u95EE\u7684\u4EFB\u52A1
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/model/MyView/noJob_zh_CN.properties b/core/src/main/resources/hudson/model/MyView/noJob_zh_CN.properties
deleted file mode 100644
index c49b1f4db9..0000000000
--- a/core/src/main/resources/hudson/model/MyView/noJob_zh_CN.properties
+++ /dev/null
@@ -1 +0,0 @@
-blurb=\u5F53\u524D\u8BD5\u56FE\u4E2D\u6CA1\u6709\u4EFB\u52A1\u3002
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/model/MyViewsProperty/config_zh_CN.properties b/core/src/main/resources/hudson/model/MyViewsProperty/config_zh_CN.properties
deleted file mode 100644
index e55b3d3499..0000000000
--- a/core/src/main/resources/hudson/model/MyViewsProperty/config_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Default\ View=\u9ED8\u8BA4\u89C6\u56FE
-description=\u5F53\u5BFC\u822A\u4E3A\u7528\u6237\u7684\u79C1\u6709\u89C6\u56FE\u65F6\u5C06\u4F1A\u9ED8\u8BA4\u9009\u62E9\u8BE5\u89C6\u56FE
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/model/MyViewsProperty/newView_zh_CN.properties b/core/src/main/resources/hudson/model/MyViewsProperty/newView_zh_CN.properties
deleted file mode 100644
index 809ee9a343..0000000000
--- a/core/src/main/resources/hudson/model/MyViewsProperty/newView_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-View\ name=\u89C6\u56FE\u540D\u79F0
diff --git a/core/src/main/resources/hudson/model/NoFingerprintMatch/index_zh_CN.properties b/core/src/main/resources/hudson/model/NoFingerprintMatch/index_zh_CN.properties
deleted file mode 100644
index 29bb36be7d..0000000000
--- a/core/src/main/resources/hudson/model/NoFingerprintMatch/index_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Back\ to\ Dashboard=\u8FD4\u56DE\u63A7\u5236\u53F0
-No\ matching\ record\ found=\u6CA1\u6709\u5BF9\u5E94\u7684\u8BB0\u5F55\u5B58\u5728
diff --git a/core/src/main/resources/hudson/model/ParametersAction/index_zh_CN.properties b/core/src/main/resources/hudson/model/ParametersAction/index_zh_CN.properties
deleted file mode 100644
index a798e8e216..0000000000
--- a/core/src/main/resources/hudson/model/ParametersAction/index_zh_CN.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is under the MIT License by authors
-
-Build=\u6267\u884C
-Parameters=\u6784\u5EFA\u53C2\u6570
diff --git a/core/src/main/resources/hudson/model/ParametersDefinitionProperty/config-details_zh_CN.properties b/core/src/main/resources/hudson/model/ParametersDefinitionProperty/config-details_zh_CN.properties
deleted file mode 100644
index 572578efad..0000000000
--- a/core/src/main/resources/hudson/model/ParametersDefinitionProperty/config-details_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Add\ Parameter=\u6DFB\u52A0\u53C2\u6570
diff --git a/core/src/main/resources/hudson/model/ParametersDefinitionProperty/index_zh_CN.properties b/core/src/main/resources/hudson/model/ParametersDefinitionProperty/index_zh_CN.properties
deleted file mode 100644
index b7919804a2..0000000000
--- a/core/src/main/resources/hudson/model/ParametersDefinitionProperty/index_zh_CN.properties
+++ /dev/null
@@ -1,5 +0,0 @@
-# This file is under the MIT License by authors
-
-Build=\u5F00\u59CB\u6784\u5EFA
-LOADING=\u8F7D\u5165
-description=\u9700\u8981\u5982\u4E0B\u53C2\u6570\u7528\u4E8E\u6784\u5EFA\u9879\u76EE:
diff --git a/core/src/main/resources/hudson/model/PasswordParameterDefinition/config_zh_CN.properties b/core/src/main/resources/hudson/model/PasswordParameterDefinition/config_zh_CN.properties
deleted file mode 100644
index 67cd3a0398..0000000000
--- a/core/src/main/resources/hudson/model/PasswordParameterDefinition/config_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Name=\u540D\u79F0
-Default\ Value=\u9ED8\u8BA4\u503C
-Description=\u63CF\u8FF0
diff --git a/core/src/main/resources/hudson/model/PermalinkProjectAction/Permalink/link_zh_CN.properties b/core/src/main/resources/hudson/model/PermalinkProjectAction/Permalink/link_zh_CN.properties
deleted file mode 100644
index 43b90f890c..0000000000
--- a/core/src/main/resources/hudson/model/PermalinkProjectAction/Permalink/link_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-format={0}({1}),{2}\u4E4B\u524D
diff --git a/core/src/main/resources/hudson/model/Run/KeepLogBuildBadge/badge_zh_CN.properties b/core/src/main/resources/hudson/model/Run/KeepLogBuildBadge/badge_zh_CN.properties
deleted file mode 100644
index 41cf883a61..0000000000
--- a/core/src/main/resources/hudson/model/Run/KeepLogBuildBadge/badge_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Keep\ this\ build\ forever=\u6C38\u4E45\u4FDD\u5B58\u6B64\u6B21\u7F16\u8BD1
diff --git a/core/src/main/resources/hudson/model/Run/configure_zh_CN.properties b/core/src/main/resources/hudson/model/Run/configure_zh_CN.properties
deleted file mode 100644
index f6696de4f6..0000000000
--- a/core/src/main/resources/hudson/model/Run/configure_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Description=\u63CF\u8FF0
-DisplayName=\u663E\u793A\u540D\u79F0
-LOADING=\u52A0\u8F7D\u4E2D
-Save=\u4FDD\u5B58
diff --git a/core/src/main/resources/hudson/model/Run/confirmDelete_zh_CN.properties b/core/src/main/resources/hudson/model/Run/confirmDelete_zh_CN.properties
deleted file mode 100644
index 6b705c7acc..0000000000
--- a/core/src/main/resources/hudson/model/Run/confirmDelete_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Are\ you\ sure\ about\ deleting\ the\ build?=\u4F60\u662F\u5426\u786E\u5B9A\u8981\u5220\u9664\u5F53\u524D\u6784\u5EFA\uFF1F
-Yes=\u786E\u5B9A
diff --git a/core/src/main/resources/hudson/model/Run/console_zh_CN.properties b/core/src/main/resources/hudson/model/Run/console_zh_CN.properties
deleted file mode 100644
index f8f564e645..0000000000
--- a/core/src/main/resources/hudson/model/Run/console_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Console\ Output=\u63A7\u5236\u53F0\u8F93\u51FA
-skipSome=\u8DF3\u8FC7 {0,number,integer} KB.. <a href="{1}">\u5B8C\u6574\u65E5\u5FD7</a>
diff --git a/core/src/main/resources/hudson/model/Run/delete_zh_CN.properties b/core/src/main/resources/hudson/model/Run/delete_zh_CN.properties
deleted file mode 100644
index be22c42d22..0000000000
--- a/core/src/main/resources/hudson/model/Run/delete_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Delete\ this\ build=\u5220\u9664\u672C\u6B21\u751F\u6210
diff --git a/core/src/main/resources/hudson/model/Run/logKeep_zh_CN.properties b/core/src/main/resources/hudson/model/Run/logKeep_zh_CN.properties
deleted file mode 100644
index 5a043373e5..0000000000
--- a/core/src/main/resources/hudson/model/Run/logKeep_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Don''t\ keep\ this\ build\ forever=\u53D6\u6D88\u6C38\u4E45\u4FDD\u7559
-Keep\ this\ build\ forever=\u6C38\u4E45\u4FDD\u7559\u8FD9\u6B21\u7F16\u8BD1
diff --git a/core/src/main/resources/hudson/model/RunParameterDefinition/config_zh_CN.properties b/core/src/main/resources/hudson/model/RunParameterDefinition/config_zh_CN.properties
deleted file mode 100644
index 22a181a57a..0000000000
--- a/core/src/main/resources/hudson/model/RunParameterDefinition/config_zh_CN.properties
+++ /dev/null
@@ -1,31 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Name=\u540D\u79F0
-Project=\u9879\u76EE
-Description=\u63CF\u8FF0
-
-All\ Builds=\u6240\u6709\u6784\u5EFA
-Successful\ Builds\ Only=\u6210\u529F\u7684\u6784\u5EFA
-Completed\ Builds\ Only=\u6267\u884C\u5B8C\u6210\u7684\u6784\u5EFA
-Stable\ Builds\ Only=\u7A33\u5B9A\u7684\u6784\u5EFA
-
diff --git a/core/src/main/resources/hudson/model/StringParameterDefinition/config_zh_CN.properties b/core/src/main/resources/hudson/model/StringParameterDefinition/config_zh_CN.properties
deleted file mode 100644
index f051916103..0000000000
--- a/core/src/main/resources/hudson/model/StringParameterDefinition/config_zh_CN.properties
+++ /dev/null
@@ -1,6 +0,0 @@
-# This file is under the MIT License by authors
-
-Default\ Value=\u9ED8\u8BA4\u503C
-Description=\u63CF\u8FF0
-Name=\u540D\u79F0
-Trim\ the\ string=\u6E05\u9664\u7A7A\u767D\u5B57\u7B26
diff --git a/core/src/main/resources/hudson/model/TextParameterDefinition/config_zh_CN.properties b/core/src/main/resources/hudson/model/TextParameterDefinition/config_zh_CN.properties
deleted file mode 100644
index 67cd3a0398..0000000000
--- a/core/src/main/resources/hudson/model/TextParameterDefinition/config_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Name=\u540D\u79F0
-Default\ Value=\u9ED8\u8BA4\u503C
-Description=\u63CF\u8FF0
diff --git a/core/src/main/resources/hudson/model/UpdateCenter/ConnectionCheckJob/row_zh_CN.properties b/core/src/main/resources/hudson/model/UpdateCenter/ConnectionCheckJob/row_zh_CN.properties
deleted file mode 100644
index 48f5525352..0000000000
--- a/core/src/main/resources/hudson/model/UpdateCenter/ConnectionCheckJob/row_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Preparation=\u51C6\u5907
diff --git a/core/src/main/resources/hudson/model/UpdateCenter/DownloadJob/Failure/status_zh_CN.properties b/core/src/main/resources/hudson/model/UpdateCenter/DownloadJob/Failure/status_zh_CN.properties
deleted file mode 100644
index 786ad6f920..0000000000
--- a/core/src/main/resources/hudson/model/UpdateCenter/DownloadJob/Failure/status_zh_CN.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is under the MIT License by authors
-
-Details=\u8BE6\u7EC6
-Failure=\u5931\u8D25
diff --git a/core/src/main/resources/hudson/model/UpdateCenter/DownloadJob/Installing/status_zh_CN.properties b/core/src/main/resources/hudson/model/UpdateCenter/DownloadJob/Installing/status_zh_CN.properties
deleted file mode 100644
index 0afb260980..0000000000
--- a/core/src/main/resources/hudson/model/UpdateCenter/DownloadJob/Installing/status_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Installing=\u5B89\u88C5\u4E2D
diff --git a/core/src/main/resources/hudson/model/UpdateCenter/DownloadJob/Pending/status_zh_CN.properties b/core/src/main/resources/hudson/model/UpdateCenter/DownloadJob/Pending/status_zh_CN.properties
deleted file mode 100644
index 758c6895e6..0000000000
--- a/core/src/main/resources/hudson/model/UpdateCenter/DownloadJob/Pending/status_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Pending=\u7B49\u5F85
diff --git a/core/src/main/resources/hudson/model/UpdateCenter/DownloadJob/Success/status_zh_CN.properties b/core/src/main/resources/hudson/model/UpdateCenter/DownloadJob/Success/status_zh_CN.properties
deleted file mode 100644
index f1c7c35164..0000000000
--- a/core/src/main/resources/hudson/model/UpdateCenter/DownloadJob/Success/status_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Success=\u5B8C\u6210
diff --git a/core/src/main/resources/hudson/model/UpdateCenter/RestartJenkinsJob/Pending/status_zh_CN.properties b/core/src/main/resources/hudson/model/UpdateCenter/RestartJenkinsJob/Pending/status_zh_CN.properties
deleted file mode 100644
index 758c6895e6..0000000000
--- a/core/src/main/resources/hudson/model/UpdateCenter/RestartJenkinsJob/Pending/status_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Pending=\u7B49\u5F85
diff --git a/core/src/main/resources/hudson/model/UpdateCenter/RestartJenkinsJob/row_zh_CN.properties b/core/src/main/resources/hudson/model/UpdateCenter/RestartJenkinsJob/row_zh_CN.properties
deleted file mode 100644
index 9cf0c29304..0000000000
--- a/core/src/main/resources/hudson/model/UpdateCenter/RestartJenkinsJob/row_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Restarting\ Jenkins=\u91CD\u542F Jenkins
diff --git a/core/src/main/resources/hudson/model/UpdateCenter/body_zh_CN.properties b/core/src/main/resources/hudson/model/UpdateCenter/body_zh_CN.properties
deleted file mode 100644
index 1992f0236d..0000000000
--- a/core/src/main/resources/hudson/model/UpdateCenter/body_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Go\ back\ to\ the\ top\ page=\u8FD4\u56DE\u9996\u9875
-warning=\u5B89\u88C5\u5B8C\u6210\u540E\u91CD\u542FJenkins(\u7A7A\u95F2\u65F6)
-you\ can\ start\ using\ the\ installed\ plugins\ right\ away=\u8FD4\u56DE\u9996\u9875\u4F7F\u7528\u5DF2\u7ECF\u5B89\u88C5\u597D\u7684\u63D2\u4EF6
diff --git a/core/src/main/resources/hudson/model/UpdateCenter/index_zh_CN.properties b/core/src/main/resources/hudson/model/UpdateCenter/index_zh_CN.properties
deleted file mode 100644
index 760601e6ae..0000000000
--- a/core/src/main/resources/hudson/model/UpdateCenter/index_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Installing\ Plugins/Upgrades=\u5B89\u88C5/\u66F4\u65B0 \u63D2\u4EF6\u4E2D
diff --git a/core/src/main/resources/hudson/model/UpdateCenter/sidepanel_zh_CN.properties b/core/src/main/resources/hudson/model/UpdateCenter/sidepanel_zh_CN.properties
deleted file mode 100644
index 9f98a8f7bd..0000000000
--- a/core/src/main/resources/hudson/model/UpdateCenter/sidepanel_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2011, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Back\ to\ Dashboard=\u8FD4\u56DE
-Manage\ Jenkins=\u7CFB\u7EDF\u7BA1\u7406
-Manage\ Plugins=\u63D2\u4EF6\u7BA1\u7406
diff --git a/core/src/main/resources/hudson/model/UsageStatistics/global_zh_CN.properties b/core/src/main/resources/hudson/model/UsageStatistics/global_zh_CN.properties
deleted file mode 100644
index a41c11606c..0000000000
--- a/core/src/main/resources/hudson/model/UsageStatistics/global_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Usage\ Statistics=\u4f7f\u7528\u7edf\u8ba1
-statsBlurb=\
-  \u901a\u8fc7\u53d1\u9001\u533f\u540d\u7684\u4f7f\u7528\u4fe1\u606f\u4ee5\u53ca\u7a0b\u5e8f\u5d29\u6e83\u62a5\u544a\u6765\u5e2e\u52a9Jenkins\u505a\u7684\u66f4\u597d\u3002
-
diff --git a/core/src/main/resources/hudson/model/User/builds_zh_CN.properties b/core/src/main/resources/hudson/model/User/builds_zh_CN.properties
deleted file mode 100644
index 88416f2cca..0000000000
--- a/core/src/main/resources/hudson/model/User/builds_zh_CN.properties
+++ /dev/null
@@ -1,22 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-title={0}\u7684\u6784\u5EFA
diff --git a/core/src/main/resources/hudson/model/User/configure_zh_CN.properties b/core/src/main/resources/hudson/model/User/configure_zh_CN.properties
deleted file mode 100644
index 3de7eb49ce..0000000000
--- a/core/src/main/resources/hudson/model/User/configure_zh_CN.properties
+++ /dev/null
@@ -1,6 +0,0 @@
-# This file is under the MIT License by authors
-
-title=\u7528\u6237 ''{0}'' \u914D\u7F6E
-Description=\u63cf\u8ff0
-Full\ name=\u8d26\u53f7\u540d\u79f0
-Save=\u4FDD\u5B58
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/model/User/delete_zh_CN.properties b/core/src/main/resources/hudson/model/User/delete_zh_CN.properties
deleted file mode 100644
index 2ea812e80a..0000000000
--- a/core/src/main/resources/hudson/model/User/delete_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Are\ you\ sure\ about\ deleting\ the\ user\ from\ Jenkins?=\u4F60\u786E\u5B9A\u8981\u4ECEJenkins\u4E2D\u5220\u9664\u8BE5\u7528\u6237\u5417\uFF1F
-Yes=\u786E\u5B9A
diff --git a/core/src/main/resources/hudson/model/User/index_zh_CN.properties b/core/src/main/resources/hudson/model/User/index_zh_CN.properties
deleted file mode 100644
index bf545f3ff2..0000000000
--- a/core/src/main/resources/hudson/model/User/index_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Jenkins\ User\ ID=Jenkins \u7528\u6237 ID
diff --git a/core/src/main/resources/hudson/model/User/sidepanel_zh_CN.properties b/core/src/main/resources/hudson/model/User/sidepanel_zh_CN.properties
deleted file mode 100644
index cfe5746e78..0000000000
--- a/core/src/main/resources/hudson/model/User/sidepanel_zh_CN.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-People=\u7528\u6237
-Builds=\u6784\u5efa
-Configure=\u8bbe\u7f6e
-Delete=\u5220\u9664
-My\ Views=\u6211\u7684\u89c6\u56fe
-Status=\u72b6\u6001
diff --git a/core/src/main/resources/hudson/model/View/AsynchPeople/index_zh_CN.properties b/core/src/main/resources/hudson/model/View/AsynchPeople/index_zh_CN.properties
deleted file mode 100644
index 33e44e8e49..0000000000
--- a/core/src/main/resources/hudson/model/View/AsynchPeople/index_zh_CN.properties
+++ /dev/null
@@ -1,30 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Last\ Active=\u6700\u540E\u6D3B\u52A8\u65F6\u95F4
-Name=\u540D\u79F0
-On=\u5728\u7EBF
-People=\u7528\u6237
-User\ ID=\u7528\u6237 ID
-blurb=\u5305\u542B\u6240\u6709\u5DF2\u77E5\u201C\u7528\u6237\u201D\uFF0C\u5305\u62EC\u5F53\u524D\u5B89\u5168\u57DF\u4E2D\u7684\u767B\u5F55ID\u548C\u5728\u53D8\u66F4\u8BB0\u5F55\u7684\u63D0\u4EA4\u4FE1\u7684\u606F\u91CC\u7684\u4EBA
-All\ People=\u6240\u6709\u4EBA
-Last\ Commit\ Activity=\u4E0A\u6B21\u63D0\u4EA4\u6D3B\u52A8
diff --git a/core/src/main/resources/hudson/model/View/People/index_zh_CN.properties b/core/src/main/resources/hudson/model/View/People/index_zh_CN.properties
deleted file mode 100644
index 129e7ddf3b..0000000000
--- a/core/src/main/resources/hudson/model/View/People/index_zh_CN.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-People=\u7528\u6237
diff --git a/core/src/main/resources/hudson/model/View/builds_zh_CN.properties b/core/src/main/resources/hudson/model/View/builds_zh_CN.properties
deleted file mode 100644
index fca6a32716..0000000000
--- a/core/src/main/resources/hudson/model/View/builds_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Export\ as\ plain\ XML=\u5BFC\u51FA\u4E3AXML
-buildHistory={0} \u7684\u6784\u5efa\u5386\u53f2
diff --git a/core/src/main/resources/hudson/model/View/configure_zh_CN.properties b/core/src/main/resources/hudson/model/View/configure_zh_CN.properties
deleted file mode 100644
index c274a96317..0000000000
--- a/core/src/main/resources/hudson/model/View/configure_zh_CN.properties
+++ /dev/null
@@ -1,9 +0,0 @@
-# This file is under the MIT License by authors
-
-Description=\u63CF\u8FF0
-Filter\ build\ executors=\u8FC7\u6EE4\u6784\u5EFA\u6267\u884C\u5668
-Filter\ build\ queue=\u8FC7\u6EE4\u6784\u5EFA\u961F\u5217
-Name=\u540D\u79F0
-OK=\u4FDD\u5B58
-Apply=\u5E94\u7528
-Edit\ View=\u7F16\u8F91\u89C6\u56FE
diff --git a/core/src/main/resources/hudson/model/View/delete_zh_CN.properties b/core/src/main/resources/hudson/model/View/delete_zh_CN.properties
deleted file mode 100644
index a5babeee82..0000000000
--- a/core/src/main/resources/hudson/model/View/delete_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Are\ you\ sure\ about\ deleting\ the\ view?=\u4F60\u786E\u5B9A\u8981\u5220\u9664\u8BE5\u89C6\u56FE\u5417\uFF1F
-Yes=\u786E\u5B9A
diff --git a/core/src/main/resources/hudson/model/View/index_zh_CN.properties b/core/src/main/resources/hudson/model/View/index_zh_CN.properties
deleted file mode 100644
index bbe633616d..0000000000
--- a/core/src/main/resources/hudson/model/View/index_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Dashboard=\u4EEA\u8868\u76D8
diff --git a/core/src/main/resources/hudson/model/View/newJobButtonBar_zh_CN.properties b/core/src/main/resources/hudson/model/View/newJobButtonBar_zh_CN.properties
deleted file mode 100644
index bfae4d0e43..0000000000
--- a/core/src/main/resources/hudson/model/View/newJobButtonBar_zh_CN.properties
+++ /dev/null
@@ -1 +0,0 @@
-OK=\u786E\u5B9A
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/model/View/newJob_zh_CN.properties b/core/src/main/resources/hudson/model/View/newJob_zh_CN.properties
deleted file mode 100644
index 9f6b147f28..0000000000
--- a/core/src/main/resources/hudson/model/View/newJob_zh_CN.properties
+++ /dev/null
@@ -1,32 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-CopyExisting=\u590D\u5236\u5DF2\u6709\u7684{0}
-
-JobName={0}\u540D\u79F0
-ItemName.validation.required=\u8BE5\u5B57\u6BB5\u4E0D\u80FD\u4E3A\u7A7A\uFF0C\u8BF7\u8F93\u5165\u4E00\u4E2A\u5408\u6CD5\u7684\u540D\u79F0
-ItemName.label=\u8F93\u5165\u4E00\u4E2A\u4EFB\u52A1\u540D\u79F0
-ItemName.help=\u5FC5\u586B\u9879
-CopyOption.label=\u590D\u5236
-CopyOption.placeholder=\u8F93\u5165\u81EA\u52A8\u5B8C\u6210
-CopyOption.description=\u5982\u679C\u4F60\u60F3\u6839\u636E\u4E00\u4E2A\u5DF2\u7ECF\u5B58\u5728\u7684\u4EFB\u52A1\u521B\u5EFA\uFF0C\u53EF\u4EE5\u4F7F\u7528\u8FD9\u4E2A\u9009\u9879
-NewJob=\u65B0\u5EFA{0}
diff --git a/core/src/main/resources/hudson/model/View/noJob_zh_CN.properties b/core/src/main/resources/hudson/model/View/noJob_zh_CN.properties
deleted file mode 100644
index f4d55a81c4..0000000000
--- a/core/src/main/resources/hudson/model/View/noJob_zh_CN.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is under the MIT License by authors
-
-description_1=\u8BE5\u89C6\u56FE\u4E0B\u76EE\u524D\u6CA1\u6709\u76F8\u5173\u7684\u4EFB\u52A1\u3002
-description_2=\u4F60\u53EF\u4EE5<a href="configure">\u6DFB\u52A0\u73B0\u6709\u7684\u4EFB\u52A1</a>\u5230\u8BE5\u89C6\u56FE\u4E2D\u6216\u8005\u5728\u8BE5\u8BE5\u89C6\u56FE\u4E2D<a href="newJob">\u521B\u5EFA\u4E00\u4E2A\u65B0\u7684\u4EFB\u52A1</a>\u3002
diff --git a/core/src/main/resources/hudson/model/View/sidepanel_zh_CN.properties b/core/src/main/resources/hudson/model/View/sidepanel_zh_CN.properties
deleted file mode 100644
index 182c409c8e..0000000000
--- a/core/src/main/resources/hudson/model/View/sidepanel_zh_CN.properties
+++ /dev/null
@@ -1,30 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2017, Sun Microsystems, Inc., suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Build\ History=\u6784\u5EFA\u5386\u53F2
-Check\ File\ Fingerprint=\u68C0\u67E5\u6587\u4EF6\u6307\u7EB9
-Delete\ View=\u5220\u9664\u89C6\u56FE
-Edit\ View=\u7F16\u8F91\u89C6\u56FE
-NewJob=\u65B0\u5EFA{0}
-People=\u7528\u6237
-Project\ Relationship=\u9879\u76EE\u5173\u7CFB
-Manage\ Jenkins=\u7BA1\u7406Jenkins
diff --git a/core/src/main/resources/hudson/node_monitors/AbstractDiskSpaceMonitor/config_zh_CN.properties b/core/src/main/resources/hudson/node_monitors/AbstractDiskSpaceMonitor/config_zh_CN.properties
deleted file mode 100644
index 62039bac23..0000000000
--- a/core/src/main/resources/hudson/node_monitors/AbstractDiskSpaceMonitor/config_zh_CN.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-Free\ Space\ Threshold=\u6700\u5C0F\u53EF\u7528\u7A7A\u95F4
diff --git a/core/src/main/resources/hudson/node_monitors/MonitorMarkedNodeOffline/message_zh_CN.properties b/core/src/main/resources/hudson/node_monitors/MonitorMarkedNodeOffline/message_zh_CN.properties
deleted file mode 100644
index 89f20d137b..0000000000
--- a/core/src/main/resources/hudson/node_monitors/MonitorMarkedNodeOffline/message_zh_CN.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-Dismiss=\u5FFD\u7565
diff --git a/core/src/main/resources/hudson/scm/EmptyChangeLogSet/digest_zh_CN.properties b/core/src/main/resources/hudson/scm/EmptyChangeLogSet/digest_zh_CN.properties
deleted file mode 100644
index 89f54c5078..0000000000
--- a/core/src/main/resources/hudson/scm/EmptyChangeLogSet/digest_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-No\ changes.=\u6CA1\u6709\u53D8\u5316\u3002
diff --git a/core/src/main/resources/hudson/scm/SCM/project-changes_zh_CN.properties b/core/src/main/resources/hudson/scm/SCM/project-changes_zh_CN.properties
deleted file mode 100644
index d15ba1605a..0000000000
--- a/core/src/main/resources/hudson/scm/SCM/project-changes_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2018, Sun Microsystems, Inc., suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-No\ changes\ in\ any\ of\ the\ builds.=\u5728\u4EFB\u610F\u4E00\u6B21\u6784\u5EFA\u4E2D\u90FD\u6CA1\u6709\u53D8\u66F4\u3002
-detail=\u8BE6\u7EC6\u4FE1\u606F
-No\ builds.=\u6CA1\u6709\u6784\u5EFA\u3002
diff --git a/core/src/main/resources/hudson/search/UserSearchProperty/config_zh_CN.properties b/core/src/main/resources/hudson/search/UserSearchProperty/config_zh_CN.properties
deleted file mode 100644
index cf758a77fc..0000000000
--- a/core/src/main/resources/hudson/search/UserSearchProperty/config_zh_CN.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is under the MIT License by authors
-
-Case-sensitivity=\u5927\u5C0F\u5199\u533A\u5206
-Insensitive\ search\ tool=\u641C\u7D22\u4E0D\u533A\u5206\u5927\u5C0F\u5199
diff --git a/core/src/main/resources/hudson/security/FullControlOnceLoggedInAuthorizationStrategy/config_zh_CN.properties b/core/src/main/resources/hudson/security/FullControlOnceLoggedInAuthorizationStrategy/config_zh_CN.properties
deleted file mode 100644
index 954ea7ac0b..0000000000
--- a/core/src/main/resources/hudson/security/FullControlOnceLoggedInAuthorizationStrategy/config_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Allow\ anonymous\ read\ access=\u533F\u540D\u7528\u6237\u5177\u6709\u53EF\u8BFB\u6743\u9650
diff --git a/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/config_zh_CN.properties b/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/config_zh_CN.properties
deleted file mode 100644
index 19cb3476ab..0000000000
--- a/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/config_zh_CN.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Home\ directory=\u4e3b\u76ee\u5f55
-System\ Message=\u7cfb\u7edf\u6d88\u606f
-Global\ properties=\u5168\u5c40\u5c5e\u6027
-JDKs=JDK\u5149\u5b50
-JDK\ installations=JDK\u5b9e\u4f8b
-List\ of\ JDK\ installations\ on\ this\ system=\u7cfb\u7edfJDK\u5b9e\u4f8b\u5217\u8868
diff --git a/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index_zh_CN.properties b/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index_zh_CN.properties
deleted file mode 100644
index 0442512fa5..0000000000
--- a/core/src/main/resources/hudson/security/GlobalSecurityConfiguration/index_zh_CN.properties
+++ /dev/null
@@ -1,37 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2004-2012, Seiji Sogabe
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-LOADING=\u52A0\u8F7D\u4E2D
-Enable\ security=\u542F\u7528\u5B89\u5168
-Markup\ Formatter=\u6807\u8BB0\u683C\u5F0F\u5668
-
-Agents=\u4EE3\u7406
-Agent\ protocols=\u4EE3\u7406\u534F\u8BAE
-TCP\ port\ for\ JNLP\ agents=JNLP\u4EE3\u7406\u534F\u8BAE\u7684TCP\u7AEF\u53E3
-
-Access\ Control=\u8BBF\u95EE\u63A7\u5236
-Security\ Realm=\u5B89\u5168\u57DF
-Authorization=\u6388\u6743\u7B56\u7565
-Save=\u4FDD\u5B58
-Apply=\u5E94\u7528
-
-Disable\ remember\ me=\u4E0D\u8981\u8BB0\u4F4F\u6211
diff --git a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/Details/config_zh_CN.properties b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/Details/config_zh_CN.properties
deleted file mode 100644
index 02680d9dcd..0000000000
--- a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/Details/config_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Confirm\ Password=\u786e\u8ba4\u5bc6\u7801
-Password=\u5bc6\u7801
diff --git a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/_entryForm_zh_CN.properties b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/_entryForm_zh_CN.properties
deleted file mode 100644
index f4a55dc3c9..0000000000
--- a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/_entryForm_zh_CN.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Confirm\ password=\u786e\u8ba4\u5bc6\u7801
-E-mail\ address=\u7535\u5b50\u90ae\u4ef6\u5730\u5740
-Full\ name=\u5168\u540d
-Password=\u5bc6\u7801
-Username=\u7528\u6237\u540d
diff --git a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/addUser_zh_CN.properties b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/addUser_zh_CN.properties
deleted file mode 100644
index dc51223a10..0000000000
--- a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/addUser_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi, Simon Wiest
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Create\ User=\u65b0\u5efa\u7528\u6237
diff --git a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/config_zh_CN.properties b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/config_zh_CN.properties
deleted file mode 100644
index 828426c243..0000000000
--- a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/config_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi, Simon Wiest
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Allow\ users\ to\ sign\ up=\u5141\u8bb8\u7528\u6237\u6ce8\u518c
diff --git a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/firstUser_zh_CN.properties b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/firstUser_zh_CN.properties
deleted file mode 100644
index 5014b275c1..0000000000
--- a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/firstUser_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2013, Chunghwa Telecom Co., Ltd., Pei-Tang Huang
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Create\ First\ Admin\ User=\u5EFA\u7ACB\u7B2C\u4E00\u4E2A\u7BA1\u7406\u5458
diff --git a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/index_zh_CN.properties b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/index_zh_CN.properties
deleted file mode 100644
index 52b283a774..0000000000
--- a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/index_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Name=\u540d\u79f0
-User\ Id=\u7528\u6237ID
-Users=\u7528\u6237\u5217\u8868
-blurb=\u8FD9\u4E9B\u7528\u6237\u80FD\u591F\u767B\u5F55\u5230Jenkins\u3002\u8FD9\u662F<a href="../people">\u5217\u8868</a>\u7684\u5B50\u96C6\uFF0C\u4E5F\u5305\u62EC\u90A3\u4E9B\u53EA\u662F\u63D0\u4EA4\u4E86\u4EE3\u7801\u5230\u67D0\u4E9B\u9879\u76EE\u4F46\u662F\u4ECE\u672A\u767B\u5F55Jenkins\u800C\u81EA\u52A8\u521B\u5EFA\u7684\u7528\u6237\u3002
diff --git a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/loginLink_zh_CN.properties b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/loginLink_zh_CN.properties
deleted file mode 100644
index 7b062cc601..0000000000
--- a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/loginLink_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-sign\ up=\u6ce8\u518c
diff --git a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/sidepanel_zh_CN.properties b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/sidepanel_zh_CN.properties
deleted file mode 100644
index 74be461a52..0000000000
--- a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/sidepanel_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Back\ to\ Dashboard=\u8FD4\u56DE\u9762\u677F
-Create\ User=\u65B0\u5EFA\u7528\u6237
-Manage\ Jenkins=\u7cfb\u7edf\u7ba1\u7406
diff --git a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/signupWithFederatedIdentity_zh_CN.properties b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/signupWithFederatedIdentity_zh_CN.properties
deleted file mode 100644
index 907d5faa39..0000000000
--- a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/signupWithFederatedIdentity_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi, Simon Wiest
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Sign\ up=\u6ce8\u518c
diff --git a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/signup_zh_CN.properties b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/signup_zh_CN.properties
deleted file mode 100644
index 9f7004ed18..0000000000
--- a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/signup_zh_CN.properties
+++ /dev/null
@@ -1,41 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi, Simon Wiest
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Sign\ up=\u6CE8\u518C
-Create\ an\ account!\ [Jenkins]=\u521B\u5EFA\u4E00\u4E2A\u8D26\u53F7\uFF01[Jenkins]
-Create\ an\ account!=\u521B\u5EFA\u4E00\u4E2A\u8D26\u53F7\uFF01
-If\ you\ already\ have\ a\ Jenkins\ account,=\u5982\u679C\u4F60\u5DF2\u7ECF\u6709\u4E86\u4E00\u4E2A Jenkins \u8D26\u53F7\uFF0C
-please\ sign\ in.=\u8BF7\u767B\u9646
-
-Username=\u7528\u6237\u540D
-Full\ name=\u5168\u79F0
-Email=\u90AE\u7BB1
-Enter\ text\ as\ shown=\u8F93\u5165\u663E\u793A\u7684\u6587\u672C
-Password=\u5BC6\u7801
-Show=\u663E\u793A
-Strength=\u5F3A\u5EA6
-Create\ account=\u521B\u5EFA\u8D26\u53F7
-A\ strong\ password\ is\ a\ long\ password\ that's\ unique\ for\ every\ site.\ Try\ using\ a\ phrase\ with\ 5-6\ words\ for\ the\ best\ security.=\u9AD8\u5F3A\u5EA6\u7684\u5BC6\u7801\u5E94\u8BE5\u662F\u6BD4\u8F83\u957F\uFF0C\u800C\u4E14\u6BCF\u4E2A\u7F51\u7AD9\u90FD\u662F\u552F\u4E00\u7684\u3002\u8BF7\u53C2\u8BD5\u4F7F\u75285\uFF5E6\u4E2A\u5B57\u7B26\u7684\u5B89\u5168\u5BC6\u7801\u3002
-Strong=\u5F3A
-Moderate=\u9002\u4E2D
-Weak=\u5F31
-Poor=\u5F88\u5F31
diff --git a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/success_zh_CN.properties b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/success_zh_CN.properties
deleted file mode 100644
index 5aae56d59b..0000000000
--- a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/success_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi, Seiji Sogabe
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Success=\u64CD\u4F5C\u6210\u529F
-description=\u4f60\u73b0\u5728\u5df2\u7ecf\u767b\u5f55.\u8fd4\u56de<a href="..">\u9996\u9875</a>.
diff --git a/core/src/main/resources/hudson/security/LegacySecurityRealm/config_zh_CN.properties b/core/src/main/resources/hudson/security/LegacySecurityRealm/config_zh_CN.properties
deleted file mode 100644
index 6a7d746893..0000000000
--- a/core/src/main/resources/hudson/security/LegacySecurityRealm/config_zh_CN.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-Unprotected\ URLs=\u4E0D\u53D7\u4FDD\u62A4\u7684\u94FE\u63A5
diff --git a/core/src/main/resources/hudson/security/SecurityRealm/loginLink_zh_CN.properties b/core/src/main/resources/hudson/security/SecurityRealm/loginLink_zh_CN.properties
deleted file mode 100644
index b4a696d3ff..0000000000
--- a/core/src/main/resources/hudson/security/SecurityRealm/loginLink_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-login=\u767b\u5f55
diff --git a/core/src/main/resources/hudson/security/SecurityRealm/signup_zh_CN.properties b/core/src/main/resources/hudson/security/SecurityRealm/signup_zh_CN.properties
deleted file mode 100644
index a1792959d4..0000000000
--- a/core/src/main/resources/hudson/security/SecurityRealm/signup_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Signup\ not\ supported=\u4E0D\u652F\u6301\u6CE8\u518C
-Sign\ up=\u6CE8\u518C
-This\ is\ not\ supported\ in\ the\ current\ configuration.=\u5F53\u524D\u914D\u7F6E\u4E2D\u4E0D\u652F\u6301\u3002
diff --git a/core/src/main/resources/hudson/security/csrf/DefaultCrumbIssuer/config_zh_CN.properties b/core/src/main/resources/hudson/security/csrf/DefaultCrumbIssuer/config_zh_CN.properties
deleted file mode 100644
index 5204e1c20c..0000000000
--- a/core/src/main/resources/hudson/security/csrf/DefaultCrumbIssuer/config_zh_CN.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-Enable\ proxy\ compatibility=\u542F\u7528\u4EE3\u7406\u517C\u5BB9
diff --git a/core/src/main/resources/hudson/security/csrf/GlobalCrumbIssuerConfiguration/config_zh_CN.properties b/core/src/main/resources/hudson/security/csrf/GlobalCrumbIssuerConfiguration/config_zh_CN.properties
deleted file mode 100644
index 5bf77c312b..0000000000
--- a/core/src/main/resources/hudson/security/csrf/GlobalCrumbIssuerConfiguration/config_zh_CN.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTR
-# ACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Prevent\ Cross\ Site\ Request\ Forgery\ exploits=\u9632\u6B62\u8DE8\u7AD9\u70B9\u8BF7\u6C42\u4F2A\u9020
-CSRF\ Protection=\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020\u4FDD\u62A4
-Crumbs=\u788E\u7247
-Crumb\ Algorithm=\u788E\u7247\u7B97\u6CD5
diff --git a/core/src/main/resources/hudson/slaves/ComputerLauncher/main_zh_CN.properties b/core/src/main/resources/hudson/slaves/ComputerLauncher/main_zh_CN.properties
deleted file mode 100644
index 9b685ac70c..0000000000
--- a/core/src/main/resources/hudson/slaves/ComputerLauncher/main_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018 suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-launchingDescription=\u8be5\u8282\u70b9\u5df2\u7ecf\u542f\u52a8\u3002
-See\ log\ for\ more\ details=\u66f4\u591a\u4fe1\u606f\u8bf7\u67e5\u770b\u65e5\u5fd7
-Relaunch\ agent=\u91cd\u542f\u4ee3\u7406
-Launch\ agent=\u542f\u52a8\u4ee3\u7406
diff --git a/core/src/main/resources/hudson/slaves/DumbSlave/configure-entries_zh_CN.properties b/core/src/main/resources/hudson/slaves/DumbSlave/configure-entries_zh_CN.properties
deleted file mode 100644
index ec8eb777e3..0000000000
--- a/core/src/main/resources/hudson/slaves/DumbSlave/configure-entries_zh_CN.properties
+++ /dev/null
@@ -1,29 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Description=\u63CF\u8FF0
-\#\ of\ executors=\u5E76\u53D1\u6784\u5EFA\u6570
-Labels=\u6807\u7B7E
-Remote\ root\ directory=\u8FDC\u7A0B\u5DE5\u4F5C\u76EE\u5F55
-Launch\ method=\u542F\u52A8\u65B9\u5F0F
-Availability=\u53EF\u7528\u6027
-Node\ Properties=\u8282\u70B9\u5C5E\u6027
diff --git a/core/src/main/resources/hudson/slaves/DumbSlave/newInstanceDetail_zh_CN.properties b/core/src/main/resources/hudson/slaves/DumbSlave/newInstanceDetail_zh_CN.properties
deleted file mode 100644
index f1e1f47dab..0000000000
--- a/core/src/main/resources/hudson/slaves/DumbSlave/newInstanceDetail_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2004-2018, Sun Microsystems, Inc., Kohsuke Kawaguchi,
-#   suren <zxjlwt@126.com>
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-detail=\
-  \u6dfb\u52a0\u4e00\u4e2a\u666e\u901a\u3001\u56fa\u5b9a\u7684\u8282\u70b9\u5230Jenkins\u3002\u4e4b\u6240\u4ee5\u53eb\u505a\u201c\u56fa\u5b9a\u201d\uff0c\u662f\u56e0\u4e3aJenkins\u6ca1\u7ed9\u8fd9\u79cd\u8282\u70b9\u63d0\u4f9b\u66f4\u9ad8\u7ea7\u7684\u96c6\u6210\u65b9\u5f0f\uff0c\u4f8b\u5982\uff1a\u52a8\u6001\u914d\u7f6e\u3002\u6ca1\u6709\u5176\u4ed6\u7c7b\u578b\u80fd\u9009\u62e9\u7684\u8bdd\u53ef\u4ee5\u9009\u62e9\u8be5\u7c7b\u578b\uff1b\u4f8b\u5982\uff0c\u4f60\u5728\u6dfb\u52a0\u4e0d\u53d7Jenkins\u7ba1\u7406\u7684\u7269\u7406\u673a\u3001\u865a\u62df\u673a\u7b49\u7b49\u3002
diff --git a/core/src/main/resources/hudson/slaves/EnvironmentVariablesNodeProperty/config_zh_CN.properties b/core/src/main/resources/hudson/slaves/EnvironmentVariablesNodeProperty/config_zh_CN.properties
deleted file mode 100644
index e70d102c3c..0000000000
--- a/core/src/main/resources/hudson/slaves/EnvironmentVariablesNodeProperty/config_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2004-2009, Sun Microsystems, Inc., Alan Harder, Eric Lefevre-Ardant
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-List\ of\ variables=\u952E\u503C\u5BF9\u5217\u8868
-Name=\u952E
-Value=\u503c
diff --git a/core/src/main/resources/hudson/slaves/JNLPLauncher/config_zh_CN.properties b/core/src/main/resources/hudson/slaves/JNLPLauncher/config_zh_CN.properties
deleted file mode 100644
index feb6df4894..0000000000
--- a/core/src/main/resources/hudson/slaves/JNLPLauncher/config_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-JVM\ options=JVM \u9009\u9879
-Tunnel\ connection\ through=Tunnel \u8fde\u63a5\u4f4d\u7f6e
diff --git a/core/src/main/resources/hudson/slaves/JNLPLauncher/main_zh_CN.properties b/core/src/main/resources/hudson/slaves/JNLPLauncher/main_zh_CN.properties
deleted file mode 100644
index cf34147ccd..0000000000
--- a/core/src/main/resources/hudson/slaves/JNLPLauncher/main_zh_CN.properties
+++ /dev/null
@@ -1,30 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2018, Sun Microsystems, Inc, suren <zxjlwt@126.com> .
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-slaveAgentPort.disabled=\u4ece\u8282\u70b9\u7aef\u53e3\u88ab\u7981\u7528
-configure.link.text=\u914d\u7f6e\u94fe\u63a5
-Connect\ agent\ to\ Jenkins\ one\ of\ these\ ways\:=\u8282\u70b9\u8fde\u63a5Jenkins\u7684\u65b9\u5f0f\u5982\u4e0b\uff1a
-launch\ agent=\u542f\u52a8\u8282\u70b9
-Launch\ agent\ from\ browser=\u5728\u6d4f\u89c8\u5668\u4e2d\u542f\u52a8\u8282\u70b9
-Run\ from\ agent\ command\ line\:=\u5728\u547d\u4ee4\u884c\u4e2d\u542f\u52a8\u8282\u70b9
-Or\ if\ the\ agent\ is\ headless\:=\u6216\u8005\uff0c\u5f53\u8282\u70b9\u662f\u65e0\u754c\u9762\u7684\u8bdd
-Connected\ via\ JNLP\ agent.=\u5DF2\u901A\u8FC7JNLP Agent\u8FDE\u63A5
diff --git a/core/src/main/resources/hudson/slaves/OfflineCause/ChannelTermination/cause_zh_CN.properties b/core/src/main/resources/hudson/slaves/OfflineCause/ChannelTermination/cause_zh_CN.properties
deleted file mode 100644
index 4cb665671b..0000000000
--- a/core/src/main/resources/hudson/slaves/OfflineCause/ChannelTermination/cause_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Connection\ was\ broken=\u8FDE\u63A5\u4E2D\u65AD
diff --git a/core/src/main/resources/hudson/slaves/OfflineCause/LaunchFailed/cause_zh_CN.properties b/core/src/main/resources/hudson/slaves/OfflineCause/LaunchFailed/cause_zh_CN.properties
deleted file mode 100644
index 2daf3239d0..0000000000
--- a/core/src/main/resources/hudson/slaves/OfflineCause/LaunchFailed/cause_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-See\ log\ for\ more\ details=\u4ECE\u65E5\u5FD7\u91CC\u53EF\u4EE5\u770B\u5230\u66F4\u8BE6\u7EC6\u7684\u5185\u5BB9
diff --git a/core/src/main/resources/hudson/slaves/SlaveComputer/disconnect_zh_CN.properties b/core/src/main/resources/hudson/slaves/SlaveComputer/disconnect_zh_CN.properties
deleted file mode 100644
index 815e1b088d..0000000000
--- a/core/src/main/resources/hudson/slaves/SlaveComputer/disconnect_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-blurb=\u4F60\u53EF\u4EE5\u6DFB\u52A0\u8BA9\u8BE5\u8282\u70B9\u4E0B\u7EBF\u7684\u7406\u7531\uFF0C\u8FD9\u6837\u5176\u4ED6\u4EBA\u5C31\u80FD\u770B\u5230\u539F\u56E0\u4E86\u3002
-Yes=\u662F
-disconnect=\u65AD\u5F00\u8FDE\u63A5
-Are\ you\ sure\ about\ disconnecting?=\u4F60\u786E\u5B9A\u8981\u65AD\u5F00\u8FDE\u63A5\uFF1F
diff --git a/core/src/main/resources/hudson/slaves/SlaveComputer/sidepanel2_zh_CN.properties b/core/src/main/resources/hudson/slaves/SlaveComputer/sidepanel2_zh_CN.properties
deleted file mode 100644
index e0be0ef6d8..0000000000
--- a/core/src/main/resources/hudson/slaves/SlaveComputer/sidepanel2_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Disconnect=\u65AD\u5F00\u8FDE\u63A5
-Log=\u65E5\u5FD7
-System\ Information=\u7CFB\u7EDF\u4FE1\u606F
diff --git a/core/src/main/resources/hudson/slaves/SlaveComputer/systemInfo_zh_CN.properties b/core/src/main/resources/hudson/slaves/SlaveComputer/systemInfo_zh_CN.properties
deleted file mode 100644
index e37e96e1e6..0000000000
--- a/core/src/main/resources/hudson/slaves/SlaveComputer/systemInfo_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-System\ Information=\u7CFB\u7EDF\u4FE1\u606F
-System\ Properties=\u7CFB\u7EDF\u5C5E\u6027
-Environment\ Variables=\u73AF\u5883\u53D8\u91CF
-Thread\ Dump=\u7EBF\u7A0B\u6253\u5370
diff --git a/core/src/main/resources/hudson/tasks/ArtifactArchiver/config_zh_CN.properties b/core/src/main/resources/hudson/tasks/ArtifactArchiver/config_zh_CN.properties
deleted file mode 100644
index 092c8dcf29..0000000000
--- a/core/src/main/resources/hudson/tasks/ArtifactArchiver/config_zh_CN.properties
+++ /dev/null
@@ -1,29 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Excludes=\u4e0d\u5305\u542b
-Files\ to\ archive=\u7528\u4e8e\u5b58\u6863\u7684\u6587\u4ef6
-allowEmptyArchive=\u5f52\u6863\u4e3a\u7a7a\u65f6\u4e0d\u5f15\u8d77\u6784\u5efa\u5931\u8d25
-onlyIfSuccessful=\u53ea\u6709\u6784\u5efa\u6210\u529f\u65f6\u5f52\u6863
-Fingerprint\ all\ archived\ artifacts=\u8bb0\u5f55\u6240\u6709\u5f52\u6863\u6210\u54c1\u7684\u6307\u7eb9
-defaultExcludes=\u4f7f\u7528\u9ed8\u8ba4\u7684\u6392\u9664
-caseSensitive=\u5305\u542b\u548c\u6392\u9664\u6a21\u5f0f\u5927\u5c0f\u5199\u654f\u611f
diff --git a/core/src/main/resources/hudson/tasks/BatchFile/config_zh_CN.properties b/core/src/main/resources/hudson/tasks/BatchFile/config_zh_CN.properties
deleted file mode 100644
index 41ec23db58..0000000000
--- a/core/src/main/resources/hudson/tasks/BatchFile/config_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Command=\u547D\u4EE4
-description=\u53C2\u9605 <a href="{0}/env-vars.html" target=_new>\u53EF\u7528\u73AF\u5883\u53D8\u91CF\u5217\u8868</a>
-ERRORLEVEL\ to\ set\ build\ unstable=\u8bbe\u7f6e\u4e3a\u6784\u5efa\u4e0d\u7a33\u5b9a\u65f6\u7684\u9000\u51fa\u7801
diff --git a/core/src/main/resources/hudson/tasks/BuildTrigger/config_zh_CN.properties b/core/src/main/resources/hudson/tasks/BuildTrigger/config_zh_CN.properties
deleted file mode 100644
index 33980b1beb..0000000000
--- a/core/src/main/resources/hudson/tasks/BuildTrigger/config_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Projects\ to\ build=\u8981\u6784\u5EFA\u7684\u9879\u76EE
-Trigger\ only\ if\ build\ is\ stable=\u53ea\u6709\u6784\u5efa\u7a33\u5b9a\u65f6\u89e6\u53d1
-Trigger\ even\ if\ the\ build\ is\ unstable=\u5728\u6784\u5EFA\u4E0D\u7A33\u5B9A\u65F6\u4F9D\u7136\u89E6\u53D1
-Trigger\ even\ if\ the\ build\ fails=\u5373\u4f7f\u6784\u5efa\u5931\u8d25\u65f6\u4e5f\u4f1a\u89e6\u53d1
diff --git a/core/src/main/resources/hudson/tasks/Fingerprinter/FingerprintAction/index_zh_CN.properties b/core/src/main/resources/hudson/tasks/Fingerprinter/FingerprintAction/index_zh_CN.properties
deleted file mode 100644
index 26183207e0..0000000000
--- a/core/src/main/resources/hudson/tasks/Fingerprinter/FingerprintAction/index_zh_CN.properties
+++ /dev/null
@@ -1,9 +0,0 @@
-# This file is under the MIT License by authors
-
-Age=\u6784\u5EFA\u5386\u53F2
-File=\u6587\u4EF6
-Original\ owner=\u539F\u4E3B
-Recorded\ Fingerprints=\u6587\u4EF6\u6307\u7EB9\u6863\u6848
-more\ details=\u8BE6\u7EC6\u4FE1\u606F
-outside\ Jenkins=\u975Ejenkins
-this\ build=\u672C\u6B21\u6784\u5EFA
diff --git a/core/src/main/resources/hudson/tasks/Fingerprinter/config_zh_CN.properties b/core/src/main/resources/hudson/tasks/Fingerprinter/config_zh_CN.properties
deleted file mode 100644
index 1307cef9f5..0000000000
--- a/core/src/main/resources/hudson/tasks/Fingerprinter/config_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Files\ to\ fingerprint=\u9700\u8981\u8bb0\u5f55\u6307\u7eb9\u7684\u6587\u4ef6
diff --git a/core/src/main/resources/hudson/tasks/LogRotator/config_zh_CN.properties b/core/src/main/resources/hudson/tasks/LogRotator/config_zh_CN.properties
deleted file mode 100644
index 68ed7733b6..0000000000
--- a/core/src/main/resources/hudson/tasks/LogRotator/config_zh_CN.properties
+++ /dev/null
@@ -1,30 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Days\ to\ keep\ artifacts=\u53D1\u5E03\u5305\u4FDD\u7559\u5929\u6570
-Days\ to\ keep\ builds=\u4FDD\u6301\u6784\u5EFA\u7684\u5929\u6570
-Max\ #\ of\ builds\ to\ keep=\u4FDD\u6301\u6784\u5EFA\u7684\u6700\u5927\u4E2A\u6570
-Max\ #\ of\ builds\ to\ keep\ with\ artifacts=\u53D1\u5E03\u5305\u6700\u5927\u4FDD\u7559#\u4E2A\u6784\u5EFA
-if\ not\ empty,\ artifacts\ from\ builds\ older\ than\ this\ number\ of\ days\ will\ be\ deleted,\ but\ the\ logs,\ history,\ reports,\ etc\ for\ the\ build\ will\ be\ kept=\u5982\u679C\u975E\u7A7A\uFF0C\u6BD4\u6B64\u65E9\u7684\u53D1\u5E03\u5305\u5C06\u88AB\u5220\u9664\uFF0C\u4F46\u6784\u5EFA\u7684\u65E5\u5FD7\u3001\u64CD\u4F5C\u5386\u53F2\u3001\u62A5\u544A\u7B49\u5C06\u88AB\u4FDD\u7559
-if\ not\ empty,\ build\ records\ are\ only\ kept\ up\ to\ this\ number\ of\ days=\u5982\u679C\u975E\u7A7A\uFF0C\u6784\u5EFA\u8BB0\u5F55\u5C06\u4FDD\u5B58\u6B64\u5929\u6570
-if\ not\ empty,\ only\ up\ to\ this\ number\ of\ build\ records\ are\ kept=\u5982\u679C\u975E\u7A7A\uFF0C\u6700\u591A\u6B64\u6570\u76EE\u7684\u6784\u5EFA\u8BB0\u5F55\u5C06\u88AB\u4FDD\u5B58
-if\ not\ empty,\ only\ up\ to\ this\ number\ of\ builds\ have\ their\ artifacts\ retained=\u5982\u679C\u975E\u7A7A\uFF0C\u6700\u591A\u6B64\u6570\u76EE\u5927\u6784\u5EFA\u5C06\u4FDD\u7559\u4ED6\u4EEC\u7684\u53D1\u5E03\u5305
diff --git a/core/src/main/resources/hudson/tasks/Maven/config_zh_CN.properties b/core/src/main/resources/hudson/tasks/Maven/config_zh_CN.properties
deleted file mode 100644
index 194842f59b..0000000000
--- a/core/src/main/resources/hudson/tasks/Maven/config_zh_CN.properties
+++ /dev/null
@@ -1,32 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Default=\u9ed8\u8ba4
-JVM\ Options=Java\u865a\u62df\u673a\u53c2\u6570
-Settings\ file=\u914d\u7f6e\u6587\u4ef6
-Goals=\u76ee\u6807
-POM=POM
-Global\ Settings\ file=\u5168\u5c40\u914d\u7f6e\u6587\u4ef6
-Use\ private\ Maven\ repository=\u4f7f\u7528Maven\u79c1\u6709\u4ed3\u5e93
-Properties=\u5c5e\u6027
-Maven\ Version=Maven \u7248\u672c
-Inject\ build\ variables=\u6ce8\u5165\u6784\u5efa\u53d8\u91cf
diff --git a/core/src/main/resources/hudson/tasks/Shell/config_zh_CN.properties b/core/src/main/resources/hudson/tasks/Shell/config_zh_CN.properties
deleted file mode 100644
index 0d3c0ae02a..0000000000
--- a/core/src/main/resources/hudson/tasks/Shell/config_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-# 
-# Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Command=\u547d\u4ee4
-description=\u67e5\u770b <a href="{0}/env-vars.html" target=_new>\u53ef\u7528\u7684\u73af\u5883\u53d8\u91cf\u5217\u8868</a>
-Exit\ code\ to\ set\ build\ unstable=\u8bbe\u7f6e\u4e3a\u6784\u5efa\u4e0d\u7a33\u5b9a\u65f6\u7684\u9000\u51fa\u7801
diff --git a/core/src/main/resources/hudson/tools/AbstractCommandInstaller/config_zh_CN.properties b/core/src/main/resources/hudson/tools/AbstractCommandInstaller/config_zh_CN.properties
deleted file mode 100644
index b56768c498..0000000000
--- a/core/src/main/resources/hudson/tools/AbstractCommandInstaller/config_zh_CN.properties
+++ /dev/null
@@ -1,2 +0,0 @@
-Command=\u547d\u4ee4
-Tool\ Home=\u5de5\u5177\u76ee\u5f55
diff --git a/core/src/main/resources/hudson/tools/DownloadFromUrlInstaller/config_zh_CN.properties b/core/src/main/resources/hudson/tools/DownloadFromUrlInstaller/config_zh_CN.properties
deleted file mode 100644
index 83bc36fed9..0000000000
--- a/core/src/main/resources/hudson/tools/DownloadFromUrlInstaller/config_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Version=\u7248\u672c
diff --git a/core/src/main/resources/hudson/tools/InstallSourceProperty/config_zh_CN.properties b/core/src/main/resources/hudson/tools/InstallSourceProperty/config_zh_CN.properties
deleted file mode 100644
index e349cd159c..0000000000
--- a/core/src/main/resources/hudson/tools/InstallSourceProperty/config_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi, Simon Wiest
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Add\ Installer=\u65b0\u589e\u5b89\u88c5
-Delete\ Installer=\u5220\u9664\u5b89\u88c5
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/tools/ToolInstallation/config_zh_CN.properties b/core/src/main/resources/hudson/tools/ToolInstallation/config_zh_CN.properties
deleted file mode 100644
index 466780bb3b..0000000000
--- a/core/src/main/resources/hudson/tools/ToolInstallation/config_zh_CN.properties
+++ /dev/null
@@ -1,2 +0,0 @@
-Name=\u522b\u540d
-Installation\ directory=\u5b89\u88c5\u76ee\u5f55
diff --git a/core/src/main/resources/hudson/tools/ToolInstallation/global_zh_CN.properties b/core/src/main/resources/hudson/tools/ToolInstallation/global_zh_CN.properties
deleted file mode 100644
index 101b7c0544..0000000000
--- a/core/src/main/resources/hudson/tools/ToolInstallation/global_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2009, Sun Microsystems, Inc., Seiji Sogabe
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-title={0} \u5b89\u88c5
-description=\u7CFB\u7EDF\u4E0B{0} \u5B89\u88C5\u5217\u8868
-label.add=\u65b0\u589e {0}
-label.delete=\u5220\u9664 {0}
diff --git a/core/src/main/resources/hudson/tools/ToolLocationNodeProperty/config_zh_CN.properties b/core/src/main/resources/hudson/tools/ToolLocationNodeProperty/config_zh_CN.properties
deleted file mode 100644
index 68bb205d00..0000000000
--- a/core/src/main/resources/hudson/tools/ToolLocationNodeProperty/config_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2009, Sun Microsystems, Inc., Seiji Sogabe, Eric Lefevre-Ardant
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-List\ of\ tool\ locations=\u5DE5\u5177\u4F4D\u7F6E\u5217\u8868
-Name=\u540D\u79F0
-Home=\u76ee\u5f55
diff --git a/core/src/main/resources/hudson/tools/ZipExtractionInstaller/config_zh_CN.properties b/core/src/main/resources/hudson/tools/ZipExtractionInstaller/config_zh_CN.properties
deleted file mode 100644
index a0f06c72a3..0000000000
--- a/core/src/main/resources/hudson/tools/ZipExtractionInstaller/config_zh_CN.properties
+++ /dev/null
@@ -1,2 +0,0 @@
-Download\ URL\ for\ binary\ archive=\u538b\u7f29\u5305(\u4e8c\u8fdb\u5236)\u7684\u4e0b\u8f7dURL
-Subdirectory\ of\ extracted\ archive=\u89e3\u538b\u76ee\u5f55
diff --git a/core/src/main/resources/hudson/tools/label_zh_CN.properties b/core/src/main/resources/hudson/tools/label_zh_CN.properties
deleted file mode 100644
index 6b2432d7a6..0000000000
--- a/core/src/main/resources/hudson/tools/label_zh_CN.properties
+++ /dev/null
@@ -1 +0,0 @@
-Label=\u6807\u7b7e
diff --git a/core/src/main/resources/hudson/triggers/SCMTrigger/BuildAction/index_zh_CN.properties b/core/src/main/resources/hudson/triggers/SCMTrigger/BuildAction/index_zh_CN.properties
deleted file mode 100644
index 56e0951381..0000000000
--- a/core/src/main/resources/hudson/triggers/SCMTrigger/BuildAction/index_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-blurb=\
-  \u8be5\u9875\u9762\u6355\u83b7\u5df2\u89e6\u53d1\u6784\u5efa\u7684\u8f6e\u8be2\u65e5\u5fd7\u3002
-Polling\ Log=\u8f6e\u8be2\u65e5\u5fd7
-View\ as\ plain\ text=\u4ee5\u666e\u901a\u6587\u672c\u7684\u65b9\u5f0f\u67e5\u770b
diff --git a/core/src/main/resources/hudson/triggers/SCMTrigger/SCMAction/index_zh_CN.properties b/core/src/main/resources/hudson/triggers/SCMTrigger/SCMAction/index_zh_CN.properties
deleted file mode 100644
index f402abdf0e..0000000000
--- a/core/src/main/resources/hudson/triggers/SCMTrigger/SCMAction/index_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-title={0}
-Polling\ has\ not\ run\ yet.=\u8FD8\u6CA1\u6709\u5F00\u59CB\u8F6E\u8BE2\u3002
diff --git a/core/src/main/resources/hudson/triggers/SCMTrigger/config_zh_CN.properties b/core/src/main/resources/hudson/triggers/SCMTrigger/config_zh_CN.properties
deleted file mode 100644
index f583bfb3f4..0000000000
--- a/core/src/main/resources/hudson/triggers/SCMTrigger/config_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Schedule=\u65E5\u7A0B\u8868
-Ignore\ post-commit\ hooks=\u5ffd\u7565\u94a9\u5b50 post-commit
diff --git a/core/src/main/resources/hudson/triggers/SCMTrigger/global_zh_CN.properties b/core/src/main/resources/hudson/triggers/SCMTrigger/global_zh_CN.properties
deleted file mode 100644
index 0f3dc59368..0000000000
--- a/core/src/main/resources/hudson/triggers/SCMTrigger/global_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Max\ \#\ of\ concurrent\ polling=\u6700\u5927\u8f6e\u8be2\u5e76\u53d1\u6570
-SCM\ Polling=SCM \u8f6e\u8be2
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/triggers/TimerTrigger/config_zh_CN.properties b/core/src/main/resources/hudson/triggers/TimerTrigger/config_zh_CN.properties
deleted file mode 100644
index 3e87810019..0000000000
--- a/core/src/main/resources/hudson/triggers/TimerTrigger/config_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Schedule=\u65E5\u7A0B\u8868
diff --git a/core/src/main/resources/hudson/util/HudsonIsLoading/index_zh_CN.properties b/core/src/main/resources/hudson/util/HudsonIsLoading/index_zh_CN.properties
deleted file mode 100644
index a19e0c0f16..0000000000
--- a/core/src/main/resources/hudson/util/HudsonIsLoading/index_zh_CN.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is under the MIT License by authors
-
-Please\ wait\ while\ Jenkins\ is\ getting\ ready\ to\ work=Jenkins\u6B63\u5728\u542F\u52A8\uFF0C\u8BF7\u7A0D\u540E...
-Your\ browser\ will\ reload\ automatically\ when\ Jenkins\ is\ ready.=Jenkins\u542F\u52A8\u5B8C\u6210\u540E\u6D4F\u89C8\u5668\u5C06\u81EA\u52A8\u5237\u65B0
diff --git a/core/src/main/resources/hudson/util/HudsonIsRestarting/index_zh_CN.properties b/core/src/main/resources/hudson/util/HudsonIsRestarting/index_zh_CN.properties
deleted file mode 100644
index 4049dcf1b2..0000000000
--- a/core/src/main/resources/hudson/util/HudsonIsRestarting/index_zh_CN.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-Your\ browser\ will\ reload\ automatically\ when\ Jenkins\ is\ ready.=\u5F53Jenkins\u5C31\u7EEA\u7684\u65F6\u5019\uFF0C\u4F60\u7684\u6D4F\u89C8\u5668\u4F1A\u81EA\u52A8\u5237\u65B0
diff --git a/core/src/main/resources/hudson/views/DefaultMyViewsTabBar/myViewTabs_zh_CN.properties b/core/src/main/resources/hudson/views/DefaultMyViewsTabBar/myViewTabs_zh_CN.properties
deleted file mode 100644
index 5a8256b576..0000000000
--- a/core/src/main/resources/hudson/views/DefaultMyViewsTabBar/myViewTabs_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-New\ View=\u65B0\u5EFA\u89C6\u56FE
diff --git a/core/src/main/resources/hudson/views/DefaultViewsTabBar/viewTabs_zh_CN.properties b/core/src/main/resources/hudson/views/DefaultViewsTabBar/viewTabs_zh_CN.properties
deleted file mode 100644
index 5a8256b576..0000000000
--- a/core/src/main/resources/hudson/views/DefaultViewsTabBar/viewTabs_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-New\ View=\u65B0\u5EFA\u89C6\u56FE
diff --git a/core/src/main/resources/hudson/views/GlobalDefaultViewConfiguration/config_zh_CN.properties b/core/src/main/resources/hudson/views/GlobalDefaultViewConfiguration/config_zh_CN.properties
deleted file mode 100644
index 8f6846014d..0000000000
--- a/core/src/main/resources/hudson/views/GlobalDefaultViewConfiguration/config_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Default\ view=\u9ED8\u8BA4\u89C6\u56FE
diff --git a/core/src/main/resources/hudson/views/LastDurationColumn/columnHeader_zh_CN.properties b/core/src/main/resources/hudson/views/LastDurationColumn/columnHeader_zh_CN.properties
deleted file mode 100644
index ef6873d129..0000000000
--- a/core/src/main/resources/hudson/views/LastDurationColumn/columnHeader_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Last\ Duration=\u4E0A\u6B21\u6301\u7EED\u65F6\u95F4
-
diff --git a/core/src/main/resources/hudson/views/LastDurationColumn/column_zh_CN.properties b/core/src/main/resources/hudson/views/LastDurationColumn/column_zh_CN.properties
deleted file mode 100644
index 1188f1b183..0000000000
--- a/core/src/main/resources/hudson/views/LastDurationColumn/column_zh_CN.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-N/A=\u65E0
diff --git a/core/src/main/resources/hudson/views/LastFailureColumn/columnHeader_zh_CN.properties b/core/src/main/resources/hudson/views/LastFailureColumn/columnHeader_zh_CN.properties
deleted file mode 100644
index 6a2ab75e66..0000000000
--- a/core/src/main/resources/hudson/views/LastFailureColumn/columnHeader_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Last\ Failure=\u4E0A\u6B21\u5931\u8D25
diff --git a/core/src/main/resources/hudson/views/LastFailureColumn/column_zh_CN.properties b/core/src/main/resources/hudson/views/LastFailureColumn/column_zh_CN.properties
deleted file mode 100644
index 7b70b79134..0000000000
--- a/core/src/main/resources/hudson/views/LastFailureColumn/column_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-N/A=\u65E0
diff --git a/core/src/main/resources/hudson/views/LastStableColumn/columnHeader_zh_CN.properties b/core/src/main/resources/hudson/views/LastStableColumn/columnHeader_zh_CN.properties
deleted file mode 100644
index 9ca68bea5a..0000000000
--- a/core/src/main/resources/hudson/views/LastStableColumn/columnHeader_zh_CN.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-Last\ Stable=\u4E0A\u6B21\u6210\u529F
diff --git a/core/src/main/resources/hudson/views/LastSuccessColumn/columnHeader_zh_CN.properties b/core/src/main/resources/hudson/views/LastSuccessColumn/columnHeader_zh_CN.properties
deleted file mode 100644
index eafe1f82a7..0000000000
--- a/core/src/main/resources/hudson/views/LastSuccessColumn/columnHeader_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Last\ Success=\u4E0A\u6B21\u6210\u529F
diff --git a/core/src/main/resources/hudson/views/LastSuccessColumn/column_zh_CN.properties b/core/src/main/resources/hudson/views/LastSuccessColumn/column_zh_CN.properties
deleted file mode 100644
index ff31e23157..0000000000
--- a/core/src/main/resources/hudson/views/LastSuccessColumn/column_zh_CN.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-N/A=\u6CA1\u6709
diff --git a/core/src/main/resources/hudson/views/StatusColumn/columnHeader_zh_CN.properties b/core/src/main/resources/hudson/views/StatusColumn/columnHeader_zh_CN.properties
deleted file mode 100644
index a59cd56ef2..0000000000
--- a/core/src/main/resources/hudson/views/StatusColumn/columnHeader_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Status\ of\ the\ last\ build=\u4E0A\u6B21\u6784\u5EFA\u72B6\u6001
diff --git a/core/src/main/resources/hudson/views/WeatherColumn/columnHeader_zh_CN.properties b/core/src/main/resources/hudson/views/WeatherColumn/columnHeader_zh_CN.properties
deleted file mode 100644
index 7da9858119..0000000000
--- a/core/src/main/resources/hudson/views/WeatherColumn/columnHeader_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Weather\ report\ showing\ aggregated\ status\ of\ recent\ builds=\u7F16\u8BD1\u6674\u96E8\u8868
diff --git a/core/src/main/resources/hudson/widgets/HistoryWidget/entry_zh_CN.properties b/core/src/main/resources/hudson/widgets/HistoryWidget/entry_zh_CN.properties
deleted file mode 100644
index 50dd98d86f..0000000000
--- a/core/src/main/resources/hudson/widgets/HistoryWidget/entry_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Console\ Output=\u63A7\u5236\u53F0\u8F93\u51FA
diff --git a/core/src/main/resources/hudson/widgets/HistoryWidget/index_zh_CN.properties b/core/src/main/resources/hudson/widgets/HistoryWidget/index_zh_CN.properties
deleted file mode 100644
index 6ad6d3a61d..0000000000
--- a/core/src/main/resources/hudson/widgets/HistoryWidget/index_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-More\ ...=\u66F4\u591A...
-for\ all=\u5168\u90E8
-for\ failures=\u5931\u8D25
-trend=\u6784\u5EFA\u5386\u53F2
diff --git a/core/src/main/resources/jenkins/CLI/WarnWhenEnabled/message_zh_CN.properties b/core/src/main/resources/jenkins/CLI/WarnWhenEnabled/message_zh_CN.properties
deleted file mode 100644
index 0d8fbd4efa..0000000000
--- a/core/src/main/resources/jenkins/CLI/WarnWhenEnabled/message_zh_CN.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-# The MIT License
-#
-# Copyright 2017 Gentle Yang, vivo.com
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Dismiss=\u4E0D\u518D\u663E\u793A
-blurb=\
-    \u5F00\u542Fjenkins cli\u7684 <code>-remoting</code> \u5DE5\u4F5C\u6A21\u5F0F\u662F\u6BD4\u8F83\u5371\u9669\u7684\uFF0C\u901A\u5E38\u6CA1\u6709\u5FC5\u8981\u3002\
-    \u5EFA\u8BAE\u7981\u6B62\u8BE5\u6A21\u5F0F\u3002 \
-    \u8BF7\u53C2\u8003 <a href="https://jenkins.io/doc/book/managing/cli/">cli\u6587\u6863</a> \u4E86\u89E3\u8BE6\u60C5\u3002
-Disable\ CLI\ over\ Remoting=\u7981\u7528\u8FDC\u7A0B\u547D\u4EE4\u63A5\u53E3
diff --git a/core/src/main/resources/jenkins/CLI/config_zh_CN.properties b/core/src/main/resources/jenkins/CLI/config_zh_CN.properties
deleted file mode 100644
index 3ea951e04c..0000000000
--- a/core/src/main/resources/jenkins/CLI/config_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-CLI=\u547D\u4EE4\u884C\u63A5\u53E3
-Enable\ CLI\ over\ Remoting=\u542F\u7528\u8FDC\u7A0B\u547D\u4EE4\u884C\u63A5\u53E3
diff --git a/core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message_zh_CN.properties b/core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message_zh_CN.properties
deleted file mode 100644
index 84005b1c49..0000000000
--- a/core/src/main/resources/jenkins/diagnostics/RootUrlNotSetMonitor/message_zh_CN.properties
+++ /dev/null
@@ -1,29 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-urlIsNull=Jenkins \u7684\u6839 URL \u4E3A\u7A7A\uFF0C\u4F46\u5BF9\u4E8E Jenkins \u7684\u5F88\u591A\u7279\u8272\u662F\u5FC5\u9700\u7684\uFF0C\u4F8B\u5982\uFF1A\u90AE\u4EF6\u901A\u77E5\uFF0C \
-    PR \u72B6\u6001\u66F4\u65B0\uFF0C\u4EE5\u53CA\u50CF <code>BUILD_URL</code> \u4E00\u6837\u7684\u73AF\u5883\u53D8\u91CF\u3002
-urlIsInvalid=Jenkins \u7684\u6839 URL \u4F3C\u4E4E\u662F\u4E0D\u5408\u6CD5\u7684\u3002\u5B83\u5BF9\u4E8E Jenkins \u7684\u5F88\u591A\u7279\u8272\u662F\u5FC5\u9700\u7684\uFF0C\u4F8B\u5982\uFF1A\u90AE\u4EF6\u901A\u77E5\uFF0C \
-    PR \u72B6\u6001\u66F4\u65B0\uFF0C\u4EE5\u53CA\u50CF <code>BUILD_URL</code> \u4E00\u6837\u7684\u73AF\u5883\u53D8\u91CF\u3002
-actionToTake=\u8BF7\u5728 {0} \u63D0\u4F9B\u4E00\u4E2A\u51C6\u786E\u7684\u503C\u3002
-actionUrlContent=Jenkins \u914D\u7F6E
-Dismiss=\u4E0D\u518D\u663E\u793A
diff --git a/core/src/main/resources/jenkins/diagnostics/SecurityIsOffMonitor/message_zh_CN.properties b/core/src/main/resources/jenkins/diagnostics/SecurityIsOffMonitor/message_zh_CN.properties
deleted file mode 100644
index 7ac2a369ab..0000000000
--- a/core/src/main/resources/jenkins/diagnostics/SecurityIsOffMonitor/message_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Dismiss=\u4E0D\u518D\u663E\u793A
-Setup\ Security=\u5B89\u5168\u8BBE\u7F6E
-blurb=\u4E0D\u5B89\u5168\u7684Jenkins\u5141\u8BB8\u7F51\u7EDC\u4E0A\u7684\u4EFB\u4F55\u4EBA\u4EE5\u4F60\u7684\u8EAB\u4EFD\u8BBF\u95EE\u7A0B\u5E8F\u3002\u8003\u8651\u81F3\u5C11\u542F\u7528\u8EAB\u4EFD\u9A8C\u8BC1\u6765\u963B\u6B62\u6EE5\u7528\u3002
diff --git a/core/src/main/resources/jenkins/install/SetupWizard/authenticate-security-token_zh_CN.properties b/core/src/main/resources/jenkins/install/SetupWizard/authenticate-security-token_zh_CN.properties
deleted file mode 100644
index 68236b24e5..0000000000
--- a/core/src/main/resources/jenkins/install/SetupWizard/authenticate-security-token_zh_CN.properties
+++ /dev/null
@@ -1,32 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017-, vivo.com
-# Chinese (Simplified) translated by Gentle Yang
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-authenticate-security-token.getting.started=\u5165\u95E8
-authenticate-security-token.unlock.jenkins=\u89E3\u9501 Jenkins
-jenkins.install.findSecurityTokenMessage=\u4E3A\u4E86\u786E\u4FDD\u7BA1\u7406\u5458\u5B89\u5168\u5730\u5B89\u88C5 Jenkins\uFF0C\
-\u5BC6\u7801\u5DF2\u5199\u5165\u5230\u65E5\u5FD7\u4E2D\uFF08<small><a href="https://jenkins.io/redirect/find-jenkins-logs" target="_blank">\u4E0D\u77E5\u9053\u5728\u54EA\u91CC\uFF1F</a></small>\uFF09\u8BE5\u6587\u4EF6\u5728\u670D\u52A1\u5668\u4E0A\uFF1A<p><small><code>{0}</code></small></p>
-authenticate-security-token.copy.password=\u8BF7\u4ECE\u672C\u5730\u590D\u5236\u5BC6\u7801\u5E76\u7C98\u8D34\u5230\u4E0B\u9762\u3002
-authenticate-security-token.error=\u9519\u8BEF\uFF1A
-authenticate-security-token.password.incorrect=\u8F93\u5165\u7684\u5BC6\u7801\u6709\u8BEF\uFF0C\u8BF7\u68C0\u67E5\u6587\u4EF6\u4EE5\u786E\u8BA4\u5BC6\u7801\u6B63\u786E
-authenticate-security-token.password.administrator=\u7BA1\u7406\u5458\u5BC6\u7801
-authenticate-security-token.continue=\u7EE7\u7EED
diff --git a/core/src/main/resources/jenkins/install/SetupWizard/proxy-configuration_zh_CN.properties b/core/src/main/resources/jenkins/install/SetupWizard/proxy-configuration_zh_CN.properties
deleted file mode 100644
index 75ddbfd752..0000000000
--- a/core/src/main/resources/jenkins/install/SetupWizard/proxy-configuration_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017-, vivo.com
-# Chinese (Simplified) translated by Gentle Yang
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-HTTP\ Proxy\ Configuration=\u914d\u7f6eHTTP\u4ee3\u7406
diff --git a/core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance_zh_CN.properties b/core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance_zh_CN.properties
deleted file mode 100644
index cafe3da6c0..0000000000
--- a/core/src/main/resources/jenkins/install/SetupWizard/setupWizardConfigureInstance_zh_CN.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Instance\ Configuration=\u5b9e\u4f8b\u914d\u7f6e
-Jenkins\ URL=Jenkins URL
-jenkinsURL_help=Jenkins URL \u7528\u4e8e\u7ed9\u5404\u79cdJenkins\u8d44\u6e90\u63d0\u4f9b\u7edd\u5bf9\u8def\u5f84\u94fe\u63a5\u7684\u6839\u5730\u5740\u3002 \
- \u8fd9\u610f\u5473\u7740\u5bf9\u4e8e\u5f88\u591aJenkins\u7279\u8272\u662f\u9700\u8981\u6b63\u786e\u8bbe\u7f6e\u7684\uff0c\u4f8b\u5982\uff1a\u90ae\u4ef6\u901a\u77e5\u3001PR\u72b6\u6001\u66f4\u65b0\u4ee5\u53ca\u63d0\u4f9b\u7ed9\u6784\u5efa\u6b65\u9aa4\u7684<code>BUILD_URL</code>\u73af\u5883\u53d8\u91cf\u3002<br /> \
- \u63a8\u8350\u7684\u9ed8\u8ba4\u503c\u663e\u793a\u5728<strong>\u5c1a\u672a\u4fdd\u5b58</strong>\uff0c\u5982\u679c\u53ef\u80fd\u7684\u8bdd\u8fd9\u662f\u6839\u636e\u5f53\u524d\u8bf7\u6c42\u751f\u6210\u7684\u3002 \
- \u6700\u4f73\u5b9e\u8df5\u662f\u8981\u8bbe\u7f6e\u8fd9\u4e2a\u503c\uff0c\u7528\u6237\u53ef\u80fd\u4f1a\u9700\u8981\u7528\u5230\u3002\u8fd9\u5c06\u4f1a\u907f\u514d\u5728\u5206\u4eab\u6216\u8005\u67e5\u770b\u94fe\u63a5\u65f6\u7684\u56f0\u60d1\u3002 \
diff --git a/core/src/main/resources/jenkins/install/SetupWizard/setupWizardFirstUser_zh_CN.properties b/core/src/main/resources/jenkins/install/SetupWizard/setupWizardFirstUser_zh_CN.properties
deleted file mode 100644
index 3fc0ba88b1..0000000000
--- a/core/src/main/resources/jenkins/install/SetupWizard/setupWizardFirstUser_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017-, vivo.com
-# Chinese (Simplified) translated by Gentle Yang
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Create\ First\ Admin\ User=\u521b\u5efa\u7b2c\u4e00\u4e2a\u7ba1\u7406\u5458\u7528\u6237
diff --git a/core/src/main/resources/jenkins/install/UpgradeWizard/client-scripts_zh_CN.properties b/core/src/main/resources/jenkins/install/UpgradeWizard/client-scripts_zh_CN.properties
deleted file mode 100644
index f5bd72ea5e..0000000000
--- a/core/src/main/resources/jenkins/install/UpgradeWizard/client-scripts_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017-, vivo.com
-# Chinese (Simplified) translated by Gentle Yang
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-msg.before=\u6b22\u8fce\u4f7f\u7528jenkins {0}%21\u0020
-msg.link=\u73b0\u5728\u66f4\u65b0
-msg.after=\u0020\u4ee5\u83b7\u5f97\u65b0\u7279\u6027
diff --git a/core/src/main/resources/jenkins/install/pluginSetupWizard_zh_CN.properties b/core/src/main/resources/jenkins/install/pluginSetupWizard_zh_CN.properties
deleted file mode 100644
index fdad93d297..0000000000
--- a/core/src/main/resources/jenkins/install/pluginSetupWizard_zh_CN.properties
+++ /dev/null
@@ -1,108 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017-, vivo.com
-# Chinese (Simplified) translated by Gentle Yang
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-installWizard_welcomePanel_title=\u65b0\u624b\u5165\u95e8
-installWizard_welcomePanel_banner=\u81ea\u5b9a\u4e49Jenkins
-installWizard_welcomePanel_message=\u63d2\u4ef6\u901a\u8fc7\u9644\u52a0\u7279\u6027\u6765\u6269\u5c55Jenkins\u4ee5\u6ee1\u8db3\u4e0d\u540c\u7684\u9700\u6c42\u3002
-installWizard_welcomePanel_recommendedActionTitle=\u5b89\u88c5\u63a8\u8350\u7684\u63d2\u4ef6
-installWizard_welcomePanel_recommendedActionDetails=\u5b89\u88c5Jenkins\u793e\u533a\u63a8\u8350\u7684\u63d2\u4ef6\u3002
-installWizard_welcomePanel_customizeActionTitle=\u9009\u62e9\u63d2\u4ef6\u6765\u5b89\u88c5
-installWizard_welcomePanel_customizeActionDetails=\u9009\u62e9\u5e76\u5b89\u88c5\u6700\u9002\u5408\u7684\u63d2\u4ef6\u3002
-installWizard_jenkinsVersionTitle=Jenkins 
-installWizard_offline_title=\u79bb\u7ebf
-installWizard_offline_message=\u8be5Jenkins\u5b9e\u4f8b\u4f3c\u4e4e\u5df2\u79bb\u7ebf\u3002\
-<p style="font-size:18px; margin-top: 6%"> \
-\u53c2\u8003 <a href="https://jenkins.io/redirect/offline-installation" target="_blank">\u79bb\u7ebfJenkins\u5b89\u88c5\u6587\u6863</a>\u4e86\u89e3\u672a\u63a5\u5165\u4e92\u8054\u7f51\u65f6\u5b89\u88c5Jenkins\u7684\u66f4\u591a\u4fe1\u606f\u3002<br/><br/> \
-\u53ef\u4ee5\u901a\u8fc7\u914d\u7f6e\u4e00\u4e2a\u4ee3\u7406\u6216\u8df3\u8fc7\u63d2\u4ef6\u5b89\u88c5\u6765\u9009\u62e9\u7ee7\u7eed\u3002\
-</p>
-installWizard_error_header=\u51fa\u73b0\u4e00\u4e2a\u9519\u8bef
-installWizard_error_message=\u5b89\u88c5\u8fc7\u7a0b\u4e2d\u51fa\u73b0\u4e00\u4e2a\u9519\u8bef\uff1a
-installWizard_error_connection=\u65e0\u6cd5\u8fde\u63a5\u5230Jenkins
-installWizard_error_restartNotSupported=\u4e0d\u652f\u6301\u81ea\u52a8\u91cd\u542f\uff0c\u8bf7\u624b\u52a8\u91cd\u542f\u8be5\u5b9e\u4f8b
-installWizard_installCustom_title=\u65b0\u624b\u5165\u95e8
-installWizard_installCustom_selectAll=\u5168\u90e8
-installWizard_installCustom_selectNone=\u65e0
-installWizard_installCustom_selectRecommended=\u5efa\u8bae
-installWizard_installCustom_selected=\u5df2\u9009\u62e9
-installWizard_installCustom_dependenciesPrefix=\u4f9d\u8d56
-installWizard_installCustom_pluginListDesc=\u6ce8\u610f\uff0c\u8fd9\u91cc\u5e76\u672a\u663e\u793a\u5b8c\u6574\u7684\u63d2\u4ef6\u5217\u8868\u3002\u4e00\u65e6\u521d\u59cb\u5b89\u88c5\u5b8c\u6210\u540e\uff0c\u53ef\u901a\u8fc7<strong>\u63d2\u4ef6\u7ba1\u7406\u5668</strong>\u5b89\u88c5\u5176\u4ed6\u63d2\u4ef6\u3002<a href="https://jenkins.io/redirect/installation-wizard" target="_blank">\u67e5\u770bwiki\u4e86\u89e3\u66f4\u591a</a>\u3002
-installWizard_goBack=\u540e\u9000
-installWizard_goInstall=\u5b89\u88c5
-installWizard_installing_title=\u65b0\u624b\u5165\u95e8
-installWizard_installing_detailsLink=\u8be6\u60c5\u3002\u3002\u3002
-installWizard_installComplete_title=\u65b0\u624b\u5165\u95e8
-installWizard_installComplete_banner=Jenkins\u5df2\u5c31\u7eea\uff01
-installWizard_installComplete_bannerRestart=Jenkins\u5373\u5c06\u5c31\u7eea\uff01
-installWizard_pluginsInstalled_message=\u63d2\u4ef6\u5b89\u88c5\u5df2\u5b8c\u6210\u3002
-installWizard_installComplete_message=Jenkins\u5b89\u88c5\u5df2\u5b8c\u6210\u3002
-installWizard_installComplete_finishButtonLabel=\u5f00\u59cb\u4f7f\u7528Jenkins
-installWizard_installComplete_installComplete_restartRequiredMessage=Jenkins\u5b89\u88c5\u5df2\u5b8c\u6210\uff0c\u4f46\u90e8\u5206\u63d2\u4ef6\u9700\u8981\u91cd\u542fJenkins\u3002
-installWizard_installComplete_installComplete_restartRequiredNotSupportedMessage=Jenkins\u5b89\u88c5\u5df2\u5b8c\u6210\uff0c\u4f46\u90e8\u5206\u63d2\u4ef6\u9700\u8981\u91cd\u542fJenkins\uff0c\u8be5\u5b9e\u4f8b\u4f3c\u4e4e\u4e0d\u652f\u6301\u81ea\u52a8\u91cd\u542f\u3002\u8bf7\u73b0\u5728\u624b\u52a8\u91cd\u542f\u5b9e\u4f8b\u4ee5\u5b8c\u6210\u5b89\u88c5\u3002
-installWizard_installComplete_restartLabel=\u91cd\u542f
-installWizard_installIncomplete_title=\u6062\u590d\u5b89\u88c5
-installWizard_installIncomplete_banner=\u6062\u590d\u5b89\u88c5
-installWizard_installIncomplete_message=Jenkins\u5728\u5b89\u88c5\u8fc7\u7a0b\u5df2\u91cd\u542f\uff0c\u90e8\u5206\u63d2\u4ef6\u4f3c\u4e4e\u672a\u5b89\u88c5\u3002
-installWizard_installIncomplete_resumeInstallationButtonLabel=\u6062\u590d
-installWizard_saveFirstUser=\u4fdd\u5b58\u5e76\u5b8c\u6210
-installWizard_skipFirstUser=\u4f7f\u7528admin\u8d26\u6237\u7ee7\u7eed
-installWizard_firstUserSkippedMessage=<div class="alert alert-warning fade in">\
-\u4f60\u5df2\u8df3\u8fc7\u521b\u5efaadmin\u7528\u6237\u7684\u6b65\u9aa4\u3002\u8981\u767b\u5f55\u8bf7\u4f7f\u7528\u7528\u6237\u540d\uff1a'admin' \
-\u53ca\u7528\u4e8e\u8bbf\u95ee\u5b89\u88c5\u5411\u5bfc\u7684\u7ba1\u7406\u5458\u5bc6\u7801\u3002\
-</div> 
-installWizard_addFirstUser_title=\u65b0\u624b\u5165\u95e8
-
-# instance configuration page
-installWizard_configureInstance_title=\u5b9e\u4f8b\u914d\u7f6e
-installWizard_saveConfigureInstance=\u4fdd\u5b58\u5e76\u5b8c\u6210
-installWizard_skipConfigureInstance=\u73b0\u5728\u4e0d\u8981
-installWizard_configureInstanceSkippedMessage=<div class="alert alert-warning fade in">\
-\u60a8\u5df2\u7ecf\u8df3\u8fc7\u4e86 Jenkins URL\u7684\u914d\u7f6e\u3002 <br/><br/>\
-\u8981\u914d\u7f6e Jenkins URL\u7684\u8bdd\uff0c\u5230\u201cJenkins\u7ba1\u7406\u201d\u9875\u9762\u3002\
-</div>
-
-installWizard_configureProxy_label=\u914d\u7f6e\u4ee3\u7406
-installWizard_configureProxy_save=\u4fdd\u5b58\u5e76\u7ee7\u7eed
-installWizard_gettingStarted_title=\u65b0\u624b\u5165\u95e8
-installWizard_saveSecurity=\u4fdd\u5b58\u5e76\u7ee7\u7eed
-installWizard_skipPluginInstallations=\u8df3\u8fc7\u63d2\u4ef6\u5b89\u88c5
-installWizard_installIncomplete_dependenciesLabel=\u4f9d\u8d56
-installWizard_installingConsole_dependencyIndicatorNote=** - \u9700\u8981\u4f9d\u8d56
-installWizard_websiteLinkLabel=\u7f51\u7ad9
-installWizard_pluginInstallFailure_title=\u5b89\u88c5\u5931\u8d25
-installWizard_pluginInstallFailure_message=\u90e8\u5206\u63d2\u4ef6\u5b89\u88c5\u5931\u8d25\uff0c\u8bf7\u91cd\u8bd5\u6216\u7ee7\u7eed
-installWizard_continue=\u7ee7\u7eed
-installWizard_retry=\u91cd\u8bd5
-installWizard_upgradePanel_title=\u66f4\u65b0
-installWizard_upgradePanel_banner=\u6b22\u8fce\u4f7f\u7528Jenkins {0} \uff01
-installWizard_upgradePanel_message=Jenkins {0} \u5305\u62ec\u4e00\u4e9b\u4e0d\u9519\u7684\u65b0\u7279\u6027\uff0c\u6211\u4eec\u8ba4\u4e3a\u4f60\u53ef\u80fd\u4f1a\u559c\u6b22\uff0c\u5b89\u88c5\u8fd9\u4e9b\u9644\u52a0\u63d2\u4ef6\u6765\u4f53\u9a8c\uff01
-installWizard_upgradePanel_skipRecommendedPlugins=\u4e0d\uff0c\u8c22\u8c22
-installWizard_upgradeComplete_title=\u66f4\u65b0
-installWizard_pluginsInstalled_banner=\u6b22\u8fce\u4f7f\u7528Jenkins {0} \uff01
-installWizard_upgradeComplete_message=\u606d\u559c\uff01\u4f60\u5df2\u66f4\u65b0\u5230Jenkins {0} \u3002</p><p>\u8bbf\u95ee<a target="_blank" href="https://jenkins.io/2.0/">Jenkins\u7f51\u7ad9</a>\u4e86\u89e3\u66f4\u591a\u65b0\u7279\u6027\u7684\u4fe1\u606f\u3002
-installWizard_upgradeSkipped_title=\u66f4\u65b0
-installWizard_upgradeSkipped_banner=\u7279\u6027\u672a\u5b89\u88c5
-installWizard_upgradeSkipped_message=<div class="alert alert-warning fade in">\u5efa\u8bae\u7684\u63d2\u4ef6\u5c06\u4e0d\u88ab\u5b89\u88c5\u3002</div> \
-<p style="padding: 0 4px">\u5982\u679c\u4f60\u6539\u53d8\u4e3b\u610f\u4e86\uff0c\u8fd8\u53ef\u4ee5\u4ece\u63d2\u4ef6\u7ba1\u7406\u5668\u5b89\u88c5\u65b0\u7279\u6027\u3002</p>\
-<p style="padding: 0 4px">\u8bbf\u95ee<a target="_blank" href="https://jenkins.io/2.0/">Jenkins\u5b98\u7f51</a>\uff0c\u4e86\u89e3\u8fd9\u4e9b\u65b0\u7279\u6027\u5982\u4f55\u63d0\u5347Jenkins\u4f53\u9a8c\u3002</p>
-installWizard_upgrading_title=\u6b63\u5728\u5b89\u88c5\u63d2\u4ef6
-installWizard_upgradeComplete_finishButtonLabel=\u5b8c\u6210
diff --git a/core/src/main/resources/jenkins/management/AdministrativeMonitorsConfiguration/config_zh_CN.properties b/core/src/main/resources/jenkins/management/AdministrativeMonitorsConfiguration/config_zh_CN.properties
deleted file mode 100644
index 0b9eae01ae..0000000000
--- a/core/src/main/resources/jenkins/management/AdministrativeMonitorsConfiguration/config_zh_CN.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Administrative\ monitors\ configuration=\u7ba1\u7406\u76d1\u63a7\u914d\u7f6e
-Administrative\ monitors=\u7ba1\u7406\u76d1\u63a7
-Enabled\ administrative\ monitors=\u542f\u7528\u7684\u7ba1\u7406\u76d1\u63a7
-blurb = \u7ba1\u7406\u76d1\u63a7\u662f\u5c55\u793a\u7ed9\u7ba1\u7406\u5458\u7684\u5173\u4e8eJenkins\u5b9e\u4f8b\u72b6\u6001\u7684\u8b66\u544a\u4fe1\u606f\u3002 \
-  \u901a\u5e38\u5efa\u8bae\u542f\u7528\u6240\u6709\u7684\u914d\u7f6e\uff0c\u4f46\u5982\u679c\u4f60\u5bf9\u7279\u5b9a\u7684\u8b66\u544a\u4e0d\u5173\u5fc3\uff0c\u53ef\u4ee5 \
-  \u53d6\u6d88\u9009\u62e9\uff0c\u7136\u540e\u5c31\u4e0d\u4f1a\u518d\u663e\u793a\u4e86\u3002
diff --git a/core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/footer_zh_CN.properties b/core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/footer_zh_CN.properties
deleted file mode 100644
index 1d59784cbc..0000000000
--- a/core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/footer_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-#
-# The MIT License
-#
-# Copyright (c) 2018, suren
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-#
-
-Manage\ Jenkins=\u7BA1\u7406 Jenkins
-tooltip=\u6709 {0} \u4E2A\u6D3B\u8DC3\u7684\u7BA1\u7406\u76D1\u63A7\u3002
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/management/PluginsLink/info_zh_CN.properties b/core/src/main/resources/jenkins/management/PluginsLink/info_zh_CN.properties
deleted file mode 100644
index d134244a68..0000000000
--- a/core/src/main/resources/jenkins/management/PluginsLink/info_zh_CN.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-updates\ available=\u53EF\u7528\u66F4\u65B0
diff --git a/core/src/main/resources/jenkins/model/BuildDiscarderProperty/config-details_zh_CN.properties b/core/src/main/resources/jenkins/model/BuildDiscarderProperty/config-details_zh_CN.properties
deleted file mode 100644
index 0e354ef513..0000000000
--- a/core/src/main/resources/jenkins/model/BuildDiscarderProperty/config-details_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Strategy=\u7b56\u7565
diff --git a/core/src/main/resources/jenkins/model/DefaultSimplePageDecorator/simple-header_zh_CN.properties b/core/src/main/resources/jenkins/model/DefaultSimplePageDecorator/simple-header_zh_CN.properties
deleted file mode 100644
index d3e0472c0e..0000000000
--- a/core/src/main/resources/jenkins/model/DefaultSimplePageDecorator/simple-header_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Welcome\ to\ Jenkins!=\u6B22\u8FCE\u6765\u5230 Jenkins\uFF01
diff --git a/core/src/main/resources/jenkins/model/DownloadSettings/config_zh_CN.properties b/core/src/main/resources/jenkins/model/DownloadSettings/config_zh_CN.properties
deleted file mode 100644
index 8718dff20c..0000000000
--- a/core/src/main/resources/jenkins/model/DownloadSettings/config_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Plugin\ Manager=\u63D2\u4EF6\u7BA1\u7406
-Use\ Browser=\u4F7F\u7528\u6D4F\u89C8\u5668
-Use\ browser\ for\ metadata\ download=\u4F7F\u7528\u6D4F\u89C8\u5668\u4E0B\u8F7D\u5143\u6570\u636E
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/model/GlobalCloudConfiguration/config_zh_CN.properties b/core/src/main/resources/jenkins/model/GlobalCloudConfiguration/config_zh_CN.properties
deleted file mode 100644
index cb14161756..0000000000
--- a/core/src/main/resources/jenkins/model/GlobalCloudConfiguration/config_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Cloud=\u4e91
-Add\ a\ new\ cloud=\u65b0\u589e\u4e00\u4e2a\u4e91
-
diff --git a/core/src/main/resources/jenkins/model/GlobalNodePropertiesConfiguration/config_zh_CN.properties b/core/src/main/resources/jenkins/model/GlobalNodePropertiesConfiguration/config_zh_CN.properties
deleted file mode 100644
index e75cb78313..0000000000
--- a/core/src/main/resources/jenkins/model/GlobalNodePropertiesConfiguration/config_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Global\ properties=\u5168\u5c40\u5c5e\u6027
-
diff --git a/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_zh_CN.properties b/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_zh_CN.properties
deleted file mode 100644
index efe5c87bfa..0000000000
--- a/core/src/main/resources/jenkins/model/GlobalProjectNamingStrategyConfiguration/config_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018 suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-useNamingStrategy=\u5DE5\u7A0B\u547D\u540D\u9650\u5236
-namingStrategyTitle=\u547D\u540D\u7B56\u7565
-strategy=\u7B56\u7565
diff --git a/core/src/main/resources/jenkins/model/GlobalQuietPeriodConfiguration/config_zh_CN.properties b/core/src/main/resources/jenkins/model/GlobalQuietPeriodConfiguration/config_zh_CN.properties
deleted file mode 100644
index 0fa8afa652..0000000000
--- a/core/src/main/resources/jenkins/model/GlobalQuietPeriodConfiguration/config_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Quiet\ period=\u751f\u6210\u524d\u7b49\u5f85\u65f6\u95f4
-
diff --git a/core/src/main/resources/jenkins/model/GlobalSCMRetryCountConfiguration/config_zh_CN.properties b/core/src/main/resources/jenkins/model/GlobalSCMRetryCountConfiguration/config_zh_CN.properties
deleted file mode 100644
index 01c526d4de..0000000000
--- a/core/src/main/resources/jenkins/model/GlobalSCMRetryCountConfiguration/config_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-SCM\ checkout\ retry\ count=SCM\u7b7e\u51fa\u91cd\u8bd5\u6b21\u6570
-
diff --git a/core/src/main/resources/jenkins/model/Jenkins/EnforceSlaveAgentPortAdministrativeMonitor/message_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/EnforceSlaveAgentPortAdministrativeMonitor/message_zh_CN.properties
deleted file mode 100644
index c10cbe8313..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/EnforceSlaveAgentPortAdministrativeMonitor/message_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-description=JNLP \u4EE3\u7406\u7AEF\u53E3\u5DF2\u7ECF\u53D1\u751F\u53D8\u5316\uFF0C\u4F46\u662F\u5728\u542F\u52A8\u65F6\u901A\u8FC7\u7CFB\u7EDF\u5C5E\u6027 <code>{0}</code> \u6307\u5B9A\u7684\u3002\u5B83\u7684\u503C\u4F1A\u5728\u91CD\u542F\u65F6\u88AB\u91CD\u7F6E\u4E3A {1,number,#} \u3002
-reset=\u91CD\u7F6E\u4E3A {0,number,#}
diff --git a/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/_api_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/_api_zh_CN.properties
deleted file mode 100644
index fe83665bdf..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/_api_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Load\ Statistics=\u8d1f\u8f7d\u7edf\u8ba1
diff --git a/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/configure_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/configure_zh_CN.properties
deleted file mode 100644
index ed9ca95119..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/MasterComputer/configure_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-\#\ of\ executors=\u6267\u884c\u8005\u6570\u91cf
-Labels=\u6807\u8bb0
-Node\ Properties=\u8282\u70B9\u5C5E\u6027
-Save=\u4fdd\u5b58
diff --git a/core/src/main/resources/jenkins/model/Jenkins/_restart_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/_restart_zh_CN.properties
deleted file mode 100644
index d8b3cc28c2..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/_restart_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Restart\ Jenkins=\u91CD\u542F Jenkins
-Are\ you\ sure\ about\ restarting\ Jenkins?=\u60A8\u786E\u5B9A\u8981\u91CD\u542F Jenkins\uFF1F
-Yes=\u662F
-Jenkins\ cannot\ restart\ itself\ as\ currently\ configured.=Jenkins \u5728\u5F53\u524D\u914D\u7F6E\u4E0B\uFF0C\u65E0\u6CD5\u81EA\u6211\u91CD\u542F\u3002
diff --git a/core/src/main/resources/jenkins/model/Jenkins/_safeRestart_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/_safeRestart_zh_CN.properties
deleted file mode 100644
index d128a420c5..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/_safeRestart_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Jenkins\ cannot\ restart\ itself\ as\ currently\ configured.=Jenkins \u5728\u5F53\u524D\u914D\u7F6E\u4E0B\uFF0C\u65E0\u6CD5\u81EA\u6211\u91CD\u542F\u3002
-Are\ you\ sure\ about\ restarting\ Jenkins?\ Jenkins\ will\ restart\ once\ all\ running\ jobs\ are\ finished.=\
-  \u60A8\u786E\u5B9A\u8981\u91CD\u542F Jenkins\uFF1FJenkins \u4F1A\u5728\u6240\u6709\u4EFB\u52A1\u8FD0\u884C\u5B8C\u6210\u540E\u91CD\u542F\u3002
-Yes=\u662F
diff --git a/core/src/main/resources/jenkins/model/Jenkins/accessDenied_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/accessDenied_zh_CN.properties
deleted file mode 100644
index 5629d48dee..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/accessDenied_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Jenkins\ Login=\u767B\u9646 Jenkins
-Access\ Denied=\u62D2\u7EDD\u8BBF\u95EE
diff --git a/core/src/main/resources/jenkins/model/Jenkins/configure_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/configure_zh_CN.properties
deleted file mode 100644
index 5914183e6a..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/configure_zh_CN.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2018, Sun Microsystems, Inc., suren
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Configure\ System=\u7CFB\u7EDF\u8BBE\u7F6E
-LOADING=\u52A0\u8F7D\u4E2D
-Home\ directory=\u4E3B\u76EE\u5F55
-Save=\u4FDD\u5B58
-System\ Message=\u7CFB\u7EDF\u6D88\u606F
diff --git a/core/src/main/resources/jenkins/model/Jenkins/downgrade_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/downgrade_zh_CN.properties
deleted file mode 100644
index 3b8cece7bf..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/downgrade_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Restore\ the\ previous\ version\ of\ Jenkins=\u6062\u590D\u6210\u4E0A\u4E00\u4E2A\u7248\u672C
-buttonText=\u964D\u4E3A{0}
diff --git a/core/src/main/resources/jenkins/model/Jenkins/fingerprintCheck_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/fingerprintCheck_zh_CN.properties
deleted file mode 100644
index 62c6536463..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/fingerprintCheck_zh_CN.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Check=\u68C0\u67E5
-Check\ File\ Fingerprint=\u68C0\u67E5\u6587\u4EF6\u6807\u8BC6
-File\ to\ check=\u5F85\u68C0\u67E5\u6587\u4EF6
-description=\u5F97\u5230\u4E00\u4E2Ajar\u6587\u4EF6\uFF0C\u4F46\u662F\u4E0D\u77E5\u9053\u5176\u7248\u672C\u53F7\uFF1F<br />\u7ACB\u5373\u68C0\u9A8C\u6587\u4EF6\u6807\u8BC6\u5E76\u5728Jenkins\u7684\u6570\u636E\u5E93\u91CC\u627E\u5230\u5BF9\u5E94\u7248\u672C\u53F7\u3002
-more\ details=\u8BE6\u7EC6\u4FE1\u606F
diff --git a/core/src/main/resources/jenkins/model/Jenkins/legend_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/legend_zh_CN.properties
deleted file mode 100644
index 1d6485862a..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/legend_zh_CN.properties
+++ /dev/null
@@ -1,35 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-blue=\u4E0A\u4E00\u4E2A\u6784\u5EFA\u6210\u529F
-blue_anime=\u4E0A\u4E00\u4E2A\u6784\u5EFA\u6210\u529F\u3002\u4E00\u4E2A\u65B0\u7684\u6784\u5EFA\u6B63\u5728\u8FDB\u884C\u4E2D
-grey=\u9879\u76EE\u4ECE\u672A\u6784\u5EFA\uFF0C\u6216\u8005\u88AB\u7981\u7528
-grey_anime=\u7B2C\u4E00\u6B21\u6784\u5EFA\u4E2D
-health-00to20=\u9879\u76EE\u5065\u5EB7\u5EA6\u4F4E\u4E8E20%\u3002\u4F60\u53EF\u4EE5\u5C06\u9F20\u6807\u653E\u5728\u9879\u76EE\u56FE\u6807\u4E0A\u4EE5\u83B7\u53D6\u66F4\u591A\u4FE1\u606F\u3002
-health-21to40=\u9879\u76EE\u5065\u5EB7\u5EA6\u4ECB\u4E8E20%~40%\u3002\u4F60\u53EF\u4EE5\u5C06\u9F20\u6807\u653E\u5728\u9879\u76EE\u56FE\u6807\u4E0A\u4EE5\u83B7\u53D6\u66F4\u591A\u4FE1\u606F\u3002
-health-41to60=\u9879\u76EE\u5065\u5EB7\u5EA6\u4ECB\u4E8E40%~60%\u3002\u4F60\u53EF\u4EE5\u5C06\u9F20\u6807\u653E\u5728\u9879\u76EE\u56FE\u6807\u4E0A\u4EE5\u83B7\u53D6\u66F4\u591A\u4FE1\u606F\u3002
-health-61to80=\u9879\u76EE\u5065\u5EB7\u5EA6\u4ECB\u4E8E60%~80%\u3002\u4F60\u53EF\u4EE5\u5C06\u9F20\u6807\u653E\u5728\u9879\u76EE\u56FE\u6807\u4E0A\u4EE5\u83B7\u53D6\u66F4\u591A\u4FE1\u606F\u3002
-health-81plus=\u9879\u76EE\u5065\u5EB7\u5EA6\u9AD8\u4E8E80%\u3002\u4F60\u53EF\u4EE5\u5C06\u9F20\u6807\u653E\u5728\u9879\u76EE\u56FE\u6807\u4E0A\u4EE5\u83B7\u53D6\u66F4\u591A\u4FE1\u606F\u3002
-red=\u4E0A\u4E00\u4E2A\u6784\u5EFA\u5F7B\u5E95\u5931\u8D25\u3002
-red_anime=\u4E0A\u4E00\u4E2A\u6784\u5EFA\u5F7B\u5E95\u5931\u8D25\u3002\u65B0\u7684\u6784\u5EFA\u8FDB\u884C\u4E2D\u3002
-yellow=\u4E0A\u4E00\u4E2A\u6784\u5EFA\u6210\u529F\uFF0C\u4F46\u4E0D\u591F\u7A33\u5B9A\u3002\u6B64\u56FE\u6807\u4E3B\u8981\u7528\u6765\u8868\u793A\u67D0\u4E9B\u6D4B\u8BD5\u5931\u8D25\u3002
-yellow_anime=\u4E0A\u4E00\u4E2A\u6784\u5EFA\u6210\u529F\uFF0C\u4F46\u5305\u542B\u9519\u8BEF\u3002\u4E00\u4E2A\u65B0\u7684\u6784\u5EFA\u8FDB\u884C\u4E2D\u3002
diff --git a/core/src/main/resources/jenkins/model/Jenkins/load-statistics_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/load-statistics_zh_CN.properties
deleted file mode 100644
index fe83665bdf..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/load-statistics_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Load\ Statistics=\u8d1f\u8f7d\u7edf\u8ba1
diff --git a/core/src/main/resources/jenkins/model/Jenkins/loginError_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/loginError_zh_CN.properties
deleted file mode 100644
index f73606fdf6..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/loginError_zh_CN.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2018, Sun Microsystems, Inc.
-#               suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Login\ Error=\u767B\u5F55\u5931\u8D25
-Invalid\ login\ information.\ Please\ try\ again.=\u767B\u5F55\u4FE1\u606F\u65E0\u6548\u3002\u8BF7\u91CD\u8BD5\u3002
-Try\ again=\u91CD\u8BD5
-If\ you\ are\ a\ system\ administrator\ and\ suspect\ this\ to\ be\ a\ configuration\ problem,\ see\ the\ server\ console\ output\ for\ more\ details.=\u5982\u679C\u4F60\u662F\u7CFB\u7EDF\u7BA1\u7406\u5458\uFF0C\u5E76\u6000\u7591\u8FD9\u662F\u7531\u4E8E\u914D\u7F6E\u9519\u8BEF\u5BFC\u81F4\u7684\u8BDD\uFF0C\u53EF\u4EE5\u901A\u8FC7\u67E5\u770B\u670D\u52A1\u5668\u63A7\u5236\u53F0\u5F97\u5F97\u8BE6\u7EC6\u4FE1\u606F\u3002
diff --git a/core/src/main/resources/jenkins/model/Jenkins/login_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/login_zh_CN.properties
deleted file mode 100644
index 601996f02b..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/login_zh_CN.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2018, Sun Microsystems, Inc., suren
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Password=\u5BC6\u7801
-Keep\ me\ signed\ in=\u4FDD\u6301\u767B\u5F55\u72B6\u6001
-Username=\u7528\u6237\u540D
-signUp=<a href="signup">\u521B\u5EFA\u4E00\u4E2A\u7528\u6237\u8D26\u53F7</a> \u5982\u679C\u4F60\u6CA1\u6709\u6CE8\u518C\u7528\u6237.
-signIn=\u767B\u5F55
-Invalid\ username\ or\ password=\u7528\u6237\u540D\u6216\u5BC6\u7801\u9519\u8BEF
diff --git a/core/src/main/resources/jenkins/model/Jenkins/manage_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/manage_zh_CN.properties
deleted file mode 100644
index 08a2c38a7f..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/manage_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Jenkins\ CLI=Jenkins \u547D\u4EE4\u884C
-Manage\ Jenkins=\u7BA1\u7406Jenkins
-are.you.sure={0}: \u4F60\u786E\u5B9A\u5417\uFF1F
diff --git a/core/src/main/resources/jenkins/model/Jenkins/newView_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/newView_zh_CN.properties
deleted file mode 100644
index 3c312fb22d..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/newView_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2017, Sun Microsystems, Inc. ,suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-View\ name=\u89C6\u56FE\u540D\u79F0
-New\ View=\u65B0\u5EFA\u89C6\u56FE
-Copy\ Existing\ View=\u62F7\u8D1D\u5DF2\u7ECF\u5B58\u5728\u7684\u89C6\u56FE
diff --git a/core/src/main/resources/jenkins/model/Jenkins/oops_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/oops_zh_CN.properties
deleted file mode 100644
index a452d20921..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/oops_zh_CN.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-problemHappened=\u8BF7\u6C42\u8FC7\u7A0B\u4E2D\u53D1\u751F\u9519\u8BEF\u3002
-checkJIRA=\u8BF7\u68C0\u67E5<a href="https://jenkins.io/redirect/issue-tracker">\u6211\u4EEC\u7684\u95EE\u9898\u8DDF\u8E2A\u7CFB\u7EDF</a>\u770B\u662F\u5426\u5DF2\u7ECF\u8BB0\u5F55\u4E86\u7C7B\u4F3C\u7684\u95EE\u9898\u3002
-vote=\u5982\u679C\u5DF2\u7ECF\u8BB0\u5F55\uFF0C\u8BF7\u6295\u7968\u5E76\u7559\u8A00\uFF0C\u4EE5\u4FBF\u6211\u4EEC\u8861\u91CF\u8FD9\u4E2A\u95EE\u9898\u7684\u5F71\u54CD\u7A0B\u5EA6\u3002
-pleaseReport=\u5982\u679C\u4F60\u8BA4\u4E3A\u8FD9\u662F\u4E00\u4E2A\u65B0\u7684\u95EE\u9898\uFF0C\u8BF7\u628A\u8FD9\u4E2A\u95EE\u9898\u8BB0\u5F55\u4E0B\u6765\u3002
-stackTracePlease=\u5F53\u4F60\u8BB0\u5F55\u4E00\u4E2A\u95EE\u9898\u65F6\uFF0C\u8BF7\u786E\u4FDD\u628A\u6574\u4E2A\u8DDF\u8E2A\u6808\u90FD\u8BB0\u5F55\u4E0B\u6765\uFF0C\u4EE5\u53CA Jenkins \u548C\u76F8\u5173\u63D2\u4EF6\u7684\u7248\u672C\u3002
-checkML=<a href="https://jenkins.io/redirect/users-mailing-list">\u7528\u6237\u5217\u8868</a>\u53EF\u80FD\u5BF9\u4F60\u4E86\u89E3\u8FD9\u4E2A\u95EE\u9898\u6709\u5E2E\u52A9\u3002
diff --git a/core/src/main/resources/jenkins/model/Jenkins/projectRelationship_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/projectRelationship_zh_CN.properties
deleted file mode 100644
index 3cb0cc6a58..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/projectRelationship_zh_CN.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2018, Sun Microsystems, Inc., suren
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Compare=\u6BD4\u8F83
-Project\ Relationship=\u9879\u76EE\u5173\u7CFB
-downstream\ project=\u4E0B\u6E38\u9879\u76EE
-upstream\ project=\u4E0A\u6E38\u9879\u76EE
-There\ are\ no\ fingerprint\ records\ that\ connect\ these\ two\ projects.=\u6CA1\u6709\u6307\u7EB9\u8BB0\u5F55\u80FD\u5173\u8054\u8FD9\u4E24\u4E2A\u9879\u76EE\u3002
diff --git a/core/src/main/resources/jenkins/model/Jenkins/systemInfo_zh_CN.properties b/core/src/main/resources/jenkins/model/Jenkins/systemInfo_zh_CN.properties
deleted file mode 100644
index 3deab89a0a..0000000000
--- a/core/src/main/resources/jenkins/model/Jenkins/systemInfo_zh_CN.properties
+++ /dev/null
@@ -1,32 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2018, Sun Microsystems, Inc., suren
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Enabled=\u542F\u7528
-Environment\ Variables=\u73AF\u5883\u53D8\u91CF
-Name=\u540D\u79F0
-Plugins=\u63D2\u4EF6
-System\ Properties=\u7CFB\u7EDF\u5C5E\u6027
-Version=\u7248\u672C
-System\ Information=\u7CFB\u7EDF\u4FE1\u606F
-threadDump_blurb=\u8BBF\u95EE<a href="{0}">\u8BE5\u9875\u9762</a>\u67E5\u770B master \u548C agent \u7684\u7EBF\u7A0B\u7EBF\u7A0B\u8F6C\u50A8\u3002
-Thread\ Dumps=\u7EBF\u7A0B\u8F6C\u50A8
-No\ plugins\ installed.=\u6CA1\u6709\u5B89\u88C5\u4EFB\u4F55\u63D2\u4EF6\u3002
diff --git a/core/src/main/resources/jenkins/model/JenkinsLocationConfiguration/config_zh_CN.properties b/core/src/main/resources/jenkins/model/JenkinsLocationConfiguration/config_zh_CN.properties
deleted file mode 100644
index 17eefe6d81..0000000000
--- a/core/src/main/resources/jenkins/model/JenkinsLocationConfiguration/config_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-System\ Admin\ e-mail\ address=\u7cfb\u7edf\u7ba1\u7406\u5458\u90ae\u4ef6\u5730\u5740
-Jenkins\ URL=Jenkins URL
diff --git a/core/src/main/resources/jenkins/model/MasterBuildConfiguration/config_zh_CN.properties b/core/src/main/resources/jenkins/model/MasterBuildConfiguration/config_zh_CN.properties
deleted file mode 100644
index 86b0704e5b..0000000000
--- a/core/src/main/resources/jenkins/model/MasterBuildConfiguration/config_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-\#\ of\ executors=\u6267\u884c\u8005\u6570\u91cf
-Labels=\u6807\u8bb0
-
diff --git a/core/src/main/resources/jenkins/model/ProjectNamingStrategy/PatternProjectNamingStrategy/config_zh_CN.properties b/core/src/main/resources/jenkins/model/ProjectNamingStrategy/PatternProjectNamingStrategy/config_zh_CN.properties
deleted file mode 100644
index 41e268c46a..0000000000
--- a/core/src/main/resources/jenkins/model/ProjectNamingStrategy/PatternProjectNamingStrategy/config_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018 suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-namePattern=\u6A21\u5F0F
-description=\u63CF\u8FF0
-forceExistingJobs=\u5F71\u54CD\u5DF2\u7ECF\u5B58\u5728\u7684
diff --git a/core/src/main/resources/jenkins/model/RenameAction/action_zh_CN.properties b/core/src/main/resources/jenkins/model/RenameAction/action_zh_CN.properties
deleted file mode 100644
index 758882859f..0000000000
--- a/core/src/main/resources/jenkins/model/RenameAction/action_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Rename=\u91cd\u547d\u540d
diff --git a/core/src/main/resources/jenkins/mvn/FilePathGlobalSettingsProvider/config_zh_CN.properties b/core/src/main/resources/jenkins/mvn/FilePathGlobalSettingsProvider/config_zh_CN.properties
deleted file mode 100644
index 27c372ccea..0000000000
--- a/core/src/main/resources/jenkins/mvn/FilePathGlobalSettingsProvider/config_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright 2018, suren
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-File\ path=\u6587\u4EF6\u8DEF\u5F84
diff --git a/core/src/main/resources/jenkins/mvn/FilePathSettingsProvider/config_zh_CN.properties b/core/src/main/resources/jenkins/mvn/FilePathSettingsProvider/config_zh_CN.properties
deleted file mode 100644
index 27c372ccea..0000000000
--- a/core/src/main/resources/jenkins/mvn/FilePathSettingsProvider/config_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright 2018, suren
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-File\ path=\u6587\u4EF6\u8DEF\u5F84
diff --git a/core/src/main/resources/jenkins/mvn/GlobalMavenConfig/config_zh_CN.properties b/core/src/main/resources/jenkins/mvn/GlobalMavenConfig/config_zh_CN.properties
deleted file mode 100644
index cf7aa39622..0000000000
--- a/core/src/main/resources/jenkins/mvn/GlobalMavenConfig/config_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright 2018, suren
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Maven\ Configuration=Maven \u914D\u7F6E
-Default\ settings\ provider=\u9ED8\u8BA4 settings \u63D0\u4F9B
-Default\ global\ settings\ provider=\u9ED8\u8BA4\u5168\u5C40 settings \u63D0\u4F9B
diff --git a/core/src/main/resources/jenkins/security/ApiTokenProperty/config_zh_CN.properties b/core/src/main/resources/jenkins/security/ApiTokenProperty/config_zh_CN.properties
deleted file mode 100644
index ca8f3ae3fb..0000000000
--- a/core/src/main/resources/jenkins/security/ApiTokenProperty/config_zh_CN.properties
+++ /dev/null
@@ -1,48 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-TokenDisplayedOnce=\u7ACB\u523B\u62F7\u8D1D\u8BE5 Token\uFF0C\u56E0\u4E3A\u4EE5\u540E\u5C06\u65E0\u6CD5\u83B7\u53D6\u5B83\u3002
-AddNewToken=\u6DFB\u52A0\u65B0 Token
-GenerateNewToken=\u751F\u6210
-RevokeToken=\u5220\u9664\u8BE5 token
-NoTokenYet=\u6CA1\u6709\u5C5E\u4E8E\u5F53\u524D\u7528\u6237\u540D\u7684 Token
-TokenLastUse=\u4F7F\u7528\u4E86 <b>{0}</b> \u6B21\uFF0C\u6700\u8FD1\u4E00\u6B21\u662F <b>{1}</b> \u5929\u524D
-StatisticsDisabled=\u65E0\u7EDF\u8BA1\u4FE1\u606F
-StatisticsDisabled.Title=Token \u4F7F\u7528\u7EDF\u8BA1\u529F\u80FD\u88AB\u7981\u7528
-TokenNeverUsed=\u4ECE\u672A\u4F7F\u7528
-TokenNeverUsedTooltip=\u6CA1\u6709 Token \u7684\u6700\u540E\u4F7F\u7528\u65F6\u95F4
-TokenNeverUsed.Title=\u6211\u4EEC\u5F3A\u70C8\u5EFA\u8BAE\u4F60\u5220\u9664\u4E0D\u8BA1\u5212\u4F7F\u7528\u7684 Token
-ConfirmRevokeSingle=\u60A8\u786E\u5B9A\u8981\u5220\u9664\u8BE5 Token \u5417\uFF1F\u5DF2\u7ECF\u4F7F\u7528\u4E86\u5B83\u7684\u5E94\u7528\u5C06\u4F1A\u53D1\u751F\u9519\u8BEF\u3002
-CurrentTokens=\u5F53\u524D Token
-TokenCreation={0} \u5929\u524D\u521B\u5EFA
-RenameToken=\u4FDD\u5B58 token \u4E3A\u65B0\u7684\u540D\u79F0
-LegacyToken=\u6211\u4EEC\u5F3A\u70C8\u5EFA\u8BAE\u4F60\u5220\u9664\u8FD9\u4E2A\u9057\u7559 Token \uFF0C\u5E76\u4E3A\u4E86\u589E\u52A0\u5B89\u5168\u6027\u4F7F\u7528\u65B0\u751F\u6210\u7684 Token\u3002
-NoLegacyToken=\u5F53\u524D\u7528\u6237\u8FD8\u6CA1\u6709\u9057\u7559\u7684 Token
-RevokedToken=\u9057\u7559\u7684 Token \u88AB\u5220\u9664
-NoCreationDate=\u8BE5 Token \u6CA1\u6709\u521B\u5EFA\u65F6\u95F4
-NoCreationDateValue=\u672A\u77E5
-Default\ name=\u9ED8\u8BA4\u540D\u79F0
-Cancel=\u53D6\u6D88
-Show\ Legacy\ API\ Token=\u663E\u793A\u9057\u7559\u7684 API Token
-Legacy\ API\ Token=\u9057\u7559\u7684 API Token
-Change\ API\ Token=\u4FEE\u6539 API Token
-TokenNeverUsedValue=Token \u4ECE\u672A\u7528\u8FC7\u7684\u503C
diff --git a/core/src/main/resources/jenkins/security/UpdateSiteWarningsConfiguration/config_zh_CN.properties b/core/src/main/resources/jenkins/security/UpdateSiteWarningsConfiguration/config_zh_CN.properties
deleted file mode 100644
index aec0b05bf1..0000000000
--- a/core/src/main/resources/jenkins/security/UpdateSiteWarningsConfiguration/config_zh_CN.properties
+++ /dev/null
@@ -1,29 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Hidden\ security\ warnings=\u9690\u85CF\u7684\u5B89\u5168\u8B66\u544A
-Security\ warnings=\u5B89\u5168\u8B66\u544A
-warning.core=Jenkins \u6838\u5FC3: {0}
-warning.plugin= {0}: {1} 
-
-blurb=\u8BE5\u533A\u57DF\u5141\u8BB8\u4F60\u7981\u7528\u5728\u66F4\u65B0\u7F51\u7AD9\u53D1\u5E03\u7684\u8B66\u544A\u3002 \
-  \u52FE\u9009\u8B66\u544A\u663E\u793A\uFF08\u9ED8\u8BA4\uFF09\uFF0C\u53D6\u6D88\u7684\u8B66\u544A\u4F1A\u9690\u85CF\u3002
diff --git a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config_zh_CN.properties b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config_zh_CN.properties
deleted file mode 100644
index 727776df19..0000000000
--- a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyConfiguration/config_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-tokenGenerationOnCreationEnabled=\u4E3A\u6BCF\u4E2A\u65B0\u521B\u5EFA\u7684\u7528\u6237\u751F\u6210\u4E00\u4E2A\u9057\u7559\u7684 API token \uFF08\u4E0D\u5EFA\u8BAE\uFF09
-creationOfLegacyTokenEnabled=\u5141\u8BB8\u7528\u6237\u624B\u52A8\u521B\u5EFA\u4E00\u4E2A\u9057\u7559\u7684 API token \uFF08\u4E0D\u5EFA\u8BAE\uFF09
-usageStatisticsEnabled=\u542F\u7528 API Token \u4F7F\u7528\u7EDF\u8BA1
-API\ Token=API Token
diff --git a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message_zh_CN.properties b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message_zh_CN.properties
deleted file mode 100644
index caf7f6155a..0000000000
--- a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyDisabledDefaultAdministrativeMonitor/message_zh_CN.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-warningMessage=\u4E3A\u6BCF\u4E2A\u65B0\u521B\u5EFA\u7684\u7528\u6237\u751F\u6210\u4E00\u4E2A\u9057\u7559\u7684 API Token.<br/>\
-  \u8BE5\u884C\u4E3A\u662F\u4E3A\u4E86\u5411\u540E\u517C\u5BB9\uFF0C\u4F46\u662F\u9057\u7559\u7684 API Token \u5DF2\u7ECF\u88AB\u5F03\u7528\uFF0C\u5E76\u4E14\u4E0D\u63A8\u8350\u957F\u671F\u4F7F\u7528\u3002<br/>\
-  \u5E94\u8BE5\u6839\u636E\u9700\u8981\u5728\u7528\u6237\u914D\u7F6E\u9875\u9762\u751F\u6210 API Tokens.
-Disable\ automatic\ generation\ of\ legacy\ API\ tokens=\u7981\u6B62\u81EA\u52A8\u751F\u6210\u9057\u7559 API Token
-Dismiss=\u4E0D\u518D\u663E\u793A
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message_zh_CN.properties b/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message_zh_CN.properties
deleted file mode 100644
index 45f475a615..0000000000
--- a/core/src/main/resources/jenkins/security/apitoken/ApiTokenPropertyEnabledNewLegacyAdministrativeMonitor/message_zh_CN.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-warningMessage=\u7528\u6237\u53EF\u4EE5\u751F\u6210\u4E00\u4E2A\u65B0\u7684\u9057\u7559 API Token.<br/>\
-  \u8BE5\u884C\u4E3A\u662F\u4E3A\u4E86\u5411\u540E\u517C\u5BB9\uFF0C\u4F46\u662F\u9057\u7559\u7684 API Token \u5DF2\u7ECF\u88AB\u5F03\u7528\uFF0C\u5E76\u4E14\u4E0D\u63A8\u8350\u957F\u671F\u4F7F\u7528\u3002<br/>\
-  \u5E94\u8BE5\u6839\u636E\u9700\u8981\u5728\u7528\u6237\u914D\u7F6E\u9875\u9762\u751F\u6210 API Tokens.
-Prevent\ users\ from\ manually\ creating\ legacy\ API\ tokens=\u963B\u6B62\u7528\u6237\u624B\u52A8\u521B\u5EFA\u9057\u7559 API Token
-Dismiss=\u4E0D\u518D\u663E\u793A
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage_zh_CN.properties b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage_zh_CN.properties
deleted file mode 100644
index 25dccf56c8..0000000000
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/manage_zh_CN.properties
+++ /dev/null
@@ -1,65 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-title=\u7BA1\u7406\u9057\u7559\u7684 API Token \u4F7F\u7528
-contextMessage=\u4E0B\u5217\u7528\u6237\u62E5\u6709\u4E00\u4E2A\u9057\u7559\u7684 API Token. \
-  \u7531\u4E8E\u9057\u7559 Token \u662F\u4EE5\u53EF\u6062\u590D\u7684\u683C\u5F0F\u5B58\u50A8\u7684\uFF0C\u6211\u4EEC\u5EFA\u8BAE\u8FC1\u79FB\u5230\u65B0\u7684 API Token \u7CFB\u7EDF\u3002 \
-  \u53E6\u5916\uFF0C\u5728\u4E4B\u524D\u7248\u672C\u7684 Jenkins \u4E2D\uFF0C\u4F1A\u4E3A\u6BCF\u4E2A\u65B0\u7528\u6237\u81EA\u52A8\u521B\u5EFA API Token. \
-  \u901A\u5E38\u60C5\u51B5\u4E0B\uFF0C\u7528\u6237\u4E0D\u4F1A\u4F7F\u7528\u8FD9\u4E9B Token\uFF0C\u5BFC\u81F4\u66F4\u52A0\u5BB9\u6613\u88AB\u653B\u51FB\u3002 \
-  \u81EA\u52A8\u751F\u6210 Token \u7684\u542F\u7528\u5FC5\u987B\u660E\u786E\u3002
-recommendationMessage=\u56E0\u6B64\uFF0C\u6211\u4EEC\u5EFA\u8BAE\u4F60\uFF1A\
-<ul>\
-  <li>\u79FB\u9664\u4ECE\u672A\u4F7F\u7528\u7684 Token</li>\
-  <li>\u5F53\u524D\u5728\u4F7F\u7528\u9057\u7559 Token \u7684\u7528\u6237\uFF0C\u4F7F\u7528\u65B0\u7CFB\u7EDF\u751F\u6210 Token\uFF0C\u5E76\u79FB\u9664\u4ED6\u4EEC\u7684\u9057\u7559 Token</li>\
-</ul>
-UserId=\u7528\u6237 ID
-UserFullName=\u7528\u6237\u5168\u79F0
-TokenName=Token \u540D\u79F0
-NumDaysSinceCreation=\u8DDD\u79BB\u521B\u5EFA\u65F6\u7684\u5929\u6570
-NumOfUse=# \u4F7F\u7528\u6570
-NumDaysSinceLastUse=\u8DDD\u79BB\u6700\u8FD1\u4E00\u6B21\u4F7F\u7528\u7684\u5929\u6570
-HasFreshToken=\u65B0\u7684 token?
-HasFreshToken_tooltip=\u4E00\u4E2A\u6700\u8FD1\u4F7F\u7528\u7684\u65B0\u7684 Token \u662F\u7531\u65B0\u7CFB\u7EDF\u521B\u5EFA\u5E76\u6700\u8FD1\u4F7F\u7528\u4E86\u7684\uFF0C\u800C\u4E0D\u662F\u7528\u6237\u7684\u9057\u7559 Token. \n\
-  \u6CE8\u610F\uFF1A\u9057\u7559 Token \u7684\u521B\u5EFA\u65F6\u95F4\u5728\u6BCF\u6B21 Jenkins \u91CD\u542F\u540E\u4F1A\u88AB\u91CD\u7F6E\uFF0C\u4E5F\u5C31\u610F\u5473\u7740\u8BE5\u65F6\u95F4\u662F\u4E0D\u51C6\u786E\u7684\u3002
-HasFreshToken_ok_tooltip=\u8BE5\u7528\u6237\u6709\u4E00\u4E2A\u65B0\u7684 Token
-HasFreshToken_warning_tooltip=\u8BE5\u7528\u6237\u6CA1\u6709\u65B0\u7684 Token
-HasMoreRecentlyUsedToken=\u6700\u8FD1\u7528\u8FC7\u7684 Token?
-HasMoreRecentlyUsedToken_tooltip=\u4E00\u4E2A\u6700\u8FD1\u4F7F\u7528\u7684 Token \u662F\u7531\u65B0\u7CFB\u7EDF\u521B\u5EFA\u5E76\u6700\u8FD1\u4F7F\u7528\u4E86\u7684\uFF0C\u800C\u4E0D\u662F\u7528\u6237\u7684\u9057\u7559 Token. \n\
-  \u6CE8\u610F\uFF1A\u9057\u7559 Token \u7684\u521B\u5EFA\u65F6\u95F4\u5728\u6BCF\u6B21 Jenkins \u91CD\u542F\u540E\u4F1A\u88AB\u91CD\u7F6E\uFF0C\u4E5F\u5C31\u610F\u5473\u7740\u8BE5\u65F6\u95F4\u662F\u4E0D\u51C6\u786E\u7684\u3002
-HasMoreRecentlyUsedToken_ok_tooltip=\u8BE5\u7528\u6237\u6709\u4E00\u4E2A\u6700\u8FD1\u7528\u7684 Token
-HasMoreRecentlyUsedToken_warning_tooltip=\u8BE5\u7528\u6237\u6CA1\u6709\u6700\u8FD1\u7528\u8FC7\u7684 Token
-NoImpactedUser=\u6CA1\u6709\u7528\u6237\u4F7F\u7528\u9057\u7559 Token
-NoCreationDate=\u8BE5 Token \u6CA1\u6709\u521B\u5EFA\u65F6\u95F4
-NoCreationDateValue=\u672A\u77E5
-NoLastUse=\u8BE5 Token \u6CA1\u6709\u6700\u8FD1\u4F7F\u7528\u65F6\u95F4
-NoLastUseValue=\u4ECE\u672A\u4F7F\u7528
-RevokeAllSelected=\u79FB\u9664\u6240\u9009\u7684 Token
-RevokeAllSelected_confirm=\u4F60\u786E\u5B9A\u8981\u79FB\u9664\u6240\u9009 %num% \u7684 Token\u5417\uFF1F
-RevokeAllSelected_nothing=\u6CA1\u6709\u9009\u62E9 Token\uFF0C\u8BF7\u81F3\u5C11\u9009\u62E9\u4E00\u4E2A Token \u6765\u79FB\u9664
-Select=\u9009\u62E9
-only\ recent=\u4EC5\u6700\u8FD1\u7528\u8FC7\u7684
-only\ fresh=\u4EC5\u65B0\u7684
-all=\u6240\u6709
-Recently\ used\ token=\u6700\u8FD1\u4F7F\u7528\u8FC7\u7684 Token
-No\ fresh\ token=\u6CA1\u6709\u65B0\u7684 Token
-Fresh\ token=\u65B0\u7684 Token
-No\ recently\ used\ token=\u6CA1\u6709\u6700\u8FD1\u4F7F\u7528\u8FC7\u7684 Token
diff --git a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message_zh_CN.properties b/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message_zh_CN.properties
deleted file mode 100644
index 1ac094b36a..0000000000
--- a/core/src/main/resources/jenkins/security/apitoken/LegacyApiTokenAdministrativeMonitor/message_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-warningMessage=\u90E8\u5206\u7528\u6237\u4ECD\u7136\u5728\u4F7F\u7528\u9057\u7559 API token. \
-  \u5B83\u4E0D\u5982\u65B0\u7684\u5B89\u5168\uFF0C\u56E0\u4E3A\u9057\u7559\u7684 Token \u53EF\u4EE5\u5728\u78C1\u76D8\u4E0A\u6062\u590D\u3002 <br />\
-  \u67E5\u770B <a href="{0}/{1}/manage">\u53D7\u5F71\u54CD\u7684\u7528\u6237\u5217\u8868</a>\u3002
diff --git a/core/src/main/resources/jenkins/security/csrf/CSRFAdministrativeMonitor/message_zh_CN.properties b/core/src/main/resources/jenkins/security/csrf/CSRFAdministrativeMonitor/message_zh_CN.properties
deleted file mode 100644
index ef11117723..0000000000
--- a/core/src/main/resources/jenkins/security/csrf/CSRFAdministrativeMonitor/message_zh_CN.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-warningMessage=\u60A8\u8FD8\u6CA1\u6709\u914D\u7F6E\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020\u9632\u62A4\u3002\u8FD9\u53EF\u80FD\u4F1A\u6709\u5B89\u5168\u95EE\u9898\u3002 \
-  \u66F4\u591A\u4FE1\u606F\uFF0C\u8BF7\u53C2\u8003 {0}\u3002
-actionMessage=\u60A8\u53EF\u4EE5\u5728\u5B89\u5168\u533A\u57DF {0} \u6765\u4FEE\u6539\u5F53\u524D\u7684\u914D\u7F6E\u3002
-referenceUrlContent=\u8FD9\u4E2A\u9875\u9762
-actionUrlContent=\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020\u4FDD\u62A4
-Dismiss=\u4E0D\u518D\u663E\u793A
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/security/s2m/AdminCallableMonitor/message_zh_CN.properties b/core/src/main/resources/jenkins/security/s2m/AdminCallableMonitor/message_zh_CN.properties
deleted file mode 100644
index bded8c0b7b..0000000000
--- a/core/src/main/resources/jenkins/security/s2m/AdminCallableMonitor/message_zh_CN.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-#
-# The MIT License
-#
-# Copyright (c) 2018, suren
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-#
-
-blurb=\u7531\u4E8E\u6211\u4EEC\u4E0D\u786E\u5B9A\u5B83\u662F\u5426\u5141\u8BB8\u4EE3\u7406\u6267\u884C\uFF0CJenkins \u5DF2\u7ECF\u62D2\u7EDD\u4E86\u90E8\u5206\u6765\u81EA\u4EE3\u7406\u7684\u547D\u4EE4\uFF0C\u8FD9\u53EF\u80FD\u4F1A\u5F71\u54CD\u90E8\u5206\u6784\u5EFA\u3002\
-  \u60A8\u56E0\u8BE5\u68C0\u67E5\u8BE5\u60C5\u51B5\uFF0C\u51B3\u5B9A\u662F\u5426\u628A\u8FD9\u4E9B\u547D\u4EE4\u6DFB\u52A0\u5230\u767D\u540D\u5355\u3002
-Dismiss=\u53D6\u6D88
-Examine=\u68C0\u67E5
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/security/s2m/AdminWhitelistRule/index_zh_CN.properties b/core/src/main/resources/jenkins/security/s2m/AdminWhitelistRule/index_zh_CN.properties
deleted file mode 100644
index fe6a966d95..0000000000
--- a/core/src/main/resources/jenkins/security/s2m/AdminWhitelistRule/index_zh_CN.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-#
-# The MIT License
-#
-# Copyright (c) 2018, suren
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-#
-
-Whitelist=\u767D\u540D\u5355
-Agent\ &\#8594;\ Master\ Access\ Control=Master \u5BF9\u4EE3\u7406\u7684\u8BBF\u95EE\u63A7\u5236
-Update=\u66F4\u65B0
diff --git a/core/src/main/resources/jenkins/security/s2m/MasterKillSwitchWarning/message_zh_CN.properties b/core/src/main/resources/jenkins/security/s2m/MasterKillSwitchWarning/message_zh_CN.properties
deleted file mode 100644
index cf3bfadcb5..0000000000
--- a/core/src/main/resources/jenkins/security/s2m/MasterKillSwitchWarning/message_zh_CN.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-#
-# The MIT License
-#
-# Copyright (c) 2018, suren
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-#
-
-blurb=\u4ECE\u4EE3\u7406\u5230 Master \u7684\u5B89\u5168\u5B50\u7CFB\u7EDF\u5DF2\u5173\u95ED\u3002
-    <a href="https://jenkins.io/redirect/security-144" target="_blank">\u8BF7\u67E5\u770B\u6587\u6863</a>\u540E\u8003\u8651\u662F\u5426\u8981\u6253\u5F00\u5B89\u5168\u8BBE\u7F6E\u3002
-Dismiss=\u53D6\u6D88
-Examine=\u68C0\u67E5
diff --git a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_zh_CN.properties b/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_zh_CN.properties
deleted file mode 100644
index d67610f515..0000000000
--- a/core/src/main/resources/jenkins/slaves/DeprecatedAgentProtocolMonitor/message_zh_CN.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-blurb=\u8BE5 Jenkins \u5B9E\u4F8B\u4F7F\u7528\u4E86\u5DF2\u5F03\u7528\u7684\u534F\u8BAE\uFF1A {0}\u3002 \
-      \u5B83\u53EF\u80FD\u5F71\u54CD\u5B9E\u4F8B\u7684\u7A33\u5B9A\u6027\u3002 \
-      \u5982\u679C\u66F4\u65B0\u7684\u534F\u8BAE\u7248\u672C\u5DF2\u7ECF\u652F\u6301\u4E86\u6240\u6709\u7684\u7CFB\u7EDF\u7EC4\u4EF6\uFF08\u4EE3\u7406\u3001\u547D\u4EE4\u884C\u4EE5\u53CA\u5176\u4ED6\u5BA2\u6237\u7AEF\uFF0C \
-      \u5F3A\u70C8\u5EFA\u8BAE\u7981\u7528\u88AB\u5F03\u7528\u7684\u534F\u8BAE\u3002
-See\ Protocol\ Configuration=\u67E5\u770B<a href="{0}/configureSecurity">\u534F\u8BAE\u914D\u7F6E</a>\u3002
diff --git a/core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/config_zh_CN.properties b/core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/config_zh_CN.properties
deleted file mode 100644
index ba7b9b5022..0000000000
--- a/core/src/main/resources/jenkins/slaves/RemotingWorkDirSettings/config_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018 suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Disable\ WorkDir=\u7981\u7528\u5de5\u4f5c\u76ee\u5f55
-Fail\ if\ workspace\ is\ missing=\u5f53\u5de5\u4f5c\u76ee\u5f55\u7f3a\u5931\u65f6\u5931\u8d25
-Internal\ data\ directory=\u5185\u90e8\u6570\u636e\u76ee\u5f55
-Custom\ WorkDir\ path=\u81ea\u5b9a\u4e49\u5de5\u4f5c\u76ee\u5f55
diff --git a/core/src/main/resources/jenkins/tools/GlobalToolConfiguration/index_zh_CN.properties b/core/src/main/resources/jenkins/tools/GlobalToolConfiguration/index_zh_CN.properties
deleted file mode 100644
index e3e7574141..0000000000
--- a/core/src/main/resources/jenkins/tools/GlobalToolConfiguration/index_zh_CN.properties
+++ /dev/null
@@ -1,2 +0,0 @@
-Back\ to\ Dashboard=\u8FD4\u56DE
-Manage\ Jenkins=\u7CFB\u7EDF\u7BA1\u7406
\ No newline at end of file
diff --git a/core/src/main/resources/jenkins/triggers/ReverseBuildTrigger/config_zh_CN.properties b/core/src/main/resources/jenkins/triggers/ReverseBuildTrigger/config_zh_CN.properties
deleted file mode 100644
index f8cd64654e..0000000000
--- a/core/src/main/resources/jenkins/triggers/ReverseBuildTrigger/config_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Trigger\ even\ if\ the\ build\ is\ unstable=\u5373\u4f7f\u6784\u5efa\u4e0d\u7a33\u5b9a\u65f6\u4e5f\u4f1a\u89e6\u53d1
-Projects\ to\ watch=\u5173\u6ce8\u7684\u9879\u76ee
-Trigger\ only\ if\ build\ is\ stable=\u53ea\u6709\u6784\u5efa\u7a33\u5b9a\u65f6\u89e6\u53d1
-Trigger\ even\ if\ the\ build\ fails=\u5373\u4f7f\u6784\u5efa\u5931\u8d25\u65f6\u4e5f\u4f1a\u89e6\u53d1
diff --git a/core/src/main/resources/lib/form/advanced_zh_CN.properties b/core/src/main/resources/lib/form/advanced_zh_CN.properties
deleted file mode 100644
index ba1c6557e3..0000000000
--- a/core/src/main/resources/lib/form/advanced_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Advanced=\u9AD8\u7EA7
-customizedFields=\u672C\u533A\u5757\u7684\u4E00\u4E2A\u6216\u591A\u4E2A\u5B57\u6BB5\u5DF2\u7ECF\u88AB\u4FEE\u6539\u3002
diff --git a/core/src/main/resources/lib/form/apply_zh_CN.properties b/core/src/main/resources/lib/form/apply_zh_CN.properties
deleted file mode 100644
index 8a9da8bf36..0000000000
--- a/core/src/main/resources/lib/form/apply_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018 suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Apply=\u5E94\u7528
diff --git a/core/src/main/resources/lib/form/booleanRadio_zh_CN.properties b/core/src/main/resources/lib/form/booleanRadio_zh_CN.properties
deleted file mode 100644
index bbb5b92f3c..0000000000
--- a/core/src/main/resources/lib/form/booleanRadio_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Yes=\u662F
-No=\u5426
diff --git a/core/src/main/resources/lib/form/breadcrumb-config-outline_zh_CN.properties b/core/src/main/resources/lib/form/breadcrumb-config-outline_zh_CN.properties
deleted file mode 100644
index 5968bb88a2..0000000000
--- a/core/src/main/resources/lib/form/breadcrumb-config-outline_zh_CN.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-configuration=\u914D\u7F6E
diff --git a/core/src/main/resources/lib/form/expandableTextbox_zh_CN.properties b/core/src/main/resources/lib/form/expandableTextbox_zh_CN.properties
deleted file mode 100644
index 48f2663aaf..0000000000
--- a/core/src/main/resources/lib/form/expandableTextbox_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-tooltip=\
-  \u6309\u4E00\u4E0B\u5C55\u5F00\u6210\u591A\u884C\u6A21\u5F0F<br />\u8BE5\u6A21\u5F0F\u4E0B\u60A8\u53EF\u4EE5\u76F4\u63A5\u63DB\u884C\u800C\u4E0D\u662F\u7528\u7A7A\u767D\u9694\u884C\u3002<br />\
-  \u8F93\u5165\u4EFB\u4F55\u5355\u884C\u7684\u5185\u5BB9\u518D\u56DE\u8F66\u53EF\u5207\u63DB\u56DE\u5355\u884C\u6A21\u5F0F\u3002
diff --git a/core/src/main/resources/lib/form/helpArea_zh_CN.properties b/core/src/main/resources/lib/form/helpArea_zh_CN.properties
deleted file mode 100644
index bcfddaaee5..0000000000
--- a/core/src/main/resources/lib/form/helpArea_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Loading...=\u52A0\u8F7D\u4E2D...
diff --git a/core/src/main/resources/lib/form/hetero-list_zh_CN.properties b/core/src/main/resources/lib/form/hetero-list_zh_CN.properties
deleted file mode 100644
index b3c5fe872e..0000000000
--- a/core/src/main/resources/lib/form/hetero-list_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Add=\u65B0\u589E
diff --git a/core/src/main/resources/lib/form/repeatableDeleteButton_zh_CN.properties b/core/src/main/resources/lib/form/repeatableDeleteButton_zh_CN.properties
deleted file mode 100644
index b8dbdf1aff..0000000000
--- a/core/src/main/resources/lib/form/repeatableDeleteButton_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Delete=\u5220\u9664
diff --git a/core/src/main/resources/lib/form/repeatable_zh_CN.properties b/core/src/main/resources/lib/form/repeatable_zh_CN.properties
deleted file mode 100644
index f5733ee16c..0000000000
--- a/core/src/main/resources/lib/form/repeatable_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Add=\u65B0\u589E
diff --git a/core/src/main/resources/lib/form/serverTcpPort_zh_CN.properties b/core/src/main/resources/lib/form/serverTcpPort_zh_CN.properties
deleted file mode 100644
index 465d4fff60..0000000000
--- a/core/src/main/resources/lib/form/serverTcpPort_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright 2011 Seiji Sogabe
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Fixed=\u6307\u5b9a\u7aef\u53e3
-Random=\u968f\u673a\u9009\u53d6
-Disable=\u7981\u7528
diff --git a/core/src/main/resources/lib/form/slave-mode_zh_CN.properties b/core/src/main/resources/lib/form/slave-mode_zh_CN.properties
deleted file mode 100644
index 710e37f698..0000000000
--- a/core/src/main/resources/lib/form/slave-mode_zh_CN.properties
+++ /dev/null
@@ -1 +0,0 @@
-Usage=\u7528\u6cd5
diff --git a/core/src/main/resources/lib/form/submit_zh_CN.properties b/core/src/main/resources/lib/form/submit_zh_CN.properties
deleted file mode 100644
index 5bc3d54334..0000000000
--- a/core/src/main/resources/lib/form/submit_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018 suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Submit=\u63D0\u4EA4
diff --git a/core/src/main/resources/lib/form/textarea_zh_CN.properties b/core/src/main/resources/lib/form/textarea_zh_CN.properties
deleted file mode 100644
index 47e5435e0a..0000000000
--- a/core/src/main/resources/lib/form/textarea_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Hide\ preview=\u9690\u85CF\u9884\u89C8
-Preview=\u9884\u89C8
diff --git a/core/src/main/resources/lib/hudson/artifactList_zh_CN.properties b/core/src/main/resources/lib/hudson/artifactList_zh_CN.properties
deleted file mode 100644
index 9dc0472101..0000000000
--- a/core/src/main/resources/lib/hudson/artifactList_zh_CN.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-View=\u67E5\u770B
diff --git a/core/src/main/resources/lib/hudson/buildCaption_zh_CN.properties b/core/src/main/resources/lib/hudson/buildCaption_zh_CN.properties
deleted file mode 100644
index 62a3e22625..0000000000
--- a/core/src/main/resources/lib/hudson/buildCaption_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Progress=\u8FDB\u5EA6
-cancel=\u53D6\u6D88
diff --git a/core/src/main/resources/lib/hudson/buildHealth_zh_CN.properties b/core/src/main/resources/lib/hudson/buildHealth_zh_CN.properties
deleted file mode 100644
index 1acb271e70..0000000000
--- a/core/src/main/resources/lib/hudson/buildHealth_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Description=\u63CF\u8FF0
diff --git a/core/src/main/resources/lib/hudson/buildListTable_zh_CN.properties b/core/src/main/resources/lib/hudson/buildListTable_zh_CN.properties
deleted file mode 100644
index 4d4ffcebd8..0000000000
--- a/core/src/main/resources/lib/hudson/buildListTable_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Build=\u6784\u5efa
-Console\ output=\u547d\u4ee4\u884c\u8f93\u51fa
-Time\ Since=\u65e5\u671f
-Status=\u72b6\u6001
diff --git a/core/src/main/resources/lib/hudson/buildProgressBar_zh_CN.properties b/core/src/main/resources/lib/hudson/buildProgressBar_zh_CN.properties
deleted file mode 100644
index f771115267..0000000000
--- a/core/src/main/resources/lib/hudson/buildProgressBar_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-text=\u9884\u8BA1\u5269\u4F59\u65F6\u95F4\uFF1A
-\u4F30\u8BA1\u5269\u4F59\u65F6\u95F4:{1}
diff --git a/core/src/main/resources/lib/hudson/editableDescription_zh_CN.properties b/core/src/main/resources/lib/hudson/editableDescription_zh_CN.properties
deleted file mode 100644
index a18195c4fa..0000000000
--- a/core/src/main/resources/lib/hudson/editableDescription_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-add\ description=\u6DFB\u52A0\u8BF4\u660E
-edit\ description=\u7F16\u8F91\u63CF\u8FF0
diff --git a/core/src/main/resources/lib/hudson/executors_zh_CN.properties b/core/src/main/resources/lib/hudson/executors_zh_CN.properties
deleted file mode 100644
index c27c74f1a0..0000000000
--- a/core/src/main/resources/lib/hudson/executors_zh_CN.properties
+++ /dev/null
@@ -1,30 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Build\ Executor\ Status=\u6784\u5EFA\u6267\u884C\u72B6\u6001
-Building=\u6784\u5EFA\u4E2D
-Idle=\u7a7a\u95f2
-Master=\u4E3B
-Status=\u72b6\u6001
-Unknown\ Task=\u672A\u77E5\u4EFB\u52A1
-offline=\u672A\u5728\u7EBF
-terminate\ this\ build=\u7EC8\u6B62\u6784\u5EFA
diff --git a/core/src/main/resources/lib/hudson/iconSize_zh_CN.properties b/core/src/main/resources/lib/hudson/iconSize_zh_CN.properties
deleted file mode 100644
index aee5eefc64..0000000000
--- a/core/src/main/resources/lib/hudson/iconSize_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Icon=\u56FE\u6807
diff --git a/core/src/main/resources/lib/hudson/listScmBrowsers_zh_CN.properties b/core/src/main/resources/lib/hudson/listScmBrowsers_zh_CN.properties
deleted file mode 100644
index 0df2dc3e89..0000000000
--- a/core/src/main/resources/lib/hudson/listScmBrowsers_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Auto=\u81EA\u52A8
-Repository\ browser=\u6E90\u7801\u5E93\u6D4F\u89C8\u5668
diff --git a/core/src/main/resources/lib/hudson/newFromList/form_zh_CN.properties b/core/src/main/resources/lib/hudson/newFromList/form_zh_CN.properties
deleted file mode 100644
index f3dce440ee..0000000000
--- a/core/src/main/resources/lib/hudson/newFromList/form_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Copy\ from=\u8981\u590D\u5236\u7684\u4EFB\u52A1\u540D\u79F0
-OK=\u786E\u5B9A
diff --git a/core/src/main/resources/lib/hudson/node_zh_CN.properties b/core/src/main/resources/lib/hudson/node_zh_CN.properties
deleted file mode 100644
index 88cc38516f..0000000000
--- a/core/src/main/resources/lib/hudson/node_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-master=\u4E3B\u670D\u52A1\u5668
diff --git a/core/src/main/resources/lib/hudson/project/config-assignedLabel_zh_CN.properties b/core/src/main/resources/lib/hudson/project/config-assignedLabel_zh_CN.properties
deleted file mode 100644
index b9384115a4..0000000000
--- a/core/src/main/resources/lib/hudson/project/config-assignedLabel_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Restrict\ where\ this\ project\ can\ be\ run=\u9650\u5236\u9879\u76EE\u7684\u8FD0\u884C\u8282\u70B9
-Label\ Expression=\u6807\u7B7E\u8868\u8FBE\u5F0F
diff --git a/core/src/main/resources/lib/hudson/project/config-blockWhenDownstreamBuilding_zh_CN.properties b/core/src/main/resources/lib/hudson/project/config-blockWhenDownstreamBuilding_zh_CN.properties
deleted file mode 100644
index d3e85e648a..0000000000
--- a/core/src/main/resources/lib/hudson/project/config-blockWhenDownstreamBuilding_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Block\ build\ when\ downstream\ project\ is\ building=\u8BE5\u9879\u76EE\u7684\u4E0B\u6E38\u9879\u76EE\u6B63\u5728\u6784\u5EFA\u65F6\u963B\u6B62\u8BE5\u9879\u76EE\u6784\u5EFA
diff --git a/core/src/main/resources/lib/hudson/project/config-blockWhenUpstreamBuilding_zh_CN.properties b/core/src/main/resources/lib/hudson/project/config-blockWhenUpstreamBuilding_zh_CN.properties
deleted file mode 100644
index 3c2df9655a..0000000000
--- a/core/src/main/resources/lib/hudson/project/config-blockWhenUpstreamBuilding_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Block\ build\ when\ upstream\ project\ is\ building=\u8BE5\u9879\u76EE\u7684\u4E0A\u6E38\u9879\u76EE\u6B63\u5728\u6784\u5EFA\u65F6\u963B\u6B62\u8BE5\u9879\u76EE\u6784\u5EFA
diff --git a/core/src/main/resources/lib/hudson/project/config-buildWrappers_zh_CN.properties b/core/src/main/resources/lib/hudson/project/config-buildWrappers_zh_CN.properties
deleted file mode 100644
index 27160416af..0000000000
--- a/core/src/main/resources/lib/hudson/project/config-buildWrappers_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Build\ Environment=\u6784\u5EFA\u73AF\u5883
diff --git a/core/src/main/resources/lib/hudson/project/config-builders_zh_CN.properties b/core/src/main/resources/lib/hudson/project/config-builders_zh_CN.properties
deleted file mode 100644
index b4833005c6..0000000000
--- a/core/src/main/resources/lib/hudson/project/config-builders_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Add\ build\ step=\u589E\u52A0\u6784\u5EFA\u6B65\u9AA4
-Build=\u6784\u5EFA
diff --git a/core/src/main/resources/lib/hudson/project/config-concurrentBuild_zh_CN.properties b/core/src/main/resources/lib/hudson/project/config-concurrentBuild_zh_CN.properties
deleted file mode 100644
index 952445912c..0000000000
--- a/core/src/main/resources/lib/hudson/project/config-concurrentBuild_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-title.concurrentbuilds=\u5728\u5FC5\u8981\u7684\u65F6\u5019\u5E76\u53D1\u6784\u5EFA
diff --git a/core/src/main/resources/lib/hudson/project/config-customWorkspace_zh_CN.properties b/core/src/main/resources/lib/hudson/project/config-customWorkspace_zh_CN.properties
deleted file mode 100644
index 93b6ac8fb6..0000000000
--- a/core/src/main/resources/lib/hudson/project/config-customWorkspace_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Directory=\u76EE\u5F55
-Use\ custom\ workspace=\u4F7F\u7528\u81EA\u5B9A\u4E49\u7684\u5DE5\u4F5C\u7A7A\u95F4
diff --git a/core/src/main/resources/lib/hudson/project/config-disableBuild_zh_CN.properties b/core/src/main/resources/lib/hudson/project/config-disableBuild_zh_CN.properties
deleted file mode 100644
index a7293c119b..0000000000
--- a/core/src/main/resources/lib/hudson/project/config-disableBuild_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Disable\ this\ project=\u5173\u95ED\u6784\u5EFA
-No\ new\ builds\ will\ be\ executed\ until\ the\ project\ is\ re-enabled.=\u91CD\u65B0\u5F00\u542F\u6784\u5EFA\u524D\u4E0D\u5141\u8BB8\u8FDB\u884C\u65B0\u7684\u6784\u5EFA
diff --git a/core/src/main/resources/lib/hudson/project/config-publishers2_zh_CN.properties b/core/src/main/resources/lib/hudson/project/config-publishers2_zh_CN.properties
deleted file mode 100644
index 5372db82ae..0000000000
--- a/core/src/main/resources/lib/hudson/project/config-publishers2_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Add\ post-build\ action=\u589E\u52A0\u6784\u5EFA\u540E\u64CD\u4F5C\u6B65\u9AA4
-Post-build\ Actions=\u6784\u5EFA\u540E\u64CD\u4F5C
diff --git a/core/src/main/resources/lib/hudson/project/config-publishers_zh_CN.properties b/core/src/main/resources/lib/hudson/project/config-publishers_zh_CN.properties
deleted file mode 100644
index 0489e5696f..0000000000
--- a/core/src/main/resources/lib/hudson/project/config-publishers_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Post-build\ Actions=\u6784\u5EFA\u540E\u64CD\u4F5C
diff --git a/core/src/main/resources/lib/hudson/project/config-quietPeriod_zh_CN.properties b/core/src/main/resources/lib/hudson/project/config-quietPeriod_zh_CN.properties
deleted file mode 100644
index 139de6a2a4..0000000000
--- a/core/src/main/resources/lib/hudson/project/config-quietPeriod_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Number\ of\ seconds=\u79D2\u949F
-Quiet\ period=\u5B89\u9759\u671F
diff --git a/core/src/main/resources/lib/hudson/project/config-retryCount_zh_CN.properties b/core/src/main/resources/lib/hudson/project/config-retryCount_zh_CN.properties
deleted file mode 100644
index 730b93e102..0000000000
--- a/core/src/main/resources/lib/hudson/project/config-retryCount_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Retry\ Count=\u91CD\u8BD5\u6B21\u6570
-SCM\ checkout\ retry\ count=SCM \u7B7E\u51FA\u91CD\u8BD5\u6B21\u6570
diff --git a/core/src/main/resources/lib/hudson/project/config-scm_zh_CN.properties b/core/src/main/resources/lib/hudson/project/config-scm_zh_CN.properties
deleted file mode 100644
index 38e1a8cd17..0000000000
--- a/core/src/main/resources/lib/hudson/project/config-scm_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Source\ Code\ Management=\u6E90\u7801\u7BA1\u7406
diff --git a/core/src/main/resources/lib/hudson/project/config-trigger_zh_CN.properties b/core/src/main/resources/lib/hudson/project/config-trigger_zh_CN.properties
deleted file mode 100644
index 451a321b47..0000000000
--- a/core/src/main/resources/lib/hudson/project/config-trigger_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Build\ Triggers=\u6784\u5EFA\u89E6\u53D1\u5668
diff --git a/core/src/main/resources/lib/hudson/project/configurable_zh_CN.properties b/core/src/main/resources/lib/hudson/project/configurable_zh_CN.properties
deleted file mode 100644
index 4f4ffcb66b..0000000000
--- a/core/src/main/resources/lib/hudson/project/configurable_zh_CN.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-# The MIT License
-#
-# Copyright 2014 Jesse Glick.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-delete=\u5220\u9664 {0}
-delete.confirm=\u786e\u8ba4\u5220\u9664 {0} \u2018{1}\u2019?
-Configure=\u914d\u7f6e
-View\ Configuration=\u67e5\u770b\u914d\u7f6e
-Build\ scheduled=\u6784\u5efa\u8ba1\u5212
diff --git a/core/src/main/resources/lib/hudson/project/console-link_zh_CN.properties b/core/src/main/resources/lib/hudson/project/console-link_zh_CN.properties
deleted file mode 100644
index 35521a5319..0000000000
--- a/core/src/main/resources/lib/hudson/project/console-link_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2017, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Console\ Output=\u63A7\u5236\u53F0\u8F93\u51FA
-View\ as\ plain\ text=\u6587\u672C\u65B9\u5F0F\u67E5\u770B
diff --git a/core/src/main/resources/lib/hudson/project/makeDisabled_zh_CN.properties b/core/src/main/resources/lib/hudson/project/makeDisabled_zh_CN.properties
deleted file mode 100644
index 7106bab891..0000000000
--- a/core/src/main/resources/lib/hudson/project/makeDisabled_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Disable\ Project=\u7981\u7528\u9879\u76EE
-Enable=\u542F\u7528
-This\ project\ is\ currently\ disabled=\u6B64\u9879\u76EE\u5DF2\u7981\u7528
diff --git a/core/src/main/resources/lib/hudson/project/upstream-downstream_zh_CN.properties b/core/src/main/resources/lib/hudson/project/upstream-downstream_zh_CN.properties
deleted file mode 100644
index 056cb820e5..0000000000
--- a/core/src/main/resources/lib/hudson/project/upstream-downstream_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Downstream\ Projects=\u4E0B\u7EA7\u9879\u76EE
-Upstream\ Projects=\u4E0A\u7EA7\u9879\u76EE
diff --git a/core/src/main/resources/lib/hudson/propertyTable_zh_CN.properties b/core/src/main/resources/lib/hudson/propertyTable_zh_CN.properties
deleted file mode 100644
index 3872910d9e..0000000000
--- a/core/src/main/resources/lib/hudson/propertyTable_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Name=\u540D\u79F0
-Value=\u503C
diff --git a/core/src/main/resources/lib/hudson/queue_zh_CN.properties b/core/src/main/resources/lib/hudson/queue_zh_CN.properties
deleted file mode 100644
index 7aba6785bd..0000000000
--- a/core/src/main/resources/lib/hudson/queue_zh_CN.properties
+++ /dev/null
@@ -1,29 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Build\ Queue=\u6784\u5EFA\u961F\u5217{0,choice,0#|0< ({0,number})}
-Jenkins\ is\ going\ to\ shut\ down.\ No\ further\ builds\ will\ be\ performed.=Jenkins \u5373\u5C06\u5173\u95ED\u3002\u5269\u4F59\u751F\u6210\u5C06\u4E0D\u4F1A\u88AB\u6267\u884C\u3002
-No\ builds\ in\ the\ queue.=\u961F\u5217\u4E2D\u6CA1\u6709\u6784\u5EFA\u4EFB\u52A1
-Unknown\ Task=\u672A\u77E5\u4EFB\u52A1
-WaitingFor=\u7B49\u5F85{0}
-WaitingSince=\u4ECE{0}\u5F00\u59CB\u7B49\u5F85
-cancel=\u53d6\u6d88
diff --git a/core/src/main/resources/lib/hudson/rssBar_zh_CN.properties b/core/src/main/resources/lib/hudson/rssBar_zh_CN.properties
deleted file mode 100644
index 33f39e9358..0000000000
--- a/core/src/main/resources/lib/hudson/rssBar_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Legend=\u56FE\u4F8B
-for\ all=\u5168\u90E8
-for\ failures=\u5931\u8D25
-for\ just\ latest\ builds=\u6700\u65B0\u7684\u6784\u5EFA
diff --git a/core/src/main/resources/lib/hudson/scriptConsole_zh_CN.properties b/core/src/main/resources/lib/hudson/scriptConsole_zh_CN.properties
deleted file mode 100644
index 233f2f11b1..0000000000
--- a/core/src/main/resources/lib/hudson/scriptConsole_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Run=\u8FD0\u884C
-Script\ Console=\u811A\u672C\u547D\u4EE4\u884C
diff --git a/core/src/main/resources/lib/hudson/thirdPartyLicenses_zh_CN.properties b/core/src/main/resources/lib/hudson/thirdPartyLicenses_zh_CN.properties
deleted file mode 100644
index 7fc867f485..0000000000
--- a/core/src/main/resources/lib/hudson/thirdPartyLicenses_zh_CN.properties
+++ /dev/null
@@ -1,25 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-License=\u8BB8\u53EF
-Maven\ ID=Maven ID
-Name=\u540D\u79F0
diff --git a/core/src/main/resources/lib/layout/breadcrumbBar_zh_CN.properties b/core/src/main/resources/lib/layout/breadcrumbBar_zh_CN.properties
deleted file mode 100644
index a39c207883..0000000000
--- a/core/src/main/resources/lib/layout/breadcrumbBar_zh_CN.properties
+++ /dev/null
@@ -1,6 +0,0 @@
-# This file is under the MIT License by authors
-
-DISABLE\ AUTO\ REFRESH=\u5173\u95ED\u81EA\u52A8\u5237\u65B0
-ENABLE\ AUTO\ REFRESH=\u5141\u8BB8\u81EA\u52A8\u5237\u65B0
-
-
diff --git a/core/src/main/resources/lib/layout/layout_zh_CN.properties b/core/src/main/resources/lib/layout/layout_zh_CN.properties
deleted file mode 100644
index 8b3ea5b661..0000000000
--- a/core/src/main/resources/lib/layout/layout_zh_CN.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Page\ generated=\u751F\u6210\u9875\u9762
-logout=\u6CE8\u9500
-search=\u67E5\u627E
-
diff --git a/core/src/main/resources/lib/layout/main-panel_zh_CN.properties b/core/src/main/resources/lib/layout/main-panel_zh_CN.properties
deleted file mode 100644
index f364231d6e..0000000000
--- a/core/src/main/resources/lib/layout/main-panel_zh_CN.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2004-2010, Sun Microsystems, Inc.
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-Jenkins\ is\ going\ to\ shut\ down=Jenkins \u5373\u5C06\u5173\u95ED
diff --git a/core/src/main/resources/lib/layout/pane_zh_CN.properties b/core/src/main/resources/lib/layout/pane_zh_CN.properties
deleted file mode 100644
index 82411933bc..0000000000
--- a/core/src/main/resources/lib/layout/pane_zh_CN.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# The MIT License
-#
-# Copyright (c) 2018, suren <zxjlwt@126.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
-expand=\u5C55\u5F00
-collapse=\u5408\u4E0A
diff --git a/core/src/main/resources/lib/layout/progressiveRendering_zh_CN.properties b/core/src/main/resources/lib/layout/progressiveRendering_zh_CN.properties
deleted file mode 100644
index 385e64edd9..0000000000
--- a/core/src/main/resources/lib/layout/progressiveRendering_zh_CN.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-progressMessage=\u8BA1\u7B97\u4E2D\u3002
diff --git a/core/src/main/resources/lib/layout/task_zh_CN.properties b/core/src/main/resources/lib/layout/task_zh_CN.properties
deleted file mode 100644
index ec0452623b..0000000000
--- a/core/src/main/resources/lib/layout/task_zh_CN.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-# This file is under the MIT License by authors
-
-Done.=\u5DF2\u5B8C\u6210
diff --git a/core/src/main/resources/lib/test/bar_zh_CN.properties b/core/src/main/resources/lib/test/bar_zh_CN.properties
deleted file mode 100644
index ffc6618dc8..0000000000
--- a/core/src/main/resources/lib/test/bar_zh_CN.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is under the MIT License by authors
-
-failures={0}\u6B21\u5931\u8D25
-tests={0}\u4E2A\u6D4B\u8BD5
-- 
GitLab


From 8a3bbdda2f2dead8b5cf1e6fb29fba952fe50357 Mon Sep 17 00:00:00 2001
From: Olivier Truong <oliv.truong@gmail.com>
Date: Mon, 1 Oct 2018 22:04:01 +0200
Subject: [PATCH 780/863] [JENKINS-53847] Improve JavaDoc for Util.fixNull

---
 core/src/main/java/hudson/Util.java | 34 ++++++++++++++++++++++++++++-
 1 file changed, 33 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/Util.java b/core/src/main/java/hudson/Util.java
index 00a88df95e..ac4b7e0d90 100644
--- a/core/src/main/java/hudson/Util.java
+++ b/core/src/main/java/hudson/Util.java
@@ -1199,7 +1199,7 @@ public class Util {
     }
 
     /**
-     * Convert {@code null} to a default value.
+     * Convert {@code null} to a default <b>immutable</b> value.
      * @since TODO
      */
     @Nonnull
@@ -1227,21 +1227,53 @@ public class Util {
         return fixEmpty(s.trim());
     }
 
+    /**
+     *
+     * @param l list to check
+     * @param <T>
+     * @return
+     *     l if l is not {@code null}
+     *     an empty <b>immutable list</b> if l is {@code null}
+     */
     @Nonnull
     public static <T> List<T> fixNull(@CheckForNull List<T> l) {
         return fixNull(l, Collections.<T>emptyList());
     }
 
+    /**
+     *
+     * @param l set to check
+     * @param <T>
+     * @return
+     *     l if l is not {@code null}
+     *     an empty <b>immutable set</b> if l is {@code null}
+     */
     @Nonnull
     public static <T> Set<T> fixNull(@CheckForNull Set<T> l) {
         return fixNull(l, Collections.<T>emptySet());
     }
 
+    /**
+     *
+     * @param l collection to check
+     * @param <T>
+     * @return
+     *     l if l is not {@code null}
+     *     an empty <b>immutable set</b> if l is {@code null}
+     */
     @Nonnull
     public static <T> Collection<T> fixNull(@CheckForNull Collection<T> l) {
         return fixNull(l, Collections.<T>emptySet());
     }
 
+    /**
+     *
+     * @param l iterable to check
+     * @param <T>
+     * @return
+     *     l if l is not {@code null}
+     *     an empty <b>immutable set</b> if l is {@code null}
+     */
     @Nonnull
     public static <T> Iterable<T> fixNull(@CheckForNull Iterable<T> l) {
         return fixNull(l, Collections.<T>emptySet());
-- 
GitLab


From 149fd9b6080cee76cf41027cf46acc5353281496 Mon Sep 17 00:00:00 2001
From: Olivier Truong <oliv.truong@gmail.com>
Date: Mon, 1 Oct 2018 23:14:00 +0200
Subject: [PATCH 781/863] fix javadoc following PR comments

---
 core/src/main/java/hudson/Util.java | 28 ++++++++++++++++------------
 1 file changed, 16 insertions(+), 12 deletions(-)

diff --git a/core/src/main/java/hudson/Util.java b/core/src/main/java/hudson/Util.java
index ac4b7e0d90..0f6bb301c6 100644
--- a/core/src/main/java/hudson/Util.java
+++ b/core/src/main/java/hudson/Util.java
@@ -1229,11 +1229,12 @@ public class Util {
 
     /**
      *
-     * @param l list to check
+     * @param l list to check.
      * @param <T>
+     *     Type of the list.
      * @return
-     *     l if l is not {@code null}
-     *     an empty <b>immutable list</b> if l is {@code null}
+     *     {@code l} if l is not {@code null}.
+     *     An empty <b>immutable list</b> if l is {@code null}.
      */
     @Nonnull
     public static <T> List<T> fixNull(@CheckForNull List<T> l) {
@@ -1242,11 +1243,12 @@ public class Util {
 
     /**
      *
-     * @param l set to check
+     * @param l set to check.
      * @param <T>
+     *     Type of the set.
      * @return
-     *     l if l is not {@code null}
-     *     an empty <b>immutable set</b> if l is {@code null}
+     *     {@code l} if l is not {@code null}.
+     *     An empty <b>immutable set</b> if l is {@code null}.
      */
     @Nonnull
     public static <T> Set<T> fixNull(@CheckForNull Set<T> l) {
@@ -1255,11 +1257,12 @@ public class Util {
 
     /**
      *
-     * @param l collection to check
+     * @param l collection to check.
      * @param <T>
+     *     Type of the collection.
      * @return
-     *     l if l is not {@code null}
-     *     an empty <b>immutable set</b> if l is {@code null}
+     *     {@code l} if l is not {@code null}.
+     *     An empty <b>immutable set</b> if l is {@code null}.
      */
     @Nonnull
     public static <T> Collection<T> fixNull(@CheckForNull Collection<T> l) {
@@ -1268,11 +1271,12 @@ public class Util {
 
     /**
      *
-     * @param l iterable to check
+     * @param l iterable to check.
      * @param <T>
+     *     Type of the iterable.
      * @return
-     *     l if l is not {@code null}
-     *     an empty <b>immutable set</b> if l is {@code null}
+     *     {@code l} if l is not {@code null}.
+     *     An empty <b>immutable set</b> if l is {@code null}.
      */
     @Nonnull
     public static <T> Iterable<T> fixNull(@CheckForNull Iterable<T> l) {
-- 
GitLab


From f120484f84a4668fb99dae2a3a5853ce73c8eef7 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Tue, 2 Oct 2018 10:05:48 +0200
Subject: [PATCH 782/863] Amend the Util#fixNull() Javadoc

---
 core/src/main/java/hudson/Util.java | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/Util.java b/core/src/main/java/hudson/Util.java
index 0f6bb301c6..baffd6d6d2 100644
--- a/core/src/main/java/hudson/Util.java
+++ b/core/src/main/java/hudson/Util.java
@@ -1199,7 +1199,8 @@ public class Util {
     }
 
     /**
-     * Convert {@code null} to a default <b>immutable</b> value.
+     * Convert {@code null} to a default value.
+     * @param defaultValue Default value. It may be immutable or not, depending on the implementation.
      * @since TODO
      */
     @Nonnull
-- 
GitLab


From 87a6847513417dec8f351b5118467b9294000b3a Mon Sep 17 00:00:00 2001
From: Nicolas De Loof <nicolas.deloof@gmail.com>
Date: Wed, 3 Oct 2018 15:42:28 +0200
Subject: [PATCH 783/863] warn user when Secret.toString is being used

Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
---
 core/src/main/java/hudson/util/Secret.java      | 5 +++++
 core/src/main/resources/lib/form/password.jelly | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/util/Secret.java b/core/src/main/java/hudson/util/Secret.java
index 599467414e..a584cff90e 100644
--- a/core/src/main/java/hudson/util/Secret.java
+++ b/core/src/main/java/hudson/util/Secret.java
@@ -42,6 +42,7 @@ import java.io.Serializable;
 import java.io.UnsupportedEncodingException;
 import java.io.IOException;
 import java.security.GeneralSecurityException;
+import java.util.logging.Logger;
 import java.util.regex.Pattern;
 import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
@@ -64,6 +65,8 @@ import static java.nio.charset.StandardCharsets.UTF_8;
  * @author Kohsuke Kawaguchi
  */
 public final class Secret implements Serializable {
+    private static final Logger LOGGER = Logger.getLogger(Secret.class.getName());
+
     private static final byte PAYLOAD_V1 = 1;
     /**
      * Unencrypted secret text.
@@ -92,6 +95,8 @@ public final class Secret implements Serializable {
     @Override
     @Deprecated
     public String toString() {
+        final String from = new Throwable().getStackTrace()[1].toString();
+        LOGGER.warning("Use of toString() on hudson.util.Secret from "+from+". Prefer getPlainText() or getEncryptedValue() depending your needs.");
         return value;
     }
 
diff --git a/core/src/main/resources/lib/form/password.jelly b/core/src/main/resources/lib/form/password.jelly
index 4a44b0d708..eae77c32b0 100644
--- a/core/src/main/resources/lib/form/password.jelly
+++ b/core/src/main/resources/lib/form/password.jelly
@@ -67,6 +67,6 @@ THE SOFTWARE.
          value="${h.getPasswordValue(attrs.value ?: instance[attrs.field])}"
          type="password"
          checkMethod="post"
-         ATTRIBUTES="${attrs}" EXCEPT="field clazz" />
+         ATTRIBUTES="${attrs}" EXCEPT="field clazz value" />
   <!-- TODO consider customizedFields -->
 </j:jelly>
-- 
GitLab


From eded2cd853d8552b8eb876cc23ef6735e9cfbafb Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Thu, 4 Oct 2018 09:16:23 +0200
Subject: [PATCH 784/863] Add Dockerfile for CD of Docker images in the Master
 branch

---
 Dockerfile | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 Dockerfile

diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000000..d4541bdfcb
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,26 @@
+# This is a Dockerfile definition for Experimental Docker builds.
+# DockerHub: https://hub.docker.com/r/jenkins/jenkins-experimental/
+# If you are looking for official images, see https://github.com/jenkinsci/docker
+FROM maven:3.5.4-jdk-8 as builder
+
+COPY .mvn/ /jenkins/src/.mvn/
+COPY cli/ /jenkins/src/cli/
+COPY core/ /jenkins/src/core/
+COPY src/ /jenkins/src/src/
+COPY test/ /jenkins/src/test/
+COPY war/ /jenkins/src/war/
+COPY *.xml /jenkins/src/
+COPY LICENSE.txt /jenkins/src/LICENSE.txt
+COPY licenseCompleter.groovy /jenkins/src/licenseCompleter.groovy
+COPY show-pom-version.rb /jenkins/src/show-pom-version.rb
+
+WORKDIR /jenkins/src/
+RUN mvn clean install --batch-mode -Plight-test
+
+# The image is based on the previous weekly, new changes in jenkinci/docker are not applied
+FROM jenkins/jenkins:latest
+
+LABEL Description="This is an experimental image for the master branch of the Jenkins core" Vendor="Jenkins Project"
+
+COPY --from=builder /jenkins/src/war/target/jenkins.war /usr/share/jenkins/jenkins.war
+ENTRYPOINT ["tini", "--", "/usr/local/bin/jenkins.sh"]
-- 
GitLab


From 7a7f5b76bbbc2dcefcc9781789f3ece1964d2f2d Mon Sep 17 00:00:00 2001
From: Devin Nusbaum <d.w.nusbaum@gmail.com>
Date: Thu, 4 Oct 2018 15:05:40 -0400
Subject: [PATCH 785/863] [JENKINS-48516] Uniquify names before setting initial
 visibility

---
 core/src/main/resources/lib/form/repeatable/repeatable.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/core/src/main/resources/lib/form/repeatable/repeatable.js b/core/src/main/resources/lib/form/repeatable/repeatable.js
index 05f8fc3060..f70e6f56a6 100644
--- a/core/src/main/resources/lib/form/repeatable/repeatable.js
+++ b/core/src/main/resources/lib/form/repeatable/repeatable.js
@@ -186,7 +186,8 @@ Behaviour.specify("INPUT.repeatable-delete", 'repeatable', 0, function(e) {
     });
 
     // radio buttons in repeatable content
-Behaviour.specify("DIV.repeated-chunk", 'repeatable', 0, function(d) {
+// Needs to run before the radioBlock behavior so that names are already unique.
+Behaviour.specify("DIV.repeated-chunk", 'repeatable', -200, function(d) {
         var inputs = d.getElementsByTagName('INPUT');
         for (var i = 0; i < inputs.length; i++) {
             if (inputs[i].type == 'radio') {
-- 
GitLab


From d4121efe10d3169ccfe6d8a7e1381a90dcd5643b Mon Sep 17 00:00:00 2001
From: orgi <joerg@birkengarten.net>
Date: Thu, 4 Oct 2018 22:22:49 +0200
Subject: [PATCH 786/863] JENKINS-36547: Introduce Queue.Task.getAffinityKey()
 (#3611)

* JENKINS-36547: Introduce Queue.Task.getAffinityKey()

and use it in LoadBalancer.assignGreedily() to find a node for a task.

* JENKINS-36547: Fix Javadoc error

* fixup! JENKINS-36547: Fix Javadoc error

* Fixed Javadoc for Queue.getAffinityKey()
---
 core/src/main/java/hudson/model/LoadBalancer.java |  2 +-
 core/src/main/java/hudson/model/Queue.java        | 12 ++++++++++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/model/LoadBalancer.java b/core/src/main/java/hudson/model/LoadBalancer.java
index a0403e1b97..ce69e89779 100644
--- a/core/src/main/java/hudson/model/LoadBalancer.java
+++ b/core/src/main/java/hudson/model/LoadBalancer.java
@@ -112,7 +112,7 @@ public abstract class LoadBalancer implements ExtensionPoint {
         private boolean assignGreedily(Mapping m, Task task, List<ConsistentHash<ExecutorChunk>> hashes, int i) {
             if (i==hashes.size())   return true;    // fully assigned
 
-            String key = task.getFullDisplayName() + (i>0 ? String.valueOf(i) : "");
+            String key = task.getAffinityKey() + (i>0 ? String.valueOf(i) : "");
 
             for (ExecutorChunk ec : hashes.get(i).list(key)) {
                 // let's attempt this assignment
diff --git a/core/src/main/java/hudson/model/Queue.java b/core/src/main/java/hudson/model/Queue.java
index 01a43ea299..1eaeb08931 100644
--- a/core/src/main/java/hudson/model/Queue.java
+++ b/core/src/main/java/hudson/model/Queue.java
@@ -1896,6 +1896,18 @@ public class Queue extends ResourceController implements Saveable {
          */
         String getFullDisplayName();
 
+        /**
+         * Returns task-specific key which is used by the {@link LoadBalancer} to choose one particular executor
+         * amongst all the free executors on all possibly suitable nodes.
+         * NOTE: To be able to re-use the same node during the next run this key should not change from one run to
+         * another. You probably want to compute that key based on the job's name.
+         * <p>
+         * @return by default: {@link #getFullDisplayName()}
+         *
+         * @see hudson.model.LoadBalancer
+         */
+        default String getAffinityKey() { return getFullDisplayName(); }
+
         /**
          * Checks the permission to see if the current user can abort this executable.
          * Returns normally from this method if it's OK.
-- 
GitLab


From 3798aaeaef59b363f34cfc26012ebf59a6697de3 Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Thu, 4 Oct 2018 18:12:46 -0400
Subject: [PATCH 787/863] Add missing space

Properties parse:
foo=blah\
   this

As: foo=blahthis
-- stripping leading whitespace...

Fixes:
* /legend
* /cli/
---
 core/src/main/resources/hudson/cli/CLIAction/index.properties   | 2 +-
 core/src/main/resources/jenkins/model/Jenkins/legend.properties | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/src/main/resources/hudson/cli/CLIAction/index.properties b/core/src/main/resources/hudson/cli/CLIAction/index.properties
index e4eebf4895..4808085a7a 100644
--- a/core/src/main/resources/hudson/cli/CLIAction/index.properties
+++ b/core/src/main/resources/hudson/cli/CLIAction/index.properties
@@ -1,4 +1,4 @@
 Jenkins\ CLI=Jenkins CLI
 blurb=You can access various features in Jenkins through a command-line tool. See \
-  <a href="https://jenkins.io/redirect/cli">the documentation</a> for more details of this feature.\
+  <a href="https://jenkins.io/redirect/cli">the documentation</a> for more details of this feature. \
   To get started, download <a href="{0}/jnlpJars/jenkins-cli.jar">jenkins-cli.jar</a>, and run it as follows:
diff --git a/core/src/main/resources/jenkins/model/Jenkins/legend.properties b/core/src/main/resources/jenkins/model/Jenkins/legend.properties
index 278800fdf1..633969a560 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/legend.properties
+++ b/core/src/main/resources/jenkins/model/Jenkins/legend.properties
@@ -24,7 +24,7 @@ grey=The project has never been built before, or the project is disabled.
 grey_anime=The first build of the project is in progress.
 blue=The last build was successful.
 blue_anime=The last build was successful. A new build is in progress.
-yellow=The last build was successful but unstable.\
+yellow=The last build was successful but unstable. \
        This is primarily used to represent test failures.
 yellow_anime=The last build was successful but unstable. A new build is in progress.
 red=The last build fatally failed.
-- 
GitLab


From 21945e378fa1e42a64626651243ccf793a96f108 Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Thu, 4 Oct 2018 18:20:55 -0400
Subject: [PATCH 788/863] Drop fatally

Builds are either successful (in which case they are not red) or they are not (in which case they are red).
There is no case where a build can be fatally successful, or not fatal and not fail.
---
 .../main/resources/jenkins/model/Jenkins/legend.properties    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/src/main/resources/jenkins/model/Jenkins/legend.properties b/core/src/main/resources/jenkins/model/Jenkins/legend.properties
index 278800fdf1..e0eb2d1aff 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/legend.properties
+++ b/core/src/main/resources/jenkins/model/Jenkins/legend.properties
@@ -27,8 +27,8 @@ blue_anime=The last build was successful. A new build is in progress.
 yellow=The last build was successful but unstable.\
        This is primarily used to represent test failures.
 yellow_anime=The last build was successful but unstable. A new build is in progress.
-red=The last build fatally failed.
-red_anime=The last build fatally failed. A new build is in progress.
+red=The last build failed.
+red_anime=The last build failed. A new build is in progress.
 health-81plus=Project health is over 80%. You can hover the mouse over the project\u2019s icon for a more detailed explanation.
 health-61to80=Project health is over 60% and up to 80%. You can hover the mouse over the project\u2019s icon for a more detailed explanation.
 health-41to60=Project health is over 40% and up to 60%. You can hover the mouse over the project\u2019s icon for a more detailed explanation.
-- 
GitLab


From 3b73c45f52eb1ba83af9bdc2f1760f90708b3f6c Mon Sep 17 00:00:00 2001
From: Olivier Truong <oltruong@users.noreply.github.com>
Date: Fri, 5 Oct 2018 09:32:26 +0200
Subject: [PATCH 789/863] [JENKINS-31448] Protect against NPE in update center
 on restart (#3671)

* [JENKINS-31448] Protect against NPE in update center on restart

* rename updateSite private methods
---
 core/src/main/java/hudson/model/UpdateSite.java     | 10 +++++++++-
 test/src/test/java/hudson/model/UpdateSiteTest.java | 10 ++++++++++
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/model/UpdateSite.java b/core/src/main/java/hudson/model/UpdateSite.java
index 10ccfb1508..c574fc2ca7 100644
--- a/core/src/main/java/hudson/model/UpdateSite.java
+++ b/core/src/main/java/hudson/model/UpdateSite.java
@@ -485,7 +485,15 @@ public class UpdateSite {
      * Is this the legacy default update center site?
      */
     public boolean isLegacyDefault() {
-        return id.equals(UpdateCenter.PREDEFINED_UPDATE_SITE_ID) && url.startsWith("http://hudson-ci.org/") || url.startsWith("http://updates.hudson-labs.org/");
+        return isHudsonCI() || isUpdatesFromHudsonLabs();
+    }
+
+    private boolean isHudsonCI() {
+        return url != null && UpdateCenter.PREDEFINED_UPDATE_SITE_ID.equals(id) && url.startsWith("http://hudson-ci.org/");
+    }
+
+    private boolean isUpdatesFromHudsonLabs() {
+        return url != null && url.startsWith("http://updates.hudson-labs.org/");
     }
 
     /**
diff --git a/test/src/test/java/hudson/model/UpdateSiteTest.java b/test/src/test/java/hudson/model/UpdateSiteTest.java
index 8e49e20f2d..838e5aee8e 100644
--- a/test/src/test/java/hudson/model/UpdateSiteTest.java
+++ b/test/src/test/java/hudson/model/UpdateSiteTest.java
@@ -54,6 +54,7 @@ import org.junit.After;
 import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
 import org.jvnet.hudson.test.JenkinsRule;
 import org.jvnet.hudson.test.recipes.LocalData;
 
@@ -151,4 +152,13 @@ public class UpdateSiteTest {
         assertEquals("number of warnings", 7, site.getData().getWarnings().size());
         assertNotEquals("plugin data is present", Collections.emptyMap(), site.getData().plugins);
     }
+
+    @Issue("JENKINS-31448")
+    @Test public void isLegacyDefault() throws Exception {
+        assertFalse("isLegacyDefault should be false with null id",new UpdateSite(null,"url").isLegacyDefault());
+        assertFalse("isLegacyDefault should be false when id is not default and url is http://hudson-ci.org/",new UpdateSite("dummy","http://hudson-ci.org/").isLegacyDefault());
+        assertTrue("isLegacyDefault should be true when id is default and url is http://hudson-ci.org/",new UpdateSite(UpdateCenter.PREDEFINED_UPDATE_SITE_ID,"http://hudson-ci.org/").isLegacyDefault());
+        assertTrue("isLegacyDefault should be true when url is http://updates.hudson-labs.org/",new UpdateSite("dummy","http://updates.hudson-labs.org/").isLegacyDefault());
+        assertFalse("isLegacyDefault should be false with null url",new UpdateSite(null,null).isLegacyDefault());
+    }
 }
-- 
GitLab


From 18c0e30202ea06b7c4414b2f537429753d47a1a4 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Fri, 5 Oct 2018 18:05:01 +0200
Subject: [PATCH 790/863] Add recently added security system properties

---
 .../telemetry/impl/SecuritySystemProperties.java    | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/core/src/main/java/jenkins/telemetry/impl/SecuritySystemProperties.java b/core/src/main/java/jenkins/telemetry/impl/SecuritySystemProperties.java
index ca2d9e1bf2..1384946bed 100644
--- a/core/src/main/java/jenkins/telemetry/impl/SecuritySystemProperties.java
+++ b/core/src/main/java/jenkins/telemetry/impl/SecuritySystemProperties.java
@@ -24,6 +24,7 @@
 package jenkins.telemetry.impl;
 
 import hudson.Extension;
+import jenkins.model.DownloadSettings;
 import jenkins.model.Jenkins;
 import jenkins.telemetry.Telemetry;
 import jenkins.util.SystemProperties;
@@ -75,13 +76,25 @@ public class SecuritySystemProperties extends Telemetry {
     public JSONObject createContent() {
         Map<String, String> security = new TreeMap<>();
         putBoolean(security, "hudson.ConsoleNote.INSECURE", false);
+        putBoolean(security, "hudson.logging.LogRecorderManager.skipPermissionCheck", false);
+        putBoolean(security, "hudson.model.AbstractItem.skipPermissionCheck", false);
         putBoolean(security, "hudson.model.ParametersAction.keepUndefinedParameters", false);
+        putBoolean(security, "hudson.model.Run.skipPermissionCheck", false);
+        putBoolean(security, "hudson.model.UpdateCenter.skipPermissionCheck", false);
         putBoolean(security, "hudson.model.User.allowNonExistentUserToLogin", false);
         putBoolean(security, "hudson.model.User.allowUserCreationViaUrl", false);
         putBoolean(security, "hudson.model.User.SECURITY_243_FULL_DEFENSE", true);
+        putBoolean(security, "hudson.model.User.skipPermissionCheck", false);
+        putBoolean(security, "hudson.PluginManager.skipPermissionCheck", false);
         putBoolean(security, "hudson.remoting.URLDeserializationHelper.avoidUrlWrapping", false);
+        putBoolean(security, "hudson.search.Search.skipPermissionCheck", false);
         putBoolean(security, "jenkins.security.ClassFilterImpl.SUPPRESS_WHITELIST", false);
         putBoolean(security, "jenkins.security.ClassFilterImpl.SUPPRESS_ALL", false);
+        putBoolean(security, "org.kohsuke.stapler.Facet.allowViewNamePathTraversal", false);
+        putBoolean(security, "org.kohsuke.stapler.jelly.CustomJellyContext.escapeByDefault", true);
+
+        // not controlled by a system property for historical reasons only
+        security.put("jenkins.model.DownloadSettings.useBrowser", Boolean.toString(DownloadSettings.get().isUseBrowser()));
 
         putStringInfo(security, "hudson.model.ParametersAction.safeParameters");
         putStringInfo(security, "hudson.model.DirectoryBrowserSupport.CSP");
-- 
GitLab


From 39057412d1b28ee138fb553335bf032f03fed09f Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Fri, 5 Oct 2018 14:48:34 -0400
Subject: [PATCH 791/863] Turns out there were already tests with mock
 ConsoleAnnotatorFactory. Generifying one reproduces the CCE.

---
 .../java/hudson/console/ConsoleAnnotatorTest.java     | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/test/src/test/java/hudson/console/ConsoleAnnotatorTest.java b/test/src/test/java/hudson/console/ConsoleAnnotatorTest.java
index a25401eabd..18e46dda4b 100644
--- a/test/src/test/java/hudson/console/ConsoleAnnotatorTest.java
+++ b/test/src/test/java/hudson/console/ConsoleAnnotatorTest.java
@@ -81,16 +81,17 @@ public class ConsoleAnnotatorTest {
      * Only annotates the first occurrence of "ooo".
      */
     @TestExtension("completedStatelessLogAnnotation")
-    public static final ConsoleAnnotatorFactory DEMO_ANNOTATOR = new ConsoleAnnotatorFactory() {
-        public ConsoleAnnotator newInstance(Object context) {
+    public static final class DemoAnnotatorFactory extends ConsoleAnnotatorFactory<FreeStyleBuild> {
+        @Override
+        public ConsoleAnnotator<FreeStyleBuild> newInstance(FreeStyleBuild context) {
             return new DemoAnnotator();
         }
-    };
+    }
 
-    public static class DemoAnnotator extends ConsoleAnnotator<Object> {
+    public static class DemoAnnotator extends ConsoleAnnotator<FreeStyleBuild> {
         private static final String ANNOTATE_TEXT = "ooo" + System.getProperty("line.separator");
         @Override
-        public ConsoleAnnotator annotate(Object build, MarkupText text) {
+        public ConsoleAnnotator<FreeStyleBuild> annotate(FreeStyleBuild build, MarkupText text) {
             if (text.getText().equals(ANNOTATE_TEXT)) {
                 text.addMarkup(0,3,"<b class=demo>","</b>");
                 return null;
-- 
GitLab


From 4089cd9cc77a38999b2cf494169e4a655c724401 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Sat, 6 Oct 2018 00:15:22 +0200
Subject: [PATCH 792/863] [JENKINS-53710] Fix signature check on Java 11
 (#3641)

* [JENKINS-53710] Fix signature check on Java 11

* Add explanation
---
 .../java/jenkins/util/JSONSignatureValidator.java | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/core/src/main/java/jenkins/util/JSONSignatureValidator.java b/core/src/main/java/jenkins/util/JSONSignatureValidator.java
index b45f1d5e65..915a558034 100644
--- a/core/src/main/java/jenkins/util/JSONSignatureValidator.java
+++ b/core/src/main/java/jenkins/util/JSONSignatureValidator.java
@@ -204,19 +204,26 @@ public class JSONSignatureValidator {
      * Utility method supporting both possible signature formats: Base64 and Hex
      */
     private boolean verifySignature(Signature signature, String providedSignature) {
+        // We can only make one call to Signature#verify here.
+        // Since we need to potentially check two values (one decoded from hex, the other decoded from base64),
+        // try hex first: It's almost certainly going to fail decoding if a base64 string was passed.
+        // It is extremely unlikely for base64 strings to be a valid hex string.
+        // This way, if it's base64, the #verify call will be skipped, and we continue with the #verify for decoded base64.
+        // This approach might look unnecessarily clever, but short of having redundant Signature instances,
+        // there doesn't seem to be a better approach for this.
         try {
-            if (signature.verify(Base64.decode(providedSignature.toCharArray()))) {
+            if (signature.verify(Hex.decodeHex(providedSignature.toCharArray()))) {
                 return true;
             }
-        } catch (SignatureException|IOException ignore) {
+        } catch (SignatureException|DecoderException ignore) {
             // ignore
         }
 
         try {
-            if (signature.verify(Hex.decodeHex(providedSignature.toCharArray()))) {
+            if (signature.verify(Base64.decode(providedSignature.toCharArray()))) {
                 return true;
             }
-        } catch (SignatureException|DecoderException ignore) {
+        } catch (SignatureException|IOException ignore) {
             // ignore
         }
         return false;
-- 
GitLab


From a762e6c687e90db430577801da2a87714e627c8a Mon Sep 17 00:00:00 2001
From: Ulli Hafner <ullrich.hafner@gmail.com>
Date: Sat, 6 Oct 2018 00:17:10 +0200
Subject: [PATCH 793/863] Fixed JavaDoc: replaced div class "warning" with
 "alert alert-warning".

---
 core/src/main/java/hudson/model/AdministrativeMonitor.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/model/AdministrativeMonitor.java b/core/src/main/java/hudson/model/AdministrativeMonitor.java
index ce81dd56aa..16b3fbb697 100644
--- a/core/src/main/java/hudson/model/AdministrativeMonitor.java
+++ b/core/src/main/java/hudson/model/AdministrativeMonitor.java
@@ -68,7 +68,7 @@ import org.kohsuke.stapler.interceptor.RequirePOST;
  * If {@link #isActivated()} returns true, Jenkins will use the {@code message.jelly}
  * view of this object to render the warning text. This happens in the
  * {@code http://SERVER/jenkins/manage} page. This view should typically render
- * a DIV box with class='error' or class='warning' with a human-readable text
+ * a DIV box with class='alert alert-error' or class='alert alert-warning' with a human-readable text
  * inside it. It often also contains a link to a page that provides more details
  * about the problem.
  * </dd>
-- 
GitLab


From aeaa4d68603c3b60a4e53fbaa86d65ecd7e3a218 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Sat, 6 Oct 2018 07:08:42 +0200
Subject: [PATCH 794/863] Minor telemetry improvements

---
 .../java/jenkins/telemetry/Telemetry.java     | 11 +++++++---
 .../help-usageStatisticsCollected.jelly       | 21 +++++++++++--------
 2 files changed, 20 insertions(+), 12 deletions(-)

diff --git a/core/src/main/java/jenkins/telemetry/Telemetry.java b/core/src/main/java/jenkins/telemetry/Telemetry.java
index cf3892ead5..002c9492a3 100644
--- a/core/src/main/java/jenkins/telemetry/Telemetry.java
+++ b/core/src/main/java/jenkins/telemetry/Telemetry.java
@@ -54,6 +54,9 @@ import java.util.logging.Logger;
 /**
  * Extension point for collecting JEP-214 telemetry.
  *
+ * Implementations should provide a <code>description.jelly</code> file with additional details about their purpose and
+ * behavior which will be included in <code>help-usageStatisticsCollected.jelly</code> for {@link UsageStatistics}.
+ *
  * @see <a href="https://jenkins.io/jep/214">JEP-214</a>
  *
  * @since 2.143
@@ -68,7 +71,7 @@ public abstract class Telemetry implements ExtensionPoint {
     private static final Logger LOGGER = Logger.getLogger(Telemetry.class.getName());
 
     /**
-     * ID of this collector, typically a basic alphanumeric string (and _- characters).
+     * ID of this collector, typically an alphanumeric string (and punctuation).
      *
      * Good IDs are globally unique and human readable (i.e. no UUIDs).
      *
@@ -77,7 +80,9 @@ public abstract class Telemetry implements ExtensionPoint {
      * @return ID of the collector, never null or empty
      */
     @Nonnull
-    public abstract String getId();
+    public String getId() {
+        return getClass().getName();
+    }
 
     /**
      * User friendly display name for this telemetry collector, ideally localized.
@@ -112,7 +117,7 @@ public abstract class Telemetry implements ExtensionPoint {
      *
      * This method is called periodically, once per content submission.
      *
-     * @return
+     * @return The JSON payload
      */
     @Nonnull
     public abstract JSONObject createContent();
diff --git a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.jelly b/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.jelly
index 96df143a83..1286d8294f 100644
--- a/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.jelly
+++ b/core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.jelly
@@ -29,19 +29,22 @@
             Once a trial is complete, the trial results may be aggregated and shared with the developer community.
         </p>
         <p>
-            The following trials are currently set up on this instance:
+            The following trials defined on this instance are active now or in the future:
         </p>
         <j:invokeStatic className="jenkins.telemetry.Telemetry" method="all" var="collectors"/>
+        <j:invokeStatic className="java.time.LocalDate" method="now" var="now"/>
         <dl>
             <j:forEach items="${collectors}" var="collector">
-                <dt>${collector.displayName}</dt>
-                <dd>
-                    <st:include from="${collector}" optional="true" page="description.jelly"/>
-                    <p>
-                        Start date: ${collector.start}
-                        End date: ${collector.end}
-                    </p>
-                </dd>
+                <j:if test="${not collector.end.isBefore(now)}">
+                    <dt>${collector.displayName}</dt>
+                    <dd>
+                        <st:include from="${collector}" optional="true" page="description.jelly"/>
+                        <p>
+                            Start date: ${collector.start}<br/>
+                            End date: ${collector.end}
+                        </p>
+                    </dd>
+                </j:if>
             </j:forEach>
         </dl>
     </div>
-- 
GitLab


From e0ed9a86e007705c2629b127541ee2cdc9e251ef Mon Sep 17 00:00:00 2001
From: Sam Van Oort <samvanoort@gmail.com>
Date: Sat, 6 Oct 2018 06:49:07 -0400
Subject: [PATCH 795/863] Micro-optimizations to Plugin data to reduce minimum
 memory for Jenkins (#3654)

* Reduce memory footprint for the plugin info by presizing hashmaps to reduce waste for small maps and interning commonly duplicated plugin strings

* Replace duplicated empty string arrays with the one in MemoryReductionUtil

* Fix interning where strings are null

* Fix to deal with the fact that we directly mutate dependency fields for UpdateSite, sigh

* Reduce starting HashMap size for some hashmaps likely to be empty or tiny

* Cleanup per review comments

* Trim some extra waste out of the UpdateSite warnings

* Fix count of optional dependencies

* Move predicates for dependency matching to top-level static final field so they are not duplicated
---
 core/src/main/java/hudson/Launcher.java       |  3 +-
 core/src/main/java/hudson/PluginWrapper.java  |  8 +--
 core/src/main/java/hudson/Util.java           |  4 +-
 .../main/java/hudson/logging/LogRecorder.java |  3 +-
 .../main/java/hudson/model/Descriptor.java    |  4 +-
 core/src/main/java/hudson/model/Items.java    |  5 +-
 .../main/java/hudson/model/UpdateSite.java    | 60 ++++++++++-------
 core/src/main/java/hudson/search/Search.java  |  5 +-
 .../src/main/java/hudson/security/WhoAmI.java |  3 +-
 .../model/lazy/AbstractLazyLoadRunMap.java    |  6 +-
 .../validator/routines/DomainValidator.java   | 19 +++---
 .../jenkins/util/MemoryReductionUtil.java     | 67 +++++++++++++++++++
 .../main/java/jenkins/util/VirtualFile.java   |  3 +-
 .../security/ClassFilterImplSanityTest.java   |  4 +-
 14 files changed, 139 insertions(+), 55 deletions(-)
 create mode 100644 core/src/main/java/jenkins/util/MemoryReductionUtil.java

diff --git a/core/src/main/java/hudson/Launcher.java b/core/src/main/java/hudson/Launcher.java
index 0c14a4bbdd..f0f18b4f81 100644
--- a/core/src/main/java/hudson/Launcher.java
+++ b/core/src/main/java/hudson/Launcher.java
@@ -26,6 +26,7 @@ package hudson;
 import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
 import hudson.Proc.LocalProc;
 import hudson.model.Computer;
+import jenkins.util.MemoryReductionUtil;
 import hudson.util.QuotedStringTokenizer;
 import jenkins.model.Jenkins;
 import hudson.model.TaskListener;
@@ -396,7 +397,7 @@ public abstract class Launcher {
          */
         @Nonnull
         public String[] envs() {
-            return envs != null ? envs.clone() : new String[0];
+            return envs != null ? envs.clone() : MemoryReductionUtil.EMPTY_STRING_ARRAY;
         }
 
         /**
diff --git a/core/src/main/java/hudson/PluginWrapper.java b/core/src/main/java/hudson/PluginWrapper.java
index b2be33c8c5..24d90aaa45 100644
--- a/core/src/main/java/hudson/PluginWrapper.java
+++ b/core/src/main/java/hudson/PluginWrapper.java
@@ -188,7 +188,7 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
     /**
      * A String error message, and a boolean indicating whether it's an original error (false) or downstream from an original one (true)
      */
-    private final transient Map<String, Boolean> dependencyErrors = new HashMap<>();
+    private final transient Map<String, Boolean> dependencyErrors = new HashMap<>(0);
 
     /**
      * Is this plugin bundled in jenkins.war?
@@ -256,8 +256,8 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
             int idx = s.indexOf(':');
             if(idx==-1)
                 throw new IllegalArgumentException("Illegal dependency specifier "+s);
-            this.shortName = s.substring(0,idx);
-            String version = s.substring(idx+1);
+            this.shortName = Util.intern(s.substring(0,idx));
+            String version = Util.intern(s.substring(idx+1));
 
             boolean isOptional = false;
             String[] osgiProperties = version.split("[;]");
@@ -300,7 +300,7 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
 			List<Dependency> dependencies, List<Dependency> optionalDependencies) {
         this.parent = parent;
 		this.manifest = manifest;
-		this.shortName = computeShortName(manifest, archive.getName());
+		this.shortName = Util.intern(computeShortName(manifest, archive.getName()));
 		this.baseResourceURL = baseResourceURL;
 		this.classLoader = classLoader;
 		this.disableFile = disableFile;
diff --git a/core/src/main/java/hudson/Util.java b/core/src/main/java/hudson/Util.java
index baffd6d6d2..8007200a62 100644
--- a/core/src/main/java/hudson/Util.java
+++ b/core/src/main/java/hudson/Util.java
@@ -26,6 +26,7 @@ package hudson;
 import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
 
 import hudson.model.TaskListener;
+import jenkins.util.MemoryReductionUtil;
 import hudson.util.QuotedStringTokenizer;
 import hudson.util.VariableResolver;
 import jenkins.util.SystemProperties;
@@ -92,7 +93,6 @@ import javax.annotation.Nullable;
 import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
 
-import org.apache.commons.codec.digest.DigestUtils;
 import org.apache.commons.io.FileUtils;
 
 /**
@@ -1388,7 +1388,7 @@ public class Util {
             @Nonnull String symlinkPath, @Nonnull TaskListener listener) throws InterruptedException {
         try {
             Path path = fileToPath(new File(baseDir, symlinkPath));
-            Path target = Paths.get(targetPath, new String[0]);
+            Path target = Paths.get(targetPath, MemoryReductionUtil.EMPTY_STRING_ARRAY);
 
             final int maxNumberOfTries = 4;
             final int timeInMillis = 100;
diff --git a/core/src/main/java/hudson/logging/LogRecorder.java b/core/src/main/java/hudson/logging/LogRecorder.java
index 9343ab790f..51549a3bd3 100644
--- a/core/src/main/java/hudson/logging/LogRecorder.java
+++ b/core/src/main/java/hudson/logging/LogRecorder.java
@@ -32,6 +32,7 @@ import hudson.Util;
 import hudson.XmlFile;
 import hudson.model.*;
 import hudson.util.HttpResponses;
+import jenkins.util.MemoryReductionUtil;
 import jenkins.model.Jenkins;
 import hudson.model.listeners.SaveableListener;
 import hudson.remoting.Channel;
@@ -140,7 +141,7 @@ public class LogRecorder extends AbstractModelObject implements Saveable {
             candidateNames.retainAll(partCandidates);
         }
         AutoCompletionCandidates candidates = new AutoCompletionCandidates();
-        candidates.add(candidateNames.toArray(new String[0]));
+        candidates.add(candidateNames.toArray(MemoryReductionUtil.EMPTY_STRING_ARRAY));
         return candidates;
     }
 
diff --git a/core/src/main/java/hudson/model/Descriptor.java b/core/src/main/java/hudson/model/Descriptor.java
index d51edc0c39..a28da2f8b3 100644
--- a/core/src/main/java/hudson/model/Descriptor.java
+++ b/core/src/main/java/hudson/model/Descriptor.java
@@ -137,7 +137,7 @@ public abstract class Descriptor<T extends Describable<T>> implements Saveable,
      */
     public transient final Class<? extends T> clazz;
 
-    private transient final Map<String,CheckMethod> checkMethods = new ConcurrentHashMap<String,CheckMethod>();
+    private transient final Map<String,CheckMethod> checkMethods = new ConcurrentHashMap<String,CheckMethod>(2);
 
     /**
      * Lazily computed list of properties on {@link #clazz} and on the descriptor itself.
@@ -233,7 +233,7 @@ public abstract class Descriptor<T extends Describable<T>> implements Saveable,
      *
      * @see #getHelpFile(String) 
      */
-    private transient final Map<String,HelpRedirect> helpRedirect = new HashMap<String,HelpRedirect>();
+    private transient final Map<String,HelpRedirect> helpRedirect = new HashMap<String,HelpRedirect>(2);
 
     private static class HelpRedirect {
         private final Class<? extends Describable> owner;
diff --git a/core/src/main/java/hudson/model/Items.java b/core/src/main/java/hudson/model/Items.java
index 927abc72e0..d0a26238a3 100644
--- a/core/src/main/java/hudson/model/Items.java
+++ b/core/src/main/java/hudson/model/Items.java
@@ -35,6 +35,7 @@ import hudson.security.AccessControlled;
 import hudson.triggers.Trigger;
 import hudson.util.DescriptorList;
 import hudson.util.EditDistance;
+import jenkins.util.MemoryReductionUtil;
 import hudson.util.XStream2;
 import java.io.File;
 import java.io.IOException;
@@ -313,8 +314,8 @@ public class Items {
 
     // Had difficulty adapting the version in Functions to use no live items, so rewrote it:
     static String getRelativeNameFrom(String itemFullName, String groupFullName) {
-        String[] itemFullNameA = itemFullName.isEmpty() ? new String[0] : itemFullName.split("/");
-        String[] groupFullNameA = groupFullName.isEmpty() ? new String[0] : groupFullName.split("/");
+        String[] itemFullNameA = itemFullName.isEmpty() ? MemoryReductionUtil.EMPTY_STRING_ARRAY : itemFullName.split("/");
+        String[] groupFullNameA = groupFullName.isEmpty() ? MemoryReductionUtil.EMPTY_STRING_ARRAY : groupFullName.split("/");
         for (int i = 0; ; i++) {
             if (i == itemFullNameA.length) {
                 if (i == groupFullNameA.length) {
diff --git a/core/src/main/java/hudson/model/UpdateSite.java b/core/src/main/java/hudson/model/UpdateSite.java
index c574fc2ca7..c5a2cd260b 100644
--- a/core/src/main/java/hudson/model/UpdateSite.java
+++ b/core/src/main/java/hudson/model/UpdateSite.java
@@ -35,6 +35,7 @@ import hudson.model.UpdateCenter.UpdateCenterJob;
 import hudson.util.FormValidation;
 import hudson.util.FormValidation.Kind;
 import hudson.util.HttpResponses;
+import static jenkins.util.MemoryReductionUtil.*;
 import hudson.util.TextFile;
 import static java.util.concurrent.TimeUnit.*;
 import hudson.util.VersionNumber;
@@ -46,7 +47,6 @@ import java.net.URLEncoder;
 import java.security.GeneralSecurityException;
 import java.util.ArrayList;
 import java.util.Collections;
-import java.util.HashMap;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Locale;
@@ -56,6 +56,7 @@ import java.util.TreeMap;
 import java.util.UUID;
 import java.util.concurrent.Callable;
 import java.util.concurrent.Future;
+import java.util.function.Predicate;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 import java.util.regex.Pattern;
@@ -527,7 +528,7 @@ public class UpdateSite {
         public final String connectionCheckUrl;
 
         Data(JSONObject o) {
-            this.sourceId = (String)o.get("id");
+            this.sourceId = Util.intern((String)o.get("id"));
             JSONObject c = o.optJSONObject("core");
             if (c!=null) {
                 core = new Entry(sourceId, c, url);
@@ -557,7 +558,7 @@ public class UpdateSite {
                         }
                     }
                 }
-                plugins.put(e.getKey(), p);
+                plugins.put(Util.intern(e.getKey()), p);
             }
 
             connectionCheckUrl = (String)o.get("connectionCheckUrl");
@@ -629,8 +630,8 @@ public class UpdateSite {
 
         Entry(String sourceId, JSONObject o, String baseURL) {
             this.sourceId = sourceId;
-            this.name = o.getString("name");
-            this.version = o.getString("version");
+            this.name = Util.intern(o.getString("name"));
+            this.version = Util.intern(o.getString("version"));
 
             // Trim this to prevent issues when the other end used Base64.encodeBase64String that added newlines
             // to the end in old commons-codec. Not the case on updates.jenkins-ci.org, but let's be safe.
@@ -738,8 +739,8 @@ public class UpdateSite {
 
         public WarningVersionRange(JSONObject o) {
             this.name = Util.fixEmpty(o.optString("name"));
-            this.firstVersion = Util.fixEmpty(o.optString("firstVersion"));
-            this.lastVersion = Util.fixEmpty(o.optString("lastVersion"));
+            this.firstVersion = Util.intern(Util.fixEmpty(o.optString("firstVersion")));
+            this.lastVersion = Util.intern(Util.fixEmpty(o.optString("lastVersion")));
             Pattern p;
             try {
                 p = Pattern.compile(o.getString("pattern"));
@@ -836,13 +837,13 @@ public class UpdateSite {
                 this.type = Type.UNKNOWN;
             }
             this.id = o.getString("id");
-            this.component = o.getString("name");
+            this.component = Util.intern(o.getString("name"));
             this.message = o.getString("message");
             this.url = o.getString("url");
 
             if (o.has("versions")) {
-                List<WarningVersionRange> ranges = new ArrayList<>();
                 JSONArray versions = o.getJSONArray("versions");
+                List<WarningVersionRange> ranges = new ArrayList<>(versions.size());
                 for (int i = 0; i < versions.size(); i++) {
                     WarningVersionRange range = new WarningVersionRange(versions.getJSONObject(i));
                     ranges.add(range);
@@ -926,6 +927,16 @@ public class UpdateSite {
         }
     }
 
+    private static String get(JSONObject o, String prop) {
+        if(o.has(prop))
+            return o.getString(prop);
+        else
+            return null;
+    }
+
+    static final Predicate<Object> IS_DEP_PREDICATE = x -> x instanceof JSONObject && get(((JSONObject)x), "name") != null;
+    static final Predicate<Object> IS_NOT_OPTIONAL = x-> "false".equals(get(((JSONObject)x), "optional"));
+
     public final class Plugin extends Entry {
         /**
          * Optional URL to the Wiki page that discusses this plugin.
@@ -967,13 +978,13 @@ public class UpdateSite {
          * Dependencies of this plugin, a name -&gt; version mapping.
          */
         @Exported
-        public final Map<String,String> dependencies = new HashMap<String,String>();
+        public final Map<String,String> dependencies;
         
         /**
          * Optional dependencies of this plugin.
          */
         @Exported
-        public final Map<String,String> optionalDependencies = new HashMap<String,String>();
+        public final Map<String,String> optionalDependencies;
 
         @DataBoundConstructor
         public Plugin(String sourceId, JSONObject o) {
@@ -981,30 +992,31 @@ public class UpdateSite {
             this.wiki = get(o,"wiki");
             this.title = get(o,"title");
             this.excerpt = get(o,"excerpt");
-            this.compatibleSinceVersion = get(o,"compatibleSinceVersion");
-            this.requiredCore = get(o,"requiredCore");
-            this.categories = o.has("labels") ? (String[])o.getJSONArray("labels").toArray(new String[0]) : null;
+            this.compatibleSinceVersion = Util.intern(get(o,"compatibleSinceVersion"));
+            this.requiredCore = Util.intern(get(o,"requiredCore"));
+            this.categories = o.has("labels") ? internInPlace((String[])o.getJSONArray("labels").toArray(EMPTY_STRING_ARRAY)) : null;
+            JSONArray ja = o.getJSONArray("dependencies");
+            int depCount = (int)(ja.stream().filter(IS_DEP_PREDICATE.and(IS_NOT_OPTIONAL)).count());
+            int optionalDepCount = (int)(ja.stream().filter(IS_DEP_PREDICATE.and(IS_NOT_OPTIONAL.negate())).count());
+            dependencies = getPresizedMutableMap(depCount);
+            optionalDependencies = getPresizedMutableMap(optionalDepCount);
+
             for(Object jo : o.getJSONArray("dependencies")) {
                 JSONObject depObj = (JSONObject) jo;
                 // Make sure there's a name attribute and that the optional value isn't true.
-                if (get(depObj,"name")!=null) {
+                String depName = Util.intern(get(depObj,"name"));
+                if (depName!=null) {
                     if (get(depObj, "optional").equals("false")) {
-                        dependencies.put(get(depObj, "name"), get(depObj, "version"));
+                        dependencies.put(depName, Util.intern(get(depObj, "version")));
                     } else {
-                        optionalDependencies.put(get(depObj, "name"), get(depObj, "version"));
+                        optionalDependencies.put(depName, Util.intern(get(depObj, "version")));
                     }
                 }
-                
             }
 
         }
 
-        private String get(JSONObject o, String prop) {
-            if(o.has(prop))
-                return o.getString(prop);
-            else
-                return null;
-        }
+
 
         public String getDisplayName() {
             String displayName;
diff --git a/core/src/main/java/hudson/search/Search.java b/core/src/main/java/hudson/search/Search.java
index 769aab3963..6b07b99a5d 100644
--- a/core/src/main/java/hudson/search/Search.java
+++ b/core/src/main/java/hudson/search/Search.java
@@ -42,6 +42,7 @@ import java.util.logging.Logger;
 
 import javax.servlet.ServletException;
 
+import jenkins.util.MemoryReductionUtil;
 import jenkins.model.Jenkins;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
@@ -325,10 +326,8 @@ public class Search implements StaplerProxy {
     static final class TokenList {
         private final String[] tokens;
 
-        private final static String[] EMPTY = new String[0];
-
         public TokenList(String tokenList) {
-            tokens = tokenList!=null ? tokenList.split("(?<=\\s)(?=\\S)") : EMPTY;
+            tokens = tokenList!=null ? tokenList.split("(?<=\\s)(?=\\S)") : MemoryReductionUtil.EMPTY_STRING_ARRAY;
         }
 
         public int length() { return tokens.length; }
diff --git a/core/src/main/java/hudson/security/WhoAmI.java b/core/src/main/java/hudson/security/WhoAmI.java
index 76faab1948..66e837acd3 100644
--- a/core/src/main/java/hudson/security/WhoAmI.java
+++ b/core/src/main/java/hudson/security/WhoAmI.java
@@ -8,6 +8,7 @@ import hudson.model.UnprotectedRootAction;
 import java.util.ArrayList;
 import java.util.List;
 
+import jenkins.util.MemoryReductionUtil;
 import jenkins.model.Jenkins;
 
 import org.acegisecurity.Authentication;
@@ -62,7 +63,7 @@ public class WhoAmI implements UnprotectedRootAction {
     @Exported
     public String[] getAuthorities() {
         if (auth().getAuthorities() == null) {
-            return new String[0];
+            return MemoryReductionUtil.EMPTY_STRING_ARRAY;
         }
         List <String> authorities = new ArrayList<String>();
         for (GrantedAuthority a : auth().getAuthorities()) {
diff --git a/core/src/main/java/jenkins/model/lazy/AbstractLazyLoadRunMap.java b/core/src/main/java/jenkins/model/lazy/AbstractLazyLoadRunMap.java
index b839866ac8..b1d7ae6afe 100644
--- a/core/src/main/java/jenkins/model/lazy/AbstractLazyLoadRunMap.java
+++ b/core/src/main/java/jenkins/model/lazy/AbstractLazyLoadRunMap.java
@@ -40,6 +40,8 @@ import java.util.TreeMap;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 import javax.annotation.CheckForNull;
+
+import jenkins.util.MemoryReductionUtil;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 
@@ -188,7 +190,7 @@ public abstract class AbstractLazyLoadRunMap<R> extends AbstractMap<Integer,R> i
         String[] kids = dir.list();
         if (kids == null) {
             // the job may have just been created
-            kids = EMPTY_STRING_ARRAY;
+            kids = MemoryReductionUtil.EMPTY_STRING_ARRAY;
         }
         SortedIntList list = new SortedIntList(kids.length / 2);
         for (String s : kids) {
@@ -586,8 +588,6 @@ public abstract class AbstractLazyLoadRunMap<R> extends AbstractMap<Integer,R> i
         ASC, DESC, EXACT
     }
 
-    private static final String[] EMPTY_STRING_ARRAY = new String[0];
-
     private static final SortedMap EMPTY_SORTED_MAP = Collections.unmodifiableSortedMap(new TreeMap());
 
     static final Logger LOGGER = Logger.getLogger(AbstractLazyLoadRunMap.class.getName());
diff --git a/core/src/main/java/jenkins/org/apache/commons/validator/routines/DomainValidator.java b/core/src/main/java/jenkins/org/apache/commons/validator/routines/DomainValidator.java
index 10edf8c4f7..e23c8f15a1 100644
--- a/core/src/main/java/jenkins/org/apache/commons/validator/routines/DomainValidator.java
+++ b/core/src/main/java/jenkins/org/apache/commons/validator/routines/DomainValidator.java
@@ -17,6 +17,7 @@
 /* Copied from commons-validator:commons-validator:1.6, with [PATCH] modifications */
 package jenkins.org.apache.commons.validator.routines;
 
+import jenkins.util.MemoryReductionUtil;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 
@@ -72,8 +73,6 @@ public class DomainValidator implements Serializable {
     
     private static final int MAX_DOMAIN_LENGTH = 253;
     
-    private static final String[] EMPTY_STRING_ARRAY = new String[0];
-    
     private static final long serialVersionUID = -4407125112880174009L;
     
     // Regular expression strings for hostnames (derived from RFC2396 and RFC 1123)
@@ -1853,16 +1852,16 @@ public class DomainValidator implements Serializable {
      * using the getInstance methods which are all (now) synchronised.
      */
     // WARNING: this array MUST be sorted, otherwise it cannot be searched reliably using binary search
-    private static volatile String[] countryCodeTLDsPlus = EMPTY_STRING_ARRAY;
+    private static volatile String[] countryCodeTLDsPlus = MemoryReductionUtil.EMPTY_STRING_ARRAY;
     
     // WARNING: this array MUST be sorted, otherwise it cannot be searched reliably using binary search
-    private static volatile String[] genericTLDsPlus = EMPTY_STRING_ARRAY;
+    private static volatile String[] genericTLDsPlus = MemoryReductionUtil.EMPTY_STRING_ARRAY;
     
     // WARNING: this array MUST be sorted, otherwise it cannot be searched reliably using binary search
-    private static volatile String[] countryCodeTLDsMinus = EMPTY_STRING_ARRAY;
+    private static volatile String[] countryCodeTLDsMinus = MemoryReductionUtil.EMPTY_STRING_ARRAY;
     
     // WARNING: this array MUST be sorted, otherwise it cannot be searched reliably using binary search
-    private static volatile String[] genericTLDsMinus = EMPTY_STRING_ARRAY;
+    private static volatile String[] genericTLDsMinus = MemoryReductionUtil.EMPTY_STRING_ARRAY;
     
     /**
      * enum used by {@link DomainValidator#updateTLDOverride(DomainValidator.ArrayType, String[])}
@@ -1893,10 +1892,10 @@ public class DomainValidator implements Serializable {
     // For use by unit test code only
     static synchronized void clearTLDOverrides() {
         inUse = false;
-        countryCodeTLDsPlus = EMPTY_STRING_ARRAY;
-        countryCodeTLDsMinus = EMPTY_STRING_ARRAY;
-        genericTLDsPlus = EMPTY_STRING_ARRAY;
-        genericTLDsMinus = EMPTY_STRING_ARRAY;
+        countryCodeTLDsPlus = MemoryReductionUtil.EMPTY_STRING_ARRAY;
+        countryCodeTLDsMinus = MemoryReductionUtil.EMPTY_STRING_ARRAY;
+        genericTLDsPlus = MemoryReductionUtil.EMPTY_STRING_ARRAY;
+        genericTLDsMinus = MemoryReductionUtil.EMPTY_STRING_ARRAY;
     }
     /**
      * Update one of the TLD override arrays.
diff --git a/core/src/main/java/jenkins/util/MemoryReductionUtil.java b/core/src/main/java/jenkins/util/MemoryReductionUtil.java
new file mode 100644
index 0000000000..7d7c84a030
--- /dev/null
+++ b/core/src/main/java/jenkins/util/MemoryReductionUtil.java
@@ -0,0 +1,67 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.util;
+
+import hudson.Util;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * Utilities to reduce memory footprint
+ * @author Sam Van Oort
+ */
+public class MemoryReductionUtil {
+    /** Returns the capacity we need to allocate for a HashMap so it will hold all elements without needing to resize. */
+    public static int preallocatedHashmapCapacity(int elementsToHold) {
+        if (elementsToHold <= 0) {
+            return 0;
+        } else if (elementsToHold < 3) {
+            return elementsToHold+1;
+        } else {
+            return elementsToHold+elementsToHold/3; // Default load factor is 0.75, so we want to fill that much.
+        }
+    }
+
+    /** Returns a mutable HashMap presized to hold the given number of elements without needing to resize. */
+    public static Map getPresizedMutableMap(int elementCount) {
+        return new HashMap(preallocatedHashmapCapacity(elementCount));
+    }
+
+    /** Empty string array, exactly what it says on the tin. Avoids repeatedly created empty array when calling "toArray." */
+    public static final String[] EMPTY_STRING_ARRAY = new String[0];
+
+    /** Returns the input strings, but with all values interned. */
+    public static String[] internInPlace(String[] input) {
+        if (input == null) {
+            return null;
+        } else if (input.length == 0) {
+            return EMPTY_STRING_ARRAY;
+        }
+        for (int i=0; i<input.length; i++) {
+            input[i] = Util.intern(input[i]);
+        }
+        return input;
+    }
+
+}
diff --git a/core/src/main/java/jenkins/util/VirtualFile.java b/core/src/main/java/jenkins/util/VirtualFile.java
index 3db7461a93..fcb7ec2d1a 100644
--- a/core/src/main/java/jenkins/util/VirtualFile.java
+++ b/core/src/main/java/jenkins/util/VirtualFile.java
@@ -54,6 +54,7 @@ import java.util.logging.Logger;
 import java.util.stream.Collectors;
 import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
+
 import jenkins.MasterToSlaveFileCallable;
 import jenkins.model.ArtifactManager;
 import jenkins.security.MasterToSlaveCallable;
@@ -175,7 +176,7 @@ public abstract class VirtualFile implements Comparable<VirtualFile>, Serializab
      */
     @Deprecated
     public @Nonnull String[] list(String glob) throws IOException {
-        return list(glob.replace('\\', '/'), null, true).toArray(new String[0]);
+        return list(glob.replace('\\', '/'), null, true).toArray(MemoryReductionUtil.EMPTY_STRING_ARRAY);
     }
 
     /**
diff --git a/core/src/test/java/jenkins/security/ClassFilterImplSanityTest.java b/core/src/test/java/jenkins/security/ClassFilterImplSanityTest.java
index 77cf27883c..7a710aaeb4 100644
--- a/core/src/test/java/jenkins/security/ClassFilterImplSanityTest.java
+++ b/core/src/test/java/jenkins/security/ClassFilterImplSanityTest.java
@@ -28,6 +28,8 @@ import java.nio.charset.StandardCharsets;
 import java.util.List;
 import java.util.TreeSet;
 import java.util.stream.Collectors;
+
+import jenkins.util.MemoryReductionUtil;
 import org.apache.commons.io.IOUtils;
 import static org.hamcrest.Matchers.*;
 import static org.junit.Assert.assertThat;
@@ -45,7 +47,7 @@ public class ClassFilterImplSanityTest {
     public void whitelistSanity() throws Exception {
         try (InputStream is = ClassFilterImpl.class.getResourceAsStream("whitelisted-classes.txt")) {
             List<String> lines = IOUtils.readLines(is, StandardCharsets.UTF_8).stream().filter(line -> !line.matches("#.*|\\s*")).collect(Collectors.toList());
-            assertThat("whitelist is NOT ordered", new TreeSet<>(lines), contains(lines.toArray(new String[0])));
+            assertThat("whitelist is NOT ordered", new TreeSet<>(lines), contains(lines.toArray(MemoryReductionUtil.EMPTY_STRING_ARRAY)));
             for (String line : lines) {
                 try {
                     Class.forName(line);
-- 
GitLab


From c154e9ba0b505e2cf574e827811016115cce41d9 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sat, 6 Oct 2018 15:00:38 +0200
Subject: [PATCH 796/863] Introduce a new `smoke-test` profile for basic tests

---
 test/pom.xml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/test/pom.xml b/test/pom.xml
index 4f9dae71fa..7f08f9b914 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -301,11 +301,19 @@ THE SOFTWARE.
 
   <profiles>
     <profile>
+      <!-- Profile, which allows skipping all integration tests -->
       <id>light-test</id>
       <properties>
         <skipTests>true</skipTests>
       </properties>
     </profile>
+    <profile>
+      <!-- Profile, which runs only a number of quick integration tests so that the build takes less than 5 minutes -->
+      <id>smoke-test</id>
+      <properties>
+        <test>jenkins.model.StartupTest,jenkins.model.JenkinsTest,jenkins.install.*,jenkins.security.CustomClassFilterTest,hudson.AboutJenkinsTest,hudson.ClassicPluginStrategyTest,hudson.LauncherTest,hudson.slaves.JNLPLauncherTest,hudson.model.RunTest,hudson.model.UserTest,hudson.model.FreeStyleProjectTest,hudson.model.HudsonTest,hudson.model.ComputerTest,hudson.CLI.BuildCommandTest#sync,*.smokes</test>
+      </properties>
+    </profile>
     <profile>
       <id>all-tests</id>
       <activation>
-- 
GitLab


From 4debff7e3adaa3932073f0eba1313d659fdcff4f Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sat, 6 Oct 2018 15:01:00 +0200
Subject: [PATCH 797/863] Update documentation to reflect the current test
 profiles

---
 BUILDING.TXT    | 11 -----------
 CONTRIBUTING.md |  6 ++++++
 2 files changed, 6 insertions(+), 11 deletions(-)
 delete mode 100644 BUILDING.TXT

diff --git a/BUILDING.TXT b/BUILDING.TXT
deleted file mode 100644
index bde5cadf35..0000000000
--- a/BUILDING.TXT
+++ /dev/null
@@ -1,11 +0,0 @@
-If you want simply to have the jenkins.war as fast as possible (without test
-execution), run:
-
-    mvn clean install -pl war -am -DskipTests
-
-The WAR file will be in war/target/jenkins.war (you can play with it)
-
-For more information on building Jenkins, visit
-https://wiki.jenkins-ci.org/display/JENKINS/Building+Jenkins
-
-Have Fun !!
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index d419bd03a9..ab12568a0a 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -46,6 +46,12 @@ Functional tests (`test` module) take a while even on server-grade machines.
 Most of the tests will be launched by the continuous integration instance,
 so there is no strict need to run full test suites before proposing a pull request.
 
+There are 3 profiles for tests:
+
+* `light-test` - only unit tests, no functional tests
+* `smoke-test` - run unit tests + a number of functional tests
+* `all-tests` - Runs all tests, with re-run (default)
+
 In addition to the included tests, you can also find extra integration and UI
 tests in the [Acceptance Test Harness (ATH)](https://github.com/jenkinsci/acceptance-test-harness) repository.
 If you propose complex UI changes, you should create new ATH tests for them.
-- 
GitLab


From e998a7808ff7bf2523382fac8a28c2c1912b63a4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Francisco=20Fern=C3=A1ndez?=
 <31063239+fcojfernandez@users.noreply.github.com>
Date: Sat, 6 Oct 2018 16:05:38 +0200
Subject: [PATCH 798/863] [JENKINS-53792] Env vars to configure CLI -auth
 option (#3653)

* [JENKINS-53792] Add env vars for auth option

* [JENKINS-53792] Fix encoding after first commit

* [JENKINS-53792] Better readability

* [JENKINS-53792] Refactor and use the ApiToken

* [JENKINS-53792] Fix encoding
---
 cli/pom.xml                                   |   4 +
 cli/src/main/java/hudson/cli/CLI.java         |  16 ++
 .../hudson/cli/client/Messages.properties     |   4 +-
 .../hudson/cli/client/Messages_es.properties  |  28 +-
 core/pom.xml                                  |   1 -
 pom.xml                                       |   6 +
 .../test/java/hudson/cli/CLIEnvVarTest.java   | 242 ++++++++++++++++++
 7 files changed, 292 insertions(+), 9 deletions(-)
 create mode 100644 test/src/test/java/hudson/cli/CLIEnvVarTest.java

diff --git a/cli/pom.xml b/cli/pom.xml
index e65b174223..670e416a26 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -81,6 +81,10 @@
       <artifactId>annotations</artifactId>
       <scope>provided</scope>
     </dependency>
+    <dependency>
+      <groupId>commons-lang</groupId>
+      <artifactId>commons-lang</artifactId>
+    </dependency>
   </dependencies>
 
   <build>
diff --git a/cli/src/main/java/hudson/cli/CLI.java b/cli/src/main/java/hudson/cli/CLI.java
index 5da726be0e..52c6785d58 100644
--- a/cli/src/main/java/hudson/cli/CLI.java
+++ b/cli/src/main/java/hudson/cli/CLI.java
@@ -77,6 +77,7 @@ import java.util.logging.Level;
 import java.util.logging.Logger;
 import static java.util.logging.Level.*;
 import org.apache.commons.io.FileUtils;
+import org.apache.commons.lang.StringUtils;
 
 /**
  * CLI entry point to Jenkins.
@@ -452,6 +453,10 @@ public class CLI implements AutoCloseable {
 
         String user = null;
         String auth = null;
+
+        String userIdEnv = System.getenv("JENKINS_USER_ID");
+        String tokenEnv = System.getenv("JENKINS_API_TOKEN");
+
         boolean strictHostKey = false;
 
         while(!args.isEmpty()) {
@@ -563,6 +568,17 @@ public class CLI implements AutoCloseable {
             return -1;
         }
 
+        if (auth == null) {
+            // -auth option not set
+            if (StringUtils.isNotBlank(userIdEnv) && StringUtils.isNotBlank(tokenEnv)) {
+                auth = StringUtils.defaultString(userIdEnv).concat(":").concat(StringUtils.defaultString(tokenEnv));
+            } else if (StringUtils.isNotBlank(userIdEnv) || StringUtils.isNotBlank(tokenEnv)) {
+                printUsage(Messages.CLI_BadAuth());
+                return -1;
+            } // Otherwise, none credentials were set
+
+        }
+
         if (!url.endsWith("/")) {
             url += '/';
         }
diff --git a/cli/src/main/resources/hudson/cli/client/Messages.properties b/cli/src/main/resources/hudson/cli/client/Messages.properties
index 921fe67a21..44fa79c6fd 100644
--- a/cli/src/main/resources/hudson/cli/client/Messages.properties
+++ b/cli/src/main/resources/hudson/cli/client/Messages.properties
@@ -13,10 +13,12 @@ CLI.Usage=Jenkins CLI\n\
    -strictHostKey : request strict host key checking (for use with -ssh)\n\
    -logger FINE : enable detailed logging from the client\n\
    -auth [ USER:SECRET | @FILE ] : specify username and either password or API token (or load from them both from a file);\n\
-                                   for use with -http, or -remoting but only when the JNLP agent port is disabled\n\
+                                   for use with -http, or -remoting but only when the JNLP agent port is disabled.\n\
+                                   Not necessary if JENKINS_USER_ID and JENKINS_API_TOKEN env vars are set\n\
   \n\
   The available commands depend on the server. Run the 'help' command to\n\
   see the list.
 CLI.NoURL=Neither -s nor the JENKINS_URL env var is specified.
 CLI.VersionMismatch=Version mismatch. This CLI cannot work with this Jenkins server.
 CLI.NoSuchFileExists=No such file exists: {0}
+CLI.BadAuth=The JENKINS_USER_ID and JENKINS_API_TOKEN env vars should be both set or left empty. 
diff --git a/cli/src/main/resources/hudson/cli/client/Messages_es.properties b/cli/src/main/resources/hudson/cli/client/Messages_es.properties
index f9979a5619..b8ff42b3c2 100644
--- a/cli/src/main/resources/hudson/cli/client/Messages_es.properties
+++ b/cli/src/main/resources/hudson/cli/client/Messages_es.properties
@@ -1,10 +1,24 @@
 CLI.Usage=Jenkins CLI\n\
-  Usar: java -jar jenkins-cli.jar [-s URL] command [opts...] args...\n\
-  Options:\n\
-  \ -s URL : direcci�n web (por defecto se usa la variable JENKINS_URL)\n\
+  Uso: java -jar jenkins-cli.jar [-s URL] command [opts...] args...\n\
+  Opciones:\n\
+   -s URL       : direcci\u00f3n web (por defecto se usa la variable JENKINS_URL)\n\
+   -http        : usa un protocolo plano sobre HTTP(S) (es el uso por defecto; excluyente con -ssh y -remoting)\n\
+   -ssh         : usa el protocolo SSH (requiere -user; el puerto SSH debe estar abierto en el servidor y el usuario debe tener registrada su clave publica)\n\
+   -remoting    : usa el protocolo deprecado de Remoting (siempre que est\u00e9 habilitado en el servidor; s\u00f3lo para compatibilidad con comandos heredados o legacy)\n\
+   -i KEY       : clave privada SSH usada para autenticaci\u00f3n (usado con -ssh o -remoting)\n\
+   -p HOST:PORT : host y puerto para el uso de proxy HTTPS. Ver https://jenkins.io/redirect/cli-https-proxy-tunnel\n\
+   -noCertificateCheck : elude por completo la verificaci\u00f3n del certificado HTTPS. Usar con precauci\u00f3n\n\
+   -noKeyAuth   : intenta no cargar la clave privada de autenticaci\u00f3n SSH. Presenta conflicto con -i\n\
+   -user        : especifica el usuario (se usa con -ssh)\n\
+   -strictHostKey : solicita la comprobaci\u00f3n estricta de la clave del host (se usa con -ssh)\n\
+   -logger FINE : habilita logs detallados en el cliente\n\
+   -auth [ USER:SECRET | @FILE ] : especifica el usuario y contrase\u00f1a o API token (o los carga de un fichero);\n\
+                                   se usa con -http o -remoting pero s\u00f3lo si el puerto del agente JNLP est\u00e1 deshabilitado.\n\
+                                   No es necesario si las variables de entorno JENKINS_USER_ID y JENKINS_API_TOKEN se encuentran configuradas.\n\
   \n\
-  La lista completa de comandos disponibles depende del servidor. Ejecuta\n\
-  el comando ''help'' para ver la lista.
-CLI.NoURL=No se ha especificado el par�metro -s ni la variable JENKINS_URL
-CLI.VersionMismatch=La versi�n no coincide. Esta consola "CLI" no se puede usar en este Jenkins
+  La lista de comandos disponibles depende del servidor. Ejecuta\n\
+  el comando ''help'' para ver la lista completa.
+CLI.NoURL=No se ha especificado el par\u00e1metro -s ni la variable JENKINS_URL
+CLI.VersionMismatch=La versi\u00f3n no coincide. Esta consola "CLI" no se puede usar en este Jenkins
 CLI.NoSuchFileExists=El fichero {0} no existe.
+CLI.BadAuth=Ambas variables de entorno JENKINS_USER_ID y JENKINS_API_TOKEN deber\u00edan estar configuradas o mantenerse vac\u00edas. 
diff --git a/core/pom.xml b/core/pom.xml
index f57e8453e8..a940e93423 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -279,7 +279,6 @@ THE SOFTWARE.
     <dependency><!-- hudson doesn't use this directly, but some plugins wanted to use the latest -->
       <groupId>commons-lang</groupId>
       <artifactId>commons-lang</artifactId>
-      <version>2.6</version>
     </dependency>
     <dependency>
       <groupId>commons-digester</groupId>
diff --git a/pom.xml b/pom.xml
index c809736be4..e5f3dc51df 100644
--- a/pom.xml
+++ b/pom.xml
@@ -148,6 +148,12 @@ THE SOFTWARE.
         <version>2.4</version>
       </dependency>
 
+      <dependency>
+        <groupId>commons-lang</groupId>
+        <artifactId>commons-lang</artifactId>
+        <version>2.6</version>
+      </dependency>
+
       <dependency>
         <groupId>org.mockito</groupId>
         <artifactId>mockito-core</artifactId>
diff --git a/test/src/test/java/hudson/cli/CLIEnvVarTest.java b/test/src/test/java/hudson/cli/CLIEnvVarTest.java
new file mode 100644
index 0000000000..0a5b18a928
--- /dev/null
+++ b/test/src/test/java/hudson/cli/CLIEnvVarTest.java
@@ -0,0 +1,242 @@
+package hudson.cli;
+
+import hudson.EnvVars;
+import hudson.Launcher;
+import hudson.model.User;
+import hudson.util.StreamTaskListener;
+import jenkins.model.Jenkins;
+import jenkins.security.ApiTokenProperty;
+import jenkins.security.apitoken.ApiTokenTestHelper;
+import org.apache.commons.io.FileUtils;
+
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.TemporaryFolder;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.MockAuthorizationStrategy;
+
+import java.io.ByteArrayOutputStream;
+import java.io.File;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+
+import static org.hamcrest.Matchers.containsString;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotEquals;
+import static org.junit.Assert.assertThat;
+
+public class CLIEnvVarTest {
+
+    @Rule
+    public JenkinsRule r = new JenkinsRule();
+
+    @Rule
+    public TemporaryFolder tmp = new TemporaryFolder();
+
+    private File home;
+    private File jar;
+
+    @Before
+    public void grabCliJar() throws IOException {
+        home = tmp.newFolder();
+        jar = tmp.newFile("jenkins-cli.jar");
+        FileUtils.copyURLToFile(r.jenkins.getJnlpJars("jenkins-cli.jar").getURL(), jar);
+    }
+
+    @Test
+    public void testSOptionWithoutJENKINS_URL() throws Exception {
+        assertEquals(0, launch("java",
+                "-Duser.home=" + home,
+                "-jar", jar.getAbsolutePath(),
+                "-s", r.getURL().toString(),
+                "who-am-i")
+        );
+    }
+
+    @Test
+    public void testWithoutSOptionAndWithoutJENKINS_URL() throws Exception {
+        assertNotEquals(0, launch("java",
+                "-Duser.home=" + home,
+                "-jar", jar.getAbsolutePath(),
+                "who-am-i")
+        );
+    }
+
+    @Test
+    public void testJENKINS_URLWithoutSOption() throws Exception {
+        // Valid URL
+        Map<String, String> envars = new HashMap<>();
+        envars.put("JENKINS_URL", r.getURL().toString());
+        assertEquals(0, launch(envars,
+                "java",
+                "-Duser.home=" + home,
+                "-jar", jar.getAbsolutePath(),
+                "who-am-i")
+        );
+
+        // Invalid URL
+        envars = new HashMap<>();
+        envars.put("JENKINS_URL", "http://invalid-url");
+        assertNotEquals(0, launch(envars,
+                "java",
+                "-Duser.home=" + home,
+                "-jar", jar.getAbsolutePath(),
+                "who-am-i")
+        );
+
+    }
+
+    @Test
+    public void testSOptionOverridesJENKINS_URL() throws Exception {
+        Map<String, String> envars = new HashMap<>();
+        envars.put("JENKINS_URL", "http://invalid-url");
+        assertEquals(0, launch(envars,
+                "java",
+                "-Duser.home=" + home,
+                "-jar", jar.getAbsolutePath(),
+                "-s", r.getURL().toString(),
+                "who-am-i")
+        );
+    }
+
+    @Test
+    public void testAuthOptionWithoutEnvVars() throws Exception {
+        String token = getToken();
+        try (ByteArrayOutputStream baos = new ByteArrayOutputStream()) {
+            assertEquals(0, launch(Collections.emptyMap(), baos, null,
+                    "java",
+                    "-Duser.home=" + home,
+                    "-jar", jar.getAbsolutePath(),
+                    "-s", r.getURL().toString(),
+                    "-auth", String.format("%s:%s", "admin", token),
+                    "who-am-i")
+            );
+            assertThat(baos.toString(), containsString("Authenticated as: admin"));
+        }
+    }
+
+    @Test
+    public void testWithoutEnvVarsAndWithoutAuthOption() throws Exception {
+        r.jenkins.setSecurityRealm(r.createDummySecurityRealm());
+        r.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy().grant(Jenkins.ADMINISTER).everywhere().to("admin"));
+
+        try (ByteArrayOutputStream baos = new ByteArrayOutputStream()) {
+            assertEquals(0, launch(Collections.emptyMap(), baos, null,
+                    "java",
+                    "-Duser.home=" + home,
+                    "-jar", jar.getAbsolutePath(),
+                    "-s", r.getURL().toString(),
+                    "who-am-i")
+            );
+            assertThat(baos.toString(), containsString("Authenticated as: anonymous"));
+        }
+    }
+
+    @Test
+    public void testEnvVarsWithoutAuthOption() throws Exception {
+        String token = getToken();
+        try (ByteArrayOutputStream baos = new ByteArrayOutputStream()) {
+            Map<String, String> envars = new HashMap<>();
+            envars.put("JENKINS_USER_ID", "admin");
+            envars.put("JENKINS_API_TOKEN", token);
+            assertEquals(0, launch(envars, baos, null,
+                    "java",
+                    "-Duser.home=" + home,
+                    "-jar", jar.getAbsolutePath(),
+                    "-s", r.getURL().toString(),
+                    "who-am-i")
+            );
+            assertThat(baos.toString(), containsString("Authenticated as: admin"));
+        }
+    }
+
+    @Test
+    public void testOnlyOneEnvVar() throws Exception {
+        String token = getToken();
+
+        // only JENKINS_USER_ID
+        try (ByteArrayOutputStream baos = new ByteArrayOutputStream()) {
+            Map<String, String> envars = new HashMap<>();
+            envars.put("JENKINS_USER_ID", "admin");
+            assertNotEquals(0, launch(envars,
+                                      "java",
+                                      "-Duser.home=" + home,
+                                      "-jar", jar.getAbsolutePath(),
+                                      "-s", r.getURL().toString(),
+                                      "who-am-i")
+            );
+        }
+
+        // only JENKINS_API_TOKEN
+        try (ByteArrayOutputStream baos = new ByteArrayOutputStream()) {
+            Map<String, String> envars = new HashMap<>();
+            envars.put("JENKINS_API_TOKEN", token);
+            assertNotEquals(0, launch(envars,
+                                      "java",
+                                      "-Duser.home=" + home,
+                                      "-jar", jar.getAbsolutePath(),
+                                      "-s", r.getURL().toString(),
+                                      "who-am-i")
+            );
+        }
+    }
+
+    @Test
+    public void testAuthOptionOverridesEnvVars() throws Exception {
+        String token = getToken();
+
+        try (ByteArrayOutputStream baos = new ByteArrayOutputStream()) {
+            Map<String, String> envars = new HashMap<>();
+            envars.put("JENKINS_USER_ID", "other-user");
+            envars.put("JENKINS_API_TOKEN", "other-user");
+            assertEquals(0, launch(envars, baos, null,
+                    "java",
+                    "-Duser.home=" + home,
+                    "-jar", jar.getAbsolutePath(),
+                    "-s", r.getURL().toString(),
+                    "-auth", String.format("%s:%s", "admin", token),
+                    "who-am-i")
+            );
+            assertThat(baos.toString(), containsString("Authenticated as: admin"));
+        }
+    }
+
+    private String getToken() {
+        ApiTokenTestHelper.enableLegacyBehavior();
+
+        r.jenkins.setSecurityRealm(r.createDummySecurityRealm());
+        r.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy().grant(Jenkins.ADMINISTER).everywhere().to("admin"));
+
+        return User.get("admin").getProperty(ApiTokenProperty.class).getApiToken();
+    }
+
+    private int launch(String... cmdArgs) throws Exception {
+        return launch(Collections.emptyMap(), cmdArgs);
+    }
+
+    private int launch(Map<String, String> envars, String... cmdArgs) throws Exception {
+        return launch(envars, null, null, cmdArgs);
+    }
+
+    private int launch(Map<String, String> envars, OutputStream out, OutputStream err, String... cmdArgs) throws Exception {
+        if (out == null) {
+            out = System.out;
+        }
+
+        if (err == null) {
+            err = System.err;
+        }
+
+        return new Launcher.LocalLauncher(StreamTaskListener.fromStderr())
+                .decorateByEnv(new EnvVars(envars))
+                .launch()
+                .cmds(cmdArgs)
+                .stdout(out)
+                .stderr(err)
+                .join();
+    }
+}
-- 
GitLab


From d411213546138cbd29eb2fc5e2425a2ff79558a9 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sat, 6 Oct 2018 16:27:32 +0200
Subject: [PATCH 799/863] Update parent POM to 1.49 to pick-up updates for
 JDK11 build flow

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index c809736be4..73df75e98e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci</groupId>
     <artifactId>jenkins</artifactId>
-    <version>1.48</version>
+    <version>1.49</version>
     <relativePath />
   </parent>
 
-- 
GitLab


From d6af830d19db1a0fcebea097cbbf3eaa33b30f5a Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sat, 6 Oct 2018 17:18:30 +0200
Subject: [PATCH 800/863] Winstone 5.1: Update Jetty to 9.4.12 in order to pick
 up fixes towards Java 11 support

---
 war/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/war/pom.xml b/war/pom.xml
index a2a1e2502a..1ab587db93 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -89,7 +89,7 @@ THE SOFTWARE.
       -->
       <groupId>org.jenkins-ci</groupId>
       <artifactId>winstone</artifactId>
-      <version>5.0</version>
+      <version>5.1</version>
       <scope>test</scope>
     </dependency>
     <dependency>
-- 
GitLab


From 56c6571d7342e25c521e0b83f268b16bf48ded12 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sun, 7 Oct 2018 19:19:36 +0200
Subject: [PATCH 801/863] [JENKINS-53792] - Update CLI help to advertise usage
 of credential files (#3684)

* [JENKINS-53792] - Update CLI help to advertise usage of credential files

* [JENKINS-53792] - Use redirect as suggested by @daniel-beck
---
 cli/src/main/resources/hudson/cli/client/Messages.properties | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/cli/src/main/resources/hudson/cli/client/Messages.properties b/cli/src/main/resources/hudson/cli/client/Messages.properties
index 44fa79c6fd..1dd17040cc 100644
--- a/cli/src/main/resources/hudson/cli/client/Messages.properties
+++ b/cli/src/main/resources/hudson/cli/client/Messages.properties
@@ -14,7 +14,8 @@ CLI.Usage=Jenkins CLI\n\
    -logger FINE : enable detailed logging from the client\n\
    -auth [ USER:SECRET | @FILE ] : specify username and either password or API token (or load from them both from a file);\n\
                                    for use with -http, or -remoting but only when the JNLP agent port is disabled.\n\
-                                   Not necessary if JENKINS_USER_ID and JENKINS_API_TOKEN env vars are set\n\
+                                   Passing crendentials by a file is recommended.\n\
+                                   See https://jenkins.io/redirect/cli-http-connection-mode for more info and options.\n\
   \n\
   The available commands depend on the server. Run the 'help' command to\n\
   see the list.
-- 
GitLab


From 4b32eac1129d03169af8a14deb4cccb00af8cc99 Mon Sep 17 00:00:00 2001
From: Zhao Xiaojie <zxjlwt@126.com>
Date: Mon, 8 Oct 2018 04:04:33 +0800
Subject: [PATCH 802/863] Add i18n support for "icon size" control hyperlinks
 (#3681)

* Add i18n support

* Add original localize file.
---
 .../main/resources/lib/hudson/iconSize.jelly  |  6 ++---
 .../resources/lib/hudson/iconSize.properties  | 26 +++++++++++++++++++
 2 files changed, 29 insertions(+), 3 deletions(-)
 create mode 100644 core/src/main/resources/lib/hudson/iconSize.properties

diff --git a/core/src/main/resources/lib/hudson/iconSize.jelly b/core/src/main/resources/lib/hudson/iconSize.jelly
index 5f5ec7f4b3..4dd5fbeff1 100644
--- a/core/src/main/resources/lib/hudson/iconSize.jelly
+++ b/core/src/main/resources/lib/hudson/iconSize.jelly
@@ -41,9 +41,9 @@ THE SOFTWARE.
       </d:taglib>
 
       <td xmlns:local="local">${%Icon}:
-        <local:iconSizeLink title="S" sz="16x16" />
-        <local:iconSizeLink title="M" sz="24x24" />
-        <local:iconSizeLink title="L" sz="32x32" />
+        <local:iconSizeLink title="${%S}" sz="16x16" />
+        <local:iconSizeLink title="${%M}" sz="24x24" />
+        <local:iconSizeLink title="${%L}" sz="32x32" />
       </td><td>
         <d:invokeBody />
       </td>
diff --git a/core/src/main/resources/lib/hudson/iconSize.properties b/core/src/main/resources/lib/hudson/iconSize.properties
new file mode 100644
index 0000000000..d4292959f9
--- /dev/null
+++ b/core/src/main/resources/lib/hudson/iconSize.properties
@@ -0,0 +1,26 @@
+# The MIT License
+#
+# Copyright (c) 2018, linuxsuren
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+Icon=Icon
+S=S
+M=M
+L=L
-- 
GitLab


From bb25e99fb1a3bfc3eb43a1e25d42c5dc40298a3c Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Thu, 27 Sep 2018 18:31:18 +0200
Subject: [PATCH 803/863] [JENKINS-51903] - Update Maven Compiler version in
 test to run with JDK8/11

---
 .../hudson/tasks/maven-test-failure.zip       | Bin 3040 -> 3052 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/test/src/test/resources/hudson/tasks/maven-test-failure.zip b/test/src/test/resources/hudson/tasks/maven-test-failure.zip
index 1f105f67f2a5f44cd6fc828e056d7de045123f51..5a06502be74972993fd31ab719275953c1af28c4 100644
GIT binary patch
literal 3052
zcmWIWW@Zs#-~hss$=1FMNPwL|fT18iSFa*BCp3bGp__GW^dFYB(cc(F7<z+G=QSG$
z?0K#o@b1Qw!WBwgSLQ`&W-6(!s_Krpt-35h`L@Ha?_ar{ghF4P-E0kn9b2X?S`gv>
zeASazg;ke!#W_YSoL1D3)#5M0G4t@<GUn+Dj3=)cho>K9E4yC0All-djc3}2<jwb_
z6I+vxO?8tAUL2IOG^SA3;F8aWdY$fnNjseG==Gm8WK4Hmc2lM6l9xc#zTlN-zMSFp
zco=$iQjzAYUsF@kcr>E?Of5`ZIQdLMty*hu2Ti>4hC4C$LGfX)q6s?ZSK3%ST9LW)
z*lqJulIJ%wofL^%kh?9ho+<6)zqgs&>u<^h-3V8o_9;_5V$<AEGq+VXQU(0^MlGv<
z2(vy7?O7oC^Xv7)i&jN?roM6A-r2Oqd?y3{w>fX0PFlx%{9e_QIm-=PHsw2IpW=Kv
z<D$UppkI=0Uzc^a8P`rvoTFgyPL{uJdV<;h?W;Ge$b7bcOFjGJ>v?WBB+U-~$)Ds~
z#~9$v&QW79Lo=C?fx(cOfgu1GPh8;G+1Zk0jTB7`EWmgwE=tx1Mbb22B%S;7&I=St
zxOH$sb(EwQmyn>14_RAQVp$>ydWA6b<`<=tpkD&3{;aaRR8o8(kH?gZ(v;%-JUmYN
ziWcrFgbhOpV7tGFc!A_NbQ3L!G|{OvGbbgaC^J1hwI~D_hkBsMfaOt`HKx6We84=)
zQoa9?3u~{v!*m<Pnga*hEe*`9<|_srx!){!Gi&M0tLv7{?{)5Y^JNRGh;7>Jqzg@+
zQA;x-mAQQ^C%kAp+f@A|vRu7(R?G5@&$cg@tI7{*a#zc@R(n37oB4+zkJ-U`hIrQW
zcNfJ@I#pI3Wldf3;MFrTFE;0W>$vu3rLCFuZBe_`6@E}!Ui@y>+HPR7-3`QqQ)X^r
zCcdaZ&jPTN3D!nt%0%cTFJ+?YCpTqcGlgKvynrKR;xP;*WqwC0F(4`PG@6OV(3DBY
zM6c4~5=ZBp#NuL<H2Dr{fwqUwIX@r&&=dMz*H3Gm_SU_4TEkcK-1*Dep1OJ)pFPsj
z@I7_XC(PrVr;c9O2Q6K_!V)&))jP9x0+S3o$IDai)>#3Qj}15pF*1oVBPuTBqLQ6~
z2dDxJ9F{bKXm~Zo0k6gayg>%wDp3&zymedwEP)~AD+j!M#iyGS$@;gBx1hSA0ZyC|
zd?-c;GC>>wHUgTui8DtC#T;J@b08_5II|>B%<9Ez7A(~hXQDiciI?%12+sl74Ms0V
zRZt980M?$M_(KFA$lDO7LJdZV98duYiC;u1ja+(JBALFVv4}|1ag^DR1c|T`dxAtw
zQY9=94}mjdXax2!!7L(?)AVX&BPd8x&oRs)KS`;xB6$n!CPX|D>r2!mm5awj0!a$9
zNJS35U4#urNm8H!7CA|QidW>)%ors}@vz|z2;>BdQP@Hf6R5Ba@MZ-X!T>C_1sLRk
Jj@=IC0RR!xZ{z>~

literal 3040
zcmWIWW@Zs#U|`^2aI;Oa&fB}{sX8MALkJTC13QB#LqUG7UPW$BXb2|*^X0$qyq?#+
z_X@3GVfe}@!q7YEY~Eo7ftL4`T-x6mGK*FyT@R|xTDqh&W%VmvrwyeAxeg8WzrG!v
zu;tsrp!_#yw(n+Ey6P5sAjZgK>lXgg-NjYyh0fL!I<ijbHB8a`__E?aw2MHbTakIh
zN9XUg{l9!4yyJ*`{Qa=q_g>yu&P>^<JT=ort)-9bO}fIV`hTO&&u)%Gt8ULbIdj3m
zPpR8HCT$6nd1Y>J&HwzN29fhy1hsmzzH*=cBN0+6B(rPF9j#88i0O}J+b+6d@zHVS
z=cmEiS#c79(-OKE{LW1LdebgbGi7Gzl_fv6%bb0;YyN_-TJ^OyPtPA$I%-~Os3c?J
z!8eI>L-P5MUtNb(YOZ=2@=L$*T&8X4FS+3ME#6)3uRXg~=gzz|;pp*>=QG&OKlXVw
z;YPgWza=>zc>{m}%moZ!28NwBN!DNnlwbh{aB)$xJ~(vG{dwmlUXKV}+}b#y+Hw;!
z^GMaphpaa%u`H2P1B5UP$S+DK)es4+hGdoHrIwItlsq1zGD=g5^9csg1+-XEA#7qv
zYBAKI-?79RBsZM~8vF9pyLDE;$hHAuV<L_9DlIN?bk0dEF4hCZ4>)bS1KLtshDaOQ
z9zN&%eEdUC=zCp1t##U4_u^>{U(IvpFKc`1>TP`XNK3=_)JdN(k8_?ndSM^5boB~L
z*o;^2%-YF7I8`D1Mtq8dr7EyqN>UZV018qSsv#7mDr`m(m#V(vNL6@D1WSSA+YVUL
zqL&4bR0T42@w-`TyMZZcHxOGwQxzd&ok}xvQbLL{)6-LnLV&3kk+wi~A*U_VUPHcS
z0|A!m{f}H&d+i;j+bGr?IM{A!U}iO6G3dzsX2F|TOJ`nPw`_i|bH|%6TUbSG(`F}K
zX!49&nh~kY?PEFNMdR6~>L-!q>b0|4mT!EveYsp!eo&LUTE4Z~^9kL|KLmNq4%Rco
zv!=hhD0b4Rvg#;n>XHYqo|$>EIqzG?wLdFu&8%;W+O4ke2Y53wi8JG>oOprWXJ7!<
zRSZiSK`eMx#R{paLMs@6$sJ?@uF@A`0t15p!&}Ehph1wb7^oeT@(F3@WI)zF1F9Wb
zCKG7}ABq`Qkj;SRA|eeELNQ1bSb2l|0(K18AV_W^(l7}W!=kVn2Fq1M8Yz!r<Wf9F
z!gCi6lQBzc<Y@R#*kouf0~!x1yAiRBtJFqLW`4}r0u~Y$P=|w!$0);rwt>oUgl*W9
zBx;&^2el31Vq(%IYMRnwfw&lK1|?}K8^a(9($og5hEbHJe&aEcP@2LltC7=`FDrTw
uf_#n{>7gOOSO%4*h*-u|W+SJmB}5vJqXb8>la&or5DEaHKG4+JU>*Q~&rkgT

-- 
GitLab


From fc224f59959d6ec93dae3d9b56a08f0bff89b613 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Sun, 7 Oct 2018 22:45:27 +0200
Subject: [PATCH 804/863] [JENKINS-53863] - BuildTriggerTest should be Running
 with Maven 3

---
 test/src/test/java/hudson/tasks/BuildTriggerTest.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/src/test/java/hudson/tasks/BuildTriggerTest.java b/test/src/test/java/hudson/tasks/BuildTriggerTest.java
index 206bbd0614..e795df6f4e 100644
--- a/test/src/test/java/hudson/tasks/BuildTriggerTest.java
+++ b/test/src/test/java/hudson/tasks/BuildTriggerTest.java
@@ -158,7 +158,7 @@ public class BuildTriggerTest {
             }
         }
         FreeStyleProject dp = createDownstreamProject();
-        ToolInstallations.configureDefaultMaven();
+        ToolInstallations.configureMaven3();
         MavenModuleSet m = j.jenkins.createProject(MavenModuleSet.class, "p");
         m.getPublishersList().add(new BuildTrigger("downstream", evenWhenUnstable));
         if (!evenWhenUnstable) {
-- 
GitLab


From 97a853112d60905988959ea80f95f7b555f1aa02 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 7 Oct 2018 19:17:41 -0700
Subject: [PATCH 805/863] [maven-release-plugin] prepare release jenkins-2.145

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 670e416a26..fdf4b3077a 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.145</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index a940e93423..15223d867a 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.145</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 2253973dc3..2432ef3303 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.145</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.145</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 7f08f9b914..7d63f37627 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.145</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index a2a1e2502a..bd331970b4 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.145</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From edd303e91747380043723c1b4c7dc843b91afa51 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 7 Oct 2018 19:17:54 -0700
Subject: [PATCH 806/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 6 +++---
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index fdf4b3077a..670e416a26 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.145</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 15223d867a..a940e93423 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.145</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 2432ef3303..5207f1d1e4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.145</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.145</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.145</revision>
+    <revision>2.146</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 7d63f37627..7f08f9b914 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.145</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index bd331970b4..a2a1e2502a 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.145</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 6349e8d76f515b8e5cf042c254e23eb2e9e51cfe Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 8 Oct 2018 13:10:10 -0700
Subject: [PATCH 807/863] [maven-release-plugin] prepare release jenkins-2.146

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 670e416a26..d4da00f188 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.146</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 5ab694f70a..9ba1c5957f 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.146</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 5207f1d1e4..8ef0e3f6a6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.146</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.146</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 7f08f9b914..fc2a6bea59 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.146</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index a2a1e2502a..2fff9e031f 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.146</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 4eb2a390f0737c5f2dda540b4691d49779154777 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 8 Oct 2018 13:10:14 -0700
Subject: [PATCH 808/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 6 +++---
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index d4da00f188..670e416a26 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.146</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 9ba1c5957f..5ab694f70a 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.146</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 8ef0e3f6a6..952055e849 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.146</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.146</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.146</revision>
+    <revision>2.147</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index fc2a6bea59..7f08f9b914 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.146</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 2fff9e031f..a2a1e2502a 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.146</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 0aea34735db62a5f7f11c76770114b4de99fc1ab Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Tue, 9 Oct 2018 03:20:34 -0400
Subject: [PATCH 809/863] cli: Fix up usage message (#3676)

The properties file naively assumed that leading spaces would be honored.
-- They are not. To get some indentation, one needs to escape a space first.

Further, for no particular reason, the last paragraph had a hard wrap.

Finally, since this commit has to reindent the entire block, fix the alignment of the `:`s
for most of the options.
(-auth is a mess and should be rewritten)
---
 .../hudson/cli/client/Messages.properties     | 32 +++++++++----------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/cli/src/main/resources/hudson/cli/client/Messages.properties b/cli/src/main/resources/hudson/cli/client/Messages.properties
index 1dd17040cc..2e7fde44cb 100644
--- a/cli/src/main/resources/hudson/cli/client/Messages.properties
+++ b/cli/src/main/resources/hudson/cli/client/Messages.properties
@@ -1,23 +1,23 @@
 CLI.Usage=Jenkins CLI\n\
   Usage: java -jar jenkins-cli.jar [-s URL] command [opts...] args...\n\
   Options:\n\
-   -s URL       : the server URL (defaults to the JENKINS_URL env var)\n\
-   -http        : use a plain CLI protocol over HTTP(S) (the default; mutually exclusive with -ssh and -remoting)\n\
-   -ssh         : use SSH protocol (requires -user; SSH port must be open on server, and user must have registered a public key)\n\
-   -remoting    : use deprecated Remoting channel protocol (if enabled on server; for compatibility with legacy commands or command modes only)\n\
-   -i KEY       : SSH private key file used for authentication (for use with -ssh or -remoting)\n\
-   -p HOST:PORT : HTTP proxy host and port for HTTPS proxy tunneling. See https://jenkins.io/redirect/cli-https-proxy-tunnel\n\
-   -noCertificateCheck : bypass HTTPS certificate check entirely. Use with caution\n\
-   -noKeyAuth   : don't try to load the SSH authentication private key. Conflicts with -i\n\
-   -user        : specify user (for use with -ssh)\n\
-   -strictHostKey : request strict host key checking (for use with -ssh)\n\
-   -logger FINE : enable detailed logging from the client\n\
-   -auth [ USER:SECRET | @FILE ] : specify username and either password or API token (or load from them both from a file);\n\
-                                   for use with -http, or -remoting but only when the JNLP agent port is disabled.\n\
-                                   Passing crendentials by a file is recommended.\n\
-                                   See https://jenkins.io/redirect/cli-http-connection-mode for more info and options.\n\
+  \ -s URL              : the server URL (defaults to the JENKINS_URL env var)\n\
+  \ -http               : use a plain CLI protocol over HTTP(S) (the default; mutually exclusive with -ssh and -remoting)\n\
+  \ -ssh                : use SSH protocol (requires -user; SSH port must be open on server, and user must have registered a public key)\n\
+  \ -remoting           : use deprecated Remoting channel protocol (if enabled on server; for compatibility with legacy commands or command modes only)\n\
+  \ -i KEY              : SSH private key file used for authentication (for use with -ssh or -remoting)\n\
+  \ -p HOST:PORT        : HTTP proxy host and port for HTTPS proxy tunneling. See https://jenkins.io/redirect/cli-https-proxy-tunnel\n\
+  \ -noCertificateCheck : bypass HTTPS certificate check entirely. Use with caution\n\
+  \ -noKeyAuth          : don't try to load the SSH authentication private key. Conflicts with -i\n\
+  \ -user               : specify user (for use with -ssh)\n\
+  \ -strictHostKey      : request strict host key checking (for use with -ssh)\n\
+  \ -logger FINE        : enable detailed logging from the client\n\
+  \ -auth [ USER:SECRET | @FILE ] : specify username and either password or API token (or load from them both from a file);\n\
+  \                                 for use with -http, or -remoting but only when the JNLP agent port is disabled.\n\
+  \                                 Passing crendentials by a file is recommended.\n\
+  \                                 See https://jenkins.io/redirect/cli-http-connection-mode for more info and options.\n\
   \n\
-  The available commands depend on the server. Run the 'help' command to\n\
+  The available commands depend on the server. Run the 'help' command to \
   see the list.
 CLI.NoURL=Neither -s nor the JENKINS_URL env var is specified.
 CLI.VersionMismatch=Version mismatch. This CLI cannot work with this Jenkins server.
-- 
GitLab


From fa154b77d14a5d75ec45f2a9f28810b671a34a1a Mon Sep 17 00:00:00 2001
From: Thorsten Scherler <scherler@gmail.com>
Date: Wed, 10 Oct 2018 14:35:05 +0200
Subject: [PATCH 810/863] [JENKINS-53462] Use a workaround to submit the form
 with a trusted event. No comments on the underlying insanity of
 hudson-behavior.

---
 war/src/main/webapp/scripts/hudson-behavior.js | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/war/src/main/webapp/scripts/hudson-behavior.js b/war/src/main/webapp/scripts/hudson-behavior.js
index 5b98df43e7..e11a3f7342 100644
--- a/war/src/main/webapp/scripts/hudson-behavior.js
+++ b/war/src/main/webapp/scripts/hudson-behavior.js
@@ -517,7 +517,16 @@ function registerRegexpValidator(e,regexp,message) {
  *      YUI Button widget.
  */
 function makeButton(e,onclick) {
-    var h = e.onclick;
+    var type = e.type;
+    var h = e.onclick || function (event) {
+        if (type && type.toLowerCase() === 'submit') {
+            var target = event.target;
+            var form = findAncestor(target, "FORM");
+            form.submit();
+        } else {
+            //FIXME: get some usecases for else
+        }
+    };
     var clsName = e.className;
     var n = e.name;
     var btn = new YAHOO.widget.Button(e,{});
-- 
GitLab


From d67e59a1765d543b29b496e58de1cf8fce605d08 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Thu, 11 Oct 2018 01:38:28 +0200
Subject: [PATCH 811/863] Adapt to stapler/stapler#149

---
 core/pom.xml                                      | 2 +-
 core/src/main/java/hudson/model/AbstractItem.java | 7 +------
 core/src/main/java/hudson/model/Run.java          | 7 +------
 core/src/main/java/hudson/model/User.java         | 9 ++-------
 4 files changed, 5 insertions(+), 20 deletions(-)

diff --git a/core/pom.xml b/core/pom.xml
index 5ab694f70a..259c480351 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -39,7 +39,7 @@ THE SOFTWARE.
 
   <properties>
     <staplerFork>true</staplerFork>
-    <stapler.version>1.254.2</stapler.version>
+    <stapler.version>1.255-null-1-SNAPSHOT</stapler.version>
     <spring.version>2.5.6.SEC03</spring.version>
     <groovy.version>2.4.12</groovy.version>
   </properties>
diff --git a/core/src/main/java/hudson/model/AbstractItem.java b/core/src/main/java/hudson/model/AbstractItem.java
index 92303466d0..1374429381 100644
--- a/core/src/main/java/hudson/model/AbstractItem.java
+++ b/core/src/main/java/hudson/model/AbstractItem.java
@@ -942,12 +942,7 @@ public abstract class AbstractItem extends Actionable implements Item, HttpDelet
     public Object getTarget() {
         if (!SKIP_PERMISSION_CHECK) {
             if (!getACL().hasPermission(Item.DISCOVER)) {
-                // work around Stapler bug when returning null from getTarget()
-                try {
-                    Stapler.getCurrentResponse().sendError(SC_NOT_FOUND); // send same response body Stapler would send
-                } catch (IOException ex) {
-                    throw HttpResponses.notFound();
-                }
+                return null;
             }
             getACL().checkPermission(Item.READ);
         }
diff --git a/core/src/main/java/hudson/model/Run.java b/core/src/main/java/hudson/model/Run.java
index 5fdff73308..6b9c3fbbd9 100644
--- a/core/src/main/java/hudson/model/Run.java
+++ b/core/src/main/java/hudson/model/Run.java
@@ -2580,12 +2580,7 @@ public abstract class Run <JobT extends Job<JobT,RunT>,RunT extends Run<JobT,Run
         if (!SKIP_PERMISSION_CHECK) {
             // This is a bit weird, but while the Run's PermissionScope does not have READ, delegate to the parent
             if (!getParent().hasPermission(Item.DISCOVER)) {
-                // work around Stapler bug when returning null from getTarget()
-                try {
-                    Stapler.getCurrentResponse().sendError(SC_NOT_FOUND); // send same response body Stapler would send
-                } catch (IOException ex) {
-                    throw HttpResponses.notFound();
-                }
+                return null;
             }
             getParent().checkPermission(Item.READ);
         }
diff --git a/core/src/main/java/hudson/model/User.java b/core/src/main/java/hudson/model/User.java
index 0c27142058..654d41432f 100644
--- a/core/src/main/java/hudson/model/User.java
+++ b/core/src/main/java/hudson/model/User.java
@@ -1123,13 +1123,8 @@ public class User extends AbstractModelObject implements AccessControlled, Descr
     @Restricted(NoExternalUse.class)
     public Object getTarget() {
         if (!SKIP_PERMISSION_CHECK) {
-            if (!Jenkins.getInstance().hasPermission(Jenkins.READ)) {
-                // work around Stapler bug when returning null from getTarget()
-                try {
-                    Stapler.getCurrentResponse().sendError(SC_NOT_FOUND); // send same response body Stapler would send
-                } catch (IOException ex) {
-                    throw HttpResponses.notFound();
-                }
+            if (!Jenkins.get().hasPermission(Jenkins.READ)) {
+                return null;
             }
         }
         return this;
-- 
GitLab


From 934d620c16c50732d020c9033f9e945525105090 Mon Sep 17 00:00:00 2001
From: Nicolas De Loof <nicolas.deloof@gmail.com>
Date: Thu, 11 Oct 2018 09:35:28 +0200
Subject: [PATCH 812/863] Add link to
 https://jenkins.io/redirect/hudson.util.Secret/

Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
---
 core/src/main/java/hudson/util/Secret.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/util/Secret.java b/core/src/main/java/hudson/util/Secret.java
index a584cff90e..09c7c683e9 100644
--- a/core/src/main/java/hudson/util/Secret.java
+++ b/core/src/main/java/hudson/util/Secret.java
@@ -96,7 +96,7 @@ public final class Secret implements Serializable {
     @Deprecated
     public String toString() {
         final String from = new Throwable().getStackTrace()[1].toString();
-        LOGGER.warning("Use of toString() on hudson.util.Secret from "+from+". Prefer getPlainText() or getEncryptedValue() depending your needs.");
+        LOGGER.warning("Use of toString() on hudson.util.Secret from "+from+". Prefer getPlainText() or getEncryptedValue() depending your needs. see https://jenkins.io/redirect/hudson.util.Secret/");
         return value;
     }
 
-- 
GitLab


From 5397a2e41158d5187188b5d9e21603697680d04e Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Thu, 11 Oct 2018 15:20:42 +0200
Subject: [PATCH 813/863] Released version of Stapler

---
 core/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/pom.xml b/core/pom.xml
index 259c480351..cbbf3f3061 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -39,7 +39,7 @@ THE SOFTWARE.
 
   <properties>
     <staplerFork>true</staplerFork>
-    <stapler.version>1.255-null-1-SNAPSHOT</stapler.version>
+    <stapler.version>1.255</stapler.version>
     <spring.version>2.5.6.SEC03</spring.version>
     <groovy.version>2.4.12</groovy.version>
   </properties>
-- 
GitLab


From d1cbb20b02b251bfe8b4c50617aabcfd8221e846 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Fri, 12 Oct 2018 23:25:07 +0200
Subject: [PATCH 814/863] Add telemetry for Stapler dispatches (#3688)

* Add telemetry for Stapler dispatches

* Add TODO

* Released version of Stapler
---
 .../telemetry/impl/StaplerDispatches.java     | 120 ++++++++++++++++++
 .../impl/StaplerDispatches/description.jelly  |   7 +
 2 files changed, 127 insertions(+)
 create mode 100644 core/src/main/java/jenkins/telemetry/impl/StaplerDispatches.java
 create mode 100644 core/src/main/resources/jenkins/telemetry/impl/StaplerDispatches/description.jelly

diff --git a/core/src/main/java/jenkins/telemetry/impl/StaplerDispatches.java b/core/src/main/java/jenkins/telemetry/impl/StaplerDispatches.java
new file mode 100644
index 0000000000..023c7cd201
--- /dev/null
+++ b/core/src/main/java/jenkins/telemetry/impl/StaplerDispatches.java
@@ -0,0 +1,120 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.telemetry.impl;
+
+import hudson.Extension;
+import hudson.PluginWrapper;
+import hudson.model.UsageStatistics;
+import hudson.util.VersionNumber;
+import jenkins.model.Jenkins;
+import jenkins.telemetry.Telemetry;
+import jenkins.util.SystemProperties;
+import net.sf.json.JSONObject;
+import org.kohsuke.MetaInfServices;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+import org.kohsuke.stapler.EvaluationTrace;
+import org.kohsuke.stapler.StaplerRequest;
+
+import javax.annotation.Nonnull;
+import java.text.DateFormat;
+import java.text.SimpleDateFormat;
+import java.time.LocalDate;
+import java.util.Date;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.TimeZone;
+import java.util.TreeMap;
+import java.util.TreeSet;
+
+/**
+ * Telemetry implementation gathering information about Stapler dispatch routes.
+ */
+@Extension
+@Restricted(NoExternalUse.class)
+public class StaplerDispatches extends Telemetry {
+    @Nonnull
+    @Override
+    public LocalDate getStart() {
+        return LocalDate.of(2018, 10, 10);
+    }
+
+    @Nonnull
+    @Override
+    public LocalDate getEnd() {
+        return LocalDate.of(2019, 2, 1);
+    }
+
+    @Nonnull
+    @Override
+    public String getDisplayName() {
+        return "Stapler request handling";
+    }
+
+    @Nonnull
+    @Override
+    public JSONObject createContent() {
+        Map<String, Object> info = new TreeMap<>();
+        info.put("components", buildComponentInformation());
+        info.put("dispatches", buildDispatches());
+
+        return JSONObject.fromObject(info);
+    }
+
+    private Object buildDispatches() {
+        Set<String> currentTraces = traces;
+        traces = new TreeSet<>();
+        return currentTraces;
+    }
+
+    private Object buildComponentInformation() {
+        Map<String, String> components = new TreeMap<>();
+        VersionNumber core = Jenkins.getVersion();
+        components.put("jenkins-core", core == null ? "" : core.toString());
+
+        for (PluginWrapper plugin : Jenkins.get().pluginManager.getPlugins()) {
+            if (plugin.isActive()) {
+                components.put(plugin.getShortName(), plugin.getVersion());
+            }
+        }
+        return components;
+    }
+
+    @MetaInfServices
+    public static class StaplerTrace extends EvaluationTrace.ApplicationTracer {
+
+        @Override
+        protected void record(StaplerRequest staplerRequest, String s) {
+            if (UsageStatistics.DISABLED || !Jenkins.get().isUsageStatisticsCollected()) {
+                // TODO use new API after jenkinsci/jenkins#3687 is merged
+                // do not collect traces while usage statistics are disabled
+                return;
+            }
+            traces.add(s);
+        }
+    }
+
+    private static volatile Set<String> traces = new TreeSet<>();
+}
diff --git a/core/src/main/resources/jenkins/telemetry/impl/StaplerDispatches/description.jelly b/core/src/main/resources/jenkins/telemetry/impl/StaplerDispatches/description.jelly
new file mode 100644
index 0000000000..f0fa694b92
--- /dev/null
+++ b/core/src/main/resources/jenkins/telemetry/impl/StaplerDispatches/description.jelly
@@ -0,0 +1,7 @@
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core">
+    Stapler is the web framework used by Jenkins.
+    To help develop an upcoming major revision of the framework, this trial collects information about how Stapler processes HTTP requests.
+    In addition to references to classes, methods, and Stapler-related resource files involved in Stapler request processing, this trial collects the names of installed plugins, their versions, and the version of Jenkins core.
+    It does <strong>not</strong> collect URLs or any user data.
+</j:jelly>
-- 
GitLab


From 5e9e4988f54733fbf873eea4bbf1d3541d0824c1 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Fri, 12 Oct 2018 23:25:45 +0200
Subject: [PATCH 815/863] Collect information on Accept-Language header values
 (#3687)

* Collect information on Accept-Language header values

* Skip null values

* Address review feedback, do not record while disabled

* Address FindBugs problem
---
 .../java/jenkins/telemetry/Telemetry.java     |  12 +-
 .../jenkins/telemetry/impl/UserLanguages.java | 143 ++++++++++++++++++
 .../impl/UserLanguages/description.jelly      |   5 +
 3 files changed, 158 insertions(+), 2 deletions(-)
 create mode 100644 core/src/main/java/jenkins/telemetry/impl/UserLanguages.java
 create mode 100644 core/src/main/resources/jenkins/telemetry/impl/UserLanguages/description.jelly

diff --git a/core/src/main/java/jenkins/telemetry/Telemetry.java b/core/src/main/java/jenkins/telemetry/Telemetry.java
index 002c9492a3..65214750e2 100644
--- a/core/src/main/java/jenkins/telemetry/Telemetry.java
+++ b/core/src/main/java/jenkins/telemetry/Telemetry.java
@@ -76,7 +76,7 @@ public abstract class Telemetry implements ExtensionPoint {
      * Good IDs are globally unique and human readable (i.e. no UUIDs).
      *
      * For a periodically updated list of all public implementations, see https://jenkins.io/doc/developer/extensions/jenkins-core/#telemetry
-     * 
+     *
      * @return ID of the collector, never null or empty
      */
     @Nonnull
@@ -126,6 +126,14 @@ public abstract class Telemetry implements ExtensionPoint {
         return ExtensionList.lookup(Telemetry.class);
     }
 
+    /**
+     * @since TODO
+     * @return whether to collect telemetry
+     */
+    public static boolean isDisabled() {
+        return UsageStatistics.DISABLED || !Jenkins.get().isUsageStatisticsCollected();
+    }
+
     @Extension
     public static class TelemetryReporter extends AsyncPeriodicWork {
 
@@ -140,7 +148,7 @@ public abstract class Telemetry implements ExtensionPoint {
 
         @Override
         protected void execute(TaskListener listener) throws IOException, InterruptedException {
-            if (UsageStatistics.DISABLED || !Jenkins.getInstance().isUsageStatisticsCollected()) {
+            if (isDisabled()) {
                 LOGGER.info("Collection of anonymous usage statistics is disabled, skipping telemetry collection and submission");
                 return;
             }
diff --git a/core/src/main/java/jenkins/telemetry/impl/UserLanguages.java b/core/src/main/java/jenkins/telemetry/impl/UserLanguages.java
new file mode 100644
index 0000000000..3dd93334e9
--- /dev/null
+++ b/core/src/main/java/jenkins/telemetry/impl/UserLanguages.java
@@ -0,0 +1,143 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2018, Daniel Beck
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.telemetry.impl;
+
+import hudson.Extension;
+import hudson.init.Initializer;
+import hudson.util.PluginServletFilter;
+import jenkins.telemetry.Telemetry;
+import net.sf.json.JSONObject;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+
+import javax.annotation.Nonnull;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import java.io.IOException;
+import java.time.LocalDate;
+import java.util.Map;
+import java.util.TreeMap;
+import java.util.concurrent.atomic.AtomicLong;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+@Extension
+@Restricted(NoExternalUse.class)
+public class UserLanguages extends Telemetry {
+
+    private static volatile Map<String, AtomicLong> requestsByLanguage = new TreeMap<>();
+    private static Logger LOGGER = Logger.getLogger(UserLanguages.class.getName());
+
+    @Nonnull
+    @Override
+    public String getId() {
+        return UserLanguages.class.getName();
+    }
+
+    @Nonnull
+    @Override
+    public String getDisplayName() {
+        return "Browser languages";
+    }
+
+    @Nonnull
+    @Override
+    public LocalDate getStart() {
+        return LocalDate.of(2018, 10, 1);
+    }
+
+    @Nonnull
+    @Override
+    public LocalDate getEnd() {
+        return LocalDate.of(2019, 1, 1);
+    }
+
+    @Nonnull
+    @Override
+    public JSONObject createContent() {
+        JSONObject payload = new JSONObject();
+        Map<String, AtomicLong> currentRequests = requestsByLanguage;
+        requestsByLanguage = new TreeMap<>();
+        for (Map.Entry<String, AtomicLong> entry : currentRequests.entrySet()) {
+            payload.put(entry.getKey(), entry.getValue().longValue());
+        }
+        return payload;
+    }
+
+    @Initializer
+    public static void setUpFilter() {
+        Filter filter = new AcceptLanguageFilter();
+        if (!PluginServletFilter.hasFilter(filter)) {
+            try {
+                PluginServletFilter.addFilter(filter);
+            } catch (ServletException ex) {
+                LOGGER.log(Level.WARNING, "Failed to set up languages servlet filter", ex);
+            }
+        }
+    }
+
+    public static final class AcceptLanguageFilter implements Filter {
+
+        @Override
+        public void init(FilterConfig filterConfig) {
+
+        }
+
+        @Override
+        public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+            if (request instanceof HttpServletRequest && !Telemetry.isDisabled()) {
+                HttpServletRequest httpServletRequest = (HttpServletRequest) request;
+                String language = httpServletRequest.getHeader("Accept-Language");
+                if (language != null) {
+                    if (!requestsByLanguage.containsKey(language)) {
+                        requestsByLanguage.put(language, new AtomicLong(0));
+                    }
+                    requestsByLanguage.get(language).incrementAndGet();
+                }
+            }
+            chain.doFilter(request, response);
+        }
+
+        @Override
+        public void destroy() {
+
+        }
+
+        @Override
+        public boolean equals(Object obj) { // support PluginServletFilter#hasFilter
+            return obj != null && obj.getClass() == AcceptLanguageFilter.class;
+        }
+
+        // findbugs
+        @Override
+        public int hashCode() {
+            return 42;
+        }
+    }
+}
diff --git a/core/src/main/resources/jenkins/telemetry/impl/UserLanguages/description.jelly b/core/src/main/resources/jenkins/telemetry/impl/UserLanguages/description.jelly
new file mode 100644
index 0000000000..5035e41bb0
--- /dev/null
+++ b/core/src/main/resources/jenkins/telemetry/impl/UserLanguages/description.jelly
@@ -0,0 +1,5 @@
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core">
+    This trial collects information about the prevalence of <code>Accept-Language</code> header values among Jenkins users' browsers to help guide localization efforts.
+    We collect the values of the Accept-Language headers and the number of requests sent to Jenkins with each of the headers.
+</j:jelly>
-- 
GitLab


From b5d3759151d5eda0ce1b92fdf3604a67ad8c68d8 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 14 Oct 2018 02:33:32 -0700
Subject: [PATCH 816/863] [maven-release-plugin] prepare release jenkins-2.147

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 670e416a26..7e5ddcec25 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.147</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index cbbf3f3061..4647fec39c 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.147</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 952055e849..279c63c468 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.147</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.147</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 7f08f9b914..0a1b735b5a 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.147</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 1ab587db93..abbf5c770e 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.147</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 44363acab454bee8868206479f0976b837c62ea9 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 14 Oct 2018 02:33:39 -0700
Subject: [PATCH 817/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 6 +++---
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 7e5ddcec25..670e416a26 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.147</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 4647fec39c..cbbf3f3061 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.147</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 279c63c468..39c6d35edc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.147</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.147</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.147</revision>
+    <revision>2.148</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 0a1b735b5a..7f08f9b914 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.147</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index abbf5c770e..1ab587db93 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.147</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 34e7172084f09291dd988e6883b4afe6868840e3 Mon Sep 17 00:00:00 2001
From: suren <zxjlwt@126.com>
Date: Sun, 14 Oct 2018 21:46:12 +0800
Subject: [PATCH 818/863] Add Chinese localization for scheduler

---
 .../scheduler/Messages_zh_CN.properties       | 29 +++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 core/src/main/resources/hudson/scheduler/Messages_zh_CN.properties

diff --git a/core/src/main/resources/hudson/scheduler/Messages_zh_CN.properties b/core/src/main/resources/hudson/scheduler/Messages_zh_CN.properties
new file mode 100644
index 0000000000..56ab74da14
--- /dev/null
+++ b/core/src/main/resources/hudson/scheduler/Messages_zh_CN.properties
@@ -0,0 +1,29 @@
+# The MIT License
+# 
+# Copyright (c) 2018, linuxsuren
+# 
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+# 
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+BaseParser.StartEndReversed=\u60A8\u7684\u610F\u601D\u662F\u4ECE {0} \u5230 {1}\uFF1F
+BaseParser.MustBePositive=\u95F4\u9694\u503C\u5FC5\u987B\u4E3A\u6B63\u6574\u6570\uFF0C\u800C\u4E0D\u662F {0}
+BaseParser.OutOfRange={0} \u662F\u4E00\u4E2A\u975E\u6CD5\u503C\u3002\u5FC5\u987B\u5728 {1} \u548C {2} \u4E4B\u95F4
+CronTab.do_you_really_mean_every_minute_when_you=\u5F53\u60A8\u8F93\u5165 "{0}" \u65F6\uFF0C\u610F\u601D\u4E3A"\u6BCF\u5206\u949F"\uFF1F\u4E5F\u8BB8\u60A8\u5E0C\u671B "{1}" \u6BCF\u5C0F\u65F6\u8F6E\u8BE2
+CronTab.short_cycles_in_the_day_of_month_field_w=\u4EE5\u6708\u4E3A\u5468\u671F\u7684\u77ED\u5FAA\u73AF\u5B57\u6BB5\u5728\u6708\u672B\u65F6\u53EF\u80FD\u4F1A\u6709\u5947\u602A\u7684\u884C\u4E3A
+CronTab.spread_load_evenly_by_using_rather_than_=\u5206\u6563\u8D1F\u8F7D\u5E94\u8BE5\u7528 \u2018{0}\u2019 \u800C\u4E0D\u662F \u2018{1}\u2019
+CronTabList.InvalidInput=\u975E\u6CD5\u8F93\u5165\uFF1A"{0}": {1}
-- 
GitLab


From fe8d0d5e7c31bc938c90708c895780ce0be80fbd Mon Sep 17 00:00:00 2001
From: M Ramon Leon <manuelramonleonjimenez@gmail.com>
Date: Mon, 15 Oct 2018 10:06:21 +0200
Subject: [PATCH 819/863] [JENKINS-27177] Add strategies to disable plugins.
 Move process to core

Move the process to core to be reusable, not only for the cli command.
Add optionalDependants list to PluginWrapper to process them easily.

Replace (depreacate) the disable method without checks by this one with
strategies.

Improve messages and tests
---
 .gitignore                                    |   3 +
 core/src/main/java/hudson/PluginManager.java  | 143 +++++-----
 core/src/main/java/hudson/PluginWrapper.java  | 227 +++++++++++++++-
 .../java/hudson/cli/DisablePluginCommand.java | 205 ++++++++++----
 .../main/resources/hudson/Messages.properties |   4 +
 .../resources/hudson/Messages_es.properties   |   4 +
 .../resources/hudson/cli/Messages.properties  |  10 +-
 .../hudson/cli/Messages_es.properties         |   7 +-
 .../hudson/cli/DisablePluginCommandTest.java  | 251 ++++++++++++++++--
 9 files changed, 679 insertions(+), 175 deletions(-)

diff --git a/.gitignore b/.gitignore
index 3cde4d575d..5c8b1b7ac8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -14,6 +14,9 @@ out
 .project
 build
 
+# VSCode workspace file
+*.code-workspace
+
 # vim
 *~
 *.swp
diff --git a/core/src/main/java/hudson/PluginManager.java b/core/src/main/java/hudson/PluginManager.java
index be83e07456..ce41655415 100644
--- a/core/src/main/java/hudson/PluginManager.java
+++ b/core/src/main/java/hudson/PluginManager.java
@@ -25,47 +25,29 @@ package hudson;
 
 import edu.umd.cs.findbugs.annotations.NonNull;
 import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
-import hudson.security.ACLContext;
-import jenkins.ExtensionRefreshException;
-import jenkins.util.SystemProperties;
 import hudson.PluginWrapper.Dependency;
 import hudson.init.InitMilestone;
 import hudson.init.InitStrategy;
 import hudson.init.InitializerFinder;
-import hudson.model.AbstractItem;
-import hudson.model.AbstractModelObject;
-import hudson.model.AdministrativeMonitor;
-import hudson.model.Api;
-import hudson.model.Descriptor;
-import hudson.model.Failure;
-import hudson.model.ItemGroupMixIn;
-import hudson.model.UpdateCenter;
-import hudson.model.UpdateSite;
+import hudson.model.*;
 import hudson.model.UpdateCenter.DownloadJob;
 import hudson.model.UpdateCenter.InstallationJob;
 import hudson.security.ACL;
+import hudson.security.ACLContext;
 import hudson.security.Permission;
 import hudson.security.PermissionScope;
-import hudson.util.CyclicGraphDetector;
+import hudson.util.*;
 import hudson.util.CyclicGraphDetector.CycleDetectedException;
-import hudson.util.PersistedList;
-import hudson.util.Service;
-import hudson.util.VersionNumber;
-import hudson.util.XStream2;
-import jenkins.ClassLoaderReflectionToolkit;
-import jenkins.InitReactorRunner;
-import jenkins.MissingDependencyException;
-import jenkins.RestartRequiredException;
-import jenkins.YesNoMaybe;
+import jenkins.*;
 import jenkins.install.InstallState;
 import jenkins.install.InstallUtil;
 import jenkins.model.Jenkins;
+import jenkins.security.CustomClassFilter;
+import jenkins.util.SystemProperties;
 import jenkins.util.io.OnMaster;
 import jenkins.util.xml.RestrictiveEntityResolver;
-
 import net.sf.json.JSONArray;
 import net.sf.json.JSONObject;
-
 import org.acegisecurity.Authentication;
 import org.apache.commons.fileupload.FileItem;
 import org.apache.commons.fileupload.FileUploadException;
@@ -78,23 +60,19 @@ import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.LogFactory;
 import org.jenkinsci.Symbol;
 import org.jenkinsci.bytecode.Transformer;
-import org.jvnet.hudson.reactor.Executable;
-import org.jvnet.hudson.reactor.Reactor;
-import org.jvnet.hudson.reactor.ReactorException;
-import org.jvnet.hudson.reactor.TaskBuilder;
-import org.jvnet.hudson.reactor.TaskGraphBuilder;
+import org.jvnet.hudson.reactor.*;
+import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.DoNotUse;
-import org.kohsuke.stapler.HttpRedirect;
-import org.kohsuke.stapler.HttpResponse;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+import org.kohsuke.stapler.*;
 import org.kohsuke.stapler.HttpResponses;
-import org.kohsuke.stapler.QueryParameter;
-import org.kohsuke.stapler.StaplerOverridable;
-import org.kohsuke.stapler.StaplerProxy;
-import org.kohsuke.stapler.StaplerRequest;
-import org.kohsuke.stapler.StaplerResponse;
 import org.kohsuke.stapler.export.Exported;
 import org.kohsuke.stapler.export.ExportedBean;
 import org.kohsuke.stapler.interceptor.RequirePOST;
+import org.xml.sax.Attributes;
+import org.xml.sax.InputSource;
+import org.xml.sax.SAXException;
+import org.xml.sax.helpers.DefaultHandler;
 
 import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
@@ -102,60 +80,24 @@ import javax.servlet.ServletContext;
 import javax.servlet.ServletException;
 import javax.xml.parsers.ParserConfigurationException;
 import javax.xml.parsers.SAXParserFactory;
-import java.io.Closeable;
-import java.io.File;
-import java.io.FilenameFilter;
-import java.io.IOException;
-import java.io.InputStream;
+import java.io.*;
 import java.lang.ref.WeakReference;
 import java.lang.reflect.Method;
-import java.net.MalformedURLException;
-import java.net.URISyntaxException;
-import java.net.URL;
-import java.net.URLClassLoader;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.LinkedHashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.TreeMap;
-import java.util.UUID;
+import java.net.*;
+import java.util.*;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.ConcurrentMap;
 import java.util.concurrent.CopyOnWriteArrayList;
 import java.util.concurrent.Future;
+import java.util.function.Supplier;
+import java.util.jar.JarEntry;
 import java.util.jar.JarFile;
 import java.util.jar.Manifest;
 import java.util.logging.Level;
 import java.util.logging.Logger;
-import org.xml.sax.Attributes;
-import org.xml.sax.InputSource;
-import org.xml.sax.SAXException;
-import org.xml.sax.helpers.DefaultHandler;
 
 import static hudson.init.InitMilestone.*;
-import hudson.model.DownloadService;
-import hudson.util.FormValidation;
-import java.io.ByteArrayInputStream;
-import java.net.JarURLConnection;
-import java.net.URLConnection;
-import java.util.ServiceLoader;
-import java.util.function.Supplier;
-import java.util.jar.JarEntry;
-
-import static java.util.logging.Level.FINE;
-import static java.util.logging.Level.INFO;
-import static java.util.logging.Level.SEVERE;
-import static java.util.logging.Level.WARNING;
-import jenkins.security.CustomClassFilter;
-import org.kohsuke.accmod.Restricted;
-import org.kohsuke.accmod.restrictions.NoExternalUse;
+import static java.util.logging.Level.*;
 
 /**
  * Manages {@link PluginWrapper}s.
@@ -935,8 +877,15 @@ public abstract class PluginManager extends AbstractModelObject implements OnMas
     @Restricted(NoExternalUse.class)
     public synchronized void resolveDependantPlugins() {
         for (PluginWrapper plugin : plugins) {
+            // Set of optional dependants plugins of plugin
+            Set<String> optionalDependants = new HashSet<>();
             Set<String> dependants = new HashSet<>();
             for (PluginWrapper possibleDependant : plugins) {
+                // No need to check if plugin is dependant of itself
+                if(possibleDependant.getShortName().equals(plugin.getShortName())) {
+                    continue;
+                }
+
                 // The plugin could have just been deleted. If so, it doesn't
                 // count as a dependant.
                 if (possibleDependant.isDeleted()) {
@@ -946,10 +895,20 @@ public abstract class PluginManager extends AbstractModelObject implements OnMas
                 for (Dependency dependency : dependencies) {
                     if (dependency.shortName.equals(plugin.getShortName())) {
                         dependants.add(possibleDependant.getShortName());
+
+                        // If, in addition, the dependency is optional, add to the optionalDependants list
+                        if (dependency.optional) {
+                            optionalDependants.add(possibleDependant.getShortName());
+                        }
+
+                        // already know possibleDependant depends on plugin, no need to continue with the rest of
+                        // dependencies. We continue with the next possibleDependant
+                        break;
                     }
                 }
             }
             plugin.setDependants(dependants);
+            plugin.setOptionalDependants(optionalDependants);
         }
     }
 
@@ -1829,6 +1788,34 @@ public abstract class PluginManager extends AbstractModelObject implements OnMas
         return new MetadataCache();
     }
 
+    /**
+     * Disable a list of plugins using a strategy for its dependants plugins.
+     * @param strategy the strategy regarding how the dependant plugins are processed
+     * @param plugins the list of plugins
+     * @return the list of results for every plugin and its dependant plugins.
+     * @throws IOException see {@link PluginWrapper#disable()}
+     */
+    public List<PluginWrapper.PluginDisableResult> disablePlugins(PluginWrapper.PluginDisableStrategy strategy, List<String> plugins) throws IOException {
+        // Where we store the results of each plugin disablement
+        List<PluginWrapper.PluginDisableResult> results = new ArrayList<>(plugins.size());
+
+        // Disable all plugins passed
+        for (String pluginName : plugins) {
+            PluginWrapper plugin = this.getPlugin(pluginName);
+
+            if (plugin == null) {
+                PluginWrapper.PluginDisableResult result = new PluginWrapper.PluginDisableResult(pluginName);
+                result.setMessage(Messages.PluginWrapper_NoSuchPlugin(pluginName));
+                result.setStatus(PluginWrapper.PluginDisableStatus.NO_SUCH_PLUGIN);
+                results.add(result);
+            } else {
+                results.add(plugin.disable(strategy));
+            }
+        }
+
+        return results;
+    }
+
     @Restricted(NoExternalUse.class) // table.jelly
     public static final class MetadataCache {
         private final Map<String, Object> data = new HashMap<>();
diff --git a/core/src/main/java/hudson/PluginWrapper.java b/core/src/main/java/hudson/PluginWrapper.java
index 363d588f0a..28dccf1f6a 100644
--- a/core/src/main/java/hudson/PluginWrapper.java
+++ b/core/src/main/java/hudson/PluginWrapper.java
@@ -25,7 +25,9 @@
 package hudson;
 
 import com.google.common.collect.ImmutableSet;
+import com.google.common.collect.Sets;
 import hudson.PluginManager.PluginInstanceStore;
+import hudson.cli.DisablePluginCommand;
 import hudson.model.AdministrativeMonitor;
 import hudson.model.Api;
 import hudson.model.ModelObject;
@@ -56,16 +58,7 @@ import java.io.File;
 import java.io.IOException;
 import java.io.OutputStream;
 import java.net.URL;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
+import java.util.*;
 import java.util.function.Predicate;
 import java.util.jar.JarFile;
 import java.util.jar.Manifest;
@@ -200,6 +193,11 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
      */
     private Set<String> dependants = Collections.emptySet();
 
+    /**
+     * List of plugins that depend optionally on this plugin.
+     */
+    private Set<String> optionalDependants = Collections.emptySet();
+
     /**
      * The core can depend on a plugin if it is bundled. Sometimes it's the only thing that
      * depends on the plugin e.g. UI support library bundle plugin.
@@ -214,6 +212,14 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
         this.dependants = dependants;
     }
 
+    /**
+     * Set the list of components that depend optionally on this plugin.
+     * @param optionalDependants The list of components that depend optionally on this plugin.
+     */
+    public void setOptionalDependants(@Nonnull Set<String> optionalDependants) {
+        this.optionalDependants = optionalDependants;
+    }
+
     /**
      * Get the list of components that depend on this plugin.
      * @return The list of components that depend on this plugin.
@@ -226,6 +232,14 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
         }
     }
 
+    /**
+     * Get the list of components that depend optionally on this plugin.
+     * @return The list of components that depend optionally on this plugin.
+     */
+    public @Nonnull Set<String> getOptionalDependants() {
+        return optionalDependants;
+    }
+
     /**
      * Does this plugin have anything that depends on it.
      * @return {@code true} if something (Jenkins core, or another plugin) depends on this
@@ -234,7 +248,17 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
     public boolean hasDependants() {
         return (isBundled || !dependants.isEmpty());
     }
-    
+
+    /**
+     * Does this plugin have anything that depends optionally on it.
+     * @return {@code true} if something (Jenkins core, or another plugin) depends optionally on this
+     * plugin, otherwise {@code false}.
+     */
+    public boolean hasOptionalDependants() {
+        return !optionalDependants.isEmpty();
+    }
+
+
     /**
      * Does this plugin depend on any other plugins.
      * @return {@code true} if this plugin depends on other plugins, otherwise {@code false}.
@@ -519,9 +543,19 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
     }
 
     /**
-     * Disables this plugin next time Jenkins runs.
+     * Disables this plugin next time Jenkins runs. As it doesn't check anything, it's recommended to use the method
+     * {@link #disable(PluginDisableStrategy)}
      */
+    @Deprecated //see https://issues.jenkins-ci.org/browse/JENKINS-27177
     public void disable() throws IOException {
+        disableWithoutCheck();
+    }
+
+    /**
+     * Disable a plugin wihout checking any dependency. Only add the disable file.
+     * @throws IOException
+     */
+    private void disableWithoutCheck() throws IOException {
         // creates an empty file
         try (OutputStream os = Files.newOutputStream(disableFile.toPath())) {
             os.close();
@@ -530,6 +564,95 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
         }
     }
 
+    /**
+     * Disable this plugin using a strategy.
+     * @param strategy strategy to use
+     * @return an object representing the result of the disablement of this plugin and its dependants plugins.
+     * @throws IOException If this plugin or one dependant plugin raise this exception during its disablement. It could
+     * be raised because the disable file cannot be created.
+     */
+    @Nonnull
+    public PluginDisableResult disable(@Nonnull PluginDisableStrategy strategy) throws IOException {
+        PluginDisableResult result = new PluginDisableResult(shortName);
+
+        if (!this.isEnabled()) {
+            result.setMessage(Messages.PluginWrapper_Already_Disabled(shortName));
+            result.setStatus(PluginDisableStatus.ALREADY_DISABLED);
+            return result;
+        }
+
+        // Act as a flag indicating if this plugin, finally, can be disabled. If there is a not-disabled-dependant
+        // plugin, this one couldn't be disabled.
+        String aDependantNotDisabled = null;
+
+        // List of dependants plugins to 'check'. 'Check' means disable for mandatory or all strategies, or review if
+        // this dependant-mandatory plugin is enabled in order to return an error for the NONE strategy.
+        Set<String> dependantsToCheck;
+        switch (strategy) {
+            case MANDATORY:
+                // As of getDependants has all the dependants, we get the difference between them and only the optionals
+                dependantsToCheck = Sets.difference(this.getDependants(), this.getOptionalDependants());
+                break;
+            case ALL:
+                // getDependants returns all the dependant plugins, mandatory or optional.
+                dependantsToCheck = this.getDependants();
+                break;
+            case NONE:
+            default:
+                // with NONE, the process only fail if mandatory dependant plugins exists
+                dependantsToCheck = Sets.difference(this.getDependants(), this.getOptionalDependants());
+        }
+
+        // Review all the dependants and add to the plugin result what happened with its dependants
+        for (String dependant : dependantsToCheck) {
+            PluginWrapper dependantPlugin = parent.getPlugin(dependant);
+
+            // The dependant plugin doesn't exist, add an error to the report
+            if (dependantPlugin == null) {
+                PluginDisableResult dependantStatus = new PluginDisableResult(dependant);
+                dependantStatus.setStatus(PluginDisableStatus.NO_SUCH_PLUGIN);
+                dependantStatus.setMessage(Messages.PluginWrapper_NoSuchPlugin(dependant));
+                result.addDependantDisableStatus(dependantStatus);
+
+            // If the strategy is none and there is some enabled dependant plugin, the plugin cannot be disabled. If
+            // this dependant plugin is not enabled, continue searching for one enabled.
+            } else if (strategy.equals(PluginDisableStrategy.NONE)) {
+                if (dependantPlugin.isEnabled()) {
+                    aDependantNotDisabled = dependant;
+                    break; // in this case, we don't need to continue with the rest of its dependants
+                }
+
+            // If the strategy is not none and this dependant plugin is not enabled, add it as already disabled
+            } else if (!dependantPlugin.isEnabled()) {
+                PluginDisableResult dependantStatus = new PluginDisableResult(dependant);
+                dependantStatus.setStatus(PluginDisableStatus.ALREADY_DISABLED);
+                dependantStatus.setMessage(Messages.PluginWrapper_Already_Disabled(dependant));
+                result.addDependantDisableStatus(dependantStatus);
+
+            // If the strategy is not none and this dependant plugin is enabled, disable it
+            } else {
+                // As there is no cycles in the plugin dependencies, the recursion shouldn't be infinite. The
+                // strategy used is the same for its dependants plugins
+                result.addDependantDisableStatus(dependantPlugin.disable(strategy));
+            }
+        }
+
+        // If there is no enabled-dependant plugin, disable this plugin and add it to the result
+        if (aDependantNotDisabled == null) {
+            this.disableWithoutCheck();
+            result.setMessage(Messages.PluginWrapper_Plugin_Disabled(shortName));
+            result.setStatus(PluginDisableStatus.DISABLED);
+
+        // if there is yet some not disabled dependant plugin (only possible with none strategy), this plugin cannot
+        // be disabled.
+        } else {
+            result.setMessage(Messages.PluginWrapper_Plugin_Has_Dependant(shortName, aDependantNotDisabled, strategy));
+            result.setStatus(PluginDisableStatus.NOT_DISABLED_DEPENDANTS);
+        }
+
+        return result;
+    }
+
     /**
      * Returns true if this plugin is enabled for this session.
      */
@@ -829,6 +952,86 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
         }
     }
 
+    /**
+     * The result of the disablement of a plugin and its dependants plugins.
+     */
+    public static class PluginDisableResult {
+        private String plugin;
+        private PluginDisableStatus status;
+        private String message;
+        private Set<PluginDisableResult> dependantsDisableStatus = new HashSet<>();
+
+        public PluginDisableResult(String plugin) {
+            this.plugin = plugin;
+        }
+
+        public String getPlugin() {
+            return plugin;
+        }
+
+        public PluginDisableStatus getStatus() {
+            return status;
+        }
+
+        @Override
+        public boolean equals(Object o) {
+            if (this == o) return true;
+            if (o == null || getClass() != o.getClass()) return false;
+            PluginDisableResult that = (PluginDisableResult) o;
+            return Objects.equals(plugin, that.plugin);
+        }
+
+        @Override
+        public int hashCode() {
+            return Objects.hash(plugin);
+        }
+
+        public void setStatus(PluginDisableStatus status) {
+            this.status = status;
+        }
+
+        public String getMessage() {
+            return message;
+        }
+
+        public void setMessage(String message) {
+            this.message = message;
+        }
+
+        public Set<PluginDisableResult> getDependantsDisableStatus() {
+            return dependantsDisableStatus;
+        }
+
+        public void addDependantDisableStatus(PluginDisableResult dependantDisableStatus) {
+            dependantsDisableStatus.add(dependantDisableStatus);
+        }
+
+    }
+
+    /**
+     * An enum to hold the status of a disabling action against a plugin. To do it more reader-friendly.
+     */
+    public static enum PluginDisableStatus {
+        NO_SUCH_PLUGIN,
+        DISABLED,
+        ALREADY_DISABLED,
+        NOT_DISABLED_DEPENDANTS
+    }
+
+    /**
+     * The strategies defined for disabling a plugin.
+     */
+    public static enum PluginDisableStrategy {
+        NONE,
+        MANDATORY,
+        ALL;
+
+        @Override
+        public String toString() {
+            return this.name().toLowerCase();
+        }
+    }
+
 //
 //
 // Action methods
diff --git a/core/src/main/java/hudson/cli/DisablePluginCommand.java b/core/src/main/java/hudson/cli/DisablePluginCommand.java
index a0eca19f0b..8e221c9e42 100644
--- a/core/src/main/java/hudson/cli/DisablePluginCommand.java
+++ b/core/src/main/java/hudson/cli/DisablePluginCommand.java
@@ -25,38 +25,48 @@
 package hudson.cli;
 
 import hudson.Extension;
-import hudson.PluginManager;
 import hudson.PluginWrapper;
+import hudson.lifecycle.RestartNotSupportedException;
 import jenkins.model.Jenkins;
 import org.kohsuke.args4j.Argument;
 import org.kohsuke.args4j.Option;
 
-import java.io.IOException;
 import java.io.PrintStream;
 import java.util.List;
-import java.util.Set;
 
 /**
- * Disable one or more installed plugins. If the plugin has an enabled dependant then it can't be disabled, the process
- * continues, but the exit code is 16, instead of 0. Disabling an already disabled plugin does nothing. It only restart
- * if, at least, one plugin has been disabled and the restart option was set.
- *
+ * Disable one or more installed plugins.
  * @since TODO
  */
 @Extension
 public class DisablePluginCommand extends CLICommand {
 
-    @Argument(metaVar = "plugins", required = true, usage = "Plugins to be disabled.")
+    @Argument(metaVar = "plugin1 plugin2 plugin3", required = true, usage = "Plugins to be disabled.")
     private List<String> pluginNames;
 
-    @Option(name = "-restart", usage = "Restart Jenkins after disabling plugins.")
+    @Option(name = "-restart", aliases = "-r", usage = "Restart Jenkins after disabling plugins.")
     private boolean restart;
 
+    @Option(name = "-strategy", aliases = "-s", metaVar = "strategy", usage = "How to process the dependant plugins. \n" +
+            "- none: if a mandatory dependant plugin exists and it is enabled, the plugin cannot be disabled (default value).\n" +
+            "- mandatory: all mandatory dependant plugins are also disabled, optional dependant plugins remain enabled.\n" +
+            "- all: all dependant plugins are also disabled, no matter if its dependency is optional or mandatory.")
+    private String strategy = PluginWrapper.PluginDisableStrategy.NONE.toString();
+
+    @Option(name = "-quiet", aliases = "-q", usage = "Be quiet, print only the error messages")
+    private boolean quiet;
+
+    private static final int INDENT_SPACE = 3;
+
     @Override
     public String getShortDescription() {
         return Messages.DisablePluginCommand_ShortDescription();
     }
 
+    // package-private access to be able to use it in the tests
+    static final int RETURN_CODE_NOT_DISABLED_DEPENDANTS = 16;
+    static final int RETURN_CODE_NO_SUCH_PLUGIN = 17;
+
     @Override
     protected void printUsageSummary(PrintStream stderr) {
         super.printUsageSummary(stderr);
@@ -68,68 +78,161 @@ public class DisablePluginCommand extends CLICommand {
         Jenkins jenkins = Jenkins.get();
         jenkins.checkPermission(Jenkins.ADMINISTER);
 
-        PluginManager manager = jenkins.getPluginManager();
-        int result = 0;
-        boolean somePluginDisabled = false; // to ensure we restart when it needs to
-        for (String pluginName : pluginNames) {
-            switch (disablePlugin(manager, pluginName)) {
-                case DISABLED:
-                    if(!somePluginDisabled) somePluginDisabled = true;
-                    break;
-                case NOT_DISABLED_DEPENDANTS:
-                    if(result != 16) result = 16; // Custom error code to indicate one plugin, at least, can't be disabled
+        // get the strategy as an enum
+        PluginWrapper.PluginDisableStrategy strategyToUse;
+        try {
+            strategyToUse = PluginWrapper.PluginDisableStrategy.valueOf(strategy.toUpperCase());
+        } catch (IllegalArgumentException iae) {
+            throw new IllegalArgumentException(hudson.cli.Messages.DisablePluginCommand_NoSuchStrategy(strategy, String.format("%s, %s, %s", PluginWrapper.PluginDisableStrategy.NONE, PluginWrapper.PluginDisableStrategy.MANDATORY, PluginWrapper.PluginDisableStrategy.ALL)));
+        }
+
+        // disable...
+        List<PluginWrapper.PluginDisableResult> results = jenkins.pluginManager.disablePlugins(strategyToUse, pluginNames);
+
+        // print results ...
+        printResults(results);
+
+        // restart if it was required and it's necessary (some plugin was disabled in this execution)
+        restartIfNecessary(results);
+
+        // return the appropriate error code
+        return getResultCode(results);
+    }
+
+    /**
+     * Print the result of all the process
+     * @param results the list of results for the disablement of each plugin
+     */
+    private void printResults( List<PluginWrapper.PluginDisableResult> results) {
+        for (PluginWrapper.PluginDisableResult oneResult : results) {
+            printResult(oneResult, 0);
+        }
+    }
+
+    /**
+     * Print indented the arguments with the format passed beginning with the indent passed.
+     * @param indent number of spaces at the beginning.
+     * @param format format as in {@link String#format(String, Object...)}
+     * @param arguments arguments to print as in {@link String#format(String, Object...)}
+     */
+    private void printIndented(int indent, String format, String... arguments) {
+        if (indent == 0) {
+            stdout.format(format + "%n", (Object[]) arguments);
+        } else {
+            String f = "%" + indent + "s" + format + "%n";
+            String[] newArgs = new String[arguments.length + 1];
+            newArgs[0] = " "; int i = 1;
+            for (String arg: arguments ) {
+                newArgs[i] = arg;
+                i++;
             }
+            stdout.format(f, newArgs);
         }
+    }
 
-        if (restart && somePluginDisabled) {
-            jenkins.safeRestart();
+    /**
+     * Print the result of a plugin disablement with the indent passed.
+     * @param oneResult the result of the disablement of a plugin.
+     * @param indent the initial indent.
+     */
+    private void printResult(PluginWrapper.PluginDisableResult oneResult, int indent) {
+        PluginWrapper.PluginDisableStatus status = oneResult.getStatus();
+        if(quiet && (PluginWrapper.PluginDisableStatus.DISABLED.equals(status) || PluginWrapper.PluginDisableStatus.ALREADY_DISABLED.equals(status))) {
+            return;
         }
 
-        return result;
+        printIndented(indent, Messages.DisablePluginCommand_StatusMessage(oneResult.getPlugin(), oneResult.getStatus(), oneResult.getMessage()));
+        if(oneResult.getDependantsDisableStatus().size() > 0) {
+            indent = (indent == 0) ? INDENT_SPACE : indent*2;
+            for (PluginWrapper.PluginDisableResult oneDependantResult : oneResult.getDependantsDisableStatus()) {
+                printResult(oneDependantResult, indent);
+            }
+        }
     }
 
     /**
-     * Try to disable a  plugin.
-     * @param manager The PluginManager.
-     * @param shortName The name of the plugin to disable.
-     * @return The result of the disabling of this plugin. See {@link DisablingStatus}
-     * @throws IOException An exception disabling the plugin. See {@link PluginWrapper#disable()}
+     * Restart if at least one plugin was disabled in this process.
+     * @param results the list of results after the disablement of the plugins.
      */
-    private DisablingStatus disablePlugin(PluginManager manager, String shortName) throws IOException {
-        PluginWrapper plugin = manager.getPlugin(shortName);
-        if (plugin == null) {
-            throw new IllegalArgumentException(Messages.DisablePluginCommand_NoSuchPlugin(shortName)); // exit with 3
+    private void restartIfNecessary(List<PluginWrapper.PluginDisableResult> results) throws RestartNotSupportedException {
+        if (restart) {
+            for (PluginWrapper.PluginDisableResult oneResult : results) {
+                if (restartIfNecessary(oneResult)) {
+                    break;
+                }
+            }
         }
+    }
 
-        if (!plugin.isEnabled()) {
-            stdout.format(Messages.DisablePluginCommand_Already_Disabled(shortName));
-            stdout.println();
-            return DisablingStatus.ALREADY_DISABLED;
+    /**
+     * Restart if this particular result of the disablement of a plugin and its dependant plugins (depending on the
+     * strategy used) has a plugin disablexd.
+     * @param oneResult the result of a plugin (and its dependants).
+     * @return true if it end up in restarting jenkins.
+     */
+    private boolean restartIfNecessary(PluginWrapper.PluginDisableResult oneResult) throws RestartNotSupportedException {
+        PluginWrapper.PluginDisableStatus status = oneResult.getStatus();
+        if(PluginWrapper.PluginDisableStatus.DISABLED.equals(status)) {
+            Jenkins.get().safeRestart();
+            return true;
         }
 
-        Set<String> dependants = plugin.getDependants();
-        for (String dependant : dependants) {
-            PluginWrapper dependantPlugin = manager.getPlugin(dependant);
-            if (dependantPlugin != null && dependantPlugin.isEnabled()) {
-                stderr.format(Messages.DisablePluginCommand_Plugin_Has_Dependant(shortName, dependant));
-                stderr.println();
-                return DisablingStatus.NOT_DISABLED_DEPENDANTS;
+        if(oneResult.getDependantsDisableStatus().size() > 0) {
+            for (PluginWrapper.PluginDisableResult oneDependantResult : oneResult.getDependantsDisableStatus()) {
+                if (restartIfNecessary(oneDependantResult)) {
+                    return true;
+                }
             }
         }
 
-        plugin.disable();
-        stdout.format(Messages.DisablePluginCommand_Plugin_Disabled(plugin.getShortName()));
-        stdout.println();
+        return false;
+    }
+
 
-        return DisablingStatus.DISABLED;
+    /**
+     * Calculate the result code of the full process based in what went on during the process
+     * @param results he list of results for the disablement of each plugin
+     * @return the status code. 0 if all plugins disabled. {@link #RETURN_CODE_NOT_DISABLED_DEPENDANTS} if some
+     * dependant plugin is not disabled (with strategy NONE), {@link #RETURN_CODE_NO_SUCH_PLUGIN} if some passed
+     * plugin doesn't exist. Whatever happens first.
+     */
+    private int getResultCode(List<PluginWrapper.PluginDisableResult> results) {
+        int result = 0;
+        for (PluginWrapper.PluginDisableResult oneResult : results) {
+            result = getResultCode(oneResult);
+            if (result != 0) {
+                break;
+            }
+        }
+
+        return result;
     }
 
     /**
-     * An enum to hold the status of a disabling action. To do it more reader-friendly.
+     * Calculate the result code of the disablement of one plugin based in what went on during the process of this one
+     * and its dependant plugins.
+     * @param result the result of the disablement of this plugin
+     * @return the status code
      */
-    private enum DisablingStatus {
-        DISABLED,
-        ALREADY_DISABLED,
-        NOT_DISABLED_DEPENDANTS
+    private int getResultCode(PluginWrapper.PluginDisableResult result) {
+        int returnCode = 0;
+        switch (result.getStatus()){
+            case NOT_DISABLED_DEPENDANTS:
+                returnCode = RETURN_CODE_NOT_DISABLED_DEPENDANTS;
+                break;
+            case NO_SUCH_PLUGIN:
+                returnCode = RETURN_CODE_NO_SUCH_PLUGIN;
+        }
+
+        if (returnCode == 0) {
+            for (PluginWrapper.PluginDisableResult oneDependantResult : result.getDependantsDisableStatus()) {
+                returnCode = getResultCode(oneDependantResult);
+                if (returnCode != 0) {
+                    break;
+                }
+            }
+        }
+
+        return returnCode;
     }
 }
diff --git a/core/src/main/resources/hudson/Messages.properties b/core/src/main/resources/hudson/Messages.properties
index 80ecb8db83..78b8e37f83 100644
--- a/core/src/main/resources/hudson/Messages.properties
+++ b/core/src/main/resources/hudson/Messages.properties
@@ -83,6 +83,10 @@ PluginWrapper.disabled={0} is disabled. To fix, enable it.
 PluginWrapper.obsolete={0} v{1} is older than required. To fix, install v{2} or later.
 PluginWrapper.obsoleteCore=You must update Jenkins from v{0} to v{1} or later to run this plugin.
 PluginWrapper.PluginWrapperAdministrativeMonitor.DisplayName=Plugins Failed To Load
+PluginWrapper.Already.Disabled=The plugin {0} was already disabled
+PluginWrapper.Plugin.Has.Dependant=The plugin {0} has, at least, one dependant plugin ({1}) and the disable strategy is {2}, so it cannot be disabled
+PluginWrapper.Plugin.Disabled=Plugin {0} disabled
+PluginWrapper.NoSuchPlugin=No such plugin found with the name {0}
 
 TcpSlaveAgentListener.PingAgentProtocol.displayName=Ping protocol
 
diff --git a/core/src/main/resources/hudson/Messages_es.properties b/core/src/main/resources/hudson/Messages_es.properties
index 9ad1d7eeb3..c787fed9c3 100644
--- a/core/src/main/resources/hudson/Messages_es.properties
+++ b/core/src/main/resources/hudson/Messages_es.properties
@@ -55,3 +55,7 @@ PluginManager.PluginDoesntSupportDynamicLoad.RestartRequired=El plugin {0} no so
 PluginManager.PortNotANumber=El puerto no es un n�mero
 AboutJenkins.Description=Eche un vistazo a la informaci�n sobre la versi�n y la licencia.
 PluginManager.PortNotInRange=El puerto no est� en el rango de {0} hasta {1}
+PluginWrapper.Already.Disabled=El plugin {0} ya estaba deshabilitado
+PluginWrapper.Plugin.Has.Dependant=El plugin {0} tiene, al menos, un plugin dependiente ({1}) y la estrategia de deshabilitaci�n es {2}, as� que no puede ser deshabilitado
+PluginWrapper.Plugin.Disabled=Plugin {0} deshabilitado
+PluginWrapper.NoSuchPlugin=No se encuentra un plugin con el nombre {0}
diff --git a/core/src/main/resources/hudson/cli/Messages.properties b/core/src/main/resources/hudson/cli/Messages.properties
index 73a6609eab..f502ad9331 100644
--- a/core/src/main/resources/hudson/cli/Messages.properties
+++ b/core/src/main/resources/hudson/cli/Messages.properties
@@ -115,10 +115,8 @@ CliProtocol.displayName=Jenkins CLI Protocol/1 (unencrypted)
 CliProtocol2.displayName=Jenkins CLI Protocol/2 (transport encryption)
 
 DisablePluginCommand.ShortDescription=\
-Disables one or more installed plugins.
-DisablePluginCommand.Already.Disabled=The plugin {0} was already disabled.
-DisablePluginCommand.Plugin.Has.Dependant=The plugin {0} has, at least, one dependant plugin ({1}), so it cannot be disabled.
-DisablePluginCommand.Plugin.Disabled=Plugin {0} disabled.
-DisablePluginCommand.NoSuchPlugin=No such plugin found with the name {0}.
+Disable one or more installed plugins.
+DisablePluginCommand.NoSuchStrategy=This strategy ({0}) does not exist. Allowed strategies are {1}
 DisablePluginCommand.PrintUsageSummary=\
-Disable the plugins with the given short names. Plugins are disabled in order, so make sure to include plugins with dependencies before their dependencies.
+Disable the plugins with the given short names. You can define how to proceed with the dependant plugins and if a restart after should be done. You can also set the quiet mode to avoid extra info in the console.
+DisablePluginCommand.StatusMessage=Disabling {0}: {1} ({2})
\ No newline at end of file
diff --git a/core/src/main/resources/hudson/cli/Messages_es.properties b/core/src/main/resources/hudson/cli/Messages_es.properties
index 11525579ca..7a7794b508 100644
--- a/core/src/main/resources/hudson/cli/Messages_es.properties
+++ b/core/src/main/resources/hudson/cli/Messages_es.properties
@@ -59,4 +59,9 @@ CancelQuietDownCommand.ShortDescription=Cancelar el efecto del comando "quiet-do
 OfflineNodeCommand.ShortDescription=Dejar de utilizar un nodo temporalmente hasta que se ejecute el comando "online-node".
 WaitNodeOnlineCommand.ShortDescription=Esperando hasta que el nodo est� activado
 WaitNodeOfflineCommand.ShortDescription=Esperando a que el nodo est� desactivado
-
+DisablePluginCommand.ShortDescription=\
+Deshabilita uno o m�s plugins instalados.
+DisablePluginCommand.NoSuchStrategy=Esta estrategia ({0}) no existe. Las estrategias permitidas son {1}
+DisablePluginCommand.PrintUsageSummary=\
+Deshabilita los plugins con los nombre cortos dados. Puede definir c�mo proceder con los plugins dependientes y si se realiza un reinicio posterior.
+DisablePluginCommand.StatusMessage=Deshabilitando {0}: {1} ({2})
\ No newline at end of file
diff --git a/test/src/test/java/hudson/cli/DisablePluginCommandTest.java b/test/src/test/java/hudson/cli/DisablePluginCommandTest.java
index afac7929d0..aba2819963 100644
--- a/test/src/test/java/hudson/cli/DisablePluginCommandTest.java
+++ b/test/src/test/java/hudson/cli/DisablePluginCommandTest.java
@@ -1,3 +1,4 @@
+
 /*
  * The MIT License
  *
@@ -26,6 +27,7 @@ package hudson.cli;
 
 import hudson.Functions;
 import hudson.PluginWrapper;
+import org.apache.commons.lang.StringUtils;
 import org.junit.Assume;
 import org.junit.Rule;
 import org.junit.Test;
@@ -34,9 +36,12 @@ import org.jvnet.hudson.test.JenkinsRule;
 import org.jvnet.hudson.test.recipes.WithPlugin;
 
 import java.io.IOException;
+import java.util.function.BiPredicate;
 
 import static hudson.cli.CLICommandInvoker.Matcher.failedWith;
 import static hudson.cli.CLICommandInvoker.Matcher.succeeded;
+import static hudson.cli.DisablePluginCommand.RETURN_CODE_NOT_DISABLED_DEPENDANTS;
+import static hudson.cli.DisablePluginCommand.RETURN_CODE_NO_SUCH_PLUGIN;
 import static org.hamcrest.Matchers.is;
 import static org.hamcrest.Matchers.notNullValue;
 import static org.junit.Assert.*;
@@ -46,90 +51,129 @@ public class DisablePluginCommandTest {
     @Rule
     public JenkinsRule j = new JenkinsRule();
 
+    /**
+     * Can disable a plugin with an optional dependent plugin.
+     * With strategy none.
+     */
     @Test
     @Issue("JENKINS-27177")
     @WithPlugin({"depender-0.0.2.hpi", "dependee-0.0.2.hpi"})
-    public void disablePluginWithOptionalDepender() {
-        assertThat(disablePlugins("-restart", "dependee"), failedWith(16));
-        assertPluginEnabled("dependee");
-        assertJenkinsNotInQuietMode();
+    public void canDisablePluginWithOptionalDependerStNone() {
+        assertThat(disablePluginsCLiCommand("-strategy", "NONE", "dependee"), succeeded());
+        assertPluginDisabled("dependee");
+    }
+
+    @Test
+    @Issue("JENKINS-27177")
+    @WithPlugin({"depender-0.0.2.hpi", "dependee-0.0.2.hpi", "mandatory-depender-0.0.2.hpi"})
+    public void canDisablePluginWithDependantsDisabledStNone() throws IOException {
+        disablePlugin("mandatory-depender");
+        CLICommandInvoker.Result result = disablePluginsCLiCommand("-strategy", "NONE", "dependee");
+
+        assertThat(result, succeeded());
+        assertEquals("Disabling only dependee", 1, StringUtils.countMatches(result.stdout(), "Disabling"));
+        assertPluginDisabled("dependee");
     }
 
+    /**
+     * Can't disable a plugin with a mandatory dependent plugin.
+     * With default strategy (none).
+     */
     @Test
     @Issue("JENKINS-27177")
     @WithPlugin({"mandatory-depender-0.0.2.hpi", "dependee-0.0.2.hpi"})
-    public void disablePluginWithMandatoryDepender() {
-        assertThat(disablePlugins("-restart", "dependee"), failedWith(16));
+    public void cannotDisablePluginWithMandatoryDependerStNone() {
+        assertThat(disablePluginsCLiCommand("dependee"), failedWith(RETURN_CODE_NOT_DISABLED_DEPENDANTS));
         assertPluginEnabled("dependee");
-        assertJenkinsNotInQuietMode();
     }
 
+    /**
+     * Can't disable a plugin with a mandatory dependent plugin before its dependent plugin.
+     * With default strategy (none).
+     */
     @Test
     @Issue("JENKINS-27177")
     @WithPlugin({"mandatory-depender-0.0.2.hpi", "dependee-0.0.2.hpi"})
-    public void disableDependentPluginsWrongOrder() {
-        assumeNotWindows();
-        assertThat(disablePlugins("-restart", "dependee", "mandatory-depender"), failedWith(16));
+    public void cannotDisableDependentPluginWrongOrderStNone() {
+        assertThat(disablePluginsCLiCommand("dependee", "mandatory-depender"), failedWith(RETURN_CODE_NOT_DISABLED_DEPENDANTS));
         assertPluginDisabled("mandatory-depender");
-        assertJenkinsInQuietMode(); // one plugin was disabled (mandatory-depender)
+        assertPluginEnabled("dependee");
     }
 
+    /**
+     * Can disable a plugin with a mandatory dependent plugin after being disabled the mandatory dependent plugin. With
+     * default strategy (none).
+     */
     @Test
     @Issue("JENKINS-27177")
     @WithPlugin({"mandatory-depender-0.0.2.hpi", "dependee-0.0.2.hpi"})
-    public void disableDependentPluginsRightOrder() {
-        assumeNotWindows();
-        assertThat(disablePlugins("-restart", "mandatory-depender", "dependee"), succeeded());
+    public void canDisableDependentPluginsRightOrderStNone() {
+        assertThat(disablePluginsCLiCommand("mandatory-depender", "dependee"), succeeded());
         assertPluginDisabled("dependee");
         assertPluginDisabled("mandatory-depender");
-        assertJenkinsInQuietMode();
     }
 
+    /**
+     * Can disable a plugin without dependents plugins and Jenkins restart after it if -restart argument is passed.
+     */
     @Test
     @Issue("JENKINS-27177")
     @WithPlugin("dependee-0.0.2.hpi")
-    public void disablePluginWithoutDepender() {
+    public void restartAfterDisable() {
         assumeNotWindows();
-        assertThat(disablePlugins("-restart", "dependee"), succeeded());
+        assertThat(disablePluginsCLiCommand("-restart", "dependee"), succeeded());
         assertPluginDisabled("dependee");
         assertJenkinsInQuietMode();
     }
 
+    /**
+     * Can disable a plugin without dependents plugins and Jenkins doesn't restart after it if -restart is not passed.
+     */
     @Test
     @Issue("JENKINS-27177")
     @WithPlugin("dependee-0.0.2.hpi")
-    public void disablePluginWithoutDependerNorRestart() {
-        assertThat(disablePlugins("dependee"), succeeded());
+    public void notRestartAfterDisablePluginWithoutArgumentRestart() {
+        assertThat(disablePluginsCLiCommand("dependee"), succeeded());
         assertPluginDisabled("dependee");
         assertJenkinsNotInQuietMode();
     }
 
+    /**
+     * A non-existing plugin returns with a {@link DisablePluginCommand#RETURN_CODE_NO_SUCH_PLUGIN} status code.
+     */
     @Test
     @Issue("JENKINS-27177")
     @WithPlugin("dependee-0.0.2.hpi")
-    public void disableInvalidPlugin() {
-        assertThat(disablePlugins("-restart", "wrongname"), failedWith(3));
-        assertJenkinsNotInQuietMode();
+    public void returnCodeDisableInvalidPlugin() {
+        assertThat(disablePluginsCLiCommand("wrongname"), failedWith(RETURN_CODE_NO_SUCH_PLUGIN));
     }
 
+    /**
+     * A plugin already disabled returns 0 and jenkins doesn't restart even though you passed the -restart argument.
+     * @throws IOException See {@link PluginWrapper#disable()}.
+     */
     @Test
     @Issue("JENKINS-27177")
     @WithPlugin("dependee-0.0.2.hpi")
-    public void disableAlreadyDisabledPluginNoRestart() throws IOException {
+    public void disableAlreadyDisabledPluginNotRestart() throws IOException {
+        // Disable before the command call
         disablePlugin("dependee");
 
         assertPluginDisabled("dependee");
-        assertThat(disablePlugins("-restart", "dependee"), succeeded());
+        assertThat(disablePluginsCLiCommand("-restart", "dependee"), succeeded());
         assertPluginDisabled("dependee");
         assertJenkinsNotInQuietMode();
     }
 
+    /**
+     * If some plugins are disabled, Jenkins will restart even though the status code isn't 0 (is 16).
+     */
     @Test
     @Issue("JENKINS-27177")
     @WithPlugin({"variant.hpi", "depender-0.0.2.hpi", "mandatory-depender-0.0.2.hpi", "plugin-first.hpi", "dependee-0.0.2.hpi", })
-    public void disablePluginsWithError16() {
+    public void restartAfterDisablePluginsAndErrors() {
         assumeNotWindows();
-        assertThat(disablePlugins("-restart", "variant", "dependee", "depender", "plugin-first", "mandatory-depender"), failedWith(16));
+        assertThat(disablePluginsCLiCommand("-restart", "variant", "dependee", "depender", "plugin-first", "mandatory-depender"), failedWith(RETURN_CODE_NOT_DISABLED_DEPENDANTS));
         assertPluginDisabled("variant");
         assertPluginEnabled("dependee");
         assertPluginDisabled("depender");
@@ -138,6 +182,159 @@ public class DisablePluginCommandTest {
         assertJenkinsInQuietMode(); // some plugins were disabled
     }
 
+    /**
+     * All the dependant plugins, mandatory or optional, are disabled using <i>-strategy all</i>.
+     */
+    @Test
+    @Issue("JENKINS-27177")
+    @WithPlugin({"variant.hpi", "depender-0.0.2.hpi", "mandatory-depender-0.0.2.hpi", "plugin-first.hpi", "dependee-0.0.2.hpi", })
+    public void disablePluginsStrategyAll() {
+        assertPluginEnabled("dependee");
+        assertPluginEnabled("depender");
+        assertPluginEnabled("mandatory-depender");
+        assertThat(disablePluginsCLiCommand("-strategy", "all", "variant", "dependee", "plugin-first"), succeeded());
+        assertPluginDisabled("variant");
+        assertPluginDisabled("dependee");
+        assertPluginDisabled("depender");
+        assertPluginDisabled("plugin-first");
+        assertPluginDisabled("mandatory-depender");
+    }
+
+    /**
+     * Only the mandatory dependant plugins are disabled using <i>-strategy mandatory</i>.
+     */
+    @Test
+    @Issue("JENKINS-27177")
+    @WithPlugin({"variant.hpi", "depender-0.0.2.hpi", "mandatory-depender-0.0.2.hpi", "plugin-first.hpi", "dependee-0.0.2.hpi", })
+    public void disablePluginsStrategyMandatory() {
+        assertThat(disablePluginsCLiCommand("-strategy", "mandatory", "variant", "dependee", "plugin-first"), succeeded());
+        assertPluginDisabled("variant");
+        assertPluginDisabled("dependee");
+        assertPluginEnabled("depender");
+        assertPluginDisabled("plugin-first");
+        assertPluginDisabled("mandatory-depender");
+    }
+
+    /**
+     * A plugin already disabled because it's a dependent plugin of one previously disabled appear two times in the log
+     * with different messages.
+     */
+    @Test
+    @Issue("JENKINS-27177")
+    @WithPlugin({"depender-0.0.2.hpi", "dependee-0.0.2.hpi", })
+    public void disablePluginsMessageAlreadyDisabled() {
+        CLICommandInvoker.Result result = disablePluginsCLiCommand("-strategy", "all", "dependee", "depender");
+        assertThat(result, succeeded());
+
+        assertPluginDisabled("dependee");
+        assertPluginDisabled("depender");
+
+        assertTrue("An occurrence of the depender plugin in the log says it was successfully disabled", checkResultWith(result, StringUtils::contains, "depender", PluginWrapper.PluginDisableStatus.DISABLED));
+        assertTrue("An occurrence of the depender plugin in the log says it was already disabled", checkResultWith(result, StringUtils::contains, "depender", PluginWrapper.PluginDisableStatus.ALREADY_DISABLED));
+    }
+
+    /**
+     * The return code is the first error distinct of 0 found during the process. In this case dependant plugins not
+     * disabled.
+     */
+    @Test
+    @Issue("JENKINS-27177")
+    @WithPlugin({"dependee-0.0.2.hpi", "mandatory-depender-0.0.2.hpi"})
+    public void returnCodeFirstErrorIsDependants() {
+        CLICommandInvoker.Result result = disablePluginsCLiCommand("dependee", "badplugin");
+        assertThat(result, failedWith(RETURN_CODE_NOT_DISABLED_DEPENDANTS));
+
+        assertPluginEnabled("dependee");
+    }
+
+    /**
+     * The return code is the first error distinct of 0 found during the process. In this case no such plugin.
+     */
+    @Test
+    @Issue("JENKINS-27177")
+    @WithPlugin({"dependee-0.0.2.hpi", "mandatory-depender-0.0.2.hpi"})
+    public void returnCodeFirstErrorIsNoSuchPlugin() {
+        CLICommandInvoker.Result result = disablePluginsCLiCommand("badplugin", "dependee");
+        assertThat(result, failedWith(RETURN_CODE_NO_SUCH_PLUGIN));
+
+        assertPluginEnabled("dependee");
+    }
+
+    /**
+     * In quiet mode, no message is printed if all plugins are disabled or were already disabled.
+     */
+    @Test
+    @Issue("JENKINS-27177")
+    @WithPlugin({"depender-0.0.2.hpi", "dependee-0.0.2.hpi", "mandatory-depender-0.0.2.hpi"})
+    public void quietModeEmptyOutputSucceed() {
+        CLICommandInvoker.Result result = disablePluginsCLiCommand("-strategy", "all", "-quiet", "dependee");
+        assertThat(result, succeeded());
+
+        assertPluginDisabled("dependee");
+        assertPluginDisabled("depender");
+        assertPluginDisabled("mandatory-depender");
+
+        assertTrue("No log in quiet mode if all plugins disabled", StringUtils.isEmpty(result.stdout()));
+    }
+
+    /**
+     * In quiet mode, only the errors (no such plugin) are printed.
+     */
+    @Test
+    @Issue("JENKINS-27177")
+    @WithPlugin({"depender-0.0.2.hpi", "dependee-0.0.2.hpi", "mandatory-depender-0.0.2.hpi"})
+    public void quietModeWithErrorNoSuch() {
+        CLICommandInvoker.Result result = disablePluginsCLiCommand("-quiet", "-strategy", "all", "dependee", "badplugin");
+        assertThat(result, failedWith(RETURN_CODE_NO_SUCH_PLUGIN));
+
+        assertPluginDisabled("dependee");
+        assertPluginDisabled("depender");
+        assertPluginDisabled("mandatory-depender");
+
+        assertTrue("Only error NO_SUCH_PLUGIN in quiet mode", checkResultWith(result, StringUtils::startsWith, "badplugin", PluginWrapper.PluginDisableStatus.NO_SUCH_PLUGIN));
+    }
+
+    /**
+     * In quiet mode, only the errors (dependants plugins) are printed.
+     */
+    @Test
+    @Issue("JENKINS-27177")
+    @WithPlugin({"depender-0.0.2.hpi", "dependee-0.0.2.hpi", "mandatory-depender-0.0.2.hpi"})
+    public void quietModeWithErrorDependants() {
+        CLICommandInvoker.Result result = disablePluginsCLiCommand("-quiet", "-strategy", "none", "dependee");
+        assertThat(result, failedWith(RETURN_CODE_NOT_DISABLED_DEPENDANTS));
+
+        assertPluginEnabled("dependee");
+        assertPluginEnabled("depender");
+        assertPluginEnabled("mandatory-depender");
+
+        assertTrue("Only error NOT_DISABLED_DEPENDANTS in quiet mode", checkResultWith(result, StringUtils::startsWith, "dependee", PluginWrapper.PluginDisableStatus.NOT_DISABLED_DEPENDANTS));
+    }
+
+    /**
+     * Helper method to check the output of a result with a specific method allowing two arguments (
+     * StringUtils::startsWith or StringUtils::contents). This method avoid to have it hardcoded the messages. We avoid
+     * having to compose the descriptive text of the message by using a <i>stop</i> flag to ignore the last characters.
+     * This method supposes that the descriptive text is at the last of the string.
+     * @param result the result of the command.
+     * @param method a method with two string arguments to check against
+     * @param plugin the plugin printed outSetting the plugin and status as parameters, the method gets
+     * the string printed using the
+     * @param status the status printed out
+     * @return true if the output has been checked against the method using the plugin and status args
+     */
+    private boolean checkResultWith(CLICommandInvoker.Result result, BiPredicate<String, String> method, String plugin, PluginWrapper.PluginDisableStatus status) {
+            String noMatterFollowingChars = "/!$stop";
+            String outExpected = Messages.DisablePluginCommand_StatusMessage(plugin, status, noMatterFollowingChars);
+            outExpected = StringUtils.substringBefore(outExpected, noMatterFollowingChars);
+            return method.test(result.stdout(), outExpected);
+    }
+
+    /**
+     * Disable a plugin using the {@link PluginWrapper#disable()} method.
+     * @param name the name of the plugin.
+     * @throws IOException if the disablement cannot be made.
+     */
     private void disablePlugin(String name) throws IOException {
         PluginWrapper plugin = j.getPluginManager().getPlugin(name);
         assertThat(plugin, is(notNullValue()));
@@ -149,7 +346,7 @@ public class DisablePluginCommandTest {
      * @param args Arguments to pass to the command.
      * @return Result of the command. 0 if succeed, 16 if some plugin couldn't be disabled due to dependant plugins.
      */
-    private CLICommandInvoker.Result disablePlugins(String... args) {
+    private CLICommandInvoker.Result disablePluginsCLiCommand(String... args) {
         return new CLICommandInvoker(j, new DisablePluginCommand()).invokeWithArgs(args);
     }
 
-- 
GitLab


From a609502609bee8640a1261e618fea1bff76ac64b Mon Sep 17 00:00:00 2001
From: M Ramon Leon <manuelramonleonjimenez@gmail.com>
Date: Mon, 15 Oct 2018 11:53:17 +0200
Subject: [PATCH 820/863] [JENKINS-27177] Minor fixes

---
 .../java/hudson/cli/DisablePluginCommand.java | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/core/src/main/java/hudson/cli/DisablePluginCommand.java b/core/src/main/java/hudson/cli/DisablePluginCommand.java
index 8e221c9e42..0b2d005e56 100644
--- a/core/src/main/java/hudson/cli/DisablePluginCommand.java
+++ b/core/src/main/java/hudson/cli/DisablePluginCommand.java
@@ -92,7 +92,7 @@ public class DisablePluginCommand extends CLICommand {
         // print results ...
         printResults(results);
 
-        // restart if it was required and it's necessary (some plugin was disabled in this execution)
+        // restart if it was required and it's necessary (at least one plugin was disabled in this execution)
         restartIfNecessary(results);
 
         // return the appropriate error code
@@ -103,7 +103,7 @@ public class DisablePluginCommand extends CLICommand {
      * Print the result of all the process
      * @param results the list of results for the disablement of each plugin
      */
-    private void printResults( List<PluginWrapper.PluginDisableResult> results) {
+    private void printResults(List<PluginWrapper.PluginDisableResult> results) {
         for (PluginWrapper.PluginDisableResult oneResult : results) {
             printResult(oneResult, 0);
         }
@@ -121,8 +121,9 @@ public class DisablePluginCommand extends CLICommand {
         } else {
             String f = "%" + indent + "s" + format + "%n";
             String[] newArgs = new String[arguments.length + 1];
-            newArgs[0] = " "; int i = 1;
-            for (String arg: arguments ) {
+            newArgs[0] = " ";
+            int i = 1;
+            for (String arg: arguments) {
                 newArgs[i] = arg;
                 i++;
             }
@@ -137,13 +138,13 @@ public class DisablePluginCommand extends CLICommand {
      */
     private void printResult(PluginWrapper.PluginDisableResult oneResult, int indent) {
         PluginWrapper.PluginDisableStatus status = oneResult.getStatus();
-        if(quiet && (PluginWrapper.PluginDisableStatus.DISABLED.equals(status) || PluginWrapper.PluginDisableStatus.ALREADY_DISABLED.equals(status))) {
+        if (quiet && (PluginWrapper.PluginDisableStatus.DISABLED.equals(status) || PluginWrapper.PluginDisableStatus.ALREADY_DISABLED.equals(status))) {
             return;
         }
 
         printIndented(indent, Messages.DisablePluginCommand_StatusMessage(oneResult.getPlugin(), oneResult.getStatus(), oneResult.getMessage()));
-        if(oneResult.getDependantsDisableStatus().size() > 0) {
-            indent = (indent == 0) ? INDENT_SPACE : indent*2;
+        if (oneResult.getDependantsDisableStatus().size() > 0) {
+            indent += INDENT_SPACE;
             for (PluginWrapper.PluginDisableResult oneDependantResult : oneResult.getDependantsDisableStatus()) {
                 printResult(oneDependantResult, indent);
             }
@@ -172,12 +173,12 @@ public class DisablePluginCommand extends CLICommand {
      */
     private boolean restartIfNecessary(PluginWrapper.PluginDisableResult oneResult) throws RestartNotSupportedException {
         PluginWrapper.PluginDisableStatus status = oneResult.getStatus();
-        if(PluginWrapper.PluginDisableStatus.DISABLED.equals(status)) {
+        if (PluginWrapper.PluginDisableStatus.DISABLED.equals(status)) {
             Jenkins.get().safeRestart();
             return true;
         }
 
-        if(oneResult.getDependantsDisableStatus().size() > 0) {
+        if (oneResult.getDependantsDisableStatus().size() > 0) {
             for (PluginWrapper.PluginDisableResult oneDependantResult : oneResult.getDependantsDisableStatus()) {
                 if (restartIfNecessary(oneDependantResult)) {
                     return true;
-- 
GitLab


From 1aa7dbb818ed263af97e9dca7d765b9e18379335 Mon Sep 17 00:00:00 2001
From: M Ramon Leon <manuelramonleonjimenez@gmail.com>
Date: Mon, 15 Oct 2018 11:56:27 +0200
Subject: [PATCH 821/863] [JENKINS-27177] Minor fixes

---
 core/src/main/java/hudson/PluginManager.java  | 72 ++++++++++++++++---
 core/src/main/java/hudson/PluginWrapper.java  | 67 ++++++++++-------
 .../resources/hudson/cli/Messages.properties  |  2 +-
 .../hudson/cli/Messages_es.properties         |  2 +-
 .../hudson/cli/DisablePluginCommandTest.java  | 10 +--
 5 files changed, 109 insertions(+), 44 deletions(-)

diff --git a/core/src/main/java/hudson/PluginManager.java b/core/src/main/java/hudson/PluginManager.java
index ce41655415..87575a44c2 100644
--- a/core/src/main/java/hudson/PluginManager.java
+++ b/core/src/main/java/hudson/PluginManager.java
@@ -29,16 +29,35 @@ import hudson.PluginWrapper.Dependency;
 import hudson.init.InitMilestone;
 import hudson.init.InitStrategy;
 import hudson.init.InitializerFinder;
-import hudson.model.*;
+import hudson.model.AbstractItem;
+import hudson.model.AbstractModelObject;
+import hudson.model.AdministrativeMonitor;
+import hudson.model.Api;
+import hudson.model.Descriptor;
+import hudson.model.DownloadService;
+import hudson.model.Failure;
+import hudson.model.ItemGroupMixIn;
+import hudson.model.UpdateCenter;
 import hudson.model.UpdateCenter.DownloadJob;
 import hudson.model.UpdateCenter.InstallationJob;
+import hudson.model.UpdateSite;
 import hudson.security.ACL;
 import hudson.security.ACLContext;
 import hudson.security.Permission;
 import hudson.security.PermissionScope;
-import hudson.util.*;
+import hudson.util.CyclicGraphDetector;
 import hudson.util.CyclicGraphDetector.CycleDetectedException;
-import jenkins.*;
+import hudson.util.FormValidation;
+import hudson.util.PersistedList;
+import hudson.util.Service;
+import hudson.util.VersionNumber;
+import hudson.util.XStream2;
+import jenkins.ClassLoaderReflectionToolkit;
+import jenkins.ExtensionRefreshException;
+import jenkins.InitReactorRunner;
+import jenkins.MissingDependencyException;
+import jenkins.RestartRequiredException;
+import jenkins.YesNoMaybe;
 import jenkins.install.InstallState;
 import jenkins.install.InstallUtil;
 import jenkins.model.Jenkins;
@@ -60,12 +79,22 @@ import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.LogFactory;
 import org.jenkinsci.Symbol;
 import org.jenkinsci.bytecode.Transformer;
-import org.jvnet.hudson.reactor.*;
+import org.jvnet.hudson.reactor.Executable;
+import org.jvnet.hudson.reactor.Reactor;
+import org.jvnet.hudson.reactor.ReactorException;
+import org.jvnet.hudson.reactor.TaskBuilder;
+import org.jvnet.hudson.reactor.TaskGraphBuilder;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.DoNotUse;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
-import org.kohsuke.stapler.*;
+import org.kohsuke.stapler.HttpRedirect;
+import org.kohsuke.stapler.HttpResponse;
 import org.kohsuke.stapler.HttpResponses;
+import org.kohsuke.stapler.QueryParameter;
+import org.kohsuke.stapler.StaplerOverridable;
+import org.kohsuke.stapler.StaplerProxy;
+import org.kohsuke.stapler.StaplerRequest;
+import org.kohsuke.stapler.StaplerResponse;
 import org.kohsuke.stapler.export.Exported;
 import org.kohsuke.stapler.export.ExportedBean;
 import org.kohsuke.stapler.interceptor.RequirePOST;
@@ -80,11 +109,34 @@ import javax.servlet.ServletContext;
 import javax.servlet.ServletException;
 import javax.xml.parsers.ParserConfigurationException;
 import javax.xml.parsers.SAXParserFactory;
-import java.io.*;
+import java.io.ByteArrayInputStream;
+import java.io.Closeable;
+import java.io.File;
+import java.io.FilenameFilter;
+import java.io.IOException;
+import java.io.InputStream;
 import java.lang.ref.WeakReference;
 import java.lang.reflect.Method;
-import java.net.*;
-import java.util.*;
+import java.net.JarURLConnection;
+import java.net.MalformedURLException;
+import java.net.URISyntaxException;
+import java.net.URL;
+import java.net.URLClassLoader;
+import java.net.URLConnection;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.LinkedHashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.ServiceLoader;
+import java.util.Set;
+import java.util.TreeMap;
+import java.util.UUID;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.ConcurrentMap;
 import java.util.concurrent.CopyOnWriteArrayList;
@@ -1789,10 +1841,10 @@ public abstract class PluginManager extends AbstractModelObject implements OnMas
     }
 
     /**
-     * Disable a list of plugins using a strategy for its dependants plugins.
+     * Disable a list of plugins using a strategy for their dependants plugins.
      * @param strategy the strategy regarding how the dependant plugins are processed
      * @param plugins the list of plugins
-     * @return the list of results for every plugin and its dependant plugins.
+     * @return the list of results for every plugin and their dependant plugins.
      * @throws IOException see {@link PluginWrapper#disable()}
      */
     public List<PluginWrapper.PluginDisableResult> disablePlugins(PluginWrapper.PluginDisableStrategy strategy, List<String> plugins) throws IOException {
diff --git a/core/src/main/java/hudson/PluginWrapper.java b/core/src/main/java/hudson/PluginWrapper.java
index 28dccf1f6a..26fc870847 100644
--- a/core/src/main/java/hudson/PluginWrapper.java
+++ b/core/src/main/java/hudson/PluginWrapper.java
@@ -27,17 +27,16 @@ package hudson;
 import com.google.common.collect.ImmutableSet;
 import com.google.common.collect.Sets;
 import hudson.PluginManager.PluginInstanceStore;
-import hudson.cli.DisablePluginCommand;
 import hudson.model.AdministrativeMonitor;
 import hudson.model.Api;
 import hudson.model.ModelObject;
-import java.nio.file.Files;
-import java.nio.file.InvalidPathException;
-import jenkins.YesNoMaybe;
-import jenkins.model.Jenkins;
 import hudson.model.UpdateCenter;
 import hudson.model.UpdateSite;
 import hudson.util.VersionNumber;
+import jenkins.YesNoMaybe;
+import jenkins.model.Jenkins;
+import org.apache.commons.lang.StringUtils;
+import org.apache.commons.logging.LogFactory;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.DoNotUse;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
@@ -49,8 +48,6 @@ import org.kohsuke.stapler.export.Exported;
 import org.kohsuke.stapler.export.ExportedBean;
 import org.kohsuke.stapler.interceptor.RequirePOST;
 
-import org.apache.commons.lang.StringUtils;
-import org.apache.commons.logging.LogFactory;
 import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
 import java.io.Closeable;
@@ -58,7 +55,20 @@ import java.io.File;
 import java.io.IOException;
 import java.io.OutputStream;
 import java.net.URL;
-import java.util.*;
+import java.nio.file.Files;
+import java.nio.file.InvalidPathException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+import java.util.Set;
 import java.util.function.Predicate;
 import java.util.jar.JarFile;
 import java.util.jar.Manifest;
@@ -233,7 +243,6 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
     }
 
     /**
-     * Get the list of components that depend optionally on this plugin.
      * @return The list of components that depend optionally on this plugin.
      */
     public @Nonnull Set<String> getOptionalDependants() {
@@ -571,8 +580,7 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
      * @throws IOException If this plugin or one dependant plugin raise this exception during its disablement. It could
      * be raised because the disable file cannot be created.
      */
-    @Nonnull
-    public PluginDisableResult disable(@Nonnull PluginDisableStrategy strategy) throws IOException {
+    public @Nonnull PluginDisableResult disable(@Nonnull PluginDisableStrategy strategy) throws IOException {
         PluginDisableResult result = new PluginDisableResult(shortName);
 
         if (!this.isEnabled()) {
@@ -587,21 +595,7 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
 
         // List of dependants plugins to 'check'. 'Check' means disable for mandatory or all strategies, or review if
         // this dependant-mandatory plugin is enabled in order to return an error for the NONE strategy.
-        Set<String> dependantsToCheck;
-        switch (strategy) {
-            case MANDATORY:
-                // As of getDependants has all the dependants, we get the difference between them and only the optionals
-                dependantsToCheck = Sets.difference(this.getDependants(), this.getOptionalDependants());
-                break;
-            case ALL:
-                // getDependants returns all the dependant plugins, mandatory or optional.
-                dependantsToCheck = this.getDependants();
-                break;
-            case NONE:
-            default:
-                // with NONE, the process only fail if mandatory dependant plugins exists
-                dependantsToCheck = Sets.difference(this.getDependants(), this.getOptionalDependants());
-        }
+        Set<String> dependantsToCheck = dependantsToCheck(strategy);
 
         // Review all the dependants and add to the plugin result what happened with its dependants
         for (String dependant : dependantsToCheck) {
@@ -653,6 +647,25 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
         return result;
     }
 
+    private Set<String> dependantsToCheck(PluginDisableStrategy strategy) {
+        Set<String> dependantsToCheck;
+        switch (strategy) {
+            case MANDATORY:
+                // As of getDependants has all the dependants, we get the difference between them and only the optionals
+                dependantsToCheck = Sets.difference(this.getDependants(), this.getOptionalDependants());
+                break;
+            case ALL:
+                // getDependants returns all the dependant plugins, mandatory or optional.
+                dependantsToCheck = this.getDependants();
+                break;
+            case NONE:
+            default:
+                // with NONE, the process only fail if mandatory dependant plugins exists
+                dependantsToCheck = Sets.difference(this.getDependants(), this.getOptionalDependants());
+        }
+        return dependantsToCheck;
+    }
+
     /**
      * Returns true if this plugin is enabled for this session.
      */
@@ -1011,7 +1024,7 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
     /**
      * An enum to hold the status of a disabling action against a plugin. To do it more reader-friendly.
      */
-    public static enum PluginDisableStatus {
+    public enum PluginDisableStatus {
         NO_SUCH_PLUGIN,
         DISABLED,
         ALREADY_DISABLED,
diff --git a/core/src/main/resources/hudson/cli/Messages.properties b/core/src/main/resources/hudson/cli/Messages.properties
index f502ad9331..f8a6f487e1 100644
--- a/core/src/main/resources/hudson/cli/Messages.properties
+++ b/core/src/main/resources/hudson/cli/Messages.properties
@@ -119,4 +119,4 @@ Disable one or more installed plugins.
 DisablePluginCommand.NoSuchStrategy=This strategy ({0}) does not exist. Allowed strategies are {1}
 DisablePluginCommand.PrintUsageSummary=\
 Disable the plugins with the given short names. You can define how to proceed with the dependant plugins and if a restart after should be done. You can also set the quiet mode to avoid extra info in the console.
-DisablePluginCommand.StatusMessage=Disabling {0}: {1} ({2})
\ No newline at end of file
+DisablePluginCommand.StatusMessage=Disabling {0}: {1} ({2})
diff --git a/core/src/main/resources/hudson/cli/Messages_es.properties b/core/src/main/resources/hudson/cli/Messages_es.properties
index 7a7794b508..d8f7b4d7cc 100644
--- a/core/src/main/resources/hudson/cli/Messages_es.properties
+++ b/core/src/main/resources/hudson/cli/Messages_es.properties
@@ -64,4 +64,4 @@ Deshabilita uno o m
 DisablePluginCommand.NoSuchStrategy=Esta estrategia ({0}) no existe. Las estrategias permitidas son {1}
 DisablePluginCommand.PrintUsageSummary=\
 Deshabilita los plugins con los nombre cortos dados. Puede definir c�mo proceder con los plugins dependientes y si se realiza un reinicio posterior.
-DisablePluginCommand.StatusMessage=Deshabilitando {0}: {1} ({2})
\ No newline at end of file
+DisablePluginCommand.StatusMessage=Deshabilitando {0}: {1} ({2})
diff --git a/test/src/test/java/hudson/cli/DisablePluginCommandTest.java b/test/src/test/java/hudson/cli/DisablePluginCommandTest.java
index aba2819963..11360eddb0 100644
--- a/test/src/test/java/hudson/cli/DisablePluginCommandTest.java
+++ b/test/src/test/java/hudson/cli/DisablePluginCommandTest.java
@@ -58,7 +58,7 @@ public class DisablePluginCommandTest {
     @Test
     @Issue("JENKINS-27177")
     @WithPlugin({"depender-0.0.2.hpi", "dependee-0.0.2.hpi"})
-    public void canDisablePluginWithOptionalDependerStNone() {
+    public void canDisablePluginWithOptionalDependerStrategyNone() {
         assertThat(disablePluginsCLiCommand("-strategy", "NONE", "dependee"), succeeded());
         assertPluginDisabled("dependee");
     }
@@ -66,7 +66,7 @@ public class DisablePluginCommandTest {
     @Test
     @Issue("JENKINS-27177")
     @WithPlugin({"depender-0.0.2.hpi", "dependee-0.0.2.hpi", "mandatory-depender-0.0.2.hpi"})
-    public void canDisablePluginWithDependantsDisabledStNone() throws IOException {
+    public void canDisablePluginWithDependantsDisabledStrategyNone() throws IOException {
         disablePlugin("mandatory-depender");
         CLICommandInvoker.Result result = disablePluginsCLiCommand("-strategy", "NONE", "dependee");
 
@@ -82,7 +82,7 @@ public class DisablePluginCommandTest {
     @Test
     @Issue("JENKINS-27177")
     @WithPlugin({"mandatory-depender-0.0.2.hpi", "dependee-0.0.2.hpi"})
-    public void cannotDisablePluginWithMandatoryDependerStNone() {
+    public void cannotDisablePluginWithMandatoryDependerStrategyNone() {
         assertThat(disablePluginsCLiCommand("dependee"), failedWith(RETURN_CODE_NOT_DISABLED_DEPENDANTS));
         assertPluginEnabled("dependee");
     }
@@ -94,7 +94,7 @@ public class DisablePluginCommandTest {
     @Test
     @Issue("JENKINS-27177")
     @WithPlugin({"mandatory-depender-0.0.2.hpi", "dependee-0.0.2.hpi"})
-    public void cannotDisableDependentPluginWrongOrderStNone() {
+    public void cannotDisableDependentPluginWrongOrderStrategyNone() {
         assertThat(disablePluginsCLiCommand("dependee", "mandatory-depender"), failedWith(RETURN_CODE_NOT_DISABLED_DEPENDANTS));
         assertPluginDisabled("mandatory-depender");
         assertPluginEnabled("dependee");
@@ -107,7 +107,7 @@ public class DisablePluginCommandTest {
     @Test
     @Issue("JENKINS-27177")
     @WithPlugin({"mandatory-depender-0.0.2.hpi", "dependee-0.0.2.hpi"})
-    public void canDisableDependentPluginsRightOrderStNone() {
+    public void canDisableDependentPluginsRightOrderStrategyNone() {
         assertThat(disablePluginsCLiCommand("mandatory-depender", "dependee"), succeeded());
         assertPluginDisabled("dependee");
         assertPluginDisabled("mandatory-depender");
-- 
GitLab


From 8f239f6ee18085fe445a3c265e8c6e2bdfe197c6 Mon Sep 17 00:00:00 2001
From: M Ramon Leon <manuelramonleonjimenez@gmail.com>
Date: Tue, 16 Oct 2018 11:47:23 +0200
Subject: [PATCH 822/863] [JENKINS-27177] Add new status error_disabling and
 minor fixes

When there is some problem disabling a plugin (the disabling file cannot
be created) it should be indicated and also reflected in the dependee
plugin.
---
 core/src/main/java/hudson/PluginManager.java  |  2 +-
 core/src/main/java/hudson/PluginWrapper.java  | 62 ++++++++++++-------
 .../main/resources/hudson/Messages.properties |  2 +-
 .../hudson/cli/DisablePluginCommandTest.java  |  2 +-
 4 files changed, 42 insertions(+), 26 deletions(-)

diff --git a/core/src/main/java/hudson/PluginManager.java b/core/src/main/java/hudson/PluginManager.java
index 87575a44c2..c83e38bad6 100644
--- a/core/src/main/java/hudson/PluginManager.java
+++ b/core/src/main/java/hudson/PluginManager.java
@@ -1847,7 +1847,7 @@ public abstract class PluginManager extends AbstractModelObject implements OnMas
      * @return the list of results for every plugin and their dependant plugins.
      * @throws IOException see {@link PluginWrapper#disable()}
      */
-    public List<PluginWrapper.PluginDisableResult> disablePlugins(PluginWrapper.PluginDisableStrategy strategy, List<String> plugins) throws IOException {
+    public @NonNull List<PluginWrapper.PluginDisableResult> disablePlugins(PluginWrapper.PluginDisableStrategy strategy, List<String> plugins) throws IOException {
         // Where we store the results of each plugin disablement
         List<PluginWrapper.PluginDisableResult> results = new ArrayList<>(plugins.size());
 
diff --git a/core/src/main/java/hudson/PluginWrapper.java b/core/src/main/java/hudson/PluginWrapper.java
index 26fc870847..818b91d289 100644
--- a/core/src/main/java/hudson/PluginWrapper.java
+++ b/core/src/main/java/hudson/PluginWrapper.java
@@ -76,6 +76,11 @@ import java.util.logging.Level;
 import java.util.logging.Logger;
 import java.util.stream.Collectors;
 
+import static hudson.PluginWrapper.PluginDisableStatus.ALREADY_DISABLED;
+import static hudson.PluginWrapper.PluginDisableStatus.DISABLED;
+import static hudson.PluginWrapper.PluginDisableStatus.ERROR_DISABLING;
+import static hudson.PluginWrapper.PluginDisableStatus.NOT_DISABLED_DEPENDANTS;
+import static hudson.PluginWrapper.PluginDisableStatus.NO_SUCH_PLUGIN;
 import static java.util.logging.Level.WARNING;
 import static org.apache.commons.io.FilenameUtils.getBaseName;
 
@@ -577,15 +582,13 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
      * Disable this plugin using a strategy.
      * @param strategy strategy to use
      * @return an object representing the result of the disablement of this plugin and its dependants plugins.
-     * @throws IOException If this plugin or one dependant plugin raise this exception during its disablement. It could
-     * be raised because the disable file cannot be created.
      */
-    public @Nonnull PluginDisableResult disable(@Nonnull PluginDisableStrategy strategy) throws IOException {
+    public @Nonnull PluginDisableResult disable(@Nonnull PluginDisableStrategy strategy) {
         PluginDisableResult result = new PluginDisableResult(shortName);
 
         if (!this.isEnabled()) {
             result.setMessage(Messages.PluginWrapper_Already_Disabled(shortName));
-            result.setStatus(PluginDisableStatus.ALREADY_DISABLED);
+            result.setStatus(ALREADY_DISABLED);
             return result;
         }
 
@@ -603,9 +606,7 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
 
             // The dependant plugin doesn't exist, add an error to the report
             if (dependantPlugin == null) {
-                PluginDisableResult dependantStatus = new PluginDisableResult(dependant);
-                dependantStatus.setStatus(PluginDisableStatus.NO_SUCH_PLUGIN);
-                dependantStatus.setMessage(Messages.PluginWrapper_NoSuchPlugin(dependant));
+                PluginDisableResult dependantStatus = new PluginDisableResult(dependant, NO_SUCH_PLUGIN, Messages.PluginWrapper_NoSuchPlugin(dependant));
                 result.addDependantDisableStatus(dependantStatus);
 
             // If the strategy is none and there is some enabled dependant plugin, the plugin cannot be disabled. If
@@ -618,30 +619,41 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
 
             // If the strategy is not none and this dependant plugin is not enabled, add it as already disabled
             } else if (!dependantPlugin.isEnabled()) {
-                PluginDisableResult dependantStatus = new PluginDisableResult(dependant);
-                dependantStatus.setStatus(PluginDisableStatus.ALREADY_DISABLED);
-                dependantStatus.setMessage(Messages.PluginWrapper_Already_Disabled(dependant));
+                PluginDisableResult dependantStatus = new PluginDisableResult(dependant, ALREADY_DISABLED, Messages.PluginWrapper_Already_Disabled(dependant));
                 result.addDependantDisableStatus(dependantStatus);
 
             // If the strategy is not none and this dependant plugin is enabled, disable it
             } else {
                 // As there is no cycles in the plugin dependencies, the recursion shouldn't be infinite. The
                 // strategy used is the same for its dependants plugins
-                result.addDependantDisableStatus(dependantPlugin.disable(strategy));
+                PluginDisableResult dependantResult = dependantPlugin.disable(strategy);
+                PluginDisableStatus dependantStatus = dependantResult.status;
+
+                // If something wrong happened, flag this dependant plugin to set the plugin later as not-disabled due
+                // to its dependants plugins.
+                if (ERROR_DISABLING.equals(dependantStatus) || NOT_DISABLED_DEPENDANTS.equals(dependantStatus)) {
+                    aDependantNotDisabled = dependant;
+                    break; // we found a dependant plugin enabled, stop looking for dependant plugins to disable.
+                }
+                result.addDependantDisableStatus(dependantResult);
             }
         }
 
         // If there is no enabled-dependant plugin, disable this plugin and add it to the result
         if (aDependantNotDisabled == null) {
-            this.disableWithoutCheck();
-            result.setMessage(Messages.PluginWrapper_Plugin_Disabled(shortName));
-            result.setStatus(PluginDisableStatus.DISABLED);
-
+            try {
+                this.disableWithoutCheck();
+                result.setMessage(Messages.PluginWrapper_Plugin_Disabled(shortName));
+                result.setStatus(DISABLED);
+            } catch (IOException io) {
+                result.setMessage(Messages.PluginWrapper_Error_Disabling(shortName, io.toString()));
+                result.setStatus(ERROR_DISABLING);
+            }
         // if there is yet some not disabled dependant plugin (only possible with none strategy), this plugin cannot
         // be disabled.
         } else {
             result.setMessage(Messages.PluginWrapper_Plugin_Has_Dependant(shortName, aDependantNotDisabled, strategy));
-            result.setStatus(PluginDisableStatus.NOT_DISABLED_DEPENDANTS);
+            result.setStatus(NOT_DISABLED_DEPENDANTS);
         }
 
         return result;
@@ -650,17 +662,14 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
     private Set<String> dependantsToCheck(PluginDisableStrategy strategy) {
         Set<String> dependantsToCheck;
         switch (strategy) {
-            case MANDATORY:
-                // As of getDependants has all the dependants, we get the difference between them and only the optionals
-                dependantsToCheck = Sets.difference(this.getDependants(), this.getOptionalDependants());
-                break;
             case ALL:
                 // getDependants returns all the dependant plugins, mandatory or optional.
                 dependantsToCheck = this.getDependants();
                 break;
-            case NONE:
             default:
+                // It includes MANDATORY, NONE:
                 // with NONE, the process only fail if mandatory dependant plugins exists
+                // As of getDependants has all the dependants, we get the difference between them and only the optionals
                 dependantsToCheck = Sets.difference(this.getDependants(), this.getOptionalDependants());
         }
         return dependantsToCheck;
@@ -978,6 +987,12 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
             this.plugin = plugin;
         }
 
+        public PluginDisableResult(String plugin, PluginDisableStatus status, String message) {
+            this.plugin = plugin;
+            this.status = status;
+            this.message = message;
+        }
+
         public String getPlugin() {
             return plugin;
         }
@@ -1028,13 +1043,14 @@ public class PluginWrapper implements Comparable<PluginWrapper>, ModelObject {
         NO_SUCH_PLUGIN,
         DISABLED,
         ALREADY_DISABLED,
-        NOT_DISABLED_DEPENDANTS
+        NOT_DISABLED_DEPENDANTS,
+        ERROR_DISABLING
     }
 
     /**
      * The strategies defined for disabling a plugin.
      */
-    public static enum PluginDisableStrategy {
+    public enum PluginDisableStrategy {
         NONE,
         MANDATORY,
         ALL;
diff --git a/core/src/main/resources/hudson/Messages.properties b/core/src/main/resources/hudson/Messages.properties
index 78b8e37f83..cad3dd11ee 100644
--- a/core/src/main/resources/hudson/Messages.properties
+++ b/core/src/main/resources/hudson/Messages.properties
@@ -87,6 +87,6 @@ PluginWrapper.Already.Disabled=The plugin {0} was already disabled
 PluginWrapper.Plugin.Has.Dependant=The plugin {0} has, at least, one dependant plugin ({1}) and the disable strategy is {2}, so it cannot be disabled
 PluginWrapper.Plugin.Disabled=Plugin {0} disabled
 PluginWrapper.NoSuchPlugin=No such plugin found with the name {0}
-
+PluginWrapper.Error.Disabling=There was an error disabling the {0} plugin. Error: {1}
 TcpSlaveAgentListener.PingAgentProtocol.displayName=Ping protocol
 
diff --git a/test/src/test/java/hudson/cli/DisablePluginCommandTest.java b/test/src/test/java/hudson/cli/DisablePluginCommandTest.java
index 11360eddb0..f6f5f60807 100644
--- a/test/src/test/java/hudson/cli/DisablePluginCommandTest.java
+++ b/test/src/test/java/hudson/cli/DisablePluginCommandTest.java
@@ -179,7 +179,7 @@ public class DisablePluginCommandTest {
         assertPluginDisabled("depender");
         assertPluginDisabled("plugin-first");
         assertPluginDisabled("mandatory-depender");
-        assertJenkinsInQuietMode(); // some plugins were disabled
+        assertJenkinsInQuietMode(); // some plugins were disabled, so it should be restarting
     }
 
     /**
-- 
GitLab


From 65faa1e6d82580c66cfba8672bfd115936c3750d Mon Sep 17 00:00:00 2001
From: M Ramon Leon <manuelramonleonjimenez@gmail.com>
Date: Wed, 17 Oct 2018 18:31:45 +0200
Subject: [PATCH 823/863] [JENKINS-27177] Minor fixes.

Change the way of an array copy and ensure non null args
---
 core/src/main/java/hudson/PluginManager.java           |  2 +-
 .../src/main/java/hudson/cli/DisablePluginCommand.java | 10 +++-------
 2 files changed, 4 insertions(+), 8 deletions(-)

diff --git a/core/src/main/java/hudson/PluginManager.java b/core/src/main/java/hudson/PluginManager.java
index c83e38bad6..9659ceb2c4 100644
--- a/core/src/main/java/hudson/PluginManager.java
+++ b/core/src/main/java/hudson/PluginManager.java
@@ -1847,7 +1847,7 @@ public abstract class PluginManager extends AbstractModelObject implements OnMas
      * @return the list of results for every plugin and their dependant plugins.
      * @throws IOException see {@link PluginWrapper#disable()}
      */
-    public @NonNull List<PluginWrapper.PluginDisableResult> disablePlugins(PluginWrapper.PluginDisableStrategy strategy, List<String> plugins) throws IOException {
+    public @NonNull List<PluginWrapper.PluginDisableResult> disablePlugins(@NonNull PluginWrapper.PluginDisableStrategy strategy, @NonNull List<String> plugins) throws IOException {
         // Where we store the results of each plugin disablement
         List<PluginWrapper.PluginDisableResult> results = new ArrayList<>(plugins.size());
 
diff --git a/core/src/main/java/hudson/cli/DisablePluginCommand.java b/core/src/main/java/hudson/cli/DisablePluginCommand.java
index 0b2d005e56..168b2455f8 100644
--- a/core/src/main/java/hudson/cli/DisablePluginCommand.java
+++ b/core/src/main/java/hudson/cli/DisablePluginCommand.java
@@ -119,14 +119,10 @@ public class DisablePluginCommand extends CLICommand {
         if (indent == 0) {
             stdout.format(format + "%n", (Object[]) arguments);
         } else {
-            String f = "%" + indent + "s" + format + "%n";
             String[] newArgs = new String[arguments.length + 1];
-            newArgs[0] = " ";
-            int i = 1;
-            for (String arg: arguments) {
-                newArgs[i] = arg;
-                i++;
-            }
+            System.arraycopy(arguments, 0, newArgs, 1, arguments.length);
+
+            String f = "%" + indent + "s" + format + "%n";
             stdout.format(f, newArgs);
         }
     }
-- 
GitLab


From 5e28405afe39e763c5750cdea57f0583000d5220 Mon Sep 17 00:00:00 2001
From: suren <zxjlwt@126.com>
Date: Thu, 18 Oct 2018 17:03:32 +0800
Subject: [PATCH 824/863] Add localization for time days

---
 core/src/main/resources/hudson/Messages_zh_CN.properties | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/resources/hudson/Messages_zh_CN.properties b/core/src/main/resources/hudson/Messages_zh_CN.properties
index 949abfd603..eac233818c 100644
--- a/core/src/main/resources/hudson/Messages_zh_CN.properties
+++ b/core/src/main/resources/hudson/Messages_zh_CN.properties
@@ -30,7 +30,7 @@ Util.millisecond={0} \u6BEB\u79D2
 Util.second={0} \u79D2
 Util.minute={0} \u5206
 Util.hour  ={0} \u5C0F\u65F6
-Util.day   ={0} {0,choice,0#days|1#day|1<days}
+Util.day   ={0} {0,choice,0#\u5929|1#\u5929|1<\u5929}
 Util.month ={0} \u6708
 Util.year  ={0} \u5E74
 
-- 
GitLab


From 8bc71b718137e8eb808dfb974e70ba590e034e36 Mon Sep 17 00:00:00 2001
From: M Ramon Leon <manuelramonleonjimenez@gmail.com>
Date: Thu, 18 Oct 2018 11:11:10 +0200
Subject: [PATCH 825/863] [JENKINS-27177] Improve messages

---
 core/src/main/java/hudson/PluginManager.java           |  5 +----
 .../src/main/java/hudson/cli/DisablePluginCommand.java |  1 +
 core/src/main/resources/hudson/Messages.properties     | 10 +++++-----
 core/src/main/resources/hudson/cli/Messages.properties |  2 +-
 4 files changed, 8 insertions(+), 10 deletions(-)

diff --git a/core/src/main/java/hudson/PluginManager.java b/core/src/main/java/hudson/PluginManager.java
index 9659ceb2c4..eccf9337d7 100644
--- a/core/src/main/java/hudson/PluginManager.java
+++ b/core/src/main/java/hudson/PluginManager.java
@@ -1856,10 +1856,7 @@ public abstract class PluginManager extends AbstractModelObject implements OnMas
             PluginWrapper plugin = this.getPlugin(pluginName);
 
             if (plugin == null) {
-                PluginWrapper.PluginDisableResult result = new PluginWrapper.PluginDisableResult(pluginName);
-                result.setMessage(Messages.PluginWrapper_NoSuchPlugin(pluginName));
-                result.setStatus(PluginWrapper.PluginDisableStatus.NO_SUCH_PLUGIN);
-                results.add(result);
+                results.add(new PluginWrapper.PluginDisableResult(pluginName, PluginWrapper.PluginDisableStatus.NO_SUCH_PLUGIN, Messages.PluginWrapper_NoSuchPlugin(pluginName)));
             } else {
                 results.add(plugin.disable(strategy));
             }
diff --git a/core/src/main/java/hudson/cli/DisablePluginCommand.java b/core/src/main/java/hudson/cli/DisablePluginCommand.java
index 168b2455f8..36d4b6bd8c 100644
--- a/core/src/main/java/hudson/cli/DisablePluginCommand.java
+++ b/core/src/main/java/hudson/cli/DisablePluginCommand.java
@@ -120,6 +120,7 @@ public class DisablePluginCommand extends CLICommand {
             stdout.format(format + "%n", (Object[]) arguments);
         } else {
             String[] newArgs = new String[arguments.length + 1];
+            newArgs[0] = " ";
             System.arraycopy(arguments, 0, newArgs, 1, arguments.length);
 
             String f = "%" + indent + "s" + format + "%n";
diff --git a/core/src/main/resources/hudson/Messages.properties b/core/src/main/resources/hudson/Messages.properties
index cad3dd11ee..57fa82605f 100644
--- a/core/src/main/resources/hudson/Messages.properties
+++ b/core/src/main/resources/hudson/Messages.properties
@@ -83,10 +83,10 @@ PluginWrapper.disabled={0} is disabled. To fix, enable it.
 PluginWrapper.obsolete={0} v{1} is older than required. To fix, install v{2} or later.
 PluginWrapper.obsoleteCore=You must update Jenkins from v{0} to v{1} or later to run this plugin.
 PluginWrapper.PluginWrapperAdministrativeMonitor.DisplayName=Plugins Failed To Load
-PluginWrapper.Already.Disabled=The plugin {0} was already disabled
-PluginWrapper.Plugin.Has.Dependant=The plugin {0} has, at least, one dependant plugin ({1}) and the disable strategy is {2}, so it cannot be disabled
-PluginWrapper.Plugin.Disabled=Plugin {0} disabled
-PluginWrapper.NoSuchPlugin=No such plugin found with the name {0}
-PluginWrapper.Error.Disabling=There was an error disabling the {0} plugin. Error: {1}
+PluginWrapper.Already.Disabled=The plugin ''{0}'' was already disabled
+PluginWrapper.Plugin.Has.Dependant=The plugin ''{0}'' has, at least, one dependant plugin ({1}) and the disable strategy is {2}, so it cannot be disabled
+PluginWrapper.Plugin.Disabled=Plugin ''{0}'' disabled
+PluginWrapper.NoSuchPlugin=No such plugin found with the name ''{0}''
+PluginWrapper.Error.Disabling=There was an error disabling the ''{0}'' plugin. Error: ''{1}''
 TcpSlaveAgentListener.PingAgentProtocol.displayName=Ping protocol
 
diff --git a/core/src/main/resources/hudson/cli/Messages.properties b/core/src/main/resources/hudson/cli/Messages.properties
index f8a6f487e1..85bbf56b6d 100644
--- a/core/src/main/resources/hudson/cli/Messages.properties
+++ b/core/src/main/resources/hudson/cli/Messages.properties
@@ -119,4 +119,4 @@ Disable one or more installed plugins.
 DisablePluginCommand.NoSuchStrategy=This strategy ({0}) does not exist. Allowed strategies are {1}
 DisablePluginCommand.PrintUsageSummary=\
 Disable the plugins with the given short names. You can define how to proceed with the dependant plugins and if a restart after should be done. You can also set the quiet mode to avoid extra info in the console.
-DisablePluginCommand.StatusMessage=Disabling {0}: {1} ({2})
+DisablePluginCommand.StatusMessage=Disabling ''{0}'': {1} ({2})
-- 
GitLab


From ed1dc0c92a0b5ef3906c438c5d3738b869e032cb Mon Sep 17 00:00:00 2001
From: M Ramon Leon <manuelramonleonjimenez@gmail.com>
Date: Thu, 18 Oct 2018 11:20:06 +0200
Subject: [PATCH 826/863] [JENKINS-27177] Specific test to demo right
 disablement with wrong order

---
 .../java/hudson/cli/DisablePluginCommandTest.java    | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/test/src/test/java/hudson/cli/DisablePluginCommandTest.java b/test/src/test/java/hudson/cli/DisablePluginCommandTest.java
index f6f5f60807..8b96dbcfa1 100644
--- a/test/src/test/java/hudson/cli/DisablePluginCommandTest.java
+++ b/test/src/test/java/hudson/cli/DisablePluginCommandTest.java
@@ -100,6 +100,18 @@ public class DisablePluginCommandTest {
         assertPluginEnabled("dependee");
     }
 
+    /**
+     * Can disable a plugin with a mandatory dependent plugin before its dependent plugin with <i><all/i> strategy
+     */
+    @Test
+    @Issue("JENKINS-27177")
+    @WithPlugin({"mandatory-depender-0.0.2.hpi", "dependee-0.0.2.hpi"})
+    public void canDisableDependentPluginWrongOrderStrategyAll() {
+        assertThat(disablePluginsCLiCommand("dependee", "mandatory-depender", "-strategy", "all"), succeeded());
+        assertPluginDisabled("mandatory-depender");
+        assertPluginDisabled("dependee");
+    }
+
     /**
      * Can disable a plugin with a mandatory dependent plugin after being disabled the mandatory dependent plugin. With
      * default strategy (none).
-- 
GitLab


From 8cbfa5eb7a8ac92e9837e2ae418f64f137e0543e Mon Sep 17 00:00:00 2001
From: M Ramon Leon <manuelramonleonjimenez@gmail.com>
Date: Mon, 22 Oct 2018 14:22:06 +0200
Subject: [PATCH 827/863] [JENKINS-49196] Shutdown in a new thread to avoid
 PrematureEOF

Add a new thread to exit Jenkins for the shutdown cli command to avoid
the Premature EOF IOException
---
 core/src/main/java/jenkins/model/Jenkins.java | 33 ++++++++++++-------
 1 file changed, 22 insertions(+), 11 deletions(-)

diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index f6a3d8386f..99c5d25e94 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -4266,18 +4266,29 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
     @RequirePOST
     public void doExit( StaplerRequest req, StaplerResponse rsp ) throws IOException {
         checkPermission(ADMINISTER);
-        LOGGER.severe(String.format("Shutting down VM as requested by %s from %s",
-                getAuthentication().getName(), req!=null?req.getRemoteAddr():"???"));
-        if (rsp!=null) {
-            rsp.setStatus(HttpServletResponse.SC_OK);
-            rsp.setContentType("text/plain");
-            try (PrintWriter w = rsp.getWriter()) {
-                w.println("Shutting down");
-            }
-        }
+        new Thread("exit thread") {
+            @Override
+            public void run() {
+                try {
+                    ACL.impersonate(ACL.SYSTEM);
+                    LOGGER.severe(String.format("Shutting down VM as requested by %s from %s",
+                            getAuthentication().getName(), req!=null?req.getRemoteAddr():"???"));
+                    if (rsp!=null) {
+                        rsp.setStatus(HttpServletResponse.SC_OK);
+                        rsp.setContentType("text/plain");
+                        try (PrintWriter w = rsp.getWriter()) {
+                            w.println("Shutting down");
+                        }
+                    }
+
+                    cleanUp();
+                    System.exit(0);
 
-        cleanUp();
-        System.exit(0);
+                } catch (Exception e) {
+                    LOGGER.log(Level.WARNING, "Failed to shut down Jenkins", e);
+                }
+            }
+        }.start();
     }
 
 
-- 
GitLab


From e74680c42063b8a0c7ccf666f02e665193795467 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 22 Oct 2018 06:54:21 -0700
Subject: [PATCH 828/863] [maven-release-plugin] prepare release jenkins-2.148

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 670e416a26..184a433172 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.148</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index cbbf3f3061..197463a372 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.148</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 39c6d35edc..ff4849d929 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.148</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.148</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 7f08f9b914..5ee74bb818 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.148</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 1ab587db93..9e45626d11 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.148</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 4d384da6f794fa1936d4142ed719ea94013649bd Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Mon, 22 Oct 2018 06:54:32 -0700
Subject: [PATCH 829/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 6 +++---
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 184a433172..670e416a26 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.148</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 197463a372..cbbf3f3061 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.148</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index ff4849d929..4c21233c92 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.148</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.148</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.148</revision>
+    <revision>2.149</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 5ee74bb818..7f08f9b914 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.148</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 9e45626d11..1ab587db93 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.148</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 4f1cec32a1c64a1dde9db3b67968150e7353528c Mon Sep 17 00:00:00 2001
From: Ramon Leon <manuelramonleonjimenez@gmail.com>
Date: Mon, 22 Oct 2018 16:35:43 +0200
Subject: [PATCH 830/863] [JENKINS-49196] Shutdown in a new thread to avoid
 PrematureEOF

Add a new thread to exit Jenkins for the shutdown cli command to avoid
the Premature EOF IOException
---
 core/src/main/java/jenkins/model/Jenkins.java | 22 ++++++++++++++-----
 1 file changed, 16 insertions(+), 6 deletions(-)

diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index 001e649987..9eb230016f 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -4283,8 +4283,22 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
     @RequirePOST
     public void doExit( StaplerRequest req, StaplerResponse rsp ) throws IOException {
         checkPermission(ADMINISTER);
-        LOGGER.info(String.format("Shutting down VM as requested by %s from %s",
-                getAuthentication().getName(), req!=null?req.getRemoteAddr():"???"));
+        new Thread("exit thread") {
+            @Override
+            public void run() {
+                try {
+                    ACL.impersonate(ACL.SYSTEM);
+                    LOGGER.info(String.format("Shutting down VM as requested by %s from %s",
+                            getAuthentication().getName(), req != null ? req.getRemoteAddr() : "???"));
+
+                    cleanUp();
+                    System.exit(0);
+                } catch (Exception e) {
+                    LOGGER.log(Level.WARNING, "Failed to shut down Jenkins", e);
+                }
+            }
+        }.start();
+
         if (rsp!=null) {
             rsp.setStatus(HttpServletResponse.SC_OK);
             rsp.setContentType("text/plain");
@@ -4292,12 +4306,8 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
                 w.println("Shutting down");
             }
         }
-
-        cleanUp();
-        System.exit(0);
     }
 
-
     /**
      * Shutdown the system safely.
      * @since 1.332
-- 
GitLab


From 363e0ea433d651274ce75b808331c7f6f7b45c89 Mon Sep 17 00:00:00 2001
From: M Ramon Leon <manuelramonleonjimenez@gmail.com>
Date: Tue, 23 Oct 2018 12:16:34 +0200
Subject: [PATCH 831/863] [JENKINS-49196] Response first just in case the
 thread ends before

It's not necessary because the clean up last a while, but just in case
---
 core/src/main/java/jenkins/model/Jenkins.java | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index 9eb230016f..caa0821e6c 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -4283,6 +4283,14 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
     @RequirePOST
     public void doExit( StaplerRequest req, StaplerResponse rsp ) throws IOException {
         checkPermission(ADMINISTER);
+        if (rsp!=null) {
+            rsp.setStatus(HttpServletResponse.SC_OK);
+            rsp.setContentType("text/plain");
+            try (PrintWriter w = rsp.getWriter()) {
+                w.println("Shutting down");
+            }
+        }
+
         new Thread("exit thread") {
             @Override
             public void run() {
@@ -4298,14 +4306,6 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
                 }
             }
         }.start();
-
-        if (rsp!=null) {
-            rsp.setStatus(HttpServletResponse.SC_OK);
-            rsp.setContentType("text/plain");
-            try (PrintWriter w = rsp.getWriter()) {
-                w.println("Shutting down");
-            }
-        }
     }
 
     /**
-- 
GitLab


From 8178497685870d7ab51e3b26db8ad59d9273dfc0 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Wed, 24 Oct 2018 16:41:36 +0200
Subject: [PATCH 832/863] [JENKINS-54137] Do not submit "empty" telemetry

---
 core/src/main/java/jenkins/telemetry/Telemetry.java       | 8 ++++++--
 .../java/jenkins/telemetry/impl/StaplerDispatches.java    | 4 +++-
 .../main/java/jenkins/telemetry/impl/UserLanguages.java   | 4 +++-
 3 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/core/src/main/java/jenkins/telemetry/Telemetry.java b/core/src/main/java/jenkins/telemetry/Telemetry.java
index 65214750e2..09157a0a91 100644
--- a/core/src/main/java/jenkins/telemetry/Telemetry.java
+++ b/core/src/main/java/jenkins/telemetry/Telemetry.java
@@ -117,9 +117,8 @@ public abstract class Telemetry implements ExtensionPoint {
      *
      * This method is called periodically, once per content submission.
      *
-     * @return The JSON payload
+     * @return The JSON payload, or null if no content should be submitted.
      */
-    @Nonnull
     public abstract JSONObject createContent();
 
     public static ExtensionList<Telemetry> all() {
@@ -169,6 +168,11 @@ public abstract class Telemetry implements ExtensionPoint {
                     LOGGER.log(Level.WARNING, "Failed to build telemetry content for: '" + telemetry.getId() + "'", e);
                 }
 
+                if (data == null) {
+                    LOGGER.log(Level.CONFIG, "No telemetry to submit for : '" + telemetry.getId() + "'");
+                    return;
+                }
+
                 JSONObject wrappedData = new JSONObject();
                 wrappedData.put("type", telemetry.getId());
                 wrappedData.put("payload", data);
diff --git a/core/src/main/java/jenkins/telemetry/impl/StaplerDispatches.java b/core/src/main/java/jenkins/telemetry/impl/StaplerDispatches.java
index 023c7cd201..98dab3bc33 100644
--- a/core/src/main/java/jenkins/telemetry/impl/StaplerDispatches.java
+++ b/core/src/main/java/jenkins/telemetry/impl/StaplerDispatches.java
@@ -73,9 +73,11 @@ public class StaplerDispatches extends Telemetry {
         return "Stapler request handling";
     }
 
-    @Nonnull
     @Override
     public JSONObject createContent() {
+        if (traces.size() == 0) {
+            return null;
+        }
         Map<String, Object> info = new TreeMap<>();
         info.put("components", buildComponentInformation());
         info.put("dispatches", buildDispatches());
diff --git a/core/src/main/java/jenkins/telemetry/impl/UserLanguages.java b/core/src/main/java/jenkins/telemetry/impl/UserLanguages.java
index 3dd93334e9..ad162fc038 100644
--- a/core/src/main/java/jenkins/telemetry/impl/UserLanguages.java
+++ b/core/src/main/java/jenkins/telemetry/impl/UserLanguages.java
@@ -78,10 +78,12 @@ public class UserLanguages extends Telemetry {
         return LocalDate.of(2019, 1, 1);
     }
 
-    @Nonnull
     @Override
     public JSONObject createContent() {
         JSONObject payload = new JSONObject();
+        if (requestsByLanguage.size() == 0) {
+            return null;
+        }
         Map<String, AtomicLong> currentRequests = requestsByLanguage;
         requestsByLanguage = new TreeMap<>();
         for (Map.Entry<String, AtomicLong> entry : currentRequests.entrySet()) {
-- 
GitLab


From 2226e486e3a404230fa34e70b2207805cc6439de Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Wed, 24 Oct 2018 17:06:39 +0200
Subject: [PATCH 833/863] Add test

---
 .../java/jenkins/telemetry/Telemetry.java     |  2 +-
 .../java/jenkins/telemetry/TelemetryTest.java | 41 ++++++++++++++++++-
 2 files changed, 41 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/jenkins/telemetry/Telemetry.java b/core/src/main/java/jenkins/telemetry/Telemetry.java
index 09157a0a91..1d5bb22b1d 100644
--- a/core/src/main/java/jenkins/telemetry/Telemetry.java
+++ b/core/src/main/java/jenkins/telemetry/Telemetry.java
@@ -169,7 +169,7 @@ public abstract class Telemetry implements ExtensionPoint {
                 }
 
                 if (data == null) {
-                    LOGGER.log(Level.CONFIG, "No telemetry to submit for : '" + telemetry.getId() + "'");
+                    LOGGER.log(Level.CONFIG, "Skipping telemetry for '" + telemetry.getId() + "' as it has no data");
                     return;
                 }
 
diff --git a/test/src/test/java/jenkins/telemetry/TelemetryTest.java b/test/src/test/java/jenkins/telemetry/TelemetryTest.java
index 952d4e8968..38a2e00c1b 100644
--- a/test/src/test/java/jenkins/telemetry/TelemetryTest.java
+++ b/test/src/test/java/jenkins/telemetry/TelemetryTest.java
@@ -28,8 +28,12 @@ import java.nio.charset.StandardCharsets;
 import java.time.LocalDate;
 import java.time.temporal.ChronoUnit;
 import java.util.HashSet;
+import java.util.LinkedHashSet;
 import java.util.Set;
+import java.util.SortedSet;
+import java.util.TreeSet;
 import java.util.logging.Level;
+import java.util.regex.Pattern;
 
 public class TelemetryTest {
     @Rule
@@ -52,13 +56,48 @@ public class TelemetryTest {
         assertThat(logger.getMessages(), hasItem("Telemetry submission received response '200 OK' for: test-data"));
         assertThat(logger.getMessages(), hasItem("Skipping telemetry for 'future' as it is configured to start later"));
         assertThat(logger.getMessages(), hasItem("Skipping telemetry for 'past' as it is configured to end in the past"));
+        assertThat(logger.getMessages(), hasItem("Skipping telemetry for 'empty' as it has no data"));
         assertThat(types, hasItem("test-data"));
         assertThat(types, not(hasItem("future")));
         assertThat(types, not(hasItem("past")));
+        assertThat(types, not(hasItem("empty")));
         assertThat(correlators.size(), is(1));
         assertTrue("at least one request received", counter > 0); // TestTelemetry plus whatever real impls exist
     }
 
+    @TestExtension
+    public static class EmptyTelemetry extends Telemetry {
+
+        @Nonnull
+        @Override
+        public String getDisplayName() {
+            return "empty";
+        }
+
+        @Nonnull
+        @Override
+        public String getId() {
+            return "empty";
+        }
+
+        @Nonnull
+        @Override
+        public LocalDate getStart() {
+            return LocalDate.MIN;
+        }
+
+        @Nonnull
+        @Override
+        public LocalDate getEnd() {
+            return LocalDate.MAX;
+        }
+
+        @Override
+        public JSONObject createContent() {
+            return null;
+        }
+    }
+
     @TestExtension
     public static class DisabledFutureTelemetry extends Telemetry {
 
@@ -174,7 +213,7 @@ public class TelemetryTest {
         }
     }
 
-    private static Set<String> correlators = new HashSet<>();
+    private static SortedSet<String> correlators = new TreeSet<>();
     private static Set<String> types = new HashSet<>();
 
     @TestExtension
-- 
GitLab


From 6ec6b16c482bf8e90b8df9e69f0465343b8a38b9 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Wed, 24 Oct 2018 17:21:04 +0200
Subject: [PATCH 834/863] [JENKINS-54136] Use per-trial correlation IDs

---
 core/src/main/java/jenkins/telemetry/Telemetry.java     | 4 +++-
 test/src/test/java/jenkins/telemetry/TelemetryTest.java | 8 ++++++--
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/jenkins/telemetry/Telemetry.java b/core/src/main/java/jenkins/telemetry/Telemetry.java
index 65214750e2..a5a4406ea2 100644
--- a/core/src/main/java/jenkins/telemetry/Telemetry.java
+++ b/core/src/main/java/jenkins/telemetry/Telemetry.java
@@ -34,6 +34,7 @@ import hudson.model.UsageStatistics;
 import jenkins.model.Jenkins;
 import jenkins.util.SystemProperties;
 import net.sf.json.JSONObject;
+import org.apache.commons.codec.digest.DigestUtils;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 
@@ -172,7 +173,8 @@ public abstract class Telemetry implements ExtensionPoint {
                 JSONObject wrappedData = new JSONObject();
                 wrappedData.put("type", telemetry.getId());
                 wrappedData.put("payload", data);
-                wrappedData.put("correlator", ExtensionList.lookupSingleton(Correlator.class).getCorrelationId());
+                String correlationId = ExtensionList.lookupSingleton(Correlator.class).getCorrelationId();
+                wrappedData.put("correlator", DigestUtils.sha256Hex(correlationId + telemetry.getId()));
 
                 try {
                     URL url = new URL(ENDPOINT);
diff --git a/test/src/test/java/jenkins/telemetry/TelemetryTest.java b/test/src/test/java/jenkins/telemetry/TelemetryTest.java
index 952d4e8968..80314a880e 100644
--- a/test/src/test/java/jenkins/telemetry/TelemetryTest.java
+++ b/test/src/test/java/jenkins/telemetry/TelemetryTest.java
@@ -29,7 +29,10 @@ import java.time.LocalDate;
 import java.time.temporal.ChronoUnit;
 import java.util.HashSet;
 import java.util.Set;
+import java.util.SortedSet;
+import java.util.TreeSet;
 import java.util.logging.Level;
+import java.util.regex.Pattern;
 
 public class TelemetryTest {
     @Rule
@@ -55,7 +58,8 @@ public class TelemetryTest {
         assertThat(types, hasItem("test-data"));
         assertThat(types, not(hasItem("future")));
         assertThat(types, not(hasItem("past")));
-        assertThat(correlators.size(), is(1));
+        assertThat(correlators.size(), is(counter));
+        assertTrue(Pattern.compile("[0-9a-f]+").matcher(correlators.first()).matches());
         assertTrue("at least one request received", counter > 0); // TestTelemetry plus whatever real impls exist
     }
 
@@ -174,7 +178,7 @@ public class TelemetryTest {
         }
     }
 
-    private static Set<String> correlators = new HashSet<>();
+    private static SortedSet<String> correlators = new TreeSet<>();
     private static Set<String> types = new HashSet<>();
 
     @TestExtension
-- 
GitLab


From 23ffd8f7e19618430ca58fcadb695dd7ca10f209 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Wed, 24 Oct 2018 17:23:41 +0200
Subject: [PATCH 835/863] Undo unrelated changes

---
 test/src/test/java/jenkins/telemetry/TelemetryTest.java | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/test/src/test/java/jenkins/telemetry/TelemetryTest.java b/test/src/test/java/jenkins/telemetry/TelemetryTest.java
index 38a2e00c1b..aae681f4cd 100644
--- a/test/src/test/java/jenkins/telemetry/TelemetryTest.java
+++ b/test/src/test/java/jenkins/telemetry/TelemetryTest.java
@@ -28,12 +28,8 @@ import java.nio.charset.StandardCharsets;
 import java.time.LocalDate;
 import java.time.temporal.ChronoUnit;
 import java.util.HashSet;
-import java.util.LinkedHashSet;
 import java.util.Set;
-import java.util.SortedSet;
-import java.util.TreeSet;
 import java.util.logging.Level;
-import java.util.regex.Pattern;
 
 public class TelemetryTest {
     @Rule
@@ -213,7 +209,7 @@ public class TelemetryTest {
         }
     }
 
-    private static SortedSet<String> correlators = new TreeSet<>();
+    private static Set<String> correlators = new HashSet<>();
     private static Set<String> types = new HashSet<>();
 
     @TestExtension
-- 
GitLab


From a0bc50fb887c5046aecbacadf6c12d8702143261 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Wed, 24 Oct 2018 17:33:42 +0200
Subject: [PATCH 836/863] [JENKINS-54135] Improve performance of languages
 telemetry

---
 .../main/java/jenkins/telemetry/impl/UserLanguages.java   | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/jenkins/telemetry/impl/UserLanguages.java b/core/src/main/java/jenkins/telemetry/impl/UserLanguages.java
index 3dd93334e9..c78fc6945a 100644
--- a/core/src/main/java/jenkins/telemetry/impl/UserLanguages.java
+++ b/core/src/main/java/jenkins/telemetry/impl/UserLanguages.java
@@ -41,6 +41,7 @@ import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
 import java.io.IOException;
 import java.time.LocalDate;
+import java.util.HashMap;
 import java.util.Map;
 import java.util.TreeMap;
 import java.util.concurrent.atomic.AtomicLong;
@@ -51,7 +52,7 @@ import java.util.logging.Logger;
 @Restricted(NoExternalUse.class)
 public class UserLanguages extends Telemetry {
 
-    private static volatile Map<String, AtomicLong> requestsByLanguage = new TreeMap<>();
+    private static volatile Map<String, AtomicLong> requestsByLanguage = new HashMap<>();
     private static Logger LOGGER = Logger.getLogger(UserLanguages.class.getName());
 
     @Nonnull
@@ -83,8 +84,9 @@ public class UserLanguages extends Telemetry {
     public JSONObject createContent() {
         JSONObject payload = new JSONObject();
         Map<String, AtomicLong> currentRequests = requestsByLanguage;
-        requestsByLanguage = new TreeMap<>();
-        for (Map.Entry<String, AtomicLong> entry : currentRequests.entrySet()) {
+        requestsByLanguage = new HashMap<>();
+        Map<String, AtomicLong> sortedRequests = new TreeMap<>(currentRequests);
+        for (Map.Entry<String, AtomicLong> entry : sortedRequests.entrySet()) {
             payload.put(entry.getKey(), entry.getValue().longValue());
         }
         return payload;
-- 
GitLab


From 9e4d324b8cf83a69cce244ea358b39598fe945ba Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 24 Oct 2018 14:30:11 -0400
Subject: [PATCH 837/863] Fixing a synchronization bug in
 StaplerDispatches.traces.

---
 .../jenkins/telemetry/impl/StaplerDispatches.java   | 13 ++++---------
 1 file changed, 4 insertions(+), 9 deletions(-)

diff --git a/core/src/main/java/jenkins/telemetry/impl/StaplerDispatches.java b/core/src/main/java/jenkins/telemetry/impl/StaplerDispatches.java
index 023c7cd201..625b8bfd43 100644
--- a/core/src/main/java/jenkins/telemetry/impl/StaplerDispatches.java
+++ b/core/src/main/java/jenkins/telemetry/impl/StaplerDispatches.java
@@ -29,7 +29,6 @@ import hudson.model.UsageStatistics;
 import hudson.util.VersionNumber;
 import jenkins.model.Jenkins;
 import jenkins.telemetry.Telemetry;
-import jenkins.util.SystemProperties;
 import net.sf.json.JSONObject;
 import org.kohsuke.MetaInfServices;
 import org.kohsuke.accmod.Restricted;
@@ -38,16 +37,12 @@ import org.kohsuke.stapler.EvaluationTrace;
 import org.kohsuke.stapler.StaplerRequest;
 
 import javax.annotation.Nonnull;
-import java.text.DateFormat;
-import java.text.SimpleDateFormat;
 import java.time.LocalDate;
-import java.util.Date;
-import java.util.List;
 import java.util.Map;
 import java.util.Set;
-import java.util.TimeZone;
 import java.util.TreeMap;
 import java.util.TreeSet;
+import java.util.concurrent.ConcurrentSkipListSet;
 
 /**
  * Telemetry implementation gathering information about Stapler dispatch routes.
@@ -84,8 +79,8 @@ public class StaplerDispatches extends Telemetry {
     }
 
     private Object buildDispatches() {
-        Set<String> currentTraces = traces;
-        traces = new TreeSet<>();
+        Set<String> currentTraces = new TreeSet<>(traces);
+        traces.clear();
         return currentTraces;
     }
 
@@ -116,5 +111,5 @@ public class StaplerDispatches extends Telemetry {
         }
     }
 
-    private static volatile Set<String> traces = new TreeSet<>();
+    private static final Set<String> traces = new ConcurrentSkipListSet<>();
 }
-- 
GitLab


From 54f4733cd009d98d912b20c0f546db5e24bc3d66 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 24 Oct 2018 14:35:15 -0400
Subject: [PATCH 838/863] SlaveComputer.getRetentionStrategy was using Always
 when there was no node, leading to launches of unused agent JVMs.

---
 core/src/main/java/hudson/slaves/SlaveComputer.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/slaves/SlaveComputer.java b/core/src/main/java/hudson/slaves/SlaveComputer.java
index 950c6b68aa..31650d18aa 100644
--- a/core/src/main/java/hudson/slaves/SlaveComputer.java
+++ b/core/src/main/java/hudson/slaves/SlaveComputer.java
@@ -801,7 +801,7 @@ public class SlaveComputer extends Computer {
 
     public RetentionStrategy getRetentionStrategy() {
         Slave n = getNode();
-        return n==null ? RetentionStrategy.INSTANCE : n.getRetentionStrategy();
+        return n==null ? RetentionStrategy.NOOP : n.getRetentionStrategy();
     }
 
     /**
-- 
GitLab


From 21db4a1671dfa6de9c9bf0fa86e51b51318134ee Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Thu, 25 Oct 2018 03:59:54 +0200
Subject: [PATCH 839/863] CheckForNull

---
 core/src/main/java/jenkins/telemetry/Telemetry.java | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/core/src/main/java/jenkins/telemetry/Telemetry.java b/core/src/main/java/jenkins/telemetry/Telemetry.java
index 1d5bb22b1d..43cfb19ba8 100644
--- a/core/src/main/java/jenkins/telemetry/Telemetry.java
+++ b/core/src/main/java/jenkins/telemetry/Telemetry.java
@@ -37,6 +37,7 @@ import net.sf.json.JSONObject;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 
+import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
 import java.io.IOException;
 import java.io.OutputStream;
@@ -119,6 +120,7 @@ public abstract class Telemetry implements ExtensionPoint {
      *
      * @return The JSON payload, or null if no content should be submitted.
      */
+    @CheckForNull
     public abstract JSONObject createContent();
 
     public static ExtensionList<Telemetry> all() {
-- 
GitLab


From 5c22c528d843686779adceb41180afbce563be5f Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Thu, 25 Oct 2018 04:03:25 +0200
Subject: [PATCH 840/863] Use ConcurrentSkipListMap similar to
 StaplerDispatches

---
 .../java/jenkins/telemetry/impl/UserLanguages.java   | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/core/src/main/java/jenkins/telemetry/impl/UserLanguages.java b/core/src/main/java/jenkins/telemetry/impl/UserLanguages.java
index c78fc6945a..8cdb5b016a 100644
--- a/core/src/main/java/jenkins/telemetry/impl/UserLanguages.java
+++ b/core/src/main/java/jenkins/telemetry/impl/UserLanguages.java
@@ -41,9 +41,9 @@ import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
 import java.io.IOException;
 import java.time.LocalDate;
-import java.util.HashMap;
 import java.util.Map;
 import java.util.TreeMap;
+import java.util.concurrent.ConcurrentSkipListMap;
 import java.util.concurrent.atomic.AtomicLong;
 import java.util.logging.Level;
 import java.util.logging.Logger;
@@ -52,7 +52,7 @@ import java.util.logging.Logger;
 @Restricted(NoExternalUse.class)
 public class UserLanguages extends Telemetry {
 
-    private static volatile Map<String, AtomicLong> requestsByLanguage = new HashMap<>();
+    private static final Map<String, AtomicLong> requestsByLanguage = new ConcurrentSkipListMap<>();
     private static Logger LOGGER = Logger.getLogger(UserLanguages.class.getName());
 
     @Nonnull
@@ -82,11 +82,11 @@ public class UserLanguages extends Telemetry {
     @Nonnull
     @Override
     public JSONObject createContent() {
+        Map<String, AtomicLong> currentRequests = new TreeMap<>(requestsByLanguage);
+        requestsByLanguage.clear();
+
         JSONObject payload = new JSONObject();
-        Map<String, AtomicLong> currentRequests = requestsByLanguage;
-        requestsByLanguage = new HashMap<>();
-        Map<String, AtomicLong> sortedRequests = new TreeMap<>(currentRequests);
-        for (Map.Entry<String, AtomicLong> entry : sortedRequests.entrySet()) {
+        for (Map.Entry<String, AtomicLong> entry : currentRequests.entrySet()) {
             payload.put(entry.getKey(), entry.getValue().longValue());
         }
         return payload;
-- 
GitLab


From 37f725f5706dddccf235109ff1101405b0fc5bb4 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Thu, 25 Oct 2018 04:31:28 +0200
Subject: [PATCH 841/863] Add test ensuring correct correlationIds are sent

---
 .../java/jenkins/telemetry/Correlator.java    |  7 +++++
 .../java/jenkins/telemetry/TelemetryTest.java | 28 ++++++++++++++++++-
 2 files changed, 34 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/jenkins/telemetry/Correlator.java b/core/src/main/java/jenkins/telemetry/Correlator.java
index ea583bdb1f..9e90059349 100644
--- a/core/src/main/java/jenkins/telemetry/Correlator.java
+++ b/core/src/main/java/jenkins/telemetry/Correlator.java
@@ -23,6 +23,7 @@
  */
 package jenkins.telemetry;
 
+import com.google.common.annotations.VisibleForTesting;
 import hudson.Extension;
 import hudson.model.Describable;
 import hudson.model.Descriptor;
@@ -56,6 +57,12 @@ public class Correlator extends Descriptor<Correlator> implements Describable<Co
         return correlationId;
     }
 
+    @Restricted(NoExternalUse.class)
+    @VisibleForTesting
+    void setCorrelationId(String correlationId) {
+        this.correlationId = correlationId;
+    }
+
     @Override
     public Descriptor<Correlator> getDescriptor() {
         return this;
diff --git a/test/src/test/java/jenkins/telemetry/TelemetryTest.java b/test/src/test/java/jenkins/telemetry/TelemetryTest.java
index 80314a880e..9a37bbd93e 100644
--- a/test/src/test/java/jenkins/telemetry/TelemetryTest.java
+++ b/test/src/test/java/jenkins/telemetry/TelemetryTest.java
@@ -7,7 +7,9 @@ import static org.junit.Assert.*;
 
 import hudson.security.csrf.CrumbExclusion;
 import net.sf.json.JSONObject;
+import org.apache.commons.codec.digest.DigestUtils;
 import org.apache.commons.io.IOUtils;
+import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
 import org.jvnet.hudson.test.JenkinsRule;
@@ -31,6 +33,7 @@ import java.util.HashSet;
 import java.util.Set;
 import java.util.SortedSet;
 import java.util.TreeSet;
+import java.util.UUID;
 import java.util.logging.Level;
 import java.util.regex.Pattern;
 
@@ -43,11 +46,18 @@ public class TelemetryTest {
 
     private static int counter = 0;
 
+    @Before
+    public void prepare() throws Exception {
+        correlators.clear();
+        types.clear();
+        j.jenkins.setNoUsageStatistics(false); // tests usually don't submit this, but we need this
+        Telemetry.ENDPOINT = j.getURL().toString() + "uplink/events";
+    }
+
     @Test
     public void testSubmission() throws Exception {
         j.jenkins.setNoUsageStatistics(false); // tests usually don't submit this, but we need this
         assertEquals("no requests received", 0, counter);
-        Telemetry.ENDPOINT = j.getURL().toString() + "uplink/events";
         ExtensionList.lookupSingleton(Telemetry.TelemetryReporter.class).doRun();
         do {
             Thread.sleep(250);
@@ -63,6 +73,22 @@ public class TelemetryTest {
         assertTrue("at least one request received", counter > 0); // TestTelemetry plus whatever real impls exist
     }
 
+    @Test
+    public void testPerTrialCorrelator() throws Exception {
+        Correlator correlator = ExtensionList.lookupSingleton(Correlator.class);
+        String correlationId = "00000000-0000-0000-0000-000000000000";
+        correlator.setCorrelationId(correlationId);
+
+        ExtensionList.lookupSingleton(Telemetry.TelemetryReporter.class).doRun();
+        do {
+            Thread.sleep(250);
+        } while (counter == 0); // this might end up being flaky due to 1 to many active telemetry trials
+
+        assertThat(types, hasItem("test-data"));
+        //90ecf3ce1cd5ba1e5ad3cde7ad08a941e884f2e4d9bd463361715abab8efedc5
+        assertThat(correlators, hasItem(DigestUtils.sha256Hex(correlationId + "test-data")));
+    }
+
     @TestExtension
     public static class DisabledFutureTelemetry extends Telemetry {
 
-- 
GitLab


From 13acb9ad2953758fb45995b1d21abc79944e0358 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Thu, 25 Oct 2018 11:57:04 +0200
Subject: [PATCH 842/863] Reset all the things

---
 test/src/test/java/jenkins/telemetry/TelemetryTest.java | 1 +
 1 file changed, 1 insertion(+)

diff --git a/test/src/test/java/jenkins/telemetry/TelemetryTest.java b/test/src/test/java/jenkins/telemetry/TelemetryTest.java
index 9a37bbd93e..00fe22fcc8 100644
--- a/test/src/test/java/jenkins/telemetry/TelemetryTest.java
+++ b/test/src/test/java/jenkins/telemetry/TelemetryTest.java
@@ -50,6 +50,7 @@ public class TelemetryTest {
     public void prepare() throws Exception {
         correlators.clear();
         types.clear();
+        counter = 0;
         j.jenkins.setNoUsageStatistics(false); // tests usually don't submit this, but we need this
         Telemetry.ENDPOINT = j.getURL().toString() + "uplink/events";
     }
-- 
GitLab


From 16843e64fc20f24b8423d189d7d28366bc405d8d Mon Sep 17 00:00:00 2001
From: Oskars Pakers <o.pakers@intrum.com>
Date: Fri, 26 Oct 2018 10:37:32 +0300
Subject: [PATCH 843/863] [origin/master]: Fix typo and translation for Latvian
 message file

---
 .../main/resources/jenkins/model/Jenkins/login_lv.properties   | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/core/src/main/resources/jenkins/model/Jenkins/login_lv.properties b/core/src/main/resources/jenkins/model/Jenkins/login_lv.properties
index f07f44ae11..24cc762e0b 100644
--- a/core/src/main/resources/jenkins/model/Jenkins/login_lv.properties
+++ b/core/src/main/resources/jenkins/model/Jenkins/login_lv.properties
@@ -21,6 +21,7 @@
 # THE SOFTWARE.
 
 Password=Parole
-Remember\ me\ on\ this\ computer=Atcer\u0113ties manu uz \u0161\u012B datora
+Remember\ me\ on\ this\ computer=Atcer\u0113ties mani uz \u0161\u012B datora
 User=Lietot\u0101js
 login=Ielogoties
+signUp=Piesl\u0113dzies izmantojot formu zem\u0101k vai <a href="signup">izveido jaunu kontu</a>.
-- 
GitLab


From 17d56f4539001af420dcd4656f9806ae10145cb9 Mon Sep 17 00:00:00 2001
From: Victor Ott <victor.ott@extronis.com>
Date: Sat, 27 Oct 2018 14:12:11 +0200
Subject: [PATCH 844/863] Fix Executor javadoc for getDisplayName()

---
 core/src/main/java/hudson/model/Executor.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/model/Executor.java b/core/src/main/java/hudson/model/Executor.java
index 3b160ae927..5f90ad1bfc 100644
--- a/core/src/main/java/hudson/model/Executor.java
+++ b/core/src/main/java/hudson/model/Executor.java
@@ -578,7 +578,7 @@ public class Executor extends Thread implements ModelObject {
     }
 
     /**
-     * Same as {@link #getName()}.
+     * Human readable name of the Jenkins executor. For the Java thread name use {@link #getName()}.
      */
     public String getDisplayName() {
         return "Executor #"+getNumber();
-- 
GitLab


From e158482c026587a500f6555fc4d3456deb16c125 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 28 Oct 2018 13:15:49 -0700
Subject: [PATCH 845/863] [maven-release-plugin] prepare release jenkins-2.149

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 670e416a26..2263d26604 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.149</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index cbbf3f3061..d9e15e6dc1 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.149</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 4c21233c92..3e2c9fd83f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.149</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.149</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 7f08f9b914..51c0b36bc9 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.149</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 1ab587db93..c6d4822471 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.149</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 0f0778b2134acd250cf604851ff1e3bdf5e63758 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 28 Oct 2018 13:16:03 -0700
Subject: [PATCH 846/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 6 +++---
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 2263d26604..670e416a26 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.149</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index d9e15e6dc1..cbbf3f3061 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.149</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 3e2c9fd83f..4e6d78996a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.149</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.149</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.149</revision>
+    <revision>2.150</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 51c0b36bc9..7f08f9b914 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.149</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index c6d4822471..1ab587db93 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.149</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 33220dec3799a974fe6e10f86781b97b1092b4ea Mon Sep 17 00:00:00 2001
From: Jeff Thompson <jeffret.g@gmail.com>
Date: Mon, 29 Oct 2018 13:01:07 -0600
Subject: [PATCH 847/863] Clean up warnings in tests about anonymous callable.

Convert them to static, named classes.
---
 core/src/test/java/hudson/LauncherTest.java |  8 ++++----
 core/src/test/java/hudson/os/SUTester.java  | 18 +++++++++---------
 2 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/core/src/test/java/hudson/LauncherTest.java b/core/src/test/java/hudson/LauncherTest.java
index 4df308b41d..0d38795d27 100644
--- a/core/src/test/java/hudson/LauncherTest.java
+++ b/core/src/test/java/hudson/LauncherTest.java
@@ -26,11 +26,11 @@ package hudson;
 
 import hudson.model.StreamBuildListener;
 import hudson.model.TaskListener;
-import hudson.remoting.Callable;
 import hudson.util.ProcessTree;
 import hudson.util.StreamTaskListener;
 import java.io.ByteArrayOutputStream;
 import java.io.File;
+
 import jenkins.security.MasterToSlaveCallable;
 import org.apache.commons.io.FileUtils;
 import static org.junit.Assert.*;
@@ -63,7 +63,7 @@ public class LauncherTest {
             long end = System.currentTimeMillis();
             long terminationTime = end - start;
             assertTrue("Join did not finish promptly. The completion time (" + terminationTime + "ms) is longer than expected 15s", terminationTime < 15000);
-            channels.french.call(NOOP); // this only returns after the other side of the channel has finished executing cancellation
+            channels.french.call(new NoopCallable()); // this only returns after the other side of the channel has finished executing cancellation
             Thread.sleep(2000); // more delay to make sure it's gone
             assertNull("process should be gone",ProcessTree.get().get(Integer.parseInt(FileUtils.readFileToString(tmp).trim())));
 
@@ -76,11 +76,11 @@ public class LauncherTest {
             // hangs and on slave machine pgrep sleep => one process; after manual kill, script returns.
     }
 
-    private static final Callable<Object,RuntimeException> NOOP = new MasterToSlaveCallable<Object,RuntimeException>() {
+    private static class NoopCallable extends MasterToSlaveCallable<Object,RuntimeException> {
         public Object call() throws RuntimeException {
             return null;
         }
-    };
+    }
 
     @Issue("JENKINS-15733")
     @Test public void decorateByEnv() throws Exception {
diff --git a/core/src/test/java/hudson/os/SUTester.java b/core/src/test/java/hudson/os/SUTester.java
index 286391dffb..999391ef9b 100644
--- a/core/src/test/java/hudson/os/SUTester.java
+++ b/core/src/test/java/hudson/os/SUTester.java
@@ -5,19 +5,19 @@ import java.io.File;
 import java.nio.file.Files;
 import jenkins.security.MasterToSlaveCallable;
 
-import java.io.FileOutputStream;
-
 /**
  * @author Kohsuke Kawaguchi
  */
 public class SUTester {
     public static void main(String[] args) throws Throwable {
-        SU.execute(StreamTaskListener.fromStdout(),"kohsuke","bogus",new MasterToSlaveCallable<Object, Throwable>() {
-            public Object call() throws Throwable {
-                System.out.println("Touching /tmp/x");
-                Files.newOutputStream(new File("/tmp/x").toPath()).close();
-                return null;
-            }
-        });
+        SU.execute(StreamTaskListener.fromStdout(),"kohsuke","bogus", new TouchingCallable());
+    }
+
+    private static class TouchingCallable extends MasterToSlaveCallable<Object, Throwable> {
+        public Object call() throws Throwable {
+            System.out.println("Touching /tmp/x");
+            Files.newOutputStream(new File("/tmp/x").toPath()).close();
+            return null;
+        }
     }
 }
-- 
GitLab


From 17951d27f06225ed6d645ea901e7e146f0d18378 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Tue, 30 Oct 2018 09:31:07 +0100
Subject: [PATCH 848/863] Reuse Telemetry.disabled(), make it work without
 singleton

---
 core/src/main/java/jenkins/telemetry/Telemetry.java      | 9 +++++++--
 .../java/jenkins/telemetry/impl/StaplerDispatches.java   | 3 +--
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/core/src/main/java/jenkins/telemetry/Telemetry.java b/core/src/main/java/jenkins/telemetry/Telemetry.java
index cb6b25d9c7..d528f5e9ed 100644
--- a/core/src/main/java/jenkins/telemetry/Telemetry.java
+++ b/core/src/main/java/jenkins/telemetry/Telemetry.java
@@ -129,11 +129,16 @@ public abstract class Telemetry implements ExtensionPoint {
     }
 
     /**
-     * @since TODO
+     * @since 2.147
      * @return whether to collect telemetry
      */
     public static boolean isDisabled() {
-        return UsageStatistics.DISABLED || !Jenkins.get().isUsageStatisticsCollected();
+        if (UsageStatistics.DISABLED) {
+            return true;
+        }
+        Jenkins jenkins = Jenkins.getInstanceOrNull();
+
+        return jenkins == null || !jenkins.isUsageStatisticsCollected();
     }
 
     @Extension
diff --git a/core/src/main/java/jenkins/telemetry/impl/StaplerDispatches.java b/core/src/main/java/jenkins/telemetry/impl/StaplerDispatches.java
index 6f56c8a08e..6e73a73e95 100644
--- a/core/src/main/java/jenkins/telemetry/impl/StaplerDispatches.java
+++ b/core/src/main/java/jenkins/telemetry/impl/StaplerDispatches.java
@@ -104,8 +104,7 @@ public class StaplerDispatches extends Telemetry {
 
         @Override
         protected void record(StaplerRequest staplerRequest, String s) {
-            if (UsageStatistics.DISABLED || !Jenkins.get().isUsageStatisticsCollected()) {
-                // TODO use new API after jenkinsci/jenkins#3687 is merged
+            if (Telemetry.isDisabled()) {
                 // do not collect traces while usage statistics are disabled
                 return;
             }
-- 
GitLab


From 9feab41a4f498c6324915954ce1489f16ab82ca4 Mon Sep 17 00:00:00 2001
From: runzexia <root@junwuhui.cn>
Date: Sun, 4 Nov 2018 19:38:48 +0800
Subject: [PATCH 849/863] add getDescriptorOrDie Nonnull annotations

---
 core/src/main/java/jenkins/model/Jenkins.java | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/src/main/java/jenkins/model/Jenkins.java b/core/src/main/java/jenkins/model/Jenkins.java
index 001e649987..032049019b 100644
--- a/core/src/main/java/jenkins/model/Jenkins.java
+++ b/core/src/main/java/jenkins/model/Jenkins.java
@@ -1511,6 +1511,7 @@ public class Jenkins extends AbstractCIBase implements DirectlyModifiableTopLeve
      *      If the descriptor is missing.
      * @since 1.326
      */
+    @Nonnull
     public Descriptor getDescriptorOrDie(Class<? extends Describable> type) {
         Descriptor d = getDescriptor(type);
         if (d==null)
-- 
GitLab


From c9fb0cabab1603f6b6141a7d164355a4c010d235 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 4 Nov 2018 14:08:09 -0800
Subject: [PATCH 850/863] [maven-release-plugin] prepare release jenkins-2.150

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 670e416a26..30464a8a80 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.150</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index cbbf3f3061..ea8b4c5103 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.150</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 4e6d78996a..36bde9254f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.150</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.150</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index 7f08f9b914..6c6f3c9697 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.150</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 1ab587db93..99ab4c7c9c 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.150</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From 6705bdbf597285b1ddb7a763855f1039f27d7009 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 4 Nov 2018 14:08:18 -0800
Subject: [PATCH 851/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 6 +++---
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 30464a8a80..670e416a26 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.150</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index ea8b4c5103..cbbf3f3061 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.150</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 36bde9254f..0ab3c86021 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.150</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.150</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.150</revision>
+    <revision>2.151</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 6c6f3c9697..7f08f9b914 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.150</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 99ab4c7c9c..1ab587db93 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.150</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From f6ef70a8d40ae66eb5079ac102d6cd4923f4d648 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Francisco=20Fern=C3=A1ndez?=
 <31063239+fcojfernandez@users.noreply.github.com>
Date: Wed, 7 Nov 2018 08:08:52 +0100
Subject: [PATCH 852/863] [JENKINS-54310] java.io.IOException: Stream is closed
 when the CLI has not read entirely the input (#3708)

* [JENKINS-54310] read the input at once

* [JENKINS-54310] reading as String

* [JENKINS-54310] Change the approach for those CLI that open a shell
---
 cli/src/main/java/hudson/cli/CLI.java         |   4 +-
 test/src/test/java/hudson/cli/CLITest.java    |  24 +++
 .../test/resources/hudson/cli/huge-stdin.txt  | 200 ++++++++++++++++++
 3 files changed, 226 insertions(+), 2 deletions(-)
 create mode 100644 test/src/test/resources/hudson/cli/huge-stdin.txt

diff --git a/cli/src/main/java/hudson/cli/CLI.java b/cli/src/main/java/hudson/cli/CLI.java
index 52c6785d58..0ffef53f93 100644
--- a/cli/src/main/java/hudson/cli/CLI.java
+++ b/cli/src/main/java/hudson/cli/CLI.java
@@ -705,13 +705,13 @@ public class CLI implements AutoCloseable {
             connection.sendLocale(Locale.getDefault().toString());
             connection.sendStart();
             connection.begin();
-            final OutputStream stdin = connection.streamStdin();
             new Thread("input reader") {
                 @Override
                 public void run() {
                     try {
+                        final OutputStream stdin = connection.streamStdin();
                         int c;
-                        while ((c = System.in.read()) != -1) { // TODO use InputStream.available
+                        while (!connection.complete && (c = System.in.read()) != -1) {
                            stdin.write(c);
                         }
                         connection.sendEndStdin();
diff --git a/test/src/test/java/hudson/cli/CLITest.java b/test/src/test/java/hudson/cli/CLITest.java
index cd0f3b9a66..0b14565770 100644
--- a/test/src/test/java/hudson/cli/CLITest.java
+++ b/test/src/test/java/hudson/cli/CLITest.java
@@ -255,6 +255,30 @@ public class CLITest {
             assertEquals(0, ret);
         }
     }
+
+    @Test
+    @Issue("JENKINS-54310")
+    public void readInputAtOnce() throws Exception {
+        home = tempHome();
+        grabCliJar();
+
+        try (ByteArrayOutputStream baos = new ByteArrayOutputStream();) {
+            int ret = new Launcher.LocalLauncher(StreamTaskListener.fromStderr())
+                    .launch()
+                    .cmds("java",
+                            "-Duser.home=" + home,
+                            "-jar", jar.getAbsolutePath(),
+                            "-s", r.getURL().toString(),
+                            "list-plugins") // This CLI Command needs -auth option, so when we omit it, the CLI stops before reading the input.
+                    .stdout(baos)
+                    .stderr(baos)
+                    .stdin(CLITest.class.getResourceAsStream("huge-stdin.txt"))
+                    .join();
+            assertThat(baos.toString(), not(containsString("java.io.IOException: Stream is closed")));
+            assertEquals(0, ret);
+        }
+    }
+
     @TestExtension("redirectToEndpointShouldBeFollowed")
     public static final class CliProxyAction extends CrumbExclusion implements UnprotectedRootAction, StaplerProxy {
 
diff --git a/test/src/test/resources/hudson/cli/huge-stdin.txt b/test/src/test/resources/hudson/cli/huge-stdin.txt
new file mode 100644
index 0000000000..e9ff2b2fc4
--- /dev/null
+++ b/test/src/test/resources/hudson/cli/huge-stdin.txt
@@ -0,0 +1,200 @@
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
+Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
-- 
GitLab


From 498114e872b9404fa038ac1155909b388e07b597 Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 7 Nov 2018 16:07:08 -0500
Subject: [PATCH 853/863] Work around SUREFIRE-1588.

---
 test/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/pom.xml b/test/pom.xml
index 7f08f9b914..fb587c3640 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -254,7 +254,7 @@ THE SOFTWARE.
         <artifactId>maven-surefire-plugin</artifactId>
         <!-- version specified in grandparent pom -->
         <configuration>
-          <argLine>${jacocoSurefireArgs} -Dfile.encoding=UTF-8 -Xmx1g</argLine>
+          <argLine>${jacocoSurefireArgs} -Dfile.encoding=UTF-8 -Xmx1g -Djdk.net.URLClassPath.disableClassPathURLCheck=true</argLine>
           <systemPropertyVariables>
               <!-- use AntClassLoader that supports predictable file handle release -->
               <hudson.ClassicPluginStrategy.useAntClassLoader>true</hudson.ClassicPluginStrategy.useAntClassLoader>
-- 
GitLab


From a555dc07966a6a142e7f1c098719d8caf8aacd4c Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Wed, 7 Nov 2018 16:44:48 -0500
Subject: [PATCH 854/863] windows-slave-installer 1.9.3

---
 war/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/war/pom.xml b/war/pom.xml
index 1ab587db93..7cd7dad40e 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -110,7 +110,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>org.jenkins-ci.modules</groupId>
       <artifactId>windows-slave-installer</artifactId>
-      <version>1.9.2</version>
+      <version>1.9.3</version>
     </dependency>
     <dependency>
       <groupId>org.jenkins-ci.modules</groupId>
-- 
GitLab


From 1cada2c679f09e6f1fa29514b01838971f6ed214 Mon Sep 17 00:00:00 2001
From: Zhao Xiaojie <zxjlwt@126.com>
Date: Sat, 10 Nov 2018 13:40:24 +0800
Subject: [PATCH 855/863] Add languages plugin category for setupWizard (#3626)

* Add languages plugin category for setupWizard

* Dynamic choose localization plugin according user-agent settings.

* Retrigger CI
---
 .../main/resources/jenkins/install/platform-plugins.json   | 7 +++++++
 war/src/main/js/api/pluginManager.js                       | 6 ++++++
 2 files changed, 13 insertions(+)

diff --git a/core/src/main/resources/jenkins/install/platform-plugins.json b/core/src/main/resources/jenkins/install/platform-plugins.json
index 5cd0067fb5..6228138059 100644
--- a/core/src/main/resources/jenkins/install/platform-plugins.json
+++ b/core/src/main/resources/jenkins/install/platform-plugins.json
@@ -101,5 +101,12 @@
             { "name": "publish-over-ssh" },
             { "name": "ssh" }
         ]
+    },
+    {
+        "category":"Languages",
+        "plugins": [
+            { "name": "locale"},
+            { "name": "localization-zh-cn"}
+        ]
     }
 ]
diff --git a/war/src/main/js/api/pluginManager.js b/war/src/main/js/api/pluginManager.js
index 923c2c1ddb..8032828e5e 100644
--- a/war/src/main/js/api/pluginManager.js
+++ b/war/src/main/js/api/pluginManager.js
@@ -40,6 +40,12 @@ exports.init = function(handler) {
 					plugins.names.push(pluginName);
 					if (plugin.suggested) {
 						plugins.recommendedPlugins.push(pluginName);
+					} else if (pluginCategory.category === "Languages") {
+						var language = window.navigator.userLanguage || window.navigator.language;
+						var code = language.toLocaleLowerCase();
+						if (pluginName === ("localization-" + code)) {
+							plugins.recommendedPlugins.push(pluginName);
+						}
 					}
 				}
 			}
-- 
GitLab


From 8b8bcea0d07cabceba8777613fe9d0502faa3f09 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 11 Nov 2018 11:23:13 -0800
Subject: [PATCH 856/863] [maven-release-plugin] prepare release jenkins-2.151

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index 670e416a26..c1ba9a56e7 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.151</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index cbbf3f3061..62433108a7 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.151</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 0ab3c86021..ed7e63cb2a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.151</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.151</tag>
   </scm>
 
   <distributionManagement>
diff --git a/test/pom.xml b/test/pom.xml
index fb587c3640..b4e10ccb64 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.151</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 7cd7dad40e..3982462359 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.151</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From e3af0f3bb1d2f80a672e85e31d2dd63157033c16 Mon Sep 17 00:00:00 2001
From: Kohsuke Kawaguchi <kk@kohsuke.org>
Date: Sun, 11 Nov 2018 11:23:21 -0800
Subject: [PATCH 857/863] [maven-release-plugin] prepare for next development
 iteration

---
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 6 +++---
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/cli/pom.xml b/cli/pom.xml
index c1ba9a56e7..670e416a26 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.151</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 62433108a7..cbbf3f3061 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.151</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index ed7e63cb2a..47c16272a8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.151</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -59,7 +59,7 @@ THE SOFTWARE.
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
     <url>https://github.com/jenkinsci/jenkins</url>
-    <tag>jenkins-2.151</tag>
+    <tag>${scmTag}</tag>
   </scm>
 
   <distributionManagement>
@@ -75,7 +75,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.151</revision>
+    <revision>2.152</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index b4e10ccb64..fb587c3640 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.151</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 3982462359..7cd7dad40e 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.151</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>
-- 
GitLab


From b5446558e5a4c410a7cfdf382c34d46423947aae Mon Sep 17 00:00:00 2001
From: Jesse Glick <jglick@cloudbees.com>
Date: Tue, 13 Nov 2018 12:28:25 -0500
Subject: [PATCH 858/863] 
 Functions.generateConsoleAnnotationScriptAndStylesheet needs to include the
 SESSION_HASH in the URL to properly invalidate scripts across restarts.

---
 core/src/main/java/hudson/Functions.java                  | 2 +-
 .../test/java/hudson/console/ConsoleAnnotatorTest.java    | 8 ++++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/hudson/Functions.java b/core/src/main/java/hudson/Functions.java
index ef2a7671a3..5e2ab71644 100644
--- a/core/src/main/java/hudson/Functions.java
+++ b/core/src/main/java/hudson/Functions.java
@@ -1827,7 +1827,7 @@ public class Functions {
      * from {@link ConsoleAnnotatorFactory}s and {@link ConsoleAnnotationDescriptor}s.
      */
     public static String generateConsoleAnnotationScriptAndStylesheet() {
-        String cp = Stapler.getCurrentRequest().getContextPath();
+        String cp = Stapler.getCurrentRequest().getContextPath() + Jenkins.RESOURCE_PATH;
         StringBuilder buf = new StringBuilder();
         for (ConsoleAnnotatorFactory f : ConsoleAnnotatorFactory.all()) {
             String path = cp + "/extensionList/" + ConsoleAnnotatorFactory.class.getName() + "/" + f.getClass().getName();
diff --git a/test/src/test/java/hudson/console/ConsoleAnnotatorTest.java b/test/src/test/java/hudson/console/ConsoleAnnotatorTest.java
index 18e46dda4b..346d205a02 100644
--- a/test/src/test/java/hudson/console/ConsoleAnnotatorTest.java
+++ b/test/src/test/java/hudson/console/ConsoleAnnotatorTest.java
@@ -3,6 +3,7 @@ package hudson.console;
 import com.gargoylesoftware.htmlunit.Page;
 import com.gargoylesoftware.htmlunit.TextPage;
 import com.gargoylesoftware.htmlunit.WebRequest;
+import com.gargoylesoftware.htmlunit.html.DomElement;
 import com.gargoylesoftware.htmlunit.html.DomNodeUtil;
 import com.gargoylesoftware.htmlunit.html.HtmlPage;
 import hudson.FilePath;
@@ -27,6 +28,7 @@ import java.net.URL;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.concurrent.Future;
+import jenkins.model.Jenkins;
 import static org.hamcrest.Matchers.containsString;
 import static org.junit.Assert.*;
 import org.junit.Rule;
@@ -288,6 +290,12 @@ public class ConsoleAnnotatorTest {
         // verify that there's an element inserted by the script
         assertNotNull(html.getElementById("inserted-by-test1"));
         assertNotNull(html.getElementById("inserted-by-test2"));
+        for (DomElement e : html.getElementsByTagName("script")) {
+            String src = e.getAttribute("src");
+            if (!src.isEmpty()) {
+                assertThat(src, containsString(Jenkins.SESSION_HASH));
+            }
+        }
     }
 
     public static final class JustToIncludeScript extends ConsoleNote<Object> {
-- 
GitLab


From 46824ec45d9b67d91a377f1f097c3f34e763ddcf Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Tue, 13 Nov 2018 18:48:52 +0100
Subject: [PATCH 859/863] [JENKINS-53863] - Update JTH to 2.41.1 and enable
 testing with JDK 11

---
 Jenkinsfile                        |  2 +-
 pom.xml                            | 11 +++++++++++
 src/findbugs/findbugs-excludes.xml |  3 +++
 test/pom.xml                       |  2 +-
 4 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/Jenkinsfile b/Jenkinsfile
index f6eb3e2c0c..a3660f59f0 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -17,7 +17,7 @@ properties([buildDiscarder(logRotator(numToKeepStr: '50', artifactNumToKeepStr:
 
 // see https://github.com/jenkins-infra/documentation/blob/master/ci.adoc for information on what node types are available
 def buildTypes = ['Linux', 'Windows']
-def jdks = [8]
+def jdks = [8, 11]
 
 def builds = [:]
 for(i = 0; i < buildTypes.size(); i++) {
diff --git a/pom.xml b/pom.xml
index 47c16272a8..6f305512f0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -760,5 +760,16 @@ THE SOFTWARE.
         <failIfNoTests>false</failIfNoTests>
       </properties>
     </profile>
+    <profile>
+      <id>jdk11</id>
+      <properties>
+        <!-- TODO: https://issues.jenkins-ci.org/browse/JENKINS-53788 (JDK11 issue on CI) -->
+        <doclint>none</doclint>
+        <maven.javadoc.skip>true</maven.javadoc.skip>
+      </properties>
+      <activation>
+        <jdk>11</jdk>
+      </activation>
+    </profile>
   </profiles>
 </project>
diff --git a/src/findbugs/findbugs-excludes.xml b/src/findbugs/findbugs-excludes.xml
index 781617524e..f8e3d3061a 100644
--- a/src/findbugs/findbugs-excludes.xml
+++ b/src/findbugs/findbugs-excludes.xml
@@ -10,6 +10,9 @@
       <Bug pattern="UMAC_UNCALLABLE_METHOD_OF_ANONYMOUS_CLASS"/>
       <!-- TODO: It's a real issue, but the code is flooded by it right now-->
       <Bug pattern="DM_DEFAULT_ENCODING"/>
+      <!-- TODO: Remove once we migrate to SpotBugs with full Java support (JENKINS-53720)-->
+      <!-- This check works unreliably on JDK 11 which tries doing some code generation for annotated fields-->
+      <Bug pattern="RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE"/>
     </Or>
   </Match>
 </FindBugsFilter>
diff --git a/test/pom.xml b/test/pom.xml
index fb587c3640..696e338cbd 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -53,7 +53,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>${project.groupId}</groupId>
       <artifactId>jenkins-test-harness</artifactId>
-      <version>2.36</version>
+      <version>2.41.1</version>
       <scope>test</scope>
       <exclusions>
         <exclusion>
-- 
GitLab


From a9b4ca4e71f35488b69a3be3752f219fce1cfd28 Mon Sep 17 00:00:00 2001
From: Daniel Beck <daniel-beck@users.noreply.github.com>
Date: Wed, 14 Nov 2018 12:32:49 +0100
Subject: [PATCH 860/863] [JENKINS-54261][JENKINS-54333][JENKINS-54570]

Revert "[JENKINS-53462] Use a workaround to submit the form with a trusted event. No comments on the underlying insanity of hudson-behavior."

This reverts commit fa154b77d14a5d75ec45f2a9f28810b671a34a1a.
---
 war/src/main/webapp/scripts/hudson-behavior.js | 11 +----------
 1 file changed, 1 insertion(+), 10 deletions(-)

diff --git a/war/src/main/webapp/scripts/hudson-behavior.js b/war/src/main/webapp/scripts/hudson-behavior.js
index 28ebbcce90..a05dea7c90 100644
--- a/war/src/main/webapp/scripts/hudson-behavior.js
+++ b/war/src/main/webapp/scripts/hudson-behavior.js
@@ -517,16 +517,7 @@ function registerRegexpValidator(e,regexp,message) {
  *      YUI Button widget.
  */
 function makeButton(e,onclick) {
-    var type = e.type;
-    var h = e.onclick || function (event) {
-        if (type && type.toLowerCase() === 'submit') {
-            var target = event.target;
-            var form = findAncestor(target, "FORM");
-            form.submit();
-        } else {
-            //FIXME: get some usecases for else
-        }
-    };
+    var h = e.onclick;
     var clsName = e.className;
     var n = e.name;
     var btn = new YAHOO.widget.Button(e,{});
-- 
GitLab


From 6cf67767b80b2f458a00eef6842b6f9fb42a43c5 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Wed, 14 Nov 2018 17:28:48 +0100
Subject: [PATCH 861/863] [JENKINS-53716] - Introduce JDK8-only tests, move
 ysoserial tests there

---
 pom.xml                                       |  10 +
 test-jdk8/pom.xml                             |  40 ++
 .../security/Security218BlackBoxTest.java     |   0
 .../jenkins/security/Security218CliTest.java  |   0
 .../jenkins/security/Security232Test.java     |   0
 .../jenkins/security/security218/Payload.java |   0
 .../security218/ysoserial/Deserializer.java   |   0
 .../ExecBlockingSecurityManager.java          |   0
 .../ysoserial/GeneratePayload.java            |   0
 .../security218/ysoserial/Serializer.java     |   0
 .../exploit/JRMPClassLoadingListener.java     |   0
 .../ysoserial/exploit/JRMPClient.java         |   0
 .../ysoserial/exploit/JRMPListener.java       |   0
 .../security218/ysoserial/exploit/JSF.java    |   0
 .../ysoserial/exploit/JenkinsCLI.java         |   0
 .../ysoserial/exploit/JenkinsListener.java    |   0
 .../ysoserial/exploit/JenkinsReverse.java     |   0
 .../ysoserial/exploit/RMIRegistryExploit.java |   0
 .../ysoserial/payloads/CommonsBeanutils1.java |   0
 .../payloads/CommonsCollections1.java         |   0
 .../payloads/CommonsCollections2.java         |   0
 .../payloads/CommonsCollections3.java         |   0
 .../payloads/CommonsCollections4.java         |   0
 .../payloads/CommonsCollections5.java         |   0
 .../payloads/CommonsCollections6.java         |   0
 .../payloads/DynamicDependencies.java         |   0
 .../ysoserial/payloads/FileUpload1.java       |   0
 .../ysoserial/payloads/Groovy1.java           |   0
 .../ysoserial/payloads/JRMPClient.java        |   0
 .../ysoserial/payloads/JRMPListener.java      |   0
 .../security218/ysoserial/payloads/JSON1.java |   0
 .../ysoserial/payloads/Jdk7u21.java           |   0
 .../payloads/JsonLibSignedObject.java         |   0
 .../security218/ysoserial/payloads/Ldap.java  |   0
 .../ysoserial/payloads/ObjectPayload.java     |   0
 .../payloads/ReleaseableObjectPayload.java    |   0
 .../ysoserial/payloads/Spring1.java           |   0
 .../ysoserial/payloads/Spring2.java           |   0
 .../payloads/annotation/Dependencies.java     |   0
 .../payloads/annotation/PayloadTest.java      |   0
 .../ysoserial/payloads/util/ClassFiles.java   |   0
 .../ysoserial/payloads/util/Gadgets.java      |   0
 .../ysoserial/payloads/util/JavaVersion.java  |   0
 .../payloads/util/PayloadRunner.java          |   0
 .../ysoserial/payloads/util/Reflections.java  |   0
 .../secmgr/DelegateSecurityManager.java       |   0
 .../secmgr/ExecCheckingSecurityManager.java   |   0
 .../secmgr/ThreadLocalSecurityManager.java    |   0
 .../ysoserial/util/ClassFiles.java            |   0
 .../security218/ysoserial/util/Gadgets.java   |   0
 .../ysoserial/util/PayloadRunner.java         |   0
 .../ysoserial/util/Reflections.java           |   0
 .../ysoserial/util/Serializables.java         |   0
 test-pom/pom.xml                              | 378 ++++++++++++++++++
 test/pom.xml                                  | 341 +---------------
 55 files changed, 430 insertions(+), 339 deletions(-)
 create mode 100644 test-jdk8/pom.xml
 rename {test => test-jdk8}/src/test/java/jenkins/security/Security218BlackBoxTest.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/Security218CliTest.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/Security232Test.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/Payload.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/Deserializer.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/ExecBlockingSecurityManager.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/GeneratePayload.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/Serializer.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/exploit/JRMPClassLoadingListener.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/exploit/JRMPClient.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/exploit/JRMPListener.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/exploit/JSF.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/exploit/JenkinsCLI.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/exploit/JenkinsListener.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/exploit/JenkinsReverse.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/exploit/RMIRegistryExploit.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsBeanutils1.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections1.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections2.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections3.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections4.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections5.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections6.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/DynamicDependencies.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/FileUpload1.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/Groovy1.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/JRMPClient.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/JRMPListener.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/JSON1.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/Jdk7u21.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/JsonLibSignedObject.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/Ldap.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/ObjectPayload.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/ReleaseableObjectPayload.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/Spring1.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/Spring2.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/annotation/Dependencies.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/annotation/PayloadTest.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/util/ClassFiles.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/util/Gadgets.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/util/JavaVersion.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/util/PayloadRunner.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/payloads/util/Reflections.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/secmgr/DelegateSecurityManager.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/secmgr/ExecCheckingSecurityManager.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/secmgr/ThreadLocalSecurityManager.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/util/ClassFiles.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/util/Gadgets.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/util/PayloadRunner.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/util/Reflections.java (100%)
 rename {test => test-jdk8}/src/test/java/jenkins/security/security218/ysoserial/util/Serializables.java (100%)
 create mode 100644 test-pom/pom.xml

diff --git a/pom.xml b/pom.xml
index 6f305512f0..9d8fcba4d1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -51,6 +51,7 @@ THE SOFTWARE.
   <modules>
     <module>core</module>
     <module>war</module>
+    <module>test-pom</module>
     <module>test</module>
     <module>cli</module>
   </modules>
@@ -771,5 +772,14 @@ THE SOFTWARE.
         <jdk>11</jdk>
       </activation>
     </profile>
+    <profile>
+      <id>jdk8</id>
+      <modules>
+        <module>test-jdk8</module>
+      </modules>
+      <activation>
+        <jdk>1.8</jdk>
+      </activation>
+    </profile>
   </profiles>
 </project>
diff --git a/test-jdk8/pom.xml b/test-jdk8/pom.xml
new file mode 100644
index 0000000000..6fb4010cf5
--- /dev/null
+++ b/test-jdk8/pom.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+The MIT License
+
+Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+
+  <parent>
+    <groupId>org.jenkins-ci.main</groupId>
+    <artifactId>jenkins-test-parent</artifactId>
+    <version>${revision}${changelist}</version>
+    <relativePath>../test-pom</relativePath>
+  </parent>
+
+  <artifactId>jenkins-test-jdk8</artifactId>
+
+  <name>JDK8-only tests for Jenkins core</name>
+  <description>JDK8-only Functional tests for Jenkins core</description>
+
+</project>
diff --git a/test/src/test/java/jenkins/security/Security218BlackBoxTest.java b/test-jdk8/src/test/java/jenkins/security/Security218BlackBoxTest.java
similarity index 100%
rename from test/src/test/java/jenkins/security/Security218BlackBoxTest.java
rename to test-jdk8/src/test/java/jenkins/security/Security218BlackBoxTest.java
diff --git a/test/src/test/java/jenkins/security/Security218CliTest.java b/test-jdk8/src/test/java/jenkins/security/Security218CliTest.java
similarity index 100%
rename from test/src/test/java/jenkins/security/Security218CliTest.java
rename to test-jdk8/src/test/java/jenkins/security/Security218CliTest.java
diff --git a/test/src/test/java/jenkins/security/Security232Test.java b/test-jdk8/src/test/java/jenkins/security/Security232Test.java
similarity index 100%
rename from test/src/test/java/jenkins/security/Security232Test.java
rename to test-jdk8/src/test/java/jenkins/security/Security232Test.java
diff --git a/test/src/test/java/jenkins/security/security218/Payload.java b/test-jdk8/src/test/java/jenkins/security/security218/Payload.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/Payload.java
rename to test-jdk8/src/test/java/jenkins/security/security218/Payload.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/Deserializer.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/Deserializer.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/Deserializer.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/Deserializer.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/ExecBlockingSecurityManager.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/ExecBlockingSecurityManager.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/ExecBlockingSecurityManager.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/ExecBlockingSecurityManager.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/GeneratePayload.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/GeneratePayload.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/GeneratePayload.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/GeneratePayload.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/Serializer.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/Serializer.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/Serializer.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/Serializer.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/exploit/JRMPClassLoadingListener.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/exploit/JRMPClassLoadingListener.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/exploit/JRMPClassLoadingListener.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/exploit/JRMPClassLoadingListener.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/exploit/JRMPClient.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/exploit/JRMPClient.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/exploit/JRMPClient.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/exploit/JRMPClient.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/exploit/JRMPListener.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/exploit/JRMPListener.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/exploit/JRMPListener.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/exploit/JRMPListener.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/exploit/JSF.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/exploit/JSF.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/exploit/JSF.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/exploit/JSF.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/exploit/JenkinsCLI.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/exploit/JenkinsCLI.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/exploit/JenkinsCLI.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/exploit/JenkinsCLI.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/exploit/JenkinsListener.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/exploit/JenkinsListener.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/exploit/JenkinsListener.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/exploit/JenkinsListener.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/exploit/JenkinsReverse.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/exploit/JenkinsReverse.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/exploit/JenkinsReverse.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/exploit/JenkinsReverse.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/exploit/RMIRegistryExploit.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/exploit/RMIRegistryExploit.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/exploit/RMIRegistryExploit.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/exploit/RMIRegistryExploit.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsBeanutils1.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsBeanutils1.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsBeanutils1.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsBeanutils1.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections1.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections1.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections1.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections1.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections2.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections2.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections2.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections2.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections3.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections3.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections3.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections3.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections4.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections4.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections4.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections4.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections5.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections5.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections5.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections5.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections6.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections6.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections6.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/CommonsCollections6.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/DynamicDependencies.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/DynamicDependencies.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/DynamicDependencies.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/DynamicDependencies.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/FileUpload1.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/FileUpload1.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/FileUpload1.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/FileUpload1.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/Groovy1.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/Groovy1.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/Groovy1.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/Groovy1.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/JRMPClient.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/JRMPClient.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/JRMPClient.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/JRMPClient.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/JRMPListener.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/JRMPListener.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/JRMPListener.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/JRMPListener.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/JSON1.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/JSON1.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/JSON1.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/JSON1.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/Jdk7u21.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/Jdk7u21.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/Jdk7u21.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/Jdk7u21.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/JsonLibSignedObject.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/JsonLibSignedObject.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/JsonLibSignedObject.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/JsonLibSignedObject.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/Ldap.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/Ldap.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/Ldap.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/Ldap.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/ObjectPayload.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/ObjectPayload.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/ObjectPayload.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/ObjectPayload.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/ReleaseableObjectPayload.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/ReleaseableObjectPayload.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/ReleaseableObjectPayload.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/ReleaseableObjectPayload.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/Spring1.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/Spring1.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/Spring1.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/Spring1.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/Spring2.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/Spring2.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/Spring2.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/Spring2.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/annotation/Dependencies.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/annotation/Dependencies.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/annotation/Dependencies.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/annotation/Dependencies.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/annotation/PayloadTest.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/annotation/PayloadTest.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/annotation/PayloadTest.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/annotation/PayloadTest.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/util/ClassFiles.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/util/ClassFiles.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/util/ClassFiles.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/util/ClassFiles.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/util/Gadgets.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/util/Gadgets.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/util/Gadgets.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/util/Gadgets.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/util/JavaVersion.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/util/JavaVersion.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/util/JavaVersion.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/util/JavaVersion.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/util/PayloadRunner.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/util/PayloadRunner.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/util/PayloadRunner.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/util/PayloadRunner.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/payloads/util/Reflections.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/util/Reflections.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/payloads/util/Reflections.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/payloads/util/Reflections.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/secmgr/DelegateSecurityManager.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/secmgr/DelegateSecurityManager.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/secmgr/DelegateSecurityManager.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/secmgr/DelegateSecurityManager.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/secmgr/ExecCheckingSecurityManager.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/secmgr/ExecCheckingSecurityManager.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/secmgr/ExecCheckingSecurityManager.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/secmgr/ExecCheckingSecurityManager.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/secmgr/ThreadLocalSecurityManager.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/secmgr/ThreadLocalSecurityManager.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/secmgr/ThreadLocalSecurityManager.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/secmgr/ThreadLocalSecurityManager.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/util/ClassFiles.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/util/ClassFiles.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/util/ClassFiles.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/util/ClassFiles.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/util/Gadgets.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/util/Gadgets.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/util/Gadgets.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/util/Gadgets.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/util/PayloadRunner.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/util/PayloadRunner.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/util/PayloadRunner.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/util/PayloadRunner.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/util/Reflections.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/util/Reflections.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/util/Reflections.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/util/Reflections.java
diff --git a/test/src/test/java/jenkins/security/security218/ysoserial/util/Serializables.java b/test-jdk8/src/test/java/jenkins/security/security218/ysoserial/util/Serializables.java
similarity index 100%
rename from test/src/test/java/jenkins/security/security218/ysoserial/util/Serializables.java
rename to test-jdk8/src/test/java/jenkins/security/security218/ysoserial/util/Serializables.java
diff --git a/test-pom/pom.xml b/test-pom/pom.xml
new file mode 100644
index 0000000000..100e83563b
--- /dev/null
+++ b/test-pom/pom.xml
@@ -0,0 +1,378 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+The MIT License
+
+Copyright (c) 2004-2018, Sun Microsystems, Inc., Kohsuke Kawaguchi, CloudBees, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+
+  <parent>
+    <groupId>org.jenkins-ci.main</groupId>
+    <artifactId>jenkins-parent</artifactId>
+    <version>${revision}${changelist}</version>
+  </parent>
+
+  <artifactId>jenkins-test-parent</artifactId>
+
+  <name>Jenkins core tests POM</name>
+  <description>Parent POM for Functional tests for Jenkins core</description>
+  <packaging>pom</packaging>
+
+  <properties>
+    <concurrency>2</concurrency> <!-- may use e.g. 2C for 2 × (number of cores) -->
+    <mavenDebug>false</mavenDebug>
+    <jacocoSurefireArgs /><!-- empty by default -->
+  </properties>
+
+  <dependencies>
+    <dependency>
+      <groupId>${project.groupId}</groupId>
+      <artifactId>jenkins-war</artifactId>
+      <version>${project.version}</version>
+      <type>executable-war</type>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>${project.groupId}</groupId>
+      <artifactId>jenkins-test-harness</artifactId>
+      <version>2.41.1</version>
+      <scope>test</scope>
+      <exclusions>
+        <exclusion>
+          <groupId>${project.groupId}</groupId>
+          <artifactId>jenkins-war</artifactId>
+        </exclusion>
+      </exclusions>
+    </dependency>
+    <dependency>
+      <groupId>${project.groupId}</groupId>
+      <artifactId>jenkins-test-harness-tools</artifactId>
+      <version>2.0</version>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>${project.groupId}</groupId>
+      <artifactId>maven-plugin</artifactId>
+      <version>${maven-plugin.version}</version>
+      <exclusions>
+        <exclusion> <!-- perhaps unnecessary as of JENKINS-35445? -->
+          <groupId>org.apache.httpcomponents</groupId>
+          <artifactId>httpclient</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.apache.httpcomponents</groupId>
+          <artifactId>httpcore</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>commons-codec</groupId>
+          <artifactId>commons-codec</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>com.google.inject</groupId>
+          <artifactId>guice</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.apache.ant</groupId>
+          <artifactId>ant</artifactId>
+        </exclusion>
+      </exclusions>
+    </dependency>
+    <dependency>
+      <groupId>org.jenkins-ci.plugins</groupId>
+      <artifactId>matrix-auth</artifactId>
+      <version>1.0.2</version>
+    </dependency>
+    <dependency>
+      <groupId>org.jenkins-ci.plugins</groupId>
+      <artifactId>antisamy-markup-formatter</artifactId>
+      <version>1.0</version>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.jenkins-ci.plugins</groupId>
+      <artifactId>matrix-project</artifactId>
+      <version>${matrix-project.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>org.jenkins-ci.plugins</groupId>
+      <artifactId>junit</artifactId>
+      <version>1.6</version>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.jenkins-ci.plugins</groupId>
+      <artifactId>structs</artifactId>
+      <version>1.2</version>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.jvnet.mock-javamail</groupId>
+      <artifactId>mock-javamail</artifactId>
+      <version>1.7</version>
+      <exclusions>
+        <exclusion>
+          <groupId>javax.mail</groupId>
+          <artifactId>mail</artifactId>
+        </exclusion>
+      </exclusions>
+    </dependency>
+    <dependency>
+      <groupId>org.hamcrest</groupId>
+      <artifactId>hamcrest-core</artifactId>
+      <version>1.3</version>
+    </dependency>
+    <dependency><!-- we exclude this transient dependency from htmlunit, which we actually need in the test -->
+      <groupId>xalan</groupId>
+      <artifactId>xalan</artifactId>
+      <version>2.7.2</version>
+      <exclusions>
+        <exclusion>
+          <groupId>xml-apis</groupId>
+          <artifactId>xml-apis</artifactId>
+        </exclusion>
+      </exclusions>
+    </dependency>
+    <dependency>
+      <!-- for testing JNLP launch. -->
+      <groupId>org.jvnet.hudson</groupId>
+      <artifactId>netx</artifactId>
+      <version>0.5-hudson-2</version>
+    </dependency>
+    <dependency>
+      <groupId>org.easymock</groupId>
+      <artifactId>easymock</artifactId>
+      <version>2.4</version>
+    </dependency>
+    <dependency>
+      <groupId>org.mockito</groupId>
+      <artifactId>mockito-core</artifactId>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.reflections</groupId>
+      <artifactId>reflections</artifactId>
+      <version>0.9.9</version>
+      <exclusions>
+        <exclusion> <!-- TODO requests 15; apparently works well enough with the 11 we bundle -->
+          <groupId>com.google.guava</groupId>
+          <artifactId>guava</artifactId>
+        </exclusion>
+        <exclusion> <!-- pick up from Stapler -->
+          <groupId>com.google.code.findbugs</groupId>
+          <artifactId>jsr305</artifactId>
+        </exclusion>
+      </exclusions>
+    </dependency>
+    <dependency>
+      <groupId>org.codehaus.geb</groupId>
+      <artifactId>geb-implicit-assertions</artifactId>
+      <version>0.7.2</version>
+    </dependency>
+    <dependency>
+      <groupId>org.javassist</groupId>
+      <artifactId>javassist</artifactId>
+      <version>3.19.0-GA</version>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.commons</groupId>
+      <artifactId>commons-collections4</artifactId>
+      <version>4.0</version>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.awaitility</groupId>
+      <artifactId>awaitility</artifactId>
+      <version>3.0.0</version>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.objenesis</groupId>
+      <artifactId>objenesis</artifactId>
+      <scope>test</scope>
+    </dependency>
+  </dependencies>
+
+  <build>
+    <plugins>
+      <plugin>
+        <groupId>org.jenkins-ci.tools</groupId>
+        <artifactId>maven-hpi-plugin</artifactId>
+        <extensions>true</extensions>
+      </plugin>
+      <plugin>
+        <groupId>org.kohsuke.stapler</groupId>
+        <artifactId>maven-stapler-plugin</artifactId>
+        <!-- version specified in grandparent pom -->
+        <extensions>true</extensions>
+      </plugin>
+      <plugin>
+        <artifactId>maven-dependency-plugin</artifactId>
+        <executions>
+          <execution>
+            <id>old-remoting-for-test</id>
+            <phase>generate-test-resources</phase>
+            <goals>
+              <!-- we use copy as this is a dependency from outside the reactor -->
+              <goal>copy</goal>
+            </goals>
+            <configuration>
+              <artifactItems>
+                <artifactItem>
+                  <groupId>org.jenkins-ci.main</groupId>
+                  <artifactId>remoting</artifactId>
+                  <version>${remoting.minimum.supported.version}</version>
+                  <type>jar</type>
+                  <outputDirectory>${project.build.outputDirectory}/old-remoting</outputDirectory>
+                  <destFileName>remoting-minimal-supported.jar</destFileName>
+                </artifactItem>
+              </artifactItems>
+            </configuration>
+          </execution>
+        </executions>
+      </plugin>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-surefire-plugin</artifactId>
+        <!-- version specified in grandparent pom -->
+        <configuration>
+          <argLine>${jacocoSurefireArgs} -Dfile.encoding=UTF-8 -Xmx1g -Djdk.net.URLClassPath.disableClassPathURLCheck=true</argLine>
+          <systemPropertyVariables>
+              <!-- use AntClassLoader that supports predictable file handle release -->
+              <hudson.ClassicPluginStrategy.useAntClassLoader>true</hudson.ClassicPluginStrategy.useAntClassLoader>
+              <hudson.maven.debug>${mavenDebug}</hudson.maven.debug>
+              <buildDirectory>${project.build.directory}</buildDirectory>
+          </systemPropertyVariables>
+          <reuseForks>false</reuseForks>
+          <forkCount>${concurrency}</forkCount>
+        </configuration>
+      </plugin>
+      <plugin>
+        <artifactId>maven-deploy-plugin</artifactId>
+        <configuration>
+          <skip>true</skip>
+        </configuration>
+      </plugin>
+      <plugin> <!-- TODO pending JENKINS-45271 fix, would be best to finish moving MavenModuleSet-specific tests to maven-plugin and delete the test dep here -->
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-enforcer-plugin</artifactId>
+        <configuration>
+          <rules>
+            <requireUpperBoundDeps>
+              <excludes combine.children="append">
+                <exclude>org.apache.maven:maven-embedder</exclude>
+                <exclude>org.codehaus.plexus:plexus-classworlds</exclude>
+                <exclude>org.apache.maven:maven-core</exclude>
+                <exclude>org.apache.maven:maven-aether-provider</exclude>
+                <exclude>org.codehaus.plexus:plexus-utils</exclude>
+              </excludes>
+            </requireUpperBoundDeps>
+          </rules>
+        </configuration>
+      </plugin>
+      <plugin> <!-- https://stackoverflow.com/a/19503679/12916 ysoserial deliberately uses internal APIs; suppress warnings about them -->
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-compiler-plugin</artifactId>
+        <configuration>
+          <compilerArgument>-XDignore.symbol.file</compilerArgument>
+          <fork>true</fork>
+        </configuration>
+      </plugin>
+    </plugins>
+  </build>
+
+  <profiles>
+    <profile>
+      <!-- Profile, which allows skipping all integration tests -->
+      <id>light-test</id>
+      <properties>
+        <skipTests>true</skipTests>
+      </properties>
+    </profile>
+    <profile>
+      <!-- Profile, which runs only a number of quick integration tests so that the build takes less than 5 minutes -->
+      <id>smoke-test</id>
+      <properties>
+        <test>jenkins.model.StartupTest,jenkins.model.JenkinsTest,jenkins.install.*,jenkins.security.CustomClassFilterTest,hudson.AboutJenkinsTest,hudson.ClassicPluginStrategyTest,hudson.LauncherTest,hudson.slaves.JNLPLauncherTest,hudson.model.RunTest,hudson.model.UserTest,hudson.model.FreeStyleProjectTest,hudson.model.HudsonTest,hudson.model.ComputerTest,hudson.CLI.BuildCommandTest#sync,*.smokes</test>
+      </properties>
+    </profile>
+    <profile>
+      <id>all-tests</id>
+      <activation>
+        <property>
+          <name>!test</name>
+        </property>
+      </activation>
+      <properties>
+        <maven.test.redirectTestOutputToFile>true</maven.test.redirectTestOutputToFile>
+        <surefire.rerunFailingTestsCount>4</surefire.rerunFailingTestsCount>
+        <surefire.skipAfterFailureCount>100</surefire.skipAfterFailureCount>
+      </properties>
+    </profile>
+    <profile>
+      <id>jacoco</id>
+      <build>
+        <plugins>
+          <plugin>
+            <groupId>org.jacoco</groupId>
+            <artifactId>jacoco-maven-plugin</artifactId>
+            <version>0.6.3.201306030806</version>
+            <executions>
+              <!--
+                Prepares the property pointing to the JaCoCo runtime agent which
+                is passed as VM argument when Maven the Surefire plugin is executed.
+              -->
+              <execution>
+                <id>pre-unit-test</id>
+                <goals>
+                  <goal>prepare-agent</goal>
+                </goals>
+                <configuration>
+                  <!-- Sets the path to the file which contains the execution data. -->
+                  <destFile>${project.build.directory}/coverage-reports/jacoco-ut.exec</destFile>
+                  <propertyName>jacocoSurefireArgs</propertyName>
+                </configuration>
+              </execution>
+              <!--
+                Ensures that the code coverage report for unit tests is created after
+                unit tests have been run.
+              -->
+              <execution>
+                <id>post-unit-test</id>
+                <phase>test</phase>
+                <goals>
+                  <goal>report</goal>
+                </goals>
+                <configuration>
+                  <!-- Sets the path to the file which contains the execution data. -->
+                  <dataFile>${project.build.directory}/coverage-reports/jacoco-ut.exec</dataFile>
+                  <!-- Sets the output directory for the code coverage report. -->
+                  <outputDirectory>${project.reporting.outputDirectory}/jacoco-ut</outputDirectory>
+                </configuration>
+              </execution>
+            </executions>
+          </plugin>
+        </plugins>
+      </build>
+    </profile>
+  </profiles>
+</project>
diff --git a/test/pom.xml b/test/pom.xml
index 696e338cbd..4c5abecc6f 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -27,8 +27,9 @@ THE SOFTWARE.
 
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
-    <artifactId>jenkins-parent</artifactId>
+    <artifactId>jenkins-test-parent</artifactId>
     <version>${revision}${changelist}</version>
+    <relativePath>../test-pom</relativePath>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
@@ -36,342 +37,4 @@ THE SOFTWARE.
   <name>Tests for Jenkins core</name>
   <description>Functional tests for Jenkins core</description>
 
-  <properties>
-    <concurrency>2</concurrency> <!-- may use e.g. 2C for 2 × (number of cores) -->
-    <mavenDebug>false</mavenDebug>
-    <jacocoSurefireArgs /><!-- empty by default -->
-  </properties>
-
-  <dependencies>
-    <dependency>
-      <groupId>${project.groupId}</groupId>
-      <artifactId>jenkins-war</artifactId>
-      <version>${project.version}</version>
-      <type>executable-war</type>
-      <scope>test</scope>
-    </dependency>
-    <dependency>
-      <groupId>${project.groupId}</groupId>
-      <artifactId>jenkins-test-harness</artifactId>
-      <version>2.41.1</version>
-      <scope>test</scope>
-      <exclusions>
-        <exclusion>
-          <groupId>${project.groupId}</groupId>
-          <artifactId>jenkins-war</artifactId>
-        </exclusion>
-      </exclusions>
-    </dependency>
-    <dependency>
-      <groupId>${project.groupId}</groupId>
-      <artifactId>jenkins-test-harness-tools</artifactId>
-      <version>2.0</version>
-      <scope>test</scope>
-    </dependency>
-    <dependency>
-      <groupId>${project.groupId}</groupId>
-      <artifactId>maven-plugin</artifactId>
-      <version>${maven-plugin.version}</version>
-      <exclusions>
-        <exclusion> <!-- perhaps unnecessary as of JENKINS-35445? -->
-          <groupId>org.apache.httpcomponents</groupId>
-          <artifactId>httpclient</artifactId>
-        </exclusion>
-        <exclusion>
-          <groupId>org.apache.httpcomponents</groupId>
-          <artifactId>httpcore</artifactId>
-        </exclusion>
-        <exclusion>
-          <groupId>commons-codec</groupId>
-          <artifactId>commons-codec</artifactId>
-        </exclusion>
-        <exclusion>
-          <groupId>com.google.inject</groupId>
-          <artifactId>guice</artifactId>
-        </exclusion>
-        <exclusion>
-          <groupId>org.apache.ant</groupId>
-          <artifactId>ant</artifactId>
-        </exclusion>
-      </exclusions>
-    </dependency>
-    <dependency>
-      <groupId>org.jenkins-ci.plugins</groupId>
-      <artifactId>matrix-auth</artifactId>
-      <version>1.0.2</version>
-    </dependency>
-    <dependency>
-      <groupId>org.jenkins-ci.plugins</groupId>
-      <artifactId>antisamy-markup-formatter</artifactId>
-      <version>1.0</version>
-      <scope>test</scope>
-    </dependency>
-    <dependency>
-      <groupId>org.jenkins-ci.plugins</groupId>
-      <artifactId>matrix-project</artifactId>
-      <version>${matrix-project.version}</version>
-    </dependency>
-    <dependency>
-      <groupId>org.jenkins-ci.plugins</groupId>
-      <artifactId>junit</artifactId>
-      <version>1.6</version>
-      <scope>test</scope>
-    </dependency>
-    <dependency>
-      <groupId>org.jenkins-ci.plugins</groupId>
-      <artifactId>structs</artifactId>
-      <version>1.2</version>
-      <scope>test</scope>
-    </dependency>
-    <dependency>
-      <groupId>org.jvnet.mock-javamail</groupId>
-      <artifactId>mock-javamail</artifactId>
-      <version>1.7</version>
-      <exclusions>
-        <exclusion>
-          <groupId>javax.mail</groupId>
-          <artifactId>mail</artifactId>
-        </exclusion>
-      </exclusions>
-    </dependency>
-    <dependency>
-      <groupId>org.hamcrest</groupId>
-      <artifactId>hamcrest-core</artifactId>
-      <version>1.3</version>
-    </dependency>
-    <dependency><!-- we exclude this transient dependency from htmlunit, which we actually need in the test -->
-      <groupId>xalan</groupId>
-      <artifactId>xalan</artifactId>
-      <version>2.7.2</version>
-      <exclusions>
-        <exclusion>
-          <groupId>xml-apis</groupId>
-          <artifactId>xml-apis</artifactId>
-        </exclusion>
-      </exclusions>
-    </dependency>
-    <dependency>
-      <!-- for testing JNLP launch. -->
-      <groupId>org.jvnet.hudson</groupId>
-      <artifactId>netx</artifactId>
-      <version>0.5-hudson-2</version>
-    </dependency>
-    <dependency>
-      <groupId>org.easymock</groupId>
-      <artifactId>easymock</artifactId>
-      <version>2.4</version>
-    </dependency>
-    <dependency>
-      <groupId>org.mockito</groupId>
-      <artifactId>mockito-core</artifactId>
-      <scope>test</scope>
-    </dependency>
-    <dependency>
-      <groupId>org.reflections</groupId>
-      <artifactId>reflections</artifactId>
-      <version>0.9.9</version>
-      <exclusions>
-        <exclusion> <!-- TODO requests 15; apparently works well enough with the 11 we bundle -->
-          <groupId>com.google.guava</groupId>
-          <artifactId>guava</artifactId>
-        </exclusion>
-        <exclusion> <!-- pick up from Stapler -->
-          <groupId>com.google.code.findbugs</groupId>
-          <artifactId>jsr305</artifactId>
-        </exclusion>
-      </exclusions>
-    </dependency>
-    <dependency>
-      <groupId>org.codehaus.geb</groupId>
-      <artifactId>geb-implicit-assertions</artifactId>
-      <version>0.7.2</version>
-    </dependency>
-    <dependency>
-      <groupId>org.javassist</groupId>
-      <artifactId>javassist</artifactId>
-      <version>3.19.0-GA</version>
-      <scope>test</scope>
-    </dependency>
-    <dependency>
-      <groupId>org.apache.commons</groupId>
-      <artifactId>commons-collections4</artifactId>
-      <version>4.0</version>
-      <scope>test</scope>
-    </dependency>
-    <dependency>
-      <groupId>org.awaitility</groupId>
-      <artifactId>awaitility</artifactId>
-      <version>3.0.0</version>
-      <scope>test</scope>
-    </dependency>
-    <dependency>
-      <groupId>org.objenesis</groupId>
-      <artifactId>objenesis</artifactId>
-      <scope>test</scope>
-    </dependency>
-  </dependencies>
-
-  <build>
-    <plugins>
-      <plugin>
-        <groupId>org.jenkins-ci.tools</groupId>
-        <artifactId>maven-hpi-plugin</artifactId>
-        <extensions>true</extensions>
-      </plugin>
-      <plugin>
-        <groupId>org.kohsuke.stapler</groupId>
-        <artifactId>maven-stapler-plugin</artifactId>
-        <!-- version specified in grandparent pom -->
-        <extensions>true</extensions>
-      </plugin>
-      <plugin>
-        <artifactId>maven-dependency-plugin</artifactId>
-        <executions>
-          <execution>
-            <id>old-remoting-for-test</id>
-            <phase>generate-test-resources</phase>
-            <goals>
-              <!-- we use copy as this is a dependency from outside the reactor -->
-              <goal>copy</goal>
-            </goals>
-            <configuration>
-              <artifactItems>
-                <artifactItem>
-                  <groupId>org.jenkins-ci.main</groupId>
-                  <artifactId>remoting</artifactId>
-                  <version>${remoting.minimum.supported.version}</version>
-                  <type>jar</type>
-                  <outputDirectory>${project.build.outputDirectory}/old-remoting</outputDirectory>
-                  <destFileName>remoting-minimal-supported.jar</destFileName>
-                </artifactItem>
-              </artifactItems>
-            </configuration>
-          </execution>
-        </executions>
-      </plugin>
-      <plugin>
-        <groupId>org.apache.maven.plugins</groupId>
-        <artifactId>maven-surefire-plugin</artifactId>
-        <!-- version specified in grandparent pom -->
-        <configuration>
-          <argLine>${jacocoSurefireArgs} -Dfile.encoding=UTF-8 -Xmx1g -Djdk.net.URLClassPath.disableClassPathURLCheck=true</argLine>
-          <systemPropertyVariables>
-              <!-- use AntClassLoader that supports predictable file handle release -->
-              <hudson.ClassicPluginStrategy.useAntClassLoader>true</hudson.ClassicPluginStrategy.useAntClassLoader>
-              <hudson.maven.debug>${mavenDebug}</hudson.maven.debug>
-              <buildDirectory>${project.build.directory}</buildDirectory>
-          </systemPropertyVariables>
-          <reuseForks>false</reuseForks>
-          <forkCount>${concurrency}</forkCount>
-        </configuration>
-      </plugin>
-      <plugin>
-        <artifactId>maven-deploy-plugin</artifactId>
-        <configuration>
-          <skip>true</skip>
-        </configuration>
-      </plugin>
-      <plugin> <!-- TODO pending JENKINS-45271 fix, would be best to finish moving MavenModuleSet-specific tests to maven-plugin and delete the test dep here -->
-        <groupId>org.apache.maven.plugins</groupId>
-        <artifactId>maven-enforcer-plugin</artifactId>
-        <configuration>
-          <rules>
-            <requireUpperBoundDeps>
-              <excludes combine.children="append">
-                <exclude>org.apache.maven:maven-embedder</exclude>
-                <exclude>org.codehaus.plexus:plexus-classworlds</exclude>
-                <exclude>org.apache.maven:maven-core</exclude>
-                <exclude>org.apache.maven:maven-aether-provider</exclude>
-                <exclude>org.codehaus.plexus:plexus-utils</exclude>
-              </excludes>
-            </requireUpperBoundDeps>
-          </rules>
-        </configuration>
-      </plugin>
-      <plugin> <!-- https://stackoverflow.com/a/19503679/12916 ysoserial deliberately uses internal APIs; suppress warnings about them -->
-        <groupId>org.apache.maven.plugins</groupId>
-        <artifactId>maven-compiler-plugin</artifactId>
-        <configuration>
-          <compilerArgument>-XDignore.symbol.file</compilerArgument>
-          <fork>true</fork>
-        </configuration>
-      </plugin>
-    </plugins>
-  </build>
-
-  <profiles>
-    <profile>
-      <!-- Profile, which allows skipping all integration tests -->
-      <id>light-test</id>
-      <properties>
-        <skipTests>true</skipTests>
-      </properties>
-    </profile>
-    <profile>
-      <!-- Profile, which runs only a number of quick integration tests so that the build takes less than 5 minutes -->
-      <id>smoke-test</id>
-      <properties>
-        <test>jenkins.model.StartupTest,jenkins.model.JenkinsTest,jenkins.install.*,jenkins.security.CustomClassFilterTest,hudson.AboutJenkinsTest,hudson.ClassicPluginStrategyTest,hudson.LauncherTest,hudson.slaves.JNLPLauncherTest,hudson.model.RunTest,hudson.model.UserTest,hudson.model.FreeStyleProjectTest,hudson.model.HudsonTest,hudson.model.ComputerTest,hudson.CLI.BuildCommandTest#sync,*.smokes</test>
-      </properties>
-    </profile>
-    <profile>
-      <id>all-tests</id>
-      <activation>
-        <property>
-          <name>!test</name>
-        </property>
-      </activation>
-      <properties>
-        <maven.test.redirectTestOutputToFile>true</maven.test.redirectTestOutputToFile>
-        <surefire.rerunFailingTestsCount>4</surefire.rerunFailingTestsCount>
-        <surefire.skipAfterFailureCount>100</surefire.skipAfterFailureCount>
-      </properties>
-    </profile>
-    <profile>
-      <id>jacoco</id>
-      <build>
-        <plugins>
-          <plugin>
-            <groupId>org.jacoco</groupId>
-            <artifactId>jacoco-maven-plugin</artifactId>
-            <version>0.6.3.201306030806</version>
-            <executions>
-              <!--
-                Prepares the property pointing to the JaCoCo runtime agent which
-                is passed as VM argument when Maven the Surefire plugin is executed.
-              -->
-              <execution>
-                <id>pre-unit-test</id>
-                <goals>
-                  <goal>prepare-agent</goal>
-                </goals>
-                <configuration>
-                  <!-- Sets the path to the file which contains the execution data. -->
-                  <destFile>${project.build.directory}/coverage-reports/jacoco-ut.exec</destFile>
-                  <propertyName>jacocoSurefireArgs</propertyName>
-                </configuration>
-              </execution>
-              <!--
-                Ensures that the code coverage report for unit tests is created after
-                unit tests have been run.
-              -->
-              <execution>
-                <id>post-unit-test</id>
-                <phase>test</phase>
-                <goals>
-                  <goal>report</goal>
-                </goals>
-                <configuration>
-                  <!-- Sets the path to the file which contains the execution data. -->
-                  <dataFile>${project.build.directory}/coverage-reports/jacoco-ut.exec</dataFile>
-                  <!-- Sets the output directory for the code coverage report. -->
-                  <outputDirectory>${project.reporting.outputDirectory}/jacoco-ut</outputDirectory>
-                </configuration>
-              </execution>
-            </executions>
-          </plugin>
-        </plugins>
-      </build>
-    </profile>
-  </profiles>
 </project>
-- 
GitLab


From b090bc1a23ed7a6f3de910599b51537647697ac2 Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 16 Nov 2018 13:36:48 +0100
Subject: [PATCH 862/863] [JENKINS-54599] - Upgrade the Maven Jenkins Dev
 plugin from 9.4.5.v20170502 to 9.4.12.v20180830 (#3758)

* [JENKINS-54599] - Upgrade the Maven Jenkins Dev plugin from 9.4.5.v20170502 to 9.4.12.v20180830

* [JENKINS-54599] - Pick up the final release of Maven HPI Dev Plugin
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 47c16272a8..537812926e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -468,7 +468,7 @@ THE SOFTWARE.
           <!-- this is really just a patched version of maven-jetty-plugin to workaround issue #932 -->
           <groupId>org.jenkins-ci.tools</groupId>
           <artifactId>maven-jenkins-dev-plugin</artifactId>
-          <version>9.4.5.v20170502-jenkins-1</version>
+          <version>9.4.12.v20180830-jenkins-2</version>
         </plugin>
         <plugin>
           <groupId>org.jvnet.updatecenter2</groupId>
-- 
GitLab


From 5f5037291b051586a4889137f646b9c1077f6e9a Mon Sep 17 00:00:00 2001
From: Oleg Nenashev <o.v.nenashev@gmail.com>
Date: Fri, 16 Nov 2018 14:53:40 +0100
Subject: [PATCH 863/863] [JENKINS-53863] - Fix the license header

---
 test-jdk8/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test-jdk8/pom.xml b/test-jdk8/pom.xml
index 6fb4010cf5..70c4870837 100644
--- a/test-jdk8/pom.xml
+++ b/test-jdk8/pom.xml
@@ -2,7 +2,7 @@
 <!--
 The MIT License
 
-Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi
+Copyright (c) 2018, CloudBees, Inc.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
-- 
GitLab